1. Check input PK/KEK variable data to make sure it is a valid EFI_SIGNATURE_LIST.

Signed-off-by: sfu5
Reviewed-by: gdong1
Reviewed-by : czhan46


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12765 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
sfu5
2011-11-23 05:10:40 +00:00
parent e1982d4ca9
commit d912bad783
2 changed files with 161 additions and 0 deletions

View File

@@ -49,6 +49,17 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
///
#define SIGSUPPORT_NUM 2
///
/// Struct to record signature requirement defined by UEFI spec.
/// For SigHeaderSize and SigDataSize, ((UINT32) ~0) means NO exact length requirement for this field.
///
typedef struct {
EFI_GUID SigType;
// Expected SignatureHeader size in Bytes.
UINT32 SigHeaderSize;
// Expected SignatureData size in Bytes.
UINT32 SigDataSize;
} EFI_SIGNATURE_ITEM;
/**
Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS/EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
@@ -116,6 +127,26 @@ CryptLibraryInitialize (
VOID
);
/**
Check input data form to make sure it is a valid EFI_SIGNATURE_LIST for PK/KEK variable.
@param[in] VariableName Name of Variable to be check.
@param[in] VendorGuid Variable vendor GUID.
@param[in] Data Point to the variable data to be checked.
@param[in] DataSize Size of Data.
@return EFI_INVALID_PARAMETER Invalid signature list format.
@return EFI_SUCCESS Passed signature list format check successfully.
**/
EFI_STATUS
CheckSignatureListFormat(
IN CHAR16 *VariableName,
IN EFI_GUID *VendorGuid,
IN VOID *Data,
IN UINTN DataSize
);
/**
Process variable with platform key for verification.