diff options
| author | Jiewen Yao <jiewen.yao@intel.com> | 2016-12-22 12:36:39 +0800 |
|---|---|---|
| committer | Jiewen Yao <jiewen.yao@intel.com> | 2016-12-23 10:01:36 +0800 |
| commit | 492c05f599f550bc9926ffd18c045916cd0ce604 (patch) | |
| tree | 2467623b28315321d13c9fdcf35c2d9ca5666595 /SecurityPkg | |
| parent | c9b78304b86f924230d570ae548ac6a511a2efae (diff) | |
| download | edk2-492c05f599f550bc9926ffd18c045916cd0ce604.tar.gz edk2-492c05f599f550bc9926ffd18c045916cd0ce604.tar.bz2 edk2-492c05f599f550bc9926ffd18c045916cd0ce604.zip | |
SecurityPkg/FmpAuthLib: Add PublicKeyDataLength check
Add PublicKeyDataLength check to be multiple SHA256_DIGEST_SIZE
to avoid caller make mistake, or platform mis-configuration.
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Qin Long <qin.long@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>
Diffstat (limited to 'SecurityPkg')
| -rw-r--r-- | SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c index d113d58103..4b2556cc90 100644 --- a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c +++ b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c @@ -306,6 +306,11 @@ AuthenticateFmpImage ( return RETURN_UNSUPPORTED;
}
+ if ((PublicKeyDataLength % SHA256_DIGEST_SIZE) != 0) {
+ DEBUG ((DEBUG_ERROR, "PublicKeyDataLength is not multiple SHA256 size\n"));
+ return RETURN_UNSUPPORTED;
+ }
+
if (ImageSize < sizeof(EFI_FIRMWARE_IMAGE_AUTHENTICATION)) {
DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
return RETURN_INVALID_PARAMETER;
|