diff options
| author | Zhichao Gao <zhichao.gao@intel.com> | 2020-08-27 15:48:59 +0800 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2020-09-07 02:38:42 +0000 |
| commit | cdfc7ed34fd1ddfc9cb1dfbc339f940950638f8d (patch) | |
| tree | 7edf9543ca06e765d1d73a652a9507171051faf2 /SecurityPkg | |
| parent | 2ace920de1e91e22fb9bb2ec9e15ffd5e28e70ac (diff) | |
| download | edk2-cdfc7ed34fd1ddfc9cb1dfbc339f940950638f8d.tar.gz edk2-cdfc7ed34fd1ddfc9cb1dfbc339f940950638f8d.tar.bz2 edk2-cdfc7ed34fd1ddfc9cb1dfbc339f940950638f8d.zip | |
SecurityPkg/DxeImageVerificationLib: Disable SHA1 base on MACRO
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2943
Disable SHA1 base on the MACRO DISABLE_SHA1_DEPRECATED_INTERFACES.
SHA1 is deprecated function and the MACRO is used to remove the whole
implementation of the SHA1. For the platforms that do not need SHA1
for security, the MACRO should works for DxeImageVerificationLib as
well.
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Diffstat (limited to 'SecurityPkg')
| -rw-r--r-- | SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c index 11154b6cc5..c48861cd64 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c @@ -59,7 +59,11 @@ UINT8 mHashOidValue[] = { };
HASH_TABLE mHash[] = {
+#ifndef DISABLE_SHA1_DEPRECATED_INTERFACES
{ L"SHA1", 20, &mHashOidValue[0], 5, Sha1GetContextSize, Sha1Init, Sha1Update, Sha1Final },
+#else
+ { L"SHA1", 20, &mHashOidValue[0], 5, NULL, NULL, NULL, NULL },
+#endif
{ L"SHA224", 28, &mHashOidValue[5], 9, NULL, NULL, NULL, NULL },
{ L"SHA256", 32, &mHashOidValue[14], 9, Sha256GetContextSize, Sha256Init, Sha256Update, Sha256Final},
{ L"SHA384", 48, &mHashOidValue[23], 9, Sha384GetContextSize, Sha384Init, Sha384Update, Sha384Final},
@@ -315,10 +319,12 @@ HashPeImage ( ZeroMem (mImageDigest, MAX_DIGEST_SIZE);
switch (HashAlg) {
+#ifndef DISABLE_SHA1_DEPRECATED_INTERFACES
case HASHALG_SHA1:
mImageDigestSize = SHA1_DIGEST_SIZE;
mCertType = gEfiCertSha1Guid;
break;
+#endif
case HASHALG_SHA256:
mImageDigestSize = SHA256_DIGEST_SIZE;
|