Revision: 18311
http://sourceforge.net/p/edk2/code/18311
Author: qlong
Date: 2015-08-26 00:59:17 +0000 (Wed, 26 Aug 2015)
Log Message:
-----------
SecurityPkg: Fix one returned code issue in P7Verify Protocol
VerifyBuffer() in PKCS7 Verify Protocol should return EFI_UNSUPPORTED
when the embedded content is found in SignedData but InData is not NULL.
This patch is to comply with the spec definition.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <[email protected]>
Reviewed-by: Chao Zhang <[email protected]>
Modified Paths:
--------------
trunk/edk2/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c
Modified: trunk/edk2/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c
===================================================================
--- trunk/edk2/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c
2015-08-25 14:54:36 UTC (rev 18310)
+++ trunk/edk2/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c
2015-08-26 00:59:17 UTC (rev 18311)
@@ -833,6 +833,13 @@
return EFI_UNSUPPORTED;
}
if (AttachedData != NULL) {
+ if (InData != NULL) {
+ //
+ // The embedded content is found in SignedData but InData is not NULL
+ //
+ Status = EFI_UNSUPPORTED;
+ goto _Exit;
+ }
//
// PKCS7-formatted signedData with attached content; Use the embedded
// content for verification
------------------------------------------------------------------------------
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
