Branch: refs/heads/master
Home: https://github.com/tianocore/edk2
Commit: 37d3eb026a766b2405daae47e02094c2ec248646
https://github.com/tianocore/edk2/commit/37d3eb026a766b2405daae47e02094c2ec248646
Author: Jan Bobek <jbo...@nvidia.com>
Date: 2023-01-23 (Mon, 23 Jan 2023)
Changed paths:
M SecurityPkg/Library/AuthVariableLib/AuthService.c
Log Message:
-----------
SecurityPkg/AuthVariableLib: Check SHA-256 OID with ContentInfo present
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4305
Based on whether the DER-encoded ContentInfo structure is present in
authenticated SetVariable payload or not, the SHA-256 OID can be
located at different places.
UEFI specification explicitly states the driver shall support both
cases, but the old code assumed ContentInfo was not present and
incorrectly rejected authenticated variable updates when it were
present.
Cc: Jiewen Yao <jiewen....@intel.com>
Cc: Jian J Wang <jian.j.w...@intel.com>
Cc: Min Xu <min.m...@intel.com>
Signed-off-by: Jan Bobek <jbo...@nvidia.com>
Reviewed-by: Jiewen Yao <jiewen....@intel.com>
_______________________________________________
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
