PcdRsa2048Sha256PublicKeyBuffer is referenced but not used in the library, that makes me a little confusing. Actually, the PublicKeyData should be from the caller of AuthenticateFmpImage() as input parameter, for example EdkiiSystemCapsuleLib.
This patch is to remove the PCD reference in this library instance to be aligned with FmpAuthenticationLibPkcs7 that does not reference PcdPkcs7CertBuffer. Cc: Chao Zhang <chao.b.zh...@intel.com> Cc: Jiewen Yao <jiewen....@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.z...@intel.com> --- .../FmpAuthenticationLibRsa2048Sha256.c | 4 ++-- .../FmpAuthenticationLibRsa2048Sha256.inf | 5 +---- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c index b40993fd1b00..038e12447782 100644 --- a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c +++ b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c @@ -10,7 +10,7 @@ FmpAuthenticatedHandlerRsa2048Sha256(), AuthenticateFmpImage() will receive untrusted input and do basic validation. - Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR> + Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -133,7 +133,7 @@ FmpAuthenticatedHandlerRsa2048Sha256 ( } // - // Fail if the PublicKey is not one of the public keys in PcdRsa2048Sha256PublicKeyBuffer + // Fail if the PublicKey is not one of the public keys in the input PublicKeyData. // PublicKey = (VOID *)PublicKeyData; PublicKeyBufferSize = PublicKeyDataLength; diff --git a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf index b190eca8805c..cdd22429c274 100644 --- a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf +++ b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf @@ -3,7 +3,7 @@ # # Instance of FmpAuthentication Library for DXE/PEI post memory phase. # -# Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR> +# Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR> # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -45,9 +45,6 @@ [LibraryClasses] MemoryAllocationLib BaseCryptLib -[Pcd] - gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer ## CONSUMES - [Guids] gEfiCertTypeRsa2048Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the certificate. gEfiHashAlgorithmSha256Guid ## SOMETIMES_CONSUMES ## GUID -- 2.7.0.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel