Skip to content
Commit 37d3eb02 authored by Jan Bobek's avatar Jan Bobek Committed by mergify[bot]
Browse files

SecurityPkg/AuthVariableLib: Check SHA-256 OID with ContentInfo present 

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4305



Based on whether the DER-encoded ContentInfo structure is present in
authenticated SetVariable payload or not, the SHA-256 OID can be
located at different places.

UEFI specification explicitly states the driver shall support both
cases, but the old code assumed ContentInfo was not present and
incorrectly rejected authenticated variable updates when it were
present.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Signed-off-by: default avatarJan Bobek <jbobek@nvidia.com>
Reviewed-by: default avatarJiewen Yao <jiewen.yao@intel.com>
parent 7afef31b
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment