sbsiglist: fix signature size check

Rather than checking the size with the EFI_SIGNATURE_DATA header, just
check the data len.

Also, fix the definition for the SHA256 size.

Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
This commit is contained in:
Jeremy Kerr 2012-08-22 18:15:00 +08:00
parent fd553e841a
commit a7228c8307

View file

@ -85,7 +85,7 @@ struct cert_type {
struct cert_type cert_types[] = { struct cert_type cert_types[] = {
{ "x509", EFI_CERT_X509_GUID, 0 }, { "x509", EFI_CERT_X509_GUID, 0 },
{ "sha256", EFI_CERT_SHA256_GUID, sizeof(EFI_SIGNATURE_DATA) + 16 }, { "sha256", EFI_CERT_SHA256_GUID, 32 },
}; };
struct siglist_context { struct siglist_context {
@ -132,8 +132,7 @@ static int siglist_create(struct siglist_context *ctx)
EFI_SIGNATURE_DATA *sigdata; EFI_SIGNATURE_DATA *sigdata;
uint32_t size; uint32_t size;
if (ctx->type->sigsize && ctx->data_len + sizeof(*sigdata) if (ctx->type->sigsize && ctx->data_len != ctx->type->sigsize) {
!= ctx->type->sigsize) {
fprintf(stderr, "Error: signature lists of type '%s' expect " fprintf(stderr, "Error: signature lists of type '%s' expect "
"%d bytes of data, " "%d bytes of data, "
"%zd bytes provided.\n", "%zd bytes provided.\n",