Don't call AuthenticodeVerify if vendor_cert_size is 0.

Actually check the size of our vendor cert quite early, so that there's no confusion as to what's going on. This isn't strictly necessary, in that in all cases if vendor_cert_size is 0, then AuthenticodeVerify -> Pkcs7Verify() -> d2i_X509() will result in a NULL "Cert", and it will return FALSE, and we'll reject the signature, but better to avoid all that code in the first place. Belt and suspenders and whatnot. Based on a patch from https://github.com/TBOpen . Signed-off-by: Peter Jones <pjones@redhat.com>
2025-08-03 15:27:15 +00:00 · 2014-09-19 11:48:56 -04:00 · 2014-09-19 11:48:56 -04:00 · 3d1cdbc4e3
commit 3d1cdbc4e3
parent f04d50b747
1 changed files with 4 additions and 5 deletions
--- a/shim.c
+++ b/shim.c
@ -923,14 +923,13 @@ static EFI_STATUS verify_buffer (char *data, int datasize,
 			return status;
 		}

-
 		/*
 		 * And finally, check against shim's built-in key
 		 */
-		if (AuthenticodeVerify(cert->CertData,
-			       context->SecDir->Size - sizeof(cert->Hdr),
-			       vendor_cert, vendor_cert_size, sha256hash,
-			       SHA256_DIGEST_SIZE)) {
+		if (vendor_cert_size && AuthenticodeVerify(cert->CertData,
+							context->SecDir->Size - sizeof(cert->Hdr),
+							vendor_cert, vendor_cert_size, sha256hash,
+							SHA256_DIGEST_SIZE)) {
 			status = EFI_SUCCESS;
 			return status;
 		}