UINTN DataSize;\r
EFI_SIGNATURE_LIST *PkCert;\r
UINT16* FilePostFix;\r
+ UINTN NameLength;\r
\r
if (Private->FileContext->FileName == NULL) {\r
return EFI_INVALID_PARAMETER;\r
//\r
// Parse the file's postfix. Only support DER encoded X.509 certificate files.\r
//\r
- FilePostFix = Private->FileContext->FileName + StrLen (Private->FileContext->FileName) - 4;\r
+ NameLength = StrLen (Private->FileContext->FileName);\r
+ if (NameLength <= 4) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ FilePostFix = Private->FileContext->FileName + NameLength - 4;\r
if (!IsDerEncodeCertificate(FilePostFix)) {\r
DEBUG ((EFI_D_ERROR, "Unsupported file type, only DER encoded certificate (%s) is supported.", mSupportX509Suffix));\r
return EFI_INVALID_PARAMETER;\r
{\r
UINT16* FilePostFix;\r
EFI_STATUS Status;\r
+ UINTN NameLength;\r
\r
if ((Private->FileContext->FileName == NULL) || (Private->SignatureGUID == NULL)) {\r
return EFI_INVALID_PARAMETER;\r
// Parse the file's postfix. Supports DER-encoded X509 certificate, \r
// and .pbk as RSA public key file.\r
//\r
- FilePostFix = Private->FileContext->FileName + StrLen (Private->FileContext->FileName) - 4;\r
+ NameLength = StrLen (Private->FileContext->FileName);\r
+ if (NameLength <= 4) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ FilePostFix = Private->FileContext->FileName + NameLength - 4;\r
if (IsDerEncodeCertificate(FilePostFix)) {\r
return EnrollX509ToKek (Private);\r
} else if (CompareMem (FilePostFix, L".pbk",4) == 0) {\r
{\r
UINT16* FilePostFix;\r
EFI_STATUS Status;\r
+ UINTN NameLength;\r
\r
if ((Private->FileContext->FileName == NULL) || (Private->FileContext->FHandle == NULL) || (Private->SignatureGUID == NULL)) {\r
return EFI_INVALID_PARAMETER;\r
//\r
// Parse the file's postfix. \r
//\r
- FilePostFix = Private->FileContext->FileName + StrLen (Private->FileContext->FileName) - 4;\r
+ NameLength = StrLen (Private->FileContext->FileName);\r
+ if (NameLength <= 4) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ FilePostFix = Private->FileContext->FileName + NameLength - 4;\r
if (IsDerEncodeCertificate(FilePostFix)) {\r
//\r
// Supports DER-encoded X509 certificate.\r
//\r
// The signature type is not supported in current implementation.\r
//\r
+ ItemDataSize -= CertList->SignatureListSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);\r
continue;\r
}\r
\r
OUT EFI_STRING *Progress\r
)\r
{\r
+ UINT8 *SecureBootEnable;\r
+ SECUREBOOT_CONFIGURATION IfrNvData;\r
+ UINTN BufferSize;\r
+ EFI_STATUS Status;\r
+ \r
if (Configuration == NULL || Progress == NULL) {\r
return EFI_INVALID_PARAMETER;\r
}\r
return EFI_NOT_FOUND;\r
}\r
\r
+ BufferSize = sizeof (SECUREBOOT_CONFIGURATION);\r
+ Status = gHiiConfigRouting->ConfigToBlock (\r
+ gHiiConfigRouting,\r
+ Configuration,\r
+ (UINT8 *)&IfrNvData,\r
+ &BufferSize,\r
+ Progress\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
+ }\r
+\r
+ //\r
+ // Store Buffer Storage back to EFI variable if needed\r
+ //\r
+ SecureBootEnable = NULL;\r
+ GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL);\r
+ if (NULL != SecureBootEnable) {\r
+ FreePool (SecureBootEnable);\r
+ Status = SaveSecureBootVariable (IfrNvData.AttemptSecureBoot);\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
+ }\r
+ }\r
+\r
*Progress = Configuration + StrLen (Configuration);\r
return EFI_SUCCESS;\r
}\r
\r
if ((Action != EFI_BROWSER_ACTION_CHANGED) &&\r
(Action != EFI_BROWSER_ACTION_CHANGING) &&\r
- (Action != EFI_BROWSER_ACTION_FORM_CLOSE)) {\r
+ (Action != EFI_BROWSER_ACTION_FORM_CLOSE) &&\r
+ (Action != EFI_BROWSER_ACTION_DEFAULT_STANDARD)) {\r
return EFI_UNSUPPORTED;\r
}\r
\r
\r
case KEY_VALUE_SAVE_AND_EXIT_KEK:\r
Status = EnrollKeyExchangeKey (Private);\r
+ if (EFI_ERROR (Status)) {\r
+ CreatePopUp (\r
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,\r
+ &Key,\r
+ L"ERROR: Unsupported file type!",\r
+ L"Only supports DER-encoded X509 certificate",\r
+ NULL\r
+ );\r
+ }\r
break;\r
\r
case KEY_VALUE_SAVE_AND_EXIT_DB:\r
Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE);\r
+ if (EFI_ERROR (Status)) {\r
+ CreatePopUp (\r
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,\r
+ &Key,\r
+ L"ERROR: Unsupported file type!",\r
+ L"Only supports DER-encoded X509 certificate and executable EFI image",\r
+ NULL\r
+ );\r
+ }\r
break;\r
\r
case KEY_VALUE_SAVE_AND_EXIT_DBX:\r
Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE1);\r
+ if (EFI_ERROR (Status)) {\r
+ CreatePopUp (\r
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,\r
+ &Key,\r
+ L"ERROR: Unsupported file type!",\r
+ L"Only supports DER-encoded X509 certificate and executable EFI image",\r
+ NULL\r
+ );\r
+ }\r
break;\r
\r
default:\r
break; \r
case KEY_VALUE_SAVE_AND_EXIT_PK:\r
Status = EnrollPlatformKey (Private);\r
- UnicodeSPrint (\r
- PromptString,\r
- sizeof (PromptString),\r
- L"Only DER encoded certificate file (%s) is supported.",\r
- mSupportX509Suffix\r
- );\r
if (EFI_ERROR (Status)) {\r
+ UnicodeSPrint (\r
+ PromptString,\r
+ sizeof (PromptString),\r
+ L"Only DER encoded certificate file (%s) is supported.",\r
+ mSupportX509Suffix\r
+ );\r
CreatePopUp (\r
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,\r
&Key,\r
}\r
break; \r
}\r
+ } else if (Action == EFI_BROWSER_ACTION_DEFAULT_STANDARD) {\r
+ if (QuestionId == KEY_HIDE_SECURE_BOOT) {\r
+ GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL);\r
+ if (SecureBootEnable == NULL) {\r
+ IfrNvData->HideSecureBoot = TRUE;\r
+ } else {\r
+ FreePool (SecureBootEnable);\r
+ IfrNvData->HideSecureBoot = FALSE;\r
+ }\r
+ Value->b = IfrNvData->HideSecureBoot;\r
+ }\r
} else if (Action == EFI_BROWSER_ACTION_FORM_CLOSE) {\r
//\r
// Force the platform back to Standard Mode once user leave the setup screen.\r