};\r
\r
\r
+BOOLEAN mIsEnterSecureBootForm = FALSE;\r
+\r
//\r
// OID ASN.1 Value for Hash Algorithms\r
//\r
UINTN DataSize;\r
EFI_SIGNATURE_LIST *PkCert;\r
UINT16* FilePostFix;\r
+ UINTN NameLength;\r
\r
if (Private->FileContext->FileName == NULL) {\r
return EFI_INVALID_PARAMETER;\r
//\r
// Parse the file's postfix. Only support DER encoded X.509 certificate files.\r
//\r
- FilePostFix = Private->FileContext->FileName + StrLen (Private->FileContext->FileName) - 4;\r
+ NameLength = StrLen (Private->FileContext->FileName);\r
+ if (NameLength <= 4) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ FilePostFix = Private->FileContext->FileName + NameLength - 4;\r
if (!IsDerEncodeCertificate(FilePostFix)) {\r
DEBUG ((EFI_D_ERROR, "Unsupported file type, only DER encoded certificate (%s) is supported.", mSupportX509Suffix));\r
return EFI_INVALID_PARAMETER;\r
{\r
UINT16* FilePostFix;\r
EFI_STATUS Status;\r
+ UINTN NameLength;\r
\r
if ((Private->FileContext->FileName == NULL) || (Private->SignatureGUID == NULL)) {\r
return EFI_INVALID_PARAMETER;\r
// Parse the file's postfix. Supports DER-encoded X509 certificate, \r
// and .pbk as RSA public key file.\r
//\r
- FilePostFix = Private->FileContext->FileName + StrLen (Private->FileContext->FileName) - 4;\r
+ NameLength = StrLen (Private->FileContext->FileName);\r
+ if (NameLength <= 4) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ FilePostFix = Private->FileContext->FileName + NameLength - 4;\r
if (IsDerEncodeCertificate(FilePostFix)) {\r
return EnrollX509ToKek (Private);\r
} else if (CompareMem (FilePostFix, L".pbk",4) == 0) {\r
{\r
UINT16* FilePostFix;\r
EFI_STATUS Status;\r
+ UINTN NameLength;\r
\r
if ((Private->FileContext->FileName == NULL) || (Private->FileContext->FHandle == NULL) || (Private->SignatureGUID == NULL)) {\r
return EFI_INVALID_PARAMETER;\r
//\r
// Parse the file's postfix. \r
//\r
- FilePostFix = Private->FileContext->FileName + StrLen (Private->FileContext->FileName) - 4;\r
+ NameLength = StrLen (Private->FileContext->FileName);\r
+ if (NameLength <= 4) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ FilePostFix = Private->FileContext->FileName + NameLength - 4;\r
if (IsDerEncodeCertificate(FilePostFix)) {\r
//\r
// Supports DER-encoded X509 certificate.\r
return EFI_NOT_FOUND;\r
}\r
\r
+ //\r
+ // Get Configuration from Variable.\r
+ //\r
+ SecureBootExtractConfigFromVariable (&IfrNvData);\r
+\r
+ //\r
+ // Map the Configuration to the configuration block.\r
+ //\r
BufferSize = sizeof (SECUREBOOT_CONFIGURATION);\r
Status = gHiiConfigRouting->ConfigToBlock (\r
gHiiConfigRouting,\r
return EFI_INVALID_PARAMETER;\r
}\r
\r
+ if (Action == EFI_BROWSER_ACTION_FORM_OPEN) {\r
+ if (QuestionId == KEY_SECURE_BOOT_MODE) {\r
+ mIsEnterSecureBootForm = TRUE;\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+ }\r
+ \r
+ if (Action == EFI_BROWSER_ACTION_RETRIEVE) {\r
+ Status = EFI_UNSUPPORTED;\r
+ if (QuestionId == KEY_SECURE_BOOT_MODE) {\r
+ if (mIsEnterSecureBootForm) {\r
+ Value->u8 = SECURE_BOOT_MODE_STANDARD;\r
+ Status = EFI_SUCCESS;\r
+ }\r
+ }\r
+ return Status;\r
+ }\r
+ \r
if ((Action != EFI_BROWSER_ACTION_CHANGED) &&\r
(Action != EFI_BROWSER_ACTION_CHANGING) &&\r
(Action != EFI_BROWSER_ACTION_FORM_CLOSE) &&\r
break;\r
\r
case KEY_SECURE_BOOT_MODE:\r
- GetVariable2 (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, (VOID**)&SecureBootMode, NULL);\r
- if (NULL != SecureBootMode) {\r
- Status = gRT->SetVariable ( \r
- EFI_CUSTOM_MODE_NAME,\r
- &gEfiCustomModeEnableGuid,\r
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\r
- sizeof (UINT8),\r
- &Value->u8\r
- );\r
- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;\r
- IfrNvData->SecureBootMode = Value->u8;\r
- FreePool (SecureBootMode);\r
- } \r
+ mIsEnterSecureBootForm = FALSE;\r
break;\r
\r
case KEY_SECURE_BOOT_KEK_GUID:\r