- //\r
- // Find Cert Enrolled in DB database to verify the signature in pkcs7 signed data.\r
- // \r
- CertList = (EFI_SIGNATURE_LIST *) DbData;\r
- while ((DataSize > 0) && (DataSize >= CertList->SignatureListSize)) {\r
- if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {\r
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);\r
- CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
- for (Index = 0; Index < CertCount; Index++) {\r
- //\r
- // Iterate each Signature Data Node within this CertList for a verify\r
- // \r
- RootCert = Cert->SignatureData;\r
- RootCertSize = CertList->SignatureSize;\r
- \r
- //\r
- // Call AuthenticodeVerify library to Verify Authenticode struct. \r
- //\r
- VerifyStatus = AuthenticodeVerify (\r
- PkcsCertData->CertData,\r
- mSecDataDir->Size - sizeof(PkcsCertData->Hdr),\r
- RootCert,\r
- RootCertSize,\r
- mImageDigest,\r
- mImageDigestSize\r
- );\r
- \r
- if (VerifyStatus) {\r
- goto Done;\r
- }\r
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);\r
- } \r
- }\r
- DataSize -= CertList->SignatureListSize;\r
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);\r
- }\r
- }\r