They will do basic validation for authentication data structure, then call crypto library\r
to verify the signature.\r
\r
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
);\r
\r
if (EFI_ERROR(Status) || (AuthVariableInfo.Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) == 0) {\r
+ //\r
+ // While cleaning certdb, always delete the variable in certdb regardless of it attributes.\r
+ //\r
Status = DeleteCertsFromDb(\r
VariableName,\r
&AuthVarGuid,\r
- AuthVariableInfo.Attributes\r
+ AuthVariableInfo.Attributes | EFI_VARIABLE_NON_VOLATILE\r
);\r
CertCleaned = TRUE;\r
DEBUG((EFI_D_INFO, "Recovery!! Cert for Auth Variable %s Guid %g is removed for consistency\n", VariableName, &AuthVarGuid));\r