FmpAuthenticatedHandlerRsa2048Sha256(), AuthenticateFmpImage() will receive\r
untrusted input and do basic validation.\r
\r
- Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at\r
}\r
\r
//\r
- // Fail if the PublicKey is not one of the public keys in PcdRsa2048Sha256PublicKeyBuffer\r
+ // Fail if the PublicKey is not one of the public keys in the input PublicKeyData.\r
//\r
PublicKey = (VOID *)PublicKeyData;\r
PublicKeyBufferSize = PublicKeyDataLength;\r
return RETURN_UNSUPPORTED;\r
}\r
\r
+ if ((PublicKeyDataLength % SHA256_DIGEST_SIZE) != 0) {\r
+ DEBUG ((DEBUG_ERROR, "PublicKeyDataLength is not multiple SHA256 size\n"));\r
+ return RETURN_UNSUPPORTED;\r
+ }\r
+\r
if (ImageSize < sizeof(EFI_FIRMWARE_IMAGE_AUTHENTICATION)) {\r
DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));\r
return RETURN_INVALID_PARAMETER;\r
DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too small\n"));\r
return RETURN_INVALID_PARAMETER;\r
}\r
- if (Image->AuthInfo.Hdr.dwLength > MAX_UINTN - sizeof(UINT64)) {\r
+ if ((UINTN) Image->AuthInfo.Hdr.dwLength > MAX_UINTN - sizeof(UINT64)) {\r
DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too big\n"));\r
return RETURN_INVALID_PARAMETER;\r
}\r