They will do basic validation for authentication data structure, then call crypto library\r
to verify the signature.\r
\r
-Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at\r
UINT32 Index;\r
VARIABLE_POINTER_TRACK Variable;\r
UINT8 *Ptr;\r
+ UINT8 *Data;\r
+ UINTN DataSize;\r
\r
if (PubKey == NULL) {\r
return 0;\r
//\r
if (mPubKeyNumber == MAX_KEY_NUM) {\r
//\r
- // Notes: Database is full, need enhancement here, currently just return 0.\r
+ // Public key dadatase is full, try to reclaim invalid key.\r
//\r
- return 0;\r
+ if (AtRuntime ()) {\r
+ //\r
+ // NV storage can't reclaim at runtime.\r
+ //\r
+ return 0;\r
+ }\r
+ \r
+ Status = Reclaim (\r
+ mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase,\r
+ &mVariableModuleGlobal->NonVolatileLastVariableOffset,\r
+ FALSE,\r
+ NULL,\r
+ TRUE,\r
+ TRUE\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ return 0;\r
+ }\r
+\r
+ Status = FindVariable (\r
+ AUTHVAR_KEYDB_NAME,\r
+ &gEfiAuthenticatedVariableGuid,\r
+ &Variable,\r
+ &mVariableModuleGlobal->VariableGlobal,\r
+ FALSE\r
+ );\r
+ ASSERT_EFI_ERROR (Status);\r
+\r
+ DataSize = DataSizeOfVariable (Variable.CurrPtr);\r
+ Data = GetVariableDataPtr (Variable.CurrPtr);\r
+ ASSERT ((DataSize != 0) && (Data != NULL));\r
+ CopyMem (mPubKeyStore, (UINT8 *) Data, DataSize);\r
+ mPubKeyNumber = (UINT32) (DataSize / EFI_CERT_TYPE_RSA2048_SIZE);\r
+\r
+ if (mPubKeyNumber == MAX_KEY_NUM) {\r
+ return 0;\r
+ } \r
}\r
\r
CopyMem (mPubKeyStore + mPubKeyNumber * EFI_CERT_TYPE_RSA2048_SIZE, PubKey, EFI_CERT_TYPE_RSA2048_SIZE);\r
projects / mirror_edk2.git / blobdiff