1. Initialize certdb variable with correct value of list size.

[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / RuntimeDxe / AuthService.h

diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
index e7a9a1f556be0940f61dbf01c5474a0f94470b8f..1f62383aed622e4456ae52d419b84289d4b83c13 100644 (file)
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
@@ -36,14 +36,23 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 /// "AuthVarKeyDatabase" variable for the Public Key store.\r
 ///\r
 #define AUTHVAR_KEYDB_NAME      L"AuthVarKeyDatabase"\r
-#define AUTHVAR_KEYDB_NAME_SIZE 38\r
 \r
 ///\r
 /// Max size of public key database, restricted by max individal EFI varible size, exclude variable header and name size.\r
 ///\r
-#define MAX_KEYDB_SIZE  (FixedPcdGet32 (PcdMaxVariableSize) - sizeof (VARIABLE_HEADER) - AUTHVAR_KEYDB_NAME_SIZE)\r
+#define MAX_KEYDB_SIZE  (FixedPcdGet32 (PcdMaxVariableSize) - sizeof (VARIABLE_HEADER) - sizeof (AUTHVAR_KEYDB_NAME))\r
 #define MAX_KEY_NUM     (MAX_KEYDB_SIZE / EFI_CERT_TYPE_RSA2048_SIZE)\r
 \r
+///\r
+/// "certdb" variable stores the signer's certificates for non PK/KEK/DB/DBX\r
+/// variables with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.\r
+/// \r
+///\r
+#define EFI_CERT_DB_NAME        L"certdb"\r
+#define MAX_CERTDB_SIZE (FixedPcdGet32 (PcdMaxVariableSize) - sizeof (VARIABLE_HEADER) - sizeof (EFI_CERT_DB_NAME))\r
+\r
+extern  EFI_GUID gEfiCertDbGuid;\r
+\r
 ///\r
 /// Struct to record signature requirement defined by UEFI spec.\r
 /// For SigHeaderSize and SigDataSize, ((UINT32) ~0) means NO exact length requirement for this field.\r