BaseTools: UpdateImageSize include Image auth info for FMP Auth capsule

Per UEFI spec UpdateImageSize may or may not include Firmware Image
Authentication information. so for FMP auth capsule, UpdateImageSize
should include the Image auth info.

Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Yonghong Zhu <yonghong.zhu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

diff --git a/BaseTools/Source/Python/GenFds/Capsule.py b/BaseTools/Source/Python/GenFds/Capsule.py
index 93ecee10c63f254e7bc5b71e6a3f1892c06f1a78..c98c054771f67a7ba4fe3c1088ea8bd049d9264b 100644 (file)
--- a/BaseTools/Source/Python/GenFds/Capsule.py
+++ b/BaseTools/Source/Python/GenFds/Capsule.py
@@ -141,7 +141,6 @@ class Capsule (CapsuleClassObject) :
             Content.write(File.read())\r
             File.close()\r
         for fmp in self.FmpPayloadList:\r
-            Buffer = fmp.GenCapsuleSubItem()\r
             if fmp.Certificate_Guid:\r
                 ExternalTool, ExternalOption = FindExtendTool([], GenFdsGlobalVariable.ArchList, fmp.Certificate_Guid)\r
                 CmdOption = ''\r
@@ -162,33 +161,14 @@ class Capsule (CapsuleClassObject) :
                     dwLength = 4 + 2 + 2 + 16 + os.path.getsize(CapOutputTmp) - os.path.getsize(CapInputFile)\r
                 else:\r
                     dwLength = 4 + 2 + 2 + 16 + 16 + 256 + 256\r
-                Buffer += pack('Q', fmp.MonotonicCount)\r
-                Buffer += pack('I', dwLength)\r
-                Buffer += pack('H', WIN_CERT_REVISION)\r
-                Buffer += pack('H', WIN_CERT_TYPE_EFI_GUID)\r
-                Buffer += uuid.UUID(fmp.Certificate_Guid).get_bytes_le()\r
-                if os.path.exists(CapOutputTmp):\r
-                    TmpFile = open(CapOutputTmp, 'rb')\r
-                    Buffer += TmpFile.read()\r
-                    TmpFile.close()\r
-                    if fmp.VendorCodeFile:\r
-                        VendorFile = open(fmp.VendorCodeFile, 'rb')\r
-                        Buffer += VendorFile.read()\r
-                        VendorFile.close()\r
-                    FwMgrHdr.write(pack('=Q', PreSize))\r
-                    PreSize += len(Buffer)\r
-                    Content.write(Buffer)\r
+                fmp.ImageFile = CapOutputTmp\r
+                AuthData = [fmp.MonotonicCount, dwLength, WIN_CERT_REVISION, WIN_CERT_TYPE_EFI_GUID, fmp.Certificate_Guid]\r
+                Buffer = fmp.GenCapsuleSubItem(AuthData)\r
             else:\r
-                ImageFile = open(fmp.ImageFile, 'rb')\r
-                Buffer += ImageFile.read()\r
-                ImageFile.close()\r
-                if fmp.VendorCodeFile:\r
-                    VendorFile = open(fmp.VendorCodeFile, 'rb')\r
-                    Buffer += VendorFile.read()\r
-                    VendorFile.close()\r
-                FwMgrHdr.write(pack('=Q', PreSize))\r
-                PreSize += len(Buffer)\r
-                Content.write(Buffer)\r
+                Buffer = fmp.GenCapsuleSubItem()\r
+            FwMgrHdr.write(pack('=Q', PreSize))\r
+            PreSize += len(Buffer)\r
+            Content.write(Buffer)\r
         BodySize = len(FwMgrHdr.getvalue()) + len(Content.getvalue())\r
         Header.write(pack('=I', HdrSize + BodySize))\r
         #\r

diff --git a/BaseTools/Source/Python/GenFds/CapsuleData.py b/BaseTools/Source/Python/GenFds/CapsuleData.py
index 5d5a1e41ea0f96c1247cffa49a961746bbd9d717..07cc1981d6e92ab5ef212eee8f25e30df60f73a3 100644 (file)
--- a/BaseTools/Source/Python/GenFds/CapsuleData.py
+++ b/BaseTools/Source/Python/GenFds/CapsuleData.py
@@ -21,6 +21,7 @@ import StringIO
 from struct import pack\r
 import os\r
 from Common.Misc import SaveFileOnChange\r
+import uuid\r
 \r
 ## base class for capsule data\r
 #\r
@@ -183,10 +184,14 @@ class CapsulePayload(CapsuleData):
         self.Certificate_Guid = None\r
         self.MonotonicCount = None\r
 \r
-    def GenCapsuleSubItem(self):\r
+    def GenCapsuleSubItem(self, AuthData=[]):\r
         if not self.Version:\r
             self.Version = 0x00000002\r
         ImageFileSize = os.path.getsize(self.ImageFile)\r
+        if AuthData:\r
+            # the ImageFileSize need include the full authenticated info size. From first bytes of MonotonicCount to last bytes of certificate.\r
+            # the 32 bit is the MonotonicCount, dwLength, wRevision, wCertificateType and CertType\r
+            ImageFileSize += 32\r
         VendorFileSize = 0\r
         if self.VendorCodeFile:\r
             VendorFileSize = os.path.getsize(self.VendorCodeFile)\r
@@ -216,4 +221,18 @@ class CapsulePayload(CapsuleData):
                        VendorFileSize,\r
                        int(self.HardwareInstance, 16)\r
                        )\r
+        if AuthData:\r
+            Buffer += pack('QIHH', AuthData[0], AuthData[1], AuthData[2], AuthData[3])\r
+            Buffer += uuid.UUID(AuthData[4]).get_bytes_le()\r
+\r
+        #\r
+        # Append file content to the structure\r
+        #\r
+        ImageFile = open(self.ImageFile, 'rb')\r
+        Buffer += ImageFile.read()\r
+        ImageFile.close()\r
+        if self.VendorCodeFile:\r
+            VendorFile = open(self.VendorCodeFile, 'rb')\r
+            Buffer += VendorFile.read()\r
+            VendorFile.close()\r
         return Buffer\r