• Peter Jones's avatar
    Don't call AuthenticodeVerify if vendor_cert_size is 0. · 213e29e2
    Peter Jones authored
    Actually check the size of our vendor cert quite early, so that there's
    no confusion as to what's going on.
    
    This isn't strictly necessary, in that in all cases if vendor_cert_size
    is 0, then AuthenticodeVerify -> Pkcs7Verify() -> d2i_X509() will result
    in a NULL "Cert", and it will return FALSE, and we'll reject the
    signature, but better to avoid all that code in the first place.  Belt
    and suspenders and whatnot.
    
    Based on a patch from https://github.com/TBOpen .
    Signed-off-by: default avatarPeter Jones <pjones@redhat.com>
    213e29e2
Name
Last commit
Last update
Cryptlib Loading commit data...
include Loading commit data...
lib Loading commit data...
.gitignore Loading commit data...
COPYRIGHT Loading commit data...
Makefile Loading commit data...
MokManager.c Loading commit data...
MokVars.txt Loading commit data...
PasswordCrypt.c Loading commit data...
PasswordCrypt.h Loading commit data...
README Loading commit data...
TODO Loading commit data...
cert.S Loading commit data...
crypt_blowfish.c Loading commit data...
crypt_blowfish.h Loading commit data...
elf_aarch64_efi.lds Loading commit data...
elf_arm_efi.lds Loading commit data...
elf_ia32_efi.lds Loading commit data...
elf_ia64_efi.lds Loading commit data...
elf_x86_64_efi.lds Loading commit data...
fallback.c Loading commit data...
make-certs Loading commit data...
netboot.c Loading commit data...
netboot.h Loading commit data...
replacements.c Loading commit data...
replacements.h Loading commit data...
shim.c Loading commit data...
shim.h Loading commit data...
testplan.txt Loading commit data...
ucs2.h Loading commit data...
version.c.in Loading commit data...
version.h Loading commit data...