shim/mokutil-correct-moklistrt-size.patch
Peter Jones 0371db891a Fix mokutil's idea of signature sizes.
Also update the fedora key.
2012-12-12 10:07:34 -05:00

55 lines
2.1 KiB
Diff

From jwboyer@redhat.com Tue Dec 11 11:12:04 2012
Return-Path: jwboyer@redhat.com
Received: from zmta04.collab.prod.int.phx2.redhat.com (LHLO
zmta04.collab.prod.int.phx2.redhat.com) (10.5.81.11) by
zmail14.collab.prod.int.phx2.redhat.com with LMTP; Tue, 11 Dec 2012
11:12:04 -0500 (EST)
Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12])
by zmta04.collab.prod.int.phx2.redhat.com (Postfix) with ESMTP id 02F16D0D4D
for <pjones@mail.corp.redhat.com>; Tue, 11 Dec 2012 11:12:04 -0500 (EST)
Received: from hansolo.jdub.homelinux.org ([10.3.113.16])
by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id qBBGC1N7022642
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO);
Tue, 11 Dec 2012 11:12:03 -0500
Date: Tue, 11 Dec 2012 11:12:01 -0500
From: Josh Boyer <jwboyer@redhat.com>
To: pjones@redhat.com
Cc: mjg59@srcf.ucam.org
Subject: [PATCH] Fix SignatureSize field when importing a new cert
Message-ID: <20121211161200.GA999@hansolo.jdub.homelinux.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Scanned-By: MIMEDefang 2.67 on 10.5.11.12
Status: RO
Content-Length: 842
Lines: 25
The SignatureSize field should be the length of the certificate plus
16 per the UEFI spec. Remove the extraneous addition of
sizeof(EFI_SIGNATURE_DATA) from the calculation so that certs enrolled
in MokListRT are parsable.
---
src/mokutil.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/mokutil-0.1.0/src/mokutil.c b/mokutil-0.1.0/src/mokutil.c
index ca46488..f94aee4 100644
--- a/mokutil-0.1.0/src/mokutil.c
+++ b/mokutil-0.1.0/src/mokutil.c
@@ -485,8 +485,7 @@ import_moks (char **files, uint32_t total)
CertList->SignatureListSize = sizes[i] +
sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_SIGNATURE_DATA) - 1;
CertList->SignatureHeaderSize = 0;
- CertList->SignatureSize = sizes[i] +
- sizeof(EFI_SIGNATURE_DATA) + 16;
+ CertList->SignatureSize = sizes[i] + 16;
CertData->SignatureOwner = SHIM_LOCK_GUID;
fd = open (files[i], O_RDONLY);
--
1.8.0.1