| Message ID | 1383890202-11622-1-git-send-email-ivan.hu@canonical.com |
|---|---|
| State | Rejected |
| Headers | show |
On 08/11/13 05:56, Ivan Hu wrote: > Add the function of comparing the SignarureType guid, print out the readable > type. Also fixed the build error that duplicated define of EFI_CERT_X509_GUID > from the securebootcert test, when add the define EFI_CERT_X509_GUID on fwts_uefi.h > > Signed-off-by: Ivan Hu <ivan.hu@canonical.com> > --- > src/lib/include/fwts_uefi.h | 36 ++++++++++++++++++++++++++++++ > src/uefi/securebootcert/securebootcert.c | 6 ----- > src/uefi/uefidump/uefidump.c | 18 ++++++++++++--- > 3 files changed, 51 insertions(+), 9 deletions(-) > > diff --git a/src/lib/include/fwts_uefi.h b/src/lib/include/fwts_uefi.h > index a64be92..9f9fd5c 100644 > --- a/src/lib/include/fwts_uefi.h > +++ b/src/lib/include/fwts_uefi.h > @@ -95,6 +95,42 @@ enum { > #define EFI_OS_INDICATIONS_FMP_CAPSULE_SUPPORTED 0x0000000000000008 > #define EFI_OS_INDICATIONS_CAPSULE_RESULT_VAR_SUPPORTED 0x0000000000000010 > > +#define EFI_CERT_SHA256_GUID \ > +{ 0xc1c41626, 0x504c, 0x4092, { 0xac, 0xa9, 0x41, 0xf9, 0x36, 0x93, 0x43, 0x28 }} > + > +#define EFI_CERT_RSA2048_GUID \ > +{ 0x3c5766e8, 0x269c, 0x4e34, { 0xaa, 0x14, 0xed, 0x77, 0x6e, 0x85, 0xb3, 0xb6 }} > + > +#define EFI_CERT_RSA2048_SHA256_GUID \ > +{ 0xe2b36190, 0x879b, 0x4a3d, { 0xad, 0x8d, 0xf2, 0xe7, 0xbb, 0xa3, 0x27, 0x84 }} > + > +#define EFI_CERT_SHA1_GUID \ > +{ 0x826ca512, 0xcf10, 0x4ac9, { 0xb1, 0x87, 0xbe, 0x1, 0x49, 0x66, 0x31, 0xbd }} > + > +#define EFI_CERT_RSA2048_SHA1_GUID \ > +{ 0x67f8444f, 0x8743, 0x48f1, { 0xa3, 0x28, 0x1e, 0xaa, 0xb8, 0x73, 0x60, 0x80 }} > + > +#define EFI_CERT_X509_GUID \ > +{ 0xa5c059a1, 0x94e4, 0x4aa7, { 0x87, 0xb5, 0xab, 0x15, 0x5c, 0x2b, 0xf0, 0x72 }} > + > +#define EFI_CERT_SHA224_GUID \ > +{ 0xb6e5233, 0xa65c, 0x44c9, { 0x94, 0x7, 0xd9, 0xab, 0x83, 0xbf, 0xc8, 0xbd }} > + > +#define EFI_CERT_SHA384_GUID \ > +{ 0xff3e5307, 0x9fd0, 0x48c9, { 0x85, 0xf1, 0x8a, 0xd5, 0x6c, 0x70, 0x1e, 0x1 }} > + > +#define EFI_CERT_SHA512_GUID \ > +{ 0x93e0fae, 0xa6c4, 0x4f50, { 0x9f, 0x1b, 0xd4, 0x1e, 0x2b, 0x89, 0xc1, 0x9a }} > + > +#define EFI_CERT_X509_SHA256_GUID \ > +{ 0x3bd2a492, 0x96c0, 0x4079, { 0xb4, 0x20, 0xfc, 0xf9, 0x8e, 0xf1, 0x03, 0xed }} > + > +#define EFI_CERT_X509_SHA384_GUID \ > +{ 0x7076876e, 0x80c2, 0x4ee6, { 0xaa, 0xd2, 0x28, 0xb3, 0x49, 0xa6, 0x86, 0x5b }} > + > +#define EFI_CERT_X509_SHA512_GUID \ > +{ 0x446dbf63, 0x2502, 0x4cda, { 0xbc, 0xfa, 0x24, 0x65, 0xd2, 0xb0, 0xfe, 0x9d }} > + > #if 0 > typedef struct { > char *description; > diff --git a/src/uefi/securebootcert/securebootcert.c b/src/uefi/securebootcert/securebootcert.c > index 9fa469b..86f5e0e 100644 > --- a/src/uefi/securebootcert/securebootcert.c > +++ b/src/uefi/securebootcert/securebootcert.c > @@ -61,12 +61,6 @@ typedef struct _EFI_SIGNATURE_LIST { > 0xd0, 0x0e, 0x67, 0x65, 0x6f} \ > } > > -#define EFI_CERT_X509_GUID \ > -{ \ > - 0xa5c059a1, 0x94e4, 0x4aa7, { 0x87, 0xb5, 0xab, \ > - 0x15, 0x5c, 0x2b, 0xf0, 0x72 } \ > -} > - > static uint8_t var_found; > > static bool compare_guid(EFI_GUID *guid1, uint8_t *guid2) > diff --git a/src/uefi/uefidump/uefidump.c b/src/uefi/uefidump/uefidump.c > index c8c6a35..166d968 100644 > --- a/src/uefi/uefidump/uefidump.c > +++ b/src/uefi/uefidump/uefidump.c > @@ -51,7 +51,7 @@ static void uefidump_data_hexdump(fwts_framework *fw, uint8_t *data, size_t size > { > size_t i; > > - for (i = 0; i < size; i+= 16) { > + for (i = 0; i < size; i += 16) { > char buffer[128]; > size_t left = size - i; > > @@ -892,6 +892,13 @@ static void uefidump_info_signaturedatabase(fwts_framework *fw, fwts_uefi_var *v > fwts_uefi_signature_list *signature_list; > char guid_str[37]; > size_t offset = 0, list_start = 0; > + size_t i; > + fwts_uefi_guid guid[] = { EFI_CERT_X509_GUID, EFI_CERT_SHA256_GUID, EFI_CERT_RSA2048_GUID, EFI_CERT_RSA2048_SHA256_GUID, \ > + EFI_CERT_SHA1_GUID, EFI_CERT_RSA2048_SHA1_GUID, EFI_CERT_SHA224_GUID, EFI_CERT_SHA384_GUID, \ > + EFI_CERT_SHA512_GUID, EFI_CERT_X509_SHA256_GUID, EFI_CERT_X509_SHA384_GUID, EFI_CERT_X509_SHA512_GUID }; > + char *str[] = { "EFI_CERT_X509_GUID", "EFI_CERT_SHA256_GUID", "EFI_CERT_RSA2048_GUID", "EFI_CERT_RSA2048_SHA256_GUID", \ > + "EFI_CERT_SHA1_GUID", "EFI_CERT_RSA2048_SHA1_GUID", "EFI_CERT_SHA224_GUID", "EFI_CERT_SHA384_GUID", \ > + "EFI_CERT_SHA512_GUID", "EFI_CERT_X509_SHA256_GUID", "EFI_CERT_X509_SHA384_GUID", "EFI_CERT_X509_SHA512_GUID" }; > Minor quibble, rather than have multiple items listed per line, it may look neater if you have something like: fwts_uefi_guid guid [] = { EFI_CERT_X509_GUID, EFI_CERT_SHA256_GUID, ... }; and same for str too: char *str[] = { }; > if (var->datalen < sizeof(fwts_uefi_signature_list)) > return; > @@ -899,14 +906,19 @@ static void uefidump_info_signaturedatabase(fwts_framework *fw, fwts_uefi_var *v > do { > signature_list = (fwts_uefi_signature_list *)(var->data + list_start); > fwts_guid_buf_to_str(var->data, guid_str, sizeof(guid_str)); > - fwts_log_info_verbatum(fw, " SignatureType: %s", guid_str); > + > + for (i = 0; i < sizeof(guid)/sizeof(guid[0]); i++) > + if (memcmp(var->data, &guid[i], sizeof(fwts_uefi_guid)) == 0) > + break; > + > + fwts_log_info_verbatum(fw, " SignatureType: %s (%s)", guid_str, str[i]); We should also handle the case where we have a GUID that is not recognised, maybe the following: char *guid_str = "Unknown GUID"; .. for (i = 0; i < sizeof(guid)/sizeof(guid[0]); i++) if (memcmp(var->data, &guid[i], sizeof(fwts_uefi_guid)) == 0) { guid_str = str[i]; break; } } fwts_log_info_verbatum(fw, " SignatureType: %s (%s)", guid_str, guid_str); > fwts_log_info_verbatum(fw, " SignatureListSize: 0x%" PRIx32, signature_list->signaturelistsize); > fwts_log_info_verbatum(fw, " SignatureHeaderSize: 0x%" PRIx32, signature_list->signatureheadersize); > fwts_log_info_verbatum(fw, " SignatureSize: 0x%" PRIx32, signature_list->signaturesize); > > offset = list_start + sizeof (fwts_uefi_signature_list); > if (signature_list->signatureheadersize > 0) { > - fwts_log_info_verbatum(fw, " SignatureHeader:"); > + fwts_log_info_verbatum(fw, " SignatureHeader:"); I guess this is fixing up a trailing white space. Perhaps that should not have been introduced in patch 1 of the series. > uefidump_data_hexdump(fw, (uint8_t *)(var->data + offset), signature_list->signatureheadersize); > } > offset += signature_list->signatureheadersize; >
On 08/11/13 09:11, Colin Ian King wrote: > On 08/11/13 05:56, Ivan Hu wrote: >> Add the function of comparing the SignarureType guid, print out the readable >> type. Also fixed the build error that duplicated define of EFI_CERT_X509_GUID >> from the securebootcert test, when add the define EFI_CERT_X509_GUID on fwts_uefi.h >> >> Signed-off-by: Ivan Hu <ivan.hu@canonical.com> >> --- >> src/lib/include/fwts_uefi.h | 36 ++++++++++++++++++++++++++++++ >> src/uefi/securebootcert/securebootcert.c | 6 ----- >> src/uefi/uefidump/uefidump.c | 18 ++++++++++++--- >> 3 files changed, 51 insertions(+), 9 deletions(-) >> >> diff --git a/src/lib/include/fwts_uefi.h b/src/lib/include/fwts_uefi.h >> index a64be92..9f9fd5c 100644 >> --- a/src/lib/include/fwts_uefi.h >> +++ b/src/lib/include/fwts_uefi.h >> @@ -95,6 +95,42 @@ enum { >> #define EFI_OS_INDICATIONS_FMP_CAPSULE_SUPPORTED 0x0000000000000008 >> #define EFI_OS_INDICATIONS_CAPSULE_RESULT_VAR_SUPPORTED 0x0000000000000010 >> >> +#define EFI_CERT_SHA256_GUID \ >> +{ 0xc1c41626, 0x504c, 0x4092, { 0xac, 0xa9, 0x41, 0xf9, 0x36, 0x93, 0x43, 0x28 }} >> + >> +#define EFI_CERT_RSA2048_GUID \ >> +{ 0x3c5766e8, 0x269c, 0x4e34, { 0xaa, 0x14, 0xed, 0x77, 0x6e, 0x85, 0xb3, 0xb6 }} >> + >> +#define EFI_CERT_RSA2048_SHA256_GUID \ >> +{ 0xe2b36190, 0x879b, 0x4a3d, { 0xad, 0x8d, 0xf2, 0xe7, 0xbb, 0xa3, 0x27, 0x84 }} >> + >> +#define EFI_CERT_SHA1_GUID \ >> +{ 0x826ca512, 0xcf10, 0x4ac9, { 0xb1, 0x87, 0xbe, 0x1, 0x49, 0x66, 0x31, 0xbd }} >> + >> +#define EFI_CERT_RSA2048_SHA1_GUID \ >> +{ 0x67f8444f, 0x8743, 0x48f1, { 0xa3, 0x28, 0x1e, 0xaa, 0xb8, 0x73, 0x60, 0x80 }} >> + >> +#define EFI_CERT_X509_GUID \ >> +{ 0xa5c059a1, 0x94e4, 0x4aa7, { 0x87, 0xb5, 0xab, 0x15, 0x5c, 0x2b, 0xf0, 0x72 }} >> + >> +#define EFI_CERT_SHA224_GUID \ >> +{ 0xb6e5233, 0xa65c, 0x44c9, { 0x94, 0x7, 0xd9, 0xab, 0x83, 0xbf, 0xc8, 0xbd }} >> + >> +#define EFI_CERT_SHA384_GUID \ >> +{ 0xff3e5307, 0x9fd0, 0x48c9, { 0x85, 0xf1, 0x8a, 0xd5, 0x6c, 0x70, 0x1e, 0x1 }} >> + >> +#define EFI_CERT_SHA512_GUID \ >> +{ 0x93e0fae, 0xa6c4, 0x4f50, { 0x9f, 0x1b, 0xd4, 0x1e, 0x2b, 0x89, 0xc1, 0x9a }} >> + >> +#define EFI_CERT_X509_SHA256_GUID \ >> +{ 0x3bd2a492, 0x96c0, 0x4079, { 0xb4, 0x20, 0xfc, 0xf9, 0x8e, 0xf1, 0x03, 0xed }} >> + >> +#define EFI_CERT_X509_SHA384_GUID \ >> +{ 0x7076876e, 0x80c2, 0x4ee6, { 0xaa, 0xd2, 0x28, 0xb3, 0x49, 0xa6, 0x86, 0x5b }} >> + >> +#define EFI_CERT_X509_SHA512_GUID \ >> +{ 0x446dbf63, 0x2502, 0x4cda, { 0xbc, 0xfa, 0x24, 0x65, 0xd2, 0xb0, 0xfe, 0x9d }} >> + >> #if 0 >> typedef struct { >> char *description; >> diff --git a/src/uefi/securebootcert/securebootcert.c b/src/uefi/securebootcert/securebootcert.c >> index 9fa469b..86f5e0e 100644 >> --- a/src/uefi/securebootcert/securebootcert.c >> +++ b/src/uefi/securebootcert/securebootcert.c >> @@ -61,12 +61,6 @@ typedef struct _EFI_SIGNATURE_LIST { >> 0xd0, 0x0e, 0x67, 0x65, 0x6f} \ >> } >> >> -#define EFI_CERT_X509_GUID \ >> -{ \ >> - 0xa5c059a1, 0x94e4, 0x4aa7, { 0x87, 0xb5, 0xab, \ >> - 0x15, 0x5c, 0x2b, 0xf0, 0x72 } \ >> -} >> - >> static uint8_t var_found; >> >> static bool compare_guid(EFI_GUID *guid1, uint8_t *guid2) >> diff --git a/src/uefi/uefidump/uefidump.c b/src/uefi/uefidump/uefidump.c >> index c8c6a35..166d968 100644 >> --- a/src/uefi/uefidump/uefidump.c >> +++ b/src/uefi/uefidump/uefidump.c >> @@ -51,7 +51,7 @@ static void uefidump_data_hexdump(fwts_framework *fw, uint8_t *data, size_t size >> { >> size_t i; >> >> - for (i = 0; i < size; i+= 16) { >> + for (i = 0; i < size; i += 16) { >> char buffer[128]; >> size_t left = size - i; >> >> @@ -892,6 +892,13 @@ static void uefidump_info_signaturedatabase(fwts_framework *fw, fwts_uefi_var *v >> fwts_uefi_signature_list *signature_list; >> char guid_str[37]; >> size_t offset = 0, list_start = 0; >> + size_t i; >> + fwts_uefi_guid guid[] = { EFI_CERT_X509_GUID, EFI_CERT_SHA256_GUID, EFI_CERT_RSA2048_GUID, EFI_CERT_RSA2048_SHA256_GUID, \ >> + EFI_CERT_SHA1_GUID, EFI_CERT_RSA2048_SHA1_GUID, EFI_CERT_SHA224_GUID, EFI_CERT_SHA384_GUID, \ >> + EFI_CERT_SHA512_GUID, EFI_CERT_X509_SHA256_GUID, EFI_CERT_X509_SHA384_GUID, EFI_CERT_X509_SHA512_GUID }; >> + char *str[] = { "EFI_CERT_X509_GUID", "EFI_CERT_SHA256_GUID", "EFI_CERT_RSA2048_GUID", "EFI_CERT_RSA2048_SHA256_GUID", \ >> + "EFI_CERT_SHA1_GUID", "EFI_CERT_RSA2048_SHA1_GUID", "EFI_CERT_SHA224_GUID", "EFI_CERT_SHA384_GUID", \ >> + "EFI_CERT_SHA512_GUID", "EFI_CERT_X509_SHA256_GUID", "EFI_CERT_X509_SHA384_GUID", "EFI_CERT_X509_SHA512_GUID" }; >> > > Minor quibble, rather than have multiple items listed per line, it may > look neater if you have something like: > > fwts_uefi_guid guid [] = { > EFI_CERT_X509_GUID, > EFI_CERT_SHA256_GUID, > ... > > }; > > and same for str too: > > char *str[] = { > > }; > > > > >> if (var->datalen < sizeof(fwts_uefi_signature_list)) >> return; >> @@ -899,14 +906,19 @@ static void uefidump_info_signaturedatabase(fwts_framework *fw, fwts_uefi_var *v >> do { >> signature_list = (fwts_uefi_signature_list *)(var->data + list_start); >> fwts_guid_buf_to_str(var->data, guid_str, sizeof(guid_str)); >> - fwts_log_info_verbatum(fw, " SignatureType: %s", guid_str); >> + >> + for (i = 0; i < sizeof(guid)/sizeof(guid[0]); i++) >> + if (memcmp(var->data, &guid[i], sizeof(fwts_uefi_guid)) == 0) >> + break; >> + >> + fwts_log_info_verbatum(fw, " SignatureType: %s (%s)", guid_str, str[i]); Oops, I clashed on guid_str, re-worked example below: char *tmp_str = "Unknown GUID"; .. for (i = 0; i < sizeof(guid)/sizeof(guid[0]); i++) if (memcmp(var->data, &guid[i], sizeof(fwts_uefi_guid)) == 0) { tmp_str = str[i]; break; } } fwts_log_info_verbatum(fw, " SignatureType: %s (%s)", guid_str, tmp_str); > >> fwts_log_info_verbatum(fw, " SignatureListSize: 0x%" PRIx32, signature_list->signaturelistsize); >> fwts_log_info_verbatum(fw, " SignatureHeaderSize: 0x%" PRIx32, signature_list->signatureheadersize); >> fwts_log_info_verbatum(fw, " SignatureSize: 0x%" PRIx32, signature_list->signaturesize); >> >> offset = list_start + sizeof (fwts_uefi_signature_list); >> if (signature_list->signatureheadersize > 0) { >> - fwts_log_info_verbatum(fw, " SignatureHeader:"); >> + fwts_log_info_verbatum(fw, " SignatureHeader:"); > > I guess this is fixing up a trailing white space. Perhaps that should > not have been introduced in patch 1 of the series. > >> uefidump_data_hexdump(fw, (uint8_t *)(var->data + offset), signature_list->signatureheadersize); >> } >> offset += signature_list->signatureheadersize; >> >
diff --git a/src/lib/include/fwts_uefi.h b/src/lib/include/fwts_uefi.h index a64be92..9f9fd5c 100644 --- a/src/lib/include/fwts_uefi.h +++ b/src/lib/include/fwts_uefi.h @@ -95,6 +95,42 @@ enum { #define EFI_OS_INDICATIONS_FMP_CAPSULE_SUPPORTED 0x0000000000000008 #define EFI_OS_INDICATIONS_CAPSULE_RESULT_VAR_SUPPORTED 0x0000000000000010 +#define EFI_CERT_SHA256_GUID \ +{ 0xc1c41626, 0x504c, 0x4092, { 0xac, 0xa9, 0x41, 0xf9, 0x36, 0x93, 0x43, 0x28 }} + +#define EFI_CERT_RSA2048_GUID \ +{ 0x3c5766e8, 0x269c, 0x4e34, { 0xaa, 0x14, 0xed, 0x77, 0x6e, 0x85, 0xb3, 0xb6 }} + +#define EFI_CERT_RSA2048_SHA256_GUID \ +{ 0xe2b36190, 0x879b, 0x4a3d, { 0xad, 0x8d, 0xf2, 0xe7, 0xbb, 0xa3, 0x27, 0x84 }} + +#define EFI_CERT_SHA1_GUID \ +{ 0x826ca512, 0xcf10, 0x4ac9, { 0xb1, 0x87, 0xbe, 0x1, 0x49, 0x66, 0x31, 0xbd }} + +#define EFI_CERT_RSA2048_SHA1_GUID \ +{ 0x67f8444f, 0x8743, 0x48f1, { 0xa3, 0x28, 0x1e, 0xaa, 0xb8, 0x73, 0x60, 0x80 }} + +#define EFI_CERT_X509_GUID \ +{ 0xa5c059a1, 0x94e4, 0x4aa7, { 0x87, 0xb5, 0xab, 0x15, 0x5c, 0x2b, 0xf0, 0x72 }} + +#define EFI_CERT_SHA224_GUID \ +{ 0xb6e5233, 0xa65c, 0x44c9, { 0x94, 0x7, 0xd9, 0xab, 0x83, 0xbf, 0xc8, 0xbd }} + +#define EFI_CERT_SHA384_GUID \ +{ 0xff3e5307, 0x9fd0, 0x48c9, { 0x85, 0xf1, 0x8a, 0xd5, 0x6c, 0x70, 0x1e, 0x1 }} + +#define EFI_CERT_SHA512_GUID \ +{ 0x93e0fae, 0xa6c4, 0x4f50, { 0x9f, 0x1b, 0xd4, 0x1e, 0x2b, 0x89, 0xc1, 0x9a }} + +#define EFI_CERT_X509_SHA256_GUID \ +{ 0x3bd2a492, 0x96c0, 0x4079, { 0xb4, 0x20, 0xfc, 0xf9, 0x8e, 0xf1, 0x03, 0xed }} + +#define EFI_CERT_X509_SHA384_GUID \ +{ 0x7076876e, 0x80c2, 0x4ee6, { 0xaa, 0xd2, 0x28, 0xb3, 0x49, 0xa6, 0x86, 0x5b }} + +#define EFI_CERT_X509_SHA512_GUID \ +{ 0x446dbf63, 0x2502, 0x4cda, { 0xbc, 0xfa, 0x24, 0x65, 0xd2, 0xb0, 0xfe, 0x9d }} + #if 0 typedef struct { char *description; diff --git a/src/uefi/securebootcert/securebootcert.c b/src/uefi/securebootcert/securebootcert.c index 9fa469b..86f5e0e 100644 --- a/src/uefi/securebootcert/securebootcert.c +++ b/src/uefi/securebootcert/securebootcert.c @@ -61,12 +61,6 @@ typedef struct _EFI_SIGNATURE_LIST { 0xd0, 0x0e, 0x67, 0x65, 0x6f} \ } -#define EFI_CERT_X509_GUID \ -{ \ - 0xa5c059a1, 0x94e4, 0x4aa7, { 0x87, 0xb5, 0xab, \ - 0x15, 0x5c, 0x2b, 0xf0, 0x72 } \ -} - static uint8_t var_found; static bool compare_guid(EFI_GUID *guid1, uint8_t *guid2) diff --git a/src/uefi/uefidump/uefidump.c b/src/uefi/uefidump/uefidump.c index c8c6a35..166d968 100644 --- a/src/uefi/uefidump/uefidump.c +++ b/src/uefi/uefidump/uefidump.c @@ -51,7 +51,7 @@ static void uefidump_data_hexdump(fwts_framework *fw, uint8_t *data, size_t size { size_t i; - for (i = 0; i < size; i+= 16) { + for (i = 0; i < size; i += 16) { char buffer[128]; size_t left = size - i; @@ -892,6 +892,13 @@ static void uefidump_info_signaturedatabase(fwts_framework *fw, fwts_uefi_var *v fwts_uefi_signature_list *signature_list; char guid_str[37]; size_t offset = 0, list_start = 0; + size_t i; + fwts_uefi_guid guid[] = { EFI_CERT_X509_GUID, EFI_CERT_SHA256_GUID, EFI_CERT_RSA2048_GUID, EFI_CERT_RSA2048_SHA256_GUID, \ + EFI_CERT_SHA1_GUID, EFI_CERT_RSA2048_SHA1_GUID, EFI_CERT_SHA224_GUID, EFI_CERT_SHA384_GUID, \ + EFI_CERT_SHA512_GUID, EFI_CERT_X509_SHA256_GUID, EFI_CERT_X509_SHA384_GUID, EFI_CERT_X509_SHA512_GUID }; + char *str[] = { "EFI_CERT_X509_GUID", "EFI_CERT_SHA256_GUID", "EFI_CERT_RSA2048_GUID", "EFI_CERT_RSA2048_SHA256_GUID", \ + "EFI_CERT_SHA1_GUID", "EFI_CERT_RSA2048_SHA1_GUID", "EFI_CERT_SHA224_GUID", "EFI_CERT_SHA384_GUID", \ + "EFI_CERT_SHA512_GUID", "EFI_CERT_X509_SHA256_GUID", "EFI_CERT_X509_SHA384_GUID", "EFI_CERT_X509_SHA512_GUID" }; if (var->datalen < sizeof(fwts_uefi_signature_list)) return; @@ -899,14 +906,19 @@ static void uefidump_info_signaturedatabase(fwts_framework *fw, fwts_uefi_var *v do { signature_list = (fwts_uefi_signature_list *)(var->data + list_start); fwts_guid_buf_to_str(var->data, guid_str, sizeof(guid_str)); - fwts_log_info_verbatum(fw, " SignatureType: %s", guid_str); + + for (i = 0; i < sizeof(guid)/sizeof(guid[0]); i++) + if (memcmp(var->data, &guid[i], sizeof(fwts_uefi_guid)) == 0) + break; + + fwts_log_info_verbatum(fw, " SignatureType: %s (%s)", guid_str, str[i]); fwts_log_info_verbatum(fw, " SignatureListSize: 0x%" PRIx32, signature_list->signaturelistsize); fwts_log_info_verbatum(fw, " SignatureHeaderSize: 0x%" PRIx32, signature_list->signatureheadersize); fwts_log_info_verbatum(fw, " SignatureSize: 0x%" PRIx32, signature_list->signaturesize); offset = list_start + sizeof (fwts_uefi_signature_list); if (signature_list->signatureheadersize > 0) { - fwts_log_info_verbatum(fw, " SignatureHeader:"); + fwts_log_info_verbatum(fw, " SignatureHeader:"); uefidump_data_hexdump(fw, (uint8_t *)(var->data + offset), signature_list->signatureheadersize); } offset += signature_list->signatureheadersize;
Add the function of comparing the SignarureType guid, print out the readable type. Also fixed the build error that duplicated define of EFI_CERT_X509_GUID from the securebootcert test, when add the define EFI_CERT_X509_GUID on fwts_uefi.h Signed-off-by: Ivan Hu <ivan.hu@canonical.com> --- src/lib/include/fwts_uefi.h | 36 ++++++++++++++++++++++++++++++ src/uefi/securebootcert/securebootcert.c | 6 ----- src/uefi/uefidump/uefidump.c | 18 ++++++++++++--- 3 files changed, 51 insertions(+), 9 deletions(-)