From patchwork Fri Nov  8 05:56:42 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ivan Hu <ivan.hu@canonical.com>
X-Patchwork-Id: 289698
Return-Path: <fwts-devel-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from huckleberry.canonical.com (huckleberry.canonical.com
	[91.189.94.19]) by ozlabs.org (Postfix) with ESMTP id 80DDB2C00B8
	for <incoming@patchwork.ozlabs.org>;
	Fri,  8 Nov 2013 16:56:56 +1100 (EST)
Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com)
	by huckleberry.canonical.com with esmtp (Exim 4.76)
	(envelope-from <fwts-devel-bounces@lists.ubuntu.com>)
	id 1Vef3u-0007HJ-Rk; Fri, 08 Nov 2013 05:56:54 +0000
Received: from youngberry.canonical.com ([91.189.89.112])
	by huckleberry.canonical.com with esmtp (Exim 4.76)
	(envelope-from <ivan.hu@canonical.com>) id 1Vef3p-0007H5-MR
	for fwts-devel@lists.ubuntu.com; Fri, 08 Nov 2013 05:56:49 +0000
Received: from [175.41.48.77] (helo=canonical.com)
	by youngberry.canonical.com with esmtpsa
	(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <ivan.hu@canonical.com>)
	id 1Vef3o-0007Zi-Ou; Fri, 08 Nov 2013 05:56:49 +0000
From: Ivan Hu <ivan.hu@canonical.com>
To: fwts-devel@lists.ubuntu.com
Subject: [PATCH 2/3] uefi: uefidump: compare the SignarureType GUID and print
	out type for signature database parser (LP:#1247749)
Date: Fri,  8 Nov 2013 13:56:42 +0800
Message-Id: <1383890202-11622-1-git-send-email-ivan.hu@canonical.com>
X-Mailer: git-send-email 1.7.9.5
X-BeenThere: fwts-devel@lists.ubuntu.com
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Firmware Test Suite Development <fwts-devel.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/fwts-devel>,
	<mailto:fwts-devel-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/fwts-devel>
List-Post: <mailto:fwts-devel@lists.ubuntu.com>
List-Help: <mailto:fwts-devel-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/fwts-devel>,
	<mailto:fwts-devel-request@lists.ubuntu.com?subject=subscribe>
MIME-Version: 1.0
Errors-To: fwts-devel-bounces@lists.ubuntu.com
Sender: fwts-devel-bounces@lists.ubuntu.com

Add the function of comparing the SignarureType guid, print out the readable
type. Also fixed the build error that duplicated define of EFI_CERT_X509_GUID
from the securebootcert test, when add the define EFI_CERT_X509_GUID on fwts_uefi.h

Signed-off-by: Ivan Hu <ivan.hu@canonical.com>
---
 src/lib/include/fwts_uefi.h              |   36 ++++++++++++++++++++++++++++++
 src/uefi/securebootcert/securebootcert.c |    6 -----
 src/uefi/uefidump/uefidump.c             |   18 ++++++++++++---
 3 files changed, 51 insertions(+), 9 deletions(-)

diff --git a/src/lib/include/fwts_uefi.h b/src/lib/include/fwts_uefi.h
index a64be92..9f9fd5c 100644
--- a/src/lib/include/fwts_uefi.h
+++ b/src/lib/include/fwts_uefi.h
@@ -95,6 +95,42 @@ enum {
 #define EFI_OS_INDICATIONS_FMP_CAPSULE_SUPPORTED 		0x0000000000000008
 #define EFI_OS_INDICATIONS_CAPSULE_RESULT_VAR_SUPPORTED		0x0000000000000010
 
+#define EFI_CERT_SHA256_GUID \
+{ 0xc1c41626, 0x504c, 0x4092, { 0xac, 0xa9, 0x41, 0xf9, 0x36, 0x93, 0x43, 0x28 }}
+
+#define EFI_CERT_RSA2048_GUID \
+{ 0x3c5766e8, 0x269c, 0x4e34, { 0xaa, 0x14, 0xed, 0x77, 0x6e, 0x85, 0xb3, 0xb6 }}
+
+#define EFI_CERT_RSA2048_SHA256_GUID \
+{ 0xe2b36190, 0x879b, 0x4a3d, { 0xad, 0x8d, 0xf2, 0xe7, 0xbb, 0xa3, 0x27, 0x84 }}
+
+#define EFI_CERT_SHA1_GUID \
+{ 0x826ca512, 0xcf10, 0x4ac9, { 0xb1, 0x87, 0xbe, 0x1, 0x49, 0x66, 0x31, 0xbd }}
+
+#define EFI_CERT_RSA2048_SHA1_GUID \
+{ 0x67f8444f, 0x8743, 0x48f1, { 0xa3, 0x28, 0x1e, 0xaa, 0xb8, 0x73, 0x60, 0x80 }}
+
+#define EFI_CERT_X509_GUID \
+{ 0xa5c059a1, 0x94e4, 0x4aa7, { 0x87, 0xb5, 0xab, 0x15, 0x5c, 0x2b, 0xf0, 0x72 }}
+
+#define EFI_CERT_SHA224_GUID \
+{ 0xb6e5233, 0xa65c, 0x44c9, { 0x94, 0x7, 0xd9, 0xab, 0x83, 0xbf, 0xc8, 0xbd }}
+
+#define EFI_CERT_SHA384_GUID \
+{ 0xff3e5307, 0x9fd0, 0x48c9, { 0x85, 0xf1, 0x8a, 0xd5, 0x6c, 0x70, 0x1e, 0x1 }}
+
+#define EFI_CERT_SHA512_GUID \
+{ 0x93e0fae, 0xa6c4, 0x4f50, { 0x9f, 0x1b, 0xd4, 0x1e, 0x2b, 0x89, 0xc1, 0x9a }}
+
+#define EFI_CERT_X509_SHA256_GUID \
+{ 0x3bd2a492, 0x96c0, 0x4079, { 0xb4, 0x20, 0xfc, 0xf9, 0x8e, 0xf1, 0x03, 0xed }}
+
+#define EFI_CERT_X509_SHA384_GUID \
+{ 0x7076876e, 0x80c2, 0x4ee6, { 0xaa, 0xd2, 0x28, 0xb3, 0x49, 0xa6, 0x86, 0x5b }}
+
+#define EFI_CERT_X509_SHA512_GUID \
+{ 0x446dbf63, 0x2502, 0x4cda, { 0xbc, 0xfa, 0x24, 0x65, 0xd2, 0xb0, 0xfe, 0x9d }}
+
 #if 0
 typedef struct {
 	char *description;
diff --git a/src/uefi/securebootcert/securebootcert.c b/src/uefi/securebootcert/securebootcert.c
index 9fa469b..86f5e0e 100644
--- a/src/uefi/securebootcert/securebootcert.c
+++ b/src/uefi/securebootcert/securebootcert.c
@@ -61,12 +61,6 @@ typedef struct _EFI_SIGNATURE_LIST {
 						0xd0, 0x0e, 0x67, 0x65, 0x6f} \
 }
 
-#define EFI_CERT_X509_GUID \
-{ \
-	0xa5c059a1, 0x94e4, 0x4aa7, { 0x87, 0xb5, 0xab, \
-						0x15, 0x5c, 0x2b, 0xf0, 0x72 } \
-}
-
 static uint8_t var_found;
 
 static bool compare_guid(EFI_GUID *guid1, uint8_t *guid2)
diff --git a/src/uefi/uefidump/uefidump.c b/src/uefi/uefidump/uefidump.c
index c8c6a35..166d968 100644
--- a/src/uefi/uefidump/uefidump.c
+++ b/src/uefi/uefidump/uefidump.c
@@ -51,7 +51,7 @@ static void uefidump_data_hexdump(fwts_framework *fw, uint8_t *data, size_t size
 {
 	size_t i;
 
-	for (i = 0; i < size; i+= 16) {
+	for (i = 0; i < size; i += 16) {
 		char buffer[128];
 		size_t left = size - i;
 
@@ -892,6 +892,13 @@ static void uefidump_info_signaturedatabase(fwts_framework *fw, fwts_uefi_var *v
 	fwts_uefi_signature_list *signature_list;
 	char guid_str[37];
 	size_t offset = 0, list_start = 0;
+	size_t i;
+	fwts_uefi_guid guid[] = { EFI_CERT_X509_GUID, EFI_CERT_SHA256_GUID, EFI_CERT_RSA2048_GUID, EFI_CERT_RSA2048_SHA256_GUID, \
+				    EFI_CERT_SHA1_GUID, EFI_CERT_RSA2048_SHA1_GUID, EFI_CERT_SHA224_GUID, EFI_CERT_SHA384_GUID, \
+				    EFI_CERT_SHA512_GUID, EFI_CERT_X509_SHA256_GUID, EFI_CERT_X509_SHA384_GUID, EFI_CERT_X509_SHA512_GUID };
+	char *str[] = { "EFI_CERT_X509_GUID", "EFI_CERT_SHA256_GUID", "EFI_CERT_RSA2048_GUID", "EFI_CERT_RSA2048_SHA256_GUID", \
+			  "EFI_CERT_SHA1_GUID", "EFI_CERT_RSA2048_SHA1_GUID", "EFI_CERT_SHA224_GUID", "EFI_CERT_SHA384_GUID", \
+			  "EFI_CERT_SHA512_GUID", "EFI_CERT_X509_SHA256_GUID", "EFI_CERT_X509_SHA384_GUID", "EFI_CERT_X509_SHA512_GUID" };
 
 	if (var->datalen < sizeof(fwts_uefi_signature_list))
 		return;
@@ -899,14 +906,19 @@ static void uefidump_info_signaturedatabase(fwts_framework *fw, fwts_uefi_var *v
 	do {
 		signature_list = (fwts_uefi_signature_list *)(var->data + list_start);
 		fwts_guid_buf_to_str(var->data, guid_str, sizeof(guid_str));
-		fwts_log_info_verbatum(fw, "  SignatureType: %s", guid_str);
+
+		for (i = 0; i < sizeof(guid)/sizeof(guid[0]); i++)
+			if (memcmp(var->data, &guid[i], sizeof(fwts_uefi_guid)) == 0)
+				break;
+
+		fwts_log_info_verbatum(fw, "  SignatureType: %s (%s)", guid_str, str[i]);
 		fwts_log_info_verbatum(fw, "  SignatureListSize: 0x%" PRIx32, signature_list->signaturelistsize);
 		fwts_log_info_verbatum(fw, "  SignatureHeaderSize: 0x%" PRIx32, signature_list->signatureheadersize);
 		fwts_log_info_verbatum(fw, "  SignatureSize: 0x%" PRIx32, signature_list->signaturesize);
 
 		offset = list_start + sizeof (fwts_uefi_signature_list);
 		if (signature_list->signatureheadersize > 0) {
-			fwts_log_info_verbatum(fw, "  SignatureHeader:");	
+			fwts_log_info_verbatum(fw, "  SignatureHeader:");
 			uefidump_data_hexdump(fw, (uint8_t *)(var->data + offset), signature_list->signatureheadersize);
 		}
 		offset += signature_list->signatureheadersize;