blob: 658e3547da379d7aefcf2019c3a96dd1806a7f0a [file] [log] [blame]
AKASHI Takahiro1faaca42020-04-14 11:51:39 +09001// SPDX-License-Identifier: GPL-2.0+
2/*
3 * Copyright (c) 2018 Patrick Wildt <patrick@blueri.se>
4 * Copyright (c) 2019 Linaro Limited, Author: AKASHI Takahiro
5 */
6
7#include <common.h>
8#include <charset.h>
9#include <efi_loader.h>
10#include <image.h>
11#include <hexdump.h>
12#include <malloc.h>
13#include <linux/compat.h>
14#include <linux/oid_registry.h>
15#include <u-boot/rsa.h>
16#include <u-boot/sha256.h>
17#include "../lib/crypto/pkcs7_parser.h"
18
19const efi_guid_t efi_guid_image_security_database =
20 EFI_IMAGE_SECURITY_DATABASE_GUID;
21const efi_guid_t efi_guid_sha256 = EFI_CERT_SHA256_GUID;
22const efi_guid_t efi_guid_cert_rsa2048 = EFI_CERT_RSA2048_GUID;
23const efi_guid_t efi_guid_cert_x509 = EFI_CERT_X509_GUID;
24const efi_guid_t efi_guid_cert_x509_sha256 = EFI_CERT_X509_SHA256_GUID;
25
26#ifdef CONFIG_EFI_SECURE_BOOT
27
28/**
29 * efi_hash_regions - calculate a hash value
30 * @regs: List of regions
31 * @hash: Pointer to a pointer to buffer holding a hash value
32 * @size: Size of buffer to be returned
33 *
34 * Calculate a sha256 value of @regs and return a value in @hash.
35 *
36 * Return: true on success, false on error
37 */
38static bool efi_hash_regions(struct efi_image_regions *regs, void **hash,
39 size_t *size)
40{
41 *size = 0;
42 *hash = calloc(1, SHA256_SUM_LEN);
43 if (!*hash) {
44 debug("Out of memory\n");
45 return false;
46 }
47 *size = SHA256_SUM_LEN;
48
49 hash_calculate("sha256", regs->reg, regs->num, *hash);
50#ifdef DEBUG
51 debug("hash calculated:\n");
52 print_hex_dump(" ", DUMP_PREFIX_OFFSET, 16, 1,
53 *hash, SHA256_SUM_LEN, false);
54#endif
55
56 return true;
57}
58
59/**
60 * efi_hash_msg_content - calculate a hash value of contentInfo
61 * @msg: Signature
62 * @hash: Pointer to a pointer to buffer holding a hash value
63 * @size: Size of buffer to be returned
64 *
65 * Calculate a sha256 value of contentInfo in @msg and return a value in @hash.
66 *
67 * Return: true on success, false on error
68 */
69static bool efi_hash_msg_content(struct pkcs7_message *msg, void **hash,
70 size_t *size)
71{
72 struct image_region regtmp;
73
74 *size = 0;
75 *hash = calloc(1, SHA256_SUM_LEN);
76 if (!*hash) {
77 debug("Out of memory\n");
78 free(msg);
79 return false;
80 }
81 *size = SHA256_SUM_LEN;
82
83 regtmp.data = msg->data;
84 regtmp.size = msg->data_len;
85
86 hash_calculate("sha256", &regtmp, 1, *hash);
87#ifdef DEBUG
88 debug("hash calculated based on contentInfo:\n");
89 print_hex_dump(" ", DUMP_PREFIX_OFFSET, 16, 1,
90 *hash, SHA256_SUM_LEN, false);
91#endif
92
93 return true;
94}
95
96/**
97 * efi_signature_verify - verify a signature with a certificate
98 * @regs: List of regions to be authenticated
99 * @signed_info: Pointer to PKCS7's signed_info
100 * @cert: x509 certificate
101 *
102 * Signature pointed to by @signed_info against image pointed to by @regs
103 * is verified by a certificate pointed to by @cert.
104 * @signed_info holds a signature, including a message digest which is to be
105 * compared with a hash value calculated from @regs.
106 *
107 * Return: true if signature is verified, false if not
108 */
109static bool efi_signature_verify(struct efi_image_regions *regs,
110 struct pkcs7_message *msg,
111 struct pkcs7_signed_info *ps_info,
112 struct x509_certificate *cert)
113{
114 struct image_sign_info info;
115 struct image_region regtmp[2];
116 void *hash;
117 size_t size;
118 char c;
119 bool verified;
120
121 debug("%s: Enter, %p, %p, %p(issuer: %s, subject: %s)\n", __func__,
122 regs, ps_info, cert, cert->issuer, cert->subject);
123
124 verified = false;
125
126 memset(&info, '\0', sizeof(info));
127 info.padding = image_get_padding_algo("pkcs-1.5");
128 /*
129 * Note: image_get_[checksum|crypto]_algo takes an string
130 * argument like "<checksum>,<crypto>"
131 * TODO: support other hash algorithms
132 */
133 if (!strcmp(ps_info->sig->hash_algo, "sha1")) {
134 info.checksum = image_get_checksum_algo("sha1,rsa2048");
135 info.name = "sha1,rsa2048";
136 } else if (!strcmp(ps_info->sig->hash_algo, "sha256")) {
137 info.checksum = image_get_checksum_algo("sha256,rsa2048");
138 info.name = "sha256,rsa2048";
139 } else {
140 debug("unknown msg digest algo: %s\n", ps_info->sig->hash_algo);
141 goto out;
142 }
143 info.crypto = image_get_crypto_algo(info.name);
144
145 info.key = cert->pub->key;
146 info.keylen = cert->pub->keylen;
147
148 /* verify signature */
149 debug("%s: crypto: %s, signature len:%x\n", __func__,
150 info.name, ps_info->sig->s_size);
151 if (ps_info->aa_set & (1UL << sinfo_has_message_digest)) {
152 debug("%s: RSA verify authentication attribute\n", __func__);
153 /*
154 * NOTE: This path will be executed only for
155 * PE image authentication
156 */
157
158 /* check if hash matches digest first */
159 debug("checking msg digest first, len:0x%x\n",
160 ps_info->msgdigest_len);
161
162#ifdef DEBUG
163 debug("hash in database:\n");
164 print_hex_dump(" ", DUMP_PREFIX_OFFSET, 16, 1,
165 ps_info->msgdigest, ps_info->msgdigest_len,
166 false);
167#endif
168 /* against contentInfo first */
169 if ((msg->data && efi_hash_msg_content(msg, &hash, &size)) ||
170 /* for signed image */
171 efi_hash_regions(regs, &hash, &size)) {
172 /* for authenticated variable */
173 if (ps_info->msgdigest_len != size ||
174 memcmp(hash, ps_info->msgdigest, size)) {
175 debug("Digest doesn't match\n");
176 free(hash);
177 goto out;
178 }
179
180 free(hash);
181 } else {
182 debug("Digesting image failed\n");
183 goto out;
184 }
185
186 /* against digest */
187 c = 0x31;
188 regtmp[0].data = &c;
189 regtmp[0].size = 1;
190 regtmp[1].data = ps_info->authattrs;
191 regtmp[1].size = ps_info->authattrs_len;
192
193 if (!rsa_verify(&info, regtmp, 2,
194 ps_info->sig->s, ps_info->sig->s_size))
195 verified = true;
196 } else {
197 debug("%s: RSA verify content data\n", __func__);
198 /* against all data */
199 if (!rsa_verify(&info, regs->reg, regs->num,
200 ps_info->sig->s, ps_info->sig->s_size))
201 verified = true;
202 }
203
204out:
205 debug("%s: Exit, verified: %d\n", __func__, verified);
206 return verified;
207}
208
209/**
210 * efi_signature_verify_with_list - verify a signature with signature list
211 * @regs: List of regions to be authenticated
212 * @msg: Signature
213 * @signed_info: Pointer to PKCS7's signed_info
214 * @siglist: Signature list for certificates
215 * @valid_cert: x509 certificate that verifies this signature
216 *
217 * Signature pointed to by @signed_info against image pointed to by @regs
218 * is verified by signature list pointed to by @siglist.
219 * Signature database is a simple concatenation of one or more
220 * signature list(s).
221 *
222 * Return: true if signature is verified, false if not
223 */
224static
225bool efi_signature_verify_with_list(struct efi_image_regions *regs,
226 struct pkcs7_message *msg,
227 struct pkcs7_signed_info *signed_info,
228 struct efi_signature_store *siglist,
229 struct x509_certificate **valid_cert)
230{
231 struct x509_certificate *cert;
232 struct efi_sig_data *sig_data;
233 bool verified = false;
234
235 debug("%s: Enter, %p, %p, %p, %p\n", __func__,
236 regs, signed_info, siglist, valid_cert);
237
238 if (!signed_info) {
239 void *hash;
240 size_t size;
241
242 debug("%s: unsigned image\n", __func__);
243 /*
244 * verify based on calculated hash value
245 * TODO: support other hash algorithms
246 */
247 if (guidcmp(&siglist->sig_type, &efi_guid_sha256)) {
248 debug("Digest algorithm is not supported: %pUl\n",
249 &siglist->sig_type);
250 goto out;
251 }
252
253 if (!efi_hash_regions(regs, &hash, &size)) {
254 debug("Digesting unsigned image failed\n");
255 goto out;
256 }
257
258 /* go through the list */
259 for (sig_data = siglist->sig_data_list; sig_data;
260 sig_data = sig_data->next) {
261#ifdef DEBUG
262 debug("Msg digest in database:\n");
263 print_hex_dump(" ", DUMP_PREFIX_OFFSET, 16, 1,
264 sig_data->data, sig_data->size, false);
265#endif
266 if ((sig_data->size == size) &&
267 !memcmp(sig_data->data, hash, size)) {
268 verified = true;
269 free(hash);
270 goto out;
271 }
272 }
273 free(hash);
274 goto out;
275 }
276
277 debug("%s: signed image\n", __func__);
278 if (guidcmp(&siglist->sig_type, &efi_guid_cert_x509)) {
279 debug("Signature type is not supported: %pUl\n",
280 &siglist->sig_type);
281 goto out;
282 }
283
284 /* go through the list */
285 for (sig_data = siglist->sig_data_list; sig_data;
286 sig_data = sig_data->next) {
287 /* TODO: support owner check based on policy */
288
289 cert = x509_cert_parse(sig_data->data, sig_data->size);
290 if (IS_ERR(cert)) {
291 debug("Parsing x509 certificate failed\n");
292 goto out;
293 }
294
295 verified = efi_signature_verify(regs, msg, signed_info, cert);
296
297 if (verified) {
298 if (valid_cert)
299 *valid_cert = cert;
300 else
301 x509_free_certificate(cert);
302 break;
303 }
304 x509_free_certificate(cert);
305 }
306
307out:
308 debug("%s: Exit, verified: %d\n", __func__, verified);
309 return verified;
310}
311
312/**
313 * efi_signature_verify_with_sigdb - verify a signature with db
314 * @regs: List of regions to be authenticated
315 * @msg: Signature
316 * @db: Signature database for trusted certificates
317 * @cert: x509 certificate that verifies this signature
318 *
319 * Signature pointed to by @msg against image pointed to by @regs
320 * is verified by signature database pointed to by @db.
321 *
322 * Return: true if signature is verified, false if not
323 */
324bool efi_signature_verify_with_sigdb(struct efi_image_regions *regs,
325 struct pkcs7_message *msg,
326 struct efi_signature_store *db,
327 struct x509_certificate **cert)
328{
329 struct pkcs7_signed_info *info;
330 struct efi_signature_store *siglist;
331 bool verified = false;
332
333 debug("%s: Enter, %p, %p, %p, %p\n", __func__, regs, msg, db, cert);
334
335 if (!db)
336 goto out;
337
338 if (!db->sig_data_list)
339 goto out;
340
341 /* for unsigned image */
342 if (!msg) {
343 debug("%s: Verify unsigned image with db\n", __func__);
344 for (siglist = db; siglist; siglist = siglist->next)
345 if (efi_signature_verify_with_list(regs, NULL, NULL,
346 siglist, cert)) {
347 verified = true;
348 goto out;
349 }
350
351 goto out;
352 }
353
354 /* for signed image or variable */
355 debug("%s: Verify signed image with db\n", __func__);
356 for (info = msg->signed_infos; info; info = info->next) {
357 debug("Signed Info: digest algo: %s, pkey algo: %s\n",
358 info->sig->hash_algo, info->sig->pkey_algo);
359
360 for (siglist = db; siglist; siglist = siglist->next) {
361 if (efi_signature_verify_with_list(regs, msg, info,
362 siglist, cert)) {
363 verified = true;
364 goto out;
365 }
366 }
367 }
368
369out:
370 debug("%s: Exit, verified: %d\n", __func__, verified);
371 return verified;
372}
373
374/**
375 * efi_search_siglist - search signature list for a certificate
376 * @cert: x509 certificate
377 * @siglist: Signature list
378 * @revoc_time: Pointer to buffer for revocation time
379 *
380 * Search signature list pointed to by @siglist and find a certificate
381 * pointed to by @cert.
382 * If found, revocation time that is specified in signature database is
383 * returned in @revoc_time.
384 *
385 * Return: true if certificate is found, false if not
386 */
387static bool efi_search_siglist(struct x509_certificate *cert,
388 struct efi_signature_store *siglist,
389 time64_t *revoc_time)
390{
391 struct image_region reg[1];
392 void *hash = NULL, *msg = NULL;
393 struct efi_sig_data *sig_data;
394 bool found = false;
395
396 /* can be null */
397 if (!siglist->sig_data_list)
398 return false;
399
400 if (guidcmp(&siglist->sig_type, &efi_guid_cert_x509_sha256)) {
401 /* TODO: other hash algos */
402 debug("Certificate's digest type is not supported: %pUl\n",
403 &siglist->sig_type);
404 goto out;
405 }
406
407 /* calculate hash of TBSCertificate */
408 msg = calloc(1, SHA256_SUM_LEN);
409 if (!msg) {
410 debug("Out of memory\n");
411 goto out;
412 }
413
414 hash = calloc(1, SHA256_SUM_LEN);
415 if (!hash) {
416 debug("Out of memory\n");
417 goto out;
418 }
419
420 reg[0].data = cert->tbs;
421 reg[0].size = cert->tbs_size;
422 hash_calculate("sha256", reg, 1, msg);
423
424 /* go through signature list */
425 for (sig_data = siglist->sig_data_list; sig_data;
426 sig_data = sig_data->next) {
427 /*
428 * struct efi_cert_x509_sha256 {
429 * u8 tbs_hash[256/8];
430 * time64_t revocation_time;
431 * };
432 */
433 if ((sig_data->size == SHA256_SUM_LEN) &&
434 !memcmp(sig_data->data, hash, SHA256_SUM_LEN)) {
435 memcpy(revoc_time, sig_data->data + SHA256_SUM_LEN,
436 sizeof(*revoc_time));
437 found = true;
438 goto out;
439 }
440 }
441
442out:
443 free(hash);
444 free(msg);
445
446 return found;
447}
448
449/**
450 * efi_signature_verify_cert - verify a certificate with dbx
451 * @cert: x509 certificate
452 * @dbx: Signature database
453 *
454 * Search signature database pointed to by @dbx and find a certificate
455 * pointed to by @cert.
456 * This function is expected to be used against "dbx".
457 *
458 * Return: true if a certificate is not rejected, false otherwise.
459 */
460bool efi_signature_verify_cert(struct x509_certificate *cert,
461 struct efi_signature_store *dbx)
462{
463 struct efi_signature_store *siglist;
464 time64_t revoc_time;
465 bool found = false;
466
467 debug("%s: Enter, %p, %p\n", __func__, dbx, cert);
468
469 if (!cert)
470 return false;
471
472 for (siglist = dbx; siglist; siglist = siglist->next) {
473 if (efi_search_siglist(cert, siglist, &revoc_time)) {
474 /* TODO */
475 /* compare signing time with revocation time */
476
477 found = true;
478 break;
479 }
480 }
481
482 debug("%s: Exit, verified: %d\n", __func__, !found);
483 return !found;
484}
485
486/**
487 * efi_signature_verify_signers - verify signers' certificates with dbx
488 * @msg: Signature
489 * @dbx: Signature database
490 *
491 * Determine if any of signers' certificates in @msg may be verified
492 * by any of certificates in signature database pointed to by @dbx.
493 * This function is expected to be used against "dbx".
494 *
495 * Return: true if none of certificates is rejected, false otherwise.
496 */
497bool efi_signature_verify_signers(struct pkcs7_message *msg,
498 struct efi_signature_store *dbx)
499{
500 struct pkcs7_signed_info *info;
501 bool found = false;
502
503 debug("%s: Enter, %p, %p\n", __func__, msg, dbx);
504
505 if (!msg)
506 goto out;
507
508 for (info = msg->signed_infos; info; info = info->next) {
509 if (info->signer &&
510 !efi_signature_verify_cert(info->signer, dbx)) {
511 found = true;
512 goto out;
513 }
514 }
515out:
516 debug("%s: Exit, verified: %d\n", __func__, !found);
517 return !found;
518}
519
520/**
521 * efi_image_region_add - add an entry of region
522 * @regs: Pointer to array of regions
523 * @start: Start address of region
524 * @end: End address of region
525 * @nocheck: flag against overlapped regions
526 *
527 * Take one entry of region [@start, @end] and append it to the list
528 * pointed to by @regs. If @nocheck is false, overlapping among entries
529 * will be checked first.
530 *
531 * Return: 0 on success, status code (negative) on error
532 */
533efi_status_t efi_image_region_add(struct efi_image_regions *regs,
534 const void *start, const void *end,
535 int nocheck)
536{
537 struct image_region *reg;
538 int i, j;
539
540 if (regs->num >= regs->max) {
541 debug("%s: no more room for regions\n", __func__);
542 return EFI_OUT_OF_RESOURCES;
543 }
544
545 if (end < start)
546 return EFI_INVALID_PARAMETER;
547
548 for (i = 0; i < regs->num; i++) {
549 reg = &regs->reg[i];
550 if (nocheck)
551 continue;
552
553 if (start > reg->data + reg->size)
554 continue;
555
556 if ((start >= reg->data && start < reg->data + reg->size) ||
557 (end > reg->data && end < reg->data + reg->size)) {
558 debug("%s: new region already part of another\n",
559 __func__);
560 return EFI_INVALID_PARAMETER;
561 }
562
563 if (start < reg->data && end < reg->data + reg->size) {
564 for (j = regs->num - 1; j >= i; j--)
565 memcpy(&regs->reg[j], &regs->reg[j + 1],
566 sizeof(*reg));
567 break;
568 }
569 }
570
571 reg = &regs->reg[i];
572 reg->data = start;
573 reg->size = end - start;
574 regs->num++;
575
576 return EFI_SUCCESS;
577}
AKASHI Takahirod2cefc82020-04-14 11:51:40 +0900578
579/**
580 * efi_sigstore_free - free signature store
581 * @sigstore: Pointer to signature store structure
582 *
583 * Feee all the memories held in signature store and itself,
584 * which were allocated by efi_sigstore_parse_sigdb().
585 */
586void efi_sigstore_free(struct efi_signature_store *sigstore)
587{
588 struct efi_signature_store *sigstore_next;
589 struct efi_sig_data *sig_data, *sig_data_next;
590
591 while (sigstore) {
592 sigstore_next = sigstore->next;
593
594 sig_data = sigstore->sig_data_list;
595 while (sig_data) {
596 sig_data_next = sig_data->next;
597 free(sig_data->data);
598 free(sig_data);
599 sig_data = sig_data_next;
600 }
601
602 free(sigstore);
603 sigstore = sigstore_next;
604 }
605}
606
607/**
608 * efi_sigstore_parse_siglist - parse a signature list
609 * @name: Pointer to signature list
610 *
611 * Parse signature list and instantiate a signature store structure.
612 * Signature database is a simple concatenation of one or more
613 * signature list(s).
614 *
615 * Return: Pointer to signature store on success, NULL on error
616 */
617static struct efi_signature_store *
618efi_sigstore_parse_siglist(struct efi_signature_list *esl)
619{
620 struct efi_signature_store *siglist = NULL;
621 struct efi_sig_data *sig_data, *sig_data_next;
622 struct efi_signature_data *esd;
623 size_t left;
624
625 /*
626 * UEFI specification defines certificate types:
627 * for non-signed images,
628 * EFI_CERT_SHA256_GUID
629 * EFI_CERT_RSA2048_GUID
630 * EFI_CERT_RSA2048_SHA256_GUID
631 * EFI_CERT_SHA1_GUID
632 * EFI_CERT_RSA2048_SHA_GUID
633 * EFI_CERT_SHA224_GUID
634 * EFI_CERT_SHA384_GUID
635 * EFI_CERT_SHA512_GUID
636 *
637 * for signed images,
638 * EFI_CERT_X509_GUID
639 * NOTE: Each certificate will normally be in a separate
640 * EFI_SIGNATURE_LIST as the size may vary depending on
641 * its algo's.
642 *
643 * for timestamp revocation of certificate,
644 * EFI_CERT_X509_SHA512_GUID
645 * EFI_CERT_X509_SHA256_GUID
646 * EFI_CERT_X509_SHA384_GUID
647 */
648
649 if (esl->signature_list_size
650 <= (sizeof(*esl) + esl->signature_header_size)) {
651 debug("Siglist in wrong format\n");
652 return NULL;
653 }
654
655 /* Create a head */
656 siglist = calloc(sizeof(*siglist), 1);
657 if (!siglist) {
658 debug("Out of memory\n");
659 goto err;
660 }
661 memcpy(&siglist->sig_type, &esl->signature_type, sizeof(efi_guid_t));
662
663 /* Go through the list */
664 sig_data_next = NULL;
665 left = esl->signature_list_size
666 - (sizeof(*esl) + esl->signature_header_size);
667 esd = (struct efi_signature_data *)
668 ((u8 *)esl + sizeof(*esl) + esl->signature_header_size);
669
670 while ((left > 0) && left >= esl->signature_size) {
671 /* Signature must exist if there is remaining data. */
672 if (left < esl->signature_size) {
673 debug("Certificate is too small\n");
674 goto err;
675 }
676
677 sig_data = calloc(esl->signature_size
678 - sizeof(esd->signature_owner), 1);
679 if (!sig_data) {
680 debug("Out of memory\n");
681 goto err;
682 }
683
684 /* Append signature data */
685 memcpy(&sig_data->owner, &esd->signature_owner,
686 sizeof(efi_guid_t));
687 sig_data->size = esl->signature_size
688 - sizeof(esd->signature_owner);
689 sig_data->data = malloc(sig_data->size);
690 if (!sig_data->data) {
691 debug("Out of memory\n");
692 goto err;
693 }
694 memcpy(sig_data->data, esd->signature_data, sig_data->size);
695
696 sig_data->next = sig_data_next;
697 sig_data_next = sig_data;
698
699 /* Next */
700 esd = (struct efi_signature_data *)
701 ((u8 *)esd + esl->signature_size);
702 left -= esl->signature_size;
703 }
704 siglist->sig_data_list = sig_data_next;
705
706 return siglist;
707
708err:
709 efi_sigstore_free(siglist);
710
711 return NULL;
712}
713
714/**
715 * efi_sigstore_parse_sigdb - parse a signature database variable
716 * @name: Variable's name
717 *
718 * Read in a value of signature database variable pointed to by
719 * @name, parse it and instantiate a signature store structure.
720 *
721 * Return: Pointer to signature store on success, NULL on error
722 */
723struct efi_signature_store *efi_sigstore_parse_sigdb(u16 *name)
724{
725 struct efi_signature_store *sigstore = NULL, *siglist;
726 struct efi_signature_list *esl;
727 const efi_guid_t *vendor;
728 void *db;
729 efi_uintn_t db_size;
730 efi_status_t ret;
731
732 if (!u16_strcmp(name, L"PK") || !u16_strcmp(name, L"KEK")) {
733 vendor = &efi_global_variable_guid;
734 } else if (!u16_strcmp(name, L"db") || !u16_strcmp(name, L"dbx")) {
735 vendor = &efi_guid_image_security_database;
736 } else {
737 debug("unknown signature database, %ls\n", name);
738 return NULL;
739 }
740
741 /* retrieve variable data */
742 db_size = 0;
743 ret = EFI_CALL(efi_get_variable(name, vendor, NULL, &db_size, NULL));
744 if (ret == EFI_NOT_FOUND) {
745 debug("variable, %ls, not found\n", name);
746 sigstore = calloc(sizeof(*sigstore), 1);
747 return sigstore;
748 } else if (ret != EFI_BUFFER_TOO_SMALL) {
749 debug("Getting variable, %ls, failed\n", name);
750 return NULL;
751 }
752
753 db = malloc(db_size);
754 if (!db) {
755 debug("Out of memory\n");
756 return NULL;
757 }
758
759 ret = EFI_CALL(efi_get_variable(name, vendor, NULL, &db_size, db));
760 if (ret != EFI_SUCCESS) {
761 debug("Getting variable, %ls, failed\n", name);
762 goto err;
763 }
764
765 /* Parse siglist list */
766 esl = db;
767 while (db_size > 0) {
768 /* List must exist if there is remaining data. */
769 if (db_size < sizeof(*esl)) {
770 debug("variable, %ls, in wrong format\n", name);
771 goto err;
772 }
773
774 if (db_size < esl->signature_list_size) {
775 debug("variable, %ls, in wrong format\n", name);
776 goto err;
777 }
778
779 /* Parse a single siglist. */
780 siglist = efi_sigstore_parse_siglist(esl);
781 if (!siglist) {
782 debug("Parsing signature list of %ls failed\n", name);
783 goto err;
784 }
785
786 /* Append siglist */
787 siglist->next = sigstore;
788 sigstore = siglist;
789
790 /* Next */
791 db_size -= esl->signature_list_size;
792 esl = (void *)esl + esl->signature_list_size;
793 }
794 free(db);
795
796 return sigstore;
797
798err:
799 efi_sigstore_free(sigstore);
800 free(db);
801
802 return NULL;
803}
AKASHI Takahiro1faaca42020-04-14 11:51:39 +0900804#endif /* CONFIG_EFI_SECURE_BOOT */