Blob Blame Raw
From jwboyer@redhat.com Tue Dec 11 11:12:04 2012
Return-Path: jwboyer@redhat.com
Received: from zmta04.collab.prod.int.phx2.redhat.com (LHLO
 zmta04.collab.prod.int.phx2.redhat.com) (10.5.81.11) by
 zmail14.collab.prod.int.phx2.redhat.com with LMTP; Tue, 11 Dec 2012
 11:12:04 -0500 (EST)
Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12])
	by zmta04.collab.prod.int.phx2.redhat.com (Postfix) with ESMTP id 02F16D0D4D
	for <pjones@mail.corp.redhat.com>; Tue, 11 Dec 2012 11:12:04 -0500 (EST)
Received: from hansolo.jdub.homelinux.org ([10.3.113.16])
	by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id qBBGC1N7022642
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO);
	Tue, 11 Dec 2012 11:12:03 -0500
Date: Tue, 11 Dec 2012 11:12:01 -0500
From: Josh Boyer <jwboyer@redhat.com>
To: pjones@redhat.com
Cc: mjg59@srcf.ucam.org
Subject: [PATCH] Fix SignatureSize field when importing a new cert
Message-ID: <20121211161200.GA999@hansolo.jdub.homelinux.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Scanned-By: MIMEDefang 2.67 on 10.5.11.12
Status: RO
Content-Length: 842
Lines: 25

The SignatureSize field should be the length of the certificate plus
16 per the UEFI spec.  Remove the extraneous addition of
sizeof(EFI_SIGNATURE_DATA) from the calculation so that certs enrolled
in MokListRT are parsable.
---
 src/mokutil.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/mokutil-0.1.0/src/mokutil.c b/mokutil-0.1.0/src/mokutil.c
index ca46488..f94aee4 100644
--- a/mokutil-0.1.0/src/mokutil.c
+++ b/mokutil-0.1.0/src/mokutil.c
@@ -485,8 +485,7 @@ import_moks (char **files, uint32_t total)
 		CertList->SignatureListSize = sizes[i] +
 		   sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_SIGNATURE_DATA) - 1;
 		CertList->SignatureHeaderSize = 0;
-		CertList->SignatureSize = sizes[i] +
-			sizeof(EFI_SIGNATURE_DATA) + 16;
+		CertList->SignatureSize = sizes[i] + 16;
 		CertData->SignatureOwner = SHIM_LOCK_GUID;
 
 		fd = open (files[i], O_RDONLY);
-- 
1.8.0.1