diff options
| author | Phil Noh <Phil.Noh@amd.com> | 2024-12-11 19:05:19 -0600 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2024-12-17 16:46:29 +0000 |
| commit | 30c8a73850b478042cc8e208298f37084940b9e7 (patch) | |
| tree | 1a7e7acd1dd7c0359685d88e05fd22e089f002b9 | |
| parent | 2c07ab6256a4e7ec78e5f6beecb03af18867e511 (diff) | |
| download | edk2-30c8a73850b478042cc8e208298f37084940b9e7.tar.gz | |
SecurityPkg/SecureBootConfigDxe: Enhance help in Delete Signature page
Currently "Delete Signature" Setup page lists enrolled signatures and each
signature is shown with signature GUID (prompt) and type (help). It is
possible for some signatures to be shown with same signature GUID and
type. In this case, it is difficult to identify the target signature to
delete. The update enhances help information to distinguish signatures.
Signed-off-by: Phil Noh <Phil.Noh@amd.com>
| -rw-r--r-- | SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c | 92 |
1 files changed, 46 insertions, 46 deletions
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c index 6d4560c39b..d4dc4e1402 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c @@ -1,6 +1,7 @@ /** @file
HII Config Access protocol implementation of SecureBoot configuration module.
+Copyright (C) 2024 Advanced Micro Devices, Inc. All rights reserved.<BR>
Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -15,6 +16,14 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Library/SecureBootVariableLib.h>
#include <Library/SecureBootVariableProvisionLib.h>
+EFI_STATUS
+FormatHelpInfo (
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
+ IN EFI_SIGNATURE_LIST *ListEntry,
+ IN EFI_SIGNATURE_DATA *DataEntry,
+ OUT EFI_STRING_ID *StringId
+ );
+
CHAR16 mSecureBootStorageName[] = L"SECUREBOOT_CONFIGURATION";
SECUREBOOT_CONFIG_PRIVATE_DATA mSecureBootConfigPrivateDateTemplate = {
@@ -2619,55 +2628,46 @@ UpdateDeletePage ( GuidIndex = 0;
while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
- if (CompareGuid (&CertList->SignatureType, &gEfiCertRsa2048Guid)) {
- Help = STRING_TOKEN (STR_CERT_TYPE_RSA2048_SHA256_GUID);
- } else if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
- Help = STRING_TOKEN (STR_CERT_TYPE_PCKS7_GUID);
- } else if (CompareGuid (&CertList->SignatureType, &gEfiCertSha1Guid)) {
- Help = STRING_TOKEN (STR_CERT_TYPE_SHA1_GUID);
- } else if (CompareGuid (&CertList->SignatureType, &gEfiCertSha256Guid)) {
- Help = STRING_TOKEN (STR_CERT_TYPE_SHA256_GUID);
- } else if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha256Guid)) {
- Help = STRING_TOKEN (STR_CERT_TYPE_X509_SHA256_GUID);
- } else if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha384Guid)) {
- Help = STRING_TOKEN (STR_CERT_TYPE_X509_SHA384_GUID);
- } else if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha512Guid)) {
- Help = STRING_TOKEN (STR_CERT_TYPE_X509_SHA512_GUID);
- } else {
- //
- // The signature type is not supported in current implementation.
- //
+ if (CompareGuid (&CertList->SignatureType, &gEfiCertRsa2048Guid) ||
+ CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid) ||
+ CompareGuid (&CertList->SignatureType, &gEfiCertSha1Guid) ||
+ CompareGuid (&CertList->SignatureType, &gEfiCertSha256Guid) ||
+ CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha256Guid) ||
+ CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha384Guid) ||
+ CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha512Guid)
+ )
+ {
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
+ for (Index = 0; Index < CertCount; Index++) {
+ Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList
+ + sizeof (EFI_SIGNATURE_LIST)
+ + CertList->SignatureHeaderSize
+ + Index * CertList->SignatureSize);
+ //
+ // Display GUID and help
+ //
+ GuidToString (&Cert->SignatureOwner, GuidStr, 100);
+ GuidID = HiiSetString (PrivateData->HiiHandle, 0, GuidStr, NULL);
+
+ Status = FormatHelpInfo (PrivateData, CertList, Cert, &Help);
+ if (!EFI_ERROR (Status)) {
+ HiiCreateCheckBoxOpCode (
+ StartOpCodeHandle,
+ (EFI_QUESTION_ID)(QuestionIdBase + GuidIndex++),
+ 0,
+ 0,
+ GuidID,
+ Help,
+ EFI_IFR_FLAG_CALLBACK,
+ 0,
+ NULL
+ );
+ }
+ }
+
ItemDataSize -= CertList->SignatureListSize;
CertList = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);
- continue;
}
-
- CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
- for (Index = 0; Index < CertCount; Index++) {
- Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList
- + sizeof (EFI_SIGNATURE_LIST)
- + CertList->SignatureHeaderSize
- + Index * CertList->SignatureSize);
- //
- // Display GUID and help
- //
- GuidToString (&Cert->SignatureOwner, GuidStr, 100);
- GuidID = HiiSetString (PrivateData->HiiHandle, 0, GuidStr, NULL);
- HiiCreateCheckBoxOpCode (
- StartOpCodeHandle,
- (EFI_QUESTION_ID)(QuestionIdBase + GuidIndex++),
- 0,
- 0,
- GuidID,
- Help,
- EFI_IFR_FLAG_CALLBACK,
- 0,
- NULL
- );
- }
-
- ItemDataSize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);
}
ON_EXIT:
|