From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jiewen.yao@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=134.134.136.20; helo=mga02.intel.com;
 envelope-from=jiewen.yao@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga02.intel.com (mga02.intel.com [134.134.136.20])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id A367F22497F36
 for <edk2-devel@lists.01.org>; Mon, 16 Apr 2018 01:42:41 -0700 (PDT)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga005.fm.intel.com ([10.253.24.32])
 by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 16 Apr 2018 01:42:41 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.48,459,1517904000"; d="scan'208";a="220727105"
Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201])
 by fmsmga005.fm.intel.com with ESMTP; 16 Apr 2018 01:42:41 -0700
Received: from fmsmsx125.amr.corp.intel.com (10.18.125.40) by
 FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Mon, 16 Apr 2018 01:42:40 -0700
Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by
 FMSMSX125.amr.corp.intel.com (10.18.125.40) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Mon, 16 Apr 2018 01:42:40 -0700
Received: from shsmsx104.ccr.corp.intel.com ([169.254.5.239]) by
 SHSMSX152.ccr.corp.intel.com ([169.254.6.197]) with mapi id 14.03.0319.002;
 Mon, 16 Apr 2018 16:42:38 +0800
From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "Zeng, Star" <star.zeng@intel.com>, "edk2-devel@lists.01.org"
 <edk2-devel@lists.01.org>
CC: "Zhang, Chao B" <chao.b.zhang@intel.com>, "Zeng, Star"
 <star.zeng@intel.com>
Thread-Topic: [edk2] [PATCH] SecurityPkg FmpAuthenticationLibRsa2048Sha256:
 Remove PCD reference
Thread-Index: AQHT1V64nEoRWt+GiES4+6Omna4p1aQDEvKg
Date: Mon, 16 Apr 2018 08:42:38 +0000
Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503AB64BB0@SHSMSX104.ccr.corp.intel.com>
References: <1523868068-143104-1-git-send-email-star.zeng@intel.com>
In-Reply-To: <1523868068-143104-1-git-send-email-star.zeng@intel.com>
Accept-Language: zh-CN, en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiZjMxMWVjYzYtMjZiYy00ZjY5LWExMjYtZmU1ZmYxZGJjZDhmIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjIuNS4xOCIsIlRydXN0ZWRMYWJlbEhhc2giOiJrdlRUbGhqTVE2V1dRWFNLVGFMRkhkQVpVdG9GNmJ3ZE9aQ0FUdzVMOTlvR0lCRE1yZVNyU3dPU1d5WW9CNkdDIn0=
x-ctpclassification: CTP_NT
dlp-product: dlpe-windows
dlp-version: 11.0.0.116
dlp-reaction: no-action
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: [PATCH] SecurityPkg FmpAuthenticationLibRsa2048Sha256: Remove PCD reference
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Apr 2018 08:42:41 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Good clean up.

Reviewed-by: Jiewen.yao@intel.com


> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of St=
ar
> Zeng
> Sent: Monday, April 16, 2018 4:41 PM
> To: edk2-devel@lists.01.org
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Zhang, Chao B
> <chao.b.zhang@intel.com>; Zeng, Star <star.zeng@intel.com>
> Subject: [edk2] [PATCH] SecurityPkg FmpAuthenticationLibRsa2048Sha256:
> Remove PCD reference
>=20
> PcdRsa2048Sha256PublicKeyBuffer is referenced but not used in the
> library, that makes me a little confusing.
> Actually, the PublicKeyData should be from the caller of
> AuthenticateFmpImage() as input parameter, for example
> EdkiiSystemCapsuleLib.
>=20
> This patch is to remove the PCD reference in this library instance
> to be aligned with FmpAuthenticationLibPkcs7 that does not reference
> PcdPkcs7CertBuffer.
>=20
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Star Zeng <star.zeng@intel.com>
> ---
>  .../FmpAuthenticationLibRsa2048Sha256.c                              |
> 4 ++--
>  .../FmpAuthenticationLibRsa2048Sha256.inf                            |
> 5 +----
>  2 files changed, 3 insertions(+), 6 deletions(-)
>=20
> diff --git
> a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticatio
> nLibRsa2048Sha256.c
> b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticatio
> nLibRsa2048Sha256.c
> index b40993fd1b00..038e12447782 100644
> ---
> a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticatio
> nLibRsa2048Sha256.c
> +++
> b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticatio
> nLibRsa2048Sha256.c
> @@ -10,7 +10,7 @@
>    FmpAuthenticatedHandlerRsa2048Sha256(), AuthenticateFmpImage() will
> receive
>    untrusted input and do basic validation.
>=20
> -  Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>
> +  Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
>    This program and the accompanying materials
>    are licensed and made available under the terms and conditions of the =
BSD
> License
>    which accompanies this distribution.  The full text of the license may=
 be
> found at
> @@ -133,7 +133,7 @@ FmpAuthenticatedHandlerRsa2048Sha256 (
>    }
>=20
>    //
> -  // Fail if the PublicKey is not one of the public keys in
> PcdRsa2048Sha256PublicKeyBuffer
> +  // Fail if the PublicKey is not one of the public keys in the input Pu=
blicKeyData.
>    //
>    PublicKey =3D (VOID *)PublicKeyData;
>    PublicKeyBufferSize =3D PublicKeyDataLength;
> diff --git
> a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticatio
> nLibRsa2048Sha256.inf
> b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticatio
> nLibRsa2048Sha256.inf
> index b190eca8805c..cdd22429c274 100644
> ---
> a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticatio
> nLibRsa2048Sha256.inf
> +++
> b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticatio
> nLibRsa2048Sha256.inf
> @@ -3,7 +3,7 @@
>  #
>  # Instance of FmpAuthentication Library for DXE/PEI post memory phase.
>  #
> -#  Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR=
>
> +#  Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR=
>
>  #  This program and the accompanying materials
>  #  are licensed and made available under the terms and conditions of the=
 BSD
> License
>  #  which accompanies this distribution.  The full text of the license ma=
y be
> found at
> @@ -45,9 +45,6 @@ [LibraryClasses]
>    MemoryAllocationLib
>    BaseCryptLib
>=20
> -[Pcd]
> -  gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer     ##
> CONSUMES
> -
>  [Guids]
>    gEfiCertTypeRsa2048Sha256Guid         ## SOMETIMES_CONSUMES
> ## GUID # Unique ID for the type of the certificate.
>    gEfiHashAlgorithmSha256Guid           ## SOMETIMES_CONSUMES
> ## GUID
> --
> 2.7.0.windows.1
>=20
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel