I've been playing around with the Intel Galileo embedded quark SoC and Secure Boot and have run into a problem with enrolling hashes. It turns out the hash algorithm in DxeImageVerificationLib is wrong in most cases for unsigned IA32 binaries because they're not padded at the end. Signed IA32 binaries are padded because the signature table at the end has to be aligned, so this is only a problem with hashes.
James --- James Bottomley (1): DxeImageVerificationLib: Fix bug in padding leading to wrong hashes .../DxeImageVerificationLib/DxeImageVerificationLib.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) ------------------------------------------------------------------------------ New Year. New Location. New Benefits. New Data Center in Ashburn, VA. GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth. Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/sfu/gigenet _______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel
