Re: PKCS7 Authenticated Variable Enrollment


Wadhawan, Divneil R
 

Hi Guomin,

I have moved forward from the last discussion, and the tools work okay for RSA2048/SHA256.
Once I have the next update, I will notify it here.

Regards,
Divneil

-----Original Message-----
From: Jiang, Guomin <guomin.jiang@...>
Sent: Wednesday, May 27, 2020 4:34 PM
To: rfc@edk2.groups.io; Wadhawan, Divneil R <divneil.r.wadhawan@...>
Subject: RE: [edk2-rfc] PKCS7 Authenticated Variable Enrollment

I am sorry that I have not the use case, and I plan to investigating it after August.

-----Original Message-----
From: rfc@edk2.groups.io <rfc@edk2.groups.io> On Behalf Of
divneil.r.wadhawan@...
Sent: Wednesday, May 27, 2020 6:54 PM
To: Jiang, Guomin <guomin.jiang@...>; rfc@edk2.groups.io
Subject: Re: [edk2-rfc] PKCS7 Authenticated Variable Enrollment

Hi Goumin,

I had discussion internally, and I got hold off tools from:
https://git.kernel.org/pub/scm/linux/kernel/git/jejb/efitools.git.
It is generating the correct format as per
EFI_VARIABLE_AUTHENTICATION_2.

So, I thought of first validating RSA2048 Sign verification and it is failing.
I still have to figure out that. Do you have a working use case which
uses
PKCS7 format and PKCS7_verify works?

Regards,
Divneil

Join rfc@edk2.groups.io to automatically receive all group messages.