Check the vendor blacklist correctly

author: Gary Ching-Pang Lin <glin@suse.com> 2012-10-30 10:35:36 -0400
committer: Peter Jones <pjones@redhat.com> 2012-10-30 10:35:36 -0400
commit: 8b7685b212c2bbb2cd487a1171b07669dbe52a20 (patch)
tree: afbe73945f745cf3a55f7c61183c068cc92530fd
parent: ba00aadb4534b0d0012c5b6154882504e6b591db (diff)
download: efi-boot-shim-8b7685b212c2bbb2cd487a1171b07669dbe52a20.tar.gz
efi-boot-shim-8b7685b212c2bbb2cd487a1171b07669dbe52a20.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/shim.c b/shim.c
index 0cd89b43..81e42314 100644
--- a/shim.c
+++ b/shim.c
@@ -341,14 +341,14 @@ static EFI_STATUS check_blacklist (WIN_CERTIFICATE_EFI_PKCS *cert,
 
 	if (check_db_hash_in_ram(vendor_dbx, vendor_dbx_size, sha256hash,
 				 SHA256_DIGEST_SIZE, EfiHashSha256Guid) ==
-				DATA_NOT_FOUND)
+				DATA_FOUND)
 		return EFI_ACCESS_DENIED;
 	if (check_db_hash_in_ram(vendor_dbx, vendor_dbx_size, sha1hash,
 				 SHA1_DIGEST_SIZE, EfiHashSha1Guid) ==
-				DATA_NOT_FOUND)
+				DATA_FOUND)
 		return EFI_ACCESS_DENIED;
 	if (check_db_cert_in_ram(vendor_dbx, vendor_dbx_size, cert,
-				 sha256hash) == DATA_NOT_FOUND)
+				 sha256hash) == DATA_FOUND)
 		return EFI_ACCESS_DENIED;
 
 	if (check_db_hash(L"dbx", secure_var, sha256hash, SHA256_DIGEST_SIZE,
author	Gary Ching-Pang Lin <glin@suse.com>	2012-10-30 10:35:36 -0400
committer	Peter Jones <pjones@redhat.com>	2012-10-30 10:35:36 -0400
commit	8b7685b212c2bbb2cd487a1171b07669dbe52a20 (patch)
tree	afbe73945f745cf3a55f7c61183c068cc92530fd
parent	ba00aadb4534b0d0012c5b6154882504e6b591db (diff)
download	efi-boot-shim-8b7685b212c2bbb2cd487a1171b07669dbe52a20.tar.gz efi-boot-shim-8b7685b212c2bbb2cd487a1171b07669dbe52a20.zip