Fix EV_EFI_VARIABLE_AUTHORITY event in eventlog

Currently, for an EV_EFI_VARIABLE_AUTHORITY event, the shim puts only
EFI_SIGNATURE_DATA.SignatureData in the VariableData field, but omits
EFI_SIGNATURE_DATA.SignatureOwner. According to reference implementation
in EDK2, the entire EFI_SIGNATURE_DATA is put into the VariableData
field, shown here:
https://github.com/tianocore/edk2/blob/master/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c#L1032

1 files changed, 2 insertions, 2 deletions

diff --git a/shim.c b/shim.c
index fc8f151b..f9af1d83 100644
--- a/shim.c
+++ b/shim.c
@@ -184,7 +184,7 @@ static CHECK_STATUS check_db_cert_in_ram(EFI_SIGNATURE_LIST *CertList,
 								      hash, SHA256_DIGEST_SIZE);
 					if (IsFound) {
 						dprint(L"AuthenticodeVerify() succeeded: %d\n", IsFound);
-						tpm_measure_variable(dbname, guid, CertSize, Cert->SignatureData);
+						tpm_measure_variable(dbname, guid, CertList->SignatureSize, Cert);
 						drain_openssl_errors();
 						return DATA_FOUND;
 					} else {
@@ -249,7 +249,7 @@ static CHECK_STATUS check_db_hash_in_ram(EFI_SIGNATURE_LIST *CertList,
 					// Find the signature in database.
 					//
 					IsFound = TRUE;
-					tpm_measure_variable(dbname, guid, SignatureSize, data);
+					tpm_measure_variable(dbname, guid, CertList->SignatureSize, Cert);
 					break;
 				}