Verify signature before verifying sbat levels

Verifying the validity of a files signature can protect from an attacker creating a file that exploits a potential issue in the sbat validation. If the signature is not checked first, an attacker can just create a file with a valid .sbat section and can still attack the signature validation. Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
author: Jan Setje-Eilers <jan.setjeeilers@oracle.com> 2023-06-26 18:41:50 -0700
committer: Peter Jones <pjones@redhat.com> 2023-06-27 14:58:25 -0400
commit: 61e989446849205d3e9eef2544f6d9bd87142933 (patch)
tree: da7c385c1cb6b11187dfa442dfcd1d1eeed348db
parent: 569270d8603d68308ad8bf8ef4cad4b09101d35e (diff)
download: efi-boot-shim-61e989446849205d3e9eef2544f6d9bd87142933.tar.gz
efi-boot-shim-61e989446849205d3e9eef2544f6d9bd87142933.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/shim.c b/shim.c
index 17afcabb..01e5e560 100644
--- a/shim.c
+++ b/shim.c
@@ -753,11 +753,11 @@ verify_buffer (char *data, int datasize,
 {
 	EFI_STATUS efi_status;
 
-	efi_status = verify_buffer_sbat(data, datasize, context);
+	efi_status = verify_buffer_authenticode(data, datasize, context, sha256hash, sha1hash);
 	if (EFI_ERROR(efi_status))
 		return efi_status;
 
-	return verify_buffer_authenticode(data, datasize, context, sha256hash, sha1hash);
+	return verify_buffer_sbat(data, datasize, context);
 }
 
 static int
author	Jan Setje-Eilers <jan.setjeeilers@oracle.com>	2023-06-26 18:41:50 -0700
committer	Peter Jones <pjones@redhat.com>	2023-06-27 14:58:25 -0400
commit	61e989446849205d3e9eef2544f6d9bd87142933 (patch)
tree	da7c385c1cb6b11187dfa442dfcd1d1eeed348db
parent	569270d8603d68308ad8bf8ef4cad4b09101d35e (diff)
download	efi-boot-shim-61e989446849205d3e9eef2544f6d9bd87142933.tar.gz efi-boot-shim-61e989446849205d3e9eef2544f6d9bd87142933.zip