Skip to content

Commit

Permalink
ShimToCert: Handle empty certificate section
Browse files Browse the repository at this point in the history
  • Loading branch information
@mikebeaton
mikebeaton committed Aug 19, 2023
1 parent 7df036e commit d3e59e7
Showing 1 changed file with 10 additions and 1 deletion.
11 changes: 10 additions & 1 deletion Utilities/ShimToCert/shim-to-cert.tool
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,10 @@ vendor_deauthorized_offset=$(dd if="$sectfile" ibs=1 skip=12 count=4 2>/dev/null
# extract cert or db
certfile=$(mktemp) || { rm "$sectfile"; exit 1; }

dd if="$sectfile" ibs=1 skip="$vendor_authorized_offset" count="$vendor_authorized_size" 2>/dev/null > "$certfile" || { rm "$sectfile"; rm "$certfile"; exit 1; }
# extract db
if [ "$vendor_authorized_size" -ne "0" ]; then
dd if="$sectfile" ibs=1 skip="$vendor_authorized_offset" count="$vendor_authorized_size" 2>/dev/null > "$certfile" || { rm "$sectfile"; rm "$certfile"; exit 1; }
fi

# extract dbx
if [ "$vendor_deauthorized_size" -ne "0" ]; then
Expand All @@ -51,6 +54,12 @@ fi

rm "$sectfile"

if [ "$vendor_authorized_size" -eq "0" ]; then
echo "Empty vendor_authorized section."
rm "$certfile"
exit 0
fi

# valid as single cert?
openssl x509 -noout -inform der -in "$certfile" 2>/dev/null

Expand Down

0 comments on commit d3e59e7

Please sign in to comment.