diff options
author | Qin Long <qin.long@intel.com> | 2014-11-14 08:41:12 +0000 |
---|---|---|
committer | qlong <qlong@Edk2> | 2014-11-14 08:41:12 +0000 |
commit | 20333c6d566748d7c78c1b546ba8f37c6d253dea (patch) | |
tree | cdd1196a23f4b41bf0c732ea82b49a86b51ad6de /SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf | |
parent | 2e70cf8ade0dd1e023274f7358c7c72cfd17460c (diff) | |
download | edk2-20333c6d566748d7c78c1b546ba8f37c6d253dea.zip edk2-20333c6d566748d7c78c1b546ba8f37c6d253dea.tar.gz edk2-20333c6d566748d7c78c1b546ba8f37c6d253dea.tar.bz2 |
UEFI 2.4 X509 Certificate Hash and RFC3161 Timestamp Verification support for Secure Boot
Main ChangeLogs includes:
1. Introduce the new GUID and structure definitions for certificate hash and timestamp support;
2. Update Image Verification Library to support DBT signature checking;
3. Update the related SecureBoot Configuration Pages;
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>
Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16380 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf')
-rw-r--r-- | SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf | 27 |
1 files changed, 15 insertions, 12 deletions
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf index e6d21f5..ef400c4 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf @@ -62,40 +62,40 @@ ## SOMETIMES_CONSUMES ## Variable:L"CustomMode"
## SOMETIMES_PRODUCES ## Variable:L"CustomMode"
gEfiCustomModeEnableGuid
-
+
## SOMETIMES_CONSUMES ## Variable:L"SecureBootEnable"
## SOMETIMES_PRODUCES ## Variable:L"SecureBootEnable"
gEfiSecureBootEnableDisableGuid
-
+
## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.
## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
gEfiCertRsa2048Guid
-
+
## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.
- ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
+ ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
gEfiCertX509Guid
-
+
## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.
- ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
+ ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
gEfiCertSha1Guid
-
+
## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.
- ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
+ ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
gEfiCertSha256Guid
-
+
## SOMETIMES_CONSUMES ## Variable:L"db"
## SOMETIMES_PRODUCES ## Variable:L"db"
## SOMETIMES_CONSUMES ## Variable:L"dbx"
## SOMETIMES_PRODUCES ## Variable:L"dbx"
gEfiImageSecurityDatabaseGuid
-
+
## SOMETIMES_CONSUMES ## Variable:L"SetupMode"
## SOMETIMES_PRODUCES ## Variable:L"PK"
## SOMETIMES_CONSUMES ## Variable:L"KEK"
## SOMETIMES_PRODUCES ## Variable:L"KEK"
## SOMETIMES_CONSUMES ## Variable:L"SecureBoot"
gEfiGlobalVariableGuid
-
+
gEfiIfrTianoGuid ## PRODUCES ## GUID # HII opcode
## PRODUCES ## HII
## CONSUMES ## HII
@@ -105,6 +105,10 @@ gEfiFileSystemVolumeLabelInfoIdGuid ## SOMETIMES_CONSUMES ## GUID # Indicate the information type
gEfiFileInfoGuid ## SOMETIMES_CONSUMES ## GUID # Indicate the information type
+ gEfiCertX509Sha256Guid ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the certificate.
+ gEfiCertX509Sha384Guid ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the certificate.
+ gEfiCertX509Sha512Guid ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the certificate.
+
[Protocols]
gEfiHiiConfigAccessProtocolGuid ## PRODUCES
gEfiDevicePathProtocolGuid ## PRODUCES
@@ -119,4 +123,3 @@ [UserExtensions.TianoCore."ExtraFiles"]
SecureBootConfigDxeExtra.uni
-
\ No newline at end of file |