From 20333c6d566748d7c78c1b546ba8f37c6d253dea Mon Sep 17 00:00:00 2001 From: Qin Long Date: Fri, 14 Nov 2014 08:41:12 +0000 Subject: UEFI 2.4 X509 Certificate Hash and RFC3161 Timestamp Verification support for Secure Boot Main ChangeLogs includes: 1. Introduce the new GUID and structure definitions for certificate hash and timestamp support; 2. Update Image Verification Library to support DBT signature checking; 3. Update the related SecureBoot Configuration Pages; Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long Reviewed-by: Guo Dong Reviewed-by: Siyuan Fu git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16380 6f19259b-4bc3-4df7-8a09-765794883524 --- .../SecureBootConfigDxe/SecureBootConfigDxe.inf | 27 ++++++++++++---------- 1 file changed, 15 insertions(+), 12 deletions(-) (limited to 'SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf') diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf index e6d21f5e69..ef400c47b9 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf @@ -62,40 +62,40 @@ ## SOMETIMES_CONSUMES ## Variable:L"CustomMode" ## SOMETIMES_PRODUCES ## Variable:L"CustomMode" gEfiCustomModeEnableGuid - + ## SOMETIMES_CONSUMES ## Variable:L"SecureBootEnable" ## SOMETIMES_PRODUCES ## Variable:L"SecureBootEnable" gEfiSecureBootEnableDisableGuid - + ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature. gEfiCertRsa2048Guid - + ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. - ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature. + ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature. gEfiCertX509Guid - + ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. - ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature. + ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature. gEfiCertSha1Guid - + ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. - ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature. + ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature. gEfiCertSha256Guid - + ## SOMETIMES_CONSUMES ## Variable:L"db" ## SOMETIMES_PRODUCES ## Variable:L"db" ## SOMETIMES_CONSUMES ## Variable:L"dbx" ## SOMETIMES_PRODUCES ## Variable:L"dbx" gEfiImageSecurityDatabaseGuid - + ## SOMETIMES_CONSUMES ## Variable:L"SetupMode" ## SOMETIMES_PRODUCES ## Variable:L"PK" ## SOMETIMES_CONSUMES ## Variable:L"KEK" ## SOMETIMES_PRODUCES ## Variable:L"KEK" ## SOMETIMES_CONSUMES ## Variable:L"SecureBoot" gEfiGlobalVariableGuid - + gEfiIfrTianoGuid ## PRODUCES ## GUID # HII opcode ## PRODUCES ## HII ## CONSUMES ## HII @@ -105,6 +105,10 @@ gEfiFileSystemVolumeLabelInfoIdGuid ## SOMETIMES_CONSUMES ## GUID # Indicate the information type gEfiFileInfoGuid ## SOMETIMES_CONSUMES ## GUID # Indicate the information type + gEfiCertX509Sha256Guid ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the certificate. + gEfiCertX509Sha384Guid ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the certificate. + gEfiCertX509Sha512Guid ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the certificate. + [Protocols] gEfiHiiConfigAccessProtocolGuid ## PRODUCES gEfiDevicePathProtocolGuid ## PRODUCES @@ -119,4 +123,3 @@ [UserExtensions.TianoCore."ExtraFiles"] SecureBootConfigDxeExtra.uni - \ No newline at end of file -- cgit v1.2.3