1 files changed, 99 insertions, 0 deletions

diff --git a/Keys/FW/FWkey.sdl b/Keys/FW/FWkey.sdl
new file mode 100644
index 0000000..830f183
--- /dev/null
+++ b/Keys/FW/FWkey.sdl
@@ -0,0 +1,99 @@
+TOKEN
+	Name  = "FWpub"
+	Value  = "$(FWKey_DIR)\.pubkey"
+	Help  = "Root of trust Key for signed BIOS verification.\Public portion of the Key is inserted as ffs file inside BIOS RTU (FV_BB)\RSA Key formatted as PKCS#1v2.1 ASN.1 or X.509 DER file."
+	TokenType = Expression
+	TargetMAK = Yes
+	Token = "FWCAPSULE_CERT_FORMAT" "=" "0"
+End
+
+TOKEN
+	Name  = "FWpriv"
+	Value  = "$(FWKey_DIR)\.prikey"
+	Help  = "A Signer Certificate Key in the FwCapsule Hdr.\Used as upgrade(new) key in 2-key signing model\RSA Key formatted as PKCS#1v2.1 ASN.1 or X.509 DER file."
+	TokenType = Expression
+	TargetMAK = Yes
+	Token = "FWCAPSULE_CERT_FORMAT" "=" "0"
+End
+
+TOKEN
+	Name  = "FWrootKey"
+	Value  = "$(FWpriv)"
+	Help  = "A Root Certificate key in the FwCapsule Hdr.\Used as back-up(old) key in a dual-key signing model(only for FWCAPSULE_CERT_FORMAT=0)"
+	TokenType = Expression
+	TargetMAK = Yes
+	Token = "FWCAPSULE_CERT_FORMAT" "=" "0"	
+End
+
+TOKEN
+	Name  = "FWpub"
+	Value  = "$(FWKey_DIR)\FW_pubKey.cer"
+	Help  = "X.509 Certificate with Public key"
+	TokenType = Expression
+	TargetMAK = Yes
+	Token = "FWCAPSULE_CERT_FORMAT" "=" "1"
+End
+
+TOKEN
+	Name  = "FWpriv"
+	Value  = "$(FWKey_DIR)\FW_priKey.pfx"
+	Help  = "File name(.pfx) of Pkcs#12 key container with the private key used for signing of FwCapsule package"
+	TokenType = Expression
+	TargetMAK = Yes
+	Token = "FWCAPSULE_CERT_FORMAT" "=" "1"
+End
+
+TOKEN
+	Name  = "FW_PFX_Password"
+	Value  = " "
+	Help  = "Specifies the optional password to unlock PFX - PKCS#12 Private Key container file."
+	TokenType = Expression
+	TargetMAK = Yes
+End
+
+TOKEN
+	Name  = "FWKEY_FILE_SIZE"
+	Value  = "256"
+	Help  = "Default Key file size for RSA2048 Key. Don't change the value."
+	Lock = yes
+	TokenType = Integer
+	TargetMAK = Yes
+	Token = "FWKEY_FILE_FORMAT" "=" "0"
+End
+
+TOKEN
+	Name  = "FWKEY_FILE_SIZE"
+	Value  = "32"
+	Help  = "Default Key file size for SHA256 Hash. Don't change the value."
+	Lock = yes
+	TokenType = Integer
+	TargetMAK = Yes
+	Token = "FWKEY_FILE_FORMAT" "=" "1"
+End
+
+TOKEN
+	Name  = "FWKEY_FILE_SIZE"
+	Value  = "1536"
+	Help  = "Default key buffer size (1.5k) for x509 DER formatted Public key."
+	TokenType = Integer
+	TargetMAK = Yes
+	Token = "FWKEY_FILE_FORMAT" "=" "2"
+End
+
+PATH
+	Name  = "FWKey_DIR"
+	Help  = "Path to default Platform FW Signing Key.\User may change this path to point to another location of FW Key."
+End
+
+MODULE
+	File  = "FWKey.mak"
+	Token = "CREATE_FWCAPSULE" "!=" "0"
+End
+
+ELINK
+	Name  = "$(BUILD_DIR)\FWkey.ffs"
+	Parent  = "FV_BB"
+	Help  = "Include Key FFS inside BIOS RTU (FV_BB)"
+	Token = "CREATE_FWCAPSULE" "!=" "0"
+	InvokeOrder = AfterParent
+End