diff options
Diffstat (limited to 'Keys/FW/FWkey.sdl')
-rw-r--r-- | Keys/FW/FWkey.sdl | 99 |
1 files changed, 99 insertions, 0 deletions
diff --git a/Keys/FW/FWkey.sdl b/Keys/FW/FWkey.sdl new file mode 100644 index 0000000..830f183 --- /dev/null +++ b/Keys/FW/FWkey.sdl @@ -0,0 +1,99 @@ +TOKEN + Name = "FWpub" + Value = "$(FWKey_DIR)\.pubkey" + Help = "Root of trust Key for signed BIOS verification.\Public portion of the Key is inserted as ffs file inside BIOS RTU (FV_BB)\RSA Key formatted as PKCS#1v2.1 ASN.1 or X.509 DER file." + TokenType = Expression + TargetMAK = Yes + Token = "FWCAPSULE_CERT_FORMAT" "=" "0" +End + +TOKEN + Name = "FWpriv" + Value = "$(FWKey_DIR)\.prikey" + Help = "A Signer Certificate Key in the FwCapsule Hdr.\Used as upgrade(new) key in 2-key signing model\RSA Key formatted as PKCS#1v2.1 ASN.1 or X.509 DER file." + TokenType = Expression + TargetMAK = Yes + Token = "FWCAPSULE_CERT_FORMAT" "=" "0" +End + +TOKEN + Name = "FWrootKey" + Value = "$(FWpriv)" + Help = "A Root Certificate key in the FwCapsule Hdr.\Used as back-up(old) key in a dual-key signing model(only for FWCAPSULE_CERT_FORMAT=0)" + TokenType = Expression + TargetMAK = Yes + Token = "FWCAPSULE_CERT_FORMAT" "=" "0" +End + +TOKEN + Name = "FWpub" + Value = "$(FWKey_DIR)\FW_pubKey.cer" + Help = "X.509 Certificate with Public key" + TokenType = Expression + TargetMAK = Yes + Token = "FWCAPSULE_CERT_FORMAT" "=" "1" +End + +TOKEN + Name = "FWpriv" + Value = "$(FWKey_DIR)\FW_priKey.pfx" + Help = "File name(.pfx) of Pkcs#12 key container with the private key used for signing of FwCapsule package" + TokenType = Expression + TargetMAK = Yes + Token = "FWCAPSULE_CERT_FORMAT" "=" "1" +End + +TOKEN + Name = "FW_PFX_Password" + Value = " " + Help = "Specifies the optional password to unlock PFX - PKCS#12 Private Key container file." + TokenType = Expression + TargetMAK = Yes +End + +TOKEN + Name = "FWKEY_FILE_SIZE" + Value = "256" + Help = "Default Key file size for RSA2048 Key. Don't change the value." + Lock = yes + TokenType = Integer + TargetMAK = Yes + Token = "FWKEY_FILE_FORMAT" "=" "0" +End + +TOKEN + Name = "FWKEY_FILE_SIZE" + Value = "32" + Help = "Default Key file size for SHA256 Hash. Don't change the value." + Lock = yes + TokenType = Integer + TargetMAK = Yes + Token = "FWKEY_FILE_FORMAT" "=" "1" +End + +TOKEN + Name = "FWKEY_FILE_SIZE" + Value = "1536" + Help = "Default key buffer size (1.5k) for x509 DER formatted Public key." + TokenType = Integer + TargetMAK = Yes + Token = "FWKEY_FILE_FORMAT" "=" "2" +End + +PATH + Name = "FWKey_DIR" + Help = "Path to default Platform FW Signing Key.\User may change this path to point to another location of FW Key." +End + +MODULE + File = "FWKey.mak" + Token = "CREATE_FWCAPSULE" "!=" "0" +End + +ELINK + Name = "$(BUILD_DIR)\FWkey.ffs" + Parent = "FV_BB" + Help = "Include Key FFS inside BIOS RTU (FV_BB)" + Token = "CREATE_FWCAPSULE" "!=" "0" + InvokeOrder = AfterParent +End |