From b7c51c9cf4864df6aabb99a1ae843becd577237c Mon Sep 17 00:00:00 2001 From: raywu Date: Fri, 15 Jun 2018 00:00:50 +0800 Subject: init. 1AQQW051 --- Keys/FW/FWkey.sdl | 99 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 99 insertions(+) create mode 100644 Keys/FW/FWkey.sdl (limited to 'Keys/FW/FWkey.sdl') diff --git a/Keys/FW/FWkey.sdl b/Keys/FW/FWkey.sdl new file mode 100644 index 0000000..830f183 --- /dev/null +++ b/Keys/FW/FWkey.sdl @@ -0,0 +1,99 @@ +TOKEN + Name = "FWpub" + Value = "$(FWKey_DIR)\.pubkey" + Help = "Root of trust Key for signed BIOS verification.\Public portion of the Key is inserted as ffs file inside BIOS RTU (FV_BB)\RSA Key formatted as PKCS#1v2.1 ASN.1 or X.509 DER file." + TokenType = Expression + TargetMAK = Yes + Token = "FWCAPSULE_CERT_FORMAT" "=" "0" +End + +TOKEN + Name = "FWpriv" + Value = "$(FWKey_DIR)\.prikey" + Help = "A Signer Certificate Key in the FwCapsule Hdr.\Used as upgrade(new) key in 2-key signing model\RSA Key formatted as PKCS#1v2.1 ASN.1 or X.509 DER file." + TokenType = Expression + TargetMAK = Yes + Token = "FWCAPSULE_CERT_FORMAT" "=" "0" +End + +TOKEN + Name = "FWrootKey" + Value = "$(FWpriv)" + Help = "A Root Certificate key in the FwCapsule Hdr.\Used as back-up(old) key in a dual-key signing model(only for FWCAPSULE_CERT_FORMAT=0)" + TokenType = Expression + TargetMAK = Yes + Token = "FWCAPSULE_CERT_FORMAT" "=" "0" +End + +TOKEN + Name = "FWpub" + Value = "$(FWKey_DIR)\FW_pubKey.cer" + Help = "X.509 Certificate with Public key" + TokenType = Expression + TargetMAK = Yes + Token = "FWCAPSULE_CERT_FORMAT" "=" "1" +End + +TOKEN + Name = "FWpriv" + Value = "$(FWKey_DIR)\FW_priKey.pfx" + Help = "File name(.pfx) of Pkcs#12 key container with the private key used for signing of FwCapsule package" + TokenType = Expression + TargetMAK = Yes + Token = "FWCAPSULE_CERT_FORMAT" "=" "1" +End + +TOKEN + Name = "FW_PFX_Password" + Value = " " + Help = "Specifies the optional password to unlock PFX - PKCS#12 Private Key container file." + TokenType = Expression + TargetMAK = Yes +End + +TOKEN + Name = "FWKEY_FILE_SIZE" + Value = "256" + Help = "Default Key file size for RSA2048 Key. Don't change the value." + Lock = yes + TokenType = Integer + TargetMAK = Yes + Token = "FWKEY_FILE_FORMAT" "=" "0" +End + +TOKEN + Name = "FWKEY_FILE_SIZE" + Value = "32" + Help = "Default Key file size for SHA256 Hash. Don't change the value." + Lock = yes + TokenType = Integer + TargetMAK = Yes + Token = "FWKEY_FILE_FORMAT" "=" "1" +End + +TOKEN + Name = "FWKEY_FILE_SIZE" + Value = "1536" + Help = "Default key buffer size (1.5k) for x509 DER formatted Public key." + TokenType = Integer + TargetMAK = Yes + Token = "FWKEY_FILE_FORMAT" "=" "2" +End + +PATH + Name = "FWKey_DIR" + Help = "Path to default Platform FW Signing Key.\User may change this path to point to another location of FW Key." +End + +MODULE + File = "FWKey.mak" + Token = "CREATE_FWCAPSULE" "!=" "0" +End + +ELINK + Name = "$(BUILD_DIR)\FWkey.ffs" + Parent = "FV_BB" + Help = "Include Key FFS inside BIOS RTU (FV_BB)" + Token = "CREATE_FWCAPSULE" "!=" "0" + InvokeOrder = AfterParent +End -- cgit v1.2.3