UEFI 2.4 X509 Certificate Hash and RFC3161 Timestamp Verification support for Secure Boot
Main ChangeLogs includes: 1. Introduce the new GUID and structure definitions for certificate hash and timestamp support; 2. Update Image Verification Library to support DBT signature checking; 3. Update the related SecureBoot Configuration Pages; Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> Reviewed-by: Siyuan Fu <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16380 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
@@ -62,40 +62,40 @@
|
||||
## SOMETIMES_CONSUMES ## Variable:L"CustomMode"
|
||||
## SOMETIMES_PRODUCES ## Variable:L"CustomMode"
|
||||
gEfiCustomModeEnableGuid
|
||||
|
||||
|
||||
## SOMETIMES_CONSUMES ## Variable:L"SecureBootEnable"
|
||||
## SOMETIMES_PRODUCES ## Variable:L"SecureBootEnable"
|
||||
gEfiSecureBootEnableDisableGuid
|
||||
|
||||
|
||||
## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.
|
||||
## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
|
||||
gEfiCertRsa2048Guid
|
||||
|
||||
|
||||
## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.
|
||||
## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
|
||||
## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
|
||||
gEfiCertX509Guid
|
||||
|
||||
|
||||
## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.
|
||||
## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
|
||||
## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
|
||||
gEfiCertSha1Guid
|
||||
|
||||
|
||||
## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.
|
||||
## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
|
||||
## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
|
||||
gEfiCertSha256Guid
|
||||
|
||||
|
||||
## SOMETIMES_CONSUMES ## Variable:L"db"
|
||||
## SOMETIMES_PRODUCES ## Variable:L"db"
|
||||
## SOMETIMES_CONSUMES ## Variable:L"dbx"
|
||||
## SOMETIMES_PRODUCES ## Variable:L"dbx"
|
||||
gEfiImageSecurityDatabaseGuid
|
||||
|
||||
|
||||
## SOMETIMES_CONSUMES ## Variable:L"SetupMode"
|
||||
## SOMETIMES_PRODUCES ## Variable:L"PK"
|
||||
## SOMETIMES_CONSUMES ## Variable:L"KEK"
|
||||
## SOMETIMES_PRODUCES ## Variable:L"KEK"
|
||||
## SOMETIMES_CONSUMES ## Variable:L"SecureBoot"
|
||||
gEfiGlobalVariableGuid
|
||||
|
||||
|
||||
gEfiIfrTianoGuid ## PRODUCES ## GUID # HII opcode
|
||||
## PRODUCES ## HII
|
||||
## CONSUMES ## HII
|
||||
@@ -105,6 +105,10 @@
|
||||
gEfiFileSystemVolumeLabelInfoIdGuid ## SOMETIMES_CONSUMES ## GUID # Indicate the information type
|
||||
gEfiFileInfoGuid ## SOMETIMES_CONSUMES ## GUID # Indicate the information type
|
||||
|
||||
gEfiCertX509Sha256Guid ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the certificate.
|
||||
gEfiCertX509Sha384Guid ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the certificate.
|
||||
gEfiCertX509Sha512Guid ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the certificate.
|
||||
|
||||
[Protocols]
|
||||
gEfiHiiConfigAccessProtocolGuid ## PRODUCES
|
||||
gEfiDevicePathProtocolGuid ## PRODUCES
|
||||
@@ -119,4 +123,3 @@
|
||||
|
||||
[UserExtensions.TianoCore."ExtraFiles"]
|
||||
SecureBootConfigDxeExtra.uni
|
||||
|
Reference in New Issue
Block a user