SecurityPkg: Create library for enrolling Secure Boot variables.
This commits add library, which consist functions to enrolll Secure Boot keys and initialize Secure Boot default variables. Some of the functions was moved from SecureBootConfigImpl.c file. Signed-off-by: Grzegorz Bernacki <gjb@semihalf.com> Reviewed-by: Sunny Wang <sunny.wang@arm.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
This commit is contained in:
committed by
mergify[bot]
parent
bb806a6e88
commit
9732659698
@@ -0,0 +1,79 @@
|
||||
## @file
|
||||
# Provides initialization of Secure Boot keys and databases.
|
||||
#
|
||||
# Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>
|
||||
# Copyright (c) 2021, Semihalf All rights reserved.<BR>
|
||||
#
|
||||
# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||
#
|
||||
##
|
||||
|
||||
[Defines]
|
||||
INF_VERSION = 0x00010005
|
||||
BASE_NAME = SecureBootVariableLib
|
||||
MODULE_UNI_FILE = SecureBootVariableLib.uni
|
||||
FILE_GUID = 18192DD0-9430-45F1-80C7-5C52061CD183
|
||||
MODULE_TYPE = DXE_DRIVER
|
||||
VERSION_STRING = 1.0
|
||||
LIBRARY_CLASS = SecureBootVariableProvisionLib|DXE_DRIVER DXE_RUNTIME_DRIVER UEFI_APPLICATION
|
||||
|
||||
#
|
||||
# The following information is for reference only and not required by the build tools.
|
||||
#
|
||||
# VALID_ARCHITECTURES = IA32 X64 AARCH64
|
||||
#
|
||||
|
||||
[Sources]
|
||||
SecureBootVariableProvisionLib.c
|
||||
|
||||
[Packages]
|
||||
MdePkg/MdePkg.dec
|
||||
MdeModulePkg/MdeModulePkg.dec
|
||||
SecurityPkg/SecurityPkg.dec
|
||||
CryptoPkg/CryptoPkg.dec
|
||||
|
||||
[LibraryClasses]
|
||||
BaseLib
|
||||
BaseMemoryLib
|
||||
DebugLib
|
||||
MemoryAllocationLib
|
||||
BaseCryptLib
|
||||
DxeServicesLib
|
||||
SecureBootVariableLib
|
||||
|
||||
[Guids]
|
||||
## CONSUMES ## Variable:L"SetupMode"
|
||||
## PRODUCES ## Variable:L"SetupMode"
|
||||
## CONSUMES ## Variable:L"SecureBoot"
|
||||
## PRODUCES ## Variable:L"SecureBoot"
|
||||
## PRODUCES ## Variable:L"PK"
|
||||
## PRODUCES ## Variable:L"KEK"
|
||||
## CONSUMES ## Variable:L"PKDefault"
|
||||
## CONSUMES ## Variable:L"KEKDefault"
|
||||
## CONSUMES ## Variable:L"dbDefault"
|
||||
## CONSUMES ## Variable:L"dbxDefault"
|
||||
## CONSUMES ## Variable:L"dbtDefault"
|
||||
gEfiGlobalVariableGuid
|
||||
|
||||
## SOMETIMES_CONSUMES ## Variable:L"DB"
|
||||
## SOMETIMES_CONSUMES ## Variable:L"DBX"
|
||||
## SOMETIMES_CONSUMES ## Variable:L"DBT"
|
||||
gEfiImageSecurityDatabaseGuid
|
||||
|
||||
## CONSUMES ## Variable:L"SecureBootEnable"
|
||||
## PRODUCES ## Variable:L"SecureBootEnable"
|
||||
gEfiSecureBootEnableDisableGuid
|
||||
|
||||
## CONSUMES ## Variable:L"CustomMode"
|
||||
## PRODUCES ## Variable:L"CustomMode"
|
||||
gEfiCustomModeEnableGuid
|
||||
|
||||
gEfiCertTypeRsa2048Sha256Guid ## CONSUMES
|
||||
gEfiCertX509Guid ## CONSUMES
|
||||
gEfiCertPkcs7Guid ## CONSUMES
|
||||
|
||||
gDefaultPKFileGuid
|
||||
gDefaultKEKFileGuid
|
||||
gDefaultdbFileGuid
|
||||
gDefaultdbxFileGuid
|
||||
gDefaultdbtFileGuid
|
Reference in New Issue
Block a user