Update common authenticated variable (non PK/KEK/DB/DBX) support to comply with latest UEFI spec.

Signed-off by: tye1 Reviewed-by: geekboy15a Reviewed-by: sfu5 Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13157 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-31 04:42:20 +00:00
parent 9622df63df
commit ed47ae0274
6 changed files with 661 additions and 26 deletions
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
@@ -2,7 +2,7 @@
  The internal header file includes the common header files, defines
  internal structure and functions used by AuthService module.

-Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -56,6 +56,23 @@ typedef struct {
  UINT32      SigDataSize;
 } EFI_SIGNATURE_ITEM;

+typedef enum {
+  AuthVarTypePk,
+  AuthVarTypeKek,
+  AuthVarTypePriv
+} AUTHVAR_TYPE;
+
+#pragma pack(1)
+typedef struct {
+  EFI_GUID    VendorGuid;
+  UINT32      CertNodeSize;
+  UINT32      NameSize;
+  UINT32      CertDataSize;
+  /// CHAR16  VariableName[NameSize];
+  /// UINT8   CertData[CertDataSize];
+} AUTH_CERT_DB_DATA;
+#pragma pack()
+
 /**
  Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS/EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.

@@ -247,7 +264,7 @@ CompareTimeStamp (
                                          data, this value contains the required size.
  @param[in]  Variable                    The variable information which is used to keep track of variable usage.
  @param[in]  Attributes                  Attribute value of the variable.
-  @param[in]  Pk                          Verify against PK or KEK database.
+  @param[in]  AuthVarType                 Verify against PK or KEK database or private database.
  @param[out] VarDel                      Delete the variable or not.

  @retval EFI_INVALID_PARAMETER           Invalid parameter.
@@ -266,7 +283,7 @@ VerifyTimeBasedPayload (
  IN     UINTN                              DataSize,
  IN     VARIABLE_POINTER_TRACK             *Variable,
  IN     UINT32                             Attributes,
-  IN     BOOLEAN                            Pk,
+  IN     AUTHVAR_TYPE                       AuthVarType,
  OUT    BOOLEAN                            *VarDel
  );