[mirror_edk2.git] / SecurityPkg / Library / DxeImageVerificationLib / DxeImageVerificationLib.inf

## @file\r
#  Provides security service of image verification\r
#\r
#  This library hooks LoadImage() API to verify every image by the verification policy.\r
#\r
#  Caution: This module requires additional review when modified.\r
#  This library will have external input - PE/COFF image.\r
#  This external input must be validated carefully to avoid security issues such as\r
#  buffer overflow or integer overflow.\r
#\r
# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>\r
# SPDX-License-Identifier: BSD-2-Clause-Patent\r
#\r
##\r
\r
[Defines]\r
  INF_VERSION                    = 0x00010005\r
  BASE_NAME                      = DxeImageVerificationLib\r
  MODULE_UNI_FILE                = DxeImageVerificationLib.uni\r
  FILE_GUID                      = 0CA970E1-43FA-4402-BC0A-81AF336BFFD6\r
  MODULE_TYPE                    = DXE_DRIVER\r
  VERSION_STRING                 = 1.0\r
  LIBRARY_CLASS                  = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER\r
  CONSTRUCTOR                    = DxeImageVerificationLibConstructor\r
\r
#\r
# The following information is for reference only and not required by the build tools.\r
#\r
#  VALID_ARCHITECTURES           = IA32 X64 EBC\r
#\r
\r
[Sources]\r
  DxeImageVerificationLib.c\r
  DxeImageVerificationLib.h\r
  Measurement.c\r
\r
[Packages]\r
  MdePkg/MdePkg.dec\r
  MdeModulePkg/MdeModulePkg.dec\r
  CryptoPkg/CryptoPkg.dec\r
  SecurityPkg/SecurityPkg.dec\r
\r
[LibraryClasses]\r
  MemoryAllocationLib\r
  BaseLib\r
  UefiLib\r
  UefiBootServicesTableLib\r
  UefiRuntimeServicesTableLib\r
  BaseMemoryLib\r
  DebugLib\r
  DevicePathLib\r
  BaseCryptLib\r
  SecurityManagementLib\r
  PeCoffLib\r
  TpmMeasurementLib\r
\r
[Protocols]\r
  gEfiFirmwareVolume2ProtocolGuid       ## SOMETIMES_CONSUMES\r
  gEfiBlockIoProtocolGuid               ## SOMETIMES_CONSUMES\r
  gEfiSimpleFileSystemProtocolGuid      ## SOMETIMES_CONSUMES\r
\r
[Guids]\r
  ## SOMETIMES_CONSUMES   ## Variable:L"DB"\r
  ## SOMETIMES_CONSUMES   ## Variable:L"DBX"\r
  ## SOMETIMES_CONSUMES   ## Variable:L"DBT"\r
  ## PRODUCES             ## SystemTable\r
  ## CONSUMES             ## SystemTable\r
  gEfiImageSecurityDatabaseGuid\r
\r
  ## SOMETIMES_CONSUMES   ## GUID       # Unique ID for the type of the signature.\r
  ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.\r
  gEfiCertSha1Guid\r
\r
  ## SOMETIMES_CONSUMES   ## GUID       # Unique ID for the type of the signature.\r
  ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.\r
  gEfiCertSha256Guid\r
\r
  ## SOMETIMES_CONSUMES   ## GUID       # Unique ID for the type of the signature.\r
  ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.\r
  gEfiCertSha384Guid\r
\r
  ## SOMETIMES_CONSUMES   ## GUID       # Unique ID for the type of the signature.\r
  ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.\r
  gEfiCertSha512Guid\r
\r
  gEfiCertX509Guid                      ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.\r
  gEfiCertX509Sha256Guid                ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.\r
  gEfiCertX509Sha384Guid                ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.\r
  gEfiCertX509Sha512Guid                ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.\r
  gEfiCertPkcs7Guid                     ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the certificate.\r
\r
[Pcd]\r
  gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy          ## SOMETIMES_CONSUMES\r
  gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy     ## SOMETIMES_CONSUMES\r
  gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy         ## SOMETIMES_CONSUMES\r
Commit	Line	Data
0c18794e	1	## @file\r
60c944c7 DG	2	# Provides security service of image verification\r
	3	#\r
	4	# This library hooks LoadImage() API to verify every image by the verification policy.\r
0c18794e	5	#\r
dc204d5a JY	6	# Caution: This module requires additional review when modified.\r
dc204d5a JY	7	# This library will have external input - PE/COFF image.\r
60c944c7 DG	8	# This external input must be validated carefully to avoid security issues such as\r
60c944c7 DG	9	# buffer overflow or integer overflow.\r
dc204d5a	10	#\r
4cecd19a	11	# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>\r
289b714b	12	# SPDX-License-Identifier: BSD-2-Clause-Patent\r
0c18794e	13	#\r
	14	##\r
	15	\r
	16	[Defines]\r
	17	INF_VERSION = 0x00010005\r
60c944c7 DG	18	BASE_NAME = DxeImageVerificationLib\r
60c944c7 DG	19	MODULE_UNI_FILE = DxeImageVerificationLib.uni\r
0c18794e	20	FILE_GUID = 0CA970E1-43FA-4402-BC0A-81AF336BFFD6\r
	21	MODULE_TYPE = DXE_DRIVER\r
	22	VERSION_STRING = 1.0\r
4cecd19a	23	LIBRARY_CLASS = NULL\|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER\r
0c18794e	24	CONSTRUCTOR = DxeImageVerificationLibConstructor\r
	25	\r
	26	#\r
	27	# The following information is for reference only and not required by the build tools.\r
	28	#\r
4cecd19a	29	# VALID_ARCHITECTURES = IA32 X64 EBC\r
0c18794e	30	#\r
	31	\r
	32	[Sources]\r
	33	DxeImageVerificationLib.c\r
	34	DxeImageVerificationLib.h\r
c1d93242	35	Measurement.c\r
0c18794e	36	\r
	37	[Packages]\r
	38	MdePkg/MdePkg.dec\r
	39	MdeModulePkg/MdeModulePkg.dec\r
	40	CryptoPkg/CryptoPkg.dec\r
	41	SecurityPkg/SecurityPkg.dec\r
	42	\r
	43	[LibraryClasses]\r
	44	MemoryAllocationLib\r
	45	BaseLib\r
	46	UefiLib\r
	47	UefiBootServicesTableLib\r
	48	UefiRuntimeServicesTableLib\r
	49	BaseMemoryLib\r
	50	DebugLib\r
	51	DevicePathLib\r
	52	BaseCryptLib\r
	53	SecurityManagementLib\r
28186d45	54	PeCoffLib\r
c1d93242	55	TpmMeasurementLib\r
0c18794e	56	\r
0c18794e	57	[Protocols]\r
60c944c7 DG	58	gEfiFirmwareVolume2ProtocolGuid ## SOMETIMES_CONSUMES\r
	59	gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES\r
	60	gEfiSimpleFileSystemProtocolGuid ## SOMETIMES_CONSUMES\r
	61	\r
0c18794e	62	[Guids]\r
60c944c7 DG	63	## SOMETIMES_CONSUMES ## Variable:L"DB"\r
60c944c7 DG	64	## SOMETIMES_CONSUMES ## Variable:L"DBX"\r
20333c6d	65	## SOMETIMES_CONSUMES ## Variable:L"DBT"\r
60c944c7 DG	66	## PRODUCES ## SystemTable\r
60c944c7 DG	67	## CONSUMES ## SystemTable\r
0c18794e	68	gEfiImageSecurityDatabaseGuid\r
60c944c7 DG	69	\r
	70	## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r
	71	## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.\r
0c18794e	72	gEfiCertSha1Guid\r
20333c6d	73	\r
60c944c7 DG	74	## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r
60c944c7 DG	75	## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.\r
0c18794e	76	gEfiCertSha256Guid\r
60c944c7	77	\r
20333c6d QL	78	## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r
	79	## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.\r
	80	gEfiCertSha384Guid\r
	81	\r
	82	## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r
	83	## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.\r
	84	gEfiCertSha512Guid\r
	85	\r
60c944c7	86	gEfiCertX509Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r
20333c6d QL	87	gEfiCertX509Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r
	88	gEfiCertX509Sha384Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r
	89	gEfiCertX509Sha512Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r
60c944c7	90	gEfiCertPkcs7Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the certificate.\r
20333c6d	91	\r
0c18794e	92	[Pcd]\r
60c944c7 DG	93	gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy ## SOMETIMES_CONSUMES\r
	94	gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy ## SOMETIMES_CONSUMES\r
	95	gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy ## SOMETIMES_CONSUMES\r