]>
Commit | Line | Data |
---|---|---|
0c18794e | 1 | ## @file\r |
60c944c7 DG |
2 | # Provides security service of image verification\r |
3 | #\r | |
4 | # This library hooks LoadImage() API to verify every image by the verification policy.\r | |
0c18794e | 5 | #\r |
dc204d5a JY |
6 | # Caution: This module requires additional review when modified.\r |
7 | # This library will have external input - PE/COFF image.\r | |
60c944c7 DG |
8 | # This external input must be validated carefully to avoid security issues such as\r |
9 | # buffer overflow or integer overflow.\r | |
dc204d5a | 10 | #\r |
4cecd19a | 11 | # Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>\r |
289b714b | 12 | # SPDX-License-Identifier: BSD-2-Clause-Patent\r |
0c18794e | 13 | #\r |
14 | ##\r | |
15 | \r | |
16 | [Defines]\r | |
17 | INF_VERSION = 0x00010005\r | |
60c944c7 DG |
18 | BASE_NAME = DxeImageVerificationLib\r |
19 | MODULE_UNI_FILE = DxeImageVerificationLib.uni\r | |
0c18794e | 20 | FILE_GUID = 0CA970E1-43FA-4402-BC0A-81AF336BFFD6\r |
21 | MODULE_TYPE = DXE_DRIVER\r | |
22 | VERSION_STRING = 1.0\r | |
4cecd19a | 23 | LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER\r |
0c18794e | 24 | CONSTRUCTOR = DxeImageVerificationLibConstructor\r |
25 | \r | |
26 | #\r | |
27 | # The following information is for reference only and not required by the build tools.\r | |
28 | #\r | |
4cecd19a | 29 | # VALID_ARCHITECTURES = IA32 X64 EBC\r |
0c18794e | 30 | #\r |
31 | \r | |
32 | [Sources]\r | |
33 | DxeImageVerificationLib.c\r | |
34 | DxeImageVerificationLib.h\r | |
c1d93242 | 35 | Measurement.c\r |
0c18794e | 36 | \r |
37 | [Packages]\r | |
38 | MdePkg/MdePkg.dec\r | |
39 | MdeModulePkg/MdeModulePkg.dec\r | |
40 | CryptoPkg/CryptoPkg.dec\r | |
41 | SecurityPkg/SecurityPkg.dec\r | |
42 | \r | |
43 | [LibraryClasses]\r | |
44 | MemoryAllocationLib\r | |
45 | BaseLib\r | |
46 | UefiLib\r | |
47 | UefiBootServicesTableLib\r | |
48 | UefiRuntimeServicesTableLib\r | |
49 | BaseMemoryLib\r | |
50 | DebugLib\r | |
51 | DevicePathLib\r | |
52 | BaseCryptLib\r | |
53 | SecurityManagementLib\r | |
28186d45 | 54 | PeCoffLib\r |
c1d93242 | 55 | TpmMeasurementLib\r |
0c18794e | 56 | \r |
57 | [Protocols]\r | |
60c944c7 DG |
58 | gEfiFirmwareVolume2ProtocolGuid ## SOMETIMES_CONSUMES\r |
59 | gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES\r | |
60 | gEfiSimpleFileSystemProtocolGuid ## SOMETIMES_CONSUMES\r | |
61 | \r | |
0c18794e | 62 | [Guids]\r |
60c944c7 DG |
63 | ## SOMETIMES_CONSUMES ## Variable:L"DB"\r |
64 | ## SOMETIMES_CONSUMES ## Variable:L"DBX"\r | |
20333c6d | 65 | ## SOMETIMES_CONSUMES ## Variable:L"DBT"\r |
60c944c7 DG |
66 | ## PRODUCES ## SystemTable\r |
67 | ## CONSUMES ## SystemTable\r | |
0c18794e | 68 | gEfiImageSecurityDatabaseGuid\r |
60c944c7 DG |
69 | \r |
70 | ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r | |
71 | ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.\r | |
0c18794e | 72 | gEfiCertSha1Guid\r |
20333c6d | 73 | \r |
60c944c7 DG |
74 | ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r |
75 | ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.\r | |
0c18794e | 76 | gEfiCertSha256Guid\r |
60c944c7 | 77 | \r |
20333c6d QL |
78 | ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r |
79 | ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.\r | |
80 | gEfiCertSha384Guid\r | |
81 | \r | |
82 | ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r | |
83 | ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.\r | |
84 | gEfiCertSha512Guid\r | |
85 | \r | |
60c944c7 | 86 | gEfiCertX509Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r |
20333c6d QL |
87 | gEfiCertX509Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r |
88 | gEfiCertX509Sha384Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r | |
89 | gEfiCertX509Sha512Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r | |
60c944c7 | 90 | gEfiCertPkcs7Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the certificate.\r |
20333c6d | 91 | \r |
0c18794e | 92 | [Pcd]\r |
60c944c7 DG |
93 | gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy ## SOMETIMES_CONSUMES\r |
94 | gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy ## SOMETIMES_CONSUMES\r | |
95 | gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy ## SOMETIMES_CONSUMES\r |