OvmfPkg: add library class BlobVerifierLib with null implementation

[mirror_edk2.git] / OvmfPkg / Include / Library / BlobVerifierLib.h

diff --git a/OvmfPkg/Include/Library/BlobVerifierLib.h b/OvmfPkg/Include/Library/BlobVerifierLib.h
new file mode 100644 (file)
index 0000000..65c01af
--- /dev/null
+++ b/OvmfPkg/Include/Library/BlobVerifierLib.h
@@ -0,0 +1,38 @@
+/** @file\r
+\r
+  Blob verification library\r
+\r
+  This library class allows verifiying whether blobs from external sources\r
+  (such as QEMU's firmware config) are trusted.\r
+\r
+  Copyright (C) 2021, IBM Corporation\r
+\r
+  SPDX-License-Identifier: BSD-2-Clause-Patent\r
+**/\r
+\r
+#ifndef BLOB_VERIFIER_LIB_H_\r
+#define BLOB_VERIFIER_LIB_H_\r
+\r
+#include <Uefi/UefiBaseType.h>\r
+#include <Base.h>\r
+\r
+/**\r
+  Verify blob from an external source.\r
+\r
+  @param[in] BlobName           The name of the blob\r
+  @param[in] Buf                The data of the blob\r
+  @param[in] BufSize            The size of the blob in bytes\r
+\r
+  @retval EFI_SUCCESS           The blob was verified successfully.\r
+  @retval EFI_ACCESS_DENIED     The blob could not be verified, and therefore\r
+                                should be considered non-secure.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+VerifyBlob (\r
+  IN  CONST CHAR16    *BlobName,\r
+  IN  CONST VOID      *Buf,\r
+  IN  UINT32          BufSize\r
+  );\r
+\r
+#endif\r