The header file of HII Config Access protocol implementation of SecureBoot\r
configuration module.\r
\r
-Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.<BR>\r
-This program and the accompanying materials\r
-are licensed and made available under the terms and conditions of the BSD License\r
-which accompanies this distribution. The full text of the license may be found at\r
-http://opensource.org/licenses/bsd-license.php\r
-\r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.<BR>\r
+SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include <Library/PlatformSecureLib.h>\r
#include <Library/BaseCryptLib.h>\r
#include <Library/FileExplorerLib.h>\r
+#include <Library/PeCoffLib.h>\r
\r
#include <Guid/MdeModuleHii.h>\r
#include <Guid/AuthenticatedVariableFormat.h>\r
#include <Guid/FileSystemVolumeLabelInfo.h>\r
#include <Guid/ImageAuthentication.h>\r
#include <Guid/FileInfo.h>\r
+#include <Guid/WinCertificate.h>\r
\r
#include "SecureBootConfigNvData.h"\r
\r
\r
#define MAX_CHAR 480\r
#define TWO_BYTE_ENCODE 0x82\r
+#define BUFFER_MAX_SIZE 100\r
\r
-//\r
-// SHA-1 digest size in bytes.\r
-//\r
-#define SHA1_DIGEST_SIZE 20\r
//\r
// SHA-256 digest size in bytes\r
//\r
//\r
// Support hash types\r
//\r
-#define HASHALG_SHA1 0x00000000\r
-#define HASHALG_SHA224 0x00000001\r
-#define HASHALG_SHA256 0x00000002\r
-#define HASHALG_SHA384 0x00000003\r
-#define HASHALG_SHA512 0x00000004\r
-#define HASHALG_RAW 0x00000005\r
-#define HASHALG_MAX 0x00000005\r
+#define HASHALG_SHA224 0x00000000\r
+#define HASHALG_SHA256 0x00000001\r
+#define HASHALG_SHA384 0x00000002\r
+#define HASHALG_SHA512 0x00000003\r
+#define HASHALG_RAW 0x00000004\r
+#define HASHALG_MAX 0x00000004\r
\r
\r
typedef struct {\r
typedef struct {\r
EFI_FILE_HANDLE FHandle;\r
UINT16 *FileName;\r
+ UINT8 FileType;\r
} SECUREBOOT_FILE_CONTEXT;\r
\r
+#define SECUREBOOT_FREE_NON_NULL(Pointer) \\r
+ do { \\r
+ if ((Pointer) != NULL) { \\r
+ FreePool((Pointer)); \\r
+ (Pointer) = NULL; \\r
+ } \\r
+ } while (FALSE)\r
+\r
+#define SECUREBOOT_FREE_NON_OPCODE(Handle) \\r
+ do{ \\r
+ if ((Handle) != NULL) { \\r
+ HiiFreeOpCodeHandle((Handle)); \\r
+ } \\r
+ } while (FALSE)\r
+\r
+#define SIGNATURE_DATA_COUNTS(List) \\r
+ (((List)->SignatureListSize - sizeof(EFI_SIGNATURE_LIST) - (List)->SignatureHeaderSize) / (List)->SignatureSize)\r
\r
//\r
// We define another format of 5th directory entry: security directory\r
EFI_DEVICE_PATH_PROTOCOL End;\r
} HII_VENDOR_DEVICE_PATH;\r
\r
+typedef enum {\r
+ Variable_DB,\r
+ Variable_DBX,\r
+ Variable_DBT,\r
+ Variable_MAX\r
+} CURRENT_VARIABLE_NAME;\r
+\r
+typedef enum {\r
+ Delete_Signature_List_All,\r
+ Delete_Signature_List_One,\r
+ Delete_Signature_Data\r
+}SIGNATURE_DELETE_TYPE;\r
+\r
typedef struct {\r
UINTN Signature;\r
\r
SECUREBOOT_FILE_CONTEXT *FileContext;\r
\r
EFI_GUID *SignatureGUID;\r
+\r
+ CURRENT_VARIABLE_NAME VariableName; // The variable name we are processing.\r
+ UINT32 ListCount; // Record current variable has how many signature list.\r
+ UINTN ListIndex; // Record which signature list is processing.\r
+ BOOLEAN *CheckArray; // Record which signature data checked.\r
} SECUREBOOT_CONFIG_PRIVATE_DATA;\r
\r
extern SECUREBOOT_CONFIG_PRIVATE_DATA mSecureBootConfigPrivateDateTemplate;\r
#define SECUREBOOT_CONFIG_PRIVATE_FROM_THIS(a) CR (a, SECUREBOOT_CONFIG_PRIVATE_DATA, ConfigAccess, SECUREBOOT_CONFIG_PRIVATE_DATA_SIGNATURE)\r
\r
//\r
-// Cryptograhpic Key Information\r
+// Cryptographic Key Information\r
//\r
#pragma pack(1)\r
typedef struct _CPL_KEY_INFO {\r
\r
/**\r
Read file content into BufferPtr, the size of the allocate buffer\r
- is *FileSize plus AddtionAllocateSize.\r
+ is *FileSize plus AdditionAllocateSize.\r
\r
@param[in] FileHandle The file to be read.\r
@param[in, out] BufferPtr Pointers to the pointer of allocated buffer.\r
@param[out] FileSize Size of input file\r
- @param[in] AddtionAllocateSize Addtion size the buffer need to be allocated.\r
+ @param[in] AdditionAllocateSize Addition size the buffer need to be allocated.\r
In case the buffer need to contain others besides the file content.\r
\r
@retval EFI_SUCCESS The file was read into the buffer.\r
IN EFI_FILE_HANDLE FileHandle,\r
IN OUT VOID **BufferPtr,\r
OUT UINTN *FileSize,\r
- IN UINTN AddtionAllocateSize\r
+ IN UINTN AdditionAllocateSize\r
);\r
\r
\r
IN UINTN OSSizeInBytes\r
);\r
\r
-\r
-/**\r
- Convert a String to Guid Value.\r
-\r
- @param[in] Str Specifies the String to be converted.\r
- @param[in] StrLen Number of Unicode Characters of String (exclusive \0)\r
- @param[out] Guid Return the result Guid value.\r
-\r
- @retval EFI_SUCCESS The operation is finished successfully.\r
- @retval EFI_NOT_FOUND Invalid string.\r
-\r
-**/\r
-EFI_STATUS\r
-StringToGuid (\r
- IN CHAR16 *Str,\r
- IN UINTN StrLen,\r
- OUT EFI_GUID *Guid\r
- );\r
-\r
-\r
/**\r
Worker function that prints an EFI_GUID into specified Buffer.\r
\r
projects / mirror_edk2.git / blobdiff