UEFI 2.4 X509 Certificate Hash and RFC3161 Timestamp Verification support for Secure...
authorQin Long <qin.long@intel.com>
Fri, 14 Nov 2014 08:41:12 +0000 (08:41 +0000)
committerqlong <qlong@Edk2>
Fri, 14 Nov 2014 08:41:12 +0000 (08:41 +0000)
commit20333c6d566748d7c78c1b546ba8f37c6d253dea
treecdd1196a23f4b41bf0c732ea82b49a86b51ad6de
parent2e70cf8ade0dd1e023274f7358c7c72cfd17460c
UEFI 2.4 X509 Certificate Hash and RFC3161 Timestamp Verification support for Secure Boot

Main ChangeLogs includes:
1. Introduce the new GUID and structure definitions for certificate hash and timestamp support;
2. Update Image Verification Library to support DBT signature checking;
3. Update the related SecureBoot Configuration Pages;

Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>
Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16380 6f19259b-4bc3-4df7-8a09-765794883524
14 files changed:
MdePkg/Include/Guid/ImageAuthentication.h
MdePkg/MdePkg.dec
SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.h
SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.h
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigStrings.uni