SecurityPkg:AuthVariableLib:Implement ECR1707 for Private Auth Variable
authorZhang, Chao B <chao.b.zhang@intel.com>
Tue, 12 Sep 2017 07:41:12 +0000 (15:41 +0800)
committerZhang, Chao B <chao.b.zhang@intel.com>
Sat, 14 Oct 2017 14:27:14 +0000 (22:27 +0800)
commit53c6ff18032737fabb644a9e0c781d91a6830248
tree5e495cda419591659cef4b640e7545ff4736f9f0
parent120fd64781d2c0810ce41c0d4a6ecd348ff7bc49
SecurityPkg:AuthVariableLib:Implement ECR1707 for Private Auth Variable

ECR1707 for UEFI2.7 clarified certificate management rule for private time-based
AuthVariable.Trusted cert rule changed from whole signer's certificate stack to
top-level issuer cert tbscertificate + SignerCert CN for better management compatibility.
Hash is used to reduce storage overhead.

Cc: Long Qin <qin.long@intel.com>
Cc: Chen Chen <chen.a.chen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>'
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Chen Chen <chen.a.chen@intel.com>
SecurityPkg/Library/AuthVariableLib/AuthService.c