From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 1BEF274003B for ; Tue, 5 Mar 2024 00:32:00 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=hlgGL/xcfqGqhFV96eOLtj8a2RMHN82yVBq8eXCMcr4=; c=relaxed/simple; d=groups.io; h=From:To:Cc:References:In-Reply-To:Subject:Date:Message-ID:MIME-Version:Thread-Index:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Transfer-Encoding:Content-Language; s=20140610; t=1709598719; v=1; b=kZykLxliqLdg2FVwM5+6O4sAccwQl4y41o1UVqqoscIq8A3CffmMuzMT/NnRamf5dQnk24bU uxHdPsIA6RLdnZDMitAxV12kAbkPW90z+F0lmw+3KO57c6lB+gHZgJrZP5g1Ylkt2EWLpbPYSzo dTsvIpDdpk9TBuPMojJ+ga1k= X-Received: by 127.0.0.2 with SMTP id vewIYY7687511xE0POo7OQxk; Mon, 04 Mar 2024 16:31:59 -0800 X-Received: from zrleap.intel-email.com (zrleap.intel-email.com [114.80.218.36]) by mx.groups.io with SMTP id smtpd.web11.10166.1709598718582798319 for ; Mon, 04 Mar 2024 16:31:59 -0800 X-Received: from zrleap.intel-email.com (localhost [127.0.0.1]) by zrleap.intel-email.com (Postfix) with ESMTP id 6EAB6A32E142 for ; Tue, 5 Mar 2024 08:31:54 +0800 (CST) X-Received: from localhost (localhost [127.0.0.1]) by zrleap.intel-email.com (Postfix) with ESMTP id 46A2CA32E147 for ; Tue, 5 Mar 2024 08:31:54 +0800 (CST) X-Received: from mail.byosoft.com.cn (mail.byosoft.com.cn [58.240.74.242]) by zrleap.intel-email.com (Postfix) with SMTP id 63A58A32E10F for ; Tue, 5 Mar 2024 08:31:51 +0800 (CST) X-Received: from DESKTOPS6D0PVI ([58.246.60.130]) (envelope-sender ) by 192.168.6.13 with ESMTP(SSL) for ; Tue, 05 Mar 2024 08:31:49 +0800 X-WM-Sender: gaoliming@byosoft.com.cn X-Originating-IP: 58.246.60.130 X-WM-AuthFlag: YES X-WM-AuthUser: gaoliming@byosoft.com.cn From: "gaoliming via groups.io" To: , Cc: "'Michael D Kinney'" , "'Zhiguang Liu'" , "'Jiewen Yao'" References: <20240304115545.9485-1-wenxing.hou@intel.com> In-Reply-To: <20240304115545.9485-1-wenxing.hou@intel.com> Subject: =?UTF-8?B?5Zue5aSNOiBbZWRrMi1kZXZlbF0gW1BBVENIXSBNZGVQa2c6IEFkZCBVRUZJIDIuMTAgRGV2aWNlQXV0aGVudGljYXRpb24=?= Date: Tue, 5 Mar 2024 08:31:51 +0800 Message-ID: <004201da6e94$846c34b0$8d449e10$@byosoft.com.cn> MIME-Version: 1.0 Thread-Index: AQKXV54OHGHHKrpWmKsPOvTqf+JV96+uebgA Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,gaoliming@byosoft.com.cn List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: DP0oSgPxSgglqrNOJ8VwcVZ8x7686176AA= Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: quoted-printable Content-Language: zh-cn X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=kZykLxli; dmarc=pass (policy=none) header.from=groups.io; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Please also need to add gEfiDeviceSignatureDatabaseGuid in MdePkg.dec.=20 > -----=D3=CA=BC=FE=D4=AD=BC=FE----- > =B7=A2=BC=FE=C8=CB: devel@edk2.groups.io =B4=FA=B1= =ED Wenxing Hou > =B7=A2=CB=CD=CA=B1=BC=E4: 2024=C4=EA3=D4=C24=C8=D5 19:56 > =CA=D5=BC=FE=C8=CB: devel@edk2.groups.io > =B3=AD=CB=CD: Michael D Kinney ; Liming Gao > ; Zhiguang Liu ; Jiewen > Yao > =D6=F7=CC=E2: [edk2-devel] [PATCH] MdePkg: Add UEFI 2.10 DeviceAuthentica= tion >=20 > According to UEFI 2.10 spec > 32.8.2 UEFI Device Signature Variable GUID and Variable Name section, > add signature database for device authentication. >=20 > Cc: Michael D Kinney > Cc: Liming Gao > Cc: Zhiguang Liu > Cc: Jiewen Yao > Signed-off-by: Wenxing Hou > --- > MdePkg/Include/Guid/DeviceAuthentication.h | 61 > ++++++++++++++++++++++ > 1 file changed, 61 insertions(+) > create mode 100644 MdePkg/Include/Guid/DeviceAuthentication.h >=20 > diff --git a/MdePkg/Include/Guid/DeviceAuthentication.h > b/MdePkg/Include/Guid/DeviceAuthentication.h > new file mode 100644 > index 0000000000..65dea4273d > --- /dev/null > +++ b/MdePkg/Include/Guid/DeviceAuthentication.h > @@ -0,0 +1,61 @@ > +/** @file >=20 > + Guid & data structure used for Device Security. >=20 > + >=20 > + Copyright (c) 2024, Intel Corporation. All rights reserved.
>=20 > + SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > + >=20 > +**/ >=20 > + >=20 > +#ifndef EDKII_DEVICE_AUTHENTICATION_GUID_H_ >=20 > +#define EDKII_DEVICE_AUTHENTICATION_GUID_H_ >=20 > + >=20 > +/** >=20 > + This is a signature database for device authentication, instead of image > authentication. >=20 > + >=20 > + The content of the signature database is same as the one in db/dbx. (a list > of EFI_SIGNATURE_LIST) >=20 > +**/ >=20 > +#define EFI_DEVICE_SIGNATURE_DATABASE_GUID \ >=20 > + {0xb9c2b4f4, 0xbf5f, 0x462d, 0x8a, 0xdf, 0xc5, 0xc7, 0xa, 0xc3, 0x5d, 0xad} >=20 > +#define EFI_DEVICE_SECURITY_DATABASE L"devdb" >=20 > + >=20 > +extern EFI_GUID gEfiDeviceSignatureDatabaseGuid; >=20 > + >=20 > +/** >=20 > + Signature Database: >=20 > + >=20 > + +---------------------------------------+ <----------------- >=20 > + | SignatureType (GUID) | | >=20 > + +---------------------------------------+ | >=20 > + | SignatureListSize (UINT32) | | >=20 > + +---------------------------------------+ | >=20 > + | SignatureHeaderSize (UINT32) | | >=20 > + +---------------------------------------+ | >=20 > + | SignatureSize (UINT32) | > |-EFI_SIGNATURE_LIST (1) >=20 > + +---------------------------------------+ | >=20 > + | SignatureHeader (SignatureHeaderSize) | | >=20 > + +---------------------------------------+ <-- | >=20 > + | SignatureOwner (GUID) | | | >=20 > + +---------------------------------------+ |-EFI_SIGNATURE_DATA (1) >=20 > + | SignatureData (SignatureSize - 16) | | | >=20 > + +---------------------------------------+ <-- | >=20 > + | SignatureOwner (GUID) | | | >=20 > + +---------------------------------------+ |-EFI_SIGNATURE_DATA (n) >=20 > + | SignatureData (SignatureSize - 16) | | | >=20 > + +---------------------------------------+ <----------------- >=20 > + | SignatureType (GUID) | | >=20 > + +---------------------------------------+ | >=20 > + | SignatureListSize (UINT32) | > |-EFI_SIGNATURE_LIST (n) >=20 > + +---------------------------------------+ | >=20 > + | ... | | >=20 > + +---------------------------------------+ <----------------- >=20 > + >=20 > + SignatureType :=3D EFI_CERT_SHAxxx_GUID | >=20 > + EFI_CERT_RSA2048_GUID | >=20 > + EFI_CERT_RSA2048_SHAxxx_GUID | >=20 > + EFI_CERT_X509_GUID | >=20 > + EFI_CERT_X509_SHAxxx_GUID >=20 > + (xxx =3D 256, 384, 512) >=20 > + >=20 > +**/ >=20 > + >=20 > +#endif >=20 > -- > 2.26.2.windows.1 >=20 >=20 >=20 > -=3D-=3D-=3D-=3D-=3D-=3D > Groups.io Links: You receive all messages sent to this group. > View/Reply Online (#116312): > https://edk2.groups.io/g/devel/message/116312 > Mute This Topic: https://groups.io/mt/104720232/4905953 > Group Owner: devel+owner@edk2.groups.io > Unsubscribe: https://edk2.groups.io/g/devel/unsub > [gaoliming@byosoft.com.cn] > -=3D-=3D-=3D-=3D-=3D-=3D >=20 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#116346): https://edk2.groups.io/g/devel/message/116346 Mute This Topic: https://groups.io/mt/104735523/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-