From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id C3302740035 for ; Fri, 22 Mar 2024 04:45:46 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=rXNmOUvr5eZZRUjhuddrEB9UFM8pW5QLW0BF6FM87Dk=; c=relaxed/simple; d=groups.io; h=From:To:Cc:References:In-Reply-To:Subject:Date:Message-ID:MIME-Version:Thread-Index:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Transfer-Encoding:Content-Language; s=20240206; t=1711082745; v=1; b=DOJhcbb6j3dT2pQ8Z3QnJNzLJsYOoVqRmgGQwpd03KS5MxDl3R+x0X/ox8Jh2MsGAXNlcFPW eLw1teWFGo7Khm3BL+n1jlFeBP0fDERzc5W6rXP9B8b1S8mUwlhkESQxrE3u/DmzCzLRsV6cPuZ NUJuBWFNQy96QSYAG6l91CmJUIKSj7fg0U8R+gi5G2eY0AiZNU0hnu6z9NCkYUKO5U/S2GYRbQf YnhNjo5BUpKbM6P6ila+gDDzDIWWeKlFYcrUT4VDMZHOMv8m6H2NOjwKNtl3FyLDtxJwF6aeOX1 JZza9cb+1GchAj4sYmV2vfO9zBygFiUTt9SN0Phrgz4kg== X-Received: by 127.0.0.2 with SMTP id gfgBYY7687511xKh1HZnbRVb; Thu, 21 Mar 2024 21:45:45 -0700 X-Received: from zrleap.intel-email.com (zrleap.intel-email.com [114.80.218.36]) by mx.groups.io with SMTP id smtpd.web11.5852.1711082744611535262 for ; Thu, 21 Mar 2024 21:45:45 -0700 X-Received: from zrleap.intel-email.com (localhost [127.0.0.1]) by zrleap.intel-email.com (Postfix) with ESMTP id 15E61A32DFC1 for ; Fri, 22 Mar 2024 12:45:42 +0800 (CST) X-Received: from localhost (localhost [127.0.0.1]) by zrleap.intel-email.com (Postfix) with ESMTP id 050F3A32E011 for ; Fri, 22 Mar 2024 12:45:42 +0800 (CST) X-Received: from mail.byosoft.com.cn (mail.byosoft.com.cn [58.240.74.242]) by zrleap.intel-email.com (Postfix) with SMTP id 2ECEEA32DFE8 for ; Fri, 22 Mar 2024 12:45:38 +0800 (CST) X-Received: from DESKTOPS6D0PVI ([39.144.108.26]) (envelope-sender ) by 192.168.6.13 with ESMTP(SSL) for ; Fri, 22 Mar 2024 12:45:35 +0800 X-WM-Sender: gaoliming@byosoft.com.cn X-Originating-IP: 39.144.108.26 X-WM-AuthFlag: YES X-WM-AuthUser: gaoliming@byosoft.com.cn From: "gaoliming via groups.io" To: , Cc: "'Michael D Kinney'" , "'Zhiguang Liu'" , "'Jiewen Yao'" References: <20240306032305.10278-1-wenxing.hou@intel.com> <20240306032305.10278-2-wenxing.hou@intel.com> In-Reply-To: <20240306032305.10278-2-wenxing.hou@intel.com> Subject: =?UTF-8?B?5Zue5aSNOiBbZWRrMi1kZXZlbF0gW1BBVENIIHYyIDEvMl0gTWRlUGtnOiBBZGQgVUVGSSAyLjEwIERldmljZUF1dGhlbnRpY2F0aW9u?= Date: Fri, 22 Mar 2024 12:45:34 +0800 Message-ID: <016f01da7c13$c8773790$5965a6b0$@byosoft.com.cn> MIME-Version: 1.0 Thread-Index: AQKxYDsHxLxjEzXNrzO2/rTWcaO7ZgKGmLQar4EyH5A= Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Thu, 21 Mar 2024 21:45:45 -0700 Reply-To: devel@edk2.groups.io,gaoliming@byosoft.com.cn List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: EWLSHGJkqdtvvaAR6bt1iWWyx7686176AA= Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: quoted-printable Content-Language: zh-cn X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=DOJhcbb6; dmarc=pass (policy=none) header.from=groups.io; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Wenxing: > -----=D3=CA=BC=FE=D4=AD=BC=FE----- > =B7=A2=BC=FE=C8=CB: devel@edk2.groups.io =B4=FA=B1= =ED Wenxing Hou > =B7=A2=CB=CD=CA=B1=BC=E4: 2024=C4=EA3=D4=C26=C8=D5 11:24 > =CA=D5=BC=FE=C8=CB: devel@edk2.groups.io > =B3=AD=CB=CD: Michael D Kinney ; Liming Gao > ; Zhiguang Liu ; Jiewen > Yao > =D6=F7=CC=E2: [edk2-devel] [PATCH v2 1/2] MdePkg: Add UEFI 2.10 > DeviceAuthentication >=20 > According to UEFI 2.10 spec > 32.8.2 UEFI Device Signature Variable GUID and Variable Name section, > add signature database for device authentication. >=20 > Cc: Michael D Kinney > Cc: Liming Gao > Cc: Zhiguang Liu > Cc: Jiewen Yao > Signed-off-by: Wenxing Hou > --- > MdePkg/Include/Guid/DeviceAuthentication.h | 61 > ++++++++++++++++++++++ > 1 file changed, 61 insertions(+) > create mode 100644 MdePkg/Include/Guid/DeviceAuthentication.h >=20 > diff --git a/MdePkg/Include/Guid/DeviceAuthentication.h > b/MdePkg/Include/Guid/DeviceAuthentication.h > new file mode 100644 > index 0000000000..65dea4273d > --- /dev/null > +++ b/MdePkg/Include/Guid/DeviceAuthentication.h > @@ -0,0 +1,61 @@ > +/** @file >=20 > + Guid & data structure used for Device Security. >=20 > + >=20 > + Copyright (c) 2024, Intel Corporation. All rights reserved.
>=20 > + SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > + >=20 > +**/ >=20 > + >=20 > +#ifndef EDKII_DEVICE_AUTHENTICATION_GUID_H_ >=20 Here can use EFI_ prefix, because this definition is from UEFI spec.=20 Thanks Liming > +#define EDKII_DEVICE_AUTHENTICATION_GUID_H_ >=20 > + >=20 > +/** >=20 > + This is a signature database for device authentication, instead of image > authentication. >=20 > + >=20 > + The content of the signature database is same as the one in db/dbx. (a list > of EFI_SIGNATURE_LIST) >=20 > +**/ >=20 > +#define EFI_DEVICE_SIGNATURE_DATABASE_GUID \ >=20 > + {0xb9c2b4f4, 0xbf5f, 0x462d, 0x8a, 0xdf, 0xc5, 0xc7, 0xa, 0xc3, 0x5d, 0xad} >=20 > +#define EFI_DEVICE_SECURITY_DATABASE L"devdb" >=20 > + >=20 > +extern EFI_GUID gEfiDeviceSignatureDatabaseGuid; >=20 > + >=20 > +/** >=20 > + Signature Database: >=20 > + >=20 > + +---------------------------------------+ <----------------- >=20 > + | SignatureType (GUID) | | >=20 > + +---------------------------------------+ | >=20 > + | SignatureListSize (UINT32) | | >=20 > + +---------------------------------------+ | >=20 > + | SignatureHeaderSize (UINT32) | | >=20 > + +---------------------------------------+ | >=20 > + | SignatureSize (UINT32) | > |-EFI_SIGNATURE_LIST (1) >=20 > + +---------------------------------------+ | >=20 > + | SignatureHeader (SignatureHeaderSize) | | >=20 > + +---------------------------------------+ <-- | >=20 > + | SignatureOwner (GUID) | | | >=20 > + +---------------------------------------+ |-EFI_SIGNATURE_DATA (1) >=20 > + | SignatureData (SignatureSize - 16) | | | >=20 > + +---------------------------------------+ <-- | >=20 > + | SignatureOwner (GUID) | | | >=20 > + +---------------------------------------+ |-EFI_SIGNATURE_DATA (n) >=20 > + | SignatureData (SignatureSize - 16) | | | >=20 > + +---------------------------------------+ <----------------- >=20 > + | SignatureType (GUID) | | >=20 > + +---------------------------------------+ | >=20 > + | SignatureListSize (UINT32) | > |-EFI_SIGNATURE_LIST (n) >=20 > + +---------------------------------------+ | >=20 > + | ... | | >=20 > + +---------------------------------------+ <----------------- >=20 > + >=20 > + SignatureType :=3D EFI_CERT_SHAxxx_GUID | >=20 > + EFI_CERT_RSA2048_GUID | >=20 > + EFI_CERT_RSA2048_SHAxxx_GUID | >=20 > + EFI_CERT_X509_GUID | >=20 > + EFI_CERT_X509_SHAxxx_GUID >=20 > + (xxx =3D 256, 384, 512) >=20 > + >=20 > +**/ >=20 > + >=20 > +#endif >=20 > -- > 2.26.2.windows.1 >=20 >=20 >=20 > -=3D-=3D-=3D-=3D-=3D-=3D > Groups.io Links: You receive all messages sent to this group. > View/Reply Online (#116415): > https://edk2.groups.io/g/devel/message/116415 > Mute This Topic: https://groups.io/mt/104760005/4905953 > Group Owner: devel+owner@edk2.groups.io > Unsubscribe: https://edk2.groups.io/g/devel/unsub > [gaoliming@byosoft.com.cn] > -=3D-=3D-=3D-=3D-=3D-=3D >=20 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117025): https://edk2.groups.io/g/devel/message/117025 Mute This Topic: https://groups.io/mt/105079881/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-