From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.31; helo=mga06.intel.com; envelope-from=michael.d.kinney@intel.com; receiver=edk2-devel@lists.01.org Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 4117E224E6903 for ; Mon, 12 Mar 2018 12:24:06 -0700 (PDT) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 12 Mar 2018 12:30:25 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.47,462,1515484800"; d="scan'208";a="210877320" Received: from mdkinney-mobl2.amr.corp.intel.com ([10.241.98.52]) by fmsmga005.fm.intel.com with ESMTP; 12 Mar 2018 12:30:25 -0700 From: "Kinney, Michael D" To: edk2-devel@lists.01.org Cc: Sean Brogan , Yonghong Zhu , Liming Gao , Chao Zhang , Jiewen Yao , Kelly Steele , David Wei , Mang Guo , Michael D Kinney Date: Mon, 12 Mar 2018 12:30:12 -0700 Message-Id: <20180312193017.15156-1-michael.d.kinney@intel.com> X-Mailer: git-send-email 2.14.2.windows.3 Subject: [Patch 0/5] Add multi-cert PcdPkcs7CertBufferXdr X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Mar 2018 19:24:06 -0000 https://bugzilla.tianocore.org/show_bug.cgi?id=890 https://bugzilla.tianocore.org/show_bug.cgi?id=891 * Update BinToPcd to support multiple one or more -i INPUTFILE arguments * Update BinToPcd to support -x, --xdr flags to encode PCD using the Variable-Length Opaque Data of RFC 4506 External Data Representation Standard (XDR). * Add PcdPkcs7CertBufferXdr that supports one or more PKCS7 certificates encoded using the Variable-Length Opaque Data format of RFC 4506 External Data Representation Standard (XDR). * Use both PcdPkcs7CertBuffer and PcdPkcs7CertBufferXdr to authenticate capsules. * Evaluate both PcdPkcs7CertBuffer and PcdPkcs7CertBufferXdr for the use of the test key. Branch for review: https://github.com/mdkinney/edk2/tree/Bug_890_891_BinToPcdMultipleInputFiles Cc: Sean Brogan Cc: Yonghong Zhu Cc: Liming Gao Cc: Chao Zhang Cc: Jiewen Yao Cc: Kelly Steele Cc: David Wei Cc: Mang Guo Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney Kinney, Michael D (4): BaseTools/BinToPcd: Add support for multiple binary input files SecurityPkg: Add PcdPkcs7CertBufferXdr SecurityPkg/EdkiiSystemCapsuleLib: Use PcdPkcs7CertBufferXdr QuarkPlatformPkg/PlatformBootManagerLib: Check PcdPkcs7CertBufferXdr Michael D Kinney (1): Vlv2TbltDevicePkg/PlatformBootManagerLib: Check PcdPkcs7CertBufferXdr BaseTools/Scripts/BinToPcd.py | 83 ++++++++++++++-------- .../PlatformBootManagerLib/PlatformBootManager.c | 51 ++++++++++++- .../PlatformBootManagerLib.inf | 3 +- SecurityPkg/SecurityPkg.dec | 8 +++ SecurityPkg/SecurityPkg.uni | 6 ++ .../EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.c | 77 +++++++++++++++++--- .../EdkiiSystemCapsuleLib.inf | 3 +- .../Library/PlatformBdsLib/BdsPlatform.c | 57 ++++++++++++++- .../Library/PlatformBdsLib/PlatformBdsLib.inf | 22 +++--- 9 files changed, 258 insertions(+), 52 deletions(-) -- 2.14.2.windows.3