回复: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for CERT_RSA3072 and CERT_RSA4096

gaoliming via groups.io gaoliming=byosoft.com.cn at groups.io
Wed Aug 2 02:58:19 UTC 2023 

Wei:
  I don't see these two new GUID are in the public UEFI spec. Are they
published now?

Thanks
Liming
> -----邮件原件-----
> 发件人: Sheng, W <w.sheng at intel.com>
> 发送时间: 2023年7月31日 10:02
> 收件人: devel at edk2.groups.io; Gao, Liming <gaoliming at byosoft.com.cn>
> 抄送: Yao, Jiewen <jiewen.yao at intel.com>; Wang, Jian J
> <jian.j.wang at intel.com>; Xu, Min M <min.m.xu at intel.com>; Chen, Zeyi
> <zeyi.chen at intel.com>; Wang, Fiona <fiona.wang at intel.com>; Lu, Xiaoyu1
> <xiaoyu1.lu at intel.com>; Jiang, Guomin <guomin.jiang at intel.com>; Kinney,
> Michael D <michael.d.kinney at intel.com>
> 主题: RE: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for
> CERT_RSA3072 and CERT_RSA4096
> 
> Hi Gao, Liming,
> Could you help to review and merge this patch to MdePkg?
> This patch is only to add 2 new GUIDs.
> These 2 GUIDs will be used for adding RSA3072/RSA4096 cert support for
> secure boot feature.
> Thank you.
> BR
> Sheng Wei
> 
> > > -----Original Message-----
> > > From: devel at edk2.groups.io <devel at edk2.groups.io> On Behalf Of Sheng
> > > Wei
> > > Sent: 2023年7月27日 14:35
> > > To: devel at edk2.groups.io
> > > Cc: Yao, Jiewen <jiewen.yao at intel.com>; Wang, Jian J
> > > <jian.j.wang at intel.com>; Xu, Min M <min.m.xu at intel.com>; Chen, Zeyi
> > > <zeyi.chen at intel.com>; Wang, Fiona <fiona.wang at intel.com>; Lu,
> Xiaoyu1
> > > <xiaoyu1.lu at intel.com>; Jiang, Guomin <guomin.jiang at intel.com>;
> > > Kinney, Michael D <michael.d.kinney at intel.com>; Gao, Liming
> > > <gaoliming at byosoft.com.cn>
> > > Subject: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for
> > > CERT_RSA3072 and CERT_RSA4096
> > >
> > > Add gEfiCertRsa3072Guid and gEfiCertRsa4096Guid
> > >
> > > Cc: Jiewen Yao <jiewen.yao at intel.com>
> > > Cc: Jian J Wang <jian.j.wang at intel.com>
> > > Cc: Min Xu <min.m.xu at intel.com>
> > > Cc: Zeyi Chen <zeyi.chen at intel.com>
> > > Cc: Fiona Wang <fiona.wang at intel.com>
> > > Cc: Xiaoyu Lu <xiaoyu1.lu at intel.com>
> > > Cc: Guomin Jiang <guomin.jiang at intel.com>
> > > Cc: Michael D Kinney <michael.d.kinney at intel.com>
> > > Cc: Liming Gao <gaoliming at byosoft.com.cn>
> > > Signed-off-by: Sheng Wei <w.sheng at intel.com>
> > > ---
> > >  MdePkg/Include/Guid/ImageAuthentication.h | 26
> > > +++++++++++++++++++++++
> > >  MdePkg/MdePkg.dec                         |  2 ++
> > >  2 files changed, 28 insertions(+)
> > >
> > > diff --git a/MdePkg/Include/Guid/ImageAuthentication.h
> > > b/MdePkg/Include/Guid/ImageAuthentication.h
> > > index fe83596571..c8ea2c14fb 100644
> > > --- a/MdePkg/Include/Guid/ImageAuthentication.h
> > > +++ b/MdePkg/Include/Guid/ImageAuthentication.h
> > > @@ -144,6 +144,30 @@ typedef struct {
> > >      0x3c5766e8, 0x269c, 0x4e34, {0xaa, 0x14, 0xed, 0x77, 0x6e, 0x85,
> 0xb3,
> > > 0xb6} \   } +///+/// This identifies a signature containing an
RSA-3072
> key.
> > The
> > > key (only the modulus+/// since the public key exponent is known to be
> > > 0x10001) shall be stored in big-endian+/// order.+/// The
> > > SignatureHeader size shall always be 0. The SignatureSize shall always
> > > be 16 (size+/// of SignatureOwner component) + 384 bytes.+///+#define
> > > EFI_CERT_RSA3072_GUID \+  { \+    0xedd320c2, 0xb057, 0x4b8e,
> {0xad,
> > 0x46,
> > > 0x2c, 0x9b, 0x85, 0x89, 0xee, 0x92 } \+  }++///+/// This identifies a
> > > signature containing an RSA-4096 key. The key (only the modulus+///
> > > since the public key exponent is known to be 0x10001) shall be stored
> > > in big-endian+/// order.+/// The SignatureHeader size shall always be
> > > 0. The SignatureSize shall always be 16 (size+/// of SignatureOwner
> > component) + 512
> > > bytes.+///+#define EFI_CERT_RSA4096_GUID \+  { \+    0xb23e89a6,
> 0x8c8b,
> > > 0x4412, {0x85, 0x73, 0x15, 0x4e, 0x8d, 0x00, 0x98, 0x2c } \+  }+ ///
> > > /// This identifies a signature containing a RSA-2048 signature of a
> > > SHA-256 hash.  The /// SignatureHeader size shall always be 0. The
> > > SignatureSize shall always be
> > > 16 (size of@@ -330,6 +354,8 @@ typedef struct {  extern EFI_GUID
> > > gEfiImageSecurityDatabaseGuid; extern EFI_GUID gEfiCertSha256Guid;
> > > extern EFI_GUID  gEfiCertRsa2048Guid;+extern EFI_GUID
> > > gEfiCertRsa3072Guid;+extern EFI_GUID  gEfiCertRsa4096Guid; extern
> > > EFI_GUID  gEfiCertRsa2048Sha256Guid; extern EFI_GUID
> gEfiCertSha1Guid;
> > > extern EFI_GUID  gEfiCertRsa2048Sha1Guid;diff --git
> > > a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index
> > > b85614992b..24e4779d33 100644
> > > --- a/MdePkg/MdePkg.dec
> > > +++ b/MdePkg/MdePkg.dec
> > > @@ -581,6 +581,8 @@
> > >    gEfiImageSecurityDatabaseGuid  = { 0xd719b2cb, 0x3d3a, 0x4596,
> {0xa3,
> > > 0xbc, 0xda, 0xd0,  0xe, 0x67, 0x65, 0x6f }}   gEfiCertSha256Guid
> =
> > > { 0xc1c41626, 0x504c, 0x4092, {0xac, 0xa9, 0x41, 0xf9, 0x36, 0x93,
0x43,
> > 0x28 }}
> > > gEfiCertRsa2048Guid            = { 0x3c5766e8, 0x269c, 0x4e34,
> {0xaa, 0x14,
> > 0xed,
> > > 0x77, 0x6e, 0x85, 0xb3, 0xb6 }}+  gEfiCertRsa3072Guid            =
> { 0xedd320c2,
> > > 0xb057, 0x4b8e, {0xad, 0x46, 0x2c, 0x9b, 0x85, 0x89, 0xee, 0x92 }}+
> > > gEfiCertRsa4096Guid            = { 0xb23e89a6, 0x8c8b, 0x4412,
> {0x85, 0x73,
> > 0x15,
> > > 0x4e, 0x8d, 0x00, 0x98, 0x2c }}   gEfiCertRsa2048Sha256Guid      =
> > { 0xe2b36190,
> > > 0x879b, 0x4a3d, {0xad, 0x8d, 0xf2, 0xe7, 0xbb, 0xa3, 0x27, 0x84 }}
> > > gEfiCertSha1Guid               = { 0x826ca512, 0xcf10, 0x4ac9, {0xb1,
> 0x87, 0xbe,
> > > 0x1, 0x49, 0x66, 0x31, 0xbd }}   gEfiCertRsa2048Sha1Guid        =
> { 0x67f8444f,
> > > 0x8743, 0x48f1, {0xa3, 0x28, 0x1e, 0xaa, 0xb8, 0x73, 0x60, 0x80 }}--
> > > 2.26.2.windows.1
> > >
> > >
> > >
> > > -=-=-=-=-=-=
> > > Groups.io Links: You receive all messages sent to this group.
> > > View/Reply Online (#107294):
> > > https://edk2.groups.io/g/devel/message/107294
> > > Mute This Topic: https://groups.io/mt/100385942/2558558
> > > Group Owner: devel+owner at edk2.groups.io
> > > Unsubscribe: https://edk2.groups.io/g/devel/unsub [w.sheng at intel.com]
> > > - =-=-=-=-=-=
> > >





-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107438): https://edk2.groups.io/g/devel/message/107438
Mute This Topic: https://groups.io/mt/100498532/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list