[edk2-devel] [PATCH V5 0/3] SecureBoot: Support RSA 512 and RSA 384
Sheng Wei
w.sheng at intel.com
Thu Jul 27 06:35:10 UTC 2023
Patch V5:
Using define KEY_TYPE_RSASSA to replace the magic number.
Patch V4:
Determine the RSA algorithm by a supported algorithm list.
Patch V3:
Select SHA algorithm automaticly for a unsigned efi image.
Patch V2:
Determine the SHA algorithm by a supported algorithm list.
Create SHA context for each algorithm.
Test Case:
1. Enroll a RSA4096 Cert, and execute an RSA4096 signed efi image under UEFI shell.
2. Enroll a RSA3072 Cert, and execute an RSA3072 signed efi image under UEFI shell.
3. Enroll a RSA2048 Cert, and execute an RSA2048 signed efi image under UEFI shell.
4. Enroll an unsigned efi image, execute the unsigned efi image under UEFI shell
Test Result:
Pass
Cc: Jiewen Yao <jiewen.yao at intel.com>
Cc: Jian J Wang <jian.j.wang at intel.com>
Cc: Min Xu <min.m.xu at intel.com>
Cc: Zeyi Chen <zeyi.chen at intel.com>
Cc: Fiona Wang <fiona.wang at intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu at intel.com>
Cc: Guomin Jiang <guomin.jiang at intel.com>
Cc: Michael D Kinney <michael.d.kinney at intel.com>
Cc: Liming Gao <gaoliming at byosoft.com.cn>
Sheng Wei (3):
MdePkg/Include: Add GUID for CERT_RSA3072 and CERT_RSA4096
CryptoPkg/Library/BaseCryptLib: add sha384 and sha512 to
ImageTimestampVerify
SecurityPkg/SecureBoot: Support RSA 512 and RSA 384
CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c | 3 +-
MdePkg/Include/Guid/ImageAuthentication.h | 26 +++
MdePkg/MdePkg.dec | 2 +
.../Library/AuthVariableLib/AuthService.c | 220 +++++++++++++++---
.../AuthVariableLib/AuthServiceInternal.h | 4 +-
.../Library/AuthVariableLib/AuthVariableLib.c | 42 ++--
.../DxeImageVerificationLib.c | 73 +++---
.../SecureBootConfigDxe.inf | 16 ++
.../SecureBootConfigImpl.c | 114 +++++++--
.../SecureBootConfigImpl.h | 7 +
.../SecureBootConfigStrings.uni | 6 +
11 files changed, 421 insertions(+), 92 deletions(-)
--
2.26.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107293): https://edk2.groups.io/g/devel/message/107293
Mute This Topic: https://groups.io/mt/100385941/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list