|
SecurityPkg[all]
0.98
|
|
SecurityPkg[all]
0.98
|
Functions | |
| EFI_STATUS | SetSecureBootMode (IN UINT8 SecureBootMode) |
| EFI_STATUS EFIAPI | GetSetupMode (OUT UINT8 *SetupMode) |
| EFI_STATUS | SecureBootFetchData (IN EFI_GUID *KeyFileGuid, OUT UINTN *SigListsSize, OUT EFI_SIGNATURE_LIST **SigListOut) |
| EFI_STATUS | CreateTimeBasedPayload (IN OUT UINTN *DataSize, IN OUT UINT8 **Data) |
| EFI_STATUS EFIAPI | DeleteDb (VOID) |
| EFI_STATUS EFIAPI | DeleteDbx (VOID) |
| EFI_STATUS EFIAPI | DeleteDbt (VOID) |
| EFI_STATUS EFIAPI | DeleteKEK (VOID) |
| EFI_STATUS EFIAPI | DeletePlatformKey (VOID) |
Provides a helper functions for creating variable authenticated payloads, signature lists related to secure boot keys.
Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.
(C) Copyright 2018 Hewlett Packard Enterprise Development LP
Copyright (c) 2021, ARM Ltd. All rights reserved.
Copyright (c) 2021, Semihalf All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent
| EFI_STATUS CreateTimeBasedPayload | ( | IN OUT UINTN * | DataSize, |
| IN OUT UINT8 ** | Data | ||
| ) |
Create a time based data payload by concatenating the EFI_VARIABLE_AUTHENTICATION_2 descriptor with the input data. NO authentication is required in this function.
| [in,out] | DataSize | On input, the size of Data buffer in bytes. On output, the size of data returned in Data buffer in bytes. |
| [in,out] | Data | On input, Pointer to data buffer to be wrapped or pointer to NULL to wrap an empty payload. On output, Pointer to the new payload date buffer allocated from pool, it's caller's responsibility to free the memory when finish using it. |
| EFI_SUCCESS | Create time based payload successfully. |
| EFI_OUT_OF_RESOURCES | There are not enough memory resources to create time based payload. |
| EFI_INVALID_PARAMETER | The parameter is invalid. |
| Others | Unexpected error happens. |
| EFI_STATUS EFIAPI DeleteDb | ( | VOID | ) |
Clears the content of the 'db' variable.
| EFI_OUT_OF_RESOURCES | If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails while VendorGuid is NULL. other Errors from GetVariable2(), GetTime() and SetVariable() |
| EFI_STATUS EFIAPI DeleteDbt | ( | VOID | ) |
Clears the content of the 'dbt' variable.
| EFI_OUT_OF_RESOURCES | If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails while VendorGuid is NULL. other Errors from GetVariable2(), GetTime() and SetVariable() |
| EFI_STATUS EFIAPI DeleteDbx | ( | VOID | ) |
Clears the content of the 'dbx' variable.
| EFI_OUT_OF_RESOURCES | If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails while VendorGuid is NULL. other Errors from GetVariable2(), GetTime() and SetVariable() |
| EFI_STATUS EFIAPI DeleteKEK | ( | VOID | ) |
Clears the content of the 'KEK' variable.
| EFI_OUT_OF_RESOURCES | If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails while VendorGuid is NULL. other Errors from GetVariable2(), GetTime() and SetVariable() |
| EFI_STATUS EFIAPI DeletePlatformKey | ( | VOID | ) |
Clears the content of the 'PK' variable.
| EFI_OUT_OF_RESOURCES | If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails while VendorGuid is NULL. other Errors from GetVariable2(), GetTime() and SetVariable() |
| EFI_STATUS EFIAPI GetSetupMode | ( | OUT UINT8 * | SetupMode | ) |
Fetches the value of SetupMode variable.
| [out] | SetupMode | Pointer to UINT8 for SetupMode output |
| EFI_STATUS SecureBootFetchData | ( | IN EFI_GUID * | KeyFileGuid, |
| OUT UINTN * | SigListsSize, | ||
| OUT EFI_SIGNATURE_LIST ** | SigListOut | ||
| ) |
Create a EFI Signature List with data fetched from section specified as a argument. Found keys are verified using RsaGetPublicKeyFromX509().
| [in] | KeyFileGuid | A pointer to to the FFS filename GUID |
| [out] | SigListsSize | A pointer to size of signature list |
| [out] | SigListsOut | a pointer to a callee-allocated buffer with signature lists |
| EFI_SUCCESS | Create time based payload successfully. |
| EFI_NOT_FOUND | Section with key has not been found. |
| EFI_INVALID_PARAMETER | Embedded key has a wrong format. |
| Others | Unexpected error happens. |
| EFI_STATUS SetSecureBootMode | ( | IN UINT8 | SecureBootMode | ) |
Set the platform secure boot mode into "Custom" or "Standard" mode.
| [in] | SecureBootMode | New secure boot mode: STANDARD_SECURE_BOOT_MODE or CUSTOM_SECURE_BOOT_MODE. |
1.8.6 
