summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--recipes-core/ovmf/files/0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch53
1 files changed, 26 insertions, 27 deletions
diff --git a/recipes-core/ovmf/files/0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch b/recipes-core/ovmf/files/0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch
index c13363d2..6065b1f7 100644
--- a/recipes-core/ovmf/files/0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch
+++ b/recipes-core/ovmf/files/0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch
@@ -1,6 +1,6 @@
1From 149b34de80e7f9f5331c285b862776cdd4b02ee3 Mon Sep 17 00:00:00 2001 1From b2099e7184d48a6d05c8713b6fd5dac0e2e70963 Mon Sep 17 00:00:00 2001
2From: Mikko Ylinen <mikko.ylinen@linux.intel.com> 2From: Mikko Ylinen <mikko.ylinen@linux.intel.com>
3Date: Fri, 7 Apr 2017 12:06:14 +0300 3Date: Wed, 2 Mar 2022 10:55:35 +0800
4Subject: [PATCH] ovmf: RefkitTestCA: TEST UEFI SecureBoot 4Subject: [PATCH] ovmf: RefkitTestCA: TEST UEFI SecureBoot
5 5
6This patch adds refkit-db.cer (via xxd -i) in OVMF's db 6This patch adds refkit-db.cer (via xxd -i) in OVMF's db
@@ -10,24 +10,20 @@ application. It's used for testing purposes only.
10Images signed with refkit-db keys are allowed to boot. 10Images signed with refkit-db keys are allowed to boot.
11 11
12Signed-off-by: Mikko Ylinen <mikko.ylinen@linux.intel.com> 12Signed-off-by: Mikko Ylinen <mikko.ylinen@linux.intel.com>
13 13Signed-off-by: Naveen Saini <naveen.kumar.saini@intel.com>
14[ Change location of key to AuthData.c ]
15Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
16
17%% original patch: 0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch
18--- 14---
19 OvmfPkg/EnrollDefaultKeys/AuthData.c | 68 +++++++++++++++++++ 15 OvmfPkg/EnrollDefaultKeys/AuthData.c | 69 +++++++++++++++++++
20 OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c | 1 + 16 OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c | 3 +
21 OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h | 2 + 17 OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h | 2 +
22 3 files changed, 71 insertions(+) 18 3 files changed, 74 insertions(+)
23 19
24diff --git a/OvmfPkg/EnrollDefaultKeys/AuthData.c b/OvmfPkg/EnrollDefaultKeys/AuthData.c 20diff --git a/OvmfPkg/EnrollDefaultKeys/AuthData.c b/OvmfPkg/EnrollDefaultKeys/AuthData.c
25index 3b4856a01f..7109766296 100644 21index 53ee7f7003..127131cd05 100644
26--- a/OvmfPkg/EnrollDefaultKeys/AuthData.c 22--- a/OvmfPkg/EnrollDefaultKeys/AuthData.c
27+++ b/OvmfPkg/EnrollDefaultKeys/AuthData.c 23+++ b/OvmfPkg/EnrollDefaultKeys/AuthData.c
28@@ -398,6 +398,74 @@ CONST UINT8 mMicrosoftUefiCa[] = { 24@@ -395,6 +395,75 @@ CONST UINT8 mMicrosoftUefiCa[] = {
29 25
30 CONST UINTN mSizeOfMicrosoftUefiCa = sizeof mMicrosoftUefiCa; 26 CONST UINTN mSizeOfMicrosoftUefiCa = sizeof mMicrosoftUefiCa;
31 27
32+CONST UINT8 mRefkitTestCA[] = { 28+CONST UINT8 mRefkitTestCA[] = {
33+ 0x30, 0x82, 0x02, 0xfb, 0x30, 0x82, 0x01, 0xe3, 0xa0, 0x03, 0x02, 0x01, 29+ 0x30, 0x82, 0x02, 0xfb, 0x30, 0x82, 0x01, 0xe3, 0xa0, 0x03, 0x02, 0x01,
@@ -97,32 +93,35 @@ index 3b4856a01f..7109766296 100644
97+}; 93+};
98+ 94+
99+CONST UINTN mSizeOfRefkitTestCA = sizeof mRefkitTestCA; 95+CONST UINTN mSizeOfRefkitTestCA = sizeof mRefkitTestCA;
100 96+
101 // 97 //
102 // The Microsoft.UefiSecureBootLogo.Tests.OutOfBoxConfirmDBXisPresent test case 98 // The Microsoft.UefiSecureBootLogo.Tests.OutOfBoxConfirmDBXisPresent test case
99 // of the Secure Boot Logo Test in the Microsoft Hardware Certification Kit
103diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c 100diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
104index f45cb799f7..fb1252e768 100644 101index 094e4c821b..0a7eef54dc 100644
105--- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c 102--- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
106+++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c 103+++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
107@@ -615,6 +615,7 @@ ShellAppMain ( 104@@ -702,6 +702,9 @@ ShellAppMain (
108 &gEfiCertX509Guid, 105 mMicrosoftUefiCa,
109 mMicrosoftPca, mSizeOfMicrosoftPca, &gMicrosoftVendorGuid, 106 mSizeOfMicrosoftUefiCa,
110 mMicrosoftUefiCa, mSizeOfMicrosoftUefiCa, &gMicrosoftVendorGuid, 107 &gMicrosoftVendorGuid,
111+ mRefkitTestCA, mSizeOfRefkitTestCA, &gEfiCallerIdGuid, 108+ mRefkitTestCA,
112 NULL); 109+ mSizeOfRefkitTestCA,
110+ &gEfiCallerIdGuid,
111 NULL
112 );
113 } 113 }
114 if (EFI_ERROR (Status)) {
115diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h 114diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h
116index 8e61f0a77b..e3fa046f95 100644 115index 56da9c71d6..8de1dfe4e0 100644
117--- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h 116--- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h
118+++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h 117+++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h
119@@ -135,4 +135,6 @@ extern CONST UINTN mSizeOfMicrosoftUefiCa; 118@@ -133,4 +133,6 @@ extern CONST UINTN mSizeOfMicrosoftUefiCa;
120 extern CONST UINT8 mSha256OfDevNull[]; 119 extern CONST UINT8 mSha256OfDevNull[];
121 extern CONST UINTN mSizeOfSha256OfDevNull; 120 extern CONST UINTN mSizeOfSha256OfDevNull;
122 121
123+extern CONST UINT8 mRefkitTestCA[]; 122+extern CONST UINT8 mRefkitTestCA[];
124+extern CONST UINTN mSizeOfRefkitTestCA; 123+extern CONST UINTN mSizeOfRefkitTestCA;
125 #endif /* ENROLL_DEFAULT_KEYS_H_ */ 124 #endif /* ENROLL_DEFAULT_KEYS_H_ */
126-- 125--
1272.21.0 1262.17.1
128 127