Re: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for CERT_RSA3072 and CERT_RSA4096
Hi Jiewen, I remove the new GUIDs. I use signature type gEfiCertX509Guid when enroll RSA3072/RSA4096 KEK. This signature type is used in below 6 places. 1) Show key name string in KEK delete page UpdateDeletePage() 2) Check supported SignatureType when delete KEK DeleteKeyExchangeKey() 3) Check supported SignatureType when delete KEK DeleteSignature() 4) Show key name when load the Signature LoadSignatureList() 5) Show help info string when load the Signature FormatHelpInfo() 6) Check supported SignatureType CheckSignatureListFormat() It is no need to change MdePkg. All the changes are in CryptoPkg and SecurityPkg. I did the local unit test and raised the patch v6. Could you help to review/merge the patches ? Thank you BR Sheng Wei > -Original Message- > From: Yao, Jiewen > Sent: 2023年8月3日 16:13 > To: Sheng, W ; Gao, Liming > ; devel@edk2.groups.io > Cc: Wang, Jian J ; Xu, Min M ; > Chen, Zeyi ; Wang, Fiona ; > Lu, Xiaoyu1 ; Jiang, Guomin > ; Kinney, Michael D > Subject: RE: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for > CERT_RSA3072 and CERT_RSA4096 > > Hey > We cannot add anything not defined in UEFI spec yet. Thanks Liming to catch > that. > > Can you remove CERT_RSA3072 and CERT_RSA4096? > > I think we need to use EFI_CERT_TYPE_PKCS7_GUID + EFI_CERT_X509_GUID > to support RSA3072 and RSA4096. > Have you validated that configuration? > > > > -Original Message- > > From: Sheng, W > > Sent: Thursday, August 3, 2023 3:29 PM > > To: Gao, Liming ; devel@edk2.groups.io > > Cc: Yao, Jiewen ; Wang, Jian J > > ; Xu, Min M ; Chen, Zeyi > > ; Wang, Fiona ; Lu, Xiaoyu1 > > ; Jiang, Guomin ; > > Kinney, Michael D > > Subject: RE: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for > > CERT_RSA3072 and CERT_RSA4096 > > > > Hi Liming, > > Sorry for the late response. > > The two new GUID are not in the public UEFI spec yet. > > Do we have any process to add these 2 new GUIDs ? > > Thank you. > > BR > > Sheng Wei > > > > > > > > > -Original Message- > > > From: gaoliming > > > Sent: 2023年8月2日 17:12 > > > To: Sheng, W ; devel@edk2.groups.io > > > Cc: Yao, Jiewen ; Wang, Jian J > > > ; Xu, Min M ; Chen, Zeyi > > > ; Wang, Fiona ; Lu, > > > Xiaoyu1 ; Jiang, Guomin > > > ; Kinney, Michael D > > > > > > Subject: 回复: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID > > > for > > > CERT_RSA3072 and CERT_RSA4096 > > > > > > Sheng Wei: > > > I gave my comments for the patch 1/3 on this morning. Have you got > > > my response? > > > > > > I just want to confirm whether these two new GUID are in the > > > public UEFI spec or not. > > > > > > Thanks > > > Liming > > > > -邮件原件- > > > > 发件人: Sheng, W > > > > 发送时间: 2023年8月2日 16:04 > > > > 收件人: devel@edk2.groups.io; Gao, Liming > > > > > 抄送: Yao, Jiewen ; Wang, Jian J > > > > ; Xu, Min M ; Chen, > > > > Zeyi ; Wang, Fiona ; > > > > Lu, Xiaoyu1 ; Jiang, Guomin > > > > ; Kinney, Michael D > > > > > > > > 主题: RE: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for > > > > CERT_RSA3072 and CERT_RSA4096 > > > > > > > > Hi Gao, Liming, > > > > For this patch group, we have got review-by from Yao, Jiewen on > > > > patch > > > > 2/3(CryptoPkg) and patch 3/3(SecurityPkg). > > > > Do you any comments on the patch 1/3 (MdePkg) ? > > > > Patch 1/3 is only to add 2 new GUIDs. > > > > Could you help to merge it ? > > > > > > > > Thank you. > > > > BR > > > > Sheng Wei > > > > > > > > > -Original Message- > > > > > From: Sheng, W > > > > > Sent: 2023年7月31日 10:02 > > > > > To: 'devel@edk2.groups.io' ; Gao, Liming > > > > > > > > > > Cc: Yao, Jiewen ; Wang, Jian J > > > > > ; Xu, Min M ; Chen, > > > > > Zeyi ; Wang, Fiona ; > > > > > Lu, > > > > > Xiaoyu1 ; Jiang, Guomin > > > > > ; Kinney, Michael D > > > > > > > > > > Subject: RE: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add > > > > > GUID for > > > > > CERT_RSA3072 and CERT_RSA4096 > > > > > > > > &g
Re: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for CERT_RSA3072 and CERT_RSA4096
Hey We cannot add anything not defined in UEFI spec yet. Thanks Liming to catch that. Can you remove CERT_RSA3072 and CERT_RSA4096? I think we need to use EFI_CERT_TYPE_PKCS7_GUID + EFI_CERT_X509_GUID to support RSA3072 and RSA4096. Have you validated that configuration? > -Original Message- > From: Sheng, W > Sent: Thursday, August 3, 2023 3:29 PM > To: Gao, Liming ; devel@edk2.groups.io > Cc: Yao, Jiewen ; Wang, Jian J ; > Xu, Min M ; Chen, Zeyi ; Wang, > Fiona ; Lu, Xiaoyu1 ; Jiang, > Guomin ; Kinney, Michael D > > Subject: RE: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for > CERT_RSA3072 and CERT_RSA4096 > > Hi Liming, > Sorry for the late response. > The two new GUID are not in the public UEFI spec yet. > Do we have any process to add these 2 new GUIDs ? > Thank you. > BR > Sheng Wei > > > > > -Original Message- > > From: gaoliming > > Sent: 2023年8月2日 17:12 > > To: Sheng, W ; devel@edk2.groups.io > > Cc: Yao, Jiewen ; Wang, Jian J > > ; Xu, Min M ; Chen, Zeyi > > ; Wang, Fiona ; Lu, Xiaoyu1 > > ; Jiang, Guomin ; Kinney, > > Michael D > > Subject: 回复: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for > > CERT_RSA3072 and CERT_RSA4096 > > > > Sheng Wei: > > I gave my comments for the patch 1/3 on this morning. Have you got my > > response? > > > > I just want to confirm whether these two new GUID are in the public UEFI > > spec or not. > > > > Thanks > > Liming > > > -邮件原件- > > > 发件人: Sheng, W > > > 发送时间: 2023年8月2日 16:04 > > > 收件人: devel@edk2.groups.io; Gao, Liming > > > 抄送: Yao, Jiewen ; Wang, Jian J > > > ; Xu, Min M ; Chen, Zeyi > > > ; Wang, Fiona ; Lu, Xiaoyu1 > > > ; Jiang, Guomin ; > > > Kinney, Michael D > > > 主题: RE: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for > > > CERT_RSA3072 and CERT_RSA4096 > > > > > > Hi Gao, Liming, > > > For this patch group, we have got review-by from Yao, Jiewen on patch > > > 2/3(CryptoPkg) and patch 3/3(SecurityPkg). > > > Do you any comments on the patch 1/3 (MdePkg) ? > > > Patch 1/3 is only to add 2 new GUIDs. > > > Could you help to merge it ? > > > > > > Thank you. > > > BR > > > Sheng Wei > > > > > > > -----Original Message- > > > > From: Sheng, W > > > > Sent: 2023年7月31日 10:02 > > > > To: 'devel@edk2.groups.io' ; Gao, Liming > > > > > > > > Cc: Yao, Jiewen ; Wang, Jian J > > > > ; Xu, Min M ; Chen, Zeyi > > > > ; Wang, Fiona ; Lu, > > > > Xiaoyu1 ; Jiang, Guomin > > > > ; Kinney, Michael D > > > > > > > > Subject: RE: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID > > > > for > > > > CERT_RSA3072 and CERT_RSA4096 > > > > > > > > Hi Gao, Liming, > > > > Could you help to review and merge this patch to MdePkg? > > > > This patch is only to add 2 new GUIDs. > > > > These 2 GUIDs will be used for adding RSA3072/RSA4096 cert support > > > > for secure boot feature. > > > > Thank you. > > > > BR > > > > Sheng Wei > > > > > > > > > > -Original Message- > > > > > > From: devel@edk2.groups.io On Behalf Of > > > > Sheng > > > > > > Wei > > > > > > Sent: 2023年7月27日 14:35 > > > > > > To: devel@edk2.groups.io > > > > > > Cc: Yao, Jiewen ; Wang, Jian J > > > > > > ; Xu, Min M ; Chen, > > > > > > Zeyi ; Wang, Fiona ; > > > > > > Lu, > > > > > > Xiaoyu1 ; Jiang, Guomin > > > > > > ; Kinney, Michael D > > > > > > ; Gao, Liming > > > > > > > > > Subject: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID > > > > > > for > > > > > > CERT_RSA3072 and CERT_RSA4096 > > > > > > > > > > > > Add gEfiCertRsa3072Guid and gEfiCertRsa4096Guid > > > > > > > > > > > > Cc: Jiewen Yao > > > > > > Cc: Jian J Wang > > > > > > Cc: Min Xu > > > > > > Cc: Zeyi Chen > > > > > > Cc: Fiona Wang > > > > > > Cc: Xiaoyu Lu > > > > > > Cc: Guomin Jiang > > > > > > Cc: Michael D Kinney > > > > > > Cc: Liming Gao &
Re: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for CERT_RSA3072 and CERT_RSA4096
Hi Liming,
Sorry for the late response.
The two new GUID are not in the public UEFI spec yet.
Do we have any process to add these 2 new GUIDs ?
Thank you.
BR
Sheng Wei
> -Original Message-
> From: gaoliming
> Sent: 2023年8月2日 17:12
> To: Sheng, W ; devel@edk2.groups.io
> Cc: Yao, Jiewen ; Wang, Jian J
> ; Xu, Min M ; Chen, Zeyi
> ; Wang, Fiona ; Lu, Xiaoyu1
> ; Jiang, Guomin ; Kinney,
> Michael D
> Subject: 回复: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for
> CERT_RSA3072 and CERT_RSA4096
>
> Sheng Wei:
> I gave my comments for the patch 1/3 on this morning. Have you got my
> response?
>
> I just want to confirm whether these two new GUID are in the public UEFI
> spec or not.
>
> Thanks
> Liming
> > -邮件原件-
> > 发件人: Sheng, W
> > 发送时间: 2023年8月2日 16:04
> > 收件人: devel@edk2.groups.io; Gao, Liming
> > 抄送: Yao, Jiewen ; Wang, Jian J
> > ; Xu, Min M ; Chen, Zeyi
> > ; Wang, Fiona ; Lu, Xiaoyu1
> > ; Jiang, Guomin ;
> > Kinney, Michael D
> > 主题: RE: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for
> > CERT_RSA3072 and CERT_RSA4096
> >
> > Hi Gao, Liming,
> > For this patch group, we have got review-by from Yao, Jiewen on patch
> > 2/3(CryptoPkg) and patch 3/3(SecurityPkg).
> > Do you any comments on the patch 1/3 (MdePkg) ?
> > Patch 1/3 is only to add 2 new GUIDs.
> > Could you help to merge it ?
> >
> > Thank you.
> > BR
> > Sheng Wei
> >
> > > -Original Message-
> > > From: Sheng, W
> > > Sent: 2023年7月31日 10:02
> > > To: 'devel@edk2.groups.io' ; Gao, Liming
> > >
> > > Cc: Yao, Jiewen ; Wang, Jian J
> > > ; Xu, Min M ; Chen, Zeyi
> > > ; Wang, Fiona ; Lu,
> > > Xiaoyu1 ; Jiang, Guomin
> > > ; Kinney, Michael D
> > >
> > > Subject: RE: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID
> > > for
> > > CERT_RSA3072 and CERT_RSA4096
> > >
> > > Hi Gao, Liming,
> > > Could you help to review and merge this patch to MdePkg?
> > > This patch is only to add 2 new GUIDs.
> > > These 2 GUIDs will be used for adding RSA3072/RSA4096 cert support
> > > for secure boot feature.
> > > Thank you.
> > > BR
> > > Sheng Wei
> > >
> > > > > -----Original Message-
> > > > > From: devel@edk2.groups.io On Behalf Of
> > > Sheng
> > > > > Wei
> > > > > Sent: 2023年7月27日 14:35
> > > > > To: devel@edk2.groups.io
> > > > > Cc: Yao, Jiewen ; Wang, Jian J
> > > > > ; Xu, Min M ; Chen,
> > > > > Zeyi ; Wang, Fiona ;
> > > > > Lu,
> > > > > Xiaoyu1 ; Jiang, Guomin
> > > > > ; Kinney, Michael D
> > > > > ; Gao, Liming
> >
> > > > > Subject: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID
> > > > > for
> > > > > CERT_RSA3072 and CERT_RSA4096
> > > > >
> > > > > Add gEfiCertRsa3072Guid and gEfiCertRsa4096Guid
> > > > >
> > > > > Cc: Jiewen Yao
> > > > > Cc: Jian J Wang
> > > > > Cc: Min Xu
> > > > > Cc: Zeyi Chen
> > > > > Cc: Fiona Wang
> > > > > Cc: Xiaoyu Lu
> > > > > Cc: Guomin Jiang
> > > > > Cc: Michael D Kinney
> > > > > Cc: Liming Gao
> > > > > Signed-off-by: Sheng Wei
> > > > > ---
> > > > > MdePkg/Include/Guid/ImageAuthentication.h | 26
> > > > > +++
> > > > > MdePkg/MdePkg.dec | 2 ++
> > > > > 2 files changed, 28 insertions(+)
> > > > >
> > > > > diff --git a/MdePkg/Include/Guid/ImageAuthentication.h
> > > > > b/MdePkg/Include/Guid/ImageAuthentication.h
> > > > > index fe83596571..c8ea2c14fb 100644
> > > > > --- a/MdePkg/Include/Guid/ImageAuthentication.h
> > > > > +++ b/MdePkg/Include/Guid/ImageAuthentication.h
> > > > > @@ -144,6 +144,30 @@ typedef struct {
> > > > > 0x3c5766e8, 0x269c, 0x4e34, {0xaa, 0x14, 0xed, 0x77, 0x6e,
> 0x85,
> > 0xb3,
> > > > > 0xb6} \ } +///+/// This identifies a signature containing an
> RSA-3072
> > key.
> > > > The
> > > > > key (only the modulus+/// since the public key exponent is known
> > > > > to be
> > > > > 0x10001) shall be stored in big-endia
回复: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for CERT_RSA3072 and CERT_RSA4096
Sheng Wei:
I gave my comments for the patch 1/3 on this morning. Have you got my
response?
I just want to confirm whether these two new GUID are in the public UEFI
spec or not.
Thanks
Liming
> -邮件原件-
> 发件人: Sheng, W
> 发送时间: 2023年8月2日 16:04
> 收件人: devel@edk2.groups.io; Gao, Liming
> 抄送: Yao, Jiewen ; Wang, Jian J
> ; Xu, Min M ; Chen, Zeyi
> ; Wang, Fiona ; Lu, Xiaoyu1
> ; Jiang, Guomin ; Kinney,
> Michael D
> 主题: RE: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for
> CERT_RSA3072 and CERT_RSA4096
>
> Hi Gao, Liming,
> For this patch group, we have got review-by from Yao, Jiewen on patch
> 2/3(CryptoPkg) and patch 3/3(SecurityPkg).
> Do you any comments on the patch 1/3 (MdePkg) ?
> Patch 1/3 is only to add 2 new GUIDs.
> Could you help to merge it ?
>
> Thank you.
> BR
> Sheng Wei
>
> > -Original Message-
> > From: Sheng, W
> > Sent: 2023年7月31日 10:02
> > To: 'devel@edk2.groups.io' ; Gao, Liming
> >
> > Cc: Yao, Jiewen ; Wang, Jian J
> > ; Xu, Min M ; Chen, Zeyi
> > ; Wang, Fiona ; Lu, Xiaoyu1
> > ; Jiang, Guomin ; Kinney,
> > Michael D
> > Subject: RE: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for
> > CERT_RSA3072 and CERT_RSA4096
> >
> > Hi Gao, Liming,
> > Could you help to review and merge this patch to MdePkg?
> > This patch is only to add 2 new GUIDs.
> > These 2 GUIDs will be used for adding RSA3072/RSA4096 cert support for
> > secure boot feature.
> > Thank you.
> > BR
> > Sheng Wei
> >
> > > > -Original Message-
> > > > From: devel@edk2.groups.io On Behalf Of
> > Sheng
> > > > Wei
> > > > Sent: 2023年7月27日 14:35
> > > > To: devel@edk2.groups.io
> > > > Cc: Yao, Jiewen ; Wang, Jian J
> > > > ; Xu, Min M ; Chen, Zeyi
> > > > ; Wang, Fiona ; Lu,
> > > > Xiaoyu1 ; Jiang, Guomin
> > > > ; Kinney, Michael D
> > > > ; Gao, Liming
>
> > > > Subject: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for
> > > > CERT_RSA3072 and CERT_RSA4096
> > > >
> > > > Add gEfiCertRsa3072Guid and gEfiCertRsa4096Guid
> > > >
> > > > Cc: Jiewen Yao
> > > > Cc: Jian J Wang
> > > > Cc: Min Xu
> > > > Cc: Zeyi Chen
> > > > Cc: Fiona Wang
> > > > Cc: Xiaoyu Lu
> > > > Cc: Guomin Jiang
> > > > Cc: Michael D Kinney
> > > > Cc: Liming Gao
> > > > Signed-off-by: Sheng Wei
> > > > ---
> > > > MdePkg/Include/Guid/ImageAuthentication.h | 26
> > > > +++
> > > > MdePkg/MdePkg.dec | 2 ++
> > > > 2 files changed, 28 insertions(+)
> > > >
> > > > diff --git a/MdePkg/Include/Guid/ImageAuthentication.h
> > > > b/MdePkg/Include/Guid/ImageAuthentication.h
> > > > index fe83596571..c8ea2c14fb 100644
> > > > --- a/MdePkg/Include/Guid/ImageAuthentication.h
> > > > +++ b/MdePkg/Include/Guid/ImageAuthentication.h
> > > > @@ -144,6 +144,30 @@ typedef struct {
> > > > 0x3c5766e8, 0x269c, 0x4e34, {0xaa, 0x14, 0xed, 0x77, 0x6e,
0x85,
> 0xb3,
> > > > 0xb6} \ } +///+/// This identifies a signature containing an
RSA-3072
> key.
> > > The
> > > > key (only the modulus+/// since the public key exponent is known to
> > > > be
> > > > 0x10001) shall be stored in big-endian+/// order.+/// The
> > > > SignatureHeader size shall always be 0. The SignatureSize shall
> > > > always be 16 (size+/// of SignatureOwner component) + 384
> > bytes.+///+#define
> > > > EFI_CERT_RSA3072_GUID \+ { \+0xedd320c2, 0xb057, 0x4b8e,
> {0xad,
> > > 0x46,
> > > > 0x2c, 0x9b, 0x85, 0x89, 0xee, 0x92 } \+ }++///+/// This identifies
> > > > a signature containing an RSA-4096 key. The key (only the
> > > > modulus+/// since the public key exponent is known to be 0x10001)
> > > > shall be stored in big-endian+/// order.+/// The SignatureHeader
> > > > size shall always be 0. The SignatureSize shall always be 16
> > > > (size+/// of SignatureOwner
> > > component) + 512
> > > > bytes.+///+#define EFI_CERT_RSA4096_GUID \+ { \+
> 0xb23e89a6,
> > 0x8c8b,
> > > > 0x4412, {0x85, 0x73, 0x15, 0x4e, 0x8d, 0x00, 0x98, 0x2c } \+ }+ ///
> > > > /// This identifies a signature containing a RSA-2048 signature of a
> > > > SHA-256 hash. The /// Sig
Re: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for CERT_RSA3072 and CERT_RSA4096
Hi Gao, Liming,
For this patch group, we have got review-by from Yao, Jiewen on patch
2/3(CryptoPkg) and patch 3/3(SecurityPkg).
Do you any comments on the patch 1/3 (MdePkg) ?
Patch 1/3 is only to add 2 new GUIDs.
Could you help to merge it ?
Thank you.
BR
Sheng Wei
> -Original Message-
> From: Sheng, W
> Sent: 2023年7月31日 10:02
> To: 'devel@edk2.groups.io' ; Gao, Liming
>
> Cc: Yao, Jiewen ; Wang, Jian J
> ; Xu, Min M ; Chen, Zeyi
> ; Wang, Fiona ; Lu, Xiaoyu1
> ; Jiang, Guomin ; Kinney,
> Michael D
> Subject: RE: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for
> CERT_RSA3072 and CERT_RSA4096
>
> Hi Gao, Liming,
> Could you help to review and merge this patch to MdePkg?
> This patch is only to add 2 new GUIDs.
> These 2 GUIDs will be used for adding RSA3072/RSA4096 cert support for
> secure boot feature.
> Thank you.
> BR
> Sheng Wei
>
> > > -Original Message-
> > > From: devel@edk2.groups.io On Behalf Of
> Sheng
> > > Wei
> > > Sent: 2023年7月27日 14:35
> > > To: devel@edk2.groups.io
> > > Cc: Yao, Jiewen ; Wang, Jian J
> > > ; Xu, Min M ; Chen, Zeyi
> > > ; Wang, Fiona ; Lu,
> > > Xiaoyu1 ; Jiang, Guomin
> > > ; Kinney, Michael D
> > > ; Gao, Liming
> > > Subject: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for
> > > CERT_RSA3072 and CERT_RSA4096
> > >
> > > Add gEfiCertRsa3072Guid and gEfiCertRsa4096Guid
> > >
> > > Cc: Jiewen Yao
> > > Cc: Jian J Wang
> > > Cc: Min Xu
> > > Cc: Zeyi Chen
> > > Cc: Fiona Wang
> > > Cc: Xiaoyu Lu
> > > Cc: Guomin Jiang
> > > Cc: Michael D Kinney
> > > Cc: Liming Gao
> > > Signed-off-by: Sheng Wei
> > > ---
> > > MdePkg/Include/Guid/ImageAuthentication.h | 26
> > > +++
> > > MdePkg/MdePkg.dec | 2 ++
> > > 2 files changed, 28 insertions(+)
> > >
> > > diff --git a/MdePkg/Include/Guid/ImageAuthentication.h
> > > b/MdePkg/Include/Guid/ImageAuthentication.h
> > > index fe83596571..c8ea2c14fb 100644
> > > --- a/MdePkg/Include/Guid/ImageAuthentication.h
> > > +++ b/MdePkg/Include/Guid/ImageAuthentication.h
> > > @@ -144,6 +144,30 @@ typedef struct {
> > > 0x3c5766e8, 0x269c, 0x4e34, {0xaa, 0x14, 0xed, 0x77, 0x6e, 0x85,
> > > 0xb3,
> > > 0xb6} \ } +///+/// This identifies a signature containing an RSA-3072
> > > key.
> > The
> > > key (only the modulus+/// since the public key exponent is known to
> > > be
> > > 0x10001) shall be stored in big-endian+/// order.+/// The
> > > SignatureHeader size shall always be 0. The SignatureSize shall
> > > always be 16 (size+/// of SignatureOwner component) + 384
> bytes.+///+#define
> > > EFI_CERT_RSA3072_GUID \+ { \+0xedd320c2, 0xb057, 0x4b8e, {0xad,
> > 0x46,
> > > 0x2c, 0x9b, 0x85, 0x89, 0xee, 0x92 } \+ }++///+/// This identifies
> > > a signature containing an RSA-4096 key. The key (only the
> > > modulus+/// since the public key exponent is known to be 0x10001)
> > > shall be stored in big-endian+/// order.+/// The SignatureHeader
> > > size shall always be 0. The SignatureSize shall always be 16
> > > (size+/// of SignatureOwner
> > component) + 512
> > > bytes.+///+#define EFI_CERT_RSA4096_GUID \+ { \+0xb23e89a6,
> 0x8c8b,
> > > 0x4412, {0x85, 0x73, 0x15, 0x4e, 0x8d, 0x00, 0x98, 0x2c } \+ }+ ///
> > > /// This identifies a signature containing a RSA-2048 signature of a
> > > SHA-256 hash. The /// SignatureHeader size shall always be 0. The
> > > SignatureSize shall always be
> > > 16 (size of@@ -330,6 +354,8 @@ typedef struct { extern EFI_GUID
> > > gEfiImageSecurityDatabaseGuid; extern EFI_GUID gEfiCertSha256Guid;
> > > extern EFI_GUID gEfiCertRsa2048Guid;+extern EFI_GUID
> > > gEfiCertRsa3072Guid;+extern EFI_GUID gEfiCertRsa4096Guid; extern
> > > EFI_GUID gEfiCertRsa2048Sha256Guid; extern EFI_GUID
> > > gEfiCertSha1Guid; extern EFI_GUID gEfiCertRsa2048Sha1Guid;diff
> > > --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index
> > > b85614992b..24e4779d33 100644
> > > --- a/MdePkg/MdePkg.dec
> > > +++ b/MdePkg/MdePkg.dec
> > > @@ -581,6 +581,8 @@
> > >gEfiImageSecurityDatabaseGuid = { 0xd719b2cb, 0x3d3a, 0x4596, {0xa3,
> > > 0xbc, 0xda, 0xd0, 0xe, 0x67, 0x65, 0x6f }} gEfiCertSha256Guid
> > >=
> > > { 0xc1c41626, 0x504c, 0x4092, {0xac, 0
回复: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for CERT_RSA3072 and CERT_RSA4096
Wei:
I don't see these two new GUID are in the public UEFI spec. Are they
published now?
Thanks
Liming
> -邮件原件-
> 发件人: Sheng, W
> 发送时间: 2023年7月31日 10:02
> 收件人: devel@edk2.groups.io; Gao, Liming
> 抄送: Yao, Jiewen ; Wang, Jian J
> ; Xu, Min M ; Chen, Zeyi
> ; Wang, Fiona ; Lu, Xiaoyu1
> ; Jiang, Guomin ; Kinney,
> Michael D
> 主题: RE: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for
> CERT_RSA3072 and CERT_RSA4096
>
> Hi Gao, Liming,
> Could you help to review and merge this patch to MdePkg?
> This patch is only to add 2 new GUIDs.
> These 2 GUIDs will be used for adding RSA3072/RSA4096 cert support for
> secure boot feature.
> Thank you.
> BR
> Sheng Wei
>
> > > -Original Message-
> > > From: devel@edk2.groups.io On Behalf Of Sheng
> > > Wei
> > > Sent: 2023年7月27日 14:35
> > > To: devel@edk2.groups.io
> > > Cc: Yao, Jiewen ; Wang, Jian J
> > > ; Xu, Min M ; Chen, Zeyi
> > > ; Wang, Fiona ; Lu,
> Xiaoyu1
> > > ; Jiang, Guomin ;
> > > Kinney, Michael D ; Gao, Liming
> > >
> > > Subject: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for
> > > CERT_RSA3072 and CERT_RSA4096
> > >
> > > Add gEfiCertRsa3072Guid and gEfiCertRsa4096Guid
> > >
> > > Cc: Jiewen Yao
> > > Cc: Jian J Wang
> > > Cc: Min Xu
> > > Cc: Zeyi Chen
> > > Cc: Fiona Wang
> > > Cc: Xiaoyu Lu
> > > Cc: Guomin Jiang
> > > Cc: Michael D Kinney
> > > Cc: Liming Gao
> > > Signed-off-by: Sheng Wei
> > > ---
> > > MdePkg/Include/Guid/ImageAuthentication.h | 26
> > > +++
> > > MdePkg/MdePkg.dec | 2 ++
> > > 2 files changed, 28 insertions(+)
> > >
> > > diff --git a/MdePkg/Include/Guid/ImageAuthentication.h
> > > b/MdePkg/Include/Guid/ImageAuthentication.h
> > > index fe83596571..c8ea2c14fb 100644
> > > --- a/MdePkg/Include/Guid/ImageAuthentication.h
> > > +++ b/MdePkg/Include/Guid/ImageAuthentication.h
> > > @@ -144,6 +144,30 @@ typedef struct {
> > > 0x3c5766e8, 0x269c, 0x4e34, {0xaa, 0x14, 0xed, 0x77, 0x6e, 0x85,
> 0xb3,
> > > 0xb6} \ } +///+/// This identifies a signature containing an
RSA-3072
> key.
> > The
> > > key (only the modulus+/// since the public key exponent is known to be
> > > 0x10001) shall be stored in big-endian+/// order.+/// The
> > > SignatureHeader size shall always be 0. The SignatureSize shall always
> > > be 16 (size+/// of SignatureOwner component) + 384 bytes.+///+#define
> > > EFI_CERT_RSA3072_GUID \+ { \+0xedd320c2, 0xb057, 0x4b8e,
> {0xad,
> > 0x46,
> > > 0x2c, 0x9b, 0x85, 0x89, 0xee, 0x92 } \+ }++///+/// This identifies a
> > > signature containing an RSA-4096 key. The key (only the modulus+///
> > > since the public key exponent is known to be 0x10001) shall be stored
> > > in big-endian+/// order.+/// The SignatureHeader size shall always be
> > > 0. The SignatureSize shall always be 16 (size+/// of SignatureOwner
> > component) + 512
> > > bytes.+///+#define EFI_CERT_RSA4096_GUID \+ { \+0xb23e89a6,
> 0x8c8b,
> > > 0x4412, {0x85, 0x73, 0x15, 0x4e, 0x8d, 0x00, 0x98, 0x2c } \+ }+ ///
> > > /// This identifies a signature containing a RSA-2048 signature of a
> > > SHA-256 hash. The /// SignatureHeader size shall always be 0. The
> > > SignatureSize shall always be
> > > 16 (size of@@ -330,6 +354,8 @@ typedef struct { extern EFI_GUID
> > > gEfiImageSecurityDatabaseGuid; extern EFI_GUID gEfiCertSha256Guid;
> > > extern EFI_GUID gEfiCertRsa2048Guid;+extern EFI_GUID
> > > gEfiCertRsa3072Guid;+extern EFI_GUID gEfiCertRsa4096Guid; extern
> > > EFI_GUID gEfiCertRsa2048Sha256Guid; extern EFI_GUID
> gEfiCertSha1Guid;
> > > extern EFI_GUID gEfiCertRsa2048Sha1Guid;diff --git
> > > a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index
> > > b85614992b..24e4779d33 100644
> > > --- a/MdePkg/MdePkg.dec
> > > +++ b/MdePkg/MdePkg.dec
> > > @@ -581,6 +581,8 @@
> > >gEfiImageSecurityDatabaseGuid = { 0xd719b2cb, 0x3d3a, 0x4596,
> {0xa3,
> > > 0xbc, 0xda, 0xd0, 0xe, 0x67, 0x65, 0x6f }} gEfiCertSha256Guid
> =
> > > { 0xc1c41626, 0x504c, 0x4092, {0xac, 0xa9, 0x41, 0xf9, 0x36, 0x93,
0x43,
> > 0x28 }}
> > > gEfiCertRsa2048Guid= { 0x3c5766e8, 0x269c, 0x4e34,
> {0xaa, 0x14,
> > 0xed,
> > > 0x77, 0x6e, 0x85, 0xb3, 0xb6 }}+ gEfiCertRsa3072Guid=
> { 0xedd320c
Re: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for CERT_RSA3072 and CERT_RSA4096
Hi Gao, Liming,
Could you help to review and merge this patch to MdePkg?
This patch is only to add 2 new GUIDs.
These 2 GUIDs will be used for adding RSA3072/RSA4096 cert support for secure
boot feature.
Thank you.
BR
Sheng Wei
> > -Original Message-
> > From: devel@edk2.groups.io On Behalf Of Sheng
> > Wei
> > Sent: 2023年7月27日 14:35
> > To: devel@edk2.groups.io
> > Cc: Yao, Jiewen ; Wang, Jian J
> > ; Xu, Min M ; Chen, Zeyi
> > ; Wang, Fiona ; Lu, Xiaoyu1
> > ; Jiang, Guomin ;
> > Kinney, Michael D ; Gao, Liming
> >
> > Subject: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for
> > CERT_RSA3072 and CERT_RSA4096
> >
> > Add gEfiCertRsa3072Guid and gEfiCertRsa4096Guid
> >
> > Cc: Jiewen Yao
> > Cc: Jian J Wang
> > Cc: Min Xu
> > Cc: Zeyi Chen
> > Cc: Fiona Wang
> > Cc: Xiaoyu Lu
> > Cc: Guomin Jiang
> > Cc: Michael D Kinney
> > Cc: Liming Gao
> > Signed-off-by: Sheng Wei
> > ---
> > MdePkg/Include/Guid/ImageAuthentication.h | 26
> > +++
> > MdePkg/MdePkg.dec | 2 ++
> > 2 files changed, 28 insertions(+)
> >
> > diff --git a/MdePkg/Include/Guid/ImageAuthentication.h
> > b/MdePkg/Include/Guid/ImageAuthentication.h
> > index fe83596571..c8ea2c14fb 100644
> > --- a/MdePkg/Include/Guid/ImageAuthentication.h
> > +++ b/MdePkg/Include/Guid/ImageAuthentication.h
> > @@ -144,6 +144,30 @@ typedef struct {
> > 0x3c5766e8, 0x269c, 0x4e34, {0xaa, 0x14, 0xed, 0x77, 0x6e, 0x85, 0xb3,
> > 0xb6} \ } +///+/// This identifies a signature containing an RSA-3072 key.
> The
> > key (only the modulus+/// since the public key exponent is known to be
> > 0x10001) shall be stored in big-endian+/// order.+/// The
> > SignatureHeader size shall always be 0. The SignatureSize shall always
> > be 16 (size+/// of SignatureOwner component) + 384 bytes.+///+#define
> > EFI_CERT_RSA3072_GUID \+ { \+0xedd320c2, 0xb057, 0x4b8e, {0xad,
> 0x46,
> > 0x2c, 0x9b, 0x85, 0x89, 0xee, 0x92 } \+ }++///+/// This identifies a
> > signature containing an RSA-4096 key. The key (only the modulus+///
> > since the public key exponent is known to be 0x10001) shall be stored
> > in big-endian+/// order.+/// The SignatureHeader size shall always be
> > 0. The SignatureSize shall always be 16 (size+/// of SignatureOwner
> component) + 512
> > bytes.+///+#define EFI_CERT_RSA4096_GUID \+ { \+0xb23e89a6, 0x8c8b,
> > 0x4412, {0x85, 0x73, 0x15, 0x4e, 0x8d, 0x00, 0x98, 0x2c } \+ }+ ///
> > /// This identifies a signature containing a RSA-2048 signature of a
> > SHA-256 hash. The /// SignatureHeader size shall always be 0. The
> > SignatureSize shall always be
> > 16 (size of@@ -330,6 +354,8 @@ typedef struct { extern EFI_GUID
> > gEfiImageSecurityDatabaseGuid; extern EFI_GUID gEfiCertSha256Guid;
> > extern EFI_GUID gEfiCertRsa2048Guid;+extern EFI_GUID
> > gEfiCertRsa3072Guid;+extern EFI_GUID gEfiCertRsa4096Guid; extern
> > EFI_GUID gEfiCertRsa2048Sha256Guid; extern EFI_GUID gEfiCertSha1Guid;
> > extern EFI_GUID gEfiCertRsa2048Sha1Guid;diff --git
> > a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index
> > b85614992b..24e4779d33 100644
> > --- a/MdePkg/MdePkg.dec
> > +++ b/MdePkg/MdePkg.dec
> > @@ -581,6 +581,8 @@
> >gEfiImageSecurityDatabaseGuid = { 0xd719b2cb, 0x3d3a, 0x4596, {0xa3,
> > 0xbc, 0xda, 0xd0, 0xe, 0x67, 0x65, 0x6f }} gEfiCertSha256Guid
> > =
> > { 0xc1c41626, 0x504c, 0x4092, {0xac, 0xa9, 0x41, 0xf9, 0x36, 0x93, 0x43,
> 0x28 }}
> > gEfiCertRsa2048Guid= { 0x3c5766e8, 0x269c, 0x4e34, {0xaa, 0x14,
> 0xed,
> > 0x77, 0x6e, 0x85, 0xb3, 0xb6 }}+ gEfiCertRsa3072Guid= {
> > 0xedd320c2,
> > 0xb057, 0x4b8e, {0xad, 0x46, 0x2c, 0x9b, 0x85, 0x89, 0xee, 0x92 }}+
> > gEfiCertRsa4096Guid= { 0xb23e89a6, 0x8c8b, 0x4412, {0x85, 0x73,
> 0x15,
> > 0x4e, 0x8d, 0x00, 0x98, 0x2c }} gEfiCertRsa2048Sha256Guid =
> { 0xe2b36190,
> > 0x879b, 0x4a3d, {0xad, 0x8d, 0xf2, 0xe7, 0xbb, 0xa3, 0x27, 0x84 }}
> > gEfiCertSha1Guid = { 0x826ca512, 0xcf10, 0x4ac9, {0xb1, 0x87,
> > 0xbe,
> > 0x1, 0x49, 0x66, 0x31, 0xbd }} gEfiCertRsa2048Sha1Guid= {
> > 0x67f8444f,
> > 0x8743, 0x48f1, {0xa3, 0x28, 0x1e, 0xaa, 0xb8, 0x73, 0x60, 0x80 }}--
> > 2.26.2.windows.1
> >
> >
> >
> > -=-=-=-=-=-=
> > Groups.io Links: You receive all messages sent to this group.
> > View/Reply Online (#107294):
> > https://edk2.groups.io/g/devel/message/107294
> > Mute This Topic: htt
Re: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for CERT_RSA3072 and CERT_RSA4096
Hi Michael D,
Could you help to review and merge this patch to MdePkg?
This patch is only to add 2 new GUIDs.
These 2 GUIDs will be used for adding RSA3072/RSA4096 cert support for secure
boot feature.
Thank you.
BR
Sheng Wei
> -Original Message-
> From: devel@edk2.groups.io On Behalf Of Sheng
> Wei
> Sent: 2023年7月27日 14:35
> To: devel@edk2.groups.io
> Cc: Yao, Jiewen ; Wang, Jian J
> ; Xu, Min M ; Chen, Zeyi
> ; Wang, Fiona ; Lu, Xiaoyu1
> ; Jiang, Guomin ; Kinney,
> Michael D ; Gao, Liming
>
> Subject: [edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for
> CERT_RSA3072 and CERT_RSA4096
>
> Add gEfiCertRsa3072Guid and gEfiCertRsa4096Guid
>
> Cc: Jiewen Yao
> Cc: Jian J Wang
> Cc: Min Xu
> Cc: Zeyi Chen
> Cc: Fiona Wang
> Cc: Xiaoyu Lu
> Cc: Guomin Jiang
> Cc: Michael D Kinney
> Cc: Liming Gao
> Signed-off-by: Sheng Wei
> ---
> MdePkg/Include/Guid/ImageAuthentication.h | 26
> +++
> MdePkg/MdePkg.dec | 2 ++
> 2 files changed, 28 insertions(+)
>
> diff --git a/MdePkg/Include/Guid/ImageAuthentication.h
> b/MdePkg/Include/Guid/ImageAuthentication.h
> index fe83596571..c8ea2c14fb 100644
> --- a/MdePkg/Include/Guid/ImageAuthentication.h
> +++ b/MdePkg/Include/Guid/ImageAuthentication.h
> @@ -144,6 +144,30 @@ typedef struct {
> 0x3c5766e8, 0x269c, 0x4e34, {0xaa, 0x14, 0xed, 0x77, 0x6e, 0x85, 0xb3,
> 0xb6} \ } +///+/// This identifies a signature containing an RSA-3072 key.
> The
> key (only the modulus+/// since the public key exponent is known to be
> 0x10001) shall be stored in big-endian+/// order.+/// The SignatureHeader
> size shall always be 0. The SignatureSize shall always be 16 (size+/// of
> SignatureOwner component) + 384 bytes.+///+#define
> EFI_CERT_RSA3072_GUID \+ { \+0xedd320c2, 0xb057, 0x4b8e, {0xad, 0x46,
> 0x2c, 0x9b, 0x85, 0x89, 0xee, 0x92 } \+ }++///+/// This identifies a
> signature
> containing an RSA-4096 key. The key (only the modulus+/// since the public
> key exponent is known to be 0x10001) shall be stored in big-endian+///
> order.+/// The SignatureHeader size shall always be 0. The SignatureSize shall
> always be 16 (size+/// of SignatureOwner component) + 512
> bytes.+///+#define EFI_CERT_RSA4096_GUID \+ { \+0xb23e89a6, 0x8c8b,
> 0x4412, {0x85, 0x73, 0x15, 0x4e, 0x8d, 0x00, 0x98, 0x2c } \+ }+ /// /// This
> identifies a signature containing a RSA-2048 signature of a SHA-256 hash. The
> /// SignatureHeader size shall always be 0. The SignatureSize shall always be
> 16 (size of@@ -330,6 +354,8 @@ typedef struct {
> extern EFI_GUID gEfiImageSecurityDatabaseGuid; extern EFI_GUID
> gEfiCertSha256Guid; extern EFI_GUID gEfiCertRsa2048Guid;+extern
> EFI_GUID gEfiCertRsa3072Guid;+extern EFI_GUID gEfiCertRsa4096Guid;
> extern EFI_GUID gEfiCertRsa2048Sha256Guid; extern EFI_GUID
> gEfiCertSha1Guid; extern EFI_GUID gEfiCertRsa2048Sha1Guid;diff --git
> a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index
> b85614992b..24e4779d33 100644
> --- a/MdePkg/MdePkg.dec
> +++ b/MdePkg/MdePkg.dec
> @@ -581,6 +581,8 @@
>gEfiImageSecurityDatabaseGuid = { 0xd719b2cb, 0x3d3a, 0x4596, {0xa3,
> 0xbc, 0xda, 0xd0, 0xe, 0x67, 0x65, 0x6f }} gEfiCertSha256Guid =
> { 0xc1c41626, 0x504c, 0x4092, {0xac, 0xa9, 0x41, 0xf9, 0x36, 0x93, 0x43, 0x28
> }}
> gEfiCertRsa2048Guid= { 0x3c5766e8, 0x269c, 0x4e34, {0xaa, 0x14,
> 0xed,
> 0x77, 0x6e, 0x85, 0xb3, 0xb6 }}+ gEfiCertRsa3072Guid= {
> 0xedd320c2,
> 0xb057, 0x4b8e, {0xad, 0x46, 0x2c, 0x9b, 0x85, 0x89, 0xee, 0x92 }}+
> gEfiCertRsa4096Guid= { 0xb23e89a6, 0x8c8b, 0x4412, {0x85, 0x73,
> 0x15,
> 0x4e, 0x8d, 0x00, 0x98, 0x2c }} gEfiCertRsa2048Sha256Guid = {
> 0xe2b36190,
> 0x879b, 0x4a3d, {0xad, 0x8d, 0xf2, 0xe7, 0xbb, 0xa3, 0x27, 0x84 }}
> gEfiCertSha1Guid = { 0x826ca512, 0xcf10, 0x4ac9, {0xb1, 0x87,
> 0xbe,
> 0x1, 0x49, 0x66, 0x31, 0xbd }} gEfiCertRsa2048Sha1Guid= {
> 0x67f8444f,
> 0x8743, 0x48f1, {0xa3, 0x28, 0x1e, 0xaa, 0xb8, 0x73, 0x60, 0x80 }}--
> 2.26.2.windows.1
>
>
>
> -=-=-=-=-=-=
> Groups.io Links: You receive all messages sent to this group.
> View/Reply Online (#107294):
> https://edk2.groups.io/g/devel/message/107294
> Mute This Topic: https://groups.io/mt/100385942/2558558
> Group Owner: devel+ow...@edk2.groups.io
> Unsubscribe: https://edk2.groups.io/g/devel/unsub [w.sh...@intel.com] -
> =-=-=-=-=-=
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107313): https://edk2.groups.io/g/devel/message/107313
Mute This Topic: https://groups.io/mt/100405114/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH V5 1/3] MdePkg/Include: Add GUID for CERT_RSA3072 and CERT_RSA4096
Add gEfiCertRsa3072Guid and gEfiCertRsa4096Guid
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Min Xu
Cc: Zeyi Chen
Cc: Fiona Wang
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Cc: Michael D Kinney
Cc: Liming Gao
Signed-off-by: Sheng Wei
---
MdePkg/Include/Guid/ImageAuthentication.h | 26 +++
MdePkg/MdePkg.dec | 2 ++
2 files changed, 28 insertions(+)
diff --git a/MdePkg/Include/Guid/ImageAuthentication.h
b/MdePkg/Include/Guid/ImageAuthentication.h
index fe83596571..c8ea2c14fb 100644
--- a/MdePkg/Include/Guid/ImageAuthentication.h
+++ b/MdePkg/Include/Guid/ImageAuthentication.h
@@ -144,6 +144,30 @@ typedef struct {
0x3c5766e8, 0x269c, 0x4e34, {0xaa, 0x14, 0xed, 0x77, 0x6e, 0x85, 0xb3,
0xb6} \
}
+///
+/// This identifies a signature containing an RSA-3072 key. The key (only the
modulus
+/// since the public key exponent is known to be 0x10001) shall be stored in
big-endian
+/// order.
+/// The SignatureHeader size shall always be 0. The SignatureSize shall always
be 16 (size
+/// of SignatureOwner component) + 384 bytes.
+///
+#define EFI_CERT_RSA3072_GUID \
+ { \
+0xedd320c2, 0xb057, 0x4b8e, {0xad, 0x46, 0x2c, 0x9b, 0x85, 0x89, 0xee,
0x92 } \
+ }
+
+///
+/// This identifies a signature containing an RSA-4096 key. The key (only the
modulus
+/// since the public key exponent is known to be 0x10001) shall be stored in
big-endian
+/// order.
+/// The SignatureHeader size shall always be 0. The SignatureSize shall always
be 16 (size
+/// of SignatureOwner component) + 512 bytes.
+///
+#define EFI_CERT_RSA4096_GUID \
+ { \
+0xb23e89a6, 0x8c8b, 0x4412, {0x85, 0x73, 0x15, 0x4e, 0x8d, 0x00, 0x98,
0x2c } \
+ }
+
///
/// This identifies a signature containing a RSA-2048 signature of a SHA-256
hash. The
/// SignatureHeader size shall always be 0. The SignatureSize shall always be
16 (size of
@@ -330,6 +354,8 @@ typedef struct {
extern EFI_GUID gEfiImageSecurityDatabaseGuid;
extern EFI_GUID gEfiCertSha256Guid;
extern EFI_GUID gEfiCertRsa2048Guid;
+extern EFI_GUID gEfiCertRsa3072Guid;
+extern EFI_GUID gEfiCertRsa4096Guid;
extern EFI_GUID gEfiCertRsa2048Sha256Guid;
extern EFI_GUID gEfiCertSha1Guid;
extern EFI_GUID gEfiCertRsa2048Sha1Guid;
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index b85614992b..24e4779d33 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -581,6 +581,8 @@
gEfiImageSecurityDatabaseGuid = { 0xd719b2cb, 0x3d3a, 0x4596, {0xa3, 0xbc,
0xda, 0xd0, 0xe, 0x67, 0x65, 0x6f }}
gEfiCertSha256Guid = { 0xc1c41626, 0x504c, 0x4092, {0xac, 0xa9,
0x41, 0xf9, 0x36, 0x93, 0x43, 0x28 }}
gEfiCertRsa2048Guid= { 0x3c5766e8, 0x269c, 0x4e34, {0xaa, 0x14,
0xed, 0x77, 0x6e, 0x85, 0xb3, 0xb6 }}
+ gEfiCertRsa3072Guid= { 0xedd320c2, 0xb057, 0x4b8e, {0xad, 0x46,
0x2c, 0x9b, 0x85, 0x89, 0xee, 0x92 }}
+ gEfiCertRsa4096Guid= { 0xb23e89a6, 0x8c8b, 0x4412, {0x85, 0x73,
0x15, 0x4e, 0x8d, 0x00, 0x98, 0x2c }}
gEfiCertRsa2048Sha256Guid = { 0xe2b36190, 0x879b, 0x4a3d, {0xad, 0x8d,
0xf2, 0xe7, 0xbb, 0xa3, 0x27, 0x84 }}
gEfiCertSha1Guid = { 0x826ca512, 0xcf10, 0x4ac9, {0xb1, 0x87,
0xbe, 0x1, 0x49, 0x66, 0x31, 0xbd }}
gEfiCertRsa2048Sha1Guid= { 0x67f8444f, 0x8743, 0x48f1, {0xa3, 0x28,
0x1e, 0xaa, 0xb8, 0x73, 0x60, 0x80 }}
--
2.26.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107294): https://edk2.groups.io/g/devel/message/107294
Mute This Topic: https://groups.io/mt/100385942/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
