git.librecmc.org Git - oweals/u-boot.git/commit

author	AKASHI Takahiro <takahiro.akashi@linaro.org>
	Tue, 14 Apr 2020 02:51:44 +0000 (11:51 +0900)
committer	Heinrich Schuchardt <xypron.glpk@gmx.de>
	Thu, 16 Apr 2020 06:12:46 +0000 (08:12 +0200)
commit	4540dabdcacaea50bf874115f28adc103966d25a
tree	e597a3d1c790760d4d5893da98c39b6fe2e494b7	tree \| snapshot
parent	8353516f4a7e31ee655050033b65218c9733c65a	commit \| diff

efi_loader: image_loader: support image authentication

With this commit, image validation can be enforced, as UEFI specification
section 32.5 describes, if CONFIG_EFI_SECURE_BOOT is enabled.

Currently we support
* authentication based on db and dbx,
  so dbx-validated image will always be rejected.
* following signature types:
    EFI_CERT_SHA256_GUID (SHA256 digest for unsigned images)
    EFI_CERT_X509_GUID (x509 certificate for signed images)
Timestamp-based certificate revocation is not supported here.

Internally, authentication data is stored in one of certificates tables
of PE image (See efi_image_parse()) and will be verified by
efi_image_authenticate() before loading a given image.

It seems that UEFI specification defines the verification process
in a bit ambiguous way. I tried to implement it as closely to as
EDK2 does.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>

include/efi_loader.h		diff \| blob \| history
lib/efi_loader/efi_boottime.c		diff \| blob \| history
lib/efi_loader/efi_image_loader.c		diff \| blob \| history