## @file # Provides security service of image verification # # This library hooks LoadImage() API to verify every image by the verification policy. # # Caution: This module requires additional review when modified. # This library will have external input - PE/COFF image. # This external input must be validated carefully to avoid security issues such as # buffer overflow or integer overflow. # # Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR> # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at # http://opensource.org/licenses/bsd-license.php # THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, # WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. # ## [Defines] INF_VERSION = 0x00010005 BASE_NAME = DxeImageVerificationLib MODULE_UNI_FILE = DxeImageVerificationLib.uni FILE_GUID = 0CA970E1-43FA-4402-BC0A-81AF336BFFD6 MODULE_TYPE = DXE_DRIVER VERSION_STRING = 1.0 LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER CONSTRUCTOR = DxeImageVerificationLibConstructor # # The following information is for reference only and not required by the build tools. # # VALID_ARCHITECTURES = IA32 X64 IPF EBC # [Sources] DxeImageVerificationLib.c DxeImageVerificationLib.h Measurement.c [Packages] MdePkg/MdePkg.dec MdeModulePkg/MdeModulePkg.dec CryptoPkg/CryptoPkg.dec SecurityPkg/SecurityPkg.dec [LibraryClasses] MemoryAllocationLib BaseLib UefiLib UefiBootServicesTableLib UefiRuntimeServicesTableLib BaseMemoryLib DebugLib DevicePathLib BaseCryptLib SecurityManagementLib PeCoffLib TpmMeasurementLib [Protocols] gEfiFirmwareVolume2ProtocolGuid ## SOMETIMES_CONSUMES gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES gEfiSimpleFileSystemProtocolGuid ## SOMETIMES_CONSUMES [Guids] ## SOMETIMES_CONSUMES ## Variable:L"DB" ## SOMETIMES_CONSUMES ## Variable:L"DBX" ## SOMETIMES_CONSUMES ## Variable:L"DBT" ## PRODUCES ## SystemTable ## CONSUMES ## SystemTable gEfiImageSecurityDatabaseGuid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature. gEfiCertSha1Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature. gEfiCertSha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature. gEfiCertSha384Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature. gEfiCertSha512Guid gEfiCertX509Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. gEfiCertX509Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. gEfiCertX509Sha384Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. gEfiCertX509Sha512Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. gEfiCertPkcs7Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the certificate. [Pcd] gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy ## SOMETIMES_CONSUMES gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy ## SOMETIMES_CONSUMES gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy ## SOMETIMES_CONSUMES