From aa49ce5b1dce3dfbf97bf67ef95524e4710c99f5 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Thu, 13 Mar 2025 13:40:16 +0000 Subject: [efi] Add TLS authentication header and GUID definitions Add the TlsAuthentication.h header from EDK2's NetworkPkg, along with a GUID definition for EFI_TLS_CA_CERTIFICATE_GUID. It is unclear whether or not the TlsCaCertificate variable is intended to be a UEFI standard. Its presence in NetworkPkg (rather than MdePkg) suggests not, but the choice of EFI_TLS_CA_CERTIFICATE_GUID (rather than e.g. EDKII_TLS_CA_CERTIFICATE_GUID) suggests that it is intended to be included in future versions of the standard. Signed-off-by: Michael Brown --- src/include/ipxe/efi/Guid/TlsAuthentication.h | 25 +++++++++++++++++++++++++ src/include/ipxe/efi/efi.h | 1 + src/include/ipxe/efi/import.pl | 3 ++- 3 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 src/include/ipxe/efi/Guid/TlsAuthentication.h (limited to 'src/include') diff --git a/src/include/ipxe/efi/Guid/TlsAuthentication.h b/src/include/ipxe/efi/Guid/TlsAuthentication.h new file mode 100644 index 000000000..f1e1b4f40 --- /dev/null +++ b/src/include/ipxe/efi/Guid/TlsAuthentication.h @@ -0,0 +1,25 @@ +/** @file + This file defines TlsCaCertificate variable. + +Copyright (c) 2016, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __TLS_AUTHENTICATION_H__ +#define __TLS_AUTHENTICATION_H__ + +FILE_LICENCE ( BSD2_PATENT ); + +// Private variable for CA Certificate configuration +// +#define EFI_TLS_CA_CERTIFICATE_GUID \ + { \ + 0xfd2340D0, 0x3dab, 0x4349, { 0xa6, 0xc7, 0x3b, 0x4f, 0x12, 0xb4, 0x8e, 0xae } \ + } + +#define EFI_TLS_CA_CERTIFICATE_VARIABLE L"TlsCaCertificate" + +extern EFI_GUID gEfiTlsCaCertificateGuid; + +#endif diff --git a/src/include/ipxe/efi/efi.h b/src/include/ipxe/efi/efi.h index 862a38e5c..486c6070e 100644 --- a/src/include/ipxe/efi/efi.h +++ b/src/include/ipxe/efi/efi.h @@ -249,6 +249,7 @@ extern EFI_GUID efi_cert_x509_guid; extern EFI_GUID efi_file_info_id; extern EFI_GUID efi_file_system_info_id; extern EFI_GUID efi_global_variable; +extern EFI_GUID efi_tls_ca_certificate_guid; extern EFI_HANDLE efi_image_handle; extern EFI_LOADED_IMAGE_PROTOCOL *efi_loaded_image; diff --git a/src/include/ipxe/efi/import.pl b/src/include/ipxe/efi/import.pl index 0a7669f43..346d45e5f 100755 --- a/src/include/ipxe/efi/import.pl +++ b/src/include/ipxe/efi/import.pl @@ -118,7 +118,8 @@ pod2usage ( 1 ) unless @ARGV == 1; my $edktop = shift; # Identify edk import directories -my $edkdirs = [ "MdePkg/Include", "MdeModulePkg/Include" ]; +my $edkdirs = [ "MdePkg/Include", "MdeModulePkg/Include", + "NetworkPkg/Include" ]; foreach my $edkdir ( @$edkdirs ) { die "Directory \"$edktop\" does not appear to contain the EFI EDK2 " ."(missing \"$edkdir\")\n" unless -d catdir ( $edktop, $edkdir ); -- cgit v1.2.3-55-g7522