SecurityPkg: Add UEFI-2.5 PKCS7 Verification Protocol Support

This patch adds the support for PKCS7 Verification Protocol which
was defined in UEFI 2.5.
(NOTE: The VerifySignature interface was not supported in this
       version, due to openssl interface limitation)

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17670 6f19259b-4bc3-4df7-8a09-765794883524

SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.inf

@@ -0,0 +1,70 @@
+## @file
+#  Produces the UEFI PKCS7 Verification protocol.
+#
+#  PKCS7 is a general-purpose Cryptographic Message Syntax Standard (defined by
+#  RFC2315, http://tools.ietf.org/html/rfc2315). This module will produce the
+#  UEFI PKCS7 Verification Protocol which is used to verify data signed using PKCS7
+#  structure.
+#
+#  Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+#  This program and the accompanying materials
+#  are licensed and made available under the terms and conditions of the BSD License
+#  which accompanies this distribution. The full text of the license may be found at
+#  http://opensource.org/licenses/bsd-license.php
+#
+#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010005
+  BASE_NAME                      = Pkcs7VerifyDxe
+  FILE_GUID                      = D681A765-6AE9-5E3A-6F3A-770429EDF09
+  MODULE_TYPE                    = DXE_DRIVER
+  VERSION_STRING                 = 1.0
+  ENTRY_POINT                    = Pkcs7VerifyDriverEntry
+  MODULE_UNI_FILE                = Pkcs7VerifyDxe.uni
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = IA32 X64
+#
+
+[Sources.common]
+  Pkcs7VerifyDxe.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  CryptoPkg/CryptoPkg.dec
+  SecurityPkg/SecurityPkg.dec
+
+[LibraryClasses]
+  UefiLib
+  UefiBootServicesTableLib
+  BaseLib
+  BaseMemoryLib
+  MemoryAllocationLib
+  DebugLib
+  UefiDriverEntryPoint
+  BaseCryptLib
+
+[Protocols]
+  gEfiPkcs7VerifyProtocolGuid   ## PRODUCES
+
+[Guids]
+  gEfiCertX509Guid              ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.
+  gEfiCertSha1Guid              ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.
+  gEfiCertSha256Guid            ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.
+  gEfiCertSha384Guid            ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.
+  gEfiCertSha512Guid            ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.
+  gEfiCertX509Sha256Guid        ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.
+  gEfiCertX509Sha384Guid        ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.
+  gEfiCertX509Sha512Guid        ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.
+
+[Depex]
+  TRUE
+
+[UserExtensions.TianoCore."ExtraFiles"]
+  Pkcs7VerifyDxeExtra.uni

SecurityPkg/SecurityPkg.dsc

@@ -229,6 +229,11 @@
   #
   SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf
 
+  #
+  # PKCS7 Verification
+  #
+  SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.inf
+
 [Components.IA32, Components.X64]
   SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf
   SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf