diff --git a/SecurityPkg/Include/Library/RpmcLib.h b/SecurityPkg/Include/Library/RpmcLib.h
new file mode 100644
index 0000000000..5882bfae2f
--- /dev/null
+++ b/SecurityPkg/Include/Library/RpmcLib.h
@@ -0,0 +1,43 @@
+/** @file
+ Public definitions for the Replay Protected Monotonic Counter (RPMC) Library.
+
+Copyright (c) 2020, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef _RPMC_LIB_H_
+#define _RPMC_LIB_H_
+
+#include
+
+/**
+ Requests the monotonic counter from the designated RPMC counter.
+
+ @param[out] CounterValue A pointer to a buffer to store the RPMC value.
+
+ @retval EFI_SUCCESS The operation completed successfully.
+ @retval EFI_DEVICE_ERROR A device error occurred while attempting to update the counter.
+ @retval EFI_UNSUPPORTED The operation is un-supported.
+**/
+EFI_STATUS
+EFIAPI
+RequestMonotonicCounter (
+ OUT UINT32 *CounterValue
+ );
+
+/**
+ Increments the monotonic counter in the SPI flash device by 1.
+
+ @retval EFI_SUCCESS The operation completed successfully.
+ @retval EFI_DEVICE_ERROR A device error occurred while attempting to update the counter.
+ @retval EFI_UNSUPPORTED The operation is un-supported.
+**/
+EFI_STATUS
+EFIAPI
+IncrementMonotonicCounter (
+ VOID
+ );
+
+#endif
+
diff --git a/SecurityPkg/Include/Library/VariableKeyLib.h b/SecurityPkg/Include/Library/VariableKeyLib.h
new file mode 100644
index 0000000000..c805e2de00
--- /dev/null
+++ b/SecurityPkg/Include/Library/VariableKeyLib.h
@@ -0,0 +1,60 @@
+/** @file
+ Public definitions for Variable Key Library.
+
+Copyright (c) 2020, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef _VARIABLE_KEY_LIB_H_
+#define _VARIABLE_KEY_LIB_H_
+
+#include
+
+/**
+ Retrieves the key for integrity and/or confidentiality of variables.
+
+ @param[out] VariableKey A pointer to pointer for the variable key buffer.
+ @param[in,out] VariableKeySize The size in bytes of the variable key.
+
+ @retval EFI_SUCCESS The variable key was returned.
+ @retval EFI_DEVICE_ERROR An error occurred while attempting to get the variable key.
+ @retval EFI_ACCESS_DENIED The function was invoked after locking the key interface.
+ @retval EFI_UNSUPPORTED The variable key is not supported in the current boot configuration.
+**/
+EFI_STATUS
+EFIAPI
+GetVariableKey (
+ OUT VOID **VariableKey,
+ IN OUT UINTN *VariableKeySize
+ );
+
+/**
+ Regenerates the variable key.
+
+ @retval EFI_SUCCESS The variable key was regenerated successfully.
+ @retval EFI_DEVICE_ERROR An error occurred while attempting to regenerate the key.
+ @retval EFI_ACCESS_DENIED The function was invoked after locking the key interface.
+ @retval EFI_UNSUPPORTED Key regeneration is not supported in the current boot configuration.
+**/
+EFI_STATUS
+EFIAPI
+RegenerateVariableKey (
+ VOID
+ );
+
+/**
+ Locks the regenerate key interface.
+
+ @retval EFI_SUCCESS The key interface was locked successfully.
+ @retval EFI_UNSUPPORTED Locking the key interface is not supported in the current boot configuration.
+ @retval Others An error occurred while attempting to lock the key interface.
+**/
+EFI_STATUS
+EFIAPI
+LockVariableKeyInterface (
+ VOID
+ );
+
+#endif
+
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index 5335cc5397..2cdfb02cc5 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -76,6 +76,14 @@
#
TcgStorageOpalLib|Include/Library/TcgStorageOpalLib.h
+ ## @libraryclass Provides interfaces to access RPMC device.
+ #
+ RpmcLib|Include/Library/RpmcLib.h
+
+ ## @libraryclass Provides interfaces to access variable root key.
+ #
+ VariableKeyLib|Include/Library/VariableKeyLib.h
+
[Guids]
## Security package token space guid.
# Include/Guid/SecurityPkgTokenSpace.h