#include <Uefi/UefiBaseType.h>
#include <Base.h>

Functions
EFI_STATUS EFIAPI	VerifyBlob (IN CONST CHAR16 BlobName, IN CONST VOID Buf, IN UINT32 BufSize, IN EFI_STATUS FetchStatus)

Detailed Description

Blob verification library

This library class allows verifiying whether blobs from external sources (such as QEMU's firmware config) are trusted.

SPDX-License-Identifier: BSD-2-Clause-Patent

Definition in file BlobVerifierLib.h.

Function Documentation

EFI_STATUS EFIAPI VerifyBlob	(	IN CONST CHAR16 *	BlobName,
		IN CONST VOID *	Buf,
		IN UINT32	BufSize,
		IN EFI_STATUS	FetchStatus
	)

Verify blob from an external source.

Parameters

[in]	BlobName	The name of the blob
[in]	Buf	The data of the blob
[in]	BufSize	The size of the blob in bytes
[in]	FetchStatus	The status of fetching this blob

Return values

EFI_SUCCESS	The blob was verified successfully or was not found in the hash table.
EFI_ACCESS_DENIED	Kernel hashes not supported but the boot can continue safely.

Verify blob from an external source.

If a non-secure configuration is detected this function will enter a dead loop to prevent a boot.

Parameters

[in]	BlobName	The name of the blob
[in]	Buf	The data of the blob
[in]	BufSize	The size of the blob in bytes
[in]	FetchStatus	The status of the previous blob fetch

Return values

EFI_SUCCESS	The blob was verified successfully or was not found in the hash table.
EFI_ACCESS_DENIED	Kernel hashes not supported, but the boot can continue safely.

Verify blob from an external source.

Parameters

[in]	BlobName	The name of the blob
[in]	Buf	The data of the blob
[in]	BufSize	The size of the blob in bytes
[in]	FetchStatus	The status of the fetch of this blob

Return values

EFI_SUCCESS	The blob was verified successfully or was not found in the hash table.
EFI_ACCESS_DENIED	Kernel hashes not supported but the boot can continue safely.

Definition at line 95 of file BlobVerifierSevHashes.c.