[efi] Add TLS authentication header and GUID definitions

Add the TlsAuthentication.h header from EDK2's NetworkPkg, along with
a GUID definition for EFI_TLS_CA_CERTIFICATE_GUID.

It is unclear whether or not the TlsCaCertificate variable is intended
to be a UEFI standard.  Its presence in NetworkPkg (rather than
MdePkg) suggests not, but the choice of EFI_TLS_CA_CERTIFICATE_GUID
(rather than e.g. EDKII_TLS_CA_CERTIFICATE_GUID) suggests that it is
intended to be included in future versions of the standard.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

src/include/ipxe/efi/Guid/TlsAuthentication.h

@@ -0,0 +1,25 @@
+/** @file
+  This file defines TlsCaCertificate variable.
+
+Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef __TLS_AUTHENTICATION_H__
+#define __TLS_AUTHENTICATION_H__
+
+FILE_LICENCE ( BSD2_PATENT );
+
+// Private variable for CA Certificate configuration
+//
+#define EFI_TLS_CA_CERTIFICATE_GUID \
+  { \
+    0xfd2340D0, 0x3dab, 0x4349, { 0xa6, 0xc7, 0x3b, 0x4f, 0x12, 0xb4, 0x8e, 0xae } \
+  }
+
+#define EFI_TLS_CA_CERTIFICATE_VARIABLE  L"TlsCaCertificate"
+
+extern EFI_GUID  gEfiTlsCaCertificateGuid;
+
+#endif

src/include/ipxe/efi/efi.h

@@ -249,6 +249,7 @@ extern EFI_GUID efi_cert_x509_guid;
 extern EFI_GUID efi_file_info_id;
 extern EFI_GUID efi_file_system_info_id;
 extern EFI_GUID efi_global_variable;
+extern EFI_GUID efi_tls_ca_certificate_guid;
 
 extern EFI_HANDLE efi_image_handle;
 extern EFI_LOADED_IMAGE_PROTOCOL *efi_loaded_image;

src/include/ipxe/efi/import.pl

@@ -118,7 +118,8 @@ pod2usage ( 1 ) unless @ARGV == 1;
 my $edktop = shift;
 
 # Identify edk import directories
-my $edkdirs = [ "MdePkg/Include", "MdeModulePkg/Include" ];
+my $edkdirs = [ "MdePkg/Include", "MdeModulePkg/Include",
+		"NetworkPkg/Include" ];
 foreach my $edkdir ( @$edkdirs ) {
   die "Directory \"$edktop\" does not appear to contain the EFI EDK2 "
       ."(missing \"$edkdir\")\n" unless -d catdir ( $edktop, $edkdir );

src/interface/efi/efi_guid.c

@@ -87,6 +87,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <ipxe/efi/Guid/FileSystemInfo.h>
 #include <ipxe/efi/Guid/GlobalVariable.h>
 #include <ipxe/efi/Guid/ImageAuthentication.h>
+#include <ipxe/efi/Guid/TlsAuthentication.h>
 
 /** @file
  *
@@ -407,6 +408,9 @@ EFI_GUID efi_file_system_info_id = EFI_FILE_SYSTEM_INFO_ID;
 /** Global variable GUID */
 EFI_GUID efi_global_variable = EFI_GLOBAL_VARIABLE;
 
+/** TLS CA certificate variable GUID */
+EFI_GUID efi_tls_ca_certificate_guid = EFI_TLS_CA_CERTIFICATE_GUID;
+
 /** HttpBootDxe module GUID */
 static EFI_GUID efi_http_boot_dxe_guid = {
 	0xecebcb00, 0xd9c8, 0x11e4,
@@ -583,6 +587,8 @@ static struct efi_well_known_guid efi_well_known_guids[] = {
 	  "Tcp6" },
 	{ &efi_tcp6_service_binding_protocol_guid,
 	  "Tcp6Sb" },
+	{ &efi_tls_ca_certificate_guid,
+	  "TlsCaCert" },
 	{ &efi_tree_protocol_guid,
 	  "TrEE" },
 	{ &efi_udp4_protocol_guid,