]>
Commit | Line | Data |
---|---|---|
bd86cb02 | 1 | /** @file\r |
fbb393ab | 2 | GUID for UEFI WIN_CERTIFICATE structure.\r |
bd86cb02 | 3 | \r |
73a324f8 | 4 | Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>\r |
fbb393ab LL |
5 | This program and the accompanying materials\r |
6 | are licensed and made available under the terms and conditions of the BSD License\r | |
7 | which accompanies this distribution. The full text of the license may be found at\r | |
8 | http://opensource.org/licenses/bsd-license.php\r | |
bd86cb02 | 9 | \r |
fbb393ab LL |
10 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r |
11 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
bd86cb02 LG |
12 | \r |
13 | @par Revision Reference:\r | |
14 | GUID defined in UEFI 2.0 spec.\r | |
15 | **/\r | |
16 | \r | |
17 | #ifndef __EFI_WIN_CERTIFICATE_H__\r | |
18 | #define __EFI_WIN_CERTIFICATE_H__\r | |
19 | \r | |
20 | //\r | |
21 | // _WIN_CERTIFICATE.wCertificateType\r | |
fbb393ab | 22 | //\r |
bd86cb02 LG |
23 | #define WIN_CERT_TYPE_PKCS_SIGNED_DATA 0x0002\r |
24 | #define WIN_CERT_TYPE_EFI_PKCS115 0x0EF0\r | |
25 | #define WIN_CERT_TYPE_EFI_GUID 0x0EF1\r | |
26 | \r | |
27 | ///\r | |
28 | /// The WIN_CERTIFICATE structure is part of the PE/COFF specification.\r | |
29 | ///\r | |
30 | typedef struct {\r | |
31 | ///\r | |
fbb393ab LL |
32 | /// The length of the entire certificate,\r |
33 | /// including the length of the header, in bytes.\r | |
bd86cb02 LG |
34 | ///\r |
35 | UINT32 dwLength;\r | |
36 | ///\r | |
fbb393ab LL |
37 | /// The revision level of the WIN_CERTIFICATE\r |
38 | /// structure. The current revision level is 0x0200.\r | |
bd86cb02 LG |
39 | ///\r |
40 | UINT16 wRevision;\r | |
41 | ///\r | |
fbb393ab LL |
42 | /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI\r |
43 | /// certificate types. The UEFI specification reserves the range of\r | |
44 | /// certificate type values from 0x0EF0 to 0x0EFF.\r | |
bd86cb02 LG |
45 | ///\r |
46 | UINT16 wCertificateType;\r | |
47 | ///\r | |
fbb393ab | 48 | /// The following is the actual certificate. The format of\r |
bd86cb02 LG |
49 | /// the certificate depends on wCertificateType.\r |
50 | ///\r | |
51 | /// UINT8 bCertificate[ANYSIZE_ARRAY];\r | |
52 | ///\r | |
53 | } WIN_CERTIFICATE;\r | |
54 | \r | |
55 | ///\r | |
56 | /// WIN_CERTIFICATE_UEFI_GUID.CertType\r | |
fbb393ab | 57 | ///\r |
bd86cb02 LG |
58 | #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \\r |
59 | {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }\r | |
60 | \r | |
61 | ///\r | |
62 | /// WIN_CERTIFICATE_UEFI_GUID.CertData\r | |
fbb393ab | 63 | ///\r |
bd86cb02 | 64 | typedef struct {\r |
3f275826 LG |
65 | EFI_GUID HashType;\r |
66 | UINT8 PublicKey[256];\r | |
67 | UINT8 Signature[256];\r | |
bd86cb02 LG |
68 | } EFI_CERT_BLOCK_RSA_2048_SHA256;\r |
69 | \r | |
70 | \r | |
71 | ///\r | |
72 | /// Certificate which encapsulates a GUID-specific digital signature\r | |
73 | ///\r | |
74 | typedef struct {\r | |
75 | ///\r | |
76 | /// This is the standard WIN_CERTIFICATE header, where\r | |
fbb393ab LL |
77 | /// wCertificateType is set to WIN_CERT_TYPE_EFI_GUID.\r |
78 | ///\r | |
bd86cb02 LG |
79 | WIN_CERTIFICATE Hdr;\r |
80 | ///\r | |
fbb393ab | 81 | /// This is the unique id which determines the\r |
bd86cb02 LG |
82 | /// format of the CertData. .\r |
83 | ///\r | |
84 | EFI_GUID CertType;\r | |
fbb393ab | 85 | ///\r |
bd86cb02 | 86 | /// The following is the certificate data. The format of\r |
fbb393ab | 87 | /// the data is determined by the CertType.\r |
bd86cb02 LG |
88 | /// If CertType is EFI_CERT_TYPE_RSA2048_SHA256_GUID,\r |
89 | /// the CertData will be EFI_CERT_BLOCK_RSA_2048_SHA256 structure.\r | |
90 | ///\r | |
91 | UINT8 CertData[1];\r | |
92 | } WIN_CERTIFICATE_UEFI_GUID;\r | |
93 | \r | |
94 | \r | |
fbb393ab | 95 | ///\r |
bd86cb02 | 96 | /// Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.\r |
fbb393ab | 97 | ///\r |
bd86cb02 | 98 | /// The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from\r |
fbb393ab LL |
99 | /// WIN_CERTIFICATE and encapsulate the information needed to\r |
100 | /// implement the RSASSA-PKCS1-v1_5 digital signature algorithm as\r | |
101 | /// specified in RFC2437.\r | |
102 | ///\r | |
103 | typedef struct {\r | |
bd86cb02 | 104 | ///\r |
fbb393ab LL |
105 | /// This is the standard WIN_CERTIFICATE header, where\r |
106 | /// wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS1_15.\r | |
bd86cb02 LG |
107 | ///\r |
108 | WIN_CERTIFICATE Hdr;\r | |
109 | ///\r | |
110 | /// This is the hashing algorithm which was performed on the\r | |
fbb393ab | 111 | /// UEFI executable when creating the digital signature.\r |
bd86cb02 LG |
112 | ///\r |
113 | EFI_GUID HashAlgorithm;\r | |
114 | ///\r | |
fbb393ab LL |
115 | /// The following is the actual digital signature. The\r |
116 | /// size of the signature is the same size as the key\r | |
117 | /// (1024-bit key is 128 bytes) and can be determined by\r | |
bd86cb02 | 118 | /// subtracting the length of the other parts of this header\r |
fbb393ab LL |
119 | /// from the total length of the certificate as found in\r |
120 | /// Hdr.dwLength.\r | |
bd86cb02 LG |
121 | ///\r |
122 | /// UINT8 Signature[];\r | |
123 | ///\r | |
124 | } WIN_CERTIFICATE_EFI_PKCS1_15;\r | |
125 | \r | |
126 | extern EFI_GUID gEfiCertTypeRsa2048Sha256Guid;\r | |
127 | \r | |
128 | #endif\r |