[efi-boot-shim.git] / include / variables.h

#include <efiauthenticated.h>

#include <sha256.h>		/* for SHA256_DIGEST_SIZE */

#define certlist_for_each_certentry(cl, cl_init, s, s_init)		\
	for (cl = (EFI_SIGNATURE_LIST *)(cl_init), s = (s_init);	\
		s > 0 && s >= cl->SignatureListSize;			\
		s -= cl->SignatureListSize,				\
		cl = (EFI_SIGNATURE_LIST *) ((UINT8 *)cl + cl->SignatureListSize))

/*
 * Warning: this assumes (cl)->SignatureHeaderSize is zero.  It is for all
 * the signatures we process (X509, RSA2048, SHA256)
 */
#define certentry_for_each_cert(c, cl)	\
  for (c = (EFI_SIGNATURE_DATA *)((UINT8 *) (cl) + sizeof(EFI_SIGNATURE_LIST) + (cl)->SignatureHeaderSize); \
	(UINT8 *)c < ((UINT8 *)(cl)) + (cl)->SignatureListSize; \
	c = (EFI_SIGNATURE_DATA *)((UINT8 *)c + (cl)->SignatureSize))

EFI_STATUS
CreatePkX509SignatureList (
  IN	UINT8			    *X509Data,
  IN	UINTN			    X509DataSize,
  IN	EFI_GUID		    owner,
  OUT   EFI_SIGNATURE_LIST          **PkCert 
			   );
EFI_STATUS
CreateTimeBasedPayload (
  IN OUT UINTN            *DataSize,
  IN OUT UINT8            **Data
			);
EFI_STATUS
SetSecureVariable(CHAR16 *var, UINT8 *Data, UINTN len, EFI_GUID owner, UINT32 options, int createtimebased);
EFI_STATUS
get_variable(CHAR16 *var, UINT8 **data, UINTN *len, EFI_GUID owner);
EFI_STATUS
get_variable_attr(CHAR16 *var, UINT8 **data, UINTN *len, EFI_GUID owner,
		  UINT32 *attributes);
EFI_STATUS
find_in_esl(UINT8 *Data, UINTN DataSize, UINT8 *key, UINTN keylen);
EFI_STATUS
find_in_variable_esl(CHAR16* var, EFI_GUID owner, UINT8 *key, UINTN keylen);

#define EFI_OS_INDICATIONS_BOOT_TO_FW_UI 0x0000000000000001

UINT64
GetOSIndications(void);
EFI_STATUS
SETOSIndicationsAndReboot(UINT64 indications);
int
variable_is_secureboot(void);
int
variable_is_setupmode(void);
EFI_STATUS
variable_enroll_hash(CHAR16 *var, EFI_GUID owner,
		     UINT8 hash[SHA256_DIGEST_SIZE]);
EFI_STATUS
variable_create_esl(void *cert, int cert_len, EFI_GUID *type, EFI_GUID *owner,
		    void **out, int *outlen);
Commit	Line	Data
d359712e MG	1	#include <efiauthenticated.h>
	2
	3	#include <sha256.h> /* for SHA256_DIGEST_SIZE */
	4
	5	#define certlist_for_each_certentry(cl, cl_init, s, s_init) \
	6	for (cl = (EFI_SIGNATURE_LIST *)(cl_init), s = (s_init); \
	7	s > 0 && s >= cl->SignatureListSize; \
	8	s -= cl->SignatureListSize, \
	9	cl = (EFI_SIGNATURE_LIST ) ((UINT8 )cl + cl->SignatureListSize))
	10
	11	/*
	12	* Warning: this assumes (cl)->SignatureHeaderSize is zero. It is for all
	13	* the signatures we process (X509, RSA2048, SHA256)
	14	*/
	15	#define certentry_for_each_cert(c, cl) \
	16	for (c = (EFI_SIGNATURE_DATA )((UINT8 ) (cl) + sizeof(EFI_SIGNATURE_LIST) + (cl)->SignatureHeaderSize); \
	17	(UINT8 )c < ((UINT8 )(cl)) + (cl)->SignatureListSize; \
	18	c = (EFI_SIGNATURE_DATA )((UINT8 )c + (cl)->SignatureSize))
	19
	20	EFI_STATUS
	21	CreatePkX509SignatureList (
	22	IN UINT8 *X509Data,
	23	IN UINTN X509DataSize,
	24	IN EFI_GUID owner,
	25	OUT EFI_SIGNATURE_LIST **PkCert
	26	);
	27	EFI_STATUS
	28	CreateTimeBasedPayload (
	29	IN OUT UINTN *DataSize,
	30	IN OUT UINT8 **Data
	31	);
	32	EFI_STATUS
	33	SetSecureVariable(CHAR16 var, UINT8 Data, UINTN len, EFI_GUID owner, UINT32 options, int createtimebased);
	34	EFI_STATUS
	35	get_variable(CHAR16 var, UINT8 data, UINTN len, EFI_GUID owner);
	36	EFI_STATUS
	37	get_variable_attr(CHAR16 var, UINT8 data, UINTN len, EFI_GUID owner,
	38	UINT32 *attributes);
	39	EFI_STATUS
	40	find_in_esl(UINT8 Data, UINTN DataSize, UINT8 key, UINTN keylen);
	41	EFI_STATUS
	42	find_in_variable_esl(CHAR16* var, EFI_GUID owner, UINT8 *key, UINTN keylen);
	43
	44	#define EFI_OS_INDICATIONS_BOOT_TO_FW_UI 0x0000000000000001
	45
	46	UINT64
	47	GetOSIndications(void);
	48	EFI_STATUS
	49	SETOSIndicationsAndReboot(UINT64 indications);
	50	int
	51	variable_is_secureboot(void);
	52	int
	53	variable_is_setupmode(void);
	54	EFI_STATUS
	55	variable_enroll_hash(CHAR16 *var, EFI_GUID owner,
	56	UINT8 hash[SHA256_DIGEST_SIZE]);
	57	EFI_STATUS
	58	variable_create_esl(void cert, int cert_len, EFI_GUID type, EFI_GUID *owner,
	59	void *out, int outlen);