]>
Commit | Line | Data |
---|---|---|
1 | /** @file\r | |
2 | GUID for UEFI WIN_CERTIFICATE structure. \r | |
3 | \r | |
4 | Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR>\r | |
5 | This program and the accompanying materials \r | |
6 | are licensed and made available under the terms and conditions of the BSD License \r | |
7 | which accompanies this distribution. The full text of the license may be found at \r | |
8 | http://opensource.org/licenses/bsd-license.php \r | |
9 | \r | |
10 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r | |
11 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r | |
12 | \r | |
13 | @par Revision Reference:\r | |
14 | GUID defined in UEFI 2.0 spec.\r | |
15 | **/\r | |
16 | \r | |
17 | #ifndef __EFI_WIN_CERTIFICATE_H__\r | |
18 | #define __EFI_WIN_CERTIFICATE_H__\r | |
19 | \r | |
20 | //\r | |
21 | // _WIN_CERTIFICATE.wCertificateType\r | |
22 | // \r | |
23 | #define WIN_CERT_TYPE_PKCS_SIGNED_DATA 0x0002\r | |
24 | #define WIN_CERT_TYPE_EFI_PKCS115 0x0EF0\r | |
25 | #define WIN_CERT_TYPE_EFI_GUID 0x0EF1\r | |
26 | \r | |
27 | ///\r | |
28 | /// The WIN_CERTIFICATE structure is part of the PE/COFF specification.\r | |
29 | ///\r | |
30 | typedef struct {\r | |
31 | ///\r | |
32 | /// The length of the entire certificate, \r | |
33 | /// including the length of the header, in bytes. \r | |
34 | ///\r | |
35 | UINT32 dwLength;\r | |
36 | ///\r | |
37 | /// The revision level of the WIN_CERTIFICATE \r | |
38 | /// structure. The current revision level is 0x0200. \r | |
39 | ///\r | |
40 | UINT16 wRevision;\r | |
41 | ///\r | |
42 | /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI \r | |
43 | /// certificate types. The UEFI specification reserves the range of \r | |
44 | /// certificate type values from 0x0EF0 to 0x0EFF. \r | |
45 | ///\r | |
46 | UINT16 wCertificateType;\r | |
47 | ///\r | |
48 | /// The following is the actual certificate. The format of \r | |
49 | /// the certificate depends on wCertificateType.\r | |
50 | ///\r | |
51 | /// UINT8 bCertificate[ANYSIZE_ARRAY];\r | |
52 | ///\r | |
53 | } WIN_CERTIFICATE;\r | |
54 | \r | |
55 | ///\r | |
56 | /// WIN_CERTIFICATE_UEFI_GUID.CertType\r | |
57 | /// \r | |
58 | #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \\r | |
59 | {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }\r | |
60 | \r | |
61 | ///\r | |
62 | /// WIN_CERTIFICATE_UEFI_GUID.CertData\r | |
63 | /// \r | |
64 | typedef struct {\r | |
65 | EFI_GUID HashType;\r | |
66 | UINT8 PublicKey[256];\r | |
67 | UINT8 Signature[256];\r | |
68 | } EFI_CERT_BLOCK_RSA_2048_SHA256;\r | |
69 | \r | |
70 | \r | |
71 | ///\r | |
72 | /// Certificate which encapsulates a GUID-specific digital signature\r | |
73 | ///\r | |
74 | typedef struct {\r | |
75 | ///\r | |
76 | /// This is the standard WIN_CERTIFICATE header, where\r | |
77 | /// wCertificateType is set to WIN_CERT_TYPE_UEFI_GUID. \r | |
78 | /// \r | |
79 | WIN_CERTIFICATE Hdr;\r | |
80 | ///\r | |
81 | /// This is the unique id which determines the \r | |
82 | /// format of the CertData. .\r | |
83 | ///\r | |
84 | EFI_GUID CertType;\r | |
85 | /// \r | |
86 | /// The following is the certificate data. The format of\r | |
87 | /// the data is determined by the CertType. \r | |
88 | /// If CertType is EFI_CERT_TYPE_RSA2048_SHA256_GUID,\r | |
89 | /// the CertData will be EFI_CERT_BLOCK_RSA_2048_SHA256 structure.\r | |
90 | ///\r | |
91 | UINT8 CertData[1];\r | |
92 | } WIN_CERTIFICATE_UEFI_GUID;\r | |
93 | \r | |
94 | \r | |
95 | /// \r | |
96 | /// Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.\r | |
97 | /// \r | |
98 | /// The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from\r | |
99 | /// WIN_CERTIFICATE and encapsulate the information needed to \r | |
100 | /// implement the RSASSA-PKCS1-v1_5 digital signature algorithm as \r | |
101 | /// specified in RFC2437. \r | |
102 | /// \r | |
103 | typedef struct { \r | |
104 | ///\r | |
105 | /// This is the standard WIN_CERTIFICATE header, where \r | |
106 | /// wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS1_15. \r | |
107 | ///\r | |
108 | WIN_CERTIFICATE Hdr;\r | |
109 | ///\r | |
110 | /// This is the hashing algorithm which was performed on the\r | |
111 | /// UEFI executable when creating the digital signature. \r | |
112 | ///\r | |
113 | EFI_GUID HashAlgorithm;\r | |
114 | ///\r | |
115 | /// The following is the actual digital signature. The \r | |
116 | /// size of the signature is the same size as the key \r | |
117 | /// (1024-bit key is 128 bytes) and can be determined by \r | |
118 | /// subtracting the length of the other parts of this header\r | |
119 | /// from the total length of the certificate as found in \r | |
120 | /// Hdr.dwLength. \r | |
121 | ///\r | |
122 | /// UINT8 Signature[];\r | |
123 | ///\r | |
124 | } WIN_CERTIFICATE_EFI_PKCS1_15;\r | |
125 | \r | |
126 | extern EFI_GUID gEfiCertTypeRsa2048Sha256Guid;\r | |
127 | \r | |
128 | #endif\r |