]>
Commit | Line | Data |
---|---|---|
1 | /** @file\r | |
2 | Declare the application prefix string as a GUID, for locating the PK/KEK1\r | |
3 | X509 certificate to enroll, in the "OEM Strings" SMBIOS table.\r | |
4 | \r | |
5 | Copyright (C) 2019, Red Hat, Inc.\r | |
6 | \r | |
7 | SPDX-License-Identifier: BSD-2-Clause-Patent\r | |
8 | \r | |
9 | @par Specification Reference:\r | |
10 | - https://git.qemu.org/?p=qemu.git;a=commit;h=2d6dcbf93fb0\r | |
11 | - https://libvirt.org/formatdomain.html#elementsSysinfo\r | |
12 | - https://bugs.launchpad.net/qemu/+bug/1826200\r | |
13 | - https://bugzilla.tianocore.org/show_bug.cgi?id=1747\r | |
14 | **/\r | |
15 | \r | |
16 | #ifndef OVMF_PK_KEK1_APP_PREFIX_H_\r | |
17 | #define OVMF_PK_KEK1_APP_PREFIX_H_\r | |
18 | \r | |
19 | #include <Uefi/UefiBaseType.h>\r | |
20 | \r | |
21 | //\r | |
22 | // For the EnrollDefaultKeys application, the hypervisor is expected to add a\r | |
23 | // string entry to the "OEM Strings" (Type 11) SMBIOS table, with the following\r | |
24 | // format:\r | |
25 | //\r | |
26 | // 4e32566d-8e9e-4f52-81d3-5bb9715f9727:<Base64 X509 cert for PK and first KEK>\r | |
27 | //\r | |
28 | // The string representation of the GUID at the front is the "application\r | |
29 | // prefix". It is matched by EnrollDefaultKeys case-insensitively.\r | |
30 | //\r | |
31 | // The base64-encoded blob following the application prefix and the colon (:)\r | |
32 | // is an X509 certificate in DER representation; the hypervisor instructs\r | |
33 | // EnrollDefaultKeys to enroll this certificate as both Platform Key and first\r | |
34 | // Key Exchange Key.\r | |
35 | //\r | |
36 | #define OVMF_PK_KEK1_APP_PREFIX_GUID \\r | |
37 | { 0x4e32566d, \\r | |
38 | 0x8e9e, \\r | |
39 | 0x4f52, \\r | |
40 | { 0x81, 0xd3, 0x5b, 0xb9, 0x71, 0x5f, 0x97, 0x27 }, \\r | |
41 | }\r | |
42 | \r | |
43 | extern EFI_GUID gOvmfPkKek1AppPrefixGuid;\r | |
44 | \r | |
45 | #endif /* OVMF_PK_KEK1_APP_PREFIX_H_ */\r |