2 GUID for UEFI WIN_CERTIFICATE structure.
4 Copyright (c) 2006 - 2009, Intel Corporation
5 All rights reserved. This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13 @par Revision Reference:
14 GUID defined in UEFI 2.0 spec.
17 #ifndef __EFI_WIN_CERTIFICATE_H__
18 #define __EFI_WIN_CERTIFICATE_H__
21 // _WIN_CERTIFICATE.wCertificateType
23 #define WIN_CERT_TYPE_PKCS_SIGNED_DATA 0x0002
24 #define WIN_CERT_TYPE_EFI_PKCS115 0x0EF0
25 #define WIN_CERT_TYPE_EFI_GUID 0x0EF1
28 /// The WIN_CERTIFICATE structure is part of the PE/COFF specification.
32 /// The length of the entire certificate,
33 /// including the length of the header, in bytes.
37 /// The revision level of the WIN_CERTIFICATE
38 /// structure. The current revision level is 0x0200.
42 /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI
43 /// certificate types. The UEFI specification reserves the range of
44 /// certificate type values from 0x0EF0 to 0x0EFF.
46 UINT16 wCertificateType
;
48 /// The following is the actual certificate. The format of
49 /// the certificate depends on wCertificateType.
51 /// UINT8 bCertificate[ANYSIZE_ARRAY];
56 /// WIN_CERTIFICATE_UEFI_GUID.CertType
58 #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \
59 {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }
62 /// WIN_CERTIFICATE_UEFI_GUID.CertData
68 } EFI_CERT_BLOCK_RSA_2048_SHA256
;
72 /// Certificate which encapsulates a GUID-specific digital signature
76 /// This is the standard WIN_CERTIFICATE header, where
77 /// wCertificateType is set to WIN_CERT_TYPE_UEFI_GUID.
81 /// This is the unique id which determines the
82 /// format of the CertData. .
86 /// The following is the certificate data. The format of
87 /// the data is determined by the CertType.
88 /// If CertType is EFI_CERT_TYPE_RSA2048_SHA256_GUID,
89 /// the CertData will be EFI_CERT_BLOCK_RSA_2048_SHA256 structure.
92 } WIN_CERTIFICATE_UEFI_GUID
;
96 /// Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.
98 /// The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from
99 /// WIN_CERTIFICATE and encapsulate the information needed to
100 /// implement the RSASSA-PKCS1-v1_5 digital signature algorithm as
101 /// specified in RFC2437.
105 /// This is the standard WIN_CERTIFICATE header, where
106 /// wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS1_15.
110 /// This is the hashing algorithm which was performed on the
111 /// UEFI executable when creating the digital signature.
113 EFI_GUID HashAlgorithm
;
115 /// The following is the actual digital signature. The
116 /// size of the signature is the same size as the key
117 /// (1024-bit key is 128 bytes) and can be determined by
118 /// subtracting the length of the other parts of this header
119 /// from the total length of the certificate as found in
122 /// UINT8 Signature[];
124 } WIN_CERTIFICATE_EFI_PKCS1_15
;
126 extern EFI_GUID gEfiCertTypeRsa2048Sha256Guid
;