2 This includes some definitions introduced in UEFI that will be used in both PEI and DXE phases.
4 Copyright (c) 2006 - 2009, Intel Corporation
5 All rights reserved. This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15 #ifndef __UEFI_MULTIPHASE_H__
16 #define __UEFI_MULTIPHASE_H__
19 /// Enumeration of memory types introduced in UEFI.
25 EfiReservedMemoryType
,
27 /// The code portions of a loaded application.
28 /// (Note that UEFI OS loaders are UEFI applications.)
32 /// The data portions of a loaded application and the default data allocation
33 /// type used by an application to allocate pool memory.
37 /// The code portions of a loaded Boot Services Driver
41 /// The data portions of a loaded Boot Serves Driver, and the default data
42 /// allocation type used by a Boot Services Driver to allocate pool memory.
46 /// The code portions of a loaded Runtime Services Driver.
48 EfiRuntimeServicesCode
,
50 /// The data portions of a loaded Runtime Services Driver and the default
51 /// data allocation type used by a Runtime Services Driver to allocate pool memory.
53 EfiRuntimeServicesData
,
55 /// Free (unallocated) memory.
57 EfiConventionalMemory
,
59 /// Memory in which errors have been detected.
63 /// Memory that holds the ACPI tables.
67 /// Address space reserved for use by the firmware.
71 /// Used by system firmware to request that a memory-mapped IO region
72 /// be mapped by the OS to a virtual address so it can be accessed by EFI runtime services.
76 /// System memory-mapped IO region that is used to translate memory
77 /// cycles to IO cycles by the processor.
79 EfiMemoryMappedIOPortSpace
,
81 /// Address space reserved by the firmware for code that is part of the processor.
88 /// Data structure that precedes all of the standard EFI table types.
92 /// A 64-bit signature that identifies the type of table that follows.
93 /// Unique signatures have been generated for the EFI System Table,
94 /// the EFI Boot Services Table, and the EFI Runtime Services Table.
98 /// The revision of the EFI Specification to which this table
99 /// conforms. The upper 16 bits of this field contain the major
100 /// revision value, and the lower 16 bits contain the minor revision
101 /// value. The minor revision values are limited to the range of 00..99.
105 /// The size, in bytes, of the entire table including the EFI_TABLE_HEADER.
109 /// The 32-bit CRC for the entire table. This value is computed by
110 /// setting this field to 0, and computing the 32-bit CRC for HeaderSize bytes.
114 /// Reserved field that must be set to 0.
120 /// Attributes of variable.
122 #define EFI_VARIABLE_NON_VOLATILE 0x00000001
123 #define EFI_VARIABLE_BOOTSERVICE_ACCESS 0x00000002
124 #define EFI_VARIABLE_RUNTIME_ACCESS 0x00000004
125 #define EFI_VARIABLE_HARDWARE_ERROR_RECORD 0x00000008
128 /// This attribute is identified by the mnemonic 'HR'
129 /// elsewhere in this specification.
131 #define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 0x00000010
134 // _WIN_CERTIFICATE.wCertificateType
136 #define WIN_CERT_TYPE_EFI_PKCS115 0x0EF0
137 #define WIN_CERT_TYPE_EFI_GUID 0x0EF1
140 /// The WIN_CERTIFICATE structure is part of the PE/COFF specification.
142 typedef struct _WIN_CERTIFICATE
{
144 /// The length of the entire certificate,
145 /// including the length of the header, in bytes.
149 /// The revision level of the WIN_CERTIFICATE
150 /// structure. The current revision level is 0x0200.
154 /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI
155 /// certificate types. The UEFI specification reserves the range of
156 /// certificate type values from 0x0EF0 to 0x0EFF.
158 UINT16 wCertificateType
;
160 /// The following is the actual certificate. The format of
161 /// the certificate depends on wCertificateType.
163 /// UINT8 bCertificate[ANYSIZE_ARRAY];
168 /// WIN_CERTIFICATE_UEFI_GUID.CertType
170 #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \
171 {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }
174 /// WIN_CERTIFICATE_UEFI_GUID.CertData
176 typedef struct _EFI_CERT_BLOCK_RSA_2048_SHA256
{
178 UINT8 PublicKey
[256];
179 UINT8 Signature
[256];
180 } EFI_CERT_BLOCK_RSA_2048_SHA256
;
184 /// Certificate which encapsulates a GUID-specific digital signature
186 typedef struct _WIN_CERTIFICATE_UEFI_GUID
{
188 /// This is the standard WIN_CERTIFICATE header, where
189 /// wCertificateType is set to WIN_CERT_TYPE_UEFI_GUID.
193 /// This is the unique id which determines the
194 /// format of the CertData. In this case, the
195 /// value is EFI_CERT_TYPE_RSA2048_SHA256_GUID.
199 /// The following is the certificate data. The format of
200 /// the data is determined by the CertType. In this case the value is
201 /// EFI_CERT_BLOCK_RSA_2048_SHA256.
203 /// UINT8 CertData[ANYSIZE_ARRAY];
205 } WIN_CERTIFICATE_UEFI_GUID
;
209 /// Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.
211 /// The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from
212 /// WIN_CERTIFICATE and encapsulate the information needed to
213 /// implement the RSASSA-PKCS1-v1_5 digital signature algorithm as
214 /// specified in RFC2437.
216 typedef struct _WIN_CERTIFICATE_EFI_PKCS1_15
{
218 /// This is the standard WIN_CERTIFICATE header, where
219 /// wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS1_15.
223 /// This is the hashing algorithm which was performed on the
224 /// UEFI executable when creating the digital signature.
226 EFI_GUID HashAlgorithm
;
228 /// The following is the actual digital signature. The
229 /// size of the signature is the same size as the key
230 /// (1024-bit key is 128 bytes) and can be determined by
231 /// subtracting the length of the other parts of this header
232 /// from the total length of the certificate as found in
235 /// UINT8 Signature[ANYSIZE_ARRAY];
237 } WIN_CERTIFICATE_EFI_PKCS1_15
;
242 /// AuthInfo is a WIN_CERTIFICATE using the wCertificateType
243 /// WIN_CERTIFICATE_UEFI_GUID and the CertType
244 /// EFI_CERT_TYPE_RSA2048_SHA256. If the attribute specifies
245 /// authenticated access, then the Data buffer should begin with an
246 /// authentication descriptor prior to the data payload and DataSize
247 /// should reflect the the data.and descriptor size. The caller
248 /// shall digest the Monotonic Count value and the associated data
249 /// for the variable update using the SHA-256 1-way hash algorithm.
250 /// The ensuing the 32-byte digest will be signed using the private
251 /// key associated w/ the public/private 2048-bit RSA key-pair. The
252 /// WIN_CERTIFICATE shall be used to describe the signature of the
253 /// Variable data *Data. In addition, the signature will also
254 /// include the MonotonicCount value to guard against replay attacks
258 /// Included in the signature of
259 /// AuthInfo.Used to ensure freshness/no
260 /// replay. Incremented during each
263 UINT64 MonotonicCount
;
265 /// Provides the authorization for the variable
266 /// access. It is a signature across the
267 /// variable data and the Monotonic Count
268 /// value. Caller uses Private key that is
269 /// associated with a public key that has been
270 /// provisioned via the key exchange.
272 WIN_CERTIFICATE_UEFI_GUID AuthInfo
;
273 } EFI_VARIABLE_AUTHENTICATION
;