/** @file\r
- BIS protocol are defined in the UEFI specification.\r
The EFI_BIS_PROTOCOL is used to check a digital signature of a data block \r
against a digital certificate for the purpose of an integrity and authorization check.\r
\r
- Copyright (c) 2006 - 2008, Intel Corporation \r
- All rights reserved. This program and the accompanying materials \r
- are licensed and made available under the terms and conditions of the BSD License \r
- which accompanies this distribution. The full text of the license may be found at \r
- http://opensource.org/licenses/bsd-license.php \r
+Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR>\r
+This program and the accompanying materials are licensed and made available under \r
+the terms and conditions of the BSD License that accompanies this distribution. \r
+The full text of the license may be found at\r
+http://opensource.org/licenses/bsd-license.php. \r
+ \r
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
\r
- THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
- WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
+ @par Revision Reference: \r
+ This Protocol is introduced in EFI Specification 1.10. \r
\r
**/\r
\r
/// EFI_BIS_DATA instances obtained from BIS must be freed by calling Free( ).\r
///\r
typedef struct {\r
- UINT32 Length; ///< Length of Data in 8 bit bytes.\r
+ UINT32 Length; ///< The length of Data in 8 bit bytes.\r
UINT8 *Data; ///< 32 Bit Flat Address of data.\r
} EFI_BIS_DATA;\r
\r
/// EFI_BIS_VERSION type.\r
///\r
typedef struct {\r
- UINT32 Major; ///< the major BIS version number.\r
- UINT32 Minor; ///< a minor BIS version number.\r
+ UINT32 Major; ///< The major BIS version number.\r
+ UINT32 Minor; ///< A minor BIS version number.\r
} EFI_BIS_VERSION;\r
\r
//\r
typedef struct {\r
BIS_CERT_ID CertificateID; ///< Truncated hash of platform Boot Object\r
BIS_ALG_ID AlgorithmID; ///< A signature algorithm number.\r
- UINT16 KeyLength; ///< Length of alg. keys in bits.\r
+ UINT16 KeyLength; ///< The length of alg. keys in bits.\r
} EFI_BIS_SIGNATURE_INFO;\r
\r
///\r
/// values for EFI_BIS_SIGNATURE_INFO.AlgorithmID.\r
-/// The exact numeric values come from\r
+/// The exact numeric values come from the\r
/// "Common Data Security Architecture (CDSA) Specification".\r
///\r
#define BIS_ALG_DSA (41) // CSSM_ALGID_DSA\r
#define BIS_CERT_ID_DSA BIS_ALG_DSA // CSSM_ALGID_DSA\r
#define BIS_CERT_ID_RSA_MD5 BIS_ALG_RSA_MD5 // CSSM_ALGID_MD5_WITH_RSA\r
///\r
-/// the mask value that gets applied to the truncated hash of a\r
+/// The mask value that gets applied to the truncated hash of a\r
/// platform Boot Object Authorization Certificate to create the certificateID.\r
/// A certificateID must not have any bits set to the value 1 other than bits in\r
/// this mask.\r
\r
///\r
/// Macros for dealing with the EFI_BIS_DATA object obtained\r
-/// from BIS_GetSignatureInfo()\r
+/// from BIS_GetSignatureInfo().\r
/// BIS_GET_SIGINFO_COUNT - tells how many EFI_BIS_SIGNATURE_INFO\r
/// elements are contained in a EFI_BIS_DATA struct pointed to\r
/// by the provided EFI_BIS_DATA*.\r
#define BIS_GET_SIGINFO_ARRAY(BisDataPtr) ((EFI_BIS_SIGNATURE_INFO *) (BisDataPtr)->Data)\r
\r
///\r
-/// Support old name for backward compatibility\r
+/// Support an old name for backward compatibility.\r
///\r
#define BOOT_OBJECT_AUTHORIZATION_PARMSET_GUIDVALUE \\r
BOOT_OBJECT_AUTHORIZATION_PARMSET_GUID\r
found\r
* A resource limitation was encountered while using a cryptographic software module.\r
@retval EFI_INVALID_PARAMETER The This parameter supplied by the caller is NULL or does not\r
- reference a valid EFI_BIS_PROTOCOL object, or\r
- The AppHandle parameter supplied by the caller is NULL or\r
- an invalid memory reference, or\r
- The InterfaceVersion parameter supplied by the caller\r
- is NULL or an invalid memory reference, or\r
- The TargetAddress parameter supplied by the caller is\r
+ reference a valid EFI_BIS_PROTOCOL object. Or,\r
+ the AppHandle parameter supplied by the caller is NULL or\r
+ an invalid memory reference. Or,\r
+ the InterfaceVersion parameter supplied by the caller\r
+ is NULL or an invalid memory reference. Or,\r
+ the TargetAddress parameter supplied by the caller is\r
NULL or an invalid memory reference.\r
\r
**/ \r
of the BIS service. \r
\r
@retval EFI_SUCCESS The function completed successfully.\r
- @retval EFI_NO_MAPPING The AppHandle parameter is not or is no longer a valid\r
+ @retval EFI_NO_MAPPING The AppHandle parameter is not, or is no longer, a valid\r
application instance handle associated with the EFI_BIS protocol. \r
@retval EFI_OUT_OF_RESOURCES The function failed due to lack of memory or other resources. \r
@retval EFI_DEVICE_ERROR The function encountered an unexpected internal failure while\r
Retrieves a unique token value to be included in the request credential for the next update of any\r
parameter in the Boot Object Authorization set \r
\r
- @param AppHandle An opaque handle that identifies the caller's instance of initialization\r
- of the BIS service. \r
- @param UpdateToken The function writes an allocated EFI_BIS_DATA* containing the new\r
- unique update token value. The caller must\r
- eventually free the memory allocated by this function using the function Free().\r
+ @param AppHandle An opaque handle that identifies the caller's \r
+ instance of initialization of the BIS service. \r
+ @param UpdateToken The function writes an allocated EFI_BIS_DATA* \r
+ containing the newunique update token value. \r
+ The caller musteventually free the memory allocated \r
+ by this function using the function Free().\r
\r
@retval EFI_SUCCESS The function completed successfully.\r
@retval EFI_NO_MAPPING The AppHandle parameter is not or is no longer a valid\r
/** \r
Updates one of the configurable parameters of the Boot Object Authorization set.\r
\r
- @param AppHandle An opaque handle that identifies the caller's instance of initialization\r
- of the BIS service. \r
- @param RequestCredential This is a Signed Manifest with embedded attributes that carry the details\r
- of the requested update. \r
- @param NewUpdateToken The function writes an allocated EFI_BIS_DATA* containing the new \r
- unique update token value. The caller must\r
- eventually free the memory allocated by this function using the function Free().\r
+ @param AppHandle An opaque handle that identifies the caller's \r
+ instance of initialization of the BIS service. \r
+ @param RequestCredential This is a Signed Manifest with embedded attributes \r
+ that carry the details of the requested update. \r
+ @param NewUpdateToken The function writes an allocated EFI_BIS_DATA* \r
+ containing the new unique update token value. \r
+ The caller must eventually free the memory allocated \r
+ by this function using the function Free().\r
\r
@retval EFI_SUCCESS The function completed successfully. \r
@retval EFI_NO_MAPPING The AppHandle parameter is not or is no longer a valid \r
@param Credentials A Signed Manifest containing verification information for the\r
indicated data object. \r
@param DataObject An in-memory copy of the raw data object to be verified.\r
- @param SectionName An ASCII (not Unicode) string giving the section name in the \r
+ @param SectionName An ASCII string giving the section name in the \r
manifest holding the verification information (in other words,\r
hash value) that corresponds to DataObject. \r
@param AuthorityCertificate A digital certificate whose public key must match the signer's \r