UefiCpuPkg: Move AsmRelocateApLoopStart from Mpfuncs.nasm to AmdSev.nasm

[mirror_edk2.git] / MdePkg / Include / Guid / WinCertificate.h

/** @file\r
  GUID for UEFI WIN_CERTIFICATE structure.\r
\r
  Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>\r
  SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
  @par Revision Reference:\r
  GUID defined in UEFI 2.0 spec.\r
**/\r
\r
#ifndef __EFI_WIN_CERTIFICATE_H__\r
#define __EFI_WIN_CERTIFICATE_H__\r
\r
//\r
// _WIN_CERTIFICATE.wCertificateType\r
//\r
#define WIN_CERT_TYPE_PKCS_SIGNED_DATA  0x0002\r
#define WIN_CERT_TYPE_EFI_PKCS115       0x0EF0\r
#define WIN_CERT_TYPE_EFI_GUID          0x0EF1\r
\r
///\r
/// The WIN_CERTIFICATE structure is part of the PE/COFF specification.\r
///\r
typedef struct {\r
  ///\r
  /// The length of the entire certificate,\r
  /// including the length of the header, in bytes.\r
  ///\r
  UINT32    dwLength;\r
  ///\r
  /// The revision level of the WIN_CERTIFICATE\r
  /// structure. The current revision level is 0x0200.\r
  ///\r
  UINT16    wRevision;\r
  ///\r
  /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI\r
  /// certificate types. The UEFI specification reserves the range of\r
  /// certificate type values from 0x0EF0 to 0x0EFF.\r
  ///\r
  UINT16    wCertificateType;\r
  ///\r
  /// The following is the actual certificate. The format of\r
  /// the certificate depends on wCertificateType.\r
  ///\r
  /// UINT8 bCertificate[ANYSIZE_ARRAY];\r
  ///\r
} WIN_CERTIFICATE;\r
\r
///\r
/// WIN_CERTIFICATE_UEFI_GUID.CertType\r
///\r
#define EFI_CERT_TYPE_RSA2048_SHA256_GUID \\r
  {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }\r
\r
///\r
/// WIN_CERTIFICATE_UEFI_GUID.CertData\r
///\r
typedef struct {\r
  EFI_GUID    HashType;\r
  UINT8       PublicKey[256];\r
  UINT8       Signature[256];\r
} EFI_CERT_BLOCK_RSA_2048_SHA256;\r
\r
///\r
/// Certificate which encapsulates a GUID-specific digital signature\r
///\r
typedef struct {\r
  ///\r
  /// This is the standard WIN_CERTIFICATE header, where\r
  /// wCertificateType is set to WIN_CERT_TYPE_EFI_GUID.\r
  ///\r
  WIN_CERTIFICATE    Hdr;\r
  ///\r
  /// This is the unique id which determines the\r
  /// format of the CertData. .\r
  ///\r
  EFI_GUID           CertType;\r
  ///\r
  /// The following is the certificate data. The format of\r
  /// the data is determined by the CertType.\r
  /// If CertType is EFI_CERT_TYPE_RSA2048_SHA256_GUID,\r
  /// the CertData will be EFI_CERT_BLOCK_RSA_2048_SHA256 structure.\r
  ///\r
  UINT8              CertData[1];\r
} WIN_CERTIFICATE_UEFI_GUID;\r
\r
///\r
/// Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.\r
///\r
/// The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from\r
/// WIN_CERTIFICATE and encapsulate the information needed to\r
/// implement the RSASSA-PKCS1-v1_5 digital signature algorithm as\r
/// specified in RFC2437.\r
///\r
typedef struct {\r
  ///\r
  /// This is the standard WIN_CERTIFICATE header, where\r
  /// wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS1_15.\r
  ///\r
  WIN_CERTIFICATE    Hdr;\r
  ///\r
  /// This is the hashing algorithm which was performed on the\r
  /// UEFI executable when creating the digital signature.\r
  ///\r
  EFI_GUID           HashAlgorithm;\r
  ///\r
  /// The following is the actual digital signature. The\r
  /// size of the signature is the same size as the key\r
  /// (1024-bit key is 128 bytes) and can be determined by\r
  /// subtracting the length of the other parts of this header\r
  /// from the total length of the certificate as found in\r
  /// Hdr.dwLength.\r
  ///\r
  /// UINT8 Signature[];\r
  ///\r
} WIN_CERTIFICATE_EFI_PKCS1_15;\r
\r
extern EFI_GUID  gEfiCertTypeRsa2048Sha256Guid;\r
\r
#endif\r