[mirror_edk2.git] / MdePkg / Include / Guid / WinCertificate.h

/** @file\r
  GUID for UEFI WIN_CERTIFICATE structure.\r
\r
  Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>\r
  SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
  @par Revision Reference:\r
  GUID defined in UEFI 2.0 spec.\r
**/\r
\r
#ifndef __EFI_WIN_CERTIFICATE_H__\r
#define __EFI_WIN_CERTIFICATE_H__\r
\r
//\r
// _WIN_CERTIFICATE.wCertificateType\r
//\r
#define WIN_CERT_TYPE_PKCS_SIGNED_DATA 0x0002\r
#define WIN_CERT_TYPE_EFI_PKCS115      0x0EF0\r
#define WIN_CERT_TYPE_EFI_GUID         0x0EF1\r
\r
///\r
/// The WIN_CERTIFICATE structure is part of the PE/COFF specification.\r
///\r
typedef struct {\r
  ///\r
  /// The length of the entire certificate,\r
  /// including the length of the header, in bytes.\r
  ///\r
  UINT32  dwLength;\r
  ///\r
  /// The revision level of the WIN_CERTIFICATE\r
  /// structure. The current revision level is 0x0200.\r
  ///\r
  UINT16  wRevision;\r
  ///\r
  /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI\r
  /// certificate types. The UEFI specification reserves the range of\r
  /// certificate type values from 0x0EF0 to 0x0EFF.\r
  ///\r
  UINT16  wCertificateType;\r
  ///\r
  /// The following is the actual certificate. The format of\r
  /// the certificate depends on wCertificateType.\r
  ///\r
  /// UINT8 bCertificate[ANYSIZE_ARRAY];\r
  ///\r
} WIN_CERTIFICATE;\r
\r
///\r
/// WIN_CERTIFICATE_UEFI_GUID.CertType\r
///\r
#define EFI_CERT_TYPE_RSA2048_SHA256_GUID \\r
  {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }\r
\r
///\r
/// WIN_CERTIFICATE_UEFI_GUID.CertData\r
///\r
typedef struct {\r
  EFI_GUID  HashType;\r
  UINT8     PublicKey[256];\r
  UINT8     Signature[256];\r
} EFI_CERT_BLOCK_RSA_2048_SHA256;\r
\r
\r
///\r
/// Certificate which encapsulates a GUID-specific digital signature\r
///\r
typedef struct {\r
  ///\r
  /// This is the standard WIN_CERTIFICATE header, where\r
  /// wCertificateType is set to WIN_CERT_TYPE_EFI_GUID.\r
  ///\r
  WIN_CERTIFICATE   Hdr;\r
  ///\r
  /// This is the unique id which determines the\r
  /// format of the CertData. .\r
  ///\r
  EFI_GUID          CertType;\r
  ///\r
  /// The following is the certificate data. The format of\r
  /// the data is determined by the CertType.\r
  /// If CertType is EFI_CERT_TYPE_RSA2048_SHA256_GUID,\r
  /// the CertData will be EFI_CERT_BLOCK_RSA_2048_SHA256 structure.\r
  ///\r
  UINT8            CertData[1];\r
} WIN_CERTIFICATE_UEFI_GUID;\r
\r
\r
///\r
/// Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.\r
///\r
/// The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from\r
/// WIN_CERTIFICATE and encapsulate the information needed to\r
/// implement the RSASSA-PKCS1-v1_5 digital signature algorithm as\r
/// specified in RFC2437.\r
///\r
typedef struct {\r
  ///\r
  /// This is the standard WIN_CERTIFICATE header, where\r
  /// wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS1_15.\r
  ///\r
  WIN_CERTIFICATE Hdr;\r
  ///\r
  /// This is the hashing algorithm which was performed on the\r
  /// UEFI executable when creating the digital signature.\r
  ///\r
  EFI_GUID        HashAlgorithm;\r
  ///\r
  /// The following is the actual digital signature. The\r
  /// size of the signature is the same size as the key\r
  /// (1024-bit key is 128 bytes) and can be determined by\r
  /// subtracting the length of the other parts of this header\r
  /// from the total length of the certificate as found in\r
  /// Hdr.dwLength.\r
  ///\r
  /// UINT8 Signature[];\r
  ///\r
} WIN_CERTIFICATE_EFI_PKCS1_15;\r
\r
extern EFI_GUID gEfiCertTypeRsa2048Sha256Guid;\r
\r
#endif\r
Commit	Line	Data
bd86cb02	1	/** @file\r
fbb393ab	2	GUID for UEFI WIN_CERTIFICATE structure.\r
bd86cb02	3	\r
73a324f8	4	Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>\r
9344f092	5	SPDX-License-Identifier: BSD-2-Clause-Patent\r
bd86cb02 LG	6	\r
	7	@par Revision Reference:\r
	8	GUID defined in UEFI 2.0 spec.\r
	9	**/\r
	10	\r
	11	#ifndef __EFI_WIN_CERTIFICATE_H__\r
	12	#define __EFI_WIN_CERTIFICATE_H__\r
	13	\r
	14	//\r
	15	// _WIN_CERTIFICATE.wCertificateType\r
fbb393ab	16	//\r
bd86cb02 LG	17	#define WIN_CERT_TYPE_PKCS_SIGNED_DATA 0x0002\r
	18	#define WIN_CERT_TYPE_EFI_PKCS115 0x0EF0\r
	19	#define WIN_CERT_TYPE_EFI_GUID 0x0EF1\r
	20	\r
	21	///\r
	22	/// The WIN_CERTIFICATE structure is part of the PE/COFF specification.\r
	23	///\r
	24	typedef struct {\r
	25	///\r
fbb393ab LL	26	/// The length of the entire certificate,\r
fbb393ab LL	27	/// including the length of the header, in bytes.\r
bd86cb02 LG	28	///\r
	29	UINT32 dwLength;\r
	30	///\r
fbb393ab LL	31	/// The revision level of the WIN_CERTIFICATE\r
fbb393ab LL	32	/// structure. The current revision level is 0x0200.\r
bd86cb02 LG	33	///\r
	34	UINT16 wRevision;\r
	35	///\r
fbb393ab LL	36	/// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI\r
	37	/// certificate types. The UEFI specification reserves the range of\r
	38	/// certificate type values from 0x0EF0 to 0x0EFF.\r
bd86cb02 LG	39	///\r
	40	UINT16 wCertificateType;\r
	41	///\r
fbb393ab	42	/// The following is the actual certificate. The format of\r
bd86cb02 LG	43	/// the certificate depends on wCertificateType.\r
	44	///\r
	45	/// UINT8 bCertificate[ANYSIZE_ARRAY];\r
	46	///\r
	47	} WIN_CERTIFICATE;\r
	48	\r
	49	///\r
	50	/// WIN_CERTIFICATE_UEFI_GUID.CertType\r
fbb393ab	51	///\r
bd86cb02 LG	52	#define EFI_CERT_TYPE_RSA2048_SHA256_GUID \\r
	53	{0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }\r
	54	\r
	55	///\r
	56	/// WIN_CERTIFICATE_UEFI_GUID.CertData\r
fbb393ab	57	///\r
bd86cb02	58	typedef struct {\r
3f275826 LG	59	EFI_GUID HashType;\r
	60	UINT8 PublicKey[256];\r
	61	UINT8 Signature[256];\r
bd86cb02 LG	62	} EFI_CERT_BLOCK_RSA_2048_SHA256;\r
	63	\r
	64	\r
	65	///\r
	66	/// Certificate which encapsulates a GUID-specific digital signature\r
	67	///\r
	68	typedef struct {\r
	69	///\r
	70	/// This is the standard WIN_CERTIFICATE header, where\r
fbb393ab LL	71	/// wCertificateType is set to WIN_CERT_TYPE_EFI_GUID.\r
fbb393ab LL	72	///\r
bd86cb02 LG	73	WIN_CERTIFICATE Hdr;\r
bd86cb02 LG	74	///\r
fbb393ab	75	/// This is the unique id which determines the\r
bd86cb02 LG	76	/// format of the CertData. .\r
	77	///\r
	78	EFI_GUID CertType;\r
fbb393ab	79	///\r
bd86cb02	80	/// The following is the certificate data. The format of\r
fbb393ab	81	/// the data is determined by the CertType.\r
bd86cb02 LG	82	/// If CertType is EFI_CERT_TYPE_RSA2048_SHA256_GUID,\r
	83	/// the CertData will be EFI_CERT_BLOCK_RSA_2048_SHA256 structure.\r
	84	///\r
	85	UINT8 CertData[1];\r
	86	} WIN_CERTIFICATE_UEFI_GUID;\r
	87	\r
	88	\r
fbb393ab	89	///\r
bd86cb02	90	/// Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.\r
fbb393ab	91	///\r
bd86cb02	92	/// The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from\r
fbb393ab LL	93	/// WIN_CERTIFICATE and encapsulate the information needed to\r
	94	/// implement the RSASSA-PKCS1-v1_5 digital signature algorithm as\r
	95	/// specified in RFC2437.\r
	96	///\r
	97	typedef struct {\r
bd86cb02	98	///\r
fbb393ab LL	99	/// This is the standard WIN_CERTIFICATE header, where\r
fbb393ab LL	100	/// wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS1_15.\r
bd86cb02 LG	101	///\r
	102	WIN_CERTIFICATE Hdr;\r
	103	///\r
	104	/// This is the hashing algorithm which was performed on the\r
fbb393ab	105	/// UEFI executable when creating the digital signature.\r
bd86cb02 LG	106	///\r
	107	EFI_GUID HashAlgorithm;\r
	108	///\r
fbb393ab LL	109	/// The following is the actual digital signature. The\r
	110	/// size of the signature is the same size as the key\r
	111	/// (1024-bit key is 128 bytes) and can be determined by\r
bd86cb02	112	/// subtracting the length of the other parts of this header\r
fbb393ab LL	113	/// from the total length of the certificate as found in\r
fbb393ab LL	114	/// Hdr.dwLength.\r
bd86cb02 LG	115	///\r
	116	/// UINT8 Signature[];\r
	117	///\r
	118	} WIN_CERTIFICATE_EFI_PKCS1_15;\r
	119	\r
	120	extern EFI_GUID gEfiCertTypeRsa2048Sha256Guid;\r
	121	\r
	122	#endif\r