]>
Commit | Line | Data |
---|---|---|
bd86cb02 | 1 | /** @file\r |
fbb393ab | 2 | GUID for UEFI WIN_CERTIFICATE structure.\r |
bd86cb02 | 3 | \r |
73a324f8 | 4 | Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>\r |
9344f092 | 5 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
bd86cb02 LG |
6 | \r |
7 | @par Revision Reference:\r | |
8 | GUID defined in UEFI 2.0 spec.\r | |
9 | **/\r | |
10 | \r | |
11 | #ifndef __EFI_WIN_CERTIFICATE_H__\r | |
12 | #define __EFI_WIN_CERTIFICATE_H__\r | |
13 | \r | |
14 | //\r | |
15 | // _WIN_CERTIFICATE.wCertificateType\r | |
fbb393ab | 16 | //\r |
bd86cb02 LG |
17 | #define WIN_CERT_TYPE_PKCS_SIGNED_DATA 0x0002\r |
18 | #define WIN_CERT_TYPE_EFI_PKCS115 0x0EF0\r | |
19 | #define WIN_CERT_TYPE_EFI_GUID 0x0EF1\r | |
20 | \r | |
21 | ///\r | |
22 | /// The WIN_CERTIFICATE structure is part of the PE/COFF specification.\r | |
23 | ///\r | |
24 | typedef struct {\r | |
25 | ///\r | |
fbb393ab LL |
26 | /// The length of the entire certificate,\r |
27 | /// including the length of the header, in bytes.\r | |
bd86cb02 LG |
28 | ///\r |
29 | UINT32 dwLength;\r | |
30 | ///\r | |
fbb393ab LL |
31 | /// The revision level of the WIN_CERTIFICATE\r |
32 | /// structure. The current revision level is 0x0200.\r | |
bd86cb02 LG |
33 | ///\r |
34 | UINT16 wRevision;\r | |
35 | ///\r | |
fbb393ab LL |
36 | /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI\r |
37 | /// certificate types. The UEFI specification reserves the range of\r | |
38 | /// certificate type values from 0x0EF0 to 0x0EFF.\r | |
bd86cb02 LG |
39 | ///\r |
40 | UINT16 wCertificateType;\r | |
41 | ///\r | |
fbb393ab | 42 | /// The following is the actual certificate. The format of\r |
bd86cb02 LG |
43 | /// the certificate depends on wCertificateType.\r |
44 | ///\r | |
45 | /// UINT8 bCertificate[ANYSIZE_ARRAY];\r | |
46 | ///\r | |
47 | } WIN_CERTIFICATE;\r | |
48 | \r | |
49 | ///\r | |
50 | /// WIN_CERTIFICATE_UEFI_GUID.CertType\r | |
fbb393ab | 51 | ///\r |
bd86cb02 LG |
52 | #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \\r |
53 | {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }\r | |
54 | \r | |
55 | ///\r | |
56 | /// WIN_CERTIFICATE_UEFI_GUID.CertData\r | |
fbb393ab | 57 | ///\r |
bd86cb02 | 58 | typedef struct {\r |
3f275826 LG |
59 | EFI_GUID HashType;\r |
60 | UINT8 PublicKey[256];\r | |
61 | UINT8 Signature[256];\r | |
bd86cb02 LG |
62 | } EFI_CERT_BLOCK_RSA_2048_SHA256;\r |
63 | \r | |
64 | \r | |
65 | ///\r | |
66 | /// Certificate which encapsulates a GUID-specific digital signature\r | |
67 | ///\r | |
68 | typedef struct {\r | |
69 | ///\r | |
70 | /// This is the standard WIN_CERTIFICATE header, where\r | |
fbb393ab LL |
71 | /// wCertificateType is set to WIN_CERT_TYPE_EFI_GUID.\r |
72 | ///\r | |
bd86cb02 LG |
73 | WIN_CERTIFICATE Hdr;\r |
74 | ///\r | |
fbb393ab | 75 | /// This is the unique id which determines the\r |
bd86cb02 LG |
76 | /// format of the CertData. .\r |
77 | ///\r | |
78 | EFI_GUID CertType;\r | |
fbb393ab | 79 | ///\r |
bd86cb02 | 80 | /// The following is the certificate data. The format of\r |
fbb393ab | 81 | /// the data is determined by the CertType.\r |
bd86cb02 LG |
82 | /// If CertType is EFI_CERT_TYPE_RSA2048_SHA256_GUID,\r |
83 | /// the CertData will be EFI_CERT_BLOCK_RSA_2048_SHA256 structure.\r | |
84 | ///\r | |
85 | UINT8 CertData[1];\r | |
86 | } WIN_CERTIFICATE_UEFI_GUID;\r | |
87 | \r | |
88 | \r | |
fbb393ab | 89 | ///\r |
bd86cb02 | 90 | /// Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.\r |
fbb393ab | 91 | ///\r |
bd86cb02 | 92 | /// The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from\r |
fbb393ab LL |
93 | /// WIN_CERTIFICATE and encapsulate the information needed to\r |
94 | /// implement the RSASSA-PKCS1-v1_5 digital signature algorithm as\r | |
95 | /// specified in RFC2437.\r | |
96 | ///\r | |
97 | typedef struct {\r | |
bd86cb02 | 98 | ///\r |
fbb393ab LL |
99 | /// This is the standard WIN_CERTIFICATE header, where\r |
100 | /// wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS1_15.\r | |
bd86cb02 LG |
101 | ///\r |
102 | WIN_CERTIFICATE Hdr;\r | |
103 | ///\r | |
104 | /// This is the hashing algorithm which was performed on the\r | |
fbb393ab | 105 | /// UEFI executable when creating the digital signature.\r |
bd86cb02 LG |
106 | ///\r |
107 | EFI_GUID HashAlgorithm;\r | |
108 | ///\r | |
fbb393ab LL |
109 | /// The following is the actual digital signature. The\r |
110 | /// size of the signature is the same size as the key\r | |
111 | /// (1024-bit key is 128 bytes) and can be determined by\r | |
bd86cb02 | 112 | /// subtracting the length of the other parts of this header\r |
fbb393ab LL |
113 | /// from the total length of the certificate as found in\r |
114 | /// Hdr.dwLength.\r | |
bd86cb02 LG |
115 | ///\r |
116 | /// UINT8 Signature[];\r | |
117 | ///\r | |
118 | } WIN_CERTIFICATE_EFI_PKCS1_15;\r | |
119 | \r | |
120 | extern EFI_GUID gEfiCertTypeRsa2048Sha256Guid;\r | |
121 | \r | |
122 | #endif\r |