]>
Commit | Line | Data |
---|---|---|
1 | /** @file\r | |
2 | This includes some definitions introduced in UEFI that will be used in both PEI and DXE phases.\r | |
3 | \r | |
4 | Copyright (c) 2006 - 2008, Intel Corporation \r | |
5 | All rights reserved. This program and the accompanying materials \r | |
6 | are licensed and made available under the terms and conditions of the BSD License \r | |
7 | which accompanies this distribution. The full text of the license may be found at \r | |
8 | http://opensource.org/licenses/bsd-license.php \r | |
9 | \r | |
10 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r | |
11 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r | |
12 | \r | |
13 | **/\r | |
14 | \r | |
15 | #ifndef __UEFI_MULTIPHASE_H__\r | |
16 | #define __UEFI_MULTIPHASE_H__\r | |
17 | \r | |
18 | #include <ProcessorBind.h>\r | |
19 | \r | |
20 | ///\r | |
21 | /// Enumeration of memory types introduced in UEFI.\r | |
22 | /// \r | |
23 | typedef enum {\r | |
24 | EfiReservedMemoryType,\r | |
25 | EfiLoaderCode,\r | |
26 | EfiLoaderData,\r | |
27 | EfiBootServicesCode,\r | |
28 | EfiBootServicesData,\r | |
29 | EfiRuntimeServicesCode,\r | |
30 | EfiRuntimeServicesData,\r | |
31 | EfiConventionalMemory,\r | |
32 | EfiUnusableMemory,\r | |
33 | EfiACPIReclaimMemory,\r | |
34 | EfiACPIMemoryNVS,\r | |
35 | EfiMemoryMappedIO,\r | |
36 | EfiMemoryMappedIOPortSpace,\r | |
37 | EfiPalCode,\r | |
38 | EfiMaxMemoryType\r | |
39 | } EFI_MEMORY_TYPE;\r | |
40 | \r | |
41 | \r | |
42 | ///\r | |
43 | /// Data structure that precedes all of the standard EFI table types.\r | |
44 | /// \r | |
45 | typedef struct {\r | |
46 | UINT64 Signature;\r | |
47 | UINT32 Revision;\r | |
48 | UINT32 HeaderSize;\r | |
49 | UINT32 CRC32;\r | |
50 | UINT32 Reserved;\r | |
51 | } EFI_TABLE_HEADER;\r | |
52 | \r | |
53 | ///\r | |
54 | /// Attributes of variable.\r | |
55 | /// \r | |
56 | #define EFI_VARIABLE_NON_VOLATILE 0x00000001\r | |
57 | #define EFI_VARIABLE_BOOTSERVICE_ACCESS 0x00000002\r | |
58 | #define EFI_VARIABLE_RUNTIME_ACCESS 0x00000004\r | |
59 | #define EFI_VARIABLE_HARDWARE_ERROR_RECORD 0x00000008\r | |
60 | \r | |
61 | ///\r | |
62 | /// This attribute is identified by the mnemonic 'HR' \r | |
63 | /// elsewhere in this specification.\r | |
64 | /// \r | |
65 | #define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 0x00000010\r | |
66 | \r | |
67 | //\r | |
68 | // _WIN_CERTIFICATE.wCertificateType\r | |
69 | // \r | |
70 | #define WIN_CERT_TYPE_EFI_PKCS115 0x0EF0\r | |
71 | #define WIN_CERT_TYPE_EFI_GUID 0x0EF1\r | |
72 | \r | |
73 | ///\r | |
74 | /// The WIN_CERTIFICATE structure is part of the PE/COFF specification.\r | |
75 | ///\r | |
76 | typedef struct _WIN_CERTIFICATE {\r | |
77 | ///\r | |
78 | /// The length of the entire certificate, \r | |
79 | /// including the length of the header, in bytes. \r | |
80 | ///\r | |
81 | UINT32 dwLength;\r | |
82 | ///\r | |
83 | /// The revision level of the WIN_CERTIFICATE \r | |
84 | /// structure. The current revision level is 0x0200. \r | |
85 | ///\r | |
86 | UINT16 wRevision;\r | |
87 | ///\r | |
88 | /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI \r | |
89 | /// certificate types. The UEFI specification reserves the range of \r | |
90 | /// certificate type values from 0x0EF0 to 0x0EFF. \r | |
91 | ///\r | |
92 | UINT16 wCertificateType;\r | |
93 | ///\r | |
94 | /// The following is the actual certificate. The format of \r | |
95 | /// the certificate depends on wCertificateType.\r | |
96 | ///\r | |
97 | /// UINT8 bCertificate[ANYSIZE_ARRAY];\r | |
98 | ///\r | |
99 | } WIN_CERTIFICATE;\r | |
100 | \r | |
101 | ///\r | |
102 | /// WIN_CERTIFICATE_UEFI_GUID.CertType\r | |
103 | /// \r | |
104 | #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \\r | |
105 | {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }\r | |
106 | \r | |
107 | //\r | |
108 | // WIN_CERTIFICATE_UEFI_GUID.CertData\r | |
109 | // \r | |
110 | typedef struct _EFI_CERT_BLOCK_RSA_2048_SHA256 {\r | |
111 | UINT32 HashType;\r | |
112 | UINT8 PublicKey[256];\r | |
113 | UINT8 Signature[256];\r | |
114 | } EFI_CERT_BLOCK_RSA_2048_SHA256;\r | |
115 | \r | |
116 | \r | |
117 | ///\r | |
118 | /// Certificate which encapsulates a GUID-specific digital signature\r | |
119 | ///\r | |
120 | typedef struct _WIN_CERTIFICATE_UEFI_GUID {\r | |
121 | ///\r | |
122 | /// This is the standard WIN_CERTIFICATE header, where\r | |
123 | /// wCertificateType is set to WIN_CERT_TYPE_UEFI_GUID. \r | |
124 | /// \r | |
125 | WIN_CERTIFICATE Hdr;\r | |
126 | ///\r | |
127 | /// This is the unique id which determines the \r | |
128 | /// format of the CertData. In this case, the \r | |
129 | /// value is EFI_CERT_TYPE_RSA2048_SHA256_GUID.\r | |
130 | ///\r | |
131 | EFI_GUID CertType;\r | |
132 | /// \r | |
133 | /// The following is the certificate data. The format of\r | |
134 | /// the data is determined by the CertType. In this case the value is \r | |
135 | /// EFI_CERT_BLOCK_RSA_2048_SHA256. \r | |
136 | ///\r | |
137 | /// UINT8 CertData[ANYSIZE_ARRAY];\r | |
138 | ///\r | |
139 | } WIN_CERTIFICATE_UEFI_GUID;\r | |
140 | \r | |
141 | \r | |
142 | /// \r | |
143 | /// Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.\r | |
144 | /// \r | |
145 | /// The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from\r | |
146 | /// WIN_CERTIFICATE and encapsulate the information needed to \r | |
147 | /// implement the RSASSA-PKCS1-v1_5 digital signature algorithm as \r | |
148 | /// specified in RFC2437. \r | |
149 | /// \r | |
150 | typedef struct _WIN_CERTIFICATE_EFI_PKCS1_15 { \r | |
151 | ///\r | |
152 | /// This is the standard WIN_CERTIFICATE header, where \r | |
153 | /// wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS1_15. \r | |
154 | ///\r | |
155 | WIN_CERTIFICATE Hdr;\r | |
156 | ///\r | |
157 | /// This is the hashing algorithm which was performed on the\r | |
158 | /// UEFI executable when creating the digital signature. \r | |
159 | ///\r | |
160 | EFI_GUID HashAlgorithm;\r | |
161 | ///\r | |
162 | /// The following is the actual digital signature. The \r | |
163 | /// size of the signature is the same size as the key \r | |
164 | /// (1024-bit key is 128 bytes) and can be determined by \r | |
165 | /// subtracting the length of the other parts of this header\r | |
166 | /// from the total length of the certificate as found in \r | |
167 | /// Hdr.dwLength. \r | |
168 | ///\r | |
169 | /// UINT8 Signature[ANYSIZE_ARRAY];\r | |
170 | ///\r | |
171 | } WIN_CERTIFICATE_EFI_PKCS1_15;\r | |
172 | \r | |
173 | \r | |
174 | \r | |
175 | /// \r | |
176 | /// AuthInfo is a WIN_CERTIFICATE using the wCertificateType\r | |
177 | /// WIN_CERTIFICATE_UEFI_GUID and the CertType\r | |
178 | /// EFI_CERT_TYPE_RSA2048_SHA256. If the attribute specifies\r | |
179 | /// authenticated access, then the Data buffer should begin with an\r | |
180 | /// authentication descriptor prior to the data payload and DataSize\r | |
181 | /// should reflect the the data.and descriptor size. The caller\r | |
182 | /// shall digest the Monotonic Count value and the associated data\r | |
183 | /// for the variable update using the SHA-256 1-way hash algorithm.\r | |
184 | /// The ensuing the 32-byte digest will be signed using the private\r | |
185 | /// key associated w/ the public/private 2048-bit RSA key-pair. The\r | |
186 | /// WIN_CERTIFICATE shall be used to describe the signature of the\r | |
187 | /// Variable data *Data. In addition, the signature will also\r | |
188 | /// include the MonotonicCount value to guard against replay attacks\r | |
189 | /// \r | |
190 | typedef struct {\r | |
191 | ///\r | |
192 | /// Included in the signature of \r | |
193 | /// AuthInfo.Used to ensure freshness/no\r | |
194 | /// replay. Incremented during each \r | |
195 | /// "Write" access. \r | |
196 | /// \r | |
197 | UINT64 MonotonicCount;\r | |
198 | ///\r | |
199 | /// Provides the authorization for the variable \r | |
200 | /// access. It is a signature across the \r | |
201 | /// variable data and the Monotonic Count \r | |
202 | /// value. Caller uses Private key that is \r | |
203 | /// associated with a public key that has been \r | |
204 | /// provisioned via the key exchange. \r | |
205 | ///\r | |
206 | WIN_CERTIFICATE_UEFI_GUID AuthInfo;\r | |
207 | } EFI_VARIABLE_AUTHENTICATION;\r | |
208 | \r | |
209 | #endif\r | |
210 | \r |