MdePkg/Include/Uefi/UefiMultiPhase.h

   1 /** @file
   2   This includes some definitions introduced in UEFI that will be used in both PEI and DXE phases.
   3
   4   Copyright (c) 2006 - 2008, Intel Corporation
   5   All rights reserved. This program and the accompanying materials
   6   are licensed and made available under the terms and conditions of the BSD License
   7   which accompanies this distribution.  The full text of the license may be found at
   8   http://opensource.org/licenses/bsd-license.php
   9
  10   THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
  11   WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
  12
  13 **/
  14
  15 #ifndef __UEFI_MULTIPHASE_H__
  16 #define __UEFI_MULTIPHASE_H__
  17
  18 #include <ProcessorBind.h>
  19
  20 ///
  21 /// Enumeration of memory types introduced in UEFI.
  22 ///
  23 typedef enum {
  24   EfiReservedMemoryType,
  25   EfiLoaderCode,
  26   EfiLoaderData,
  27   EfiBootServicesCode,
  28   EfiBootServicesData,
  29   EfiRuntimeServicesCode,
  30   EfiRuntimeServicesData,
  31   EfiConventionalMemory,
  32   EfiUnusableMemory,
  33   EfiACPIReclaimMemory,
  34   EfiACPIMemoryNVS,
  35   EfiMemoryMappedIO,
  36   EfiMemoryMappedIOPortSpace,
  37   EfiPalCode,
  38   EfiMaxMemoryType
  39 } EFI_MEMORY_TYPE;
  40
  41
  42 ///
  43 /// Data structure that precedes all of the standard EFI table types.
  44 ///
  45 typedef struct {
  46   UINT64  Signature;
  47   UINT32  Revision;
  48   UINT32  HeaderSize;
  49   UINT32  CRC32;
  50   UINT32  Reserved;
  51 } EFI_TABLE_HEADER;
  52
  53 ///
  54 /// Attributes of variable.
  55 ///
  56 #define EFI_VARIABLE_NON_VOLATILE                 0x00000001
  57 #define EFI_VARIABLE_BOOTSERVICE_ACCESS           0x00000002
  58 #define EFI_VARIABLE_RUNTIME_ACCESS               0x00000004
  59 #define EFI_VARIABLE_HARDWARE_ERROR_RECORD        0x00000008
  60
  61 ///
  62 /// This attribute is identified by the mnemonic 'HR'
  63 /// elsewhere in this specification.
  64 ///
  65 #define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS   0x00000010
  66
  67 //
  68 // _WIN_CERTIFICATE.wCertificateType
  69 //
  70 #define WIN_CERT_TYPE_EFI_PKCS115   0x0EF0
  71 #define WIN_CERT_TYPE_EFI_GUID      0x0EF1
  72
  73 ///
  74 /// The WIN_CERTIFICATE structure is part of the PE/COFF specification.
  75 ///
  76 typedef struct _WIN_CERTIFICATE {
  77   ///
  78   /// The length of the entire certificate,
  79   /// including the length of the header, in bytes.
  80   ///
  81   UINT32  dwLength;
  82   ///
  83   /// The revision level of the WIN_CERTIFICATE
  84   /// structure. The current revision level is 0x0200.
  85   ///
  86   UINT16  wRevision;
  87   ///
  88   /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI
  89   /// certificate types. The UEFI specification reserves the range of
  90   /// certificate type values from 0x0EF0 to 0x0EFF.
  91   ///
  92   UINT16  wCertificateType;
  93   ///
  94   /// The following is the actual certificate. The format of
  95   /// the certificate depends on wCertificateType.
  96   ///
  97   /// UINT8 bCertificate[ANYSIZE_ARRAY];
  98   ///
  99 } WIN_CERTIFICATE;
 100
 101 ///
 102 /// WIN_CERTIFICATE_UEFI_GUID.CertType
 103 ///
 104 #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \
 105   {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }
 106
 107 //
 108 // WIN_CERTIFICATE_UEFI_GUID.CertData
 109 //
 110 typedef struct _EFI_CERT_BLOCK_RSA_2048_SHA256 {
 111   UINT32  HashType;
 112   UINT8   PublicKey[256];
 113   UINT8   Signature[256];
 114 } EFI_CERT_BLOCK_RSA_2048_SHA256;
 115
 116
 117 ///
 118 /// Certificate which encapsulates a GUID-specific digital signature
 119 ///
 120 typedef struct _WIN_CERTIFICATE_UEFI_GUID {
 121   ///
 122   /// This is the standard WIN_CERTIFICATE header, where
 123   /// wCertificateType is set to WIN_CERT_TYPE_UEFI_GUID.
 124   ///
 125   WIN_CERTIFICATE   Hdr;
 126   ///
 127   /// This is the unique id which determines the
 128   /// format of the CertData. In this case, the
 129   /// value is EFI_CERT_TYPE_RSA2048_SHA256_GUID.
 130   ///
 131   EFI_GUID          CertType;
 132   ///
 133   /// The following is the certificate data. The format of
 134   /// the data is determined by the CertType. In this case the value is
 135   /// EFI_CERT_BLOCK_RSA_2048_SHA256.
 136   ///
 137   /// UINT8            CertData[ANYSIZE_ARRAY];
 138   ///
 139 } WIN_CERTIFICATE_UEFI_GUID;
 140
 141
 142 ///
 143 /// Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.
 144 ///
 145 /// The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from
 146 /// WIN_CERTIFICATE and encapsulate the information needed to
 147 /// implement the RSASSA-PKCS1-v1_5 digital signature algorithm as
 148 /// specified in RFC2437.
 149 ///
 150 typedef struct _WIN_CERTIFICATE_EFI_PKCS1_15 {
 151   ///
 152   /// This is the standard WIN_CERTIFICATE header, where
 153   /// wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS1_15.
 154   ///
 155   WIN_CERTIFICATE Hdr;
 156   ///
 157   /// This is the hashing algorithm which was performed on the
 158   /// UEFI executable when creating the digital signature.
 159   ///
 160   EFI_GUID        HashAlgorithm;
 161   ///
 162   /// The following is the actual digital signature. The
 163   /// size of the signature is the same size as the key
 164   /// (1024-bit key is 128 bytes) and can be determined by
 165   /// subtracting the length of the other parts of this header
 166   /// from the total length of the certificate as found in
 167   /// Hdr.dwLength.
 168   ///
 169   /// UINT8 Signature[ANYSIZE_ARRAY];
 170   ///
 171 } WIN_CERTIFICATE_EFI_PKCS1_15;
 172
 173
 174
 175 ///
 176 /// AuthInfo is a WIN_CERTIFICATE using the wCertificateType
 177 /// WIN_CERTIFICATE_UEFI_GUID and the CertType
 178 /// EFI_CERT_TYPE_RSA2048_SHA256. If the attribute specifies
 179 /// authenticated access, then the Data buffer should begin with an
 180 /// authentication descriptor prior to the data payload and DataSize
 181 /// should reflect the the data.and descriptor size. The caller
 182 /// shall digest the Monotonic Count value and the associated data
 183 /// for the variable update using the SHA-256 1-way hash algorithm.
 184 /// The ensuing the 32-byte digest will be signed using the private
 185 /// key associated w/ the public/private 2048-bit RSA key-pair. The
 186 /// WIN_CERTIFICATE shall be used to describe the signature of the
 187 /// Variable data *Data. In addition, the signature will also
 188 /// include the MonotonicCount value to guard against replay attacks
 189 ///
 190 typedef struct {
 191   ///
 192   /// Included in the signature of
 193   /// AuthInfo.Used to ensure freshness/no
 194   /// replay. Incremented during each
 195   /// "Write" access.
 196   ///
 197   UINT64                      MonotonicCount;
 198   ///
 199   /// Provides the authorization for the variable
 200   /// access. It is a signature across the
 201   /// variable data and the  Monotonic Count
 202   /// value. Caller uses Private key that is
 203   /// associated with a public key that has been
 204   /// provisioned via the key exchange.
 205   ///
 206   WIN_CERTIFICATE_UEFI_GUID   AuthInfo;
 207 } EFI_VARIABLE_AUTHENTICATION;
 208
 209 #endif
 210