MdePkg/Include/Uefi/UefiMultiPhase.h

   1 /** @file
   2   This includes some definitions introduced in UEFI that will be used in both PEI and DXE phases.
   3
   4   Copyright (c) 2006, Intel Corporation
   5   All rights reserved. This program and the accompanying materials
   6   are licensed and made available under the terms and conditions of the BSD License
   7   which accompanies this distribution.  The full text of the license may be found at
   8   http://opensource.org/licenses/bsd-license.php
   9
  10   THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
  11   WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
  12
  13 **/
  14
  15 #ifndef __UEFI_MULTIPHASE_H__
  16 #define __UEFI_MULTIPHASE_H__
  17
  18 #include <ProcessorBind.h>
  19
  20 ///
  21 /// Enumeration of memory types introduced in UEFI.
  22 ///
  23 typedef enum {
  24   EfiReservedMemoryType,
  25   EfiLoaderCode,
  26   EfiLoaderData,
  27   EfiBootServicesCode,
  28   EfiBootServicesData,
  29   EfiRuntimeServicesCode,
  30   EfiRuntimeServicesData,
  31   EfiConventionalMemory,
  32   EfiUnusableMemory,
  33   EfiACPIReclaimMemory,
  34   EfiACPIMemoryNVS,
  35   EfiMemoryMappedIO,
  36   EfiMemoryMappedIOPortSpace,
  37   EfiPalCode,
  38   EfiMaxMemoryType
  39 } EFI_MEMORY_TYPE;
  40
  41
  42 ///
  43 /// Data structure that precedes all of the standard EFI table types.
  44 ///
  45 typedef struct {
  46   UINT64  Signature;
  47   UINT32  Revision;
  48   UINT32  HeaderSize;
  49   UINT32  CRC32;
  50   UINT32  Reserved;
  51 } EFI_TABLE_HEADER;
  52
  53 ///
  54 /// Attributes of variable.
  55 ///
  56 #define EFI_VARIABLE_NON_VOLATILE                 0x00000001
  57 #define EFI_VARIABLE_BOOTSERVICE_ACCESS           0x00000002
  58 #define EFI_VARIABLE_RUNTIME_ACCESS               0x00000004
  59 #define EFI_VARIABLE_HARDWARE_ERROR_RECORD        0x00000008
  60
  61 ///
  62 /// This attribute is identified by the mnemonic 'HR'
  63 /// elsewhere in this specification.
  64 ///
  65 #define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS   0x00000010
  66
  67 //
  68 // _WIN_CERTIFICATE.wCertificateType
  69 //
  70 #define WIN_CERT_TYPE_EFI_PKCS115   0x0EF0
  71 #define WIN_CERT_TYPE_EFI_GUID      0x0EF1
  72
  73 /**
  74
  75   The WIN_CERTIFICATE structure is part of the PE/COFF
  76   specification and has the following definition:
  77
  78   @param dwLength   The length of the entire certificate,
  79                     including the length of the header, in
  80                     bytes.
  81
  82   @param wRevision  The revision level of the WIN_CERTIFICATE
  83                     structure. The current revision level is
  84                     0x0200.
  85
  86   @param wCertificateType   The certificate type. See
  87                             WIN_CERT_TYPE_xxx for the UEFI
  88                             certificate types. The UEFI
  89                             specification reserves the range of
  90                             certificate type values from 0x0EF0
  91                             to 0x0EFF.
  92
  93   @param bCertificate   The actual certificate. The format of
  94                         the certificate depends on
  95                         wCertificateType. The format of the UEFI
  96                         certificates is defined below.
  97
  98
  99 **/
 100 typedef struct _WIN_CERTIFICATE {
 101   UINT32  dwLength;
 102   UINT16  wRevision;
 103   UINT16  wCertificateType;
 104   //UINT8 bCertificate[ANYSIZE_ARRAY];
 105 } WIN_CERTIFICATE;
 106
 107 //
 108 // WIN_CERTIFICATE_UEFI_GUID.CertType
 109 //
 110 #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \
 111   {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }
 112
 113 //
 114 // WIN_CERTIFICATE_UEFI_GUID.CertData
 115 //
 116 typedef struct _EFI_CERT_BLOCK_RSA_2048_SHA256 {
 117   UINT32  HashType;
 118   UINT8   PublicKey[256];
 119   UINT8   Signature[256];
 120 } EFI_CERT_BLOCK_RSA_2048_SHA256;
 121
 122
 123 /**
 124
 125   @param Hdr  This is the standard WIN_CERTIFICATE header, where
 126               wCertificateType is set to
 127               WIN_CERT_TYPE_UEFI_GUID.
 128
 129   @param CertType   This is the unique id which determines the
 130                     format of the CertData. In this case, the
 131                     value is EFI_CERT_TYPE_RSA2048_SHA256_GUID.
 132
 133   @param CertData   This is the certificate data. The format of
 134                     the data is determined by the CertType. In
 135                     this case the value is
 136                     EFI_CERT_BLOCK_RSA_2048_SHA256.
 137
 138 **/
 139 typedef struct _WIN_CERTIFICATE_UEFI_GUID {
 140   WIN_CERTIFICATE   Hdr;
 141   EFI_GUID          CertType;
 142   // UINT8            CertData[ANYSIZE_ARRAY];
 143 } WIN_CERTIFICATE_UEFI_GUID;
 144
 145
 146 /**
 147
 148   Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital
 149   signature.
 150
 151   The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from
 152   WIN_CERTIFICATE and encapsulate the information needed to
 153   implement the RSASSA-PKCS1-v1_5 digital signature algorithm as
 154   specified in RFC2437.
 155
 156   @param Hdr  This is the standard WIN_CERTIFICATE header, where
 157               wCertificateType is set to
 158               WIN_CERT_TYPE_UEFI_PKCS1_15.
 159
 160   @param HashAlgorithm  This is the hashing algorithm which was
 161                         performed on the UEFI executable when
 162                         creating the digital signature. It is
 163                         one of the enumerated values pre-defined
 164                         in Section 26.4.1. See
 165                         EFI_HASH_ALGORITHM_x.
 166
 167   @param Signature  This is the actual digital signature. The
 168                     size of the signature is the same size as
 169                     the key (1024-bit key is 128 bytes) and can
 170                     be determined by subtracting the length of
 171                     the other parts of this header from the
 172                     total length of the certificate as found in
 173                     Hdr.dwLength.
 174
 175 **/
 176 typedef struct _WIN_CERTIFICATE_EFI_PKCS1_15 {
 177   WIN_CERTIFICATE Hdr;
 178   EFI_GUID        HashAlgorithm;
 179   // UINT8 Signature[ANYSIZE_ARRAY];
 180 } WIN_CERTIFICATE_EFI_PKCS1_15;
 181
 182
 183 /**
 184
 185   AuthInfo is a WIN_CERTIFICATE using the wCertificateType
 186   WIN_CERTIFICATE_UEFI_GUID and the CertType
 187   EFI_CERT_TYPE_RSA2048_SHA256. If the attribute specifies
 188   authenticated access, then the Data buffer should begin with an
 189   authentication descriptor prior to the data payload and DataSize
 190   should reflect the the data.and descriptor size. The caller
 191   shall digest the Monotonic Count value and the associated data
 192   for the variable update using the SHA-256 1-way hash algorithm.
 193   The ensuing the 32-byte digest will be signed using the private
 194   key associated w/ the public/private 2048-bit RSA key-pair. The
 195   WIN_CERTIFICATE shall be used to describe the signature of the
 196   Variable data *Data. In addition, the signature will also
 197   include the MonotonicCount value to guard against replay attacks
 198
 199   @param  MonotonicCount  Included in the signature of
 200                           AuthInfo.Used to ensure freshness/no
 201                           replay. Incremented during each
 202                           "Write" access.
 203
 204   @param AuthInfo   Provides the authorization for the variable
 205                     access. It is a signature across the
 206                     variable data and the  Monotonic Count
 207                     value. Caller uses Private key that is
 208                     associated with a public key that has been
 209                     provisioned via the key exchange.
 210
 211 **/
 212 typedef struct {
 213   UINT64                      MonotonicCount;
 214   WIN_CERTIFICATE_UEFI_GUID   AuthInfo;
 215 } EFI_VARIABLE_AUTHENTICATION;
 216
 217 #endif
 218