/** @file\r
- Platform Key, Key Exchange Key, and Image signature database are defined \r
- for the signed image validation.\r
+ Image signature database are defined for the signed image validation.\r
\r
- Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials \r
are licensed and made available under the terms and conditions of the BSD License \r
which accompanies this distribution. The full text of the license may be found at \r
///\r
#define EFI_IMAGE_SECURITY_DATABASE1 L"dbx"\r
\r
+#define SECURE_BOOT_MODE_ENABLE 1\r
+#define SECURE_BOOT_MODE_DISABLE 0\r
#define SETUP_MODE 1\r
#define USER_MODE 0\r
-///\r
-/// Globally "SetupMode" variable to specify whether the system is currently operating \r
-/// in setup mode (1) or not (0). All other values are reserved.\r
-///\r
-#define EFI_SETUP_MODE_NAME L"SetupMode"\r
-///\r
-/// Globally "PK" variable for the Platform Key Signature Database.\r
-///\r
-#define EFI_PLATFORM_KEY_NAME L"PK"\r
-///\r
-/// Globally "KEK" variable for the Key Exchange Key Signature Database.\r
-///\r
-#define EFI_KEY_EXCHANGE_KEY_NAME L"KEK"\r
-///\r
-/// Globally "SignatureSupport" variable returns an array of GUIDs, \r
-/// with each GUID representing a type of signature which the platform \r
-/// firmware supports for images and other data.\r
-///\r
-#define EFI_SIGNATURE_SUPPORT_NAME L"SignatureSupport"\r
+\r
\r
//***********************************************************************\r
// Signature Database\r
/// since the public key exponent is known to be 0x10001) shall be stored in big-endian\r
/// order.\r
/// The SignatureHeader size shall always be 0. The SignatureSize shall always be 16 (size \r
-/// of SignatureOwner component) + 32 bytes.\r
+/// of SignatureOwner component) + 256 bytes.\r
///\r
#define EFI_CERT_RSA2048_GUID \\r
{ \\r
///\r
/// This identifies a signature containing a RSA-2048 signature of a SHA-256 hash. The \r
/// SignatureHeader size shall always be 0. The SignatureSize shall always be 16 (size of \r
-/// SignatureOwner component) + 32 bytes.\r
+/// SignatureOwner component) + 256 bytes.\r
///\r
#define EFI_CERT_RSA2048_SHA256_GUID \\r
{ \\r
\r
///\r
/// This identifies a signature containing a SHA-1 hash. The SignatureSize shall always\r
-/// be 16 (size of SignatureOwner component) + 32 bytes.\r
+/// be 16 (size of SignatureOwner component) + 20 bytes.\r
///\r
#define EFI_CERT_SHA1_GUID \\r
{ \\r
///\r
/// TThis identifies a signature containing a RSA-2048 signature of a SHA-1 hash. The \r
/// SignatureHeader size shall always be 0. The SignatureSize shall always be 16 (size of \r
-/// SignatureOwner component) + 32 bytes.\r
+/// SignatureOwner component) + 256 bytes.\r
///\r
#define EFI_CERT_RSA2048_SHA1_GUID \\r
{ \\r
{ \\r
0x93e0fae, 0xa6c4, 0x4f50, {0x9f, 0x1b, 0xd4, 0x1e, 0x2b, 0x89, 0xc1, 0x9a} \\r
}\r
+\r
+///\r
+/// This identifies a signature containing a DER-encoded PKCS #7 version 1.5 [RFC2315]\r
+/// SignedData value.\r
+///\r
+#define EFI_CERT_TYPE_PKCS7_GUID \\r
+ { \\r
+ 0x4aafd29d, 0x68df, 0x49ee, {0x8a, 0xa9, 0x34, 0x7d, 0x37, 0x56, 0x65, 0xa7} \\r
+ }\r
\r
//***********************************************************************\r
// Image Execution Information Table Definition\r
extern EFI_GUID gEfiCertSha224Guid;\r
extern EFI_GUID gEfiCertSha384Guid;\r
extern EFI_GUID gEfiCertSha512Guid;\r
+extern EFI_GUID gEfiCertPkcs7Guid;\r
\r
#endif\r
projects / mirror_edk2.git / blobdiff