Platform Key, Key Exchange Key, and Image signature database are defined \r
for the signed image validation.\r
\r
- Copyright (c) 2009, Intel Corporation\r
- All rights reserved. This program and the accompanying materials \r
+ Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>\r
+ This program and the accompanying materials \r
are licensed and made available under the terms and conditions of the BSD License \r
which accompanies this distribution. The full text of the license may be found at \r
http://opensource.org/licenses/bsd-license.php \r
///\r
/// An identifier which identifies the agent which added the signature to the list.\r
///\r
- EFI_GUID SignatureOwner;\r
+ EFI_GUID SignatureOwner;\r
///\r
/// The format of the signature is defined by the SignatureType.\r
///\r
- UINT8 SignatureData[1];\r
+ UINT8 SignatureData[1];\r
} EFI_SIGNATURE_DATA;\r
\r
typedef struct {\r
///\r
/// Type of the signature. GUID signature types are defined in below.\r
///\r
- EFI_GUID SignatureType;\r
+ EFI_GUID SignatureType;\r
///\r
/// Total size of the signature list, including this header.\r
///\r
- UINT32 SignatureListSize;\r
+ UINT32 SignatureListSize;\r
///\r
/// Size of the signature header which precedes the array of signatures.\r
///\r
- UINT32 SignatureHeaderSize;\r
+ UINT32 SignatureHeaderSize;\r
///\r
/// Size of each signature.\r
///\r
//***********************************************************************\r
typedef UINT32 EFI_IMAGE_EXECUTION_ACTION;\r
\r
-#define EFI_IMAGE_EXECUTION_AUTHENTICATION 0x00000007 \r
+#define EFI_IMAGE_EXECUTION_AUTHENTICATION 0x00000007 \r
+#define EFI_IMAGE_EXECUTION_AUTH_UNTESTED 0x00000000\r
+#define EFI_IMAGE_EXECUTION_AUTH_SIG_FAILED 0x00000001\r
+#define EFI_IMAGE_EXECUTION_AUTH_SIG_PASSED 0x00000002\r
+#define EFI_IMAGE_EXECUTION_AUTH_SIG_NOT_FOUND 0x00000003\r
+#define EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND 0x00000004\r
+#define EFI_IMAGE_EXECUTION_POLICY_FAILED 0x00000005\r
+#define EFI_IMAGE_EXECUTION_INITIALIZED 0x00000008\r
\r
//\r
// EFI_IMAGE_EXECUTION_INFO is added to EFI System Configuration Table \r
///\r
/// Describes the action taken by the firmware regarding this image.\r
///\r
- EFI_IMAGE_EXECUTION_ACTION Action;\r
+ EFI_IMAGE_EXECUTION_ACTION Action;\r
///\r
/// Size of all of the entire structure.\r
///\r
///\r
\r
///\r
- /// The image digest of the image. The certificate type must be one of the hash types. \r
- /// The hash type must match the type used in the Signature field.\r
- ///\r
- WIN_CERTIFICATE ImageHash;\r
- ///\r
- /// Zero or more image signatures. If the image contained no signtures, \r
+ /// Zero or more image signatures. If the image contained no signatures, \r
/// then this field is empty.\r
///\r
- WIN_CERTIFICATE Signature;\r
+ EFI_SIGNATURE_LIST Signature;\r
} EFI_IMAGE_EXECUTION_INFO;\r
\r
+\r
+typedef struct {\r
+ ///\r
+ /// Number of EFI_IMAGE_EXECUTION_INFO structures.\r
+ ///\r
+ UINTN NumberOfImages; \r
+ ///\r
+ /// Number of image instances of EFI_IMAGE_EXECUTION_INFO structures.\r
+ ///\r
+ // EFI_IMAGE_EXECUTION_INFO InformationInfo[] \r
+} EFI_IMAGE_EXECUTION_INFO_TABLE;\r
+\r
extern EFI_GUID gEfiImageSecurityDatabaseGuid;\r
extern EFI_GUID gEfiCertSha256Guid;\r
extern EFI_GUID gEfiCertRsa2048Guid; \r