--- /dev/null
+/** @file\r
+ The internal header file includes the common header files, defines\r
+ internal structure and functions used by AuthService module.\r
+\r
+Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>\r
+This program and the accompanying materials \r
+are licensed and made available under the terms and conditions of the BSD License \r
+which accompanies this distribution. The full text of the license may be found at \r
+http://opensource.org/licenses/bsd-license.php\r
+\r
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+\r
+**/\r
+\r
+#ifndef _AUTHSERVICE_H_\r
+#define _AUTHSERVICE_H_\r
+\r
+#define EFI_CERT_TYPE_RSA2048_SHA256_SIZE 256\r
+#define EFI_CERT_TYPE_RSA2048_SIZE 256\r
+\r
+///\r
+/// Size of AuthInfo prior to the data payload\r
+///\r
+#define AUTHINFO_SIZE (((UINTN)(((EFI_VARIABLE_AUTHENTICATION *) 0)->AuthInfo.CertData)) + sizeof (EFI_CERT_BLOCK_RSA_2048_SHA256))\r
+\r
+///\r
+/// Item number of support signature types.\r
+///\r
+#define SIGSUPPORT_NUM 2\r
+\r
+/**\r
+ Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set, and return the index of associated public key.\r
+\r
+ @param[in] Data The data pointer.\r
+ @param[in] DataSize The size of Data found. If size is less than the\r
+ data, this value contains the required size.\r
+ @param[in] VirtualMode The current calling mode for this function.\r
+ @param[in] Global The context of this Extended SAL Variable Services Class call.\r
+ @param[in] Variable The variable information which is used to keep track of variable usage.\r
+ @param[in] Attributes The attribute value of the variable.\r
+ @param[out] KeyIndex The output index of corresponding public key in database.\r
+ @param[out] MonotonicCount The output value of corresponding Monotonic Count.\r
+\r
+ @retval EFI_INVALID_PARAMETER Invalid parameter.\r
+ @retval EFI_WRITE_PROTECTED The variable is write-protected and needs authentication with\r
+ EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.\r
+ @retval EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS\r
+ set, but the AuthInfo does NOT pass the validation \r
+ check carried out by the firmware. \r
+ @retval EFI_SUCCESS The variable is not write-protected, or passed validation successfully.\r
+\r
+**/\r
+EFI_STATUS\r
+VerifyVariable (\r
+ IN VOID *Data,\r
+ IN UINTN DataSize,\r
+ IN BOOLEAN VirtualMode,\r
+ IN ESAL_VARIABLE_GLOBAL *Global,\r
+ IN VARIABLE_POINTER_TRACK *Variable,\r
+ IN UINT32 Attributes OPTIONAL,\r
+ OUT UINT32 *KeyIndex OPTIONAL,\r
+ OUT UINT64 *MonotonicCount OPTIONAL\r
+ );\r
+\r
+/**\r
+ Initializes for authenticated varibale service.\r
+\r
+ @retval EFI_SUCCESS The function successfully executed.\r
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate enough memory resources.\r
+\r
+**/\r
+EFI_STATUS\r
+AutenticatedVariableServiceInitialize (\r
+ VOID\r
+ );\r
+\r
+/**\r
+ Initializes for cryptlib service before use, include register algrithm and allocate scratch.\r
+\r
+**/\r
+VOID\r
+CryptLibraryInitialize (\r
+ VOID\r
+ );\r
+\r
+/**\r
+ Process variable with platform key for verification.\r
+\r
+ @param[in] VariableName The name of Variable to be found.\r
+ @param[in] VendorGuid Variable vendor GUID.\r
+ @param[in] Data The data pointer.\r
+ @param[in] DataSize The size of Data found. If size is less than the\r
+ data, this value contains the required size.\r
+ @param[in] VirtualMode The current calling mode for this function.\r
+ @param[in] Global The context of this Extended SAL Variable Services Class call.\r
+ @param[in] Variable The variable information which is used to keep track of variable usage.\r
+ @param[in] Attributes The attribute value of the variable.\r
+ @param[in] IsPk Indicates whether to process pk.\r
+\r
+ @retval EFI_INVALID_PARAMETER Invalid parameter.\r
+ @retval EFI_SECURITY_VIOLATION The variable does NOT pass the validation \r
+ check carried out by the firmware. \r
+ @retval EFI_SUCCESS The variable passed validation successfully.\r
+\r
+**/\r
+EFI_STATUS\r
+ProcessVarWithPk (\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid,\r
+ IN VOID *Data,\r
+ IN UINTN DataSize,\r
+ IN BOOLEAN VirtualMode,\r
+ IN ESAL_VARIABLE_GLOBAL *Global,\r
+ IN VARIABLE_POINTER_TRACK *Variable,\r
+ IN UINT32 Attributes OPTIONAL,\r
+ IN BOOLEAN IsPk\r
+ );\r
+\r
+/**\r
+ Process variable with key exchange key for verification.\r
+\r
+ @param[in] VariableName The name of Variable to be found.\r
+ @param[in] VendorGuid The variable vendor GUID.\r
+ @param[in] Data The data pointer.\r
+ @param[in] DataSize Size of Data found. If size is less than the\r
+ data, this value contains the required size.\r
+ @param[in] VirtualMode The current calling mode for this function.\r
+ @param[in] Global The context of this Extended SAL Variable Services Class call.\r
+ @param[in] Variable The variable information which is used to keep track of variable usage.\r
+ @param[in] Attributes The attribute value of the variable.\r
+\r
+ @retval EFI_INVALID_PARAMETER Invalid parameter.\r
+ @retval EFI_SECURITY_VIOLATION The variable does NOT pass the validation \r
+ check carried out by the firmware. \r
+ @retval EFI_SUCCESS The variable passed validation successfully.\r
+\r
+**/\r
+EFI_STATUS\r
+ProcessVarWithKek (\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid,\r
+ IN VOID *Data,\r
+ IN UINTN DataSize,\r
+ IN BOOLEAN VirtualMode,\r
+ IN ESAL_VARIABLE_GLOBAL *Global,\r
+ IN VARIABLE_POINTER_TRACK *Variable,\r
+ IN UINT32 Attributes OPTIONAL\r
+ );\r
+\r
+#endif\r
projects / mirror_edk2.git / blobdiff