summaryrefslogtreecommitdiff
path: root/MdePkg/Include/Uefi
diff options
context:
space:
mode:
authorlgao4 <lgao4@6f19259b-4bc3-4df7-8a09-765794883524>2009-09-02 09:23:28 +0000
committerlgao4 <lgao4@6f19259b-4bc3-4df7-8a09-765794883524>2009-09-02 09:23:28 +0000
commitbd86cb029242314c4274242612cfd79964cfbf17 (patch)
treeb56d5c8f5471032eb818d36e05140f666df6be72 /MdePkg/Include/Uefi
parent395a656ffc4ec75655761fdda4d7d884d6dcf39a (diff)
downloadedk2-platforms-bd86cb029242314c4274242612cfd79964cfbf17.tar.xz
1. Add TCG MOR (Memory Overwrite request) definition from TCG Platform Reset Attack Mitigation Specification.pdf.
2. Add WIN certificate definition from 2.3. 3. Add the signed Image verification definition from UEFI 2.3. git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@9226 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'MdePkg/Include/Uefi')
-rw-r--r--MdePkg/Include/Uefi/UefiMultiPhase.h109
1 files changed, 1 insertions, 108 deletions
diff --git a/MdePkg/Include/Uefi/UefiMultiPhase.h b/MdePkg/Include/Uefi/UefiMultiPhase.h
index f82a8ae792..7c4cec1103 100644
--- a/MdePkg/Include/Uefi/UefiMultiPhase.h
+++ b/MdePkg/Include/Uefi/UefiMultiPhase.h
@@ -15,6 +15,7 @@
#ifndef __UEFI_MULTIPHASE_H__
#define __UEFI_MULTIPHASE_H__
+#include <Guid/WinCertificate.h>
///
/// Enumeration of memory types introduced in UEFI.
///
@@ -130,114 +131,6 @@ typedef struct {
///
#define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 0x00000010
-//
-// _WIN_CERTIFICATE.wCertificateType
-//
-#define WIN_CERT_TYPE_EFI_PKCS115 0x0EF0
-#define WIN_CERT_TYPE_EFI_GUID 0x0EF1
-
-///
-/// The WIN_CERTIFICATE structure is part of the PE/COFF specification.
-///
-typedef struct _WIN_CERTIFICATE {
- ///
- /// The length of the entire certificate,
- /// including the length of the header, in bytes.
- ///
- UINT32 dwLength;
- ///
- /// The revision level of the WIN_CERTIFICATE
- /// structure. The current revision level is 0x0200.
- ///
- UINT16 wRevision;
- ///
- /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI
- /// certificate types. The UEFI specification reserves the range of
- /// certificate type values from 0x0EF0 to 0x0EFF.
- ///
- UINT16 wCertificateType;
- ///
- /// The following is the actual certificate. The format of
- /// the certificate depends on wCertificateType.
- ///
- /// UINT8 bCertificate[ANYSIZE_ARRAY];
- ///
-} WIN_CERTIFICATE;
-
-///
-/// WIN_CERTIFICATE_UEFI_GUID.CertType
-///
-#define EFI_CERT_TYPE_RSA2048_SHA256_GUID \
- {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }
-
-///
-/// WIN_CERTIFICATE_UEFI_GUID.CertData
-///
-typedef struct _EFI_CERT_BLOCK_RSA_2048_SHA256 {
- UINT32 HashType;
- UINT8 PublicKey[256];
- UINT8 Signature[256];
-} EFI_CERT_BLOCK_RSA_2048_SHA256;
-
-
-///
-/// Certificate which encapsulates a GUID-specific digital signature
-///
-typedef struct _WIN_CERTIFICATE_UEFI_GUID {
- ///
- /// This is the standard WIN_CERTIFICATE header, where
- /// wCertificateType is set to WIN_CERT_TYPE_UEFI_GUID.
- ///
- WIN_CERTIFICATE Hdr;
- ///
- /// This is the unique id which determines the
- /// format of the CertData. In this case, the
- /// value is EFI_CERT_TYPE_RSA2048_SHA256_GUID.
- ///
- EFI_GUID CertType;
- ///
- /// The following is the certificate data. The format of
- /// the data is determined by the CertType. In this case the value is
- /// EFI_CERT_BLOCK_RSA_2048_SHA256.
- ///
- /// UINT8 CertData[ANYSIZE_ARRAY];
- ///
-} WIN_CERTIFICATE_UEFI_GUID;
-
-
-///
-/// Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.
-///
-/// The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from
-/// WIN_CERTIFICATE and encapsulate the information needed to
-/// implement the RSASSA-PKCS1-v1_5 digital signature algorithm as
-/// specified in RFC2437.
-///
-typedef struct _WIN_CERTIFICATE_EFI_PKCS1_15 {
- ///
- /// This is the standard WIN_CERTIFICATE header, where
- /// wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS1_15.
- ///
- WIN_CERTIFICATE Hdr;
- ///
- /// This is the hashing algorithm which was performed on the
- /// UEFI executable when creating the digital signature.
- ///
- EFI_GUID HashAlgorithm;
- ///
- /// The following is the actual digital signature. The
- /// size of the signature is the same size as the key
- /// (1024-bit key is 128 bytes) and can be determined by
- /// subtracting the length of the other parts of this header
- /// from the total length of the certificate as found in
- /// Hdr.dwLength.
- ///
- /// UINT8 Signature[ANYSIZE_ARRAY];
- ///
-} WIN_CERTIFICATE_EFI_PKCS1_15;
-
-
-
///
/// AuthInfo is a WIN_CERTIFICATE using the wCertificateType
/// WIN_CERTIFICATE_UEFI_GUID and the CertType