1314879Simp/** @file 2314879Simp GUID for UEFI WIN_CERTIFICATE structure. 3314879Simp 4314879Simp Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR> 5314879Simp This program and the accompanying materials 6314879Simp are licensed and made available under the terms and conditions of the BSD License 7314879Simp which accompanies this distribution. The full text of the license may be found at 8314879Simp http://opensource.org/licenses/bsd-license.php 9314879Simp 10314879Simp THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 11314879Simp WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. 12314879Simp 13314879Simp @par Revision Reference: 14314879Simp GUID defined in UEFI 2.0 spec. 15314879Simp**/ 16314879Simp 17314879Simp#ifndef __EFI_WIN_CERTIFICATE_H__ 18314879Simp#define __EFI_WIN_CERTIFICATE_H__ 19314879Simp 20314879Simp// 21314879Simp// _WIN_CERTIFICATE.wCertificateType 22314879Simp// 23314879Simp#define WIN_CERT_TYPE_PKCS_SIGNED_DATA 0x0002 24314879Simp#define WIN_CERT_TYPE_EFI_PKCS115 0x0EF0 25314879Simp#define WIN_CERT_TYPE_EFI_GUID 0x0EF1 26314879Simp 27314879Simp/// 28314879Simp/// The WIN_CERTIFICATE structure is part of the PE/COFF specification. 29314879Simp/// 30314879Simptypedef struct { 31314879Simp /// 32314879Simp /// The length of the entire certificate, 33314879Simp /// including the length of the header, in bytes. 34314879Simp /// 35314879Simp UINT32 dwLength; 36314879Simp /// 37314879Simp /// The revision level of the WIN_CERTIFICATE 38314879Simp /// structure. The current revision level is 0x0200. 39314879Simp /// 40314879Simp UINT16 wRevision; 41314879Simp /// 42314879Simp /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI 43314879Simp /// certificate types. The UEFI specification reserves the range of 44314879Simp /// certificate type values from 0x0EF0 to 0x0EFF. 45314879Simp /// 46314879Simp UINT16 wCertificateType; 47314879Simp /// 48314879Simp /// The following is the actual certificate. The format of 49314879Simp /// the certificate depends on wCertificateType. 50314879Simp /// 51314879Simp /// UINT8 bCertificate[ANYSIZE_ARRAY]; 52314879Simp /// 53314879Simp} WIN_CERTIFICATE; 54314879Simp 55314879Simp/// 56314879Simp/// WIN_CERTIFICATE_UEFI_GUID.CertType 57314879Simp/// 58314879Simp#define EFI_CERT_TYPE_RSA2048_SHA256_GUID \ 59314879Simp {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } } 60314879Simp 61314879Simp/// 62314879Simp/// WIN_CERTIFICATE_UEFI_GUID.CertData 63314879Simp/// 64314879Simptypedef struct { 65314879Simp EFI_GUID HashType; 66314879Simp UINT8 PublicKey[256]; 67314879Simp UINT8 Signature[256]; 68314879Simp} EFI_CERT_BLOCK_RSA_2048_SHA256; 69314879Simp 70314879Simp 71314879Simp/// 72314879Simp/// Certificate which encapsulates a GUID-specific digital signature 73314879Simp/// 74314879Simptypedef struct { 75314879Simp /// 76314879Simp /// This is the standard WIN_CERTIFICATE header, where 77314879Simp /// wCertificateType is set to WIN_CERT_TYPE_EFI_GUID. 78314879Simp /// 79314879Simp WIN_CERTIFICATE Hdr; 80314879Simp /// 81314879Simp /// This is the unique id which determines the 82314879Simp /// format of the CertData. . 83314879Simp /// 84314879Simp EFI_GUID CertType; 85314879Simp /// 86314879Simp /// The following is the certificate data. The format of 87314879Simp /// the data is determined by the CertType. 88314879Simp /// If CertType is EFI_CERT_TYPE_RSA2048_SHA256_GUID, 89314879Simp /// the CertData will be EFI_CERT_BLOCK_RSA_2048_SHA256 structure. 90314879Simp /// 91314879Simp UINT8 CertData[1]; 92314879Simp} WIN_CERTIFICATE_UEFI_GUID; 93314879Simp 94314879Simp 95314879Simp/// 96314879Simp/// Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature. 97314879Simp/// 98314879Simp/// The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from 99314879Simp/// WIN_CERTIFICATE and encapsulate the information needed to 100314879Simp/// implement the RSASSA-PKCS1-v1_5 digital signature algorithm as 101314879Simp/// specified in RFC2437. 102314879Simp/// 103314879Simptypedef struct { 104314879Simp /// 105314879Simp /// This is the standard WIN_CERTIFICATE header, where 106314879Simp /// wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS1_15. 107314879Simp /// 108314879Simp WIN_CERTIFICATE Hdr; 109314879Simp /// 110314879Simp /// This is the hashing algorithm which was performed on the 111314879Simp /// UEFI executable when creating the digital signature. 112314879Simp /// 113314879Simp EFI_GUID HashAlgorithm; 114314879Simp /// 115314879Simp /// The following is the actual digital signature. The 116314879Simp /// size of the signature is the same size as the key 117314879Simp /// (1024-bit key is 128 bytes) and can be determined by 118314879Simp /// subtracting the length of the other parts of this header 119314879Simp /// from the total length of the certificate as found in 120314879Simp /// Hdr.dwLength. 121314879Simp /// 122314879Simp /// UINT8 Signature[]; 123314879Simp /// 124314879Simp} WIN_CERTIFICATE_EFI_PKCS1_15; 125314879Simp 126314879Simpextern EFI_GUID gEfiCertTypeRsa2048Sha256Guid; 127314879Simp 128314879Simp#endif 129