iPXE
WinCertificate.h
Go to the documentation of this file.
1 /** @file
2  GUID for UEFI WIN_CERTIFICATE structure.
3 
4  Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
5  This program and the accompanying materials
6  are licensed and made available under the terms and conditions of the BSD License
7  which accompanies this distribution. The full text of the license may be found at
8  http://opensource.org/licenses/bsd-license.php
9 
10  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12 
13  @par Revision Reference:
14  GUID defined in UEFI 2.0 spec.
15 **/
16 
17 #ifndef __EFI_WIN_CERTIFICATE_H__
18 #define __EFI_WIN_CERTIFICATE_H__
19 
20 FILE_LICENCE ( BSD3 );
21 
22 //
23 // _WIN_CERTIFICATE.wCertificateType
24 //
25 #define WIN_CERT_TYPE_PKCS_SIGNED_DATA 0x0002
26 #define WIN_CERT_TYPE_EFI_PKCS115 0x0EF0
27 #define WIN_CERT_TYPE_EFI_GUID 0x0EF1
28 
29 ///
30 /// The WIN_CERTIFICATE structure is part of the PE/COFF specification.
31 ///
32 typedef struct {
33  ///
34  /// The length of the entire certificate,
35  /// including the length of the header, in bytes.
36  ///
38  ///
39  /// The revision level of the WIN_CERTIFICATE
40  /// structure. The current revision level is 0x0200.
41  ///
43  ///
44  /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI
45  /// certificate types. The UEFI specification reserves the range of
46  /// certificate type values from 0x0EF0 to 0x0EFF.
47  ///
49  ///
50  /// The following is the actual certificate. The format of
51  /// the certificate depends on wCertificateType.
52  ///
53  /// UINT8 bCertificate[ANYSIZE_ARRAY];
54  ///
56 
57 ///
58 /// WIN_CERTIFICATE_UEFI_GUID.CertType
59 ///
60 #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \
61  {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }
62 
63 ///
64 /// WIN_CERTIFICATE_UEFI_GUID.CertData
65 ///
66 typedef struct {
68  UINT8 PublicKey[256];
71 
72 
73 ///
74 /// Certificate which encapsulates a GUID-specific digital signature
75 ///
76 typedef struct {
77  ///
78  /// This is the standard WIN_CERTIFICATE header, where
79  /// wCertificateType is set to WIN_CERT_TYPE_EFI_GUID.
80  ///
82  ///
83  /// This is the unique id which determines the
84  /// format of the CertData. .
85  ///
87  ///
88  /// The following is the certificate data. The format of
89  /// the data is determined by the CertType.
90  /// If CertType is EFI_CERT_TYPE_RSA2048_SHA256_GUID,
91  /// the CertData will be EFI_CERT_BLOCK_RSA_2048_SHA256 structure.
92  ///
93  UINT8 CertData[1];
95 
96 
97 ///
98 /// Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.
99 ///
100 /// The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from
101 /// WIN_CERTIFICATE and encapsulate the information needed to
102 /// implement the RSASSA-PKCS1-v1_5 digital signature algorithm as
103 /// specified in RFC2437.
104 ///
105 typedef struct {
106  ///
107  /// This is the standard WIN_CERTIFICATE header, where
108  /// wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS1_15.
109  ///
111  ///
112  /// This is the hashing algorithm which was performed on the
113  /// UEFI executable when creating the digital signature.
114  ///
116  ///
117  /// The following is the actual digital signature. The
118  /// size of the signature is the same size as the key
119  /// (1024-bit key is 128 bytes) and can be determined by
120  /// subtracting the length of the other parts of this header
121  /// from the total length of the certificate as found in
122  /// Hdr.dwLength.
123  ///
124  /// UINT8 Signature[];
125  ///
127 
129 
130 #endif
128 bit buffer containing a unique identifier value.
Definition: Base.h:263
unsigned int UINT32
Definition: ProcessorBind.h:56
Certificate which encapsulates a GUID-specific digital signature.
unsigned char UINT8
Definition: ProcessorBind.h:62
EFI_GUID HashAlgorithm
This is the hashing algorithm which was performed on the UEFI executable when creating the digital si...
EFI_GUID CertType
This is the unique id which determines the format of the CertData.
EFI_GUID gEfiCertTypeRsa2048Sha256Guid
WIN_CERTIFICATE_UEFI_GUID.CertData.
UINT32 dwLength
The length of the entire certificate, including the length of the header, in bytes.
unsigned short UINT16
Definition: ProcessorBind.h:58
UINT8_t Signature[6]
Signature.
Definition: pxe_api.h:61
WIN_CERTIFICATE Hdr
This is the standard WIN_CERTIFICATE header, where wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS...
UINT16 wCertificateType
The certificate type.
Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.
UINT16 wRevision
The revision level of the WIN_CERTIFICATE structure.
WIN_CERTIFICATE Hdr
This is the standard WIN_CERTIFICATE header, where wCertificateType is set to WIN_CERT_TYPE_EFI_GUID.
The WIN_CERTIFICATE structure is part of the PE/COFF specification.
FILE_LICENCE(BSD3)