iPXE
WinCertificate.h
Go to the documentation of this file.
1 /** @file
2  GUID for UEFI WIN_CERTIFICATE structure.
3 
4  Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
5  SPDX-License-Identifier: BSD-2-Clause-Patent
6 
7  @par Revision Reference:
8  GUID defined in UEFI 2.0 spec.
9 **/
10 
11 #ifndef __EFI_WIN_CERTIFICATE_H__
12 #define __EFI_WIN_CERTIFICATE_H__
13 
14 FILE_LICENCE ( BSD2_PATENT );
15 
16 //
17 // _WIN_CERTIFICATE.wCertificateType
18 //
19 #define WIN_CERT_TYPE_PKCS_SIGNED_DATA 0x0002
20 #define WIN_CERT_TYPE_EFI_PKCS115 0x0EF0
21 #define WIN_CERT_TYPE_EFI_GUID 0x0EF1
22 
23 ///
24 /// The WIN_CERTIFICATE structure is part of the PE/COFF specification.
25 ///
26 typedef struct {
27  ///
28  /// The length of the entire certificate,
29  /// including the length of the header, in bytes.
30  ///
32  ///
33  /// The revision level of the WIN_CERTIFICATE
34  /// structure. The current revision level is 0x0200.
35  ///
37  ///
38  /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI
39  /// certificate types. The UEFI specification reserves the range of
40  /// certificate type values from 0x0EF0 to 0x0EFF.
41  ///
43  ///
44  /// The following is the actual certificate. The format of
45  /// the certificate depends on wCertificateType.
46  ///
47  /// UINT8 bCertificate[ANYSIZE_ARRAY];
48  ///
50 
51 ///
52 /// WIN_CERTIFICATE_UEFI_GUID.CertType
53 ///
54 #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \
55  {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }
56 
57 ///
58 /// WIN_CERTIFICATE_UEFI_GUID.CertData
59 ///
60 typedef struct {
62  UINT8 PublicKey[256];
65 
66 ///
67 /// Certificate which encapsulates a GUID-specific digital signature
68 ///
69 typedef struct {
70  ///
71  /// This is the standard WIN_CERTIFICATE header, where
72  /// wCertificateType is set to WIN_CERT_TYPE_EFI_GUID.
73  ///
75  ///
76  /// This is the unique id which determines the
77  /// format of the CertData. .
78  ///
80  ///
81  /// The following is the certificate data. The format of
82  /// the data is determined by the CertType.
83  /// If CertType is EFI_CERT_TYPE_RSA2048_SHA256_GUID,
84  /// the CertData will be EFI_CERT_BLOCK_RSA_2048_SHA256 structure.
85  ///
86  UINT8 CertData[1];
88 
89 ///
90 /// Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.
91 ///
92 /// The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from
93 /// WIN_CERTIFICATE and encapsulate the information needed to
94 /// implement the RSASSA-PKCS1-v1_5 digital signature algorithm as
95 /// specified in RFC2437.
96 ///
97 typedef struct {
98  ///
99  /// This is the standard WIN_CERTIFICATE header, where
100  /// wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS1_15.
101  ///
103  ///
104  /// This is the hashing algorithm which was performed on the
105  /// UEFI executable when creating the digital signature.
106  ///
108  ///
109  /// The following is the actual digital signature. The
110  /// size of the signature is the same size as the key
111  /// (1024-bit key is 128 bytes) and can be determined by
112  /// subtracting the length of the other parts of this header
113  /// from the total length of the certificate as found in
114  /// Hdr.dwLength.
115  ///
116  /// UINT8 Signature[];
117  ///
119 
121 
122 #endif
128 bit buffer containing a unique identifier value.
Definition: Base.h:215
unsigned int UINT32
Definition: ProcessorBind.h:98
Certificate which encapsulates a GUID-specific digital signature.
unsigned char UINT8
EFI_GUID HashAlgorithm
This is the hashing algorithm which was performed on the UEFI executable when creating the digital si...
EFI_GUID CertType
This is the unique id which determines the format of the CertData.
EFI_GUID gEfiCertTypeRsa2048Sha256Guid
WIN_CERTIFICATE_UEFI_GUID.CertData.
UINT32 dwLength
The length of the entire certificate, including the length of the header, in bytes.
unsigned short UINT16
UINT8_t Signature[6]
Signature.
Definition: pxe_api.h:61
WIN_CERTIFICATE Hdr
This is the standard WIN_CERTIFICATE header, where wCertificateType is set to WIN_CERT_TYPE_UEFI_PKCS...
UINT16 wCertificateType
The certificate type.
Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.
UINT16 wRevision
The revision level of the WIN_CERTIFICATE structure.
WIN_CERTIFICATE Hdr
This is the standard WIN_CERTIFICATE header, where wCertificateType is set to WIN_CERT_TYPE_EFI_GUID.
The WIN_CERTIFICATE structure is part of the PE/COFF specification.
FILE_LICENCE(BSD2_PATENT)