UefiMultiPhase.h revision d71325128666d393addfaffa0ddf467bedc01eea 
1/** @file
2  This includes some definitions introduced in UEFI that will be used in both PEI and DXE phases.
3
4  Copyright (c) 2006, Intel Corporation
5  All rights reserved. This program and the accompanying materials
6  are licensed and made available under the terms and conditions of the BSD License
7  which accompanies this distribution.  The full text of the license may be found at
8  http://opensource.org/licenses/bsd-license.php
9
10  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13**/
14
15#ifndef __UEFI_MULTIPHASE_H__
16#define __UEFI_MULTIPHASE_H__
17
18#include <ProcessorBind.h>
19
20///
21/// Enumeration of memory types introduced in UEFI.
22///
23typedef enum {
24  EfiReservedMemoryType,
25  EfiLoaderCode,
26  EfiLoaderData,
27  EfiBootServicesCode,
28  EfiBootServicesData,
29  EfiRuntimeServicesCode,
30  EfiRuntimeServicesData,
31  EfiConventionalMemory,
32  EfiUnusableMemory,
33  EfiACPIReclaimMemory,
34  EfiACPIMemoryNVS,
35  EfiMemoryMappedIO,
36  EfiMemoryMappedIOPortSpace,
37  EfiPalCode,
38  EfiMaxMemoryType
39} EFI_MEMORY_TYPE;
40
41
42///
43/// Data structure that precedes all of the standard EFI table types.
44///
45typedef struct {
46  UINT64  Signature;
47  UINT32  Revision;
48  UINT32  HeaderSize;
49  UINT32  CRC32;
50  UINT32  Reserved;
51} EFI_TABLE_HEADER;
52
53///
54/// Attributes of variable.
55///
56#define EFI_VARIABLE_NON_VOLATILE                 0x00000001
57#define EFI_VARIABLE_BOOTSERVICE_ACCESS           0x00000002
58#define EFI_VARIABLE_RUNTIME_ACCESS               0x00000004
59#define EFI_VARIABLE_HARDWARE_ERROR_RECORD        0x00000008
60
61///
62/// This attribute is identified by the mnemonic 'HR'
63/// elsewhere in this specification.
64///
65#define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS   0x00000010
66
67//
68// _WIN_CERTIFICATE.wCertificateType
69//
70#define WIN_CERT_TYPE_EFI_PKCS115   0x0EF0
71#define WIN_CERT_TYPE_EFI_GUID      0x0EF1
72
73/**
74
75  The WIN_CERTIFICATE structure is part of the PE/COFF
76  specification and has the following definition:
77
78  @param dwLength   The length of the entire certificate,
79                    including the length of the header, in
80                    bytes.
81
82  @param wRevision  The revision level of the WIN_CERTIFICATE
83                    structure. The current revision level is
84                    0x0200.
85
86  @param wCertificateType   The certificate type. See
87                            WIN_CERT_TYPE_xxx for the UEFI
88                            certificate types. The UEFI
89                            specification reserves the range of
90                            certificate type values from 0x0EF0
91                            to 0x0EFF.
92
93  @param bCertificate   The actual certificate. The format of
94                        the certificate depends on
95                        wCertificateType. The format of the UEFI
96                        certificates is defined below.
97
98
99**/
100typedef struct _WIN_CERTIFICATE {
101  UINT32  dwLength;
102  UINT16  wRevision;
103  UINT16  wCertificateType;
104  //UINT8 bCertificate[ANYSIZE_ARRAY];
105} WIN_CERTIFICATE;
106
107//
108// WIN_CERTIFICATE_UEFI_GUID.CertType
109//
110#define EFI_CERT_TYPE_RSA2048_SHA256_GUID \
111  {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }
112
113//
114// WIN_CERTIFICATE_UEFI_GUID.CertData
115//
116typedef struct _EFI_CERT_BLOCK_RSA_2048_SHA256 {
117  UINT32  HashType;
118  UINT8   PublicKey[256];
119  UINT8   Signature[256];
120} EFI_CERT_BLOCK_RSA_2048_SHA256;
121
122
123/**
124
125  @param Hdr  This is the standard WIN_CERTIFICATE header, where
126              wCertificateType is set to
127              WIN_CERT_TYPE_UEFI_GUID.
128
129  @param CertType   This is the unique id which determines the
130                    format of the CertData. In this case, the
131                    value is EFI_CERT_TYPE_RSA2048_SHA256_GUID.
132
133  @param CertData   This is the certificate data. The format of
134                    the data is determined by the CertType. In
135                    this case the value is
136                    EFI_CERT_BLOCK_RSA_2048_SHA256.
137
138**/
139typedef struct _WIN_CERTIFICATE_UEFI_GUID {
140  WIN_CERTIFICATE   Hdr;
141  EFI_GUID          CertType;
142  // UINT8            CertData[ANYSIZE_ARRAY];
143} WIN_CERTIFICATE_UEFI_GUID;
144
145
146/**
147
148  Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital
149  signature.
150
151  The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from
152  WIN_CERTIFICATE and encapsulate the information needed to
153  implement the RSASSA-PKCS1-v1_5 digital signature algorithm as
154  specified in RFC2437.
155
156  @param Hdr  This is the standard WIN_CERTIFICATE header, where
157              wCertificateType is set to
158              WIN_CERT_TYPE_UEFI_PKCS1_15.
159
160  @param HashAlgorithm  This is the hashing algorithm which was
161                        performed on the UEFI executable when
162                        creating the digital signature. It is
163                        one of the enumerated values pre-defined
164                        in Section 26.4.1. See
165                        EFI_HASH_ALGORITHM_x.
166
167  @param Signature  This is the actual digital signature. The
168                    size of the signature is the same size as
169                    the key (1024-bit key is 128 bytes) and can
170                    be determined by subtracting the length of
171                    the other parts of this header from the
172                    total length of the certificate as found in
173                    Hdr.dwLength.
174
175**/
176typedef struct _WIN_CERTIFICATE_EFI_PKCS1_15 {
177  WIN_CERTIFICATE Hdr;
178  EFI_GUID        HashAlgorithm;
179  // UINT8 Signature[ANYSIZE_ARRAY];
180} WIN_CERTIFICATE_EFI_PKCS1_15;
181
182
183/**
184
185  AuthInfo is a WIN_CERTIFICATE using the wCertificateType
186  WIN_CERTIFICATE_UEFI_GUID and the CertType
187  EFI_CERT_TYPE_RSA2048_SHA256. If the attribute specifies
188  authenticated access, then the Data buffer should begin with an
189  authentication descriptor prior to the data payload and DataSize
190  should reflect the the data.and descriptor size. The caller
191  shall digest the Monotonic Count value and the associated data
192  for the variable update using the SHA-256 1-way hash algorithm.
193  The ensuing the 32-byte digest will be signed using the private
194  key associated w/ the public/private 2048-bit RSA key-pair. The
195  WIN_CERTIFICATE shall be used to describe the signature of the
196  Variable data *Data. In addition, the signature will also
197  include the MonotonicCount value to guard against replay attacks
198
199  @param  MonotonicCount  Included in the signature of
200                          AuthInfo.Used to ensure freshness/no
201                          replay. Incremented during each
202                          "Write" access.
203
204  @param AuthInfo   Provides the authorization for the variable
205                    access. It is a signature across the
206                    variable data and the  Monotonic Count
207                    value. Caller uses Private key that is
208                    associated with a public key that has been
209                    provisioned via the key exchange.
210
211**/
212typedef struct {
213  UINT64                      MonotonicCount;
214  WIN_CERTIFICATE_UEFI_GUID   AuthInfo;
215} EFI_VARIABLE_AUTHENTICATION;
216
217#endif
218
219