sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
713ffa208e3a9c71a84b1b0743c536662af6ba8c
system76-edk2/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.h
gdong1 0c18794ea4 Add security package to repository. 
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12261 6f19259b-4bc3-4df7-8a09-765794883524
2011-09-02 07:49:32 +00:00

152 lines
6.7 KiB
C
Raw Blame History

/** @file
The internal header file includes the common header files, defines
internal structure and functions used by AuthService module.
Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef _AUTHSERVICE_H_
#define _AUTHSERVICE_H_
#define EFI_CERT_TYPE_RSA2048_SHA256_SIZE 256
#define EFI_CERT_TYPE_RSA2048_SIZE 256
///
/// Size of AuthInfo prior to the data payload
///
#define AUTHINFO_SIZE (((UINTN)(((EFI_VARIABLE_AUTHENTICATION *) 0)->AuthInfo.CertData)) + sizeof (EFI_CERT_BLOCK_RSA_2048_SHA256))
///
/// Item number of support signature types.
///
#define SIGSUPPORT_NUM 2
/**
Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set, and return the index of associated public key.
@param[in] Data The data pointer.
@param[in] DataSize The size of Data found. If size is less than the
data, this value contains the required size.
@param[in] VirtualMode The current calling mode for this function.
@param[in] Global The context of this Extended SAL Variable Services Class call.
@param[in] Variable The variable information which is used to keep track of variable usage.
@param[in] Attributes The attribute value of the variable.
@param[out] KeyIndex The output index of corresponding public key in database.
@param[out] MonotonicCount The output value of corresponding Monotonic Count.
@retval EFI_INVALID_PARAMETER Invalid parameter.
@retval EFI_WRITE_PROTECTED The variable is write-protected and needs authentication with
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
@retval EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
set, but the AuthInfo does NOT pass the validation
check carried out by the firmware.
@retval EFI_SUCCESS The variable is not write-protected, or passed validation successfully.
**/
EFI_STATUS
VerifyVariable (
IN VOID *Data,
IN UINTN DataSize,
IN BOOLEAN VirtualMode,
IN ESAL_VARIABLE_GLOBAL *Global,
IN VARIABLE_POINTER_TRACK *Variable,
IN UINT32 Attributes OPTIONAL,
OUT UINT32 *KeyIndex OPTIONAL,
OUT UINT64 *MonotonicCount OPTIONAL
);
/**
Initializes for authenticated varibale service.
@retval EFI_SUCCESS The function successfully executed.
@retval EFI_OUT_OF_RESOURCES Failed to allocate enough memory resources.
**/
EFI_STATUS
AutenticatedVariableServiceInitialize (
VOID
);
/**
Initializes for cryptlib service before use, include register algrithm and allocate scratch.
**/
VOID
CryptLibraryInitialize (
VOID
);
/**
Process variable with platform key for verification.
@param[in] VariableName The name of Variable to be found.
@param[in] VendorGuid Variable vendor GUID.
@param[in] Data The data pointer.
@param[in] DataSize The size of Data found. If size is less than the
data, this value contains the required size.
@param[in] VirtualMode The current calling mode for this function.
@param[in] Global The context of this Extended SAL Variable Services Class call.
@param[in] Variable The variable information which is used to keep track of variable usage.
@param[in] Attributes The attribute value of the variable.
@param[in] IsPk Indicates whether to process pk.
@retval EFI_INVALID_PARAMETER Invalid parameter.
@retval EFI_SECURITY_VIOLATION The variable does NOT pass the validation
check carried out by the firmware.
@retval EFI_SUCCESS The variable passed validation successfully.
**/
EFI_STATUS
ProcessVarWithPk (
IN CHAR16 *VariableName,
IN EFI_GUID *VendorGuid,
IN VOID *Data,
IN UINTN DataSize,
IN BOOLEAN VirtualMode,
IN ESAL_VARIABLE_GLOBAL *Global,
IN VARIABLE_POINTER_TRACK *Variable,
IN UINT32 Attributes OPTIONAL,
IN BOOLEAN IsPk
);
/**
Process variable with key exchange key for verification.
@param[in] VariableName The name of Variable to be found.
@param[in] VendorGuid The variable vendor GUID.
@param[in] Data The data pointer.
@param[in] DataSize Size of Data found. If size is less than the
data, this value contains the required size.
@param[in] VirtualMode The current calling mode for this function.
@param[in] Global The context of this Extended SAL Variable Services Class call.
@param[in] Variable The variable information which is used to keep track of variable usage.
@param[in] Attributes The attribute value of the variable.
@retval EFI_INVALID_PARAMETER Invalid parameter.
@retval EFI_SECURITY_VIOLATION The variable does NOT pass the validation
check carried out by the firmware.
@retval EFI_SUCCESS The variable passed validation successfully.
**/
EFI_STATUS
ProcessVarWithKek (
IN CHAR16 *VariableName,
IN EFI_GUID *VendorGuid,
IN VOID *Data,
IN UINTN DataSize,
IN BOOLEAN VirtualMode,
IN ESAL_VARIABLE_GLOBAL *Global,
IN VARIABLE_POINTER_TRACK *Variable,
IN UINT32 Attributes OPTIONAL
);
#endif
Reference in New Issue View Git Blame Copy Permalink