sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
a00f7a355ad8e1a84d8087861020d45d6565a8f1
system76-edk2/SecurityPkg/Include/UefiSecureBoot.h
Kun Qin 134fbd552c SecurityPkg: UefiSecureBoot: Definitions of cert and payload structures 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3910

This change added certificate and payload structures that can be consumed
by SecureBootVariableLib and other Secure Boot related operations.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>

Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
2022-07-07 01:07:00 +00:00

95 lines
2.8 KiB
C
Raw Blame History

/** @file
Provides a Secure Boot related data structure definitions.
Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#ifndef UEFI_SECURE_BOOT_H_
#define UEFI_SECURE_BOOT_H_
#pragma pack (push, 1)
/*
Data structure to provide certificates to setup authenticated secure
boot variables ('db', 'dbx', 'dbt', 'pk', etc.).
*/
typedef struct {
//
// The size, in number of bytes, of supplied certificate in 'Data' field.
//
UINTN DataSize;
//
// The pointer to the certificates in DER-encoded format.
// Note: This certificate data should not contain the EFI_VARIABLE_AUTHENTICATION_2
// for authenticated variables.
//
CONST VOID *Data;
} SECURE_BOOT_CERTIFICATE_INFO;
/*
Data structure to provide all Secure Boot related certificates.
*/
typedef struct {
//
// The human readable name for this set of Secure Boot key sets.
//
CONST CHAR16 *SecureBootKeyName;
//
// The size, in number of bytes, of supplied certificate in 'DbPtr' field.
//
UINTN DbSize;
//
// The pointer to the DB certificates in signature list format.
// Note: This DB certificates should not contain the EFI_VARIABLE_AUTHENTICATION_2
// for authenticated variables.
//
CONST VOID *DbPtr;
//
// The size, in number of bytes, of supplied certificate in 'DbxPtr' field.
//
UINTN DbxSize;
//
// The pointer to the DBX certificates in signature list format.
// Note: This DBX certificates should not contain the EFI_VARIABLE_AUTHENTICATION_2
// for authenticated variables.
//
CONST VOID *DbxPtr;
//
// The size, in number of bytes, of supplied certificate in 'DbtPtr' field.
//
UINTN DbtSize;
//
// The pointer to the DBT certificates in signature list format.
// Note: This DBT certificates should not contain the EFI_VARIABLE_AUTHENTICATION_2
// for authenticated variables.
//
CONST VOID *DbtPtr;
//
// The size, in number of bytes, of supplied certificate in 'KekPtr' field.
//
UINTN KekSize;
//
// The pointer to the KEK certificates in signature list format.
// Note: This KEK certificates should not contain the EFI_VARIABLE_AUTHENTICATION_2
// for authenticated variables.
//
CONST VOID *KekPtr;
//
// The size, in number of bytes, of supplied certificate in 'PkPtr' field.
//
UINTN PkSize;
//
// The pointer to the PK certificates in signature list format.
// Note: This PK certificates should not contain the EFI_VARIABLE_AUTHENTICATION_2
// for authenticated variables.
//
CONST VOID *PkPtr;
} SECURE_BOOT_PAYLOAD_INFO;
#pragma pack (pop)
#endif // UEFI_SECURE_BOOT_H_
Reference in New Issue View Git Blame Copy Permalink