[PATCH v3 01/11] SecurityPkg: UefiSecureBoot: Definitions of cert and payload structures
|
Kun Qin
From: Kun Qin <kuqin@...>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3910 This change added certificate and payload structures that can be consumed by SecureBootVariableLib and other Secure Boot related operations. Cc: Jiewen Yao <jiewen.yao@...> Cc: Jian J Wang <jian.j.wang@...> Cc: Min Xu <min.m.xu@...> Signed-off-by: Kun Qin <kun.qin@...> Reviewed-by: Jiewen Yao <Jiewen.yao@...> Acked-by: Michael Kubacki <michael.kubacki@...> --- Notes: v3: - Added reviewed-by tag [Jiewen] - Added reviewed-by tag [Michael Kubacki] SecurityPkg/Include/UefiSecureBoot.h | 94 ++++++++++++++++++++ 1 file changed, 94 insertions(+) diff --git a/SecurityPkg/Include/UefiSecureBoot.h b/SecurityPkg/Include/Uef= iSecureBoot.h new file mode 100644 index 000000000000..642fef38f3a1 --- /dev/null +++ b/SecurityPkg/Include/UefiSecureBoot.h @@ -0,0 +1,94 @@ +/** @file=0D + Provides a Secure Boot related data structure definitions.=0D +=0D + Copyright (c) Microsoft Corporation.=0D + SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#ifndef UEFI_SECURE_BOOT_H_=0D +#define UEFI_SECURE_BOOT_H_=0D +=0D +#pragma pack (push, 1)=0D +=0D +/*=0D + Data structure to provide certificates to setup authenticated secure=0D + boot variables ('db', 'dbx', 'dbt', 'pk', etc.).=0D +=0D +*/=0D +typedef struct {=0D + //=0D + // The size, in number of bytes, of supplied certificate in 'Data' field= .=0D + //=0D + UINTN DataSize;=0D + //=0D + // The pointer to the certificates in DER-encoded format.=0D + // Note: This certificate data should not contain the EFI_VARIABLE_AUTHE= NTICATION_2=0D + // for authenticated variables.=0D + //=0D + CONST VOID *Data;=0D +} SECURE_BOOT_CERTIFICATE_INFO;=0D +=0D +/*=0D + Data structure to provide all Secure Boot related certificates.=0D +=0D +*/=0D +typedef struct {=0D + //=0D + // The human readable name for this set of Secure Boot key sets.=0D + //=0D + CONST CHAR16 *SecureBootKeyName;=0D + //=0D + // The size, in number of bytes, of supplied certificate in 'DbPtr' fiel= d.=0D + //=0D + UINTN DbSize;=0D + //=0D + // The pointer to the DB certificates in signature list format.=0D + // Note: This DB certificates should not contain the EFI_VARIABLE_AUTHEN= TICATION_2=0D + // for authenticated variables.=0D + //=0D + CONST VOID *DbPtr;=0D + //=0D + // The size, in number of bytes, of supplied certificate in 'DbxPtr' fie= ld.=0D + //=0D + UINTN DbxSize;=0D + //=0D + // The pointer to the DBX certificates in signature list format.=0D + // Note: This DBX certificates should not contain the EFI_VARIABLE_AUTHE= NTICATION_2=0D + // for authenticated variables.=0D + //=0D + CONST VOID *DbxPtr;=0D + //=0D + // The size, in number of bytes, of supplied certificate in 'DbtPtr' fie= ld.=0D + //=0D + UINTN DbtSize;=0D + //=0D + // The pointer to the DBT certificates in signature list format.=0D + // Note: This DBT certificates should not contain the EFI_VARIABLE_AUTHE= NTICATION_2=0D + // for authenticated variables.=0D + //=0D + CONST VOID *DbtPtr;=0D + //=0D + // The size, in number of bytes, of supplied certificate in 'KekPtr' fie= ld.=0D + //=0D + UINTN KekSize;=0D + //=0D + // The pointer to the KEK certificates in signature list format.=0D + // Note: This KEK certificates should not contain the EFI_VARIABLE_AUTHE= NTICATION_2=0D + // for authenticated variables.=0D + //=0D + CONST VOID *KekPtr;=0D + //=0D + // The size, in number of bytes, of supplied certificate in 'PkPtr' fiel= d.=0D + //=0D + UINTN PkSize;=0D + //=0D + // The pointer to the PK certificates in signature list format.=0D + // Note: This PK certificates should not contain the EFI_VARIABLE_AUTHEN= TICATION_2=0D + // for authenticated variables.=0D + //=0D + CONST VOID *PkPtr;=0D +} SECURE_BOOT_PAYLOAD_INFO;=0D +#pragma pack (pop)=0D +=0D +#endif // UEFI_SECURE_BOOT_H_=0D --=20 2.36.0.windows.1 |
|
|