| 1 | /** @file
|
|---|
| 2 | Guid & data structure used for Device Security.
|
|---|
| 3 |
|
|---|
| 4 | Copyright (c) 2024, Intel Corporation. All rights reserved.<BR>
|
|---|
| 5 | SPDX-License-Identifier: BSD-2-Clause-Patent
|
|---|
| 6 |
|
|---|
| 7 | **/
|
|---|
| 8 |
|
|---|
| 9 | #ifndef EFI_DEVICE_AUTHENTICATION_GUID_H_
|
|---|
| 10 | #define EFI_DEVICE_AUTHENTICATION_GUID_H_
|
|---|
| 11 |
|
|---|
| 12 | /**
|
|---|
| 13 | This is a signature database for device authentication, instead of image authentication.
|
|---|
| 14 |
|
|---|
| 15 | The content of the signature database is same as the one in db/dbx. (a list of EFI_SIGNATURE_LIST)
|
|---|
| 16 | **/
|
|---|
| 17 | #define EFI_DEVICE_SIGNATURE_DATABASE_GUID \
|
|---|
| 18 | {0xb9c2b4f4, 0xbf5f, 0x462d, 0x8a, 0xdf, 0xc5, 0xc7, 0xa, 0xc3, 0x5d, 0xad}
|
|---|
| 19 | #define EFI_DEVICE_SECURITY_DATABASE L"devdb"
|
|---|
| 20 |
|
|---|
| 21 | extern EFI_GUID gEfiDeviceSignatureDatabaseGuid;
|
|---|
| 22 |
|
|---|
| 23 | /**
|
|---|
| 24 | Signature Database:
|
|---|
| 25 |
|
|---|
| 26 | +---------------------------------------+ <-----------------
|
|---|
| 27 | | SignatureType (GUID) | |
|
|---|
| 28 | +---------------------------------------+ |
|
|---|
| 29 | | SignatureListSize (UINT32) | |
|
|---|
| 30 | +---------------------------------------+ |
|
|---|
| 31 | | SignatureHeaderSize (UINT32) | |
|
|---|
| 32 | +---------------------------------------+ |
|
|---|
| 33 | | SignatureSize (UINT32) | |-EFI_SIGNATURE_LIST (1)
|
|---|
| 34 | +---------------------------------------+ |
|
|---|
| 35 | | SignatureHeader (SignatureHeaderSize) | |
|
|---|
| 36 | +---------------------------------------+ <-- |
|
|---|
| 37 | | SignatureOwner (GUID) | | |
|
|---|
| 38 | +---------------------------------------+ |-EFI_SIGNATURE_DATA (1)
|
|---|
| 39 | | SignatureData (SignatureSize - 16) | | |
|
|---|
| 40 | +---------------------------------------+ <-- |
|
|---|
| 41 | | SignatureOwner (GUID) | | |
|
|---|
| 42 | +---------------------------------------+ |-EFI_SIGNATURE_DATA (n)
|
|---|
| 43 | | SignatureData (SignatureSize - 16) | | |
|
|---|
| 44 | +---------------------------------------+ <-----------------
|
|---|
| 45 | | SignatureType (GUID) | |
|
|---|
| 46 | +---------------------------------------+ |
|
|---|
| 47 | | SignatureListSize (UINT32) | |-EFI_SIGNATURE_LIST (n)
|
|---|
| 48 | +---------------------------------------+ |
|
|---|
| 49 | | ... | |
|
|---|
| 50 | +---------------------------------------+ <-----------------
|
|---|
| 51 |
|
|---|
| 52 | SignatureType := EFI_CERT_SHAxxx_GUID |
|
|---|
| 53 | EFI_CERT_RSA2048_GUID |
|
|---|
| 54 | EFI_CERT_RSA2048_SHAxxx_GUID |
|
|---|
| 55 | EFI_CERT_X509_GUID |
|
|---|
| 56 | EFI_CERT_X509_SHAxxx_GUID
|
|---|
| 57 | (xxx = 256, 384, 512)
|
|---|
| 58 |
|
|---|
| 59 | **/
|
|---|
| 60 |
|
|---|
| 61 | #endif
|
|---|
