Home | History | Annotate | Download | only in Bis 
      1 /*++
      2 
      3 Copyright (c) 2004, Intel Corporation. All rights reserved.<BR>
      4 This program and the accompanying materials
      5 are licensed and made available under the terms and conditions of the BSD License
      6 which accompanies this distribution.  The full text of the license may be found at
      7 http://opensource.org/licenses/bsd-license.php
      8 
      9 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
     10 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
     11 
     12 Module Name:
     13 
     14   Bis.h
     15 
     16 Abstract:
     17 
     18   This file defines the BIS protocol.
     19 
     20 --*/
     21 
     22 #ifndef _BIS_H_
     23 #define _BIS_H_
     24 
     25 #include <EfiSpec.h>
     26 
     27 //
     28 // Basic types
     29 //
     30 typedef VOID    *BIS_APPLICATION_HANDLE;
     31 typedef UINT16  BIS_ALG_ID;
     32 typedef UINT32  BIS_CERT_ID;
     33 
     34 //
     35 // EFI_BIS_DATA type.
     36 //
     37 // EFI_BIS_DATA instances obtained from BIS must be freed by calling Free( ).
     38 //
     39 typedef struct _EFI_BIS_DATA {
     40   UINT32  Length; // Length of Data in 8 bit bytes.
     41   UINT8   *Data;  // 32 Bit Flat Address of data.
     42 } EFI_BIS_DATA;
     43 
     44 //
     45 // EFI_BIS_VERSION type.
     46 //
     47 typedef struct _EFI_BIS_VERSION {
     48   UINT32  Major;  // BIS Interface version number.
     49   UINT32  Minor;  // Build number.
     50 } EFI_BIS_VERSION;
     51 
     52 //
     53 // ----------------------------------------------------//
     54 // Use these values to initialize EFI_BIS_VERSION.Major
     55 // and to interpret results of Initialize.
     56 // ----------------------------------------------------//
     57 //
     58 #define BIS_CURRENT_VERSION_MAJOR BIS_VERSION_1
     59 #define BIS_VERSION_1             1
     60 
     61 //
     62 // EFI_BIS_SIGNATURE_INFO type.
     63 //
     64 typedef struct _EFI_BIS_SIGNATURE_INFO {
     65   BIS_CERT_ID CertificateID;  // Truncated hash of platform Boot Object
     66   //  authorization certificate.
     67   //
     68   BIS_ALG_ID  AlgorithmID;  // A signature algorithm number.
     69   UINT16      KeyLength;    // Length of alg. keys in bits.
     70 } EFI_BIS_SIGNATURE_INFO;
     71 
     72 //
     73 // Currently defined values for EFI_BIS_SIGNATURE_INFO.AlgorithmID.
     74 // The exact numeric values come from
     75 //    "Common Data Security Architecture (CDSA) Specification".
     76 //
     77 #define BIS_ALG_DSA     (41)  // CSSM_ALGID_DSA
     78 #define BIS_ALG_RSA_MD5 (42)  // CSSM_ALGID_MD5_WITH_RSA
     79 // Currently defined values for EFI_BIS_SIGNATURE_INFO.CertificateId.
     80 //
     81 #define BIS_CERT_ID_DSA     BIS_ALG_DSA     // CSSM_ALGID_DSA
     82 #define BIS_CERT_ID_RSA_MD5 BIS_ALG_RSA_MD5 // CSSM_ALGID_MD5_WITH_RSA
     83 // The  following  is a mask value that gets applied to the truncated hash of a
     84 // platform  Boot Object Authorization Certificate to create the certificateID.
     85 // A certificateID must not have any bits set to the value 1 other than bits in
     86 // this mask.
     87 //
     88 #define BIS_CERT_ID_MASK  (0xFF7F7FFF)
     89 
     90 //
     91 // Macros for dealing with the EFI_BIS_DATA object obtained
     92 // from BIS_GetSignatureInfo()
     93 // BIS_GET_SIGINFO_COUNT - tells how many EFI_BIS_SIGNATURE_INFO
     94 //  elements are contained in a EFI_BIS_DATA struct pointed to
     95 //  by the provided EFI_BIS_DATA*.
     96 //
     97 #define BIS_GET_SIGINFO_COUNT(BisDataPtr) ((BisDataPtr)->Length / sizeof (EFI_BIS_SIGNATURE_INFO))
     98 
     99 //
    100 // BIS_GET_SIGINFO_ARRAY - produces a EFI_BIS_SIGNATURE_INFO*
    101 //  from a given EFI_BIS_DATA*.
    102 //
    103 #define BIS_GET_SIGINFO_ARRAY(BisDataPtr) ((EFI_BIS_SIGNATURE_INFO *) (BisDataPtr)->Data)
    104 
    105 //
    106 // Binary Value of "X-Intel-BIS-ParameterSet" Attribute.
    107 // (Value is Base64 encoded in actual signed manifest).
    108 // {EDD35E31-07B9-11d2-83A3-00A0C91FADCF}
    109 //
    110 #define BOOT_OBJECT_AUTHORIZATION_PARMSET_GUIDVALUE \
    111   { \
    112     0xedd35e31, 0x7b9, 0x11d2, \
    113     { \
    114       0x83, 0xa3, 0x0, 0xa0, 0xc9, 0x1f, 0xad, 0xcf \
    115     } \
    116   }
    117 
    118 //
    119 // -----------------------------------//
    120 //  EFI_BIS_PROTOCOL
    121 // -----------------------------------//
    122 //
    123 #define EFI_BIS_PROTOCOL_GUID \
    124   { \
    125     0x0b64aab0, 0x5429, 0x11d4, {0x98, 0x16, 0x00, 0xa0, 0xc9, 0x1f, 0xad, 0xcf} \
    126   }
    127 
    128 typedef struct _EFI_BIS_PROTOCOL  EFI_BIS_PROTOCOL;
    129 
    130 typedef
    131 EFI_STATUS
    132 (EFIAPI *EFI_BIS_INITIALIZE) (
    133   IN     EFI_BIS_PROTOCOL        * This,              // this
    134   OUT    BIS_APPLICATION_HANDLE  * AppHandle,         // Application handle.
    135   IN OUT EFI_BIS_VERSION         * InterfaceVersion,  // ver needed/available.
    136   IN     EFI_BIS_DATA            * TargetAddress      // Address of BIS platform.
    137   );
    138 
    139 typedef
    140 EFI_STATUS
    141 (EFIAPI *EFI_BIS_FREE) (
    142   IN BIS_APPLICATION_HANDLE  AppHandle,               // From Initialize( ).
    143   IN EFI_BIS_DATA            * ToFree                 // EFI_BIS_DATA being freed.
    144   );
    145 
    146 typedef
    147 EFI_STATUS
    148 (EFIAPI *EFI_BIS_SHUTDOWN) (
    149   IN BIS_APPLICATION_HANDLE  AppHandle                // From Initialize( ).
    150   );
    151 
    152 typedef
    153 EFI_STATUS
    154 (EFIAPI *EFI_BIS_GET_BOOT_OBJECT_AUTHORIZATION_CERTIFICATE) (
    155   IN  BIS_APPLICATION_HANDLE  AppHandle,              // From Initialize( ).
    156   OUT EFI_BIS_DATA            **Certificate           // Pointer to certificate.
    157   );
    158 
    159 typedef
    160 EFI_STATUS
    161 (EFIAPI *EFI_BIS_VERIFY_BOOT_OBJECT) (
    162   IN  BIS_APPLICATION_HANDLE AppHandle,               // From Initialize( ).
    163   IN  EFI_BIS_DATA           * Credentials,           // Verification signed manifest.
    164   IN  EFI_BIS_DATA           * DataObject,            // Boot object to verify.
    165   OUT BOOLEAN                *IsVerified              // Result of verifcation.
    166   );
    167 
    168 typedef
    169 EFI_STATUS
    170 (EFIAPI *EFI_BIS_GET_BOOT_OBJECT_AUTHORIZATION_CHECKFLAG) (
    171   IN  BIS_APPLICATION_HANDLE  AppHandle,              // From Initialize( ).
    172   OUT BOOLEAN                 *CheckIsRequired        // Value of check flag.
    173   );
    174 
    175 typedef
    176 EFI_STATUS
    177 (EFIAPI *EFI_BIS_GET_BOOT_OBJECT_AUTHORIZATION_UPDATE_TOKEN) (
    178   IN  BIS_APPLICATION_HANDLE  AppHandle,              // From Initialize( ).
    179   OUT EFI_BIS_DATA            **UpdateToken           // Value of update token.
    180   );
    181 
    182 typedef
    183 EFI_STATUS
    184 (EFIAPI *EFI_BIS_UPDATE_BOOT_OBJECT_AUTHORIZATION) (
    185   IN  BIS_APPLICATION_HANDLE AppHandle,               // From Initialize( ).
    186   IN  EFI_BIS_DATA           * RequestCredential,     // Update Request Manifest.
    187   OUT EFI_BIS_DATA           **NewUpdateToken         // Next update token.
    188   );
    189 
    190 typedef
    191 EFI_STATUS
    192 (EFIAPI *EFI_BIS_VERIFY_OBJECT_WITH_CREDENTIAL) (
    193   IN  BIS_APPLICATION_HANDLE AppHandle,               //  From Initialize( ).
    194   IN  EFI_BIS_DATA           * Credentials,           //  Verification signed manifest.
    195   IN  EFI_BIS_DATA           * DataObject,            //  Boot object to verify.
    196   IN  EFI_BIS_DATA           * SectionName,           //  Name of credential section to use.
    197   IN  EFI_BIS_DATA           * AuthorityCertificate,  // Certificate for credentials.
    198   OUT BOOLEAN                *IsVerified              // Result of verifcation.
    199   );
    200 
    201 typedef
    202 EFI_STATUS
    203 (EFIAPI *EFI_BIS_GET_SIGNATURE_INFO) (
    204   IN  BIS_APPLICATION_HANDLE  AppHandle,              //  From Initialize( ).
    205   OUT EFI_BIS_DATA            **SignatureInfo         // Signature info struct.
    206   );
    207 
    208 #define EFI_BIS_PROTOCOL_REVISION 0x00010000
    209 
    210 struct _EFI_BIS_PROTOCOL {
    211   //
    212   // member vars
    213   //
    214   UINT64                                              Revision;
    215 
    216   //
    217   // methods
    218   //
    219   EFI_BIS_INITIALIZE                                  Initialize;
    220   EFI_BIS_SHUTDOWN                                    Shutdown;
    221   EFI_BIS_FREE                                        Free;
    222   EFI_BIS_GET_BOOT_OBJECT_AUTHORIZATION_CERTIFICATE   GetBootObjectAuthorizationCertificate;
    223   EFI_BIS_GET_BOOT_OBJECT_AUTHORIZATION_CHECKFLAG     GetBootObjectAuthorizationCheckFlag;
    224   EFI_BIS_GET_BOOT_OBJECT_AUTHORIZATION_UPDATE_TOKEN  GetBootObjectAuthorizationUpdateToken;
    225   EFI_BIS_GET_SIGNATURE_INFO                          GetSignatureInfo;
    226   EFI_BIS_UPDATE_BOOT_OBJECT_AUTHORIZATION            UpdateBootObjectAuthorization;
    227   EFI_BIS_VERIFY_BOOT_OBJECT                          VerifyBootObject;
    228   EFI_BIS_VERIFY_OBJECT_WITH_CREDENTIAL               VerifyObjectWithCredential;
    229 };
    230 
    231 extern EFI_GUID gEfiBisProtocolGuid;
    232 
    233 #endif
    234