TianoCore EDK2 master
Loading...
Searching...
No Matches
AuthServiceInternal.h
Go to the documentation of this file.
1
20#ifndef _AUTHSERVICE_INTERNAL_H_
21#define _AUTHSERVICE_INTERNAL_H_
22
23#include <Library/AuthVariableLib.h>
24#include <Library/BaseLib.h>
25#include <Library/BaseMemoryLib.h>
26#include <Library/DebugLib.h>
27#include <Library/MemoryAllocationLib.h>
28#include <Library/BaseCryptLib.h>
29#include <Library/PlatformSecureLib.h>
30
31#include <Guid/AuthenticatedVariableFormat.h>
32#include <Guid/ImageAuthentication.h>
33
34#define TWO_BYTE_ENCODE 0x82
35
40typedef struct {
41 EFI_GUID SigType;
42 // Expected SignatureHeader size in Bytes.
43 UINT32 SigHeaderSize;
44 // Expected SignatureData size in Bytes.
45 UINT32 SigDataSize;
46} EFI_SIGNATURE_ITEM;
47
48typedef enum {
49 AuthVarTypePk,
50 AuthVarTypeKek,
51 AuthVarTypePriv,
52 AuthVarTypePayload
53} AUTHVAR_TYPE;
54
76#define EFI_CERT_DB_NAME L"certdb"
77#define EFI_CERT_DB_VOLATILE_NAME L"certdbv"
78
79#pragma pack(1)
80typedef struct {
81 EFI_GUID VendorGuid;
82 UINT32 CertNodeSize;
83 UINT32 NameSize;
84 UINT32 CertDataSize;
87} AUTH_CERT_DB_DATA;
88#pragma pack()
89
90extern UINT8 *mCertDbStore;
91extern UINT32 mMaxCertDbSize;
92extern UINT32 mPlatformMode;
93extern UINT8 mVendorKeyState;
94
95extern VOID *mHashSha256Ctx;
96extern VOID *mHashSha384Ctx;
97extern VOID *mHashSha512Ctx;
98
99extern AUTH_VAR_LIB_CONTEXT_IN *mAuthVarLibContextIn;
100
127EFI_STATUS
128VerifyTimeBasedPayloadAndUpdate (
129 IN CHAR16 *VariableName,
130 IN EFI_GUID *VendorGuid,
131 IN VOID *Data,
132 IN UINTN DataSize,
133 IN UINT32 Attributes,
134 IN AUTHVAR_TYPE AuthVarType,
135 OUT BOOLEAN *VarDel
136 );
137
153EFI_STATUS
154DeleteCertsFromDb (
155 IN CHAR16 *VariableName,
156 IN EFI_GUID *VendorGuid,
157 IN UINT32 Attributes
158 );
159
171EFI_STATUS
172CleanCertsFromDb (
173 VOID
174 );
175
185EFI_STATUS
186FilterSignatureList (
187 IN VOID *Data,
188 IN UINTN DataSize,
189 IN OUT VOID *NewData,
190 IN OUT UINTN *NewDataSize
191 );
192
217EFI_STATUS
218ProcessVarWithPk (
219 IN CHAR16 *VariableName,
220 IN EFI_GUID *VendorGuid,
221 IN VOID *Data,
222 IN UINTN DataSize,
223 IN UINT32 Attributes OPTIONAL,
224 IN BOOLEAN IsPk
225 );
226
250EFI_STATUS
251ProcessVarWithKek (
252 IN CHAR16 *VariableName,
253 IN EFI_GUID *VendorGuid,
254 IN VOID *Data,
255 IN UINTN DataSize,
256 IN UINT32 Attributes OPTIONAL
257 );
258
285EFI_STATUS
286ProcessVariable (
287 IN CHAR16 *VariableName,
288 IN EFI_GUID *VendorGuid,
289 IN VOID *Data,
290 IN UINTN DataSize,
291 IN UINT32 Attributes
292 );
293
312EFI_STATUS
313AuthServiceInternalFindVariable (
314 IN CHAR16 *VariableName,
315 IN EFI_GUID *VendorGuid,
316 OUT VOID **Data,
317 OUT UINTN *DataSize
318 );
319
335EFI_STATUS
336AuthServiceInternalUpdateVariable (
337 IN CHAR16 *VariableName,
338 IN EFI_GUID *VendorGuid,
339 IN VOID *Data,
340 IN UINTN DataSize,
341 IN UINT32 Attributes
342 );
343
360EFI_STATUS
361AuthServiceInternalUpdateVariableWithTimeStamp (
362 IN CHAR16 *VariableName,
363 IN EFI_GUID *VendorGuid,
364 IN VOID *Data,
365 IN UINTN DataSize,
366 IN UINT32 Attributes,
367 IN EFI_TIME *TimeStamp
368 );
369
370#endif
UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112
AuthServiceInternalUpdateVariable
EFI_STATUS AuthServiceInternalUpdateVariable(IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN DataSize, IN UINT32 Attributes)
Definition: AuthService.c:228
VerifyTimeBasedPayloadAndUpdate
EFI_STATUS VerifyTimeBasedPayloadAndUpdate(IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN DataSize, IN UINT32 Attributes, IN AUTHVAR_TYPE AuthVarType, OUT BOOLEAN *VarDel)
Definition: AuthService.c:2462
ProcessVarWithKek
EFI_STATUS ProcessVarWithKek(IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN DataSize, IN UINT32 Attributes OPTIONAL)
Definition: AuthService.c:820
AuthServiceInternalUpdateVariableWithTimeStamp
EFI_STATUS AuthServiceInternalUpdateVariableWithTimeStamp(IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN DataSize, IN UINT32 Attributes, IN EFI_TIME *TimeStamp)
Definition: AuthService.c:267
AuthServiceInternalFindVariable
EFI_STATUS AuthServiceInternalFindVariable(IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, OUT VOID **Data, OUT UINTN *DataSize)
Definition: AuthService.c:191
ProcessVarWithPk
EFI_STATUS ProcessVarWithPk(IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN DataSize, IN UINT32 Attributes OPTIONAL, IN BOOLEAN IsPk)
Definition: AuthService.c:691
mCertDbStore
UINT8 * mCertDbStore
Definition: AuthVariableLib.c:24
ProcessVariable
EFI_STATUS ProcessVariable(IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN DataSize, IN UINT32 Attributes)
Definition: AuthService.c:965
CleanCertsFromDb
EFI_STATUS CleanCertsFromDb(VOID)
Definition: AuthService.c:1825
FilterSignatureList
EFI_STATUS FilterSignatureList(IN VOID *Data, IN UINTN DataSize, IN OUT VOID *NewData, IN OUT UINTN *NewDataSize)
Definition: AuthService.c:1058
DeleteCertsFromDb
EFI_STATUS DeleteCertsFromDb(IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN UINT32 Attributes)
Definition: AuthService.c:1518
IN
#define IN
Definition: Base.h:279
OUT
#define OUT
Definition: Base.h:284
EFI_STATUS
RETURN_STATUS EFI_STATUS
Definition: UefiBaseType.h:29
AUTH_CERT_DB_DATA
Definition: AuthServiceInternal.h:80
AUTH_VAR_LIB_CONTEXT_IN
Definition: AuthVariableLib.h:168
EFI_SIGNATURE_ITEM
Definition: AuthServiceInternal.h:40
EFI_TIME
Definition: UefiBaseType.h:68
GUID
Definition: Base.h:213