Data Structures
struct	EFI_KMS_FORMAT_GENERIC_DYNAMIC

struct	EFI_KMS_CLIENT_INFO

struct	EFI_KMS_KEY_DESCRIPTOR

struct	EFI_KMS_DYNAMIC_FIELD

struct	EFI_KMS_DYNAMIC_ATTRIBUTE

struct	EFI_KMS_KEY_ATTRIBUTE

struct	_EFI_KMS_PROTOCOL

Macros
#define	EFI_KMS_PROTOCOL_GUID

#define	EFI_KMS_DATA_TYPE_NONE 0

#define	EFI_KMS_DATA_TYPE_BINARY 1

#define	EFI_KMS_DATA_TYPE_ASCII 2

#define	EFI_KMS_DATA_TYPE_UNICODE 4

#define	EFI_KMS_DATA_TYPE_UTF8 8

#define	EFI_KMS_ATTRIBUTE_TYPE_NONE 0x00

#define	EFI_KMS_ATTRIBUTE_TYPE_INTEGER 0x01

#define	EFI_KMS_ATTRIBUTE_TYPE_LONG_INTEGER 0x02

#define	EFI_KMS_ATTRIBUTE_TYPE_BIG_INTEGER 0x03

#define	EFI_KMS_ATTRIBUTE_TYPE_ENUMERATION 0x04

#define	EFI_KMS_ATTRIBUTE_TYPE_BOOLEAN 0x05

#define	EFI_KMS_ATTRIBUTE_TYPE_BYTE_STRING 0x06

#define	EFI_KMS_ATTRIBUTE_TYPE_TEXT_STRING 0x07

#define	EFI_KMS_ATTRIBUTE_TYPE_DATE_TIME 0x08

#define	EFI_KMS_ATTRIBUTE_TYPE_INTERVAL 0x09

#define	EFI_KMS_ATTRIBUTE_TYPE_STRUCTURE 0x0A

#define	EFI_KMS_ATTRIBUTE_TYPE_DYNAMIC 0x0B


#define	EFI_KMS_FORMAT_GENERIC_128_GUID

#define	EFI_KMS_FORMAT_GENERIC_160_GUID

#define	EFI_KMS_FORMAT_GENERIC_256_GUID

#define	EFI_KMS_FORMAT_GENERIC_512_GUID

#define	EFI_KMS_FORMAT_GENERIC_1024_GUID

#define	EFI_KMS_FORMAT_GENERIC_2048_GUID

#define	EFI_KMS_FORMAT_GENERIC_3072_GUID

#define	EFI_KMS_FORMAT_GENERIC_DYNAMIC_GUID


#define	EFI_KMS_FORMAT_MD2_128_GUID

#define	EFI_KMS_FORMAT_MDC2_128_GUID

#define	EFI_KMS_FORMAT_MD4_128_GUID

#define	EFI_KMS_FORMAT_MDC4_128_GUID

#define	EFI_KMS_FORMAT_MD5_128_GUID

#define	EFI_KMS_FORMAT_MD5SHA_128_GUID

#define	EFI_KMS_FORMAT_SHA1_160_GUID

#define	EFI_KMS_FORMAT_SHA256_256_GUID

#define	EFI_KMS_FORMAT_SHA512_512_GUID


#define	EFI_KMS_FORMAT_AESXTS_128_GUID

#define	EFI_KMS_FORMAT_AESXTS_256_GUID

#define	EFI_KMS_FORMAT_AESCBC_128_GUID

#define	EFI_KMS_FORMAT_AESCBC_256_GUID

#define	EFI_KMS_FORMAT_RSASHA1_1024_GUID

#define	EFI_KMS_FORMAT_RSASHA1_2048_GUID

#define	EFI_KMS_FORMAT_RSASHA256_2048_GUID

#define	EFI_KMS_FORMAT_RSASHA256_3072_GUID

Typedefs
typedef struct _EFI_KMS_PROTOCOL	EFI_KMS_PROTOCOL

typedef EFI_STATUS(EFIAPI *	EFI_KMS_GET_SERVICE_STATUS) (IN EFI_KMS_PROTOCOL *This)

typedef EFI_STATUS(EFIAPI *	EFI_KMS_REGISTER_CLIENT) (IN EFI_KMS_PROTOCOL This, IN EFI_KMS_CLIENT_INFO Client, IN OUT UINTN ClientDataSize OPTIONAL, IN OUT VOID *ClientData OPTIONAL)

typedef EFI_STATUS(EFIAPI *	EFI_KMS_CREATE_KEY) (IN EFI_KMS_PROTOCOL This, IN EFI_KMS_CLIENT_INFO Client, IN OUT UINT16 KeyDescriptorCount, IN OUT EFI_KMS_KEY_DESCRIPTOR KeyDescriptors, IN OUT UINTN ClientDataSize OPTIONAL, IN OUT VOID *ClientData OPTIONAL)

typedef EFI_STATUS(EFIAPI *	EFI_KMS_GET_KEY) (IN EFI_KMS_PROTOCOL This, IN EFI_KMS_CLIENT_INFO Client, IN OUT UINT16 KeyDescriptorCount, IN OUT EFI_KMS_KEY_DESCRIPTOR KeyDescriptors, IN OUT UINTN ClientDataSize OPTIONAL, IN OUT VOID *ClientData OPTIONAL)

typedef EFI_STATUS(EFIAPI *	EFI_KMS_ADD_KEY) (IN EFI_KMS_PROTOCOL This, IN EFI_KMS_CLIENT_INFO Client, IN OUT UINT16 KeyDescriptorCount, IN OUT EFI_KMS_KEY_DESCRIPTOR KeyDescriptors, IN OUT UINTN ClientDataSize OPTIONAL, IN OUT VOID *ClientData OPTIONAL)

typedef EFI_STATUS(EFIAPI *	EFI_KMS_DELETE_KEY) (IN EFI_KMS_PROTOCOL This, IN EFI_KMS_CLIENT_INFO Client, IN OUT UINT16 KeyDescriptorCount, IN OUT EFI_KMS_KEY_DESCRIPTOR KeyDescriptors, IN OUT UINTN ClientDataSize OPTIONAL, IN OUT VOID *ClientData OPTIONAL)

typedef EFI_STATUS(EFIAPI *	EFI_KMS_GET_KEY_ATTRIBUTES) (IN EFI_KMS_PROTOCOL This, IN EFI_KMS_CLIENT_INFO Client, IN UINT8 KeyIdentifierSize, IN CONST VOID KeyIdentifier, IN OUT UINT16 KeyAttributesCount, IN OUT EFI_KMS_KEY_ATTRIBUTE KeyAttributes, IN OUT UINTN ClientDataSize OPTIONAL, IN OUT VOID *ClientData OPTIONAL)

typedef EFI_STATUS(EFIAPI *	EFI_KMS_ADD_KEY_ATTRIBUTES) (IN EFI_KMS_PROTOCOL This, IN EFI_KMS_CLIENT_INFO Client, IN UINT8 KeyIdentifierSize, IN CONST VOID KeyIdentifier, IN OUT UINT16 KeyAttributesCount, IN OUT EFI_KMS_KEY_ATTRIBUTE KeyAttributes, IN OUT UINTN ClientDataSize OPTIONAL, IN OUT VOID *ClientData OPTIONAL)

typedef EFI_STATUS(EFIAPI *	EFI_KMS_DELETE_KEY_ATTRIBUTES) (IN EFI_KMS_PROTOCOL This, IN EFI_KMS_CLIENT_INFO Client, IN UINT8 KeyIdentifierSize, IN CONST VOID KeyIdentifier, IN OUT UINT16 KeyAttributesCount, IN OUT EFI_KMS_KEY_ATTRIBUTE KeyAttributes, IN OUT UINTN ClientDataSize OPTIONAL, IN OUT VOID *ClientData OPTIONAL)

typedef EFI_STATUS(EFIAPI *	EFI_KMS_GET_KEY_BY_ATTRIBUTES) (IN EFI_KMS_PROTOCOL This, IN EFI_KMS_CLIENT_INFO Client, IN OUT UINTN KeyAttributeCount, IN OUT EFI_KMS_KEY_ATTRIBUTE KeyAttributes, IN OUT UINTN KeyDescriptorCount, IN OUT EFI_KMS_KEY_DESCRIPTOR KeyDescriptors, IN OUT UINTN ClientDataSize OPTIONAL, IN OUT VOID *ClientData OPTIONAL)

Variables
EFI_GUID	gEfiKmsFormatGeneric128Guid

EFI_GUID	gEfiKmsFormatGeneric160Guid

EFI_GUID	gEfiKmsFormatGeneric256Guid

EFI_GUID	gEfiKmsFormatGeneric512Guid

EFI_GUID	gEfiKmsFormatGeneric1024Guid

EFI_GUID	gEfiKmsFormatGeneric2048Guid

EFI_GUID	gEfiKmsFormatGeneric3072Guid

EFI_GUID	gEfiKmsFormatMd2128Guid

EFI_GUID	gEfiKmsFormatMdc2128Guid

EFI_GUID	gEfiKmsFormatMd4128Guid

EFI_GUID	gEfiKmsFormatMdc4128Guid

EFI_GUID	gEfiKmsFormatMd5128Guid

EFI_GUID	gEfiKmsFormatMd5sha128Guid

EFI_GUID	gEfiKmsFormatSha1160Guid

EFI_GUID	gEfiKmsFormatSha256256Guid

EFI_GUID	gEfiKmsFormatSha512512Guid

EFI_GUID	gEfiKmsFormatAesxts128Guid

EFI_GUID	gEfiKmsFormatAesxts256Guid

EFI_GUID	gEfiKmsFormatAescbc128Guid

EFI_GUID	gEfiKmsFormatAescbc256Guid

EFI_GUID	gEfiKmsFormatRsasha11024Guid

EFI_GUID	gEfiKmsFormatRsasha12048Guid

EFI_GUID	gEfiKmsFormatRsasha2562048Guid

EFI_GUID	gEfiKmsFormatRsasha2563072Guid

EFI_GUID	gEfiKmsProtocolGuid

Detailed Description

The Key Management Service (KMS) protocol as defined in the UEFI 2.3.1 specification is to provides services to generate, store, retrieve, and manage cryptographic keys. The intention is to specify a simple generic protocol that could be used for many implementations.

A driver implementing the protocol may need to provide basic key service that consists of a key store and cryptographic key generation capability. It may connect to an external key server over the network, or to a Hardware Security Module (HSM) attached to the system it runs on, or anything else that is capable of providing the key management service.

Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent

Definition in file Kms.h.

Macro Definition Documentation

◆ EFI_KMS_ATTRIBUTE_TYPE_BIG_INTEGER

#define EFI_KMS_ATTRIBUTE_TYPE_BIG_INTEGER 0x03

Definition at line 165 of file Kms.h.

◆ EFI_KMS_ATTRIBUTE_TYPE_BOOLEAN

#define EFI_KMS_ATTRIBUTE_TYPE_BOOLEAN 0x05

Definition at line 167 of file Kms.h.

◆ EFI_KMS_ATTRIBUTE_TYPE_BYTE_STRING

#define EFI_KMS_ATTRIBUTE_TYPE_BYTE_STRING 0x06

Definition at line 168 of file Kms.h.

◆ EFI_KMS_ATTRIBUTE_TYPE_DATE_TIME

#define EFI_KMS_ATTRIBUTE_TYPE_DATE_TIME 0x08

Definition at line 170 of file Kms.h.

◆ EFI_KMS_ATTRIBUTE_TYPE_DYNAMIC

#define EFI_KMS_ATTRIBUTE_TYPE_DYNAMIC 0x0B

Definition at line 173 of file Kms.h.

◆ EFI_KMS_ATTRIBUTE_TYPE_ENUMERATION

#define EFI_KMS_ATTRIBUTE_TYPE_ENUMERATION 0x04

Definition at line 166 of file Kms.h.

◆ EFI_KMS_ATTRIBUTE_TYPE_INTEGER

#define EFI_KMS_ATTRIBUTE_TYPE_INTEGER 0x01

Definition at line 163 of file Kms.h.

◆ EFI_KMS_ATTRIBUTE_TYPE_INTERVAL

#define EFI_KMS_ATTRIBUTE_TYPE_INTERVAL 0x09

Definition at line 171 of file Kms.h.

◆ EFI_KMS_ATTRIBUTE_TYPE_LONG_INTEGER

#define EFI_KMS_ATTRIBUTE_TYPE_LONG_INTEGER 0x02

Definition at line 164 of file Kms.h.

◆ EFI_KMS_ATTRIBUTE_TYPE_NONE

#define EFI_KMS_ATTRIBUTE_TYPE_NONE 0x00

Definition at line 162 of file Kms.h.

◆ EFI_KMS_ATTRIBUTE_TYPE_STRUCTURE

#define EFI_KMS_ATTRIBUTE_TYPE_STRUCTURE 0x0A

Definition at line 172 of file Kms.h.

◆ EFI_KMS_ATTRIBUTE_TYPE_TEXT_STRING

#define EFI_KMS_ATTRIBUTE_TYPE_TEXT_STRING 0x07

Definition at line 169 of file Kms.h.

◆ EFI_KMS_DATA_TYPE_ASCII

#define EFI_KMS_DATA_TYPE_ASCII 2

Definition at line 32 of file Kms.h.

◆ EFI_KMS_DATA_TYPE_BINARY

#define EFI_KMS_DATA_TYPE_BINARY 1

Definition at line 31 of file Kms.h.

◆ EFI_KMS_DATA_TYPE_NONE

#define EFI_KMS_DATA_TYPE_NONE 0

Definition at line 30 of file Kms.h.

◆ EFI_KMS_DATA_TYPE_UNICODE

#define EFI_KMS_DATA_TYPE_UNICODE 4

Definition at line 33 of file Kms.h.

◆ EFI_KMS_DATA_TYPE_UTF8

#define EFI_KMS_DATA_TYPE_UTF8 8

Definition at line 34 of file Kms.h.

◆ EFI_KMS_FORMAT_AESCBC_128_GUID

#define EFI_KMS_FORMAT_AESCBC_128_GUID

Value:

  { \
    0xa0e8ee6a, 0x0e92, 0x44d4, {0x86, 0x1b, 0x0e, 0xaa, 0x4a, 0xca, 0x44, 0xa2 } \
  }

Definition at line 136 of file Kms.h.

◆ EFI_KMS_FORMAT_AESCBC_256_GUID

#define EFI_KMS_FORMAT_AESCBC_256_GUID

Value:

  { \
    0xd7e69789, 0x1f68, 0x45e8, {0x96, 0xef, 0x3b, 0x64, 0x07, 0xa5, 0xb2, 0xdc } \
  }

Definition at line 140 of file Kms.h.

◆ EFI_KMS_FORMAT_AESXTS_128_GUID

#define EFI_KMS_FORMAT_AESXTS_128_GUID

Value:

  { \
    0x4776e33f, 0xdb47, 0x479a, {0xa2, 0x5f, 0xa1, 0xcd, 0x0a, 0xfa, 0xb3, 0x8b } \
  }

These GUIDs define key data formats that contain data generated by cryptographic key algorithms. There may or may not be a separate data hashing algorithm associated with the key algorithm.

Definition at line 128 of file Kms.h.

◆ EFI_KMS_FORMAT_AESXTS_256_GUID

#define EFI_KMS_FORMAT_AESXTS_256_GUID

Value:

  { \
    0xdc7e8613, 0xc4bb, 0x4db0, {0x84, 0x62, 0x13, 0x51, 0x13, 0x57, 0xab, 0xe2 } \
  }

Definition at line 132 of file Kms.h.

◆ EFI_KMS_FORMAT_GENERIC_1024_GUID

#define EFI_KMS_FORMAT_GENERIC_1024_GUID

Value:

  { \
    0x43be0b44, 0x874b, 0x4ead, {0xb0, 0x9c, 0x24, 0x1a, 0x4f, 0xbd, 0x7e, 0xb3 } \
  }

Definition at line 64 of file Kms.h.

◆ EFI_KMS_FORMAT_GENERIC_128_GUID

#define EFI_KMS_FORMAT_GENERIC_128_GUID

Value:

  { \
    0xec8a3d69, 0x6ddf, 0x4108, {0x94, 0x76, 0x73, 0x37, 0xfc, 0x52, 0x21, 0x36 } \
  }

The following GUIDs define formats that contain generic key data of a specific size in bits, but which is not associated with any specific key algorithm(s).

Definition at line 48 of file Kms.h.

◆ EFI_KMS_FORMAT_GENERIC_160_GUID

#define EFI_KMS_FORMAT_GENERIC_160_GUID

Value:

  { \
    0xa3b3e6f8, 0xefca, 0x4bc1, {0x88, 0xfb, 0xcb, 0x87, 0x33, 0x9b, 0x25, 0x79 } \
  }

Definition at line 52 of file Kms.h.

◆ EFI_KMS_FORMAT_GENERIC_2048_GUID

#define EFI_KMS_FORMAT_GENERIC_2048_GUID

Value:

  { \
    0x40093f23, 0x630c, 0x4626, {0x9c, 0x48, 0x40, 0x37, 0x3b, 0x19, 0xcb, 0xbe } \
  }

Definition at line 68 of file Kms.h.

◆ EFI_KMS_FORMAT_GENERIC_256_GUID

#define EFI_KMS_FORMAT_GENERIC_256_GUID

Value:

  { \
    0x70f64793, 0xc323, 0x4261, {0xac, 0x2c, 0xd8, 0x76, 0xf2, 0x7c, 0x53, 0x45 } \
  }

Definition at line 56 of file Kms.h.

◆ EFI_KMS_FORMAT_GENERIC_3072_GUID

#define EFI_KMS_FORMAT_GENERIC_3072_GUID

Value:

  { \
    0xb9237513, 0x6c44, 0x4411, {0xa9, 0x90, 0x21, 0xe5, 0x56, 0xe0, 0x5a, 0xde } \
  }

Definition at line 72 of file Kms.h.

◆ EFI_KMS_FORMAT_GENERIC_512_GUID

#define EFI_KMS_FORMAT_GENERIC_512_GUID

Value:

  { \
    0x978fe043, 0xd7af, 0x422e, {0x8a, 0x92, 0x2b, 0x48, 0xe4, 0x63, 0xbd, 0xe6 } \
  }

Definition at line 60 of file Kms.h.

◆ EFI_KMS_FORMAT_GENERIC_DYNAMIC_GUID

#define EFI_KMS_FORMAT_GENERIC_DYNAMIC_GUID

Value:

  { \
    0x2156e996, 0x66de, 0x4b27, {0x9c, 0xc9, 0xb0, 0x9f, 0xac, 0x4d, 0x2, 0xbe } \
  }

Definition at line 76 of file Kms.h.

◆ EFI_KMS_FORMAT_MD2_128_GUID

#define EFI_KMS_FORMAT_MD2_128_GUID

Value:

  { \
    0x78be11c4, 0xee44, 0x4a22, {0x9f, 0x05, 0x03, 0x85, 0x2e, 0xc5, 0xc9, 0x78 } \
  }

These GUIDS define key data formats that contain data generated by basic hash algorithms with no cryptographic properties.

Definition at line 86 of file Kms.h.

◆ EFI_KMS_FORMAT_MD4_128_GUID

#define EFI_KMS_FORMAT_MD4_128_GUID

Value:

  { \
    0xd1c17aa1, 0xcac5, 0x400f, {0xbe, 0x17, 0xe2, 0xa2, 0xae, 0x06, 0x67, 0x7c } \
  }

Definition at line 94 of file Kms.h.

◆ EFI_KMS_FORMAT_MD5_128_GUID

#define EFI_KMS_FORMAT_MD5_128_GUID

Value:

  { \
    0xdcbc3662, 0x9cda, 0x4b52, {0xa0, 0x4c, 0x82, 0xeb, 0x1d, 0x23, 0x48, 0xc7 } \
  }

Definition at line 102 of file Kms.h.

◆ EFI_KMS_FORMAT_MD5SHA_128_GUID

#define EFI_KMS_FORMAT_MD5SHA_128_GUID

Value:

  { \
    0x1c178237, 0x6897, 0x459e, {0x9d, 0x36, 0x67, 0xce, 0x8e, 0xf9, 0x4f, 0x76 } \
  }

Definition at line 106 of file Kms.h.

◆ EFI_KMS_FORMAT_MDC2_128_GUID

#define EFI_KMS_FORMAT_MDC2_128_GUID

Value:

  { \
    0xf7ad60f8, 0xefa8, 0x44a3, {0x91, 0x13, 0x23, 0x1f, 0x39, 0x9e, 0xb4, 0xc7 } \
  }

Definition at line 90 of file Kms.h.

◆ EFI_KMS_FORMAT_MDC4_128_GUID

#define EFI_KMS_FORMAT_MDC4_128_GUID

Value:

  { \
    0x3fa4f847, 0xd8eb, 0x4df4, {0xbd, 0x49, 0x10, 0x3a, 0x0a, 0x84, 0x7b, 0xbc } \
  }

Definition at line 98 of file Kms.h.

◆ EFI_KMS_FORMAT_RSASHA1_1024_GUID

#define EFI_KMS_FORMAT_RSASHA1_1024_GUID

Value:

  { \
    0x56417bed, 0x6bbe, 0x4882, {0x86, 0xa0, 0x3a, 0xe8, 0xbb, 0x17, 0xf8, 0xf9 } \
  }

Definition at line 144 of file Kms.h.

◆ EFI_KMS_FORMAT_RSASHA1_2048_GUID

#define EFI_KMS_FORMAT_RSASHA1_2048_GUID

Value:

  { \
    0xf66447d4, 0x75a6, 0x463e, {0xa8, 0x19, 0x07, 0x7f, 0x2d, 0xda, 0x05, 0xe9 } \
  }

Definition at line 148 of file Kms.h.

◆ EFI_KMS_FORMAT_RSASHA256_2048_GUID

#define EFI_KMS_FORMAT_RSASHA256_2048_GUID

Value:

  { \
    0xa477af13, 0x877d, 0x4060, {0xba, 0xa1, 0x25, 0xd1, 0xbe, 0xa0, 0x8a, 0xd3 } \
  }

Definition at line 152 of file Kms.h.

◆ EFI_KMS_FORMAT_RSASHA256_3072_GUID

#define EFI_KMS_FORMAT_RSASHA256_3072_GUID

Value:

  { \
    0x4e1356c2,  0xeed, 0x463f, {0x81, 0x47, 0x99, 0x33, 0xab, 0xdb, 0xc7, 0xd5 } \
  }

Definition at line 156 of file Kms.h.

◆ EFI_KMS_FORMAT_SHA1_160_GUID

#define EFI_KMS_FORMAT_SHA1_160_GUID

Value:

  { \
    0x453c5e5a, 0x482d, 0x43f0, {0x87, 0xc9, 0x59, 0x41, 0xf3, 0xa3, 0x8a, 0xc2 } \
  }

Definition at line 110 of file Kms.h.

◆ EFI_KMS_FORMAT_SHA256_256_GUID

#define EFI_KMS_FORMAT_SHA256_256_GUID

Value:

  { \
    0x6bb4f5cd, 0x8022, 0x448d, {0xbc, 0x6d, 0x77, 0x1b, 0xae, 0x93, 0x5f, 0xc6 } \
  }

Definition at line 114 of file Kms.h.

◆ EFI_KMS_FORMAT_SHA512_512_GUID

#define EFI_KMS_FORMAT_SHA512_512_GUID

Value:

  { \
    0x2f240e12, 0xe14d, 0x475c, {0x83, 0xb0, 0xef, 0xff, 0x22, 0xd7, 0x7b, 0xe7 } \
  }

Definition at line 118 of file Kms.h.

◆ EFI_KMS_PROTOCOL_GUID

#define EFI_KMS_PROTOCOL_GUID

Value:

  { \
    0xEC3A978D, 0x7C4E, 0x48FA, {0x9A, 0xBE, 0x6A, 0xD9, 0x1C, 0xC8, 0xF8, 0x11 } \
  }

Definition at line 19 of file Kms.h.

Typedef Documentation

◆ EFI_KMS_ADD_KEY

typedef EFI_STATUS(EFIAPI * EFI_KMS_ADD_KEY) (IN EFI_KMS_PROTOCOL *This, IN EFI_KMS_CLIENT_INFO *Client, IN OUT UINT16 *KeyDescriptorCount, IN OUT EFI_KMS_KEY_DESCRIPTOR *KeyDescriptors, IN OUT UINTN *ClientDataSize OPTIONAL, IN OUT VOID **ClientData OPTIONAL)

Add a new key.

Parameters

[in]	This	Pointer to the EFI_KMS_PROTOCOL instance.
[in]	Client	Pointer to a valid EFI_KMS_CLIENT_INFO structure.
[in,out]	KeyDescriptorCount	Pointer to a count of the number of key descriptors to be processed by this operation. On normal return, this number will be updated with the number of key descriptors successfully processed.
[in,out]	KeyDescriptors	Pointer to an array of EFI_KMS_KEY_DESCRIPTOR structures which describe the keys to be added. On input, the KeyId field for first key must contain valid identifier data to be used for adding a key to the KMS. The values for these fields in this key definition will be considered default values for subsequent keys requested in this operation. A value of 0 in any subsequent KeyId field will be replaced with the current default value. The KeyFormat and KeyValue fields for each key to be added must contain consistent values to be associated with the given KeyId. On return, the KeyStatus field will reflect the result of the operation for each key request.
[in,out]	ClientDataSize	Pointer to the size, in bytes, of an arbitrary block of data specified by the ClientData parameter. This parameter may be NULL, in which case the ClientData parameter will be ignored and no data will be transferred to or from the KMS. If the parameter is not NULL, then ClientData must be a valid pointer. If the value pointed to is 0, no data will be transferred to the KMS, but data may be returned by the KMS. For all non-zero values *ClientData will be transferred to the KMS, which may also return data to the caller. In all cases, the value upon return to the caller will be the size of the data block returned to the caller, which will be zero if no data is returned from the KMS.
[in,out]	ClientData	Pointer to a pointer to an arbitrary block of data of ClientDataSize that is to be passed directly to the KMS if it supports the use of client data. This parameter may be NULL if and only if the ClientDataSize parameter is also NULL. Upon return to the caller, ClientData points to a block of data of ClientDataSize that was returned from the KMS. If the returned value for ClientDataSize is zero, then the returned value for *ClientData must be NULL and should be ignored by the caller. The KMS protocol consumer is responsible for freeing all valid buffers used for client data regardless of whether they are allocated by the caller for input to the function or by the implementation for output back to the caller.

Return values

EFI_SUCCESS	Successfully added all requested keys.
EFI_OUT_OF_RESOURCES	Could not allocate required resources.
EFI_TIMEOUT	Timed out waiting for device or key server. Check individual key request(s) to see which ones may have been processed.
EFI_BUFFER_TOO_SMALL	If multiple keys are associated with a single identifier, and the KeyValue buffer does not contain enough structures (KeyDescriptorCount) to contain all the key data, then the available structures will be filled and KeyDescriptorCount will be updated to indicate the number of keys which could not be processed
EFI_ACCESS_DENIED	Access was denied by the device or the key server; OR a ClientId is required by the server and either none or an invalid id was provided.
EFI_DEVICE_ERROR	Device or key server error. Check individual key request(s) to see which ones may have been processed.
EFI_INVALID_PARAMETER	This is NULL, ClientId is required but it is NULL, KeyDescriptorCount is NULL, or Keys is NULL.
EFI_NOT_FOUND	One or more EFI_KMS_KEY_DESCRIPTOR structures could not be processed properly. KeyDescriptorCount contains the number of structures which were successfully processed. Individual structures will reflect the status of the processing for that structure.
EFI_UNSUPPORTED	The implementation/KMS does not support this function.

Definition at line 676 of file Kms.h.

◆ EFI_KMS_ADD_KEY_ATTRIBUTES

typedef EFI_STATUS(EFIAPI * EFI_KMS_ADD_KEY_ATTRIBUTES) (IN EFI_KMS_PROTOCOL *This, IN EFI_KMS_CLIENT_INFO *Client, IN UINT8 *KeyIdentifierSize, IN CONST VOID *KeyIdentifier, IN OUT UINT16 *KeyAttributesCount, IN OUT EFI_KMS_KEY_ATTRIBUTE *KeyAttributes, IN OUT UINTN *ClientDataSize OPTIONAL, IN OUT VOID **ClientData OPTIONAL)

Add one or more attributes to a key specified by a key identifier.

Parameters

[in]	This	Pointer to the EFI_KMS_PROTOCOL instance.
[in]	Client	Pointer to a valid EFI_KMS_CLIENT_INFO structure.
[in]	KeyIdentifierSize	Pointer to the size in bytes of the KeyIdentifier variable.
[in]	KeyIdentifier	Pointer to the key identifier associated with this key.
[in,out]	KeyAttributesCount	Pointer to the number of EFI_KMS_KEY_ATTRIBUTE structures to associate with the Key. On normal returns, this number will be updated with the number of key attributes successfully processed.
[in,out]	KeyAttributes	Pointer to an array of EFI_KMS_KEY_ATTRIBUTE structures providing the attribute information to associate with the key. On input, the values for the fields in the structure are completely filled in. On return the KeyAttributeStatus field will reflect the result of the operation for each key attribute request.
[in,out]	ClientDataSize	Pointer to the size, in bytes, of an arbitrary block of data specified by the ClientData parameter. This parameter may be NULL, in which case the ClientData parameter will be ignored and no data will be transferred to or from the KMS. If the parameter is not NULL, then ClientData must be a valid pointer. If the value pointed to is 0, no data will be transferred to the KMS, but data may be returned by the KMS. For all non-zero values *ClientData will be transferred to the KMS, which may also return data to the caller. In all cases, the value upon return to the caller will be the size of the data block returned to the caller, which will be zero if no data is returned from the KMS.
[in,out]	ClientData	Pointer to a pointer to an arbitrary block of data of ClientDataSize that is to be passed directly to the KMS if it supports the use of client data. This parameter may be NULL if and only if the ClientDataSize parameter is also NULL. Upon return to the caller, ClientData points to a block of data of ClientDataSize that was returned from the KMS. If the returned value for ClientDataSize is zero, then the returned value for *ClientData must be NULL and should be ignored by the caller. The KMS protocol consumer is responsible for freeing all valid buffers used for client data regardless of whether they are allocated by the caller for input to the function or by the implementation for output back to the caller.

Return values

EFI_SUCCESS	Successfully added all requested key attributes.
EFI_OUT_OF_RESOURCES	Could not allocate required resources.
EFI_TIMEOUT	Timed out waiting for device or key server. Check individual key attribute request(s) to see which ones may have been processed.
EFI_BUFFER_TOO_SMALL	If multiple keys attributes are associated with a single key identifier, and the attributes buffer does not contain enough structures (KeyAttributesCount) to contain all the data, then the available structures will be filled and KeyAttributesCount will be updated to indicate the number of key attributes which could not be processed. The status of each key attribute is also updated indicating success or failure for that attribute in case there are other errors for those attributes that could be processed.
EFI_ACCESS_DENIED	Access was denied by the device or the key server; OR a ClientId is required by the server and either none or an invalid id was provided.
EFI_DEVICE_ERROR	Device or key server error. Check individual key attribute request(s) (i.e. key attribute status for each) to see which ones may have been processed.
EFI_INVALID_PARAMETER	This is NULL, ClientId is required but it is NULL, KeyAttributesCount is NULL, or KeyAttributes is NULL, or KeyIdentifierSize is NULL, or KeyIdentifer is NULL.
EFI_NOT_FOUND	The KeyIdentifier could not be found. On return the KeyAttributesCount contains the number of attributes processed. Individual structures will reflect the status of the processing for that structure.
EFI_UNSUPPORTED	The implementation/KMS does not support this function.

Definition at line 932 of file Kms.h.

◆ EFI_KMS_CREATE_KEY

typedef EFI_STATUS(EFIAPI * EFI_KMS_CREATE_KEY) (IN EFI_KMS_PROTOCOL *This, IN EFI_KMS_CLIENT_INFO *Client, IN OUT UINT16 *KeyDescriptorCount, IN OUT EFI_KMS_KEY_DESCRIPTOR *KeyDescriptors, IN OUT UINTN *ClientDataSize OPTIONAL, IN OUT VOID **ClientData OPTIONAL)

Request that the KMS generate one or more new keys and associate them with key identifiers. The key value(s) is returned to the caller.

Parameters

[in]	This	Pointer to the EFI_KMS_PROTOCOL instance.
[in]	Client	Pointer to a valid EFI_KMS_CLIENT_INFO structure.
[in,out]	KeyDescriptorCount	Pointer to a count of the number of key descriptors to be processed by this operation. On return, this number will be updated with the number of key descriptors successfully processed.
[in,out]	KeyDescriptors	Pointer to an array of EFI_KMS_KEY_DESCRIPTOR structures which describe the keys to be generated. On input, the KeyIdentifierSize and the KeyIdentifier may specify an identifier to be used for the key, but this is not required. The KeyFormat field must specify a key format GUID reported as supported by the KeyFormats field of the EFI_KMS_PROTOCOL. The value for this field in the first key descriptor will be considered the default value for subsequent key descriptors requested in this operation if those key descriptors have a NULL GUID in the key format field. On output, the KeyIdentifierSize and KeyIdentifier fields will specify an identifier for the key which will be either the original identifier if one was provided, or an identifier generated either by the KMS or the KMS protocol implementation. The KeyFormat field will be updated with the GUID used to generate the key if it was a NULL GUID, and the KeyValue field will contain a pointer to memory containing the key value for the generated key. Memory for both the KeyIdentifier and the KeyValue fields will be allocated with the BOOT_SERVICES_DATA type and must be freed by the caller when it is no longer needed. Also, the KeyStatus field must reflect the result of the request relative to that key.
[in,out]	ClientDataSize	Pointer to the size, in bytes, of an arbitrary block of data specified by the ClientData parameter. This parameter may be NULL, in which case the ClientData parameter will be ignored and no data will be transferred to or from the KMS. If the parameter is not NULL, then ClientData must be a valid pointer. If the value pointed to is 0, no data will be transferred to the KMS, but data may be returned by the KMS. For all non-zero values *ClientData will be transferred to the KMS, which may also return data to the caller. In all cases, the value upon return to the caller will be the size of the data block returned to the caller, which will be zero if no data is returned from the KMS.
[in,out]	ClientData	Pointer to a pointer to an arbitrary block of data of ClientDataSize that is to be passed directly to the KMS if it supports the use of client data. This parameter may be NULL if and only if the ClientDataSize parameter is also NULL. Upon return to the caller, ClientData points to a block of data of ClientDataSize that was returned from the KMS. If the returned value for ClientDataSize is zero, then the returned value for *ClientData must be NULL and should be ignored by the caller. The KMS protocol consumer is responsible for freeing all valid buffers used for client data regardless of whether they are allocated by the caller for input to the function or by the implementation for output back to the caller.

Return values

EFI_SUCCESS	Successfully generated and retrieved all requested keys.
EFI_UNSUPPORTED	This function is not supported by the KMS. –OR– One (or more) of the key requests submitted is not supported by the KMS. Check individual key request(s) to see which ones may have been processed.
EFI_OUT_OF_RESOURCES	Required resources were not available to perform the function.
EFI_TIMEOUT	Timed out waiting for device or key server. Check individual key request(s) to see which ones may have been processed.
EFI_ACCESS_DENIED	Access was denied by the device or the key server; OR a ClientId is required by the server and either no id was provided or an invalid id was provided.
EFI_DEVICE_ERROR	An error occurred when attempting to access the KMS. Check individual key request(s) to see which ones may have been processed.
EFI_INVALID_PARAMETER	This is NULL, ClientId is required but it is NULL, KeyDescriptorCount is NULL, or Keys is NULL.
EFI_NOT_FOUND	One or more EFI_KMS_KEY_DESCRIPTOR structures could not be processed properly. KeyDescriptorCount contains the number of structures which were successfully processed. Individual structures will reflect the status of the processing for that structure.

Definition at line 502 of file Kms.h.

◆ EFI_KMS_DELETE_KEY

typedef EFI_STATUS(EFIAPI * EFI_KMS_DELETE_KEY) (IN EFI_KMS_PROTOCOL *This, IN EFI_KMS_CLIENT_INFO *Client, IN OUT UINT16 *KeyDescriptorCount, IN OUT EFI_KMS_KEY_DESCRIPTOR *KeyDescriptors, IN OUT UINTN *ClientDataSize OPTIONAL, IN OUT VOID **ClientData OPTIONAL)

Delete an existing key from the KMS database.

Parameters

[in]	This	Pointer to the EFI_KMS_PROTOCOL instance.
[in]	Client	Pointer to a valid EFI_KMS_CLIENT_INFO structure.
[in,out]	KeyDescriptorCount	Pointer to a count of the number of key descriptors to be processed by this operation. On normal return, this number will be updated with the number of key descriptors successfully processed.
[in,out]	KeyDescriptors	Pointer to an array of EFI_KMS_KEY_DESCRIPTOR structures which describe the keys to be deleted. On input, the KeyId field for first key must contain valid identifier data to be used for adding a key to the KMS. The values for these fields in this key definition will be considered default values for subsequent keys requested in this operation. A value of 0 in any subsequent KeyId field will be replaced with the current default value. The KeyFormat and KeyValue fields are ignored, but should be 0. On return, the KeyStatus field will reflect the result of the operation for each key request.
[in,out]	ClientDataSize	Pointer to the size, in bytes, of an arbitrary block of data specified by the ClientData parameter. This parameter may be NULL, in which case the ClientData parameter will be ignored and no data will be transferred to or from the KMS. If the parameter is not NULL, then ClientData must be a valid pointer. If the value pointed to is 0, no data will be transferred to the KMS, but data may be returned by the KMS. For all non-zero values *ClientData will be transferred to the KMS, which may also return data to the caller. In all cases, the value upon return to the caller will be the size of the data block returned to the caller, which will be zero if no data is returned from the KMS.
[in,out]	ClientData	Pointer to a pointer to an arbitrary block of data of ClientDataSize that is to be passed directly to the KMS if it supports the use of client data. This parameter may be NULL if and only if the ClientDataSize parameter is also NULL. Upon return to the caller, ClientData points to a block of data of ClientDataSize that was returned from the KMS. If the returned value for ClientDataSize is zero, then the returned value for *ClientData must be NULL and should be ignored by the caller. The KMS protocol consumer is responsible for freeing all valid buffers used for client data regardless of whether they are allocated by the caller for input to the function or by the implementation for output back to the caller.

Return values

EFI_SUCCESS	Successfully deleted all requested keys.
EFI_OUT_OF_RESOURCES	Could not allocate required resources.
EFI_TIMEOUT	Timed out waiting for device or key server. Check individual key request(s) to see which ones may have been processed.
EFI_ACCESS_DENIED	Access was denied by the device or the key server; OR a ClientId is required by the server and either none or an invalid id was provided.
EFI_DEVICE_ERROR	Device or key server error. Check individual key request(s) to see which ones may have been processed.
EFI_INVALID_PARAMETER	This is NULL, ClientId is required but it is NULL, KeyDescriptorCount is NULL, or Keys is NULL.
EFI_NOT_FOUND	One or more EFI_KMS_KEY_DESCRIPTOR structures could not be processed properly. KeyDescriptorCount contains the number of structures which were successfully processed. Individual structures will reflect the status of the processing for that structure.
EFI_UNSUPPORTED	The implementation/KMS does not support this function.

Definition at line 755 of file Kms.h.

◆ EFI_KMS_DELETE_KEY_ATTRIBUTES

typedef EFI_STATUS(EFIAPI * EFI_KMS_DELETE_KEY_ATTRIBUTES) (IN EFI_KMS_PROTOCOL *This, IN EFI_KMS_CLIENT_INFO *Client, IN UINT8 *KeyIdentifierSize, IN CONST VOID *KeyIdentifier, IN OUT UINT16 *KeyAttributesCount, IN OUT EFI_KMS_KEY_ATTRIBUTE *KeyAttributes, IN OUT UINTN *ClientDataSize OPTIONAL, IN OUT VOID **ClientData OPTIONAL)

Delete attributes to a key specified by a key identifier.

Parameters

[in]	This	Pointer to the EFI_KMS_PROTOCOL instance.
[in]	Client	Pointer to a valid EFI_KMS_CLIENT_INFO structure.
[in]	KeyIdentifierSize	Pointer to the size in bytes of the KeyIdentifier variable.
[in]	KeyIdentifier	Pointer to the key identifier associated with this key.
[in,out]	KeyAttributesCount	Pointer to the number of EFI_KMS_KEY_ATTRIBUTE structures to associate with the Key. On input, the count value is one or more. On normal returns, this number will be updated with the number of key attributes successfully processed.
[in,out]	KeyAttributes	Pointer to an array of EFI_KMS_KEY_ATTRIBUTE structures providing the attribute information to associate with the key. On input, the values for the fields in the structure are completely filled in. On return the KeyAttributeStatus field will reflect the result of the operation for each key attribute request.
[in,out]	ClientDataSize	Pointer to the size, in bytes, of an arbitrary block of data specified by the ClientData parameter. This parameter may be NULL, in which case the ClientData parameter will be ignored and no data will be transferred to or from the KMS. If the parameter is not NULL, then ClientData must be a valid pointer. If the value pointed to is 0, no data will be transferred to the KMS, but data may be returned by the KMS. For all non-zero values *ClientData will be transferred to the KMS, which may also return data to the caller. In all cases, the value upon return to the caller will be the size of the data block returned to the caller, which will be zero if no data is returned from the KMS.
[in,out]	ClientData	Pointer to a pointer to an arbitrary block of data of ClientDataSize that is to be passed directly to the KMS if it supports the use of client data. This parameter may be NULL if and only if the ClientDataSize parameter is also NULL. Upon return to the caller, ClientData points to a block of data of ClientDataSize that was returned from the KMS. If the returned value for ClientDataSize is zero, then the returned value for *ClientData must be NULL and should be ignored by the caller. The KMS protocol consumer is responsible for freeing all valid buffers used for client data regardless of whether they are allocated by the caller for input to the function or by the implementation for output back to the caller.

Return values

EFI_SUCCESS	Successfully deleted all requested key attributes.
EFI_OUT_OF_RESOURCES	Could not allocate required resources.
EFI_TIMEOUT	Timed out waiting for device or key server. Check individual key attribute request(s) to see which ones may have been processed.
EFI_ACCESS_DENIED	Access was denied by the device or the key server; OR a ClientId is required by the server and either none or an invalid id was provided.
EFI_DEVICE_ERROR	Device or key server error. Check individual key attribute request(s) (i.e. key attribute status for each) to see which ones may have been processed.
EFI_INVALID_PARAMETER	This is NULL, ClientId is required but it is NULL, KeyAttributesCount is NULL, or KeyAttributes is NULL, or KeyIdentifierSize is NULL, or KeyIdentifer is NULL.
EFI_NOT_FOUND	The KeyIdentifier could not be found or the attribute could not be found. On return the KeyAttributesCount contains the number of attributes processed. Individual structures will reflect the status of the processing for that structure.
EFI_UNSUPPORTED	The implementation/KMS does not support this function.

Definition at line 1015 of file Kms.h.

◆ EFI_KMS_GET_KEY

typedef EFI_STATUS(EFIAPI * EFI_KMS_GET_KEY) (IN EFI_KMS_PROTOCOL *This, IN EFI_KMS_CLIENT_INFO *Client, IN OUT UINT16 *KeyDescriptorCount, IN OUT EFI_KMS_KEY_DESCRIPTOR *KeyDescriptors, IN OUT UINTN *ClientDataSize OPTIONAL, IN OUT VOID **ClientData OPTIONAL)

Retrieve an existing key.

Parameters

[in]	This	Pointer to the EFI_KMS_PROTOCOL instance.
[in]	Client	Pointer to a valid EFI_KMS_CLIENT_INFO structure.
[in,out]	KeyDescriptorCount	Pointer to a count of the number of key descriptors to be processed by this operation. On return, this number will be updated with the number of key descriptors successfully processed.
[in,out]	KeyDescriptors	Pointer to an array of EFI_KMS_KEY_DESCRIPTOR structures which describe the keys to be retrieved from the KMS. On input, the KeyIdentifierSize and the KeyIdentifier must specify an identifier to be used to retrieve a specific key. All other fields in the descriptor should be NULL. On output, the KeyIdentifierSize and KeyIdentifier fields will be unchanged, while the KeyFormat and KeyValue fields will be updated values associated with this key identifier. Memory for the KeyValue field will be allocated with the BOOT_SERVICES_DATA type and must be freed by the caller when it is no longer needed. Also, the KeyStatus field will reflect the result of the request relative to the individual key descriptor.
[in,out]	ClientDataSize	Pointer to the size, in bytes, of an arbitrary block of data specified by the ClientData parameter. This parameter may be NULL, in which case the ClientData parameter will be ignored and no data will be transferred to or from the KMS. If the parameter is not NULL, then ClientData must be a valid pointer. If the value pointed to is 0, no data will be transferred to the KMS, but data may be returned by the KMS. For all non-zero values *ClientData will be transferred to the KMS, which may also return data to the caller. In all cases, the value upon return to the caller will be the size of the data block returned to the caller, which will be zero if no data is returned from the KMS.
[in,out]	ClientData	Pointer to a pointer to an arbitrary block of data of ClientDataSize that is to be passed directly to the KMS if it supports the use of client data. This parameter may be NULL if and only if the ClientDataSize parameter is also NULL. Upon return to the caller, ClientData points to a block of data of ClientDataSize that was returned from the KMS. If the returned value for ClientDataSize is zero, then the returned value for *ClientData must be NULL and should be ignored by the caller. The KMS protocol consumer is responsible for freeing all valid buffers used for client data regardless of whether they are allocated by the caller for input to the function or by the implementation for output back to the caller.

Return values

EFI_SUCCESS	Successfully retrieved all requested keys.
EFI_OUT_OF_RESOURCES	Could not allocate resources for the method processing.
EFI_TIMEOUT	Timed out waiting for device or key server. Check individual key request(s) to see which ones may have been processed.
EFI_BUFFER_TOO_SMALL	If multiple keys are associated with a single identifier, and the KeyValue buffer does not contain enough structures (KeyDescriptorCount) to contain all the key data, then the available structures will be filled and KeyDescriptorCount will be updated to indicate the number of keys which could not be processed.
EFI_ACCESS_DENIED	Access was denied by the device or the key server; OR a ClientId is required by the server and either none or an invalid id was provided.
EFI_DEVICE_ERROR	Device or key server error. Check individual key request(s) to see which ones may have been processed.
EFI_INVALID_PARAMETER	This is NULL, ClientId is required but it is NULL, KeyDescriptorCount is NULL, or Keys is NULL.
EFI_NOT_FOUND	One or more EFI_KMS_KEY_DESCRIPTOR structures could not be processed properly. KeyDescriptorCount contains the number of structures which were successfully processed. Individual structures will reflect the status of the processing for that structure.
EFI_UNSUPPORTED	The implementation/KMS does not support this function.

Definition at line 590 of file Kms.h.

◆ EFI_KMS_GET_KEY_ATTRIBUTES

typedef EFI_STATUS(EFIAPI * EFI_KMS_GET_KEY_ATTRIBUTES) (IN EFI_KMS_PROTOCOL *This, IN EFI_KMS_CLIENT_INFO *Client, IN UINT8 *KeyIdentifierSize, IN CONST VOID *KeyIdentifier, IN OUT UINT16 *KeyAttributesCount, IN OUT EFI_KMS_KEY_ATTRIBUTE *KeyAttributes, IN OUT UINTN *ClientDataSize OPTIONAL, IN OUT VOID **ClientData OPTIONAL)

Get one or more attributes associated with a specified key identifier. If none are found, the returned attributes count contains a value of zero.

Parameters

[in]	This	Pointer to the EFI_KMS_PROTOCOL instance.
[in]	Client	Pointer to a valid EFI_KMS_CLIENT_INFO structure.
[in]	KeyIdentifierSize	Pointer to the size in bytes of the KeyIdentifier variable.
[in]	KeyIdentifier	Pointer to the key identifier associated with this key.
[in,out]	KeyAttributesCount	Pointer to the number of EFI_KMS_KEY_ATTRIBUTE structures associated with the Key identifier. If none are found, the count value is zero on return. On input this value reflects the number of KeyAttributes that may be returned. On output, the value reflects the number of completed KeyAttributes structures found.
[in,out]	KeyAttributes	Pointer to an array of EFI_KMS_KEY_ATTRIBUTE structures associated with the Key Identifier. On input, the fields in the structure should be NULL. On output, the attribute fields will have updated values for attributes associated with this key identifier.
[in,out]	ClientDataSize	Pointer to the size, in bytes, of an arbitrary block of data specified by the ClientData parameter. This parameter may be NULL, in which case the ClientData parameter will be ignored and no data will be transferred to or from the KMS. If the parameter is not NULL, then ClientData must be a valid pointer. If the value pointed to is 0, no data will be transferred to the KMS, but data may be returned by the KMS. For all non-zero values *ClientData will be transferred to the KMS, which may also return data to the caller. In all cases, the value upon return to the caller will be the size of the data block returned to the caller, which will be zero if no data is returned from the KMS.
[in,out]	ClientData	Pointer to a pointer to an arbitrary block of data of ClientDataSize that is to be passed directly to the KMS if it supports the use of client data. This parameter may be NULL if and only if the ClientDataSize parameter is also NULL. Upon return to the caller, ClientData points to a block of data of ClientDataSize that was returned from the KMS. If the returned value for ClientDataSize is zero, then the returned value for *ClientData must be NULL and should be ignored by the caller. The KMS protocol consumer is responsible for freeing all valid buffers used for client data regardless of whether they are allocated by the caller for input to the function or by the implementation for output back to the caller.

Return values

EFI_SUCCESS	Successfully retrieved all key attributes.
EFI_OUT_OF_RESOURCES	Could not allocate resources for the method processing.
EFI_TIMEOUT	Timed out waiting for device or key server. Check individual key attribute request(s) to see which ones may have been processed.
EFI_BUFFER_TOO_SMALL	If multiple key attributes are associated with a single identifier, and the KeyAttributes buffer does not contain enough structures (KeyAttributesCount) to contain all the key attributes data, then the available structures will be filled and KeyAttributesCount will be updated to indicate the number of key attributes which could not be processed.
EFI_ACCESS_DENIED	Access was denied by the device or the key server; OR a ClientId is required by the server and either none or an invalid id was provided.
EFI_DEVICE_ERROR	Device or key server error. Check individual key attribute request(s) (i.e. key attribute status for each) to see which ones may have been processed.
EFI_INVALID_PARAMETER	This is NULL, ClientId is required but it is NULL, KeyIdentifierSize is NULL , or KeyIdentifier is NULL, or KeyAttributes is NULL, or KeyAttributesSize is NULL.
EFI_NOT_FOUND	The KeyIdentifier could not be found. KeyAttributesCount contains zero. Individual structures will reflect the status of the processing for that structure.
EFI_UNSUPPORTED	The implementation/KMS does not support this function.

Definition at line 842 of file Kms.h.

◆ EFI_KMS_GET_KEY_BY_ATTRIBUTES

typedef EFI_STATUS(EFIAPI * EFI_KMS_GET_KEY_BY_ATTRIBUTES) (IN EFI_KMS_PROTOCOL *This, IN EFI_KMS_CLIENT_INFO *Client, IN OUT UINTN *KeyAttributeCount, IN OUT EFI_KMS_KEY_ATTRIBUTE *KeyAttributes, IN OUT UINTN *KeyDescriptorCount, IN OUT EFI_KMS_KEY_DESCRIPTOR *KeyDescriptors, IN OUT UINTN *ClientDataSize OPTIONAL, IN OUT VOID **ClientData OPTIONAL)

Retrieve one or more key that has matched all of the specified key attributes.

Parameters

[in]	This	Pointer to the EFI_KMS_PROTOCOL instance.
[in]	Client	Pointer to a valid EFI_KMS_CLIENT_INFO structure.
[in,out]	KeyAttributesCount	Pointer to a count of the number of key attribute structures that must be matched for each returned key descriptor. On input the count value is one or more. On normal returns, this number will be updated with the number of key attributes successfully processed.
[in,out]	KeyAttributes	Pointer to an array of EFI_KMS_KEY_ATTRIBUTE structure to search for. On input, the values for the fields in the structure are completely filled in. On return the KeyAttributeStatus field will reflect the result of the operation for each key attribute request.
[in,out]	KeyDescriptorCount	Pointer to a count of the number of key descriptors matched by this operation. On entry, this number will be zero. On return, this number will be updated to the number of key descriptors successfully found.
[in,out]	KeyDescriptors	Pointer to an array of EFI_KMS_KEY_DESCRIPTOR structures which describe the keys from the KMS having the KeyAttribute(s) specified. On input, this pointer will be NULL. On output, the array will contain an EFI_KMS_KEY_DESCRIPTOR structure for each key meeting the search criteria. Memory for the array and all KeyValue fields will be allocated with the EfiBootServicesData type and must be freed by the caller when it is no longer needed. Also, the KeyStatus field of each descriptor will reflect the result of the request relative to that key descriptor.
[in,out]	ClientDataSize	Pointer to the size, in bytes, of an arbitrary block of data specified by the ClientData parameter. This parameter may be NULL, in which case the ClientData parameter will be ignored and no data will be transferred to or from the KMS. If the parameter is not NULL, then ClientData must be a valid pointer. If the value pointed to is 0, no data will be transferred to the KMS, but data may be returned by the KMS. For all non-zero values *ClientData will be transferred to the KMS, which may also return data to the caller. In all cases, the value upon return to the caller will be the size of the data block returned to the caller, which will be zero if no data is returned from the KMS.
[in,out]	ClientData	Pointer to a pointer to an arbitrary block of data of ClientDataSize that is to be passed directly to the KMS if it supports the use of client data. This parameter may be NULL if and only if the ClientDataSize parameter is also NULL. Upon return to the caller, ClientData points to a block of data of ClientDataSize that was returned from the KMS. If the returned value for ClientDataSize is zero, then the returned value for *ClientData must be NULL and should be ignored by the caller. The KMS protocol consumer is responsible for freeing all valid buffers used for client data regardless of whether they are allocated by the caller for input to the function or by the implementation for output back to the caller.

Return values

EFI_SUCCESS	Successfully retrieved all requested keys.
EFI_OUT_OF_RESOURCES	Could not allocate required resources.
EFI_TIMEOUT	Timed out waiting for device or key server. Check individual key attribute request(s) to see which ones may have been processed.
EFI_BUFFER_TOO_SMALL	If multiple keys are associated with the attribute(s), and the KeyValue buffer does not contain enough structures (KeyDescriptorCount) to contain all the key data, then the available structures will be filled and KeyDescriptorCount will be updated to indicate the number of keys which could not be processed.
EFI_ACCESS_DENIED	Access was denied by the device or the key server; OR a ClientId is required by the server and either none or an invalid id was provided.
EFI_DEVICE_ERROR	Device or key server error. Check individual key attribute request(s) (i.e. key attribute status for each) to see which ones may have been processed.
EFI_INVALID_PARAMETER	This is NULL, ClientId is required but it is NULL, KeyDescriptorCount is NULL, or KeyDescriptors is NULL or KeyAttributes is NULL, or KeyAttributesCount is NULL.
EFI_NOT_FOUND	One or more EFI_KMS_KEY_ATTRIBUTE structures could not be processed properly. KeyAttributeCount contains the number of structures which were successfully processed. Individual structures will reflect the status of the processing for that structure.
EFI_UNSUPPORTED	The implementation/KMS does not support this function.

Definition at line 1118 of file Kms.h.

◆ EFI_KMS_GET_SERVICE_STATUS

typedef EFI_STATUS(EFIAPI * EFI_KMS_GET_SERVICE_STATUS) (IN EFI_KMS_PROTOCOL *This)

Get the current status of the key management service.

Parameters

[in] This Pointer to the EFI_KMS_PROTOCOL instance.

Return values

EFI_SUCCESS	The KMS is ready for use.
EFI_NOT_READY	No connection to the KMS is available.
EFI_NO_MAPPING	No valid connection configuration exists for the KMS.
EFI_NO_RESPONSE	No response was received from the KMS.
EFI_DEVICE_ERROR	An error occurred when attempting to access the KMS.
EFI_INVALID_PARAMETER	This is NULL.

Definition at line 359 of file Kms.h.

◆ EFI_KMS_PROTOCOL

typedef struct _EFI_KMS_PROTOCOL EFI_KMS_PROTOCOL

Definition at line 24 of file Kms.h.

◆ EFI_KMS_REGISTER_CLIENT

typedef EFI_STATUS(EFIAPI * EFI_KMS_REGISTER_CLIENT) (IN EFI_KMS_PROTOCOL *This, IN EFI_KMS_CLIENT_INFO *Client, IN OUT UINTN *ClientDataSize OPTIONAL, IN OUT VOID **ClientData OPTIONAL)

Register client information with the supported KMS.

Parameters

[in]	This	Pointer to the EFI_KMS_PROTOCOL instance.
[in]	Client	Pointer to a valid EFI_KMS_CLIENT_INFO structure.
[in,out]	ClientDataSize	Pointer to the size, in bytes, of an arbitrary block of data specified by the ClientData parameter. This parameter may be NULL, in which case the ClientData parameter will be ignored and no data will be transferred to or from the KMS. If the parameter is not NULL, then ClientData must be a valid pointer. If the value pointed to is 0, no data will be transferred to the KMS, but data may be returned by the KMS. For all non-zero values *ClientData will be transferred to the KMS, which may also return data to the caller. In all cases, the value upon return to the caller will be the size of the data block returned to the caller, which will be zero if no data is returned from the KMS.
[in,out]	ClientData	Pointer to a pointer to an arbitrary block of data of ClientDataSize that is to be passed directly to the KMS if it supports the use of client data. This parameter may be NULL if and only if the ClientDataSize parameter is also NULL. Upon return to the caller, ClientData points to a block of data of ClientDataSize that was returned from the KMS. If the returned value for ClientDataSize is zero, then the returned value for *ClientData must be NULL and should be ignored by the caller. The KMS protocol consumer is responsible for freeing all valid buffers used for client data regardless of whether they are allocated by the caller for input to the function or by the implementation for output back to the caller.

Return values

EFI_SUCCESS	The client information has been accepted by the KMS.
EFI_NOT_READY	No connection to the KMS is available.
EFI_NO_RESPONSE	There was no response from the device or the key server.
EFI_ACCESS_DENIED	Access was denied by the device or the key server.
EFI_DEVICE_ERROR	An error occurred when attempting to access the KMS.
EFI_OUT_OF_RESOURCES	Required resources were not available to perform the function.
EFI_INVALID_PARAMETER	This is NULL.
EFI_UNSUPPORTED	The KMS does not support the use of client identifiers.

Definition at line 408 of file Kms.h.

Data Structures

Macros

Typedefs

Variables

Detailed Description

Macro Definition Documentation

◆ EFI_KMS_ATTRIBUTE_TYPE_BIG_INTEGER

◆ EFI_KMS_ATTRIBUTE_TYPE_BOOLEAN

◆ EFI_KMS_ATTRIBUTE_TYPE_BYTE_STRING

◆ EFI_KMS_ATTRIBUTE_TYPE_DATE_TIME

◆ EFI_KMS_ATTRIBUTE_TYPE_DYNAMIC

◆ EFI_KMS_ATTRIBUTE_TYPE_ENUMERATION

◆ EFI_KMS_ATTRIBUTE_TYPE_INTEGER

◆ EFI_KMS_ATTRIBUTE_TYPE_INTERVAL

◆ EFI_KMS_ATTRIBUTE_TYPE_LONG_INTEGER

◆ EFI_KMS_ATTRIBUTE_TYPE_NONE

◆ EFI_KMS_ATTRIBUTE_TYPE_STRUCTURE

◆ EFI_KMS_ATTRIBUTE_TYPE_TEXT_STRING

◆ EFI_KMS_DATA_TYPE_ASCII

◆ EFI_KMS_DATA_TYPE_BINARY

◆ EFI_KMS_DATA_TYPE_NONE

◆ EFI_KMS_DATA_TYPE_UNICODE

◆ EFI_KMS_DATA_TYPE_UTF8

◆ EFI_KMS_FORMAT_AESCBC_128_GUID

◆ EFI_KMS_FORMAT_AESCBC_256_GUID

◆ EFI_KMS_FORMAT_AESXTS_128_GUID

◆ EFI_KMS_FORMAT_AESXTS_256_GUID

◆ EFI_KMS_FORMAT_GENERIC_1024_GUID

◆ EFI_KMS_FORMAT_GENERIC_128_GUID

◆ EFI_KMS_FORMAT_GENERIC_160_GUID

◆ EFI_KMS_FORMAT_GENERIC_2048_GUID

◆ EFI_KMS_FORMAT_GENERIC_256_GUID

◆ EFI_KMS_FORMAT_GENERIC_3072_GUID

◆ EFI_KMS_FORMAT_GENERIC_512_GUID

◆ EFI_KMS_FORMAT_GENERIC_DYNAMIC_GUID

◆ EFI_KMS_FORMAT_MD2_128_GUID

◆ EFI_KMS_FORMAT_MD4_128_GUID

◆ EFI_KMS_FORMAT_MD5_128_GUID

◆ EFI_KMS_FORMAT_MD5SHA_128_GUID

◆ EFI_KMS_FORMAT_MDC2_128_GUID

◆ EFI_KMS_FORMAT_MDC4_128_GUID

◆ EFI_KMS_FORMAT_RSASHA1_1024_GUID

◆ EFI_KMS_FORMAT_RSASHA1_2048_GUID

◆ EFI_KMS_FORMAT_RSASHA256_2048_GUID

◆ EFI_KMS_FORMAT_RSASHA256_3072_GUID

◆ EFI_KMS_FORMAT_SHA1_160_GUID

◆ EFI_KMS_FORMAT_SHA256_256_GUID

◆ EFI_KMS_FORMAT_SHA512_512_GUID

◆ EFI_KMS_PROTOCOL_GUID

Typedef Documentation

◆ EFI_KMS_ADD_KEY

◆ EFI_KMS_ADD_KEY_ATTRIBUTES

◆ EFI_KMS_CREATE_KEY

◆ EFI_KMS_DELETE_KEY

◆ EFI_KMS_DELETE_KEY_ATTRIBUTES

◆ EFI_KMS_GET_KEY

◆ EFI_KMS_GET_KEY_ATTRIBUTES

◆ EFI_KMS_GET_KEY_BY_ATTRIBUTES

◆ EFI_KMS_GET_SERVICE_STATUS

◆ EFI_KMS_PROTOCOL

◆ EFI_KMS_REGISTER_CLIENT