uefi_specs/uefi/signing.rs
1// Copyright (c) Microsoft Corporation.
2// Licensed under the MIT License.
3
4use guid::Guid;
5use zerocopy::FromBytes;
6use zerocopy::Immutable;
7use zerocopy::IntoBytes;
8use zerocopy::KnownLayout;
9
10/// UEFI spec 32.2.4
11///
12/// This structure is the certificate header.
13/// There may be zero or more certificates.
14#[derive(Debug, IntoBytes, FromBytes, Immutable, KnownLayout)]
15#[repr(C)]
16pub struct WIN_CERTIFICATE {
17 /// The length of the entire certificate, including the length of the header,
18 /// in bytes
19 pub length: u32,
20 /// The revision level of the WIN_CERTIFICATE structure.
21 /// The current revision level is 0x0200
22 pub revision: u16,
23 /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI certificate
24 /// types. The UEFI specification reserves the range of certificate type
25 /// values from 0x0EF0 to 0x0EFF.
26 pub certificate_type: u16,
27 // The actual certificate. The format of the certificate depends on
28 // certificate_type.
29 //
30 // UINT8 bCertificate[ANYSIZE_ARRAY];
31}
32
33/// UEFI spec 32.2.4 - WIN_CERTIFICATE_UEFI_GUID
34#[derive(Debug, IntoBytes, FromBytes, Immutable, KnownLayout)]
35#[repr(C)]
36pub struct WIN_CERTIFICATE_UEFI_GUID {
37 /// certificate_type is set to WIN_CERT_TYPE_EFI_GUID.
38 pub header: WIN_CERTIFICATE,
39 /// This is the unique id which determines the format of the CertData.
40 pub cert_type: Guid,
41 // This is the certificate data. The format of the data is determined by the
42 // CertType.
43 //
44 // UINT8 CertData[ANYSIZE_ARRAY];
45}
46
47/// UEFI spec 32.2.4 - WIN_CERTIFICATE_UEFI_GUID
48pub const EFI_CERT_TYPE_PKCS7_GUID: Guid = guid::guid!("4aafd29d-68df-49ee-8aa9-347d375665a7");
49
50// UEFI spec 32.2.4 - WIN_CERTIFICATE
51
52// pub const WIN_CERT_TYPE_PKCS_SIGNED_DATA: u16 = 0x0002;
53// pub const WIN_CERT_TYPE_EFI_PKCS115: u16 = 0x0EF0;//
54pub const WIN_CERT_TYPE_EFI_GUID: u16 = 0x0EF1;