113 lines
4.3 KiB
C
113 lines
4.3 KiB
C
/** @file
|
|
Formset guids, form id and VarStore data structure for Boot Maintenance Manager.
|
|
|
|
;******************************************************************************
|
|
;* Copyright (c) 2012 - 2021, Insyde Software Corp. All Rights Reserved.
|
|
;*
|
|
;* You may not reproduce, distribute, publish, display, perform, modify, adapt,
|
|
;* transmit, broadcast, present, recite, release, license or otherwise exploit
|
|
;* any part of this publication in any form, by any means, without the prior
|
|
;* written permission of Insyde Software Corporation.
|
|
;*
|
|
;******************************************************************************
|
|
*/
|
|
|
|
#ifndef _SECURE_BOOT_FORM_GUID_H_
|
|
#define _SECURE_BOOT_FORM_GUID_H_
|
|
|
|
|
|
#define SECURE_BOOT_FORMSET_GUID \
|
|
{ \
|
|
0xaa1305b9, 0x1f3, 0x4afb, 0x92, 0xe, 0xc9, 0xb9, 0x79, 0xa8, 0x52, 0xfd\
|
|
}
|
|
//
|
|
// Secure Boot Manager rlative definitions
|
|
//
|
|
#define SECURE_BOOT_FORM_ID 0x1002
|
|
#define FORM_ENROLL_HASH_ID 0x1000
|
|
#define FORM_ID_PK 0x1003
|
|
#define FORM_ID_PK_ENROLL_SIGNATURE 0x1004
|
|
#define FORM_ID_PK_DELETE_SIGNATURE 0x1005
|
|
#define FORM_ID_KEK 0x1006
|
|
#define FORM_ID_KEK_ENROLL_SIGNATURE 0x1007
|
|
#define FORM_ID_KEK_DELETE_SIGNATURE 0x1008
|
|
#define FORM_ID_DB 0x1009
|
|
#define FORM_ID_DB_ENROLL_SIGNATURE 0x100A
|
|
#define FORM_ID_DB_DELETE_SIGNATURE 0x100B
|
|
#define FORM_ID_DBX 0x100C
|
|
#define FORM_ID_DBX_ENROLL_SIGNATURE 0x100D
|
|
#define FORM_ID_DBX_DELETE_SIGNATURE 0x100E
|
|
#define FORM_ID_DBT 0x100F
|
|
#define FORM_ID_DBT_ENROLL_SIGNATURE 0x1010
|
|
#define FORM_ID_DBT_DELETE_SIGNATURE 0x1011
|
|
#define FORM_ID_DBR 0x1012
|
|
#define FORM_ID_DBR_ENROLL_SIGNATURE 0x1013
|
|
#define FORM_ID_DBR_DELETE_SIGNATURE 0x1014
|
|
//
|
|
// For Security Formset
|
|
//
|
|
#define KEY_ENFORCE_SECURE_BOOT 0x1919
|
|
#define KEY_ENFORCE_SECURE_BOOT_GRAYOUT 0x191A
|
|
#define KEY_CLEAR_SECURE_SETTINGS 0x191B
|
|
#define KEY_RESOTRE_FACTORY_SETTINGS 0x191C
|
|
#define KEY_KEK_DELETE_SIGNATURE 0x191D
|
|
#define KEY_DB_DELETE_SIGNATURE 0x191E
|
|
#define KEY_DBX_DELETE_SIGNATURE 0x190E
|
|
#define KEY_DBT_DELETE_SIGNATURE 0x190F
|
|
#define KEY_DBR_DELETE_SIGNATURE 0x1911
|
|
#define KEY_ADD_UEFI_CA_SIGNATURE 0x191F
|
|
|
|
#define KEY_ROOT_FORM 0x4431
|
|
#define KEY_ENROLL_HASH 0x4432
|
|
#define KEY_PK_FORM 0x4433
|
|
#define KEY_KEK_FORM 0x4434
|
|
#define KEY_DB_FORM 0x4435
|
|
#define KEY_DBX_FORM 0x4436
|
|
#define KEY_DBT_FORM 0x4437
|
|
#define KEY_DBR_FORM 0x4438
|
|
#define KEY_ENROLL_PK 0x4439
|
|
#define KEY_ENROLL_KEK 0x443A
|
|
#define KEY_ENROLL_DB 0x443B
|
|
#define KEY_ENROLL_DBX 0x443C
|
|
#define KEY_ENROLL_DBT 0x443D
|
|
#define KEY_ENROLL_DBR 0x443E
|
|
#define KEY_DELETE_PK 0x443F
|
|
#define KEY_DELETE_SIGNATURE_QUESTION_BASE 0x5000
|
|
#define KEY_DELETE_SIGNATURE_QUESTION_LENGTH 0x1000
|
|
|
|
#define SECURE_BOOT_CLASS 0x00
|
|
#define SECURE_BOOT_SUBCLASS 0x03
|
|
|
|
#define VARSTORE_ID_SECURE_BOOT 0x1003
|
|
|
|
|
|
#define FORM_ENROLL_FILE_ID 0x1034
|
|
#define FORM_ENROLL_FILE_END_ID 0x1035
|
|
#define LABEL_ID_SIGNATURE_LIST_START 0x1036
|
|
#define LABEL_ID_SIGNATURE_LIST_END 0x1037
|
|
#define LABEL_ID_DELETE_SIGNATURE_LIST_START 0x1038
|
|
#define LABEL_ID_DELETE_SIGNATURE_LIST_END 0x1039
|
|
|
|
#define GUID_STRING_LENGTH 36 ///< GUID string format: L"12345678-1234-1234-1234-1234567890ab"
|
|
#define GUID_STRING_STORAGE_LENGTH 37
|
|
|
|
typedef struct {
|
|
UINT8 SetupMode;
|
|
UINT8 SecureBoot;
|
|
UINT8 AuditMode;
|
|
UINT8 DeployedMode;
|
|
UINT8 CustomSecurity;
|
|
UINT8 EnforceSecureBoot;
|
|
UINT8 ClearSecureSettings;
|
|
UINT8 ResotreFactorySettings;
|
|
UINT8 SelectSecureBootMode;
|
|
UINT8 BackupSelectSecureBootMode;
|
|
UINT8 ResotreBackupSettings;
|
|
UINT8 UefiCaCertificateInDb;
|
|
UINT8 AddUefiCaCertificate;
|
|
CHAR16 EnrollSigGuidStr[GUID_STRING_STORAGE_LENGTH];
|
|
} SECURE_BOOT_NV_DATA;
|
|
|
|
#endif
|
|
|