dasharo/slimbootloader
0
0
Fork 0
mirror of https://github.com/Dasharo/slimbootloader.git synced 2026-03-06 15:26:20 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
d9feb94de3db77667bf1c9a90ea9fd41af84325c
slimbootloader/BootloaderCommonPkg/Include/Guid/KeyHashGuid.h
T
Maurice Ma fc6aa78708 Add OEM container verification support 
Current SBL supports container header verification. If the container
signature is BOOT, it will use HASH_USAGE_PUBKEY_OS. Otherwise, it
will use HASH_USAGE_PUBKEY_CONTAINER_DEF. This patch added OEM signed
container support. If a container signature between OEM0 to OEM7 is
found, it will be verified use HASH_USAGE_PUBKEY_OEM(x) where x is 0
to 7. To add an OEM public key hash, it can be done by updating
pub_key_list in GetKeyHashList() in file BoardConfig.py.

Signed-off-by: Maurice Ma <maurice.ma@intel.com>
2020-05-22 12:19:50 -07:00

93 lines
2.6 KiB
C
Raw Blame History

/** @file
This file defines the hob structure used for paylod.
Copyright (c) 2017-2019, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#ifndef __PAYLOAD_KEY_HASH_GUID_H__
#define __PAYLOAD_KEY_HASH_GUID_H__
///
/// The pre-process public key GUID used for payload to verify image.
///
extern EFI_GUID gPayloadKeyHashGuid;
#define HASH_STORE_SIGNATURE SIGNATURE_32('_', 'H', 'S', '_')
#define COMP_TYPE_STAGE_1B 0
#define COMP_TYPE_STAGE_2 1
#define COMP_TYPE_PAYLOAD 2
#define COMP_TYPE_PAYLOAD_FWU 3
#define COMP_TYPE_INVALID 4
//
// Hash Table Definition for Component and Public key usage
//
typedef UINT32 HASH_COMP_USAGE;
#define HASH_USAGE_STAGE_1B (1 << COMP_TYPE_STAGE_1B)
#define HASH_USAGE_STAGE_2 (1 << COMP_TYPE_STAGE_2)
#define HASH_USAGE_PAYLOAD (1 << COMP_TYPE_PAYLOAD)
#define HASH_USAGE_FIRMWARE_UPDATE (1 << COMP_TYPE_PAYLOAD_FWU)
#define HASH_USAGE_PUBKEY_MASTER BIT8
#define HASH_USAGE_PUBKEY_CFG_DATA BIT9
#define HASH_USAGE_PUBKEY_FWU BIT10
#define HASH_USAGE_PUBKEY_OS BIT11
#define HASH_USAGE_PUBKEY_CONTAINER_DEF BIT12
#define HASH_USAGE_PUBKEY_OEM_0 BIT24
#define HASH_USAGE_PUBKEY_OEM_1 BIT25
#define HASH_USAGE_PUBKEY_OEM_2 BIT26
#define HASH_USAGE_PUBKEY_OEM_3 BIT27
#define HASH_USAGE_PUBKEY_OEM_4 BIT28
#define HASH_USAGE_PUBKEY_OEM_5 BIT29
#define HASH_USAGE_PUBKEY_OEM_6 BIT30
#define HASH_USAGE_PUBKEY_OEM_7 BIT31
#define HASH_USAGE_PUBKEY_OEM(x) (HASH_USAGE_PUBKEY_OEM_0 << (x))
#pragma pack(1)
typedef struct {
//
// Usage corresponds to components bit mask for hash is valid
//
HASH_COMP_USAGE Usage;
//
// Hash algorithm used for digest
//
UINT8 HashAlg;
UINT8 Reserved;
//
// Digest Length
//
UINT16 DigestLen;
//
// Hash of the component
//
UINT8 Digest[0];
} HASH_STORE_DATA;
typedef struct {
UINT32 Signature;
UINT8 Revision;
UINT8 HeaderLength;
UINT8 Reserved[2];
//
// Total valid hash store data including the header
//
UINT32 UsedLength;
//
// The total space for hash store data allocated
//
UINT32 TotalLength;
//
// Hash store data chain with type HASH_STORE_DATA
//
UINT8 Data[0];
} HASH_STORE_TABLE;
#pragma pack()
#endif
Reference in New Issue View Git Blame Copy Permalink