mirror of
https://git.proxmox.com/git/efi-boot-shim
synced 2025-05-18 16:17:56 +00:00
0a6565c5ed
Using the same format as the UEFI key databases makes it easier for the kernel to parse and extract keys from MOK, and also permits MOK to contain multiple key or hash types. Additionally, add support for enrolling hashes.
38 lines
664 B
C
38 lines
664 B
C
#include "PeImage.h"
|
|
|
|
#define SHIM_LOCK_GUID \
|
|
{ 0x605dab50, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23} }
|
|
|
|
INTERFACE_DECL(_SHIM_LOCK);
|
|
|
|
typedef
|
|
EFI_STATUS
|
|
(*EFI_SHIM_LOCK_VERIFY) (
|
|
IN VOID *buffer,
|
|
IN UINT32 size
|
|
);
|
|
|
|
typedef
|
|
EFI_STATUS
|
|
(*EFI_SHIM_LOCK_HASH) (
|
|
IN char *data,
|
|
IN int datasize,
|
|
PE_COFF_LOADER_IMAGE_CONTEXT *context,
|
|
UINT8 *sha256hash,
|
|
UINT8 *sha1hash
|
|
);
|
|
|
|
typedef
|
|
EFI_STATUS
|
|
(*EFI_SHIM_LOCK_CONTEXT) (
|
|
IN VOID *data,
|
|
IN unsigned int datasize,
|
|
PE_COFF_LOADER_IMAGE_CONTEXT *context
|
|
);
|
|
|
|
typedef struct _SHIM_LOCK {
|
|
EFI_SHIM_LOCK_VERIFY Verify;
|
|
EFI_SHIM_LOCK_HASH Hash;
|
|
EFI_SHIM_LOCK_CONTEXT Context;
|
|
} SHIM_LOCK;
|