mirror of
				https://git.proxmox.com/git/mirror_edk2
				synced 2025-10-26 05:02:53 +00:00 
			
		
		
		
	 e5b31668cf
			
		
	
	
		e5b31668cf
		
	
	
	
	
		
			
			This library is used to authenticate a UEFI defined FMP Capsule. Cc: Feng Tian <feng.tian@intel.com> Cc: Star Zeng <star.zeng@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> Tested-by: Michael Kinney <michael.d.kinney@intel.com>
		
			
				
	
	
		
			67 lines
		
	
	
		
			3.0 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			67 lines
		
	
	
		
			3.0 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
| /** @file
 | |
|   FMP capsule authenitcation Library.
 | |
| 
 | |
| Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
 | |
| This program and the accompanying materials
 | |
| are licensed and made available under the terms and conditions of the BSD License
 | |
| which accompanies this distribution.  The full text of the license may be found at
 | |
| http://opensource.org/licenses/bsd-license.php
 | |
| 
 | |
| THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 | |
| WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 | |
| 
 | |
| **/
 | |
| 
 | |
| 
 | |
| #ifndef __FMP_AUTHENTICATION_LIB_H__
 | |
| #define __FMP_AUTHENTICATION_LIB_H__
 | |
| 
 | |
| #include <Protocol/FirmwareManagement.h>
 | |
| 
 | |
| /**
 | |
|   The function is used to do the authentication for FMP capsule based upon
 | |
|   EFI_FIRMWARE_IMAGE_AUTHENTICATION.
 | |
| 
 | |
|   The FMP capsule image should start with EFI_FIRMWARE_IMAGE_AUTHENTICATION,
 | |
|   followed by the payload.
 | |
| 
 | |
|   If the return status is RETURN_SUCCESS, the caller may continue the rest
 | |
|   FMP update process.
 | |
|   If the return status is NOT RETURN_SUCCESS, the caller should stop the FMP
 | |
|   update process and convert the return status to LastAttemptStatus
 | |
|   to indicate that FMP update fails.
 | |
|   The LastAttemptStatus can be got from ESRT table or via
 | |
|   EFI_FIRMWARE_MANAGEMENT_PROTOCOL.GetImageInfo().
 | |
| 
 | |
|   Caution: This function may receive untrusted input.
 | |
| 
 | |
|   @param[in]  Image                   Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
 | |
|   @param[in]  ImageSize               Size of the authentication image in bytes.
 | |
|   @param[in]  PublicKeyData           The public key data used to validate the signature.
 | |
|   @param[in]  PublicKeyDataLength     The length of the public key data.
 | |
| 
 | |
|   @retval RETURN_SUCCESS            Authentication pass.
 | |
|                                     The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
 | |
|   @retval RETURN_SECURITY_VIOLATION Authentication fail.
 | |
|                                     The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
 | |
|   @retval RETURN_INVALID_PARAMETER  The image is in an invalid format.
 | |
|                                     The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
 | |
|   @retval RETURN_UNSUPPORTED        No Authentication handler associated with CertType.
 | |
|                                     The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
 | |
|   @retval RETURN_UNSUPPORTED        Image or ImageSize is invalid.
 | |
|                                     The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
 | |
|   @retval RETURN_OUT_OF_RESOURCES   No Authentication handler associated with CertType.
 | |
|                                     The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
 | |
| **/
 | |
| RETURN_STATUS
 | |
| EFIAPI
 | |
| AuthenticateFmpImage (
 | |
|   IN EFI_FIRMWARE_IMAGE_AUTHENTICATION  *Image,
 | |
|   IN UINTN                              ImageSize,
 | |
|   IN CONST UINT8                        *PublicKeyData,
 | |
|   IN UINTN                              PublicKeyDataLength
 | |
|   );
 | |
| 
 | |
| #endif
 | |
| 
 |