[U-Boot] [RFC 03/15] include: pe.h: add image-signing-related definitions
AKASHI Takahiro
takahiro.akashi at linaro.org
Wed Sep 18 01:26:31 UTC 2019
The index (IMAGE_DIRECTORY_ENTRY_CERTTABLE) in a table points to
a region containing authentication information (image's signature)
in PE format.
WIN_CERTIFICATE structure defines an embedded signature format.
Those definitions will be used in my UEFI secure boot patch.
Signed-off-by: AKASHI Takahiro <takahiro.akashi at linaro.org>
---
include/pe.h | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/include/pe.h b/include/pe.h
index bff3b0aa7a6c..650478ca78af 100644
--- a/include/pe.h
+++ b/include/pe.h
@@ -155,6 +155,7 @@ typedef struct _IMAGE_SECTION_HEADER {
uint32_t Characteristics;
} IMAGE_SECTION_HEADER, *PIMAGE_SECTION_HEADER;
+#define IMAGE_DIRECTORY_ENTRY_CERTTABLE 4
#define IMAGE_DIRECTORY_ENTRY_BASERELOC 5
typedef struct _IMAGE_BASE_RELOCATION
@@ -252,4 +253,19 @@ typedef struct _IMAGE_RELOCATION
#define IMAGE_REL_AMD64_PAIR 0x000F
#define IMAGE_REL_AMD64_SSPAN32 0x0010
+/* certificate appended to PE image */
+typedef struct _WIN_CERTIFICATE {
+ uint32_t dwLength;
+ uint16_t wRevision;
+ uint16_t wCertificateType;
+ uint8_t bCertificate[];
+} WIN_CERTIFICATE, *LPWIN_CERTIFICATE;
+
+#define WIN_CERT_TYPE_PKCS_SIGNED_DATA 0x0002
+#define WIN_CERT_TYPE_EFI_OKCS115 0x0EF0
+#define WIN_CERT_TYPE_EFI_GUID 0x0EF1
+
+#define WIN_CERT_REVISION_1_0 0x0100
+#define WIN_CERT_REVISION_2_0 0x0200
+
#endif /* _PE_H */
--
2.21.0
More information about the U-Boot
mailing list