EFI_VARIABLE_AUTHENTICATION Struct Reference


Data Fields

UINT64 MonotonicCount
WIN_CERTIFICATE_UEFI_GUID AuthInfo

Detailed Description

AuthInfo is a WIN_CERTIFICATE using the wCertificateType WIN_CERTIFICATE_UEFI_GUID and the CertType EFI_CERT_TYPE_RSA2048_SHA256_GUID. If the attribute specifies authenticated access, then the Data buffer should begin with an authentication descriptor prior to the data payload and DataSize should reflect the the data.and descriptor size. The caller shall digest the Monotonic Count value and the associated data for the variable update using the SHA-256 1-way hash algorithm. The ensuing the 32-byte digest will be signed using the private key associated w/ the public/private 2048-bit RSA key-pair. The WIN_CERTIFICATE shall be used to describe the signature of the Variable data *Data. In addition, the signature will also include the MonotonicCount value to guard against replay attacks.

Field Documentation

Provides the authorization for the variable access. It is a signature across the variable data and the Monotonic Count value. Caller uses Private key that is associated with a public key that has been provisioned via the key exchange.

Included in the signature of AuthInfo.Used to ensure freshness/no replay. Incremented during each "Write" access.


Generated on Wed Sep 23 16:24:28 2015 for MdePkg[ALL] by  doxygen 1.5.7.1