1 /* 2 * Copyright 2012 Red Hat, Inc. 3 * All rights reserved. 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License as published by 7 * the Free Software Foundation; version 2 of the License. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program. If not, see <http://www.gnu.org/licenses/>. 16 * 17 * Author(s): Peter Jones <pjones@redhat.com> 18 */ 19 #ifndef CERTDB_H 20 #define CERTDB_H 1 21 22 typedef enum { 23 DB = 0, 24 DBX = 1 25 } db_specifier; 26 27 typedef enum { 28 FOUND = 0, 29 NOT_FOUND = 1 30 } db_status; 31 32 typedef struct { 33 efi_guid_t SignatureOwner; 34 uint8_t SignatureData[1]; 35 } EFI_SIGNATURE_DATA; 36 37 typedef struct { 38 efi_guid_t SignatureType; 39 uint32_t SignatureListSize; 40 uint32_t SignatureHeaderSize; 41 uint32_t SignatureSize; 42 } EFI_SIGNATURE_LIST; 43 44 extern db_status check_db_hash(db_specifier which, pesigcheck_context *ctx); 45 extern db_status check_db_cert(db_specifier which, pesigcheck_context *ctx, 46 void *data, ssize_t datalen); 47 48 extern void init_cert_db(pesigcheck_context *ctx, int use_system_dbs); 49 extern int add_cert_db(pesigcheck_context *ctx, const char *filename); 50 extern int add_cert_dbx(pesigcheck_context *ctx, const char *filename); 51 extern int add_cert_file(pesigcheck_context *ctx, const char *filename); 52 53 #endif /* CERTDB_H */ 54