Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ErrSigMissingGUID = errors.New("signature data was missing owner GUID")
ErrSigMissingGUID is returned if an EFI_SIGNATURE_DATA structure was parsed successfully, however was missing the SignatureOwner GUID. This case is handled specially as a workaround for a bug relating to authority events.
Functions ¶
This section is empty.
Types ¶
type EFISignatureData ¶
type EFISignatureData struct {
SignatureOwner efiGUID
SignatureData []byte // []int8
}
EFISignatureData represents the EFI_SIGNATURE_DATA type. See section "31.4.1 Signature Database" in the specification for more information.
type EventType ¶
type EventType uint32
EventType describes the type of event signalled in the event log.
const ( PrebootCert EventType = 0x00000000 PostCode EventType = 0x00000001 NoAction EventType = 0x00000003 Separator EventType = 0x00000004 Action EventType = 0x00000005 EventTag EventType = 0x00000006 SCRTMContents EventType = 0x00000007 SCRTMVersion EventType = 0x00000008 CpuMicrocode EventType = 0x00000009 PlatformConfigFlags EventType = 0x0000000A TableOfDevices EventType = 0x0000000B CompactHash EventType = 0x0000000C Ipl EventType = 0x0000000D IplPartitionData EventType = 0x0000000E NonhostCode EventType = 0x0000000F NonhostConfig EventType = 0x00000010 NonhostInfo EventType = 0x00000011 OmitBootDeviceEvents EventType = 0x00000012 )
BIOS Events (TCG PC Client Specific Implementation Specification for Conventional BIOS 1.21)
const ( EFIEventBase EventType = 0x80000000 EFIVariableDriverConfig EventType = 0x80000001 EFIVariableBoot EventType = 0x80000002 EFIBootServicesApplication EventType = 0x80000003 EFIBootServicesDriver EventType = 0x80000004 EFIRuntimeServicesDriver EventType = 0x80000005 EFIGPTEvent EventType = 0x80000006 EFIAction EventType = 0x80000007 EFIPlatformFirmwareBlob EventType = 0x80000008 EFIHandoffTables EventType = 0x80000009 EFIHCRTMEvent EventType = 0x80000010 EFIVariableAuthority EventType = 0x800000e0 )
EFI Events (TCG EFI Platform Specification Version 1.22)
func UntrustedParseEventType ¶
UntrustedParseEventType returns the event type indicated by the provided value.
type TaggedEventData ¶ added in v0.2.1
TaggedEventData represents the TCG_PCClientTaggedEventStruct structure, as defined by 11.3.2.1 in the "TCG PC Client Specific Implementation Specification for Conventional BIOS", version 1.21.
func ParseTaggedEventData ¶ added in v0.2.1
func ParseTaggedEventData(d []byte) (*TaggedEventData, error)
ParseTaggedEventData parses a TCG_PCClientTaggedEventStruct structure.
type UEFIVariableAuthority ¶
type UEFIVariableAuthority struct {
Certs []x509.Certificate
}
UEFIVariableAuthority describes the contents of a UEFI variable authority event.
func ParseUEFIVariableAuthority ¶
func ParseUEFIVariableAuthority(r io.Reader) (UEFIVariableAuthority, error)
ParseUEFIVariableAuthority parses the data section of an event structured as a UEFI variable authority.
https://uefi.org/sites/default/files/resources/UEFI_Spec_2_8_final.pdf#page=1789
type UEFIVariableData ¶
type UEFIVariableData struct {
Header UEFIVariableDataHeader
UnicodeName []uint16
VariableData []byte // []int8
}
UEFIVariableData represents the UEFI_VARIABLE_DATA structure.
func ParseUEFIVariableData ¶
func ParseUEFIVariableData(r io.Reader) (ret UEFIVariableData, err error)
ParseUEFIVariableData parses the data section of an event structured as a UEFI variable.
func (*UEFIVariableData) SignatureData ¶
func (v *UEFIVariableData) SignatureData() (certs []x509.Certificate, hashes [][]byte, err error)
func (*UEFIVariableData) VarName ¶
func (v *UEFIVariableData) VarName() string
type UEFIVariableDataHeader ¶
type UEFIVariableDataHeader struct {
VariableName efiGUID
UnicodeNameLength uint64 // uintN
VariableDataLength uint64 // uintN
}
UEFIVariableDataHeader represents the leading fixed-size fields within UEFI_VARIABLE_DATA.
Source Files