#include <Kms.h>
Detailed Description
The Key Management Service (KMS) protocol provides services to generate, store, retrieve, and manage cryptographic keys.
Member Data Documentation
◆ AddKey
| EFI_KMS_ADD_KEY _EFI_KMS_PROTOCOL::AddKey |
Add a local key to KMS database. If there is an existing key with this key identifier in the KMS database, it will be replaced with the new key.
◆ AddKeyAttributes
| EFI_KMS_ADD_KEY_ATTRIBUTES _EFI_KMS_PROTOCOL::AddKeyAttributes |
Add attributes to an existing key in the KMS database.
◆ ClientDataMaxSize
| UINTN _EFI_KMS_PROTOCOL::ClientDataMaxSize |
The maximum size in bytes for the client data. If the maximum data size is not specified by the KMS or it is not known, then this field must be filled with all ones.
◆ ClientDataSupported
| BOOLEAN _EFI_KMS_PROTOCOL::ClientDataSupported |
TRUE if and only if the service supports arbitrary client data requests. The use of client data requires the caller to have specific knowledge of the individual KMS service and should be used only if absolutely necessary. FALSE otherwise.
◆ ClientIdMaxSize
| UINT16 _EFI_KMS_PROTOCOL::ClientIdMaxSize |
The maximum size in bytes for the client identifier.
◆ ClientIdRequired
| BOOLEAN _EFI_KMS_PROTOCOL::ClientIdRequired |
TRUE if and only if the service requires a client identifier in order to process key requests. FALSE otherwise.
◆ ClientIdSupported
| BOOLEAN _EFI_KMS_PROTOCOL::ClientIdSupported |
TRUE if and only if the service supports client identifiers. Client identifiers may be used for auditing, access control or any other purpose specific to the implementation.
◆ ClientNameMaxCount
| UINT16 _EFI_KMS_PROTOCOL::ClientNameMaxCount |
The maximum number of characters allowed for the client name.
◆ ClientNameRequired
| BOOLEAN _EFI_KMS_PROTOCOL::ClientNameRequired |
TRUE if only if the KMS requires a client name to be supplied to the service. FALSE otherwise.
◆ ClientNameStringTypes
| UINT8 _EFI_KMS_PROTOCOL::ClientNameStringTypes |
The client name string type(s) supported by the KMS service. If client names are not supported, this field will be set the EFI_KMS_DATA_TYPE_NONE. Otherwise, it will be set to the inclusive 'OR' of all client name formats supported. Client names may be used for auditing, access control or any other purpose specific to the implementation.
◆ CreateKey
| EFI_KMS_CREATE_KEY _EFI_KMS_PROTOCOL::CreateKey |
Request the generation of a new key and retrieve it.
◆ DeleteKey
| EFI_KMS_DELETE_KEY _EFI_KMS_PROTOCOL::DeleteKey |
Delete an existing key from the KMS database.
◆ DeleteKeyAttributes
| EFI_KMS_DELETE_KEY_ATTRIBUTES _EFI_KMS_PROTOCOL::DeleteKeyAttributes |
Delete attributes for an existing key in the KMS database.
◆ GetKey
| EFI_KMS_GET_KEY _EFI_KMS_PROTOCOL::GetKey |
Retrieve an existing key.
◆ GetKeyAttributes
| EFI_KMS_GET_KEY_ATTRIBUTES _EFI_KMS_PROTOCOL::GetKeyAttributes |
Get attributes for an existing key in the KMS database.
◆ GetKeyByAttributes
| EFI_KMS_GET_KEY_BY_ATTRIBUTES _EFI_KMS_PROTOCOL::GetKeyByAttributes |
Get existing key(s) with the specified attributes.
◆ GetServiceStatus
| EFI_KMS_GET_SERVICE_STATUS _EFI_KMS_PROTOCOL::GetServiceStatus |
Get the current status of the key management service. If the implementation has not yet connected to the KMS, then a call to this function will initiate a connection. This is the only function that is valid for use prior to the service being marked available.
◆ KeyAttributeIdMaxCount
| UINT16 _EFI_KMS_PROTOCOL::KeyAttributeIdMaxCount |
◆ KeyAttributeIdStringTypes
| UINT8 _EFI_KMS_PROTOCOL::KeyAttributeIdStringTypes |
The key attribute identifier string type(s) supported by the KMS service. If key attributes are not supported, this field will be set to EFI_KMS_DATA_TYPE_NONE. Otherwise, it will be set to the inclusive 'OR' of all key attribute identifier string types supported. EFI_KMS_DATA_TYPE_BINARY is not valid for this field.
◆ KeyAttributes
| EFI_KMS_KEY_ATTRIBUTE* _EFI_KMS_PROTOCOL::KeyAttributes |
A pointer to an array of KeyAttributes structures which contains the predefined attributes supported by this KMS. Each structure must contain a valid key attribute identifier and should provide any other information as appropriate for the attribute, including a default value if one exists. This variable must be set to NULL if the KeyAttributesCount variable is zero. It must point to a valid buffer if the KeyAttributesCount variable is non-zero. This list of predefined attributes is not required to be exhaustive, and the KMS may provide additional predefined attributes not enumerated in this list. The implementation does not distinguish between predefined and used defined attributes, and therefore, predefined attributes not enumerated will still be processed to the KMS.
◆ KeyAttributesCount
| UINTN _EFI_KMS_PROTOCOL::KeyAttributesCount |
The number of predefined KeyAttributes structures returned in the KeyAttributes parameter. If the KMS does not support predefined key attributes, or if it does not provide a method to obtain predefined key attributes data, then this field must be zero.
◆ KeyAttributesSupported
| BOOLEAN _EFI_KMS_PROTOCOL::KeyAttributesSupported |
TRUE if key attributes are supported. FALSE if key attributes are not supported.
◆ KeyFormats
| EFI_GUID* _EFI_KMS_PROTOCOL::KeyFormats |
A pointer to an array of EFI_GUID values which specify key formats/sizes supported by this KMS. Each format/size pair will be specified by a separate EFI_GUID. At least one key format/size must be supported. All formats/sizes with the same hashing algorithm must be contiguous in the array, and for each hashing algorithm, the key sizes must be in ascending order. See "Related Definitions" for GUIDs which identify supported key formats/sizes. This list of GUIDs supported by the KMS is not required to be exhaustive, and the KMS may provide support for additional key formats/sizes. Users may request key information using an arbitrary GUID, but any GUID not recognized by the implementation or not supported by the KMS will return an error code of EFI_UNSUPPORTED
◆ KeyFormatsCount
| UINTN _EFI_KMS_PROTOCOL::KeyFormatsCount |
The number of key format/size GUIDs returned in the KeyFormats field.
◆ KeyIdMaxSize
| UINTN _EFI_KMS_PROTOCOL::KeyIdMaxSize |
If KeyIdVariableLenSupported is TRUE, this is the maximum supported key identifier length in bytes. Otherwise this is the fixed length of key identifier supported. Key ids shorter than the fixed length will be padded on the right with blanks.
◆ KeyIdVariableLenSupported
| BOOLEAN _EFI_KMS_PROTOCOL::KeyIdVariableLenSupported |
TRUE if variable length key identifiers are supported. FALSE if a fixed length key identifier is supported.
◆ ProtocolVersion
| UINT32 _EFI_KMS_PROTOCOL::ProtocolVersion |
The version of this EFI_KMS_PROTOCOL structure. This must be set to 0x00020040 for the initial version of this protocol.
◆ RegisterClient
| EFI_KMS_REGISTER_CLIENT _EFI_KMS_PROTOCOL::RegisterClient |
Register a specific client with the KMS.
◆ ServiceAvailable
| BOOLEAN _EFI_KMS_PROTOCOL::ServiceAvailable |
TRUE if and only if the service is active and available for use. To avoid unnecessary delays in POST, this protocol may be installed without connecting to the service. In this case, the first call to the GetServiceStatus () function will cause the implementation to connect to the supported service and mark it as available. The capabilities of this service as defined in the reminder of this protocol are not guaranteed to be valid until the service has been marked available.
◆ ServiceId
| EFI_GUID _EFI_KMS_PROTOCOL::ServiceId |
◆ ServiceName
| CHAR16* _EFI_KMS_PROTOCOL::ServiceName |
Optional pointer to a unicode string which may be used to identify the KMS or provide other information about the supplier.
◆ ServiceVersion
| UINT32 _EFI_KMS_PROTOCOL::ServiceVersion |
Optional 32-bit value which may be used to indicate the version of the KMS provided by the supplier.
The documentation for this struct was generated from the following file:
- XenevaOS/Boot/include/Protocol/Kms.h
