Edit

Share via


UEFI CSP

The table below shows the applicability of Windows:

The UEFI Configuration Service Provider (CSP) interfaces to UEFI's Device Firmware Configuration Interface (DFCI) to make BIOS configuration changes. This CSP was added in Windows 10, version 1809.

Edition Windows 10 Windows 11
Home No No
Pro Yes Yes
Windows SE No Yes
Business Yes Yes
Enterprise Yes Yes
Education Yes Yes

Note

The UEFI CSP version published in Windows 10, version 1803 is replaced with this one (version 1809).

Note

The production UEFI CSP is present in 1809, but it depends upon the Device Firmware Configuration Interface (DFCI) and UEFI firmware to comply with this interface.

The following shows the UEFI CSP in tree format.

./Vendor/MSFT
Uefi
----DeviceIdentifier
----Identity
--------Current
--------Apply
--------Result
----Permissions
--------Current
--------Apply
--------Result
----Settings
--------Current
--------Apply
--------Result
----Identity2
--------Apply
--------Result
----Permissions2
--------Apply
--------Result
----Settings2
--------Apply
--------Result

The following list describes the characteristics and parameters.

./Vendor/MSFT/UEFI Root node.

DeviceIdentifier Retrieves XML from UEFI that describes the device identifier.

Supported operation is Get.

Identity Node for identity certificate operations.

Supported operation is Get.

Identity/Current Retrieves XML from UEFI that describes the current UEFI identity certificate information.

Supported operation is Get.

Identity/Apply Applies an identity information package to UEFI. Input is the signed package in base64 encoded format.

Value type is Base64. Supported operation is Replace.

Identity/Result Retrieves the binary result package of the previous Identity/Apply operation.

Supported operation is Get.

Permissions Node for settings permission operations.

Permissions/Current Retrieves XML from UEFI that describes the current UEFI settings permissions.

Supported operation is Get.

Permissions/Apply Apply a permissions information package to UEFI. Input is the signed package in base64 encoded format.

Value type is Base64. Supported operation is Replace.

Permissions/Result Retrieves the binary result package of the previous Permissions/Apply operation. This binary package contains XML describing the action taken for each individual permission.

Supported operation is Get.

Settings Node for device settings operations.

Settings/Current Retrieves XML from UEFI that describes the current UEFI settings.

Supported operation is Get.

Settings/Apply Apply a settings information package to UEFI. Input is the signed package in base64 encoded format.

Value type is Base64. Supported operation is Replace.

Settings/Result Retrieves the binary result package of the previous Settings/Apply operation. This binary package contains XML describing the action taken for each individual setting.

Supported operation is Get.

Identity2 Node for identity certificate operations. Alternate endpoint for sending a second identity package without an OS restart.

Identity2/Apply Apply an identity information package to UEFI. Input is the signed package in base64 encoded format. Alternate location for sending two identity packages in the same session.

Value type is Base64. Supported operation is Replace.

Identity2/Result Retrieves the binary result package of the previous Identity2/Apply operation.

Supported operation is Get.

Permissions2 Node for settings permission operations. Alternate endpoint for sending a second permission package without an OS restart.

Permissions2/Apply Apply a permissions information package to UEFI. Input is the signed package in base64 encoded format. Alternate location for sending two permissions information packages in the same session.

Value type is Base64. Supported operation is Replace.

Permissions2/Result Retrieves the binary result package from the previous Permissions2/Apply operation. This binary package contains XML describing the action taken for each individual permission.

Supported operation is Get.

Settings2 Node for device settings operations. Alternate endpoint for sending a second settings package without an OS restart.

Settings2/Apply Apply a settings information package to UEFI. Input is the signed package in base64 encoded format. Alternate location for sending two settings information packages in the same session.

Value type is Base64. Supported operation is Replace.

Settings2/Result Retrieves the binary result package of previous Settings2/Apply operation. This binary package contains XML describing the action taken for each individual setting.

Supported operation is Get.

UEFI DDF file