[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / RuntimeDxe / AuthService.h

/** @file\r
  The internal header file includes the common header files, defines\r
  internal structure and functions used by AuthService module.\r
\r
  Caution: This module requires additional review when modified.\r
  This driver will have external input - variable data. It may be input in SMM mode.\r
  This external input must be validated carefully to avoid security issue like\r
  buffer overflow, integer overflow.\r
  Variable attribute should also be checked to avoid authentication bypass.\r
     The whole SMM authentication variable design relies on the integrity of flash part and SMM.\r
  which is assumed to be protected by platform.  All variable code and metadata in flash/SMM Memory\r
  may not be modified without authorization. If platform fails to protect these resources, \r
  the authentication service provided in this driver will be broken, and the behavior is undefined.\r
\r
Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution.  The full text of the license may be found at\r
http://opensource.org/licenses/bsd-license.php\r
\r
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
#ifndef _AUTHSERVICE_H_\r
#define _AUTHSERVICE_H_\r
\r
#define EFI_CERT_TYPE_RSA2048_SHA256_SIZE 256\r
#define EFI_CERT_TYPE_RSA2048_SIZE        256\r
\r
///\r
/// Size of AuthInfo prior to the data payload.\r
///\r
#define AUTHINFO_SIZE ((OFFSET_OF (EFI_VARIABLE_AUTHENTICATION, AuthInfo)) + \\r
                       (OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)) + \\r
                       sizeof (EFI_CERT_BLOCK_RSA_2048_SHA256))\r
\r
#define AUTHINFO2_SIZE(VarAuth2) ((OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo)) + \\r
                                  (UINTN) ((EFI_VARIABLE_AUTHENTICATION_2 *) (VarAuth2))->AuthInfo.Hdr.dwLength)\r
\r
#define OFFSET_OF_AUTHINFO2_CERT_DATA ((OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo)) + \\r
                                       (OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)))\r
\r
///\r
/// "AuthVarKeyDatabase" variable for the Public Key store.\r
///\r
#define AUTHVAR_KEYDB_NAME      L"AuthVarKeyDatabase"\r
\r
///\r
/// "certdb" variable stores the signer's certificates for non PK/KEK/DB/DBX\r
/// variables with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.\r
/// \r
///\r
#define EFI_CERT_DB_NAME        L"certdb"\r
\r
///\r
/// Struct to record signature requirement defined by UEFI spec.\r
/// For SigHeaderSize and SigDataSize, ((UINT32) ~0) means NO exact length requirement for this field.\r
///\r
typedef struct {\r
  EFI_GUID    SigType;\r
  // Expected SignatureHeader size in Bytes.\r
  UINT32      SigHeaderSize;\r
  // Expected SignatureData size in Bytes.\r
  UINT32      SigDataSize;\r
} EFI_SIGNATURE_ITEM;\r
\r
typedef enum {\r
  AuthVarTypePk,\r
  AuthVarTypeKek,\r
  AuthVarTypePriv,\r
  AuthVarTypePayload\r
} AUTHVAR_TYPE;\r
\r
#pragma pack(1)\r
typedef struct {\r
  EFI_GUID    VendorGuid;\r
  UINT32      CertNodeSize;\r
  UINT32      NameSize;\r
  UINT32      CertDataSize;\r
  /// CHAR16  VariableName[NameSize];\r
  /// UINT8   CertData[CertDataSize];\r
} AUTH_CERT_DB_DATA;\r
#pragma pack()\r
\r
/**\r
  Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS/EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.\r
\r
  Caution: This function may receive untrusted input.\r
  This function may be invoked in SMM mode, and datasize and data are external input.\r
  This function will do basic validation, before parse the data.\r
  This function will parse the authentication carefully to avoid security issues, like\r
  buffer overflow, integer overflow.\r
  This function will check attribute carefully to avoid authentication bypass.\r
\r
  @param[in]  VariableName                Name of Variable to be found.\r
  @param[in]  VendorGuid                  Variable vendor GUID.\r
\r
  @param[in]  Data                        Data pointer.\r
  @param[in]  DataSize                    Size of Data found. If size is less than the\r
                                          data, this value contains the required size.\r
  @param[in]  Variable                    The variable information which is used to keep track of variable usage.\r
  @param[in]  Attributes                  Attribute value of the variable.\r
\r
  @return EFI_INVALID_PARAMETER           Invalid parameter\r
  @return EFI_WRITE_PROTECTED             Variable is write-protected and needs authentication with\r
                                          EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.\r
  @return EFI_SECURITY_VIOLATION          The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS\r
                                          set, but the AuthInfo does NOT pass the validation\r
                                          check carried out by the firmware.\r
  @return EFI_SUCCESS                     Variable is not write-protected, or passed validation successfully.\r
\r
**/\r
EFI_STATUS\r
ProcessVariable (\r
  IN     CHAR16                             *VariableName,\r
  IN     EFI_GUID                           *VendorGuid,\r
  IN     VOID                               *Data,\r
  IN     UINTN                              DataSize,\r
  IN     VARIABLE_POINTER_TRACK             *Variable,\r
  IN     UINT32                             Attributes\r
  );\r
\r
/**\r
  Update platform mode.\r
\r
  @param[in]      Mode                    SETUP_MODE or USER_MODE.\r
\r
  @return EFI_INVALID_PARAMETER           Invalid parameter.\r
  @return EFI_SUCCESS                     Update platform mode successfully.\r
\r
**/\r
EFI_STATUS\r
UpdatePlatformMode (\r
  IN  UINT32                    Mode\r
  );\r
\r
/**\r
  Initializes for authenticated varibale service.\r
\r
  @param[in] MaxAuthVariableSize    Reflect the overhead associated with the saving\r
                                    of a single EFI authenticated variable with the exception\r
                                    of the overhead associated with the length\r
                                    of the string name of the EFI variable.\r
\r
  @retval EFI_SUCCESS           Function successfully executed.\r
  @retval EFI_OUT_OF_RESOURCES  Fail to allocate enough memory resources.\r
\r
**/\r
EFI_STATUS\r
AutenticatedVariableServiceInitialize (\r
  IN UINTN      MaxAuthVariableSize\r
  );\r
\r
/**\r
  Initializes for cryptlib service before use, include register algrithm and allocate scratch.\r
\r
**/\r
VOID\r
CryptLibraryInitialize (\r
  VOID\r
  );\r
\r
/**\r
  Check input data form to make sure it is a valid EFI_SIGNATURE_LIST for PK/KEK variable.\r
\r
  @param[in]  VariableName                Name of Variable to be check.\r
  @param[in]  VendorGuid                  Variable vendor GUID.\r
  @param[in]  Data                        Point to the variable data to be checked.\r
  @param[in]  DataSize                    Size of Data.\r
\r
  @return EFI_INVALID_PARAMETER           Invalid signature list format.\r
  @return EFI_SUCCESS                     Passed signature list format check successfully.\r
  \r
**/\r
EFI_STATUS\r
CheckSignatureListFormat(\r
  IN  CHAR16                    *VariableName,\r
  IN  EFI_GUID                  *VendorGuid,\r
  IN  VOID                      *Data,\r
  IN  UINTN                     DataSize\r
  );\r
\r
/**\r
  Process variable with platform key for verification.\r
\r
  Caution: This function may receive untrusted input.\r
  This function may be invoked in SMM mode, and datasize and data are external input.\r
  This function will do basic validation, before parse the data.\r
  This function will parse the authentication carefully to avoid security issues, like\r
  buffer overflow, integer overflow.\r
  This function will check attribute carefully to avoid authentication bypass.\r
\r
  @param[in]  VariableName                Name of Variable to be found.\r
  @param[in]  VendorGuid                  Variable vendor GUID.\r
  @param[in]  Data                        Data pointer.\r
  @param[in]  DataSize                    Size of Data found. If size is less than the\r
                                          data, this value contains the required size.\r
  @param[in]  Variable                    The variable information which is used to keep track of variable usage.\r
  @param[in]  Attributes                  Attribute value of the variable.\r
  @param[in]  IsPk                        Indicate whether it is to process pk.\r
\r
  @return EFI_INVALID_PARAMETER           Invalid parameter\r
  @return EFI_SECURITY_VIOLATION          The variable does NOT pass the validation\r
                                          check carried out by the firmware.\r
  @return EFI_SUCCESS                     Variable passed validation successfully.\r
\r
**/\r
EFI_STATUS\r
ProcessVarWithPk (\r
  IN  CHAR16                    *VariableName,\r
  IN  EFI_GUID                  *VendorGuid,\r
  IN  VOID                      *Data,\r
  IN  UINTN                     DataSize,\r
  IN  VARIABLE_POINTER_TRACK    *Variable,\r
  IN  UINT32                    Attributes OPTIONAL,\r
  IN  BOOLEAN                   IsPk\r
  );\r
\r
/**\r
  Process variable with key exchange key for verification.\r
\r
  Caution: This function may receive untrusted input.\r
  This function may be invoked in SMM mode, and datasize and data are external input.\r
  This function will do basic validation, before parse the data.\r
  This function will parse the authentication carefully to avoid security issues, like\r
  buffer overflow, integer overflow.\r
  This function will check attribute carefully to avoid authentication bypass.\r
\r
  @param[in]  VariableName                Name of Variable to be found.\r
  @param[in]  VendorGuid                  Variable vendor GUID.\r
  @param[in]  Data                        Data pointer.\r
  @param[in]  DataSize                    Size of Data found. If size is less than the\r
                                          data, this value contains the required size.\r
  @param[in]  Variable                    The variable information that is used to keep track of variable usage.\r
  @param[in]  Attributes                  Attribute value of the variable.\r
\r
  @return EFI_INVALID_PARAMETER           Invalid parameter.\r
  @return EFI_SECURITY_VIOLATION          The variable does NOT pass the validation\r
                                          check carried out by the firmware.\r
  @return EFI_SUCCESS                     Variable passed validation successfully.\r
\r
**/\r
EFI_STATUS\r
ProcessVarWithKek (\r
  IN  CHAR16                    *VariableName,\r
  IN  EFI_GUID                  *VendorGuid,\r
  IN  VOID                      *Data,\r
  IN  UINTN                     DataSize,\r
  IN  VARIABLE_POINTER_TRACK    *Variable,\r
  IN  UINT32                    Attributes OPTIONAL\r
  );\r
\r
/**\r
  Merge two buffers which formatted as EFI_SIGNATURE_LIST. Only the new EFI_SIGNATURE_DATA\r
  will be appended to the original EFI_SIGNATURE_LIST, duplicate EFI_SIGNATURE_DATA\r
  will be ignored.\r
\r
  @param[in, out]  Data             Pointer to original EFI_SIGNATURE_LIST.\r
  @param[in]       DataSize         Size of Data buffer.\r
  @param[in]       FreeBufSize      Size of free data buffer \r
  @param[in]       NewData          Pointer to new EFI_SIGNATURE_LIST to be appended.\r
  @param[in]       NewDataSize      Size of NewData buffer.\r
  @param[out]      MergedBufSize    Size of the merged buffer\r
\r
  @return EFI_BUFFER_TOO_SMALL if input Data buffer overflowed\r
\r
**/\r
EFI_STATUS\r
AppendSignatureList (\r
  IN  OUT VOID            *Data,\r
  IN  UINTN               DataSize,\r
  IN  UINTN               FreeBufSize,\r
  IN  VOID                *NewData,\r
  IN  UINTN               NewDataSize,\r
  OUT UINTN               *MergedBufSize\r
  );\r
\r
/**\r
  Compare two EFI_TIME data.\r
\r
\r
  @param FirstTime           A pointer to the first EFI_TIME data.\r
  @param SecondTime          A pointer to the second EFI_TIME data.\r
\r
  @retval  TRUE              The FirstTime is not later than the SecondTime.\r
  @retval  FALSE             The FirstTime is later than the SecondTime.\r
\r
**/\r
BOOLEAN\r
CompareTimeStamp (\r
  IN EFI_TIME               *FirstTime,\r
  IN EFI_TIME               *SecondTime\r
  );\r
\r
/**\r
  Delete matching signer's certificates when deleting common authenticated\r
  variable by corresponding VariableName and VendorGuid from "certdb".\r
\r
  @param[in]  VariableName   Name of authenticated Variable.\r
  @param[in]  VendorGuid     Vendor GUID of authenticated Variable.\r
\r
  @retval  EFI_INVALID_PARAMETER Any input parameter is invalid.\r
  @retval  EFI_NOT_FOUND         Fail to find "certdb" or matching certs.\r
  @retval  EFI_OUT_OF_RESOURCES  The operation is failed due to lack of resources.\r
  @retval  EFI_SUCCESS           The operation is completed successfully.\r
\r
**/\r
EFI_STATUS\r
DeleteCertsFromDb (\r
  IN     CHAR16           *VariableName,\r
  IN     EFI_GUID         *VendorGuid\r
  );\r
\r
/**\r
  Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set\r
\r
  Caution: This function may receive untrusted input.\r
  This function may be invoked in SMM mode, and datasize and data are external input.\r
  This function will do basic validation, before parse the data.\r
  This function will parse the authentication carefully to avoid security issues, like\r
  buffer overflow, integer overflow.\r
\r
  @param[in]  VariableName                Name of Variable to be found.\r
  @param[in]  VendorGuid                  Variable vendor GUID.\r
  @param[in]  Data                        Data pointer.\r
  @param[in]  DataSize                    Size of Data found. If size is less than the\r
                                          data, this value contains the required size.\r
  @param[in]  Variable                    The variable information which is used to keep track of variable usage.\r
  @param[in]  Attributes                  Attribute value of the variable.\r
  @param[in]  AuthVarType                 Verify against PK or KEK database or private database.\r
  @param[out] VarDel                      Delete the variable or not.\r
\r
  @retval EFI_INVALID_PARAMETER           Invalid parameter.\r
  @retval EFI_SECURITY_VIOLATION          The variable does NOT pass the validation\r
                                          check carried out by the firmware.\r
  @retval EFI_OUT_OF_RESOURCES            Failed to process variable due to lack\r
                                          of resources.\r
  @retval EFI_SUCCESS                     Variable pass validation successfully.\r
\r
**/\r
EFI_STATUS\r
VerifyTimeBasedPayload (\r
  IN     CHAR16                             *VariableName,\r
  IN     EFI_GUID                           *VendorGuid,\r
  IN     VOID                               *Data,\r
  IN     UINTN                              DataSize,\r
  IN     VARIABLE_POINTER_TRACK             *Variable,\r
  IN     UINT32                             Attributes,\r
  IN     AUTHVAR_TYPE                       AuthVarType,\r
  OUT    BOOLEAN                            *VarDel\r
  );\r
\r
extern UINT8  *mPubKeyStore;\r
extern UINT8  *mCertDbStore;\r
extern UINT32 mPubKeyNumber;\r
extern VOID   *mHashCtx;\r
\r
#endif\r
Commit	Line	Data
0c18794e	1	/** @file\r
	2	The internal header file includes the common header files, defines\r
	3	internal structure and functions used by AuthService module.\r
	4	\r
36bdec3c CZ	5	Caution: This module requires additional review when modified.\r
	6	This driver will have external input - variable data. It may be input in SMM mode.\r
	7	This external input must be validated carefully to avoid security issue like\r
	8	buffer overflow, integer overflow.\r
	9	Variable attribute should also be checked to avoid authentication bypass.\r
	10	The whole SMM authentication variable design relies on the integrity of flash part and SMM.\r
	11	which is assumed to be protected by platform. All variable code and metadata in flash/SMM Memory\r
	12	may not be modified without authorization. If platform fails to protect these resources, \r
	13	the authentication service provided in this driver will be broken, and the behavior is undefined.\r
	14	\r
f6c50319	15	Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>\r
2d3fb919	16	This program and the accompanying materials\r
	17	are licensed and made available under the terms and conditions of the BSD License\r
	18	which accompanies this distribution. The full text of the license may be found at\r
0c18794e	19	http://opensource.org/licenses/bsd-license.php\r
0c18794e	20	\r
2d3fb919	21	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
0c18794e	22	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	23	\r
	24	**/\r
	25	\r
	26	#ifndef _AUTHSERVICE_H_\r
	27	#define _AUTHSERVICE_H_\r
	28	\r
	29	#define EFI_CERT_TYPE_RSA2048_SHA256_SIZE 256\r
	30	#define EFI_CERT_TYPE_RSA2048_SIZE 256\r
	31	\r
	32	///\r
2d3fb919	33	/// Size of AuthInfo prior to the data payload.\r
0c18794e	34	///\r
2d3fb919	35	#define AUTHINFO_SIZE ((OFFSET_OF (EFI_VARIABLE_AUTHENTICATION, AuthInfo)) + \\r
	36	(OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)) + \\r
	37	sizeof (EFI_CERT_BLOCK_RSA_2048_SHA256))\r
	38	\r
	39	#define AUTHINFO2_SIZE(VarAuth2) ((OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo)) + \\r
	40	(UINTN) ((EFI_VARIABLE_AUTHENTICATION_2 *) (VarAuth2))->AuthInfo.Hdr.dwLength)\r
	41	\r
	42	#define OFFSET_OF_AUTHINFO2_CERT_DATA ((OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo)) + \\r
	43	(OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)))\r
0c18794e	44	\r
	45	///\r
	46	/// "AuthVarKeyDatabase" variable for the Public Key store.\r
	47	///\r
	48	#define AUTHVAR_KEYDB_NAME L"AuthVarKeyDatabase"\r
0c18794e	49	\r
f6e23353	50	///\r
	51	/// "certdb" variable stores the signer's certificates for non PK/KEK/DB/DBX\r
	52	/// variables with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.\r
	53	/// \r
	54	///\r
	55	#define EFI_CERT_DB_NAME L"certdb"\r
f6e23353	56	\r
d912bad7	57	///\r
	58	/// Struct to record signature requirement defined by UEFI spec.\r
	59	/// For SigHeaderSize and SigDataSize, ((UINT32) ~0) means NO exact length requirement for this field.\r
	60	///\r
	61	typedef struct {\r
	62	EFI_GUID SigType;\r
	63	// Expected SignatureHeader size in Bytes.\r
	64	UINT32 SigHeaderSize;\r
	65	// Expected SignatureData size in Bytes.\r
	66	UINT32 SigDataSize;\r
	67	} EFI_SIGNATURE_ITEM;\r
0c18794e	68	\r
ed47ae02	69	typedef enum {\r
	70	AuthVarTypePk,\r
	71	AuthVarTypeKek,\r
785d84ea	72	AuthVarTypePriv,\r
785d84ea	73	AuthVarTypePayload\r
ed47ae02	74	} AUTHVAR_TYPE;\r
	75	\r
	76	#pragma pack(1)\r
	77	typedef struct {\r
	78	EFI_GUID VendorGuid;\r
	79	UINT32 CertNodeSize;\r
	80	UINT32 NameSize;\r
	81	UINT32 CertDataSize;\r
	82	/// CHAR16 VariableName[NameSize];\r
	83	/// UINT8 CertData[CertDataSize];\r
	84	} AUTH_CERT_DB_DATA;\r
	85	#pragma pack()\r
	86	\r
0c18794e	87	/**\r
	88	Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS/EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.\r
	89	\r
dc204d5a JY	90	Caution: This function may receive untrusted input.\r
	91	This function may be invoked in SMM mode, and datasize and data are external input.\r
	92	This function will do basic validation, before parse the data.\r
	93	This function will parse the authentication carefully to avoid security issues, like\r
	94	buffer overflow, integer overflow.\r
	95	This function will check attribute carefully to avoid authentication bypass.\r
	96	\r
0c18794e	97	@param[in] VariableName Name of Variable to be found.\r
	98	@param[in] VendorGuid Variable vendor GUID.\r
	99	\r
	100	@param[in] Data Data pointer.\r
	101	@param[in] DataSize Size of Data found. If size is less than the\r
	102	data, this value contains the required size.\r
	103	@param[in] Variable The variable information which is used to keep track of variable usage.\r
	104	@param[in] Attributes Attribute value of the variable.\r
	105	\r
	106	@return EFI_INVALID_PARAMETER Invalid parameter\r
	107	@return EFI_WRITE_PROTECTED Variable is write-protected and needs authentication with\r
	108	EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.\r
	109	@return EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS\r
2d3fb919	110	set, but the AuthInfo does NOT pass the validation\r
2d3fb919	111	check carried out by the firmware.\r
0c18794e	112	@return EFI_SUCCESS Variable is not write-protected, or passed validation successfully.\r
	113	\r
	114	**/\r
	115	EFI_STATUS\r
	116	ProcessVariable (\r
	117	IN CHAR16 *VariableName,\r
	118	IN EFI_GUID *VendorGuid,\r
	119	IN VOID *Data,\r
	120	IN UINTN DataSize,\r
	121	IN VARIABLE_POINTER_TRACK *Variable,\r
	122	IN UINT32 Attributes\r
	123	);\r
	124	\r
2d3fb919	125	/**\r
	126	Update platform mode.\r
	127	\r
	128	@param[in] Mode SETUP_MODE or USER_MODE.\r
	129	\r
	130	@return EFI_INVALID_PARAMETER Invalid parameter.\r
	131	@return EFI_SUCCESS Update platform mode successfully.\r
	132	\r
	133	**/\r
	134	EFI_STATUS\r
	135	UpdatePlatformMode (\r
	136	IN UINT32 Mode\r
	137	);\r
	138	\r
0c18794e	139	/**\r
	140	Initializes for authenticated varibale service.\r
	141	\r
13af4ab0 SZ	142	@param[in] MaxAuthVariableSize Reflect the overhead associated with the saving\r
	143	of a single EFI authenticated variable with the exception\r
	144	of the overhead associated with the length\r
	145	of the string name of the EFI variable.\r
	146	\r
0c18794e	147	@retval EFI_SUCCESS Function successfully executed.\r
13af4ab0	148	@retval EFI_OUT_OF_RESOURCES Fail to allocate enough memory resources.\r
0c18794e	149	\r
	150	**/\r
	151	EFI_STATUS\r
	152	AutenticatedVariableServiceInitialize (\r
13af4ab0	153	IN UINTN MaxAuthVariableSize\r
0c18794e	154	);\r
	155	\r
	156	/**\r
	157	Initializes for cryptlib service before use, include register algrithm and allocate scratch.\r
	158	\r
	159	**/\r
	160	VOID\r
	161	CryptLibraryInitialize (\r
	162	VOID\r
	163	);\r
	164	\r
d912bad7	165	/**\r
	166	Check input data form to make sure it is a valid EFI_SIGNATURE_LIST for PK/KEK variable.\r
	167	\r
	168	@param[in] VariableName Name of Variable to be check.\r
	169	@param[in] VendorGuid Variable vendor GUID.\r
	170	@param[in] Data Point to the variable data to be checked.\r
	171	@param[in] DataSize Size of Data.\r
	172	\r
	173	@return EFI_INVALID_PARAMETER Invalid signature list format.\r
	174	@return EFI_SUCCESS Passed signature list format check successfully.\r
	175	\r
	176	**/\r
	177	EFI_STATUS\r
	178	CheckSignatureListFormat(\r
	179	IN CHAR16 *VariableName,\r
	180	IN EFI_GUID *VendorGuid,\r
	181	IN VOID *Data,\r
	182	IN UINTN DataSize\r
	183	);\r
	184	\r
0c18794e	185	/**\r
	186	Process variable with platform key for verification.\r
	187	\r
dc204d5a JY	188	Caution: This function may receive untrusted input.\r
	189	This function may be invoked in SMM mode, and datasize and data are external input.\r
	190	This function will do basic validation, before parse the data.\r
	191	This function will parse the authentication carefully to avoid security issues, like\r
	192	buffer overflow, integer overflow.\r
	193	This function will check attribute carefully to avoid authentication bypass.\r
	194	\r
0c18794e	195	@param[in] VariableName Name of Variable to be found.\r
	196	@param[in] VendorGuid Variable vendor GUID.\r
	197	@param[in] Data Data pointer.\r
	198	@param[in] DataSize Size of Data found. If size is less than the\r
	199	data, this value contains the required size.\r
	200	@param[in] Variable The variable information which is used to keep track of variable usage.\r
	201	@param[in] Attributes Attribute value of the variable.\r
	202	@param[in] IsPk Indicate whether it is to process pk.\r
	203	\r
	204	@return EFI_INVALID_PARAMETER Invalid parameter\r
2d3fb919	205	@return EFI_SECURITY_VIOLATION The variable does NOT pass the validation\r
2d3fb919	206	check carried out by the firmware.\r
0c18794e	207	@return EFI_SUCCESS Variable passed validation successfully.\r
	208	\r
	209	**/\r
	210	EFI_STATUS\r
	211	ProcessVarWithPk (\r
	212	IN CHAR16 *VariableName,\r
	213	IN EFI_GUID *VendorGuid,\r
	214	IN VOID *Data,\r
	215	IN UINTN DataSize,\r
	216	IN VARIABLE_POINTER_TRACK *Variable,\r
	217	IN UINT32 Attributes OPTIONAL,\r
	218	IN BOOLEAN IsPk\r
	219	);\r
	220	\r
	221	/**\r
	222	Process variable with key exchange key for verification.\r
	223	\r
dc204d5a JY	224	Caution: This function may receive untrusted input.\r
	225	This function may be invoked in SMM mode, and datasize and data are external input.\r
	226	This function will do basic validation, before parse the data.\r
	227	This function will parse the authentication carefully to avoid security issues, like\r
	228	buffer overflow, integer overflow.\r
	229	This function will check attribute carefully to avoid authentication bypass.\r
	230	\r
0c18794e	231	@param[in] VariableName Name of Variable to be found.\r
	232	@param[in] VendorGuid Variable vendor GUID.\r
	233	@param[in] Data Data pointer.\r
	234	@param[in] DataSize Size of Data found. If size is less than the\r
	235	data, this value contains the required size.\r
	236	@param[in] Variable The variable information that is used to keep track of variable usage.\r
	237	@param[in] Attributes Attribute value of the variable.\r
	238	\r
	239	@return EFI_INVALID_PARAMETER Invalid parameter.\r
2d3fb919	240	@return EFI_SECURITY_VIOLATION The variable does NOT pass the validation\r
2d3fb919	241	check carried out by the firmware.\r
0c18794e	242	@return EFI_SUCCESS Variable passed validation successfully.\r
	243	\r
	244	**/\r
	245	EFI_STATUS\r
	246	ProcessVarWithKek (\r
	247	IN CHAR16 *VariableName,\r
	248	IN EFI_GUID *VendorGuid,\r
	249	IN VOID *Data,\r
	250	IN UINTN DataSize,\r
	251	IN VARIABLE_POINTER_TRACK *Variable,\r
	252	IN UINT32 Attributes OPTIONAL\r
	253	);\r
	254	\r
2d3fb919	255	/**\r
	256	Merge two buffers which formatted as EFI_SIGNATURE_LIST. Only the new EFI_SIGNATURE_DATA\r
	257	will be appended to the original EFI_SIGNATURE_LIST, duplicate EFI_SIGNATURE_DATA\r
	258	will be ignored.\r
	259	\r
732d199d	260	@param[in, out] Data Pointer to original EFI_SIGNATURE_LIST.\r
	261	@param[in] DataSize Size of Data buffer.\r
	262	@param[in] FreeBufSize Size of free data buffer \r
	263	@param[in] NewData Pointer to new EFI_SIGNATURE_LIST to be appended.\r
	264	@param[in] NewDataSize Size of NewData buffer.\r
	265	@param[out] MergedBufSize Size of the merged buffer\r
2d3fb919	266	\r
732d199d	267	@return EFI_BUFFER_TOO_SMALL if input Data buffer overflowed\r
2d3fb919	268	\r
2d3fb919	269	**/\r
732d199d	270	EFI_STATUS\r
2d3fb919	271	AppendSignatureList (\r
	272	IN OUT VOID *Data,\r
	273	IN UINTN DataSize,\r
732d199d	274	IN UINTN FreeBufSize,\r
2d3fb919	275	IN VOID *NewData,\r
732d199d	276	IN UINTN NewDataSize,\r
732d199d	277	OUT UINTN *MergedBufSize\r
2d3fb919	278	);\r
2d3fb919	279	\r
0c18794e	280	/**\r
	281	Compare two EFI_TIME data.\r
	282	\r
	283	\r
	284	@param FirstTime A pointer to the first EFI_TIME data.\r
	285	@param SecondTime A pointer to the second EFI_TIME data.\r
	286	\r
	287	@retval TRUE The FirstTime is not later than the SecondTime.\r
	288	@retval FALSE The FirstTime is later than the SecondTime.\r
	289	\r
	290	**/\r
	291	BOOLEAN\r
	292	CompareTimeStamp (\r
	293	IN EFI_TIME *FirstTime,\r
	294	IN EFI_TIME *SecondTime\r
	295	);\r
	296	\r
f6c50319 SZ	297	/**\r
	298	Delete matching signer's certificates when deleting common authenticated\r
	299	variable by corresponding VariableName and VendorGuid from "certdb".\r
	300	\r
	301	@param[in] VariableName Name of authenticated Variable.\r
	302	@param[in] VendorGuid Vendor GUID of authenticated Variable.\r
	303	\r
	304	@retval EFI_INVALID_PARAMETER Any input parameter is invalid.\r
	305	@retval EFI_NOT_FOUND Fail to find "certdb" or matching certs.\r
	306	@retval EFI_OUT_OF_RESOURCES The operation is failed due to lack of resources.\r
	307	@retval EFI_SUCCESS The operation is completed successfully.\r
	308	\r
	309	**/\r
	310	EFI_STATUS\r
	311	DeleteCertsFromDb (\r
	312	IN CHAR16 *VariableName,\r
	313	IN EFI_GUID *VendorGuid\r
	314	);\r
0c18794e	315	\r
	316	/**\r
	317	Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set\r
	318	\r
dc204d5a JY	319	Caution: This function may receive untrusted input.\r
	320	This function may be invoked in SMM mode, and datasize and data are external input.\r
	321	This function will do basic validation, before parse the data.\r
	322	This function will parse the authentication carefully to avoid security issues, like\r
	323	buffer overflow, integer overflow.\r
	324	\r
0c18794e	325	@param[in] VariableName Name of Variable to be found.\r
	326	@param[in] VendorGuid Variable vendor GUID.\r
	327	@param[in] Data Data pointer.\r
	328	@param[in] DataSize Size of Data found. If size is less than the\r
	329	data, this value contains the required size.\r
	330	@param[in] Variable The variable information which is used to keep track of variable usage.\r
	331	@param[in] Attributes Attribute value of the variable.\r
ed47ae02	332	@param[in] AuthVarType Verify against PK or KEK database or private database.\r
0c18794e	333	@param[out] VarDel Delete the variable or not.\r
	334	\r
	335	@retval EFI_INVALID_PARAMETER Invalid parameter.\r
2d3fb919	336	@retval EFI_SECURITY_VIOLATION The variable does NOT pass the validation\r
2d3fb919	337	check carried out by the firmware.\r
0c18794e	338	@retval EFI_OUT_OF_RESOURCES Failed to process variable due to lack\r
	339	of resources.\r
	340	@retval EFI_SUCCESS Variable pass validation successfully.\r
	341	\r
	342	**/\r
	343	EFI_STATUS\r
	344	VerifyTimeBasedPayload (\r
	345	IN CHAR16 *VariableName,\r
	346	IN EFI_GUID *VendorGuid,\r
	347	IN VOID *Data,\r
	348	IN UINTN DataSize,\r
	349	IN VARIABLE_POINTER_TRACK *Variable,\r
	350	IN UINT32 Attributes,\r
ed47ae02	351	IN AUTHVAR_TYPE AuthVarType,\r
0c18794e	352	OUT BOOLEAN *VarDel\r
	353	);\r
	354	\r
4ccef561 DG	355	extern UINT8 *mPubKeyStore;\r
4ccef561 DG	356	extern UINT8 *mCertDbStore;\r
0c18794e	357	extern UINT32 mPubKeyNumber;\r
0c18794e	358	extern VOID *mHashCtx;\r
2d3fb919	359	\r
0c18794e	360	#endif\r