]> git.proxmox.com Git - mirror_edk2.git/blame_incremental - SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
projects / mirror_edk2.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
UefiCpuPkg: Move AsmRelocateApLoopStart from Mpfuncs.nasm to AmdSev.nasm
[mirror_edk2.git] / SecurityPkg / Library / DxeImageVerificationLib / DxeImageVerificationLib.c
... / ...
CommitLineData
1/** @file\r
2 Implement image verification services for secure boot service\r
3\r
4 Caution: This file requires additional review when modified.\r
5 This library will have external input - PE/COFF image.\r
6 This external input must be validated carefully to avoid security issue like\r
7 buffer overflow, integer overflow.\r
8\r
9 DxeImageVerificationLibImageRead() function will make sure the PE/COFF image content\r
10 read is within the image buffer.\r
11\r
12 DxeImageVerificationHandler(), HashPeImageByType(), HashPeImage() function will accept\r
13 untrusted PE/COFF image and validate its data structure within this image buffer before use.\r
14\r
15Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>\r
16(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>\r
17SPDX-License-Identifier: BSD-2-Clause-Patent\r
18\r
19**/\r
20\r
21#include "DxeImageVerificationLib.h"\r
22\r
23//\r
24// Caution: This is used by a function which may receive untrusted input.\r
25// These global variables hold PE/COFF image data, and they should be validated before use.\r
26//\r
27EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION mNtHeader;\r
28UINT32 mPeCoffHeaderOffset;\r
29EFI_GUID mCertType;\r
30\r
31//\r
32// Information on current PE/COFF image\r
33//\r
34UINTN mImageSize;\r
35UINT8 *mImageBase = NULL;\r
36UINT8 mImageDigest[MAX_DIGEST_SIZE];\r
37UINTN mImageDigestSize;\r
38\r
39//\r
40// Notify string for authorization UI.\r
41//\r
42CHAR16 mNotifyString1[MAX_NOTIFY_STRING_LEN] = L"Image verification pass but not found in authorized database!";\r
43CHAR16 mNotifyString2[MAX_NOTIFY_STRING_LEN] = L"Launch this image anyway? (Yes/Defer/No)";\r
44//\r
45// Public Exponent of RSA Key.\r
46//\r
47CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };\r
48\r
49//\r
50// OID ASN.1 Value for Hash Algorithms\r
51//\r
52UINT8 mHashOidValue[] = {\r
53 0x2B, 0x0E, 0x03, 0x02, 0x1A, // OBJ_sha1\r
54 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, // OBJ_sha224\r
55 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, // OBJ_sha256\r
56 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, // OBJ_sha384\r
57 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, // OBJ_sha512\r
58};\r
59\r
60HASH_TABLE mHash[] = {\r
61 #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES\r
62 { L"SHA1", 20, &mHashOidValue[0], 5, Sha1GetContextSize, Sha1Init, Sha1Update, Sha1Final },\r
63 #else\r
64 { L"SHA1", 20, &mHashOidValue[0], 5, NULL, NULL, NULL, NULL },\r
65 #endif\r
66 { L"SHA224", 28, &mHashOidValue[5], 9, NULL, NULL, NULL, NULL },\r
67 { L"SHA256", 32, &mHashOidValue[14], 9, Sha256GetContextSize, Sha256Init, Sha256Update, Sha256Final },\r
68 { L"SHA384", 48, &mHashOidValue[23], 9, Sha384GetContextSize, Sha384Init, Sha384Update, Sha384Final },\r
69 { L"SHA512", 64, &mHashOidValue[32], 9, Sha512GetContextSize, Sha512Init, Sha512Update, Sha512Final }\r
70};\r
71\r
72EFI_STRING mHashTypeStr;\r
73\r
74/**\r
75 SecureBoot Hook for processing image verification.\r
76\r
77 @param[in] VariableName Name of Variable to be found.\r
78 @param[in] VendorGuid Variable vendor GUID.\r
79 @param[in] DataSize Size of Data found. If size is less than the\r
80 data, this value contains the required size.\r
81 @param[in] Data Data pointer.\r
82\r
83**/\r
84VOID\r
85EFIAPI\r
86SecureBootHook (\r
87 IN CHAR16 *VariableName,\r
88 IN EFI_GUID *VendorGuid,\r
89 IN UINTN DataSize,\r
90 IN VOID *Data\r
91 );\r
92\r
93/**\r
94 Reads contents of a PE/COFF image in memory buffer.\r
95\r
96 Caution: This function may receive untrusted input.\r
97 PE/COFF image is external input, so this function will make sure the PE/COFF image content\r
98 read is within the image buffer.\r
99\r
100 @param FileHandle Pointer to the file handle to read the PE/COFF image.\r
101 @param FileOffset Offset into the PE/COFF image to begin the read operation.\r
102 @param ReadSize On input, the size in bytes of the requested read operation.\r
103 On output, the number of bytes actually read.\r
104 @param Buffer Output buffer that contains the data read from the PE/COFF image.\r
105\r
106 @retval EFI_SUCCESS The specified portion of the PE/COFF image was read and the size\r
107**/\r
108EFI_STATUS\r
109EFIAPI\r
110DxeImageVerificationLibImageRead (\r
111 IN VOID *FileHandle,\r
112 IN UINTN FileOffset,\r
113 IN OUT UINTN *ReadSize,\r
114 OUT VOID *Buffer\r
115 )\r
116{\r
117 UINTN EndPosition;\r
118\r
119 if ((FileHandle == NULL) || (ReadSize == NULL) || (Buffer == NULL)) {\r
120 return EFI_INVALID_PARAMETER;\r
121 }\r
122\r
123 if (MAX_ADDRESS - FileOffset < *ReadSize) {\r
124 return EFI_INVALID_PARAMETER;\r
125 }\r
126\r
127 EndPosition = FileOffset + *ReadSize;\r
128 if (EndPosition > mImageSize) {\r
129 *ReadSize = (UINT32)(mImageSize - FileOffset);\r
130 }\r
131\r
132 if (FileOffset >= mImageSize) {\r
133 *ReadSize = 0;\r
134 }\r
135\r
136 CopyMem (Buffer, (UINT8 *)((UINTN)FileHandle + FileOffset), *ReadSize);\r
137\r
138 return EFI_SUCCESS;\r
139}\r
140\r
141/**\r
142 Get the image type.\r
143\r
144 @param[in] File This is a pointer to the device path of the file that is\r
145 being dispatched.\r
146\r
147 @return UINT32 Image Type\r
148\r
149**/\r
150UINT32\r
151GetImageType (\r
152 IN CONST EFI_DEVICE_PATH_PROTOCOL *File\r
153 )\r
154{\r
155 EFI_STATUS Status;\r
156 EFI_HANDLE DeviceHandle;\r
157 EFI_DEVICE_PATH_PROTOCOL *TempDevicePath;\r
158 EFI_BLOCK_IO_PROTOCOL *BlockIo;\r
159\r
160 if (File == NULL) {\r
161 return IMAGE_UNKNOWN;\r
162 }\r
163\r
164 //\r
165 // First check to see if File is from a Firmware Volume\r
166 //\r
167 DeviceHandle = NULL;\r
168 TempDevicePath = (EFI_DEVICE_PATH_PROTOCOL *)File;\r
169 Status = gBS->LocateDevicePath (\r
170 &gEfiFirmwareVolume2ProtocolGuid,\r
171 &TempDevicePath,\r
172 &DeviceHandle\r
173 );\r
174 if (!EFI_ERROR (Status)) {\r
175 Status = gBS->OpenProtocol (\r
176 DeviceHandle,\r
177 &gEfiFirmwareVolume2ProtocolGuid,\r
178 NULL,\r
179 NULL,\r
180 NULL,\r
181 EFI_OPEN_PROTOCOL_TEST_PROTOCOL\r
182 );\r
183 if (!EFI_ERROR (Status)) {\r
184 return IMAGE_FROM_FV;\r
185 }\r
186 }\r
187\r
188 //\r
189 // Next check to see if File is from a Block I/O device\r
190 //\r
191 DeviceHandle = NULL;\r
192 TempDevicePath = (EFI_DEVICE_PATH_PROTOCOL *)File;\r
193 Status = gBS->LocateDevicePath (\r
194 &gEfiBlockIoProtocolGuid,\r
195 &TempDevicePath,\r
196 &DeviceHandle\r
197 );\r
198 if (!EFI_ERROR (Status)) {\r
199 BlockIo = NULL;\r
200 Status = gBS->OpenProtocol (\r
201 DeviceHandle,\r
202 &gEfiBlockIoProtocolGuid,\r
203 (VOID **)&BlockIo,\r
204 NULL,\r
205 NULL,\r
206 EFI_OPEN_PROTOCOL_GET_PROTOCOL\r
207 );\r
208 if (!EFI_ERROR (Status) && (BlockIo != NULL)) {\r
209 if (BlockIo->Media != NULL) {\r
210 if (BlockIo->Media->RemovableMedia) {\r
211 //\r
212 // Block I/O is present and specifies the media is removable\r
213 //\r
214 return IMAGE_FROM_REMOVABLE_MEDIA;\r
215 } else {\r
216 //\r
217 // Block I/O is present and specifies the media is not removable\r
218 //\r
219 return IMAGE_FROM_FIXED_MEDIA;\r
220 }\r
221 }\r
222 }\r
223 }\r
224\r
225 //\r
226 // File is not in a Firmware Volume or on a Block I/O device, so check to see if\r
227 // the device path supports the Simple File System Protocol.\r
228 //\r
229 DeviceHandle = NULL;\r
230 TempDevicePath = (EFI_DEVICE_PATH_PROTOCOL *)File;\r
231 Status = gBS->LocateDevicePath (\r
232 &gEfiSimpleFileSystemProtocolGuid,\r
233 &TempDevicePath,\r
234 &DeviceHandle\r
235 );\r
236 if (!EFI_ERROR (Status)) {\r
237 //\r
238 // Simple File System is present without Block I/O, so assume media is fixed.\r
239 //\r
240 return IMAGE_FROM_FIXED_MEDIA;\r
241 }\r
242\r
243 //\r
244 // File is not from an FV, Block I/O or Simple File System, so the only options\r
245 // left are a PCI Option ROM and a Load File Protocol such as a PXE Boot from a NIC.\r
246 //\r
247 TempDevicePath = (EFI_DEVICE_PATH_PROTOCOL *)File;\r
248 while (!IsDevicePathEndType (TempDevicePath)) {\r
249 switch (DevicePathType (TempDevicePath)) {\r
250 case MEDIA_DEVICE_PATH:\r
251 if (DevicePathSubType (TempDevicePath) == MEDIA_RELATIVE_OFFSET_RANGE_DP) {\r
252 return IMAGE_FROM_OPTION_ROM;\r
253 }\r
254\r
255 break;\r
256\r
257 case MESSAGING_DEVICE_PATH:\r
258 if (DevicePathSubType (TempDevicePath) == MSG_MAC_ADDR_DP) {\r
259 return IMAGE_FROM_REMOVABLE_MEDIA;\r
260 }\r
261\r
262 break;\r
263\r
264 default:\r
265 break;\r
266 }\r
267\r
268 TempDevicePath = NextDevicePathNode (TempDevicePath);\r
269 }\r
270\r
271 return IMAGE_UNKNOWN;\r
272}\r
273\r
274/**\r
275 Calculate hash of Pe/Coff image based on the authenticode image hashing in\r
276 PE/COFF Specification 8.0 Appendix A\r
277\r
278 Caution: This function may receive untrusted input.\r
279 PE/COFF image is external input, so this function will validate its data structure\r
280 within this image buffer before use.\r
281\r
282 Notes: PE/COFF image has been checked by BasePeCoffLib PeCoffLoaderGetImageInfo() in\r
283 its caller function DxeImageVerificationHandler().\r
284\r
285 @param[in] HashAlg Hash algorithm type.\r
286\r
287 @retval TRUE Successfully hash image.\r
288 @retval FALSE Fail in hash image.\r
289\r
290**/\r
291BOOLEAN\r
292HashPeImage (\r
293 IN UINT32 HashAlg\r
294 )\r
295{\r
296 BOOLEAN Status;\r
297 EFI_IMAGE_SECTION_HEADER *Section;\r
298 VOID *HashCtx;\r
299 UINTN CtxSize;\r
300 UINT8 *HashBase;\r
301 UINTN HashSize;\r
302 UINTN SumOfBytesHashed;\r
303 EFI_IMAGE_SECTION_HEADER *SectionHeader;\r
304 UINTN Index;\r
305 UINTN Pos;\r
306 UINT32 CertSize;\r
307 UINT32 NumberOfRvaAndSizes;\r
308\r
309 HashCtx = NULL;\r
310 SectionHeader = NULL;\r
311 Status = FALSE;\r
312\r
313 if ((HashAlg >= HASHALG_MAX)) {\r
314 return FALSE;\r
315 }\r
316\r
317 //\r
318 // Initialize context of hash.\r
319 //\r
320 ZeroMem (mImageDigest, MAX_DIGEST_SIZE);\r
321\r
322 switch (HashAlg) {\r
323 #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES\r
324 case HASHALG_SHA1:\r
325 mImageDigestSize = SHA1_DIGEST_SIZE;\r
326 mCertType = gEfiCertSha1Guid;\r
327 break;\r
328 #endif\r
329\r
330 case HASHALG_SHA256:\r
331 mImageDigestSize = SHA256_DIGEST_SIZE;\r
332 mCertType = gEfiCertSha256Guid;\r
333 break;\r
334\r
335 case HASHALG_SHA384:\r
336 mImageDigestSize = SHA384_DIGEST_SIZE;\r
337 mCertType = gEfiCertSha384Guid;\r
338 break;\r
339\r
340 case HASHALG_SHA512:\r
341 mImageDigestSize = SHA512_DIGEST_SIZE;\r
342 mCertType = gEfiCertSha512Guid;\r
343 break;\r
344\r
345 default:\r
346 return FALSE;\r
347 }\r
348\r
349 mHashTypeStr = mHash[HashAlg].Name;\r
350 CtxSize = mHash[HashAlg].GetContextSize ();\r
351\r
352 HashCtx = AllocatePool (CtxSize);\r
353 if (HashCtx == NULL) {\r
354 return FALSE;\r
355 }\r
356\r
357 // 1. Load the image header into memory.\r
358\r
359 // 2. Initialize a SHA hash context.\r
360 Status = mHash[HashAlg].HashInit (HashCtx);\r
361\r
362 if (!Status) {\r
363 goto Done;\r
364 }\r
365\r
366 //\r
367 // Measuring PE/COFF Image Header;\r
368 // But CheckSum field and SECURITY data directory (certificate) are excluded\r
369 //\r
370\r
371 //\r
372 // 3. Calculate the distance from the base of the image header to the image checksum address.\r
373 // 4. Hash the image header from its base to beginning of the image checksum.\r
374 //\r
375 HashBase = mImageBase;\r
376 if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
377 //\r
378 // Use PE32 offset.\r
379 //\r
380 HashSize = (UINTN)(&mNtHeader.Pe32->OptionalHeader.CheckSum) - (UINTN)HashBase;\r
381 NumberOfRvaAndSizes = mNtHeader.Pe32->OptionalHeader.NumberOfRvaAndSizes;\r
382 } else if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC) {\r
383 //\r
384 // Use PE32+ offset.\r
385 //\r
386 HashSize = (UINTN)(&mNtHeader.Pe32Plus->OptionalHeader.CheckSum) - (UINTN)HashBase;\r
387 NumberOfRvaAndSizes = mNtHeader.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes;\r
388 } else {\r
389 //\r
390 // Invalid header magic number.\r
391 //\r
392 Status = FALSE;\r
393 goto Done;\r
394 }\r
395\r
396 Status = mHash[HashAlg].HashUpdate (HashCtx, HashBase, HashSize);\r
397 if (!Status) {\r
398 goto Done;\r
399 }\r
400\r
401 //\r
402 // 5. Skip over the image checksum (it occupies a single ULONG).\r
403 //\r
404 if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
405 //\r
406 // 6. Since there is no Cert Directory in optional header, hash everything\r
407 // from the end of the checksum to the end of image header.\r
408 //\r
409 if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
410 //\r
411 // Use PE32 offset.\r
412 //\r
413 HashBase = (UINT8 *)&mNtHeader.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
414 HashSize = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders - ((UINTN)HashBase - (UINTN)mImageBase);\r
415 } else {\r
416 //\r
417 // Use PE32+ offset.\r
418 //\r
419 HashBase = (UINT8 *)&mNtHeader.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
420 HashSize = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders - ((UINTN)HashBase - (UINTN)mImageBase);\r
421 }\r
422\r
423 if (HashSize != 0) {\r
424 Status = mHash[HashAlg].HashUpdate (HashCtx, HashBase, HashSize);\r
425 if (!Status) {\r
426 goto Done;\r
427 }\r
428 }\r
429 } else {\r
430 //\r
431 // 7. Hash everything from the end of the checksum to the start of the Cert Directory.\r
432 //\r
433 if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
434 //\r
435 // Use PE32 offset.\r
436 //\r
437 HashBase = (UINT8 *)&mNtHeader.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
438 HashSize = (UINTN)(&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN)HashBase;\r
439 } else {\r
440 //\r
441 // Use PE32+ offset.\r
442 //\r
443 HashBase = (UINT8 *)&mNtHeader.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
444 HashSize = (UINTN)(&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN)HashBase;\r
445 }\r
446\r
447 if (HashSize != 0) {\r
448 Status = mHash[HashAlg].HashUpdate (HashCtx, HashBase, HashSize);\r
449 if (!Status) {\r
450 goto Done;\r
451 }\r
452 }\r
453\r
454 //\r
455 // 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)\r
456 // 9. Hash everything from the end of the Cert Directory to the end of image header.\r
457 //\r
458 if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
459 //\r
460 // Use PE32 offset\r
461 //\r
462 HashBase = (UINT8 *)&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
463 HashSize = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders - ((UINTN)HashBase - (UINTN)mImageBase);\r
464 } else {\r
465 //\r
466 // Use PE32+ offset.\r
467 //\r
468 HashBase = (UINT8 *)&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
469 HashSize = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders - ((UINTN)HashBase - (UINTN)mImageBase);\r
470 }\r
471\r
472 if (HashSize != 0) {\r
473 Status = mHash[HashAlg].HashUpdate (HashCtx, HashBase, HashSize);\r
474 if (!Status) {\r
475 goto Done;\r
476 }\r
477 }\r
478 }\r
479\r
480 //\r
481 // 10. Set the SUM_OF_BYTES_HASHED to the size of the header.\r
482 //\r
483 if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
484 //\r
485 // Use PE32 offset.\r
486 //\r
487 SumOfBytesHashed = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders;\r
488 } else {\r
489 //\r
490 // Use PE32+ offset\r
491 //\r
492 SumOfBytesHashed = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders;\r
493 }\r
494\r
495 Section = (EFI_IMAGE_SECTION_HEADER *)(\r
496 mImageBase +\r
497 mPeCoffHeaderOffset +\r
498 sizeof (UINT32) +\r
499 sizeof (EFI_IMAGE_FILE_HEADER) +\r
500 mNtHeader.Pe32->FileHeader.SizeOfOptionalHeader\r
501 );\r
502\r
503 //\r
504 // 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER\r
505 // structures in the image. The 'NumberOfSections' field of the image\r
506 // header indicates how big the table should be. Do not include any\r
507 // IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.\r
508 //\r
509 SectionHeader = (EFI_IMAGE_SECTION_HEADER *)AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * mNtHeader.Pe32->FileHeader.NumberOfSections);\r
510 if (SectionHeader == NULL) {\r
511 Status = FALSE;\r
512 goto Done;\r
513 }\r
514\r
515 //\r
516 // 12. Using the 'PointerToRawData' in the referenced section headers as\r
517 // a key, arrange the elements in the table in ascending order. In other\r
518 // words, sort the section headers according to the disk-file offset of\r
519 // the section.\r
520 //\r
521 for (Index = 0; Index < mNtHeader.Pe32->FileHeader.NumberOfSections; Index++) {\r
522 Pos = Index;\r
523 while ((Pos > 0) && (Section->PointerToRawData < SectionHeader[Pos - 1].PointerToRawData)) {\r
524 CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof (EFI_IMAGE_SECTION_HEADER));\r
525 Pos--;\r
526 }\r
527\r
528 CopyMem (&SectionHeader[Pos], Section, sizeof (EFI_IMAGE_SECTION_HEADER));\r
529 Section += 1;\r
530 }\r
531\r
532 //\r
533 // 13. Walk through the sorted table, bring the corresponding section\r
534 // into memory, and hash the entire section (using the 'SizeOfRawData'\r
535 // field in the section header to determine the amount of data to hash).\r
536 // 14. Add the section's 'SizeOfRawData' to SUM_OF_BYTES_HASHED .\r
537 // 15. Repeat steps 13 and 14 for all the sections in the sorted table.\r
538 //\r
539 for (Index = 0; Index < mNtHeader.Pe32->FileHeader.NumberOfSections; Index++) {\r
540 Section = &SectionHeader[Index];\r
541 if (Section->SizeOfRawData == 0) {\r
542 continue;\r
543 }\r
544\r
545 HashBase = mImageBase + Section->PointerToRawData;\r
546 HashSize = (UINTN)Section->SizeOfRawData;\r
547\r
548 Status = mHash[HashAlg].HashUpdate (HashCtx, HashBase, HashSize);\r
549 if (!Status) {\r
550 goto Done;\r
551 }\r
552\r
553 SumOfBytesHashed += HashSize;\r
554 }\r
555\r
556 //\r
557 // 16. If the file size is greater than SUM_OF_BYTES_HASHED, there is extra\r
558 // data in the file that needs to be added to the hash. This data begins\r
559 // at file offset SUM_OF_BYTES_HASHED and its length is:\r
560 // FileSize - (CertDirectory->Size)\r
561 //\r
562 if (mImageSize > SumOfBytesHashed) {\r
563 HashBase = mImageBase + SumOfBytesHashed;\r
564\r
565 if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
566 CertSize = 0;\r
567 } else {\r
568 if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
569 //\r
570 // Use PE32 offset.\r
571 //\r
572 CertSize = mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;\r
573 } else {\r
574 //\r
575 // Use PE32+ offset.\r
576 //\r
577 CertSize = mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;\r
578 }\r
579 }\r
580\r
581 if (mImageSize > CertSize + SumOfBytesHashed) {\r
582 HashSize = (UINTN)(mImageSize - CertSize - SumOfBytesHashed);\r
583\r
584 Status = mHash[HashAlg].HashUpdate (HashCtx, HashBase, HashSize);\r
585 if (!Status) {\r
586 goto Done;\r
587 }\r
588 } else if (mImageSize < CertSize + SumOfBytesHashed) {\r
589 Status = FALSE;\r
590 goto Done;\r
591 }\r
592 }\r
593\r
594 Status = mHash[HashAlg].HashFinal (HashCtx, mImageDigest);\r
595\r
596Done:\r
597 if (HashCtx != NULL) {\r
598 FreePool (HashCtx);\r
599 }\r
600\r
601 if (SectionHeader != NULL) {\r
602 FreePool (SectionHeader);\r
603 }\r
604\r
605 return Status;\r
606}\r
607\r
608/**\r
609 Recognize the Hash algorithm in PE/COFF Authenticode and calculate hash of\r
610 Pe/Coff image based on the authenticode image hashing in PE/COFF Specification\r
611 8.0 Appendix A\r
612\r
613 Caution: This function may receive untrusted input.\r
614 PE/COFF image is external input, so this function will validate its data structure\r
615 within this image buffer before use.\r
616\r
617 @param[in] AuthData Pointer to the Authenticode Signature retrieved from signed image.\r
618 @param[in] AuthDataSize Size of the Authenticode Signature in bytes.\r
619\r
620 @retval EFI_UNSUPPORTED Hash algorithm is not supported.\r
621 @retval EFI_SUCCESS Hash successfully.\r
622\r
623**/\r
624EFI_STATUS\r
625HashPeImageByType (\r
626 IN UINT8 *AuthData,\r
627 IN UINTN AuthDataSize\r
628 )\r
629{\r
630 UINT8 Index;\r
631\r
632 for (Index = 0; Index < HASHALG_MAX; Index++) {\r
633 //\r
634 // Check the Hash algorithm in PE/COFF Authenticode.\r
635 // According to PKCS#7 Definition:\r
636 // SignedData ::= SEQUENCE {\r
637 // version Version,\r
638 // digestAlgorithms DigestAlgorithmIdentifiers,\r
639 // contentInfo ContentInfo,\r
640 // .... }\r
641 // The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing\r
642 // This field has the fixed offset (+32) in final Authenticode ASN.1 data.\r
643 // Fixed offset (+32) is calculated based on two bytes of length encoding.\r
644 //\r
645 if ((*(AuthData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {\r
646 //\r
647 // Only support two bytes of Long Form of Length Encoding.\r
648 //\r
649 continue;\r
650 }\r
651\r
652 if (AuthDataSize < 32 + mHash[Index].OidLength) {\r
653 return EFI_UNSUPPORTED;\r
654 }\r
655\r
656 if (CompareMem (AuthData + 32, mHash[Index].OidValue, mHash[Index].OidLength) == 0) {\r
657 break;\r
658 }\r
659 }\r
660\r
661 if (Index == HASHALG_MAX) {\r
662 return EFI_UNSUPPORTED;\r
663 }\r
664\r
665 //\r
666 // HASH PE Image based on Hash algorithm in PE/COFF Authenticode.\r
667 //\r
668 if (!HashPeImage (Index)) {\r
669 return EFI_UNSUPPORTED;\r
670 }\r
671\r
672 return EFI_SUCCESS;\r
673}\r
674\r
675/**\r
676 Returns the size of a given image execution info table in bytes.\r
677\r
678 This function returns the size, in bytes, of the image execution info table specified by\r
679 ImageExeInfoTable. If ImageExeInfoTable is NULL, then 0 is returned.\r
680\r
681 @param ImageExeInfoTable A pointer to a image execution info table structure.\r
682\r
683 @retval 0 If ImageExeInfoTable is NULL.\r
684 @retval Others The size of a image execution info table in bytes.\r
685\r
686**/\r
687UINTN\r
688GetImageExeInfoTableSize (\r
689 EFI_IMAGE_EXECUTION_INFO_TABLE *ImageExeInfoTable\r
690 )\r
691{\r
692 UINTN Index;\r
693 EFI_IMAGE_EXECUTION_INFO *ImageExeInfoItem;\r
694 UINTN TotalSize;\r
695\r
696 if (ImageExeInfoTable == NULL) {\r
697 return 0;\r
698 }\r
699\r
700 ImageExeInfoItem = (EFI_IMAGE_EXECUTION_INFO *)((UINT8 *)ImageExeInfoTable + sizeof (EFI_IMAGE_EXECUTION_INFO_TABLE));\r
701 TotalSize = sizeof (EFI_IMAGE_EXECUTION_INFO_TABLE);\r
702 for (Index = 0; Index < ImageExeInfoTable->NumberOfImages; Index++) {\r
703 TotalSize += ReadUnaligned32 ((UINT32 *)&ImageExeInfoItem->InfoSize);\r
704 ImageExeInfoItem = (EFI_IMAGE_EXECUTION_INFO *)((UINT8 *)ImageExeInfoItem + ReadUnaligned32 ((UINT32 *)&ImageExeInfoItem->InfoSize));\r
705 }\r
706\r
707 return TotalSize;\r
708}\r
709\r
710/**\r
711 Create an Image Execution Information Table entry and add it to system configuration table.\r
712\r
713 @param[in] Action Describes the action taken by the firmware regarding this image.\r
714 @param[in] Name Input a null-terminated, user-friendly name.\r
715 @param[in] DevicePath Input device path pointer.\r
716 @param[in] Signature Input signature info in EFI_SIGNATURE_LIST data structure.\r
717 @param[in] SignatureSize Size of signature. Must be zero if Signature is NULL.\r
718\r
719**/\r
720VOID\r
721AddImageExeInfo (\r
722 IN EFI_IMAGE_EXECUTION_ACTION Action,\r
723 IN CHAR16 *Name OPTIONAL,\r
724 IN CONST EFI_DEVICE_PATH_PROTOCOL *DevicePath,\r
725 IN EFI_SIGNATURE_LIST *Signature OPTIONAL,\r
726 IN UINTN SignatureSize\r
727 )\r
728{\r
729 EFI_IMAGE_EXECUTION_INFO_TABLE *ImageExeInfoTable;\r
730 EFI_IMAGE_EXECUTION_INFO_TABLE *NewImageExeInfoTable;\r
731 EFI_IMAGE_EXECUTION_INFO *ImageExeInfoEntry;\r
732 UINTN ImageExeInfoTableSize;\r
733 UINTN NewImageExeInfoEntrySize;\r
734 UINTN NameStringLen;\r
735 UINTN DevicePathSize;\r
736 CHAR16 *NameStr;\r
737\r
738 ImageExeInfoTable = NULL;\r
739 NewImageExeInfoTable = NULL;\r
740 ImageExeInfoEntry = NULL;\r
741 NameStringLen = 0;\r
742 NameStr = NULL;\r
743\r
744 if (DevicePath == NULL) {\r
745 return;\r
746 }\r
747\r
748 if (Name != NULL) {\r
749 NameStringLen = StrSize (Name);\r
750 } else {\r
751 NameStringLen = sizeof (CHAR16);\r
752 }\r
753\r
754 EfiGetSystemConfigurationTable (&gEfiImageSecurityDatabaseGuid, (VOID **)&ImageExeInfoTable);\r
755 if (ImageExeInfoTable != NULL) {\r
756 //\r
757 // The table has been found!\r
758 // We must enlarge the table to accommodate the new exe info entry.\r
759 //\r
760 ImageExeInfoTableSize = GetImageExeInfoTableSize (ImageExeInfoTable);\r
761 } else {\r
762 //\r
763 // Not Found!\r
764 // We should create a new table to append to the configuration table.\r
765 //\r
766 ImageExeInfoTableSize = sizeof (EFI_IMAGE_EXECUTION_INFO_TABLE);\r
767 }\r
768\r
769 DevicePathSize = GetDevicePathSize (DevicePath);\r
770\r
771 //\r
772 // Signature size can be odd. Pad after signature to ensure next EXECUTION_INFO entry align\r
773 //\r
774 ASSERT (Signature != NULL || SignatureSize == 0);\r
775 NewImageExeInfoEntrySize = sizeof (EFI_IMAGE_EXECUTION_INFO) + NameStringLen + DevicePathSize + SignatureSize;\r
776\r
777 NewImageExeInfoTable = (EFI_IMAGE_EXECUTION_INFO_TABLE *)AllocateRuntimePool (ImageExeInfoTableSize + NewImageExeInfoEntrySize);\r
778 if (NewImageExeInfoTable == NULL) {\r
779 return;\r
780 }\r
781\r
782 if (ImageExeInfoTable != NULL) {\r
783 CopyMem (NewImageExeInfoTable, ImageExeInfoTable, ImageExeInfoTableSize);\r
784 } else {\r
785 NewImageExeInfoTable->NumberOfImages = 0;\r
786 }\r
787\r
788 NewImageExeInfoTable->NumberOfImages++;\r
789 ImageExeInfoEntry = (EFI_IMAGE_EXECUTION_INFO *)((UINT8 *)NewImageExeInfoTable + ImageExeInfoTableSize);\r
790 //\r
791 // Update new item's information.\r
792 //\r
793 WriteUnaligned32 ((UINT32 *)ImageExeInfoEntry, Action);\r
794 WriteUnaligned32 ((UINT32 *)((UINT8 *)ImageExeInfoEntry + sizeof (EFI_IMAGE_EXECUTION_ACTION)), (UINT32)NewImageExeInfoEntrySize);\r
795\r
796 NameStr = (CHAR16 *)(ImageExeInfoEntry + 1);\r
797 if (Name != NULL) {\r
798 CopyMem ((UINT8 *)NameStr, Name, NameStringLen);\r
799 } else {\r
800 ZeroMem ((UINT8 *)NameStr, sizeof (CHAR16));\r
801 }\r
802\r
803 CopyMem (\r
804 (UINT8 *)NameStr + NameStringLen,\r
805 DevicePath,\r
806 DevicePathSize\r
807 );\r
808 if (Signature != NULL) {\r
809 CopyMem (\r
810 (UINT8 *)NameStr + NameStringLen + DevicePathSize,\r
811 Signature,\r
812 SignatureSize\r
813 );\r
814 }\r
815\r
816 //\r
817 // Update/replace the image execution table.\r
818 //\r
819 gBS->InstallConfigurationTable (&gEfiImageSecurityDatabaseGuid, (VOID *)NewImageExeInfoTable);\r
820\r
821 //\r
822 // Free Old table data!\r
823 //\r
824 if (ImageExeInfoTable != NULL) {\r
825 FreePool (ImageExeInfoTable);\r
826 }\r
827}\r
828\r
829/**\r
830 Check whether the hash of an given X.509 certificate is in forbidden database (DBX).\r
831\r
832 @param[in] Certificate Pointer to X.509 Certificate that is searched for.\r
833 @param[in] CertSize Size of X.509 Certificate.\r
834 @param[in] SignatureList Pointer to the Signature List in forbidden database.\r
835 @param[in] SignatureListSize Size of Signature List.\r
836 @param[out] RevocationTime Return the time that the certificate was revoked.\r
837 @param[out] IsFound Search result. Only valid if EFI_SUCCESS returned.\r
838\r
839 @retval EFI_SUCCESS Finished the search without any error.\r
840 @retval Others Error occurred in the search of database.\r
841\r
842**/\r
843EFI_STATUS\r
844IsCertHashFoundInDbx (\r
845 IN UINT8 *Certificate,\r
846 IN UINTN CertSize,\r
847 IN EFI_SIGNATURE_LIST *SignatureList,\r
848 IN UINTN SignatureListSize,\r
849 OUT EFI_TIME *RevocationTime,\r
850 OUT BOOLEAN *IsFound\r
851 )\r
852{\r
853 EFI_STATUS Status;\r
854 EFI_SIGNATURE_LIST *DbxList;\r
855 UINTN DbxSize;\r
856 EFI_SIGNATURE_DATA *CertHash;\r
857 UINTN CertHashCount;\r
858 UINTN Index;\r
859 UINT32 HashAlg;\r
860 VOID *HashCtx;\r
861 UINT8 CertDigest[MAX_DIGEST_SIZE];\r
862 UINT8 *DbxCertHash;\r
863 UINTN SiglistHeaderSize;\r
864 UINT8 *TBSCert;\r
865 UINTN TBSCertSize;\r
866\r
867 Status = EFI_ABORTED;\r
868 *IsFound = FALSE;\r
869 DbxList = SignatureList;\r
870 DbxSize = SignatureListSize;\r
871 HashCtx = NULL;\r
872 HashAlg = HASHALG_MAX;\r
873\r
874 if ((RevocationTime == NULL) || (DbxList == NULL)) {\r
875 return EFI_INVALID_PARAMETER;\r
876 }\r
877\r
878 //\r
879 // Retrieve the TBSCertificate from the X.509 Certificate.\r
880 //\r
881 if (!X509GetTBSCert (Certificate, CertSize, &TBSCert, &TBSCertSize)) {\r
882 return Status;\r
883 }\r
884\r
885 while ((DbxSize > 0) && (SignatureListSize >= DbxList->SignatureListSize)) {\r
886 //\r
887 // Determine Hash Algorithm of Certificate in the forbidden database.\r
888 //\r
889 if (CompareGuid (&DbxList->SignatureType, &gEfiCertX509Sha256Guid)) {\r
890 HashAlg = HASHALG_SHA256;\r
891 } else if (CompareGuid (&DbxList->SignatureType, &gEfiCertX509Sha384Guid)) {\r
892 HashAlg = HASHALG_SHA384;\r
893 } else if (CompareGuid (&DbxList->SignatureType, &gEfiCertX509Sha512Guid)) {\r
894 HashAlg = HASHALG_SHA512;\r
895 } else {\r
896 DbxSize -= DbxList->SignatureListSize;\r
897 DbxList = (EFI_SIGNATURE_LIST *)((UINT8 *)DbxList + DbxList->SignatureListSize);\r
898 continue;\r
899 }\r
900\r
901 //\r
902 // Calculate the hash value of current TBSCertificate for comparision.\r
903 //\r
904 if (mHash[HashAlg].GetContextSize == NULL) {\r
905 goto Done;\r
906 }\r
907\r
908 ZeroMem (CertDigest, MAX_DIGEST_SIZE);\r
909 HashCtx = AllocatePool (mHash[HashAlg].GetContextSize ());\r
910 if (HashCtx == NULL) {\r
911 goto Done;\r
912 }\r
913\r
914 if (!mHash[HashAlg].HashInit (HashCtx)) {\r
915 goto Done;\r
916 }\r
917\r
918 if (!mHash[HashAlg].HashUpdate (HashCtx, TBSCert, TBSCertSize)) {\r
919 goto Done;\r
920 }\r
921\r
922 if (!mHash[HashAlg].HashFinal (HashCtx, CertDigest)) {\r
923 goto Done;\r
924 }\r
925\r
926 FreePool (HashCtx);\r
927 HashCtx = NULL;\r
928\r
929 SiglistHeaderSize = sizeof (EFI_SIGNATURE_LIST) + DbxList->SignatureHeaderSize;\r
930 CertHash = (EFI_SIGNATURE_DATA *)((UINT8 *)DbxList + SiglistHeaderSize);\r
931 CertHashCount = (DbxList->SignatureListSize - SiglistHeaderSize) / DbxList->SignatureSize;\r
932 for (Index = 0; Index < CertHashCount; Index++) {\r
933 //\r
934 // Iterate each Signature Data Node within this CertList for verify.\r
935 //\r
936 DbxCertHash = CertHash->SignatureData;\r
937 if (CompareMem (DbxCertHash, CertDigest, mHash[HashAlg].DigestLength) == 0) {\r
938 //\r
939 // Hash of Certificate is found in forbidden database.\r
940 //\r
941 Status = EFI_SUCCESS;\r
942 *IsFound = TRUE;\r
943\r
944 //\r
945 // Return the revocation time.\r
946 //\r
947 CopyMem (RevocationTime, (EFI_TIME *)(DbxCertHash + mHash[HashAlg].DigestLength), sizeof (EFI_TIME));\r
948 goto Done;\r
949 }\r
950\r
951 CertHash = (EFI_SIGNATURE_DATA *)((UINT8 *)CertHash + DbxList->SignatureSize);\r
952 }\r
953\r
954 DbxSize -= DbxList->SignatureListSize;\r
955 DbxList = (EFI_SIGNATURE_LIST *)((UINT8 *)DbxList + DbxList->SignatureListSize);\r
956 }\r
957\r
958 Status = EFI_SUCCESS;\r
959\r
960Done:\r
961 if (HashCtx != NULL) {\r
962 FreePool (HashCtx);\r
963 }\r
964\r
965 return Status;\r
966}\r
967\r
968/**\r
969 Check whether signature is in specified database.\r
970\r
971 @param[in] VariableName Name of database variable that is searched in.\r
972 @param[in] Signature Pointer to signature that is searched for.\r
973 @param[in] CertType Pointer to hash algorithm.\r
974 @param[in] SignatureSize Size of Signature.\r
975 @param[out] IsFound Search result. Only valid if EFI_SUCCESS returned\r
976\r
977 @retval EFI_SUCCESS Finished the search without any error.\r
978 @retval Others Error occurred in the search of database.\r
979\r
980**/\r
981EFI_STATUS\r
982IsSignatureFoundInDatabase (\r
983 IN CHAR16 *VariableName,\r
984 IN UINT8 *Signature,\r
985 IN EFI_GUID *CertType,\r
986 IN UINTN SignatureSize,\r
987 OUT BOOLEAN *IsFound\r
988 )\r
989{\r
990 EFI_STATUS Status;\r
991 EFI_SIGNATURE_LIST *CertList;\r
992 EFI_SIGNATURE_DATA *Cert;\r
993 UINTN DataSize;\r
994 UINT8 *Data;\r
995 UINTN Index;\r
996 UINTN CertCount;\r
997\r
998 //\r
999 // Read signature database variable.\r
1000 //\r
1001 *IsFound = FALSE;\r
1002 Data = NULL;\r
1003 DataSize = 0;\r
1004 Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL);\r
1005 if (Status != EFI_BUFFER_TOO_SMALL) {\r
1006 if (Status == EFI_NOT_FOUND) {\r
1007 //\r
1008 // No database, no need to search.\r
1009 //\r
1010 Status = EFI_SUCCESS;\r
1011 }\r
1012\r
1013 return Status;\r
1014 }\r
1015\r
1016 Data = (UINT8 *)AllocateZeroPool (DataSize);\r
1017 if (Data == NULL) {\r
1018 return EFI_OUT_OF_RESOURCES;\r
1019 }\r
1020\r
1021 Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, Data);\r
1022 if (EFI_ERROR (Status)) {\r
1023 goto Done;\r
1024 }\r
1025\r
1026 //\r
1027 // Enumerate all signature data in SigDB to check if signature exists for executable.\r
1028 //\r
1029 CertList = (EFI_SIGNATURE_LIST *)Data;\r
1030 while ((DataSize > 0) && (DataSize >= CertList->SignatureListSize)) {\r
1031 CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
1032 Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);\r
1033 if ((CertList->SignatureSize == sizeof (EFI_SIGNATURE_DATA) - 1 + SignatureSize) && (CompareGuid (&CertList->SignatureType, CertType))) {\r
1034 for (Index = 0; Index < CertCount; Index++) {\r
1035 if (CompareMem (Cert->SignatureData, Signature, SignatureSize) == 0) {\r
1036 //\r
1037 // Find the signature in database.\r
1038 //\r
1039 *IsFound = TRUE;\r
1040 //\r
1041 // Entries in UEFI_IMAGE_SECURITY_DATABASE that are used to validate image should be measured\r
1042 //\r
1043 if (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE) == 0) {\r
1044 SecureBootHook (VariableName, &gEfiImageSecurityDatabaseGuid, CertList->SignatureSize, Cert);\r
1045 }\r
1046\r
1047 break;\r
1048 }\r
1049\r
1050 Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)Cert + CertList->SignatureSize);\r
1051 }\r
1052\r
1053 if (*IsFound) {\r
1054 break;\r
1055 }\r
1056 }\r
1057\r
1058 DataSize -= CertList->SignatureListSize;\r
1059 CertList = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);\r
1060 }\r
1061\r
1062Done:\r
1063 if (Data != NULL) {\r
1064 FreePool (Data);\r
1065 }\r
1066\r
1067 return Status;\r
1068}\r
1069\r
1070/**\r
1071 Check whether the timestamp is valid by comparing the signing time and the revocation time.\r
1072\r
1073 @param SigningTime A pointer to the signing time.\r
1074 @param RevocationTime A pointer to the revocation time.\r
1075\r
1076 @retval TRUE The SigningTime is not later than the RevocationTime.\r
1077 @retval FALSE The SigningTime is later than the RevocationTime.\r
1078\r
1079**/\r
1080BOOLEAN\r
1081IsValidSignatureByTimestamp (\r
1082 IN EFI_TIME *SigningTime,\r
1083 IN EFI_TIME *RevocationTime\r
1084 )\r
1085{\r
1086 if (SigningTime->Year != RevocationTime->Year) {\r
1087 return (BOOLEAN)(SigningTime->Year < RevocationTime->Year);\r
1088 } else if (SigningTime->Month != RevocationTime->Month) {\r
1089 return (BOOLEAN)(SigningTime->Month < RevocationTime->Month);\r
1090 } else if (SigningTime->Day != RevocationTime->Day) {\r
1091 return (BOOLEAN)(SigningTime->Day < RevocationTime->Day);\r
1092 } else if (SigningTime->Hour != RevocationTime->Hour) {\r
1093 return (BOOLEAN)(SigningTime->Hour < RevocationTime->Hour);\r
1094 } else if (SigningTime->Minute != RevocationTime->Minute) {\r
1095 return (BOOLEAN)(SigningTime->Minute < RevocationTime->Minute);\r
1096 }\r
1097\r
1098 return (BOOLEAN)(SigningTime->Second <= RevocationTime->Second);\r
1099}\r
1100\r
1101/**\r
1102 Check if the given time value is zero.\r
1103\r
1104 @param[in] Time Pointer of a time value.\r
1105\r
1106 @retval TRUE The Time is Zero.\r
1107 @retval FALSE The Time is not Zero.\r
1108\r
1109**/\r
1110BOOLEAN\r
1111IsTimeZero (\r
1112 IN EFI_TIME *Time\r
1113 )\r
1114{\r
1115 if ((Time->Year == 0) && (Time->Month == 0) && (Time->Day == 0) &&\r
1116 (Time->Hour == 0) && (Time->Minute == 0) && (Time->Second == 0))\r
1117 {\r
1118 return TRUE;\r
1119 }\r
1120\r
1121 return FALSE;\r
1122}\r
1123\r
1124/**\r
1125 Check whether the timestamp signature is valid and the signing time is also earlier than\r
1126 the revocation time.\r
1127\r
1128 @param[in] AuthData Pointer to the Authenticode signature retrieved from signed image.\r
1129 @param[in] AuthDataSize Size of the Authenticode signature in bytes.\r
1130 @param[in] RevocationTime The time that the certificate was revoked.\r
1131\r
1132 @retval TRUE Timestamp signature is valid and signing time is no later than the\r
1133 revocation time.\r
1134 @retval FALSE Timestamp signature is not valid or the signing time is later than the\r
1135 revocation time.\r
1136\r
1137**/\r
1138BOOLEAN\r
1139PassTimestampCheck (\r
1140 IN UINT8 *AuthData,\r
1141 IN UINTN AuthDataSize,\r
1142 IN EFI_TIME *RevocationTime\r
1143 )\r
1144{\r
1145 EFI_STATUS Status;\r
1146 BOOLEAN VerifyStatus;\r
1147 EFI_SIGNATURE_LIST *CertList;\r
1148 EFI_SIGNATURE_DATA *Cert;\r
1149 UINT8 *DbtData;\r
1150 UINTN DbtDataSize;\r
1151 UINT8 *RootCert;\r
1152 UINTN RootCertSize;\r
1153 UINTN Index;\r
1154 UINTN CertCount;\r
1155 EFI_TIME SigningTime;\r
1156\r
1157 //\r
1158 // Variable Initialization\r
1159 //\r
1160 VerifyStatus = FALSE;\r
1161 DbtData = NULL;\r
1162 CertList = NULL;\r
1163 Cert = NULL;\r
1164 RootCert = NULL;\r
1165 RootCertSize = 0;\r
1166\r
1167 //\r
1168 // If RevocationTime is zero, the certificate shall be considered to always be revoked.\r
1169 //\r
1170 if (IsTimeZero (RevocationTime)) {\r
1171 return FALSE;\r
1172 }\r
1173\r
1174 //\r
1175 // RevocationTime is non-zero, the certificate should be considered to be revoked from that time and onwards.\r
1176 // Using the dbt to get the trusted TSA certificates.\r
1177 //\r
1178 DbtDataSize = 0;\r
1179 Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, NULL, &DbtDataSize, NULL);\r
1180 if (Status != EFI_BUFFER_TOO_SMALL) {\r
1181 goto Done;\r
1182 }\r
1183\r
1184 DbtData = (UINT8 *)AllocateZeroPool (DbtDataSize);\r
1185 if (DbtData == NULL) {\r
1186 goto Done;\r
1187 }\r
1188\r
1189 Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, NULL, &DbtDataSize, (VOID *)DbtData);\r
1190 if (EFI_ERROR (Status)) {\r
1191 goto Done;\r
1192 }\r
1193\r
1194 CertList = (EFI_SIGNATURE_LIST *)DbtData;\r
1195 while ((DbtDataSize > 0) && (DbtDataSize >= CertList->SignatureListSize)) {\r
1196 if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {\r
1197 Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);\r
1198 CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
1199 for (Index = 0; Index < CertCount; Index++) {\r
1200 //\r
1201 // Iterate each Signature Data Node within this CertList for verify.\r
1202 //\r
1203 RootCert = Cert->SignatureData;\r
1204 RootCertSize = CertList->SignatureSize - sizeof (EFI_GUID);\r
1205 //\r
1206 // Get the signing time if the timestamp signature is valid.\r
1207 //\r
1208 if (ImageTimestampVerify (AuthData, AuthDataSize, RootCert, RootCertSize, &SigningTime)) {\r
1209 //\r
1210 // The signer signature is valid only when the signing time is earlier than revocation time.\r
1211 //\r
1212 if (IsValidSignatureByTimestamp (&SigningTime, RevocationTime)) {\r
1213 VerifyStatus = TRUE;\r
1214 goto Done;\r
1215 }\r
1216 }\r
1217\r
1218 Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)Cert + CertList->SignatureSize);\r
1219 }\r
1220 }\r
1221\r
1222 DbtDataSize -= CertList->SignatureListSize;\r
1223 CertList = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);\r
1224 }\r
1225\r
1226Done:\r
1227 if (DbtData != NULL) {\r
1228 FreePool (DbtData);\r
1229 }\r
1230\r
1231 return VerifyStatus;\r
1232}\r
1233\r
1234/**\r
1235 Check whether the image signature is forbidden by the forbidden database (dbx).\r
1236 The image is forbidden to load if any certificates for signing are revoked before signing time.\r
1237\r
1238 @param[in] AuthData Pointer to the Authenticode signature retrieved from the signed image.\r
1239 @param[in] AuthDataSize Size of the Authenticode signature in bytes.\r
1240\r
1241 @retval TRUE Image is forbidden by dbx.\r
1242 @retval FALSE Image is not forbidden by dbx.\r
1243\r
1244**/\r
1245BOOLEAN\r
1246IsForbiddenByDbx (\r
1247 IN UINT8 *AuthData,\r
1248 IN UINTN AuthDataSize\r
1249 )\r
1250{\r
1251 EFI_STATUS Status;\r
1252 BOOLEAN IsForbidden;\r
1253 BOOLEAN IsFound;\r
1254 UINT8 *Data;\r
1255 UINTN DataSize;\r
1256 EFI_SIGNATURE_LIST *CertList;\r
1257 UINTN CertListSize;\r
1258 EFI_SIGNATURE_DATA *CertData;\r
1259 UINT8 *RootCert;\r
1260 UINTN RootCertSize;\r
1261 UINTN CertCount;\r
1262 UINTN Index;\r
1263 UINT8 *CertBuffer;\r
1264 UINTN BufferLength;\r
1265 UINT8 *TrustedCert;\r
1266 UINTN TrustedCertLength;\r
1267 UINT8 CertNumber;\r
1268 UINT8 *CertPtr;\r
1269 UINT8 *Cert;\r
1270 UINTN CertSize;\r
1271 EFI_TIME RevocationTime;\r
1272\r
1273 //\r
1274 // Variable Initialization\r
1275 //\r
1276 IsForbidden = TRUE;\r
1277 Data = NULL;\r
1278 CertList = NULL;\r
1279 CertData = NULL;\r
1280 RootCert = NULL;\r
1281 RootCertSize = 0;\r
1282 Cert = NULL;\r
1283 CertBuffer = NULL;\r
1284 BufferLength = 0;\r
1285 TrustedCert = NULL;\r
1286 TrustedCertLength = 0;\r
1287\r
1288 //\r
1289 // The image will not be forbidden if dbx can't be got.\r
1290 //\r
1291 DataSize = 0;\r
1292 Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL);\r
1293 ASSERT (EFI_ERROR (Status));\r
1294 if (Status != EFI_BUFFER_TOO_SMALL) {\r
1295 if (Status == EFI_NOT_FOUND) {\r
1296 //\r
1297 // Evidently not in dbx if the database doesn't exist.\r
1298 //\r
1299 IsForbidden = FALSE;\r
1300 }\r
1301\r
1302 return IsForbidden;\r
1303 }\r
1304\r
1305 Data = (UINT8 *)AllocateZeroPool (DataSize);\r
1306 if (Data == NULL) {\r
1307 return IsForbidden;\r
1308 }\r
1309\r
1310 Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, (VOID *)Data);\r
1311 if (EFI_ERROR (Status)) {\r
1312 goto Done;\r
1313 }\r
1314\r
1315 //\r
1316 // Verify image signature with RAW X509 certificates in DBX database.\r
1317 // If passed, the image will be forbidden.\r
1318 //\r
1319 CertList = (EFI_SIGNATURE_LIST *)Data;\r
1320 CertListSize = DataSize;\r
1321 while ((CertListSize > 0) && (CertListSize >= CertList->SignatureListSize)) {\r
1322 if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {\r
1323 CertData = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);\r
1324 CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
1325\r
1326 for (Index = 0; Index < CertCount; Index++) {\r
1327 //\r
1328 // Iterate each Signature Data Node within this CertList for verify.\r
1329 //\r
1330 RootCert = CertData->SignatureData;\r
1331 RootCertSize = CertList->SignatureSize - sizeof (EFI_GUID);\r
1332\r
1333 //\r
1334 // Call AuthenticodeVerify library to Verify Authenticode struct.\r
1335 //\r
1336 IsForbidden = AuthenticodeVerify (\r
1337 AuthData,\r
1338 AuthDataSize,\r
1339 RootCert,\r
1340 RootCertSize,\r
1341 mImageDigest,\r
1342 mImageDigestSize\r
1343 );\r
1344 if (IsForbidden) {\r
1345 DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is signed but signature is forbidden by DBX.\n"));\r
1346 goto Done;\r
1347 }\r
1348\r
1349 CertData = (EFI_SIGNATURE_DATA *)((UINT8 *)CertData + CertList->SignatureSize);\r
1350 }\r
1351 }\r
1352\r
1353 CertListSize -= CertList->SignatureListSize;\r
1354 CertList = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);\r
1355 }\r
1356\r
1357 //\r
1358 // Check X.509 Certificate Hash & Possible Timestamp.\r
1359 //\r
1360\r
1361 //\r
1362 // Retrieve the certificate stack from AuthData\r
1363 // The output CertStack format will be:\r
1364 // UINT8 CertNumber;\r
1365 // UINT32 Cert1Length;\r
1366 // UINT8 Cert1[];\r
1367 // UINT32 Cert2Length;\r
1368 // UINT8 Cert2[];\r
1369 // ...\r
1370 // UINT32 CertnLength;\r
1371 // UINT8 Certn[];\r
1372 //\r
1373 Pkcs7GetSigners (AuthData, AuthDataSize, &CertBuffer, &BufferLength, &TrustedCert, &TrustedCertLength);\r
1374 if ((BufferLength == 0) || (CertBuffer == NULL) || ((*CertBuffer) == 0)) {\r
1375 IsForbidden = TRUE;\r
1376 goto Done;\r
1377 }\r
1378\r
1379 //\r
1380 // Check if any hash of certificates embedded in AuthData is in the forbidden database.\r
1381 //\r
1382 CertNumber = (UINT8)(*CertBuffer);\r
1383 CertPtr = CertBuffer + 1;\r
1384 for (Index = 0; Index < CertNumber; Index++) {\r
1385 CertSize = (UINTN)ReadUnaligned32 ((UINT32 *)CertPtr);\r
1386 Cert = (UINT8 *)CertPtr + sizeof (UINT32);\r
1387 //\r
1388 // Advance CertPtr to the next cert in image signer's cert list\r
1389 //\r
1390 CertPtr = CertPtr + sizeof (UINT32) + CertSize;\r
1391\r
1392 Status = IsCertHashFoundInDbx (Cert, CertSize, (EFI_SIGNATURE_LIST *)Data, DataSize, &RevocationTime, &IsFound);\r
1393 if (EFI_ERROR (Status)) {\r
1394 //\r
1395 // Error in searching dbx. Consider it as 'found'. RevocationTime might\r
1396 // not be valid in such situation.\r
1397 //\r
1398 IsForbidden = TRUE;\r
1399 } else if (IsFound) {\r
1400 //\r
1401 // Found Cert in dbx successfully. Check the timestamp signature and\r
1402 // signing time to determine if the image can be trusted.\r
1403 //\r
1404 if (PassTimestampCheck (AuthData, AuthDataSize, &RevocationTime)) {\r
1405 IsForbidden = FALSE;\r
1406 //\r
1407 // Pass DBT check. Continue to check other certs in image signer's cert list against DBX, DBT\r
1408 //\r
1409 continue;\r
1410 } else {\r
1411 IsForbidden = TRUE;\r
1412 DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is signed but signature failed the timestamp check.\n"));\r
1413 goto Done;\r
1414 }\r
1415 }\r
1416 }\r
1417\r
1418 IsForbidden = FALSE;\r
1419\r
1420Done:\r
1421 if (Data != NULL) {\r
1422 FreePool (Data);\r
1423 }\r
1424\r
1425 Pkcs7FreeSigners (CertBuffer);\r
1426 Pkcs7FreeSigners (TrustedCert);\r
1427\r
1428 return IsForbidden;\r
1429}\r
1430\r
1431/**\r
1432 Check whether the image signature can be verified by the trusted certificates in DB database.\r
1433\r
1434 @param[in] AuthData Pointer to the Authenticode signature retrieved from signed image.\r
1435 @param[in] AuthDataSize Size of the Authenticode signature in bytes.\r
1436\r
1437 @retval TRUE Image passed verification using certificate in db.\r
1438 @retval FALSE Image didn't pass verification using certificate in db.\r
1439\r
1440**/\r
1441BOOLEAN\r
1442IsAllowedByDb (\r
1443 IN UINT8 *AuthData,\r
1444 IN UINTN AuthDataSize\r
1445 )\r
1446{\r
1447 EFI_STATUS Status;\r
1448 BOOLEAN VerifyStatus;\r
1449 BOOLEAN IsFound;\r
1450 EFI_SIGNATURE_LIST *CertList;\r
1451 EFI_SIGNATURE_DATA *CertData;\r
1452 UINTN DataSize;\r
1453 UINT8 *Data;\r
1454 UINT8 *RootCert;\r
1455 UINTN RootCertSize;\r
1456 UINTN Index;\r
1457 UINTN CertCount;\r
1458 UINTN DbxDataSize;\r
1459 UINT8 *DbxData;\r
1460 EFI_TIME RevocationTime;\r
1461\r
1462 Data = NULL;\r
1463 CertList = NULL;\r
1464 CertData = NULL;\r
1465 RootCert = NULL;\r
1466 DbxData = NULL;\r
1467 RootCertSize = 0;\r
1468 VerifyStatus = FALSE;\r
1469\r
1470 //\r
1471 // Fetch 'db' content. If 'db' doesn't exist or encounters problem to get the\r
1472 // data, return not-allowed-by-db (FALSE).\r
1473 //\r
1474 DataSize = 0;\r
1475 Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL);\r
1476 ASSERT (EFI_ERROR (Status));\r
1477 if (Status != EFI_BUFFER_TOO_SMALL) {\r
1478 return VerifyStatus;\r
1479 }\r
1480\r
1481 Data = (UINT8 *)AllocateZeroPool (DataSize);\r
1482 if (Data == NULL) {\r
1483 return VerifyStatus;\r
1484 }\r
1485\r
1486 Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, (VOID *)Data);\r
1487 if (EFI_ERROR (Status)) {\r
1488 goto Done;\r
1489 }\r
1490\r
1491 //\r
1492 // Fetch 'dbx' content. If 'dbx' doesn't exist, continue to check 'db'.\r
1493 // If any other errors occurred, no need to check 'db' but just return\r
1494 // not-allowed-by-db (FALSE) to avoid bypass.\r
1495 //\r
1496 DbxDataSize = 0;\r
1497 Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DbxDataSize, NULL);\r
1498 ASSERT (EFI_ERROR (Status));\r
1499 if (Status != EFI_BUFFER_TOO_SMALL) {\r
1500 if (Status != EFI_NOT_FOUND) {\r
1501 goto Done;\r
1502 }\r
1503\r
1504 //\r
1505 // 'dbx' does not exist. Continue to check 'db'.\r
1506 //\r
1507 } else {\r
1508 //\r
1509 // 'dbx' exists. Get its content.\r
1510 //\r
1511 DbxData = (UINT8 *)AllocateZeroPool (DbxDataSize);\r
1512 if (DbxData == NULL) {\r
1513 goto Done;\r
1514 }\r
1515\r
1516 Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DbxDataSize, (VOID *)DbxData);\r
1517 if (EFI_ERROR (Status)) {\r
1518 goto Done;\r
1519 }\r
1520 }\r
1521\r
1522 //\r
1523 // Find X509 certificate in Signature List to verify the signature in pkcs7 signed data.\r
1524 //\r
1525 CertList = (EFI_SIGNATURE_LIST *)Data;\r
1526 while ((DataSize > 0) && (DataSize >= CertList->SignatureListSize)) {\r
1527 if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {\r
1528 CertData = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);\r
1529 CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
1530\r
1531 for (Index = 0; Index < CertCount; Index++) {\r
1532 //\r
1533 // Iterate each Signature Data Node within this CertList for verify.\r
1534 //\r
1535 RootCert = CertData->SignatureData;\r
1536 RootCertSize = CertList->SignatureSize - sizeof (EFI_GUID);\r
1537\r
1538 //\r
1539 // Call AuthenticodeVerify library to Verify Authenticode struct.\r
1540 //\r
1541 VerifyStatus = AuthenticodeVerify (\r
1542 AuthData,\r
1543 AuthDataSize,\r
1544 RootCert,\r
1545 RootCertSize,\r
1546 mImageDigest,\r
1547 mImageDigestSize\r
1548 );\r
1549 if (VerifyStatus) {\r
1550 //\r
1551 // The image is signed and its signature is found in 'db'.\r
1552 //\r
1553 if (DbxData != NULL) {\r
1554 //\r
1555 // Here We still need to check if this RootCert's Hash is revoked\r
1556 //\r
1557 Status = IsCertHashFoundInDbx (RootCert, RootCertSize, (EFI_SIGNATURE_LIST *)DbxData, DbxDataSize, &RevocationTime, &IsFound);\r
1558 if (EFI_ERROR (Status)) {\r
1559 //\r
1560 // Error in searching dbx. Consider it as 'found'. RevocationTime might\r
1561 // not be valid in such situation.\r
1562 //\r
1563 VerifyStatus = FALSE;\r
1564 } else if (IsFound) {\r
1565 //\r
1566 // Check the timestamp signature and signing time to determine if the RootCert can be trusted.\r
1567 //\r
1568 VerifyStatus = PassTimestampCheck (AuthData, AuthDataSize, &RevocationTime);\r
1569 if (!VerifyStatus) {\r
1570 DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is signed and signature is accepted by DB, but its root cert failed the timestamp check.\n"));\r
1571 }\r
1572 }\r
1573 }\r
1574\r
1575 //\r
1576 // There's no 'dbx' to check revocation time against (must-be pass),\r
1577 // or, there's revocation time found in 'dbx' and checked againt 'dbt'\r
1578 // (maybe pass or fail, depending on timestamp compare result). Either\r
1579 // way the verification job has been completed at this point.\r
1580 //\r
1581 goto Done;\r
1582 }\r
1583\r
1584 CertData = (EFI_SIGNATURE_DATA *)((UINT8 *)CertData + CertList->SignatureSize);\r
1585 }\r
1586 }\r
1587\r
1588 DataSize -= CertList->SignatureListSize;\r
1589 CertList = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);\r
1590 }\r
1591\r
1592Done:\r
1593\r
1594 if (VerifyStatus) {\r
1595 SecureBootHook (EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid, CertList->SignatureSize, CertData);\r
1596 }\r
1597\r
1598 if (Data != NULL) {\r
1599 FreePool (Data);\r
1600 }\r
1601\r
1602 if (DbxData != NULL) {\r
1603 FreePool (DbxData);\r
1604 }\r
1605\r
1606 return VerifyStatus;\r
1607}\r
1608\r
1609/**\r
1610 Provide verification service for signed images, which include both signature validation\r
1611 and platform policy control. For signature types, both UEFI WIN_CERTIFICATE_UEFI_GUID and\r
1612 MSFT Authenticode type signatures are supported.\r
1613\r
1614 In this implementation, only verify external executables when in USER MODE.\r
1615 Executables from FV is bypass, so pass in AuthenticationStatus is ignored.\r
1616\r
1617 The image verification policy is:\r
1618 If the image is signed,\r
1619 At least one valid signature or at least one hash value of the image must match a record\r
1620 in the security database "db", and no valid signature nor any hash value of the image may\r
1621 be reflected in the security database "dbx".\r
1622 Otherwise, the image is not signed,\r
1623 The SHA256 hash value of the image must match a record in the security database "db", and\r
1624 not be reflected in the security data base "dbx".\r
1625\r
1626 Caution: This function may receive untrusted input.\r
1627 PE/COFF image is external input, so this function will validate its data structure\r
1628 within this image buffer before use.\r
1629\r
1630 @param[in] AuthenticationStatus\r
1631 This is the authentication status returned from the security\r
1632 measurement services for the input file.\r
1633 @param[in] File This is a pointer to the device path of the file that is\r
1634 being dispatched. This will optionally be used for logging.\r
1635 @param[in] FileBuffer File buffer matches the input file device path.\r
1636 @param[in] FileSize Size of File buffer matches the input file device path.\r
1637 @param[in] BootPolicy A boot policy that was used to call LoadImage() UEFI service.\r
1638\r
1639 @retval EFI_SUCCESS The file specified by DevicePath and non-NULL\r
1640 FileBuffer did authenticate, and the platform policy dictates\r
1641 that the DXE Foundation may use the file.\r
1642 @retval EFI_SUCCESS The device path specified by NULL device path DevicePath\r
1643 and non-NULL FileBuffer did authenticate, and the platform\r
1644 policy dictates that the DXE Foundation may execute the image in\r
1645 FileBuffer.\r
1646 @retval EFI_SECURITY_VIOLATION The file specified by File did not authenticate, and\r
1647 the platform policy dictates that File should be placed\r
1648 in the untrusted state. The image has been added to the file\r
1649 execution table.\r
1650 @retval EFI_ACCESS_DENIED The file specified by File and FileBuffer did not\r
1651 authenticate, and the platform policy dictates that the DXE\r
1652 Foundation may not use File. The image has\r
1653 been added to the file execution table.\r
1654\r
1655**/\r
1656EFI_STATUS\r
1657EFIAPI\r
1658DxeImageVerificationHandler (\r
1659 IN UINT32 AuthenticationStatus,\r
1660 IN CONST EFI_DEVICE_PATH_PROTOCOL *File OPTIONAL,\r
1661 IN VOID *FileBuffer,\r
1662 IN UINTN FileSize,\r
1663 IN BOOLEAN BootPolicy\r
1664 )\r
1665{\r
1666 EFI_IMAGE_DOS_HEADER *DosHdr;\r
1667 BOOLEAN IsVerified;\r
1668 EFI_SIGNATURE_LIST *SignatureList;\r
1669 UINTN SignatureListSize;\r
1670 EFI_SIGNATURE_DATA *Signature;\r
1671 EFI_IMAGE_EXECUTION_ACTION Action;\r
1672 WIN_CERTIFICATE *WinCertificate;\r
1673 UINT32 Policy;\r
1674 UINT8 *SecureBoot;\r
1675 PE_COFF_LOADER_IMAGE_CONTEXT ImageContext;\r
1676 UINT32 NumberOfRvaAndSizes;\r
1677 WIN_CERTIFICATE_EFI_PKCS *PkcsCertData;\r
1678 WIN_CERTIFICATE_UEFI_GUID *WinCertUefiGuid;\r
1679 UINT8 *AuthData;\r
1680 UINTN AuthDataSize;\r
1681 EFI_IMAGE_DATA_DIRECTORY *SecDataDir;\r
1682 UINT32 SecDataDirEnd;\r
1683 UINT32 SecDataDirLeft;\r
1684 UINT32 OffSet;\r
1685 CHAR16 *NameStr;\r
1686 RETURN_STATUS PeCoffStatus;\r
1687 EFI_STATUS HashStatus;\r
1688 EFI_STATUS DbStatus;\r
1689 BOOLEAN IsFound;\r
1690\r
1691 SignatureList = NULL;\r
1692 SignatureListSize = 0;\r
1693 WinCertificate = NULL;\r
1694 SecDataDir = NULL;\r
1695 PkcsCertData = NULL;\r
1696 Action = EFI_IMAGE_EXECUTION_AUTH_UNTESTED;\r
1697 IsVerified = FALSE;\r
1698 IsFound = FALSE;\r
1699\r
1700 //\r
1701 // Check the image type and get policy setting.\r
1702 //\r
1703 switch (GetImageType (File)) {\r
1704 case IMAGE_FROM_FV:\r
1705 Policy = ALWAYS_EXECUTE;\r
1706 break;\r
1707\r
1708 case IMAGE_FROM_OPTION_ROM:\r
1709 Policy = PcdGet32 (PcdOptionRomImageVerificationPolicy);\r
1710 break;\r
1711\r
1712 case IMAGE_FROM_REMOVABLE_MEDIA:\r
1713 Policy = PcdGet32 (PcdRemovableMediaImageVerificationPolicy);\r
1714 break;\r
1715\r
1716 case IMAGE_FROM_FIXED_MEDIA:\r
1717 Policy = PcdGet32 (PcdFixedMediaImageVerificationPolicy);\r
1718 break;\r
1719\r
1720 default:\r
1721 Policy = DENY_EXECUTE_ON_SECURITY_VIOLATION;\r
1722 break;\r
1723 }\r
1724\r
1725 //\r
1726 // If policy is always/never execute, return directly.\r
1727 //\r
1728 if (Policy == ALWAYS_EXECUTE) {\r
1729 return EFI_SUCCESS;\r
1730 }\r
1731\r
1732 if (Policy == NEVER_EXECUTE) {\r
1733 return EFI_ACCESS_DENIED;\r
1734 }\r
1735\r
1736 //\r
1737 // The policy QUERY_USER_ON_SECURITY_VIOLATION and ALLOW_EXECUTE_ON_SECURITY_VIOLATION\r
1738 // violates the UEFI spec and has been removed.\r
1739 //\r
1740 ASSERT (Policy != QUERY_USER_ON_SECURITY_VIOLATION && Policy != ALLOW_EXECUTE_ON_SECURITY_VIOLATION);\r
1741 if ((Policy == QUERY_USER_ON_SECURITY_VIOLATION) || (Policy == ALLOW_EXECUTE_ON_SECURITY_VIOLATION)) {\r
1742 CpuDeadLoop ();\r
1743 }\r
1744\r
1745 GetEfiGlobalVariable2 (EFI_SECURE_BOOT_MODE_NAME, (VOID **)&SecureBoot, NULL);\r
1746 //\r
1747 // Skip verification if SecureBoot variable doesn't exist.\r
1748 //\r
1749 if (SecureBoot == NULL) {\r
1750 return EFI_SUCCESS;\r
1751 }\r
1752\r
1753 //\r
1754 // Skip verification if SecureBoot is disabled but not AuditMode\r
1755 //\r
1756 if (*SecureBoot == SECURE_BOOT_MODE_DISABLE) {\r
1757 FreePool (SecureBoot);\r
1758 return EFI_SUCCESS;\r
1759 }\r
1760\r
1761 FreePool (SecureBoot);\r
1762\r
1763 //\r
1764 // Read the Dos header.\r
1765 //\r
1766 if (FileBuffer == NULL) {\r
1767 return EFI_ACCESS_DENIED;\r
1768 }\r
1769\r
1770 mImageBase = (UINT8 *)FileBuffer;\r
1771 mImageSize = FileSize;\r
1772\r
1773 ZeroMem (&ImageContext, sizeof (ImageContext));\r
1774 ImageContext.Handle = (VOID *)FileBuffer;\r
1775 ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE)DxeImageVerificationLibImageRead;\r
1776\r
1777 //\r
1778 // Get information about the image being loaded\r
1779 //\r
1780 PeCoffStatus = PeCoffLoaderGetImageInfo (&ImageContext);\r
1781 if (RETURN_ERROR (PeCoffStatus)) {\r
1782 //\r
1783 // The information can't be got from the invalid PeImage\r
1784 //\r
1785 DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: PeImage invalid. Cannot retrieve image information.\n"));\r
1786 goto Failed;\r
1787 }\r
1788\r
1789 DosHdr = (EFI_IMAGE_DOS_HEADER *)mImageBase;\r
1790 if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE) {\r
1791 //\r
1792 // DOS image header is present,\r
1793 // so read the PE header after the DOS image header.\r
1794 //\r
1795 mPeCoffHeaderOffset = DosHdr->e_lfanew;\r
1796 } else {\r
1797 mPeCoffHeaderOffset = 0;\r
1798 }\r
1799\r
1800 //\r
1801 // Check PE/COFF image.\r
1802 //\r
1803 mNtHeader.Pe32 = (EFI_IMAGE_NT_HEADERS32 *)(mImageBase + mPeCoffHeaderOffset);\r
1804 if (mNtHeader.Pe32->Signature != EFI_IMAGE_NT_SIGNATURE) {\r
1805 //\r
1806 // It is not a valid Pe/Coff file.\r
1807 //\r
1808 DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Not a valid PE/COFF image.\n"));\r
1809 goto Failed;\r
1810 }\r
1811\r
1812 if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
1813 //\r
1814 // Use PE32 offset.\r
1815 //\r
1816 NumberOfRvaAndSizes = mNtHeader.Pe32->OptionalHeader.NumberOfRvaAndSizes;\r
1817 if (NumberOfRvaAndSizes > EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
1818 SecDataDir = (EFI_IMAGE_DATA_DIRECTORY *)&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY];\r
1819 }\r
1820 } else {\r
1821 //\r
1822 // Use PE32+ offset.\r
1823 //\r
1824 NumberOfRvaAndSizes = mNtHeader.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes;\r
1825 if (NumberOfRvaAndSizes > EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
1826 SecDataDir = (EFI_IMAGE_DATA_DIRECTORY *)&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY];\r
1827 }\r
1828 }\r
1829\r
1830 //\r
1831 // Start Image Validation.\r
1832 //\r
1833 if ((SecDataDir == NULL) || (SecDataDir->Size == 0)) {\r
1834 //\r
1835 // This image is not signed. The SHA256 hash value of the image must match a record in the security database "db",\r
1836 // and not be reflected in the security data base "dbx".\r
1837 //\r
1838 if (!HashPeImage (HASHALG_SHA256)) {\r
1839 DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Failed to hash this image using %s.\n", mHashTypeStr));\r
1840 goto Failed;\r
1841 }\r
1842\r
1843 DbStatus = IsSignatureFoundInDatabase (\r
1844 EFI_IMAGE_SECURITY_DATABASE1,\r
1845 mImageDigest,\r
1846 &mCertType,\r
1847 mImageDigestSize,\r
1848 &IsFound\r
1849 );\r
1850 if (EFI_ERROR (DbStatus) || IsFound) {\r
1851 //\r
1852 // Image Hash is in forbidden database (DBX).\r
1853 //\r
1854 DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is not signed and %s hash of image is forbidden by DBX.\n", mHashTypeStr));\r
1855 goto Failed;\r
1856 }\r
1857\r
1858 DbStatus = IsSignatureFoundInDatabase (\r
1859 EFI_IMAGE_SECURITY_DATABASE,\r
1860 mImageDigest,\r
1861 &mCertType,\r
1862 mImageDigestSize,\r
1863 &IsFound\r
1864 );\r
1865 if (!EFI_ERROR (DbStatus) && IsFound) {\r
1866 //\r
1867 // Image Hash is in allowed database (DB).\r
1868 //\r
1869 return EFI_SUCCESS;\r
1870 }\r
1871\r
1872 //\r
1873 // Image Hash is not found in both forbidden and allowed database.\r
1874 //\r
1875 DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is not signed and %s hash of image is not found in DB/DBX.\n", mHashTypeStr));\r
1876 goto Failed;\r
1877 }\r
1878\r
1879 //\r
1880 // Verify the signature of the image, multiple signatures are allowed as per PE/COFF Section 4.7\r
1881 // "Attribute Certificate Table".\r
1882 // The first certificate starts at offset (SecDataDir->VirtualAddress) from the start of the file.\r
1883 //\r
1884 SecDataDirEnd = SecDataDir->VirtualAddress + SecDataDir->Size;\r
1885 for (OffSet = SecDataDir->VirtualAddress;\r
1886 OffSet < SecDataDirEnd;\r
1887 OffSet += (WinCertificate->dwLength + ALIGN_SIZE (WinCertificate->dwLength)))\r
1888 {\r
1889 SecDataDirLeft = SecDataDirEnd - OffSet;\r
1890 if (SecDataDirLeft <= sizeof (WIN_CERTIFICATE)) {\r
1891 break;\r
1892 }\r
1893\r
1894 WinCertificate = (WIN_CERTIFICATE *)(mImageBase + OffSet);\r
1895 if ((SecDataDirLeft < WinCertificate->dwLength) ||\r
1896 (SecDataDirLeft - WinCertificate->dwLength <\r
1897 ALIGN_SIZE (WinCertificate->dwLength)))\r
1898 {\r
1899 break;\r
1900 }\r
1901\r
1902 //\r
1903 // Verify the image's Authenticode signature, only DER-encoded PKCS#7 signed data is supported.\r
1904 //\r
1905 if (WinCertificate->wCertificateType == WIN_CERT_TYPE_PKCS_SIGNED_DATA) {\r
1906 //\r
1907 // The certificate is formatted as WIN_CERTIFICATE_EFI_PKCS which is described in the\r
1908 // Authenticode specification.\r
1909 //\r
1910 PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *)WinCertificate;\r
1911 if (PkcsCertData->Hdr.dwLength <= sizeof (PkcsCertData->Hdr)) {\r
1912 break;\r
1913 }\r
1914\r
1915 AuthData = PkcsCertData->CertData;\r
1916 AuthDataSize = PkcsCertData->Hdr.dwLength - sizeof (PkcsCertData->Hdr);\r
1917 } else if (WinCertificate->wCertificateType == WIN_CERT_TYPE_EFI_GUID) {\r
1918 //\r
1919 // The certificate is formatted as WIN_CERTIFICATE_UEFI_GUID which is described in UEFI Spec.\r
1920 //\r
1921 WinCertUefiGuid = (WIN_CERTIFICATE_UEFI_GUID *)WinCertificate;\r
1922 if (WinCertUefiGuid->Hdr.dwLength <= OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)) {\r
1923 break;\r
1924 }\r
1925\r
1926 if (!CompareGuid (&WinCertUefiGuid->CertType, &gEfiCertPkcs7Guid)) {\r
1927 continue;\r
1928 }\r
1929\r
1930 AuthData = WinCertUefiGuid->CertData;\r
1931 AuthDataSize = WinCertUefiGuid->Hdr.dwLength - OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);\r
1932 } else {\r
1933 if (WinCertificate->dwLength < sizeof (WIN_CERTIFICATE)) {\r
1934 break;\r
1935 }\r
1936\r
1937 continue;\r
1938 }\r
1939\r
1940 HashStatus = HashPeImageByType (AuthData, AuthDataSize);\r
1941 if (EFI_ERROR (HashStatus)) {\r
1942 continue;\r
1943 }\r
1944\r
1945 //\r
1946 // Check the digital signature against the revoked certificate in forbidden database (dbx).\r
1947 //\r
1948 if (IsForbiddenByDbx (AuthData, AuthDataSize)) {\r
1949 Action = EFI_IMAGE_EXECUTION_AUTH_SIG_FAILED;\r
1950 IsVerified = FALSE;\r
1951 break;\r
1952 }\r
1953\r
1954 //\r
1955 // Check the digital signature against the valid certificate in allowed database (db).\r
1956 //\r
1957 if (!IsVerified) {\r
1958 if (IsAllowedByDb (AuthData, AuthDataSize)) {\r
1959 IsVerified = TRUE;\r
1960 }\r
1961 }\r
1962\r
1963 //\r
1964 // Check the image's hash value.\r
1965 //\r
1966 DbStatus = IsSignatureFoundInDatabase (\r
1967 EFI_IMAGE_SECURITY_DATABASE1,\r
1968 mImageDigest,\r
1969 &mCertType,\r
1970 mImageDigestSize,\r
1971 &IsFound\r
1972 );\r
1973 if (EFI_ERROR (DbStatus) || IsFound) {\r
1974 Action = EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND;\r
1975 DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is signed but %s hash of image is found in DBX.\n", mHashTypeStr));\r
1976 IsVerified = FALSE;\r
1977 break;\r
1978 }\r
1979\r
1980 if (!IsVerified) {\r
1981 DbStatus = IsSignatureFoundInDatabase (\r
1982 EFI_IMAGE_SECURITY_DATABASE,\r
1983 mImageDigest,\r
1984 &mCertType,\r
1985 mImageDigestSize,\r
1986 &IsFound\r
1987 );\r
1988 if (!EFI_ERROR (DbStatus) && IsFound) {\r
1989 IsVerified = TRUE;\r
1990 } else {\r
1991 DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is signed but signature is not allowed by DB and %s hash of image is not found in DB/DBX.\n", mHashTypeStr));\r
1992 }\r
1993 }\r
1994 }\r
1995\r
1996 if (OffSet != SecDataDirEnd) {\r
1997 //\r
1998 // The Size in Certificate Table or the attribute certificate table is corrupted.\r
1999 //\r
2000 IsVerified = FALSE;\r
2001 }\r
2002\r
2003 if (IsVerified) {\r
2004 return EFI_SUCCESS;\r
2005 }\r
2006\r
2007 if ((Action == EFI_IMAGE_EXECUTION_AUTH_SIG_FAILED) || (Action == EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND)) {\r
2008 //\r
2009 // Get image hash value as signature of executable.\r
2010 //\r
2011 SignatureListSize = sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + mImageDigestSize;\r
2012 SignatureList = (EFI_SIGNATURE_LIST *)AllocateZeroPool (SignatureListSize);\r
2013 if (SignatureList == NULL) {\r
2014 SignatureListSize = 0;\r
2015 goto Failed;\r
2016 }\r
2017\r
2018 SignatureList->SignatureHeaderSize = 0;\r
2019 SignatureList->SignatureListSize = (UINT32)SignatureListSize;\r
2020 SignatureList->SignatureSize = (UINT32)(sizeof (EFI_SIGNATURE_DATA) - 1 + mImageDigestSize);\r
2021 CopyMem (&SignatureList->SignatureType, &mCertType, sizeof (EFI_GUID));\r
2022 Signature = (EFI_SIGNATURE_DATA *)((UINT8 *)SignatureList + sizeof (EFI_SIGNATURE_LIST));\r
2023 CopyMem (Signature->SignatureData, mImageDigest, mImageDigestSize);\r
2024 }\r
2025\r
2026Failed:\r
2027 //\r
2028 // Policy decides to defer or reject the image; add its information in image\r
2029 // executable information table in either case.\r
2030 //\r
2031 NameStr = ConvertDevicePathToText (File, FALSE, TRUE);\r
2032 AddImageExeInfo (Action, NameStr, File, SignatureList, SignatureListSize);\r
2033 if (NameStr != NULL) {\r
2034 DEBUG ((DEBUG_INFO, "The image doesn't pass verification: %s\n", NameStr));\r
2035 FreePool (NameStr);\r
2036 }\r
2037\r
2038 if (SignatureList != NULL) {\r
2039 FreePool (SignatureList);\r
2040 }\r
2041\r
2042 if (Policy == DEFER_EXECUTE_ON_SECURITY_VIOLATION) {\r
2043 return EFI_SECURITY_VIOLATION;\r
2044 }\r
2045\r
2046 return EFI_ACCESS_DENIED;\r
2047}\r
2048\r
2049/**\r
2050 On Ready To Boot Services Event notification handler.\r
2051\r
2052 Add the image execution information table if it is not in system configuration table.\r
2053\r
2054 @param[in] Event Event whose notification function is being invoked\r
2055 @param[in] Context Pointer to the notification function's context\r
2056\r
2057**/\r
2058VOID\r
2059EFIAPI\r
2060OnReadyToBoot (\r
2061 IN EFI_EVENT Event,\r
2062 IN VOID *Context\r
2063 )\r
2064{\r
2065 EFI_IMAGE_EXECUTION_INFO_TABLE *ImageExeInfoTable;\r
2066 UINTN ImageExeInfoTableSize;\r
2067\r
2068 EfiGetSystemConfigurationTable (&gEfiImageSecurityDatabaseGuid, (VOID **)&ImageExeInfoTable);\r
2069 if (ImageExeInfoTable != NULL) {\r
2070 return;\r
2071 }\r
2072\r
2073 ImageExeInfoTableSize = sizeof (EFI_IMAGE_EXECUTION_INFO_TABLE);\r
2074 ImageExeInfoTable = (EFI_IMAGE_EXECUTION_INFO_TABLE *)AllocateRuntimePool (ImageExeInfoTableSize);\r
2075 if (ImageExeInfoTable == NULL) {\r
2076 return;\r
2077 }\r
2078\r
2079 ImageExeInfoTable->NumberOfImages = 0;\r
2080 gBS->InstallConfigurationTable (&gEfiImageSecurityDatabaseGuid, (VOID *)ImageExeInfoTable);\r
2081}\r
2082\r
2083/**\r
2084 Register security measurement handler.\r
2085\r
2086 @param ImageHandle ImageHandle of the loaded driver.\r
2087 @param SystemTable Pointer to the EFI System Table.\r
2088\r
2089 @retval EFI_SUCCESS The handlers were registered successfully.\r
2090**/\r
2091EFI_STATUS\r
2092EFIAPI\r
2093DxeImageVerificationLibConstructor (\r
2094 IN EFI_HANDLE ImageHandle,\r
2095 IN EFI_SYSTEM_TABLE *SystemTable\r
2096 )\r
2097{\r
2098 EFI_EVENT Event;\r
2099\r
2100 //\r
2101 // Register the event to publish the image execution table.\r
2102 //\r
2103 EfiCreateEventReadyToBootEx (\r
2104 TPL_CALLBACK,\r
2105 OnReadyToBoot,\r
2106 NULL,\r
2107 &Event\r
2108 );\r
2109\r
2110 return RegisterSecurity2Handler (\r
2111 DxeImageVerificationHandler,\r
2112 EFI_AUTH_OPERATION_VERIFY_IMAGE | EFI_AUTH_OPERATION_IMAGE_REQUIRED\r
2113 );\r
2114}\r
EFI Development Kit II mirror for PVE