2 FMP Authentication RSA2048SHA256 handler.
3 Provide generic FMP authentication functions for DXE/PEI post memory phase.
5 Caution: This module requires additional review when modified.
6 This module will have external input - capsule image.
7 This external input must be validated carefully to avoid security issue like
8 buffer overflow, integer overflow.
10 FmpAuthenticatedHandlerRsa2048Sha256(), AuthenticateFmpImage() will receive
11 untrusted input and do basic validation.
13 Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
14 SPDX-License-Identifier: BSD-2-Clause-Patent
20 #include <Guid/SystemResourceTable.h>
21 #include <Guid/FirmwareContentsSigned.h>
22 #include <Guid/WinCertificate.h>
24 #include <Library/BaseLib.h>
25 #include <Library/BaseMemoryLib.h>
26 #include <Library/DebugLib.h>
27 #include <Library/MemoryAllocationLib.h>
28 #include <Library/BaseCryptLib.h>
29 #include <Library/FmpAuthenticationLib.h>
30 #include <Library/PcdLib.h>
31 #include <Protocol/FirmwareManagement.h>
32 #include <Guid/SystemResourceTable.h>
35 /// Public Exponent of RSA Key.
37 STATIC CONST UINT8 mRsaE
[] = { 0x01, 0x00, 0x01 };
40 The handler is used to do the authentication for FMP capsule based upon
41 EFI_FIRMWARE_IMAGE_AUTHENTICATION.
43 Caution: This function may receive untrusted input.
45 This function assumes the caller AuthenticateFmpImage()
46 already did basic validation for EFI_FIRMWARE_IMAGE_AUTHENTICATION.
48 @param[in] Image Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
49 @param[in] ImageSize Size of the authentication image in bytes.
50 @param[in] PublicKeyData The public key data used to validate the signature.
51 @param[in] PublicKeyDataLength The length of the public key data.
53 @retval RETURN_SUCCESS Authentication pass.
54 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
55 @retval RETURN_SECURITY_VIOLATION Authentication fail.
56 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
57 @retval RETURN_INVALID_PARAMETER The image is in an invalid format.
58 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
59 @retval RETURN_OUT_OF_RESOURCES No Authentication handler associated with CertType.
60 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
63 FmpAuthenticatedHandlerRsa2048Sha256 (
64 IN EFI_FIRMWARE_IMAGE_AUTHENTICATION
*Image
,
66 IN CONST UINT8
*PublicKeyData
,
67 IN UINTN PublicKeyDataLength
71 EFI_CERT_BLOCK_RSA_2048_SHA256
*CertBlockRsa2048Sha256
;
73 UINT8 Digest
[SHA256_DIGEST_SIZE
];
75 UINTN PublicKeyBufferSize
;
79 DEBUG ((DEBUG_INFO
, "FmpAuthenticatedHandlerRsa2048Sha256 - Image: 0x%08x - 0x%08x\n", (UINTN
)Image
, (UINTN
)ImageSize
));
81 if (Image
->AuthInfo
.Hdr
.dwLength
!= OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID
, CertData
) + sizeof(EFI_CERT_BLOCK_RSA_2048_SHA256
)) {
82 DEBUG((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256 - dwLength: 0x%04x, dwLength - 0x%04x\n", (UINTN
)Image
->AuthInfo
.Hdr
.dwLength
, (UINTN
)OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID
, CertData
) + sizeof(EFI_CERT_BLOCK_RSA_2048_SHA256
)));
83 return RETURN_INVALID_PARAMETER
;
86 CertBlockRsa2048Sha256
= (EFI_CERT_BLOCK_RSA_2048_SHA256
*)Image
->AuthInfo
.CertData
;
87 if (!CompareGuid(&CertBlockRsa2048Sha256
->HashType
, &gEfiHashAlgorithmSha256Guid
)) {
88 DEBUG((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256 - HashType: %g, expect - %g\n", &CertBlockRsa2048Sha256
->HashType
, &gEfiHashAlgorithmSha256Guid
));
89 return RETURN_INVALID_PARAMETER
;
96 // Allocate hash context buffer required for SHA 256
98 HashContext
= AllocatePool (Sha256GetContextSize ());
99 if (HashContext
== NULL
) {
100 CryptoStatus
= FALSE
;
101 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Can not allocate hash context\n"));
102 Status
= RETURN_OUT_OF_RESOURCES
;
107 // Hash public key from data payload with SHA256.
109 ZeroMem (Digest
, SHA256_DIGEST_SIZE
);
110 CryptoStatus
= Sha256Init (HashContext
);
112 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Init() failed\n"));
113 Status
= RETURN_OUT_OF_RESOURCES
;
116 CryptoStatus
= Sha256Update (HashContext
, &CertBlockRsa2048Sha256
->PublicKey
, sizeof(CertBlockRsa2048Sha256
->PublicKey
));
118 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
119 Status
= RETURN_OUT_OF_RESOURCES
;
122 CryptoStatus
= Sha256Final (HashContext
, Digest
);
124 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Final() failed\n"));
125 Status
= RETURN_OUT_OF_RESOURCES
;
130 // Fail if the PublicKey is not one of the public keys in the input PublicKeyData.
132 PublicKey
= (VOID
*)PublicKeyData
;
133 PublicKeyBufferSize
= PublicKeyDataLength
;
134 CryptoStatus
= FALSE
;
135 while (PublicKeyBufferSize
!= 0) {
136 if (CompareMem (Digest
, PublicKey
, SHA256_DIGEST_SIZE
) == 0) {
140 PublicKey
= PublicKey
+ SHA256_DIGEST_SIZE
;
141 PublicKeyBufferSize
= PublicKeyBufferSize
- SHA256_DIGEST_SIZE
;
144 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Public key in section is not supported\n"));
145 Status
= RETURN_SECURITY_VIOLATION
;
150 // Generate & Initialize RSA Context.
154 CryptoStatus
= FALSE
;
155 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: RsaNew() failed\n"));
156 Status
= RETURN_OUT_OF_RESOURCES
;
161 // Set RSA Key Components.
162 // NOTE: Only N and E are needed to be set as RSA public key for signature verification.
164 CryptoStatus
= RsaSetKey (Rsa
, RsaKeyN
, CertBlockRsa2048Sha256
->PublicKey
, sizeof(CertBlockRsa2048Sha256
->PublicKey
));
166 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: RsaSetKey(RsaKeyN) failed\n"));
167 Status
= RETURN_OUT_OF_RESOURCES
;
170 CryptoStatus
= RsaSetKey (Rsa
, RsaKeyE
, mRsaE
, sizeof (mRsaE
));
172 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: RsaSetKey(RsaKeyE) failed\n"));
173 Status
= RETURN_OUT_OF_RESOURCES
;
178 // Hash data payload with SHA256.
180 ZeroMem (Digest
, SHA256_DIGEST_SIZE
);
181 CryptoStatus
= Sha256Init (HashContext
);
183 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Init() failed\n"));
184 Status
= RETURN_OUT_OF_RESOURCES
;
188 // It is a signature across the variable data and the Monotonic Count value.
189 CryptoStatus
= Sha256Update (
191 (UINT8
*)Image
+ sizeof(Image
->MonotonicCount
) + Image
->AuthInfo
.Hdr
.dwLength
,
192 ImageSize
- sizeof(Image
->MonotonicCount
) - Image
->AuthInfo
.Hdr
.dwLength
195 DEBUG((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
196 Status
= RETURN_OUT_OF_RESOURCES
;
199 CryptoStatus
= Sha256Update (
201 (UINT8
*)&Image
->MonotonicCount
,
202 sizeof(Image
->MonotonicCount
)
205 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
206 Status
= RETURN_OUT_OF_RESOURCES
;
209 CryptoStatus
= Sha256Final (HashContext
, Digest
);
211 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Final() failed\n"));
212 Status
= RETURN_OUT_OF_RESOURCES
;
217 // Verify the RSA 2048 SHA 256 signature.
219 CryptoStatus
= RsaPkcs1Verify (
223 CertBlockRsa2048Sha256
->Signature
,
224 sizeof (CertBlockRsa2048Sha256
->Signature
)
228 // If RSA 2048 SHA 256 signature verification fails, AUTH tested failed bit is set.
230 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: RsaPkcs1Verify() failed\n"));
231 Status
= RETURN_SECURITY_VIOLATION
;
234 DEBUG ((DEBUG_INFO
, "FmpAuthenticatedHandlerRsa2048Sha256: PASS verification\n"));
236 Status
= RETURN_SUCCESS
;
240 // Free allocated resources used to perform RSA 2048 SHA 256 signature verification
245 if (HashContext
!= NULL
) {
246 FreePool (HashContext
);
253 The function is used to do the authentication for FMP capsule based upon
254 EFI_FIRMWARE_IMAGE_AUTHENTICATION.
256 The FMP capsule image should start with EFI_FIRMWARE_IMAGE_AUTHENTICATION,
257 followed by the payload.
259 If the return status is RETURN_SUCCESS, the caller may continue the rest
261 If the return status is NOT RETURN_SUCCESS, the caller should stop the FMP
262 update process and convert the return status to LastAttemptStatus
263 to indicate that FMP update fails.
264 The LastAttemptStatus can be got from ESRT table or via
265 EFI_FIRMWARE_MANAGEMENT_PROTOCOL.GetImageInfo().
267 Caution: This function may receive untrusted input.
269 @param[in] Image Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
270 @param[in] ImageSize Size of the authentication image in bytes.
271 @param[in] PublicKeyData The public key data used to validate the signature.
272 @param[in] PublicKeyDataLength The length of the public key data.
274 @retval RETURN_SUCCESS Authentication pass.
275 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
276 @retval RETURN_SECURITY_VIOLATION Authentication fail.
277 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
278 @retval RETURN_INVALID_PARAMETER The image is in an invalid format.
279 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
280 @retval RETURN_UNSUPPORTED No Authentication handler associated with CertType.
281 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
282 @retval RETURN_UNSUPPORTED Image or ImageSize is invalid.
283 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
284 @retval RETURN_OUT_OF_RESOURCES No Authentication handler associated with CertType.
285 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
289 AuthenticateFmpImage (
290 IN EFI_FIRMWARE_IMAGE_AUTHENTICATION
*Image
,
292 IN CONST UINT8
*PublicKeyData
,
293 IN UINTN PublicKeyDataLength
299 if ((Image
== NULL
) || (ImageSize
== 0)) {
300 return RETURN_UNSUPPORTED
;
303 if ((PublicKeyDataLength
% SHA256_DIGEST_SIZE
) != 0) {
304 DEBUG ((DEBUG_ERROR
, "PublicKeyDataLength is not multiple SHA256 size\n"));
305 return RETURN_UNSUPPORTED
;
308 if (ImageSize
< sizeof(EFI_FIRMWARE_IMAGE_AUTHENTICATION
)) {
309 DEBUG((DEBUG_ERROR
, "AuthenticateFmpImage - ImageSize too small\n"));
310 return RETURN_INVALID_PARAMETER
;
312 if (Image
->AuthInfo
.Hdr
.dwLength
<= OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID
, CertData
)) {
313 DEBUG((DEBUG_ERROR
, "AuthenticateFmpImage - dwLength too small\n"));
314 return RETURN_INVALID_PARAMETER
;
316 if ((UINTN
) Image
->AuthInfo
.Hdr
.dwLength
> MAX_UINTN
- sizeof(UINT64
)) {
317 DEBUG((DEBUG_ERROR
, "AuthenticateFmpImage - dwLength too big\n"));
318 return RETURN_INVALID_PARAMETER
;
320 if (ImageSize
<= sizeof(Image
->MonotonicCount
) + Image
->AuthInfo
.Hdr
.dwLength
) {
321 DEBUG((DEBUG_ERROR
, "AuthenticateFmpImage - ImageSize too small\n"));
322 return RETURN_INVALID_PARAMETER
;
324 if (Image
->AuthInfo
.Hdr
.wRevision
!= 0x0200) {
325 DEBUG((DEBUG_ERROR
, "AuthenticateFmpImage - wRevision: 0x%02x, expect - 0x%02x\n", (UINTN
)Image
->AuthInfo
.Hdr
.wRevision
, (UINTN
)0x0200));
326 return RETURN_INVALID_PARAMETER
;
328 if (Image
->AuthInfo
.Hdr
.wCertificateType
!= WIN_CERT_TYPE_EFI_GUID
) {
329 DEBUG((DEBUG_ERROR
, "AuthenticateFmpImage - wCertificateType: 0x%02x, expect - 0x%02x\n", (UINTN
)Image
->AuthInfo
.Hdr
.wCertificateType
, (UINTN
)WIN_CERT_TYPE_EFI_GUID
));
330 return RETURN_INVALID_PARAMETER
;
333 CertType
= &Image
->AuthInfo
.CertType
;
334 DEBUG((DEBUG_INFO
, "AuthenticateFmpImage - CertType: %g\n", CertType
));
336 if (CompareGuid (&gEfiCertTypeRsa2048Sha256Guid
, CertType
)) {
338 // Call the match handler to extract raw data for the input section data.
340 Status
= FmpAuthenticatedHandlerRsa2048Sha256 (
350 // Not found, the input guided section is not supported.
352 return RETURN_UNSUPPORTED
;