2 FMP Authentication RSA2048SHA256 handler.
3 Provide generic FMP authentication functions for DXE/PEI post memory phase.
5 Caution: This module requires additional review when modified.
6 This module will have external input - capsule image.
7 This external input must be validated carefully to avoid security issue like
8 buffer overflow, integer overflow.
10 FmpAuthenticatedHandlerRsa2048Sha256(), AuthenticateFmpImage() will receive
11 untrusted input and do basic validation.
13 Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
14 SPDX-License-Identifier: BSD-2-Clause-Patent
20 #include <Guid/SystemResourceTable.h>
21 #include <Guid/FirmwareContentsSigned.h>
22 #include <Guid/WinCertificate.h>
24 #include <Library/BaseLib.h>
25 #include <Library/BaseMemoryLib.h>
26 #include <Library/DebugLib.h>
27 #include <Library/MemoryAllocationLib.h>
28 #include <Library/BaseCryptLib.h>
29 #include <Library/FmpAuthenticationLib.h>
30 #include <Library/PcdLib.h>
31 #include <Protocol/FirmwareManagement.h>
32 #include <Guid/SystemResourceTable.h>
35 /// Public Exponent of RSA Key.
37 STATIC CONST UINT8 mRsaE
[] = { 0x01, 0x00, 0x01 };
40 The handler is used to do the authentication for FMP capsule based upon
41 EFI_FIRMWARE_IMAGE_AUTHENTICATION.
43 Caution: This function may receive untrusted input.
45 This function assumes the caller AuthenticateFmpImage()
46 already did basic validation for EFI_FIRMWARE_IMAGE_AUTHENTICATION.
48 @param[in] Image Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
49 @param[in] ImageSize Size of the authentication image in bytes.
50 @param[in] PublicKeyData The public key data used to validate the signature.
51 @param[in] PublicKeyDataLength The length of the public key data.
53 @retval RETURN_SUCCESS Authentication pass.
54 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
55 @retval RETURN_SECURITY_VIOLATION Authentication fail.
56 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
57 @retval RETURN_INVALID_PARAMETER The image is in an invalid format.
58 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
59 @retval RETURN_OUT_OF_RESOURCES No Authentication handler associated with CertType.
60 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
63 FmpAuthenticatedHandlerRsa2048Sha256 (
64 IN EFI_FIRMWARE_IMAGE_AUTHENTICATION
*Image
,
66 IN CONST UINT8
*PublicKeyData
,
67 IN UINTN PublicKeyDataLength
71 EFI_CERT_BLOCK_RSA_2048_SHA256
*CertBlockRsa2048Sha256
;
73 UINT8 Digest
[SHA256_DIGEST_SIZE
];
75 UINTN PublicKeyBufferSize
;
79 DEBUG ((DEBUG_INFO
, "FmpAuthenticatedHandlerRsa2048Sha256 - Image: 0x%08x - 0x%08x\n", (UINTN
)Image
, (UINTN
)ImageSize
));
81 if (Image
->AuthInfo
.Hdr
.dwLength
!= OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID
, CertData
) + sizeof (EFI_CERT_BLOCK_RSA_2048_SHA256
)) {
82 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256 - dwLength: 0x%04x, dwLength - 0x%04x\n", (UINTN
)Image
->AuthInfo
.Hdr
.dwLength
, (UINTN
)OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID
, CertData
) + sizeof (EFI_CERT_BLOCK_RSA_2048_SHA256
)));
83 return RETURN_INVALID_PARAMETER
;
86 CertBlockRsa2048Sha256
= (EFI_CERT_BLOCK_RSA_2048_SHA256
*)Image
->AuthInfo
.CertData
;
87 if (!CompareGuid (&CertBlockRsa2048Sha256
->HashType
, &gEfiHashAlgorithmSha256Guid
)) {
88 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256 - HashType: %g, expect - %g\n", &CertBlockRsa2048Sha256
->HashType
, &gEfiHashAlgorithmSha256Guid
));
89 return RETURN_INVALID_PARAMETER
;
96 // Allocate hash context buffer required for SHA 256
98 HashContext
= AllocatePool (Sha256GetContextSize ());
99 if (HashContext
== NULL
) {
100 CryptoStatus
= FALSE
;
101 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Can not allocate hash context\n"));
102 Status
= RETURN_OUT_OF_RESOURCES
;
107 // Hash public key from data payload with SHA256.
109 ZeroMem (Digest
, SHA256_DIGEST_SIZE
);
110 CryptoStatus
= Sha256Init (HashContext
);
112 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Init() failed\n"));
113 Status
= RETURN_OUT_OF_RESOURCES
;
117 CryptoStatus
= Sha256Update (HashContext
, &CertBlockRsa2048Sha256
->PublicKey
, sizeof (CertBlockRsa2048Sha256
->PublicKey
));
119 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
120 Status
= RETURN_OUT_OF_RESOURCES
;
124 CryptoStatus
= Sha256Final (HashContext
, Digest
);
126 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Final() failed\n"));
127 Status
= RETURN_OUT_OF_RESOURCES
;
132 // Fail if the PublicKey is not one of the public keys in the input PublicKeyData.
134 PublicKey
= (VOID
*)PublicKeyData
;
135 PublicKeyBufferSize
= PublicKeyDataLength
;
136 CryptoStatus
= FALSE
;
137 while (PublicKeyBufferSize
!= 0) {
138 if (CompareMem (Digest
, PublicKey
, SHA256_DIGEST_SIZE
) == 0) {
143 PublicKey
= PublicKey
+ SHA256_DIGEST_SIZE
;
144 PublicKeyBufferSize
= PublicKeyBufferSize
- SHA256_DIGEST_SIZE
;
148 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Public key in section is not supported\n"));
149 Status
= RETURN_SECURITY_VIOLATION
;
154 // Generate & Initialize RSA Context.
158 CryptoStatus
= FALSE
;
159 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: RsaNew() failed\n"));
160 Status
= RETURN_OUT_OF_RESOURCES
;
165 // Set RSA Key Components.
166 // NOTE: Only N and E are needed to be set as RSA public key for signature verification.
168 CryptoStatus
= RsaSetKey (Rsa
, RsaKeyN
, CertBlockRsa2048Sha256
->PublicKey
, sizeof (CertBlockRsa2048Sha256
->PublicKey
));
170 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: RsaSetKey(RsaKeyN) failed\n"));
171 Status
= RETURN_OUT_OF_RESOURCES
;
175 CryptoStatus
= RsaSetKey (Rsa
, RsaKeyE
, mRsaE
, sizeof (mRsaE
));
177 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: RsaSetKey(RsaKeyE) failed\n"));
178 Status
= RETURN_OUT_OF_RESOURCES
;
183 // Hash data payload with SHA256.
185 ZeroMem (Digest
, SHA256_DIGEST_SIZE
);
186 CryptoStatus
= Sha256Init (HashContext
);
188 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Init() failed\n"));
189 Status
= RETURN_OUT_OF_RESOURCES
;
193 // It is a signature across the variable data and the Monotonic Count value.
194 CryptoStatus
= Sha256Update (
196 (UINT8
*)Image
+ sizeof (Image
->MonotonicCount
) + Image
->AuthInfo
.Hdr
.dwLength
,
197 ImageSize
- sizeof (Image
->MonotonicCount
) - Image
->AuthInfo
.Hdr
.dwLength
200 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
201 Status
= RETURN_OUT_OF_RESOURCES
;
205 CryptoStatus
= Sha256Update (
207 (UINT8
*)&Image
->MonotonicCount
,
208 sizeof (Image
->MonotonicCount
)
211 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
212 Status
= RETURN_OUT_OF_RESOURCES
;
216 CryptoStatus
= Sha256Final (HashContext
, Digest
);
218 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Final() failed\n"));
219 Status
= RETURN_OUT_OF_RESOURCES
;
224 // Verify the RSA 2048 SHA 256 signature.
226 CryptoStatus
= RsaPkcs1Verify (
230 CertBlockRsa2048Sha256
->Signature
,
231 sizeof (CertBlockRsa2048Sha256
->Signature
)
235 // If RSA 2048 SHA 256 signature verification fails, AUTH tested failed bit is set.
237 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: RsaPkcs1Verify() failed\n"));
238 Status
= RETURN_SECURITY_VIOLATION
;
242 DEBUG ((DEBUG_INFO
, "FmpAuthenticatedHandlerRsa2048Sha256: PASS verification\n"));
244 Status
= RETURN_SUCCESS
;
248 // Free allocated resources used to perform RSA 2048 SHA 256 signature verification
254 if (HashContext
!= NULL
) {
255 FreePool (HashContext
);
262 The function is used to do the authentication for FMP capsule based upon
263 EFI_FIRMWARE_IMAGE_AUTHENTICATION.
265 The FMP capsule image should start with EFI_FIRMWARE_IMAGE_AUTHENTICATION,
266 followed by the payload.
268 If the return status is RETURN_SUCCESS, the caller may continue the rest
270 If the return status is NOT RETURN_SUCCESS, the caller should stop the FMP
271 update process and convert the return status to LastAttemptStatus
272 to indicate that FMP update fails.
273 The LastAttemptStatus can be got from ESRT table or via
274 EFI_FIRMWARE_MANAGEMENT_PROTOCOL.GetImageInfo().
276 Caution: This function may receive untrusted input.
278 @param[in] Image Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
279 @param[in] ImageSize Size of the authentication image in bytes.
280 @param[in] PublicKeyData The public key data used to validate the signature.
281 @param[in] PublicKeyDataLength The length of the public key data.
283 @retval RETURN_SUCCESS Authentication pass.
284 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
285 @retval RETURN_SECURITY_VIOLATION Authentication fail.
286 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
287 @retval RETURN_INVALID_PARAMETER The image is in an invalid format.
288 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
289 @retval RETURN_UNSUPPORTED No Authentication handler associated with CertType.
290 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
291 @retval RETURN_UNSUPPORTED Image or ImageSize is invalid.
292 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
293 @retval RETURN_OUT_OF_RESOURCES No Authentication handler associated with CertType.
294 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
298 AuthenticateFmpImage (
299 IN EFI_FIRMWARE_IMAGE_AUTHENTICATION
*Image
,
301 IN CONST UINT8
*PublicKeyData
,
302 IN UINTN PublicKeyDataLength
308 if ((Image
== NULL
) || (ImageSize
== 0)) {
309 return RETURN_UNSUPPORTED
;
312 if ((PublicKeyDataLength
% SHA256_DIGEST_SIZE
) != 0) {
313 DEBUG ((DEBUG_ERROR
, "PublicKeyDataLength is not multiple SHA256 size\n"));
314 return RETURN_UNSUPPORTED
;
317 if (ImageSize
< sizeof (EFI_FIRMWARE_IMAGE_AUTHENTICATION
)) {
318 DEBUG ((DEBUG_ERROR
, "AuthenticateFmpImage - ImageSize too small\n"));
319 return RETURN_INVALID_PARAMETER
;
322 if (Image
->AuthInfo
.Hdr
.dwLength
<= OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID
, CertData
)) {
323 DEBUG ((DEBUG_ERROR
, "AuthenticateFmpImage - dwLength too small\n"));
324 return RETURN_INVALID_PARAMETER
;
327 if ((UINTN
)Image
->AuthInfo
.Hdr
.dwLength
> MAX_UINTN
- sizeof (UINT64
)) {
328 DEBUG ((DEBUG_ERROR
, "AuthenticateFmpImage - dwLength too big\n"));
329 return RETURN_INVALID_PARAMETER
;
332 if (ImageSize
<= sizeof (Image
->MonotonicCount
) + Image
->AuthInfo
.Hdr
.dwLength
) {
333 DEBUG ((DEBUG_ERROR
, "AuthenticateFmpImage - ImageSize too small\n"));
334 return RETURN_INVALID_PARAMETER
;
337 if (Image
->AuthInfo
.Hdr
.wRevision
!= 0x0200) {
338 DEBUG ((DEBUG_ERROR
, "AuthenticateFmpImage - wRevision: 0x%02x, expect - 0x%02x\n", (UINTN
)Image
->AuthInfo
.Hdr
.wRevision
, (UINTN
)0x0200));
339 return RETURN_INVALID_PARAMETER
;
342 if (Image
->AuthInfo
.Hdr
.wCertificateType
!= WIN_CERT_TYPE_EFI_GUID
) {
343 DEBUG ((DEBUG_ERROR
, "AuthenticateFmpImage - wCertificateType: 0x%02x, expect - 0x%02x\n", (UINTN
)Image
->AuthInfo
.Hdr
.wCertificateType
, (UINTN
)WIN_CERT_TYPE_EFI_GUID
));
344 return RETURN_INVALID_PARAMETER
;
347 CertType
= &Image
->AuthInfo
.CertType
;
348 DEBUG ((DEBUG_INFO
, "AuthenticateFmpImage - CertType: %g\n", CertType
));
350 if (CompareGuid (&gEfiCertTypeRsa2048Sha256Guid
, CertType
)) {
352 // Call the match handler to extract raw data for the input section data.
354 Status
= FmpAuthenticatedHandlerRsa2048Sha256 (
364 // Not found, the input guided section is not supported.
366 return RETURN_UNSUPPORTED
;