2 FMP Authentication RSA2048SHA256 handler.
3 Provide generic FMP authentication functions for DXE/PEI post memory phase.
5 Caution: This module requires additional review when modified.
6 This module will have external input - capsule image.
7 This external input must be validated carefully to avoid security issue like
8 buffer overflow, integer overflow.
10 FmpAuthenticatedHandlerRsa2048Sha256(), AuthenticateFmpImage() will receive
11 untrusted input and do basic validation.
13 Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
14 This program and the accompanying materials
15 are licensed and made available under the terms and conditions of the BSD License
16 which accompanies this distribution. The full text of the license may be found at
17 http://opensource.org/licenses/bsd-license.php
19 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
20 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
26 #include <Guid/SystemResourceTable.h>
27 #include <Guid/FirmwareContentsSigned.h>
28 #include <Guid/WinCertificate.h>
30 #include <Library/BaseLib.h>
31 #include <Library/BaseMemoryLib.h>
32 #include <Library/DebugLib.h>
33 #include <Library/MemoryAllocationLib.h>
34 #include <Library/BaseCryptLib.h>
35 #include <Library/FmpAuthenticationLib.h>
36 #include <Library/PcdLib.h>
37 #include <Protocol/FirmwareManagement.h>
38 #include <Guid/SystemResourceTable.h>
41 /// Public Exponent of RSA Key.
43 STATIC CONST UINT8 mRsaE
[] = { 0x01, 0x00, 0x01 };
46 The handler is used to do the authentication for FMP capsule based upon
47 EFI_FIRMWARE_IMAGE_AUTHENTICATION.
49 Caution: This function may receive untrusted input.
51 This function assumes the caller AuthenticateFmpImage()
52 already did basic validation for EFI_FIRMWARE_IMAGE_AUTHENTICATION.
54 @param[in] Image Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
55 @param[in] ImageSize Size of the authentication image in bytes.
56 @param[in] PublicKeyData The public key data used to validate the signature.
57 @param[in] PublicKeyDataLength The length of the public key data.
59 @retval RETURN_SUCCESS Authentication pass.
60 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
61 @retval RETURN_SECURITY_VIOLATION Authentication fail.
62 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
63 @retval RETURN_INVALID_PARAMETER The image is in an invalid format.
64 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
65 @retval RETURN_OUT_OF_RESOURCES No Authentication handler associated with CertType.
66 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
69 FmpAuthenticatedHandlerRsa2048Sha256 (
70 IN EFI_FIRMWARE_IMAGE_AUTHENTICATION
*Image
,
72 IN CONST UINT8
*PublicKeyData
,
73 IN UINTN PublicKeyDataLength
77 EFI_CERT_BLOCK_RSA_2048_SHA256
*CertBlockRsa2048Sha256
;
79 UINT8 Digest
[SHA256_DIGEST_SIZE
];
81 UINTN PublicKeyBufferSize
;
85 DEBUG ((DEBUG_INFO
, "FmpAuthenticatedHandlerRsa2048Sha256 - Image: 0x%08x - 0x%08x\n", (UINTN
)Image
, (UINTN
)ImageSize
));
87 if (Image
->AuthInfo
.Hdr
.dwLength
!= OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID
, CertData
) + sizeof(EFI_CERT_BLOCK_RSA_2048_SHA256
)) {
88 DEBUG((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256 - dwLength: 0x%04x, dwLength - 0x%04x\n", (UINTN
)Image
->AuthInfo
.Hdr
.dwLength
, (UINTN
)OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID
, CertData
) + sizeof(EFI_CERT_BLOCK_RSA_2048_SHA256
)));
89 return RETURN_INVALID_PARAMETER
;
92 CertBlockRsa2048Sha256
= (EFI_CERT_BLOCK_RSA_2048_SHA256
*)Image
->AuthInfo
.CertData
;
93 if (!CompareGuid(&CertBlockRsa2048Sha256
->HashType
, &gEfiHashAlgorithmSha256Guid
)) {
94 DEBUG((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256 - HashType: %g, expect - %g\n", &CertBlockRsa2048Sha256
->HashType
, &gEfiHashAlgorithmSha256Guid
));
95 return RETURN_INVALID_PARAMETER
;
102 // Allocate hash context buffer required for SHA 256
104 HashContext
= AllocatePool (Sha256GetContextSize ());
105 if (HashContext
== NULL
) {
106 CryptoStatus
= FALSE
;
107 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Can not allocate hash context\n"));
108 Status
= RETURN_OUT_OF_RESOURCES
;
113 // Hash public key from data payload with SHA256.
115 ZeroMem (Digest
, SHA256_DIGEST_SIZE
);
116 CryptoStatus
= Sha256Init (HashContext
);
118 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Init() failed\n"));
119 Status
= RETURN_OUT_OF_RESOURCES
;
122 CryptoStatus
= Sha256Update (HashContext
, &CertBlockRsa2048Sha256
->PublicKey
, sizeof(CertBlockRsa2048Sha256
->PublicKey
));
124 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
125 Status
= RETURN_OUT_OF_RESOURCES
;
128 CryptoStatus
= Sha256Final (HashContext
, Digest
);
130 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Final() failed\n"));
131 Status
= RETURN_OUT_OF_RESOURCES
;
136 // Fail if the PublicKey is not one of the public keys in PcdRsa2048Sha256PublicKeyBuffer
138 PublicKey
= (VOID
*)PublicKeyData
;
139 PublicKeyBufferSize
= PublicKeyDataLength
;
140 CryptoStatus
= FALSE
;
141 while (PublicKeyBufferSize
!= 0) {
142 if (CompareMem (Digest
, PublicKey
, SHA256_DIGEST_SIZE
) == 0) {
146 PublicKey
= PublicKey
+ SHA256_DIGEST_SIZE
;
147 PublicKeyBufferSize
= PublicKeyBufferSize
- SHA256_DIGEST_SIZE
;
150 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Public key in section is not supported\n"));
151 Status
= RETURN_SECURITY_VIOLATION
;
156 // Generate & Initialize RSA Context.
160 CryptoStatus
= FALSE
;
161 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: RsaNew() failed\n"));
162 Status
= RETURN_OUT_OF_RESOURCES
;
167 // Set RSA Key Components.
168 // NOTE: Only N and E are needed to be set as RSA public key for signature verification.
170 CryptoStatus
= RsaSetKey (Rsa
, RsaKeyN
, CertBlockRsa2048Sha256
->PublicKey
, sizeof(CertBlockRsa2048Sha256
->PublicKey
));
172 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: RsaSetKey(RsaKeyN) failed\n"));
173 Status
= RETURN_OUT_OF_RESOURCES
;
176 CryptoStatus
= RsaSetKey (Rsa
, RsaKeyE
, mRsaE
, sizeof (mRsaE
));
178 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: RsaSetKey(RsaKeyE) failed\n"));
179 Status
= RETURN_OUT_OF_RESOURCES
;
184 // Hash data payload with SHA256.
186 ZeroMem (Digest
, SHA256_DIGEST_SIZE
);
187 CryptoStatus
= Sha256Init (HashContext
);
189 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Init() failed\n"));
190 Status
= RETURN_OUT_OF_RESOURCES
;
194 // It is a signature across the variable data and the Monotonic Count value.
195 CryptoStatus
= Sha256Update (
197 (UINT8
*)Image
+ sizeof(Image
->MonotonicCount
) + Image
->AuthInfo
.Hdr
.dwLength
,
198 ImageSize
- sizeof(Image
->MonotonicCount
) - Image
->AuthInfo
.Hdr
.dwLength
201 DEBUG((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
202 Status
= RETURN_OUT_OF_RESOURCES
;
205 CryptoStatus
= Sha256Update (
207 (UINT8
*)&Image
->MonotonicCount
,
208 sizeof(Image
->MonotonicCount
)
211 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
212 Status
= RETURN_OUT_OF_RESOURCES
;
215 CryptoStatus
= Sha256Final (HashContext
, Digest
);
217 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Final() failed\n"));
218 Status
= RETURN_OUT_OF_RESOURCES
;
223 // Verify the RSA 2048 SHA 256 signature.
225 CryptoStatus
= RsaPkcs1Verify (
229 CertBlockRsa2048Sha256
->Signature
,
230 sizeof (CertBlockRsa2048Sha256
->Signature
)
234 // If RSA 2048 SHA 256 signature verification fails, AUTH tested failed bit is set.
236 DEBUG ((DEBUG_ERROR
, "FmpAuthenticatedHandlerRsa2048Sha256: RsaPkcs1Verify() failed\n"));
237 Status
= RETURN_SECURITY_VIOLATION
;
240 DEBUG ((DEBUG_INFO
, "FmpAuthenticatedHandlerRsa2048Sha256: PASS verification\n"));
242 Status
= RETURN_SUCCESS
;
246 // Free allocated resources used to perform RSA 2048 SHA 256 signature verification
251 if (HashContext
!= NULL
) {
252 FreePool (HashContext
);
259 The function is used to do the authentication for FMP capsule based upon
260 EFI_FIRMWARE_IMAGE_AUTHENTICATION.
262 The FMP capsule image should start with EFI_FIRMWARE_IMAGE_AUTHENTICATION,
263 followed by the payload.
265 If the return status is RETURN_SUCCESS, the caller may continue the rest
267 If the return status is NOT RETURN_SUCCESS, the caller should stop the FMP
268 update process and convert the return status to LastAttemptStatus
269 to indicate that FMP update fails.
270 The LastAttemptStatus can be got from ESRT table or via
271 EFI_FIRMWARE_MANAGEMENT_PROTOCOL.GetImageInfo().
273 Caution: This function may receive untrusted input.
275 @param[in] Image Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
276 @param[in] ImageSize Size of the authentication image in bytes.
277 @param[in] PublicKeyData The public key data used to validate the signature.
278 @param[in] PublicKeyDataLength The length of the public key data.
280 @retval RETURN_SUCCESS Authentication pass.
281 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
282 @retval RETURN_SECURITY_VIOLATION Authentication fail.
283 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
284 @retval RETURN_INVALID_PARAMETER The image is in an invalid format.
285 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
286 @retval RETURN_UNSUPPORTED No Authentication handler associated with CertType.
287 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
288 @retval RETURN_UNSUPPORTED Image or ImageSize is invalid.
289 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
290 @retval RETURN_OUT_OF_RESOURCES No Authentication handler associated with CertType.
291 The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
295 AuthenticateFmpImage (
296 IN EFI_FIRMWARE_IMAGE_AUTHENTICATION
*Image
,
298 IN CONST UINT8
*PublicKeyData
,
299 IN UINTN PublicKeyDataLength
305 if ((Image
== NULL
) || (ImageSize
== 0)) {
306 return RETURN_UNSUPPORTED
;
309 if (ImageSize
< sizeof(EFI_FIRMWARE_IMAGE_AUTHENTICATION
)) {
310 DEBUG((DEBUG_ERROR
, "AuthenticateFmpImage - ImageSize too small\n"));
311 return RETURN_INVALID_PARAMETER
;
313 if (Image
->AuthInfo
.Hdr
.dwLength
<= OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID
, CertData
)) {
314 DEBUG((DEBUG_ERROR
, "AuthenticateFmpImage - dwLength too small\n"));
315 return RETURN_INVALID_PARAMETER
;
317 if (Image
->AuthInfo
.Hdr
.dwLength
> MAX_UINTN
- sizeof(UINT64
)) {
318 DEBUG((DEBUG_ERROR
, "AuthenticateFmpImage - dwLength too big\n"));
319 return RETURN_INVALID_PARAMETER
;
321 if (ImageSize
<= sizeof(Image
->MonotonicCount
) + Image
->AuthInfo
.Hdr
.dwLength
) {
322 DEBUG((DEBUG_ERROR
, "AuthenticateFmpImage - ImageSize too small\n"));
323 return RETURN_INVALID_PARAMETER
;
325 if (Image
->AuthInfo
.Hdr
.wRevision
!= 0x0200) {
326 DEBUG((DEBUG_ERROR
, "AuthenticateFmpImage - wRevision: 0x%02x, expect - 0x%02x\n", (UINTN
)Image
->AuthInfo
.Hdr
.wRevision
, (UINTN
)0x0200));
327 return RETURN_INVALID_PARAMETER
;
329 if (Image
->AuthInfo
.Hdr
.wCertificateType
!= WIN_CERT_TYPE_EFI_GUID
) {
330 DEBUG((DEBUG_ERROR
, "AuthenticateFmpImage - wCertificateType: 0x%02x, expect - 0x%02x\n", (UINTN
)Image
->AuthInfo
.Hdr
.wCertificateType
, (UINTN
)WIN_CERT_TYPE_EFI_GUID
));
331 return RETURN_INVALID_PARAMETER
;
334 CertType
= &Image
->AuthInfo
.CertType
;
335 DEBUG((DEBUG_INFO
, "AuthenticateFmpImage - CertType: %g\n", CertType
));
337 if (CompareGuid (&gEfiCertTypeRsa2048Sha256Guid
, CertType
)) {
339 // Call the match handler to extract raw data for the input section data.
341 Status
= FmpAuthenticatedHandlerRsa2048Sha256 (
351 // Not found, the input guided section is not supported.
353 return RETURN_UNSUPPORTED
;