Contributed-under: TianoCore Contribution Agreement 1.0
[mirror_edk2.git] / SecurityPkg / Library / PeiRsa2048Sha256GuidedSectionExtractLib / PeiRsa2048Sha256GuidedSectionExtractLib.c
1 /** @file
2
3 This library registers RSA 2048 SHA 256 guided section handler
4 to parse RSA 2048 SHA 256 encapsulation section and extract raw data.
5 It uses the BaseCrypyLib based on OpenSSL to authenticate the signature.
6
7 Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
8 This program and the accompanying materials
9 are licensed and made available under the terms and conditions of the BSD License
10 which accompanies this distribution. The full text of the license may be found at
11 http://opensource.org/licenses/bsd-license.php
12
13 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
14 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15
16 **/
17
18 #include <PiPei.h>
19 #include <Protocol/Hash.h>
20 #include <Library/ExtractGuidedSectionLib.h>
21 #include <Library/DebugLib.h>
22 #include <Library/BaseMemoryLib.h>
23 #include <Library/MemoryAllocationLib.h>
24 #include <Library/PcdLib.h>
25 #include <Guid/WinCertificate.h>
26 #include <Library/BaseCryptLib.h>
27 #include <Library/PerformanceLib.h>
28 #include <Guid/SecurityPkgTokenSpace.h>
29
30 ///
31 /// RSA 2048 SHA 256 Guided Section header
32 ///
33 typedef struct {
34 EFI_GUID_DEFINED_SECTION GuidedSectionHeader; ///< EFI guided section header
35 EFI_CERT_BLOCK_RSA_2048_SHA256 CertBlockRsa2048Sha256; ///< RSA 2048-bit Signature
36 } RSA_2048_SHA_256_SECTION_HEADER;
37
38 typedef struct {
39 EFI_GUID_DEFINED_SECTION2 GuidedSectionHeader; ///< EFI guided section header
40 EFI_CERT_BLOCK_RSA_2048_SHA256 CertBlockRsa2048Sha256; ///< RSA 2048-bit Signature
41 } RSA_2048_SHA_256_SECTION2_HEADER;
42
43 ///
44 /// Public Exponent of RSA Key.
45 ///
46 CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };
47
48 /**
49
50 GetInfo gets raw data size and attribute of the input guided section.
51 It first checks whether the input guid section is supported.
52 If not, EFI_INVALID_PARAMETER will return.
53
54 @param InputSection Buffer containing the input GUIDed section to be processed.
55 @param OutputBufferSize The size of OutputBuffer.
56 @param ScratchBufferSize The size of ScratchBuffer.
57 @param SectionAttribute The attribute of the input guided section.
58
59 @retval EFI_SUCCESS The size of destination buffer, the size of scratch buffer and
60 the attribute of the input section are successull retrieved.
61 @retval EFI_INVALID_PARAMETER The GUID in InputSection does not match this instance guid.
62
63 **/
64 EFI_STATUS
65 EFIAPI
66 Rsa2048Sha256GuidedSectionGetInfo (
67 IN CONST VOID *InputSection,
68 OUT UINT32 *OutputBufferSize,
69 OUT UINT32 *ScratchBufferSize,
70 OUT UINT16 *SectionAttribute
71 )
72 {
73 if (IS_SECTION2 (InputSection)) {
74 //
75 // Check whether the input guid section is recognized.
76 //
77 if (!CompareGuid (
78 &gEfiCertTypeRsa2048Sha256Guid,
79 &(((EFI_GUID_DEFINED_SECTION2 *) InputSection)->SectionDefinitionGuid))) {
80 return EFI_INVALID_PARAMETER;
81 }
82 //
83 // Retrieve the size and attribute of the input section data.
84 //
85 *SectionAttribute = ((EFI_GUID_DEFINED_SECTION2 *) InputSection)->Attributes;
86 *ScratchBufferSize = 0;
87 *OutputBufferSize = SECTION2_SIZE (InputSection) - ((EFI_GUID_DEFINED_SECTION2 *) InputSection)->DataOffset;
88 } else {
89 //
90 // Check whether the input guid section is recognized.
91 //
92 if (!CompareGuid (
93 &gEfiCertTypeRsa2048Sha256Guid,
94 &(((EFI_GUID_DEFINED_SECTION *) InputSection)->SectionDefinitionGuid))) {
95 return EFI_INVALID_PARAMETER;
96 }
97 //
98 // Retrieve the size and attribute of the input section data.
99 //
100 *SectionAttribute = ((EFI_GUID_DEFINED_SECTION *) InputSection)->Attributes;
101 *ScratchBufferSize = 0;
102 *OutputBufferSize = SECTION_SIZE (InputSection) - ((EFI_GUID_DEFINED_SECTION *) InputSection)->DataOffset;
103 }
104
105 return EFI_SUCCESS;
106 }
107
108 /**
109
110 Extraction handler tries to extract raw data from the input guided section.
111 It also does authentication check for RSA 2048 SHA 256 signature in the input guided section.
112 It first checks whether the input guid section is supported.
113 If not, EFI_INVALID_PARAMETER will return.
114
115 @param InputSection Buffer containing the input GUIDed section to be processed.
116 @param OutputBuffer Buffer to contain the output raw data allocated by the caller.
117 @param ScratchBuffer A pointer to a caller-allocated buffer for function internal use.
118 @param AuthenticationStatus A pointer to a caller-allocated UINT32 that indicates the
119 authentication status of the output buffer.
120
121 @retval EFI_SUCCESS Section Data and Auth Status is extracted successfully.
122 @retval EFI_INVALID_PARAMETER The GUID in InputSection does not match this instance guid.
123
124 **/
125 EFI_STATUS
126 EFIAPI
127 Rsa2048Sha256GuidedSectionHandler (
128 IN CONST VOID *InputSection,
129 OUT VOID **OutputBuffer,
130 IN VOID *ScratchBuffer, OPTIONAL
131 OUT UINT32 *AuthenticationStatus
132 )
133 {
134 EFI_STATUS Status;
135 UINT32 OutputBufferSize;
136 EFI_CERT_BLOCK_RSA_2048_SHA256 *CertBlockRsa2048Sha256;
137 BOOLEAN CryptoStatus;
138 UINT8 Digest[SHA256_DIGEST_SIZE];
139 UINT8 *PublicKey;
140 UINTN PublicKeyBufferSize;
141 VOID *HashContext;
142 VOID *Rsa;
143
144 HashContext = NULL;
145 Rsa = NULL;
146
147 if (IS_SECTION2 (InputSection)) {
148 //
149 // Check whether the input guid section is recognized.
150 //
151 if (!CompareGuid (
152 &gEfiCertTypeRsa2048Sha256Guid,
153 &(((EFI_GUID_DEFINED_SECTION2 *)InputSection)->SectionDefinitionGuid))) {
154 return EFI_INVALID_PARAMETER;
155 }
156
157 //
158 // Get the RSA 2048 SHA 256 information.
159 //
160 CertBlockRsa2048Sha256 = &((RSA_2048_SHA_256_SECTION2_HEADER *) InputSection)->CertBlockRsa2048Sha256;
161 OutputBufferSize = SECTION2_SIZE (InputSection) - sizeof (RSA_2048_SHA_256_SECTION2_HEADER);
162 if ((((EFI_GUID_DEFINED_SECTION *)InputSection)->Attributes & EFI_GUIDED_SECTION_PROCESSING_REQUIRED) != 0) {
163 PERF_START (NULL, "RsaCopy", "PEI", 0);
164 CopyMem (*OutputBuffer, (UINT8 *)InputSection + sizeof (RSA_2048_SHA_256_SECTION2_HEADER), OutputBufferSize);
165 PERF_END (NULL, "RsaCopy", "PEI", 0);
166 } else {
167 *OutputBuffer = (UINT8 *)InputSection + sizeof (RSA_2048_SHA_256_SECTION2_HEADER);
168 }
169
170 //
171 // Implicitly RSA 2048 SHA 256 GUIDed section should have STATUS_VALID bit set
172 //
173 ASSERT ((((EFI_GUID_DEFINED_SECTION2 *)InputSection)->Attributes & EFI_GUIDED_SECTION_AUTH_STATUS_VALID) != 0);
174 *AuthenticationStatus = EFI_AUTH_STATUS_IMAGE_SIGNED;
175 } else {
176 //
177 // Check whether the input guid section is recognized.
178 //
179 if (!CompareGuid (
180 &gEfiCertTypeRsa2048Sha256Guid,
181 &(((EFI_GUID_DEFINED_SECTION *)InputSection)->SectionDefinitionGuid))) {
182 return EFI_INVALID_PARAMETER;
183 }
184
185 //
186 // Get the RSA 2048 SHA 256 information.
187 //
188 CertBlockRsa2048Sha256 = &((RSA_2048_SHA_256_SECTION_HEADER *)InputSection)->CertBlockRsa2048Sha256;
189 OutputBufferSize = SECTION_SIZE (InputSection) - sizeof (RSA_2048_SHA_256_SECTION_HEADER);
190 if ((((EFI_GUID_DEFINED_SECTION *)InputSection)->Attributes & EFI_GUIDED_SECTION_PROCESSING_REQUIRED) != 0) {
191 PERF_START (NULL, "RsaCopy", "PEI", 0);
192 CopyMem (*OutputBuffer, (UINT8 *)InputSection + sizeof (RSA_2048_SHA_256_SECTION_HEADER), OutputBufferSize);
193 PERF_END (NULL, "RsaCopy", "PEI", 0);
194 } else {
195 *OutputBuffer = (UINT8 *)InputSection + sizeof (RSA_2048_SHA_256_SECTION_HEADER);
196 }
197
198 //
199 // Implicitly RSA 2048 SHA 256 GUIDed section should have STATUS_VALID bit set
200 //
201 ASSERT ((((EFI_GUID_DEFINED_SECTION *) InputSection)->Attributes & EFI_GUIDED_SECTION_AUTH_STATUS_VALID) != 0);
202 *AuthenticationStatus = EFI_AUTH_STATUS_IMAGE_SIGNED;
203 }
204
205 //
206 // All paths from here return EFI_SUCESS and result is returned in AuthenticationStatus
207 //
208 Status = EFI_SUCCESS;
209
210 //
211 // Fail if the HashType is not SHA 256
212 //
213 if (!CompareGuid (&gEfiHashAlgorithmSha256Guid, &CertBlockRsa2048Sha256->HashType)) {
214 DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: HASH type of section is not supported\n"));
215 *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
216 goto Done;
217 }
218
219 //
220 // Allocate hash context buffer required for SHA 256
221 //
222 HashContext = AllocatePool (Sha256GetContextSize ());
223 if (HashContext == NULL) {
224 DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Can not allocate hash context\n"));
225 *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
226 goto Done;
227 }
228
229 //
230 // Hash public key from data payload with SHA256.
231 //
232 ZeroMem (Digest, SHA256_DIGEST_SIZE);
233 CryptoStatus = Sha256Init (HashContext);
234 if (!CryptoStatus) {
235 DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Sha256Init() failed\n"));
236 *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
237 goto Done;
238 }
239 CryptoStatus = Sha256Update (HashContext, &CertBlockRsa2048Sha256->PublicKey, sizeof(CertBlockRsa2048Sha256->PublicKey));
240 if (!CryptoStatus) {
241 DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Sha256Update() failed\n"));
242 *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
243 goto Done;
244 }
245 CryptoStatus = Sha256Final (HashContext, Digest);
246 if (!CryptoStatus) {
247 DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Sha256Final() failed\n"));
248 *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
249 goto Done;
250 }
251
252 //
253 // Fail if the PublicKey is not one of the public keys in PcdRsa2048Sha256PublicKeyBuffer
254 //
255 PublicKey = (UINT8 *)PcdGetPtr (PcdRsa2048Sha256PublicKeyBuffer);
256 DEBUG ((DEBUG_VERBOSE, "PeiPcdRsa2048Sha256: PublicKeyBuffer = %p\n", PublicKey));
257 ASSERT (PublicKey != NULL);
258 DEBUG ((DEBUG_VERBOSE, "PeiPcdRsa2048Sha256: PublicKeyBuffer Token = %08x\n", PcdToken (PcdRsa2048Sha256PublicKeyBuffer)));
259 PublicKeyBufferSize = LibPcdGetExSize (&gEfiSecurityPkgTokenSpaceGuid, PcdToken (PcdRsa2048Sha256PublicKeyBuffer));
260 DEBUG ((DEBUG_VERBOSE, "PeiPcdRsa2048Sha256: PublicKeyBuffer Size = %08x\n", PublicKeyBufferSize));
261 ASSERT ((PublicKeyBufferSize % SHA256_DIGEST_SIZE) == 0);
262 CryptoStatus = FALSE;
263 while (PublicKeyBufferSize != 0) {
264 if (CompareMem (Digest, PublicKey, SHA256_DIGEST_SIZE) == 0) {
265 CryptoStatus = TRUE;
266 break;
267 }
268 PublicKey = PublicKey + SHA256_DIGEST_SIZE;
269 PublicKeyBufferSize = PublicKeyBufferSize - SHA256_DIGEST_SIZE;
270 }
271 if (!CryptoStatus) {
272 DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Public key in section is not supported\n"));
273 *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
274 goto Done;
275 }
276
277 //
278 // Generate & Initialize RSA Context.
279 //
280 Rsa = RsaNew ();
281 if (Rsa == NULL) {
282 DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: RsaNew() failed\n"));
283 *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
284 goto Done;
285 }
286
287 //
288 // Set RSA Key Components.
289 // NOTE: Only N and E are needed to be set as RSA public key for signature verification.
290 //
291 CryptoStatus = RsaSetKey (Rsa, RsaKeyN, CertBlockRsa2048Sha256->PublicKey, sizeof(CertBlockRsa2048Sha256->PublicKey));
292 if (!CryptoStatus) {
293 DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: RsaSetKey(RsaKeyN) failed\n"));
294 *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
295 goto Done;
296 }
297 CryptoStatus = RsaSetKey (Rsa, RsaKeyE, mRsaE, sizeof (mRsaE));
298 if (!CryptoStatus) {
299 DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: RsaSetKey(RsaKeyE) failed\n"));
300 *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
301 goto Done;
302 }
303
304 //
305 // Hash data payload with SHA256.
306 //
307 ZeroMem (Digest, SHA256_DIGEST_SIZE);
308 CryptoStatus = Sha256Init (HashContext);
309 if (!CryptoStatus) {
310 DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Sha256Init() failed\n"));
311 *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
312 goto Done;
313 }
314 PERF_START (NULL, "RsaShaData", "PEI", 0);
315 CryptoStatus = Sha256Update (HashContext, *OutputBuffer, OutputBufferSize);
316 PERF_END (NULL, "RsaShaData", "PEI", 0);
317 if (!CryptoStatus) {
318 DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Sha256Update() failed\n"));
319 *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
320 goto Done;
321 }
322 CryptoStatus = Sha256Final (HashContext, Digest);
323 if (!CryptoStatus) {
324 DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Sha256Final() failed\n"));
325 *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
326 goto Done;
327 }
328
329 //
330 // Verify the RSA 2048 SHA 256 signature.
331 //
332 PERF_START (NULL, "RsaVerify", "PEI", 0);
333 CryptoStatus = RsaPkcs1Verify (
334 Rsa,
335 Digest,
336 SHA256_DIGEST_SIZE,
337 CertBlockRsa2048Sha256->Signature,
338 sizeof (CertBlockRsa2048Sha256->Signature)
339 );
340 PERF_END (NULL, "RsaVerify", "PEI", 0);
341 if (!CryptoStatus) {
342 //
343 // If RSA 2048 SHA 256 signature verification fails, AUTH tested failed bit is set.
344 //
345 DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: RsaPkcs1Verify() failed\n"));
346 *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
347 }
348
349 Done:
350 //
351 // Free allocated resources used to perform RSA 2048 SHA 256 signature verification
352 //
353 if (Rsa != NULL) {
354 RsaFree (Rsa);
355 }
356 if (HashContext != NULL) {
357 FreePool (HashContext);
358 }
359
360 //
361 // Temp solution until PeiCore checks AUTH Status.
362 //
363 if ((*AuthenticationStatus & (EFI_AUTH_STATUS_TEST_FAILED | EFI_AUTH_STATUS_NOT_TESTED)) != 0) {
364 Status = EFI_ACCESS_DENIED;
365 }
366 DEBUG ((DEBUG_VERBOSE, "PeiRsa2048Sha256: Status = %r AuthenticationStatus = %08x\n", Status, *AuthenticationStatus));
367
368 return Status;
369 }
370
371 /**
372 Register the handler to extract RSA 2048 SHA 256 guided section.
373
374 @param FileHandle The handle of FFS header the loaded driver.
375 @param PeiServices The pointer to the PEI services.
376
377 @retval EFI_SUCCESS Register successfully.
378 @retval EFI_OUT_OF_RESOURCES Not enough memory to register this handler.
379
380 **/
381 EFI_STATUS
382 EFIAPI
383 PeiRsa2048Sha256GuidedSectionExtractLibConstructor (
384 IN EFI_PEI_FILE_HANDLE FileHandle,
385 IN CONST EFI_PEI_SERVICES **PeiServices
386 )
387 {
388 return ExtractGuidedSectionRegisterHandlers (
389 &gEfiCertTypeRsa2048Sha256Guid,
390 Rsa2048Sha256GuidedSectionGetInfo,
391 Rsa2048Sha256GuidedSectionHandler
392 );
393 }