2 Password Credential Provider driver implementation.
4 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15 #include "PwdCredentialProvider.h"
17 CREDENTIAL_TABLE
*mPwdTable
= NULL
;
18 PWD_PROVIDER_CALLBACK_INFO
*mCallbackInfo
= NULL
;
19 PASSWORD_CREDENTIAL_INFO
*mPwdInfoHandle
= NULL
;
22 // Used for save password credential and form browser.
23 // Also used as provider identifier.
25 EFI_GUID mPwdCredentialGuid
= PWD_CREDENTIAL_PROVIDER_GUID
;
27 HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath
= {
33 (UINT8
) (sizeof (VENDOR_DEVICE_PATH
)),
34 (UINT8
) ((sizeof (VENDOR_DEVICE_PATH
)) >> 8)
37 { 0xeba7fc2b, 0xa465, 0x4d96, { 0x85, 0xa9, 0xd2, 0xf6, 0x64, 0xdf, 0x9b, 0x45 } }
41 END_ENTIRE_DEVICE_PATH_SUBTYPE
,
43 (UINT8
) (END_DEVICE_PATH_LENGTH
),
44 (UINT8
) ((END_DEVICE_PATH_LENGTH
) >> 8)
49 EFI_USER_CREDENTIAL_PROTOCOL gPwdCredentialProviderDriver
= {
50 PWD_CREDENTIAL_PROVIDER_GUID
,
51 EFI_USER_CREDENTIAL_CLASS_PASSWORD
,
66 Get string by string id from HII Interface.
69 @param[in] Id String ID to get the string from.
71 @retval CHAR16 * String from ID.
72 @retval NULL If error occurs.
81 // Get the current string for the current Language.
83 return HiiGetString (mCallbackInfo
->HiiHandle
, Id
, NULL
);
88 Expand password table size.
96 CREDENTIAL_TABLE
*NewTable
;
99 Count
= mPwdTable
->MaxCount
+ PASSWORD_TABLE_INC
;
101 // Create new credential table.
103 NewTable
= (CREDENTIAL_TABLE
*) AllocateZeroPool (
104 sizeof (CREDENTIAL_TABLE
) +
105 (Count
- 1) * sizeof (PASSWORD_INFO
)
107 ASSERT (NewTable
!= NULL
);
109 NewTable
->MaxCount
= Count
;
110 NewTable
->Count
= mPwdTable
->Count
;
111 NewTable
->ValidIndex
= mPwdTable
->ValidIndex
;
117 &mPwdTable
->UserInfo
,
118 mPwdTable
->Count
* sizeof (PASSWORD_INFO
)
120 FreePool (mPwdTable
);
121 mPwdTable
= NewTable
;
126 Add or delete info in table, and sync with NV variable.
128 @param[in] Index The index of the password in table. The index begin from 1.
129 If index is found in table, delete the info, else add the
131 @param[in] Info The new password info to add into table.
133 @retval EFI_INVALID_PARAMETER Info is NULL when save the info.
134 @retval EFI_SUCCESS Modify the table successfully.
135 @retval Others Failed to modify the table.
141 IN PASSWORD_INFO
* Info OPTIONAL
146 if (Index
< mPwdTable
->Count
) {
148 // Delete the specified entry.
151 if (Index
!= mPwdTable
->Count
) {
153 &mPwdTable
->UserInfo
[Index
],
154 &mPwdTable
->UserInfo
[mPwdTable
->Count
],
155 sizeof (PASSWORD_INFO
)
163 return EFI_INVALID_PARAMETER
;
166 if (mPwdTable
->Count
>= mPwdTable
->MaxCount
) {
171 &mPwdTable
->UserInfo
[mPwdTable
->Count
],
173 sizeof (PASSWORD_INFO
)
179 // Save the credential table.
181 Status
= gRT
->SetVariable (
184 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
,
185 mPwdTable
->Count
* sizeof (PASSWORD_INFO
),
193 Create a password table.
195 @retval EFI_SUCCESS Create a password table successfully.
196 @retval Others Failed to create a password.
200 InitCredentialTable (
209 // Get Password credential data from NV variable.
213 Status
= gRT
->GetVariable (
220 if (Status
== EFI_BUFFER_TOO_SMALL
) {
221 Var
= AllocateZeroPool (VarSize
);
223 return EFI_OUT_OF_RESOURCES
;
225 Status
= gRT
->GetVariable (
233 if (EFI_ERROR (Status
) && (Status
!= EFI_NOT_FOUND
)) {
238 // Create the password credential table.
240 mPwdTable
= AllocateZeroPool (
241 sizeof (CREDENTIAL_TABLE
) - sizeof (PASSWORD_INFO
) +
242 PASSWORD_TABLE_INC
* sizeof (PASSWORD_INFO
) +
245 if (mPwdTable
== NULL
) {
247 return EFI_OUT_OF_RESOURCES
;
250 mPwdTable
->Count
= VarSize
/ sizeof (PASSWORD_INFO
);
251 mPwdTable
->MaxCount
= mPwdTable
->Count
+ PASSWORD_TABLE_INC
;
252 mPwdTable
->ValidIndex
= 0;
254 CopyMem (mPwdTable
->UserInfo
, Var
, VarSize
);
262 Hash the password to get credential.
264 @param[in] Password Points to the input password.
265 @param[in] PasswordSize The size of password, in bytes.
266 @param[out] Credential Points to the hashed result.
268 @retval TRUE Hash the password successfully.
269 @retval FALSE Failed to hash the password.
275 IN UINTN PasswordSize
,
276 OUT UINT8
*Credential
283 HashSize
= Sha1GetContextSize ();
284 Hash
= AllocatePool (HashSize
);
285 ASSERT (Hash
!= NULL
);
287 Status
= Sha1Init (Hash
);
292 Status
= Sha1Update (Hash
, Password
, PasswordSize
);
297 Status
= Sha1Final (Hash
, Credential
);
306 Get password from user input.
308 @param[in] FirstPwd If True, prompt to input the first password.
309 If False, prompt to input password again.
310 @param[out] Credential Points to the input password.
316 OUT CHAR8
*Credential
320 CHAR16 PasswordMask
[CREDENTIAL_LEN
+ 1];
321 CHAR16 Password
[CREDENTIAL_LEN
];
328 PasswordMask
[PasswordLen
] = L
'_';
329 PasswordMask
[PasswordLen
+ 1] = L
'\0';
330 LineStr
= GetStringById (STRING_TOKEN (STR_DRAW_A_LINE
));
332 QuestionStr
= GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD
));
334 QuestionStr
= GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD_AGAIN
));
337 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
344 FreePool (QuestionStr
);
350 if (Key
.ScanCode
== SCAN_NULL
) {
351 if (Key
.UnicodeChar
== CHAR_CARRIAGE_RETURN
) {
353 } else if (Key
.UnicodeChar
== CHAR_BACKSPACE
) {
354 if (PasswordLen
> 0) {
357 } else if ((Key
.UnicodeChar
== CHAR_NULL
) ||
358 (Key
.UnicodeChar
== CHAR_TAB
) ||
359 (Key
.UnicodeChar
== CHAR_LINEFEED
)) {
362 Password
[PasswordLen
] = Key
.UnicodeChar
;
363 PasswordMask
[PasswordLen
] = L
'*';
365 if (PasswordLen
== CREDENTIAL_LEN
) {
372 PasswordLen
= PasswordLen
* sizeof (CHAR16
);
373 GenerateCredential (Password
, PasswordLen
, (UINT8
*)Credential
);
377 Check whether the password can be found on this provider.
379 @param[in] Password The password to be found.
381 @retval EFI_SUCCESS Found password sucessfully.
382 @retval EFI_NOT_FOUND Fail to find the password.
394 // Check password credential.
396 mPwdTable
->ValidIndex
= 0;
397 for (Index
= 0; Index
< mPwdTable
->Count
; Index
++) {
398 Pwd
= mPwdTable
->UserInfo
[Index
].Password
;
399 if (CompareMem (Pwd
, Password
, CREDENTIAL_LEN
) == 0) {
400 mPwdTable
->ValidIndex
= Index
+ 1;
405 return EFI_NOT_FOUND
;
410 Find a user infomation record by the information record type.
412 This function searches all user information records of User from beginning
413 until either the information is found, or there are no more user infomation
414 records. A match occurs when a Info.InfoType field matches the user information
417 @param[in] User Points to the user profile record to search.
418 @param[in] InfoType The infomation type to be searched.
419 @param[out] Info Points to the user info found, the caller is responsible
422 @retval EFI_SUCCESS Find the user information successfully.
423 @retval Others Fail to find the user information.
428 IN EFI_USER_PROFILE_HANDLE User
,
430 OUT EFI_USER_INFO
**Info
434 EFI_USER_INFO
*UserInfo
;
436 EFI_USER_INFO_HANDLE UserInfoHandle
;
437 EFI_USER_MANAGER_PROTOCOL
*UserManager
;
440 // Find user information by information type.
443 return EFI_INVALID_PARAMETER
;
446 Status
= gBS
->LocateProtocol (
447 &gEfiUserManagerProtocolGuid
,
449 (VOID
**) &UserManager
451 if (EFI_ERROR (Status
)) {
452 return EFI_NOT_FOUND
;
456 // Get each user information.
459 UserInfoHandle
= NULL
;
463 Status
= UserManager
->GetNextInfo (UserManager
, User
, &UserInfoHandle
);
464 if (EFI_ERROR (Status
)) {
470 Status
= UserManager
->GetInfo (
477 if (Status
== EFI_BUFFER_TOO_SMALL
) {
478 if (UserInfo
!= NULL
) {
481 UserInfo
= AllocateZeroPool (UserInfoSize
);
482 if (UserInfo
== NULL
) {
483 return EFI_OUT_OF_RESOURCES
;
485 Status
= UserManager
->GetInfo (
493 if (EFI_ERROR (Status
)) {
497 ASSERT (UserInfo
!= NULL
);
498 if (UserInfo
->InfoType
== InfoType
) {
504 if (UserInfo
!= NULL
) {
512 This function processes the results of changes in configuration.
514 @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
515 @param Action Specifies the type of action taken by the browser.
516 @param QuestionId A unique value which is sent to the original
517 exporting driver so that it can identify the type
519 @param Type The type of value for the question.
520 @param Value A pointer to the data being sent to the original
522 @param ActionRequest On return, points to the action requested by the
525 @retval EFI_SUCCESS The callback successfully handled the action.
526 @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the
527 variable and its data.
528 @retval EFI_DEVICE_ERROR The variable could not be saved.
529 @retval EFI_UNSUPPORTED The specified Action is not supported by the
535 CredentialDriverCallback (
536 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
537 IN EFI_BROWSER_ACTION Action
,
538 IN EFI_QUESTION_ID QuestionId
,
540 IN EFI_IFR_TYPE_VALUE
*Value
,
541 OUT EFI_BROWSER_ACTION_REQUEST
*ActionRequest
546 CHAR8 Password
[CREDENTIAL_LEN
];
549 if (Action
== EFI_BROWSER_ACTION_CHANGING
) {
550 if (QuestionId
== KEY_GET_PASSWORD
) {
552 // Get and check password.
554 GetPassword (TRUE
, Password
);
555 Status
= CheckPassword (Password
);
556 if (EFI_ERROR (Status
)) {
557 PromptStr
= GetStringById (STRING_TOKEN (STR_PASSWORD_INCORRECT
));
559 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
566 FreePool (PromptStr
);
569 *ActionRequest
= EFI_BROWSER_ACTION_REQUEST_EXIT
;
575 // All other action return unsupported.
577 return EFI_UNSUPPORTED
;
582 This function allows a caller to extract the current configuration for one
583 or more named elements from the target driver.
586 @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
587 @param Request A null-terminated Unicode string in <ConfigRequest> format.
588 @param Progress On return, points to a character in the Request string.
589 Points to the string's null terminator if request was successful.
590 Points to the most recent '&' before the first failing name/value
591 pair (or the beginning of the string if the failure is in the
592 first name/value pair) if the request was not successful.
593 @param Results A null-terminated Unicode string in <ConfigAltResp> format which
594 has all values filled in for the names in the Request string.
595 String to be allocated by the called function.
597 @retval EFI_SUCCESS The Results is filled with the requested values.
598 @retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
599 @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
600 @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
606 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
607 IN CONST EFI_STRING Request
,
608 OUT EFI_STRING
*Progress
,
609 OUT EFI_STRING
*Results
612 if (Progress
== NULL
|| Results
== NULL
) {
613 return EFI_INVALID_PARAMETER
;
616 return EFI_NOT_FOUND
;
620 This function processes the results of changes in configuration.
623 @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
624 @param Configuration A null-terminated Unicode string in <ConfigResp> format.
625 @param Progress A pointer to a string filled in with the offset of the most
626 recent '&' before the first failing name/value pair (or the
627 beginning of the string if the failure is in the first
628 name/value pair) or the terminating NULL if all was successful.
630 @retval EFI_SUCCESS The Results is processed successfully.
631 @retval EFI_INVALID_PARAMETER Configuration is NULL.
632 @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
638 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
639 IN CONST EFI_STRING Configuration
,
640 OUT EFI_STRING
*Progress
643 if (Configuration
== NULL
|| Progress
== NULL
) {
644 return EFI_INVALID_PARAMETER
;
647 return EFI_NOT_FOUND
;
651 This function initialize the data mainly used in form browser.
653 @retval EFI_SUCCESS Initialize form data successfully.
654 @retval Others Fail to Initialize form data.
663 PWD_PROVIDER_CALLBACK_INFO
*CallbackInfo
;
666 // Initialize driver private data.
668 CallbackInfo
= AllocateZeroPool (sizeof (PWD_PROVIDER_CALLBACK_INFO
));
669 if (CallbackInfo
== NULL
) {
670 return EFI_OUT_OF_RESOURCES
;
673 CallbackInfo
->Signature
= PWD_PROVIDER_SIGNATURE
;
674 CallbackInfo
->ConfigAccess
.ExtractConfig
= FakeExtractConfig
;
675 CallbackInfo
->ConfigAccess
.RouteConfig
= FakeRouteConfig
;
676 CallbackInfo
->ConfigAccess
.Callback
= CredentialDriverCallback
;
677 CallbackInfo
->DriverHandle
= NULL
;
680 // Install Device Path Protocol and Config Access protocol to driver handle.
682 Status
= gBS
->InstallMultipleProtocolInterfaces (
683 &CallbackInfo
->DriverHandle
,
684 &gEfiDevicePathProtocolGuid
,
685 &mHiiVendorDevicePath
,
686 &gEfiHiiConfigAccessProtocolGuid
,
687 &CallbackInfo
->ConfigAccess
,
690 ASSERT_EFI_ERROR (Status
);
695 CallbackInfo
->HiiHandle
= HiiAddPackages (
697 CallbackInfo
->DriverHandle
,
698 PwdCredentialProviderStrings
,
699 PwdCredentialProviderVfrBin
,
702 if (CallbackInfo
->HiiHandle
== NULL
) {
703 return EFI_OUT_OF_RESOURCES
;
705 mCallbackInfo
= CallbackInfo
;
712 Enroll a user on a credential provider.
714 This function enrolls and deletes a user profile using this credential provider.
715 If a user profile is successfully enrolled, it calls the User Manager Protocol
716 function Notify() to notify the user manager driver that credential information
717 has changed. If an enrolled user does exist, delete the user on the credential
720 @param[in] This Points to this instance of EFI_USER_CREDENTIAL_PROTOCOL.
721 @param[in] User The user profile to enroll.
723 @retval EFI_SUCCESS User profile was successfully enrolled.
724 @retval EFI_ACCESS_DENIED Current user profile does not permit enrollment on the
725 user profile handle. Either the user profile cannot enroll
726 on any user profile or cannot enroll on a user profile
727 other than the current user profile.
728 @retval EFI_UNSUPPORTED This credential provider does not support enrollment in
730 @retval EFI_DEVICE_ERROR The new credential could not be created because of a device
732 @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
738 IN CONST EFI_USER_CREDENTIAL_PROTOCOL
*This
,
739 IN EFI_USER_PROFILE_HANDLE User
744 PASSWORD_INFO PwdInfo
;
745 EFI_USER_INFO
*UserInfo
;
746 CHAR8 Password
[CREDENTIAL_LEN
];
748 EFI_USER_MANAGER_PROTOCOL
*UserManager
;
754 if ((This
== NULL
) || (User
== NULL
)) {
755 return EFI_INVALID_PARAMETER
;
758 Status
= gBS
->LocateProtocol (
759 &gEfiUserManagerProtocolGuid
,
761 (VOID
**) &UserManager
763 if (EFI_ERROR (Status
)) {
764 return EFI_UNSUPPORTED
;
768 // Get User Identifier.
771 Status
= FindUserInfoByType (
773 EFI_USER_INFO_IDENTIFIER_RECORD
,
776 if (EFI_ERROR (Status
)) {
777 return EFI_INVALID_PARAMETER
;
781 // If User exists in mPwdTable, delete User.
783 for (Index
= 0; Index
< mPwdTable
->Count
; Index
++) {
784 UserId
= (UINT8
*) &mPwdTable
->UserInfo
[Index
].UserId
;
785 NewUserId
= (UINT8
*) (UserInfo
+ 1);
786 if (CompareMem (UserId
, NewUserId
, sizeof (EFI_USER_INFO_IDENTIFIER
)) == 0) {
788 // Delete the existing password.
791 return ModifyTable (Index
, NULL
);
796 // The User doesn't exist in mPwdTable; Enroll the new User.
802 GetPassword (TRUE
, PwdInfo
.Password
);
805 // Input password again.
807 GetPassword (FALSE
, Password
);
810 // Compare the two password consistency.
812 if (CompareMem (PwdInfo
.Password
, Password
, CREDENTIAL_LEN
) == 0) {
816 QuestionStr
= GetStringById (STRING_TOKEN (STR_PASSWORD_MISMATCH
));
817 PromptStr
= GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD_AGAIN
));
819 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
826 FreePool (QuestionStr
);
827 FreePool (PromptStr
);
832 (UINT8
*) (UserInfo
+ 1),
833 sizeof (EFI_USER_INFO_IDENTIFIER
)
838 // Save the new added entry.
840 Status
= ModifyTable (mPwdTable
->Count
, &PwdInfo
);
841 if (EFI_ERROR (Status
)) {
846 // Notify the user manager driver that credential information has changed.
848 UserManager
->Notify (UserManager
, mCallbackInfo
->DriverHandle
);
855 Returns the user interface information used during user identification.
857 This function returns information about the form used when interacting with the
858 user during user identification. The form is the first enabled form in the form-set
859 class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII handle HiiHandle. If
860 the user credential provider does not require a form to identify the user, then this
861 function should return EFI_NOT_FOUND.
863 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
864 @param[out] Hii On return, holds the HII database handle.
865 @param[out] FormSetId On return, holds the identifier of the form set which contains
866 the form used during user identification.
867 @param[out] FormId On return, holds the identifier of the form used during user
870 @retval EFI_SUCCESS Form returned successfully.
871 @retval EFI_NOT_FOUND Form not returned.
872 @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or FormId is NULL.
878 IN CONST EFI_USER_CREDENTIAL_PROTOCOL
*This
,
879 OUT EFI_HII_HANDLE
*Hii
,
880 OUT EFI_GUID
*FormSetId
,
881 OUT EFI_FORM_ID
*FormId
884 if ((This
== NULL
) || (Hii
== NULL
) ||
885 (FormSetId
== NULL
) || (FormId
== NULL
)) {
886 return EFI_INVALID_PARAMETER
;
889 *Hii
= mCallbackInfo
->HiiHandle
;
890 *FormId
= FORMID_GET_PASSWORD_FORM
;
891 CopyGuid (FormSetId
, &mPwdCredentialGuid
);
898 Returns bitmap used to describe the credential provider type.
900 This optional function returns a bitmap that is less than or equal to the number
901 of pixels specified by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND
904 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
905 @param[in, out] Width On entry, points to the desired bitmap width. If NULL then no
906 bitmap information will be returned. On exit, points to the
907 width of the bitmap returned.
908 @param[in, out] Height On entry, points to the desired bitmap height. If NULL then no
909 bitmap information will be returned. On exit, points to the
910 height of the bitmap returned
911 @param[out] Hii On return, holds the HII database handle.
912 @param[out] Image On return, holds the HII image identifier.
914 @retval EFI_SUCCESS Image identifier returned successfully.
915 @retval EFI_NOT_FOUND Image identifier not returned.
916 @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
922 IN CONST EFI_USER_CREDENTIAL_PROTOCOL
*This
,
924 IN OUT UINTN
*Height
,
925 OUT EFI_HII_HANDLE
*Hii
,
926 OUT EFI_IMAGE_ID
*Image
929 if ((This
== NULL
) || (Hii
== NULL
) || (Image
== NULL
)) {
930 return EFI_INVALID_PARAMETER
;
932 return EFI_NOT_FOUND
;
937 Returns string used to describe the credential provider type.
939 This function returns a string which describes the credential provider. If no
940 such string exists, then EFI_NOT_FOUND is returned.
942 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
943 @param[out] Hii On return, holds the HII database handle.
944 @param[out] String On return, holds the HII string identifier.
946 @retval EFI_SUCCESS String identifier returned successfully.
947 @retval EFI_NOT_FOUND String identifier not returned.
948 @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
954 IN CONST EFI_USER_CREDENTIAL_PROTOCOL
*This
,
955 OUT EFI_HII_HANDLE
*Hii
,
956 OUT EFI_STRING_ID
*String
959 if ((This
== NULL
) || (Hii
== NULL
) || (String
== NULL
)) {
960 return EFI_INVALID_PARAMETER
;
964 // Set Hii handle and String ID.
966 *Hii
= mCallbackInfo
->HiiHandle
;
967 *String
= STRING_TOKEN (STR_CREDENTIAL_TITLE
);
974 Return the user identifier associated with the currently authenticated user.
976 This function returns the user identifier of the user authenticated by this credential
977 provider. This function is called after the credential-related information has been
978 submitted on a form, OR after a call to Default() has returned that this credential is
981 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
982 @param[in] User The user profile handle of the user profile currently being
983 considered by the user identity manager. If NULL, then no user
984 profile is currently under consideration.
985 @param[out] Identifier On return, points to the user identifier.
987 @retval EFI_SUCCESS User identifier returned successfully.
988 @retval EFI_NOT_READY No user identifier can be returned.
989 @retval EFI_ACCESS_DENIED The user has been locked out of this user credential.
990 @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
991 @retval EFI_NOT_FOUND User is not NULL, and the specified user handle can't be
992 found in user profile database
998 IN CONST EFI_USER_CREDENTIAL_PROTOCOL
*This
,
999 IN EFI_USER_PROFILE_HANDLE User
,
1000 OUT EFI_USER_INFO_IDENTIFIER
*Identifier
1005 EFI_USER_INFO
*UserInfo
;
1011 if ((This
== NULL
) || (Identifier
== NULL
)) {
1012 return EFI_INVALID_PARAMETER
;
1015 if (mPwdTable
->ValidIndex
== 0) {
1017 // No password input, or the input password doesn't match
1018 // anyone in PwdTable.
1020 return EFI_NOT_READY
;
1025 // Return the user ID whose password matches the input password.
1029 &mPwdTable
->UserInfo
[mPwdTable
->ValidIndex
- 1].UserId
,
1030 sizeof (EFI_USER_INFO_IDENTIFIER
)
1036 // Get the User's ID.
1038 Status
= FindUserInfoByType (
1040 EFI_USER_INFO_IDENTIFIER_RECORD
,
1043 if (EFI_ERROR (Status
)) {
1044 return EFI_NOT_FOUND
;
1048 // Check whether the input password matches one in PwdTable.
1050 for (Index
= 0; Index
< mPwdTable
->Count
; Index
++) {
1051 UserId
= (UINT8
*) &mPwdTable
->UserInfo
[Index
].UserId
;
1052 NewUserId
= (UINT8
*) (UserInfo
+ 1);
1053 if (CompareMem (UserId
, NewUserId
, sizeof (EFI_USER_INFO_IDENTIFIER
)) == 0) {
1054 Pwd
= mPwdTable
->UserInfo
[Index
].Password
;
1055 NewPwd
= mPwdTable
->UserInfo
[mPwdTable
->ValidIndex
- 1].Password
;
1056 if (CompareMem (Pwd
, NewPwd
, CREDENTIAL_LEN
) == 0) {
1057 CopyMem (Identifier
, UserId
, sizeof (EFI_USER_INFO_IDENTIFIER
));
1058 FreePool (UserInfo
);
1065 // The User's password doesn't match the input password.
1066 // Return the user ID whose password matches the input password.
1070 &mPwdTable
->UserInfo
[mPwdTable
->ValidIndex
- 1].UserId
,
1071 sizeof (EFI_USER_INFO_IDENTIFIER
)
1073 FreePool (UserInfo
);
1079 Indicate that user interface interaction has begun for the specified credential.
1081 This function is called when a credential provider is selected by the user. If
1082 AutoLogon returns FALSE, then the user interface will be constructed by the User
1085 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
1086 @param[out] AutoLogon On return, points to the credential provider's capabilities
1087 after the credential provider has been selected by the user.
1089 @retval EFI_SUCCESS Credential provider successfully selected.
1090 @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
1096 IN CONST EFI_USER_CREDENTIAL_PROTOCOL
*This
,
1097 OUT EFI_CREDENTIAL_LOGON_FLAGS
*AutoLogon
1100 if ((This
== NULL
) || (AutoLogon
== NULL
)) {
1101 return EFI_INVALID_PARAMETER
;
1110 Indicate that user interface interaction has ended for the specified credential.
1112 This function is called when a credential provider is deselected by the user.
1114 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
1116 @retval EFI_SUCCESS Credential provider successfully deselected.
1121 CredentialDeselect (
1122 IN CONST EFI_USER_CREDENTIAL_PROTOCOL
*This
1126 return EFI_INVALID_PARAMETER
;
1133 Return the default logon behavior for this user credential.
1135 This function reports the default login behavior regarding this credential provider.
1137 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
1138 @param[out] AutoLogon On return, holds whether the credential provider should be used
1139 by default to automatically log on the user.
1141 @retval EFI_SUCCESS Default information successfully returned.
1142 @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
1148 IN CONST EFI_USER_CREDENTIAL_PROTOCOL
*This
,
1149 OUT EFI_CREDENTIAL_LOGON_FLAGS
*AutoLogon
1152 if ((This
== NULL
) || (AutoLogon
== NULL
)) {
1153 return EFI_INVALID_PARAMETER
;
1162 Return information attached to the credential provider.
1164 This function returns user information.
1166 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
1167 @param[in] UserInfo Handle of the user information data record.
1168 @param[out] Info On entry, points to a buffer of at least *InfoSize bytes. On
1169 exit, holds the user information. If the buffer is too small
1170 to hold the information, then EFI_BUFFER_TOO_SMALL is returned
1171 and InfoSize is updated to contain the number of bytes actually
1173 @param[in, out] InfoSize On entry, points to the size of Info. On return, points to the
1174 size of the user information.
1176 @retval EFI_SUCCESS Information returned successfully.
1177 @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small to hold all of the
1178 user information. The size required is returned in *InfoSize.
1179 @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
1180 @retval EFI_NOT_FOUND The specified UserInfo does not refer to a valid user info handle.
1186 IN CONST EFI_USER_CREDENTIAL_PROTOCOL
*This
,
1187 IN EFI_USER_INFO_HANDLE UserInfo
,
1188 OUT EFI_USER_INFO
*Info
,
1189 IN OUT UINTN
*InfoSize
1192 EFI_USER_INFO
*CredentialInfo
;
1195 if ((This
== NULL
) || (InfoSize
== NULL
) || (Info
== NULL
)) {
1196 return EFI_INVALID_PARAMETER
;
1199 if ((UserInfo
== NULL
) || (mPwdInfoHandle
== NULL
)) {
1200 return EFI_NOT_FOUND
;
1204 // Find information handle in credential info table.
1206 for (Index
= 0; Index
< mPwdInfoHandle
->Count
; Index
++) {
1207 CredentialInfo
= mPwdInfoHandle
->Info
[Index
];
1208 if (UserInfo
== (EFI_USER_INFO_HANDLE
)CredentialInfo
) {
1210 // The handle is found, copy the user info.
1212 if (CredentialInfo
->InfoSize
> *InfoSize
) {
1213 *InfoSize
= CredentialInfo
->InfoSize
;
1214 return EFI_BUFFER_TOO_SMALL
;
1216 CopyMem (Info
, CredentialInfo
, CredentialInfo
->InfoSize
);
1221 return EFI_NOT_FOUND
;
1226 Enumerate all of the user informations on the credential provider.
1228 This function returns the next user information record. To retrieve the first user
1229 information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
1230 another user information record handle until there are no more, at which point UserInfo
1233 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
1234 @param[in, out] UserInfo On entry, points to the previous user information handle or NULL
1235 to start enumeration. On exit, points to the next user information
1236 handle or NULL if there is no more user information.
1238 @retval EFI_SUCCESS User information returned.
1239 @retval EFI_NOT_FOUND No more user information found.
1240 @retval EFI_INVALID_PARAMETER UserInfo is NULL.
1245 CredentialGetNextInfo (
1246 IN CONST EFI_USER_CREDENTIAL_PROTOCOL
*This
,
1247 IN OUT EFI_USER_INFO_HANDLE
*UserInfo
1250 EFI_USER_INFO
*Info
;
1251 CHAR16
*ProvNameStr
;
1256 if ((This
== NULL
) || (UserInfo
== NULL
)) {
1257 return EFI_INVALID_PARAMETER
;
1260 if (mPwdInfoHandle
== NULL
) {
1262 // Initilized user info table. There are 4 user info records in the table.
1264 InfoLen
= sizeof (PASSWORD_CREDENTIAL_INFO
) + (4 - 1) * sizeof (EFI_USER_INFO
*);
1265 mPwdInfoHandle
= AllocateZeroPool (InfoLen
);
1266 if (mPwdInfoHandle
== NULL
) {
1268 return EFI_NOT_FOUND
;
1272 // The first information, Credential Provider info.
1274 InfoLen
= sizeof (EFI_USER_INFO
) + sizeof (EFI_GUID
);
1275 Info
= AllocateZeroPool (InfoLen
);
1276 ASSERT (Info
!= NULL
);
1278 Info
->InfoType
= EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD
;
1279 Info
->InfoSize
= (UINT32
) InfoLen
;
1280 Info
->InfoAttribs
= EFI_USER_INFO_PROTECTED
;
1281 CopyGuid (&Info
->Credential
, &mPwdCredentialGuid
);
1282 CopyGuid ((EFI_GUID
*)(Info
+ 1), &mPwdCredentialGuid
);
1284 mPwdInfoHandle
->Info
[0] = Info
;
1285 mPwdInfoHandle
->Count
++;
1288 // The second information, Credential Provider name info.
1290 ProvNameStr
= GetStringById (STRING_TOKEN (STR_PROVIDER_NAME
));
1291 ProvStrLen
= StrSize (ProvNameStr
);
1292 InfoLen
= sizeof (EFI_USER_INFO
) + ProvStrLen
;
1293 Info
= AllocateZeroPool (InfoLen
);
1294 ASSERT (Info
!= NULL
);
1296 Info
->InfoType
= EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD
;
1297 Info
->InfoSize
= (UINT32
) InfoLen
;
1298 Info
->InfoAttribs
= EFI_USER_INFO_PROTECTED
;
1299 CopyGuid (&Info
->Credential
, &mPwdCredentialGuid
);
1300 CopyMem ((UINT8
*)(Info
+ 1), ProvNameStr
, ProvStrLen
);
1301 FreePool (ProvNameStr
);
1303 mPwdInfoHandle
->Info
[1] = Info
;
1304 mPwdInfoHandle
->Count
++;
1307 // The third information, Credential Provider type info.
1309 InfoLen
= sizeof (EFI_USER_INFO
) + sizeof (EFI_GUID
);
1310 Info
= AllocateZeroPool (InfoLen
);
1311 ASSERT (Info
!= NULL
);
1313 Info
->InfoType
= EFI_USER_INFO_CREDENTIAL_TYPE_RECORD
;
1314 Info
->InfoSize
= (UINT32
) InfoLen
;
1315 Info
->InfoAttribs
= EFI_USER_INFO_PROTECTED
;
1316 CopyGuid (&Info
->Credential
, &mPwdCredentialGuid
);
1317 CopyGuid ((EFI_GUID
*)(Info
+ 1), &gEfiUserCredentialClassPasswordGuid
);
1319 mPwdInfoHandle
->Info
[2] = Info
;
1320 mPwdInfoHandle
->Count
++;
1323 // The fourth information, Credential Provider type name info.
1325 ProvNameStr
= GetStringById (STRING_TOKEN (STR_PROVIDER_TYPE_NAME
));
1326 ProvStrLen
= StrSize (ProvNameStr
);
1327 InfoLen
= sizeof (EFI_USER_INFO
) + ProvStrLen
;
1328 Info
= AllocateZeroPool (InfoLen
);
1329 ASSERT (Info
!= NULL
);
1331 Info
->InfoType
= EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD
;
1332 Info
->InfoSize
= (UINT32
) InfoLen
;
1333 Info
->InfoAttribs
= EFI_USER_INFO_PROTECTED
;
1334 CopyGuid (&Info
->Credential
, &mPwdCredentialGuid
);
1335 CopyMem ((UINT8
*)(Info
+ 1), ProvNameStr
, ProvStrLen
);
1336 FreePool (ProvNameStr
);
1338 mPwdInfoHandle
->Info
[3] = Info
;
1339 mPwdInfoHandle
->Count
++;
1342 if (*UserInfo
== NULL
) {
1344 // Return the first info handle.
1346 *UserInfo
= (EFI_USER_INFO_HANDLE
) mPwdInfoHandle
->Info
[0];
1351 // Find information handle in credential info table.
1353 for (Index
= 0; Index
< mPwdInfoHandle
->Count
; Index
++) {
1354 Info
= mPwdInfoHandle
->Info
[Index
];
1355 if (*UserInfo
== (EFI_USER_INFO_HANDLE
)Info
) {
1357 // The handle is found, get the next one.
1359 if (Index
== mPwdInfoHandle
->Count
- 1) {
1361 // Already last one.
1364 return EFI_NOT_FOUND
;
1368 *UserInfo
= (EFI_USER_INFO_HANDLE
)mPwdInfoHandle
->Info
[Index
];
1374 return EFI_NOT_FOUND
;
1379 Main entry for this driver.
1381 @param ImageHandle Image handle this driver.
1382 @param SystemTable Pointer to SystemTable.
1384 @retval EFI_SUCESS This function always complete successfully.
1389 PasswordProviderInit (
1390 IN EFI_HANDLE ImageHandle
,
1391 IN EFI_SYSTEM_TABLE
*SystemTable
1397 // Init credential table.
1399 Status
= InitCredentialTable ();
1400 if (EFI_ERROR (Status
)) {
1405 // Init Form Browser.
1407 Status
= InitFormBrowser ();
1408 if (EFI_ERROR (Status
)) {
1413 // Install protocol interfaces for the password credential provider.
1415 Status
= gBS
->InstallProtocolInterface (
1416 &mCallbackInfo
->DriverHandle
,
1417 &gEfiUserCredentialProtocolGuid
,
1418 EFI_NATIVE_INTERFACE
,
1419 &gPwdCredentialProviderDriver