2 Password Credential Provider driver implementation.
4 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15 #include "PwdCredentialProvider.h"
17 CREDENTIAL_TABLE
*mPwdTable
= NULL
;
18 PWD_PROVIDER_CALLBACK_INFO
*mCallbackInfo
= NULL
;
19 PASSWORD_CREDENTIAL_INFO
*mPwdInfoHandle
= NULL
;
21 HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath
= {
27 (UINT8
) (sizeof (VENDOR_DEVICE_PATH
)),
28 (UINT8
) ((sizeof (VENDOR_DEVICE_PATH
)) >> 8)
31 PWD_CREDENTIAL_PROVIDER_GUID
35 END_ENTIRE_DEVICE_PATH_SUBTYPE
,
37 (UINT8
) (END_DEVICE_PATH_LENGTH
),
38 (UINT8
) ((END_DEVICE_PATH_LENGTH
) >> 8)
43 EFI_USER_CREDENTIAL2_PROTOCOL gPwdCredentialProviderDriver
= {
44 PWD_CREDENTIAL_PROVIDER_GUID
,
45 EFI_USER_CREDENTIAL_CLASS_PASSWORD
,
55 CredentialGetNextInfo
,
56 EFI_CREDENTIAL_CAPABILITIES_ENROLL
,
62 Get string by string id from HII Interface.
65 @param[in] Id String ID to get the string from.
67 @retval CHAR16 * String from ID.
68 @retval NULL If error occurs.
77 // Get the current string for the current Language.
79 return HiiGetString (mCallbackInfo
->HiiHandle
, Id
, NULL
);
84 Expand password table size.
92 CREDENTIAL_TABLE
*NewTable
;
95 Count
= mPwdTable
->MaxCount
+ PASSWORD_TABLE_INC
;
97 // Create new credential table.
99 NewTable
= (CREDENTIAL_TABLE
*) AllocateZeroPool (
100 sizeof (CREDENTIAL_TABLE
) +
101 (Count
- 1) * sizeof (PASSWORD_INFO
)
103 ASSERT (NewTable
!= NULL
);
105 NewTable
->MaxCount
= Count
;
106 NewTable
->Count
= mPwdTable
->Count
;
107 NewTable
->ValidIndex
= mPwdTable
->ValidIndex
;
113 &mPwdTable
->UserInfo
,
114 mPwdTable
->Count
* sizeof (PASSWORD_INFO
)
116 FreePool (mPwdTable
);
117 mPwdTable
= NewTable
;
122 Add, update or delete info in table, and sync with NV variable.
124 @param[in] Index The index of the password in table. If index is found in
125 table, update the info, else add the into to table.
126 @param[in] Info The new password info to add into table.If Info is NULL,
127 delete the info by Index.
129 @retval EFI_INVALID_PARAMETER Info is NULL when save the info.
130 @retval EFI_SUCCESS Modify the table successfully.
131 @retval Others Failed to modify the table.
137 IN PASSWORD_INFO
* Info OPTIONAL
141 PASSWORD_INFO
*NewPasswordInfo
;
143 NewPasswordInfo
= NULL
;
145 if (Index
< mPwdTable
->Count
) {
148 // Delete the specified entry.
151 if (Index
!= mPwdTable
->Count
) {
152 NewPasswordInfo
= &mPwdTable
->UserInfo
[mPwdTable
->Count
];
156 // Update the specified entry.
158 NewPasswordInfo
= Info
;
162 // Add a new password info.
165 return EFI_INVALID_PARAMETER
;
168 if (mPwdTable
->Count
>= mPwdTable
->MaxCount
) {
172 NewPasswordInfo
= Info
;
176 if (NewPasswordInfo
!= NULL
) {
177 CopyMem (&mPwdTable
->UserInfo
[Index
], NewPasswordInfo
, sizeof (PASSWORD_INFO
));
181 // Save the credential table.
183 Status
= gRT
->SetVariable (
185 &gPwdCredentialProviderGuid
,
186 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
,
187 mPwdTable
->Count
* sizeof (PASSWORD_INFO
),
195 Create a password table.
197 @retval EFI_SUCCESS Create a password table successfully.
198 @retval Others Failed to create a password.
202 InitCredentialTable (
211 // Get Password credential data from NV variable.
215 Status
= gRT
->GetVariable (
217 &gPwdCredentialProviderGuid
,
222 if (Status
== EFI_BUFFER_TOO_SMALL
) {
223 Var
= AllocateZeroPool (VarSize
);
225 return EFI_OUT_OF_RESOURCES
;
227 Status
= gRT
->GetVariable (
229 &gPwdCredentialProviderGuid
,
235 if (EFI_ERROR (Status
) && (Status
!= EFI_NOT_FOUND
)) {
240 // Create the password credential table.
242 mPwdTable
= AllocateZeroPool (
243 sizeof (CREDENTIAL_TABLE
) - sizeof (PASSWORD_INFO
) +
244 PASSWORD_TABLE_INC
* sizeof (PASSWORD_INFO
) +
247 if (mPwdTable
== NULL
) {
249 return EFI_OUT_OF_RESOURCES
;
252 mPwdTable
->Count
= VarSize
/ sizeof (PASSWORD_INFO
);
253 mPwdTable
->MaxCount
= mPwdTable
->Count
+ PASSWORD_TABLE_INC
;
254 mPwdTable
->ValidIndex
= 0;
256 CopyMem (mPwdTable
->UserInfo
, Var
, VarSize
);
264 Hash the password to get credential.
266 @param[in] Password Points to the input password.
267 @param[in] PasswordSize The size of password, in bytes.
268 @param[out] Credential Points to the hashed result.
270 @retval TRUE Hash the password successfully.
271 @retval FALSE Failed to hash the password.
277 IN UINTN PasswordSize
,
278 OUT UINT8
*Credential
285 HashSize
= Sha1GetContextSize ();
286 Hash
= AllocatePool (HashSize
);
287 ASSERT (Hash
!= NULL
);
289 Status
= Sha1Init (Hash
);
294 Status
= Sha1Update (Hash
, Password
, PasswordSize
);
299 Status
= Sha1Final (Hash
, Credential
);
308 Get password from user input.
310 @param[in] FirstPwd If True, prompt to input the first password.
311 If False, prompt to input password again.
312 @param[out] Credential Points to the input password.
318 OUT CHAR8
*Credential
322 CHAR16 PasswordMask
[CREDENTIAL_LEN
+ 1];
323 CHAR16 Password
[CREDENTIAL_LEN
];
330 PasswordMask
[PasswordLen
] = L
'_';
331 PasswordMask
[PasswordLen
+ 1] = L
'\0';
332 LineStr
= GetStringById (STRING_TOKEN (STR_DRAW_A_LINE
));
334 QuestionStr
= GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD
));
336 QuestionStr
= GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD_AGAIN
));
339 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
346 FreePool (QuestionStr
);
352 if (Key
.ScanCode
== SCAN_NULL
) {
353 if (Key
.UnicodeChar
== CHAR_CARRIAGE_RETURN
) {
355 } else if (Key
.UnicodeChar
== CHAR_BACKSPACE
) {
356 if (PasswordLen
> 0) {
359 } else if ((Key
.UnicodeChar
== CHAR_NULL
) ||
360 (Key
.UnicodeChar
== CHAR_TAB
) ||
361 (Key
.UnicodeChar
== CHAR_LINEFEED
)) {
364 Password
[PasswordLen
] = Key
.UnicodeChar
;
365 PasswordMask
[PasswordLen
] = L
'*';
367 if (PasswordLen
== CREDENTIAL_LEN
) {
374 PasswordLen
= PasswordLen
* sizeof (CHAR16
);
375 GenerateCredential (Password
, PasswordLen
, (UINT8
*)Credential
);
379 Check whether the password can be found on this provider.
381 @param[in] Password The password to be found.
383 @retval EFI_SUCCESS Found password sucessfully.
384 @retval EFI_NOT_FOUND Fail to find the password.
396 // Check password credential.
398 mPwdTable
->ValidIndex
= 0;
399 for (Index
= 0; Index
< mPwdTable
->Count
; Index
++) {
400 Pwd
= mPwdTable
->UserInfo
[Index
].Password
;
401 if (CompareMem (Pwd
, Password
, CREDENTIAL_LEN
) == 0) {
402 mPwdTable
->ValidIndex
= Index
+ 1;
407 return EFI_NOT_FOUND
;
412 Find a user infomation record by the information record type.
414 This function searches all user information records of User from beginning
415 until either the information is found, or there are no more user infomation
416 records. A match occurs when a Info.InfoType field matches the user information
419 @param[in] User Points to the user profile record to search.
420 @param[in] InfoType The infomation type to be searched.
421 @param[out] Info Points to the user info found, the caller is responsible
424 @retval EFI_SUCCESS Find the user information successfully.
425 @retval Others Fail to find the user information.
430 IN EFI_USER_PROFILE_HANDLE User
,
432 OUT EFI_USER_INFO
**Info
436 EFI_USER_INFO
*UserInfo
;
438 EFI_USER_INFO_HANDLE UserInfoHandle
;
439 EFI_USER_MANAGER_PROTOCOL
*UserManager
;
442 // Find user information by information type.
445 return EFI_INVALID_PARAMETER
;
448 Status
= gBS
->LocateProtocol (
449 &gEfiUserManagerProtocolGuid
,
451 (VOID
**) &UserManager
453 if (EFI_ERROR (Status
)) {
454 return EFI_NOT_FOUND
;
458 // Get each user information.
461 UserInfoHandle
= NULL
;
465 Status
= UserManager
->GetNextInfo (UserManager
, User
, &UserInfoHandle
);
466 if (EFI_ERROR (Status
)) {
472 Status
= UserManager
->GetInfo (
479 if (Status
== EFI_BUFFER_TOO_SMALL
) {
480 if (UserInfo
!= NULL
) {
483 UserInfo
= AllocateZeroPool (UserInfoSize
);
484 if (UserInfo
== NULL
) {
485 return EFI_OUT_OF_RESOURCES
;
487 Status
= UserManager
->GetInfo (
495 if (EFI_ERROR (Status
)) {
499 ASSERT (UserInfo
!= NULL
);
500 if (UserInfo
->InfoType
== InfoType
) {
506 if (UserInfo
!= NULL
) {
514 This function processes the results of changes in configuration.
516 @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
517 @param Action Specifies the type of action taken by the browser.
518 @param QuestionId A unique value which is sent to the original
519 exporting driver so that it can identify the type
521 @param Type The type of value for the question.
522 @param Value A pointer to the data being sent to the original
524 @param ActionRequest On return, points to the action requested by the
527 @retval EFI_SUCCESS The callback successfully handled the action.
528 @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the
529 variable and its data.
530 @retval EFI_DEVICE_ERROR The variable could not be saved.
531 @retval EFI_UNSUPPORTED The specified Action is not supported by the
537 CredentialDriverCallback (
538 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
539 IN EFI_BROWSER_ACTION Action
,
540 IN EFI_QUESTION_ID QuestionId
,
542 IN EFI_IFR_TYPE_VALUE
*Value
,
543 OUT EFI_BROWSER_ACTION_REQUEST
*ActionRequest
548 CHAR8 Password
[CREDENTIAL_LEN
];
551 if (Action
== EFI_BROWSER_ACTION_CHANGING
) {
552 if (QuestionId
== KEY_GET_PASSWORD
) {
554 // Get and check password.
556 GetPassword (TRUE
, Password
);
557 Status
= CheckPassword (Password
);
558 if (EFI_ERROR (Status
)) {
559 PromptStr
= GetStringById (STRING_TOKEN (STR_PASSWORD_INCORRECT
));
561 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
568 FreePool (PromptStr
);
571 *ActionRequest
= EFI_BROWSER_ACTION_REQUEST_EXIT
;
577 // All other action return unsupported.
579 return EFI_UNSUPPORTED
;
584 This function allows a caller to extract the current configuration for one
585 or more named elements from the target driver.
588 @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
589 @param Request A null-terminated Unicode string in <ConfigRequest> format.
590 @param Progress On return, points to a character in the Request string.
591 Points to the string's null terminator if request was successful.
592 Points to the most recent '&' before the first failing name/value
593 pair (or the beginning of the string if the failure is in the
594 first name/value pair) if the request was not successful.
595 @param Results A null-terminated Unicode string in <ConfigAltResp> format which
596 has all values filled in for the names in the Request string.
597 String to be allocated by the called function.
599 @retval EFI_SUCCESS The Results is filled with the requested values.
600 @retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
601 @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
602 @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
608 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
609 IN CONST EFI_STRING Request
,
610 OUT EFI_STRING
*Progress
,
611 OUT EFI_STRING
*Results
614 if (Progress
== NULL
|| Results
== NULL
) {
615 return EFI_INVALID_PARAMETER
;
618 return EFI_NOT_FOUND
;
622 This function processes the results of changes in configuration.
625 @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
626 @param Configuration A null-terminated Unicode string in <ConfigResp> format.
627 @param Progress A pointer to a string filled in with the offset of the most
628 recent '&' before the first failing name/value pair (or the
629 beginning of the string if the failure is in the first
630 name/value pair) or the terminating NULL if all was successful.
632 @retval EFI_SUCCESS The Results is processed successfully.
633 @retval EFI_INVALID_PARAMETER Configuration is NULL.
634 @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
640 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
641 IN CONST EFI_STRING Configuration
,
642 OUT EFI_STRING
*Progress
645 if (Configuration
== NULL
|| Progress
== NULL
) {
646 return EFI_INVALID_PARAMETER
;
649 return EFI_NOT_FOUND
;
653 This function initialize the data mainly used in form browser.
655 @retval EFI_SUCCESS Initialize form data successfully.
656 @retval Others Fail to Initialize form data.
665 PWD_PROVIDER_CALLBACK_INFO
*CallbackInfo
;
668 // Initialize driver private data.
670 CallbackInfo
= AllocateZeroPool (sizeof (PWD_PROVIDER_CALLBACK_INFO
));
671 if (CallbackInfo
== NULL
) {
672 return EFI_OUT_OF_RESOURCES
;
675 CallbackInfo
->Signature
= PWD_PROVIDER_SIGNATURE
;
676 CallbackInfo
->ConfigAccess
.ExtractConfig
= FakeExtractConfig
;
677 CallbackInfo
->ConfigAccess
.RouteConfig
= FakeRouteConfig
;
678 CallbackInfo
->ConfigAccess
.Callback
= CredentialDriverCallback
;
679 CallbackInfo
->DriverHandle
= NULL
;
682 // Install Device Path Protocol and Config Access protocol to driver handle.
684 Status
= gBS
->InstallMultipleProtocolInterfaces (
685 &CallbackInfo
->DriverHandle
,
686 &gEfiDevicePathProtocolGuid
,
687 &mHiiVendorDevicePath
,
688 &gEfiHiiConfigAccessProtocolGuid
,
689 &CallbackInfo
->ConfigAccess
,
692 ASSERT_EFI_ERROR (Status
);
697 CallbackInfo
->HiiHandle
= HiiAddPackages (
698 &gPwdCredentialProviderGuid
,
699 CallbackInfo
->DriverHandle
,
700 PwdCredentialProviderStrings
,
701 PwdCredentialProviderVfrBin
,
704 if (CallbackInfo
->HiiHandle
== NULL
) {
705 return EFI_OUT_OF_RESOURCES
;
707 mCallbackInfo
= CallbackInfo
;
714 Enroll a user on a credential provider.
716 This function enrolls a user on this credential provider. If the user exists on
717 this credential provider, update the user information on this credential provider;
718 otherwise add the user information on credential provider.
720 @param[in] This Points to this instance of EFI_USER_CREDENTIAL2_PROTOCOL.
721 @param[in] User The user profile to enroll.
723 @retval EFI_SUCCESS User profile was successfully enrolled.
724 @retval EFI_ACCESS_DENIED Current user profile does not permit enrollment on the
725 user profile handle. Either the user profile cannot enroll
726 on any user profile or cannot enroll on a user profile
727 other than the current user profile.
728 @retval EFI_UNSUPPORTED This credential provider does not support enrollment in
730 @retval EFI_DEVICE_ERROR The new credential could not be created because of a device
732 @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
738 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
739 IN EFI_USER_PROFILE_HANDLE User
744 PASSWORD_INFO PwdInfo
;
745 EFI_USER_INFO
*UserInfo
;
746 CHAR8 Password
[CREDENTIAL_LEN
];
748 EFI_USER_MANAGER_PROTOCOL
*UserManager
;
753 if ((This
== NULL
) || (User
== NULL
)) {
754 return EFI_INVALID_PARAMETER
;
757 Status
= gBS
->LocateProtocol (
758 &gEfiUserManagerProtocolGuid
,
760 (VOID
**) &UserManager
762 if (EFI_ERROR (Status
)) {
763 return EFI_UNSUPPORTED
;
767 // Get User Identifier.
770 Status
= FindUserInfoByType (
772 EFI_USER_INFO_IDENTIFIER_RECORD
,
775 if (EFI_ERROR (Status
)) {
776 return EFI_INVALID_PARAMETER
;
779 CopyMem (PwdInfo
.UserId
, (UINT8
*) (UserInfo
+ 1), sizeof (EFI_USER_INFO_IDENTIFIER
));
783 // Get password from user.
789 GetPassword (TRUE
, PwdInfo
.Password
);
792 // Input password again.
794 GetPassword (FALSE
, Password
);
797 // Compare the two password consistency.
799 if (CompareMem (PwdInfo
.Password
, Password
, CREDENTIAL_LEN
) == 0) {
803 QuestionStr
= GetStringById (STRING_TOKEN (STR_PASSWORD_MISMATCH
));
804 PromptStr
= GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD_AGAIN
));
806 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
813 FreePool (QuestionStr
);
814 FreePool (PromptStr
);
818 // Check whether User is ever enrolled in the provider.
820 for (Index
= 0; Index
< mPwdTable
->Count
; Index
++) {
821 UserId
= (UINT8
*) &mPwdTable
->UserInfo
[Index
].UserId
;
822 if (CompareMem (UserId
, (UINT8
*) &PwdInfo
.UserId
, sizeof (EFI_USER_INFO_IDENTIFIER
)) == 0) {
824 // User already exists, update the password.
831 // Enroll the User to the provider.
833 Status
= ModifyTable (Index
, &PwdInfo
);
834 if (EFI_ERROR (Status
)) {
839 // Notify the user manager driver that credential information has changed.
841 UserManager
->Notify (UserManager
, mCallbackInfo
->DriverHandle
);
848 Returns the user interface information used during user identification.
850 This function returns information about the form used when interacting with the
851 user during user identification. The form is the first enabled form in the form-set
852 class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII handle HiiHandle. If
853 the user credential provider does not require a form to identify the user, then this
854 function should return EFI_NOT_FOUND.
856 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
857 @param[out] Hii On return, holds the HII database handle.
858 @param[out] FormSetId On return, holds the identifier of the form set which contains
859 the form used during user identification.
860 @param[out] FormId On return, holds the identifier of the form used during user
863 @retval EFI_SUCCESS Form returned successfully.
864 @retval EFI_NOT_FOUND Form not returned.
865 @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or FormId is NULL.
871 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
872 OUT EFI_HII_HANDLE
*Hii
,
873 OUT EFI_GUID
*FormSetId
,
874 OUT EFI_FORM_ID
*FormId
877 if ((This
== NULL
) || (Hii
== NULL
) ||
878 (FormSetId
== NULL
) || (FormId
== NULL
)) {
879 return EFI_INVALID_PARAMETER
;
882 *Hii
= mCallbackInfo
->HiiHandle
;
883 *FormId
= FORMID_GET_PASSWORD_FORM
;
884 CopyGuid (FormSetId
, &gPwdCredentialProviderGuid
);
891 Returns bitmap used to describe the credential provider type.
893 This optional function returns a bitmap that is less than or equal to the number
894 of pixels specified by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND
897 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
898 @param[in, out] Width On entry, points to the desired bitmap width. If NULL then no
899 bitmap information will be returned. On exit, points to the
900 width of the bitmap returned.
901 @param[in, out] Height On entry, points to the desired bitmap height. If NULL then no
902 bitmap information will be returned. On exit, points to the
903 height of the bitmap returned
904 @param[out] Hii On return, holds the HII database handle.
905 @param[out] Image On return, holds the HII image identifier.
907 @retval EFI_SUCCESS Image identifier returned successfully.
908 @retval EFI_NOT_FOUND Image identifier not returned.
909 @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
915 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
917 IN OUT UINTN
*Height
,
918 OUT EFI_HII_HANDLE
*Hii
,
919 OUT EFI_IMAGE_ID
*Image
922 if ((This
== NULL
) || (Hii
== NULL
) || (Image
== NULL
)) {
923 return EFI_INVALID_PARAMETER
;
925 return EFI_NOT_FOUND
;
930 Returns string used to describe the credential provider type.
932 This function returns a string which describes the credential provider. If no
933 such string exists, then EFI_NOT_FOUND is returned.
935 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
936 @param[out] Hii On return, holds the HII database handle.
937 @param[out] String On return, holds the HII string identifier.
939 @retval EFI_SUCCESS String identifier returned successfully.
940 @retval EFI_NOT_FOUND String identifier not returned.
941 @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
947 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
948 OUT EFI_HII_HANDLE
*Hii
,
949 OUT EFI_STRING_ID
*String
952 if ((This
== NULL
) || (Hii
== NULL
) || (String
== NULL
)) {
953 return EFI_INVALID_PARAMETER
;
957 // Set Hii handle and String ID.
959 *Hii
= mCallbackInfo
->HiiHandle
;
960 *String
= STRING_TOKEN (STR_CREDENTIAL_TITLE
);
967 Return the user identifier associated with the currently authenticated user.
969 This function returns the user identifier of the user authenticated by this credential
970 provider. This function is called after the credential-related information has been
971 submitted on a form, OR after a call to Default() has returned that this credential is
974 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
975 @param[in] User The user profile handle of the user profile currently being
976 considered by the user identity manager. If NULL, then no user
977 profile is currently under consideration.
978 @param[out] Identifier On return, points to the user identifier.
980 @retval EFI_SUCCESS User identifier returned successfully.
981 @retval EFI_NOT_READY No user identifier can be returned.
982 @retval EFI_ACCESS_DENIED The user has been locked out of this user credential.
983 @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
984 @retval EFI_NOT_FOUND User is not NULL, and the specified user handle can't be
985 found in user profile database
991 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
992 IN EFI_USER_PROFILE_HANDLE User
,
993 OUT EFI_USER_INFO_IDENTIFIER
*Identifier
998 EFI_USER_INFO
*UserInfo
;
1004 if ((This
== NULL
) || (Identifier
== NULL
)) {
1005 return EFI_INVALID_PARAMETER
;
1008 if (mPwdTable
->ValidIndex
== 0) {
1010 // No password input, or the input password doesn't match
1011 // anyone in PwdTable.
1013 return EFI_NOT_READY
;
1018 // Return the user ID whose password matches the input password.
1022 &mPwdTable
->UserInfo
[mPwdTable
->ValidIndex
- 1].UserId
,
1023 sizeof (EFI_USER_INFO_IDENTIFIER
)
1029 // Get the User's ID.
1031 Status
= FindUserInfoByType (
1033 EFI_USER_INFO_IDENTIFIER_RECORD
,
1036 if (EFI_ERROR (Status
)) {
1037 return EFI_NOT_FOUND
;
1041 // Check whether the input password matches one in PwdTable.
1043 for (Index
= 0; Index
< mPwdTable
->Count
; Index
++) {
1044 UserId
= (UINT8
*) &mPwdTable
->UserInfo
[Index
].UserId
;
1045 NewUserId
= (UINT8
*) (UserInfo
+ 1);
1046 if (CompareMem (UserId
, NewUserId
, sizeof (EFI_USER_INFO_IDENTIFIER
)) == 0) {
1047 Pwd
= mPwdTable
->UserInfo
[Index
].Password
;
1048 NewPwd
= mPwdTable
->UserInfo
[mPwdTable
->ValidIndex
- 1].Password
;
1049 if (CompareMem (Pwd
, NewPwd
, CREDENTIAL_LEN
) == 0) {
1050 CopyMem (Identifier
, UserId
, sizeof (EFI_USER_INFO_IDENTIFIER
));
1051 FreePool (UserInfo
);
1057 FreePool (UserInfo
);
1058 return EFI_NOT_READY
;
1063 Indicate that user interface interaction has begun for the specified credential.
1065 This function is called when a credential provider is selected by the user. If
1066 AutoLogon returns FALSE, then the user interface will be constructed by the User
1069 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
1070 @param[out] AutoLogon On return, points to the credential provider's capabilities
1071 after the credential provider has been selected by the user.
1073 @retval EFI_SUCCESS Credential provider successfully selected.
1074 @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
1080 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
1081 OUT EFI_CREDENTIAL_LOGON_FLAGS
*AutoLogon
1084 if ((This
== NULL
) || (AutoLogon
== NULL
)) {
1085 return EFI_INVALID_PARAMETER
;
1094 Indicate that user interface interaction has ended for the specified credential.
1096 This function is called when a credential provider is deselected by the user.
1098 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
1100 @retval EFI_SUCCESS Credential provider successfully deselected.
1105 CredentialDeselect (
1106 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
1110 return EFI_INVALID_PARAMETER
;
1117 Return the default logon behavior for this user credential.
1119 This function reports the default login behavior regarding this credential provider.
1121 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
1122 @param[out] AutoLogon On return, holds whether the credential provider should be used
1123 by default to automatically log on the user.
1125 @retval EFI_SUCCESS Default information successfully returned.
1126 @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
1132 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
1133 OUT EFI_CREDENTIAL_LOGON_FLAGS
*AutoLogon
1136 if ((This
== NULL
) || (AutoLogon
== NULL
)) {
1137 return EFI_INVALID_PARAMETER
;
1146 Return information attached to the credential provider.
1148 This function returns user information.
1150 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
1151 @param[in] UserInfo Handle of the user information data record.
1152 @param[out] Info On entry, points to a buffer of at least *InfoSize bytes. On
1153 exit, holds the user information. If the buffer is too small
1154 to hold the information, then EFI_BUFFER_TOO_SMALL is returned
1155 and InfoSize is updated to contain the number of bytes actually
1157 @param[in, out] InfoSize On entry, points to the size of Info. On return, points to the
1158 size of the user information.
1160 @retval EFI_SUCCESS Information returned successfully.
1161 @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small to hold all of the
1162 user information. The size required is returned in *InfoSize.
1163 @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
1164 @retval EFI_NOT_FOUND The specified UserInfo does not refer to a valid user info handle.
1170 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
1171 IN EFI_USER_INFO_HANDLE UserInfo
,
1172 OUT EFI_USER_INFO
*Info
,
1173 IN OUT UINTN
*InfoSize
1176 EFI_USER_INFO
*CredentialInfo
;
1179 if ((This
== NULL
) || (InfoSize
== NULL
) || (Info
== NULL
)) {
1180 return EFI_INVALID_PARAMETER
;
1183 if ((UserInfo
== NULL
) || (mPwdInfoHandle
== NULL
)) {
1184 return EFI_NOT_FOUND
;
1188 // Find information handle in credential info table.
1190 for (Index
= 0; Index
< mPwdInfoHandle
->Count
; Index
++) {
1191 CredentialInfo
= mPwdInfoHandle
->Info
[Index
];
1192 if (UserInfo
== (EFI_USER_INFO_HANDLE
)CredentialInfo
) {
1194 // The handle is found, copy the user info.
1196 if (CredentialInfo
->InfoSize
> *InfoSize
) {
1197 *InfoSize
= CredentialInfo
->InfoSize
;
1198 return EFI_BUFFER_TOO_SMALL
;
1200 CopyMem (Info
, CredentialInfo
, CredentialInfo
->InfoSize
);
1205 return EFI_NOT_FOUND
;
1210 Enumerate all of the user informations on the credential provider.
1212 This function returns the next user information record. To retrieve the first user
1213 information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
1214 another user information record handle until there are no more, at which point UserInfo
1217 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
1218 @param[in, out] UserInfo On entry, points to the previous user information handle or NULL
1219 to start enumeration. On exit, points to the next user information
1220 handle or NULL if there is no more user information.
1222 @retval EFI_SUCCESS User information returned.
1223 @retval EFI_NOT_FOUND No more user information found.
1224 @retval EFI_INVALID_PARAMETER UserInfo is NULL.
1229 CredentialGetNextInfo (
1230 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
1231 IN OUT EFI_USER_INFO_HANDLE
*UserInfo
1234 EFI_USER_INFO
*Info
;
1235 CHAR16
*ProvNameStr
;
1240 if ((This
== NULL
) || (UserInfo
== NULL
)) {
1241 return EFI_INVALID_PARAMETER
;
1244 if (mPwdInfoHandle
== NULL
) {
1246 // Initilized user info table. There are 4 user info records in the table.
1248 InfoLen
= sizeof (PASSWORD_CREDENTIAL_INFO
) + (4 - 1) * sizeof (EFI_USER_INFO
*);
1249 mPwdInfoHandle
= AllocateZeroPool (InfoLen
);
1250 if (mPwdInfoHandle
== NULL
) {
1252 return EFI_NOT_FOUND
;
1256 // The first information, Credential Provider info.
1258 InfoLen
= sizeof (EFI_USER_INFO
) + sizeof (EFI_GUID
);
1259 Info
= AllocateZeroPool (InfoLen
);
1260 ASSERT (Info
!= NULL
);
1262 Info
->InfoType
= EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD
;
1263 Info
->InfoSize
= (UINT32
) InfoLen
;
1264 Info
->InfoAttribs
= EFI_USER_INFO_PROTECTED
;
1265 CopyGuid (&Info
->Credential
, &gPwdCredentialProviderGuid
);
1266 CopyGuid ((EFI_GUID
*)(Info
+ 1), &gPwdCredentialProviderGuid
);
1268 mPwdInfoHandle
->Info
[0] = Info
;
1269 mPwdInfoHandle
->Count
++;
1272 // The second information, Credential Provider name info.
1274 ProvNameStr
= GetStringById (STRING_TOKEN (STR_PROVIDER_NAME
));
1275 ProvStrLen
= StrSize (ProvNameStr
);
1276 InfoLen
= sizeof (EFI_USER_INFO
) + ProvStrLen
;
1277 Info
= AllocateZeroPool (InfoLen
);
1278 ASSERT (Info
!= NULL
);
1280 Info
->InfoType
= EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD
;
1281 Info
->InfoSize
= (UINT32
) InfoLen
;
1282 Info
->InfoAttribs
= EFI_USER_INFO_PROTECTED
;
1283 CopyGuid (&Info
->Credential
, &gPwdCredentialProviderGuid
);
1284 CopyMem ((UINT8
*)(Info
+ 1), ProvNameStr
, ProvStrLen
);
1285 FreePool (ProvNameStr
);
1287 mPwdInfoHandle
->Info
[1] = Info
;
1288 mPwdInfoHandle
->Count
++;
1291 // The third information, Credential Provider type info.
1293 InfoLen
= sizeof (EFI_USER_INFO
) + sizeof (EFI_GUID
);
1294 Info
= AllocateZeroPool (InfoLen
);
1295 ASSERT (Info
!= NULL
);
1297 Info
->InfoType
= EFI_USER_INFO_CREDENTIAL_TYPE_RECORD
;
1298 Info
->InfoSize
= (UINT32
) InfoLen
;
1299 Info
->InfoAttribs
= EFI_USER_INFO_PROTECTED
;
1300 CopyGuid (&Info
->Credential
, &gPwdCredentialProviderGuid
);
1301 CopyGuid ((EFI_GUID
*)(Info
+ 1), &gEfiUserCredentialClassPasswordGuid
);
1303 mPwdInfoHandle
->Info
[2] = Info
;
1304 mPwdInfoHandle
->Count
++;
1307 // The fourth information, Credential Provider type name info.
1309 ProvNameStr
= GetStringById (STRING_TOKEN (STR_PROVIDER_TYPE_NAME
));
1310 ProvStrLen
= StrSize (ProvNameStr
);
1311 InfoLen
= sizeof (EFI_USER_INFO
) + ProvStrLen
;
1312 Info
= AllocateZeroPool (InfoLen
);
1313 ASSERT (Info
!= NULL
);
1315 Info
->InfoType
= EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD
;
1316 Info
->InfoSize
= (UINT32
) InfoLen
;
1317 Info
->InfoAttribs
= EFI_USER_INFO_PROTECTED
;
1318 CopyGuid (&Info
->Credential
, &gPwdCredentialProviderGuid
);
1319 CopyMem ((UINT8
*)(Info
+ 1), ProvNameStr
, ProvStrLen
);
1320 FreePool (ProvNameStr
);
1322 mPwdInfoHandle
->Info
[3] = Info
;
1323 mPwdInfoHandle
->Count
++;
1326 if (*UserInfo
== NULL
) {
1328 // Return the first info handle.
1330 *UserInfo
= (EFI_USER_INFO_HANDLE
) mPwdInfoHandle
->Info
[0];
1335 // Find information handle in credential info table.
1337 for (Index
= 0; Index
< mPwdInfoHandle
->Count
; Index
++) {
1338 Info
= mPwdInfoHandle
->Info
[Index
];
1339 if (*UserInfo
== (EFI_USER_INFO_HANDLE
)Info
) {
1341 // The handle is found, get the next one.
1343 if (Index
== mPwdInfoHandle
->Count
- 1) {
1345 // Already last one.
1348 return EFI_NOT_FOUND
;
1352 *UserInfo
= (EFI_USER_INFO_HANDLE
)mPwdInfoHandle
->Info
[Index
];
1358 return EFI_NOT_FOUND
;
1362 Delete a user on this credential provider.
1364 This function deletes a user on this credential provider.
1366 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
1367 @param[in] User The user profile handle to delete.
1369 @retval EFI_SUCCESS User profile was successfully deleted.
1370 @retval EFI_ACCESS_DENIED Current user profile does not permit deletion on the user profile handle.
1371 Either the user profile cannot delete on any user profile or cannot delete
1372 on a user profile other than the current user profile.
1373 @retval EFI_UNSUPPORTED This credential provider does not support deletion in the pre-OS.
1374 @retval EFI_DEVICE_ERROR The new credential could not be deleted because of a device error.
1375 @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
1380 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
1381 IN EFI_USER_PROFILE_HANDLE User
1385 EFI_USER_INFO
*UserInfo
;
1390 if ((This
== NULL
) || (User
== NULL
)) {
1391 return EFI_INVALID_PARAMETER
;
1395 // Get User Identifier.
1398 Status
= FindUserInfoByType (
1400 EFI_USER_INFO_IDENTIFIER_RECORD
,
1403 if (EFI_ERROR (Status
)) {
1404 return EFI_INVALID_PARAMETER
;
1408 // Find the user by user identifier in mPwdTable.
1410 for (Index
= 0; Index
< mPwdTable
->Count
; Index
++) {
1411 UserId
= (UINT8
*) &mPwdTable
->UserInfo
[Index
].UserId
;
1412 NewUserId
= (UINT8
*) (UserInfo
+ 1);
1413 if (CompareMem (UserId
, NewUserId
, sizeof (EFI_USER_INFO_IDENTIFIER
)) == 0) {
1415 // Found the user, delete it.
1417 ModifyTable (Index
, NULL
);
1422 FreePool (UserInfo
);
1428 Main entry for this driver.
1430 @param ImageHandle Image handle this driver.
1431 @param SystemTable Pointer to SystemTable.
1433 @retval EFI_SUCESS This function always complete successfully.
1438 PasswordProviderInit (
1439 IN EFI_HANDLE ImageHandle
,
1440 IN EFI_SYSTEM_TABLE
*SystemTable
1446 // Init credential table.
1448 Status
= InitCredentialTable ();
1449 if (EFI_ERROR (Status
)) {
1454 // Init Form Browser.
1456 Status
= InitFormBrowser ();
1457 if (EFI_ERROR (Status
)) {
1462 // Install protocol interfaces for the password credential provider.
1464 Status
= gBS
->InstallProtocolInterface (
1465 &mCallbackInfo
->DriverHandle
,
1466 &gEfiUserCredential2ProtocolGuid
,
1467 EFI_NATIVE_INTERFACE
,
1468 &gPwdCredentialProviderDriver