2 Password Credential Provider driver implementation.
4 Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
5 (C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution. The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
16 #include "PwdCredentialProvider.h"
18 CREDENTIAL_TABLE
*mPwdTable
= NULL
;
19 PWD_PROVIDER_CALLBACK_INFO
*mCallbackInfo
= NULL
;
20 PASSWORD_CREDENTIAL_INFO
*mPwdInfoHandle
= NULL
;
22 HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath
= {
28 (UINT8
) (sizeof (VENDOR_DEVICE_PATH
)),
29 (UINT8
) ((sizeof (VENDOR_DEVICE_PATH
)) >> 8)
32 PWD_CREDENTIAL_PROVIDER_GUID
36 END_ENTIRE_DEVICE_PATH_SUBTYPE
,
38 (UINT8
) (END_DEVICE_PATH_LENGTH
),
39 (UINT8
) ((END_DEVICE_PATH_LENGTH
) >> 8)
44 EFI_USER_CREDENTIAL2_PROTOCOL gPwdCredentialProviderDriver
= {
45 PWD_CREDENTIAL_PROVIDER_GUID
,
46 EFI_USER_CREDENTIAL_CLASS_PASSWORD
,
56 CredentialGetNextInfo
,
57 EFI_CREDENTIAL_CAPABILITIES_ENROLL
,
63 Get string by string id from HII Interface.
66 @param[in] Id String ID to get the string from.
68 @retval CHAR16 * String from ID.
69 @retval NULL If error occurs.
78 // Get the current string for the current Language.
80 return HiiGetString (mCallbackInfo
->HiiHandle
, Id
, NULL
);
85 Expand password table size.
93 CREDENTIAL_TABLE
*NewTable
;
96 Count
= mPwdTable
->MaxCount
+ PASSWORD_TABLE_INC
;
98 // Create new credential table.
100 NewTable
= (CREDENTIAL_TABLE
*) AllocateZeroPool (
101 sizeof (CREDENTIAL_TABLE
) +
102 (Count
- 1) * sizeof (PASSWORD_INFO
)
104 ASSERT (NewTable
!= NULL
);
106 NewTable
->MaxCount
= Count
;
107 NewTable
->Count
= mPwdTable
->Count
;
108 NewTable
->ValidIndex
= mPwdTable
->ValidIndex
;
114 &mPwdTable
->UserInfo
,
115 mPwdTable
->Count
* sizeof (PASSWORD_INFO
)
117 FreePool (mPwdTable
);
118 mPwdTable
= NewTable
;
123 Add, update or delete info in table, and sync with NV variable.
125 @param[in] Index The index of the password in table. If index is found in
126 table, update the info, else add the into to table.
127 @param[in] Info The new password info to add into table.If Info is NULL,
128 delete the info by Index.
130 @retval EFI_INVALID_PARAMETER Info is NULL when save the info.
131 @retval EFI_SUCCESS Modify the table successfully.
132 @retval Others Failed to modify the table.
138 IN PASSWORD_INFO
* Info OPTIONAL
142 PASSWORD_INFO
*NewPasswordInfo
;
144 NewPasswordInfo
= NULL
;
146 if (Index
< mPwdTable
->Count
) {
149 // Delete the specified entry.
152 if (Index
!= mPwdTable
->Count
) {
153 NewPasswordInfo
= &mPwdTable
->UserInfo
[mPwdTable
->Count
];
157 // Update the specified entry.
159 NewPasswordInfo
= Info
;
163 // Add a new password info.
166 return EFI_INVALID_PARAMETER
;
169 if (mPwdTable
->Count
>= mPwdTable
->MaxCount
) {
173 NewPasswordInfo
= Info
;
177 if (NewPasswordInfo
!= NULL
) {
178 CopyMem (&mPwdTable
->UserInfo
[Index
], NewPasswordInfo
, sizeof (PASSWORD_INFO
));
182 // Save the credential table.
184 Status
= gRT
->SetVariable (
186 &gPwdCredentialProviderGuid
,
187 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
,
188 mPwdTable
->Count
* sizeof (PASSWORD_INFO
),
196 Create a password table.
198 @retval EFI_SUCCESS Create a password table successfully.
199 @retval Others Failed to create a password.
203 InitCredentialTable (
212 // Get Password credential data from NV variable.
216 Status
= gRT
->GetVariable (
218 &gPwdCredentialProviderGuid
,
223 if (Status
== EFI_BUFFER_TOO_SMALL
) {
224 Var
= AllocateZeroPool (VarSize
);
226 return EFI_OUT_OF_RESOURCES
;
228 Status
= gRT
->GetVariable (
230 &gPwdCredentialProviderGuid
,
236 if (EFI_ERROR (Status
) && (Status
!= EFI_NOT_FOUND
)) {
241 // Create the password credential table.
243 mPwdTable
= AllocateZeroPool (
244 sizeof (CREDENTIAL_TABLE
) - sizeof (PASSWORD_INFO
) +
245 PASSWORD_TABLE_INC
* sizeof (PASSWORD_INFO
) +
248 if (mPwdTable
== NULL
) {
250 return EFI_OUT_OF_RESOURCES
;
253 mPwdTable
->Count
= VarSize
/ sizeof (PASSWORD_INFO
);
254 mPwdTable
->MaxCount
= mPwdTable
->Count
+ PASSWORD_TABLE_INC
;
255 mPwdTable
->ValidIndex
= 0;
257 CopyMem (mPwdTable
->UserInfo
, Var
, VarSize
);
265 Hash the password to get credential.
267 @param[in] Password Points to the input password.
268 @param[in] PasswordSize The size of password, in bytes.
269 @param[out] Credential Points to the hashed result.
271 @retval TRUE Hash the password successfully.
272 @retval FALSE Failed to hash the password.
278 IN UINTN PasswordSize
,
279 OUT UINT8
*Credential
286 HashSize
= Sha1GetContextSize ();
287 Hash
= AllocatePool (HashSize
);
288 ASSERT (Hash
!= NULL
);
290 Status
= Sha1Init (Hash
);
295 Status
= Sha1Update (Hash
, Password
, PasswordSize
);
300 Status
= Sha1Final (Hash
, Credential
);
309 Get password from user input.
311 @param[in] FirstPwd If True, prompt to input the first password.
312 If False, prompt to input password again.
313 @param[out] Credential Points to the input password.
319 OUT CHAR8
*Credential
323 CHAR16 PasswordMask
[CREDENTIAL_LEN
+ 1];
324 CHAR16 Password
[CREDENTIAL_LEN
];
331 PasswordMask
[PasswordLen
] = L
'_';
332 PasswordMask
[PasswordLen
+ 1] = L
'\0';
333 LineStr
= GetStringById (STRING_TOKEN (STR_DRAW_A_LINE
));
335 QuestionStr
= GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD
));
337 QuestionStr
= GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD_AGAIN
));
340 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
347 FreePool (QuestionStr
);
353 if (Key
.ScanCode
== SCAN_NULL
) {
354 if (Key
.UnicodeChar
== CHAR_CARRIAGE_RETURN
) {
356 } else if (Key
.UnicodeChar
== CHAR_BACKSPACE
) {
357 if (PasswordLen
> 0) {
360 } else if ((Key
.UnicodeChar
== CHAR_NULL
) ||
361 (Key
.UnicodeChar
== CHAR_TAB
) ||
362 (Key
.UnicodeChar
== CHAR_LINEFEED
)) {
365 Password
[PasswordLen
] = Key
.UnicodeChar
;
366 PasswordMask
[PasswordLen
] = L
'*';
368 if (PasswordLen
== CREDENTIAL_LEN
) {
375 PasswordLen
= PasswordLen
* sizeof (CHAR16
);
376 GenerateCredential (Password
, PasswordLen
, (UINT8
*)Credential
);
380 Check whether the password can be found on this provider.
382 @param[in] Password The password to be found.
384 @retval EFI_SUCCESS Found password sucessfully.
385 @retval EFI_NOT_FOUND Fail to find the password.
397 // Check password credential.
399 mPwdTable
->ValidIndex
= 0;
400 for (Index
= 0; Index
< mPwdTable
->Count
; Index
++) {
401 Pwd
= mPwdTable
->UserInfo
[Index
].Password
;
402 if (CompareMem (Pwd
, Password
, CREDENTIAL_LEN
) == 0) {
403 mPwdTable
->ValidIndex
= Index
+ 1;
408 return EFI_NOT_FOUND
;
413 Find a user infomation record by the information record type.
415 This function searches all user information records of User from beginning
416 until either the information is found, or there are no more user infomation
417 records. A match occurs when a Info.InfoType field matches the user information
420 @param[in] User Points to the user profile record to search.
421 @param[in] InfoType The infomation type to be searched.
422 @param[out] Info Points to the user info found, the caller is responsible
425 @retval EFI_SUCCESS Find the user information successfully.
426 @retval Others Fail to find the user information.
431 IN EFI_USER_PROFILE_HANDLE User
,
433 OUT EFI_USER_INFO
**Info
437 EFI_USER_INFO
*UserInfo
;
439 EFI_USER_INFO_HANDLE UserInfoHandle
;
440 EFI_USER_MANAGER_PROTOCOL
*UserManager
;
443 // Find user information by information type.
446 return EFI_INVALID_PARAMETER
;
449 Status
= gBS
->LocateProtocol (
450 &gEfiUserManagerProtocolGuid
,
452 (VOID
**) &UserManager
454 if (EFI_ERROR (Status
)) {
455 return EFI_NOT_FOUND
;
459 // Get each user information.
462 UserInfoHandle
= NULL
;
466 Status
= UserManager
->GetNextInfo (UserManager
, User
, &UserInfoHandle
);
467 if (EFI_ERROR (Status
)) {
473 Status
= UserManager
->GetInfo (
480 if (Status
== EFI_BUFFER_TOO_SMALL
) {
481 if (UserInfo
!= NULL
) {
484 UserInfo
= AllocateZeroPool (UserInfoSize
);
485 if (UserInfo
== NULL
) {
486 return EFI_OUT_OF_RESOURCES
;
488 Status
= UserManager
->GetInfo (
496 if (EFI_ERROR (Status
)) {
500 ASSERT (UserInfo
!= NULL
);
501 if (UserInfo
->InfoType
== InfoType
) {
507 if (UserInfo
!= NULL
) {
515 This function processes the results of changes in configuration.
517 @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
518 @param Action Specifies the type of action taken by the browser.
519 @param QuestionId A unique value which is sent to the original
520 exporting driver so that it can identify the type
522 @param Type The type of value for the question.
523 @param Value A pointer to the data being sent to the original
525 @param ActionRequest On return, points to the action requested by the
528 @retval EFI_SUCCESS The callback successfully handled the action.
529 @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the
530 variable and its data.
531 @retval EFI_DEVICE_ERROR The variable could not be saved.
532 @retval EFI_UNSUPPORTED The specified Action is not supported by the
538 CredentialDriverCallback (
539 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
540 IN EFI_BROWSER_ACTION Action
,
541 IN EFI_QUESTION_ID QuestionId
,
543 IN EFI_IFR_TYPE_VALUE
*Value
,
544 OUT EFI_BROWSER_ACTION_REQUEST
*ActionRequest
549 CHAR8 Password
[CREDENTIAL_LEN
];
552 if (Action
== EFI_BROWSER_ACTION_CHANGED
) {
553 if (QuestionId
== KEY_GET_PASSWORD
) {
555 // Get and check password.
557 GetPassword (TRUE
, Password
);
558 Status
= CheckPassword (Password
);
559 if (EFI_ERROR (Status
)) {
560 PromptStr
= GetStringById (STRING_TOKEN (STR_PASSWORD_INCORRECT
));
562 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
569 FreePool (PromptStr
);
572 *ActionRequest
= EFI_BROWSER_ACTION_REQUEST_EXIT
;
578 // All other action return unsupported.
580 return EFI_UNSUPPORTED
;
585 This function allows a caller to extract the current configuration for one
586 or more named elements from the target driver.
589 @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
590 @param Request A null-terminated Unicode string in <ConfigRequest> format.
591 @param Progress On return, points to a character in the Request string.
592 Points to the string's null terminator if request was successful.
593 Points to the most recent '&' before the first failing name/value
594 pair (or the beginning of the string if the failure is in the
595 first name/value pair) if the request was not successful.
596 @param Results A null-terminated Unicode string in <ConfigAltResp> format which
597 has all values filled in for the names in the Request string.
598 String to be allocated by the called function.
600 @retval EFI_SUCCESS The Results is filled with the requested values.
601 @retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
602 @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
603 @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
609 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
610 IN CONST EFI_STRING Request
,
611 OUT EFI_STRING
*Progress
,
612 OUT EFI_STRING
*Results
615 if (Progress
== NULL
|| Results
== NULL
) {
616 return EFI_INVALID_PARAMETER
;
619 return EFI_NOT_FOUND
;
623 This function processes the results of changes in configuration.
626 @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
627 @param Configuration A null-terminated Unicode string in <ConfigResp> format.
628 @param Progress A pointer to a string filled in with the offset of the most
629 recent '&' before the first failing name/value pair (or the
630 beginning of the string if the failure is in the first
631 name/value pair) or the terminating NULL if all was successful.
633 @retval EFI_SUCCESS The Results is processed successfully.
634 @retval EFI_INVALID_PARAMETER Configuration is NULL.
635 @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
641 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
642 IN CONST EFI_STRING Configuration
,
643 OUT EFI_STRING
*Progress
646 if (Configuration
== NULL
|| Progress
== NULL
) {
647 return EFI_INVALID_PARAMETER
;
650 *Progress
= Configuration
;
652 return EFI_NOT_FOUND
;
656 This function initialize the data mainly used in form browser.
658 @retval EFI_SUCCESS Initialize form data successfully.
659 @retval Others Fail to Initialize form data.
668 PWD_PROVIDER_CALLBACK_INFO
*CallbackInfo
;
671 // Initialize driver private data.
673 CallbackInfo
= AllocateZeroPool (sizeof (PWD_PROVIDER_CALLBACK_INFO
));
674 if (CallbackInfo
== NULL
) {
675 return EFI_OUT_OF_RESOURCES
;
678 CallbackInfo
->Signature
= PWD_PROVIDER_SIGNATURE
;
679 CallbackInfo
->ConfigAccess
.ExtractConfig
= FakeExtractConfig
;
680 CallbackInfo
->ConfigAccess
.RouteConfig
= FakeRouteConfig
;
681 CallbackInfo
->ConfigAccess
.Callback
= CredentialDriverCallback
;
682 CallbackInfo
->DriverHandle
= NULL
;
685 // Install Device Path Protocol and Config Access protocol to driver handle.
687 Status
= gBS
->InstallMultipleProtocolInterfaces (
688 &CallbackInfo
->DriverHandle
,
689 &gEfiDevicePathProtocolGuid
,
690 &mHiiVendorDevicePath
,
691 &gEfiHiiConfigAccessProtocolGuid
,
692 &CallbackInfo
->ConfigAccess
,
695 ASSERT_EFI_ERROR (Status
);
700 CallbackInfo
->HiiHandle
= HiiAddPackages (
701 &gPwdCredentialProviderGuid
,
702 CallbackInfo
->DriverHandle
,
703 PwdCredentialProviderStrings
,
704 PwdCredentialProviderVfrBin
,
707 if (CallbackInfo
->HiiHandle
== NULL
) {
708 return EFI_OUT_OF_RESOURCES
;
710 mCallbackInfo
= CallbackInfo
;
717 Enroll a user on a credential provider.
719 This function enrolls a user on this credential provider. If the user exists on
720 this credential provider, update the user information on this credential provider;
721 otherwise add the user information on credential provider.
723 @param[in] This Points to this instance of EFI_USER_CREDENTIAL2_PROTOCOL.
724 @param[in] User The user profile to enroll.
726 @retval EFI_SUCCESS User profile was successfully enrolled.
727 @retval EFI_ACCESS_DENIED Current user profile does not permit enrollment on the
728 user profile handle. Either the user profile cannot enroll
729 on any user profile or cannot enroll on a user profile
730 other than the current user profile.
731 @retval EFI_UNSUPPORTED This credential provider does not support enrollment in
733 @retval EFI_DEVICE_ERROR The new credential could not be created because of a device
735 @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
741 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
742 IN EFI_USER_PROFILE_HANDLE User
747 PASSWORD_INFO PwdInfo
;
748 EFI_USER_INFO
*UserInfo
;
749 CHAR8 Password
[CREDENTIAL_LEN
];
755 if ((This
== NULL
) || (User
== NULL
)) {
756 return EFI_INVALID_PARAMETER
;
760 // Get User Identifier.
763 Status
= FindUserInfoByType (
765 EFI_USER_INFO_IDENTIFIER_RECORD
,
768 if (EFI_ERROR (Status
)) {
769 return EFI_INVALID_PARAMETER
;
772 CopyMem (PwdInfo
.UserId
, (UINT8
*) (UserInfo
+ 1), sizeof (EFI_USER_INFO_IDENTIFIER
));
776 // Get password from user.
782 GetPassword (TRUE
, PwdInfo
.Password
);
785 // Input password again.
787 GetPassword (FALSE
, Password
);
790 // Compare the two password consistency.
792 if (CompareMem (PwdInfo
.Password
, Password
, CREDENTIAL_LEN
) == 0) {
796 QuestionStr
= GetStringById (STRING_TOKEN (STR_PASSWORD_MISMATCH
));
797 PromptStr
= GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD_AGAIN
));
799 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
806 FreePool (QuestionStr
);
807 FreePool (PromptStr
);
811 // Check whether User is ever enrolled in the provider.
813 for (Index
= 0; Index
< mPwdTable
->Count
; Index
++) {
814 UserId
= (UINT8
*) &mPwdTable
->UserInfo
[Index
].UserId
;
815 if (CompareMem (UserId
, (UINT8
*) &PwdInfo
.UserId
, sizeof (EFI_USER_INFO_IDENTIFIER
)) == 0) {
817 // User already exists, update the password.
824 // Enroll the User to the provider.
826 Status
= ModifyTable (Index
, &PwdInfo
);
827 if (EFI_ERROR (Status
)) {
836 Returns the user interface information used during user identification.
838 This function returns information about the form used when interacting with the
839 user during user identification. The form is the first enabled form in the form-set
840 class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII handle HiiHandle. If
841 the user credential provider does not require a form to identify the user, then this
842 function should return EFI_NOT_FOUND.
844 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
845 @param[out] Hii On return, holds the HII database handle.
846 @param[out] FormSetId On return, holds the identifier of the form set which contains
847 the form used during user identification.
848 @param[out] FormId On return, holds the identifier of the form used during user
851 @retval EFI_SUCCESS Form returned successfully.
852 @retval EFI_NOT_FOUND Form not returned.
853 @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or FormId is NULL.
859 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
860 OUT EFI_HII_HANDLE
*Hii
,
861 OUT EFI_GUID
*FormSetId
,
862 OUT EFI_FORM_ID
*FormId
865 if ((This
== NULL
) || (Hii
== NULL
) ||
866 (FormSetId
== NULL
) || (FormId
== NULL
)) {
867 return EFI_INVALID_PARAMETER
;
870 *Hii
= mCallbackInfo
->HiiHandle
;
871 *FormId
= FORMID_GET_PASSWORD_FORM
;
872 CopyGuid (FormSetId
, &gPwdCredentialProviderGuid
);
879 Returns bitmap used to describe the credential provider type.
881 This optional function returns a bitmap that is less than or equal to the number
882 of pixels specified by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND
885 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
886 @param[in, out] Width On entry, points to the desired bitmap width. If NULL then no
887 bitmap information will be returned. On exit, points to the
888 width of the bitmap returned.
889 @param[in, out] Height On entry, points to the desired bitmap height. If NULL then no
890 bitmap information will be returned. On exit, points to the
891 height of the bitmap returned
892 @param[out] Hii On return, holds the HII database handle.
893 @param[out] Image On return, holds the HII image identifier.
895 @retval EFI_SUCCESS Image identifier returned successfully.
896 @retval EFI_NOT_FOUND Image identifier not returned.
897 @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
903 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
905 IN OUT UINTN
*Height
,
906 OUT EFI_HII_HANDLE
*Hii
,
907 OUT EFI_IMAGE_ID
*Image
910 if ((This
== NULL
) || (Hii
== NULL
) || (Image
== NULL
)) {
911 return EFI_INVALID_PARAMETER
;
913 return EFI_NOT_FOUND
;
918 Returns string used to describe the credential provider type.
920 This function returns a string which describes the credential provider. If no
921 such string exists, then EFI_NOT_FOUND is returned.
923 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
924 @param[out] Hii On return, holds the HII database handle.
925 @param[out] String On return, holds the HII string identifier.
927 @retval EFI_SUCCESS String identifier returned successfully.
928 @retval EFI_NOT_FOUND String identifier not returned.
929 @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
935 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
936 OUT EFI_HII_HANDLE
*Hii
,
937 OUT EFI_STRING_ID
*String
940 if ((This
== NULL
) || (Hii
== NULL
) || (String
== NULL
)) {
941 return EFI_INVALID_PARAMETER
;
945 // Set Hii handle and String ID.
947 *Hii
= mCallbackInfo
->HiiHandle
;
948 *String
= STRING_TOKEN (STR_CREDENTIAL_TITLE
);
955 Return the user identifier associated with the currently authenticated user.
957 This function returns the user identifier of the user authenticated by this credential
958 provider. This function is called after the credential-related information has been
959 submitted on a form, OR after a call to Default() has returned that this credential is
962 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
963 @param[in] User The user profile handle of the user profile currently being
964 considered by the user identity manager. If NULL, then no user
965 profile is currently under consideration.
966 @param[out] Identifier On return, points to the user identifier.
968 @retval EFI_SUCCESS User identifier returned successfully.
969 @retval EFI_NOT_READY No user identifier can be returned.
970 @retval EFI_ACCESS_DENIED The user has been locked out of this user credential.
971 @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
972 @retval EFI_NOT_FOUND User is not NULL, and the specified user handle can't be
973 found in user profile database
979 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
980 IN EFI_USER_PROFILE_HANDLE User
,
981 OUT EFI_USER_INFO_IDENTIFIER
*Identifier
986 EFI_USER_INFO
*UserInfo
;
992 if ((This
== NULL
) || (Identifier
== NULL
)) {
993 return EFI_INVALID_PARAMETER
;
996 if (mPwdTable
->ValidIndex
== 0) {
998 // No password input, or the input password doesn't match
999 // anyone in PwdTable.
1001 return EFI_NOT_READY
;
1006 // Return the user ID whose password matches the input password.
1010 &mPwdTable
->UserInfo
[mPwdTable
->ValidIndex
- 1].UserId
,
1011 sizeof (EFI_USER_INFO_IDENTIFIER
)
1017 // Get the User's ID.
1019 Status
= FindUserInfoByType (
1021 EFI_USER_INFO_IDENTIFIER_RECORD
,
1024 if (EFI_ERROR (Status
)) {
1025 return EFI_NOT_FOUND
;
1029 // Check whether the input password matches one in PwdTable.
1031 for (Index
= 0; Index
< mPwdTable
->Count
; Index
++) {
1032 UserId
= (UINT8
*) &mPwdTable
->UserInfo
[Index
].UserId
;
1033 NewUserId
= (UINT8
*) (UserInfo
+ 1);
1034 if (CompareMem (UserId
, NewUserId
, sizeof (EFI_USER_INFO_IDENTIFIER
)) == 0) {
1035 Pwd
= mPwdTable
->UserInfo
[Index
].Password
;
1036 NewPwd
= mPwdTable
->UserInfo
[mPwdTable
->ValidIndex
- 1].Password
;
1037 if (CompareMem (Pwd
, NewPwd
, CREDENTIAL_LEN
) == 0) {
1038 CopyMem (Identifier
, UserId
, sizeof (EFI_USER_INFO_IDENTIFIER
));
1039 FreePool (UserInfo
);
1045 FreePool (UserInfo
);
1046 return EFI_NOT_READY
;
1051 Indicate that user interface interaction has begun for the specified credential.
1053 This function is called when a credential provider is selected by the user. If
1054 AutoLogon returns FALSE, then the user interface will be constructed by the User
1057 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
1058 @param[out] AutoLogon On return, points to the credential provider's capabilities
1059 after the credential provider has been selected by the user.
1061 @retval EFI_SUCCESS Credential provider successfully selected.
1062 @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
1068 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
1069 OUT EFI_CREDENTIAL_LOGON_FLAGS
*AutoLogon
1072 if ((This
== NULL
) || (AutoLogon
== NULL
)) {
1073 return EFI_INVALID_PARAMETER
;
1082 Indicate that user interface interaction has ended for the specified credential.
1084 This function is called when a credential provider is deselected by the user.
1086 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
1088 @retval EFI_SUCCESS Credential provider successfully deselected.
1093 CredentialDeselect (
1094 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
1098 return EFI_INVALID_PARAMETER
;
1105 Return the default logon behavior for this user credential.
1107 This function reports the default login behavior regarding this credential provider.
1109 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
1110 @param[out] AutoLogon On return, holds whether the credential provider should be used
1111 by default to automatically log on the user.
1113 @retval EFI_SUCCESS Default information successfully returned.
1114 @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
1120 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
1121 OUT EFI_CREDENTIAL_LOGON_FLAGS
*AutoLogon
1124 if ((This
== NULL
) || (AutoLogon
== NULL
)) {
1125 return EFI_INVALID_PARAMETER
;
1134 Return information attached to the credential provider.
1136 This function returns user information.
1138 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
1139 @param[in] UserInfo Handle of the user information data record.
1140 @param[out] Info On entry, points to a buffer of at least *InfoSize bytes. On
1141 exit, holds the user information. If the buffer is too small
1142 to hold the information, then EFI_BUFFER_TOO_SMALL is returned
1143 and InfoSize is updated to contain the number of bytes actually
1145 @param[in, out] InfoSize On entry, points to the size of Info. On return, points to the
1146 size of the user information.
1148 @retval EFI_SUCCESS Information returned successfully.
1149 @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small to hold all of the
1150 user information. The size required is returned in *InfoSize.
1151 @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
1152 @retval EFI_NOT_FOUND The specified UserInfo does not refer to a valid user info handle.
1158 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
1159 IN EFI_USER_INFO_HANDLE UserInfo
,
1160 OUT EFI_USER_INFO
*Info
,
1161 IN OUT UINTN
*InfoSize
1164 EFI_USER_INFO
*CredentialInfo
;
1167 if ((This
== NULL
) || (InfoSize
== NULL
) || (Info
== NULL
)) {
1168 return EFI_INVALID_PARAMETER
;
1171 if ((UserInfo
== NULL
) || (mPwdInfoHandle
== NULL
)) {
1172 return EFI_NOT_FOUND
;
1176 // Find information handle in credential info table.
1178 for (Index
= 0; Index
< mPwdInfoHandle
->Count
; Index
++) {
1179 CredentialInfo
= mPwdInfoHandle
->Info
[Index
];
1180 if (UserInfo
== (EFI_USER_INFO_HANDLE
)CredentialInfo
) {
1182 // The handle is found, copy the user info.
1184 if (CredentialInfo
->InfoSize
> *InfoSize
) {
1185 *InfoSize
= CredentialInfo
->InfoSize
;
1186 return EFI_BUFFER_TOO_SMALL
;
1188 CopyMem (Info
, CredentialInfo
, CredentialInfo
->InfoSize
);
1193 return EFI_NOT_FOUND
;
1198 Enumerate all of the user informations on the credential provider.
1200 This function returns the next user information record. To retrieve the first user
1201 information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
1202 another user information record handle until there are no more, at which point UserInfo
1205 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
1206 @param[in, out] UserInfo On entry, points to the previous user information handle or NULL
1207 to start enumeration. On exit, points to the next user information
1208 handle or NULL if there is no more user information.
1210 @retval EFI_SUCCESS User information returned.
1211 @retval EFI_NOT_FOUND No more user information found.
1212 @retval EFI_INVALID_PARAMETER UserInfo is NULL.
1217 CredentialGetNextInfo (
1218 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
1219 IN OUT EFI_USER_INFO_HANDLE
*UserInfo
1222 EFI_USER_INFO
*Info
;
1223 CHAR16
*ProvNameStr
;
1228 if ((This
== NULL
) || (UserInfo
== NULL
)) {
1229 return EFI_INVALID_PARAMETER
;
1232 if (mPwdInfoHandle
== NULL
) {
1234 // Initilized user info table. There are 4 user info records in the table.
1236 InfoLen
= sizeof (PASSWORD_CREDENTIAL_INFO
) + (4 - 1) * sizeof (EFI_USER_INFO
*);
1237 mPwdInfoHandle
= AllocateZeroPool (InfoLen
);
1238 if (mPwdInfoHandle
== NULL
) {
1240 return EFI_NOT_FOUND
;
1244 // The first information, Credential Provider info.
1246 InfoLen
= sizeof (EFI_USER_INFO
) + sizeof (EFI_GUID
);
1247 Info
= AllocateZeroPool (InfoLen
);
1248 ASSERT (Info
!= NULL
);
1250 Info
->InfoType
= EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD
;
1251 Info
->InfoSize
= (UINT32
) InfoLen
;
1252 Info
->InfoAttribs
= EFI_USER_INFO_PROTECTED
;
1253 CopyGuid (&Info
->Credential
, &gPwdCredentialProviderGuid
);
1254 CopyGuid ((EFI_GUID
*)(Info
+ 1), &gPwdCredentialProviderGuid
);
1256 mPwdInfoHandle
->Info
[0] = Info
;
1257 mPwdInfoHandle
->Count
++;
1260 // The second information, Credential Provider name info.
1262 ProvNameStr
= GetStringById (STRING_TOKEN (STR_PROVIDER_NAME
));
1263 ProvStrLen
= StrSize (ProvNameStr
);
1264 InfoLen
= sizeof (EFI_USER_INFO
) + ProvStrLen
;
1265 Info
= AllocateZeroPool (InfoLen
);
1266 ASSERT (Info
!= NULL
);
1268 Info
->InfoType
= EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD
;
1269 Info
->InfoSize
= (UINT32
) InfoLen
;
1270 Info
->InfoAttribs
= EFI_USER_INFO_PROTECTED
;
1271 CopyGuid (&Info
->Credential
, &gPwdCredentialProviderGuid
);
1272 CopyMem ((UINT8
*)(Info
+ 1), ProvNameStr
, ProvStrLen
);
1273 FreePool (ProvNameStr
);
1275 mPwdInfoHandle
->Info
[1] = Info
;
1276 mPwdInfoHandle
->Count
++;
1279 // The third information, Credential Provider type info.
1281 InfoLen
= sizeof (EFI_USER_INFO
) + sizeof (EFI_GUID
);
1282 Info
= AllocateZeroPool (InfoLen
);
1283 ASSERT (Info
!= NULL
);
1285 Info
->InfoType
= EFI_USER_INFO_CREDENTIAL_TYPE_RECORD
;
1286 Info
->InfoSize
= (UINT32
) InfoLen
;
1287 Info
->InfoAttribs
= EFI_USER_INFO_PROTECTED
;
1288 CopyGuid (&Info
->Credential
, &gPwdCredentialProviderGuid
);
1289 CopyGuid ((EFI_GUID
*)(Info
+ 1), &gEfiUserCredentialClassPasswordGuid
);
1291 mPwdInfoHandle
->Info
[2] = Info
;
1292 mPwdInfoHandle
->Count
++;
1295 // The fourth information, Credential Provider type name info.
1297 ProvNameStr
= GetStringById (STRING_TOKEN (STR_PROVIDER_TYPE_NAME
));
1298 ProvStrLen
= StrSize (ProvNameStr
);
1299 InfoLen
= sizeof (EFI_USER_INFO
) + ProvStrLen
;
1300 Info
= AllocateZeroPool (InfoLen
);
1301 ASSERT (Info
!= NULL
);
1303 Info
->InfoType
= EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD
;
1304 Info
->InfoSize
= (UINT32
) InfoLen
;
1305 Info
->InfoAttribs
= EFI_USER_INFO_PROTECTED
;
1306 CopyGuid (&Info
->Credential
, &gPwdCredentialProviderGuid
);
1307 CopyMem ((UINT8
*)(Info
+ 1), ProvNameStr
, ProvStrLen
);
1308 FreePool (ProvNameStr
);
1310 mPwdInfoHandle
->Info
[3] = Info
;
1311 mPwdInfoHandle
->Count
++;
1314 if (*UserInfo
== NULL
) {
1316 // Return the first info handle.
1318 *UserInfo
= (EFI_USER_INFO_HANDLE
) mPwdInfoHandle
->Info
[0];
1323 // Find information handle in credential info table.
1325 for (Index
= 0; Index
< mPwdInfoHandle
->Count
; Index
++) {
1326 Info
= mPwdInfoHandle
->Info
[Index
];
1327 if (*UserInfo
== (EFI_USER_INFO_HANDLE
)Info
) {
1329 // The handle is found, get the next one.
1331 if (Index
== mPwdInfoHandle
->Count
- 1) {
1333 // Already last one.
1336 return EFI_NOT_FOUND
;
1340 *UserInfo
= (EFI_USER_INFO_HANDLE
)mPwdInfoHandle
->Info
[Index
];
1346 return EFI_NOT_FOUND
;
1350 Delete a user on this credential provider.
1352 This function deletes a user on this credential provider.
1354 @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
1355 @param[in] User The user profile handle to delete.
1357 @retval EFI_SUCCESS User profile was successfully deleted.
1358 @retval EFI_ACCESS_DENIED Current user profile does not permit deletion on the user profile handle.
1359 Either the user profile cannot delete on any user profile or cannot delete
1360 on a user profile other than the current user profile.
1361 @retval EFI_UNSUPPORTED This credential provider does not support deletion in the pre-OS.
1362 @retval EFI_DEVICE_ERROR The new credential could not be deleted because of a device error.
1363 @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
1368 IN CONST EFI_USER_CREDENTIAL2_PROTOCOL
*This
,
1369 IN EFI_USER_PROFILE_HANDLE User
1373 EFI_USER_INFO
*UserInfo
;
1378 if ((This
== NULL
) || (User
== NULL
)) {
1379 return EFI_INVALID_PARAMETER
;
1383 // Get User Identifier.
1386 Status
= FindUserInfoByType (
1388 EFI_USER_INFO_IDENTIFIER_RECORD
,
1391 if (EFI_ERROR (Status
)) {
1392 return EFI_INVALID_PARAMETER
;
1396 // Find the user by user identifier in mPwdTable.
1398 for (Index
= 0; Index
< mPwdTable
->Count
; Index
++) {
1399 UserId
= (UINT8
*) &mPwdTable
->UserInfo
[Index
].UserId
;
1400 NewUserId
= (UINT8
*) (UserInfo
+ 1);
1401 if (CompareMem (UserId
, NewUserId
, sizeof (EFI_USER_INFO_IDENTIFIER
)) == 0) {
1403 // Found the user, delete it.
1405 ModifyTable (Index
, NULL
);
1410 FreePool (UserInfo
);
1416 Main entry for this driver.
1418 @param ImageHandle Image handle this driver.
1419 @param SystemTable Pointer to SystemTable.
1421 @retval EFI_SUCESS This function always complete successfully.
1426 PasswordProviderInit (
1427 IN EFI_HANDLE ImageHandle
,
1428 IN EFI_SYSTEM_TABLE
*SystemTable
1434 // It is NOT robust enough to be included in production.
1436 #error "This implementation is just a sample, please comment this line if you really want to use this driver."
1439 // Init credential table.
1441 Status
= InitCredentialTable ();
1442 if (EFI_ERROR (Status
)) {
1447 // Init Form Browser.
1449 Status
= InitFormBrowser ();
1450 if (EFI_ERROR (Status
)) {
1455 // Install protocol interfaces for the password credential provider.
1457 Status
= gBS
->InstallProtocolInterface (
1458 &mCallbackInfo
->DriverHandle
,
1459 &gEfiUserCredential2ProtocolGuid
,
1460 EFI_NATIVE_INTERFACE
,
1461 &gPwdCredentialProviderDriver