]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
SecurityPkg Variable: Support the new introduced PcdMaxAuthVariableSize.
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / RuntimeDxe / AuthService.h
1 /** @file
2 The internal header file includes the common header files, defines
3 internal structure and functions used by AuthService module.
4
5 Caution: This module requires additional review when modified.
6 This driver will have external input - variable data. It may be input in SMM mode.
7 This external input must be validated carefully to avoid security issue like
8 buffer overflow, integer overflow.
9 Variable attribute should also be checked to avoid authentication bypass.
10 The whole SMM authentication variable design relies on the integrity of flash part and SMM.
11 which is assumed to be protected by platform. All variable code and metadata in flash/SMM Memory
12 may not be modified without authorization. If platform fails to protect these resources,
13 the authentication service provided in this driver will be broken, and the behavior is undefined.
14
15 Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
16 This program and the accompanying materials
17 are licensed and made available under the terms and conditions of the BSD License
18 which accompanies this distribution. The full text of the license may be found at
19 http://opensource.org/licenses/bsd-license.php
20
21 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
22 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
23
24 **/
25
26 #ifndef _AUTHSERVICE_H_
27 #define _AUTHSERVICE_H_
28
29 #define EFI_CERT_TYPE_RSA2048_SHA256_SIZE 256
30 #define EFI_CERT_TYPE_RSA2048_SIZE 256
31
32 ///
33 /// Size of AuthInfo prior to the data payload.
34 ///
35 #define AUTHINFO_SIZE ((OFFSET_OF (EFI_VARIABLE_AUTHENTICATION, AuthInfo)) + \
36 (OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)) + \
37 sizeof (EFI_CERT_BLOCK_RSA_2048_SHA256))
38
39 #define AUTHINFO2_SIZE(VarAuth2) ((OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo)) + \
40 (UINTN) ((EFI_VARIABLE_AUTHENTICATION_2 *) (VarAuth2))->AuthInfo.Hdr.dwLength)
41
42 #define OFFSET_OF_AUTHINFO2_CERT_DATA ((OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo)) + \
43 (OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)))
44
45 ///
46 /// "AuthVarKeyDatabase" variable for the Public Key store.
47 ///
48 #define AUTHVAR_KEYDB_NAME L"AuthVarKeyDatabase"
49
50 ///
51 /// "certdb" variable stores the signer's certificates for non PK/KEK/DB/DBX
52 /// variables with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
53 ///
54 ///
55 #define EFI_CERT_DB_NAME L"certdb"
56
57 ///
58 /// Struct to record signature requirement defined by UEFI spec.
59 /// For SigHeaderSize and SigDataSize, ((UINT32) ~0) means NO exact length requirement for this field.
60 ///
61 typedef struct {
62 EFI_GUID SigType;
63 // Expected SignatureHeader size in Bytes.
64 UINT32 SigHeaderSize;
65 // Expected SignatureData size in Bytes.
66 UINT32 SigDataSize;
67 } EFI_SIGNATURE_ITEM;
68
69 typedef enum {
70 AuthVarTypePk,
71 AuthVarTypeKek,
72 AuthVarTypePriv,
73 AuthVarTypePayload
74 } AUTHVAR_TYPE;
75
76 #pragma pack(1)
77 typedef struct {
78 EFI_GUID VendorGuid;
79 UINT32 CertNodeSize;
80 UINT32 NameSize;
81 UINT32 CertDataSize;
82 /// CHAR16 VariableName[NameSize];
83 /// UINT8 CertData[CertDataSize];
84 } AUTH_CERT_DB_DATA;
85 #pragma pack()
86
87 /**
88 Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS/EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
89
90 Caution: This function may receive untrusted input.
91 This function may be invoked in SMM mode, and datasize and data are external input.
92 This function will do basic validation, before parse the data.
93 This function will parse the authentication carefully to avoid security issues, like
94 buffer overflow, integer overflow.
95 This function will check attribute carefully to avoid authentication bypass.
96
97 @param[in] VariableName Name of Variable to be found.
98 @param[in] VendorGuid Variable vendor GUID.
99
100 @param[in] Data Data pointer.
101 @param[in] DataSize Size of Data found. If size is less than the
102 data, this value contains the required size.
103 @param[in] Variable The variable information which is used to keep track of variable usage.
104 @param[in] Attributes Attribute value of the variable.
105
106 @return EFI_INVALID_PARAMETER Invalid parameter
107 @return EFI_WRITE_PROTECTED Variable is write-protected and needs authentication with
108 EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
109 @return EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
110 set, but the AuthInfo does NOT pass the validation
111 check carried out by the firmware.
112 @return EFI_SUCCESS Variable is not write-protected, or passed validation successfully.
113
114 **/
115 EFI_STATUS
116 ProcessVariable (
117 IN CHAR16 *VariableName,
118 IN EFI_GUID *VendorGuid,
119 IN VOID *Data,
120 IN UINTN DataSize,
121 IN VARIABLE_POINTER_TRACK *Variable,
122 IN UINT32 Attributes
123 );
124
125 /**
126 Update platform mode.
127
128 @param[in] Mode SETUP_MODE or USER_MODE.
129
130 @return EFI_INVALID_PARAMETER Invalid parameter.
131 @return EFI_SUCCESS Update platform mode successfully.
132
133 **/
134 EFI_STATUS
135 UpdatePlatformMode (
136 IN UINT32 Mode
137 );
138
139 /**
140 Initializes for authenticated varibale service.
141
142 @param[in] MaxAuthVariableSize Reflect the overhead associated with the saving
143 of a single EFI authenticated variable with the exception
144 of the overhead associated with the length
145 of the string name of the EFI variable.
146
147 @retval EFI_SUCCESS Function successfully executed.
148 @retval EFI_OUT_OF_RESOURCES Fail to allocate enough memory resources.
149
150 **/
151 EFI_STATUS
152 AutenticatedVariableServiceInitialize (
153 IN UINTN MaxAuthVariableSize
154 );
155
156 /**
157 Initializes for cryptlib service before use, include register algrithm and allocate scratch.
158
159 **/
160 VOID
161 CryptLibraryInitialize (
162 VOID
163 );
164
165 /**
166 Check input data form to make sure it is a valid EFI_SIGNATURE_LIST for PK/KEK variable.
167
168 @param[in] VariableName Name of Variable to be check.
169 @param[in] VendorGuid Variable vendor GUID.
170 @param[in] Data Point to the variable data to be checked.
171 @param[in] DataSize Size of Data.
172
173 @return EFI_INVALID_PARAMETER Invalid signature list format.
174 @return EFI_SUCCESS Passed signature list format check successfully.
175
176 **/
177 EFI_STATUS
178 CheckSignatureListFormat(
179 IN CHAR16 *VariableName,
180 IN EFI_GUID *VendorGuid,
181 IN VOID *Data,
182 IN UINTN DataSize
183 );
184
185 /**
186 Process variable with platform key for verification.
187
188 Caution: This function may receive untrusted input.
189 This function may be invoked in SMM mode, and datasize and data are external input.
190 This function will do basic validation, before parse the data.
191 This function will parse the authentication carefully to avoid security issues, like
192 buffer overflow, integer overflow.
193 This function will check attribute carefully to avoid authentication bypass.
194
195 @param[in] VariableName Name of Variable to be found.
196 @param[in] VendorGuid Variable vendor GUID.
197 @param[in] Data Data pointer.
198 @param[in] DataSize Size of Data found. If size is less than the
199 data, this value contains the required size.
200 @param[in] Variable The variable information which is used to keep track of variable usage.
201 @param[in] Attributes Attribute value of the variable.
202 @param[in] IsPk Indicate whether it is to process pk.
203
204 @return EFI_INVALID_PARAMETER Invalid parameter
205 @return EFI_SECURITY_VIOLATION The variable does NOT pass the validation
206 check carried out by the firmware.
207 @return EFI_SUCCESS Variable passed validation successfully.
208
209 **/
210 EFI_STATUS
211 ProcessVarWithPk (
212 IN CHAR16 *VariableName,
213 IN EFI_GUID *VendorGuid,
214 IN VOID *Data,
215 IN UINTN DataSize,
216 IN VARIABLE_POINTER_TRACK *Variable,
217 IN UINT32 Attributes OPTIONAL,
218 IN BOOLEAN IsPk
219 );
220
221 /**
222 Process variable with key exchange key for verification.
223
224 Caution: This function may receive untrusted input.
225 This function may be invoked in SMM mode, and datasize and data are external input.
226 This function will do basic validation, before parse the data.
227 This function will parse the authentication carefully to avoid security issues, like
228 buffer overflow, integer overflow.
229 This function will check attribute carefully to avoid authentication bypass.
230
231 @param[in] VariableName Name of Variable to be found.
232 @param[in] VendorGuid Variable vendor GUID.
233 @param[in] Data Data pointer.
234 @param[in] DataSize Size of Data found. If size is less than the
235 data, this value contains the required size.
236 @param[in] Variable The variable information that is used to keep track of variable usage.
237 @param[in] Attributes Attribute value of the variable.
238
239 @return EFI_INVALID_PARAMETER Invalid parameter.
240 @return EFI_SECURITY_VIOLATION The variable does NOT pass the validation
241 check carried out by the firmware.
242 @return EFI_SUCCESS Variable passed validation successfully.
243
244 **/
245 EFI_STATUS
246 ProcessVarWithKek (
247 IN CHAR16 *VariableName,
248 IN EFI_GUID *VendorGuid,
249 IN VOID *Data,
250 IN UINTN DataSize,
251 IN VARIABLE_POINTER_TRACK *Variable,
252 IN UINT32 Attributes OPTIONAL
253 );
254
255 /**
256 Merge two buffers which formatted as EFI_SIGNATURE_LIST. Only the new EFI_SIGNATURE_DATA
257 will be appended to the original EFI_SIGNATURE_LIST, duplicate EFI_SIGNATURE_DATA
258 will be ignored.
259
260 @param[in, out] Data Pointer to original EFI_SIGNATURE_LIST.
261 @param[in] DataSize Size of Data buffer.
262 @param[in] FreeBufSize Size of free data buffer
263 @param[in] NewData Pointer to new EFI_SIGNATURE_LIST to be appended.
264 @param[in] NewDataSize Size of NewData buffer.
265 @param[out] MergedBufSize Size of the merged buffer
266
267 @return EFI_BUFFER_TOO_SMALL if input Data buffer overflowed
268
269 **/
270 EFI_STATUS
271 AppendSignatureList (
272 IN OUT VOID *Data,
273 IN UINTN DataSize,
274 IN UINTN FreeBufSize,
275 IN VOID *NewData,
276 IN UINTN NewDataSize,
277 OUT UINTN *MergedBufSize
278 );
279
280 /**
281 Compare two EFI_TIME data.
282
283
284 @param FirstTime A pointer to the first EFI_TIME data.
285 @param SecondTime A pointer to the second EFI_TIME data.
286
287 @retval TRUE The FirstTime is not later than the SecondTime.
288 @retval FALSE The FirstTime is later than the SecondTime.
289
290 **/
291 BOOLEAN
292 CompareTimeStamp (
293 IN EFI_TIME *FirstTime,
294 IN EFI_TIME *SecondTime
295 );
296
297 /**
298 Delete matching signer's certificates when deleting common authenticated
299 variable by corresponding VariableName and VendorGuid from "certdb".
300
301 @param[in] VariableName Name of authenticated Variable.
302 @param[in] VendorGuid Vendor GUID of authenticated Variable.
303
304 @retval EFI_INVALID_PARAMETER Any input parameter is invalid.
305 @retval EFI_NOT_FOUND Fail to find "certdb" or matching certs.
306 @retval EFI_OUT_OF_RESOURCES The operation is failed due to lack of resources.
307 @retval EFI_SUCCESS The operation is completed successfully.
308
309 **/
310 EFI_STATUS
311 DeleteCertsFromDb (
312 IN CHAR16 *VariableName,
313 IN EFI_GUID *VendorGuid
314 );
315
316 /**
317 Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set
318
319 Caution: This function may receive untrusted input.
320 This function may be invoked in SMM mode, and datasize and data are external input.
321 This function will do basic validation, before parse the data.
322 This function will parse the authentication carefully to avoid security issues, like
323 buffer overflow, integer overflow.
324
325 @param[in] VariableName Name of Variable to be found.
326 @param[in] VendorGuid Variable vendor GUID.
327 @param[in] Data Data pointer.
328 @param[in] DataSize Size of Data found. If size is less than the
329 data, this value contains the required size.
330 @param[in] Variable The variable information which is used to keep track of variable usage.
331 @param[in] Attributes Attribute value of the variable.
332 @param[in] AuthVarType Verify against PK or KEK database or private database.
333 @param[out] VarDel Delete the variable or not.
334
335 @retval EFI_INVALID_PARAMETER Invalid parameter.
336 @retval EFI_SECURITY_VIOLATION The variable does NOT pass the validation
337 check carried out by the firmware.
338 @retval EFI_OUT_OF_RESOURCES Failed to process variable due to lack
339 of resources.
340 @retval EFI_SUCCESS Variable pass validation successfully.
341
342 **/
343 EFI_STATUS
344 VerifyTimeBasedPayload (
345 IN CHAR16 *VariableName,
346 IN EFI_GUID *VendorGuid,
347 IN VOID *Data,
348 IN UINTN DataSize,
349 IN VARIABLE_POINTER_TRACK *Variable,
350 IN UINT32 Attributes,
351 IN AUTHVAR_TYPE AuthVarType,
352 OUT BOOLEAN *VarDel
353 );
354
355 extern UINT8 *mPubKeyStore;
356 extern UINT8 *mCertDbStore;
357 extern UINT32 mPubKeyNumber;
358 extern VOID *mHashCtx;
359
360 #endif
EFI Development Kit II mirror for PVE