]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
SecurityPkg/SecureBootConfigDxe: Change the declaring of buffer.
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfigImpl.c
1 /** @file
2 HII Config Access protocol implementation of SecureBoot configuration module.
3
4 Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #include "SecureBootConfigImpl.h"
16 #include <Library/BaseCryptLib.h>
17
18 CHAR16 mSecureBootStorageName[] = L"SECUREBOOT_CONFIGURATION";
19
20 SECUREBOOT_CONFIG_PRIVATE_DATA mSecureBootConfigPrivateDateTemplate = {
21 SECUREBOOT_CONFIG_PRIVATE_DATA_SIGNATURE,
22 {
23 SecureBootExtractConfig,
24 SecureBootRouteConfig,
25 SecureBootCallback
26 }
27 };
28
29 HII_VENDOR_DEVICE_PATH mSecureBootHiiVendorDevicePath = {
30 {
31 {
32 HARDWARE_DEVICE_PATH,
33 HW_VENDOR_DP,
34 {
35 (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
36 (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
37 }
38 },
39 SECUREBOOT_CONFIG_FORM_SET_GUID
40 },
41 {
42 END_DEVICE_PATH_TYPE,
43 END_ENTIRE_DEVICE_PATH_SUBTYPE,
44 {
45 (UINT8) (END_DEVICE_PATH_LENGTH),
46 (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
47 }
48 }
49 };
50
51
52 BOOLEAN mIsEnterSecureBootForm = FALSE;
53
54 //
55 // OID ASN.1 Value for Hash Algorithms
56 //
57 UINT8 mHashOidValue[] = {
58 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05, // OBJ_md5
59 0x2B, 0x0E, 0x03, 0x02, 0x1A, // OBJ_sha1
60 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, // OBJ_sha224
61 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, // OBJ_sha256
62 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, // OBJ_sha384
63 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, // OBJ_sha512
64 };
65
66 HASH_TABLE mHash[] = {
67 { L"SHA224", 28, &mHashOidValue[13], 9, NULL, NULL, NULL, NULL },
68 { L"SHA256", 32, &mHashOidValue[22], 9, Sha256GetContextSize, Sha256Init, Sha256Update, Sha256Final},
69 { L"SHA384", 48, &mHashOidValue[31], 9, Sha384GetContextSize, Sha384Init, Sha384Update, Sha384Final},
70 { L"SHA512", 64, &mHashOidValue[40], 9, Sha512GetContextSize, Sha512Init, Sha512Update, Sha512Final}
71 };
72
73 //
74 // Variable Definitions
75 //
76 UINT32 mPeCoffHeaderOffset = 0;
77 WIN_CERTIFICATE *mCertificate = NULL;
78 IMAGE_TYPE mImageType;
79 UINT8 *mImageBase = NULL;
80 UINTN mImageSize = 0;
81 UINT8 mImageDigest[MAX_DIGEST_SIZE];
82 UINTN mImageDigestSize;
83 EFI_GUID mCertType;
84 EFI_IMAGE_SECURITY_DATA_DIRECTORY *mSecDataDir = NULL;
85 EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION mNtHeader;
86
87 //
88 // Possible DER-encoded certificate file suffixes, end with NULL pointer.
89 //
90 CHAR16* mDerEncodedSuffix[] = {
91 L".cer",
92 L".der",
93 L".crt",
94 NULL
95 };
96 CHAR16* mSupportX509Suffix = L"*.cer/der/crt";
97
98 SECUREBOOT_CONFIG_PRIVATE_DATA *gSecureBootPrivateData = NULL;
99
100 /**
101 This code cleans up enrolled file by closing file & free related resources attached to
102 enrolled file.
103
104 @param[in] FileContext FileContext cached in SecureBootConfig driver
105
106 **/
107 VOID
108 CloseEnrolledFile(
109 IN SECUREBOOT_FILE_CONTEXT *FileContext
110 )
111 {
112 if (FileContext->FHandle != NULL) {
113 CloseFile (FileContext->FHandle);
114 FileContext->FHandle = NULL;
115 }
116
117 if (FileContext->FileName != NULL){
118 FreePool(FileContext->FileName);
119 FileContext->FileName = NULL;
120 }
121 FileContext->FileType = UNKNOWN_FILE_TYPE;
122
123 }
124
125 /**
126 This code checks if the FileSuffix is one of the possible DER-encoded certificate suffix.
127
128 @param[in] FileSuffix The suffix of the input certificate file
129
130 @retval TRUE It's a DER-encoded certificate.
131 @retval FALSE It's NOT a DER-encoded certificate.
132
133 **/
134 BOOLEAN
135 IsDerEncodeCertificate (
136 IN CONST CHAR16 *FileSuffix
137 )
138 {
139 UINTN Index;
140 for (Index = 0; mDerEncodedSuffix[Index] != NULL; Index++) {
141 if (StrCmp (FileSuffix, mDerEncodedSuffix[Index]) == 0) {
142 return TRUE;
143 }
144 }
145 return FALSE;
146 }
147
148 /**
149 This code checks if the file content complies with EFI_VARIABLE_AUTHENTICATION_2 format
150 The function reads file content but won't open/close given FileHandle.
151
152 @param[in] FileHandle The FileHandle to be checked
153
154 @retval TRUE The content is EFI_VARIABLE_AUTHENTICATION_2 format.
155 @retval FALSE The content is NOT a EFI_VARIABLE_AUTHENTICATION_2 format.
156
157 **/
158 BOOLEAN
159 IsAuthentication2Format (
160 IN EFI_FILE_HANDLE FileHandle
161 )
162 {
163 EFI_STATUS Status;
164 EFI_VARIABLE_AUTHENTICATION_2 *Auth2;
165 BOOLEAN IsAuth2Format;
166
167 IsAuth2Format = FALSE;
168
169 //
170 // Read the whole file content
171 //
172 Status = ReadFileContent(
173 FileHandle,
174 (VOID **) &mImageBase,
175 &mImageSize,
176 0
177 );
178 if (EFI_ERROR (Status)) {
179 goto ON_EXIT;
180 }
181
182 Auth2 = (EFI_VARIABLE_AUTHENTICATION_2 *)mImageBase;
183 if (Auth2->AuthInfo.Hdr.wCertificateType != WIN_CERT_TYPE_EFI_GUID) {
184 goto ON_EXIT;
185 }
186
187 if (CompareGuid(&gEfiCertPkcs7Guid, &Auth2->AuthInfo.CertType)) {
188 IsAuth2Format = TRUE;
189 }
190
191 ON_EXIT:
192 //
193 // Do not close File. simply check file content
194 //
195 if (mImageBase != NULL) {
196 FreePool (mImageBase);
197 mImageBase = NULL;
198 }
199
200 return IsAuth2Format;
201 }
202
203 /**
204 Set Secure Boot option into variable space.
205
206 @param[in] VarValue The option of Secure Boot.
207
208 @retval EFI_SUCCESS The operation is finished successfully.
209 @retval Others Other errors as indicated.
210
211 **/
212 EFI_STATUS
213 SaveSecureBootVariable (
214 IN UINT8 VarValue
215 )
216 {
217 EFI_STATUS Status;
218
219 Status = gRT->SetVariable (
220 EFI_SECURE_BOOT_ENABLE_NAME,
221 &gEfiSecureBootEnableDisableGuid,
222 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
223 sizeof (UINT8),
224 &VarValue
225 );
226 return Status;
227 }
228
229 /**
230 Create a time based data payload by concatenating the EFI_VARIABLE_AUTHENTICATION_2
231 descriptor with the input data. NO authentication is required in this function.
232
233 @param[in, out] DataSize On input, the size of Data buffer in bytes.
234 On output, the size of data returned in Data
235 buffer in bytes.
236 @param[in, out] Data On input, Pointer to data buffer to be wrapped or
237 pointer to NULL to wrap an empty payload.
238 On output, Pointer to the new payload date buffer allocated from pool,
239 it's caller's responsibility to free the memory when finish using it.
240
241 @retval EFI_SUCCESS Create time based payload successfully.
242 @retval EFI_OUT_OF_RESOURCES There are not enough memory resourses to create time based payload.
243 @retval EFI_INVALID_PARAMETER The parameter is invalid.
244 @retval Others Unexpected error happens.
245
246 **/
247 EFI_STATUS
248 CreateTimeBasedPayload (
249 IN OUT UINTN *DataSize,
250 IN OUT UINT8 **Data
251 )
252 {
253 EFI_STATUS Status;
254 UINT8 *NewData;
255 UINT8 *Payload;
256 UINTN PayloadSize;
257 EFI_VARIABLE_AUTHENTICATION_2 *DescriptorData;
258 UINTN DescriptorSize;
259 EFI_TIME Time;
260
261 if (Data == NULL || DataSize == NULL) {
262 return EFI_INVALID_PARAMETER;
263 }
264
265 //
266 // In Setup mode or Custom mode, the variable does not need to be signed but the
267 // parameters to the SetVariable() call still need to be prepared as authenticated
268 // variable. So we create EFI_VARIABLE_AUTHENTICATED_2 descriptor without certificate
269 // data in it.
270 //
271 Payload = *Data;
272 PayloadSize = *DataSize;
273
274 DescriptorSize = OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo) + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);
275 NewData = (UINT8*) AllocateZeroPool (DescriptorSize + PayloadSize);
276 if (NewData == NULL) {
277 return EFI_OUT_OF_RESOURCES;
278 }
279
280 if ((Payload != NULL) && (PayloadSize != 0)) {
281 CopyMem (NewData + DescriptorSize, Payload, PayloadSize);
282 }
283
284 DescriptorData = (EFI_VARIABLE_AUTHENTICATION_2 *) (NewData);
285
286 ZeroMem (&Time, sizeof (EFI_TIME));
287 Status = gRT->GetTime (&Time, NULL);
288 if (EFI_ERROR (Status)) {
289 FreePool(NewData);
290 return Status;
291 }
292 Time.Pad1 = 0;
293 Time.Nanosecond = 0;
294 Time.TimeZone = 0;
295 Time.Daylight = 0;
296 Time.Pad2 = 0;
297 CopyMem (&DescriptorData->TimeStamp, &Time, sizeof (EFI_TIME));
298
299 DescriptorData->AuthInfo.Hdr.dwLength = OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);
300 DescriptorData->AuthInfo.Hdr.wRevision = 0x0200;
301 DescriptorData->AuthInfo.Hdr.wCertificateType = WIN_CERT_TYPE_EFI_GUID;
302 CopyGuid (&DescriptorData->AuthInfo.CertType, &gEfiCertPkcs7Guid);
303
304 if (Payload != NULL) {
305 FreePool(Payload);
306 }
307
308 *DataSize = DescriptorSize + PayloadSize;
309 *Data = NewData;
310 return EFI_SUCCESS;
311 }
312
313 /**
314 Internal helper function to delete a Variable given its name and GUID, NO authentication
315 required.
316
317 @param[in] VariableName Name of the Variable.
318 @param[in] VendorGuid GUID of the Variable.
319
320 @retval EFI_SUCCESS Variable deleted successfully.
321 @retval Others The driver failed to start the device.
322
323 **/
324 EFI_STATUS
325 DeleteVariable (
326 IN CHAR16 *VariableName,
327 IN EFI_GUID *VendorGuid
328 )
329 {
330 EFI_STATUS Status;
331 VOID* Variable;
332 UINT8 *Data;
333 UINTN DataSize;
334 UINT32 Attr;
335
336 GetVariable2 (VariableName, VendorGuid, &Variable, NULL);
337 if (Variable == NULL) {
338 return EFI_SUCCESS;
339 }
340 FreePool (Variable);
341
342 Data = NULL;
343 DataSize = 0;
344 Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS
345 | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
346
347 Status = CreateTimeBasedPayload (&DataSize, &Data);
348 if (EFI_ERROR (Status)) {
349 DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
350 return Status;
351 }
352
353 Status = gRT->SetVariable (
354 VariableName,
355 VendorGuid,
356 Attr,
357 DataSize,
358 Data
359 );
360 if (Data != NULL) {
361 FreePool (Data);
362 }
363 return Status;
364 }
365
366 /**
367
368 Set the platform secure boot mode into "Custom" or "Standard" mode.
369
370 @param[in] SecureBootMode New secure boot mode: STANDARD_SECURE_BOOT_MODE or
371 CUSTOM_SECURE_BOOT_MODE.
372
373 @return EFI_SUCCESS The platform has switched to the special mode successfully.
374 @return other Fail to operate the secure boot mode.
375
376 **/
377 EFI_STATUS
378 SetSecureBootMode (
379 IN UINT8 SecureBootMode
380 )
381 {
382 return gRT->SetVariable (
383 EFI_CUSTOM_MODE_NAME,
384 &gEfiCustomModeEnableGuid,
385 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
386 sizeof (UINT8),
387 &SecureBootMode
388 );
389 }
390
391 /**
392 Generate the PK signature list from the X509 Certificate storing file (.cer)
393
394 @param[in] X509File FileHandle of X509 Certificate storing file.
395 @param[out] PkCert Point to the data buffer to store the signature list.
396
397 @return EFI_UNSUPPORTED Unsupported Key Length.
398 @return EFI_OUT_OF_RESOURCES There are not enough memory resourses to form the signature list.
399
400 **/
401 EFI_STATUS
402 CreatePkX509SignatureList (
403 IN EFI_FILE_HANDLE X509File,
404 OUT EFI_SIGNATURE_LIST **PkCert
405 )
406 {
407 EFI_STATUS Status;
408 UINT8 *X509Data;
409 UINTN X509DataSize;
410 EFI_SIGNATURE_DATA *PkCertData;
411
412 X509Data = NULL;
413 PkCertData = NULL;
414 X509DataSize = 0;
415
416 Status = ReadFileContent (X509File, (VOID**) &X509Data, &X509DataSize, 0);
417 if (EFI_ERROR (Status)) {
418 goto ON_EXIT;
419 }
420 ASSERT (X509Data != NULL);
421
422 //
423 // Allocate space for PK certificate list and initialize it.
424 // Create PK database entry with SignatureHeaderSize equals 0.
425 //
426 *PkCert = (EFI_SIGNATURE_LIST*) AllocateZeroPool (
427 sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_SIGNATURE_DATA) - 1
428 + X509DataSize
429 );
430 if (*PkCert == NULL) {
431 Status = EFI_OUT_OF_RESOURCES;
432 goto ON_EXIT;
433 }
434
435 (*PkCert)->SignatureListSize = (UINT32) (sizeof(EFI_SIGNATURE_LIST)
436 + sizeof(EFI_SIGNATURE_DATA) - 1
437 + X509DataSize);
438 (*PkCert)->SignatureSize = (UINT32) (sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize);
439 (*PkCert)->SignatureHeaderSize = 0;
440 CopyGuid (&(*PkCert)->SignatureType, &gEfiCertX509Guid);
441 PkCertData = (EFI_SIGNATURE_DATA*) ((UINTN)(*PkCert)
442 + sizeof(EFI_SIGNATURE_LIST)
443 + (*PkCert)->SignatureHeaderSize);
444 CopyGuid (&PkCertData->SignatureOwner, &gEfiGlobalVariableGuid);
445 //
446 // Fill the PK database with PKpub data from X509 certificate file.
447 //
448 CopyMem (&(PkCertData->SignatureData[0]), X509Data, X509DataSize);
449
450 ON_EXIT:
451
452 if (X509Data != NULL) {
453 FreePool (X509Data);
454 }
455
456 if (EFI_ERROR(Status) && *PkCert != NULL) {
457 FreePool (*PkCert);
458 *PkCert = NULL;
459 }
460
461 return Status;
462 }
463
464 /**
465 Enroll new PK into the System without original PK's authentication.
466
467 The SignatureOwner GUID will be the same with PK's vendorguid.
468
469 @param[in] PrivateData The module's private data.
470
471 @retval EFI_SUCCESS New PK enrolled successfully.
472 @retval EFI_INVALID_PARAMETER The parameter is invalid.
473 @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
474
475 **/
476 EFI_STATUS
477 EnrollPlatformKey (
478 IN SECUREBOOT_CONFIG_PRIVATE_DATA* Private
479 )
480 {
481 EFI_STATUS Status;
482 UINT32 Attr;
483 UINTN DataSize;
484 EFI_SIGNATURE_LIST *PkCert;
485 UINT16* FilePostFix;
486 UINTN NameLength;
487
488 if (Private->FileContext->FileName == NULL) {
489 return EFI_INVALID_PARAMETER;
490 }
491
492 PkCert = NULL;
493
494 Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
495 if (EFI_ERROR (Status)) {
496 return Status;
497 }
498
499 //
500 // Parse the file's postfix. Only support DER encoded X.509 certificate files.
501 //
502 NameLength = StrLen (Private->FileContext->FileName);
503 if (NameLength <= 4) {
504 return EFI_INVALID_PARAMETER;
505 }
506 FilePostFix = Private->FileContext->FileName + NameLength - 4;
507 if (!IsDerEncodeCertificate(FilePostFix)) {
508 DEBUG ((EFI_D_ERROR, "Unsupported file type, only DER encoded certificate (%s) is supported.", mSupportX509Suffix));
509 return EFI_INVALID_PARAMETER;
510 }
511 DEBUG ((EFI_D_INFO, "FileName= %s\n", Private->FileContext->FileName));
512 DEBUG ((EFI_D_INFO, "FilePostFix = %s\n", FilePostFix));
513
514 //
515 // Prase the selected PK file and generature PK certificate list.
516 //
517 Status = CreatePkX509SignatureList (
518 Private->FileContext->FHandle,
519 &PkCert
520 );
521 if (EFI_ERROR (Status)) {
522 goto ON_EXIT;
523 }
524 ASSERT (PkCert != NULL);
525
526 //
527 // Set Platform Key variable.
528 //
529 Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
530 | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
531 DataSize = PkCert->SignatureListSize;
532 Status = CreateTimeBasedPayload (&DataSize, (UINT8**) &PkCert);
533 if (EFI_ERROR (Status)) {
534 DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
535 goto ON_EXIT;
536 }
537
538 Status = gRT->SetVariable(
539 EFI_PLATFORM_KEY_NAME,
540 &gEfiGlobalVariableGuid,
541 Attr,
542 DataSize,
543 PkCert
544 );
545 if (EFI_ERROR (Status)) {
546 if (Status == EFI_OUT_OF_RESOURCES) {
547 DEBUG ((EFI_D_ERROR, "Enroll PK failed with out of resource.\n"));
548 }
549 goto ON_EXIT;
550 }
551
552 ON_EXIT:
553
554 if (PkCert != NULL) {
555 FreePool(PkCert);
556 }
557
558 CloseEnrolledFile(Private->FileContext);
559
560 return Status;
561 }
562
563 /**
564 Remove the PK variable.
565
566 @retval EFI_SUCCESS Delete PK successfully.
567 @retval Others Could not allow to delete PK.
568
569 **/
570 EFI_STATUS
571 DeletePlatformKey (
572 VOID
573 )
574 {
575 EFI_STATUS Status;
576
577 Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
578 if (EFI_ERROR (Status)) {
579 return Status;
580 }
581
582 Status = DeleteVariable (
583 EFI_PLATFORM_KEY_NAME,
584 &gEfiGlobalVariableGuid
585 );
586 return Status;
587 }
588
589 /**
590 Enroll a new KEK item from public key storing file (*.pbk).
591
592 @param[in] PrivateData The module's private data.
593
594 @retval EFI_SUCCESS New KEK enrolled successfully.
595 @retval EFI_INVALID_PARAMETER The parameter is invalid.
596 @retval EFI_UNSUPPORTED Unsupported command.
597 @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
598
599 **/
600 EFI_STATUS
601 EnrollRsa2048ToKek (
602 IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private
603 )
604 {
605 EFI_STATUS Status;
606 UINT32 Attr;
607 UINTN DataSize;
608 EFI_SIGNATURE_LIST *KekSigList;
609 UINTN KeyBlobSize;
610 UINT8 *KeyBlob;
611 CPL_KEY_INFO *KeyInfo;
612 EFI_SIGNATURE_DATA *KEKSigData;
613 UINTN KekSigListSize;
614 UINT8 *KeyBuffer;
615 UINTN KeyLenInBytes;
616
617 Attr = 0;
618 DataSize = 0;
619 KeyBuffer = NULL;
620 KeyBlobSize = 0;
621 KeyBlob = NULL;
622 KeyInfo = NULL;
623 KEKSigData = NULL;
624 KekSigList = NULL;
625 KekSigListSize = 0;
626
627 //
628 // Form the KeKpub certificate list into EFI_SIGNATURE_LIST type.
629 // First, We have to parse out public key data from the pbk key file.
630 //
631 Status = ReadFileContent (
632 Private->FileContext->FHandle,
633 (VOID**) &KeyBlob,
634 &KeyBlobSize,
635 0
636 );
637 if (EFI_ERROR (Status)) {
638 goto ON_EXIT;
639 }
640 ASSERT (KeyBlob != NULL);
641 KeyInfo = (CPL_KEY_INFO *) KeyBlob;
642 if (KeyInfo->KeyLengthInBits / 8 != WIN_CERT_UEFI_RSA2048_SIZE) {
643 DEBUG ((DEBUG_ERROR, "Unsupported key length, Only RSA2048 is supported.\n"));
644 Status = EFI_UNSUPPORTED;
645 goto ON_EXIT;
646 }
647
648 //
649 // Convert the Public key to fix octet string format represented in RSA PKCS#1.
650 //
651 KeyLenInBytes = KeyInfo->KeyLengthInBits / 8;
652 KeyBuffer = AllocateZeroPool (KeyLenInBytes);
653 if (KeyBuffer == NULL) {
654 Status = EFI_OUT_OF_RESOURCES;
655 goto ON_EXIT;
656 }
657 Int2OctStr (
658 (UINTN*) (KeyBlob + sizeof (CPL_KEY_INFO)),
659 KeyLenInBytes / sizeof (UINTN),
660 KeyBuffer,
661 KeyLenInBytes
662 );
663 CopyMem(KeyBlob + sizeof(CPL_KEY_INFO), KeyBuffer, KeyLenInBytes);
664
665 //
666 // Form an new EFI_SIGNATURE_LIST.
667 //
668 KekSigListSize = sizeof(EFI_SIGNATURE_LIST)
669 + sizeof(EFI_SIGNATURE_DATA) - 1
670 + WIN_CERT_UEFI_RSA2048_SIZE;
671
672 KekSigList = (EFI_SIGNATURE_LIST*) AllocateZeroPool (KekSigListSize);
673 if (KekSigList == NULL) {
674 Status = EFI_OUT_OF_RESOURCES;
675 goto ON_EXIT;
676 }
677
678 KekSigList->SignatureListSize = sizeof(EFI_SIGNATURE_LIST)
679 + sizeof(EFI_SIGNATURE_DATA) - 1
680 + WIN_CERT_UEFI_RSA2048_SIZE;
681 KekSigList->SignatureHeaderSize = 0;
682 KekSigList->SignatureSize = sizeof(EFI_SIGNATURE_DATA) - 1 + WIN_CERT_UEFI_RSA2048_SIZE;
683 CopyGuid (&KekSigList->SignatureType, &gEfiCertRsa2048Guid);
684
685 KEKSigData = (EFI_SIGNATURE_DATA*)((UINT8*)KekSigList + sizeof(EFI_SIGNATURE_LIST));
686 CopyGuid (&KEKSigData->SignatureOwner, Private->SignatureGUID);
687 CopyMem (
688 KEKSigData->SignatureData,
689 KeyBlob + sizeof(CPL_KEY_INFO),
690 WIN_CERT_UEFI_RSA2048_SIZE
691 );
692
693 //
694 // Check if KEK entry has been already existed.
695 // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
696 // new KEK to original variable.
697 //
698 Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
699 | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
700 Status = CreateTimeBasedPayload (&KekSigListSize, (UINT8**) &KekSigList);
701 if (EFI_ERROR (Status)) {
702 DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
703 goto ON_EXIT;
704 }
705
706 Status = gRT->GetVariable(
707 EFI_KEY_EXCHANGE_KEY_NAME,
708 &gEfiGlobalVariableGuid,
709 NULL,
710 &DataSize,
711 NULL
712 );
713 if (Status == EFI_BUFFER_TOO_SMALL) {
714 Attr |= EFI_VARIABLE_APPEND_WRITE;
715 } else if (Status != EFI_NOT_FOUND) {
716 goto ON_EXIT;
717 }
718
719 //
720 // Done. Now we have formed the correct KEKpub database item, just set it into variable storage,
721 //
722 Status = gRT->SetVariable(
723 EFI_KEY_EXCHANGE_KEY_NAME,
724 &gEfiGlobalVariableGuid,
725 Attr,
726 KekSigListSize,
727 KekSigList
728 );
729 if (EFI_ERROR (Status)) {
730 goto ON_EXIT;
731 }
732
733 ON_EXIT:
734
735 CloseEnrolledFile(Private->FileContext);
736
737 if (Private->SignatureGUID != NULL) {
738 FreePool (Private->SignatureGUID);
739 Private->SignatureGUID = NULL;
740 }
741
742 if (KeyBlob != NULL) {
743 FreePool (KeyBlob);
744 }
745 if (KeyBuffer != NULL) {
746 FreePool (KeyBuffer);
747 }
748 if (KekSigList != NULL) {
749 FreePool (KekSigList);
750 }
751
752 return Status;
753 }
754
755 /**
756 Enroll a new KEK item from X509 certificate file.
757
758 @param[in] PrivateData The module's private data.
759
760 @retval EFI_SUCCESS New X509 is enrolled successfully.
761 @retval EFI_INVALID_PARAMETER The parameter is invalid.
762 @retval EFI_UNSUPPORTED Unsupported command.
763 @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
764
765 **/
766 EFI_STATUS
767 EnrollX509ToKek (
768 IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private
769 )
770 {
771 EFI_STATUS Status;
772 UINTN X509DataSize;
773 VOID *X509Data;
774 EFI_SIGNATURE_DATA *KEKSigData;
775 EFI_SIGNATURE_LIST *KekSigList;
776 UINTN DataSize;
777 UINTN KekSigListSize;
778 UINT32 Attr;
779
780 X509Data = NULL;
781 X509DataSize = 0;
782 KekSigList = NULL;
783 KekSigListSize = 0;
784 DataSize = 0;
785 KEKSigData = NULL;
786
787 Status = ReadFileContent (
788 Private->FileContext->FHandle,
789 &X509Data,
790 &X509DataSize,
791 0
792 );
793 if (EFI_ERROR (Status)) {
794 goto ON_EXIT;
795 }
796 ASSERT (X509Data != NULL);
797
798 KekSigListSize = sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize;
799 KekSigList = (EFI_SIGNATURE_LIST*) AllocateZeroPool (KekSigListSize);
800 if (KekSigList == NULL) {
801 Status = EFI_OUT_OF_RESOURCES;
802 goto ON_EXIT;
803 }
804
805 //
806 // Fill Certificate Database parameters.
807 //
808 KekSigList->SignatureListSize = (UINT32) KekSigListSize;
809 KekSigList->SignatureHeaderSize = 0;
810 KekSigList->SignatureSize = (UINT32) (sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize);
811 CopyGuid (&KekSigList->SignatureType, &gEfiCertX509Guid);
812
813 KEKSigData = (EFI_SIGNATURE_DATA*) ((UINT8*) KekSigList + sizeof (EFI_SIGNATURE_LIST));
814 CopyGuid (&KEKSigData->SignatureOwner, Private->SignatureGUID);
815 CopyMem (KEKSigData->SignatureData, X509Data, X509DataSize);
816
817 //
818 // Check if KEK been already existed.
819 // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
820 // new kek to original variable
821 //
822 Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
823 | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
824 Status = CreateTimeBasedPayload (&KekSigListSize, (UINT8**) &KekSigList);
825 if (EFI_ERROR (Status)) {
826 DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
827 goto ON_EXIT;
828 }
829
830 Status = gRT->GetVariable(
831 EFI_KEY_EXCHANGE_KEY_NAME,
832 &gEfiGlobalVariableGuid,
833 NULL,
834 &DataSize,
835 NULL
836 );
837 if (Status == EFI_BUFFER_TOO_SMALL) {
838 Attr |= EFI_VARIABLE_APPEND_WRITE;
839 } else if (Status != EFI_NOT_FOUND) {
840 goto ON_EXIT;
841 }
842
843 Status = gRT->SetVariable(
844 EFI_KEY_EXCHANGE_KEY_NAME,
845 &gEfiGlobalVariableGuid,
846 Attr,
847 KekSigListSize,
848 KekSigList
849 );
850 if (EFI_ERROR (Status)) {
851 goto ON_EXIT;
852 }
853
854 ON_EXIT:
855
856 CloseEnrolledFile(Private->FileContext);
857
858 if (Private->SignatureGUID != NULL) {
859 FreePool (Private->SignatureGUID);
860 Private->SignatureGUID = NULL;
861 }
862
863 if (KekSigList != NULL) {
864 FreePool (KekSigList);
865 }
866
867 return Status;
868 }
869
870 /**
871 Enroll new KEK into the System without PK's authentication.
872 The SignatureOwner GUID will be Private->SignatureGUID.
873
874 @param[in] PrivateData The module's private data.
875
876 @retval EFI_SUCCESS New KEK enrolled successful.
877 @retval EFI_INVALID_PARAMETER The parameter is invalid.
878 @retval others Fail to enroll KEK data.
879
880 **/
881 EFI_STATUS
882 EnrollKeyExchangeKey (
883 IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private
884 )
885 {
886 UINT16* FilePostFix;
887 EFI_STATUS Status;
888 UINTN NameLength;
889
890 if ((Private->FileContext->FHandle == NULL) || (Private->FileContext->FileName == NULL) || (Private->SignatureGUID == NULL)) {
891 return EFI_INVALID_PARAMETER;
892 }
893
894 Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
895 if (EFI_ERROR (Status)) {
896 return Status;
897 }
898
899 //
900 // Parse the file's postfix. Supports DER-encoded X509 certificate,
901 // and .pbk as RSA public key file.
902 //
903 NameLength = StrLen (Private->FileContext->FileName);
904 if (NameLength <= 4) {
905 return EFI_INVALID_PARAMETER;
906 }
907 FilePostFix = Private->FileContext->FileName + NameLength - 4;
908 if (IsDerEncodeCertificate(FilePostFix)) {
909 return EnrollX509ToKek (Private);
910 } else if (CompareMem (FilePostFix, L".pbk",4) == 0) {
911 return EnrollRsa2048ToKek (Private);
912 } else {
913 //
914 // File type is wrong, simply close it
915 //
916 CloseEnrolledFile(Private->FileContext);
917
918 return EFI_INVALID_PARAMETER;
919 }
920 }
921
922 /**
923 Enroll a new X509 certificate into Signature Database (DB or DBX or DBT) without
924 KEK's authentication.
925
926 @param[in] PrivateData The module's private data.
927 @param[in] VariableName Variable name of signature database, must be
928 EFI_IMAGE_SECURITY_DATABASE or EFI_IMAGE_SECURITY_DATABASE1.
929
930 @retval EFI_SUCCESS New X509 is enrolled successfully.
931 @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
932
933 **/
934 EFI_STATUS
935 EnrollX509toSigDB (
936 IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
937 IN CHAR16 *VariableName
938 )
939 {
940 EFI_STATUS Status;
941 UINTN X509DataSize;
942 VOID *X509Data;
943 EFI_SIGNATURE_LIST *SigDBCert;
944 EFI_SIGNATURE_DATA *SigDBCertData;
945 VOID *Data;
946 UINTN DataSize;
947 UINTN SigDBSize;
948 UINT32 Attr;
949
950 X509DataSize = 0;
951 SigDBSize = 0;
952 DataSize = 0;
953 X509Data = NULL;
954 SigDBCert = NULL;
955 SigDBCertData = NULL;
956 Data = NULL;
957
958 Status = ReadFileContent (
959 Private->FileContext->FHandle,
960 &X509Data,
961 &X509DataSize,
962 0
963 );
964 if (EFI_ERROR (Status)) {
965 goto ON_EXIT;
966 }
967 ASSERT (X509Data != NULL);
968
969 SigDBSize = sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize;
970
971 Data = AllocateZeroPool (SigDBSize);
972 if (Data == NULL) {
973 Status = EFI_OUT_OF_RESOURCES;
974 goto ON_EXIT;
975 }
976
977 //
978 // Fill Certificate Database parameters.
979 //
980 SigDBCert = (EFI_SIGNATURE_LIST*) Data;
981 SigDBCert->SignatureListSize = (UINT32) SigDBSize;
982 SigDBCert->SignatureHeaderSize = 0;
983 SigDBCert->SignatureSize = (UINT32) (sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize);
984 CopyGuid (&SigDBCert->SignatureType, &gEfiCertX509Guid);
985
986 SigDBCertData = (EFI_SIGNATURE_DATA*) ((UINT8* ) SigDBCert + sizeof (EFI_SIGNATURE_LIST));
987 CopyGuid (&SigDBCertData->SignatureOwner, Private->SignatureGUID);
988 CopyMem ((UINT8* ) (SigDBCertData->SignatureData), X509Data, X509DataSize);
989
990 //
991 // Check if signature database entry has been already existed.
992 // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
993 // new signature data to original variable
994 //
995 Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
996 | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
997 Status = CreateTimeBasedPayload (&SigDBSize, (UINT8**) &Data);
998 if (EFI_ERROR (Status)) {
999 DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
1000 goto ON_EXIT;
1001 }
1002
1003 Status = gRT->GetVariable(
1004 VariableName,
1005 &gEfiImageSecurityDatabaseGuid,
1006 NULL,
1007 &DataSize,
1008 NULL
1009 );
1010 if (Status == EFI_BUFFER_TOO_SMALL) {
1011 Attr |= EFI_VARIABLE_APPEND_WRITE;
1012 } else if (Status != EFI_NOT_FOUND) {
1013 goto ON_EXIT;
1014 }
1015
1016 Status = gRT->SetVariable(
1017 VariableName,
1018 &gEfiImageSecurityDatabaseGuid,
1019 Attr,
1020 SigDBSize,
1021 Data
1022 );
1023 if (EFI_ERROR (Status)) {
1024 goto ON_EXIT;
1025 }
1026
1027 ON_EXIT:
1028
1029 CloseEnrolledFile(Private->FileContext);
1030
1031 if (Private->SignatureGUID != NULL) {
1032 FreePool (Private->SignatureGUID);
1033 Private->SignatureGUID = NULL;
1034 }
1035
1036 if (Data != NULL) {
1037 FreePool (Data);
1038 }
1039
1040 if (X509Data != NULL) {
1041 FreePool (X509Data);
1042 }
1043
1044 return Status;
1045 }
1046
1047 /**
1048 Check whether signature is in specified database.
1049
1050 @param[in] VariableName Name of database variable that is searched in.
1051 @param[in] Signature Pointer to signature that is searched for.
1052 @param[in] SignatureSize Size of Signature.
1053
1054 @return TRUE Found the signature in the variable database.
1055 @return FALSE Not found the signature in the variable database.
1056
1057 **/
1058 BOOLEAN
1059 IsSignatureFoundInDatabase (
1060 IN CHAR16 *VariableName,
1061 IN UINT8 *Signature,
1062 IN UINTN SignatureSize
1063 )
1064 {
1065 EFI_STATUS Status;
1066 EFI_SIGNATURE_LIST *CertList;
1067 EFI_SIGNATURE_DATA *Cert;
1068 UINTN DataSize;
1069 UINT8 *Data;
1070 UINTN Index;
1071 UINTN CertCount;
1072 BOOLEAN IsFound;
1073
1074 //
1075 // Read signature database variable.
1076 //
1077 IsFound = FALSE;
1078 Data = NULL;
1079 DataSize = 0;
1080 Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL);
1081 if (Status != EFI_BUFFER_TOO_SMALL) {
1082 return FALSE;
1083 }
1084
1085 Data = (UINT8 *) AllocateZeroPool (DataSize);
1086 if (Data == NULL) {
1087 return FALSE;
1088 }
1089
1090 Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, Data);
1091 if (EFI_ERROR (Status)) {
1092 goto Done;
1093 }
1094
1095 //
1096 // Enumerate all signature data in SigDB to check if executable's signature exists.
1097 //
1098 CertList = (EFI_SIGNATURE_LIST *) Data;
1099 while ((DataSize > 0) && (DataSize >= CertList->SignatureListSize)) {
1100 CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
1101 Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
1102 if ((CertList->SignatureSize == sizeof(EFI_SIGNATURE_DATA) - 1 + SignatureSize) && (CompareGuid(&CertList->SignatureType, &gEfiCertX509Guid))) {
1103 for (Index = 0; Index < CertCount; Index++) {
1104 if (CompareMem (Cert->SignatureData, Signature, SignatureSize) == 0) {
1105 //
1106 // Find the signature in database.
1107 //
1108 IsFound = TRUE;
1109 break;
1110 }
1111 Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);
1112 }
1113
1114 if (IsFound) {
1115 break;
1116 }
1117 }
1118
1119 DataSize -= CertList->SignatureListSize;
1120 CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
1121 }
1122
1123 Done:
1124 if (Data != NULL) {
1125 FreePool (Data);
1126 }
1127
1128 return IsFound;
1129 }
1130
1131 /**
1132 Calculate the hash of a certificate data with the specified hash algorithm.
1133
1134 @param[in] CertData The certificate data to be hashed.
1135 @param[in] CertSize The certificate size in bytes.
1136 @param[in] HashAlg The specified hash algorithm.
1137 @param[out] CertHash The output digest of the certificate
1138
1139 @retval TRUE Successfully got the hash of the CertData.
1140 @retval FALSE Failed to get the hash of CertData.
1141
1142 **/
1143 BOOLEAN
1144 CalculateCertHash (
1145 IN UINT8 *CertData,
1146 IN UINTN CertSize,
1147 IN UINT32 HashAlg,
1148 OUT UINT8 *CertHash
1149 )
1150 {
1151 BOOLEAN Status;
1152 VOID *HashCtx;
1153 UINTN CtxSize;
1154 UINT8 *TBSCert;
1155 UINTN TBSCertSize;
1156
1157 HashCtx = NULL;
1158 Status = FALSE;
1159
1160 if (HashAlg >= HASHALG_MAX) {
1161 return FALSE;
1162 }
1163
1164 //
1165 // Retrieve the TBSCertificate for Hash Calculation.
1166 //
1167 if (!X509GetTBSCert (CertData, CertSize, &TBSCert, &TBSCertSize)) {
1168 return FALSE;
1169 }
1170
1171 //
1172 // 1. Initialize context of hash.
1173 //
1174 CtxSize = mHash[HashAlg].GetContextSize ();
1175 HashCtx = AllocatePool (CtxSize);
1176 ASSERT (HashCtx != NULL);
1177
1178 //
1179 // 2. Initialize a hash context.
1180 //
1181 Status = mHash[HashAlg].HashInit (HashCtx);
1182 if (!Status) {
1183 goto Done;
1184 }
1185
1186 //
1187 // 3. Calculate the hash.
1188 //
1189 Status = mHash[HashAlg].HashUpdate (HashCtx, TBSCert, TBSCertSize);
1190 if (!Status) {
1191 goto Done;
1192 }
1193
1194 //
1195 // 4. Get the hash result.
1196 //
1197 ZeroMem (CertHash, mHash[HashAlg].DigestLength);
1198 Status = mHash[HashAlg].HashFinal (HashCtx, CertHash);
1199
1200 Done:
1201 if (HashCtx != NULL) {
1202 FreePool (HashCtx);
1203 }
1204
1205 return Status;
1206 }
1207
1208 /**
1209 Check whether the hash of an X.509 certificate is in forbidden database (DBX).
1210
1211 @param[in] Certificate Pointer to X.509 Certificate that is searched for.
1212 @param[in] CertSize Size of X.509 Certificate.
1213
1214 @return TRUE Found the certificate hash in the forbidden database.
1215 @return FALSE Certificate hash is Not found in the forbidden database.
1216
1217 **/
1218 BOOLEAN
1219 IsCertHashFoundInDbx (
1220 IN UINT8 *Certificate,
1221 IN UINTN CertSize
1222 )
1223 {
1224 BOOLEAN IsFound;
1225 EFI_STATUS Status;
1226 EFI_SIGNATURE_LIST *DbxList;
1227 EFI_SIGNATURE_DATA *CertHash;
1228 UINTN CertHashCount;
1229 UINTN Index;
1230 UINT32 HashAlg;
1231 UINT8 CertDigest[MAX_DIGEST_SIZE];
1232 UINT8 *DbxCertHash;
1233 UINTN SiglistHeaderSize;
1234 UINT8 *Data;
1235 UINTN DataSize;
1236
1237 IsFound = FALSE;
1238 HashAlg = HASHALG_MAX;
1239 Data = NULL;
1240
1241 //
1242 // Read signature database variable.
1243 //
1244 DataSize = 0;
1245 Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL);
1246 if (Status != EFI_BUFFER_TOO_SMALL) {
1247 return FALSE;
1248 }
1249
1250 Data = (UINT8 *) AllocateZeroPool (DataSize);
1251 if (Data == NULL) {
1252 return FALSE;
1253 }
1254
1255 Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, Data);
1256 if (EFI_ERROR (Status)) {
1257 goto Done;
1258 }
1259
1260 //
1261 // Check whether the certificate hash exists in the forbidden database.
1262 //
1263 DbxList = (EFI_SIGNATURE_LIST *) Data;
1264 while ((DataSize > 0) && (DataSize >= DbxList->SignatureListSize)) {
1265 //
1266 // Determine Hash Algorithm of Certificate in the forbidden database.
1267 //
1268 if (CompareGuid (&DbxList->SignatureType, &gEfiCertX509Sha256Guid)) {
1269 HashAlg = HASHALG_SHA256;
1270 } else if (CompareGuid (&DbxList->SignatureType, &gEfiCertX509Sha384Guid)) {
1271 HashAlg = HASHALG_SHA384;
1272 } else if (CompareGuid (&DbxList->SignatureType, &gEfiCertX509Sha512Guid)) {
1273 HashAlg = HASHALG_SHA512;
1274 } else {
1275 DataSize -= DbxList->SignatureListSize;
1276 DbxList = (EFI_SIGNATURE_LIST *) ((UINT8 *) DbxList + DbxList->SignatureListSize);
1277 continue;
1278 }
1279
1280 //
1281 // Calculate the hash value of current db certificate for comparision.
1282 //
1283 if (!CalculateCertHash (Certificate, CertSize, HashAlg, CertDigest)) {
1284 goto Done;
1285 }
1286
1287 SiglistHeaderSize = sizeof (EFI_SIGNATURE_LIST) + DbxList->SignatureHeaderSize;
1288 CertHash = (EFI_SIGNATURE_DATA *) ((UINT8 *) DbxList + SiglistHeaderSize);
1289 CertHashCount = (DbxList->SignatureListSize - SiglistHeaderSize) / DbxList->SignatureSize;
1290 for (Index = 0; Index < CertHashCount; Index++) {
1291 //
1292 // Iterate each Signature Data Node within this CertList for verify.
1293 //
1294 DbxCertHash = CertHash->SignatureData;
1295 if (CompareMem (DbxCertHash, CertDigest, mHash[HashAlg].DigestLength) == 0) {
1296 //
1297 // Hash of Certificate is found in forbidden database.
1298 //
1299 IsFound = TRUE;
1300 goto Done;
1301 }
1302 CertHash = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertHash + DbxList->SignatureSize);
1303 }
1304
1305 DataSize -= DbxList->SignatureListSize;
1306 DbxList = (EFI_SIGNATURE_LIST *) ((UINT8 *) DbxList + DbxList->SignatureListSize);
1307 }
1308
1309 Done:
1310 if (Data != NULL) {
1311 FreePool (Data);
1312 }
1313
1314 return IsFound;
1315 }
1316
1317 /**
1318 Check whether the signature list exists in given variable data.
1319
1320 It searches the signature list for the ceritificate hash by CertType.
1321 If the signature list is found, get the offset of Database for the
1322 next hash of a certificate.
1323
1324 @param[in] Database Variable data to save signature list.
1325 @param[in] DatabaseSize Variable size.
1326 @param[in] SignatureType The type of the signature.
1327 @param[out] Offset The offset to save a new hash of certificate.
1328
1329 @return TRUE The signature list is found in the forbidden database.
1330 @return FALSE The signature list is not found in the forbidden database.
1331 **/
1332 BOOLEAN
1333 GetSignaturelistOffset (
1334 IN EFI_SIGNATURE_LIST *Database,
1335 IN UINTN DatabaseSize,
1336 IN EFI_GUID *SignatureType,
1337 OUT UINTN *Offset
1338 )
1339 {
1340 EFI_SIGNATURE_LIST *SigList;
1341 UINTN SiglistSize;
1342
1343 if ((Database == NULL) || (DatabaseSize == 0)) {
1344 *Offset = 0;
1345 return FALSE;
1346 }
1347
1348 SigList = Database;
1349 SiglistSize = DatabaseSize;
1350 while ((SiglistSize > 0) && (SiglistSize >= SigList->SignatureListSize)) {
1351 if (CompareGuid (&SigList->SignatureType, SignatureType)) {
1352 *Offset = DatabaseSize - SiglistSize;
1353 return TRUE;
1354 }
1355 SiglistSize -= SigList->SignatureListSize;
1356 SigList = (EFI_SIGNATURE_LIST *) ((UINT8 *) SigList + SigList->SignatureListSize);
1357 }
1358 *Offset = 0;
1359 return FALSE;
1360 }
1361
1362 /**
1363 Enroll a new X509 certificate hash into Signature Database (dbx) without
1364 KEK's authentication.
1365
1366 @param[in] PrivateData The module's private data.
1367 @param[in] HashAlg The hash algorithm to enroll the certificate.
1368 @param[in] RevocationDate The revocation date of the certificate.
1369 @param[in] RevocationTime The revocation time of the certificate.
1370 @param[in] AlwaysRevocation Indicate whether the certificate is always revoked.
1371
1372 @retval EFI_SUCCESS New X509 is enrolled successfully.
1373 @retval EFI_INVALID_PARAMETER The parameter is invalid.
1374 @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
1375
1376 **/
1377 EFI_STATUS
1378 EnrollX509HashtoSigDB (
1379 IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
1380 IN UINT32 HashAlg,
1381 IN EFI_HII_DATE *RevocationDate,
1382 IN EFI_HII_TIME *RevocationTime,
1383 IN BOOLEAN AlwaysRevocation
1384 )
1385 {
1386 EFI_STATUS Status;
1387 UINTN X509DataSize;
1388 VOID *X509Data;
1389 EFI_SIGNATURE_LIST *SignatureList;
1390 UINTN SignatureListSize;
1391 UINT8 *Data;
1392 UINT8 *NewData;
1393 UINTN DataSize;
1394 UINTN DbSize;
1395 UINT32 Attr;
1396 EFI_SIGNATURE_DATA *SignatureData;
1397 UINTN SignatureSize;
1398 EFI_GUID SignatureType;
1399 UINTN Offset;
1400 UINT8 CertHash[MAX_DIGEST_SIZE];
1401 UINT16* FilePostFix;
1402 UINTN NameLength;
1403 EFI_TIME *Time;
1404
1405 X509DataSize = 0;
1406 DbSize = 0;
1407 X509Data = NULL;
1408 SignatureData = NULL;
1409 SignatureList = NULL;
1410 Data = NULL;
1411 NewData = NULL;
1412
1413 if ((Private->FileContext->FileName == NULL) || (Private->FileContext->FHandle == NULL) || (Private->SignatureGUID == NULL)) {
1414 return EFI_INVALID_PARAMETER;
1415 }
1416
1417 Status = SetSecureBootMode (CUSTOM_SECURE_BOOT_MODE);
1418 if (EFI_ERROR (Status)) {
1419 return Status;
1420 }
1421
1422 //
1423 // Parse the file's postfix.
1424 //
1425 NameLength = StrLen (Private->FileContext->FileName);
1426 if (NameLength <= 4) {
1427 return EFI_INVALID_PARAMETER;
1428 }
1429 FilePostFix = Private->FileContext->FileName + NameLength - 4;
1430 if (!IsDerEncodeCertificate(FilePostFix)) {
1431 //
1432 // Only supports DER-encoded X509 certificate.
1433 //
1434 return EFI_INVALID_PARAMETER;
1435 }
1436
1437 //
1438 // Get the certificate from file and calculate its hash.
1439 //
1440 Status = ReadFileContent (
1441 Private->FileContext->FHandle,
1442 &X509Data,
1443 &X509DataSize,
1444 0
1445 );
1446 if (EFI_ERROR (Status)) {
1447 goto ON_EXIT;
1448 }
1449 ASSERT (X509Data != NULL);
1450
1451 if (!CalculateCertHash (X509Data, X509DataSize, HashAlg, CertHash)) {
1452 goto ON_EXIT;
1453 }
1454
1455 //
1456 // Get the variable for enrollment.
1457 //
1458 DataSize = 0;
1459 Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL);
1460 if (Status == EFI_BUFFER_TOO_SMALL) {
1461 Data = (UINT8 *) AllocateZeroPool (DataSize);
1462 if (Data == NULL) {
1463 return EFI_OUT_OF_RESOURCES;
1464 }
1465
1466 Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, Data);
1467 if (EFI_ERROR (Status)) {
1468 goto ON_EXIT;
1469 }
1470 }
1471
1472 //
1473 // Allocate memory for Signature and fill the Signature
1474 //
1475 SignatureSize = sizeof(EFI_SIGNATURE_DATA) - 1 + sizeof (EFI_TIME) + mHash[HashAlg].DigestLength;
1476 SignatureData = (EFI_SIGNATURE_DATA *) AllocateZeroPool (SignatureSize);
1477 if (SignatureData == NULL) {
1478 return EFI_OUT_OF_RESOURCES;
1479 }
1480 CopyGuid (&SignatureData->SignatureOwner, Private->SignatureGUID);
1481 CopyMem (SignatureData->SignatureData, CertHash, mHash[HashAlg].DigestLength);
1482
1483 //
1484 // Fill the time.
1485 //
1486 if (!AlwaysRevocation) {
1487 Time = (EFI_TIME *)(&SignatureData->SignatureData + mHash[HashAlg].DigestLength);
1488 Time->Year = RevocationDate->Year;
1489 Time->Month = RevocationDate->Month;
1490 Time->Day = RevocationDate->Day;
1491 Time->Hour = RevocationTime->Hour;
1492 Time->Minute = RevocationTime->Minute;
1493 Time->Second = RevocationTime->Second;
1494 }
1495
1496 //
1497 // Determine the GUID for certificate hash.
1498 //
1499 switch (HashAlg) {
1500 case HASHALG_SHA256:
1501 SignatureType = gEfiCertX509Sha256Guid;
1502 break;
1503 case HASHALG_SHA384:
1504 SignatureType = gEfiCertX509Sha384Guid;
1505 break;
1506 case HASHALG_SHA512:
1507 SignatureType = gEfiCertX509Sha512Guid;
1508 break;
1509 default:
1510 return FALSE;
1511 }
1512
1513 //
1514 // Add signature into the new variable data buffer
1515 //
1516 if (GetSignaturelistOffset((EFI_SIGNATURE_LIST *)Data, DataSize, &SignatureType, &Offset)) {
1517 //
1518 // Add the signature to the found signaturelist.
1519 //
1520 DbSize = DataSize + SignatureSize;
1521 NewData = AllocateZeroPool (DbSize);
1522 if (NewData == NULL) {
1523 Status = EFI_OUT_OF_RESOURCES;
1524 goto ON_EXIT;
1525 }
1526
1527 SignatureList = (EFI_SIGNATURE_LIST *)(Data + Offset);
1528 SignatureListSize = (UINTN) ReadUnaligned32 ((UINT32 *)&SignatureList->SignatureListSize);
1529 CopyMem (NewData, Data, Offset + SignatureListSize);
1530
1531 SignatureList = (EFI_SIGNATURE_LIST *)(NewData + Offset);
1532 WriteUnaligned32 ((UINT32 *) &SignatureList->SignatureListSize, (UINT32)(SignatureListSize + SignatureSize));
1533
1534 Offset += SignatureListSize;
1535 CopyMem (NewData + Offset, SignatureData, SignatureSize);
1536 CopyMem (NewData + Offset + SignatureSize, Data + Offset, DataSize - Offset);
1537
1538 FreePool (Data);
1539 Data = NewData;
1540 DataSize = DbSize;
1541 } else {
1542 //
1543 // Create a new signaturelist, and add the signature into the signaturelist.
1544 //
1545 DbSize = DataSize + sizeof(EFI_SIGNATURE_LIST) + SignatureSize;
1546 NewData = AllocateZeroPool (DbSize);
1547 if (NewData == NULL) {
1548 Status = EFI_OUT_OF_RESOURCES;
1549 goto ON_EXIT;
1550 }
1551 //
1552 // Fill Certificate Database parameters.
1553 //
1554 SignatureList = (EFI_SIGNATURE_LIST*) (NewData + DataSize);
1555 SignatureListSize = sizeof(EFI_SIGNATURE_LIST) + SignatureSize;
1556 WriteUnaligned32 ((UINT32 *) &SignatureList->SignatureListSize, (UINT32) SignatureListSize);
1557 WriteUnaligned32 ((UINT32 *) &SignatureList->SignatureSize, (UINT32) SignatureSize);
1558 CopyGuid (&SignatureList->SignatureType, &SignatureType);
1559 CopyMem ((UINT8* ) SignatureList + sizeof (EFI_SIGNATURE_LIST), SignatureData, SignatureSize);
1560 if ((DataSize != 0) && (Data != NULL)) {
1561 CopyMem (NewData, Data, DataSize);
1562 FreePool (Data);
1563 }
1564 Data = NewData;
1565 DataSize = DbSize;
1566 }
1567
1568 Status = CreateTimeBasedPayload (&DataSize, (UINT8**) &Data);
1569 if (EFI_ERROR (Status)) {
1570 goto ON_EXIT;
1571 }
1572
1573 Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
1574 | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
1575 Status = gRT->SetVariable(
1576 EFI_IMAGE_SECURITY_DATABASE1,
1577 &gEfiImageSecurityDatabaseGuid,
1578 Attr,
1579 DataSize,
1580 Data
1581 );
1582 if (EFI_ERROR (Status)) {
1583 goto ON_EXIT;
1584 }
1585
1586 ON_EXIT:
1587
1588 CloseEnrolledFile(Private->FileContext);
1589
1590 if (Private->SignatureGUID != NULL) {
1591 FreePool (Private->SignatureGUID);
1592 Private->SignatureGUID = NULL;
1593 }
1594
1595 if (Data != NULL) {
1596 FreePool (Data);
1597 }
1598
1599 if (SignatureData != NULL) {
1600 FreePool (SignatureData);
1601 }
1602
1603 if (X509Data != NULL) {
1604 FreePool (X509Data);
1605 }
1606
1607 return Status;
1608 }
1609
1610 /**
1611 Check whether a certificate from a file exists in dbx.
1612
1613 @param[in] PrivateData The module's private data.
1614 @param[in] VariableName Variable name of signature database, must be
1615 EFI_IMAGE_SECURITY_DATABASE1.
1616
1617 @retval TRUE The X509 certificate is found in dbx successfully.
1618 @retval FALSE The X509 certificate is not found in dbx.
1619 **/
1620 BOOLEAN
1621 IsX509CertInDbx (
1622 IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
1623 IN CHAR16 *VariableName
1624 )
1625 {
1626 EFI_STATUS Status;
1627 UINTN X509DataSize;
1628 VOID *X509Data;
1629 BOOLEAN IsFound;
1630
1631 //
1632 // Read the certificate from file
1633 //
1634 X509DataSize = 0;
1635 X509Data = NULL;
1636 Status = ReadFileContent (
1637 Private->FileContext->FHandle,
1638 &X509Data,
1639 &X509DataSize,
1640 0
1641 );
1642 if (EFI_ERROR (Status)) {
1643 return FALSE;
1644 }
1645
1646 //
1647 // Check the raw certificate.
1648 //
1649 IsFound = FALSE;
1650 if (IsSignatureFoundInDatabase (EFI_IMAGE_SECURITY_DATABASE1, X509Data, X509DataSize)) {
1651 IsFound = TRUE;
1652 goto ON_EXIT;
1653 }
1654
1655 //
1656 // Check the hash of certificate.
1657 //
1658 if (IsCertHashFoundInDbx (X509Data, X509DataSize)) {
1659 IsFound = TRUE;
1660 goto ON_EXIT;
1661 }
1662
1663 ON_EXIT:
1664 if (X509Data != NULL) {
1665 FreePool (X509Data);
1666 }
1667
1668 return IsFound;
1669 }
1670
1671 /**
1672 Reads contents of a PE/COFF image in memory buffer.
1673
1674 Caution: This function may receive untrusted input.
1675 PE/COFF image is external input, so this function will make sure the PE/COFF image content
1676 read is within the image buffer.
1677
1678 @param FileHandle Pointer to the file handle to read the PE/COFF image.
1679 @param FileOffset Offset into the PE/COFF image to begin the read operation.
1680 @param ReadSize On input, the size in bytes of the requested read operation.
1681 On output, the number of bytes actually read.
1682 @param Buffer Output buffer that contains the data read from the PE/COFF image.
1683
1684 @retval EFI_SUCCESS The specified portion of the PE/COFF image was read and the size
1685 **/
1686 EFI_STATUS
1687 EFIAPI
1688 SecureBootConfigImageRead (
1689 IN VOID *FileHandle,
1690 IN UINTN FileOffset,
1691 IN OUT UINTN *ReadSize,
1692 OUT VOID *Buffer
1693 )
1694 {
1695 UINTN EndPosition;
1696
1697 if (FileHandle == NULL || ReadSize == NULL || Buffer == NULL) {
1698 return EFI_INVALID_PARAMETER;
1699 }
1700
1701 if (MAX_ADDRESS - FileOffset < *ReadSize) {
1702 return EFI_INVALID_PARAMETER;
1703 }
1704
1705 EndPosition = FileOffset + *ReadSize;
1706 if (EndPosition > mImageSize) {
1707 *ReadSize = (UINT32)(mImageSize - FileOffset);
1708 }
1709
1710 if (FileOffset >= mImageSize) {
1711 *ReadSize = 0;
1712 }
1713
1714 CopyMem (Buffer, (UINT8 *)((UINTN) FileHandle + FileOffset), *ReadSize);
1715
1716 return EFI_SUCCESS;
1717 }
1718
1719 /**
1720 Load PE/COFF image information into internal buffer and check its validity.
1721
1722 @retval EFI_SUCCESS Successful
1723 @retval EFI_UNSUPPORTED Invalid PE/COFF file
1724 @retval EFI_ABORTED Serious error occurs, like file I/O error etc.
1725
1726 **/
1727 EFI_STATUS
1728 LoadPeImage (
1729 VOID
1730 )
1731 {
1732 EFI_IMAGE_DOS_HEADER *DosHdr;
1733 EFI_IMAGE_NT_HEADERS32 *NtHeader32;
1734 EFI_IMAGE_NT_HEADERS64 *NtHeader64;
1735 PE_COFF_LOADER_IMAGE_CONTEXT ImageContext;
1736 EFI_STATUS Status;
1737
1738 NtHeader32 = NULL;
1739 NtHeader64 = NULL;
1740
1741 ZeroMem (&ImageContext, sizeof (ImageContext));
1742 ImageContext.Handle = (VOID *) mImageBase;
1743 ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE) SecureBootConfigImageRead;
1744
1745 //
1746 // Get information about the image being loaded
1747 //
1748 Status = PeCoffLoaderGetImageInfo (&ImageContext);
1749 if (EFI_ERROR (Status)) {
1750 //
1751 // The information can't be got from the invalid PeImage
1752 //
1753 DEBUG ((DEBUG_INFO, "SecureBootConfigDxe: PeImage invalid. \n"));
1754 return Status;
1755 }
1756
1757 //
1758 // Read the Dos header
1759 //
1760 DosHdr = (EFI_IMAGE_DOS_HEADER*)(mImageBase);
1761 if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE)
1762 {
1763 //
1764 // DOS image header is present,
1765 // So read the PE header after the DOS image header
1766 //
1767 mPeCoffHeaderOffset = DosHdr->e_lfanew;
1768 }
1769 else
1770 {
1771 mPeCoffHeaderOffset = 0;
1772 }
1773
1774 //
1775 // Read PE header and check the signature validity and machine compatibility
1776 //
1777 NtHeader32 = (EFI_IMAGE_NT_HEADERS32*) (mImageBase + mPeCoffHeaderOffset);
1778 if (NtHeader32->Signature != EFI_IMAGE_NT_SIGNATURE)
1779 {
1780 return EFI_UNSUPPORTED;
1781 }
1782
1783 mNtHeader.Pe32 = NtHeader32;
1784
1785 //
1786 // Check the architecture field of PE header and get the Certificate Data Directory data
1787 // Note the size of FileHeader field is constant for both IA32 and X64 arch
1788 //
1789 if ((NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_IA32)
1790 || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_EBC)
1791 || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_ARMTHUMB_MIXED)) {
1792 //
1793 // 32-bits Architecture
1794 //
1795 mImageType = ImageType_IA32;
1796 mSecDataDir = (EFI_IMAGE_SECURITY_DATA_DIRECTORY*) &(NtHeader32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]);
1797 }
1798 else if ((NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_IA64)
1799 || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_X64)
1800 || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_AARCH64)) {
1801 //
1802 // 64-bits Architecture
1803 //
1804 mImageType = ImageType_X64;
1805 NtHeader64 = (EFI_IMAGE_NT_HEADERS64 *) (mImageBase + mPeCoffHeaderOffset);
1806 mSecDataDir = (EFI_IMAGE_SECURITY_DATA_DIRECTORY*) &(NtHeader64->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]);
1807 } else {
1808 return EFI_UNSUPPORTED;
1809 }
1810
1811 return EFI_SUCCESS;
1812 }
1813
1814 /**
1815 Calculate hash of Pe/Coff image based on the authenticode image hashing in
1816 PE/COFF Specification 8.0 Appendix A
1817
1818 Notes: PE/COFF image has been checked by BasePeCoffLib PeCoffLoaderGetImageInfo() in
1819 the function LoadPeImage ().
1820
1821 @param[in] HashAlg Hash algorithm type.
1822
1823 @retval TRUE Successfully hash image.
1824 @retval FALSE Fail in hash image.
1825
1826 **/
1827 BOOLEAN
1828 HashPeImage (
1829 IN UINT32 HashAlg
1830 )
1831 {
1832 BOOLEAN Status;
1833 UINT16 Magic;
1834 EFI_IMAGE_SECTION_HEADER *Section;
1835 VOID *HashCtx;
1836 UINTN CtxSize;
1837 UINT8 *HashBase;
1838 UINTN HashSize;
1839 UINTN SumOfBytesHashed;
1840 EFI_IMAGE_SECTION_HEADER *SectionHeader;
1841 UINTN Index;
1842 UINTN Pos;
1843
1844 HashCtx = NULL;
1845 SectionHeader = NULL;
1846 Status = FALSE;
1847
1848 if (HashAlg != HASHALG_SHA256) {
1849 return FALSE;
1850 }
1851
1852 //
1853 // Initialize context of hash.
1854 //
1855 ZeroMem (mImageDigest, MAX_DIGEST_SIZE);
1856
1857 mImageDigestSize = SHA256_DIGEST_SIZE;
1858 mCertType = gEfiCertSha256Guid;
1859
1860 CtxSize = mHash[HashAlg].GetContextSize();
1861
1862 HashCtx = AllocatePool (CtxSize);
1863 ASSERT (HashCtx != NULL);
1864
1865 // 1. Load the image header into memory.
1866
1867 // 2. Initialize a SHA hash context.
1868 Status = mHash[HashAlg].HashInit(HashCtx);
1869 if (!Status) {
1870 goto Done;
1871 }
1872 //
1873 // Measuring PE/COFF Image Header;
1874 // But CheckSum field and SECURITY data directory (certificate) are excluded
1875 //
1876 if (mNtHeader.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
1877 //
1878 // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
1879 // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
1880 // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
1881 // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
1882 //
1883 Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
1884 } else {
1885 //
1886 // Get the magic value from the PE/COFF Optional Header
1887 //
1888 Magic = mNtHeader.Pe32->OptionalHeader.Magic;
1889 }
1890
1891 //
1892 // 3. Calculate the distance from the base of the image header to the image checksum address.
1893 // 4. Hash the image header from its base to beginning of the image checksum.
1894 //
1895 HashBase = mImageBase;
1896 if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
1897 //
1898 // Use PE32 offset.
1899 //
1900 HashSize = (UINTN) (&mNtHeader.Pe32->OptionalHeader.CheckSum) - (UINTN) HashBase;
1901 } else {
1902 //
1903 // Use PE32+ offset.
1904 //
1905 HashSize = (UINTN) (&mNtHeader.Pe32Plus->OptionalHeader.CheckSum) - (UINTN) HashBase;
1906 }
1907
1908 Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
1909 if (!Status) {
1910 goto Done;
1911 }
1912 //
1913 // 5. Skip over the image checksum (it occupies a single ULONG).
1914 // 6. Get the address of the beginning of the Cert Directory.
1915 // 7. Hash everything from the end of the checksum to the start of the Cert Directory.
1916 //
1917 if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
1918 //
1919 // Use PE32 offset.
1920 //
1921 HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
1922 HashSize = (UINTN) (&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;
1923 } else {
1924 //
1925 // Use PE32+ offset.
1926 //
1927 HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
1928 HashSize = (UINTN) (&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;
1929 }
1930
1931 Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
1932 if (!Status) {
1933 goto Done;
1934 }
1935 //
1936 // 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)
1937 // 9. Hash everything from the end of the Cert Directory to the end of image header.
1938 //
1939 if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
1940 //
1941 // Use PE32 offset
1942 //
1943 HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
1944 HashSize = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders - ((UINTN) (&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]) - (UINTN) mImageBase);
1945 } else {
1946 //
1947 // Use PE32+ offset.
1948 //
1949 HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
1950 HashSize = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders - ((UINTN) (&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]) - (UINTN) mImageBase);
1951 }
1952
1953 Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
1954 if (!Status) {
1955 goto Done;
1956 }
1957 //
1958 // 10. Set the SUM_OF_BYTES_HASHED to the size of the header.
1959 //
1960 if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
1961 //
1962 // Use PE32 offset.
1963 //
1964 SumOfBytesHashed = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders;
1965 } else {
1966 //
1967 // Use PE32+ offset
1968 //
1969 SumOfBytesHashed = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders;
1970 }
1971
1972 //
1973 // 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER
1974 // structures in the image. The 'NumberOfSections' field of the image
1975 // header indicates how big the table should be. Do not include any
1976 // IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.
1977 //
1978 SectionHeader = (EFI_IMAGE_SECTION_HEADER *) AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * mNtHeader.Pe32->FileHeader.NumberOfSections);
1979 ASSERT (SectionHeader != NULL);
1980 //
1981 // 12. Using the 'PointerToRawData' in the referenced section headers as
1982 // a key, arrange the elements in the table in ascending order. In other
1983 // words, sort the section headers according to the disk-file offset of
1984 // the section.
1985 //
1986 Section = (EFI_IMAGE_SECTION_HEADER *) (
1987 mImageBase +
1988 mPeCoffHeaderOffset +
1989 sizeof (UINT32) +
1990 sizeof (EFI_IMAGE_FILE_HEADER) +
1991 mNtHeader.Pe32->FileHeader.SizeOfOptionalHeader
1992 );
1993 for (Index = 0; Index < mNtHeader.Pe32->FileHeader.NumberOfSections; Index++) {
1994 Pos = Index;
1995 while ((Pos > 0) && (Section->PointerToRawData < SectionHeader[Pos - 1].PointerToRawData)) {
1996 CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof (EFI_IMAGE_SECTION_HEADER));
1997 Pos--;
1998 }
1999 CopyMem (&SectionHeader[Pos], Section, sizeof (EFI_IMAGE_SECTION_HEADER));
2000 Section += 1;
2001 }
2002
2003 //
2004 // 13. Walk through the sorted table, bring the corresponding section
2005 // into memory, and hash the entire section (using the 'SizeOfRawData'
2006 // field in the section header to determine the amount of data to hash).
2007 // 14. Add the section's 'SizeOfRawData' to SUM_OF_BYTES_HASHED .
2008 // 15. Repeat steps 13 and 14 for all the sections in the sorted table.
2009 //
2010 for (Index = 0; Index < mNtHeader.Pe32->FileHeader.NumberOfSections; Index++) {
2011 Section = &SectionHeader[Index];
2012 if (Section->SizeOfRawData == 0) {
2013 continue;
2014 }
2015 HashBase = mImageBase + Section->PointerToRawData;
2016 HashSize = (UINTN) Section->SizeOfRawData;
2017
2018 Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
2019 if (!Status) {
2020 goto Done;
2021 }
2022
2023 SumOfBytesHashed += HashSize;
2024 }
2025
2026 //
2027 // 16. If the file size is greater than SUM_OF_BYTES_HASHED, there is extra
2028 // data in the file that needs to be added to the hash. This data begins
2029 // at file offset SUM_OF_BYTES_HASHED and its length is:
2030 // FileSize - (CertDirectory->Size)
2031 //
2032 if (mImageSize > SumOfBytesHashed) {
2033 HashBase = mImageBase + SumOfBytesHashed;
2034 if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
2035 //
2036 // Use PE32 offset.
2037 //
2038 HashSize = (UINTN)(
2039 mImageSize -
2040 mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size -
2041 SumOfBytesHashed);
2042 } else {
2043 //
2044 // Use PE32+ offset.
2045 //
2046 HashSize = (UINTN)(
2047 mImageSize -
2048 mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size -
2049 SumOfBytesHashed);
2050 }
2051
2052 Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
2053 if (!Status) {
2054 goto Done;
2055 }
2056 }
2057
2058 Status = mHash[HashAlg].HashFinal(HashCtx, mImageDigest);
2059
2060 Done:
2061 if (HashCtx != NULL) {
2062 FreePool (HashCtx);
2063 }
2064 if (SectionHeader != NULL) {
2065 FreePool (SectionHeader);
2066 }
2067 return Status;
2068 }
2069
2070 /**
2071 Recognize the Hash algorithm in PE/COFF Authenticode and calculate hash of
2072 Pe/Coff image based on the authenticated image hashing in PE/COFF Specification
2073 8.0 Appendix A
2074
2075 @retval EFI_UNSUPPORTED Hash algorithm is not supported.
2076 @retval EFI_SUCCESS Hash successfully.
2077
2078 **/
2079 EFI_STATUS
2080 HashPeImageByType (
2081 VOID
2082 )
2083 {
2084 UINT8 Index;
2085 WIN_CERTIFICATE_EFI_PKCS *PkcsCertData;
2086
2087 PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *) (mImageBase + mSecDataDir->Offset);
2088
2089 for (Index = 0; Index < HASHALG_MAX; Index++) {
2090 //
2091 // Check the Hash algorithm in PE/COFF Authenticode.
2092 // According to PKCS#7 Definition:
2093 // SignedData ::= SEQUENCE {
2094 // version Version,
2095 // digestAlgorithms DigestAlgorithmIdentifiers,
2096 // contentInfo ContentInfo,
2097 // .... }
2098 // The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing
2099 // This field has the fixed offset (+32) in final Authenticode ASN.1 data.
2100 // Fixed offset (+32) is calculated based on two bytes of length encoding.
2101 //
2102 if ((*(PkcsCertData->CertData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {
2103 //
2104 // Only support two bytes of Long Form of Length Encoding.
2105 //
2106 continue;
2107 }
2108
2109 //
2110 if (CompareMem (PkcsCertData->CertData + 32, mHash[Index].OidValue, mHash[Index].OidLength) == 0) {
2111 break;
2112 }
2113 }
2114
2115 if (Index == HASHALG_MAX) {
2116 return EFI_UNSUPPORTED;
2117 }
2118
2119 //
2120 // HASH PE Image based on Hash algorithm in PE/COFF Authenticode.
2121 //
2122 if (!HashPeImage(Index)) {
2123 return EFI_UNSUPPORTED;
2124 }
2125
2126 return EFI_SUCCESS;
2127 }
2128
2129 /**
2130 Enroll a new executable's signature into Signature Database.
2131
2132 @param[in] PrivateData The module's private data.
2133 @param[in] VariableName Variable name of signature database, must be
2134 EFI_IMAGE_SECURITY_DATABASE, EFI_IMAGE_SECURITY_DATABASE1
2135 or EFI_IMAGE_SECURITY_DATABASE2.
2136
2137 @retval EFI_SUCCESS New signature is enrolled successfully.
2138 @retval EFI_INVALID_PARAMETER The parameter is invalid.
2139 @retval EFI_UNSUPPORTED Unsupported command.
2140 @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
2141
2142 **/
2143 EFI_STATUS
2144 EnrollAuthentication2Descriptor (
2145 IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
2146 IN CHAR16 *VariableName
2147 )
2148 {
2149 EFI_STATUS Status;
2150 VOID *Data;
2151 UINTN DataSize;
2152 UINT32 Attr;
2153
2154 Data = NULL;
2155
2156 //
2157 // DBT only support DER-X509 Cert Enrollment
2158 //
2159 if (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE2) == 0) {
2160 return EFI_UNSUPPORTED;
2161 }
2162
2163 //
2164 // Read the whole file content
2165 //
2166 Status = ReadFileContent(
2167 Private->FileContext->FHandle,
2168 (VOID **) &mImageBase,
2169 &mImageSize,
2170 0
2171 );
2172 if (EFI_ERROR (Status)) {
2173 goto ON_EXIT;
2174 }
2175 ASSERT (mImageBase != NULL);
2176
2177 Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
2178 | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
2179
2180 //
2181 // Check if SigDB variable has been already existed.
2182 // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
2183 // new signature data to original variable
2184 //
2185 DataSize = 0;
2186 Status = gRT->GetVariable(
2187 VariableName,
2188 &gEfiImageSecurityDatabaseGuid,
2189 NULL,
2190 &DataSize,
2191 NULL
2192 );
2193 if (Status == EFI_BUFFER_TOO_SMALL) {
2194 Attr |= EFI_VARIABLE_APPEND_WRITE;
2195 } else if (Status != EFI_NOT_FOUND) {
2196 goto ON_EXIT;
2197 }
2198
2199 //
2200 // Diretly set AUTHENTICATION_2 data to SetVariable
2201 //
2202 Status = gRT->SetVariable(
2203 VariableName,
2204 &gEfiImageSecurityDatabaseGuid,
2205 Attr,
2206 mImageSize,
2207 mImageBase
2208 );
2209
2210 DEBUG((DEBUG_INFO, "Enroll AUTH_2 data to Var:%s Status: %x\n", VariableName, Status));
2211
2212 ON_EXIT:
2213
2214 CloseEnrolledFile(Private->FileContext);
2215
2216 if (Data != NULL) {
2217 FreePool (Data);
2218 }
2219
2220 if (mImageBase != NULL) {
2221 FreePool (mImageBase);
2222 mImageBase = NULL;
2223 }
2224
2225 return Status;
2226
2227 }
2228
2229
2230 /**
2231 Enroll a new executable's signature into Signature Database.
2232
2233 @param[in] PrivateData The module's private data.
2234 @param[in] VariableName Variable name of signature database, must be
2235 EFI_IMAGE_SECURITY_DATABASE, EFI_IMAGE_SECURITY_DATABASE1
2236 or EFI_IMAGE_SECURITY_DATABASE2.
2237
2238 @retval EFI_SUCCESS New signature is enrolled successfully.
2239 @retval EFI_INVALID_PARAMETER The parameter is invalid.
2240 @retval EFI_UNSUPPORTED Unsupported command.
2241 @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
2242
2243 **/
2244 EFI_STATUS
2245 EnrollImageSignatureToSigDB (
2246 IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
2247 IN CHAR16 *VariableName
2248 )
2249 {
2250 EFI_STATUS Status;
2251 EFI_SIGNATURE_LIST *SigDBCert;
2252 EFI_SIGNATURE_DATA *SigDBCertData;
2253 VOID *Data;
2254 UINTN DataSize;
2255 UINTN SigDBSize;
2256 UINT32 Attr;
2257 WIN_CERTIFICATE_UEFI_GUID *GuidCertData;
2258
2259 Data = NULL;
2260 GuidCertData = NULL;
2261
2262 if (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE2) == 0) {
2263 return EFI_UNSUPPORTED;
2264 }
2265
2266 //
2267 // Form the SigDB certificate list.
2268 // Format the data item into EFI_SIGNATURE_LIST type.
2269 //
2270 // We need to parse executable's signature data from specified signed executable file.
2271 // In current implementation, we simply trust the pass-in signed executable file.
2272 // In reality, it's OS's responsibility to verify the signed executable file.
2273 //
2274
2275 //
2276 // Read the whole file content
2277 //
2278 Status = ReadFileContent(
2279 Private->FileContext->FHandle,
2280 (VOID **) &mImageBase,
2281 &mImageSize,
2282 0
2283 );
2284 if (EFI_ERROR (Status)) {
2285 goto ON_EXIT;
2286 }
2287 ASSERT (mImageBase != NULL);
2288
2289 Status = LoadPeImage ();
2290 if (EFI_ERROR (Status)) {
2291 goto ON_EXIT;
2292 }
2293
2294 if (mSecDataDir->SizeOfCert == 0) {
2295 if (!HashPeImage (HASHALG_SHA256)) {
2296 Status = EFI_SECURITY_VIOLATION;
2297 goto ON_EXIT;
2298 }
2299 } else {
2300
2301 //
2302 // Read the certificate data
2303 //
2304 mCertificate = (WIN_CERTIFICATE *)(mImageBase + mSecDataDir->Offset);
2305
2306 if (mCertificate->wCertificateType == WIN_CERT_TYPE_EFI_GUID) {
2307 GuidCertData = (WIN_CERTIFICATE_UEFI_GUID*) mCertificate;
2308 if (CompareMem (&GuidCertData->CertType, &gEfiCertTypeRsa2048Sha256Guid, sizeof(EFI_GUID)) != 0) {
2309 Status = EFI_ABORTED;
2310 goto ON_EXIT;
2311 }
2312
2313 if (!HashPeImage (HASHALG_SHA256)) {
2314 Status = EFI_ABORTED;
2315 goto ON_EXIT;;
2316 }
2317
2318 } else if (mCertificate->wCertificateType == WIN_CERT_TYPE_PKCS_SIGNED_DATA) {
2319
2320 Status = HashPeImageByType ();
2321 if (EFI_ERROR (Status)) {
2322 goto ON_EXIT;;
2323 }
2324 } else {
2325 Status = EFI_ABORTED;
2326 goto ON_EXIT;
2327 }
2328 }
2329
2330 //
2331 // Create a new SigDB entry.
2332 //
2333 SigDBSize = sizeof(EFI_SIGNATURE_LIST)
2334 + sizeof(EFI_SIGNATURE_DATA) - 1
2335 + (UINT32) mImageDigestSize;
2336
2337 Data = (UINT8*) AllocateZeroPool (SigDBSize);
2338 if (Data == NULL) {
2339 Status = EFI_OUT_OF_RESOURCES;
2340 goto ON_EXIT;
2341 }
2342
2343 //
2344 // Adjust the Certificate Database parameters.
2345 //
2346 SigDBCert = (EFI_SIGNATURE_LIST*) Data;
2347 SigDBCert->SignatureListSize = (UINT32) SigDBSize;
2348 SigDBCert->SignatureHeaderSize = 0;
2349 SigDBCert->SignatureSize = sizeof(EFI_SIGNATURE_DATA) - 1 + (UINT32) mImageDigestSize;
2350 CopyGuid (&SigDBCert->SignatureType, &mCertType);
2351
2352 SigDBCertData = (EFI_SIGNATURE_DATA*)((UINT8*)SigDBCert + sizeof(EFI_SIGNATURE_LIST));
2353 CopyGuid (&SigDBCertData->SignatureOwner, Private->SignatureGUID);
2354 CopyMem (SigDBCertData->SignatureData, mImageDigest, mImageDigestSize);
2355
2356 Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
2357 | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
2358 Status = CreateTimeBasedPayload (&SigDBSize, (UINT8**) &Data);
2359 if (EFI_ERROR (Status)) {
2360 DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
2361 goto ON_EXIT;
2362 }
2363
2364 //
2365 // Check if SigDB variable has been already existed.
2366 // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
2367 // new signature data to original variable
2368 //
2369 DataSize = 0;
2370 Status = gRT->GetVariable(
2371 VariableName,
2372 &gEfiImageSecurityDatabaseGuid,
2373 NULL,
2374 &DataSize,
2375 NULL
2376 );
2377 if (Status == EFI_BUFFER_TOO_SMALL) {
2378 Attr |= EFI_VARIABLE_APPEND_WRITE;
2379 } else if (Status != EFI_NOT_FOUND) {
2380 goto ON_EXIT;
2381 }
2382
2383 //
2384 // Enroll the variable.
2385 //
2386 Status = gRT->SetVariable(
2387 VariableName,
2388 &gEfiImageSecurityDatabaseGuid,
2389 Attr,
2390 SigDBSize,
2391 Data
2392 );
2393 if (EFI_ERROR (Status)) {
2394 goto ON_EXIT;
2395 }
2396
2397 ON_EXIT:
2398
2399 CloseEnrolledFile(Private->FileContext);
2400
2401 if (Private->SignatureGUID != NULL) {
2402 FreePool (Private->SignatureGUID);
2403 Private->SignatureGUID = NULL;
2404 }
2405
2406 if (Data != NULL) {
2407 FreePool (Data);
2408 }
2409
2410 if (mImageBase != NULL) {
2411 FreePool (mImageBase);
2412 mImageBase = NULL;
2413 }
2414
2415 return Status;
2416 }
2417
2418 /**
2419 Enroll signature into DB/DBX/DBT without KEK's authentication.
2420 The SignatureOwner GUID will be Private->SignatureGUID.
2421
2422 @param[in] PrivateData The module's private data.
2423 @param[in] VariableName Variable name of signature database, must be
2424 EFI_IMAGE_SECURITY_DATABASE or EFI_IMAGE_SECURITY_DATABASE1.
2425
2426 @retval EFI_SUCCESS New signature enrolled successfully.
2427 @retval EFI_INVALID_PARAMETER The parameter is invalid.
2428 @retval others Fail to enroll signature data.
2429
2430 **/
2431 EFI_STATUS
2432 EnrollSignatureDatabase (
2433 IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
2434 IN CHAR16 *VariableName
2435 )
2436 {
2437 UINT16* FilePostFix;
2438 EFI_STATUS Status;
2439 UINTN NameLength;
2440
2441 if ((Private->FileContext->FileName == NULL) || (Private->FileContext->FHandle == NULL) || (Private->SignatureGUID == NULL)) {
2442 return EFI_INVALID_PARAMETER;
2443 }
2444
2445 Status = SetSecureBootMode (CUSTOM_SECURE_BOOT_MODE);
2446 if (EFI_ERROR (Status)) {
2447 return Status;
2448 }
2449
2450 //
2451 // Parse the file's postfix.
2452 //
2453 NameLength = StrLen (Private->FileContext->FileName);
2454 if (NameLength <= 4) {
2455 return EFI_INVALID_PARAMETER;
2456 }
2457 FilePostFix = Private->FileContext->FileName + NameLength - 4;
2458 if (IsDerEncodeCertificate (FilePostFix)) {
2459 //
2460 // Supports DER-encoded X509 certificate.
2461 //
2462 return EnrollX509toSigDB (Private, VariableName);
2463 } else if (IsAuthentication2Format(Private->FileContext->FHandle)){
2464 return EnrollAuthentication2Descriptor(Private, VariableName);
2465 } else {
2466 return EnrollImageSignatureToSigDB (Private, VariableName);
2467 }
2468 }
2469
2470 /**
2471 List all signatures in specified signature database (e.g. KEK/DB/DBX/DBT)
2472 by GUID in the page for user to select and delete as needed.
2473
2474 @param[in] PrivateData Module's private data.
2475 @param[in] VariableName The variable name of the vendor's signature database.
2476 @param[in] VendorGuid A unique identifier for the vendor.
2477 @param[in] LabelNumber Label number to insert opcodes.
2478 @param[in] FormId Form ID of current page.
2479 @param[in] QuestionIdBase Base question id of the signature list.
2480
2481 @retval EFI_SUCCESS Success to update the signature list page
2482 @retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.
2483
2484 **/
2485 EFI_STATUS
2486 UpdateDeletePage (
2487 IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
2488 IN CHAR16 *VariableName,
2489 IN EFI_GUID *VendorGuid,
2490 IN UINT16 LabelNumber,
2491 IN EFI_FORM_ID FormId,
2492 IN EFI_QUESTION_ID QuestionIdBase
2493 )
2494 {
2495 EFI_STATUS Status;
2496 UINT32 Index;
2497 UINTN CertCount;
2498 UINTN GuidIndex;
2499 VOID *StartOpCodeHandle;
2500 VOID *EndOpCodeHandle;
2501 EFI_IFR_GUID_LABEL *StartLabel;
2502 EFI_IFR_GUID_LABEL *EndLabel;
2503 UINTN DataSize;
2504 UINT8 *Data;
2505 EFI_SIGNATURE_LIST *CertList;
2506 EFI_SIGNATURE_DATA *Cert;
2507 UINT32 ItemDataSize;
2508 CHAR16 *GuidStr;
2509 EFI_STRING_ID GuidID;
2510 EFI_STRING_ID Help;
2511
2512 Data = NULL;
2513 CertList = NULL;
2514 Cert = NULL;
2515 GuidStr = NULL;
2516 StartOpCodeHandle = NULL;
2517 EndOpCodeHandle = NULL;
2518
2519 //
2520 // Initialize the container for dynamic opcodes.
2521 //
2522 StartOpCodeHandle = HiiAllocateOpCodeHandle ();
2523 if (StartOpCodeHandle == NULL) {
2524 Status = EFI_OUT_OF_RESOURCES;
2525 goto ON_EXIT;
2526 }
2527
2528 EndOpCodeHandle = HiiAllocateOpCodeHandle ();
2529 if (EndOpCodeHandle == NULL) {
2530 Status = EFI_OUT_OF_RESOURCES;
2531 goto ON_EXIT;
2532 }
2533
2534 //
2535 // Create Hii Extend Label OpCode.
2536 //
2537 StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
2538 StartOpCodeHandle,
2539 &gEfiIfrTianoGuid,
2540 NULL,
2541 sizeof (EFI_IFR_GUID_LABEL)
2542 );
2543 StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
2544 StartLabel->Number = LabelNumber;
2545
2546 EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
2547 EndOpCodeHandle,
2548 &gEfiIfrTianoGuid,
2549 NULL,
2550 sizeof (EFI_IFR_GUID_LABEL)
2551 );
2552 EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
2553 EndLabel->Number = LABEL_END;
2554
2555 //
2556 // Read Variable.
2557 //
2558 DataSize = 0;
2559 Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);
2560 if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
2561 goto ON_EXIT;
2562 }
2563
2564 Data = (UINT8 *) AllocateZeroPool (DataSize);
2565 if (Data == NULL) {
2566 Status = EFI_OUT_OF_RESOURCES;
2567 goto ON_EXIT;
2568 }
2569
2570 Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);
2571 if (EFI_ERROR (Status)) {
2572 goto ON_EXIT;
2573 }
2574
2575 GuidStr = AllocateZeroPool (100);
2576 if (GuidStr == NULL) {
2577 Status = EFI_OUT_OF_RESOURCES;
2578 goto ON_EXIT;
2579 }
2580
2581 //
2582 // Enumerate all KEK pub data.
2583 //
2584 ItemDataSize = (UINT32) DataSize;
2585 CertList = (EFI_SIGNATURE_LIST *) Data;
2586 GuidIndex = 0;
2587
2588 while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
2589
2590 if (CompareGuid (&CertList->SignatureType, &gEfiCertRsa2048Guid)) {
2591 Help = STRING_TOKEN (STR_CERT_TYPE_RSA2048_SHA256_GUID);
2592 } else if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
2593 Help = STRING_TOKEN (STR_CERT_TYPE_PCKS7_GUID);
2594 } else if (CompareGuid (&CertList->SignatureType, &gEfiCertSha1Guid)) {
2595 Help = STRING_TOKEN (STR_CERT_TYPE_SHA1_GUID);
2596 } else if (CompareGuid (&CertList->SignatureType, &gEfiCertSha256Guid)) {
2597 Help = STRING_TOKEN (STR_CERT_TYPE_SHA256_GUID);
2598 } else if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha256Guid)) {
2599 Help = STRING_TOKEN (STR_CERT_TYPE_X509_SHA256_GUID);
2600 } else if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha384Guid)) {
2601 Help = STRING_TOKEN (STR_CERT_TYPE_X509_SHA384_GUID);
2602 } else if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha512Guid)) {
2603 Help = STRING_TOKEN (STR_CERT_TYPE_X509_SHA512_GUID);
2604 } else {
2605 //
2606 // The signature type is not supported in current implementation.
2607 //
2608 ItemDataSize -= CertList->SignatureListSize;
2609 CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
2610 continue;
2611 }
2612
2613 CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
2614 for (Index = 0; Index < CertCount; Index++) {
2615 Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList
2616 + sizeof (EFI_SIGNATURE_LIST)
2617 + CertList->SignatureHeaderSize
2618 + Index * CertList->SignatureSize);
2619 //
2620 // Display GUID and help
2621 //
2622 GuidToString (&Cert->SignatureOwner, GuidStr, 100);
2623 GuidID = HiiSetString (PrivateData->HiiHandle, 0, GuidStr, NULL);
2624 HiiCreateCheckBoxOpCode (
2625 StartOpCodeHandle,
2626 (EFI_QUESTION_ID) (QuestionIdBase + GuidIndex++),
2627 0,
2628 0,
2629 GuidID,
2630 Help,
2631 EFI_IFR_FLAG_CALLBACK,
2632 0,
2633 NULL
2634 );
2635 }
2636
2637 ItemDataSize -= CertList->SignatureListSize;
2638 CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
2639 }
2640
2641 ON_EXIT:
2642 HiiUpdateForm (
2643 PrivateData->HiiHandle,
2644 &gSecureBootConfigFormSetGuid,
2645 FormId,
2646 StartOpCodeHandle,
2647 EndOpCodeHandle
2648 );
2649
2650 if (StartOpCodeHandle != NULL) {
2651 HiiFreeOpCodeHandle (StartOpCodeHandle);
2652 }
2653
2654 if (EndOpCodeHandle != NULL) {
2655 HiiFreeOpCodeHandle (EndOpCodeHandle);
2656 }
2657
2658 if (Data != NULL) {
2659 FreePool (Data);
2660 }
2661
2662 if (GuidStr != NULL) {
2663 FreePool (GuidStr);
2664 }
2665
2666 return EFI_SUCCESS;
2667 }
2668
2669 /**
2670 Delete a KEK entry from KEK database.
2671
2672 @param[in] PrivateData Module's private data.
2673 @param[in] QuestionId Question id of the KEK item to delete.
2674
2675 @retval EFI_SUCCESS Delete kek item successfully.
2676 @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
2677
2678 **/
2679 EFI_STATUS
2680 DeleteKeyExchangeKey (
2681 IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
2682 IN EFI_QUESTION_ID QuestionId
2683 )
2684 {
2685 EFI_STATUS Status;
2686 UINTN DataSize;
2687 UINT8 *Data;
2688 UINT8 *OldData;
2689 UINT32 Attr;
2690 UINT32 Index;
2691 EFI_SIGNATURE_LIST *CertList;
2692 EFI_SIGNATURE_LIST *NewCertList;
2693 EFI_SIGNATURE_DATA *Cert;
2694 UINTN CertCount;
2695 UINT32 Offset;
2696 BOOLEAN IsKEKItemFound;
2697 UINT32 KekDataSize;
2698 UINTN DeleteKekIndex;
2699 UINTN GuidIndex;
2700
2701 Data = NULL;
2702 OldData = NULL;
2703 CertList = NULL;
2704 Cert = NULL;
2705 Attr = 0;
2706 DeleteKekIndex = QuestionId - OPTION_DEL_KEK_QUESTION_ID;
2707
2708 Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
2709 if (EFI_ERROR (Status)) {
2710 return Status;
2711 }
2712
2713 //
2714 // Get original KEK variable.
2715 //
2716 DataSize = 0;
2717 Status = gRT->GetVariable (EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid, NULL, &DataSize, NULL);
2718 if (EFI_ERROR(Status) && Status != EFI_BUFFER_TOO_SMALL) {
2719 goto ON_EXIT;
2720 }
2721
2722 OldData = (UINT8*)AllocateZeroPool(DataSize);
2723 if (OldData == NULL) {
2724 Status = EFI_OUT_OF_RESOURCES;
2725 goto ON_EXIT;
2726 }
2727
2728 Status = gRT->GetVariable (EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid, &Attr, &DataSize, OldData);
2729 if (EFI_ERROR(Status)) {
2730 goto ON_EXIT;
2731 }
2732
2733 //
2734 // Allocate space for new variable.
2735 //
2736 Data = (UINT8*) AllocateZeroPool (DataSize);
2737 if (Data == NULL) {
2738 Status = EFI_OUT_OF_RESOURCES;
2739 goto ON_EXIT;
2740 }
2741
2742 //
2743 // Enumerate all KEK pub data and erasing the target item.
2744 //
2745 IsKEKItemFound = FALSE;
2746 KekDataSize = (UINT32) DataSize;
2747 CertList = (EFI_SIGNATURE_LIST *) OldData;
2748 Offset = 0;
2749 GuidIndex = 0;
2750 while ((KekDataSize > 0) && (KekDataSize >= CertList->SignatureListSize)) {
2751 if (CompareGuid (&CertList->SignatureType, &gEfiCertRsa2048Guid) ||
2752 CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
2753 CopyMem (Data + Offset, CertList, (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize));
2754 NewCertList = (EFI_SIGNATURE_LIST *)(Data + Offset);
2755 Offset += (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
2756 Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
2757 CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
2758 for (Index = 0; Index < CertCount; Index++) {
2759 if (GuidIndex == DeleteKekIndex ) {
2760 //
2761 // Find it! Skip it!
2762 //
2763 NewCertList->SignatureListSize -= CertList->SignatureSize;
2764 IsKEKItemFound = TRUE;
2765 } else {
2766 //
2767 // This item doesn't match. Copy it to the Data buffer.
2768 //
2769 CopyMem (Data + Offset, Cert, CertList->SignatureSize);
2770 Offset += CertList->SignatureSize;
2771 }
2772 GuidIndex++;
2773 Cert = (EFI_SIGNATURE_DATA *) ((UINT8*) Cert + CertList->SignatureSize);
2774 }
2775 } else {
2776 //
2777 // This List doesn't match. Copy it to the Data buffer.
2778 //
2779 CopyMem (Data + Offset, CertList, CertList->SignatureListSize);
2780 Offset += CertList->SignatureListSize;
2781 }
2782
2783 KekDataSize -= CertList->SignatureListSize;
2784 CertList = (EFI_SIGNATURE_LIST*) ((UINT8*) CertList + CertList->SignatureListSize);
2785 }
2786
2787 if (!IsKEKItemFound) {
2788 //
2789 // Doesn't find the Kek Item!
2790 //
2791 Status = EFI_NOT_FOUND;
2792 goto ON_EXIT;
2793 }
2794
2795 //
2796 // Delete the Signature header if there is no signature in the list.
2797 //
2798 KekDataSize = Offset;
2799 CertList = (EFI_SIGNATURE_LIST*) Data;
2800 Offset = 0;
2801 ZeroMem (OldData, KekDataSize);
2802 while ((KekDataSize > 0) && (KekDataSize >= CertList->SignatureListSize)) {
2803 CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
2804 DEBUG ((DEBUG_INFO, " CertCount = %x\n", CertCount));
2805 if (CertCount != 0) {
2806 CopyMem (OldData + Offset, CertList, CertList->SignatureListSize);
2807 Offset += CertList->SignatureListSize;
2808 }
2809 KekDataSize -= CertList->SignatureListSize;
2810 CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
2811 }
2812
2813 DataSize = Offset;
2814 if ((Attr & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
2815 Status = CreateTimeBasedPayload (&DataSize, &OldData);
2816 if (EFI_ERROR (Status)) {
2817 DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
2818 goto ON_EXIT;
2819 }
2820 }
2821
2822 Status = gRT->SetVariable(
2823 EFI_KEY_EXCHANGE_KEY_NAME,
2824 &gEfiGlobalVariableGuid,
2825 Attr,
2826 DataSize,
2827 OldData
2828 );
2829 if (EFI_ERROR (Status)) {
2830 DEBUG ((DEBUG_ERROR, "Failed to set variable, Status = %r\n", Status));
2831 goto ON_EXIT;
2832 }
2833
2834 ON_EXIT:
2835 if (Data != NULL) {
2836 FreePool(Data);
2837 }
2838
2839 if (OldData != NULL) {
2840 FreePool(OldData);
2841 }
2842
2843 return UpdateDeletePage (
2844 PrivateData,
2845 EFI_KEY_EXCHANGE_KEY_NAME,
2846 &gEfiGlobalVariableGuid,
2847 LABEL_KEK_DELETE,
2848 FORMID_DELETE_KEK_FORM,
2849 OPTION_DEL_KEK_QUESTION_ID
2850 );
2851 }
2852
2853 /**
2854 Delete a signature entry from signature database.
2855
2856 @param[in] PrivateData Module's private data.
2857 @param[in] VariableName The variable name of the vendor's signature database.
2858 @param[in] VendorGuid A unique identifier for the vendor.
2859 @param[in] LabelNumber Label number to insert opcodes.
2860 @param[in] FormId Form ID of current page.
2861 @param[in] QuestionIdBase Base question id of the signature list.
2862 @param[in] DeleteIndex Signature index to delete.
2863
2864 @retval EFI_SUCCESS Delete signature successfully.
2865 @retval EFI_NOT_FOUND Can't find the signature item,
2866 @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
2867 **/
2868 EFI_STATUS
2869 DeleteSignature (
2870 IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
2871 IN CHAR16 *VariableName,
2872 IN EFI_GUID *VendorGuid,
2873 IN UINT16 LabelNumber,
2874 IN EFI_FORM_ID FormId,
2875 IN EFI_QUESTION_ID QuestionIdBase,
2876 IN UINTN DeleteIndex
2877 )
2878 {
2879 EFI_STATUS Status;
2880 UINTN DataSize;
2881 UINT8 *Data;
2882 UINT8 *OldData;
2883 UINT32 Attr;
2884 UINT32 Index;
2885 EFI_SIGNATURE_LIST *CertList;
2886 EFI_SIGNATURE_LIST *NewCertList;
2887 EFI_SIGNATURE_DATA *Cert;
2888 UINTN CertCount;
2889 UINT32 Offset;
2890 BOOLEAN IsItemFound;
2891 UINT32 ItemDataSize;
2892 UINTN GuidIndex;
2893
2894 Data = NULL;
2895 OldData = NULL;
2896 CertList = NULL;
2897 Cert = NULL;
2898 Attr = 0;
2899
2900 Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
2901 if (EFI_ERROR (Status)) {
2902 return Status;
2903 }
2904
2905 //
2906 // Get original signature list data.
2907 //
2908 DataSize = 0;
2909 Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, NULL);
2910 if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
2911 goto ON_EXIT;
2912 }
2913
2914 OldData = (UINT8 *) AllocateZeroPool (DataSize);
2915 if (OldData == NULL) {
2916 Status = EFI_OUT_OF_RESOURCES;
2917 goto ON_EXIT;
2918 }
2919
2920 Status = gRT->GetVariable (VariableName, VendorGuid, &Attr, &DataSize, OldData);
2921 if (EFI_ERROR(Status)) {
2922 goto ON_EXIT;
2923 }
2924
2925 //
2926 // Allocate space for new variable.
2927 //
2928 Data = (UINT8*) AllocateZeroPool (DataSize);
2929 if (Data == NULL) {
2930 Status = EFI_OUT_OF_RESOURCES;
2931 goto ON_EXIT;
2932 }
2933
2934 //
2935 // Enumerate all signature data and erasing the target item.
2936 //
2937 IsItemFound = FALSE;
2938 ItemDataSize = (UINT32) DataSize;
2939 CertList = (EFI_SIGNATURE_LIST *) OldData;
2940 Offset = 0;
2941 GuidIndex = 0;
2942 while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
2943 if (CompareGuid (&CertList->SignatureType, &gEfiCertRsa2048Guid) ||
2944 CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid) ||
2945 CompareGuid (&CertList->SignatureType, &gEfiCertSha1Guid) ||
2946 CompareGuid (&CertList->SignatureType, &gEfiCertSha256Guid) ||
2947 CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha256Guid) ||
2948 CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha384Guid) ||
2949 CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha512Guid)
2950 ) {
2951 //
2952 // Copy EFI_SIGNATURE_LIST header then calculate the signature count in this list.
2953 //
2954 CopyMem (Data + Offset, CertList, (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize));
2955 NewCertList = (EFI_SIGNATURE_LIST*) (Data + Offset);
2956 Offset += (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
2957 Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
2958 CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
2959 for (Index = 0; Index < CertCount; Index++) {
2960 if (GuidIndex == DeleteIndex) {
2961 //
2962 // Find it! Skip it!
2963 //
2964 NewCertList->SignatureListSize -= CertList->SignatureSize;
2965 IsItemFound = TRUE;
2966 } else {
2967 //
2968 // This item doesn't match. Copy it to the Data buffer.
2969 //
2970 CopyMem (Data + Offset, (UINT8*)(Cert), CertList->SignatureSize);
2971 Offset += CertList->SignatureSize;
2972 }
2973 GuidIndex++;
2974 Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);
2975 }
2976 } else {
2977 //
2978 // This List doesn't match. Just copy it to the Data buffer.
2979 //
2980 CopyMem (Data + Offset, (UINT8*)(CertList), CertList->SignatureListSize);
2981 Offset += CertList->SignatureListSize;
2982 }
2983
2984 ItemDataSize -= CertList->SignatureListSize;
2985 CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
2986 }
2987
2988 if (!IsItemFound) {
2989 //
2990 // Doesn't find the signature Item!
2991 //
2992 Status = EFI_NOT_FOUND;
2993 goto ON_EXIT;
2994 }
2995
2996 //
2997 // Delete the EFI_SIGNATURE_LIST header if there is no signature in the list.
2998 //
2999 ItemDataSize = Offset;
3000 CertList = (EFI_SIGNATURE_LIST *) Data;
3001 Offset = 0;
3002 ZeroMem (OldData, ItemDataSize);
3003 while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
3004 CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
3005 DEBUG ((DEBUG_INFO, " CertCount = %x\n", CertCount));
3006 if (CertCount != 0) {
3007 CopyMem (OldData + Offset, (UINT8*)(CertList), CertList->SignatureListSize);
3008 Offset += CertList->SignatureListSize;
3009 }
3010 ItemDataSize -= CertList->SignatureListSize;
3011 CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
3012 }
3013
3014 DataSize = Offset;
3015 if ((Attr & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
3016 Status = CreateTimeBasedPayload (&DataSize, &OldData);
3017 if (EFI_ERROR (Status)) {
3018 DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
3019 goto ON_EXIT;
3020 }
3021 }
3022
3023 Status = gRT->SetVariable(
3024 VariableName,
3025 VendorGuid,
3026 Attr,
3027 DataSize,
3028 OldData
3029 );
3030 if (EFI_ERROR (Status)) {
3031 DEBUG ((DEBUG_ERROR, "Failed to set variable, Status = %r\n", Status));
3032 goto ON_EXIT;
3033 }
3034
3035 ON_EXIT:
3036 if (Data != NULL) {
3037 FreePool(Data);
3038 }
3039
3040 if (OldData != NULL) {
3041 FreePool(OldData);
3042 }
3043
3044 return UpdateDeletePage (
3045 PrivateData,
3046 VariableName,
3047 VendorGuid,
3048 LabelNumber,
3049 FormId,
3050 QuestionIdBase
3051 );
3052 }
3053
3054 /**
3055 This function to delete signature list or data, according by DelType.
3056
3057 @param[in] PrivateData Module's private data.
3058 @param[in] DelType Indicate delete signature list or data.
3059 @param[in] CheckedCount Indicate how many signature data have
3060 been checked in current signature list.
3061
3062 @retval EFI_SUCCESS Success to update the signature list page
3063 @retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.
3064 **/
3065 EFI_STATUS
3066 DeleteSignatureEx (
3067 IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
3068 IN SIGNATURE_DELETE_TYPE DelType,
3069 IN UINT32 CheckedCount
3070 )
3071 {
3072 EFI_STATUS Status;
3073 EFI_SIGNATURE_LIST *ListWalker;
3074 EFI_SIGNATURE_LIST *NewCertList;
3075 EFI_SIGNATURE_DATA *DataWalker;
3076 CHAR16 VariableName[BUFFER_MAX_SIZE];
3077 UINT32 VariableAttr;
3078 UINTN VariableDataSize;
3079 UINTN RemainingSize;
3080 UINTN ListIndex;
3081 UINTN Index;
3082 UINTN Offset;
3083 UINT8 *VariableData;
3084 UINT8 *NewVariableData;
3085
3086 Status = EFI_SUCCESS;
3087 VariableAttr = 0;
3088 VariableDataSize = 0;
3089 ListIndex = 0;
3090 Offset = 0;
3091 VariableData = NULL;
3092 NewVariableData = NULL;
3093
3094 if (PrivateData->VariableName == Variable_DB) {
3095 UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE);
3096 } else if (PrivateData->VariableName == Variable_DBX) {
3097 UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE1);
3098 } else if (PrivateData->VariableName == Variable_DBT) {
3099 UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE2);
3100 } else {
3101 goto ON_EXIT;
3102 }
3103
3104 Status = gRT->GetVariable (
3105 VariableName,
3106 &gEfiImageSecurityDatabaseGuid,
3107 &VariableAttr,
3108 &VariableDataSize,
3109 VariableData
3110 );
3111 if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
3112 goto ON_EXIT;
3113 }
3114
3115 VariableData = AllocateZeroPool (VariableDataSize);
3116 if (VariableData == NULL) {
3117 Status = EFI_OUT_OF_RESOURCES;
3118 goto ON_EXIT;
3119 }
3120
3121 Status = gRT->GetVariable (
3122 VariableName,
3123 &gEfiImageSecurityDatabaseGuid,
3124 &VariableAttr,
3125 &VariableDataSize,
3126 VariableData
3127 );
3128 if (EFI_ERROR (Status)) {
3129 goto ON_EXIT;
3130 }
3131
3132 Status = SetSecureBootMode (CUSTOM_SECURE_BOOT_MODE);
3133 if (EFI_ERROR (Status)) {
3134 goto ON_EXIT;
3135 }
3136
3137 NewVariableData = AllocateZeroPool (VariableDataSize);
3138 if (NewVariableData == NULL) {
3139 Status = EFI_OUT_OF_RESOURCES;
3140 goto ON_EXIT;
3141 }
3142
3143 RemainingSize = VariableDataSize;
3144 ListWalker = (EFI_SIGNATURE_LIST *)(VariableData);
3145 if (DelType == Delete_Signature_List_All) {
3146 VariableDataSize = 0;
3147 } else {
3148 while ((RemainingSize > 0) && (RemainingSize >= ListWalker->SignatureListSize) && ListIndex < PrivateData->ListIndex) {
3149 CopyMem ((UINT8 *)NewVariableData + Offset, ListWalker, ListWalker->SignatureListSize);
3150 Offset += ListWalker->SignatureListSize;
3151
3152 RemainingSize -= ListWalker->SignatureListSize;
3153 ListWalker = (EFI_SIGNATURE_LIST *)((UINT8 *)ListWalker + ListWalker->SignatureListSize);
3154 ListIndex++;
3155 }
3156
3157 if (CheckedCount == SIGNATURE_DATA_COUNTS (ListWalker) || DelType == Delete_Signature_List_One) {
3158 RemainingSize -= ListWalker->SignatureListSize;
3159 ListWalker = (EFI_SIGNATURE_LIST *)((UINT8 *)ListWalker + ListWalker->SignatureListSize);
3160 } else {
3161 NewCertList = (EFI_SIGNATURE_LIST *)(NewVariableData + Offset);
3162 //
3163 // Copy header.
3164 //
3165 CopyMem ((UINT8 *)NewVariableData, ListWalker, sizeof (EFI_SIGNATURE_LIST) + ListWalker->SignatureHeaderSize);
3166 Offset += sizeof (EFI_SIGNATURE_LIST) + ListWalker->SignatureHeaderSize;
3167
3168 DataWalker = (EFI_SIGNATURE_DATA *)((UINT8 *)ListWalker + sizeof(EFI_SIGNATURE_LIST) + ListWalker->SignatureHeaderSize);
3169 for (Index = 0; Index < SIGNATURE_DATA_COUNTS(ListWalker); Index = Index + 1) {
3170 if (PrivateData->CheckArray[Index]) {
3171 //
3172 // Delete checked signature data, and update the size of whole signature list.
3173 //
3174 NewCertList->SignatureListSize -= NewCertList->SignatureSize;
3175 } else {
3176 //
3177 // Remain the unchecked signature data.
3178 //
3179 CopyMem ((UINT8 *)NewVariableData + Offset, DataWalker, ListWalker->SignatureSize);
3180 Offset += ListWalker->SignatureSize;
3181 }
3182 DataWalker = (EFI_SIGNATURE_DATA *)((UINT8 *)DataWalker + ListWalker->SignatureSize);
3183 }
3184
3185 RemainingSize -= ListWalker->SignatureListSize;
3186 }
3187
3188 //
3189 // Copy remaining data, maybe 0.
3190 //
3191 CopyMem((UINT8 *)NewVariableData + Offset, ListWalker, RemainingSize);
3192 Offset += RemainingSize;
3193
3194 VariableDataSize = Offset;
3195 }
3196
3197 if ((VariableAttr & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
3198 Status = CreateTimeBasedPayload (&VariableDataSize, &NewVariableData);
3199 if (EFI_ERROR (Status)) {
3200 DEBUG ((DEBUG_ERROR, "Fail to create time-based data payload: %r", Status));
3201 goto ON_EXIT;
3202 }
3203 }
3204
3205 Status = gRT->SetVariable (
3206 VariableName,
3207 &gEfiImageSecurityDatabaseGuid,
3208 VariableAttr,
3209 VariableDataSize,
3210 NewVariableData
3211 );
3212 if (EFI_ERROR (Status)) {
3213 DEBUG ((DEBUG_ERROR, "Failed to set variable, Status = %r", Status));
3214 goto ON_EXIT;
3215 }
3216
3217 ON_EXIT:
3218 SECUREBOOT_FREE_NON_NULL (VariableData);
3219 SECUREBOOT_FREE_NON_NULL (NewVariableData);
3220
3221 return Status;
3222 }
3223
3224 /**
3225
3226 Update SecureBoot strings based on new Secure Boot Mode State. String includes STR_SECURE_BOOT_STATE_CONTENT
3227 and STR_CUR_SECURE_BOOT_MODE_CONTENT.
3228
3229 @param[in] PrivateData Module's private data.
3230
3231 @return EFI_SUCCESS Update secure boot strings successfully.
3232 @return other Fail to update secure boot strings.
3233
3234 **/
3235 EFI_STATUS
3236 UpdateSecureBootString(
3237 IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private
3238 )
3239 {
3240 UINT8 *SecureBoot;
3241
3242 SecureBoot = NULL;
3243
3244 //
3245 // Get current secure boot state.
3246 //
3247 GetVariable2 (EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SecureBoot, NULL);
3248 if (SecureBoot == NULL) {
3249 return EFI_NOT_FOUND;
3250 }
3251
3252 if (*SecureBoot == SECURE_BOOT_MODE_ENABLE) {
3253 HiiSetString (Private->HiiHandle, STRING_TOKEN (STR_SECURE_BOOT_STATE_CONTENT), L"Enabled", NULL);
3254 } else {
3255 HiiSetString (Private->HiiHandle, STRING_TOKEN (STR_SECURE_BOOT_STATE_CONTENT), L"Disabled", NULL);
3256 }
3257
3258 FreePool(SecureBoot);
3259
3260 return EFI_SUCCESS;
3261 }
3262
3263 /**
3264 This function extracts configuration from variable.
3265
3266 @param[in] Private Point to SecureBoot configuration driver private data.
3267 @param[in, out] ConfigData Point to SecureBoot configuration private data.
3268
3269 **/
3270 VOID
3271 SecureBootExtractConfigFromVariable (
3272 IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
3273 IN OUT SECUREBOOT_CONFIGURATION *ConfigData
3274 )
3275 {
3276 UINT8 *SecureBootEnable;
3277 UINT8 *SetupMode;
3278 UINT8 *SecureBootMode;
3279 EFI_TIME CurrTime;
3280
3281 SecureBootEnable = NULL;
3282 SetupMode = NULL;
3283 SecureBootMode = NULL;
3284
3285 //
3286 // Initilize the Date and Time using system time.
3287 //
3288 ConfigData->CertificateFormat = HASHALG_RAW;
3289 ConfigData->AlwaysRevocation = TRUE;
3290 gRT->GetTime (&CurrTime, NULL);
3291 ConfigData->RevocationDate.Year = CurrTime.Year;
3292 ConfigData->RevocationDate.Month = CurrTime.Month;
3293 ConfigData->RevocationDate.Day = CurrTime.Day;
3294 ConfigData->RevocationTime.Hour = CurrTime.Hour;
3295 ConfigData->RevocationTime.Minute = CurrTime.Minute;
3296 ConfigData->RevocationTime.Second = 0;
3297 if (Private->FileContext->FHandle != NULL) {
3298 ConfigData->FileEnrollType = Private->FileContext->FileType;
3299 } else {
3300 ConfigData->FileEnrollType = UNKNOWN_FILE_TYPE;
3301 }
3302
3303 //
3304 // If it is Physical Presence User, set the PhysicalPresent to true.
3305 //
3306 if (UserPhysicalPresent()) {
3307 ConfigData->PhysicalPresent = TRUE;
3308 } else {
3309 ConfigData->PhysicalPresent = FALSE;
3310 }
3311
3312 //
3313 // If there is no PK then the Delete Pk button will be gray.
3314 //
3315 GetVariable2 (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SetupMode, NULL);
3316 if (SetupMode == NULL || (*SetupMode) == SETUP_MODE) {
3317 ConfigData->HasPk = FALSE;
3318 } else {
3319 ConfigData->HasPk = TRUE;
3320 }
3321
3322 //
3323 // Check SecureBootEnable & Pk status, fix the inconsistence.
3324 // If the SecureBootEnable Variable doesn't exist, hide the SecureBoot Enable/Disable
3325 // Checkbox.
3326 //
3327 ConfigData->AttemptSecureBoot = FALSE;
3328 GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL);
3329
3330 //
3331 // Fix Pk, SecureBootEnable inconsistence
3332 //
3333 if ((SetupMode != NULL) && (*SetupMode) == USER_MODE) {
3334 ConfigData->HideSecureBoot = FALSE;
3335 if ((SecureBootEnable != NULL) && (*SecureBootEnable == SECURE_BOOT_ENABLE)) {
3336 ConfigData->AttemptSecureBoot = TRUE;
3337 }
3338 } else {
3339 ConfigData->HideSecureBoot = TRUE;
3340 }
3341
3342 //
3343 // Get the SecureBootMode from CustomMode variable.
3344 //
3345 GetVariable2 (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, (VOID**)&SecureBootMode, NULL);
3346 if (SecureBootMode == NULL) {
3347 ConfigData->SecureBootMode = STANDARD_SECURE_BOOT_MODE;
3348 } else {
3349 ConfigData->SecureBootMode = *(SecureBootMode);
3350 }
3351
3352 if (SecureBootEnable != NULL) {
3353 FreePool (SecureBootEnable);
3354 }
3355 if (SetupMode != NULL) {
3356 FreePool (SetupMode);
3357 }
3358 if (SecureBootMode != NULL) {
3359 FreePool (SecureBootMode);
3360 }
3361 }
3362
3363 /**
3364 This function allows a caller to extract the current configuration for one
3365 or more named elements from the target driver.
3366
3367 @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
3368 @param[in] Request A null-terminated Unicode string in
3369 <ConfigRequest> format.
3370 @param[out] Progress On return, points to a character in the Request
3371 string. Points to the string's null terminator if
3372 request was successful. Points to the most recent
3373 '&' before the first failing name/value pair (or
3374 the beginning of the string if the failure is in
3375 the first name/value pair) if the request was not
3376 successful.
3377 @param[out] Results A null-terminated Unicode string in
3378 <ConfigAltResp> format which has all values filled
3379 in for the names in the Request string. String to
3380 be allocated by the called function.
3381
3382 @retval EFI_SUCCESS The Results is filled with the requested values.
3383 @retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
3384 @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
3385 @retval EFI_NOT_FOUND Routing data doesn't match any storage in this
3386 driver.
3387
3388 **/
3389 EFI_STATUS
3390 EFIAPI
3391 SecureBootExtractConfig (
3392 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
3393 IN CONST EFI_STRING Request,
3394 OUT EFI_STRING *Progress,
3395 OUT EFI_STRING *Results
3396 )
3397 {
3398 EFI_STATUS Status;
3399 UINTN BufferSize;
3400 UINTN Size;
3401 SECUREBOOT_CONFIGURATION Configuration;
3402 EFI_STRING ConfigRequest;
3403 EFI_STRING ConfigRequestHdr;
3404 SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData;
3405 BOOLEAN AllocatedRequest;
3406
3407 if (Progress == NULL || Results == NULL) {
3408 return EFI_INVALID_PARAMETER;
3409 }
3410
3411 AllocatedRequest = FALSE;
3412 ConfigRequestHdr = NULL;
3413 ConfigRequest = NULL;
3414 Size = 0;
3415
3416 ZeroMem (&Configuration, sizeof (Configuration));
3417 PrivateData = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This);
3418 *Progress = Request;
3419
3420 if ((Request != NULL) && !HiiIsConfigHdrMatch (Request, &gSecureBootConfigFormSetGuid, mSecureBootStorageName)) {
3421 return EFI_NOT_FOUND;
3422 }
3423
3424 ZeroMem(&Configuration, sizeof(SECUREBOOT_CONFIGURATION));
3425
3426 //
3427 // Get Configuration from Variable.
3428 //
3429 SecureBootExtractConfigFromVariable (PrivateData, &Configuration);
3430
3431 BufferSize = sizeof (SECUREBOOT_CONFIGURATION);
3432 ConfigRequest = Request;
3433 if ((Request == NULL) || (StrStr (Request, L"OFFSET") == NULL)) {
3434 //
3435 // Request is set to NULL or OFFSET is NULL, construct full request string.
3436 //
3437 // Allocate and fill a buffer large enough to hold the <ConfigHdr> template
3438 // followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a Null-terminator
3439 //
3440 ConfigRequestHdr = HiiConstructConfigHdr (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, PrivateData->DriverHandle);
3441 Size = (StrLen (ConfigRequestHdr) + 32 + 1) * sizeof (CHAR16);
3442 ConfigRequest = AllocateZeroPool (Size);
3443 ASSERT (ConfigRequest != NULL);
3444 AllocatedRequest = TRUE;
3445 UnicodeSPrint (ConfigRequest, Size, L"%s&OFFSET=0&WIDTH=%016LX", ConfigRequestHdr, (UINT64)BufferSize);
3446 FreePool (ConfigRequestHdr);
3447 ConfigRequestHdr = NULL;
3448 }
3449
3450 Status = gHiiConfigRouting->BlockToConfig (
3451 gHiiConfigRouting,
3452 ConfigRequest,
3453 (UINT8 *) &Configuration,
3454 BufferSize,
3455 Results,
3456 Progress
3457 );
3458
3459 //
3460 // Free the allocated config request string.
3461 //
3462 if (AllocatedRequest) {
3463 FreePool (ConfigRequest);
3464 }
3465
3466 //
3467 // Set Progress string to the original request string.
3468 //
3469 if (Request == NULL) {
3470 *Progress = NULL;
3471 } else if (StrStr (Request, L"OFFSET") == NULL) {
3472 *Progress = Request + StrLen (Request);
3473 }
3474
3475 return Status;
3476 }
3477
3478 /**
3479 This function processes the results of changes in configuration.
3480
3481 @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
3482 @param[in] Configuration A null-terminated Unicode string in <ConfigResp>
3483 format.
3484 @param[out] Progress A pointer to a string filled in with the offset of
3485 the most recent '&' before the first failing
3486 name/value pair (or the beginning of the string if
3487 the failure is in the first name/value pair) or
3488 the terminating NULL if all was successful.
3489
3490 @retval EFI_SUCCESS The Results is processed successfully.
3491 @retval EFI_INVALID_PARAMETER Configuration is NULL.
3492 @retval EFI_NOT_FOUND Routing data doesn't match any storage in this
3493 driver.
3494
3495 **/
3496 EFI_STATUS
3497 EFIAPI
3498 SecureBootRouteConfig (
3499 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
3500 IN CONST EFI_STRING Configuration,
3501 OUT EFI_STRING *Progress
3502 )
3503 {
3504 SECUREBOOT_CONFIGURATION IfrNvData;
3505 UINTN BufferSize;
3506 SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData;
3507 EFI_STATUS Status;
3508
3509 if (Configuration == NULL || Progress == NULL) {
3510 return EFI_INVALID_PARAMETER;
3511 }
3512
3513 *Progress = Configuration;
3514 if (!HiiIsConfigHdrMatch (Configuration, &gSecureBootConfigFormSetGuid, mSecureBootStorageName)) {
3515 return EFI_NOT_FOUND;
3516 }
3517
3518 PrivateData = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This);
3519
3520 //
3521 // Get Configuration from Variable.
3522 //
3523 SecureBootExtractConfigFromVariable (PrivateData, &IfrNvData);
3524
3525 //
3526 // Map the Configuration to the configuration block.
3527 //
3528 BufferSize = sizeof (SECUREBOOT_CONFIGURATION);
3529 Status = gHiiConfigRouting->ConfigToBlock (
3530 gHiiConfigRouting,
3531 Configuration,
3532 (UINT8 *)&IfrNvData,
3533 &BufferSize,
3534 Progress
3535 );
3536 if (EFI_ERROR (Status)) {
3537 return Status;
3538 }
3539
3540 //
3541 // Store Buffer Storage back to EFI variable if needed
3542 //
3543 if (!IfrNvData.HideSecureBoot) {
3544 Status = SaveSecureBootVariable (IfrNvData.AttemptSecureBoot);
3545 if (EFI_ERROR (Status)) {
3546 return Status;
3547 }
3548 }
3549
3550 *Progress = Configuration + StrLen (Configuration);
3551 return EFI_SUCCESS;
3552 }
3553
3554 /**
3555 This function to load signature list, the update the menu page.
3556
3557 @param[in] PrivateData Module's private data.
3558 @param[in] LabelId Label number to insert opcodes.
3559 @param[in] FormId Form ID of current page.
3560 @param[in] QuestionIdBase Base question id of the signature list.
3561
3562 @retval EFI_SUCCESS Success to update the signature list page
3563 @retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.
3564 **/
3565 EFI_STATUS
3566 LoadSignatureList (
3567 IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
3568 IN UINT16 LabelId,
3569 IN EFI_FORM_ID FormId,
3570 IN EFI_QUESTION_ID QuestionIdBase
3571 )
3572 {
3573 EFI_STATUS Status;
3574 EFI_STRING_ID ListType;
3575 EFI_SIGNATURE_LIST *ListWalker;
3576 EFI_IFR_GUID_LABEL *StartLabel;
3577 EFI_IFR_GUID_LABEL *EndLabel;
3578 EFI_IFR_GUID_LABEL *StartGoto;
3579 EFI_IFR_GUID_LABEL *EndGoto;
3580 EFI_FORM_ID DstFormId;
3581 VOID *StartOpCodeHandle;
3582 VOID *EndOpCodeHandle;
3583 VOID *StartGotoHandle;
3584 VOID *EndGotoHandle;
3585 UINTN DataSize;
3586 UINTN RemainingSize;
3587 UINT16 Index;
3588 UINT8 *VariableData;
3589 CHAR16 VariableName[BUFFER_MAX_SIZE];
3590 CHAR16 NameBuffer[BUFFER_MAX_SIZE];
3591 CHAR16 HelpBuffer[BUFFER_MAX_SIZE];
3592
3593 Status = EFI_SUCCESS;
3594 StartOpCodeHandle = NULL;
3595 EndOpCodeHandle = NULL;
3596 StartGotoHandle = NULL;
3597 EndGotoHandle = NULL;
3598 Index = 0;
3599 VariableData = NULL;
3600
3601 //
3602 // Initialize the container for dynamic opcodes.
3603 //
3604 StartOpCodeHandle = HiiAllocateOpCodeHandle ();
3605 if (StartOpCodeHandle == NULL) {
3606 Status = EFI_OUT_OF_RESOURCES;
3607 goto ON_EXIT;
3608 }
3609
3610 EndOpCodeHandle = HiiAllocateOpCodeHandle ();
3611 if (EndOpCodeHandle == NULL) {
3612 Status = EFI_OUT_OF_RESOURCES;
3613 goto ON_EXIT;
3614 }
3615
3616 StartGotoHandle = HiiAllocateOpCodeHandle ();
3617 if (StartGotoHandle == NULL) {
3618 Status = EFI_OUT_OF_RESOURCES;
3619 goto ON_EXIT;
3620 }
3621
3622 EndGotoHandle = HiiAllocateOpCodeHandle ();
3623 if (EndGotoHandle == NULL) {
3624 Status = EFI_OUT_OF_RESOURCES;
3625 goto ON_EXIT;
3626 }
3627
3628 //
3629 // Create Hii Extend Label OpCode.
3630 //
3631 StartLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (
3632 StartOpCodeHandle,
3633 &gEfiIfrTianoGuid,
3634 NULL,
3635 sizeof (EFI_IFR_GUID_LABEL)
3636 );
3637 StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
3638 StartLabel->Number = LabelId;
3639
3640 EndLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (
3641 EndOpCodeHandle,
3642 &gEfiIfrTianoGuid,
3643 NULL,
3644 sizeof (EFI_IFR_GUID_LABEL)
3645 );
3646 EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
3647 EndLabel->Number = LABEL_END;
3648
3649 StartGoto = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode(
3650 StartGotoHandle,
3651 &gEfiIfrTianoGuid,
3652 NULL,
3653 sizeof(EFI_IFR_GUID_LABEL)
3654 );
3655 StartGoto->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
3656 StartGoto->Number = LABEL_DELETE_ALL_LIST_BUTTON;
3657
3658 EndGoto = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode(
3659 EndGotoHandle,
3660 &gEfiIfrTianoGuid,
3661 NULL,
3662 sizeof(EFI_IFR_GUID_LABEL)
3663 );
3664 EndGoto->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
3665 EndGoto->Number = LABEL_END;
3666
3667 if (PrivateData->VariableName == Variable_DB) {
3668 UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE);
3669 DstFormId = FORMID_SECURE_BOOT_DB_OPTION_FORM;
3670 } else if (PrivateData->VariableName == Variable_DBX) {
3671 UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE1);
3672 DstFormId = FORMID_SECURE_BOOT_DBX_OPTION_FORM;
3673 } else if (PrivateData->VariableName == Variable_DBT) {
3674 UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE2);
3675 DstFormId = FORMID_SECURE_BOOT_DBT_OPTION_FORM;
3676 } else {
3677 goto ON_EXIT;
3678 }
3679
3680 HiiCreateGotoOpCode (
3681 StartGotoHandle,
3682 DstFormId,
3683 STRING_TOKEN (STR_SECURE_BOOT_DELETE_ALL_LIST),
3684 STRING_TOKEN (STR_SECURE_BOOT_DELETE_ALL_LIST),
3685 EFI_IFR_FLAG_CALLBACK,
3686 KEY_SECURE_BOOT_DELETE_ALL_LIST
3687 );
3688
3689 //
3690 // Read Variable, the variable name save in the PrivateData->VariableName.
3691 //
3692 DataSize = 0;
3693 Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, VariableData);
3694 if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
3695 goto ON_EXIT;
3696 }
3697
3698 VariableData = AllocateZeroPool (DataSize);
3699 if (VariableData == NULL) {
3700 Status = EFI_OUT_OF_RESOURCES;
3701 goto ON_EXIT;
3702 }
3703 Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, VariableData);
3704 if (EFI_ERROR (Status)) {
3705 goto ON_EXIT;
3706 }
3707
3708 RemainingSize = DataSize;
3709 ListWalker = (EFI_SIGNATURE_LIST *)VariableData;
3710 while ((RemainingSize > 0) && (RemainingSize >= ListWalker->SignatureListSize)) {
3711 if (CompareGuid (&ListWalker->SignatureType, &gEfiCertRsa2048Guid)) {
3712 ListType = STRING_TOKEN (STR_LIST_TYPE_RSA2048_SHA256);
3713 } else if (CompareGuid (&ListWalker->SignatureType, &gEfiCertX509Guid)) {
3714 ListType = STRING_TOKEN (STR_LIST_TYPE_X509);
3715 } else if (CompareGuid (&ListWalker->SignatureType, &gEfiCertSha1Guid)) {
3716 ListType = STRING_TOKEN (STR_LIST_TYPE_SHA1);
3717 } else if (CompareGuid (&ListWalker->SignatureType, &gEfiCertSha256Guid)) {
3718 ListType = STRING_TOKEN (STR_LIST_TYPE_SHA256);
3719 } else if (CompareGuid (&ListWalker->SignatureType, &gEfiCertX509Sha256Guid)) {
3720 ListType = STRING_TOKEN (STR_LIST_TYPE_X509_SHA256);
3721 } else if (CompareGuid (&ListWalker->SignatureType, &gEfiCertX509Sha384Guid)) {
3722 ListType = STRING_TOKEN (STR_LIST_TYPE_X509_SHA384);
3723 } else if (CompareGuid (&ListWalker->SignatureType, &gEfiCertX509Sha512Guid)) {
3724 ListType = STRING_TOKEN (STR_LIST_TYPE_X509_SHA512);
3725 } else {
3726 ListType = STRING_TOKEN (STR_LIST_TYPE_UNKNOWN);
3727 }
3728
3729 ZeroMem (NameBuffer, sizeof (NameBuffer));
3730 UnicodeSPrint (NameBuffer,
3731 sizeof (NameBuffer),
3732 HiiGetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SIGNATURE_LIST_NAME_FORMAT), NULL),
3733 Index + 1
3734 );
3735
3736 ZeroMem (HelpBuffer, sizeof (HelpBuffer));
3737 UnicodeSPrint (HelpBuffer,
3738 sizeof (HelpBuffer),
3739 HiiGetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SIGNATURE_LIST_HELP_FORMAT), NULL),
3740 HiiGetString (PrivateData->HiiHandle, ListType, NULL),
3741 SIGNATURE_DATA_COUNTS (ListWalker)
3742 );
3743
3744 HiiCreateGotoOpCode (
3745 StartOpCodeHandle,
3746 SECUREBOOT_DELETE_SIGNATURE_DATA_FORM,
3747 HiiSetString (PrivateData->HiiHandle, 0, NameBuffer, NULL),
3748 HiiSetString (PrivateData->HiiHandle, 0, HelpBuffer, NULL),
3749 EFI_IFR_FLAG_CALLBACK,
3750 QuestionIdBase + Index++
3751 );
3752
3753 RemainingSize -= ListWalker->SignatureListSize;
3754 ListWalker = (EFI_SIGNATURE_LIST *)((UINT8 *)ListWalker + ListWalker->SignatureListSize);
3755 }
3756
3757 ON_EXIT:
3758 HiiUpdateForm (
3759 PrivateData->HiiHandle,
3760 &gSecureBootConfigFormSetGuid,
3761 FormId,
3762 StartOpCodeHandle,
3763 EndOpCodeHandle
3764 );
3765
3766 HiiUpdateForm (
3767 PrivateData->HiiHandle,
3768 &gSecureBootConfigFormSetGuid,
3769 FormId,
3770 StartGotoHandle,
3771 EndGotoHandle
3772 );
3773
3774 SECUREBOOT_FREE_NON_OPCODE (StartOpCodeHandle);
3775 SECUREBOOT_FREE_NON_OPCODE (EndOpCodeHandle);
3776 SECUREBOOT_FREE_NON_OPCODE (StartGotoHandle);
3777 SECUREBOOT_FREE_NON_OPCODE (EndGotoHandle);
3778
3779 SECUREBOOT_FREE_NON_NULL (VariableData);
3780
3781 PrivateData->ListCount = Index;
3782
3783 return Status;
3784 }
3785
3786 /**
3787 Parse hash value from EFI_SIGNATURE_DATA, and save in the CHAR16 type array.
3788 The buffer is callee allocated and should be freed by the caller.
3789
3790 @param[in] ListEntry The pointer point to the signature list.
3791 @param[in] DataEntry The signature data we are processing.
3792 @param[out] BufferToReturn Buffer to save the hash value.
3793
3794 @retval EFI_INVALID_PARAMETER Invalid List or Data or Buffer.
3795 @retval EFI_OUT_OF_RESOURCES A memory allocation failed.
3796 @retval EFI_SUCCESS Operation success.
3797 **/
3798 EFI_STATUS
3799 ParseHashValue (
3800 IN EFI_SIGNATURE_LIST *ListEntry,
3801 IN EFI_SIGNATURE_DATA *DataEntry,
3802 OUT CHAR16 **BufferToReturn
3803 )
3804 {
3805 UINTN Index;
3806 UINTN BufferIndex;
3807 UINTN TotalSize;
3808 UINTN DataSize;
3809 UINTN Line;
3810 UINTN OneLineBytes;
3811
3812 //
3813 // Assume that, display 8 bytes in one line.
3814 //
3815 OneLineBytes = 8;
3816
3817 if (ListEntry == NULL || DataEntry == NULL || BufferToReturn == NULL) {
3818 return EFI_INVALID_PARAMETER;
3819 }
3820
3821 DataSize = ListEntry->SignatureSize - sizeof(EFI_GUID);
3822 Line = (DataSize + OneLineBytes - 1) / OneLineBytes;
3823
3824 //
3825 // Each byte will split two Hex-number, and each line need additional memory to save '\r\n'.
3826 //
3827 TotalSize = ((DataSize + Line) * 2 * sizeof(CHAR16));
3828
3829 *BufferToReturn = AllocateZeroPool(TotalSize);
3830 if (*BufferToReturn == NULL) {
3831 return EFI_OUT_OF_RESOURCES;
3832 }
3833
3834 for (Index = 0, BufferIndex = 0; Index < DataSize; Index = Index + 1) {
3835 if ((Index > 0) && (Index % OneLineBytes == 0)) {
3836 BufferIndex += UnicodeSPrint(&(*BufferToReturn)[BufferIndex], TotalSize - sizeof(CHAR16) * BufferIndex, L"\n");
3837 }
3838 BufferIndex += UnicodeSPrint(&(*BufferToReturn)[BufferIndex], TotalSize - sizeof(CHAR16) * BufferIndex, L"%02x", DataEntry->SignatureData[Index]);
3839 }
3840 BufferIndex += UnicodeSPrint(&(*BufferToReturn)[BufferIndex], TotalSize - sizeof(CHAR16) * BufferIndex, L"\n");
3841
3842 return EFI_SUCCESS;
3843 }
3844
3845 /**
3846 Function to get the common name from the X509 format certificate.
3847 The buffer is callee allocated and should be freed by the caller.
3848
3849 @param[in] ListEntry The pointer point to the signature list.
3850 @param[in] DataEntry The signature data we are processing.
3851 @param[out] BufferToReturn Buffer to save the CN of X509 certificate.
3852
3853 @retval EFI_INVALID_PARAMETER Invalid List or Data or Buffer.
3854 @retval EFI_OUT_OF_RESOURCES A memory allocation failed.
3855 @retval EFI_SUCCESS Operation success.
3856 @retval EFI_NOT_FOUND Not found CN field in the X509 certificate.
3857 **/
3858 EFI_STATUS
3859 GetCommonNameFromX509 (
3860 IN EFI_SIGNATURE_LIST *ListEntry,
3861 IN EFI_SIGNATURE_DATA *DataEntry,
3862 OUT CHAR16 **BufferToReturn
3863 )
3864 {
3865 EFI_STATUS Status;
3866 CHAR8 *CNBuffer;
3867 UINTN CNBufferSize;
3868
3869 Status = EFI_SUCCESS;
3870 CNBuffer = NULL;
3871
3872 CNBuffer = AllocateZeroPool(256);
3873 if (CNBuffer == NULL) {
3874 Status = EFI_OUT_OF_RESOURCES;
3875 goto ON_EXIT;
3876 }
3877
3878 CNBufferSize = 256;
3879 X509GetCommonName (
3880 (UINT8 *)DataEntry + sizeof(EFI_GUID),
3881 ListEntry->SignatureSize - sizeof(EFI_GUID),
3882 CNBuffer,
3883 &CNBufferSize
3884 );
3885
3886 *BufferToReturn = AllocateZeroPool(256 * sizeof(CHAR16));
3887 if (*BufferToReturn == NULL) {
3888 Status = EFI_OUT_OF_RESOURCES;
3889 goto ON_EXIT;
3890 }
3891
3892 AsciiStrToUnicodeStrS (CNBuffer, *BufferToReturn, 256);
3893
3894 ON_EXIT:
3895 SECUREBOOT_FREE_NON_NULL (CNBuffer);
3896
3897 return Status;
3898 }
3899
3900 /**
3901 Format the help info for the signature data, each help info contain 3 parts.
3902 1. Onwer Guid.
3903 2. Content, depends on the type of the signature list.
3904 3. Revocation time.
3905
3906 @param[in] PrivateData Module's private data.
3907 @param[in] ListEntry Point to the signature list.
3908 @param[in] DataEntry Point to the signature data we are processing.
3909 @param[out] StringId Save the string id of help info.
3910
3911 @retval EFI_SUCCESS Operation success.
3912 @retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.
3913 **/
3914 EFI_STATUS
3915 FormatHelpInfo (
3916 IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
3917 IN EFI_SIGNATURE_LIST *ListEntry,
3918 IN EFI_SIGNATURE_DATA *DataEntry,
3919 OUT EFI_STRING_ID *StringId
3920 )
3921 {
3922 EFI_STATUS Status;
3923 EFI_TIME *Time;
3924 EFI_STRING_ID ListTypeId;
3925 UINTN DataSize;
3926 UINTN HelpInfoIndex;
3927 UINTN TotalSize;
3928 CHAR16 GuidString[BUFFER_MAX_SIZE];
3929 CHAR16 TimeString[BUFFER_MAX_SIZE];
3930 CHAR16 *DataString;
3931 CHAR16 *HelpInfoString;
3932 BOOLEAN IsCert;
3933
3934 Status = EFI_SUCCESS;
3935 Time = NULL;
3936 HelpInfoIndex = 0;
3937 DataString = NULL;
3938 HelpInfoString = NULL;
3939 IsCert = FALSE;
3940
3941 if (CompareGuid(&ListEntry->SignatureType, &gEfiCertRsa2048Guid)) {
3942 ListTypeId = STRING_TOKEN(STR_LIST_TYPE_RSA2048_SHA256);
3943 DataSize = ListEntry->SignatureSize - sizeof(EFI_GUID);
3944 IsCert = TRUE;
3945 } else if (CompareGuid(&ListEntry->SignatureType, &gEfiCertX509Guid)) {
3946 ListTypeId = STRING_TOKEN(STR_LIST_TYPE_X509);
3947 DataSize = ListEntry->SignatureSize - sizeof(EFI_GUID);
3948 IsCert = TRUE;
3949 } else if (CompareGuid(&ListEntry->SignatureType, &gEfiCertSha1Guid)) {
3950 ListTypeId = STRING_TOKEN(STR_LIST_TYPE_SHA1);
3951 DataSize = 20;
3952 } else if (CompareGuid(&ListEntry->SignatureType, &gEfiCertSha256Guid)) {
3953 ListTypeId = STRING_TOKEN(STR_LIST_TYPE_SHA256);
3954 DataSize = 32;
3955 } else if (CompareGuid(&ListEntry->SignatureType, &gEfiCertX509Sha256Guid)) {
3956 ListTypeId = STRING_TOKEN(STR_LIST_TYPE_X509_SHA256);
3957 DataSize = 32;
3958 Time = (EFI_TIME *)(DataEntry->SignatureData + DataSize);
3959 } else if (CompareGuid(&ListEntry->SignatureType, &gEfiCertX509Sha384Guid)) {
3960 ListTypeId = STRING_TOKEN(STR_LIST_TYPE_X509_SHA384);
3961 DataSize = 48;
3962 Time = (EFI_TIME *)(DataEntry->SignatureData + DataSize);
3963 } else if (CompareGuid(&ListEntry->SignatureType, &gEfiCertX509Sha512Guid)) {
3964 ListTypeId = STRING_TOKEN(STR_LIST_TYPE_X509_SHA512);
3965 DataSize = 64;
3966 Time = (EFI_TIME *)(DataEntry->SignatureData + DataSize);
3967 } else {
3968 Status = EFI_UNSUPPORTED;
3969 goto ON_EXIT;
3970 }
3971
3972 TotalSize = 1024;
3973 HelpInfoString = AllocateZeroPool (TotalSize);
3974 if (HelpInfoString == NULL) {
3975 Status = EFI_OUT_OF_RESOURCES;
3976 goto ON_EXIT;
3977 }
3978
3979 //
3980 // Format GUID part.
3981 //
3982 ZeroMem (GuidString, sizeof (GuidString));
3983 GuidToString(&DataEntry->SignatureOwner, GuidString, BUFFER_MAX_SIZE);
3984 HelpInfoIndex += UnicodeSPrint (
3985 &HelpInfoString[HelpInfoIndex],
3986 TotalSize - sizeof(CHAR16) * HelpInfoIndex,
3987 HiiGetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SIGNATURE_DATA_HELP_FORMAT_GUID), NULL),
3988 GuidString
3989 );
3990
3991 //
3992 // Format content part, it depends on the type of signature list, hash value or CN.
3993 //
3994 if (IsCert) {
3995 GetCommonNameFromX509 (ListEntry, DataEntry, &DataString);
3996 HelpInfoIndex += UnicodeSPrint(
3997 &HelpInfoString[HelpInfoIndex],
3998 TotalSize - sizeof(CHAR16) * HelpInfoIndex,
3999 HiiGetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SIGNATURE_DATA_HELP_FORMAT_CN), NULL),
4000 HiiGetString (PrivateData->HiiHandle, ListTypeId, NULL),
4001 DataSize,
4002 DataString
4003 );
4004 } else {
4005 //
4006 // Format hash value for each signature data entry.
4007 //
4008 ParseHashValue (ListEntry, DataEntry, &DataString);
4009 HelpInfoIndex += UnicodeSPrint (
4010 &HelpInfoString[HelpInfoIndex],
4011 TotalSize - sizeof(CHAR16) * HelpInfoIndex,
4012 HiiGetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SIGNATURE_DATA_HELP_FORMAT_HASH), NULL),
4013 HiiGetString (PrivateData->HiiHandle, ListTypeId, NULL),
4014 DataSize,
4015 DataString
4016 );
4017 }
4018
4019 //
4020 // Format revocation time part.
4021 //
4022 if (Time != NULL) {
4023 ZeroMem (TimeString, sizeof (TimeString));
4024 UnicodeSPrint (
4025 TimeString,
4026 sizeof (TimeString),
4027 L"%d-%d-%d %d:%d:%d",
4028 Time->Year,
4029 Time->Month,
4030 Time->Day,
4031 Time->Hour,
4032 Time->Minute,
4033 Time->Second
4034 );
4035
4036 UnicodeSPrint (
4037 &HelpInfoString[HelpInfoIndex],
4038 TotalSize - sizeof (CHAR16) * HelpInfoIndex,
4039 HiiGetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SIGNATURE_DATA_HELP_FORMAT_TIME), NULL),
4040 TimeString
4041 );
4042 }
4043
4044 *StringId = HiiSetString (PrivateData->HiiHandle, 0, HelpInfoString, NULL);
4045 ON_EXIT:
4046 SECUREBOOT_FREE_NON_NULL (DataString);
4047 SECUREBOOT_FREE_NON_NULL (HelpInfoString);
4048
4049 return Status;
4050 }
4051
4052 /**
4053 This functino to load signature data under the signature list.
4054
4055 @param[in] PrivateData Module's private data.
4056 @param[in] LabelId Label number to insert opcodes.
4057 @param[in] FormId Form ID of current page.
4058 @param[in] QuestionIdBase Base question id of the signature list.
4059 @param[in] ListIndex Indicate to load which signature list.
4060
4061 @retval EFI_SUCCESS Success to update the signature list page
4062 @retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.
4063 **/
4064 EFI_STATUS
4065 LoadSignatureData (
4066 IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
4067 IN UINT16 LabelId,
4068 IN EFI_FORM_ID FormId,
4069 IN EFI_QUESTION_ID QuestionIdBase,
4070 IN UINT16 ListIndex
4071 )
4072 {
4073 EFI_STATUS Status;
4074 EFI_SIGNATURE_LIST *ListWalker;
4075 EFI_SIGNATURE_DATA *DataWalker;
4076 EFI_IFR_GUID_LABEL *StartLabel;
4077 EFI_IFR_GUID_LABEL *EndLabel;
4078 EFI_STRING_ID HelpStringId;
4079 VOID *StartOpCodeHandle;
4080 VOID *EndOpCodeHandle;
4081 UINTN DataSize;
4082 UINTN RemainingSize;
4083 UINT16 Index;
4084 UINT8 *VariableData;
4085 CHAR16 VariableName[BUFFER_MAX_SIZE];
4086 CHAR16 NameBuffer[BUFFER_MAX_SIZE];
4087
4088 Status = EFI_SUCCESS;
4089 StartOpCodeHandle = NULL;
4090 EndOpCodeHandle = NULL;
4091 Index = 0;
4092 VariableData = NULL;
4093
4094 //
4095 // Initialize the container for dynamic opcodes.
4096 //
4097 StartOpCodeHandle = HiiAllocateOpCodeHandle ();
4098 if (StartOpCodeHandle == NULL) {
4099 Status = EFI_OUT_OF_RESOURCES;
4100 goto ON_EXIT;
4101 }
4102
4103 EndOpCodeHandle = HiiAllocateOpCodeHandle ();
4104 if (EndOpCodeHandle == NULL) {
4105 Status = EFI_OUT_OF_RESOURCES;
4106 goto ON_EXIT;
4107 }
4108
4109 //
4110 // Create Hii Extend Label OpCode.
4111 //
4112 StartLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (
4113 StartOpCodeHandle,
4114 &gEfiIfrTianoGuid,
4115 NULL,
4116 sizeof (EFI_IFR_GUID_LABEL)
4117 );
4118 StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
4119 StartLabel->Number = LabelId;
4120
4121 EndLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (
4122 EndOpCodeHandle,
4123 &gEfiIfrTianoGuid,
4124 NULL,
4125 sizeof (EFI_IFR_GUID_LABEL)
4126 );
4127 EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
4128 EndLabel->Number = LABEL_END;
4129
4130 if (PrivateData->VariableName == Variable_DB) {
4131 UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE);
4132 } else if (PrivateData->VariableName == Variable_DBX) {
4133 UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE1);
4134 } else if (PrivateData->VariableName == Variable_DBT) {
4135 UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE2);
4136 } else {
4137 goto ON_EXIT;
4138 }
4139
4140 //
4141 // Read Variable, the variable name save in the PrivateData->VariableName.
4142 //
4143 DataSize = 0;
4144 Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, VariableData);
4145 if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
4146 goto ON_EXIT;
4147 }
4148
4149 VariableData = AllocateZeroPool (DataSize);
4150 if (VariableData == NULL) {
4151 Status = EFI_OUT_OF_RESOURCES;
4152 goto ON_EXIT;
4153 }
4154 Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, VariableData);
4155 if (EFI_ERROR (Status)) {
4156 goto ON_EXIT;
4157 }
4158
4159 RemainingSize = DataSize;
4160 ListWalker = (EFI_SIGNATURE_LIST *)VariableData;
4161
4162 //
4163 // Skip signature list.
4164 //
4165 while ((RemainingSize > 0) && (RemainingSize >= ListWalker->SignatureListSize) && ListIndex-- > 0) {
4166 RemainingSize -= ListWalker->SignatureListSize;
4167 ListWalker = (EFI_SIGNATURE_LIST *)((UINT8 *)ListWalker + ListWalker->SignatureListSize);
4168 }
4169
4170 DataWalker = (EFI_SIGNATURE_DATA *)((UINT8 *)ListWalker + sizeof(EFI_SIGNATURE_LIST) + ListWalker->SignatureHeaderSize);
4171 for (Index = 0; Index < SIGNATURE_DATA_COUNTS(ListWalker); Index = Index + 1) {
4172 //
4173 // Format name buffer.
4174 //
4175 ZeroMem (NameBuffer, sizeof (NameBuffer));
4176 UnicodeSPrint (NameBuffer,
4177 sizeof (NameBuffer),
4178 HiiGetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SIGNATURE_DATA_NAME_FORMAT), NULL),
4179 Index + 1
4180 );
4181
4182 //
4183 // Format help info buffer.
4184 //
4185 Status = FormatHelpInfo (PrivateData, ListWalker, DataWalker, &HelpStringId);
4186 if (EFI_ERROR (Status)) {
4187 goto ON_EXIT;
4188 }
4189
4190 HiiCreateCheckBoxOpCode (
4191 StartOpCodeHandle,
4192 (EFI_QUESTION_ID)(QuestionIdBase + Index),
4193 0,
4194 0,
4195 HiiSetString (PrivateData->HiiHandle, 0, NameBuffer, NULL),
4196 HelpStringId,
4197 EFI_IFR_FLAG_CALLBACK,
4198 0,
4199 NULL
4200 );
4201
4202 ZeroMem(NameBuffer, 100);
4203 DataWalker = (EFI_SIGNATURE_DATA *)((UINT8 *)DataWalker + ListWalker->SignatureSize);
4204 }
4205
4206 //
4207 // Allocate a buffer to record which signature data will be checked.
4208 // This memory buffer will be freed when exit from the SECUREBOOT_DELETE_SIGNATURE_DATA_FORM form.
4209 //
4210 PrivateData->CheckArray = AllocateZeroPool (SIGNATURE_DATA_COUNTS (ListWalker) * sizeof (BOOLEAN));
4211 ON_EXIT:
4212 HiiUpdateForm (
4213 PrivateData->HiiHandle,
4214 &gSecureBootConfigFormSetGuid,
4215 FormId,
4216 StartOpCodeHandle,
4217 EndOpCodeHandle
4218 );
4219
4220 SECUREBOOT_FREE_NON_OPCODE (StartOpCodeHandle);
4221 SECUREBOOT_FREE_NON_OPCODE (EndOpCodeHandle);
4222
4223 SECUREBOOT_FREE_NON_NULL (VariableData);
4224
4225 return Status;
4226 }
4227
4228 /**
4229 This function is called to provide results data to the driver.
4230
4231 @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
4232 @param[in] Action Specifies the type of action taken by the browser.
4233 @param[in] QuestionId A unique value which is sent to the original
4234 exporting driver so that it can identify the type
4235 of data to expect.
4236 @param[in] Type The type of value for the question.
4237 @param[in] Value A pointer to the data being sent to the original
4238 exporting driver.
4239 @param[out] ActionRequest On return, points to the action requested by the
4240 callback function.
4241
4242 @retval EFI_SUCCESS The callback successfully handled the action.
4243 @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the
4244 variable and its data.
4245 @retval EFI_DEVICE_ERROR The variable could not be saved.
4246 @retval EFI_UNSUPPORTED The specified Action is not supported by the
4247 callback.
4248
4249 **/
4250 EFI_STATUS
4251 EFIAPI
4252 SecureBootCallback (
4253 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
4254 IN EFI_BROWSER_ACTION Action,
4255 IN EFI_QUESTION_ID QuestionId,
4256 IN UINT8 Type,
4257 IN EFI_IFR_TYPE_VALUE *Value,
4258 OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
4259 )
4260 {
4261 EFI_INPUT_KEY Key;
4262 EFI_STATUS Status;
4263 RETURN_STATUS RStatus;
4264 SECUREBOOT_CONFIG_PRIVATE_DATA *Private;
4265 UINTN BufferSize;
4266 SECUREBOOT_CONFIGURATION *IfrNvData;
4267 UINT16 LabelId;
4268 UINT8 *SecureBootEnable;
4269 UINT8 *Pk;
4270 UINT8 *SecureBootMode;
4271 UINT8 *SetupMode;
4272 CHAR16 PromptString[100];
4273 EFI_DEVICE_PATH_PROTOCOL *File;
4274 UINTN NameLength;
4275 UINT16 *FilePostFix;
4276 SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData;
4277
4278 Status = EFI_SUCCESS;
4279 SecureBootEnable = NULL;
4280 SecureBootMode = NULL;
4281 SetupMode = NULL;
4282 File = NULL;
4283
4284 if ((This == NULL) || (Value == NULL) || (ActionRequest == NULL)) {
4285 return EFI_INVALID_PARAMETER;
4286 }
4287
4288 Private = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This);
4289
4290 gSecureBootPrivateData = Private;
4291
4292 //
4293 // Retrieve uncommitted data from Browser
4294 //
4295 BufferSize = sizeof (SECUREBOOT_CONFIGURATION);
4296 IfrNvData = AllocateZeroPool (BufferSize);
4297 if (IfrNvData == NULL) {
4298 return EFI_OUT_OF_RESOURCES;
4299 }
4300
4301 HiiGetBrowserData (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize, (UINT8 *) IfrNvData);
4302
4303 if (Action == EFI_BROWSER_ACTION_FORM_OPEN) {
4304 if (QuestionId == KEY_SECURE_BOOT_MODE) {
4305 //
4306 // Update secure boot strings when opening this form
4307 //
4308 Status = UpdateSecureBootString(Private);
4309 SecureBootExtractConfigFromVariable (Private, IfrNvData);
4310 mIsEnterSecureBootForm = TRUE;
4311 } else {
4312 //
4313 // When entering SecureBoot OPTION Form
4314 // always close opened file & free resource
4315 //
4316 if ((QuestionId == KEY_SECURE_BOOT_PK_OPTION) ||
4317 (QuestionId == KEY_SECURE_BOOT_KEK_OPTION) ||
4318 (QuestionId == KEY_SECURE_BOOT_DB_OPTION) ||
4319 (QuestionId == KEY_SECURE_BOOT_DBX_OPTION) ||
4320 (QuestionId == KEY_SECURE_BOOT_DBT_OPTION)) {
4321 CloseEnrolledFile(Private->FileContext);
4322 } else if (QuestionId == KEY_SECURE_BOOT_DELETE_ALL_LIST) {
4323 //
4324 // Update ListCount field in varstore
4325 // Button "Delete All Signature List" is
4326 // enable when ListCount is greater than 0.
4327 //
4328 IfrNvData->ListCount = Private->ListCount;
4329 }
4330 }
4331 goto EXIT;
4332 }
4333
4334 if (Action == EFI_BROWSER_ACTION_RETRIEVE) {
4335 Status = EFI_UNSUPPORTED;
4336 if (QuestionId == KEY_SECURE_BOOT_MODE) {
4337 if (mIsEnterSecureBootForm) {
4338 Value->u8 = SECURE_BOOT_MODE_STANDARD;
4339 Status = EFI_SUCCESS;
4340 }
4341 }
4342 goto EXIT;
4343 }
4344
4345 if ((Action != EFI_BROWSER_ACTION_CHANGED) &&
4346 (Action != EFI_BROWSER_ACTION_CHANGING) &&
4347 (Action != EFI_BROWSER_ACTION_FORM_CLOSE) &&
4348 (Action != EFI_BROWSER_ACTION_DEFAULT_STANDARD)) {
4349 Status = EFI_UNSUPPORTED;
4350 goto EXIT;
4351 }
4352
4353 if (Action == EFI_BROWSER_ACTION_CHANGING) {
4354
4355 switch (QuestionId) {
4356 case KEY_SECURE_BOOT_ENABLE:
4357 GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL);
4358 if (NULL != SecureBootEnable) {
4359 FreePool (SecureBootEnable);
4360 if (EFI_ERROR (SaveSecureBootVariable (Value->u8))) {
4361 CreatePopUp (
4362 EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
4363 &Key,
4364 L"Only Physical Presence User could disable secure boot!",
4365 NULL
4366 );
4367 Status = EFI_UNSUPPORTED;
4368 } else {
4369 CreatePopUp (
4370 EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
4371 &Key,
4372 L"Configuration changed, please reset the platform to take effect!",
4373 NULL
4374 );
4375 }
4376 }
4377 break;
4378
4379 case KEY_SECURE_BOOT_KEK_OPTION:
4380 case KEY_SECURE_BOOT_DB_OPTION:
4381 case KEY_SECURE_BOOT_DBX_OPTION:
4382 case KEY_SECURE_BOOT_DBT_OPTION:
4383 PrivateData = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This);
4384 //
4385 // Clear Signature GUID.
4386 //
4387 ZeroMem (IfrNvData->SignatureGuid, sizeof (IfrNvData->SignatureGuid));
4388 if (Private->SignatureGUID == NULL) {
4389 Private->SignatureGUID = (EFI_GUID *) AllocateZeroPool (sizeof (EFI_GUID));
4390 if (Private->SignatureGUID == NULL) {
4391 return EFI_OUT_OF_RESOURCES;
4392 }
4393 }
4394
4395 //
4396 // Cleanup VFRData once leaving PK/KEK/DB/DBX/DBT enroll/delete page
4397 //
4398 SecureBootExtractConfigFromVariable (PrivateData, IfrNvData);
4399
4400 if (QuestionId == KEY_SECURE_BOOT_DB_OPTION) {
4401 LabelId = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
4402 } else if (QuestionId == KEY_SECURE_BOOT_DBX_OPTION) {
4403 LabelId = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
4404 } else if (QuestionId == KEY_SECURE_BOOT_DBT_OPTION) {
4405 LabelId = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
4406 } else {
4407 LabelId = FORMID_ENROLL_KEK_FORM;
4408 }
4409
4410 //
4411 // Refresh selected file.
4412 //
4413 CleanUpPage (LabelId, Private);
4414 break;
4415 case KEY_SECURE_BOOT_PK_OPTION:
4416 LabelId = FORMID_ENROLL_PK_FORM;
4417 //
4418 // Refresh selected file.
4419 //
4420 CleanUpPage (LabelId, Private);
4421 break;
4422
4423 case FORMID_ENROLL_PK_FORM:
4424 ChooseFile (NULL, NULL, UpdatePKFromFile, &File);
4425 break;
4426
4427 case FORMID_ENROLL_KEK_FORM:
4428 ChooseFile (NULL, NULL, UpdateKEKFromFile, &File);
4429 break;
4430
4431 case SECUREBOOT_ENROLL_SIGNATURE_TO_DB:
4432 ChooseFile (NULL, NULL, UpdateDBFromFile, &File);
4433 break;
4434
4435 case SECUREBOOT_ENROLL_SIGNATURE_TO_DBX:
4436 ChooseFile (NULL, NULL, UpdateDBXFromFile, &File);
4437
4438 if (Private->FileContext->FHandle != NULL) {
4439 //
4440 // Parse the file's postfix.
4441 //
4442 NameLength = StrLen (Private->FileContext->FileName);
4443 if (NameLength <= 4) {
4444 return FALSE;
4445 }
4446 FilePostFix = Private->FileContext->FileName + NameLength - 4;
4447
4448 if (IsDerEncodeCertificate (FilePostFix)) {
4449 //
4450 // Supports DER-encoded X509 certificate.
4451 //
4452 IfrNvData->FileEnrollType = X509_CERT_FILE_TYPE;
4453 } else if (IsAuthentication2Format(Private->FileContext->FHandle)){
4454 IfrNvData->FileEnrollType = AUTHENTICATION_2_FILE_TYPE;
4455 } else {
4456 IfrNvData->FileEnrollType = PE_IMAGE_FILE_TYPE;
4457 }
4458 Private->FileContext->FileType = IfrNvData->FileEnrollType;
4459
4460 //
4461 // Clean up Certificate Format if File type is not X509 DER
4462 //
4463 if (IfrNvData->FileEnrollType != X509_CERT_FILE_TYPE) {
4464 IfrNvData->CertificateFormat = HASHALG_RAW;
4465 }
4466 DEBUG((DEBUG_ERROR, "IfrNvData->FileEnrollType %d\n", Private->FileContext->FileType));
4467 }
4468
4469 break;
4470
4471 case SECUREBOOT_ENROLL_SIGNATURE_TO_DBT:
4472 ChooseFile (NULL, NULL, UpdateDBTFromFile, &File);
4473 break;
4474
4475 case KEY_SECURE_BOOT_DELETE_PK:
4476 if (Value->u8) {
4477 CreatePopUp (
4478 EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
4479 &Key,
4480 L"Are you sure you want to delete PK? Secure boot will be disabled!",
4481 L"Press 'Y' to delete PK and exit, 'N' to discard change and return",
4482 NULL
4483 );
4484 if (Key.UnicodeChar == 'y' || Key.UnicodeChar == 'Y') {
4485 Status = DeletePlatformKey ();
4486 if (EFI_ERROR (Status)) {
4487 CreatePopUp (
4488 EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
4489 &Key,
4490 L"Only Physical Presence User could delete PK in custom mode!",
4491 NULL
4492 );
4493 }
4494 }
4495 }
4496 break;
4497
4498 case KEY_DELETE_KEK:
4499 UpdateDeletePage (
4500 Private,
4501 EFI_KEY_EXCHANGE_KEY_NAME,
4502 &gEfiGlobalVariableGuid,
4503 LABEL_KEK_DELETE,
4504 FORMID_DELETE_KEK_FORM,
4505 OPTION_DEL_KEK_QUESTION_ID
4506 );
4507 break;
4508
4509 case SECUREBOOT_DELETE_SIGNATURE_FROM_DB:
4510 UpdateDeletePage (
4511 Private,
4512 EFI_IMAGE_SECURITY_DATABASE,
4513 &gEfiImageSecurityDatabaseGuid,
4514 LABEL_DB_DELETE,
4515 SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
4516 OPTION_DEL_DB_QUESTION_ID
4517 );
4518 break;
4519
4520 //
4521 // From DBX option to the level-1 form, display signature list.
4522 //
4523 case KEY_VALUE_FROM_DBX_TO_LIST_FORM:
4524 Private->VariableName = Variable_DBX;
4525 LoadSignatureList (
4526 Private,
4527 LABEL_SIGNATURE_LIST_START,
4528 SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
4529 OPTION_SIGNATURE_LIST_QUESTION_ID
4530 );
4531 break;
4532
4533 //
4534 // Delete all signature list and reload.
4535 //
4536 case KEY_SECURE_BOOT_DELETE_ALL_LIST:
4537 CreatePopUp(
4538 EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
4539 &Key,
4540 L"Press 'Y' to delete signature list.",
4541 L"Press other key to cancel and exit.",
4542 NULL
4543 );
4544
4545 if (Key.UnicodeChar == L'Y' || Key.UnicodeChar == L'y') {
4546 DeleteSignatureEx (Private, Delete_Signature_List_All, IfrNvData->CheckedDataCount);
4547 }
4548
4549 LoadSignatureList (
4550 Private,
4551 LABEL_SIGNATURE_LIST_START,
4552 SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
4553 OPTION_SIGNATURE_LIST_QUESTION_ID
4554 );
4555 break;
4556
4557 //
4558 // Delete one signature list and reload.
4559 //
4560 case KEY_SECURE_BOOT_DELETE_ALL_DATA:
4561 CreatePopUp(
4562 EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
4563 &Key,
4564 L"Press 'Y' to delete signature data.",
4565 L"Press other key to cancel and exit.",
4566 NULL
4567 );
4568
4569 if (Key.UnicodeChar == L'Y' || Key.UnicodeChar == L'y') {
4570 DeleteSignatureEx (Private, Delete_Signature_List_One, IfrNvData->CheckedDataCount);
4571 }
4572
4573 LoadSignatureList (
4574 Private,
4575 LABEL_SIGNATURE_LIST_START,
4576 SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
4577 OPTION_SIGNATURE_LIST_QUESTION_ID
4578 );
4579 break;
4580
4581 //
4582 // Delete checked signature data and reload.
4583 //
4584 case KEY_SECURE_BOOT_DELETE_CHECK_DATA:
4585 CreatePopUp(
4586 EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
4587 &Key,
4588 L"Press 'Y' to delete signature data.",
4589 L"Press other key to cancel and exit.",
4590 NULL
4591 );
4592
4593 if (Key.UnicodeChar == L'Y' || Key.UnicodeChar == L'y') {
4594 DeleteSignatureEx (Private, Delete_Signature_Data, IfrNvData->CheckedDataCount);
4595 }
4596
4597 LoadSignatureList (
4598 Private,
4599 LABEL_SIGNATURE_LIST_START,
4600 SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
4601 OPTION_SIGNATURE_LIST_QUESTION_ID
4602 );
4603 break;
4604
4605 case SECUREBOOT_DELETE_SIGNATURE_FROM_DBT:
4606 UpdateDeletePage (
4607 Private,
4608 EFI_IMAGE_SECURITY_DATABASE2,
4609 &gEfiImageSecurityDatabaseGuid,
4610 LABEL_DBT_DELETE,
4611 SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
4612 OPTION_DEL_DBT_QUESTION_ID
4613 );
4614
4615 break;
4616
4617 case KEY_VALUE_SAVE_AND_EXIT_KEK:
4618 Status = EnrollKeyExchangeKey (Private);
4619 if (EFI_ERROR (Status)) {
4620 CreatePopUp (
4621 EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
4622 &Key,
4623 L"ERROR: Unsupported file type!",
4624 L"Only supports DER-encoded X509 certificate",
4625 NULL
4626 );
4627 }
4628 break;
4629
4630 case KEY_VALUE_SAVE_AND_EXIT_DB:
4631 Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE);
4632 if (EFI_ERROR (Status)) {
4633 CreatePopUp (
4634 EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
4635 &Key,
4636 L"ERROR: Unsupported file type!",
4637 L"Only supports DER-encoded X509 certificate and executable EFI image",
4638 NULL
4639 );
4640 }
4641 break;
4642
4643 case KEY_VALUE_SAVE_AND_EXIT_DBX:
4644 if (IsX509CertInDbx (Private, EFI_IMAGE_SECURITY_DATABASE1)) {
4645 CreatePopUp (
4646 EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
4647 &Key,
4648 L"Enrollment failed! Same certificate had already been in the dbx!",
4649 NULL
4650 );
4651
4652 //
4653 // Cert already exists in DBX. Close opened file before exit.
4654 //
4655 CloseEnrolledFile(Private->FileContext);
4656 break;
4657 }
4658
4659 if ((IfrNvData != NULL) && (IfrNvData->CertificateFormat < HASHALG_MAX)) {
4660 Status = EnrollX509HashtoSigDB (
4661 Private,
4662 IfrNvData->CertificateFormat,
4663 &IfrNvData->RevocationDate,
4664 &IfrNvData->RevocationTime,
4665 IfrNvData->AlwaysRevocation
4666 );
4667 IfrNvData->CertificateFormat = HASHALG_RAW;
4668 } else {
4669 Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE1);
4670 }
4671 if (EFI_ERROR (Status)) {
4672 CreatePopUp (
4673 EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
4674 &Key,
4675 L"ERROR: Unsupported file type!",
4676 L"Only supports DER-encoded X509 certificate, AUTH_2 format data & executable EFI image",
4677 NULL
4678 );
4679 }
4680 break;
4681
4682 case KEY_VALUE_SAVE_AND_EXIT_DBT:
4683 Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE2);
4684 if (EFI_ERROR (Status)) {
4685 CreatePopUp (
4686 EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
4687 &Key,
4688 L"ERROR: Unsupported file type!",
4689 L"Only supports DER-encoded X509 certificate.",
4690 NULL
4691 );
4692 }
4693 break;
4694 case KEY_VALUE_SAVE_AND_EXIT_PK:
4695 Status = EnrollPlatformKey (Private);
4696 if (EFI_ERROR (Status)) {
4697 UnicodeSPrint (
4698 PromptString,
4699 sizeof (PromptString),
4700 L"Only DER encoded certificate file (%s) is supported.",
4701 mSupportX509Suffix
4702 );
4703 CreatePopUp (
4704 EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
4705 &Key,
4706 L"ERROR: Unsupported file type!",
4707 PromptString,
4708 NULL
4709 );
4710 }
4711 break;
4712 default:
4713 if ((QuestionId >= OPTION_DEL_KEK_QUESTION_ID) &&
4714 (QuestionId < (OPTION_DEL_KEK_QUESTION_ID + OPTION_CONFIG_RANGE))) {
4715 DeleteKeyExchangeKey (Private, QuestionId);
4716 } else if ((QuestionId >= OPTION_DEL_DB_QUESTION_ID) &&
4717 (QuestionId < (OPTION_DEL_DB_QUESTION_ID + OPTION_CONFIG_RANGE))) {
4718 DeleteSignature (
4719 Private,
4720 EFI_IMAGE_SECURITY_DATABASE,
4721 &gEfiImageSecurityDatabaseGuid,
4722 LABEL_DB_DELETE,
4723 SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
4724 OPTION_DEL_DB_QUESTION_ID,
4725 QuestionId - OPTION_DEL_DB_QUESTION_ID
4726 );
4727 } else if ((QuestionId >= OPTION_SIGNATURE_LIST_QUESTION_ID) &&
4728 (QuestionId < (OPTION_SIGNATURE_LIST_QUESTION_ID + OPTION_CONFIG_RANGE))) {
4729 LoadSignatureData (
4730 Private,
4731 LABEL_SIGNATURE_DATA_START,
4732 SECUREBOOT_DELETE_SIGNATURE_DATA_FORM,
4733 OPTION_SIGNATURE_DATA_QUESTION_ID,
4734 QuestionId - OPTION_SIGNATURE_LIST_QUESTION_ID
4735 );
4736 Private->ListIndex = QuestionId - OPTION_SIGNATURE_LIST_QUESTION_ID;
4737 } else if ((QuestionId >= OPTION_SIGNATURE_DATA_QUESTION_ID) &&
4738 (QuestionId < (OPTION_SIGNATURE_DATA_QUESTION_ID + OPTION_CONFIG_RANGE))) {
4739 if (Private->CheckArray[QuestionId - OPTION_SIGNATURE_DATA_QUESTION_ID]) {
4740 IfrNvData->CheckedDataCount--;
4741 Private->CheckArray[QuestionId - OPTION_SIGNATURE_DATA_QUESTION_ID] = FALSE;
4742 } else {
4743 IfrNvData->CheckedDataCount++;
4744 Private->CheckArray[QuestionId - OPTION_SIGNATURE_DATA_QUESTION_ID] = TRUE;
4745 }
4746 } else if ((QuestionId >= OPTION_DEL_DBT_QUESTION_ID) &&
4747 (QuestionId < (OPTION_DEL_DBT_QUESTION_ID + OPTION_CONFIG_RANGE))) {
4748 DeleteSignature (
4749 Private,
4750 EFI_IMAGE_SECURITY_DATABASE2,
4751 &gEfiImageSecurityDatabaseGuid,
4752 LABEL_DBT_DELETE,
4753 SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
4754 OPTION_DEL_DBT_QUESTION_ID,
4755 QuestionId - OPTION_DEL_DBT_QUESTION_ID
4756 );
4757 }
4758 break;
4759
4760 case KEY_VALUE_NO_SAVE_AND_EXIT_PK:
4761 case KEY_VALUE_NO_SAVE_AND_EXIT_KEK:
4762 case KEY_VALUE_NO_SAVE_AND_EXIT_DB:
4763 case KEY_VALUE_NO_SAVE_AND_EXIT_DBX:
4764 case KEY_VALUE_NO_SAVE_AND_EXIT_DBT:
4765 CloseEnrolledFile(Private->FileContext);
4766
4767 if (Private->SignatureGUID != NULL) {
4768 FreePool (Private->SignatureGUID);
4769 Private->SignatureGUID = NULL;
4770 }
4771 break;
4772 }
4773 } else if (Action == EFI_BROWSER_ACTION_CHANGED) {
4774 switch (QuestionId) {
4775 case KEY_SECURE_BOOT_ENABLE:
4776 *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
4777 break;
4778 case KEY_SECURE_BOOT_MODE:
4779 mIsEnterSecureBootForm = FALSE;
4780 break;
4781 case KEY_SECURE_BOOT_KEK_GUID:
4782 case KEY_SECURE_BOOT_SIGNATURE_GUID_DB:
4783 case KEY_SECURE_BOOT_SIGNATURE_GUID_DBX:
4784 case KEY_SECURE_BOOT_SIGNATURE_GUID_DBT:
4785 ASSERT (Private->SignatureGUID != NULL);
4786 RStatus = StrToGuid (IfrNvData->SignatureGuid, Private->SignatureGUID);
4787 if (RETURN_ERROR (RStatus) || (IfrNvData->SignatureGuid[GUID_STRING_LENGTH] != L'\0')) {
4788 Status = EFI_INVALID_PARAMETER;
4789 break;
4790 }
4791
4792 *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
4793 break;
4794 case KEY_SECURE_BOOT_DELETE_PK:
4795 GetVariable2 (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SetupMode, NULL);
4796 if (SetupMode == NULL || (*SetupMode) == SETUP_MODE) {
4797 IfrNvData->DeletePk = TRUE;
4798 IfrNvData->HasPk = FALSE;
4799 *ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
4800 } else {
4801 IfrNvData->DeletePk = FALSE;
4802 IfrNvData->HasPk = TRUE;
4803 *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
4804 }
4805 if (SetupMode != NULL) {
4806 FreePool (SetupMode);
4807 }
4808 break;
4809 default:
4810 break;
4811 }
4812 } else if (Action == EFI_BROWSER_ACTION_DEFAULT_STANDARD) {
4813 if (QuestionId == KEY_HIDE_SECURE_BOOT) {
4814 GetVariable2 (EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid, (VOID**)&Pk, NULL);
4815 if (Pk == NULL) {
4816 IfrNvData->HideSecureBoot = TRUE;
4817 } else {
4818 FreePool (Pk);
4819 IfrNvData->HideSecureBoot = FALSE;
4820 }
4821 Value->b = IfrNvData->HideSecureBoot;
4822 }
4823 } else if (Action == EFI_BROWSER_ACTION_FORM_CLOSE) {
4824 //
4825 // Force the platform back to Standard Mode once user leave the setup screen.
4826 //
4827 GetVariable2 (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, (VOID**)&SecureBootMode, NULL);
4828 if (NULL != SecureBootMode && *SecureBootMode == CUSTOM_SECURE_BOOT_MODE) {
4829 IfrNvData->SecureBootMode = STANDARD_SECURE_BOOT_MODE;
4830 SetSecureBootMode(STANDARD_SECURE_BOOT_MODE);
4831 }
4832 if (SecureBootMode != NULL) {
4833 FreePool (SecureBootMode);
4834 }
4835
4836 if (QuestionId == KEY_SECURE_BOOT_DELETE_ALL_DATA) {
4837 //
4838 // Free memory when exit from the SECUREBOOT_DELETE_SIGNATURE_DATA_FORM form.
4839 //
4840 SECUREBOOT_FREE_NON_NULL (Private->CheckArray);
4841 IfrNvData->CheckedDataCount = 0;
4842 }
4843 }
4844
4845 EXIT:
4846
4847 if (!EFI_ERROR (Status)) {
4848 BufferSize = sizeof (SECUREBOOT_CONFIGURATION);
4849 HiiSetBrowserData (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize, (UINT8*) IfrNvData, NULL);
4850 }
4851
4852 FreePool (IfrNvData);
4853
4854 if (File != NULL){
4855 FreePool(File);
4856 File = NULL;
4857 }
4858
4859 return EFI_SUCCESS;
4860 }
4861
4862 /**
4863 This function publish the SecureBoot configuration Form.
4864
4865 @param[in, out] PrivateData Points to SecureBoot configuration private data.
4866
4867 @retval EFI_SUCCESS HII Form is installed successfully.
4868 @retval EFI_OUT_OF_RESOURCES Not enough resource for HII Form installation.
4869 @retval Others Other errors as indicated.
4870
4871 **/
4872 EFI_STATUS
4873 InstallSecureBootConfigForm (
4874 IN OUT SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData
4875 )
4876 {
4877 EFI_STATUS Status;
4878 EFI_HII_HANDLE HiiHandle;
4879 EFI_HANDLE DriverHandle;
4880 EFI_HII_CONFIG_ACCESS_PROTOCOL *ConfigAccess;
4881
4882 DriverHandle = NULL;
4883 ConfigAccess = &PrivateData->ConfigAccess;
4884 Status = gBS->InstallMultipleProtocolInterfaces (
4885 &DriverHandle,
4886 &gEfiDevicePathProtocolGuid,
4887 &mSecureBootHiiVendorDevicePath,
4888 &gEfiHiiConfigAccessProtocolGuid,
4889 ConfigAccess,
4890 NULL
4891 );
4892 if (EFI_ERROR (Status)) {
4893 return Status;
4894 }
4895
4896 PrivateData->DriverHandle = DriverHandle;
4897
4898 //
4899 // Publish the HII package list
4900 //
4901 HiiHandle = HiiAddPackages (
4902 &gSecureBootConfigFormSetGuid,
4903 DriverHandle,
4904 SecureBootConfigDxeStrings,
4905 SecureBootConfigBin,
4906 NULL
4907 );
4908 if (HiiHandle == NULL) {
4909 gBS->UninstallMultipleProtocolInterfaces (
4910 DriverHandle,
4911 &gEfiDevicePathProtocolGuid,
4912 &mSecureBootHiiVendorDevicePath,
4913 &gEfiHiiConfigAccessProtocolGuid,
4914 ConfigAccess,
4915 NULL
4916 );
4917 return EFI_OUT_OF_RESOURCES;
4918 }
4919
4920 PrivateData->HiiHandle = HiiHandle;
4921
4922 PrivateData->FileContext = AllocateZeroPool (sizeof (SECUREBOOT_FILE_CONTEXT));
4923
4924 if (PrivateData->FileContext == NULL) {
4925 UninstallSecureBootConfigForm (PrivateData);
4926 return EFI_OUT_OF_RESOURCES;
4927 }
4928
4929 //
4930 // Init OpCode Handle and Allocate space for creation of Buffer
4931 //
4932 mStartOpCodeHandle = HiiAllocateOpCodeHandle ();
4933 if (mStartOpCodeHandle == NULL) {
4934 UninstallSecureBootConfigForm (PrivateData);
4935 return EFI_OUT_OF_RESOURCES;
4936 }
4937
4938 mEndOpCodeHandle = HiiAllocateOpCodeHandle ();
4939 if (mEndOpCodeHandle == NULL) {
4940 UninstallSecureBootConfigForm (PrivateData);
4941 return EFI_OUT_OF_RESOURCES;
4942 }
4943
4944 //
4945 // Create Hii Extend Label OpCode as the start opcode
4946 //
4947 mStartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
4948 mStartOpCodeHandle,
4949 &gEfiIfrTianoGuid,
4950 NULL,
4951 sizeof (EFI_IFR_GUID_LABEL)
4952 );
4953 mStartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
4954
4955 //
4956 // Create Hii Extend Label OpCode as the end opcode
4957 //
4958 mEndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
4959 mEndOpCodeHandle,
4960 &gEfiIfrTianoGuid,
4961 NULL,
4962 sizeof (EFI_IFR_GUID_LABEL)
4963 );
4964 mEndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
4965 mEndLabel->Number = LABEL_END;
4966
4967 return EFI_SUCCESS;
4968 }
4969
4970 /**
4971 This function removes SecureBoot configuration Form.
4972
4973 @param[in, out] PrivateData Points to SecureBoot configuration private data.
4974
4975 **/
4976 VOID
4977 UninstallSecureBootConfigForm (
4978 IN OUT SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData
4979 )
4980 {
4981 //
4982 // Uninstall HII package list
4983 //
4984 if (PrivateData->HiiHandle != NULL) {
4985 HiiRemovePackages (PrivateData->HiiHandle);
4986 PrivateData->HiiHandle = NULL;
4987 }
4988
4989 //
4990 // Uninstall HII Config Access Protocol
4991 //
4992 if (PrivateData->DriverHandle != NULL) {
4993 gBS->UninstallMultipleProtocolInterfaces (
4994 PrivateData->DriverHandle,
4995 &gEfiDevicePathProtocolGuid,
4996 &mSecureBootHiiVendorDevicePath,
4997 &gEfiHiiConfigAccessProtocolGuid,
4998 &PrivateData->ConfigAccess,
4999 NULL
5000 );
5001 PrivateData->DriverHandle = NULL;
5002 }
5003
5004 if (PrivateData->SignatureGUID != NULL) {
5005 FreePool (PrivateData->SignatureGUID);
5006 }
5007
5008 if (PrivateData->FileContext != NULL) {
5009 FreePool (PrivateData->FileContext);
5010 }
5011
5012 FreePool (PrivateData);
5013
5014 if (mStartOpCodeHandle != NULL) {
5015 HiiFreeOpCodeHandle (mStartOpCodeHandle);
5016 }
5017
5018 if (mEndOpCodeHandle != NULL) {
5019 HiiFreeOpCodeHandle (mEndOpCodeHandle);
5020 }
5021 }
EFI Development Kit II mirror for PVE