/** @file\r
HII Config Access protocol implementation of SecureBoot configuration module.\r
\r
-Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at\r
\r
#include "SecureBootConfigImpl.h"\r
\r
-CHAR16 mSecureBootStorageName[] = L"SECUREBOOT_CONFIGURATION";\r
+CHAR16 mSecureBootStorageName[] = L"SECUREBOOT_CONFIGURATION";\r
\r
SECUREBOOT_CONFIG_PRIVATE_DATA mSecureBootConfigPrivateDateTemplate = {\r
- SECUREBOOT_CONFIG_PRIVATE_DATA_SIGNATURE,\r
+ SECUREBOOT_CONFIG_PRIVATE_DATA_SIGNATURE, \r
{\r
SecureBootExtractConfig,\r
SecureBootRouteConfig,\r
}\r
};\r
\r
+\r
+//\r
+// OID ASN.1 Value for Hash Algorithms\r
+//\r
+UINT8 mHashOidValue[] = {\r
+ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05, // OBJ_md5\r
+ 0x2B, 0x0E, 0x03, 0x02, 0x1A, // OBJ_sha1\r
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, // OBJ_sha224\r
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, // OBJ_sha256\r
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, // OBJ_sha384\r
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, // OBJ_sha512\r
+ };\r
+\r
+HASH_TABLE mHash[] = {\r
+ { L"SHA1", 20, &mHashOidValue[8], 5, Sha1GetContextSize, Sha1Init, Sha1Update, Sha1Final },\r
+ { L"SHA224", 28, &mHashOidValue[13], 9, NULL, NULL, NULL, NULL },\r
+ { L"SHA256", 32, &mHashOidValue[22], 9, Sha256GetContextSize,Sha256Init, Sha256Update, Sha256Final},\r
+ { L"SHA384", 48, &mHashOidValue[31], 9, NULL, NULL, NULL, NULL },\r
+ { L"SHA512", 64, &mHashOidValue[40], 9, NULL, NULL, NULL, NULL }\r
+};\r
+\r
+\r
+// Variable Definitions \r
+UINT32 mPeCoffHeaderOffset = 0;\r
+WIN_CERTIFICATE *mCertificate = NULL;\r
+IMAGE_TYPE mImageType;\r
+UINT8 *mImageBase = NULL;\r
+UINTN mImageSize = 0;\r
+UINT8 mImageDigest[MAX_DIGEST_SIZE];\r
+UINTN mImageDigestSize;\r
+EFI_GUID mCertType;\r
+EFI_IMAGE_SECURITY_DATA_DIRECTORY *mSecDataDir = NULL;\r
+EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION mNtHeader;\r
+\r
+\r
+/**\r
+ Set Secure Boot option into variable space.\r
+\r
+ @param[in] VarValue The option of Secure Boot.\r
+\r
+ @retval EFI_SUCCESS The operation is finished successfully.\r
+ @retval Others Other errors as indicated.\r
+\r
+**/\r
+EFI_STATUS\r
+SaveSecureBootVariable (\r
+ IN UINT8 VarValue\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+\r
+ Status = gRT->SetVariable (\r
+ EFI_SECURE_BOOT_ENABLE_NAME,\r
+ &gEfiSecureBootEnableDisableGuid,\r
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\r
+ sizeof (UINT8),\r
+ &VarValue\r
+ );\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Create a time based data payload by concatenating the EFI_VARIABLE_AUTHENTICATION_2\r
+ descriptor with the input data. NO authentication is required in this function.\r
+ \r
+ @param[in, out] DataSize On input, the size of Data buffer in bytes.\r
+ On output, the size of data returned in Data\r
+ buffer in bytes.\r
+ @param[in, out] Data On input, Pointer to data buffer to be wrapped or \r
+ pointer to NULL to wrap an empty payload.\r
+ On output, Pointer to the new payload date buffer allocated from pool,\r
+ it's caller's responsibility to free the memory when finish using it. \r
+\r
+ @retval EFI_SUCCESS Create time based payload successfully.\r
+ @retval EFI_OUT_OF_RESOURCES There are not enough memory resourses to create time based payload.\r
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.\r
+ @retval Others Unexpected error happens.\r
+\r
+**/\r
+EFI_STATUS\r
+CreateTimeBasedPayload (\r
+ IN OUT UINTN *DataSize,\r
+ IN OUT UINT8 **Data\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 *NewData;\r
+ UINT8 *Payload;\r
+ UINTN PayloadSize;\r
+ EFI_VARIABLE_AUTHENTICATION_2 *DescriptorData;\r
+ UINTN DescriptorSize;\r
+ EFI_TIME Time;\r
+ \r
+ if (Data == NULL || DataSize == NULL) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ \r
+ //\r
+ // In Setup mode or Custom mode, the variable does not need to be signed but the \r
+ // parameters to the SetVariable() call still need to be prepared as authenticated\r
+ // variable. So we create EFI_VARIABLE_AUTHENTICATED_2 descriptor without certificate\r
+ // data in it.\r
+ //\r
+ Payload = *Data;\r
+ PayloadSize = *DataSize;\r
+ \r
+ DescriptorSize = OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo) + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);\r
+ NewData = (UINT8*) AllocateZeroPool (DescriptorSize + PayloadSize);\r
+ if (NewData == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+\r
+ if ((Payload != NULL) && (PayloadSize != 0)) {\r
+ CopyMem (NewData + DescriptorSize, Payload, PayloadSize);\r
+ }\r
+\r
+ DescriptorData = (EFI_VARIABLE_AUTHENTICATION_2 *) (NewData);\r
+\r
+ ZeroMem (&Time, sizeof (EFI_TIME));\r
+ Status = gRT->GetTime (&Time, NULL);\r
+ if (EFI_ERROR (Status)) {\r
+ FreePool(NewData);\r
+ return Status;\r
+ }\r
+ Time.Pad1 = 0;\r
+ Time.Nanosecond = 0;\r
+ Time.TimeZone = 0;\r
+ Time.Daylight = 0;\r
+ Time.Pad2 = 0;\r
+ CopyMem (&DescriptorData->TimeStamp, &Time, sizeof (EFI_TIME));\r
+ \r
+ DescriptorData->AuthInfo.Hdr.dwLength = OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);\r
+ DescriptorData->AuthInfo.Hdr.wRevision = 0x0200;\r
+ DescriptorData->AuthInfo.Hdr.wCertificateType = WIN_CERT_TYPE_EFI_GUID;\r
+ CopyGuid (&DescriptorData->AuthInfo.CertType, &gEfiCertPkcs7Guid);\r
+ \r
+ if (Payload != NULL) {\r
+ FreePool(Payload);\r
+ }\r
+ \r
+ *DataSize = DescriptorSize + PayloadSize;\r
+ *Data = NewData;\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+/**\r
+ Internal helper function to delete a Variable given its name and GUID, NO authentication\r
+ required.\r
+\r
+ @param[in] VariableName Name of the Variable.\r
+ @param[in] VendorGuid GUID of the Variable.\r
+\r
+ @retval EFI_SUCCESS Variable deleted successfully.\r
+ @retval Others The driver failed to start the device.\r
+\r
+**/\r
+EFI_STATUS\r
+DeleteVariable (\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ VOID* Variable;\r
+ UINT8 *Data;\r
+ UINTN DataSize;\r
+ UINT32 Attr;\r
+\r
+ GetVariable2 (VariableName, VendorGuid, &Variable, NULL);\r
+ if (Variable == NULL) {\r
+ return EFI_SUCCESS;\r
+ }\r
+\r
+ Data = NULL;\r
+ DataSize = 0;\r
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS\r
+ | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;\r
+\r
+ Status = CreateTimeBasedPayload (&DataSize, &Data);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));\r
+ return Status;\r
+ }\r
+\r
+ Status = gRT->SetVariable (\r
+ VariableName,\r
+ VendorGuid,\r
+ Attr,\r
+ DataSize,\r
+ Data\r
+ );\r
+ if (Data != NULL) {\r
+ FreePool (Data);\r
+ }\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Generate the PK signature list from the X509 Certificate storing file (.cer)\r
+\r
+ @param[in] X509File FileHandle of X509 Certificate storing file.\r
+ @param[out] PkCert Point to the data buffer to store the signature list.\r
+ \r
+ @return EFI_UNSUPPORTED Unsupported Key Length.\r
+ @return EFI_OUT_OF_RESOURCES There are not enough memory resourses to form the signature list.\r
+ \r
+**/\r
+EFI_STATUS\r
+CreatePkX509SignatureList (\r
+ IN EFI_FILE_HANDLE X509File, \r
+ OUT EFI_SIGNATURE_LIST **PkCert \r
+ )\r
+{\r
+ EFI_STATUS Status; \r
+ UINT8 *X509Data;\r
+ UINTN X509DataSize;\r
+ EFI_SIGNATURE_DATA *PkCertData;\r
+\r
+ X509Data = NULL;\r
+ PkCertData = NULL;\r
+ X509DataSize = 0; \r
+ \r
+ Status = ReadFileContent (X509File, (VOID**) &X509Data, &X509DataSize, 0);\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+ ASSERT (X509Data != NULL);\r
+\r
+ //\r
+ // Allocate space for PK certificate list and initialize it.\r
+ // Create PK database entry with SignatureHeaderSize equals 0.\r
+ //\r
+ *PkCert = (EFI_SIGNATURE_LIST*) AllocateZeroPool (\r
+ sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_SIGNATURE_DATA) - 1\r
+ + X509DataSize\r
+ );\r
+ if (*PkCert == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ (*PkCert)->SignatureListSize = (UINT32) (sizeof(EFI_SIGNATURE_LIST) \r
+ + sizeof(EFI_SIGNATURE_DATA) - 1\r
+ + X509DataSize);\r
+ (*PkCert)->SignatureSize = (UINT32) (sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize);\r
+ (*PkCert)->SignatureHeaderSize = 0;\r
+ CopyGuid (&(*PkCert)->SignatureType, &gEfiCertX509Guid);\r
+ PkCertData = (EFI_SIGNATURE_DATA*) ((UINTN)(*PkCert) \r
+ + sizeof(EFI_SIGNATURE_LIST)\r
+ + (*PkCert)->SignatureHeaderSize);\r
+ CopyGuid (&PkCertData->SignatureOwner, &gEfiGlobalVariableGuid); \r
+ //\r
+ // Fill the PK database with PKpub data from X509 certificate file.\r
+ // \r
+ CopyMem (&(PkCertData->SignatureData[0]), X509Data, X509DataSize);\r
+ \r
+ON_EXIT:\r
+ \r
+ if (X509Data != NULL) {\r
+ FreePool (X509Data);\r
+ }\r
+ \r
+ if (EFI_ERROR(Status) && *PkCert != NULL) {\r
+ FreePool (*PkCert);\r
+ *PkCert = NULL;\r
+ }\r
+ \r
+ return Status;\r
+}\r
+\r
+/**\r
+ Enroll new PK into the System without original PK's authentication.\r
+\r
+ The SignatureOwner GUID will be the same with PK's vendorguid.\r
+\r
+ @param[in] PrivateData The module's private data.\r
+\r
+ @retval EFI_SUCCESS New PK enrolled successfully.\r
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
+ \r
+**/\r
+EFI_STATUS\r
+EnrollPlatformKey (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA* Private\r
+ ) \r
+{\r
+ EFI_STATUS Status;\r
+ UINT32 Attr;\r
+ UINTN DataSize;\r
+ EFI_SIGNATURE_LIST *PkCert;\r
+ UINT16* FilePostFix;\r
+ \r
+ if (Private->FileContext->FileName == NULL) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ PkCert = NULL;\r
+\r
+ //\r
+ // Parse the file's postfix. Only support *.cer(X509) files.\r
+ //\r
+ FilePostFix = Private->FileContext->FileName + StrLen (Private->FileContext->FileName) - 4;\r
+ if (CompareMem (FilePostFix, L".cer",4)) {\r
+ DEBUG ((EFI_D_ERROR, "Don't support the file, only *.cer is supported."));\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ DEBUG ((EFI_D_INFO, "FileName= %s\n", Private->FileContext->FileName));\r
+ DEBUG ((EFI_D_INFO, "FilePostFix = %s\n", FilePostFix));\r
+\r
+ //\r
+ // Prase the selected PK file and generature PK certificate list.\r
+ //\r
+ Status = CreatePkX509SignatureList (\r
+ Private->FileContext->FHandle, \r
+ &PkCert \r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+ ASSERT (PkCert != NULL);\r
+ \r
+ //\r
+ // Set Platform Key variable.\r
+ // \r
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS \r
+ | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;\r
+ DataSize = PkCert->SignatureListSize;\r
+ Status = CreateTimeBasedPayload (&DataSize, (UINT8**) &PkCert);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));\r
+ goto ON_EXIT;\r
+ }\r
+ \r
+ Status = gRT->SetVariable(\r
+ EFI_PLATFORM_KEY_NAME, \r
+ &gEfiGlobalVariableGuid, \r
+ Attr, \r
+ DataSize, \r
+ PkCert\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ if (Status == EFI_OUT_OF_RESOURCES) {\r
+ DEBUG ((EFI_D_ERROR, "Enroll PK failed with out of resource.\n"));\r
+ }\r
+ goto ON_EXIT;\r
+ }\r
+ \r
+ON_EXIT:\r
+\r
+ if (PkCert != NULL) {\r
+ FreePool(PkCert);\r
+ }\r
+ \r
+ if (Private->FileContext->FHandle != NULL) {\r
+ CloseFile (Private->FileContext->FHandle);\r
+ Private->FileContext->FHandle = NULL;\r
+ }\r
+\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Remove the PK variable.\r
+\r
+ @retval EFI_SUCCESS Delete PK successfully.\r
+ @retval Others Could not allow to delete PK.\r
+ \r
+**/\r
+EFI_STATUS\r
+DeletePlatformKey (\r
+ VOID\r
+)\r
+{\r
+ EFI_STATUS Status;\r
+\r
+ Status = DeleteVariable (\r
+ EFI_PLATFORM_KEY_NAME,\r
+ &gEfiGlobalVariableGuid\r
+ );\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Enroll a new KEK item from public key storing file (*.pbk).\r
+\r
+ @param[in] PrivateData The module's private data.\r
+\r
+ @retval EFI_SUCCESS New KEK enrolled successfully.\r
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.\r
+ @retval EFI_UNSUPPORTED Unsupported command.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
+\r
+**/\r
+EFI_STATUS\r
+EnrollRsa2048ToKek (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT32 Attr;\r
+ UINTN DataSize;\r
+ EFI_SIGNATURE_LIST *KekSigList;\r
+ UINTN KeyBlobSize;\r
+ UINT8 *KeyBlob;\r
+ CPL_KEY_INFO *KeyInfo;\r
+ EFI_SIGNATURE_DATA *KEKSigData;\r
+ UINTN KekSigListSize;\r
+ UINT8 *KeyBuffer; \r
+ UINTN KeyLenInBytes;\r
+\r
+ Attr = 0;\r
+ DataSize = 0;\r
+ KeyBuffer = NULL;\r
+ KeyBlobSize = 0;\r
+ KeyBlob = NULL;\r
+ KeyInfo = NULL;\r
+ KEKSigData = NULL;\r
+ KekSigList = NULL;\r
+ KekSigListSize = 0;\r
+ \r
+ //\r
+ // Form the KeKpub certificate list into EFI_SIGNATURE_LIST type.\r
+ // First, We have to parse out public key data from the pbk key file.\r
+ // \r
+ Status = ReadFileContent (\r
+ Private->FileContext->FHandle,\r
+ (VOID**) &KeyBlob,\r
+ &KeyBlobSize,\r
+ 0\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+ ASSERT (KeyBlob != NULL);\r
+ KeyInfo = (CPL_KEY_INFO *) KeyBlob;\r
+ if (KeyInfo->KeyLengthInBits / 8 != WIN_CERT_UEFI_RSA2048_SIZE) {\r
+ DEBUG ((DEBUG_ERROR, "Unsupported key length, Only RSA2048 is supported.\n"));\r
+ Status = EFI_UNSUPPORTED;\r
+ goto ON_EXIT;\r
+ }\r
+ \r
+ //\r
+ // Convert the Public key to fix octet string format represented in RSA PKCS#1.\r
+ // \r
+ KeyLenInBytes = KeyInfo->KeyLengthInBits / 8;\r
+ KeyBuffer = AllocateZeroPool (KeyLenInBytes);\r
+ if (KeyBuffer == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+ Int2OctStr (\r
+ (UINTN*) (KeyBlob + sizeof (CPL_KEY_INFO)), \r
+ KeyLenInBytes / sizeof (UINTN), \r
+ KeyBuffer, \r
+ KeyLenInBytes\r
+ );\r
+ CopyMem(KeyBlob + sizeof(CPL_KEY_INFO), KeyBuffer, KeyLenInBytes);\r
+ \r
+ //\r
+ // Form an new EFI_SIGNATURE_LIST.\r
+ //\r
+ KekSigListSize = sizeof(EFI_SIGNATURE_LIST)\r
+ + sizeof(EFI_SIGNATURE_DATA) - 1\r
+ + WIN_CERT_UEFI_RSA2048_SIZE;\r
+\r
+ KekSigList = (EFI_SIGNATURE_LIST*) AllocateZeroPool (KekSigListSize);\r
+ if (KekSigList == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ KekSigList->SignatureListSize = sizeof(EFI_SIGNATURE_LIST)\r
+ + sizeof(EFI_SIGNATURE_DATA) - 1\r
+ + WIN_CERT_UEFI_RSA2048_SIZE;\r
+ KekSigList->SignatureHeaderSize = 0;\r
+ KekSigList->SignatureSize = sizeof(EFI_SIGNATURE_DATA) - 1 + WIN_CERT_UEFI_RSA2048_SIZE;\r
+ CopyGuid (&KekSigList->SignatureType, &gEfiCertRsa2048Guid);\r
+ \r
+ KEKSigData = (EFI_SIGNATURE_DATA*)((UINT8*)KekSigList + sizeof(EFI_SIGNATURE_LIST));\r
+ CopyGuid (&KEKSigData->SignatureOwner, Private->SignatureGUID);\r
+ CopyMem (\r
+ KEKSigData->SignatureData,\r
+ KeyBlob + sizeof(CPL_KEY_INFO),\r
+ WIN_CERT_UEFI_RSA2048_SIZE\r
+ );\r
+ \r
+ //\r
+ // Check if KEK entry has been already existed. \r
+ // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the \r
+ // new KEK to original variable.\r
+ // \r
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS \r
+ | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;\r
+ Status = CreateTimeBasedPayload (&KekSigListSize, (UINT8**) &KekSigList);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ Status = gRT->GetVariable(\r
+ EFI_KEY_EXCHANGE_KEY_NAME, \r
+ &gEfiGlobalVariableGuid, \r
+ NULL, \r
+ &DataSize, \r
+ NULL\r
+ );\r
+ if (Status == EFI_BUFFER_TOO_SMALL) {\r
+ Attr |= EFI_VARIABLE_APPEND_WRITE;\r
+ } else if (Status != EFI_NOT_FOUND) {\r
+ goto ON_EXIT;\r
+ }\r
+ \r
+ //\r
+ // Done. Now we have formed the correct KEKpub database item, just set it into variable storage,\r
+ // \r
+ Status = gRT->SetVariable(\r
+ EFI_KEY_EXCHANGE_KEY_NAME, \r
+ &gEfiGlobalVariableGuid, \r
+ Attr, \r
+ KekSigListSize, \r
+ KekSigList\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+ \r
+ON_EXIT:\r
+\r
+ CloseFile (Private->FileContext->FHandle);\r
+ Private->FileContext->FHandle = NULL;\r
+ Private->FileContext->FileName = NULL;\r
+\r
+ if (Private->SignatureGUID != NULL) {\r
+ FreePool (Private->SignatureGUID);\r
+ Private->SignatureGUID = NULL;\r
+ }\r
+\r
+ if (KeyBlob != NULL) {\r
+ FreePool (KeyBlob);\r
+ }\r
+ if (KeyBuffer != NULL) {\r
+ FreePool (KeyBuffer);\r
+ }\r
+ if (KekSigList != NULL) {\r
+ FreePool (KekSigList);\r
+ }\r
+ \r
+ return Status;\r
+}\r
+\r
+/**\r
+ Enroll a new KEK item from X509 certificate file.\r
+\r
+ @param[in] PrivateData The module's private data.\r
+\r
+ @retval EFI_SUCCESS New X509 is enrolled successfully.\r
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.\r
+ @retval EFI_UNSUPPORTED Unsupported command.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
+\r
+**/\r
+EFI_STATUS\r
+EnrollX509ToKek (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private\r
+ ) \r
+{\r
+ EFI_STATUS Status;\r
+ UINTN X509DataSize;\r
+ VOID *X509Data;\r
+ EFI_SIGNATURE_DATA *KEKSigData;\r
+ EFI_SIGNATURE_LIST *KekSigList;\r
+ UINTN DataSize;\r
+ UINTN KekSigListSize;\r
+ UINT32 Attr;\r
+\r
+ X509Data = NULL;\r
+ X509DataSize = 0;\r
+ KekSigList = NULL;\r
+ KekSigListSize = 0;\r
+ DataSize = 0;\r
+ KEKSigData = NULL;\r
+\r
+ Status = ReadFileContent (\r
+ Private->FileContext->FHandle,\r
+ &X509Data,\r
+ &X509DataSize,\r
+ 0\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+ ASSERT (X509Data != NULL);\r
+\r
+ KekSigListSize = sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize;\r
+ KekSigList = (EFI_SIGNATURE_LIST*) AllocateZeroPool (KekSigListSize);\r
+ if (KekSigList == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Fill Certificate Database parameters.\r
+ // \r
+ KekSigList->SignatureListSize = (UINT32) KekSigListSize;\r
+ KekSigList->SignatureHeaderSize = 0;\r
+ KekSigList->SignatureSize = (UINT32) (sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize);\r
+ CopyGuid (&KekSigList->SignatureType, &gEfiCertX509Guid);\r
+\r
+ KEKSigData = (EFI_SIGNATURE_DATA*) ((UINT8*) KekSigList + sizeof (EFI_SIGNATURE_LIST));\r
+ CopyGuid (&KEKSigData->SignatureOwner, Private->SignatureGUID);\r
+ CopyMem (KEKSigData->SignatureData, X509Data, X509DataSize);\r
+\r
+ //\r
+ // Check if KEK been already existed. \r
+ // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the \r
+ // new kek to original variable\r
+ // \r
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS \r
+ | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;\r
+ Status = CreateTimeBasedPayload (&KekSigListSize, (UINT8**) &KekSigList);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));\r
+ goto ON_EXIT;\r
+ }\r
+ \r
+ Status = gRT->GetVariable(\r
+ EFI_KEY_EXCHANGE_KEY_NAME, \r
+ &gEfiGlobalVariableGuid, \r
+ NULL, \r
+ &DataSize, \r
+ NULL\r
+ );\r
+ if (Status == EFI_BUFFER_TOO_SMALL) {\r
+ Attr |= EFI_VARIABLE_APPEND_WRITE;\r
+ } else if (Status != EFI_NOT_FOUND) {\r
+ goto ON_EXIT;\r
+ } \r
+\r
+ Status = gRT->SetVariable(\r
+ EFI_KEY_EXCHANGE_KEY_NAME, \r
+ &gEfiGlobalVariableGuid, \r
+ Attr, \r
+ KekSigListSize,\r
+ KekSigList\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ON_EXIT:\r
+\r
+ CloseFile (Private->FileContext->FHandle);\r
+ Private->FileContext->FileName = NULL;\r
+ Private->FileContext->FHandle = NULL;\r
+\r
+ if (Private->SignatureGUID != NULL) {\r
+ FreePool (Private->SignatureGUID);\r
+ Private->SignatureGUID = NULL;\r
+ }\r
+\r
+ if (KekSigList != NULL) {\r
+ FreePool (KekSigList);\r
+ }\r
+\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Enroll new KEK into the System without PK's authentication.\r
+ The SignatureOwner GUID will be Private->SignatureGUID.\r
+ \r
+ @param[in] PrivateData The module's private data.\r
+ \r
+ @retval EFI_SUCCESS New KEK enrolled successful.\r
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.\r
+ @retval others Fail to enroll KEK data.\r
+ \r
+**/\r
+EFI_STATUS\r
+EnrollKeyExchangeKey (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private\r
+ ) \r
+{\r
+ UINT16* FilePostFix;\r
+ \r
+ if ((Private->FileContext->FileName == NULL) || (Private->SignatureGUID == NULL)) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ //\r
+ // Parse the file's postfix. Supports .cer and .der file as X509 certificate, \r
+ // and .pbk as RSA public key file.\r
+ //\r
+ FilePostFix = Private->FileContext->FileName + StrLen (Private->FileContext->FileName) - 4;\r
+ if ((CompareMem (FilePostFix, L".cer",4) == 0) || (CompareMem (FilePostFix, L".der",4) == 0)) {\r
+ return EnrollX509ToKek (Private);\r
+ } else if (CompareMem (FilePostFix, L".pbk",4) == 0) {\r
+ return EnrollRsa2048ToKek (Private);\r
+ } else {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+}\r
+\r
+/**\r
+ Enroll a new X509 certificate into Signature Database (DB or DBX) without\r
+ KEK's authentication.\r
+\r
+ @param[in] PrivateData The module's private data.\r
+ @param[in] VariableName Variable name of signature database, must be \r
+ EFI_IMAGE_SECURITY_DATABASE or EFI_IMAGE_SECURITY_DATABASE1.\r
+ \r
+ @retval EFI_SUCCESS New X509 is enrolled successfully.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
+\r
+**/\r
+EFI_STATUS\r
+EnrollX509toSigDB (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,\r
+ IN CHAR16 *VariableName\r
+ ) \r
+{\r
+ EFI_STATUS Status;\r
+ UINTN X509DataSize;\r
+ VOID *X509Data;\r
+ EFI_SIGNATURE_LIST *SigDBCert;\r
+ EFI_SIGNATURE_DATA *SigDBCertData;\r
+ VOID *Data;\r
+ UINTN DataSize;\r
+ UINTN SigDBSize;\r
+ UINT32 Attr;\r
+\r
+ X509DataSize = 0;\r
+ SigDBSize = 0;\r
+ DataSize = 0;\r
+ X509Data = NULL;\r
+ SigDBCert = NULL;\r
+ SigDBCertData = NULL;\r
+ Data = NULL;\r
+\r
+ Status = ReadFileContent (\r
+ Private->FileContext->FHandle,\r
+ &X509Data,\r
+ &X509DataSize,\r
+ 0\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+ ASSERT (X509Data != NULL);\r
+\r
+ SigDBSize = sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize;\r
+\r
+ Data = AllocateZeroPool (SigDBSize);\r
+ if (Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Fill Certificate Database parameters.\r
+ // \r
+ SigDBCert = (EFI_SIGNATURE_LIST*) Data;\r
+ SigDBCert->SignatureListSize = (UINT32) SigDBSize;\r
+ SigDBCert->SignatureHeaderSize = 0;\r
+ SigDBCert->SignatureSize = (UINT32) (sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize);\r
+ CopyGuid (&SigDBCert->SignatureType, &gEfiCertX509Guid);\r
+\r
+ SigDBCertData = (EFI_SIGNATURE_DATA*) ((UINT8* ) SigDBCert + sizeof (EFI_SIGNATURE_LIST));\r
+ CopyGuid (&SigDBCertData->SignatureOwner, Private->SignatureGUID);\r
+ CopyMem ((UINT8* ) (SigDBCertData->SignatureData), X509Data, X509DataSize);\r
+\r
+ //\r
+ // Check if signature database entry has been already existed. \r
+ // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the \r
+ // new signature data to original variable\r
+ // \r
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS \r
+ | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;\r
+ Status = CreateTimeBasedPayload (&SigDBSize, (UINT8**) &Data);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ Status = gRT->GetVariable(\r
+ VariableName, \r
+ &gEfiImageSecurityDatabaseGuid, \r
+ NULL, \r
+ &DataSize, \r
+ NULL\r
+ );\r
+ if (Status == EFI_BUFFER_TOO_SMALL) {\r
+ Attr |= EFI_VARIABLE_APPEND_WRITE;\r
+ } else if (Status != EFI_NOT_FOUND) {\r
+ goto ON_EXIT;\r
+ } \r
+\r
+ Status = gRT->SetVariable(\r
+ VariableName, \r
+ &gEfiImageSecurityDatabaseGuid, \r
+ Attr, \r
+ SigDBSize,\r
+ Data\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ON_EXIT:\r
+\r
+ CloseFile (Private->FileContext->FHandle);\r
+ Private->FileContext->FileName = NULL;\r
+ Private->FileContext->FHandle = NULL;\r
+\r
+ if (Private->SignatureGUID != NULL) {\r
+ FreePool (Private->SignatureGUID);\r
+ Private->SignatureGUID = NULL;\r
+ }\r
+\r
+ if (Data != NULL) {\r
+ FreePool (Data);\r
+ }\r
+\r
+ if (X509Data != NULL) {\r
+ FreePool (X509Data);\r
+ }\r
+\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Load PE/COFF image information into internal buffer and check its validity.\r
+\r
+ @retval EFI_SUCCESS Successful\r
+ @retval EFI_UNSUPPORTED Invalid PE/COFF file\r
+ @retval EFI_ABORTED Serious error occurs, like file I/O error etc.\r
+\r
+**/\r
+EFI_STATUS\r
+LoadPeImage (\r
+ VOID \r
+ ) \r
+{\r
+ EFI_IMAGE_DOS_HEADER *DosHdr;\r
+ EFI_IMAGE_NT_HEADERS32 *NtHeader32;\r
+ EFI_IMAGE_NT_HEADERS64 *NtHeader64;\r
+\r
+ NtHeader32 = NULL;\r
+ NtHeader64 = NULL;\r
+ //\r
+ // Read the Dos header\r
+ //\r
+ DosHdr = (EFI_IMAGE_DOS_HEADER*)(mImageBase);\r
+ if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE)\r
+ {\r
+ //\r
+ // DOS image header is present, \r
+ // So read the PE header after the DOS image header\r
+ //\r
+ mPeCoffHeaderOffset = DosHdr->e_lfanew;\r
+ }\r
+ else\r
+ {\r
+ mPeCoffHeaderOffset = 0;\r
+ }\r
+\r
+ //\r
+ // Read PE header and check the signature validity and machine compatibility\r
+ //\r
+ NtHeader32 = (EFI_IMAGE_NT_HEADERS32*) (mImageBase + mPeCoffHeaderOffset);\r
+ if (NtHeader32->Signature != EFI_IMAGE_NT_SIGNATURE)\r
+ {\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+\r
+ mNtHeader.Pe32 = NtHeader32;\r
+\r
+ //\r
+ // Check the architecture field of PE header and get the Certificate Data Directory data\r
+ // Note the size of FileHeader field is constant for both IA32 and X64 arch\r
+ //\r
+ if ((NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_IA32) \r
+ || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_EBC)) {\r
+ //\r
+ // IA-32 Architecture\r
+ //\r
+ mImageType = ImageType_IA32;\r
+ mSecDataDir = (EFI_IMAGE_SECURITY_DATA_DIRECTORY*) &(NtHeader32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]);\r
+ }\r
+ else if ((NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_IA64)\r
+ || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_X64)) {\r
+ //\r
+ // 64-bits Architecture\r
+ //\r
+ mImageType = ImageType_X64;\r
+ NtHeader64 = (EFI_IMAGE_NT_HEADERS64 *) (mImageBase + mPeCoffHeaderOffset);\r
+ mSecDataDir = (EFI_IMAGE_SECURITY_DATA_DIRECTORY*) &(NtHeader64->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]);\r
+ } else {\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+/**\r
+ Calculate hash of Pe/Coff image based on the authenticode image hashing in\r
+ PE/COFF Specification 8.0 Appendix A\r
+\r
+ @param[in] HashAlg Hash algorithm type.\r
+ \r
+ @retval TRUE Successfully hash image.\r
+ @retval FALSE Fail in hash image.\r
+\r
+**/\r
+BOOLEAN \r
+HashPeImage (\r
+ IN UINT32 HashAlg\r
+ )\r
+{\r
+ BOOLEAN Status;\r
+ UINT16 Magic;\r
+ EFI_IMAGE_SECTION_HEADER *Section;\r
+ VOID *HashCtx;\r
+ UINTN CtxSize;\r
+ UINT8 *HashBase;\r
+ UINTN HashSize;\r
+ UINTN SumOfBytesHashed;\r
+ EFI_IMAGE_SECTION_HEADER *SectionHeader;\r
+ UINTN Index;\r
+ UINTN Pos;\r
+\r
+ HashCtx = NULL;\r
+ SectionHeader = NULL;\r
+ Status = FALSE;\r
+\r
+ if ((HashAlg != HASHALG_SHA1) && (HashAlg != HASHALG_SHA256)) {\r
+ return FALSE;\r
+ }\r
+ \r
+ //\r
+ // Initialize context of hash.\r
+ //\r
+ ZeroMem (mImageDigest, MAX_DIGEST_SIZE);\r
+\r
+ if (HashAlg == HASHALG_SHA1) {\r
+ mImageDigestSize = SHA1_DIGEST_SIZE;\r
+ mCertType = gEfiCertSha1Guid; \r
+ } else if (HashAlg == HASHALG_SHA256) {\r
+ mImageDigestSize = SHA256_DIGEST_SIZE;\r
+ mCertType = gEfiCertSha256Guid;\r
+ }\r
+\r
+ CtxSize = mHash[HashAlg].GetContextSize();\r
+ \r
+ HashCtx = AllocatePool (CtxSize);\r
+ ASSERT (HashCtx != NULL);\r
+\r
+ // 1. Load the image header into memory.\r
+\r
+ // 2. Initialize a SHA hash context.\r
+ Status = mHash[HashAlg].HashInit(HashCtx);\r
+ if (!Status) {\r
+ goto Done;\r
+ }\r
+ //\r
+ // Measuring PE/COFF Image Header;\r
+ // But CheckSum field and SECURITY data directory (certificate) are excluded\r
+ //\r
+ if (mNtHeader.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
+ //\r
+ // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value \r
+ // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the \r
+ // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC\r
+ // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC\r
+ //\r
+ Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;\r
+ } else {\r
+ //\r
+ // Get the magic value from the PE/COFF Optional Header\r
+ //\r
+ Magic = mNtHeader.Pe32->OptionalHeader.Magic;\r
+ }\r
+ \r
+ //\r
+ // 3. Calculate the distance from the base of the image header to the image checksum address.\r
+ // 4. Hash the image header from its base to beginning of the image checksum.\r
+ //\r
+ HashBase = mImageBase;\r
+ if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
+ //\r
+ // Use PE32 offset.\r
+ //\r
+ HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32->OptionalHeader.CheckSum) - HashBase);\r
+ } else {\r
+ //\r
+ // Use PE32+ offset.\r
+ //\r
+ HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32Plus->OptionalHeader.CheckSum) - HashBase);\r
+ }\r
+\r
+ Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);\r
+ if (!Status) {\r
+ goto Done;\r
+ }\r
+ //\r
+ // 5. Skip over the image checksum (it occupies a single ULONG).\r
+ // 6. Get the address of the beginning of the Cert Directory.\r
+ // 7. Hash everything from the end of the checksum to the start of the Cert Directory.\r
+ //\r
+ if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
+ //\r
+ // Use PE32 offset.\r
+ //\r
+ HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
+ HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);\r
+ } else {\r
+ //\r
+ // Use PE32+ offset.\r
+ // \r
+ HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
+ HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);\r
+ }\r
+\r
+ Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);\r
+ if (!Status) {\r
+ goto Done;\r
+ }\r
+ //\r
+ // 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)\r
+ // 9. Hash everything from the end of the Cert Directory to the end of image header.\r
+ //\r
+ if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
+ //\r
+ // Use PE32 offset\r
+ //\r
+ HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
+ HashSize = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) ((UINT8 *) (&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]) - mImageBase);\r
+ } else {\r
+ //\r
+ // Use PE32+ offset.\r
+ //\r
+ HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
+ HashSize = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) ((UINT8 *) (&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]) - mImageBase);\r
+ }\r
+\r
+ Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);\r
+ if (!Status) {\r
+ goto Done;\r
+ }\r
+ //\r
+ // 10. Set the SUM_OF_BYTES_HASHED to the size of the header.\r
+ //\r
+ if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
+ //\r
+ // Use PE32 offset.\r
+ //\r
+ SumOfBytesHashed = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders;\r
+ } else {\r
+ //\r
+ // Use PE32+ offset\r
+ //\r
+ SumOfBytesHashed = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders;\r
+ }\r
+\r
+ //\r
+ // 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER\r
+ // structures in the image. The 'NumberOfSections' field of the image\r
+ // header indicates how big the table should be. Do not include any\r
+ // IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.\r
+ //\r
+ SectionHeader = (EFI_IMAGE_SECTION_HEADER *) AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * mNtHeader.Pe32->FileHeader.NumberOfSections);\r
+ ASSERT (SectionHeader != NULL);\r
+ //\r
+ // 12. Using the 'PointerToRawData' in the referenced section headers as\r
+ // a key, arrange the elements in the table in ascending order. In other\r
+ // words, sort the section headers according to the disk-file offset of\r
+ // the section.\r
+ //\r
+ Section = (EFI_IMAGE_SECTION_HEADER *) (\r
+ mImageBase +\r
+ mPeCoffHeaderOffset +\r
+ sizeof (UINT32) +\r
+ sizeof (EFI_IMAGE_FILE_HEADER) +\r
+ mNtHeader.Pe32->FileHeader.SizeOfOptionalHeader\r
+ );\r
+ for (Index = 0; Index < mNtHeader.Pe32->FileHeader.NumberOfSections; Index++) {\r
+ Pos = Index;\r
+ while ((Pos > 0) && (Section->PointerToRawData < SectionHeader[Pos - 1].PointerToRawData)) {\r
+ CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof (EFI_IMAGE_SECTION_HEADER));\r
+ Pos--;\r
+ }\r
+ CopyMem (&SectionHeader[Pos], Section, sizeof (EFI_IMAGE_SECTION_HEADER));\r
+ Section += 1;\r
+ }\r
+\r
+ //\r
+ // 13. Walk through the sorted table, bring the corresponding section\r
+ // into memory, and hash the entire section (using the 'SizeOfRawData'\r
+ // field in the section header to determine the amount of data to hash).\r
+ // 14. Add the section's 'SizeOfRawData' to SUM_OF_BYTES_HASHED .\r
+ // 15. Repeat steps 13 and 14 for all the sections in the sorted table.\r
+ //\r
+ for (Index = 0; Index < mNtHeader.Pe32->FileHeader.NumberOfSections; Index++) {\r
+ Section = &SectionHeader[Index];\r
+ if (Section->SizeOfRawData == 0) {\r
+ continue;\r
+ }\r
+ HashBase = mImageBase + Section->PointerToRawData;\r
+ HashSize = (UINTN) Section->SizeOfRawData;\r
+\r
+ Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);\r
+ if (!Status) {\r
+ goto Done;\r
+ }\r
+\r
+ SumOfBytesHashed += HashSize;\r
+ }\r
+\r
+ //\r
+ // 16. If the file size is greater than SUM_OF_BYTES_HASHED, there is extra\r
+ // data in the file that needs to be added to the hash. This data begins\r
+ // at file offset SUM_OF_BYTES_HASHED and its length is:\r
+ // FileSize - (CertDirectory->Size)\r
+ //\r
+ if (mImageSize > SumOfBytesHashed) {\r
+ HashBase = mImageBase + SumOfBytesHashed;\r
+ if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
+ //\r
+ // Use PE32 offset.\r
+ //\r
+ HashSize = (UINTN)(\r
+ mImageSize -\r
+ mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size -\r
+ SumOfBytesHashed);\r
+ } else {\r
+ //\r
+ // Use PE32+ offset.\r
+ //\r
+ HashSize = (UINTN)(\r
+ mImageSize -\r
+ mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size -\r
+ SumOfBytesHashed); \r
+ }\r
+\r
+ Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);\r
+ if (!Status) {\r
+ goto Done;\r
+ }\r
+ }\r
+\r
+ Status = mHash[HashAlg].HashFinal(HashCtx, mImageDigest);\r
+\r
+Done:\r
+ if (HashCtx != NULL) {\r
+ FreePool (HashCtx);\r
+ }\r
+ if (SectionHeader != NULL) {\r
+ FreePool (SectionHeader);\r
+ }\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Recognize the Hash algorithm in PE/COFF Authenticode and caculate hash of \r
+ Pe/Coff image based on the authenticated image hashing in PE/COFF Specification \r
+ 8.0 Appendix A\r
+\r
+ @retval EFI_UNSUPPORTED Hash algorithm is not supported.\r
+ @retval EFI_SUCCESS Hash successfully.\r
+\r
+**/\r
+EFI_STATUS \r
+HashPeImageByType (\r
+ VOID\r
+ )\r
+{\r
+ UINT8 Index;\r
+ WIN_CERTIFICATE_EFI_PKCS *PkcsCertData;\r
+\r
+ PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *) (mImageBase + mSecDataDir->Offset);\r
+\r
+ for (Index = 0; Index < HASHALG_MAX; Index++) { \r
+ //\r
+ // Check the Hash algorithm in PE/COFF Authenticode.\r
+ // According to PKCS#7 Definition: \r
+ // SignedData ::= SEQUENCE {\r
+ // version Version,\r
+ // digestAlgorithms DigestAlgorithmIdentifiers,\r
+ // contentInfo ContentInfo,\r
+ // .... }\r
+ // The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing\r
+ // This field has the fixed offset (+32) in final Authenticode ASN.1 data.\r
+ // Fixed offset (+32) is calculated based on two bytes of length encoding.\r
+ //\r
+ if ((*(PkcsCertData->CertData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {\r
+ //\r
+ // Only support two bytes of Long Form of Length Encoding.\r
+ //\r
+ continue;\r
+ }\r
+\r
+ // \r
+ if (CompareMem (PkcsCertData->CertData + 32, mHash[Index].OidValue, mHash[Index].OidLength) == 0) {\r
+ break;\r
+ }\r
+ }\r
+\r
+ if (Index == HASHALG_MAX) {\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+\r
+ //\r
+ // HASH PE Image based on Hash algorithm in PE/COFF Authenticode.\r
+ //\r
+ if (!HashPeImage(Index)) {\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+/**\r
+ Enroll a new executable's signature into Signature Database. \r
+\r
+ @param[in] PrivateData The module's private data.\r
+ @param[in] VariableName Variable name of signature database, must be \r
+ EFI_IMAGE_SECURITY_DATABASE or EFI_IMAGE_SECURITY_DATABASE1.\r
+\r
+ @retval EFI_SUCCESS New signature is enrolled successfully.\r
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.\r
+ @retval EFI_UNSUPPORTED Unsupported command.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
+\r
+**/\r
+EFI_STATUS\r
+EnrollImageSignatureToSigDB (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,\r
+ IN CHAR16 *VariableName\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ EFI_SIGNATURE_LIST *SigDBCert;\r
+ EFI_SIGNATURE_DATA *SigDBCertData;\r
+ VOID *Data;\r
+ UINTN DataSize;\r
+ UINTN SigDBSize;\r
+ UINT32 Attr;\r
+ WIN_CERTIFICATE_UEFI_GUID *GuidCertData;\r
+\r
+ Data = NULL;\r
+ GuidCertData = NULL;\r
+\r
+ //\r
+ // Form the SigDB certificate list.\r
+ // Format the data item into EFI_SIGNATURE_LIST type.\r
+ //\r
+ // We need to parse executable's signature data from specified signed executable file.\r
+ // In current implementation, we simply trust the pass-in signed executable file.\r
+ // In reality, it's OS's responsibility to verify the signed executable file.\r
+ //\r
+\r
+ //\r
+ // Read the whole file content\r
+ //\r
+ Status = ReadFileContent(\r
+ Private->FileContext->FHandle,\r
+ (VOID **) &mImageBase, \r
+ &mImageSize, \r
+ 0\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ } \r
+ ASSERT (mImageBase != NULL);\r
+\r
+ Status = LoadPeImage ();\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ if (mSecDataDir->SizeOfCert == 0) {\r
+ if (!HashPeImage (HASHALG_SHA256)) {\r
+ Status = EFI_SECURITY_VIOLATION;\r
+ goto ON_EXIT;\r
+ }\r
+ } else {\r
+ \r
+ //\r
+ // Read the certificate data\r
+ //\r
+ mCertificate = (WIN_CERTIFICATE *)(mImageBase + mSecDataDir->Offset);\r
+\r
+ if (mCertificate->wCertificateType == WIN_CERT_TYPE_EFI_GUID) {\r
+ GuidCertData = (WIN_CERTIFICATE_UEFI_GUID*) mCertificate;\r
+ if (CompareMem (&GuidCertData->CertType, &gEfiCertTypeRsa2048Sha256Guid, sizeof(EFI_GUID)) != 0) {\r
+ Status = EFI_ABORTED;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ if (!HashPeImage (HASHALG_SHA256)) {\r
+ Status = EFI_ABORTED;\r
+ goto ON_EXIT;;\r
+ }\r
+ \r
+ } else if (mCertificate->wCertificateType == WIN_CERT_TYPE_PKCS_SIGNED_DATA) {\r
+\r
+ Status = HashPeImageByType ();\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;;\r
+ }\r
+ } else {\r
+ Status = EFI_ABORTED;\r
+ goto ON_EXIT;\r
+ }\r
+ }\r
+\r
+ //\r
+ // Create a new SigDB entry.\r
+ //\r
+ SigDBSize = sizeof(EFI_SIGNATURE_LIST) \r
+ + sizeof(EFI_SIGNATURE_DATA) - 1\r
+ + (UINT32) mImageDigestSize;\r
+\r
+ Data = (UINT8*) AllocateZeroPool (SigDBSize);\r
+ if (Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+ \r
+ //\r
+ // Adjust the Certificate Database parameters.\r
+ // \r
+ SigDBCert = (EFI_SIGNATURE_LIST*) Data;\r
+ SigDBCert->SignatureListSize = (UINT32) SigDBSize;\r
+ SigDBCert->SignatureHeaderSize = 0;\r
+ SigDBCert->SignatureSize = sizeof(EFI_SIGNATURE_DATA) - 1 + (UINT32) mImageDigestSize;\r
+ CopyGuid (&SigDBCert->SignatureType, &mCertType);\r
+\r
+ SigDBCertData = (EFI_SIGNATURE_DATA*)((UINT8*)SigDBCert + sizeof(EFI_SIGNATURE_LIST));\r
+ CopyGuid (&SigDBCertData->SignatureOwner, Private->SignatureGUID);\r
+ CopyMem (SigDBCertData->SignatureData, mImageDigest, mImageDigestSize);\r
+\r
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS \r
+ | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;\r
+ Status = CreateTimeBasedPayload (&SigDBSize, (UINT8**) &Data);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));\r
+ goto ON_EXIT;\r
+ }\r
+ \r
+ //\r
+ // Check if SigDB variable has been already existed. \r
+ // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the \r
+ // new signature data to original variable\r
+ // \r
+ DataSize = 0;\r
+ Status = gRT->GetVariable(\r
+ VariableName, \r
+ &gEfiImageSecurityDatabaseGuid, \r
+ NULL, \r
+ &DataSize, \r
+ NULL\r
+ );\r
+ if (Status == EFI_BUFFER_TOO_SMALL) {\r
+ Attr |= EFI_VARIABLE_APPEND_WRITE;\r
+ } else if (Status != EFI_NOT_FOUND) {\r
+ goto ON_EXIT;\r
+ } \r
+\r
+ //\r
+ // Enroll the variable.\r
+ //\r
+ Status = gRT->SetVariable(\r
+ VariableName, \r
+ &gEfiImageSecurityDatabaseGuid, \r
+ Attr, \r
+ SigDBSize, \r
+ Data\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ON_EXIT:\r
+\r
+ CloseFile (Private->FileContext->FHandle);\r
+ Private->FileContext->FHandle = NULL;\r
+ Private->FileContext->FileName = NULL;\r
+\r
+ if (Private->SignatureGUID != NULL) {\r
+ FreePool (Private->SignatureGUID);\r
+ Private->SignatureGUID = NULL;\r
+ }\r
+\r
+ if (Data != NULL) {\r
+ FreePool (Data);\r
+ }\r
+\r
+ if (mImageBase != NULL) {\r
+ FreePool (mImageBase);\r
+ mImageBase = NULL;\r
+ }\r
+\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Enroll signature into DB/DBX without KEK's authentication.\r
+ The SignatureOwner GUID will be Private->SignatureGUID.\r
+ \r
+ @param[in] PrivateData The module's private data.\r
+ @param[in] VariableName Variable name of signature database, must be \r
+ EFI_IMAGE_SECURITY_DATABASE or EFI_IMAGE_SECURITY_DATABASE1.\r
+ \r
+ @retval EFI_SUCCESS New signature enrolled successfully.\r
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.\r
+ @retval others Fail to enroll signature data.\r
+ \r
+**/\r
+EFI_STATUS\r
+EnrollSignatureDatabase (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,\r
+ IN CHAR16 *VariableName\r
+ ) \r
+{\r
+ UINT16* FilePostFix;\r
+\r
+ if ((Private->FileContext->FileName == NULL) || (Private->FileContext->FHandle == NULL) || (Private->SignatureGUID == NULL)) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ //\r
+ // Parse the file's postfix. \r
+ //\r
+ FilePostFix = Private->FileContext->FileName + StrLen (Private->FileContext->FileName) - 4;\r
+ if ((CompareMem (FilePostFix, L".cer",4) == 0) || (CompareMem (FilePostFix, L".der",4) == 0)) {\r
+ //\r
+ // Supports .cer and .der file as X509 certificate.\r
+ //\r
+ return EnrollX509toSigDB (Private, VariableName);\r
+ }\r
+\r
+ return EnrollImageSignatureToSigDB (Private, VariableName);\r
+}\r
+\r
+/**\r
+ List all signatures in specified signature database (e.g. KEK/DB/DBX)\r
+ by GUID in the page for user to select and delete as needed.\r
+\r
+ @param[in] PrivateData Module's private data.\r
+ @param[in] VariableName The variable name of the vendor's signature database.\r
+ @param[in] VendorGuid A unique identifier for the vendor.\r
+ @param[in] LabelNumber Label number to insert opcodes.\r
+ @param[in] FormId Form ID of current page.\r
+ @param[in] QuestionIdBase Base question id of the signature list.\r
+\r
+ @retval EFI_SUCCESS Success to update the signature list page\r
+ @retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.\r
+ \r
+**/\r
+EFI_STATUS\r
+UpdateDeletePage (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid,\r
+ IN UINT16 LabelNumber,\r
+ IN EFI_FORM_ID FormId,\r
+ IN EFI_QUESTION_ID QuestionIdBase\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT32 Index;\r
+ UINTN CertCount;\r
+ UINTN GuidIndex;\r
+ VOID *StartOpCodeHandle;\r
+ VOID *EndOpCodeHandle;\r
+ EFI_IFR_GUID_LABEL *StartLabel;\r
+ EFI_IFR_GUID_LABEL *EndLabel; \r
+ UINTN DataSize;\r
+ UINT8 *Data;\r
+ EFI_SIGNATURE_LIST *CertList;\r
+ EFI_SIGNATURE_DATA *Cert;\r
+ UINT32 ItemDataSize;\r
+ CHAR16 *GuidStr;\r
+ EFI_STRING_ID GuidID;\r
+ EFI_STRING_ID Help;\r
+\r
+ Data = NULL;\r
+ CertList = NULL;\r
+ Cert = NULL;\r
+ GuidStr = NULL;\r
+ StartOpCodeHandle = NULL;\r
+ EndOpCodeHandle = NULL;\r
+ \r
+ //\r
+ // Initialize the container for dynamic opcodes.\r
+ //\r
+ StartOpCodeHandle = HiiAllocateOpCodeHandle ();\r
+ if (StartOpCodeHandle == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT; \r
+ }\r
+\r
+ EndOpCodeHandle = HiiAllocateOpCodeHandle ();\r
+ if (EndOpCodeHandle == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT; \r
+ }\r
+\r
+ //\r
+ // Create Hii Extend Label OpCode.\r
+ //\r
+ StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (\r
+ StartOpCodeHandle,\r
+ &gEfiIfrTianoGuid,\r
+ NULL,\r
+ sizeof (EFI_IFR_GUID_LABEL)\r
+ );\r
+ StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
+ StartLabel->Number = LabelNumber;\r
+\r
+ EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (\r
+ EndOpCodeHandle,\r
+ &gEfiIfrTianoGuid,\r
+ NULL,\r
+ sizeof (EFI_IFR_GUID_LABEL)\r
+ );\r
+ EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
+ EndLabel->Number = LABEL_END;\r
+\r
+ //\r
+ // Read Variable.\r
+ //\r
+ DataSize = 0;\r
+ Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data); \r
+ if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ Data = (UINT8 *) AllocateZeroPool (DataSize);\r
+ if (Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ GuidStr = AllocateZeroPool (100);\r
+ if (GuidStr == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Enumerate all KEK pub data.\r
+ //\r
+ ItemDataSize = (UINT32) DataSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) Data;\r
+ GuidIndex = 0;\r
+\r
+ while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {\r
+\r
+ if (CompareGuid (&CertList->SignatureType, &gEfiCertRsa2048Guid)) {\r
+ Help = STRING_TOKEN (STR_CERT_TYPE_RSA2048_SHA256_GUID);\r
+ } else if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {\r
+ Help = STRING_TOKEN (STR_CERT_TYPE_PCKS7_GUID);\r
+ } else if (CompareGuid (&CertList->SignatureType, &gEfiCertSha1Guid)) {\r
+ Help = STRING_TOKEN (STR_CERT_TYPE_SHA1_GUID);\r
+ } else if (CompareGuid (&CertList->SignatureType, &gEfiCertSha256Guid)) {\r
+ Help = STRING_TOKEN (STR_CERT_TYPE_SHA256_GUID);\r
+ } else {\r
+ //\r
+ // The signature type is not supported in current implementation.\r
+ //\r
+ continue;\r
+ }\r
+\r
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
+ for (Index = 0; Index < CertCount; Index++) {\r
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList \r
+ + sizeof (EFI_SIGNATURE_LIST) \r
+ + CertList->SignatureHeaderSize \r
+ + Index * CertList->SignatureSize);\r
+ //\r
+ // Display GUID and help \r
+ //\r
+ GuidToString (&Cert->SignatureOwner, GuidStr, 100);\r
+ GuidID = HiiSetString (PrivateData->HiiHandle, 0, GuidStr, NULL);\r
+ HiiCreateCheckBoxOpCode (\r
+ StartOpCodeHandle,\r
+ (EFI_QUESTION_ID) (QuestionIdBase + GuidIndex++),\r
+ 0, \r
+ 0, \r
+ GuidID, \r
+ Help,\r
+ EFI_IFR_FLAG_CALLBACK,\r
+ 0,\r
+ NULL\r
+ ); \r
+ }\r
+\r
+ ItemDataSize -= CertList->SignatureListSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);\r
+ }\r
+\r
+ON_EXIT:\r
+ HiiUpdateForm (\r
+ PrivateData->HiiHandle,\r
+ &gSecureBootConfigFormSetGuid,\r
+ FormId,\r
+ StartOpCodeHandle,\r
+ EndOpCodeHandle\r
+ );\r
+\r
+ if (StartOpCodeHandle != NULL) {\r
+ HiiFreeOpCodeHandle (StartOpCodeHandle);\r
+ }\r
+\r
+ if (EndOpCodeHandle != NULL) {\r
+ HiiFreeOpCodeHandle (EndOpCodeHandle);\r
+ }\r
+ \r
+ if (Data != NULL) {\r
+ FreePool (Data);\r
+ }\r
+\r
+ if (GuidStr != NULL) {\r
+ FreePool (GuidStr);\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r
/**\r
- Save Secure Boot option to variable space.\r
+ Delete a KEK entry from KEK database. \r
\r
- @param[in] VarValue The option of Secure Boot.\r
+ @param[in] PrivateData Module's private data.\r
+ @param[in] QuestionId Question id of the KEK item to delete.\r
\r
- @retval EFI_SUCCESS The operation is finished successfully.\r
- @retval Others Other errors as indicated.\r
+ @retval EFI_SUCCESS Delete kek item successfully.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
+ \r
+**/\r
+EFI_STATUS\r
+DeleteKeyExchangeKey (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,\r
+ IN EFI_QUESTION_ID QuestionId\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINTN DataSize;\r
+ UINT8 *Data;\r
+ UINT8 *OldData;\r
+ UINT32 Attr;\r
+ UINT32 Index;\r
+ EFI_SIGNATURE_LIST *CertList;\r
+ EFI_SIGNATURE_LIST *NewCertList;\r
+ EFI_SIGNATURE_DATA *Cert;\r
+ UINTN CertCount;\r
+ UINT32 Offset;\r
+ BOOLEAN IsKEKItemFound;\r
+ UINT32 KekDataSize;\r
+ UINTN DeleteKekIndex;\r
+ UINTN GuidIndex;\r
+\r
+ Data = NULL;\r
+ OldData = NULL;\r
+ CertList = NULL;\r
+ Cert = NULL;\r
+ Attr = 0; \r
+ DeleteKekIndex = QuestionId - OPTION_DEL_KEK_QUESTION_ID;\r
+ \r
+ //\r
+ // Get original KEK variable.\r
+ // \r
+ DataSize = 0; \r
+ Status = gRT->GetVariable (EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid, NULL, &DataSize, NULL);\r
+ if (EFI_ERROR(Status) && Status != EFI_BUFFER_TOO_SMALL) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ OldData = (UINT8*)AllocateZeroPool(DataSize);\r
+ if (OldData == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES; \r
+ goto ON_EXIT;\r
+ }\r
+\r
+ Status = gRT->GetVariable (EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid, &Attr, &DataSize, OldData);\r
+ if (EFI_ERROR(Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Allocate space for new variable. \r
+ //\r
+ Data = (UINT8*) AllocateZeroPool (DataSize);\r
+ if (Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Enumerate all KEK pub data and erasing the target item.\r
+ //\r
+ IsKEKItemFound = FALSE;\r
+ KekDataSize = (UINT32) DataSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) OldData;\r
+ Offset = 0;\r
+ GuidIndex = 0;\r
+ while ((KekDataSize > 0) && (KekDataSize >= CertList->SignatureListSize)) {\r
+ if (CompareGuid (&CertList->SignatureType, &gEfiCertRsa2048Guid) ||\r
+ CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {\r
+ CopyMem (Data + Offset, CertList, (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize));\r
+ NewCertList = (EFI_SIGNATURE_LIST *)(Data + Offset);\r
+ Offset += (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);\r
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);\r
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
+ for (Index = 0; Index < CertCount; Index++) {\r
+ if (GuidIndex == DeleteKekIndex ) {\r
+ //\r
+ // Find it! Skip it!\r
+ //\r
+ NewCertList->SignatureListSize -= CertList->SignatureSize;\r
+ IsKEKItemFound = TRUE; \r
+ } else {\r
+ //\r
+ // This item doesn't match. Copy it to the Data buffer.\r
+ //\r
+ CopyMem (Data + Offset, Cert, CertList->SignatureSize);\r
+ Offset += CertList->SignatureSize;\r
+ }\r
+ GuidIndex++;\r
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8*) Cert + CertList->SignatureSize);\r
+ }\r
+ } else {\r
+ //\r
+ // This List doesn't match. Copy it to the Data buffer.\r
+ //\r
+ CopyMem (Data + Offset, CertList, CertList->SignatureListSize);\r
+ Offset += CertList->SignatureListSize;\r
+ }\r
+ \r
+ KekDataSize -= CertList->SignatureListSize;\r
+ CertList = (EFI_SIGNATURE_LIST*) ((UINT8*) CertList + CertList->SignatureListSize);\r
+ }\r
+\r
+ if (!IsKEKItemFound) {\r
+ //\r
+ // Doesn't find the Kek Item!\r
+ //\r
+ Status = EFI_NOT_FOUND;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Delete the Signature header if there is no signature in the list.\r
+ //\r
+ KekDataSize = Offset;\r
+ CertList = (EFI_SIGNATURE_LIST*) Data;\r
+ Offset = 0;\r
+ ZeroMem (OldData, KekDataSize);\r
+ while ((KekDataSize > 0) && (KekDataSize >= CertList->SignatureListSize)) {\r
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
+ DEBUG ((DEBUG_ERROR, " CertCount = %x\n", CertCount));\r
+ if (CertCount != 0) {\r
+ CopyMem (OldData + Offset, CertList, CertList->SignatureListSize);\r
+ Offset += CertList->SignatureListSize;\r
+ } \r
+ KekDataSize -= CertList->SignatureListSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);\r
+ }\r
+\r
+ DataSize = Offset;\r
+ if ((Attr & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {\r
+ Status = CreateTimeBasedPayload (&DataSize, &OldData);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));\r
+ goto ON_EXIT;\r
+ }\r
+ }\r
+\r
+ Status = gRT->SetVariable(\r
+ EFI_KEY_EXCHANGE_KEY_NAME, \r
+ &gEfiGlobalVariableGuid, \r
+ Attr, \r
+ DataSize, \r
+ OldData\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((DEBUG_ERROR, "Failed to set variable, Status = %r\n", Status));\r
+ goto ON_EXIT;\r
+ }\r
+ \r
+ON_EXIT:\r
+ if (Data != NULL) {\r
+ FreePool(Data);\r
+ }\r
+\r
+ if (OldData != NULL) {\r
+ FreePool(OldData);\r
+ }\r
+\r
+ return UpdateDeletePage (\r
+ PrivateData, \r
+ EFI_KEY_EXCHANGE_KEY_NAME,\r
+ &gEfiGlobalVariableGuid,\r
+ LABEL_KEK_DELETE,\r
+ FORMID_DELETE_KEK_FORM,\r
+ OPTION_DEL_KEK_QUESTION_ID\r
+ );\r
+}\r
+\r
+/**\r
+ Delete a signature entry from siganture database.\r
\r
+ @param[in] PrivateData Module's private data.\r
+ @param[in] VariableName The variable name of the vendor's signature database.\r
+ @param[in] VendorGuid A unique identifier for the vendor.\r
+ @param[in] LabelNumber Label number to insert opcodes.\r
+ @param[in] FormId Form ID of current page.\r
+ @param[in] QuestionIdBase Base question id of the signature list.\r
+ @param[in] DeleteIndex Signature index to delete.\r
+ \r
+ @retval EFI_SUCCESS Delete siganture successfully.\r
+ @retval EFI_NOT_FOUND Can't find the signature item,\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
**/\r
EFI_STATUS\r
-SaveSecureBootVariable (\r
- IN UINT8 VarValue\r
+DeleteSignature (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid,\r
+ IN UINT16 LabelNumber,\r
+ IN EFI_FORM_ID FormId,\r
+ IN EFI_QUESTION_ID QuestionIdBase,\r
+ IN UINTN DeleteIndex\r
)\r
{\r
- EFI_STATUS Status;\r
+ EFI_STATUS Status;\r
+ UINTN DataSize;\r
+ UINT8 *Data;\r
+ UINT8 *OldData;\r
+ UINT32 Attr;\r
+ UINT32 Index;\r
+ EFI_SIGNATURE_LIST *CertList;\r
+ EFI_SIGNATURE_LIST *NewCertList;\r
+ EFI_SIGNATURE_DATA *Cert;\r
+ UINTN CertCount;\r
+ UINT32 Offset;\r
+ BOOLEAN IsItemFound;\r
+ UINT32 ItemDataSize;\r
+ UINTN GuidIndex;\r
\r
- Status = gRT->SetVariable (\r
- EFI_SECURE_BOOT_ENABLE_NAME,\r
- &gEfiSecureBootEnableDisableGuid,\r
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\r
- sizeof (UINT8),\r
- &VarValue\r
- );\r
+ Data = NULL;\r
+ OldData = NULL;\r
+ CertList = NULL;\r
+ Cert = NULL;\r
+ Attr = 0; \r
+\r
+ //\r
+ // Get original signature list data.\r
+ // \r
+ DataSize = 0;\r
+ Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, NULL);\r
+ if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ OldData = (UINT8 *) AllocateZeroPool (DataSize);\r
+ if (OldData == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES; \r
+ goto ON_EXIT;\r
+ }\r
+\r
+ Status = gRT->GetVariable (VariableName, VendorGuid, &Attr, &DataSize, OldData);\r
+ if (EFI_ERROR(Status)) {\r
+ goto ON_EXIT;\r
+ } \r
+\r
+ //\r
+ // Allocate space for new variable. \r
+ //\r
+ Data = (UINT8*) AllocateZeroPool (DataSize);\r
+ if (Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Enumerate all signature data and erasing the target item.\r
+ //\r
+ IsItemFound = FALSE;\r
+ ItemDataSize = (UINT32) DataSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) OldData;\r
+ Offset = 0;\r
+ GuidIndex = 0;\r
+ while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {\r
+ if (CompareGuid (&CertList->SignatureType, &gEfiCertRsa2048Guid) ||\r
+ CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid) ||\r
+ CompareGuid (&CertList->SignatureType, &gEfiCertSha1Guid) ||\r
+ CompareGuid (&CertList->SignatureType, &gEfiCertSha256Guid)\r
+ ) {\r
+ //\r
+ // Copy EFI_SIGNATURE_LIST header then calculate the signature count in this list.\r
+ //\r
+ CopyMem (Data + Offset, CertList, (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize));\r
+ NewCertList = (EFI_SIGNATURE_LIST*) (Data + Offset);\r
+ Offset += (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);\r
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);\r
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
+ for (Index = 0; Index < CertCount; Index++) {\r
+ if (GuidIndex == DeleteIndex) {\r
+ //\r
+ // Find it! Skip it!\r
+ //\r
+ NewCertList->SignatureListSize -= CertList->SignatureSize;\r
+ IsItemFound = TRUE; \r
+ } else {\r
+ //\r
+ // This item doesn't match. Copy it to the Data buffer.\r
+ //\r
+ CopyMem (Data + Offset, (UINT8*)(Cert), CertList->SignatureSize);\r
+ Offset += CertList->SignatureSize;\r
+ }\r
+ GuidIndex++;\r
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);\r
+ }\r
+ } else {\r
+ //\r
+ // This List doesn't match. Just copy it to the Data buffer.\r
+ //\r
+ CopyMem (Data + Offset, (UINT8*)(CertList), CertList->SignatureListSize);\r
+ Offset += CertList->SignatureListSize;\r
+ }\r
+ \r
+ ItemDataSize -= CertList->SignatureListSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);\r
+ }\r
+\r
+ if (!IsItemFound) {\r
+ //\r
+ // Doesn't find the signature Item!\r
+ //\r
+ Status = EFI_NOT_FOUND;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Delete the EFI_SIGNATURE_LIST header if there is no signature in the list.\r
+ //\r
+ ItemDataSize = Offset;\r
+ CertList = (EFI_SIGNATURE_LIST *) Data;\r
+ Offset = 0;\r
+ ZeroMem (OldData, ItemDataSize);\r
+ while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {\r
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
+ DEBUG ((DEBUG_ERROR, " CertCount = %x\n", CertCount));\r
+ if (CertCount != 0) {\r
+ CopyMem (OldData + Offset, (UINT8*)(CertList), CertList->SignatureListSize);\r
+ Offset += CertList->SignatureListSize;\r
+ } \r
+ ItemDataSize -= CertList->SignatureListSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);\r
+ }\r
+\r
+ DataSize = Offset;\r
+ if ((Attr & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {\r
+ Status = CreateTimeBasedPayload (&DataSize, &OldData);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));\r
+ goto ON_EXIT;\r
+ }\r
+ }\r
+\r
+ Status = gRT->SetVariable(\r
+ VariableName, \r
+ VendorGuid, \r
+ Attr, \r
+ DataSize, \r
+ OldData\r
+ );\r
if (EFI_ERROR (Status)) {\r
- return Status;\r
+ DEBUG ((DEBUG_ERROR, "Failed to set variable, Status = %r\n", Status));\r
+ goto ON_EXIT;\r
}\r
- gRT->ResetSystem (EfiResetCold, EFI_SUCCESS, 0, NULL);\r
- return EFI_SUCCESS;\r
+ \r
+ON_EXIT:\r
+ if (Data != NULL) {\r
+ FreePool(Data);\r
+ }\r
+\r
+ if (OldData != NULL) {\r
+ FreePool(OldData);\r
+ }\r
+\r
+ return UpdateDeletePage (\r
+ PrivateData, \r
+ VariableName,\r
+ VendorGuid,\r
+ LabelNumber,\r
+ FormId,\r
+ QuestionIdBase\r
+ );\r
+}\r
+\r
+/**\r
+ This function extracts configuration from variable.\r
+ \r
+ @param[in, out] ConfigData Point to SecureBoot configuration private data.\r
+\r
+**/\r
+VOID\r
+SecureBootExtractConfigFromVariable (\r
+ IN OUT SECUREBOOT_CONFIGURATION *ConfigData\r
+ ) \r
+{\r
+ UINT8 *SecureBootEnable;\r
+ UINT8 *SetupMode;\r
+ UINT8 *SecureBootMode;\r
+\r
+ SecureBootEnable = NULL;\r
+ SetupMode = NULL;\r
+ SecureBootMode = NULL;\r
+ \r
+ //\r
+ // Get the SecureBootEnable Variable\r
+ //\r
+ GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL);\r
+\r
+ //\r
+ // If the SecureBootEnable Variable doesn't exist, hide the SecureBoot Enable/Disable\r
+ // Checkbox.\r
+ //\r
+ if (SecureBootEnable == NULL) {\r
+ ConfigData->HideSecureBoot = TRUE;\r
+ } else {\r
+ ConfigData->HideSecureBoot = FALSE;\r
+ ConfigData->SecureBootState = *SecureBootEnable;\r
+ }\r
+ //\r
+ // If it is Physical Presence User, set the PhysicalPresent to true.\r
+ //\r
+ if (UserPhysicalPresent()) {\r
+ ConfigData->PhysicalPresent = TRUE;\r
+ } else {\r
+ ConfigData->PhysicalPresent = FALSE;\r
+ }\r
+ \r
+ //\r
+ // If there is no PK then the Delete Pk button will be gray.\r
+ //\r
+ GetVariable2 (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SetupMode, NULL);\r
+ if (SetupMode == NULL || (*SetupMode) == 1) {\r
+ ConfigData->HasPk = FALSE;\r
+ } else {\r
+ ConfigData->HasPk = TRUE;\r
+ }\r
+\r
+ //\r
+ // Get the SecureBootMode from CustomMode variable.\r
+ //\r
+ GetVariable2 (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, (VOID**)&SecureBootMode, NULL);\r
+ if (SecureBootMode == NULL) {\r
+ ConfigData->SecureBootMode = STANDARD_SECURE_BOOT_MODE;\r
+ } else {\r
+ ConfigData->SecureBootMode = *(SecureBootMode);\r
+ }\r
+ \r
}\r
\r
/**\r
UINTN BufferSize;\r
UINTN Size;\r
SECUREBOOT_CONFIGURATION Configuration;\r
-\r
EFI_STRING ConfigRequest;\r
EFI_STRING ConfigRequestHdr;\r
- UINT8 *SecureBootEnable;\r
SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData;\r
BOOLEAN AllocatedRequest;\r
\r
if (Progress == NULL || Results == NULL) {\r
return EFI_INVALID_PARAMETER;\r
}\r
+ \r
AllocatedRequest = FALSE;\r
ConfigRequestHdr = NULL;\r
ConfigRequest = NULL;\r
Size = 0;\r
\r
+ ZeroMem (&Configuration, sizeof (Configuration));\r
PrivateData = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This);\r
*Progress = Request;\r
\r
return EFI_NOT_FOUND;\r
}\r
\r
- \r
- //\r
- // Get the SecureBoot Variable\r
- //\r
- SecureBootEnable = GetVariable (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid);\r
-\r
//\r
- // If the SecureBoot Variable doesn't exist, hide the SecureBoot Enable/Disable\r
- // Checkbox.\r
+ // Get Configuration from Variable.\r
//\r
- if (SecureBootEnable == NULL) {\r
- Configuration.HideSecureBoot = TRUE;\r
- } else {\r
- Configuration.HideSecureBoot = FALSE;\r
- Configuration.SecureBootState = *SecureBootEnable;\r
- }\r
+ SecureBootExtractConfigFromVariable (&Configuration);\r
\r
BufferSize = sizeof (SECUREBOOT_CONFIGURATION);\r
ConfigRequest = Request;\r
if ((Request == NULL) || (StrStr (Request, L"OFFSET") == NULL)) {\r
//\r
// Request is set to NULL or OFFSET is NULL, construct full request string.\r
- //\r
-\r
//\r
// Allocate and fill a buffer large enough to hold the <ConfigHdr> template\r
// followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a Null-terminator\r
OUT EFI_STRING *Progress\r
)\r
{\r
- EFI_STATUS Status;\r
- UINTN BufferSize;\r
- SECUREBOOT_CONFIGURATION SecureBootConfiguration;\r
- UINT8 *SecureBootEnable;\r
-\r
-\r
if (Configuration == NULL || Progress == NULL) {\r
return EFI_INVALID_PARAMETER;\r
}\r
return EFI_NOT_FOUND;\r
}\r
\r
- //\r
- // Convert <ConfigResp> to buffer data by helper function ConfigToBlock()\r
- //\r
- BufferSize = sizeof (SECUREBOOT_CONFIGURATION);\r
- Status = gHiiConfigRouting->ConfigToBlock (\r
- gHiiConfigRouting,\r
- Configuration,\r
- (UINT8 *) &SecureBootConfiguration,\r
- &BufferSize,\r
- Progress\r
- );\r
- if (EFI_ERROR (Status)) {\r
- return Status;\r
- }\r
-\r
- SecureBootEnable = GetVariable (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid);\r
- if (SecureBootEnable == NULL) {\r
- return EFI_SUCCESS;\r
- }\r
-\r
- if ((*SecureBootEnable) != SecureBootConfiguration.SecureBootState) {\r
- //\r
- // If the configure is changed, update the SecureBoot Variable.\r
- //\r
- SaveSecureBootVariable (SecureBootConfiguration.SecureBootState);\r
- }\r
+ *Progress = Configuration + StrLen (Configuration);\r
return EFI_SUCCESS;\r
}\r
\r
/**\r
- This function processes the results of changes in configuration.\r
+ This function is called to provide results data to the driver.\r
\r
@param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.\r
@param[in] Action Specifies the type of action taken by the browser.\r
OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest\r
)\r
{\r
- BOOLEAN SecureBootEnable;\r
+ EFI_INPUT_KEY Key;\r
+ EFI_STATUS Status; \r
+ SECUREBOOT_CONFIG_PRIVATE_DATA *Private;\r
+ UINTN BufferSize;\r
+ SECUREBOOT_CONFIGURATION *IfrNvData;\r
+ UINT16 LabelId;\r
+ UINT8 *SecureBootEnable;\r
+\r
+ SecureBootEnable = NULL;\r
\r
if ((This == NULL) || (Value == NULL) || (ActionRequest == NULL)) {\r
return EFI_INVALID_PARAMETER;\r
}\r
\r
- if ((Action != EFI_BROWSER_ACTION_CHANGING) || (QuestionId != KEY_SECURE_BOOT_ENABLE)) {\r
+ if ((Action != EFI_BROWSER_ACTION_CHANGED) && (Action != EFI_BROWSER_ACTION_CHANGING)) {\r
return EFI_UNSUPPORTED;\r
}\r
+ \r
+ Private = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This);\r
\r
- if (NULL == GetVariable (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid)) {\r
- return EFI_SUCCESS;\r
+ //\r
+ // Retrieve uncommitted data from Browser\r
+ //\r
+ BufferSize = sizeof (SECUREBOOT_CONFIGURATION);\r
+ IfrNvData = AllocateZeroPool (BufferSize);\r
+ if (IfrNvData == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
}\r
\r
- SecureBootEnable = Value->u8;\r
- SaveSecureBootVariable (Value->u8);\r
- return EFI_SUCCESS;\r
+ Status = EFI_SUCCESS;\r
+\r
+ HiiGetBrowserData (NULL, NULL, BufferSize, (UINT8 *) IfrNvData);\r
+ \r
+ if (Action == EFI_BROWSER_ACTION_CHANGING) {\r
+\r
+ switch (QuestionId) {\r
+ case KEY_SECURE_BOOT_ENABLE:\r
+ GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL);\r
+ if (NULL != SecureBootEnable) {\r
+ if (EFI_ERROR (SaveSecureBootVariable (Value->u8))) {\r
+ CreatePopUp (\r
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,\r
+ &Key,\r
+ L"Only Physical Presence User could disable secure boot!",\r
+ NULL\r
+ );\r
+ Status = EFI_UNSUPPORTED;\r
+ }\r
+ *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY; \r
+ }\r
+ break;\r
+\r
+ case KEY_SECURE_BOOT_OPTION:\r
+ FreeMenu (&DirectoryMenu);\r
+ FreeMenu (&FsOptionMenu);\r
+ break;\r
+\r
+ case KEY_SECURE_BOOT_KEK_OPTION:\r
+ case KEY_SECURE_BOOT_DB_OPTION:\r
+ case KEY_SECURE_BOOT_DBX_OPTION:\r
+ //\r
+ // Clear Signature GUID.\r
+ //\r
+ ZeroMem (IfrNvData->SignatureGuid, sizeof (IfrNvData->SignatureGuid));\r
+ if (Private->SignatureGUID == NULL) {\r
+ Private->SignatureGUID = (EFI_GUID *) AllocateZeroPool (sizeof (EFI_GUID));\r
+ if (Private->SignatureGUID == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+ }\r
\r
+ if (QuestionId == KEY_SECURE_BOOT_DB_OPTION) {\r
+ LabelId = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r
+ } else if (QuestionId == KEY_SECURE_BOOT_DBX_OPTION) {\r
+ LabelId = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r
+ } else {\r
+ LabelId = FORMID_ENROLL_KEK_FORM;\r
+ }\r
+\r
+ //\r
+ // Refresh selected file.\r
+ //\r
+ CleanUpPage (LabelId, Private); \r
+ break;\r
+ \r
+ case SECUREBOOT_ADD_PK_FILE_FORM_ID:\r
+ case FORMID_ENROLL_KEK_FORM:\r
+ case SECUREBOOT_ENROLL_SIGNATURE_TO_DB:\r
+ case SECUREBOOT_ENROLL_SIGNATURE_TO_DBX:\r
+ if (QuestionId == SECUREBOOT_ADD_PK_FILE_FORM_ID) {\r
+ Private->FeCurrentState = FileExplorerStateEnrollPkFile;\r
+ } else if (QuestionId == FORMID_ENROLL_KEK_FORM) {\r
+ Private->FeCurrentState = FileExplorerStateEnrollKekFile;\r
+ } else if (QuestionId == SECUREBOOT_ENROLL_SIGNATURE_TO_DB) {\r
+ Private->FeCurrentState = FileExplorerStateEnrollSignatureFileToDb;\r
+ } else {\r
+ Private->FeCurrentState = FileExplorerStateEnrollSignatureFileToDbx;\r
+ }\r
+\r
+ Private->FeDisplayContext = FileExplorerDisplayUnknown;\r
+ CleanUpPage (FORM_FILE_EXPLORER_ID, Private);\r
+ UpdateFileExplorer (Private, 0);\r
+ break;\r
+\r
+ case KEY_SECURE_BOOT_DELETE_PK: \r
+ if (Value->u8) {\r
+ Status = DeletePlatformKey ();\r
+ *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;\r
+ }\r
+ break;\r
+\r
+ case KEY_DELETE_KEK:\r
+ UpdateDeletePage (\r
+ Private, \r
+ EFI_KEY_EXCHANGE_KEY_NAME,\r
+ &gEfiGlobalVariableGuid,\r
+ LABEL_KEK_DELETE,\r
+ FORMID_DELETE_KEK_FORM,\r
+ OPTION_DEL_KEK_QUESTION_ID \r
+ );\r
+ break;\r
+\r
+ case SECUREBOOT_DELETE_SIGNATURE_FROM_DB: \r
+ UpdateDeletePage (\r
+ Private,\r
+ EFI_IMAGE_SECURITY_DATABASE,\r
+ &gEfiImageSecurityDatabaseGuid,\r
+ LABEL_DB_DELETE,\r
+ SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
+ OPTION_DEL_DB_QUESTION_ID\r
+ );\r
+ break;\r
+\r
+ case SECUREBOOT_DELETE_SIGNATURE_FROM_DBX:\r
+ UpdateDeletePage (\r
+ Private,\r
+ EFI_IMAGE_SECURITY_DATABASE1,\r
+ &gEfiImageSecurityDatabaseGuid,\r
+ LABEL_DBX_DELETE,\r
+ SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r
+ OPTION_DEL_DBX_QUESTION_ID\r
+ );\r
+\r
+ break;\r
+\r
+ case KEY_VALUE_SAVE_AND_EXIT_KEK:\r
+ Status = EnrollKeyExchangeKey (Private);\r
+ break;\r
+\r
+ case KEY_VALUE_SAVE_AND_EXIT_DB:\r
+ Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE);\r
+ break;\r
+\r
+ case KEY_VALUE_SAVE_AND_EXIT_DBX:\r
+ Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE1);\r
+ break;\r
+\r
+ default:\r
+ if (QuestionId >= FILE_OPTION_OFFSET) {\r
+ UpdateFileExplorer (Private, QuestionId);\r
+ } else if ((QuestionId >= OPTION_DEL_KEK_QUESTION_ID) &&\r
+ (QuestionId < (OPTION_DEL_KEK_QUESTION_ID + OPTION_CONFIG_RANGE))) {\r
+ DeleteKeyExchangeKey (Private, QuestionId);\r
+ } else if ((QuestionId >= OPTION_DEL_DB_QUESTION_ID) &&\r
+ (QuestionId < (OPTION_DEL_DB_QUESTION_ID + OPTION_CONFIG_RANGE))) {\r
+ DeleteSignature (\r
+ Private,\r
+ EFI_IMAGE_SECURITY_DATABASE,\r
+ &gEfiImageSecurityDatabaseGuid,\r
+ LABEL_DB_DELETE, \r
+ SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
+ OPTION_DEL_DB_QUESTION_ID,\r
+ QuestionId - OPTION_DEL_DB_QUESTION_ID\r
+ );\r
+ } else if ((QuestionId >= OPTION_DEL_DBX_QUESTION_ID) &&\r
+ (QuestionId < (OPTION_DEL_DBX_QUESTION_ID + OPTION_CONFIG_RANGE))) {\r
+ DeleteSignature (\r
+ Private,\r
+ EFI_IMAGE_SECURITY_DATABASE1,\r
+ &gEfiImageSecurityDatabaseGuid,\r
+ LABEL_DBX_DELETE, \r
+ SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r
+ OPTION_DEL_DBX_QUESTION_ID,\r
+ QuestionId - OPTION_DEL_DBX_QUESTION_ID\r
+ );\r
+ }\r
+ break;\r
+ }\r
+ } else if (Action == EFI_BROWSER_ACTION_CHANGED) {\r
+ switch (QuestionId) {\r
+ case KEY_SECURE_BOOT_ENABLE:\r
+ *ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT; \r
+ break; \r
+ case KEY_VALUE_SAVE_AND_EXIT_PK:\r
+ Status = EnrollPlatformKey (Private);\r
+ if (EFI_ERROR (Status)) {\r
+ CreatePopUp (\r
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,\r
+ &Key,\r
+ L"ERROR: Unsupported file type, only *.cer is supported!",\r
+ NULL\r
+ );\r
+ } else {\r
+ *ActionRequest = EFI_BROWSER_ACTION_REQUEST_EXIT; \r
+ } \r
+ break;\r
+\r
+ case KEY_VALUE_NO_SAVE_AND_EXIT_PK:\r
+ case KEY_VALUE_NO_SAVE_AND_EXIT_KEK:\r
+ case KEY_VALUE_NO_SAVE_AND_EXIT_DB:\r
+ case KEY_VALUE_NO_SAVE_AND_EXIT_DBX:\r
+ if (Private->FileContext->FHandle != NULL) {\r
+ CloseFile (Private->FileContext->FHandle);\r
+ Private->FileContext->FHandle = NULL;\r
+ Private->FileContext->FileName = NULL;\r
+ }\r
+ \r
+ if (Private->SignatureGUID != NULL) {\r
+ FreePool (Private->SignatureGUID);\r
+ Private->SignatureGUID = NULL;\r
+ }\r
+ *ActionRequest = EFI_BROWSER_ACTION_REQUEST_EXIT;\r
+ break;\r
+ \r
+ case KEY_SECURE_BOOT_MODE:\r
+ GetVariable2 (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, (VOID**)&SecureBootEnable, NULL);\r
+ if (NULL != SecureBootEnable) {\r
+ Status = gRT->SetVariable ( \r
+ EFI_CUSTOM_MODE_NAME,\r
+ &gEfiCustomModeEnableGuid,\r
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\r
+ sizeof (UINT8),\r
+ &Value->u8\r
+ );\r
+ *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;\r
+ IfrNvData->SecureBootMode = Value->u8;\r
+ } \r
+ break;\r
+\r
+ case KEY_SECURE_BOOT_KEK_GUID:\r
+ case KEY_SECURE_BOOT_SIGNATURE_GUID_DB:\r
+ case KEY_SECURE_BOOT_SIGNATURE_GUID_DBX:\r
+ ASSERT (Private->SignatureGUID != NULL);\r
+ Status = StringToGuid (\r
+ IfrNvData->SignatureGuid,\r
+ StrLen (IfrNvData->SignatureGuid),\r
+ Private->SignatureGUID\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ break;\r
+ }\r
+\r
+ *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;\r
+ break;\r
+\r
+ case KEY_SECURE_BOOT_DELETE_PK:\r
+ if (Value->u8) {\r
+ *ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;\r
+ }\r
+ break; \r
+ }\r
+ }\r
+ \r
+ if (!EFI_ERROR (Status)) {\r
+ BufferSize = sizeof (SECUREBOOT_CONFIGURATION);\r
+ HiiSetBrowserData (NULL, NULL, BufferSize, (UINT8*) IfrNvData, NULL);\r
+ }\r
+ FreePool (IfrNvData);\r
+ \r
+ return EFI_SUCCESS;\r
}\r
\r
/**\r
\r
@param[in, out] PrivateData Points to SecureBoot configuration private data.\r
\r
- @retval EFI_SUCCESS HII Form is installed for this network device.\r
+ @retval EFI_SUCCESS HII Form is installed successfully.\r
@retval EFI_OUT_OF_RESOURCES Not enough resource for HII Form installation.\r
@retval Others Other errors as indicated.\r
\r
EFI_STATUS Status;\r
EFI_HII_HANDLE HiiHandle;\r
EFI_HANDLE DriverHandle;\r
-\r
EFI_HII_CONFIG_ACCESS_PROTOCOL *ConfigAccess;\r
\r
DriverHandle = NULL;\r
ConfigAccess,\r
NULL\r
);\r
-\r
return EFI_OUT_OF_RESOURCES;\r
}\r
\r
PrivateData->HiiHandle = HiiHandle;\r
+\r
+ PrivateData->FileContext = AllocateZeroPool (sizeof (SECUREBOOT_FILE_CONTEXT));\r
+ PrivateData->MenuEntry = AllocateZeroPool (sizeof (SECUREBOOT_MENU_ENTRY));\r
+ \r
+ if (PrivateData->FileContext == NULL || PrivateData->MenuEntry == NULL) {\r
+ UninstallSecureBootConfigForm (PrivateData);\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+ \r
+ PrivateData->FeCurrentState = FileExplorerStateInActive;\r
+ PrivateData->FeDisplayContext = FileExplorerDisplayUnknown;\r
+ \r
+ InitializeListHead (&FsOptionMenu.Head);\r
+ InitializeListHead (&DirectoryMenu.Head);\r
+\r
+ //\r
+ // Init OpCode Handle and Allocate space for creation of Buffer\r
+ //\r
+ mStartOpCodeHandle = HiiAllocateOpCodeHandle ();\r
+ if (mStartOpCodeHandle == NULL) {\r
+ UninstallSecureBootConfigForm (PrivateData);\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+\r
+ mEndOpCodeHandle = HiiAllocateOpCodeHandle ();\r
+ if (mEndOpCodeHandle == NULL) {\r
+ UninstallSecureBootConfigForm (PrivateData);\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+\r
+ //\r
+ // Create Hii Extend Label OpCode as the start opcode\r
+ //\r
+ mStartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (\r
+ mStartOpCodeHandle,\r
+ &gEfiIfrTianoGuid,\r
+ NULL,\r
+ sizeof (EFI_IFR_GUID_LABEL)\r
+ );\r
+ mStartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
+\r
+ //\r
+ // Create Hii Extend Label OpCode as the end opcode\r
+ //\r
+ mEndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (\r
+ mEndOpCodeHandle,\r
+ &gEfiIfrTianoGuid,\r
+ NULL,\r
+ sizeof (EFI_IFR_GUID_LABEL)\r
+ );\r
+ mEndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
+ mEndLabel->Number = LABEL_END;\r
+ \r
return EFI_SUCCESS;\r
}\r
\r
PrivateData->DriverHandle = NULL;\r
}\r
\r
+ if (PrivateData->SignatureGUID != NULL) {\r
+ FreePool (PrivateData->SignatureGUID);\r
+ }\r
+\r
+ if (PrivateData->MenuEntry != NULL) {\r
+ FreePool (PrivateData->MenuEntry);\r
+ }\r
+\r
+ if (PrivateData->FileContext != NULL) {\r
+ FreePool (PrivateData->FileContext);\r
+ }\r
+\r
FreePool (PrivateData);\r
+\r
+ FreeMenu (&DirectoryMenu);\r
+ FreeMenu (&FsOptionMenu);\r
+\r
+ if (mStartOpCodeHandle != NULL) {\r
+ HiiFreeOpCodeHandle (mStartOpCodeHandle);\r
+ }\r
+\r
+ if (mEndOpCodeHandle != NULL) {\r
+ HiiFreeOpCodeHandle (mEndOpCodeHandle);\r
+ }\r
}\r
projects / mirror_edk2.git / blobdiff