X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=SecurityPkg%2FUserIdentification%2FPwdCredentialProviderDxe%2FPwdCredentialProvider.c;fp=SecurityPkg%2FUserIdentification%2FPwdCredentialProviderDxe%2FPwdCredentialProvider.c;h=0000000000000000000000000000000000000000;hp=52fc68b5eeaaec596a7068315c1c6a249c55de7b;hb=514c55c18597c48e1648b67f85cf25b5984da5cc;hpb=28ce4cb3590bc3aaa91c3be75429d4e8722415e2
diff --git a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c
deleted file mode 100644
index 52fc68b5ee..0000000000
--- a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c
+++ /dev/null
@@ -1,1464 +0,0 @@
-/** @file
- Password Credential Provider driver implementation.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
-(C) Copyright 2018 Hewlett Packard Enterprise Development LP
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "PwdCredentialProvider.h"
-
-CREDENTIAL_TABLE *mPwdTable = NULL;
-PWD_PROVIDER_CALLBACK_INFO *mCallbackInfo = NULL;
-PASSWORD_CREDENTIAL_INFO *mPwdInfoHandle = NULL;
-
-HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
- {
- {
- HARDWARE_DEVICE_PATH,
- HW_VENDOR_DP,
- {
- (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
- (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
- }
- },
- PWD_CREDENTIAL_PROVIDER_GUID
- },
- {
- END_DEVICE_PATH_TYPE,
- END_ENTIRE_DEVICE_PATH_SUBTYPE,
- {
- (UINT8) (END_DEVICE_PATH_LENGTH),
- (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
- }
- }
-};
-
-EFI_USER_CREDENTIAL2_PROTOCOL gPwdCredentialProviderDriver = {
- PWD_CREDENTIAL_PROVIDER_GUID,
- EFI_USER_CREDENTIAL_CLASS_PASSWORD,
- CredentialEnroll,
- CredentialForm,
- CredentialTile,
- CredentialTitle,
- CredentialUser,
- CredentialSelect,
- CredentialDeselect,
- CredentialDefault,
- CredentialGetInfo,
- CredentialGetNextInfo,
- EFI_CREDENTIAL_CAPABILITIES_ENROLL,
- CredentialDelete
-};
-
-
-/**
- Get string by string id from HII Interface.
-
-
- @param[in] Id String ID to get the string from.
-
- @retval CHAR16 * String from ID.
- @retval NULL If error occurs.
-
-**/
-CHAR16 *
-GetStringById (
- IN EFI_STRING_ID Id
- )
-{
- //
- // Get the current string for the current Language.
- //
- return HiiGetString (mCallbackInfo->HiiHandle, Id, NULL);
-}
-
-
-/**
- Expand password table size.
-
-**/
-VOID
-ExpandTableSize (
- VOID
- )
-{
- CREDENTIAL_TABLE *NewTable;
- UINTN Count;
-
- Count = mPwdTable->MaxCount + PASSWORD_TABLE_INC;
- //
- // Create new credential table.
- //
- NewTable = (CREDENTIAL_TABLE *) AllocateZeroPool (
- sizeof (CREDENTIAL_TABLE) +
- (Count - 1) * sizeof (PASSWORD_INFO)
- );
- ASSERT (NewTable != NULL);
-
- NewTable->MaxCount = Count;
- NewTable->Count = mPwdTable->Count;
- NewTable->ValidIndex = mPwdTable->ValidIndex;
- //
- // Copy old entries
- //
- CopyMem (
- &NewTable->UserInfo,
- &mPwdTable->UserInfo,
- mPwdTable->Count * sizeof (PASSWORD_INFO)
- );
- FreePool (mPwdTable);
- mPwdTable = NewTable;
-}
-
-
-/**
- Add, update or delete info in table, and sync with NV variable.
-
- @param[in] Index The index of the password in table. If index is found in
- table, update the info, else add the into to table.
- @param[in] Info The new password info to add into table.If Info is NULL,
- delete the info by Index.
-
- @retval EFI_INVALID_PARAMETER Info is NULL when save the info.
- @retval EFI_SUCCESS Modify the table successfully.
- @retval Others Failed to modify the table.
-
-**/
-EFI_STATUS
-ModifyTable (
- IN UINTN Index,
- IN PASSWORD_INFO * Info OPTIONAL
- )
-{
- EFI_STATUS Status;
- PASSWORD_INFO *NewPasswordInfo;
-
- NewPasswordInfo = NULL;
-
- if (Index < mPwdTable->Count) {
- if (Info == NULL) {
- //
- // Delete the specified entry.
- //
- mPwdTable->Count--;
- if (Index != mPwdTable->Count) {
- NewPasswordInfo = &mPwdTable->UserInfo[mPwdTable->Count];
- }
- } else {
- //
- // Update the specified entry.
- //
- NewPasswordInfo = Info;
- }
- } else {
- //
- // Add a new password info.
- //
- if (Info == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (mPwdTable->Count >= mPwdTable->MaxCount) {
- ExpandTableSize ();
- }
-
- NewPasswordInfo = Info;
- mPwdTable->Count++;
- }
-
- if (NewPasswordInfo != NULL) {
- CopyMem (&mPwdTable->UserInfo[Index], NewPasswordInfo, sizeof (PASSWORD_INFO));
- }
-
- //
- // Save the credential table.
- //
- Status = gRT->SetVariable (
- L"PwdCredential",
- &gPwdCredentialProviderGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
- mPwdTable->Count * sizeof (PASSWORD_INFO),
- &mPwdTable->UserInfo
- );
- return Status;
-}
-
-
-/**
- Create a password table.
-
- @retval EFI_SUCCESS Create a password table successfully.
- @retval Others Failed to create a password.
-
-**/
-EFI_STATUS
-InitCredentialTable (
- VOID
- )
-{
- EFI_STATUS Status;
- UINT8 *Var;
- UINTN VarSize;
-
- //
- // Get Password credential data from NV variable.
- //
- VarSize = 0;
- Var = NULL;
- Status = gRT->GetVariable (
- L"PwdCredential",
- &gPwdCredentialProviderGuid,
- NULL,
- &VarSize,
- Var
- );
- if (Status == EFI_BUFFER_TOO_SMALL) {
- Var = AllocateZeroPool (VarSize);
- if (Var == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
- Status = gRT->GetVariable (
- L"PwdCredential",
- &gPwdCredentialProviderGuid,
- NULL,
- &VarSize,
- Var
- );
- }
- if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
- return Status;
- }
-
- //
- // Create the password credential table.
- //
- mPwdTable = AllocateZeroPool (
- sizeof (CREDENTIAL_TABLE) - sizeof (PASSWORD_INFO) +
- PASSWORD_TABLE_INC * sizeof (PASSWORD_INFO) +
- VarSize
- );
- if (mPwdTable == NULL) {
- FreePool (Var);
- return EFI_OUT_OF_RESOURCES;
- }
-
- mPwdTable->Count = VarSize / sizeof (PASSWORD_INFO);
- mPwdTable->MaxCount = mPwdTable->Count + PASSWORD_TABLE_INC;
- mPwdTable->ValidIndex = 0;
- if (Var != NULL) {
- CopyMem (mPwdTable->UserInfo, Var, VarSize);
- FreePool (Var);
- }
- return EFI_SUCCESS;
-}
-
-
-/**
- Hash the password to get credential.
-
- @param[in] Password Points to the input password.
- @param[in] PasswordSize The size of password, in bytes.
- @param[out] Credential Points to the hashed result.
-
- @retval TRUE Hash the password successfully.
- @retval FALSE Failed to hash the password.
-
-**/
-BOOLEAN
-GenerateCredential (
- IN CHAR16 *Password,
- IN UINTN PasswordSize,
- OUT UINT8 *Credential
- )
-{
- BOOLEAN Status;
- UINTN HashSize;
- VOID *Hash;
-
- HashSize = Sha1GetContextSize ();
- Hash = AllocatePool (HashSize);
- ASSERT (Hash != NULL);
-
- Status = Sha1Init (Hash);
- if (!Status) {
- goto Done;
- }
-
- Status = Sha1Update (Hash, Password, PasswordSize);
- if (!Status) {
- goto Done;
- }
-
- Status = Sha1Final (Hash, Credential);
-
-Done:
- FreePool (Hash);
- return Status;
-}
-
-
-/**
- Get password from user input.
-
- @param[in] FirstPwd If True, prompt to input the first password.
- If False, prompt to input password again.
- @param[out] Credential Points to the input password.
-
-**/
-VOID
-GetPassword (
- IN BOOLEAN FirstPwd,
- OUT CHAR8 *Credential
- )
-{
- EFI_INPUT_KEY Key;
- CHAR16 PasswordMask[CREDENTIAL_LEN + 1];
- CHAR16 Password[CREDENTIAL_LEN];
- UINTN PasswordLen;
- CHAR16 *QuestionStr;
- CHAR16 *LineStr;
-
- PasswordLen = 0;
- while (TRUE) {
- PasswordMask[PasswordLen] = L'_';
- PasswordMask[PasswordLen + 1] = L'\0';
- LineStr = GetStringById (STRING_TOKEN (STR_DRAW_A_LINE));
- if (FirstPwd) {
- QuestionStr = GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD));
- } else {
- QuestionStr = GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD_AGAIN));
- }
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- QuestionStr,
- LineStr,
- PasswordMask,
- NULL
- );
- FreePool (QuestionStr);
- FreePool (LineStr);
-
- //
- // Check key stroke
- //
- if (Key.ScanCode == SCAN_NULL) {
- if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) {
- break;
- } else if (Key.UnicodeChar == CHAR_BACKSPACE) {
- if (PasswordLen > 0) {
- PasswordLen--;
- }
- } else if ((Key.UnicodeChar == CHAR_NULL) ||
- (Key.UnicodeChar == CHAR_TAB) ||
- (Key.UnicodeChar == CHAR_LINEFEED)) {
- continue;
- } else {
- Password[PasswordLen] = Key.UnicodeChar;
- PasswordMask[PasswordLen] = L'*';
- PasswordLen++;
- if (PasswordLen == CREDENTIAL_LEN) {
- break;
- }
- }
- }
- }
-
- PasswordLen = PasswordLen * sizeof (CHAR16);
- GenerateCredential (Password, PasswordLen, (UINT8 *)Credential);
-}
-
-/**
- Check whether the password can be found on this provider.
-
- @param[in] Password The password to be found.
-
- @retval EFI_SUCCESS Found password sucessfully.
- @retval EFI_NOT_FOUND Fail to find the password.
-
-**/
-EFI_STATUS
-CheckPassword (
- IN CHAR8 *Password
- )
-{
- UINTN Index;
- CHAR8 *Pwd;
-
- //
- // Check password credential.
- //
- mPwdTable->ValidIndex = 0;
- for (Index = 0; Index < mPwdTable->Count; Index++) {
- Pwd = mPwdTable->UserInfo[Index].Password;
- if (CompareMem (Pwd, Password, CREDENTIAL_LEN) == 0) {
- mPwdTable->ValidIndex = Index + 1;
- return EFI_SUCCESS;
- }
- }
-
- return EFI_NOT_FOUND;
-}
-
-
-/**
- Find a user infomation record by the information record type.
-
- This function searches all user information records of User from beginning
- until either the information is found, or there are no more user infomation
- records. A match occurs when a Info.InfoType field matches the user information
- record type.
-
- @param[in] User Points to the user profile record to search.
- @param[in] InfoType The infomation type to be searched.
- @param[out] Info Points to the user info found, the caller is responsible
- to free.
-
- @retval EFI_SUCCESS Find the user information successfully.
- @retval Others Fail to find the user information.
-
-**/
-EFI_STATUS
-FindUserInfoByType (
- IN EFI_USER_PROFILE_HANDLE User,
- IN UINT8 InfoType,
- OUT EFI_USER_INFO **Info
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *UserInfo;
- UINTN UserInfoSize;
- EFI_USER_INFO_HANDLE UserInfoHandle;
- EFI_USER_MANAGER_PROTOCOL *UserManager;
-
- //
- // Find user information by information type.
- //
- if (Info == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- Status = gBS->LocateProtocol (
- &gEfiUserManagerProtocolGuid,
- NULL,
- (VOID **) &UserManager
- );
- if (EFI_ERROR (Status)) {
- return EFI_NOT_FOUND;
- }
-
- //
- // Get each user information.
- //
-
- UserInfoHandle = NULL;
- UserInfo = NULL;
- UserInfoSize = 0;
- while (TRUE) {
- Status = UserManager->GetNextInfo (UserManager, User, &UserInfoHandle);
- if (EFI_ERROR (Status)) {
- break;
- }
- //
- // Get information.
- //
- Status = UserManager->GetInfo (
- UserManager,
- User,
- UserInfoHandle,
- UserInfo,
- &UserInfoSize
- );
- if (Status == EFI_BUFFER_TOO_SMALL) {
- if (UserInfo != NULL) {
- FreePool (UserInfo);
- }
- UserInfo = AllocateZeroPool (UserInfoSize);
- if (UserInfo == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
- Status = UserManager->GetInfo (
- UserManager,
- User,
- UserInfoHandle,
- UserInfo,
- &UserInfoSize
- );
- }
- if (EFI_ERROR (Status)) {
- break;
- }
-
- ASSERT (UserInfo != NULL);
- if (UserInfo->InfoType == InfoType) {
- *Info = UserInfo;
- return EFI_SUCCESS;
- }
- }
-
- if (UserInfo != NULL) {
- FreePool (UserInfo);
- }
- return Status;
-}
-
-
-/**
- This function processes the results of changes in configuration.
-
- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
- @param Action Specifies the type of action taken by the browser.
- @param QuestionId A unique value which is sent to the original
- exporting driver so that it can identify the type
- of data to expect.
- @param Type The type of value for the question.
- @param Value A pointer to the data being sent to the original
- exporting driver.
- @param ActionRequest On return, points to the action requested by the
- callback function.
-
- @retval EFI_SUCCESS The callback successfully handled the action.
- @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the
- variable and its data.
- @retval EFI_DEVICE_ERROR The variable could not be saved.
- @retval EFI_UNSUPPORTED The specified Action is not supported by the
- callback.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialDriverCallback (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN EFI_BROWSER_ACTION Action,
- IN EFI_QUESTION_ID QuestionId,
- IN UINT8 Type,
- IN EFI_IFR_TYPE_VALUE *Value,
- OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
- )
-{
- EFI_STATUS Status;
- EFI_INPUT_KEY Key;
- CHAR8 Password[CREDENTIAL_LEN];
- CHAR16 *PromptStr;
-
- if (Action == EFI_BROWSER_ACTION_CHANGED) {
- if (QuestionId == KEY_GET_PASSWORD) {
- //
- // Get and check password.
- //
- GetPassword (TRUE, Password);
- Status = CheckPassword (Password);
- if (EFI_ERROR (Status)) {
- PromptStr = GetStringById (STRING_TOKEN (STR_PASSWORD_INCORRECT));
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- L"",
- PromptStr,
- L"",
- NULL
- );
- FreePool (PromptStr);
- return Status;
- }
- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_EXIT;
- }
- return EFI_SUCCESS;
- }
-
- //
- // All other action return unsupported.
- //
- return EFI_UNSUPPORTED;
-}
-
-
-/**
- This function allows a caller to extract the current configuration for one
- or more named elements from the target driver.
-
-
- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
- @param Request A null-terminated Unicode string in format.
- @param Progress On return, points to a character in the Request string.
- Points to the string's null terminator if request was successful.
- Points to the most recent '&' before the first failing name/value
- pair (or the beginning of the string if the failure is in the
- first name/value pair) if the request was not successful.
- @param Results A null-terminated Unicode string in format which
- has all values filled in for the names in the Request string.
- String to be allocated by the called function.
-
- @retval EFI_SUCCESS The Results is filled with the requested values.
- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
- @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
- @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
-
-**/
-EFI_STATUS
-EFIAPI
-FakeExtractConfig (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN CONST EFI_STRING Request,
- OUT EFI_STRING *Progress,
- OUT EFI_STRING *Results
- )
-{
- if (Progress == NULL || Results == NULL) {
- return EFI_INVALID_PARAMETER;
- }
- *Progress = Request;
- return EFI_NOT_FOUND;
-}
-
-/**
- This function processes the results of changes in configuration.
-
-
- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
- @param Configuration A null-terminated Unicode string in format.
- @param Progress A pointer to a string filled in with the offset of the most
- recent '&' before the first failing name/value pair (or the
- beginning of the string if the failure is in the first
- name/value pair) or the terminating NULL if all was successful.
-
- @retval EFI_SUCCESS The Results is processed successfully.
- @retval EFI_INVALID_PARAMETER Configuration is NULL.
- @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
-
-**/
-EFI_STATUS
-EFIAPI
-FakeRouteConfig (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN CONST EFI_STRING Configuration,
- OUT EFI_STRING *Progress
- )
-{
- if (Configuration == NULL || Progress == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- *Progress = Configuration;
-
- return EFI_NOT_FOUND;
-}
-
-/**
- This function initialize the data mainly used in form browser.
-
- @retval EFI_SUCCESS Initialize form data successfully.
- @retval Others Fail to Initialize form data.
-
-**/
-EFI_STATUS
-InitFormBrowser (
- VOID
- )
-{
- EFI_STATUS Status;
- PWD_PROVIDER_CALLBACK_INFO *CallbackInfo;
-
- //
- // Initialize driver private data.
- //
- CallbackInfo = AllocateZeroPool (sizeof (PWD_PROVIDER_CALLBACK_INFO));
- if (CallbackInfo == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- CallbackInfo->Signature = PWD_PROVIDER_SIGNATURE;
- CallbackInfo->ConfigAccess.ExtractConfig = FakeExtractConfig;
- CallbackInfo->ConfigAccess.RouteConfig = FakeRouteConfig;
- CallbackInfo->ConfigAccess.Callback = CredentialDriverCallback;
- CallbackInfo->DriverHandle = NULL;
-
- //
- // Install Device Path Protocol and Config Access protocol to driver handle.
- //
- Status = gBS->InstallMultipleProtocolInterfaces (
- &CallbackInfo->DriverHandle,
- &gEfiDevicePathProtocolGuid,
- &mHiiVendorDevicePath,
- &gEfiHiiConfigAccessProtocolGuid,
- &CallbackInfo->ConfigAccess,
- NULL
- );
- ASSERT_EFI_ERROR (Status);
-
- //
- // Publish HII data.
- //
- CallbackInfo->HiiHandle = HiiAddPackages (
- &gPwdCredentialProviderGuid,
- CallbackInfo->DriverHandle,
- PwdCredentialProviderStrings,
- PwdCredentialProviderVfrBin,
- NULL
- );
- if (CallbackInfo->HiiHandle == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
- mCallbackInfo = CallbackInfo;
-
- return Status;
-}
-
-
-/**
- Enroll a user on a credential provider.
-
- This function enrolls a user on this credential provider. If the user exists on
- this credential provider, update the user information on this credential provider;
- otherwise add the user information on credential provider.
-
- @param[in] This Points to this instance of EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] User The user profile to enroll.
-
- @retval EFI_SUCCESS User profile was successfully enrolled.
- @retval EFI_ACCESS_DENIED Current user profile does not permit enrollment on the
- user profile handle. Either the user profile cannot enroll
- on any user profile or cannot enroll on a user profile
- other than the current user profile.
- @retval EFI_UNSUPPORTED This credential provider does not support enrollment in
- the pre-OS.
- @retval EFI_DEVICE_ERROR The new credential could not be created because of a device
- error.
- @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialEnroll (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User
- )
-{
- EFI_STATUS Status;
- UINTN Index;
- PASSWORD_INFO PwdInfo;
- EFI_USER_INFO *UserInfo;
- CHAR8 Password[CREDENTIAL_LEN];
- EFI_INPUT_KEY Key;
- UINT8 *UserId;
- CHAR16 *QuestionStr;
- CHAR16 *PromptStr;
-
- if ((This == NULL) || (User == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Get User Identifier.
- //
- UserInfo = NULL;
- Status = FindUserInfoByType (
- User,
- EFI_USER_INFO_IDENTIFIER_RECORD,
- &UserInfo
- );
- if (EFI_ERROR (Status)) {
- return EFI_INVALID_PARAMETER;
- }
-
- CopyMem (PwdInfo.UserId, (UINT8 *) (UserInfo + 1), sizeof (EFI_USER_INFO_IDENTIFIER));
- FreePool (UserInfo);
-
- //
- // Get password from user.
- //
- while (TRUE) {
- //
- // Input password.
- //
- GetPassword (TRUE, PwdInfo.Password);
-
- //
- // Input password again.
- //
- GetPassword (FALSE, Password);
-
- //
- // Compare the two password consistency.
- //
- if (CompareMem (PwdInfo.Password, Password, CREDENTIAL_LEN) == 0) {
- break;
- }
-
- QuestionStr = GetStringById (STRING_TOKEN (STR_PASSWORD_MISMATCH));
- PromptStr = GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD_AGAIN));
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- QuestionStr,
- L"",
- PromptStr,
- NULL
- );
- FreePool (QuestionStr);
- FreePool (PromptStr);
- }
-
- //
- // Check whether User is ever enrolled in the provider.
- //
- for (Index = 0; Index < mPwdTable->Count; Index++) {
- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
- if (CompareMem (UserId, (UINT8 *) &PwdInfo.UserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
- //
- // User already exists, update the password.
- //
- break;
- }
- }
-
- //
- // Enroll the User to the provider.
- //
- Status = ModifyTable (Index, &PwdInfo);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Returns the user interface information used during user identification.
-
- This function returns information about the form used when interacting with the
- user during user identification. The form is the first enabled form in the form-set
- class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII handle HiiHandle. If
- the user credential provider does not require a form to identify the user, then this
- function should return EFI_NOT_FOUND.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] Hii On return, holds the HII database handle.
- @param[out] FormSetId On return, holds the identifier of the form set which contains
- the form used during user identification.
- @param[out] FormId On return, holds the identifier of the form used during user
- identification.
-
- @retval EFI_SUCCESS Form returned successfully.
- @retval EFI_NOT_FOUND Form not returned.
- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or FormId is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialForm (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_HII_HANDLE *Hii,
- OUT EFI_GUID *FormSetId,
- OUT EFI_FORM_ID *FormId
- )
-{
- if ((This == NULL) || (Hii == NULL) ||
- (FormSetId == NULL) || (FormId == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- *Hii = mCallbackInfo->HiiHandle;
- *FormId = FORMID_GET_PASSWORD_FORM;
- CopyGuid (FormSetId, &gPwdCredentialProviderGuid);
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Returns bitmap used to describe the credential provider type.
-
- This optional function returns a bitmap that is less than or equal to the number
- of pixels specified by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND
- is returned.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in, out] Width On entry, points to the desired bitmap width. If NULL then no
- bitmap information will be returned. On exit, points to the
- width of the bitmap returned.
- @param[in, out] Height On entry, points to the desired bitmap height. If NULL then no
- bitmap information will be returned. On exit, points to the
- height of the bitmap returned
- @param[out] Hii On return, holds the HII database handle.
- @param[out] Image On return, holds the HII image identifier.
-
- @retval EFI_SUCCESS Image identifier returned successfully.
- @retval EFI_NOT_FOUND Image identifier not returned.
- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialTile (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN OUT UINTN *Width,
- IN OUT UINTN *Height,
- OUT EFI_HII_HANDLE *Hii,
- OUT EFI_IMAGE_ID *Image
- )
-{
- if ((This == NULL) || (Hii == NULL) || (Image == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
- return EFI_NOT_FOUND;
-}
-
-
-/**
- Returns string used to describe the credential provider type.
-
- This function returns a string which describes the credential provider. If no
- such string exists, then EFI_NOT_FOUND is returned.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] Hii On return, holds the HII database handle.
- @param[out] String On return, holds the HII string identifier.
-
- @retval EFI_SUCCESS String identifier returned successfully.
- @retval EFI_NOT_FOUND String identifier not returned.
- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialTitle (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_HII_HANDLE *Hii,
- OUT EFI_STRING_ID *String
- )
-{
- if ((This == NULL) || (Hii == NULL) || (String == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Set Hii handle and String ID.
- //
- *Hii = mCallbackInfo->HiiHandle;
- *String = STRING_TOKEN (STR_CREDENTIAL_TITLE);
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Return the user identifier associated with the currently authenticated user.
-
- This function returns the user identifier of the user authenticated by this credential
- provider. This function is called after the credential-related information has been
- submitted on a form, OR after a call to Default() has returned that this credential is
- ready to log on.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] User The user profile handle of the user profile currently being
- considered by the user identity manager. If NULL, then no user
- profile is currently under consideration.
- @param[out] Identifier On return, points to the user identifier.
-
- @retval EFI_SUCCESS User identifier returned successfully.
- @retval EFI_NOT_READY No user identifier can be returned.
- @retval EFI_ACCESS_DENIED The user has been locked out of this user credential.
- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
- @retval EFI_NOT_FOUND User is not NULL, and the specified user handle can't be
- found in user profile database
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialUser (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User,
- OUT EFI_USER_INFO_IDENTIFIER *Identifier
- )
-{
- EFI_STATUS Status;
- UINTN Index;
- EFI_USER_INFO *UserInfo;
- UINT8 *UserId;
- UINT8 *NewUserId;
- CHAR8 *Pwd;
- CHAR8 *NewPwd;
-
- if ((This == NULL) || (Identifier == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (mPwdTable->ValidIndex == 0) {
- //
- // No password input, or the input password doesn't match
- // anyone in PwdTable.
- //
- return EFI_NOT_READY;
- }
-
- if (User == NULL) {
- //
- // Return the user ID whose password matches the input password.
- //
- CopyMem (
- Identifier,
- &mPwdTable->UserInfo[mPwdTable->ValidIndex - 1].UserId,
- sizeof (EFI_USER_INFO_IDENTIFIER)
- );
- return EFI_SUCCESS;
- }
-
- //
- // Get the User's ID.
- //
- Status = FindUserInfoByType (
- User,
- EFI_USER_INFO_IDENTIFIER_RECORD,
- &UserInfo
- );
- if (EFI_ERROR (Status)) {
- return EFI_NOT_FOUND;
- }
-
- //
- // Check whether the input password matches one in PwdTable.
- //
- for (Index = 0; Index < mPwdTable->Count; Index++) {
- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
- NewUserId = (UINT8 *) (UserInfo + 1);
- if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
- Pwd = mPwdTable->UserInfo[Index].Password;
- NewPwd = mPwdTable->UserInfo[mPwdTable->ValidIndex - 1].Password;
- if (CompareMem (Pwd, NewPwd, CREDENTIAL_LEN) == 0) {
- CopyMem (Identifier, UserId, sizeof (EFI_USER_INFO_IDENTIFIER));
- FreePool (UserInfo);
- return EFI_SUCCESS;
- }
- }
- }
-
- FreePool (UserInfo);
- return EFI_NOT_READY;
-}
-
-
-/**
- Indicate that user interface interaction has begun for the specified credential.
-
- This function is called when a credential provider is selected by the user. If
- AutoLogon returns FALSE, then the user interface will be constructed by the User
- Identity Manager.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] AutoLogon On return, points to the credential provider's capabilities
- after the credential provider has been selected by the user.
-
- @retval EFI_SUCCESS Credential provider successfully selected.
- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialSelect (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
- )
-{
- if ((This == NULL) || (AutoLogon == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
- *AutoLogon = 0;
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Indicate that user interface interaction has ended for the specified credential.
-
- This function is called when a credential provider is deselected by the user.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
-
- @retval EFI_SUCCESS Credential provider successfully deselected.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialDeselect (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
- )
-{
- if (This == NULL) {
- return EFI_INVALID_PARAMETER;
- }
- return EFI_SUCCESS;
-}
-
-
-/**
- Return the default logon behavior for this user credential.
-
- This function reports the default login behavior regarding this credential provider.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] AutoLogon On return, holds whether the credential provider should be used
- by default to automatically log on the user.
-
- @retval EFI_SUCCESS Default information successfully returned.
- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialDefault (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
- )
-{
- if ((This == NULL) || (AutoLogon == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
- *AutoLogon = 0;
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Return information attached to the credential provider.
-
- This function returns user information.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] UserInfo Handle of the user information data record.
- @param[out] Info On entry, points to a buffer of at least *InfoSize bytes. On
- exit, holds the user information. If the buffer is too small
- to hold the information, then EFI_BUFFER_TOO_SMALL is returned
- and InfoSize is updated to contain the number of bytes actually
- required.
- @param[in, out] InfoSize On entry, points to the size of Info. On return, points to the
- size of the user information.
-
- @retval EFI_SUCCESS Information returned successfully.
- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small to hold all of the
- user information. The size required is returned in *InfoSize.
- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a valid user info handle.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialGetInfo (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_INFO_HANDLE UserInfo,
- OUT EFI_USER_INFO *Info,
- IN OUT UINTN *InfoSize
- )
-{
- EFI_USER_INFO *CredentialInfo;
- UINTN Index;
-
- if ((This == NULL) || (InfoSize == NULL) || (Info == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if ((UserInfo == NULL) || (mPwdInfoHandle == NULL)) {
- return EFI_NOT_FOUND;
- }
-
- //
- // Find information handle in credential info table.
- //
- for (Index = 0; Index < mPwdInfoHandle->Count; Index++) {
- CredentialInfo = mPwdInfoHandle->Info[Index];
- if (UserInfo == (EFI_USER_INFO_HANDLE)CredentialInfo) {
- //
- // The handle is found, copy the user info.
- //
- if (CredentialInfo->InfoSize > *InfoSize) {
- *InfoSize = CredentialInfo->InfoSize;
- return EFI_BUFFER_TOO_SMALL;
- }
- CopyMem (Info, CredentialInfo, CredentialInfo->InfoSize);
- return EFI_SUCCESS;
- }
- }
-
- return EFI_NOT_FOUND;
-}
-
-
-/**
- Enumerate all of the user informations on the credential provider.
-
- This function returns the next user information record. To retrieve the first user
- information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
- another user information record handle until there are no more, at which point UserInfo
- will point to NULL.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in, out] UserInfo On entry, points to the previous user information handle or NULL
- to start enumeration. On exit, points to the next user information
- handle or NULL if there is no more user information.
-
- @retval EFI_SUCCESS User information returned.
- @retval EFI_NOT_FOUND No more user information found.
- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialGetNextInfo (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN OUT EFI_USER_INFO_HANDLE *UserInfo
- )
-{
- EFI_USER_INFO *Info;
- CHAR16 *ProvNameStr;
- UINTN InfoLen;
- UINTN Index;
- UINTN ProvStrLen;
-
- if ((This == NULL) || (UserInfo == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (mPwdInfoHandle == NULL) {
- //
- // Initilized user info table. There are 4 user info records in the table.
- //
- InfoLen = sizeof (PASSWORD_CREDENTIAL_INFO) + (4 - 1) * sizeof (EFI_USER_INFO *);
- mPwdInfoHandle = AllocateZeroPool (InfoLen);
- if (mPwdInfoHandle == NULL) {
- *UserInfo = NULL;
- return EFI_NOT_FOUND;
- }
-
- //
- // The first information, Credential Provider info.
- //
- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
- Info = AllocateZeroPool (InfoLen);
- ASSERT (Info != NULL);
-
- Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD;
- Info->InfoSize = (UINT32) InfoLen;
- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
- CopyGuid ((EFI_GUID *)(Info + 1), &gPwdCredentialProviderGuid);
-
- mPwdInfoHandle->Info[0] = Info;
- mPwdInfoHandle->Count++;
-
- //
- // The second information, Credential Provider name info.
- //
- ProvNameStr = GetStringById (STRING_TOKEN (STR_PROVIDER_NAME));
- ProvStrLen = StrSize (ProvNameStr);
- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
- Info = AllocateZeroPool (InfoLen);
- ASSERT (Info != NULL);
-
- Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
- Info->InfoSize = (UINT32) InfoLen;
- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
- FreePool (ProvNameStr);
-
- mPwdInfoHandle->Info[1] = Info;
- mPwdInfoHandle->Count++;
-
- //
- // The third information, Credential Provider type info.
- //
- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
- Info = AllocateZeroPool (InfoLen);
- ASSERT (Info != NULL);
-
- Info->InfoType = EFI_USER_INFO_CREDENTIAL_TYPE_RECORD;
- Info->InfoSize = (UINT32) InfoLen;
- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
- CopyGuid ((EFI_GUID *)(Info + 1), &gEfiUserCredentialClassPasswordGuid);
-
- mPwdInfoHandle->Info[2] = Info;
- mPwdInfoHandle->Count++;
-
- //
- // The fourth information, Credential Provider type name info.
- //
- ProvNameStr = GetStringById (STRING_TOKEN (STR_PROVIDER_TYPE_NAME));
- ProvStrLen = StrSize (ProvNameStr);
- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
- Info = AllocateZeroPool (InfoLen);
- ASSERT (Info != NULL);
-
- Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
- Info->InfoSize = (UINT32) InfoLen;
- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
- FreePool (ProvNameStr);
-
- mPwdInfoHandle->Info[3] = Info;
- mPwdInfoHandle->Count++;
- }
-
- if (*UserInfo == NULL) {
- //
- // Return the first info handle.
- //
- *UserInfo = (EFI_USER_INFO_HANDLE) mPwdInfoHandle->Info[0];
- return EFI_SUCCESS;
- }
-
- //
- // Find information handle in credential info table.
- //
- for (Index = 0; Index < mPwdInfoHandle->Count; Index++) {
- Info = mPwdInfoHandle->Info[Index];
- if (*UserInfo == (EFI_USER_INFO_HANDLE)Info) {
- //
- // The handle is found, get the next one.
- //
- if (Index == mPwdInfoHandle->Count - 1) {
- //
- // Already last one.
- //
- *UserInfo = NULL;
- return EFI_NOT_FOUND;
- }
-
- Index++;
- *UserInfo = (EFI_USER_INFO_HANDLE)mPwdInfoHandle->Info[Index];
- return EFI_SUCCESS;
- }
- }
-
- *UserInfo = NULL;
- return EFI_NOT_FOUND;
-}
-
-/**
- Delete a user on this credential provider.
-
- This function deletes a user on this credential provider.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] User The user profile handle to delete.
-
- @retval EFI_SUCCESS User profile was successfully deleted.
- @retval EFI_ACCESS_DENIED Current user profile does not permit deletion on the user profile handle.
- Either the user profile cannot delete on any user profile or cannot delete
- on a user profile other than the current user profile.
- @retval EFI_UNSUPPORTED This credential provider does not support deletion in the pre-OS.
- @retval EFI_DEVICE_ERROR The new credential could not be deleted because of a device error.
- @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
-**/
-EFI_STATUS
-EFIAPI
-CredentialDelete (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *UserInfo;
- UINT8 *UserId;
- UINT8 *NewUserId;
- UINTN Index;
-
- if ((This == NULL) || (User == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Get User Identifier.
- //
- UserInfo = NULL;
- Status = FindUserInfoByType (
- User,
- EFI_USER_INFO_IDENTIFIER_RECORD,
- &UserInfo
- );
- if (EFI_ERROR (Status)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Find the user by user identifier in mPwdTable.
- //
- for (Index = 0; Index < mPwdTable->Count; Index++) {
- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
- NewUserId = (UINT8 *) (UserInfo + 1);
- if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
- //
- // Found the user, delete it.
- //
- ModifyTable (Index, NULL);
- break;
- }
- }
-
- FreePool (UserInfo);
- return EFI_SUCCESS;
-}
-
-
-/**
- Main entry for this driver.
-
- @param ImageHandle Image handle this driver.
- @param SystemTable Pointer to SystemTable.
-
- @retval EFI_SUCESS This function always complete successfully.
-
-**/
-EFI_STATUS
-EFIAPI
-PasswordProviderInit (
- IN EFI_HANDLE ImageHandle,
- IN EFI_SYSTEM_TABLE *SystemTable
- )
-{
- EFI_STATUS Status;
-
- //
- // It is NOT robust enough to be included in production.
- //
- #error "This implementation is just a sample, please comment this line if you really want to use this driver."
-
- //
- // Init credential table.
- //
- Status = InitCredentialTable ();
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Init Form Browser.
- //
- Status = InitFormBrowser ();
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Install protocol interfaces for the password credential provider.
- //
- Status = gBS->InstallProtocolInterface (
- &mCallbackInfo->DriverHandle,
- &gEfiUserCredential2ProtocolGuid,
- EFI_NATIVE_INTERFACE,
- &gPwdCredentialProviderDriver
- );
- return Status;
-}