X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=SecurityPkg%2FUserIdentification%2FPwdCredentialProviderDxe%2FPwdCredentialProvider.c;h=b9e89cbfe79610c7960fc023e87302e83567e300;hp=9d2e622f1338effee846aafc66faefe7c914fa22;hb=68d151bbc9c2d48639e6de4a15d912158b10e9f7;hpb=ae4cb94fa6170b5c4b02d1ab3d042a2452c18394
diff --git a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c
index 9d2e622f13..b9e89cbfe7 100644
--- a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c
+++ b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c
@@ -1,7 +1,7 @@
/** @file
Password Credential Provider driver implementation.
-Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.
+Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -18,12 +18,6 @@ CREDENTIAL_TABLE *mPwdTable = NULL;
PWD_PROVIDER_CALLBACK_INFO *mCallbackInfo = NULL;
PASSWORD_CREDENTIAL_INFO *mPwdInfoHandle = NULL;
-//
-// Used for save password credential and form browser.
-// Also used as provider identifier.
-//
-EFI_GUID mPwdCredentialGuid = PWD_CREDENTIAL_PROVIDER_GUID;
-
HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
{
{
@@ -34,7 +28,7 @@ HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
(UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
}
},
- { 0xeba7fc2b, 0xa465, 0x4d96, { 0x85, 0xa9, 0xd2, 0xf6, 0x64, 0xdf, 0x9b, 0x45 } }
+ PWD_CREDENTIAL_PROVIDER_GUID
},
{
END_DEVICE_PATH_TYPE,
@@ -46,7 +40,7 @@ HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
}
};
-EFI_USER_CREDENTIAL_PROTOCOL gPwdCredentialProviderDriver = {
+EFI_USER_CREDENTIAL2_PROTOCOL gPwdCredentialProviderDriver = {
PWD_CREDENTIAL_PROVIDER_GUID,
EFI_USER_CREDENTIAL_CLASS_PASSWORD,
CredentialEnroll,
@@ -58,7 +52,9 @@ EFI_USER_CREDENTIAL_PROTOCOL gPwdCredentialProviderDriver = {
CredentialDeselect,
CredentialDefault,
CredentialGetInfo,
- CredentialGetNextInfo
+ CredentialGetNextInfo,
+ EFI_CREDENTIAL_CAPABILITIES_ENROLL,
+ CredentialDelete
};
@@ -123,12 +119,12 @@ ExpandTableSize (
/**
- Add or delete info in table, and sync with NV variable.
+ Add, update or delete info in table, and sync with NV variable.
- @param[in] Index The index of the password in table. The index begin from 1.
- If index is found in table, delete the info, else add the
- into to table.
- @param[in] Info The new password info to add into table.
+ @param[in] Index The index of the password in table. If index is found in
+ table, update the info, else add the into to table.
+ @param[in] Info The new password info to add into table.If Info is NULL,
+ delete the info by Index.
@retval EFI_INVALID_PARAMETER Info is NULL when save the info.
@retval EFI_SUCCESS Modify the table successfully.
@@ -141,23 +137,29 @@ ModifyTable (
IN PASSWORD_INFO * Info OPTIONAL
)
{
- EFI_STATUS Status;
-
+ EFI_STATUS Status;
+ PASSWORD_INFO *NewPasswordInfo;
+
+ NewPasswordInfo = NULL;
+
if (Index < mPwdTable->Count) {
- //
- // Delete the specified entry.
- //
- mPwdTable->Count--;
- if (Index != mPwdTable->Count) {
- CopyMem (
- &mPwdTable->UserInfo[Index],
- &mPwdTable->UserInfo[mPwdTable->Count],
- sizeof (PASSWORD_INFO)
- );
+ if (Info == NULL) {
+ //
+ // Delete the specified entry.
+ //
+ mPwdTable->Count--;
+ if (Index != mPwdTable->Count) {
+ NewPasswordInfo = &mPwdTable->UserInfo[mPwdTable->Count];
+ }
+ } else {
+ //
+ // Update the specified entry.
+ //
+ NewPasswordInfo = Info;
}
} else {
//
- // Add a new entry.
+ // Add a new password info.
//
if (Info == NULL) {
return EFI_INVALID_PARAMETER;
@@ -167,20 +169,20 @@ ModifyTable (
ExpandTableSize ();
}
- CopyMem (
- &mPwdTable->UserInfo[mPwdTable->Count],
- Info,
- sizeof (PASSWORD_INFO)
- );
+ NewPasswordInfo = Info;
mPwdTable->Count++;
}
+ if (NewPasswordInfo != NULL) {
+ CopyMem (&mPwdTable->UserInfo[Index], NewPasswordInfo, sizeof (PASSWORD_INFO));
+ }
+
//
// Save the credential table.
//
Status = gRT->SetVariable (
L"PwdCredential",
- &mPwdCredentialGuid,
+ &gPwdCredentialProviderGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
mPwdTable->Count * sizeof (PASSWORD_INFO),
&mPwdTable->UserInfo
@@ -212,7 +214,7 @@ InitCredentialTable (
Var = NULL;
Status = gRT->GetVariable (
L"PwdCredential",
- &mPwdCredentialGuid,
+ &gPwdCredentialProviderGuid,
NULL,
&VarSize,
Var
@@ -224,7 +226,7 @@ InitCredentialTable (
}
Status = gRT->GetVariable (
L"PwdCredential",
- &mPwdCredentialGuid,
+ &gPwdCredentialProviderGuid,
NULL,
&VarSize,
Var
@@ -546,7 +548,7 @@ CredentialDriverCallback (
CHAR8 Password[CREDENTIAL_LEN];
CHAR16 *PromptStr;
- if (Action == EFI_BROWSER_ACTION_CHANGING) {
+ if (Action == EFI_BROWSER_ACTION_CHANGED) {
if (QuestionId == KEY_GET_PASSWORD) {
//
// Get and check password.
@@ -693,7 +695,7 @@ InitFormBrowser (
// Publish HII data.
//
CallbackInfo->HiiHandle = HiiAddPackages (
- &mPwdCredentialGuid,
+ &gPwdCredentialProviderGuid,
CallbackInfo->DriverHandle,
PwdCredentialProviderStrings,
PwdCredentialProviderVfrBin,
@@ -711,13 +713,11 @@ InitFormBrowser (
/**
Enroll a user on a credential provider.
- This function enrolls and deletes a user profile using this credential provider.
- If a user profile is successfully enrolled, it calls the User Manager Protocol
- function Notify() to notify the user manager driver that credential information
- has changed. If an enrolled user does exist, delete the user on the credential
- provider.
+ This function enrolls a user on this credential provider. If the user exists on
+ this credential provider, update the user information on this credential provider;
+ otherwise add the user information on credential provider.
- @param[in] This Points to this instance of EFI_USER_CREDENTIAL_PROTOCOL.
+ @param[in] This Points to this instance of EFI_USER_CREDENTIAL2_PROTOCOL.
@param[in] User The user profile to enroll.
@retval EFI_SUCCESS User profile was successfully enrolled.
@@ -735,7 +735,7 @@ InitFormBrowser (
EFI_STATUS
EFIAPI
CredentialEnroll (
- IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,
+ IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
IN EFI_USER_PROFILE_HANDLE User
)
{
@@ -745,9 +745,7 @@ CredentialEnroll (
EFI_USER_INFO *UserInfo;
CHAR8 Password[CREDENTIAL_LEN];
EFI_INPUT_KEY Key;
- EFI_USER_MANAGER_PROTOCOL *UserManager;
UINT8 *UserId;
- UINT8 *NewUserId;
CHAR16 *QuestionStr;
CHAR16 *PromptStr;
@@ -755,15 +753,6 @@ CredentialEnroll (
return EFI_INVALID_PARAMETER;
}
- Status = gBS->LocateProtocol (
- &gEfiUserManagerProtocolGuid,
- NULL,
- (VOID **) &UserManager
- );
- if (EFI_ERROR (Status)) {
- return EFI_UNSUPPORTED;
- }
-
//
// Get User Identifier.
//
@@ -777,23 +766,11 @@ CredentialEnroll (
return EFI_INVALID_PARAMETER;
}
- //
- // If User exists in mPwdTable, delete User.
- //
- for (Index = 0; Index < mPwdTable->Count; Index++) {
- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
- NewUserId = (UINT8 *) (UserInfo + 1);
- if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
- //
- // Delete the existing password.
- //
- FreePool (UserInfo);
- return ModifyTable (Index, NULL);
- }
- }
+ CopyMem (PwdInfo.UserId, (UINT8 *) (UserInfo + 1), sizeof (EFI_USER_INFO_IDENTIFIER));
+ FreePool (UserInfo);
//
- // The User doesn't exist in mPwdTable; Enroll the new User.
+ // Get password from user.
//
while (TRUE) {
//
@@ -827,26 +804,27 @@ CredentialEnroll (
FreePool (PromptStr);
}
- CopyMem (
- PwdInfo.UserId,
- (UINT8 *) (UserInfo + 1),
- sizeof (EFI_USER_INFO_IDENTIFIER)
- );
- FreePool (UserInfo);
-
//
- // Save the new added entry.
+ // Check whether User is ever enrolled in the provider.
+ //
+ for (Index = 0; Index < mPwdTable->Count; Index++) {
+ UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
+ if (CompareMem (UserId, (UINT8 *) &PwdInfo.UserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
+ //
+ // User already exists, update the password.
+ //
+ break;
+ }
+ }
+
+ //
+ // Enroll the User to the provider.
//
- Status = ModifyTable (mPwdTable->Count, &PwdInfo);
+ Status = ModifyTable (Index, &PwdInfo);
if (EFI_ERROR (Status)) {
return Status;
}
- //
- // Notify the user manager driver that credential information has changed.
- //
- UserManager->Notify (UserManager, mCallbackInfo->DriverHandle);
-
return EFI_SUCCESS;
}
@@ -860,7 +838,7 @@ CredentialEnroll (
the user credential provider does not require a form to identify the user, then this
function should return EFI_NOT_FOUND.
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[out] Hii On return, holds the HII database handle.
@param[out] FormSetId On return, holds the identifier of the form set which contains
the form used during user identification.
@@ -875,7 +853,7 @@ CredentialEnroll (
EFI_STATUS
EFIAPI
CredentialForm (
- IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,
+ IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
OUT EFI_HII_HANDLE *Hii,
OUT EFI_GUID *FormSetId,
OUT EFI_FORM_ID *FormId
@@ -888,7 +866,7 @@ CredentialForm (
*Hii = mCallbackInfo->HiiHandle;
*FormId = FORMID_GET_PASSWORD_FORM;
- CopyGuid (FormSetId, &mPwdCredentialGuid);
+ CopyGuid (FormSetId, &gPwdCredentialProviderGuid);
return EFI_SUCCESS;
}
@@ -901,7 +879,7 @@ CredentialForm (
of pixels specified by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND
is returned.
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[in, out] Width On entry, points to the desired bitmap width. If NULL then no
bitmap information will be returned. On exit, points to the
width of the bitmap returned.
@@ -919,7 +897,7 @@ CredentialForm (
EFI_STATUS
EFIAPI
CredentialTile (
- IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,
+ IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
IN OUT UINTN *Width,
IN OUT UINTN *Height,
OUT EFI_HII_HANDLE *Hii,
@@ -939,7 +917,7 @@ CredentialTile (
This function returns a string which describes the credential provider. If no
such string exists, then EFI_NOT_FOUND is returned.
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[out] Hii On return, holds the HII database handle.
@param[out] String On return, holds the HII string identifier.
@@ -951,7 +929,7 @@ CredentialTile (
EFI_STATUS
EFIAPI
CredentialTitle (
- IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,
+ IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
OUT EFI_HII_HANDLE *Hii,
OUT EFI_STRING_ID *String
)
@@ -978,7 +956,7 @@ CredentialTitle (
submitted on a form, OR after a call to Default() has returned that this credential is
ready to log on.
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[in] User The user profile handle of the user profile currently being
considered by the user identity manager. If NULL, then no user
profile is currently under consideration.
@@ -995,7 +973,7 @@ CredentialTitle (
EFI_STATUS
EFIAPI
CredentialUser (
- IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,
+ IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
IN EFI_USER_PROFILE_HANDLE User,
OUT EFI_USER_INFO_IDENTIFIER *Identifier
)
@@ -1073,7 +1051,7 @@ CredentialUser (
AutoLogon returns FALSE, then the user interface will be constructed by the User
Identity Manager.
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[out] AutoLogon On return, points to the credential provider's capabilities
after the credential provider has been selected by the user.
@@ -1084,7 +1062,7 @@ CredentialUser (
EFI_STATUS
EFIAPI
CredentialSelect (
- IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,
+ IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
)
{
@@ -1102,7 +1080,7 @@ CredentialSelect (
This function is called when a credential provider is deselected by the user.
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@retval EFI_SUCCESS Credential provider successfully deselected.
@@ -1110,7 +1088,7 @@ CredentialSelect (
EFI_STATUS
EFIAPI
CredentialDeselect (
- IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This
+ IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
)
{
if (This == NULL) {
@@ -1125,7 +1103,7 @@ CredentialDeselect (
This function reports the default login behavior regarding this credential provider.
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[out] AutoLogon On return, holds whether the credential provider should be used
by default to automatically log on the user.
@@ -1136,7 +1114,7 @@ CredentialDeselect (
EFI_STATUS
EFIAPI
CredentialDefault (
- IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,
+ IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
)
{
@@ -1154,7 +1132,7 @@ CredentialDefault (
This function returns user information.
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[in] UserInfo Handle of the user information data record.
@param[out] Info On entry, points to a buffer of at least *InfoSize bytes. On
exit, holds the user information. If the buffer is too small
@@ -1174,7 +1152,7 @@ CredentialDefault (
EFI_STATUS
EFIAPI
CredentialGetInfo (
- IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,
+ IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
IN EFI_USER_INFO_HANDLE UserInfo,
OUT EFI_USER_INFO *Info,
IN OUT UINTN *InfoSize
@@ -1221,7 +1199,7 @@ CredentialGetInfo (
another user information record handle until there are no more, at which point UserInfo
will point to NULL.
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[in, out] UserInfo On entry, points to the previous user information handle or NULL
to start enumeration. On exit, points to the next user information
handle or NULL if there is no more user information.
@@ -1234,7 +1212,7 @@ CredentialGetInfo (
EFI_STATUS
EFIAPI
CredentialGetNextInfo (
- IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,
+ IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
IN OUT EFI_USER_INFO_HANDLE *UserInfo
)
{
@@ -1269,8 +1247,8 @@ CredentialGetNextInfo (
Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD;
Info->InfoSize = (UINT32) InfoLen;
Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &mPwdCredentialGuid);
- CopyGuid ((EFI_GUID *)(Info + 1), &mPwdCredentialGuid);
+ CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
+ CopyGuid ((EFI_GUID *)(Info + 1), &gPwdCredentialProviderGuid);
mPwdInfoHandle->Info[0] = Info;
mPwdInfoHandle->Count++;
@@ -1287,7 +1265,7 @@ CredentialGetNextInfo (
Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
Info->InfoSize = (UINT32) InfoLen;
Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &mPwdCredentialGuid);
+ CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
FreePool (ProvNameStr);
@@ -1304,7 +1282,7 @@ CredentialGetNextInfo (
Info->InfoType = EFI_USER_INFO_CREDENTIAL_TYPE_RECORD;
Info->InfoSize = (UINT32) InfoLen;
Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &mPwdCredentialGuid);
+ CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
CopyGuid ((EFI_GUID *)(Info + 1), &gEfiUserCredentialClassPasswordGuid);
mPwdInfoHandle->Info[2] = Info;
@@ -1322,7 +1300,7 @@ CredentialGetNextInfo (
Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
Info->InfoSize = (UINT32) InfoLen;
Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &mPwdCredentialGuid);
+ CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
FreePool (ProvNameStr);
@@ -1365,6 +1343,71 @@ CredentialGetNextInfo (
return EFI_NOT_FOUND;
}
+/**
+ Delete a user on this credential provider.
+
+ This function deletes a user on this credential provider.
+
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
+ @param[in] User The user profile handle to delete.
+
+ @retval EFI_SUCCESS User profile was successfully deleted.
+ @retval EFI_ACCESS_DENIED Current user profile does not permit deletion on the user profile handle.
+ Either the user profile cannot delete on any user profile or cannot delete
+ on a user profile other than the current user profile.
+ @retval EFI_UNSUPPORTED This credential provider does not support deletion in the pre-OS.
+ @retval EFI_DEVICE_ERROR The new credential could not be deleted because of a device error.
+ @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
+**/
+EFI_STATUS
+EFIAPI
+CredentialDelete (
+ IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
+ IN EFI_USER_PROFILE_HANDLE User
+ )
+{
+ EFI_STATUS Status;
+ EFI_USER_INFO *UserInfo;
+ UINT8 *UserId;
+ UINT8 *NewUserId;
+ UINTN Index;
+
+ if ((This == NULL) || (User == NULL)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ //
+ // Get User Identifier.
+ //
+ UserInfo = NULL;
+ Status = FindUserInfoByType (
+ User,
+ EFI_USER_INFO_IDENTIFIER_RECORD,
+ &UserInfo
+ );
+ if (EFI_ERROR (Status)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ //
+ // Find the user by user identifier in mPwdTable.
+ //
+ for (Index = 0; Index < mPwdTable->Count; Index++) {
+ UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
+ NewUserId = (UINT8 *) (UserInfo + 1);
+ if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
+ //
+ // Found the user, delete it.
+ //
+ ModifyTable (Index, NULL);
+ break;
+ }
+ }
+
+ FreePool (UserInfo);
+ return EFI_SUCCESS;
+}
+
/**
Main entry for this driver.
@@ -1384,6 +1427,11 @@ PasswordProviderInit (
{
EFI_STATUS Status;
+ //
+ // It is NOT robust enough to be included in production.
+ //
+ #error "This implementation is just a sample, please comment this line if you really want to use this driver."
+
//
// Init credential table.
//
@@ -1405,7 +1453,7 @@ PasswordProviderInit (
//
Status = gBS->InstallProtocolInterface (
&mCallbackInfo->DriverHandle,
- &gEfiUserCredentialProtocolGuid,
+ &gEfiUserCredential2ProtocolGuid,
EFI_NATIVE_INTERFACE,
&gPwdCredentialProviderDriver
);