X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=SecurityPkg%2FVariableAuthenticated%2FSecureBootConfigDxe%2FSecureBootConfigImpl.c;h=6123b5669779a87927076b11671eca29d6fc433b;hp=eed2c2c138faf6562cae166893855a71c5244036;hb=488aab257f7072717a0b376d14bd2d41fe475030;hpb=e4d7370d18f01ca5081e283c9c993075f5eed197
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
index eed2c2c138..6123b56697 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
@@ -1,7 +1,8 @@
/** @file
HII Config Access protocol implementation of SecureBoot configuration module.
-Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -13,11 +14,12 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "SecureBootConfigImpl.h"
+#include
CHAR16 mSecureBootStorageName[] = L"SECUREBOOT_CONFIGURATION";
SECUREBOOT_CONFIG_PRIVATE_DATA mSecureBootConfigPrivateDateTemplate = {
- SECUREBOOT_CONFIG_PRIVATE_DATA_SIGNATURE,
+ SECUREBOOT_CONFIG_PRIVATE_DATA_SIGNATURE,
{
SecureBootExtractConfig,
SecureBootRouteConfig,
@@ -48,6 +50,8 @@ HII_VENDOR_DEVICE_PATH mSecureBootHiiVendorDevicePath = {
};
+BOOLEAN mIsEnterSecureBootForm = FALSE;
+
//
// OID ASN.1 Value for Hash Algorithms
//
@@ -61,16 +65,15 @@ UINT8 mHashOidValue[] = {
};
HASH_TABLE mHash[] = {
- { L"SHA1", 20, &mHashOidValue[8], 5, Sha1GetContextSize, Sha1Init, Sha1Update, Sha1Final },
- { L"SHA224", 28, &mHashOidValue[13], 9, NULL, NULL, NULL, NULL },
- { L"SHA256", 32, &mHashOidValue[22], 9, Sha256GetContextSize,Sha256Init, Sha256Update, Sha256Final},
- { L"SHA384", 48, &mHashOidValue[31], 9, NULL, NULL, NULL, NULL },
- { L"SHA512", 64, &mHashOidValue[40], 9, NULL, NULL, NULL, NULL }
+ { L"SHA224", 28, &mHashOidValue[13], 9, NULL, NULL, NULL, NULL },
+ { L"SHA256", 32, &mHashOidValue[22], 9, Sha256GetContextSize, Sha256Init, Sha256Update, Sha256Final},
+ { L"SHA384", 48, &mHashOidValue[31], 9, Sha384GetContextSize, Sha384Init, Sha384Update, Sha384Final},
+ { L"SHA512", 64, &mHashOidValue[40], 9, Sha512GetContextSize, Sha512Init, Sha512Update, Sha512Final}
};
//
-// Variable Definitions
-//
+// Variable Definitions
+//
UINT32 mPeCoffHeaderOffset = 0;
WIN_CERTIFICATE *mCertificate = NULL;
IMAGE_TYPE mImageType;
@@ -93,6 +96,33 @@ CHAR16* mDerEncodedSuffix[] = {
};
CHAR16* mSupportX509Suffix = L"*.cer/der/crt";
+SECUREBOOT_CONFIG_PRIVATE_DATA *gSecureBootPrivateData = NULL;
+
+/**
+ This code cleans up enrolled file by closing file & free related resources attached to
+ enrolled file.
+
+ @param[in] FileContext FileContext cached in SecureBootConfig driver
+
+**/
+VOID
+CloseEnrolledFile(
+ IN SECUREBOOT_FILE_CONTEXT *FileContext
+)
+{
+ if (FileContext->FHandle != NULL) {
+ CloseFile (FileContext->FHandle);
+ FileContext->FHandle = NULL;
+ }
+
+ if (FileContext->FileName != NULL){
+ FreePool(FileContext->FileName);
+ FileContext->FileName = NULL;
+ }
+ FileContext->FileType = UNKNOWN_FILE_TYPE;
+
+}
+
/**
This code checks if the FileSuffix is one of the possible DER-encoded certificate suffix.
@@ -107,7 +137,7 @@ IsDerEncodeCertificate (
IN CONST CHAR16 *FileSuffix
)
{
- UINTN Index;
+ UINTN Index;
for (Index = 0; mDerEncodedSuffix[Index] != NULL; Index++) {
if (StrCmp (FileSuffix, mDerEncodedSuffix[Index]) == 0) {
return TRUE;
@@ -116,6 +146,61 @@ IsDerEncodeCertificate (
return FALSE;
}
+/**
+ This code checks if the file content complies with EFI_VARIABLE_AUTHENTICATION_2 format
+The function reads file content but won't open/close given FileHandle.
+
+ @param[in] FileHandle The FileHandle to be checked
+
+ @retval TRUE The content is EFI_VARIABLE_AUTHENTICATION_2 format.
+ @retval FALSE The content is NOT a EFI_VARIABLE_AUTHENTICATION_2 format.
+
+**/
+BOOLEAN
+IsAuthentication2Format (
+ IN EFI_FILE_HANDLE FileHandle
+)
+{
+ EFI_STATUS Status;
+ EFI_VARIABLE_AUTHENTICATION_2 *Auth2;
+ BOOLEAN IsAuth2Format;
+
+ IsAuth2Format = FALSE;
+
+ //
+ // Read the whole file content
+ //
+ Status = ReadFileContent(
+ FileHandle,
+ (VOID **) &mImageBase,
+ &mImageSize,
+ 0
+ );
+ if (EFI_ERROR (Status)) {
+ goto ON_EXIT;
+ }
+
+ Auth2 = (EFI_VARIABLE_AUTHENTICATION_2 *)mImageBase;
+ if (Auth2->AuthInfo.Hdr.wCertificateType != WIN_CERT_TYPE_EFI_GUID) {
+ goto ON_EXIT;
+ }
+
+ if (CompareGuid(&gEfiCertPkcs7Guid, &Auth2->AuthInfo.CertType)) {
+ IsAuth2Format = TRUE;
+ }
+
+ON_EXIT:
+ //
+ // Do not close File. simply check file content
+ //
+ if (mImageBase != NULL) {
+ FreePool (mImageBase);
+ mImageBase = NULL;
+ }
+
+ return IsAuth2Format;
+}
+
/**
Set Secure Boot option into variable space.
@@ -145,14 +230,14 @@ SaveSecureBootVariable (
/**
Create a time based data payload by concatenating the EFI_VARIABLE_AUTHENTICATION_2
descriptor with the input data. NO authentication is required in this function.
-
+
@param[in, out] DataSize On input, the size of Data buffer in bytes.
On output, the size of data returned in Data
buffer in bytes.
- @param[in, out] Data On input, Pointer to data buffer to be wrapped or
+ @param[in, out] Data On input, Pointer to data buffer to be wrapped or
pointer to NULL to wrap an empty payload.
On output, Pointer to the new payload date buffer allocated from pool,
- it's caller's responsibility to free the memory when finish using it.
+ it's caller's responsibility to free the memory when finish using it.
@retval EFI_SUCCESS Create time based payload successfully.
@retval EFI_OUT_OF_RESOURCES There are not enough memory resourses to create time based payload.
@@ -173,20 +258,20 @@ CreateTimeBasedPayload (
EFI_VARIABLE_AUTHENTICATION_2 *DescriptorData;
UINTN DescriptorSize;
EFI_TIME Time;
-
+
if (Data == NULL || DataSize == NULL) {
return EFI_INVALID_PARAMETER;
}
-
+
//
- // In Setup mode or Custom mode, the variable does not need to be signed but the
+ // In Setup mode or Custom mode, the variable does not need to be signed but the
// parameters to the SetVariable() call still need to be prepared as authenticated
// variable. So we create EFI_VARIABLE_AUTHENTICATED_2 descriptor without certificate
// data in it.
//
Payload = *Data;
PayloadSize = *DataSize;
-
+
DescriptorSize = OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo) + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);
NewData = (UINT8*) AllocateZeroPool (DescriptorSize + PayloadSize);
if (NewData == NULL) {
@@ -211,16 +296,16 @@ CreateTimeBasedPayload (
Time.Daylight = 0;
Time.Pad2 = 0;
CopyMem (&DescriptorData->TimeStamp, &Time, sizeof (EFI_TIME));
-
+
DescriptorData->AuthInfo.Hdr.dwLength = OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);
DescriptorData->AuthInfo.Hdr.wRevision = 0x0200;
DescriptorData->AuthInfo.Hdr.wCertificateType = WIN_CERT_TYPE_EFI_GUID;
CopyGuid (&DescriptorData->AuthInfo.CertType, &gEfiCertPkcs7Guid);
-
+
if (Payload != NULL) {
FreePool(Payload);
}
-
+
*DataSize = DescriptorSize + PayloadSize;
*Data = NewData;
return EFI_SUCCESS;
@@ -253,6 +338,7 @@ DeleteVariable (
if (Variable == NULL) {
return EFI_SUCCESS;
}
+ FreePool (Variable);
Data = NULL;
DataSize = 0;
@@ -278,31 +364,56 @@ DeleteVariable (
return Status;
}
+/**
+
+ Set the platform secure boot mode into "Custom" or "Standard" mode.
+
+ @param[in] SecureBootMode New secure boot mode: STANDARD_SECURE_BOOT_MODE or
+ CUSTOM_SECURE_BOOT_MODE.
+
+ @return EFI_SUCCESS The platform has switched to the special mode successfully.
+ @return other Fail to operate the secure boot mode.
+
+**/
+EFI_STATUS
+SetSecureBootMode (
+ IN UINT8 SecureBootMode
+ )
+{
+ return gRT->SetVariable (
+ EFI_CUSTOM_MODE_NAME,
+ &gEfiCustomModeEnableGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
+ sizeof (UINT8),
+ &SecureBootMode
+ );
+}
+
/**
Generate the PK signature list from the X509 Certificate storing file (.cer)
@param[in] X509File FileHandle of X509 Certificate storing file.
@param[out] PkCert Point to the data buffer to store the signature list.
-
+
@return EFI_UNSUPPORTED Unsupported Key Length.
@return EFI_OUT_OF_RESOURCES There are not enough memory resourses to form the signature list.
-
+
**/
EFI_STATUS
CreatePkX509SignatureList (
- IN EFI_FILE_HANDLE X509File,
- OUT EFI_SIGNATURE_LIST **PkCert
+ IN EFI_FILE_HANDLE X509File,
+ OUT EFI_SIGNATURE_LIST **PkCert
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
UINT8 *X509Data;
UINTN X509DataSize;
EFI_SIGNATURE_DATA *PkCertData;
X509Data = NULL;
PkCertData = NULL;
- X509DataSize = 0;
-
+ X509DataSize = 0;
+
Status = ReadFileContent (X509File, (VOID**) &X509Data, &X509DataSize, 0);
if (EFI_ERROR (Status)) {
goto ON_EXIT;
@@ -322,32 +433,32 @@ CreatePkX509SignatureList (
goto ON_EXIT;
}
- (*PkCert)->SignatureListSize = (UINT32) (sizeof(EFI_SIGNATURE_LIST)
+ (*PkCert)->SignatureListSize = (UINT32) (sizeof(EFI_SIGNATURE_LIST)
+ sizeof(EFI_SIGNATURE_DATA) - 1
+ X509DataSize);
(*PkCert)->SignatureSize = (UINT32) (sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize);
(*PkCert)->SignatureHeaderSize = 0;
CopyGuid (&(*PkCert)->SignatureType, &gEfiCertX509Guid);
- PkCertData = (EFI_SIGNATURE_DATA*) ((UINTN)(*PkCert)
+ PkCertData = (EFI_SIGNATURE_DATA*) ((UINTN)(*PkCert)
+ sizeof(EFI_SIGNATURE_LIST)
+ (*PkCert)->SignatureHeaderSize);
- CopyGuid (&PkCertData->SignatureOwner, &gEfiGlobalVariableGuid);
+ CopyGuid (&PkCertData->SignatureOwner, &gEfiGlobalVariableGuid);
//
// Fill the PK database with PKpub data from X509 certificate file.
- //
+ //
CopyMem (&(PkCertData->SignatureData[0]), X509Data, X509DataSize);
-
+
ON_EXIT:
-
+
if (X509Data != NULL) {
FreePool (X509Data);
}
-
+
if (EFI_ERROR(Status) && *PkCert != NULL) {
FreePool (*PkCert);
*PkCert = NULL;
}
-
+
return Status;
}
@@ -361,29 +472,39 @@ ON_EXIT:
@retval EFI_SUCCESS New PK enrolled successfully.
@retval EFI_INVALID_PARAMETER The parameter is invalid.
@retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
-
+
**/
EFI_STATUS
EnrollPlatformKey (
IN SECUREBOOT_CONFIG_PRIVATE_DATA* Private
- )
+ )
{
EFI_STATUS Status;
UINT32 Attr;
UINTN DataSize;
EFI_SIGNATURE_LIST *PkCert;
UINT16* FilePostFix;
-
+ UINTN NameLength;
+
if (Private->FileContext->FileName == NULL) {
return EFI_INVALID_PARAMETER;
}
PkCert = NULL;
+ Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
//
// Parse the file's postfix. Only support DER encoded X.509 certificate files.
//
- FilePostFix = Private->FileContext->FileName + StrLen (Private->FileContext->FileName) - 4;
+ NameLength = StrLen (Private->FileContext->FileName);
+ if (NameLength <= 4) {
+ return EFI_INVALID_PARAMETER;
+ }
+ FilePostFix = Private->FileContext->FileName + NameLength - 4;
if (!IsDerEncodeCertificate(FilePostFix)) {
DEBUG ((EFI_D_ERROR, "Unsupported file type, only DER encoded certificate (%s) is supported.", mSupportX509Suffix));
return EFI_INVALID_PARAMETER;
@@ -395,18 +516,18 @@ EnrollPlatformKey (
// Prase the selected PK file and generature PK certificate list.
//
Status = CreatePkX509SignatureList (
- Private->FileContext->FHandle,
- &PkCert
+ Private->FileContext->FHandle,
+ &PkCert
);
if (EFI_ERROR (Status)) {
goto ON_EXIT;
}
ASSERT (PkCert != NULL);
-
+
//
// Set Platform Key variable.
- //
- Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
+ //
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
| EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
DataSize = PkCert->SignatureListSize;
Status = CreateTimeBasedPayload (&DataSize, (UINT8**) &PkCert);
@@ -414,12 +535,12 @@ EnrollPlatformKey (
DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
goto ON_EXIT;
}
-
+
Status = gRT->SetVariable(
- EFI_PLATFORM_KEY_NAME,
- &gEfiGlobalVariableGuid,
- Attr,
- DataSize,
+ EFI_PLATFORM_KEY_NAME,
+ &gEfiGlobalVariableGuid,
+ Attr,
+ DataSize,
PkCert
);
if (EFI_ERROR (Status)) {
@@ -428,17 +549,14 @@ EnrollPlatformKey (
}
goto ON_EXIT;
}
-
+
ON_EXIT:
if (PkCert != NULL) {
FreePool(PkCert);
}
-
- if (Private->FileContext->FHandle != NULL) {
- CloseFile (Private->FileContext->FHandle);
- Private->FileContext->FHandle = NULL;
- }
+
+ CloseEnrolledFile(Private->FileContext);
return Status;
}
@@ -448,7 +566,7 @@ ON_EXIT:
@retval EFI_SUCCESS Delete PK successfully.
@retval Others Could not allow to delete PK.
-
+
**/
EFI_STATUS
DeletePlatformKey (
@@ -457,6 +575,11 @@ DeletePlatformKey (
{
EFI_STATUS Status;
+ Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
Status = DeleteVariable (
EFI_PLATFORM_KEY_NAME,
&gEfiGlobalVariableGuid
@@ -489,7 +612,7 @@ EnrollRsa2048ToKek (
CPL_KEY_INFO *KeyInfo;
EFI_SIGNATURE_DATA *KEKSigData;
UINTN KekSigListSize;
- UINT8 *KeyBuffer;
+ UINT8 *KeyBuffer;
UINTN KeyLenInBytes;
Attr = 0;
@@ -501,11 +624,11 @@ EnrollRsa2048ToKek (
KEKSigData = NULL;
KekSigList = NULL;
KekSigListSize = 0;
-
+
//
// Form the KeKpub certificate list into EFI_SIGNATURE_LIST type.
// First, We have to parse out public key data from the pbk key file.
- //
+ //
Status = ReadFileContent (
Private->FileContext->FHandle,
(VOID**) &KeyBlob,
@@ -522,10 +645,10 @@ EnrollRsa2048ToKek (
Status = EFI_UNSUPPORTED;
goto ON_EXIT;
}
-
+
//
// Convert the Public key to fix octet string format represented in RSA PKCS#1.
- //
+ //
KeyLenInBytes = KeyInfo->KeyLengthInBits / 8;
KeyBuffer = AllocateZeroPool (KeyLenInBytes);
if (KeyBuffer == NULL) {
@@ -533,13 +656,13 @@ EnrollRsa2048ToKek (
goto ON_EXIT;
}
Int2OctStr (
- (UINTN*) (KeyBlob + sizeof (CPL_KEY_INFO)),
- KeyLenInBytes / sizeof (UINTN),
- KeyBuffer,
+ (UINTN*) (KeyBlob + sizeof (CPL_KEY_INFO)),
+ KeyLenInBytes / sizeof (UINTN),
+ KeyBuffer,
KeyLenInBytes
);
CopyMem(KeyBlob + sizeof(CPL_KEY_INFO), KeyBuffer, KeyLenInBytes);
-
+
//
// Form an new EFI_SIGNATURE_LIST.
//
@@ -559,7 +682,7 @@ EnrollRsa2048ToKek (
KekSigList->SignatureHeaderSize = 0;
KekSigList->SignatureSize = sizeof(EFI_SIGNATURE_DATA) - 1 + WIN_CERT_UEFI_RSA2048_SIZE;
CopyGuid (&KekSigList->SignatureType, &gEfiCertRsa2048Guid);
-
+
KEKSigData = (EFI_SIGNATURE_DATA*)((UINT8*)KekSigList + sizeof(EFI_SIGNATURE_LIST));
CopyGuid (&KEKSigData->SignatureOwner, Private->SignatureGUID);
CopyMem (
@@ -567,13 +690,13 @@ EnrollRsa2048ToKek (
KeyBlob + sizeof(CPL_KEY_INFO),
WIN_CERT_UEFI_RSA2048_SIZE
);
-
+
//
- // Check if KEK entry has been already existed.
- // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
+ // Check if KEK entry has been already existed.
+ // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
// new KEK to original variable.
- //
- Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
+ //
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
| EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
Status = CreateTimeBasedPayload (&KekSigListSize, (UINT8**) &KekSigList);
if (EFI_ERROR (Status)) {
@@ -582,10 +705,10 @@ EnrollRsa2048ToKek (
}
Status = gRT->GetVariable(
- EFI_KEY_EXCHANGE_KEY_NAME,
- &gEfiGlobalVariableGuid,
- NULL,
- &DataSize,
+ EFI_KEY_EXCHANGE_KEY_NAME,
+ &gEfiGlobalVariableGuid,
+ NULL,
+ &DataSize,
NULL
);
if (Status == EFI_BUFFER_TOO_SMALL) {
@@ -593,26 +716,24 @@ EnrollRsa2048ToKek (
} else if (Status != EFI_NOT_FOUND) {
goto ON_EXIT;
}
-
+
//
// Done. Now we have formed the correct KEKpub database item, just set it into variable storage,
- //
+ //
Status = gRT->SetVariable(
- EFI_KEY_EXCHANGE_KEY_NAME,
- &gEfiGlobalVariableGuid,
- Attr,
- KekSigListSize,
+ EFI_KEY_EXCHANGE_KEY_NAME,
+ &gEfiGlobalVariableGuid,
+ Attr,
+ KekSigListSize,
KekSigList
);
if (EFI_ERROR (Status)) {
goto ON_EXIT;
}
-
+
ON_EXIT:
- CloseFile (Private->FileContext->FHandle);
- Private->FileContext->FHandle = NULL;
- Private->FileContext->FileName = NULL;
+ CloseEnrolledFile(Private->FileContext);
if (Private->SignatureGUID != NULL) {
FreePool (Private->SignatureGUID);
@@ -628,7 +749,7 @@ ON_EXIT:
if (KekSigList != NULL) {
FreePool (KekSigList);
}
-
+
return Status;
}
@@ -646,7 +767,7 @@ ON_EXIT:
EFI_STATUS
EnrollX509ToKek (
IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private
- )
+ )
{
EFI_STATUS Status;
UINTN X509DataSize;
@@ -684,7 +805,7 @@ EnrollX509ToKek (
//
// Fill Certificate Database parameters.
- //
+ //
KekSigList->SignatureListSize = (UINT32) KekSigListSize;
KekSigList->SignatureHeaderSize = 0;
KekSigList->SignatureSize = (UINT32) (sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize);
@@ -695,35 +816,35 @@ EnrollX509ToKek (
CopyMem (KEKSigData->SignatureData, X509Data, X509DataSize);
//
- // Check if KEK been already existed.
- // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
+ // Check if KEK been already existed.
+ // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
// new kek to original variable
- //
- Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
+ //
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
| EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
Status = CreateTimeBasedPayload (&KekSigListSize, (UINT8**) &KekSigList);
if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
goto ON_EXIT;
}
-
+
Status = gRT->GetVariable(
- EFI_KEY_EXCHANGE_KEY_NAME,
- &gEfiGlobalVariableGuid,
- NULL,
- &DataSize,
+ EFI_KEY_EXCHANGE_KEY_NAME,
+ &gEfiGlobalVariableGuid,
+ NULL,
+ &DataSize,
NULL
);
if (Status == EFI_BUFFER_TOO_SMALL) {
Attr |= EFI_VARIABLE_APPEND_WRITE;
} else if (Status != EFI_NOT_FOUND) {
goto ON_EXIT;
- }
+ }
Status = gRT->SetVariable(
- EFI_KEY_EXCHANGE_KEY_NAME,
- &gEfiGlobalVariableGuid,
- Attr,
+ EFI_KEY_EXCHANGE_KEY_NAME,
+ &gEfiGlobalVariableGuid,
+ Attr,
KekSigListSize,
KekSigList
);
@@ -733,9 +854,7 @@ EnrollX509ToKek (
ON_EXIT:
- CloseFile (Private->FileContext->FHandle);
- Private->FileContext->FileName = NULL;
- Private->FileContext->FHandle = NULL;
+ CloseEnrolledFile(Private->FileContext);
if (Private->SignatureGUID != NULL) {
FreePool (Private->SignatureGUID);
@@ -752,47 +871,63 @@ ON_EXIT:
/**
Enroll new KEK into the System without PK's authentication.
The SignatureOwner GUID will be Private->SignatureGUID.
-
+
@param[in] PrivateData The module's private data.
-
+
@retval EFI_SUCCESS New KEK enrolled successful.
@retval EFI_INVALID_PARAMETER The parameter is invalid.
@retval others Fail to enroll KEK data.
-
+
**/
EFI_STATUS
EnrollKeyExchangeKey (
IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private
- )
+ )
{
UINT16* FilePostFix;
-
- if ((Private->FileContext->FileName == NULL) || (Private->SignatureGUID == NULL)) {
+ EFI_STATUS Status;
+ UINTN NameLength;
+
+ if ((Private->FileContext->FHandle == NULL) || (Private->FileContext->FileName == NULL) || (Private->SignatureGUID == NULL)) {
return EFI_INVALID_PARAMETER;
}
+ Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
//
- // Parse the file's postfix. Supports DER-encoded X509 certificate,
+ // Parse the file's postfix. Supports DER-encoded X509 certificate,
// and .pbk as RSA public key file.
//
- FilePostFix = Private->FileContext->FileName + StrLen (Private->FileContext->FileName) - 4;
+ NameLength = StrLen (Private->FileContext->FileName);
+ if (NameLength <= 4) {
+ return EFI_INVALID_PARAMETER;
+ }
+ FilePostFix = Private->FileContext->FileName + NameLength - 4;
if (IsDerEncodeCertificate(FilePostFix)) {
return EnrollX509ToKek (Private);
} else if (CompareMem (FilePostFix, L".pbk",4) == 0) {
return EnrollRsa2048ToKek (Private);
} else {
+ //
+ // File type is wrong, simply close it
+ //
+ CloseEnrolledFile(Private->FileContext);
+
return EFI_INVALID_PARAMETER;
}
}
/**
- Enroll a new X509 certificate into Signature Database (DB or DBX) without
+ Enroll a new X509 certificate into Signature Database (DB or DBX or DBT) without
KEK's authentication.
@param[in] PrivateData The module's private data.
- @param[in] VariableName Variable name of signature database, must be
+ @param[in] VariableName Variable name of signature database, must be
EFI_IMAGE_SECURITY_DATABASE or EFI_IMAGE_SECURITY_DATABASE1.
-
+
@retval EFI_SUCCESS New X509 is enrolled successfully.
@retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
@@ -801,7 +936,7 @@ EFI_STATUS
EnrollX509toSigDB (
IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
IN CHAR16 *VariableName
- )
+ )
{
EFI_STATUS Status;
UINTN X509DataSize;
@@ -842,7 +977,7 @@ EnrollX509toSigDB (
//
// Fill Certificate Database parameters.
- //
+ //
SigDBCert = (EFI_SIGNATURE_LIST*) Data;
SigDBCert->SignatureListSize = (UINT32) SigDBSize;
SigDBCert->SignatureHeaderSize = 0;
@@ -854,11 +989,11 @@ EnrollX509toSigDB (
CopyMem ((UINT8* ) (SigDBCertData->SignatureData), X509Data, X509DataSize);
//
- // Check if signature database entry has been already existed.
- // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
+ // Check if signature database entry has been already existed.
+ // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
// new signature data to original variable
- //
- Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
+ //
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
| EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
Status = CreateTimeBasedPayload (&SigDBSize, (UINT8**) &Data);
if (EFI_ERROR (Status)) {
@@ -867,22 +1002,22 @@ EnrollX509toSigDB (
}
Status = gRT->GetVariable(
- VariableName,
- &gEfiImageSecurityDatabaseGuid,
- NULL,
- &DataSize,
+ VariableName,
+ &gEfiImageSecurityDatabaseGuid,
+ NULL,
+ &DataSize,
NULL
);
if (Status == EFI_BUFFER_TOO_SMALL) {
Attr |= EFI_VARIABLE_APPEND_WRITE;
} else if (Status != EFI_NOT_FOUND) {
goto ON_EXIT;
- }
+ }
Status = gRT->SetVariable(
- VariableName,
- &gEfiImageSecurityDatabaseGuid,
- Attr,
+ VariableName,
+ &gEfiImageSecurityDatabaseGuid,
+ Attr,
SigDBSize,
Data
);
@@ -892,9 +1027,7 @@ EnrollX509toSigDB (
ON_EXIT:
- CloseFile (Private->FileContext->FHandle);
- Private->FileContext->FileName = NULL;
- Private->FileContext->FHandle = NULL;
+ CloseEnrolledFile(Private->FileContext);
if (Private->SignatureGUID != NULL) {
FreePool (Private->SignatureGUID);
@@ -913,552 +1046,538 @@ ON_EXIT:
}
/**
- Load PE/COFF image information into internal buffer and check its validity.
+ Check whether signature is in specified database.
- @retval EFI_SUCCESS Successful
- @retval EFI_UNSUPPORTED Invalid PE/COFF file
- @retval EFI_ABORTED Serious error occurs, like file I/O error etc.
+ @param[in] VariableName Name of database variable that is searched in.
+ @param[in] Signature Pointer to signature that is searched for.
+ @param[in] SignatureSize Size of Signature.
+
+ @return TRUE Found the signature in the variable database.
+ @return FALSE Not found the signature in the variable database.
**/
-EFI_STATUS
-LoadPeImage (
- VOID
- )
+BOOLEAN
+IsSignatureFoundInDatabase (
+ IN CHAR16 *VariableName,
+ IN UINT8 *Signature,
+ IN UINTN SignatureSize
+ )
{
- EFI_IMAGE_DOS_HEADER *DosHdr;
- EFI_IMAGE_NT_HEADERS32 *NtHeader32;
- EFI_IMAGE_NT_HEADERS64 *NtHeader64;
+ EFI_STATUS Status;
+ EFI_SIGNATURE_LIST *CertList;
+ EFI_SIGNATURE_DATA *Cert;
+ UINTN DataSize;
+ UINT8 *Data;
+ UINTN Index;
+ UINTN CertCount;
+ BOOLEAN IsFound;
- NtHeader32 = NULL;
- NtHeader64 = NULL;
//
- // Read the Dos header
+ // Read signature database variable.
//
- DosHdr = (EFI_IMAGE_DOS_HEADER*)(mImageBase);
- if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE)
- {
- //
- // DOS image header is present,
- // So read the PE header after the DOS image header
- //
- mPeCoffHeaderOffset = DosHdr->e_lfanew;
- }
- else
- {
- mPeCoffHeaderOffset = 0;
+ IsFound = FALSE;
+ Data = NULL;
+ DataSize = 0;
+ Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL);
+ if (Status != EFI_BUFFER_TOO_SMALL) {
+ return FALSE;
}
- //
- // Read PE header and check the signature validity and machine compatibility
- //
- NtHeader32 = (EFI_IMAGE_NT_HEADERS32*) (mImageBase + mPeCoffHeaderOffset);
- if (NtHeader32->Signature != EFI_IMAGE_NT_SIGNATURE)
- {
- return EFI_UNSUPPORTED;
+ Data = (UINT8 *) AllocateZeroPool (DataSize);
+ if (Data == NULL) {
+ return FALSE;
}
- mNtHeader.Pe32 = NtHeader32;
+ Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, Data);
+ if (EFI_ERROR (Status)) {
+ goto Done;
+ }
//
- // Check the architecture field of PE header and get the Certificate Data Directory data
- // Note the size of FileHeader field is constant for both IA32 and X64 arch
+ // Enumerate all signature data in SigDB to check if executable's signature exists.
//
- if ((NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_IA32)
- || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_EBC)) {
- //
- // IA-32 Architecture
- //
- mImageType = ImageType_IA32;
- mSecDataDir = (EFI_IMAGE_SECURITY_DATA_DIRECTORY*) &(NtHeader32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]);
+ CertList = (EFI_SIGNATURE_LIST *) Data;
+ while ((DataSize > 0) && (DataSize >= CertList->SignatureListSize)) {
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
+ if ((CertList->SignatureSize == sizeof(EFI_SIGNATURE_DATA) - 1 + SignatureSize) && (CompareGuid(&CertList->SignatureType, &gEfiCertX509Guid))) {
+ for (Index = 0; Index < CertCount; Index++) {
+ if (CompareMem (Cert->SignatureData, Signature, SignatureSize) == 0) {
+ //
+ // Find the signature in database.
+ //
+ IsFound = TRUE;
+ break;
+ }
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);
+ }
+
+ if (IsFound) {
+ break;
+ }
+ }
+
+ DataSize -= CertList->SignatureListSize;
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
}
- else if ((NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_IA64)
- || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_X64)) {
- //
- // 64-bits Architecture
- //
- mImageType = ImageType_X64;
- NtHeader64 = (EFI_IMAGE_NT_HEADERS64 *) (mImageBase + mPeCoffHeaderOffset);
- mSecDataDir = (EFI_IMAGE_SECURITY_DATA_DIRECTORY*) &(NtHeader64->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]);
- } else {
- return EFI_UNSUPPORTED;
+
+Done:
+ if (Data != NULL) {
+ FreePool (Data);
}
- return EFI_SUCCESS;
+ return IsFound;
}
/**
- Calculate hash of Pe/Coff image based on the authenticode image hashing in
- PE/COFF Specification 8.0 Appendix A
+ Calculate the hash of a certificate data with the specified hash algorithm.
- @param[in] HashAlg Hash algorithm type.
-
- @retval TRUE Successfully hash image.
- @retval FALSE Fail in hash image.
+ @param[in] CertData The certificate data to be hashed.
+ @param[in] CertSize The certificate size in bytes.
+ @param[in] HashAlg The specified hash algorithm.
+ @param[out] CertHash The output digest of the certificate
+
+ @retval TRUE Successfully got the hash of the CertData.
+ @retval FALSE Failed to get the hash of CertData.
**/
-BOOLEAN
-HashPeImage (
- IN UINT32 HashAlg
+BOOLEAN
+CalculateCertHash (
+ IN UINT8 *CertData,
+ IN UINTN CertSize,
+ IN UINT32 HashAlg,
+ OUT UINT8 *CertHash
)
{
BOOLEAN Status;
- UINT16 Magic;
- EFI_IMAGE_SECTION_HEADER *Section;
VOID *HashCtx;
UINTN CtxSize;
- UINT8 *HashBase;
- UINTN HashSize;
- UINTN SumOfBytesHashed;
- EFI_IMAGE_SECTION_HEADER *SectionHeader;
- UINTN Index;
- UINTN Pos;
+ UINT8 *TBSCert;
+ UINTN TBSCertSize;
- HashCtx = NULL;
- SectionHeader = NULL;
- Status = FALSE;
+ HashCtx = NULL;
+ Status = FALSE;
- if ((HashAlg != HASHALG_SHA1) && (HashAlg != HASHALG_SHA256)) {
+ if (HashAlg >= HASHALG_MAX) {
return FALSE;
}
-
+
//
- // Initialize context of hash.
+ // Retrieve the TBSCertificate for Hash Calculation.
//
- ZeroMem (mImageDigest, MAX_DIGEST_SIZE);
-
- if (HashAlg == HASHALG_SHA1) {
- mImageDigestSize = SHA1_DIGEST_SIZE;
- mCertType = gEfiCertSha1Guid;
- } else if (HashAlg == HASHALG_SHA256) {
- mImageDigestSize = SHA256_DIGEST_SIZE;
- mCertType = gEfiCertSha256Guid;
+ if (!X509GetTBSCert (CertData, CertSize, &TBSCert, &TBSCertSize)) {
+ return FALSE;
}
- CtxSize = mHash[HashAlg].GetContextSize();
-
+ //
+ // 1. Initialize context of hash.
+ //
+ CtxSize = mHash[HashAlg].GetContextSize ();
HashCtx = AllocatePool (CtxSize);
ASSERT (HashCtx != NULL);
- // 1. Load the image header into memory.
-
- // 2. Initialize a SHA hash context.
- Status = mHash[HashAlg].HashInit(HashCtx);
+ //
+ // 2. Initialize a hash context.
+ //
+ Status = mHash[HashAlg].HashInit (HashCtx);
if (!Status) {
goto Done;
}
+
//
- // Measuring PE/COFF Image Header;
- // But CheckSum field and SECURITY data directory (certificate) are excluded
+ // 3. Calculate the hash.
//
- if (mNtHeader.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- //
- // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
- // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
- // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
- // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
- //
- Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
- } else {
- //
- // Get the magic value from the PE/COFF Optional Header
- //
- Magic = mNtHeader.Pe32->OptionalHeader.Magic;
- }
-
- //
- // 3. Calculate the distance from the base of the image header to the image checksum address.
- // 4. Hash the image header from its base to beginning of the image checksum.
- //
- HashBase = mImageBase;
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- //
- // Use PE32 offset.
- //
- HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32->OptionalHeader.CheckSum) - HashBase);
- } else {
- //
- // Use PE32+ offset.
- //
- HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32Plus->OptionalHeader.CheckSum) - HashBase);
- }
-
- Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
+ Status = mHash[HashAlg].HashUpdate (HashCtx, TBSCert, TBSCertSize);
if (!Status) {
goto Done;
}
+
//
- // 5. Skip over the image checksum (it occupies a single ULONG).
- // 6. Get the address of the beginning of the Cert Directory.
- // 7. Hash everything from the end of the checksum to the start of the Cert Directory.
+ // 4. Get the hash result.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- //
- // Use PE32 offset.
- //
- HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
- HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);
- } else {
- //
- // Use PE32+ offset.
- //
- HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
- HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);
- }
+ ZeroMem (CertHash, mHash[HashAlg].DigestLength);
+ Status = mHash[HashAlg].HashFinal (HashCtx, CertHash);
- Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
- if (!Status) {
- goto Done;
+Done:
+ if (HashCtx != NULL) {
+ FreePool (HashCtx);
}
+
+ return Status;
+}
+
+/**
+ Check whether the hash of an X.509 certificate is in forbidden database (DBX).
+
+ @param[in] Certificate Pointer to X.509 Certificate that is searched for.
+ @param[in] CertSize Size of X.509 Certificate.
+
+ @return TRUE Found the certificate hash in the forbidden database.
+ @return FALSE Certificate hash is Not found in the forbidden database.
+
+**/
+BOOLEAN
+IsCertHashFoundInDbx (
+ IN UINT8 *Certificate,
+ IN UINTN CertSize
+ )
+{
+ BOOLEAN IsFound;
+ EFI_STATUS Status;
+ EFI_SIGNATURE_LIST *DbxList;
+ EFI_SIGNATURE_DATA *CertHash;
+ UINTN CertHashCount;
+ UINTN Index;
+ UINT32 HashAlg;
+ UINT8 CertDigest[MAX_DIGEST_SIZE];
+ UINT8 *DbxCertHash;
+ UINTN SiglistHeaderSize;
+ UINT8 *Data;
+ UINTN DataSize;
+
+ IsFound = FALSE;
+ HashAlg = HASHALG_MAX;
+ Data = NULL;
+
//
- // 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)
- // 9. Hash everything from the end of the Cert Directory to the end of image header.
+ // Read signature database variable.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- //
- // Use PE32 offset
- //
- HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
- HashSize = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) ((UINT8 *) (&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]) - mImageBase);
- } else {
- //
- // Use PE32+ offset.
- //
- HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
- HashSize = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) ((UINT8 *) (&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]) - mImageBase);
+ DataSize = 0;
+ Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL);
+ if (Status != EFI_BUFFER_TOO_SMALL) {
+ return FALSE;
}
- Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
- if (!Status) {
- goto Done;
- }
- //
- // 10. Set the SUM_OF_BYTES_HASHED to the size of the header.
- //
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- //
- // Use PE32 offset.
- //
- SumOfBytesHashed = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders;
- } else {
- //
- // Use PE32+ offset
- //
- SumOfBytesHashed = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders;
+ Data = (UINT8 *) AllocateZeroPool (DataSize);
+ if (Data == NULL) {
+ return FALSE;
}
- //
- // 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER
- // structures in the image. The 'NumberOfSections' field of the image
- // header indicates how big the table should be. Do not include any
- // IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.
- //
- SectionHeader = (EFI_IMAGE_SECTION_HEADER *) AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * mNtHeader.Pe32->FileHeader.NumberOfSections);
- ASSERT (SectionHeader != NULL);
- //
- // 12. Using the 'PointerToRawData' in the referenced section headers as
- // a key, arrange the elements in the table in ascending order. In other
- // words, sort the section headers according to the disk-file offset of
- // the section.
- //
- Section = (EFI_IMAGE_SECTION_HEADER *) (
- mImageBase +
- mPeCoffHeaderOffset +
- sizeof (UINT32) +
- sizeof (EFI_IMAGE_FILE_HEADER) +
- mNtHeader.Pe32->FileHeader.SizeOfOptionalHeader
- );
- for (Index = 0; Index < mNtHeader.Pe32->FileHeader.NumberOfSections; Index++) {
- Pos = Index;
- while ((Pos > 0) && (Section->PointerToRawData < SectionHeader[Pos - 1].PointerToRawData)) {
- CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof (EFI_IMAGE_SECTION_HEADER));
- Pos--;
- }
- CopyMem (&SectionHeader[Pos], Section, sizeof (EFI_IMAGE_SECTION_HEADER));
- Section += 1;
+ Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, Data);
+ if (EFI_ERROR (Status)) {
+ goto Done;
}
//
- // 13. Walk through the sorted table, bring the corresponding section
- // into memory, and hash the entire section (using the 'SizeOfRawData'
- // field in the section header to determine the amount of data to hash).
- // 14. Add the section's 'SizeOfRawData' to SUM_OF_BYTES_HASHED .
- // 15. Repeat steps 13 and 14 for all the sections in the sorted table.
+ // Check whether the certificate hash exists in the forbidden database.
//
- for (Index = 0; Index < mNtHeader.Pe32->FileHeader.NumberOfSections; Index++) {
- Section = &SectionHeader[Index];
- if (Section->SizeOfRawData == 0) {
+ DbxList = (EFI_SIGNATURE_LIST *) Data;
+ while ((DataSize > 0) && (DataSize >= DbxList->SignatureListSize)) {
+ //
+ // Determine Hash Algorithm of Certificate in the forbidden database.
+ //
+ if (CompareGuid (&DbxList->SignatureType, &gEfiCertX509Sha256Guid)) {
+ HashAlg = HASHALG_SHA256;
+ } else if (CompareGuid (&DbxList->SignatureType, &gEfiCertX509Sha384Guid)) {
+ HashAlg = HASHALG_SHA384;
+ } else if (CompareGuid (&DbxList->SignatureType, &gEfiCertX509Sha512Guid)) {
+ HashAlg = HASHALG_SHA512;
+ } else {
+ DataSize -= DbxList->SignatureListSize;
+ DbxList = (EFI_SIGNATURE_LIST *) ((UINT8 *) DbxList + DbxList->SignatureListSize);
continue;
}
- HashBase = mImageBase + Section->PointerToRawData;
- HashSize = (UINTN) Section->SizeOfRawData;
- Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
- if (!Status) {
+ //
+ // Calculate the hash value of current db certificate for comparision.
+ //
+ if (!CalculateCertHash (Certificate, CertSize, HashAlg, CertDigest)) {
goto Done;
}
- SumOfBytesHashed += HashSize;
- }
-
- //
- // 16. If the file size is greater than SUM_OF_BYTES_HASHED, there is extra
- // data in the file that needs to be added to the hash. This data begins
- // at file offset SUM_OF_BYTES_HASHED and its length is:
- // FileSize - (CertDirectory->Size)
- //
- if (mImageSize > SumOfBytesHashed) {
- HashBase = mImageBase + SumOfBytesHashed;
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- //
- // Use PE32 offset.
- //
- HashSize = (UINTN)(
- mImageSize -
- mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size -
- SumOfBytesHashed);
- } else {
+ SiglistHeaderSize = sizeof (EFI_SIGNATURE_LIST) + DbxList->SignatureHeaderSize;
+ CertHash = (EFI_SIGNATURE_DATA *) ((UINT8 *) DbxList + SiglistHeaderSize);
+ CertHashCount = (DbxList->SignatureListSize - SiglistHeaderSize) / DbxList->SignatureSize;
+ for (Index = 0; Index < CertHashCount; Index++) {
//
- // Use PE32+ offset.
+ // Iterate each Signature Data Node within this CertList for verify.
//
- HashSize = (UINTN)(
- mImageSize -
- mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size -
- SumOfBytesHashed);
+ DbxCertHash = CertHash->SignatureData;
+ if (CompareMem (DbxCertHash, CertDigest, mHash[HashAlg].DigestLength) == 0) {
+ //
+ // Hash of Certificate is found in forbidden database.
+ //
+ IsFound = TRUE;
+ goto Done;
+ }
+ CertHash = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertHash + DbxList->SignatureSize);
}
- Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
- if (!Status) {
- goto Done;
- }
+ DataSize -= DbxList->SignatureListSize;
+ DbxList = (EFI_SIGNATURE_LIST *) ((UINT8 *) DbxList + DbxList->SignatureListSize);
}
- Status = mHash[HashAlg].HashFinal(HashCtx, mImageDigest);
-
Done:
- if (HashCtx != NULL) {
- FreePool (HashCtx);
- }
- if (SectionHeader != NULL) {
- FreePool (SectionHeader);
+ if (Data != NULL) {
+ FreePool (Data);
}
- return Status;
+
+ return IsFound;
}
/**
- Recognize the Hash algorithm in PE/COFF Authenticode and caculate hash of
- Pe/Coff image based on the authenticated image hashing in PE/COFF Specification
- 8.0 Appendix A
+ Check whether the signature list exists in given variable data.
- @retval EFI_UNSUPPORTED Hash algorithm is not supported.
- @retval EFI_SUCCESS Hash successfully.
+ It searches the signature list for the ceritificate hash by CertType.
+ If the signature list is found, get the offset of Database for the
+ next hash of a certificate.
+ @param[in] Database Variable data to save signature list.
+ @param[in] DatabaseSize Variable size.
+ @param[in] SignatureType The type of the signature.
+ @param[out] Offset The offset to save a new hash of certificate.
+
+ @return TRUE The signature list is found in the forbidden database.
+ @return FALSE The signature list is not found in the forbidden database.
**/
-EFI_STATUS
-HashPeImageByType (
- VOID
+BOOLEAN
+GetSignaturelistOffset (
+ IN EFI_SIGNATURE_LIST *Database,
+ IN UINTN DatabaseSize,
+ IN EFI_GUID *SignatureType,
+ OUT UINTN *Offset
)
{
- UINT8 Index;
- WIN_CERTIFICATE_EFI_PKCS *PkcsCertData;
-
- PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *) (mImageBase + mSecDataDir->Offset);
-
- for (Index = 0; Index < HASHALG_MAX; Index++) {
- //
- // Check the Hash algorithm in PE/COFF Authenticode.
- // According to PKCS#7 Definition:
- // SignedData ::= SEQUENCE {
- // version Version,
- // digestAlgorithms DigestAlgorithmIdentifiers,
- // contentInfo ContentInfo,
- // .... }
- // The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing
- // This field has the fixed offset (+32) in final Authenticode ASN.1 data.
- // Fixed offset (+32) is calculated based on two bytes of length encoding.
- //
- if ((*(PkcsCertData->CertData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {
- //
- // Only support two bytes of Long Form of Length Encoding.
- //
- continue;
- }
-
- //
- if (CompareMem (PkcsCertData->CertData + 32, mHash[Index].OidValue, mHash[Index].OidLength) == 0) {
- break;
- }
- }
+ EFI_SIGNATURE_LIST *SigList;
+ UINTN SiglistSize;
- if (Index == HASHALG_MAX) {
- return EFI_UNSUPPORTED;
+ if ((Database == NULL) || (DatabaseSize == 0)) {
+ *Offset = 0;
+ return FALSE;
}
- //
- // HASH PE Image based on Hash algorithm in PE/COFF Authenticode.
- //
- if (!HashPeImage(Index)) {
- return EFI_UNSUPPORTED;
+ SigList = Database;
+ SiglistSize = DatabaseSize;
+ while ((SiglistSize > 0) && (SiglistSize >= SigList->SignatureListSize)) {
+ if (CompareGuid (&SigList->SignatureType, SignatureType)) {
+ *Offset = DatabaseSize - SiglistSize;
+ return TRUE;
+ }
+ SiglistSize -= SigList->SignatureListSize;
+ SigList = (EFI_SIGNATURE_LIST *) ((UINT8 *) SigList + SigList->SignatureListSize);
}
-
- return EFI_SUCCESS;
+ *Offset = 0;
+ return FALSE;
}
/**
- Enroll a new executable's signature into Signature Database.
+ Enroll a new X509 certificate hash into Signature Database (dbx) without
+ KEK's authentication.
- @param[in] PrivateData The module's private data.
- @param[in] VariableName Variable name of signature database, must be
- EFI_IMAGE_SECURITY_DATABASE or EFI_IMAGE_SECURITY_DATABASE1.
+ @param[in] PrivateData The module's private data.
+ @param[in] HashAlg The hash algorithm to enroll the certificate.
+ @param[in] RevocationDate The revocation date of the certificate.
+ @param[in] RevocationTime The revocation time of the certificate.
+ @param[in] AlwaysRevocation Indicate whether the certificate is always revoked.
- @retval EFI_SUCCESS New signature is enrolled successfully.
+ @retval EFI_SUCCESS New X509 is enrolled successfully.
@retval EFI_INVALID_PARAMETER The parameter is invalid.
- @retval EFI_UNSUPPORTED Unsupported command.
@retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
**/
EFI_STATUS
-EnrollImageSignatureToSigDB (
+EnrollX509HashtoSigDB (
IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
- IN CHAR16 *VariableName
+ IN UINT32 HashAlg,
+ IN EFI_HII_DATE *RevocationDate,
+ IN EFI_HII_TIME *RevocationTime,
+ IN BOOLEAN AlwaysRevocation
)
{
- EFI_STATUS Status;
- EFI_SIGNATURE_LIST *SigDBCert;
- EFI_SIGNATURE_DATA *SigDBCertData;
- VOID *Data;
- UINTN DataSize;
- UINTN SigDBSize;
- UINT32 Attr;
- WIN_CERTIFICATE_UEFI_GUID *GuidCertData;
+ EFI_STATUS Status;
+ UINTN X509DataSize;
+ VOID *X509Data;
+ EFI_SIGNATURE_LIST *SignatureList;
+ UINTN SignatureListSize;
+ UINT8 *Data;
+ UINT8 *NewData;
+ UINTN DataSize;
+ UINTN DbSize;
+ UINT32 Attr;
+ EFI_SIGNATURE_DATA *SignatureData;
+ UINTN SignatureSize;
+ EFI_GUID SignatureType;
+ UINTN Offset;
+ UINT8 CertHash[MAX_DIGEST_SIZE];
+ UINT16* FilePostFix;
+ UINTN NameLength;
+ EFI_TIME *Time;
- Data = NULL;
- GuidCertData = NULL;
+ X509DataSize = 0;
+ DbSize = 0;
+ X509Data = NULL;
+ SignatureData = NULL;
+ SignatureList = NULL;
+ Data = NULL;
+ NewData = NULL;
+
+ if ((Private->FileContext->FileName == NULL) || (Private->FileContext->FHandle == NULL) || (Private->SignatureGUID == NULL)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ Status = SetSecureBootMode (CUSTOM_SECURE_BOOT_MODE);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
//
- // Form the SigDB certificate list.
- // Format the data item into EFI_SIGNATURE_LIST type.
- //
- // We need to parse executable's signature data from specified signed executable file.
- // In current implementation, we simply trust the pass-in signed executable file.
- // In reality, it's OS's responsibility to verify the signed executable file.
+ // Parse the file's postfix.
//
+ NameLength = StrLen (Private->FileContext->FileName);
+ if (NameLength <= 4) {
+ return EFI_INVALID_PARAMETER;
+ }
+ FilePostFix = Private->FileContext->FileName + NameLength - 4;
+ if (!IsDerEncodeCertificate(FilePostFix)) {
+ //
+ // Only supports DER-encoded X509 certificate.
+ //
+ return EFI_INVALID_PARAMETER;
+ }
//
- // Read the whole file content
+ // Get the certificate from file and calculate its hash.
//
- Status = ReadFileContent(
+ Status = ReadFileContent (
Private->FileContext->FHandle,
- (VOID **) &mImageBase,
- &mImageSize,
+ &X509Data,
+ &X509DataSize,
0
);
if (EFI_ERROR (Status)) {
goto ON_EXIT;
- }
- ASSERT (mImageBase != NULL);
+ }
+ ASSERT (X509Data != NULL);
- Status = LoadPeImage ();
- if (EFI_ERROR (Status)) {
+ if (!CalculateCertHash (X509Data, X509DataSize, HashAlg, CertHash)) {
goto ON_EXIT;
}
- if (mSecDataDir->SizeOfCert == 0) {
- if (!HashPeImage (HASHALG_SHA256)) {
- Status = EFI_SECURITY_VIOLATION;
- goto ON_EXIT;
+ //
+ // Get the variable for enrollment.
+ //
+ DataSize = 0;
+ Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL);
+ if (Status == EFI_BUFFER_TOO_SMALL) {
+ Data = (UINT8 *) AllocateZeroPool (DataSize);
+ if (Data == NULL) {
+ return EFI_OUT_OF_RESOURCES;
}
- } else {
-
- //
- // Read the certificate data
- //
- mCertificate = (WIN_CERTIFICATE *)(mImageBase + mSecDataDir->Offset);
-
- if (mCertificate->wCertificateType == WIN_CERT_TYPE_EFI_GUID) {
- GuidCertData = (WIN_CERTIFICATE_UEFI_GUID*) mCertificate;
- if (CompareMem (&GuidCertData->CertType, &gEfiCertTypeRsa2048Sha256Guid, sizeof(EFI_GUID)) != 0) {
- Status = EFI_ABORTED;
- goto ON_EXIT;
- }
- if (!HashPeImage (HASHALG_SHA256)) {
- Status = EFI_ABORTED;
- goto ON_EXIT;;
- }
-
- } else if (mCertificate->wCertificateType == WIN_CERT_TYPE_PKCS_SIGNED_DATA) {
-
- Status = HashPeImageByType ();
- if (EFI_ERROR (Status)) {
- goto ON_EXIT;;
- }
- } else {
- Status = EFI_ABORTED;
+ Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, Data);
+ if (EFI_ERROR (Status)) {
goto ON_EXIT;
}
}
//
- // Create a new SigDB entry.
+ // Allocate memory for Signature and fill the Signature
//
- SigDBSize = sizeof(EFI_SIGNATURE_LIST)
- + sizeof(EFI_SIGNATURE_DATA) - 1
- + (UINT32) mImageDigestSize;
+ SignatureSize = sizeof(EFI_SIGNATURE_DATA) - 1 + sizeof (EFI_TIME) + mHash[HashAlg].DigestLength;
+ SignatureData = (EFI_SIGNATURE_DATA *) AllocateZeroPool (SignatureSize);
+ if (SignatureData == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+ CopyGuid (&SignatureData->SignatureOwner, Private->SignatureGUID);
+ CopyMem (SignatureData->SignatureData, CertHash, mHash[HashAlg].DigestLength);
- Data = (UINT8*) AllocateZeroPool (SigDBSize);
- if (Data == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto ON_EXIT;
+ //
+ // Fill the time.
+ //
+ if (!AlwaysRevocation) {
+ Time = (EFI_TIME *)(&SignatureData->SignatureData + mHash[HashAlg].DigestLength);
+ Time->Year = RevocationDate->Year;
+ Time->Month = RevocationDate->Month;
+ Time->Day = RevocationDate->Day;
+ Time->Hour = RevocationTime->Hour;
+ Time->Minute = RevocationTime->Minute;
+ Time->Second = RevocationTime->Second;
}
-
+
//
- // Adjust the Certificate Database parameters.
- //
- SigDBCert = (EFI_SIGNATURE_LIST*) Data;
- SigDBCert->SignatureListSize = (UINT32) SigDBSize;
- SigDBCert->SignatureHeaderSize = 0;
- SigDBCert->SignatureSize = sizeof(EFI_SIGNATURE_DATA) - 1 + (UINT32) mImageDigestSize;
- CopyGuid (&SigDBCert->SignatureType, &mCertType);
+ // Determine the GUID for certificate hash.
+ //
+ switch (HashAlg) {
+ case HASHALG_SHA256:
+ SignatureType = gEfiCertX509Sha256Guid;
+ break;
+ case HASHALG_SHA384:
+ SignatureType = gEfiCertX509Sha384Guid;
+ break;
+ case HASHALG_SHA512:
+ SignatureType = gEfiCertX509Sha512Guid;
+ break;
+ default:
+ return FALSE;
+ }
- SigDBCertData = (EFI_SIGNATURE_DATA*)((UINT8*)SigDBCert + sizeof(EFI_SIGNATURE_LIST));
- CopyGuid (&SigDBCertData->SignatureOwner, Private->SignatureGUID);
- CopyMem (SigDBCertData->SignatureData, mImageDigest, mImageDigestSize);
+ //
+ // Add signature into the new variable data buffer
+ //
+ if (GetSignaturelistOffset((EFI_SIGNATURE_LIST *)Data, DataSize, &SignatureType, &Offset)) {
+ //
+ // Add the signature to the found signaturelist.
+ //
+ DbSize = DataSize + SignatureSize;
+ NewData = AllocateZeroPool (DbSize);
+ if (NewData == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
+ }
- Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
- | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
- Status = CreateTimeBasedPayload (&SigDBSize, (UINT8**) &Data);
+ SignatureList = (EFI_SIGNATURE_LIST *)(Data + Offset);
+ SignatureListSize = (UINTN) ReadUnaligned32 ((UINT32 *)&SignatureList->SignatureListSize);
+ CopyMem (NewData, Data, Offset + SignatureListSize);
+
+ SignatureList = (EFI_SIGNATURE_LIST *)(NewData + Offset);
+ WriteUnaligned32 ((UINT32 *) &SignatureList->SignatureListSize, (UINT32)(SignatureListSize + SignatureSize));
+
+ Offset += SignatureListSize;
+ CopyMem (NewData + Offset, SignatureData, SignatureSize);
+ CopyMem (NewData + Offset + SignatureSize, Data + Offset, DataSize - Offset);
+
+ FreePool (Data);
+ Data = NewData;
+ DataSize = DbSize;
+ } else {
+ //
+ // Create a new signaturelist, and add the signature into the signaturelist.
+ //
+ DbSize = DataSize + sizeof(EFI_SIGNATURE_LIST) + SignatureSize;
+ NewData = AllocateZeroPool (DbSize);
+ if (NewData == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
+ }
+ //
+ // Fill Certificate Database parameters.
+ //
+ SignatureList = (EFI_SIGNATURE_LIST*) (NewData + DataSize);
+ SignatureListSize = sizeof(EFI_SIGNATURE_LIST) + SignatureSize;
+ WriteUnaligned32 ((UINT32 *) &SignatureList->SignatureListSize, (UINT32) SignatureListSize);
+ WriteUnaligned32 ((UINT32 *) &SignatureList->SignatureSize, (UINT32) SignatureSize);
+ CopyGuid (&SignatureList->SignatureType, &SignatureType);
+ CopyMem ((UINT8* ) SignatureList + sizeof (EFI_SIGNATURE_LIST), SignatureData, SignatureSize);
+ if ((DataSize != 0) && (Data != NULL)) {
+ CopyMem (NewData, Data, DataSize);
+ FreePool (Data);
+ }
+ Data = NewData;
+ DataSize = DbSize;
+ }
+
+ Status = CreateTimeBasedPayload (&DataSize, (UINT8**) &Data);
if (EFI_ERROR (Status)) {
- DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
goto ON_EXIT;
}
-
- //
- // Check if SigDB variable has been already existed.
- // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
- // new signature data to original variable
- //
- DataSize = 0;
- Status = gRT->GetVariable(
- VariableName,
- &gEfiImageSecurityDatabaseGuid,
- NULL,
- &DataSize,
- NULL
- );
- if (Status == EFI_BUFFER_TOO_SMALL) {
- Attr |= EFI_VARIABLE_APPEND_WRITE;
- } else if (Status != EFI_NOT_FOUND) {
- goto ON_EXIT;
- }
- //
- // Enroll the variable.
- //
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
+ | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
Status = gRT->SetVariable(
- VariableName,
- &gEfiImageSecurityDatabaseGuid,
- Attr,
- SigDBSize,
+ EFI_IMAGE_SECURITY_DATABASE1,
+ &gEfiImageSecurityDatabaseGuid,
+ Attr,
+ DataSize,
Data
);
if (EFI_ERROR (Status)) {
@@ -1467,9 +1586,7 @@ EnrollImageSignatureToSigDB (
ON_EXIT:
- CloseFile (Private->FileContext->FHandle);
- Private->FileContext->FHandle = NULL;
- Private->FileContext->FileName = NULL;
+ CloseEnrolledFile(Private->FileContext);
if (Private->SignatureGUID != NULL) {
FreePool (Private->SignatureGUID);
@@ -1480,839 +1597,2678 @@ ON_EXIT:
FreePool (Data);
}
- if (mImageBase != NULL) {
- FreePool (mImageBase);
- mImageBase = NULL;
+ if (SignatureData != NULL) {
+ FreePool (SignatureData);
+ }
+
+ if (X509Data != NULL) {
+ FreePool (X509Data);
}
return Status;
}
/**
- Enroll signature into DB/DBX without KEK's authentication.
- The SignatureOwner GUID will be Private->SignatureGUID.
-
+ Check whether a certificate from a file exists in dbx.
+
@param[in] PrivateData The module's private data.
- @param[in] VariableName Variable name of signature database, must be
- EFI_IMAGE_SECURITY_DATABASE or EFI_IMAGE_SECURITY_DATABASE1.
-
- @retval EFI_SUCCESS New signature enrolled successfully.
- @retval EFI_INVALID_PARAMETER The parameter is invalid.
- @retval others Fail to enroll signature data.
-
+ @param[in] VariableName Variable name of signature database, must be
+ EFI_IMAGE_SECURITY_DATABASE1.
+
+ @retval TRUE The X509 certificate is found in dbx successfully.
+ @retval FALSE The X509 certificate is not found in dbx.
**/
-EFI_STATUS
-EnrollSignatureDatabase (
- IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
- IN CHAR16 *VariableName
- )
+BOOLEAN
+IsX509CertInDbx (
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
+ IN CHAR16 *VariableName
+ )
{
- UINT16* FilePostFix;
+ EFI_STATUS Status;
+ UINTN X509DataSize;
+ VOID *X509Data;
+ BOOLEAN IsFound;
- if ((Private->FileContext->FileName == NULL) || (Private->FileContext->FHandle == NULL) || (Private->SignatureGUID == NULL)) {
- return EFI_INVALID_PARAMETER;
+ //
+ // Read the certificate from file
+ //
+ X509DataSize = 0;
+ X509Data = NULL;
+ Status = ReadFileContent (
+ Private->FileContext->FHandle,
+ &X509Data,
+ &X509DataSize,
+ 0
+ );
+ if (EFI_ERROR (Status)) {
+ return FALSE;
}
//
- // Parse the file's postfix.
+ // Check the raw certificate.
//
- FilePostFix = Private->FileContext->FileName + StrLen (Private->FileContext->FileName) - 4;
- if (IsDerEncodeCertificate(FilePostFix)) {
- //
- // Supports DER-encoded X509 certificate.
- //
- return EnrollX509toSigDB (Private, VariableName);
+ IsFound = FALSE;
+ if (IsSignatureFoundInDatabase (EFI_IMAGE_SECURITY_DATABASE1, X509Data, X509DataSize)) {
+ IsFound = TRUE;
+ goto ON_EXIT;
+ }
+
+ //
+ // Check the hash of certificate.
+ //
+ if (IsCertHashFoundInDbx (X509Data, X509DataSize)) {
+ IsFound = TRUE;
+ goto ON_EXIT;
+ }
+
+ON_EXIT:
+ if (X509Data != NULL) {
+ FreePool (X509Data);
}
- return EnrollImageSignatureToSigDB (Private, VariableName);
+ return IsFound;
}
/**
- List all signatures in specified signature database (e.g. KEK/DB/DBX)
- by GUID in the page for user to select and delete as needed.
+ Reads contents of a PE/COFF image in memory buffer.
- @param[in] PrivateData Module's private data.
- @param[in] VariableName The variable name of the vendor's signature database.
- @param[in] VendorGuid A unique identifier for the vendor.
- @param[in] LabelNumber Label number to insert opcodes.
- @param[in] FormId Form ID of current page.
- @param[in] QuestionIdBase Base question id of the signature list.
+ Caution: This function may receive untrusted input.
+ PE/COFF image is external input, so this function will make sure the PE/COFF image content
+ read is within the image buffer.
- @retval EFI_SUCCESS Success to update the signature list page
- @retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.
-
+ @param FileHandle Pointer to the file handle to read the PE/COFF image.
+ @param FileOffset Offset into the PE/COFF image to begin the read operation.
+ @param ReadSize On input, the size in bytes of the requested read operation.
+ On output, the number of bytes actually read.
+ @param Buffer Output buffer that contains the data read from the PE/COFF image.
+
+ @retval EFI_SUCCESS The specified portion of the PE/COFF image was read and the size
**/
EFI_STATUS
-UpdateDeletePage (
- IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN UINT16 LabelNumber,
- IN EFI_FORM_ID FormId,
- IN EFI_QUESTION_ID QuestionIdBase
+EFIAPI
+SecureBootConfigImageRead (
+ IN VOID *FileHandle,
+ IN UINTN FileOffset,
+ IN OUT UINTN *ReadSize,
+ OUT VOID *Buffer
)
{
- EFI_STATUS Status;
- UINT32 Index;
- UINTN CertCount;
- UINTN GuidIndex;
- VOID *StartOpCodeHandle;
- VOID *EndOpCodeHandle;
- EFI_IFR_GUID_LABEL *StartLabel;
- EFI_IFR_GUID_LABEL *EndLabel;
- UINTN DataSize;
- UINT8 *Data;
- EFI_SIGNATURE_LIST *CertList;
- EFI_SIGNATURE_DATA *Cert;
- UINT32 ItemDataSize;
- CHAR16 *GuidStr;
- EFI_STRING_ID GuidID;
- EFI_STRING_ID Help;
+ UINTN EndPosition;
- Data = NULL;
- CertList = NULL;
- Cert = NULL;
- GuidStr = NULL;
- StartOpCodeHandle = NULL;
- EndOpCodeHandle = NULL;
-
- //
- // Initialize the container for dynamic opcodes.
- //
- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
- if (StartOpCodeHandle == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto ON_EXIT;
+ if (FileHandle == NULL || ReadSize == NULL || Buffer == NULL) {
+ return EFI_INVALID_PARAMETER;
}
- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
- if (EndOpCodeHandle == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto ON_EXIT;
+ if (MAX_ADDRESS - FileOffset < *ReadSize) {
+ return EFI_INVALID_PARAMETER;
}
- //
- // Create Hii Extend Label OpCode.
- //
- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- StartOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- StartLabel->Number = LabelNumber;
-
- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- EndOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- EndLabel->Number = LABEL_END;
+ EndPosition = FileOffset + *ReadSize;
+ if (EndPosition > mImageSize) {
+ *ReadSize = (UINT32)(mImageSize - FileOffset);
+ }
- //
- // Read Variable.
- //
- DataSize = 0;
- Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);
- if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
- goto ON_EXIT;
+ if (FileOffset >= mImageSize) {
+ *ReadSize = 0;
}
- Data = (UINT8 *) AllocateZeroPool (DataSize);
- if (Data == NULL) {
+ CopyMem (Buffer, (UINT8 *)((UINTN) FileHandle + FileOffset), *ReadSize);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Load PE/COFF image information into internal buffer and check its validity.
+
+ @retval EFI_SUCCESS Successful
+ @retval EFI_UNSUPPORTED Invalid PE/COFF file
+ @retval EFI_ABORTED Serious error occurs, like file I/O error etc.
+
+**/
+EFI_STATUS
+LoadPeImage (
+ VOID
+ )
+{
+ EFI_IMAGE_DOS_HEADER *DosHdr;
+ EFI_IMAGE_NT_HEADERS32 *NtHeader32;
+ EFI_IMAGE_NT_HEADERS64 *NtHeader64;
+ PE_COFF_LOADER_IMAGE_CONTEXT ImageContext;
+ EFI_STATUS Status;
+
+ NtHeader32 = NULL;
+ NtHeader64 = NULL;
+
+ ZeroMem (&ImageContext, sizeof (ImageContext));
+ ImageContext.Handle = (VOID *) mImageBase;
+ ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE) SecureBootConfigImageRead;
+
+ //
+ // Get information about the image being loaded
+ //
+ Status = PeCoffLoaderGetImageInfo (&ImageContext);
+ if (EFI_ERROR (Status)) {
+ //
+ // The information can't be got from the invalid PeImage
+ //
+ DEBUG ((DEBUG_INFO, "SecureBootConfigDxe: PeImage invalid. \n"));
+ return Status;
+ }
+
+ //
+ // Read the Dos header
+ //
+ DosHdr = (EFI_IMAGE_DOS_HEADER*)(mImageBase);
+ if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE)
+ {
+ //
+ // DOS image header is present,
+ // So read the PE header after the DOS image header
+ //
+ mPeCoffHeaderOffset = DosHdr->e_lfanew;
+ }
+ else
+ {
+ mPeCoffHeaderOffset = 0;
+ }
+
+ //
+ // Read PE header and check the signature validity and machine compatibility
+ //
+ NtHeader32 = (EFI_IMAGE_NT_HEADERS32*) (mImageBase + mPeCoffHeaderOffset);
+ if (NtHeader32->Signature != EFI_IMAGE_NT_SIGNATURE)
+ {
+ return EFI_UNSUPPORTED;
+ }
+
+ mNtHeader.Pe32 = NtHeader32;
+
+ //
+ // Check the architecture field of PE header and get the Certificate Data Directory data
+ // Note the size of FileHeader field is constant for both IA32 and X64 arch
+ //
+ if ((NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_IA32)
+ || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_EBC)
+ || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_ARMTHUMB_MIXED)) {
+ //
+ // 32-bits Architecture
+ //
+ mImageType = ImageType_IA32;
+ mSecDataDir = (EFI_IMAGE_SECURITY_DATA_DIRECTORY*) &(NtHeader32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]);
+ }
+ else if ((NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_IA64)
+ || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_X64)
+ || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_AARCH64)) {
+ //
+ // 64-bits Architecture
+ //
+ mImageType = ImageType_X64;
+ NtHeader64 = (EFI_IMAGE_NT_HEADERS64 *) (mImageBase + mPeCoffHeaderOffset);
+ mSecDataDir = (EFI_IMAGE_SECURITY_DATA_DIRECTORY*) &(NtHeader64->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]);
+ } else {
+ return EFI_UNSUPPORTED;
+ }
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Calculate hash of Pe/Coff image based on the authenticode image hashing in
+ PE/COFF Specification 8.0 Appendix A
+
+ Notes: PE/COFF image has been checked by BasePeCoffLib PeCoffLoaderGetImageInfo() in
+ the function LoadPeImage ().
+
+ @param[in] HashAlg Hash algorithm type.
+
+ @retval TRUE Successfully hash image.
+ @retval FALSE Fail in hash image.
+
+**/
+BOOLEAN
+HashPeImage (
+ IN UINT32 HashAlg
+ )
+{
+ BOOLEAN Status;
+ UINT16 Magic;
+ EFI_IMAGE_SECTION_HEADER *Section;
+ VOID *HashCtx;
+ UINTN CtxSize;
+ UINT8 *HashBase;
+ UINTN HashSize;
+ UINTN SumOfBytesHashed;
+ EFI_IMAGE_SECTION_HEADER *SectionHeader;
+ UINTN Index;
+ UINTN Pos;
+
+ HashCtx = NULL;
+ SectionHeader = NULL;
+ Status = FALSE;
+
+ if (HashAlg != HASHALG_SHA256) {
+ return FALSE;
+ }
+
+ //
+ // Initialize context of hash.
+ //
+ ZeroMem (mImageDigest, MAX_DIGEST_SIZE);
+
+ mImageDigestSize = SHA256_DIGEST_SIZE;
+ mCertType = gEfiCertSha256Guid;
+
+ CtxSize = mHash[HashAlg].GetContextSize();
+
+ HashCtx = AllocatePool (CtxSize);
+ ASSERT (HashCtx != NULL);
+
+ // 1. Load the image header into memory.
+
+ // 2. Initialize a SHA hash context.
+ Status = mHash[HashAlg].HashInit(HashCtx);
+ if (!Status) {
+ goto Done;
+ }
+ //
+ // Measuring PE/COFF Image Header;
+ // But CheckSum field and SECURITY data directory (certificate) are excluded
+ //
+ if (mNtHeader.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ //
+ // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
+ // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
+ // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
+ // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
+ //
+ Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
+ } else {
+ //
+ // Get the magic value from the PE/COFF Optional Header
+ //
+ Magic = mNtHeader.Pe32->OptionalHeader.Magic;
+ }
+
+ //
+ // 3. Calculate the distance from the base of the image header to the image checksum address.
+ // 4. Hash the image header from its base to beginning of the image checksum.
+ //
+ HashBase = mImageBase;
+ if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ //
+ // Use PE32 offset.
+ //
+ HashSize = (UINTN) (&mNtHeader.Pe32->OptionalHeader.CheckSum) - (UINTN) HashBase;
+ } else {
+ //
+ // Use PE32+ offset.
+ //
+ HashSize = (UINTN) (&mNtHeader.Pe32Plus->OptionalHeader.CheckSum) - (UINTN) HashBase;
+ }
+
+ Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
+ if (!Status) {
+ goto Done;
+ }
+ //
+ // 5. Skip over the image checksum (it occupies a single ULONG).
+ // 6. Get the address of the beginning of the Cert Directory.
+ // 7. Hash everything from the end of the checksum to the start of the Cert Directory.
+ //
+ if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ //
+ // Use PE32 offset.
+ //
+ HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
+ HashSize = (UINTN) (&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;
+ } else {
+ //
+ // Use PE32+ offset.
+ //
+ HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
+ HashSize = (UINTN) (&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;
+ }
+
+ Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
+ if (!Status) {
+ goto Done;
+ }
+ //
+ // 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)
+ // 9. Hash everything from the end of the Cert Directory to the end of image header.
+ //
+ if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ //
+ // Use PE32 offset
+ //
+ HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
+ HashSize = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders - ((UINTN) (&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]) - (UINTN) mImageBase);
+ } else {
+ //
+ // Use PE32+ offset.
+ //
+ HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
+ HashSize = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders - ((UINTN) (&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]) - (UINTN) mImageBase);
+ }
+
+ Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
+ if (!Status) {
+ goto Done;
+ }
+ //
+ // 10. Set the SUM_OF_BYTES_HASHED to the size of the header.
+ //
+ if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ //
+ // Use PE32 offset.
+ //
+ SumOfBytesHashed = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders;
+ } else {
+ //
+ // Use PE32+ offset
+ //
+ SumOfBytesHashed = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders;
+ }
+
+ //
+ // 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER
+ // structures in the image. The 'NumberOfSections' field of the image
+ // header indicates how big the table should be. Do not include any
+ // IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.
+ //
+ SectionHeader = (EFI_IMAGE_SECTION_HEADER *) AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * mNtHeader.Pe32->FileHeader.NumberOfSections);
+ ASSERT (SectionHeader != NULL);
+ //
+ // 12. Using the 'PointerToRawData' in the referenced section headers as
+ // a key, arrange the elements in the table in ascending order. In other
+ // words, sort the section headers according to the disk-file offset of
+ // the section.
+ //
+ Section = (EFI_IMAGE_SECTION_HEADER *) (
+ mImageBase +
+ mPeCoffHeaderOffset +
+ sizeof (UINT32) +
+ sizeof (EFI_IMAGE_FILE_HEADER) +
+ mNtHeader.Pe32->FileHeader.SizeOfOptionalHeader
+ );
+ for (Index = 0; Index < mNtHeader.Pe32->FileHeader.NumberOfSections; Index++) {
+ Pos = Index;
+ while ((Pos > 0) && (Section->PointerToRawData < SectionHeader[Pos - 1].PointerToRawData)) {
+ CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof (EFI_IMAGE_SECTION_HEADER));
+ Pos--;
+ }
+ CopyMem (&SectionHeader[Pos], Section, sizeof (EFI_IMAGE_SECTION_HEADER));
+ Section += 1;
+ }
+
+ //
+ // 13. Walk through the sorted table, bring the corresponding section
+ // into memory, and hash the entire section (using the 'SizeOfRawData'
+ // field in the section header to determine the amount of data to hash).
+ // 14. Add the section's 'SizeOfRawData' to SUM_OF_BYTES_HASHED .
+ // 15. Repeat steps 13 and 14 for all the sections in the sorted table.
+ //
+ for (Index = 0; Index < mNtHeader.Pe32->FileHeader.NumberOfSections; Index++) {
+ Section = &SectionHeader[Index];
+ if (Section->SizeOfRawData == 0) {
+ continue;
+ }
+ HashBase = mImageBase + Section->PointerToRawData;
+ HashSize = (UINTN) Section->SizeOfRawData;
+
+ Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
+ if (!Status) {
+ goto Done;
+ }
+
+ SumOfBytesHashed += HashSize;
+ }
+
+ //
+ // 16. If the file size is greater than SUM_OF_BYTES_HASHED, there is extra
+ // data in the file that needs to be added to the hash. This data begins
+ // at file offset SUM_OF_BYTES_HASHED and its length is:
+ // FileSize - (CertDirectory->Size)
+ //
+ if (mImageSize > SumOfBytesHashed) {
+ HashBase = mImageBase + SumOfBytesHashed;
+ if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ //
+ // Use PE32 offset.
+ //
+ HashSize = (UINTN)(
+ mImageSize -
+ mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size -
+ SumOfBytesHashed);
+ } else {
+ //
+ // Use PE32+ offset.
+ //
+ HashSize = (UINTN)(
+ mImageSize -
+ mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size -
+ SumOfBytesHashed);
+ }
+
+ Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
+ if (!Status) {
+ goto Done;
+ }
+ }
+
+ Status = mHash[HashAlg].HashFinal(HashCtx, mImageDigest);
+
+Done:
+ if (HashCtx != NULL) {
+ FreePool (HashCtx);
+ }
+ if (SectionHeader != NULL) {
+ FreePool (SectionHeader);
+ }
+ return Status;
+}
+
+/**
+ Recognize the Hash algorithm in PE/COFF Authenticode and calculate hash of
+ Pe/Coff image based on the authenticated image hashing in PE/COFF Specification
+ 8.0 Appendix A
+
+ @retval EFI_UNSUPPORTED Hash algorithm is not supported.
+ @retval EFI_SUCCESS Hash successfully.
+
+**/
+EFI_STATUS
+HashPeImageByType (
+ VOID
+ )
+{
+ UINT8 Index;
+ WIN_CERTIFICATE_EFI_PKCS *PkcsCertData;
+
+ PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *) (mImageBase + mSecDataDir->Offset);
+
+ for (Index = 0; Index < HASHALG_MAX; Index++) {
+ //
+ // Check the Hash algorithm in PE/COFF Authenticode.
+ // According to PKCS#7 Definition:
+ // SignedData ::= SEQUENCE {
+ // version Version,
+ // digestAlgorithms DigestAlgorithmIdentifiers,
+ // contentInfo ContentInfo,
+ // .... }
+ // The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing
+ // This field has the fixed offset (+32) in final Authenticode ASN.1 data.
+ // Fixed offset (+32) is calculated based on two bytes of length encoding.
+ //
+ if ((*(PkcsCertData->CertData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {
+ //
+ // Only support two bytes of Long Form of Length Encoding.
+ //
+ continue;
+ }
+
+ //
+ if (CompareMem (PkcsCertData->CertData + 32, mHash[Index].OidValue, mHash[Index].OidLength) == 0) {
+ break;
+ }
+ }
+
+ if (Index == HASHALG_MAX) {
+ return EFI_UNSUPPORTED;
+ }
+
+ //
+ // HASH PE Image based on Hash algorithm in PE/COFF Authenticode.
+ //
+ if (!HashPeImage(Index)) {
+ return EFI_UNSUPPORTED;
+ }
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Enroll a new executable's signature into Signature Database.
+
+ @param[in] PrivateData The module's private data.
+ @param[in] VariableName Variable name of signature database, must be
+ EFI_IMAGE_SECURITY_DATABASE, EFI_IMAGE_SECURITY_DATABASE1
+ or EFI_IMAGE_SECURITY_DATABASE2.
+
+ @retval EFI_SUCCESS New signature is enrolled successfully.
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.
+ @retval EFI_UNSUPPORTED Unsupported command.
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
+
+**/
+EFI_STATUS
+EnrollAuthentication2Descriptor (
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
+ IN CHAR16 *VariableName
+ )
+{
+ EFI_STATUS Status;
+ VOID *Data;
+ UINTN DataSize;
+ UINT32 Attr;
+
+ Data = NULL;
+
+ //
+ // DBT only support DER-X509 Cert Enrollment
+ //
+ if (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE2) == 0) {
+ return EFI_UNSUPPORTED;
+ }
+
+ //
+ // Read the whole file content
+ //
+ Status = ReadFileContent(
+ Private->FileContext->FHandle,
+ (VOID **) &mImageBase,
+ &mImageSize,
+ 0
+ );
+ if (EFI_ERROR (Status)) {
+ goto ON_EXIT;
+ }
+ ASSERT (mImageBase != NULL);
+
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
+ | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
+
+ //
+ // Check if SigDB variable has been already existed.
+ // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
+ // new signature data to original variable
+ //
+ DataSize = 0;
+ Status = gRT->GetVariable(
+ VariableName,
+ &gEfiImageSecurityDatabaseGuid,
+ NULL,
+ &DataSize,
+ NULL
+ );
+ if (Status == EFI_BUFFER_TOO_SMALL) {
+ Attr |= EFI_VARIABLE_APPEND_WRITE;
+ } else if (Status != EFI_NOT_FOUND) {
+ goto ON_EXIT;
+ }
+
+ //
+ // Diretly set AUTHENTICATION_2 data to SetVariable
+ //
+ Status = gRT->SetVariable(
+ VariableName,
+ &gEfiImageSecurityDatabaseGuid,
+ Attr,
+ mImageSize,
+ mImageBase
+ );
+
+ DEBUG((DEBUG_INFO, "Enroll AUTH_2 data to Var:%s Status: %x\n", VariableName, Status));
+
+ON_EXIT:
+
+ CloseEnrolledFile(Private->FileContext);
+
+ if (Data != NULL) {
+ FreePool (Data);
+ }
+
+ if (mImageBase != NULL) {
+ FreePool (mImageBase);
+ mImageBase = NULL;
+ }
+
+ return Status;
+
+}
+
+
+/**
+ Enroll a new executable's signature into Signature Database.
+
+ @param[in] PrivateData The module's private data.
+ @param[in] VariableName Variable name of signature database, must be
+ EFI_IMAGE_SECURITY_DATABASE, EFI_IMAGE_SECURITY_DATABASE1
+ or EFI_IMAGE_SECURITY_DATABASE2.
+
+ @retval EFI_SUCCESS New signature is enrolled successfully.
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.
+ @retval EFI_UNSUPPORTED Unsupported command.
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
+
+**/
+EFI_STATUS
+EnrollImageSignatureToSigDB (
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
+ IN CHAR16 *VariableName
+ )
+{
+ EFI_STATUS Status;
+ EFI_SIGNATURE_LIST *SigDBCert;
+ EFI_SIGNATURE_DATA *SigDBCertData;
+ VOID *Data;
+ UINTN DataSize;
+ UINTN SigDBSize;
+ UINT32 Attr;
+ WIN_CERTIFICATE_UEFI_GUID *GuidCertData;
+
+ Data = NULL;
+ GuidCertData = NULL;
+
+ if (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE2) == 0) {
+ return EFI_UNSUPPORTED;
+ }
+
+ //
+ // Form the SigDB certificate list.
+ // Format the data item into EFI_SIGNATURE_LIST type.
+ //
+ // We need to parse executable's signature data from specified signed executable file.
+ // In current implementation, we simply trust the pass-in signed executable file.
+ // In reality, it's OS's responsibility to verify the signed executable file.
+ //
+
+ //
+ // Read the whole file content
+ //
+ Status = ReadFileContent(
+ Private->FileContext->FHandle,
+ (VOID **) &mImageBase,
+ &mImageSize,
+ 0
+ );
+ if (EFI_ERROR (Status)) {
+ goto ON_EXIT;
+ }
+ ASSERT (mImageBase != NULL);
+
+ Status = LoadPeImage ();
+ if (EFI_ERROR (Status)) {
+ goto ON_EXIT;
+ }
+
+ if (mSecDataDir->SizeOfCert == 0) {
+ if (!HashPeImage (HASHALG_SHA256)) {
+ Status = EFI_SECURITY_VIOLATION;
+ goto ON_EXIT;
+ }
+ } else {
+
+ //
+ // Read the certificate data
+ //
+ mCertificate = (WIN_CERTIFICATE *)(mImageBase + mSecDataDir->Offset);
+
+ if (mCertificate->wCertificateType == WIN_CERT_TYPE_EFI_GUID) {
+ GuidCertData = (WIN_CERTIFICATE_UEFI_GUID*) mCertificate;
+ if (CompareMem (&GuidCertData->CertType, &gEfiCertTypeRsa2048Sha256Guid, sizeof(EFI_GUID)) != 0) {
+ Status = EFI_ABORTED;
+ goto ON_EXIT;
+ }
+
+ if (!HashPeImage (HASHALG_SHA256)) {
+ Status = EFI_ABORTED;
+ goto ON_EXIT;;
+ }
+
+ } else if (mCertificate->wCertificateType == WIN_CERT_TYPE_PKCS_SIGNED_DATA) {
+
+ Status = HashPeImageByType ();
+ if (EFI_ERROR (Status)) {
+ goto ON_EXIT;;
+ }
+ } else {
+ Status = EFI_ABORTED;
+ goto ON_EXIT;
+ }
+ }
+
+ //
+ // Create a new SigDB entry.
+ //
+ SigDBSize = sizeof(EFI_SIGNATURE_LIST)
+ + sizeof(EFI_SIGNATURE_DATA) - 1
+ + (UINT32) mImageDigestSize;
+
+ Data = (UINT8*) AllocateZeroPool (SigDBSize);
+ if (Data == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
+ }
+
+ //
+ // Adjust the Certificate Database parameters.
+ //
+ SigDBCert = (EFI_SIGNATURE_LIST*) Data;
+ SigDBCert->SignatureListSize = (UINT32) SigDBSize;
+ SigDBCert->SignatureHeaderSize = 0;
+ SigDBCert->SignatureSize = sizeof(EFI_SIGNATURE_DATA) - 1 + (UINT32) mImageDigestSize;
+ CopyGuid (&SigDBCert->SignatureType, &mCertType);
+
+ SigDBCertData = (EFI_SIGNATURE_DATA*)((UINT8*)SigDBCert + sizeof(EFI_SIGNATURE_LIST));
+ CopyGuid (&SigDBCertData->SignatureOwner, Private->SignatureGUID);
+ CopyMem (SigDBCertData->SignatureData, mImageDigest, mImageDigestSize);
+
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
+ | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
+ Status = CreateTimeBasedPayload (&SigDBSize, (UINT8**) &Data);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
+ goto ON_EXIT;
+ }
+
+ //
+ // Check if SigDB variable has been already existed.
+ // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
+ // new signature data to original variable
+ //
+ DataSize = 0;
+ Status = gRT->GetVariable(
+ VariableName,
+ &gEfiImageSecurityDatabaseGuid,
+ NULL,
+ &DataSize,
+ NULL
+ );
+ if (Status == EFI_BUFFER_TOO_SMALL) {
+ Attr |= EFI_VARIABLE_APPEND_WRITE;
+ } else if (Status != EFI_NOT_FOUND) {
+ goto ON_EXIT;
+ }
+
+ //
+ // Enroll the variable.
+ //
+ Status = gRT->SetVariable(
+ VariableName,
+ &gEfiImageSecurityDatabaseGuid,
+ Attr,
+ SigDBSize,
+ Data
+ );
+ if (EFI_ERROR (Status)) {
+ goto ON_EXIT;
+ }
+
+ON_EXIT:
+
+ CloseEnrolledFile(Private->FileContext);
+
+ if (Private->SignatureGUID != NULL) {
+ FreePool (Private->SignatureGUID);
+ Private->SignatureGUID = NULL;
+ }
+
+ if (Data != NULL) {
+ FreePool (Data);
+ }
+
+ if (mImageBase != NULL) {
+ FreePool (mImageBase);
+ mImageBase = NULL;
+ }
+
+ return Status;
+}
+
+/**
+ Enroll signature into DB/DBX/DBT without KEK's authentication.
+ The SignatureOwner GUID will be Private->SignatureGUID.
+
+ @param[in] PrivateData The module's private data.
+ @param[in] VariableName Variable name of signature database, must be
+ EFI_IMAGE_SECURITY_DATABASE or EFI_IMAGE_SECURITY_DATABASE1.
+
+ @retval EFI_SUCCESS New signature enrolled successfully.
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.
+ @retval others Fail to enroll signature data.
+
+**/
+EFI_STATUS
+EnrollSignatureDatabase (
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
+ IN CHAR16 *VariableName
+ )
+{
+ UINT16* FilePostFix;
+ EFI_STATUS Status;
+ UINTN NameLength;
+
+ if ((Private->FileContext->FileName == NULL) || (Private->FileContext->FHandle == NULL) || (Private->SignatureGUID == NULL)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ Status = SetSecureBootMode (CUSTOM_SECURE_BOOT_MODE);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ //
+ // Parse the file's postfix.
+ //
+ NameLength = StrLen (Private->FileContext->FileName);
+ if (NameLength <= 4) {
+ return EFI_INVALID_PARAMETER;
+ }
+ FilePostFix = Private->FileContext->FileName + NameLength - 4;
+ if (IsDerEncodeCertificate (FilePostFix)) {
+ //
+ // Supports DER-encoded X509 certificate.
+ //
+ return EnrollX509toSigDB (Private, VariableName);
+ } else if (IsAuthentication2Format(Private->FileContext->FHandle)){
+ return EnrollAuthentication2Descriptor(Private, VariableName);
+ } else {
+ return EnrollImageSignatureToSigDB (Private, VariableName);
+ }
+}
+
+/**
+ List all signatures in specified signature database (e.g. KEK/DB/DBX/DBT)
+ by GUID in the page for user to select and delete as needed.
+
+ @param[in] PrivateData Module's private data.
+ @param[in] VariableName The variable name of the vendor's signature database.
+ @param[in] VendorGuid A unique identifier for the vendor.
+ @param[in] LabelNumber Label number to insert opcodes.
+ @param[in] FormId Form ID of current page.
+ @param[in] QuestionIdBase Base question id of the signature list.
+
+ @retval EFI_SUCCESS Success to update the signature list page
+ @retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.
+
+**/
+EFI_STATUS
+UpdateDeletePage (
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN UINT16 LabelNumber,
+ IN EFI_FORM_ID FormId,
+ IN EFI_QUESTION_ID QuestionIdBase
+ )
+{
+ EFI_STATUS Status;
+ UINT32 Index;
+ UINTN CertCount;
+ UINTN GuidIndex;
+ VOID *StartOpCodeHandle;
+ VOID *EndOpCodeHandle;
+ EFI_IFR_GUID_LABEL *StartLabel;
+ EFI_IFR_GUID_LABEL *EndLabel;
+ UINTN DataSize;
+ UINT8 *Data;
+ EFI_SIGNATURE_LIST *CertList;
+ EFI_SIGNATURE_DATA *Cert;
+ UINT32 ItemDataSize;
+ CHAR16 *GuidStr;
+ EFI_STRING_ID GuidID;
+ EFI_STRING_ID Help;
+
+ Data = NULL;
+ CertList = NULL;
+ Cert = NULL;
+ GuidStr = NULL;
+ StartOpCodeHandle = NULL;
+ EndOpCodeHandle = NULL;
+
+ //
+ // Initialize the container for dynamic opcodes.
+ //
+ StartOpCodeHandle = HiiAllocateOpCodeHandle ();
+ if (StartOpCodeHandle == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
+ }
+
+ EndOpCodeHandle = HiiAllocateOpCodeHandle ();
+ if (EndOpCodeHandle == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
+ }
+
+ //
+ // Create Hii Extend Label OpCode.
+ //
+ StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
+ StartOpCodeHandle,
+ &gEfiIfrTianoGuid,
+ NULL,
+ sizeof (EFI_IFR_GUID_LABEL)
+ );
+ StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
+ StartLabel->Number = LabelNumber;
+
+ EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
+ EndOpCodeHandle,
+ &gEfiIfrTianoGuid,
+ NULL,
+ sizeof (EFI_IFR_GUID_LABEL)
+ );
+ EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
+ EndLabel->Number = LABEL_END;
+
+ //
+ // Read Variable.
+ //
+ DataSize = 0;
+ Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);
+ if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
+ goto ON_EXIT;
+ }
+
+ Data = (UINT8 *) AllocateZeroPool (DataSize);
+ if (Data == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
+ }
+
+ Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);
+ if (EFI_ERROR (Status)) {
+ goto ON_EXIT;
+ }
+
+ GuidStr = AllocateZeroPool (100);
+ if (GuidStr == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
+ }
+
+ //
+ // Enumerate all KEK pub data.
+ //
+ ItemDataSize = (UINT32) DataSize;
+ CertList = (EFI_SIGNATURE_LIST *) Data;
+ GuidIndex = 0;
+
+ while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
+
+ if (CompareGuid (&CertList->SignatureType, &gEfiCertRsa2048Guid)) {
+ Help = STRING_TOKEN (STR_CERT_TYPE_RSA2048_SHA256_GUID);
+ } else if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
+ Help = STRING_TOKEN (STR_CERT_TYPE_PCKS7_GUID);
+ } else if (CompareGuid (&CertList->SignatureType, &gEfiCertSha1Guid)) {
+ Help = STRING_TOKEN (STR_CERT_TYPE_SHA1_GUID);
+ } else if (CompareGuid (&CertList->SignatureType, &gEfiCertSha256Guid)) {
+ Help = STRING_TOKEN (STR_CERT_TYPE_SHA256_GUID);
+ } else if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha256Guid)) {
+ Help = STRING_TOKEN (STR_CERT_TYPE_X509_SHA256_GUID);
+ } else if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha384Guid)) {
+ Help = STRING_TOKEN (STR_CERT_TYPE_X509_SHA384_GUID);
+ } else if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha512Guid)) {
+ Help = STRING_TOKEN (STR_CERT_TYPE_X509_SHA512_GUID);
+ } else {
+ //
+ // The signature type is not supported in current implementation.
+ //
+ ItemDataSize -= CertList->SignatureListSize;
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
+ continue;
+ }
+
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
+ for (Index = 0; Index < CertCount; Index++) {
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList
+ + sizeof (EFI_SIGNATURE_LIST)
+ + CertList->SignatureHeaderSize
+ + Index * CertList->SignatureSize);
+ //
+ // Display GUID and help
+ //
+ GuidToString (&Cert->SignatureOwner, GuidStr, 100);
+ GuidID = HiiSetString (PrivateData->HiiHandle, 0, GuidStr, NULL);
+ HiiCreateCheckBoxOpCode (
+ StartOpCodeHandle,
+ (EFI_QUESTION_ID) (QuestionIdBase + GuidIndex++),
+ 0,
+ 0,
+ GuidID,
+ Help,
+ EFI_IFR_FLAG_CALLBACK,
+ 0,
+ NULL
+ );
+ }
+
+ ItemDataSize -= CertList->SignatureListSize;
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
+ }
+
+ON_EXIT:
+ HiiUpdateForm (
+ PrivateData->HiiHandle,
+ &gSecureBootConfigFormSetGuid,
+ FormId,
+ StartOpCodeHandle,
+ EndOpCodeHandle
+ );
+
+ if (StartOpCodeHandle != NULL) {
+ HiiFreeOpCodeHandle (StartOpCodeHandle);
+ }
+
+ if (EndOpCodeHandle != NULL) {
+ HiiFreeOpCodeHandle (EndOpCodeHandle);
+ }
+
+ if (Data != NULL) {
+ FreePool (Data);
+ }
+
+ if (GuidStr != NULL) {
+ FreePool (GuidStr);
+ }
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Delete a KEK entry from KEK database.
+
+ @param[in] PrivateData Module's private data.
+ @param[in] QuestionId Question id of the KEK item to delete.
+
+ @retval EFI_SUCCESS Delete kek item successfully.
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
+
+**/
+EFI_STATUS
+DeleteKeyExchangeKey (
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
+ IN EFI_QUESTION_ID QuestionId
+ )
+{
+ EFI_STATUS Status;
+ UINTN DataSize;
+ UINT8 *Data;
+ UINT8 *OldData;
+ UINT32 Attr;
+ UINT32 Index;
+ EFI_SIGNATURE_LIST *CertList;
+ EFI_SIGNATURE_LIST *NewCertList;
+ EFI_SIGNATURE_DATA *Cert;
+ UINTN CertCount;
+ UINT32 Offset;
+ BOOLEAN IsKEKItemFound;
+ UINT32 KekDataSize;
+ UINTN DeleteKekIndex;
+ UINTN GuidIndex;
+
+ Data = NULL;
+ OldData = NULL;
+ CertList = NULL;
+ Cert = NULL;
+ Attr = 0;
+ DeleteKekIndex = QuestionId - OPTION_DEL_KEK_QUESTION_ID;
+
+ Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ //
+ // Get original KEK variable.
+ //
+ DataSize = 0;
+ Status = gRT->GetVariable (EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid, NULL, &DataSize, NULL);
+ if (EFI_ERROR(Status) && Status != EFI_BUFFER_TOO_SMALL) {
+ goto ON_EXIT;
+ }
+
+ OldData = (UINT8*)AllocateZeroPool(DataSize);
+ if (OldData == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
+ }
+
+ Status = gRT->GetVariable (EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid, &Attr, &DataSize, OldData);
+ if (EFI_ERROR(Status)) {
+ goto ON_EXIT;
+ }
+
+ //
+ // Allocate space for new variable.
+ //
+ Data = (UINT8*) AllocateZeroPool (DataSize);
+ if (Data == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
+ }
+
+ //
+ // Enumerate all KEK pub data and erasing the target item.
+ //
+ IsKEKItemFound = FALSE;
+ KekDataSize = (UINT32) DataSize;
+ CertList = (EFI_SIGNATURE_LIST *) OldData;
+ Offset = 0;
+ GuidIndex = 0;
+ while ((KekDataSize > 0) && (KekDataSize >= CertList->SignatureListSize)) {
+ if (CompareGuid (&CertList->SignatureType, &gEfiCertRsa2048Guid) ||
+ CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
+ CopyMem (Data + Offset, CertList, (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize));
+ NewCertList = (EFI_SIGNATURE_LIST *)(Data + Offset);
+ Offset += (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
+ for (Index = 0; Index < CertCount; Index++) {
+ if (GuidIndex == DeleteKekIndex ) {
+ //
+ // Find it! Skip it!
+ //
+ NewCertList->SignatureListSize -= CertList->SignatureSize;
+ IsKEKItemFound = TRUE;
+ } else {
+ //
+ // This item doesn't match. Copy it to the Data buffer.
+ //
+ CopyMem (Data + Offset, Cert, CertList->SignatureSize);
+ Offset += CertList->SignatureSize;
+ }
+ GuidIndex++;
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8*) Cert + CertList->SignatureSize);
+ }
+ } else {
+ //
+ // This List doesn't match. Copy it to the Data buffer.
+ //
+ CopyMem (Data + Offset, CertList, CertList->SignatureListSize);
+ Offset += CertList->SignatureListSize;
+ }
+
+ KekDataSize -= CertList->SignatureListSize;
+ CertList = (EFI_SIGNATURE_LIST*) ((UINT8*) CertList + CertList->SignatureListSize);
+ }
+
+ if (!IsKEKItemFound) {
+ //
+ // Doesn't find the Kek Item!
+ //
+ Status = EFI_NOT_FOUND;
+ goto ON_EXIT;
+ }
+
+ //
+ // Delete the Signature header if there is no signature in the list.
+ //
+ KekDataSize = Offset;
+ CertList = (EFI_SIGNATURE_LIST*) Data;
+ Offset = 0;
+ ZeroMem (OldData, KekDataSize);
+ while ((KekDataSize > 0) && (KekDataSize >= CertList->SignatureListSize)) {
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
+ DEBUG ((DEBUG_INFO, " CertCount = %x\n", CertCount));
+ if (CertCount != 0) {
+ CopyMem (OldData + Offset, CertList, CertList->SignatureListSize);
+ Offset += CertList->SignatureListSize;
+ }
+ KekDataSize -= CertList->SignatureListSize;
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
+ }
+
+ DataSize = Offset;
+ if ((Attr & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
+ Status = CreateTimeBasedPayload (&DataSize, &OldData);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
+ goto ON_EXIT;
+ }
+ }
+
+ Status = gRT->SetVariable(
+ EFI_KEY_EXCHANGE_KEY_NAME,
+ &gEfiGlobalVariableGuid,
+ Attr,
+ DataSize,
+ OldData
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Failed to set variable, Status = %r\n", Status));
+ goto ON_EXIT;
+ }
+
+ON_EXIT:
+ if (Data != NULL) {
+ FreePool(Data);
+ }
+
+ if (OldData != NULL) {
+ FreePool(OldData);
+ }
+
+ return UpdateDeletePage (
+ PrivateData,
+ EFI_KEY_EXCHANGE_KEY_NAME,
+ &gEfiGlobalVariableGuid,
+ LABEL_KEK_DELETE,
+ FORMID_DELETE_KEK_FORM,
+ OPTION_DEL_KEK_QUESTION_ID
+ );
+}
+
+/**
+ Delete a signature entry from signature database.
+
+ @param[in] PrivateData Module's private data.
+ @param[in] VariableName The variable name of the vendor's signature database.
+ @param[in] VendorGuid A unique identifier for the vendor.
+ @param[in] LabelNumber Label number to insert opcodes.
+ @param[in] FormId Form ID of current page.
+ @param[in] QuestionIdBase Base question id of the signature list.
+ @param[in] DeleteIndex Signature index to delete.
+
+ @retval EFI_SUCCESS Delete signature successfully.
+ @retval EFI_NOT_FOUND Can't find the signature item,
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
+**/
+EFI_STATUS
+DeleteSignature (
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN UINT16 LabelNumber,
+ IN EFI_FORM_ID FormId,
+ IN EFI_QUESTION_ID QuestionIdBase,
+ IN UINTN DeleteIndex
+ )
+{
+ EFI_STATUS Status;
+ UINTN DataSize;
+ UINT8 *Data;
+ UINT8 *OldData;
+ UINT32 Attr;
+ UINT32 Index;
+ EFI_SIGNATURE_LIST *CertList;
+ EFI_SIGNATURE_LIST *NewCertList;
+ EFI_SIGNATURE_DATA *Cert;
+ UINTN CertCount;
+ UINT32 Offset;
+ BOOLEAN IsItemFound;
+ UINT32 ItemDataSize;
+ UINTN GuidIndex;
+
+ Data = NULL;
+ OldData = NULL;
+ CertList = NULL;
+ Cert = NULL;
+ Attr = 0;
+
+ Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ //
+ // Get original signature list data.
+ //
+ DataSize = 0;
+ Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, NULL);
+ if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
+ goto ON_EXIT;
+ }
+
+ OldData = (UINT8 *) AllocateZeroPool (DataSize);
+ if (OldData == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
+ }
+
+ Status = gRT->GetVariable (VariableName, VendorGuid, &Attr, &DataSize, OldData);
+ if (EFI_ERROR(Status)) {
+ goto ON_EXIT;
+ }
+
+ //
+ // Allocate space for new variable.
+ //
+ Data = (UINT8*) AllocateZeroPool (DataSize);
+ if (Data == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
+ }
+
+ //
+ // Enumerate all signature data and erasing the target item.
+ //
+ IsItemFound = FALSE;
+ ItemDataSize = (UINT32) DataSize;
+ CertList = (EFI_SIGNATURE_LIST *) OldData;
+ Offset = 0;
+ GuidIndex = 0;
+ while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
+ if (CompareGuid (&CertList->SignatureType, &gEfiCertRsa2048Guid) ||
+ CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid) ||
+ CompareGuid (&CertList->SignatureType, &gEfiCertSha1Guid) ||
+ CompareGuid (&CertList->SignatureType, &gEfiCertSha256Guid) ||
+ CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha256Guid) ||
+ CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha384Guid) ||
+ CompareGuid (&CertList->SignatureType, &gEfiCertX509Sha512Guid)
+ ) {
+ //
+ // Copy EFI_SIGNATURE_LIST header then calculate the signature count in this list.
+ //
+ CopyMem (Data + Offset, CertList, (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize));
+ NewCertList = (EFI_SIGNATURE_LIST*) (Data + Offset);
+ Offset += (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
+ for (Index = 0; Index < CertCount; Index++) {
+ if (GuidIndex == DeleteIndex) {
+ //
+ // Find it! Skip it!
+ //
+ NewCertList->SignatureListSize -= CertList->SignatureSize;
+ IsItemFound = TRUE;
+ } else {
+ //
+ // This item doesn't match. Copy it to the Data buffer.
+ //
+ CopyMem (Data + Offset, (UINT8*)(Cert), CertList->SignatureSize);
+ Offset += CertList->SignatureSize;
+ }
+ GuidIndex++;
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);
+ }
+ } else {
+ //
+ // This List doesn't match. Just copy it to the Data buffer.
+ //
+ CopyMem (Data + Offset, (UINT8*)(CertList), CertList->SignatureListSize);
+ Offset += CertList->SignatureListSize;
+ }
+
+ ItemDataSize -= CertList->SignatureListSize;
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
+ }
+
+ if (!IsItemFound) {
+ //
+ // Doesn't find the signature Item!
+ //
+ Status = EFI_NOT_FOUND;
+ goto ON_EXIT;
+ }
+
+ //
+ // Delete the EFI_SIGNATURE_LIST header if there is no signature in the list.
+ //
+ ItemDataSize = Offset;
+ CertList = (EFI_SIGNATURE_LIST *) Data;
+ Offset = 0;
+ ZeroMem (OldData, ItemDataSize);
+ while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
+ DEBUG ((DEBUG_INFO, " CertCount = %x\n", CertCount));
+ if (CertCount != 0) {
+ CopyMem (OldData + Offset, (UINT8*)(CertList), CertList->SignatureListSize);
+ Offset += CertList->SignatureListSize;
+ }
+ ItemDataSize -= CertList->SignatureListSize;
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
+ }
+
+ DataSize = Offset;
+ if ((Attr & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
+ Status = CreateTimeBasedPayload (&DataSize, &OldData);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
+ goto ON_EXIT;
+ }
+ }
+
+ Status = gRT->SetVariable(
+ VariableName,
+ VendorGuid,
+ Attr,
+ DataSize,
+ OldData
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Failed to set variable, Status = %r\n", Status));
+ goto ON_EXIT;
+ }
+
+ON_EXIT:
+ if (Data != NULL) {
+ FreePool(Data);
+ }
+
+ if (OldData != NULL) {
+ FreePool(OldData);
+ }
+
+ return UpdateDeletePage (
+ PrivateData,
+ VariableName,
+ VendorGuid,
+ LabelNumber,
+ FormId,
+ QuestionIdBase
+ );
+}
+
+/**
+ This function to delete signature list or data, according by DelType.
+
+ @param[in] PrivateData Module's private data.
+ @param[in] DelType Indicate delete signature list or data.
+ @param[in] CheckedCount Indicate how many signature data have
+ been checked in current signature list.
+
+ @retval EFI_SUCCESS Success to update the signature list page
+ @retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.
+**/
+EFI_STATUS
+DeleteSignatureEx (
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
+ IN SIGNATURE_DELETE_TYPE DelType,
+ IN UINT32 CheckedCount
+ )
+{
+ EFI_STATUS Status;
+ EFI_SIGNATURE_LIST *ListWalker;
+ EFI_SIGNATURE_LIST *NewCertList;
+ EFI_SIGNATURE_DATA *DataWalker;
+ CHAR16 VariableName[BUFFER_MAX_SIZE];
+ UINT32 VariableAttr;
+ UINTN VariableDataSize;
+ UINTN RemainingSize;
+ UINTN ListIndex;
+ UINTN Index;
+ UINTN Offset;
+ UINT8 *VariableData;
+ UINT8 *NewVariableData;
+
+ Status = EFI_SUCCESS;
+ VariableAttr = 0;
+ VariableDataSize = 0;
+ ListIndex = 0;
+ Offset = 0;
+ VariableData = NULL;
+ NewVariableData = NULL;
+
+ if (PrivateData->VariableName == Variable_DB) {
+ UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE);
+ } else if (PrivateData->VariableName == Variable_DBX) {
+ UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE1);
+ } else if (PrivateData->VariableName == Variable_DBT) {
+ UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE2);
+ } else {
+ goto ON_EXIT;
+ }
+
+ Status = gRT->GetVariable (
+ VariableName,
+ &gEfiImageSecurityDatabaseGuid,
+ &VariableAttr,
+ &VariableDataSize,
+ VariableData
+ );
+ if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
+ goto ON_EXIT;
+ }
+
+ VariableData = AllocateZeroPool (VariableDataSize);
+ if (VariableData == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
+ }
+
+ Status = gRT->GetVariable (
+ VariableName,
+ &gEfiImageSecurityDatabaseGuid,
+ &VariableAttr,
+ &VariableDataSize,
+ VariableData
+ );
+ if (EFI_ERROR (Status)) {
+ goto ON_EXIT;
+ }
+
+ Status = SetSecureBootMode (CUSTOM_SECURE_BOOT_MODE);
+ if (EFI_ERROR (Status)) {
+ goto ON_EXIT;
+ }
+
+ NewVariableData = AllocateZeroPool (VariableDataSize);
+ if (NewVariableData == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto ON_EXIT;
}
- Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);
- if (EFI_ERROR (Status)) {
- goto ON_EXIT;
+ RemainingSize = VariableDataSize;
+ ListWalker = (EFI_SIGNATURE_LIST *)(VariableData);
+ if (DelType == Delete_Signature_List_All) {
+ VariableDataSize = 0;
+ } else {
+ //
+ // Traverse to target EFI_SIGNATURE_LIST but others will be skipped.
+ //
+ while ((RemainingSize > 0) && (RemainingSize >= ListWalker->SignatureListSize) && ListIndex < PrivateData->ListIndex) {
+ CopyMem ((UINT8 *)NewVariableData + Offset, ListWalker, ListWalker->SignatureListSize);
+ Offset += ListWalker->SignatureListSize;
+
+ RemainingSize -= ListWalker->SignatureListSize;
+ ListWalker = (EFI_SIGNATURE_LIST *)((UINT8 *)ListWalker + ListWalker->SignatureListSize);
+ ListIndex++;
+ }
+
+ //
+ // Handle the target EFI_SIGNATURE_LIST.
+ // If CheckedCount == SIGNATURE_DATA_COUNTS (ListWalker) or DelType == Delete_Signature_List_One
+ // it means delete the whole EFI_SIGNATURE_LIST, So we just skip this EFI_SIGNATURE_LIST.
+ //
+ if (CheckedCount < SIGNATURE_DATA_COUNTS (ListWalker) && DelType == Delete_Signature_Data) {
+ NewCertList = (EFI_SIGNATURE_LIST *)(NewVariableData + Offset);
+ //
+ // Copy header.
+ //
+ CopyMem ((UINT8 *)NewVariableData + Offset, ListWalker, sizeof (EFI_SIGNATURE_LIST) + ListWalker->SignatureHeaderSize);
+ Offset += sizeof (EFI_SIGNATURE_LIST) + ListWalker->SignatureHeaderSize;
+
+ DataWalker = (EFI_SIGNATURE_DATA *)((UINT8 *)ListWalker + sizeof(EFI_SIGNATURE_LIST) + ListWalker->SignatureHeaderSize);
+ for (Index = 0; Index < SIGNATURE_DATA_COUNTS(ListWalker); Index = Index + 1) {
+ if (PrivateData->CheckArray[Index]) {
+ //
+ // Delete checked signature data, and update the size of whole signature list.
+ //
+ NewCertList->SignatureListSize -= NewCertList->SignatureSize;
+ } else {
+ //
+ // Remain the unchecked signature data.
+ //
+ CopyMem ((UINT8 *)NewVariableData + Offset, DataWalker, ListWalker->SignatureSize);
+ Offset += ListWalker->SignatureSize;
+ }
+ DataWalker = (EFI_SIGNATURE_DATA *)((UINT8 *)DataWalker + ListWalker->SignatureSize);
+ }
+ }
+
+ RemainingSize -= ListWalker->SignatureListSize;
+ ListWalker = (EFI_SIGNATURE_LIST *)((UINT8 *)ListWalker + ListWalker->SignatureListSize);
+
+ //
+ // Copy remaining data, maybe 0.
+ //
+ CopyMem((UINT8 *)NewVariableData + Offset, ListWalker, RemainingSize);
+ Offset += RemainingSize;
+
+ VariableDataSize = Offset;
+ }
+
+ if ((VariableAttr & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
+ Status = CreateTimeBasedPayload (&VariableDataSize, &NewVariableData);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Fail to create time-based data payload: %r", Status));
+ goto ON_EXIT;
+ }
+ }
+
+ Status = gRT->SetVariable (
+ VariableName,
+ &gEfiImageSecurityDatabaseGuid,
+ VariableAttr,
+ VariableDataSize,
+ NewVariableData
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Failed to set variable, Status = %r", Status));
+ goto ON_EXIT;
+ }
+
+ON_EXIT:
+ SECUREBOOT_FREE_NON_NULL (VariableData);
+ SECUREBOOT_FREE_NON_NULL (NewVariableData);
+
+ return Status;
+}
+
+/**
+
+ Update SecureBoot strings based on new Secure Boot Mode State. String includes STR_SECURE_BOOT_STATE_CONTENT
+ and STR_CUR_SECURE_BOOT_MODE_CONTENT.
+
+ @param[in] PrivateData Module's private data.
+
+ @return EFI_SUCCESS Update secure boot strings successfully.
+ @return other Fail to update secure boot strings.
+
+**/
+EFI_STATUS
+UpdateSecureBootString(
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private
+ )
+{
+ UINT8 *SecureBoot;
+
+ SecureBoot = NULL;
+
+ //
+ // Get current secure boot state.
+ //
+ GetVariable2 (EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SecureBoot, NULL);
+ if (SecureBoot == NULL) {
+ return EFI_NOT_FOUND;
+ }
+
+ if (*SecureBoot == SECURE_BOOT_MODE_ENABLE) {
+ HiiSetString (Private->HiiHandle, STRING_TOKEN (STR_SECURE_BOOT_STATE_CONTENT), L"Enabled", NULL);
+ } else {
+ HiiSetString (Private->HiiHandle, STRING_TOKEN (STR_SECURE_BOOT_STATE_CONTENT), L"Disabled", NULL);
+ }
+
+ FreePool(SecureBoot);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ This function extracts configuration from variable.
+
+ @param[in] Private Point to SecureBoot configuration driver private data.
+ @param[in, out] ConfigData Point to SecureBoot configuration private data.
+
+**/
+VOID
+SecureBootExtractConfigFromVariable (
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
+ IN OUT SECUREBOOT_CONFIGURATION *ConfigData
+ )
+{
+ UINT8 *SecureBootEnable;
+ UINT8 *SetupMode;
+ UINT8 *SecureBootMode;
+ EFI_TIME CurrTime;
+
+ SecureBootEnable = NULL;
+ SetupMode = NULL;
+ SecureBootMode = NULL;
+
+ //
+ // Initilize the Date and Time using system time.
+ //
+ ConfigData->CertificateFormat = HASHALG_RAW;
+ ConfigData->AlwaysRevocation = TRUE;
+ gRT->GetTime (&CurrTime, NULL);
+ ConfigData->RevocationDate.Year = CurrTime.Year;
+ ConfigData->RevocationDate.Month = CurrTime.Month;
+ ConfigData->RevocationDate.Day = CurrTime.Day;
+ ConfigData->RevocationTime.Hour = CurrTime.Hour;
+ ConfigData->RevocationTime.Minute = CurrTime.Minute;
+ ConfigData->RevocationTime.Second = 0;
+ if (Private->FileContext->FHandle != NULL) {
+ ConfigData->FileEnrollType = Private->FileContext->FileType;
+ } else {
+ ConfigData->FileEnrollType = UNKNOWN_FILE_TYPE;
+ }
+
+ //
+ // If it is Physical Presence User, set the PhysicalPresent to true.
+ //
+ if (UserPhysicalPresent()) {
+ ConfigData->PhysicalPresent = TRUE;
+ } else {
+ ConfigData->PhysicalPresent = FALSE;
+ }
+
+ //
+ // If there is no PK then the Delete Pk button will be gray.
+ //
+ GetVariable2 (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SetupMode, NULL);
+ if (SetupMode == NULL || (*SetupMode) == SETUP_MODE) {
+ ConfigData->HasPk = FALSE;
+ } else {
+ ConfigData->HasPk = TRUE;
+ }
+
+ //
+ // Check SecureBootEnable & Pk status, fix the inconsistence.
+ // If the SecureBootEnable Variable doesn't exist, hide the SecureBoot Enable/Disable
+ // Checkbox.
+ //
+ ConfigData->AttemptSecureBoot = FALSE;
+ GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL);
+
+ //
+ // Fix Pk, SecureBootEnable inconsistence
+ //
+ if ((SetupMode != NULL) && (*SetupMode) == USER_MODE) {
+ ConfigData->HideSecureBoot = FALSE;
+ if ((SecureBootEnable != NULL) && (*SecureBootEnable == SECURE_BOOT_ENABLE)) {
+ ConfigData->AttemptSecureBoot = TRUE;
+ }
+ } else {
+ ConfigData->HideSecureBoot = TRUE;
+ }
+
+ //
+ // Get the SecureBootMode from CustomMode variable.
+ //
+ GetVariable2 (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, (VOID**)&SecureBootMode, NULL);
+ if (SecureBootMode == NULL) {
+ ConfigData->SecureBootMode = STANDARD_SECURE_BOOT_MODE;
+ } else {
+ ConfigData->SecureBootMode = *(SecureBootMode);
+ }
+
+ if (SecureBootEnable != NULL) {
+ FreePool (SecureBootEnable);
+ }
+ if (SetupMode != NULL) {
+ FreePool (SetupMode);
+ }
+ if (SecureBootMode != NULL) {
+ FreePool (SecureBootMode);
}
+}
- GuidStr = AllocateZeroPool (100);
- if (GuidStr == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto ON_EXIT;
+/**
+ This function allows a caller to extract the current configuration for one
+ or more named elements from the target driver.
+
+ @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
+ @param[in] Request A null-terminated Unicode string in
+ format.
+ @param[out] Progress On return, points to a character in the Request
+ string. Points to the string's null terminator if
+ request was successful. Points to the most recent
+ '&' before the first failing name/value pair (or
+ the beginning of the string if the failure is in
+ the first name/value pair) if the request was not
+ successful.
+ @param[out] Results A null-terminated Unicode string in
+ format which has all values filled
+ in for the names in the Request string. String to
+ be allocated by the called function.
+
+ @retval EFI_SUCCESS The Results is filled with the requested values.
+ @retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
+ @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
+ @retval EFI_NOT_FOUND Routing data doesn't match any storage in this
+ driver.
+
+**/
+EFI_STATUS
+EFIAPI
+SecureBootExtractConfig (
+ IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
+ IN CONST EFI_STRING Request,
+ OUT EFI_STRING *Progress,
+ OUT EFI_STRING *Results
+ )
+{
+ EFI_STATUS Status;
+ UINTN BufferSize;
+ UINTN Size;
+ SECUREBOOT_CONFIGURATION Configuration;
+ EFI_STRING ConfigRequest;
+ EFI_STRING ConfigRequestHdr;
+ SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData;
+ BOOLEAN AllocatedRequest;
+
+ if (Progress == NULL || Results == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ AllocatedRequest = FALSE;
+ ConfigRequestHdr = NULL;
+ ConfigRequest = NULL;
+ Size = 0;
+
+ ZeroMem (&Configuration, sizeof (Configuration));
+ PrivateData = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This);
+ *Progress = Request;
+
+ if ((Request != NULL) && !HiiIsConfigHdrMatch (Request, &gSecureBootConfigFormSetGuid, mSecureBootStorageName)) {
+ return EFI_NOT_FOUND;
}
+ ZeroMem(&Configuration, sizeof(SECUREBOOT_CONFIGURATION));
+
//
- // Enumerate all KEK pub data.
+ // Get Configuration from Variable.
//
- ItemDataSize = (UINT32) DataSize;
- CertList = (EFI_SIGNATURE_LIST *) Data;
- GuidIndex = 0;
+ SecureBootExtractConfigFromVariable (PrivateData, &Configuration);
- while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
+ BufferSize = sizeof (SECUREBOOT_CONFIGURATION);
+ ConfigRequest = Request;
+ if ((Request == NULL) || (StrStr (Request, L"OFFSET") == NULL)) {
+ //
+ // Request is set to NULL or OFFSET is NULL, construct full request string.
+ //
+ // Allocate and fill a buffer large enough to hold the template
+ // followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a Null-terminator
+ //
+ ConfigRequestHdr = HiiConstructConfigHdr (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, PrivateData->DriverHandle);
+ Size = (StrLen (ConfigRequestHdr) + 32 + 1) * sizeof (CHAR16);
+ ConfigRequest = AllocateZeroPool (Size);
+ ASSERT (ConfigRequest != NULL);
+ AllocatedRequest = TRUE;
+ UnicodeSPrint (ConfigRequest, Size, L"%s&OFFSET=0&WIDTH=%016LX", ConfigRequestHdr, (UINT64)BufferSize);
+ FreePool (ConfigRequestHdr);
+ ConfigRequestHdr = NULL;
+ }
- if (CompareGuid (&CertList->SignatureType, &gEfiCertRsa2048Guid)) {
- Help = STRING_TOKEN (STR_CERT_TYPE_RSA2048_SHA256_GUID);
- } else if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
- Help = STRING_TOKEN (STR_CERT_TYPE_PCKS7_GUID);
- } else if (CompareGuid (&CertList->SignatureType, &gEfiCertSha1Guid)) {
- Help = STRING_TOKEN (STR_CERT_TYPE_SHA1_GUID);
- } else if (CompareGuid (&CertList->SignatureType, &gEfiCertSha256Guid)) {
- Help = STRING_TOKEN (STR_CERT_TYPE_SHA256_GUID);
- } else {
- //
- // The signature type is not supported in current implementation.
- //
- continue;
- }
+ Status = gHiiConfigRouting->BlockToConfig (
+ gHiiConfigRouting,
+ ConfigRequest,
+ (UINT8 *) &Configuration,
+ BufferSize,
+ Results,
+ Progress
+ );
- CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
- for (Index = 0; Index < CertCount; Index++) {
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList
- + sizeof (EFI_SIGNATURE_LIST)
- + CertList->SignatureHeaderSize
- + Index * CertList->SignatureSize);
- //
- // Display GUID and help
- //
- GuidToString (&Cert->SignatureOwner, GuidStr, 100);
- GuidID = HiiSetString (PrivateData->HiiHandle, 0, GuidStr, NULL);
- HiiCreateCheckBoxOpCode (
- StartOpCodeHandle,
- (EFI_QUESTION_ID) (QuestionIdBase + GuidIndex++),
- 0,
- 0,
- GuidID,
- Help,
- EFI_IFR_FLAG_CALLBACK,
- 0,
- NULL
- );
- }
+ //
+ // Free the allocated config request string.
+ //
+ if (AllocatedRequest) {
+ FreePool (ConfigRequest);
+ }
- ItemDataSize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
+ //
+ // Set Progress string to the original request string.
+ //
+ if (Request == NULL) {
+ *Progress = NULL;
+ } else if (StrStr (Request, L"OFFSET") == NULL) {
+ *Progress = Request + StrLen (Request);
}
-ON_EXIT:
- HiiUpdateForm (
- PrivateData->HiiHandle,
- &gSecureBootConfigFormSetGuid,
- FormId,
- StartOpCodeHandle,
- EndOpCodeHandle
- );
+ return Status;
+}
- if (StartOpCodeHandle != NULL) {
- HiiFreeOpCodeHandle (StartOpCodeHandle);
+/**
+ This function processes the results of changes in configuration.
+
+ @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
+ @param[in] Configuration A null-terminated Unicode string in
+ format.
+ @param[out] Progress A pointer to a string filled in with the offset of
+ the most recent '&' before the first failing
+ name/value pair (or the beginning of the string if
+ the failure is in the first name/value pair) or
+ the terminating NULL if all was successful.
+
+ @retval EFI_SUCCESS The Results is processed successfully.
+ @retval EFI_INVALID_PARAMETER Configuration is NULL.
+ @retval EFI_NOT_FOUND Routing data doesn't match any storage in this
+ driver.
+
+**/
+EFI_STATUS
+EFIAPI
+SecureBootRouteConfig (
+ IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
+ IN CONST EFI_STRING Configuration,
+ OUT EFI_STRING *Progress
+ )
+{
+ SECUREBOOT_CONFIGURATION IfrNvData;
+ UINTN BufferSize;
+ SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData;
+ EFI_STATUS Status;
+
+ if (Configuration == NULL || Progress == NULL) {
+ return EFI_INVALID_PARAMETER;
}
- if (EndOpCodeHandle != NULL) {
- HiiFreeOpCodeHandle (EndOpCodeHandle);
+ *Progress = Configuration;
+ if (!HiiIsConfigHdrMatch (Configuration, &gSecureBootConfigFormSetGuid, mSecureBootStorageName)) {
+ return EFI_NOT_FOUND;
}
-
- if (Data != NULL) {
- FreePool (Data);
+
+ PrivateData = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This);
+
+ //
+ // Get Configuration from Variable.
+ //
+ SecureBootExtractConfigFromVariable (PrivateData, &IfrNvData);
+
+ //
+ // Map the Configuration to the configuration block.
+ //
+ BufferSize = sizeof (SECUREBOOT_CONFIGURATION);
+ Status = gHiiConfigRouting->ConfigToBlock (
+ gHiiConfigRouting,
+ Configuration,
+ (UINT8 *)&IfrNvData,
+ &BufferSize,
+ Progress
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
}
- if (GuidStr != NULL) {
- FreePool (GuidStr);
+ //
+ // Store Buffer Storage back to EFI variable if needed
+ //
+ if (!IfrNvData.HideSecureBoot) {
+ Status = SaveSecureBootVariable (IfrNvData.AttemptSecureBoot);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
}
+ *Progress = Configuration + StrLen (Configuration);
return EFI_SUCCESS;
}
/**
- Delete a KEK entry from KEK database.
+ This function to load signature list, the update the menu page.
- @param[in] PrivateData Module's private data.
- @param[in] QuestionId Question id of the KEK item to delete.
+ @param[in] PrivateData Module's private data.
+ @param[in] LabelId Label number to insert opcodes.
+ @param[in] FormId Form ID of current page.
+ @param[in] QuestionIdBase Base question id of the signature list.
- @retval EFI_SUCCESS Delete kek item successfully.
- @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
-
+ @retval EFI_SUCCESS Success to update the signature list page
+ @retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.
**/
EFI_STATUS
-DeleteKeyExchangeKey (
- IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
- IN EFI_QUESTION_ID QuestionId
+LoadSignatureList (
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
+ IN UINT16 LabelId,
+ IN EFI_FORM_ID FormId,
+ IN EFI_QUESTION_ID QuestionIdBase
)
{
- EFI_STATUS Status;
- UINTN DataSize;
- UINT8 *Data;
- UINT8 *OldData;
- UINT32 Attr;
- UINT32 Index;
- EFI_SIGNATURE_LIST *CertList;
- EFI_SIGNATURE_LIST *NewCertList;
- EFI_SIGNATURE_DATA *Cert;
- UINTN CertCount;
- UINT32 Offset;
- BOOLEAN IsKEKItemFound;
- UINT32 KekDataSize;
- UINTN DeleteKekIndex;
- UINTN GuidIndex;
+ EFI_STATUS Status;
+ EFI_STRING_ID ListType;
+ EFI_STRING FormatNameString;
+ EFI_STRING FormatHelpString;
+ EFI_STRING FormatTypeString;
+ EFI_SIGNATURE_LIST *ListWalker;
+ EFI_IFR_GUID_LABEL *StartLabel;
+ EFI_IFR_GUID_LABEL *EndLabel;
+ EFI_IFR_GUID_LABEL *StartGoto;
+ EFI_IFR_GUID_LABEL *EndGoto;
+ EFI_FORM_ID DstFormId;
+ VOID *StartOpCodeHandle;
+ VOID *EndOpCodeHandle;
+ VOID *StartGotoHandle;
+ VOID *EndGotoHandle;
+ UINTN DataSize;
+ UINTN RemainingSize;
+ UINT16 Index;
+ UINT8 *VariableData;
+ CHAR16 VariableName[BUFFER_MAX_SIZE];
+ CHAR16 NameBuffer[BUFFER_MAX_SIZE];
+ CHAR16 HelpBuffer[BUFFER_MAX_SIZE];
+
+ Status = EFI_SUCCESS;
+ FormatNameString = NULL;
+ FormatHelpString = NULL;
+ StartOpCodeHandle = NULL;
+ EndOpCodeHandle = NULL;
+ StartGotoHandle = NULL;
+ EndGotoHandle = NULL;
+ Index = 0;
+ VariableData = NULL;
- Data = NULL;
- OldData = NULL;
- CertList = NULL;
- Cert = NULL;
- Attr = 0;
- DeleteKekIndex = QuestionId - OPTION_DEL_KEK_QUESTION_ID;
-
//
- // Get original KEK variable.
- //
- DataSize = 0;
- Status = gRT->GetVariable (EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid, NULL, &DataSize, NULL);
- if (EFI_ERROR(Status) && Status != EFI_BUFFER_TOO_SMALL) {
+ // Initialize the container for dynamic opcodes.
+ //
+ StartOpCodeHandle = HiiAllocateOpCodeHandle ();
+ if (StartOpCodeHandle == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
goto ON_EXIT;
}
- OldData = (UINT8*)AllocateZeroPool(DataSize);
- if (OldData == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
+ EndOpCodeHandle = HiiAllocateOpCodeHandle ();
+ if (EndOpCodeHandle == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
goto ON_EXIT;
}
- Status = gRT->GetVariable (EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid, &Attr, &DataSize, OldData);
- if (EFI_ERROR(Status)) {
+ StartGotoHandle = HiiAllocateOpCodeHandle ();
+ if (StartGotoHandle == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
goto ON_EXIT;
}
- //
- // Allocate space for new variable.
- //
- Data = (UINT8*) AllocateZeroPool (DataSize);
- if (Data == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
+ EndGotoHandle = HiiAllocateOpCodeHandle ();
+ if (EndGotoHandle == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
goto ON_EXIT;
}
//
- // Enumerate all KEK pub data and erasing the target item.
+ // Create Hii Extend Label OpCode.
//
- IsKEKItemFound = FALSE;
- KekDataSize = (UINT32) DataSize;
- CertList = (EFI_SIGNATURE_LIST *) OldData;
- Offset = 0;
- GuidIndex = 0;
- while ((KekDataSize > 0) && (KekDataSize >= CertList->SignatureListSize)) {
- if (CompareGuid (&CertList->SignatureType, &gEfiCertRsa2048Guid) ||
- CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
- CopyMem (Data + Offset, CertList, (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize));
- NewCertList = (EFI_SIGNATURE_LIST *)(Data + Offset);
- Offset += (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
- CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
- for (Index = 0; Index < CertCount; Index++) {
- if (GuidIndex == DeleteKekIndex ) {
- //
- // Find it! Skip it!
- //
- NewCertList->SignatureListSize -= CertList->SignatureSize;
- IsKEKItemFound = TRUE;
- } else {
- //
- // This item doesn't match. Copy it to the Data buffer.
- //
- CopyMem (Data + Offset, Cert, CertList->SignatureSize);
- Offset += CertList->SignatureSize;
- }
- GuidIndex++;
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8*) Cert + CertList->SignatureSize);
- }
- } else {
- //
- // This List doesn't match. Copy it to the Data buffer.
- //
- CopyMem (Data + Offset, CertList, CertList->SignatureListSize);
- Offset += CertList->SignatureListSize;
- }
-
- KekDataSize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST*) ((UINT8*) CertList + CertList->SignatureListSize);
- }
+ StartLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (
+ StartOpCodeHandle,
+ &gEfiIfrTianoGuid,
+ NULL,
+ sizeof (EFI_IFR_GUID_LABEL)
+ );
+ StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
+ StartLabel->Number = LabelId;
+
+ EndLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (
+ EndOpCodeHandle,
+ &gEfiIfrTianoGuid,
+ NULL,
+ sizeof (EFI_IFR_GUID_LABEL)
+ );
+ EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
+ EndLabel->Number = LABEL_END;
- if (!IsKEKItemFound) {
- //
- // Doesn't find the Kek Item!
- //
- Status = EFI_NOT_FOUND;
+ StartGoto = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode(
+ StartGotoHandle,
+ &gEfiIfrTianoGuid,
+ NULL,
+ sizeof(EFI_IFR_GUID_LABEL)
+ );
+ StartGoto->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
+ StartGoto->Number = LABEL_DELETE_ALL_LIST_BUTTON;
+
+ EndGoto = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode(
+ EndGotoHandle,
+ &gEfiIfrTianoGuid,
+ NULL,
+ sizeof(EFI_IFR_GUID_LABEL)
+ );
+ EndGoto->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
+ EndGoto->Number = LABEL_END;
+
+ if (PrivateData->VariableName == Variable_DB) {
+ UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE);
+ DstFormId = FORMID_SECURE_BOOT_DB_OPTION_FORM;
+ } else if (PrivateData->VariableName == Variable_DBX) {
+ UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE1);
+ DstFormId = FORMID_SECURE_BOOT_DBX_OPTION_FORM;
+ } else if (PrivateData->VariableName == Variable_DBT) {
+ UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE2);
+ DstFormId = FORMID_SECURE_BOOT_DBT_OPTION_FORM;
+ } else {
goto ON_EXIT;
}
+ HiiCreateGotoOpCode (
+ StartGotoHandle,
+ DstFormId,
+ STRING_TOKEN (STR_SECURE_BOOT_DELETE_ALL_LIST),
+ STRING_TOKEN (STR_SECURE_BOOT_DELETE_ALL_LIST),
+ EFI_IFR_FLAG_CALLBACK,
+ KEY_SECURE_BOOT_DELETE_ALL_LIST
+ );
+
//
- // Delete the Signature header if there is no signature in the list.
+ // Read Variable, the variable name save in the PrivateData->VariableName.
//
- KekDataSize = Offset;
- CertList = (EFI_SIGNATURE_LIST*) Data;
- Offset = 0;
- ZeroMem (OldData, KekDataSize);
- while ((KekDataSize > 0) && (KekDataSize >= CertList->SignatureListSize)) {
- CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
- DEBUG ((DEBUG_ERROR, " CertCount = %x\n", CertCount));
- if (CertCount != 0) {
- CopyMem (OldData + Offset, CertList, CertList->SignatureListSize);
- Offset += CertList->SignatureListSize;
- }
- KekDataSize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
+ DataSize = 0;
+ Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, VariableData);
+ if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
+ goto ON_EXIT;
}
- DataSize = Offset;
- if ((Attr & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
- Status = CreateTimeBasedPayload (&DataSize, &OldData);
- if (EFI_ERROR (Status)) {
- DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
- goto ON_EXIT;
- }
+ VariableData = AllocateZeroPool (DataSize);
+ if (VariableData == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
}
-
- Status = gRT->SetVariable(
- EFI_KEY_EXCHANGE_KEY_NAME,
- &gEfiGlobalVariableGuid,
- Attr,
- DataSize,
- OldData
- );
+ Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, VariableData);
if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "Failed to set variable, Status = %r\n", Status));
goto ON_EXIT;
}
-
-ON_EXIT:
- if (Data != NULL) {
- FreePool(Data);
+
+ FormatNameString = HiiGetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SIGNATURE_LIST_NAME_FORMAT), NULL);
+ FormatHelpString = HiiGetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SIGNATURE_LIST_HELP_FORMAT), NULL);
+ if (FormatNameString == NULL || FormatHelpString == NULL) {
+ goto ON_EXIT;
}
- if (OldData != NULL) {
- FreePool(OldData);
+ RemainingSize = DataSize;
+ ListWalker = (EFI_SIGNATURE_LIST *)VariableData;
+ while ((RemainingSize > 0) && (RemainingSize >= ListWalker->SignatureListSize)) {
+ if (CompareGuid (&ListWalker->SignatureType, &gEfiCertRsa2048Guid)) {
+ ListType = STRING_TOKEN (STR_LIST_TYPE_RSA2048_SHA256);
+ } else if (CompareGuid (&ListWalker->SignatureType, &gEfiCertX509Guid)) {
+ ListType = STRING_TOKEN (STR_LIST_TYPE_X509);
+ } else if (CompareGuid (&ListWalker->SignatureType, &gEfiCertSha1Guid)) {
+ ListType = STRING_TOKEN (STR_LIST_TYPE_SHA1);
+ } else if (CompareGuid (&ListWalker->SignatureType, &gEfiCertSha256Guid)) {
+ ListType = STRING_TOKEN (STR_LIST_TYPE_SHA256);
+ } else if (CompareGuid (&ListWalker->SignatureType, &gEfiCertX509Sha256Guid)) {
+ ListType = STRING_TOKEN (STR_LIST_TYPE_X509_SHA256);
+ } else if (CompareGuid (&ListWalker->SignatureType, &gEfiCertX509Sha384Guid)) {
+ ListType = STRING_TOKEN (STR_LIST_TYPE_X509_SHA384);
+ } else if (CompareGuid (&ListWalker->SignatureType, &gEfiCertX509Sha512Guid)) {
+ ListType = STRING_TOKEN (STR_LIST_TYPE_X509_SHA512);
+ } else {
+ ListType = STRING_TOKEN (STR_LIST_TYPE_UNKNOWN);
+ }
+ FormatTypeString = HiiGetString (PrivateData->HiiHandle, ListType, NULL);
+ if (FormatTypeString == NULL) {
+ goto ON_EXIT;
+ }
+
+ ZeroMem (NameBuffer, sizeof (NameBuffer));
+ UnicodeSPrint (NameBuffer, sizeof (NameBuffer), FormatNameString, Index + 1);
+
+ ZeroMem (HelpBuffer, sizeof (HelpBuffer));
+ UnicodeSPrint (HelpBuffer,
+ sizeof (HelpBuffer),
+ FormatHelpString,
+ FormatTypeString,
+ SIGNATURE_DATA_COUNTS (ListWalker)
+ );
+ SECUREBOOT_FREE_NON_NULL (FormatTypeString);
+ FormatTypeString = NULL;
+
+ HiiCreateGotoOpCode (
+ StartOpCodeHandle,
+ SECUREBOOT_DELETE_SIGNATURE_DATA_FORM,
+ HiiSetString (PrivateData->HiiHandle, 0, NameBuffer, NULL),
+ HiiSetString (PrivateData->HiiHandle, 0, HelpBuffer, NULL),
+ EFI_IFR_FLAG_CALLBACK,
+ QuestionIdBase + Index++
+ );
+
+ RemainingSize -= ListWalker->SignatureListSize;
+ ListWalker = (EFI_SIGNATURE_LIST *)((UINT8 *)ListWalker + ListWalker->SignatureListSize);
}
- return UpdateDeletePage (
- PrivateData,
- EFI_KEY_EXCHANGE_KEY_NAME,
- &gEfiGlobalVariableGuid,
- LABEL_KEK_DELETE,
- FORMID_DELETE_KEK_FORM,
- OPTION_DEL_KEK_QUESTION_ID
- );
+ON_EXIT:
+ HiiUpdateForm (
+ PrivateData->HiiHandle,
+ &gSecureBootConfigFormSetGuid,
+ FormId,
+ StartOpCodeHandle,
+ EndOpCodeHandle
+ );
+
+ HiiUpdateForm (
+ PrivateData->HiiHandle,
+ &gSecureBootConfigFormSetGuid,
+ FormId,
+ StartGotoHandle,
+ EndGotoHandle
+ );
+
+ SECUREBOOT_FREE_NON_OPCODE (StartOpCodeHandle);
+ SECUREBOOT_FREE_NON_OPCODE (EndOpCodeHandle);
+ SECUREBOOT_FREE_NON_OPCODE (StartGotoHandle);
+ SECUREBOOT_FREE_NON_OPCODE (EndGotoHandle);
+
+ SECUREBOOT_FREE_NON_NULL (VariableData);
+ SECUREBOOT_FREE_NON_NULL (FormatNameString);
+ SECUREBOOT_FREE_NON_NULL (FormatHelpString);
+
+ PrivateData->ListCount = Index;
+
+ return Status;
}
/**
- Delete a signature entry from siganture database.
+ Parse hash value from EFI_SIGNATURE_DATA, and save in the CHAR16 type array.
+ The buffer is callee allocated and should be freed by the caller.
- @param[in] PrivateData Module's private data.
- @param[in] VariableName The variable name of the vendor's signature database.
- @param[in] VendorGuid A unique identifier for the vendor.
- @param[in] LabelNumber Label number to insert opcodes.
- @param[in] FormId Form ID of current page.
- @param[in] QuestionIdBase Base question id of the signature list.
- @param[in] DeleteIndex Signature index to delete.
-
- @retval EFI_SUCCESS Delete siganture successfully.
- @retval EFI_NOT_FOUND Can't find the signature item,
- @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
+ @param[in] ListEntry The pointer point to the signature list.
+ @param[in] DataEntry The signature data we are processing.
+ @param[out] BufferToReturn Buffer to save the hash value.
+
+ @retval EFI_INVALID_PARAMETER Invalid List or Data or Buffer.
+ @retval EFI_OUT_OF_RESOURCES A memory allocation failed.
+ @retval EFI_SUCCESS Operation success.
**/
EFI_STATUS
-DeleteSignature (
- IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN UINT16 LabelNumber,
- IN EFI_FORM_ID FormId,
- IN EFI_QUESTION_ID QuestionIdBase,
- IN UINTN DeleteIndex
+ParseHashValue (
+ IN EFI_SIGNATURE_LIST *ListEntry,
+ IN EFI_SIGNATURE_DATA *DataEntry,
+ OUT CHAR16 **BufferToReturn
)
{
- EFI_STATUS Status;
- UINTN DataSize;
- UINT8 *Data;
- UINT8 *OldData;
- UINT32 Attr;
- UINT32 Index;
- EFI_SIGNATURE_LIST *CertList;
- EFI_SIGNATURE_LIST *NewCertList;
- EFI_SIGNATURE_DATA *Cert;
- UINTN CertCount;
- UINT32 Offset;
- BOOLEAN IsItemFound;
- UINT32 ItemDataSize;
- UINTN GuidIndex;
-
- Data = NULL;
- OldData = NULL;
- CertList = NULL;
- Cert = NULL;
- Attr = 0;
-
- //
- // Get original signature list data.
- //
- DataSize = 0;
- Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, NULL);
- if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
- goto ON_EXIT;
- }
-
- OldData = (UINT8 *) AllocateZeroPool (DataSize);
- if (OldData == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto ON_EXIT;
- }
-
- Status = gRT->GetVariable (VariableName, VendorGuid, &Attr, &DataSize, OldData);
- if (EFI_ERROR(Status)) {
- goto ON_EXIT;
- }
-
- //
- // Allocate space for new variable.
- //
- Data = (UINT8*) AllocateZeroPool (DataSize);
- if (Data == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto ON_EXIT;
- }
+ UINTN Index;
+ UINTN BufferIndex;
+ UINTN TotalSize;
+ UINTN DataSize;
+ UINTN Line;
+ UINTN OneLineBytes;
//
- // Enumerate all signature data and erasing the target item.
+ // Assume that, display 8 bytes in one line.
//
- IsItemFound = FALSE;
- ItemDataSize = (UINT32) DataSize;
- CertList = (EFI_SIGNATURE_LIST *) OldData;
- Offset = 0;
- GuidIndex = 0;
- while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
- if (CompareGuid (&CertList->SignatureType, &gEfiCertRsa2048Guid) ||
- CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid) ||
- CompareGuid (&CertList->SignatureType, &gEfiCertSha1Guid) ||
- CompareGuid (&CertList->SignatureType, &gEfiCertSha256Guid)
- ) {
- //
- // Copy EFI_SIGNATURE_LIST header then calculate the signature count in this list.
- //
- CopyMem (Data + Offset, CertList, (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize));
- NewCertList = (EFI_SIGNATURE_LIST*) (Data + Offset);
- Offset += (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
- CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
- for (Index = 0; Index < CertCount; Index++) {
- if (GuidIndex == DeleteIndex) {
- //
- // Find it! Skip it!
- //
- NewCertList->SignatureListSize -= CertList->SignatureSize;
- IsItemFound = TRUE;
- } else {
- //
- // This item doesn't match. Copy it to the Data buffer.
- //
- CopyMem (Data + Offset, (UINT8*)(Cert), CertList->SignatureSize);
- Offset += CertList->SignatureSize;
- }
- GuidIndex++;
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);
- }
- } else {
- //
- // This List doesn't match. Just copy it to the Data buffer.
- //
- CopyMem (Data + Offset, (UINT8*)(CertList), CertList->SignatureListSize);
- Offset += CertList->SignatureListSize;
- }
-
- ItemDataSize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
- }
+ OneLineBytes = 8;
- if (!IsItemFound) {
- //
- // Doesn't find the signature Item!
- //
- Status = EFI_NOT_FOUND;
- goto ON_EXIT;
+ if (ListEntry == NULL || DataEntry == NULL || BufferToReturn == NULL) {
+ return EFI_INVALID_PARAMETER;
}
+ DataSize = ListEntry->SignatureSize - sizeof(EFI_GUID);
+ Line = (DataSize + OneLineBytes - 1) / OneLineBytes;
+
//
- // Delete the EFI_SIGNATURE_LIST header if there is no signature in the list.
+ // Each byte will split two Hex-number, and each line need additional memory to save '\r\n'.
//
- ItemDataSize = Offset;
- CertList = (EFI_SIGNATURE_LIST *) Data;
- Offset = 0;
- ZeroMem (OldData, ItemDataSize);
- while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
- CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
- DEBUG ((DEBUG_ERROR, " CertCount = %x\n", CertCount));
- if (CertCount != 0) {
- CopyMem (OldData + Offset, (UINT8*)(CertList), CertList->SignatureListSize);
- Offset += CertList->SignatureListSize;
- }
- ItemDataSize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
+ TotalSize = ((DataSize + Line) * 2 * sizeof(CHAR16));
+
+ *BufferToReturn = AllocateZeroPool(TotalSize);
+ if (*BufferToReturn == NULL) {
+ return EFI_OUT_OF_RESOURCES;
}
- DataSize = Offset;
- if ((Attr & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
- Status = CreateTimeBasedPayload (&DataSize, &OldData);
- if (EFI_ERROR (Status)) {
- DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
- goto ON_EXIT;
+ for (Index = 0, BufferIndex = 0; Index < DataSize; Index = Index + 1) {
+ if ((Index > 0) && (Index % OneLineBytes == 0)) {
+ BufferIndex += UnicodeSPrint(&(*BufferToReturn)[BufferIndex], TotalSize - sizeof(CHAR16) * BufferIndex, L"\n");
}
+ BufferIndex += UnicodeSPrint(&(*BufferToReturn)[BufferIndex], TotalSize - sizeof(CHAR16) * BufferIndex, L"%02x", DataEntry->SignatureData[Index]);
}
+ BufferIndex += UnicodeSPrint(&(*BufferToReturn)[BufferIndex], TotalSize - sizeof(CHAR16) * BufferIndex, L"\n");
- Status = gRT->SetVariable(
- VariableName,
- VendorGuid,
- Attr,
- DataSize,
- OldData
- );
- if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "Failed to set variable, Status = %r\n", Status));
+ return EFI_SUCCESS;
+}
+
+/**
+ Function to get the common name from the X509 format certificate.
+ The buffer is callee allocated and should be freed by the caller.
+
+ @param[in] ListEntry The pointer point to the signature list.
+ @param[in] DataEntry The signature data we are processing.
+ @param[out] BufferToReturn Buffer to save the CN of X509 certificate.
+
+ @retval EFI_INVALID_PARAMETER Invalid List or Data or Buffer.
+ @retval EFI_OUT_OF_RESOURCES A memory allocation failed.
+ @retval EFI_SUCCESS Operation success.
+ @retval EFI_NOT_FOUND Not found CN field in the X509 certificate.
+**/
+EFI_STATUS
+GetCommonNameFromX509 (
+ IN EFI_SIGNATURE_LIST *ListEntry,
+ IN EFI_SIGNATURE_DATA *DataEntry,
+ OUT CHAR16 **BufferToReturn
+ )
+{
+ EFI_STATUS Status;
+ CHAR8 *CNBuffer;
+ UINTN CNBufferSize;
+
+ Status = EFI_SUCCESS;
+ CNBuffer = NULL;
+
+ CNBuffer = AllocateZeroPool(256);
+ if (CNBuffer == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
goto ON_EXIT;
}
-
-ON_EXIT:
- if (Data != NULL) {
- FreePool(Data);
- }
- if (OldData != NULL) {
- FreePool(OldData);
+ CNBufferSize = 256;
+ X509GetCommonName (
+ (UINT8 *)DataEntry + sizeof(EFI_GUID),
+ ListEntry->SignatureSize - sizeof(EFI_GUID),
+ CNBuffer,
+ &CNBufferSize
+ );
+
+ *BufferToReturn = AllocateZeroPool(256 * sizeof(CHAR16));
+ if (*BufferToReturn == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
}
- return UpdateDeletePage (
- PrivateData,
- VariableName,
- VendorGuid,
- LabelNumber,
- FormId,
- QuestionIdBase
- );
+ AsciiStrToUnicodeStrS (CNBuffer, *BufferToReturn, 256);
+
+ON_EXIT:
+ SECUREBOOT_FREE_NON_NULL (CNBuffer);
+
+ return Status;
}
/**
- This function extracts configuration from variable.
-
- @param[in, out] ConfigData Point to SecureBoot configuration private data.
-
+ Format the help info for the signature data, each help info contain 3 parts.
+ 1. Onwer Guid.
+ 2. Content, depends on the type of the signature list.
+ 3. Revocation time.
+
+ @param[in] PrivateData Module's private data.
+ @param[in] ListEntry Point to the signature list.
+ @param[in] DataEntry Point to the signature data we are processing.
+ @param[out] StringId Save the string id of help info.
+
+ @retval EFI_SUCCESS Operation success.
+ @retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.
**/
-VOID
-SecureBootExtractConfigFromVariable (
- IN OUT SECUREBOOT_CONFIGURATION *ConfigData
- )
+EFI_STATUS
+FormatHelpInfo (
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
+ IN EFI_SIGNATURE_LIST *ListEntry,
+ IN EFI_SIGNATURE_DATA *DataEntry,
+ OUT EFI_STRING_ID *StringId
+ )
{
- UINT8 *SecureBootEnable;
- UINT8 *SetupMode;
- UINT8 *SecureBoot;
- UINT8 *SecureBootMode;
-
- SecureBootEnable = NULL;
- SetupMode = NULL;
- SecureBoot = NULL;
- SecureBootMode = NULL;
-
- //
- // If the SecureBootEnable Variable doesn't exist, hide the SecureBoot Enable/Disable
- // Checkbox.
- //
- GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL);
- if (SecureBootEnable == NULL) {
- ConfigData->HideSecureBoot = TRUE;
+ EFI_STATUS Status;
+ EFI_TIME *Time;
+ EFI_STRING_ID ListTypeId;
+ EFI_STRING FormatHelpString;
+ EFI_STRING FormatTypeString;
+ UINTN DataSize;
+ UINTN HelpInfoIndex;
+ UINTN TotalSize;
+ CHAR16 GuidString[BUFFER_MAX_SIZE];
+ CHAR16 TimeString[BUFFER_MAX_SIZE];
+ CHAR16 *DataString;
+ CHAR16 *HelpInfoString;
+ BOOLEAN IsCert;
+
+ Status = EFI_SUCCESS;
+ Time = NULL;
+ FormatTypeString = NULL;
+ HelpInfoIndex = 0;
+ DataString = NULL;
+ HelpInfoString = NULL;
+ IsCert = FALSE;
+
+ if (CompareGuid(&ListEntry->SignatureType, &gEfiCertRsa2048Guid)) {
+ ListTypeId = STRING_TOKEN(STR_LIST_TYPE_RSA2048_SHA256);
+ DataSize = ListEntry->SignatureSize - sizeof(EFI_GUID);
+ IsCert = TRUE;
+ } else if (CompareGuid(&ListEntry->SignatureType, &gEfiCertX509Guid)) {
+ ListTypeId = STRING_TOKEN(STR_LIST_TYPE_X509);
+ DataSize = ListEntry->SignatureSize - sizeof(EFI_GUID);
+ IsCert = TRUE;
+ } else if (CompareGuid(&ListEntry->SignatureType, &gEfiCertSha1Guid)) {
+ ListTypeId = STRING_TOKEN(STR_LIST_TYPE_SHA1);
+ DataSize = 20;
+ } else if (CompareGuid(&ListEntry->SignatureType, &gEfiCertSha256Guid)) {
+ ListTypeId = STRING_TOKEN(STR_LIST_TYPE_SHA256);
+ DataSize = 32;
+ } else if (CompareGuid(&ListEntry->SignatureType, &gEfiCertX509Sha256Guid)) {
+ ListTypeId = STRING_TOKEN(STR_LIST_TYPE_X509_SHA256);
+ DataSize = 32;
+ Time = (EFI_TIME *)(DataEntry->SignatureData + DataSize);
+ } else if (CompareGuid(&ListEntry->SignatureType, &gEfiCertX509Sha384Guid)) {
+ ListTypeId = STRING_TOKEN(STR_LIST_TYPE_X509_SHA384);
+ DataSize = 48;
+ Time = (EFI_TIME *)(DataEntry->SignatureData + DataSize);
+ } else if (CompareGuid(&ListEntry->SignatureType, &gEfiCertX509Sha512Guid)) {
+ ListTypeId = STRING_TOKEN(STR_LIST_TYPE_X509_SHA512);
+ DataSize = 64;
+ Time = (EFI_TIME *)(DataEntry->SignatureData + DataSize);
} else {
- ConfigData->HideSecureBoot = FALSE;
+ Status = EFI_UNSUPPORTED;
+ goto ON_EXIT;
}
-
- //
- // If it is Physical Presence User, set the PhysicalPresent to true.
- //
- if (UserPhysicalPresent()) {
- ConfigData->PhysicalPresent = TRUE;
- } else {
- ConfigData->PhysicalPresent = FALSE;
+
+ FormatTypeString = HiiGetString (PrivateData->HiiHandle, ListTypeId, NULL);
+ if (FormatTypeString == NULL) {
+ goto ON_EXIT;
+ }
+
+ TotalSize = 1024;
+ HelpInfoString = AllocateZeroPool (TotalSize);
+ if (HelpInfoString == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
}
-
+
//
- // If there is no PK then the Delete Pk button will be gray.
+ // Format GUID part.
//
- GetVariable2 (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SetupMode, NULL);
- if (SetupMode == NULL || (*SetupMode) == SETUP_MODE) {
- ConfigData->HasPk = FALSE;
- } else {
- ConfigData->HasPk = TRUE;
+ ZeroMem (GuidString, sizeof (GuidString));
+ GuidToString(&DataEntry->SignatureOwner, GuidString, BUFFER_MAX_SIZE);
+ FormatHelpString = HiiGetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SIGNATURE_DATA_HELP_FORMAT_GUID), NULL);
+ if (FormatHelpString == NULL) {
+ goto ON_EXIT;
}
-
+ HelpInfoIndex += UnicodeSPrint (
+ &HelpInfoString[HelpInfoIndex],
+ TotalSize - sizeof(CHAR16) * HelpInfoIndex,
+ FormatHelpString,
+ GuidString
+ );
+ SECUREBOOT_FREE_NON_NULL (FormatHelpString);
+ FormatHelpString = NULL;
+
//
- // If the value of SecureBoot variable is 1, the platform is operating in secure boot mode.
+ // Format content part, it depends on the type of signature list, hash value or CN.
//
- GetVariable2 (EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SecureBoot, NULL);
- if (SecureBoot != NULL && *SecureBoot == SECURE_BOOT_MODE_ENABLE) {
- ConfigData->SecureBootState = TRUE;
+ if (IsCert) {
+ GetCommonNameFromX509 (ListEntry, DataEntry, &DataString);
+ FormatHelpString = HiiGetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SIGNATURE_DATA_HELP_FORMAT_CN), NULL);
} else {
- ConfigData->SecureBootState = FALSE;
+ //
+ // Format hash value for each signature data entry.
+ //
+ ParseHashValue (ListEntry, DataEntry, &DataString);
+ FormatHelpString = HiiGetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SIGNATURE_DATA_HELP_FORMAT_HASH), NULL);
+ }
+ if (FormatHelpString == NULL) {
+ goto ON_EXIT;
}
+ HelpInfoIndex += UnicodeSPrint (
+ &HelpInfoString[HelpInfoIndex],
+ TotalSize - sizeof (CHAR16) * HelpInfoIndex,
+ FormatHelpString,
+ FormatTypeString,
+ DataSize,
+ DataString
+ );
+ SECUREBOOT_FREE_NON_NULL (FormatHelpString);
+ FormatHelpString = NULL;
//
- // Get the SecureBootMode from CustomMode variable.
+ // Format revocation time part.
//
- GetVariable2 (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, (VOID**)&SecureBootMode, NULL);
- if (SecureBootMode == NULL) {
- ConfigData->SecureBootMode = STANDARD_SECURE_BOOT_MODE;
- } else {
- ConfigData->SecureBootMode = *(SecureBootMode);
+ if (Time != NULL) {
+ ZeroMem (TimeString, sizeof (TimeString));
+ UnicodeSPrint (
+ TimeString,
+ sizeof (TimeString),
+ L"%d-%d-%d %d:%d:%d",
+ Time->Year,
+ Time->Month,
+ Time->Day,
+ Time->Hour,
+ Time->Minute,
+ Time->Second
+ );
+ FormatHelpString = HiiGetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SIGNATURE_DATA_HELP_FORMAT_TIME), NULL);
+ if (FormatHelpString == NULL) {
+ goto ON_EXIT;
+ }
+ UnicodeSPrint (
+ &HelpInfoString[HelpInfoIndex],
+ TotalSize - sizeof (CHAR16) * HelpInfoIndex,
+ FormatHelpString,
+ TimeString
+ );
+ SECUREBOOT_FREE_NON_NULL (FormatHelpString);
+ FormatHelpString = NULL;
}
-
+
+ *StringId = HiiSetString (PrivateData->HiiHandle, 0, HelpInfoString, NULL);
+ON_EXIT:
+ SECUREBOOT_FREE_NON_NULL (DataString);
+ SECUREBOOT_FREE_NON_NULL (HelpInfoString);
+
+ SECUREBOOT_FREE_NON_NULL (FormatTypeString);
+
+ return Status;
}
/**
- This function allows a caller to extract the current configuration for one
- or more named elements from the target driver.
-
- @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
- @param[in] Request A null-terminated Unicode string in
- format.
- @param[out] Progress On return, points to a character in the Request
- string. Points to the string's null terminator if
- request was successful. Points to the most recent
- '&' before the first failing name/value pair (or
- the beginning of the string if the failure is in
- the first name/value pair) if the request was not
- successful.
- @param[out] Results A null-terminated Unicode string in
- format which has all values filled
- in for the names in the Request string. String to
- be allocated by the called function.
+ This functino to load signature data under the signature list.
- @retval EFI_SUCCESS The Results is filled with the requested values.
- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
- @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
- @retval EFI_NOT_FOUND Routing data doesn't match any storage in this
- driver.
+ @param[in] PrivateData Module's private data.
+ @param[in] LabelId Label number to insert opcodes.
+ @param[in] FormId Form ID of current page.
+ @param[in] QuestionIdBase Base question id of the signature list.
+ @param[in] ListIndex Indicate to load which signature list.
+ @retval EFI_SUCCESS Success to update the signature list page
+ @retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.
**/
EFI_STATUS
-EFIAPI
-SecureBootExtractConfig (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN CONST EFI_STRING Request,
- OUT EFI_STRING *Progress,
- OUT EFI_STRING *Results
+LoadSignatureData (
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,
+ IN UINT16 LabelId,
+ IN EFI_FORM_ID FormId,
+ IN EFI_QUESTION_ID QuestionIdBase,
+ IN UINT16 ListIndex
)
{
- EFI_STATUS Status;
- UINTN BufferSize;
- UINTN Size;
- SECUREBOOT_CONFIGURATION Configuration;
- EFI_STRING ConfigRequest;
- EFI_STRING ConfigRequestHdr;
- SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData;
- BOOLEAN AllocatedRequest;
+ EFI_STATUS Status;
+ EFI_SIGNATURE_LIST *ListWalker;
+ EFI_SIGNATURE_DATA *DataWalker;
+ EFI_IFR_GUID_LABEL *StartLabel;
+ EFI_IFR_GUID_LABEL *EndLabel;
+ EFI_STRING_ID HelpStringId;
+ EFI_STRING FormatNameString;
+ VOID *StartOpCodeHandle;
+ VOID *EndOpCodeHandle;
+ UINTN DataSize;
+ UINTN RemainingSize;
+ UINT16 Index;
+ UINT8 *VariableData;
+ CHAR16 VariableName[BUFFER_MAX_SIZE];
+ CHAR16 NameBuffer[BUFFER_MAX_SIZE];
+
+ Status = EFI_SUCCESS;
+ FormatNameString = NULL;
+ StartOpCodeHandle = NULL;
+ EndOpCodeHandle = NULL;
+ Index = 0;
+ VariableData = NULL;
- if (Progress == NULL || Results == NULL) {
- return EFI_INVALID_PARAMETER;
+ //
+ // Initialize the container for dynamic opcodes.
+ //
+ StartOpCodeHandle = HiiAllocateOpCodeHandle ();
+ if (StartOpCodeHandle == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
}
-
- AllocatedRequest = FALSE;
- ConfigRequestHdr = NULL;
- ConfigRequest = NULL;
- Size = 0;
-
- ZeroMem (&Configuration, sizeof (Configuration));
- PrivateData = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This);
- *Progress = Request;
-
- if ((Request != NULL) && !HiiIsConfigHdrMatch (Request, &gSecureBootConfigFormSetGuid, mSecureBootStorageName)) {
- return EFI_NOT_FOUND;
+
+ EndOpCodeHandle = HiiAllocateOpCodeHandle ();
+ if (EndOpCodeHandle == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
}
//
- // Get Configuration from Variable.
+ // Create Hii Extend Label OpCode.
//
- SecureBootExtractConfigFromVariable (&Configuration);
-
- BufferSize = sizeof (SECUREBOOT_CONFIGURATION);
- ConfigRequest = Request;
- if ((Request == NULL) || (StrStr (Request, L"OFFSET") == NULL)) {
- //
- // Request is set to NULL or OFFSET is NULL, construct full request string.
- //
- // Allocate and fill a buffer large enough to hold the template
- // followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a Null-terminator
- //
- ConfigRequestHdr = HiiConstructConfigHdr (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, PrivateData->DriverHandle);
- Size = (StrLen (ConfigRequestHdr) + 32 + 1) * sizeof (CHAR16);
- ConfigRequest = AllocateZeroPool (Size);
- ASSERT (ConfigRequest != NULL);
- AllocatedRequest = TRUE;
- UnicodeSPrint (ConfigRequest, Size, L"%s&OFFSET=0&WIDTH=%016LX", ConfigRequestHdr, (UINT64)BufferSize);
- FreePool (ConfigRequestHdr);
- ConfigRequestHdr = NULL;
- }
+ StartLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (
+ StartOpCodeHandle,
+ &gEfiIfrTianoGuid,
+ NULL,
+ sizeof (EFI_IFR_GUID_LABEL)
+ );
+ StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
+ StartLabel->Number = LabelId;
+
+ EndLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (
+ EndOpCodeHandle,
+ &gEfiIfrTianoGuid,
+ NULL,
+ sizeof (EFI_IFR_GUID_LABEL)
+ );
+ EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
+ EndLabel->Number = LABEL_END;
- Status = gHiiConfigRouting->BlockToConfig (
- gHiiConfigRouting,
- ConfigRequest,
- (UINT8 *) &Configuration,
- BufferSize,
- Results,
- Progress
- );
+ if (PrivateData->VariableName == Variable_DB) {
+ UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE);
+ } else if (PrivateData->VariableName == Variable_DBX) {
+ UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE1);
+ } else if (PrivateData->VariableName == Variable_DBT) {
+ UnicodeSPrint (VariableName, sizeof (VariableName), EFI_IMAGE_SECURITY_DATABASE2);
+ } else {
+ goto ON_EXIT;
+ }
//
- // Free the allocated config request string.
+ // Read Variable, the variable name save in the PrivateData->VariableName.
//
- if (AllocatedRequest) {
- FreePool (ConfigRequest);
+ DataSize = 0;
+ Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, VariableData);
+ if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
+ goto ON_EXIT;
}
+ VariableData = AllocateZeroPool (DataSize);
+ if (VariableData == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ON_EXIT;
+ }
+ Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, VariableData);
+ if (EFI_ERROR (Status)) {
+ goto ON_EXIT;
+ }
+
+ RemainingSize = DataSize;
+ ListWalker = (EFI_SIGNATURE_LIST *)VariableData;
+
//
- // Set Progress string to the original request string.
+ // Skip signature list.
//
- if (Request == NULL) {
- *Progress = NULL;
- } else if (StrStr (Request, L"OFFSET") == NULL) {
- *Progress = Request + StrLen (Request);
+ while ((RemainingSize > 0) && (RemainingSize >= ListWalker->SignatureListSize) && ListIndex-- > 0) {
+ RemainingSize -= ListWalker->SignatureListSize;
+ ListWalker = (EFI_SIGNATURE_LIST *)((UINT8 *)ListWalker + ListWalker->SignatureListSize);
}
- return Status;
-}
+ FormatNameString = HiiGetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SIGNATURE_DATA_NAME_FORMAT), NULL);
+ if (FormatNameString == NULL) {
+ goto ON_EXIT;
+ }
-/**
- This function processes the results of changes in configuration.
+ DataWalker = (EFI_SIGNATURE_DATA *)((UINT8 *)ListWalker + sizeof(EFI_SIGNATURE_LIST) + ListWalker->SignatureHeaderSize);
+ for (Index = 0; Index < SIGNATURE_DATA_COUNTS(ListWalker); Index = Index + 1) {
+ //
+ // Format name buffer.
+ //
+ ZeroMem (NameBuffer, sizeof (NameBuffer));
+ UnicodeSPrint (NameBuffer, sizeof (NameBuffer), FormatNameString, Index + 1);
- @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
- @param[in] Configuration A null-terminated Unicode string in
- format.
- @param[out] Progress A pointer to a string filled in with the offset of
- the most recent '&' before the first failing
- name/value pair (or the beginning of the string if
- the failure is in the first name/value pair) or
- the terminating NULL if all was successful.
+ //
+ // Format help info buffer.
+ //
+ Status = FormatHelpInfo (PrivateData, ListWalker, DataWalker, &HelpStringId);
+ if (EFI_ERROR (Status)) {
+ goto ON_EXIT;
+ }
- @retval EFI_SUCCESS The Results is processed successfully.
- @retval EFI_INVALID_PARAMETER Configuration is NULL.
- @retval EFI_NOT_FOUND Routing data doesn't match any storage in this
- driver.
+ HiiCreateCheckBoxOpCode (
+ StartOpCodeHandle,
+ (EFI_QUESTION_ID)(QuestionIdBase + Index),
+ 0,
+ 0,
+ HiiSetString (PrivateData->HiiHandle, 0, NameBuffer, NULL),
+ HelpStringId,
+ EFI_IFR_FLAG_CALLBACK,
+ 0,
+ NULL
+ );
-**/
-EFI_STATUS
-EFIAPI
-SecureBootRouteConfig (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN CONST EFI_STRING Configuration,
- OUT EFI_STRING *Progress
- )
-{
- if (Configuration == NULL || Progress == NULL) {
- return EFI_INVALID_PARAMETER;
+ ZeroMem(NameBuffer, 100);
+ DataWalker = (EFI_SIGNATURE_DATA *)((UINT8 *)DataWalker + ListWalker->SignatureSize);
}
- *Progress = Configuration;
- if (!HiiIsConfigHdrMatch (Configuration, &gSecureBootConfigFormSetGuid, mSecureBootStorageName)) {
- return EFI_NOT_FOUND;
- }
+ //
+ // Allocate a buffer to record which signature data will be checked.
+ // This memory buffer will be freed when exit from the SECUREBOOT_DELETE_SIGNATURE_DATA_FORM form.
+ //
+ PrivateData->CheckArray = AllocateZeroPool (SIGNATURE_DATA_COUNTS (ListWalker) * sizeof (BOOLEAN));
+ON_EXIT:
+ HiiUpdateForm (
+ PrivateData->HiiHandle,
+ &gSecureBootConfigFormSetGuid,
+ FormId,
+ StartOpCodeHandle,
+ EndOpCodeHandle
+ );
- *Progress = Configuration + StrLen (Configuration);
- return EFI_SUCCESS;
+ SECUREBOOT_FREE_NON_OPCODE (StartOpCodeHandle);
+ SECUREBOOT_FREE_NON_OPCODE (EndOpCodeHandle);
+
+ SECUREBOOT_FREE_NON_NULL (VariableData);
+ SECUREBOOT_FREE_NON_NULL (FormatNameString);
+
+ return Status;
}
/**
@@ -2349,26 +4305,37 @@ SecureBootCallback (
)
{
EFI_INPUT_KEY Key;
- EFI_STATUS Status;
+ EFI_STATUS Status;
+ RETURN_STATUS RStatus;
SECUREBOOT_CONFIG_PRIVATE_DATA *Private;
UINTN BufferSize;
SECUREBOOT_CONFIGURATION *IfrNvData;
UINT16 LabelId;
UINT8 *SecureBootEnable;
+ UINT8 *Pk;
+ UINT8 *SecureBootMode;
+ UINT8 *SetupMode;
CHAR16 PromptString[100];
+ EFI_DEVICE_PATH_PROTOCOL *File;
+ UINTN NameLength;
+ UINT16 *FilePostFix;
+ SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData;
+ BOOLEAN GetBrowserDataResult;
+ Status = EFI_SUCCESS;
SecureBootEnable = NULL;
+ SecureBootMode = NULL;
+ SetupMode = NULL;
+ File = NULL;
if ((This == NULL) || (Value == NULL) || (ActionRequest == NULL)) {
return EFI_INVALID_PARAMETER;
}
- if ((Action != EFI_BROWSER_ACTION_CHANGED) && (Action != EFI_BROWSER_ACTION_CHANGING)) {
- return EFI_UNSUPPORTED;
- }
-
Private = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This);
+ gSecureBootPrivateData = Private;
+
//
// Retrieve uncommitted data from Browser
//
@@ -2378,16 +4345,65 @@ SecureBootCallback (
return EFI_OUT_OF_RESOURCES;
}
- Status = EFI_SUCCESS;
+ GetBrowserDataResult = HiiGetBrowserData (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize, (UINT8 *) IfrNvData);
+
+ if (Action == EFI_BROWSER_ACTION_FORM_OPEN) {
+ if (QuestionId == KEY_SECURE_BOOT_MODE) {
+ //
+ // Update secure boot strings when opening this form
+ //
+ Status = UpdateSecureBootString(Private);
+ SecureBootExtractConfigFromVariable (Private, IfrNvData);
+ mIsEnterSecureBootForm = TRUE;
+ } else {
+ //
+ // When entering SecureBoot OPTION Form
+ // always close opened file & free resource
+ //
+ if ((QuestionId == KEY_SECURE_BOOT_PK_OPTION) ||
+ (QuestionId == KEY_SECURE_BOOT_KEK_OPTION) ||
+ (QuestionId == KEY_SECURE_BOOT_DB_OPTION) ||
+ (QuestionId == KEY_SECURE_BOOT_DBX_OPTION) ||
+ (QuestionId == KEY_SECURE_BOOT_DBT_OPTION)) {
+ CloseEnrolledFile(Private->FileContext);
+ } else if (QuestionId == KEY_SECURE_BOOT_DELETE_ALL_LIST) {
+ //
+ // Update ListCount field in varstore
+ // Button "Delete All Signature List" is
+ // enable when ListCount is greater than 0.
+ //
+ IfrNvData->ListCount = Private->ListCount;
+ }
+ }
+ goto EXIT;
+ }
+
+ if (Action == EFI_BROWSER_ACTION_RETRIEVE) {
+ Status = EFI_UNSUPPORTED;
+ if (QuestionId == KEY_SECURE_BOOT_MODE) {
+ if (mIsEnterSecureBootForm) {
+ Value->u8 = SECURE_BOOT_MODE_STANDARD;
+ Status = EFI_SUCCESS;
+ }
+ }
+ goto EXIT;
+ }
+
+ if ((Action != EFI_BROWSER_ACTION_CHANGED) &&
+ (Action != EFI_BROWSER_ACTION_CHANGING) &&
+ (Action != EFI_BROWSER_ACTION_FORM_CLOSE) &&
+ (Action != EFI_BROWSER_ACTION_DEFAULT_STANDARD)) {
+ Status = EFI_UNSUPPORTED;
+ goto EXIT;
+ }
- HiiGetBrowserData (NULL, NULL, BufferSize, (UINT8 *) IfrNvData);
-
if (Action == EFI_BROWSER_ACTION_CHANGING) {
switch (QuestionId) {
case KEY_SECURE_BOOT_ENABLE:
GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL);
if (NULL != SecureBootEnable) {
+ FreePool (SecureBootEnable);
if (EFI_ERROR (SaveSecureBootVariable (Value->u8))) {
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
@@ -2396,19 +4412,22 @@ SecureBootCallback (
NULL
);
Status = EFI_UNSUPPORTED;
+ } else {
+ CreatePopUp (
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+ &Key,
+ L"Configuration changed, please reset the platform to take effect!",
+ NULL
+ );
}
- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
}
break;
- case KEY_SECURE_BOOT_OPTION:
- FreeMenu (&DirectoryMenu);
- FreeMenu (&FsOptionMenu);
- break;
-
case KEY_SECURE_BOOT_KEK_OPTION:
case KEY_SECURE_BOOT_DB_OPTION:
case KEY_SECURE_BOOT_DBX_OPTION:
+ case KEY_SECURE_BOOT_DBT_OPTION:
+ PrivateData = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This);
//
// Clear Signature GUID.
//
@@ -2420,10 +4439,17 @@ SecureBootCallback (
}
}
+ //
+ // Cleanup VFRData once leaving PK/KEK/DB/DBX/DBT enroll/delete page
+ //
+ SecureBootExtractConfigFromVariable (PrivateData, IfrNvData);
+
if (QuestionId == KEY_SECURE_BOOT_DB_OPTION) {
LabelId = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
} else if (QuestionId == KEY_SECURE_BOOT_DBX_OPTION) {
LabelId = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
+ } else if (QuestionId == KEY_SECURE_BOOT_DBT_OPTION) {
+ LabelId = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
} else {
LabelId = FORMID_ENROLL_KEK_FORM;
}
@@ -2431,47 +4457,103 @@ SecureBootCallback (
//
// Refresh selected file.
//
- CleanUpPage (LabelId, Private);
+ CleanUpPage (LabelId, Private);
+ break;
+ case KEY_SECURE_BOOT_PK_OPTION:
+ LabelId = FORMID_ENROLL_PK_FORM;
+ //
+ // Refresh selected file.
+ //
+ CleanUpPage (LabelId, Private);
+ break;
+
+ case FORMID_ENROLL_PK_FORM:
+ ChooseFile (NULL, NULL, UpdatePKFromFile, &File);
break;
-
- case SECUREBOOT_ADD_PK_FILE_FORM_ID:
+
case FORMID_ENROLL_KEK_FORM:
+ ChooseFile (NULL, NULL, UpdateKEKFromFile, &File);
+ break;
+
case SECUREBOOT_ENROLL_SIGNATURE_TO_DB:
+ ChooseFile (NULL, NULL, UpdateDBFromFile, &File);
+ break;
+
case SECUREBOOT_ENROLL_SIGNATURE_TO_DBX:
- if (QuestionId == SECUREBOOT_ADD_PK_FILE_FORM_ID) {
- Private->FeCurrentState = FileExplorerStateEnrollPkFile;
- } else if (QuestionId == FORMID_ENROLL_KEK_FORM) {
- Private->FeCurrentState = FileExplorerStateEnrollKekFile;
- } else if (QuestionId == SECUREBOOT_ENROLL_SIGNATURE_TO_DB) {
- Private->FeCurrentState = FileExplorerStateEnrollSignatureFileToDb;
- } else {
- Private->FeCurrentState = FileExplorerStateEnrollSignatureFileToDbx;
+ ChooseFile (NULL, NULL, UpdateDBXFromFile, &File);
+
+ if (Private->FileContext->FHandle != NULL) {
+ //
+ // Parse the file's postfix.
+ //
+ NameLength = StrLen (Private->FileContext->FileName);
+ if (NameLength <= 4) {
+ return FALSE;
+ }
+ FilePostFix = Private->FileContext->FileName + NameLength - 4;
+
+ if (IsDerEncodeCertificate (FilePostFix)) {
+ //
+ // Supports DER-encoded X509 certificate.
+ //
+ IfrNvData->FileEnrollType = X509_CERT_FILE_TYPE;
+ } else if (IsAuthentication2Format(Private->FileContext->FHandle)){
+ IfrNvData->FileEnrollType = AUTHENTICATION_2_FILE_TYPE;
+ } else {
+ IfrNvData->FileEnrollType = PE_IMAGE_FILE_TYPE;
+ }
+ Private->FileContext->FileType = IfrNvData->FileEnrollType;
+
+ //
+ // Clean up Certificate Format if File type is not X509 DER
+ //
+ if (IfrNvData->FileEnrollType != X509_CERT_FILE_TYPE) {
+ IfrNvData->CertificateFormat = HASHALG_RAW;
+ }
+ DEBUG((DEBUG_ERROR, "IfrNvData->FileEnrollType %d\n", Private->FileContext->FileType));
}
- Private->FeDisplayContext = FileExplorerDisplayUnknown;
- CleanUpPage (FORM_FILE_EXPLORER_ID, Private);
- UpdateFileExplorer (Private, 0);
break;
- case KEY_SECURE_BOOT_DELETE_PK:
- if (Value->u8) {
+ case SECUREBOOT_ENROLL_SIGNATURE_TO_DBT:
+ ChooseFile (NULL, NULL, UpdateDBTFromFile, &File);
+ break;
+
+ case KEY_SECURE_BOOT_DELETE_PK:
+ if (Value->u8) {
+ CreatePopUp (
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+ &Key,
+ L"Are you sure you want to delete PK? Secure boot will be disabled!",
+ L"Press 'Y' to delete PK and exit, 'N' to discard change and return",
+ NULL
+ );
+ if (Key.UnicodeChar == 'y' || Key.UnicodeChar == 'Y') {
Status = DeletePlatformKey ();
- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
+ if (EFI_ERROR (Status)) {
+ CreatePopUp (
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+ &Key,
+ L"Only Physical Presence User could delete PK in custom mode!",
+ NULL
+ );
+ }
}
+ }
break;
case KEY_DELETE_KEK:
UpdateDeletePage (
- Private,
+ Private,
EFI_KEY_EXCHANGE_KEY_NAME,
&gEfiGlobalVariableGuid,
LABEL_KEK_DELETE,
FORMID_DELETE_KEK_FORM,
- OPTION_DEL_KEK_QUESTION_ID
+ OPTION_DEL_KEK_QUESTION_ID
);
break;
- case SECUREBOOT_DELETE_SIGNATURE_FROM_DB:
+ case SECUREBOOT_DELETE_SIGNATURE_FROM_DB:
UpdateDeletePage (
Private,
EFI_IMAGE_SECURITY_DATABASE,
@@ -2482,34 +4564,200 @@ SecureBootCallback (
);
break;
- case SECUREBOOT_DELETE_SIGNATURE_FROM_DBX:
+ //
+ // From DBX option to the level-1 form, display signature list.
+ //
+ case KEY_VALUE_FROM_DBX_TO_LIST_FORM:
+ Private->VariableName = Variable_DBX;
+ LoadSignatureList (
+ Private,
+ LABEL_SIGNATURE_LIST_START,
+ SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
+ OPTION_SIGNATURE_LIST_QUESTION_ID
+ );
+ break;
+
+ //
+ // Delete all signature list and reload.
+ //
+ case KEY_SECURE_BOOT_DELETE_ALL_LIST:
+ CreatePopUp(
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+ &Key,
+ L"Press 'Y' to delete signature list.",
+ L"Press other key to cancel and exit.",
+ NULL
+ );
+
+ if (Key.UnicodeChar == L'Y' || Key.UnicodeChar == L'y') {
+ DeleteSignatureEx (Private, Delete_Signature_List_All, IfrNvData->CheckedDataCount);
+ }
+
+ LoadSignatureList (
+ Private,
+ LABEL_SIGNATURE_LIST_START,
+ SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
+ OPTION_SIGNATURE_LIST_QUESTION_ID
+ );
+ break;
+
+ //
+ // Delete one signature list and reload.
+ //
+ case KEY_SECURE_BOOT_DELETE_ALL_DATA:
+ CreatePopUp(
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+ &Key,
+ L"Press 'Y' to delete signature data.",
+ L"Press other key to cancel and exit.",
+ NULL
+ );
+
+ if (Key.UnicodeChar == L'Y' || Key.UnicodeChar == L'y') {
+ DeleteSignatureEx (Private, Delete_Signature_List_One, IfrNvData->CheckedDataCount);
+ }
+
+ LoadSignatureList (
+ Private,
+ LABEL_SIGNATURE_LIST_START,
+ SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
+ OPTION_SIGNATURE_LIST_QUESTION_ID
+ );
+ break;
+
+ //
+ // Delete checked signature data and reload.
+ //
+ case KEY_SECURE_BOOT_DELETE_CHECK_DATA:
+ CreatePopUp(
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+ &Key,
+ L"Press 'Y' to delete signature data.",
+ L"Press other key to cancel and exit.",
+ NULL
+ );
+
+ if (Key.UnicodeChar == L'Y' || Key.UnicodeChar == L'y') {
+ DeleteSignatureEx (Private, Delete_Signature_Data, IfrNvData->CheckedDataCount);
+ }
+
+ LoadSignatureList (
+ Private,
+ LABEL_SIGNATURE_LIST_START,
+ SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
+ OPTION_SIGNATURE_LIST_QUESTION_ID
+ );
+ break;
+
+ case SECUREBOOT_DELETE_SIGNATURE_FROM_DBT:
UpdateDeletePage (
Private,
- EFI_IMAGE_SECURITY_DATABASE1,
+ EFI_IMAGE_SECURITY_DATABASE2,
&gEfiImageSecurityDatabaseGuid,
- LABEL_DBX_DELETE,
- SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
- OPTION_DEL_DBX_QUESTION_ID
+ LABEL_DBT_DELETE,
+ SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
+ OPTION_DEL_DBT_QUESTION_ID
);
break;
case KEY_VALUE_SAVE_AND_EXIT_KEK:
Status = EnrollKeyExchangeKey (Private);
+ if (EFI_ERROR (Status)) {
+ CreatePopUp (
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+ &Key,
+ L"ERROR: Unsupported file type!",
+ L"Only supports DER-encoded X509 certificate",
+ NULL
+ );
+ }
break;
case KEY_VALUE_SAVE_AND_EXIT_DB:
Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE);
+ if (EFI_ERROR (Status)) {
+ CreatePopUp (
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+ &Key,
+ L"ERROR: Unsupported file type!",
+ L"Only supports DER-encoded X509 certificate and executable EFI image",
+ NULL
+ );
+ }
break;
case KEY_VALUE_SAVE_AND_EXIT_DBX:
- Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE1);
+ if (IsX509CertInDbx (Private, EFI_IMAGE_SECURITY_DATABASE1)) {
+ CreatePopUp (
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+ &Key,
+ L"Enrollment failed! Same certificate had already been in the dbx!",
+ NULL
+ );
+
+ //
+ // Cert already exists in DBX. Close opened file before exit.
+ //
+ CloseEnrolledFile(Private->FileContext);
+ break;
+ }
+
+ if ((IfrNvData != NULL) && (IfrNvData->CertificateFormat < HASHALG_MAX)) {
+ Status = EnrollX509HashtoSigDB (
+ Private,
+ IfrNvData->CertificateFormat,
+ &IfrNvData->RevocationDate,
+ &IfrNvData->RevocationTime,
+ IfrNvData->AlwaysRevocation
+ );
+ IfrNvData->CertificateFormat = HASHALG_RAW;
+ } else {
+ Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE1);
+ }
+ if (EFI_ERROR (Status)) {
+ CreatePopUp (
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+ &Key,
+ L"ERROR: Unsupported file type!",
+ L"Only supports DER-encoded X509 certificate, AUTH_2 format data & executable EFI image",
+ NULL
+ );
+ }
break;
+ case KEY_VALUE_SAVE_AND_EXIT_DBT:
+ Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE2);
+ if (EFI_ERROR (Status)) {
+ CreatePopUp (
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+ &Key,
+ L"ERROR: Unsupported file type!",
+ L"Only supports DER-encoded X509 certificate.",
+ NULL
+ );
+ }
+ break;
+ case KEY_VALUE_SAVE_AND_EXIT_PK:
+ Status = EnrollPlatformKey (Private);
+ if (EFI_ERROR (Status)) {
+ UnicodeSPrint (
+ PromptString,
+ sizeof (PromptString),
+ L"Only DER encoded certificate file (%s) is supported.",
+ mSupportX509Suffix
+ );
+ CreatePopUp (
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+ &Key,
+ L"ERROR: Unsupported file type!",
+ PromptString,
+ NULL
+ );
+ }
+ break;
default:
- if (QuestionId >= FILE_OPTION_OFFSET) {
- UpdateFileExplorer (Private, QuestionId);
- } else if ((QuestionId >= OPTION_DEL_KEK_QUESTION_ID) &&
+ if ((QuestionId >= OPTION_DEL_KEK_QUESTION_ID) &&
(QuestionId < (OPTION_DEL_KEK_QUESTION_ID + OPTION_CONFIG_RANGE))) {
DeleteKeyExchangeKey (Private, QuestionId);
} else if ((QuestionId >= OPTION_DEL_DB_QUESTION_ID) &&
@@ -2518,113 +4766,143 @@ SecureBootCallback (
Private,
EFI_IMAGE_SECURITY_DATABASE,
&gEfiImageSecurityDatabaseGuid,
- LABEL_DB_DELETE,
+ LABEL_DB_DELETE,
SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
OPTION_DEL_DB_QUESTION_ID,
QuestionId - OPTION_DEL_DB_QUESTION_ID
);
- } else if ((QuestionId >= OPTION_DEL_DBX_QUESTION_ID) &&
- (QuestionId < (OPTION_DEL_DBX_QUESTION_ID + OPTION_CONFIG_RANGE))) {
+ } else if ((QuestionId >= OPTION_SIGNATURE_LIST_QUESTION_ID) &&
+ (QuestionId < (OPTION_SIGNATURE_LIST_QUESTION_ID + OPTION_CONFIG_RANGE))) {
+ LoadSignatureData (
+ Private,
+ LABEL_SIGNATURE_DATA_START,
+ SECUREBOOT_DELETE_SIGNATURE_DATA_FORM,
+ OPTION_SIGNATURE_DATA_QUESTION_ID,
+ QuestionId - OPTION_SIGNATURE_LIST_QUESTION_ID
+ );
+ Private->ListIndex = QuestionId - OPTION_SIGNATURE_LIST_QUESTION_ID;
+ } else if ((QuestionId >= OPTION_SIGNATURE_DATA_QUESTION_ID) &&
+ (QuestionId < (OPTION_SIGNATURE_DATA_QUESTION_ID + OPTION_CONFIG_RANGE))) {
+ if (Private->CheckArray[QuestionId - OPTION_SIGNATURE_DATA_QUESTION_ID]) {
+ IfrNvData->CheckedDataCount--;
+ Private->CheckArray[QuestionId - OPTION_SIGNATURE_DATA_QUESTION_ID] = FALSE;
+ } else {
+ IfrNvData->CheckedDataCount++;
+ Private->CheckArray[QuestionId - OPTION_SIGNATURE_DATA_QUESTION_ID] = TRUE;
+ }
+ } else if ((QuestionId >= OPTION_DEL_DBT_QUESTION_ID) &&
+ (QuestionId < (OPTION_DEL_DBT_QUESTION_ID + OPTION_CONFIG_RANGE))) {
DeleteSignature (
Private,
- EFI_IMAGE_SECURITY_DATABASE1,
+ EFI_IMAGE_SECURITY_DATABASE2,
&gEfiImageSecurityDatabaseGuid,
- LABEL_DBX_DELETE,
- SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
- OPTION_DEL_DBX_QUESTION_ID,
- QuestionId - OPTION_DEL_DBX_QUESTION_ID
+ LABEL_DBT_DELETE,
+ SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
+ OPTION_DEL_DBT_QUESTION_ID,
+ QuestionId - OPTION_DEL_DBT_QUESTION_ID
);
}
break;
- }
- } else if (Action == EFI_BROWSER_ACTION_CHANGED) {
- switch (QuestionId) {
- case KEY_SECURE_BOOT_ENABLE:
- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
- break;
- case KEY_VALUE_SAVE_AND_EXIT_PK:
- Status = EnrollPlatformKey (Private);
- UnicodeSPrint (
- PromptString,
- sizeof (PromptString),
- L"Only DER encoded certificate file (%s) is supported.",
- mSupportX509Suffix
- );
- if (EFI_ERROR (Status)) {
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- L"ERROR: Unsupported file type!",
- PromptString,
- NULL
- );
- } else {
- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_RESET;
- }
- break;
case KEY_VALUE_NO_SAVE_AND_EXIT_PK:
case KEY_VALUE_NO_SAVE_AND_EXIT_KEK:
case KEY_VALUE_NO_SAVE_AND_EXIT_DB:
case KEY_VALUE_NO_SAVE_AND_EXIT_DBX:
- if (Private->FileContext->FHandle != NULL) {
- CloseFile (Private->FileContext->FHandle);
- Private->FileContext->FHandle = NULL;
- Private->FileContext->FileName = NULL;
- }
-
+ case KEY_VALUE_NO_SAVE_AND_EXIT_DBT:
+ CloseEnrolledFile(Private->FileContext);
+
if (Private->SignatureGUID != NULL) {
FreePool (Private->SignatureGUID);
Private->SignatureGUID = NULL;
}
- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_EXIT;
break;
-
+ }
+ } else if (Action == EFI_BROWSER_ACTION_CHANGED) {
+ switch (QuestionId) {
+ case KEY_SECURE_BOOT_ENABLE:
+ *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
+ break;
case KEY_SECURE_BOOT_MODE:
- GetVariable2 (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, (VOID**)&SecureBootEnable, NULL);
- if (NULL != SecureBootEnable) {
- Status = gRT->SetVariable (
- EFI_CUSTOM_MODE_NAME,
- &gEfiCustomModeEnableGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
- sizeof (UINT8),
- &Value->u8
- );
- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
- IfrNvData->SecureBootMode = Value->u8;
- }
+ mIsEnterSecureBootForm = FALSE;
break;
-
case KEY_SECURE_BOOT_KEK_GUID:
case KEY_SECURE_BOOT_SIGNATURE_GUID_DB:
case KEY_SECURE_BOOT_SIGNATURE_GUID_DBX:
+ case KEY_SECURE_BOOT_SIGNATURE_GUID_DBT:
ASSERT (Private->SignatureGUID != NULL);
- Status = StringToGuid (
- IfrNvData->SignatureGuid,
- StrLen (IfrNvData->SignatureGuid),
- Private->SignatureGUID
- );
- if (EFI_ERROR (Status)) {
+ RStatus = StrToGuid (IfrNvData->SignatureGuid, Private->SignatureGUID);
+ if (RETURN_ERROR (RStatus) || (IfrNvData->SignatureGuid[GUID_STRING_LENGTH] != L'\0')) {
+ Status = EFI_INVALID_PARAMETER;
break;
}
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
break;
-
case KEY_SECURE_BOOT_DELETE_PK:
- if (Value->u8) {
+ GetVariable2 (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SetupMode, NULL);
+ if (SetupMode == NULL || (*SetupMode) == SETUP_MODE) {
+ IfrNvData->DeletePk = TRUE;
+ IfrNvData->HasPk = FALSE;
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
+ } else {
+ IfrNvData->DeletePk = FALSE;
+ IfrNvData->HasPk = TRUE;
+ *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
+ }
+ if (SetupMode != NULL) {
+ FreePool (SetupMode);
+ }
+ break;
+ default:
+ break;
+ }
+ } else if (Action == EFI_BROWSER_ACTION_DEFAULT_STANDARD) {
+ if (QuestionId == KEY_HIDE_SECURE_BOOT) {
+ GetVariable2 (EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid, (VOID**)&Pk, NULL);
+ if (Pk == NULL) {
+ IfrNvData->HideSecureBoot = TRUE;
+ } else {
+ FreePool (Pk);
+ IfrNvData->HideSecureBoot = FALSE;
}
- break;
+ Value->b = IfrNvData->HideSecureBoot;
+ }
+ } else if (Action == EFI_BROWSER_ACTION_FORM_CLOSE) {
+ //
+ // Force the platform back to Standard Mode once user leave the setup screen.
+ //
+ GetVariable2 (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, (VOID**)&SecureBootMode, NULL);
+ if (NULL != SecureBootMode && *SecureBootMode == CUSTOM_SECURE_BOOT_MODE) {
+ IfrNvData->SecureBootMode = STANDARD_SECURE_BOOT_MODE;
+ SetSecureBootMode(STANDARD_SECURE_BOOT_MODE);
+ }
+ if (SecureBootMode != NULL) {
+ FreePool (SecureBootMode);
+ }
+
+ if (QuestionId == KEY_SECURE_BOOT_DELETE_ALL_DATA) {
+ //
+ // Free memory when exit from the SECUREBOOT_DELETE_SIGNATURE_DATA_FORM form.
+ //
+ SECUREBOOT_FREE_NON_NULL (Private->CheckArray);
+ IfrNvData->CheckedDataCount = 0;
}
}
-
- if (!EFI_ERROR (Status)) {
+
+EXIT:
+
+ if (!EFI_ERROR (Status) && GetBrowserDataResult) {
BufferSize = sizeof (SECUREBOOT_CONFIGURATION);
- HiiSetBrowserData (NULL, NULL, BufferSize, (UINT8*) IfrNvData, NULL);
+ HiiSetBrowserData (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize, (UINT8*) IfrNvData, NULL);
}
+
FreePool (IfrNvData);
-
+
+ if (File != NULL){
+ FreePool(File);
+ File = NULL;
+ }
+
return EFI_SUCCESS;
}
@@ -2689,18 +4967,11 @@ InstallSecureBootConfigForm (
PrivateData->HiiHandle = HiiHandle;
PrivateData->FileContext = AllocateZeroPool (sizeof (SECUREBOOT_FILE_CONTEXT));
- PrivateData->MenuEntry = AllocateZeroPool (sizeof (SECUREBOOT_MENU_ENTRY));
-
- if (PrivateData->FileContext == NULL || PrivateData->MenuEntry == NULL) {
+
+ if (PrivateData->FileContext == NULL) {
UninstallSecureBootConfigForm (PrivateData);
return EFI_OUT_OF_RESOURCES;
}
-
- PrivateData->FeCurrentState = FileExplorerStateInActive;
- PrivateData->FeDisplayContext = FileExplorerDisplayUnknown;
-
- InitializeListHead (&FsOptionMenu.Head);
- InitializeListHead (&DirectoryMenu.Head);
//
// Init OpCode Handle and Allocate space for creation of Buffer
@@ -2739,7 +5010,7 @@ InstallSecureBootConfigForm (
);
mEndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
mEndLabel->Number = LABEL_END;
-
+
return EFI_SUCCESS;
}
@@ -2781,19 +5052,12 @@ UninstallSecureBootConfigForm (
FreePool (PrivateData->SignatureGUID);
}
- if (PrivateData->MenuEntry != NULL) {
- FreePool (PrivateData->MenuEntry);
- }
-
if (PrivateData->FileContext != NULL) {
FreePool (PrivateData->FileContext);
}
FreePool (PrivateData);
- FreeMenu (&DirectoryMenu);
- FreeMenu (&FsOptionMenu);
-
if (mStartOpCodeHandle != NULL) {
HiiFreeOpCodeHandle (mStartOpCodeHandle);
}