+\r
+//\r
+// OID ASN.1 Value for Hash Algorithms\r
+//\r
+UINT8 mHashOidValue[] = {\r
+ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05, // OBJ_md5\r
+ 0x2B, 0x0E, 0x03, 0x02, 0x1A, // OBJ_sha1\r
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, // OBJ_sha224\r
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, // OBJ_sha256\r
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, // OBJ_sha384\r
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, // OBJ_sha512\r
+ };\r
+\r
+HASH_TABLE mHash[] = {\r
+ { L"SHA1", 20, &mHashOidValue[8], 5, Sha1GetContextSize, Sha1Init, Sha1Update, Sha1Final },\r
+ { L"SHA224", 28, &mHashOidValue[13], 9, NULL, NULL, NULL, NULL },\r
+ { L"SHA256", 32, &mHashOidValue[22], 9, Sha256GetContextSize,Sha256Init, Sha256Update, Sha256Final},\r
+ { L"SHA384", 48, &mHashOidValue[31], 9, NULL, NULL, NULL, NULL },\r
+ { L"SHA512", 64, &mHashOidValue[40], 9, NULL, NULL, NULL, NULL }\r
+};\r
+\r
+\r
+// Variable Definitions \r
+UINT32 mPeCoffHeaderOffset = 0;\r
+WIN_CERTIFICATE *mCertificate = NULL;\r
+IMAGE_TYPE mImageType;\r
+UINT8 *mImageBase = NULL;\r
+UINTN mImageSize = 0;\r
+UINT8 mImageDigest[MAX_DIGEST_SIZE];\r
+UINTN mImageDigestSize;\r
+EFI_GUID mCertType;\r
+EFI_IMAGE_SECURITY_DATA_DIRECTORY *mSecDataDir = NULL;\r
+EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION mNtHeader;\r
+\r
+\r
+/**\r
+ Set Secure Boot option into variable space.\r
+\r
+ @param[in] VarValue The option of Secure Boot.\r
+\r
+ @retval EFI_SUCCESS The operation is finished successfully.\r
+ @retval Others Other errors as indicated.\r
+\r
+**/\r
+EFI_STATUS\r
+SaveSecureBootVariable (\r
+ IN UINT8 VarValue\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+\r
+ Status = gRT->SetVariable (\r
+ EFI_SECURE_BOOT_ENABLE_NAME,\r
+ &gEfiSecureBootEnableDisableGuid,\r
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\r
+ sizeof (UINT8),\r
+ &VarValue\r
+ );\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Internal helper function to delete a Variable given its name and GUID, NO authentication\r
+ required.\r
+\r
+ @param[in] VariableName Name of the Variable.\r
+ @param[in] VendorGuid GUID of the Variable.\r
+\r
+ @retval EFI_SUCCESS Variable deleted successfully.\r
+ @retval Others The driver failed to start the device.\r
+\r
+**/\r
+EFI_STATUS\r
+DeleteVariable (\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ VOID* Variable;\r
+\r
+ Variable = GetVariable (VariableName, VendorGuid);\r
+ if (Variable == NULL) {\r
+ return EFI_SUCCESS;\r
+ }\r
+\r
+ Status = gRT->SetVariable (\r
+ VariableName,\r
+ VendorGuid,\r
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS,\r
+ 0,\r
+ NULL\r
+ );\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Generate a PK signature list from the public key storing file (*.pbk).\r
+\r
+ @param[in] PkKeyFile FileHandle of the public key storing file.\r
+ @param[out] PkCert Point to the data buffer to store the signature list.\r
+ \r
+ @return EFI_UNSUPPORTED Unsupported Key Length.\r
+ @return EFI_OUT_OF_RESOURCES There are not enough memory resourses to form the signature list.\r
+ \r
+**/\r
+EFI_STATUS\r
+CreatePkRsaSignatureList (\r
+ IN EFI_FILE_HANDLE PkKeyFile, \r
+ OUT EFI_SIGNATURE_LIST **PkCert \r
+ )\r
+{\r
+ EFI_STATUS Status; \r
+ UINTN KeyBlobSize;\r
+ VOID *KeyBlob;\r
+ CPL_KEY_INFO *KeyInfo;\r
+ EFI_SIGNATURE_DATA *PkCertData;\r
+ VOID *KeyBuffer; \r
+ UINTN KeyLenInBytes;\r
+\r
+ PkCertData = NULL;\r
+ KeyBlob = NULL;\r
+ KeyBuffer = NULL;\r
+ Status = EFI_SUCCESS;\r
+\r
+ //\r
+ // Get key from PK key file\r
+ // \r
+ Status = ReadFileContent (PkKeyFile, &KeyBlob, &KeyBlobSize, 0);\r
+ if (EFI_ERROR(Status)) {\r
+ DEBUG ((EFI_D_ERROR, "Can't Open the file for PK enrolling.\n"));\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ KeyInfo = (CPL_KEY_INFO *)KeyBlob;\r
+ if (KeyInfo->KeyLengthInBits/8 != WIN_CERT_UEFI_RSA2048_SIZE) {\r
+ Status = EFI_UNSUPPORTED;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Convert the Public key to fix octet string format represented in RSA PKCS#1.\r
+ // \r
+ KeyLenInBytes = KeyInfo->KeyLengthInBits / 8;\r
+ KeyBuffer = AllocateZeroPool(KeyLenInBytes);\r
+ if (KeyBuffer == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+ Status = Int2OctStr (\r
+ (UINTN*) ((UINTN)KeyBlob + sizeof(CPL_KEY_INFO)), \r
+ KeyLenInBytes / sizeof (UINTN), \r
+ (UINT8*)KeyBuffer, \r
+ KeyLenInBytes\r
+ );\r
+ if (EFI_ERROR(Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ // Allocate space for PK certificate list and initialize the list.\r
+ // Create PK database entry with SignatureHeaderSize equals 0.\r
+ //\r
+ *PkCert = (EFI_SIGNATURE_LIST*)AllocateZeroPool(\r
+ sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_SIGNATURE_DATA) - 1\r
+ + WIN_CERT_UEFI_RSA2048_SIZE\r
+ );\r
+ \r
+ if (*PkCert == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ (*PkCert)->SignatureListSize = sizeof(EFI_SIGNATURE_LIST) \r
+ + sizeof(EFI_SIGNATURE_DATA) - 1\r
+ + WIN_CERT_UEFI_RSA2048_SIZE;\r
+ (*PkCert)->SignatureSize = sizeof(EFI_SIGNATURE_DATA) - 1 + WIN_CERT_UEFI_RSA2048_SIZE;\r
+ (*PkCert)->SignatureHeaderSize = 0;\r
+ CopyGuid (&(*PkCert)->SignatureType, &gEfiCertRsa2048Guid);\r
+\r
+ PkCertData = (EFI_SIGNATURE_DATA*)((UINTN)(*PkCert) \r
+ + sizeof(EFI_SIGNATURE_LIST)\r
+ + (*PkCert)->SignatureHeaderSize);\r
+ CopyGuid (&PkCertData->SignatureOwner, &gEfiGlobalVariableGuid);\r
+ //\r
+ // Fill the PK database with PKpub data from PKKeyFile.\r
+ // \r
+ CopyMem (&(PkCertData->SignatureData[0]), KeyBuffer, WIN_CERT_UEFI_RSA2048_SIZE);\r
+\r
+ON_EXIT:\r
+ \r
+ if (KeyBlob != NULL) {\r
+ FreePool (KeyBlob);\r
+ }\r
+ \r
+ if (EFI_ERROR(Status) && *PkCert != NULL) {\r
+ FreePool (*PkCert);\r
+ *PkCert = NULL;\r
+ }\r
+ \r
+ if (KeyBuffer != NULL) {\r
+ FreePool (KeyBuffer);\r
+ }\r
+ \r
+ return Status;\r
+}\r
+\r
+/**\r
+ Generate the PK signature list from the X509 Certificate storing file (.cer)\r
+\r
+ @param[in] X509File FileHandle of X509 Certificate storing file.\r
+ @param[out] PkCert Point to the data buffer to store the signature list.\r
+ \r
+ @return EFI_UNSUPPORTED Unsupported Key Length.\r
+ @return EFI_OUT_OF_RESOURCES There are not enough memory resourses to form the signature list.\r
+ \r
+**/\r
+EFI_STATUS\r
+CreatePkX509SignatureList (\r
+ IN EFI_FILE_HANDLE X509File, \r
+ OUT EFI_SIGNATURE_LIST **PkCert \r
+ )\r
+{\r
+ EFI_STATUS Status; \r
+ UINT8 *X509Data;\r
+ UINTN X509DataSize;\r
+ EFI_SIGNATURE_DATA *PkCertData;\r
+\r
+ X509Data = NULL;\r
+ PkCertData = NULL;\r
+ X509DataSize = 0; \r
+ \r
+ Status = ReadFileContent (X509File, &X509Data, &X509DataSize, 0);\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Allocate space for PK certificate list and initialize it.\r
+ // Create PK database entry with SignatureHeaderSize equals 0.\r
+ //\r
+ *PkCert = (EFI_SIGNATURE_LIST*) AllocateZeroPool (\r
+ sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_SIGNATURE_DATA) - 1\r
+ + X509DataSize\r
+ );\r
+ if (*PkCert == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ (*PkCert)->SignatureListSize = (UINT32) (sizeof(EFI_SIGNATURE_LIST) \r
+ + sizeof(EFI_SIGNATURE_DATA) - 1\r
+ + X509DataSize);\r
+ (*PkCert)->SignatureSize = (UINT32) (sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize);\r
+ (*PkCert)->SignatureHeaderSize = 0;\r
+ CopyGuid (&(*PkCert)->SignatureType, &gEfiCertX509Guid);\r
+ PkCertData = (EFI_SIGNATURE_DATA*) ((UINTN)(*PkCert) \r
+ + sizeof(EFI_SIGNATURE_LIST)\r
+ + (*PkCert)->SignatureHeaderSize);\r
+ CopyGuid (&PkCertData->SignatureOwner, &gEfiGlobalVariableGuid); \r
+ //\r
+ // Fill the PK database with PKpub data from X509 certificate file.\r
+ // \r
+ CopyMem (&(PkCertData->SignatureData[0]), X509Data, X509DataSize);\r
+ \r
+ON_EXIT:\r
+ \r
+ if (X509Data != NULL) {\r
+ FreePool (X509Data);\r
+ }\r
+ \r
+ if (EFI_ERROR(Status) && *PkCert != NULL) {\r
+ FreePool (*PkCert);\r
+ *PkCert = NULL;\r
+ }\r
+ \r
+ return Status;\r
+}\r
+\r
+/**\r
+ Enroll new PK into the System without original PK's authentication.\r
+\r
+ The SignatureOwner GUID will be the same with PK's vendorguid.\r
+\r
+ @param[in] PrivateData The module's private data.\r
+\r
+ @retval EFI_SUCCESS New PK enrolled successfully.\r
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
+ \r
+**/\r
+EFI_STATUS\r
+EnrollPlatformKey (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA* Private\r
+ ) \r
+{\r
+ EFI_STATUS Status;\r
+ UINT32 Attr;\r
+ UINTN DataSize;\r
+ EFI_SIGNATURE_LIST *PkCert;\r
+ UINT16* FilePostFix;\r
+ \r
+ if (Private->FileContext->FileName == NULL) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ PkCert = NULL;\r
+\r
+ //\r
+ // Parse the file's postfix. Only support *.pbk(RSA2048) and *.cer(X509) files.\r
+ //\r
+ FilePostFix = Private->FileContext->FileName + StrLen (Private->FileContext->FileName) - 4;\r
+ if (CompareMem (FilePostFix, L".pbk",4) && CompareMem (FilePostFix, L".cer",4)) {\r
+ DEBUG ((EFI_D_ERROR, "Don't support the file, only *.pbk or *.cer.\n is supported."));\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ DEBUG ((EFI_D_INFO, "FileName= %s\n", Private->FileContext->FileName));\r
+ DEBUG ((EFI_D_INFO, "FilePostFix = %s\n", FilePostFix));\r
+\r
+ //\r
+ // Prase the selected PK file and generature PK certificate list.\r
+ //\r
+ if (!CompareMem (FilePostFix, L".pbk",4)) {\r
+ Status = CreatePkRsaSignatureList (\r
+ Private->FileContext->FHandle, \r
+ &PkCert \r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+ } else if (!CompareMem (FilePostFix, L".cer",4)) {\r
+ Status = CreatePkX509SignatureList (\r
+ Private->FileContext->FHandle, \r
+ &PkCert \r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+ }\r
+ \r
+ //\r
+ // Set Platform Key variable.\r
+ // \r
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS \r
+ | EFI_VARIABLE_BOOTSERVICE_ACCESS;\r
+ DataSize = PkCert->SignatureListSize;\r
+ Status = gRT->SetVariable(\r
+ EFI_PLATFORM_KEY_NAME, \r
+ &gEfiGlobalVariableGuid, \r
+ Attr, \r
+ DataSize, \r
+ PkCert\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ if (Status == EFI_OUT_OF_RESOURCES) {\r
+ DEBUG ((EFI_D_ERROR, "Enroll PK failed with out of resource.\n"));\r
+ }\r
+ goto ON_EXIT;\r
+ }\r
+ \r
+ON_EXIT:\r
+\r
+ if (PkCert != NULL) {\r
+ FreePool(PkCert);\r
+ }\r
+ \r
+ if (Private->FileContext->FHandle != NULL) {\r
+ CloseFile (Private->FileContext->FHandle);\r
+ Private->FileContext->FHandle = NULL;\r
+ }\r
+\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Remove the PK variable.\r
+\r
+ @retval EFI_SUCCESS Delete PK successfully.\r
+ @retval Others Could not allow to delete PK.\r
+ \r
+**/\r
+EFI_STATUS\r
+DeletePlatformKey (\r
+ VOID\r
+)\r
+{\r
+ EFI_STATUS Status;\r
+\r
+ Status = DeleteVariable (EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid);\r
+ \r
+ return Status;\r
+}\r
+\r
+/**\r
+ Enroll a new KEK item from public key storing file (*.pbk).\r
+\r
+ @param[in] PrivateData The module's private data.\r
+\r
+ @retval EFI_SUCCESS New KEK enrolled successfully.\r
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.\r
+ @retval EFI_UNSUPPORTED Unsupported command.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
+\r
+**/\r
+EFI_STATUS\r
+EnrollRsa2048ToKek (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT32 Attr;\r
+ UINTN DataSize;\r
+ EFI_SIGNATURE_LIST *KekSigList;\r
+ UINTN KeyBlobSize;\r
+ UINT8 *KeyBlob;\r
+ CPL_KEY_INFO *KeyInfo;\r
+ EFI_SIGNATURE_DATA *KEKSigData;\r
+ UINTN KekSigListSize;\r
+ UINT8 *KeyBuffer; \r
+ UINTN KeyLenInBytes;\r
+\r
+ Attr = 0;\r
+ DataSize = 0;\r
+ KeyBuffer = NULL;\r
+ KeyBlobSize = 0;\r
+ KeyBlob = NULL;\r
+ KeyInfo = NULL;\r
+ KEKSigData = NULL;\r
+ KekSigList = NULL;\r
+ KekSigListSize = 0;\r
+ \r
+ //\r
+ // Form the KeKpub certificate list into EFI_SIGNATURE_LIST type.\r
+ // First, We have to parse out public key data from the pbk key file.\r
+ // \r
+ Status = ReadFileContent (\r
+ Private->FileContext->FHandle,\r
+ &KeyBlob,\r
+ &KeyBlobSize,\r
+ 0\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+ KeyInfo = (CPL_KEY_INFO *) KeyBlob;\r
+ if (KeyInfo->KeyLengthInBits / 8 != WIN_CERT_UEFI_RSA2048_SIZE) {\r
+ DEBUG ((DEBUG_ERROR, "Unsupported key length, Only RSA2048 is supported.\n"));\r
+ Status = EFI_UNSUPPORTED;\r
+ goto ON_EXIT;\r
+ }\r
+ \r
+ //\r
+ // Convert the Public key to fix octet string format represented in RSA PKCS#1.\r
+ // \r
+ KeyLenInBytes = KeyInfo->KeyLengthInBits / 8;\r
+ KeyBuffer = AllocateZeroPool (KeyLenInBytes);\r
+ if (KeyBuffer == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+ Int2OctStr (\r
+ (UINTN*) (KeyBlob + sizeof (CPL_KEY_INFO)), \r
+ KeyLenInBytes / sizeof (UINTN), \r
+ KeyBuffer, \r
+ KeyLenInBytes\r
+ );\r
+ CopyMem(KeyBlob + sizeof(CPL_KEY_INFO), KeyBuffer, KeyLenInBytes);\r
+ \r
+ //\r
+ // Form an new EFI_SIGNATURE_LIST.\r
+ //\r
+ KekSigListSize = sizeof(EFI_SIGNATURE_LIST)\r
+ + sizeof(EFI_SIGNATURE_DATA) - 1\r
+ + WIN_CERT_UEFI_RSA2048_SIZE;\r
+\r
+ KekSigList = (EFI_SIGNATURE_LIST*) AllocateZeroPool (KekSigListSize);\r
+ if (KekSigList == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ KekSigList->SignatureListSize = sizeof(EFI_SIGNATURE_LIST)\r
+ + sizeof(EFI_SIGNATURE_DATA) - 1\r
+ + WIN_CERT_UEFI_RSA2048_SIZE;\r
+ KekSigList->SignatureHeaderSize = 0;\r
+ KekSigList->SignatureSize = sizeof(EFI_SIGNATURE_DATA) - 1 + WIN_CERT_UEFI_RSA2048_SIZE;\r
+ CopyGuid (&KekSigList->SignatureType, &gEfiCertRsa2048Guid);\r
+ \r
+ KEKSigData = (EFI_SIGNATURE_DATA*)((UINT8*)KekSigList + sizeof(EFI_SIGNATURE_LIST));\r
+ CopyGuid (&KEKSigData->SignatureOwner, Private->SignatureGUID);\r
+ CopyMem (\r
+ KEKSigData->SignatureData,\r
+ KeyBlob + sizeof(CPL_KEY_INFO),\r
+ WIN_CERT_UEFI_RSA2048_SIZE\r
+ );\r
+ \r
+ //\r
+ // Check if KEK entry has been already existed. \r
+ // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the \r
+ // new KEK to original variable.\r
+ // \r
+ Attr |= EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS;\r
+ DataSize = 0;\r
+ Status = gRT->GetVariable(\r
+ EFI_KEY_EXCHANGE_KEY_NAME, \r
+ &gEfiGlobalVariableGuid, \r
+ NULL, \r
+ &DataSize, \r
+ NULL\r
+ );\r
+ if (Status == EFI_BUFFER_TOO_SMALL) {\r
+ Attr |= EFI_VARIABLE_APPEND_WRITE;\r
+ } else if (Status != EFI_NOT_FOUND) {\r
+ goto ON_EXIT;\r
+ }\r
+ \r
+ //\r
+ // Done. Now we have formed the correct KEKpub database item, just set it into variable storage,\r
+ // \r
+ Status = gRT->SetVariable(\r
+ EFI_KEY_EXCHANGE_KEY_NAME, \r
+ &gEfiGlobalVariableGuid, \r
+ Attr, \r
+ KekSigListSize, \r
+ KekSigList\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+ \r
+ON_EXIT:\r
+\r
+ CloseFile (Private->FileContext->FHandle);\r
+ Private->FileContext->FHandle = NULL;\r
+ Private->FileContext->FileName = NULL;\r
+\r
+ if (Private->SignatureGUID != NULL) {\r
+ FreePool (Private->SignatureGUID);\r
+ Private->SignatureGUID = NULL;\r
+ }\r
+\r
+ if (KeyBlob != NULL) {\r
+ FreePool (KeyBlob);\r
+ }\r
+ if (KeyBuffer != NULL) {\r
+ FreePool (KeyBuffer);\r
+ }\r
+ if (KekSigList != NULL) {\r
+ FreePool (KekSigList);\r
+ }\r
+ \r
+ return Status;\r
+}\r
+\r
+/**\r
+ Enroll a new KEK item from X509 certificate file.\r
+\r
+ @param[in] PrivateData The module's private data.\r
+\r
+ @retval EFI_SUCCESS New X509 is enrolled successfully.\r
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.\r
+ @retval EFI_UNSUPPORTED Unsupported command.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
+\r
+**/\r
+EFI_STATUS\r
+EnrollX509ToKek (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private\r
+ ) \r
+{\r
+ EFI_STATUS Status;\r
+ UINTN X509DataSize;\r
+ VOID *X509Data;\r
+ EFI_SIGNATURE_DATA *KEKSigData;\r
+ EFI_SIGNATURE_LIST *KekSigList;\r
+ UINTN DataSize;\r
+ UINTN KekSigListSize;\r
+ UINT32 Attr;\r
+\r
+ X509Data = NULL;\r
+ X509DataSize = 0;\r
+ KekSigList = NULL;\r
+ KekSigListSize = 0;\r
+ DataSize = 0;\r
+ KEKSigData = NULL;\r
+\r
+ Status = ReadFileContent (\r
+ Private->FileContext->FHandle,\r
+ &X509Data,\r
+ &X509DataSize,\r
+ 0\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ KekSigListSize = sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize;\r
+ KekSigList = (EFI_SIGNATURE_LIST*) AllocateZeroPool (KekSigListSize);\r
+ if (KekSigList == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Fill Certificate Database parameters.\r
+ // \r
+ KekSigList->SignatureListSize = (UINT32) KekSigListSize;\r
+ KekSigList->SignatureHeaderSize = 0;\r
+ KekSigList->SignatureSize = (UINT32) (sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize);\r
+ CopyGuid (&KekSigList->SignatureType, &gEfiCertX509Guid);\r
+\r
+ KEKSigData = (EFI_SIGNATURE_DATA*) ((UINT8*) KekSigList + sizeof (EFI_SIGNATURE_LIST));\r
+ CopyGuid (&KEKSigData->SignatureOwner, Private->SignatureGUID);\r
+ CopyMem (KEKSigData->SignatureData, X509Data, X509DataSize);\r
+\r
+ //\r
+ // Check if KEK been already existed. \r
+ // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the \r
+ // new kek to original variable\r
+ // \r
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS \r
+ | EFI_VARIABLE_BOOTSERVICE_ACCESS;\r
+\r
+ Status = gRT->GetVariable(\r
+ EFI_KEY_EXCHANGE_KEY_NAME, \r
+ &gEfiGlobalVariableGuid, \r
+ NULL, \r
+ &DataSize, \r
+ NULL\r
+ );\r
+ if (Status == EFI_BUFFER_TOO_SMALL) {\r
+ Attr |= EFI_VARIABLE_APPEND_WRITE;\r
+ } else if (Status != EFI_NOT_FOUND) {\r
+ goto ON_EXIT;\r
+ } \r
+\r
+ Status = gRT->SetVariable(\r
+ EFI_KEY_EXCHANGE_KEY_NAME, \r
+ &gEfiGlobalVariableGuid, \r
+ Attr, \r
+ KekSigListSize,\r
+ KekSigList\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ON_EXIT:\r
+\r
+ CloseFile (Private->FileContext->FHandle);\r
+ Private->FileContext->FileName = NULL;\r
+ Private->FileContext->FHandle = NULL;\r
+\r
+ if (Private->SignatureGUID != NULL) {\r
+ FreePool (Private->SignatureGUID);\r
+ Private->SignatureGUID = NULL;\r
+ }\r
+\r
+ if (KekSigList != NULL) {\r
+ FreePool (KekSigList);\r
+ }\r
+\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Enroll new KEK into the System without PK's authentication.\r
+ The SignatureOwner GUID will be Private->SignatureGUID.\r
+ \r
+ @param[in] PrivateData The module's private data.\r
+ \r
+ @retval EFI_SUCCESS New KEK enrolled successful.\r
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.\r
+ @retval others Fail to enroll KEK data.\r
+ \r
+**/\r
+EFI_STATUS\r
+EnrollKeyExchangeKey (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private\r
+ ) \r
+{\r
+ UINT16* FilePostFix;\r
+ \r
+ if ((Private->FileContext->FileName == NULL) || (Private->SignatureGUID == NULL)) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ //\r
+ // Parse the file's postfix. Supports .cer and .der file as X509 certificate, \r
+ // and .pbk as RSA public key file.\r
+ //\r
+ FilePostFix = Private->FileContext->FileName + StrLen (Private->FileContext->FileName) - 4;\r
+ if ((CompareMem (FilePostFix, L".cer",4) == 0) || (CompareMem (FilePostFix, L".der",4) == 0)) {\r
+ return EnrollX509ToKek (Private);\r
+ } else if (CompareMem (FilePostFix, L".pbk",4) == 0) {\r
+ return EnrollRsa2048ToKek (Private);\r
+ } else {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+}\r
+\r
+/**\r
+ Enroll a new X509 certificate into Signature Database (DB or DBX) without\r
+ KEK's authentication.\r
+\r
+ @param[in] PrivateData The module's private data.\r
+ @param[in] VariableName Variable name of signature database, must be \r
+ EFI_IMAGE_SECURITY_DATABASE or EFI_IMAGE_SECURITY_DATABASE1.\r
+ \r
+ @retval EFI_SUCCESS New X509 is enrolled successfully.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
+\r
+**/\r
+EFI_STATUS\r
+EnrollX509toSigDB (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,\r
+ IN CHAR16 *VariableName\r
+ ) \r
+{\r
+ EFI_STATUS Status;\r
+ UINTN X509DataSize;\r
+ VOID *X509Data;\r
+ EFI_SIGNATURE_LIST *SigDBCert;\r
+ EFI_SIGNATURE_DATA *SigDBCertData;\r
+ VOID *Data;\r
+ UINTN DataSize;\r
+ UINTN SigDBSize;\r
+ UINT32 Attr;\r
+\r
+ X509DataSize = 0;\r
+ SigDBSize = 0;\r
+ DataSize = 0;\r
+ X509Data = NULL;\r
+ SigDBCert = NULL;\r
+ SigDBCertData = NULL;\r
+ Data = NULL;\r
+\r
+ Status = ReadFileContent (\r
+ Private->FileContext->FHandle,\r
+ &X509Data,\r
+ &X509DataSize,\r
+ 0\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ SigDBSize = sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize;\r
+\r
+ Data = AllocateZeroPool (SigDBSize);\r
+ if (Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Fill Certificate Database parameters.\r
+ // \r
+ SigDBCert = (EFI_SIGNATURE_LIST*) Data;\r
+ SigDBCert->SignatureListSize = (UINT32) SigDBSize;\r
+ SigDBCert->SignatureHeaderSize = 0;\r
+ SigDBCert->SignatureSize = (UINT32) (sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize);\r
+ CopyGuid (&SigDBCert->SignatureType, &gEfiCertX509Guid);\r
+\r
+ SigDBCertData = (EFI_SIGNATURE_DATA*) ((UINT8* ) SigDBCert + sizeof (EFI_SIGNATURE_LIST));\r
+ CopyGuid (&SigDBCertData->SignatureOwner, Private->SignatureGUID);\r
+ CopyMem ((UINT8* ) (SigDBCertData->SignatureData), X509Data, X509DataSize);\r
+\r
+ //\r
+ // Check if signature database entry has been already existed. \r
+ // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the \r
+ // new signature data to original variable\r
+ // \r
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS \r
+ | EFI_VARIABLE_BOOTSERVICE_ACCESS;\r
+\r
+ Status = gRT->GetVariable(\r
+ VariableName, \r
+ &gEfiImageSecurityDatabaseGuid, \r
+ NULL, \r
+ &DataSize, \r
+ NULL\r
+ );\r
+ if (Status == EFI_BUFFER_TOO_SMALL) {\r
+ Attr |= EFI_VARIABLE_APPEND_WRITE;\r
+ } else if (Status != EFI_NOT_FOUND) {\r
+ goto ON_EXIT;\r
+ } \r
+\r
+ Status = gRT->SetVariable(\r
+ VariableName, \r
+ &gEfiImageSecurityDatabaseGuid, \r
+ Attr, \r
+ SigDBSize,\r
+ Data\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ON_EXIT:\r
+\r
+ CloseFile (Private->FileContext->FHandle);\r
+ Private->FileContext->FileName = NULL;\r
+ Private->FileContext->FHandle = NULL;\r
+\r
+ if (Private->SignatureGUID != NULL) {\r
+ FreePool (Private->SignatureGUID);\r
+ Private->SignatureGUID = NULL;\r
+ }\r
+\r
+ if (Data != NULL) {\r
+ FreePool (Data);\r
+ }\r
+\r
+ if (X509Data != NULL) {\r
+ FreePool (X509Data);\r
+ }\r
+\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Load PE/COFF image information into internal buffer and check its validity.\r
+\r
+ @retval EFI_SUCCESS Successful\r
+ @retval EFI_UNSUPPORTED Invalid PE/COFF file\r
+ @retval EFI_ABORTED Serious error occurs, like file I/O error etc.\r
+\r
+**/\r
+EFI_STATUS\r
+LoadPeImage (\r
+ VOID \r
+ ) \r
+{\r
+ EFI_IMAGE_DOS_HEADER *DosHdr;\r
+ EFI_IMAGE_NT_HEADERS32 *NtHeader32;\r
+ EFI_IMAGE_NT_HEADERS64 *NtHeader64;\r
+\r
+ NtHeader32 = NULL;\r
+ NtHeader64 = NULL;\r
+ //\r
+ // Read the Dos header\r
+ //\r
+ DosHdr = (EFI_IMAGE_DOS_HEADER*)(mImageBase);\r
+ if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE)\r
+ {\r
+ //\r
+ // DOS image header is present, \r
+ // So read the PE header after the DOS image header\r
+ //\r
+ mPeCoffHeaderOffset = DosHdr->e_lfanew;\r
+ }\r
+ else\r
+ {\r
+ mPeCoffHeaderOffset = 0;\r
+ }\r
+\r
+ //\r
+ // Read PE header and check the signature validity and machine compatibility\r
+ //\r
+ NtHeader32 = (EFI_IMAGE_NT_HEADERS32*) (mImageBase + mPeCoffHeaderOffset);\r
+ if (NtHeader32->Signature != EFI_IMAGE_NT_SIGNATURE)\r
+ {\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+\r
+ mNtHeader.Pe32 = NtHeader32;\r
+\r
+ //\r
+ // Check the architecture field of PE header and get the Certificate Data Directory data\r
+ // Note the size of FileHeader field is constant for both IA32 and X64 arch\r
+ //\r
+ if ((NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_IA32) \r
+ || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_EBC)) {\r
+ //\r
+ // IA-32 Architecture\r
+ //\r
+ mImageType = ImageType_IA32;\r
+ mSecDataDir = (EFI_IMAGE_SECURITY_DATA_DIRECTORY*) &(NtHeader32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]);\r
+ }\r
+ else if ((NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_IA64)\r
+ || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_X64)) {\r
+ //\r
+ // 64-bits Architecture\r
+ //\r
+ mImageType = ImageType_X64;\r
+ NtHeader64 = (EFI_IMAGE_NT_HEADERS64 *) (mImageBase + mPeCoffHeaderOffset);\r
+ mSecDataDir = (EFI_IMAGE_SECURITY_DATA_DIRECTORY*) &(NtHeader64->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]);\r
+ } else {\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+/**\r
+ Calculate hash of Pe/Coff image based on the authenticode image hashing in\r
+ PE/COFF Specification 8.0 Appendix A\r
+\r
+ @param[in] HashAlg Hash algorithm type.\r
+ \r
+ @retval TRUE Successfully hash image.\r
+ @retval FALSE Fail in hash image.\r
+\r
+**/\r
+BOOLEAN \r
+HashPeImage (\r
+ IN UINT32 HashAlg\r
+ )\r
+{\r
+ BOOLEAN Status;\r
+ UINT16 Magic;\r
+ EFI_IMAGE_SECTION_HEADER *Section;\r
+ VOID *HashCtx;\r
+ UINTN CtxSize;\r
+ UINT8 *HashBase;\r
+ UINTN HashSize;\r
+ UINTN SumOfBytesHashed;\r
+ EFI_IMAGE_SECTION_HEADER *SectionHeader;\r
+ UINTN Index;\r
+ UINTN Pos;\r
+\r
+ HashCtx = NULL;\r
+ SectionHeader = NULL;\r
+ Status = FALSE;\r
+\r
+ if ((HashAlg != HASHALG_SHA1) && (HashAlg != HASHALG_SHA256)) {\r
+ return FALSE;\r
+ }\r
+ \r
+ //\r
+ // Initialize context of hash.\r
+ //\r
+ ZeroMem (mImageDigest, MAX_DIGEST_SIZE);\r
+\r
+ if (HashAlg == HASHALG_SHA1) {\r
+ mImageDigestSize = SHA1_DIGEST_SIZE;\r
+ mCertType = gEfiCertSha1Guid; \r
+ } else if (HashAlg == HASHALG_SHA256) {\r
+ mImageDigestSize = SHA256_DIGEST_SIZE;\r
+ mCertType = gEfiCertSha256Guid;\r
+ }\r
+\r
+ CtxSize = mHash[HashAlg].GetContextSize();\r
+ \r
+ HashCtx = AllocatePool (CtxSize);\r
+ ASSERT (HashCtx != NULL);\r
+\r
+ // 1. Load the image header into memory.\r
+\r
+ // 2. Initialize a SHA hash context.\r
+ Status = mHash[HashAlg].HashInit(HashCtx);\r
+ if (!Status) {\r
+ goto Done;\r
+ }\r
+ //\r
+ // Measuring PE/COFF Image Header;\r
+ // But CheckSum field and SECURITY data directory (certificate) are excluded\r
+ //\r
+ Magic = mNtHeader.Pe32->OptionalHeader.Magic;\r
+ //\r
+ // 3. Calculate the distance from the base of the image header to the image checksum address.\r
+ // 4. Hash the image header from its base to beginning of the image checksum.\r
+ //\r
+ HashBase = mImageBase;\r
+ if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
+ //\r
+ // Use PE32 offset.\r
+ //\r
+ HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32->OptionalHeader.CheckSum) - HashBase);\r
+ } else {\r
+ //\r
+ // Use PE32+ offset.\r
+ //\r
+ HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32Plus->OptionalHeader.CheckSum) - HashBase);\r
+ }\r
+\r
+ Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);\r
+ if (!Status) {\r
+ goto Done;\r
+ }\r
+ //\r
+ // 5. Skip over the image checksum (it occupies a single ULONG).\r
+ // 6. Get the address of the beginning of the Cert Directory.\r
+ // 7. Hash everything from the end of the checksum to the start of the Cert Directory.\r
+ //\r
+ if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
+ //\r
+ // Use PE32 offset.\r
+ //\r
+ HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
+ HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);\r
+ } else {\r
+ //\r
+ // Use PE32+ offset.\r
+ // \r
+ HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
+ HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);\r
+ }\r
+\r
+ Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);\r
+ if (!Status) {\r
+ goto Done;\r
+ }\r
+ //\r
+ // 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)\r
+ // 9. Hash everything from the end of the Cert Directory to the end of image header.\r
+ //\r
+ if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
+ //\r
+ // Use PE32 offset\r
+ //\r
+ HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
+ HashSize = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) ((UINT8 *) (&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]) - mImageBase);\r
+ } else {\r
+ //\r
+ // Use PE32+ offset.\r
+ //\r
+ HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
+ HashSize = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) ((UINT8 *) (&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]) - mImageBase);\r
+ }\r
+\r
+ Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);\r
+ if (!Status) {\r
+ goto Done;\r
+ }\r
+ //\r
+ // 10. Set the SUM_OF_BYTES_HASHED to the size of the header.\r
+ //\r
+ if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
+ //\r
+ // Use PE32 offset.\r
+ //\r
+ SumOfBytesHashed = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders;\r
+ } else {\r
+ //\r
+ // Use PE32+ offset\r
+ //\r
+ SumOfBytesHashed = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders;\r
+ }\r
+\r
+ //\r
+ // 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER\r
+ // structures in the image. The 'NumberOfSections' field of the image\r
+ // header indicates how big the table should be. Do not include any\r
+ // IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.\r
+ //\r
+ SectionHeader = (EFI_IMAGE_SECTION_HEADER *) AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * mNtHeader.Pe32->FileHeader.NumberOfSections);\r
+ ASSERT (SectionHeader != NULL);\r
+ //\r
+ // 12. Using the 'PointerToRawData' in the referenced section headers as\r
+ // a key, arrange the elements in the table in ascending order. In other\r
+ // words, sort the section headers according to the disk-file offset of\r
+ // the section.\r
+ //\r
+ Section = (EFI_IMAGE_SECTION_HEADER *) (\r
+ mImageBase +\r
+ mPeCoffHeaderOffset +\r
+ sizeof (UINT32) +\r
+ sizeof (EFI_IMAGE_FILE_HEADER) +\r
+ mNtHeader.Pe32->FileHeader.SizeOfOptionalHeader\r
+ );\r
+ for (Index = 0; Index < mNtHeader.Pe32->FileHeader.NumberOfSections; Index++) {\r
+ Pos = Index;\r
+ while ((Pos > 0) && (Section->PointerToRawData < SectionHeader[Pos - 1].PointerToRawData)) {\r
+ CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof (EFI_IMAGE_SECTION_HEADER));\r
+ Pos--;\r
+ }\r
+ CopyMem (&SectionHeader[Pos], Section, sizeof (EFI_IMAGE_SECTION_HEADER));\r
+ Section += 1;\r
+ }\r
+\r
+ //\r
+ // 13. Walk through the sorted table, bring the corresponding section\r
+ // into memory, and hash the entire section (using the 'SizeOfRawData'\r
+ // field in the section header to determine the amount of data to hash).\r
+ // 14. Add the section's 'SizeOfRawData' to SUM_OF_BYTES_HASHED .\r
+ // 15. Repeat steps 13 and 14 for all the sections in the sorted table.\r
+ //\r
+ for (Index = 0; Index < mNtHeader.Pe32->FileHeader.NumberOfSections; Index++) {\r
+ Section = &SectionHeader[Index];\r
+ if (Section->SizeOfRawData == 0) {\r
+ continue;\r
+ }\r
+ HashBase = mImageBase + Section->PointerToRawData;\r
+ HashSize = (UINTN) Section->SizeOfRawData;\r
+\r
+ Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);\r
+ if (!Status) {\r
+ goto Done;\r
+ }\r
+\r
+ SumOfBytesHashed += HashSize;\r
+ }\r
+\r
+ //\r
+ // 16. If the file size is greater than SUM_OF_BYTES_HASHED, there is extra\r
+ // data in the file that needs to be added to the hash. This data begins\r
+ // at file offset SUM_OF_BYTES_HASHED and its length is:\r
+ // FileSize - (CertDirectory->Size)\r
+ //\r
+ if (mImageSize > SumOfBytesHashed) {\r
+ HashBase = mImageBase + SumOfBytesHashed;\r
+ if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
+ //\r
+ // Use PE32 offset.\r
+ //\r
+ HashSize = (UINTN)(\r
+ mImageSize -\r
+ mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size -\r
+ SumOfBytesHashed);\r
+ } else {\r
+ //\r
+ // Use PE32+ offset.\r
+ //\r
+ HashSize = (UINTN)(\r
+ mImageSize -\r
+ mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size -\r
+ SumOfBytesHashed); \r
+ }\r
+\r
+ Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);\r
+ if (!Status) {\r
+ goto Done;\r
+ }\r
+ }\r
+\r
+ Status = mHash[HashAlg].HashFinal(HashCtx, mImageDigest);\r
+\r
+Done:\r
+ if (HashCtx != NULL) {\r
+ FreePool (HashCtx);\r
+ }\r
+ if (SectionHeader != NULL) {\r
+ FreePool (SectionHeader);\r
+ }\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Recognize the Hash algorithm in PE/COFF Authenticode and caculate hash of \r
+ Pe/Coff image based on the authenticated image hashing in PE/COFF Specification \r
+ 8.0 Appendix A\r
+\r
+ @retval EFI_UNSUPPORTED Hash algorithm is not supported.\r
+ @retval EFI_SUCCESS Hash successfully.\r
+\r
+**/\r
+EFI_STATUS \r
+HashPeImageByType (\r
+ VOID\r
+ )\r
+{\r
+ UINT8 Index;\r
+ WIN_CERTIFICATE_EFI_PKCS *PkcsCertData;\r
+\r
+ PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *) (mImageBase + mSecDataDir->Offset);\r
+\r
+ for (Index = 0; Index < HASHALG_MAX; Index++) { \r
+ //\r
+ // Check the Hash algorithm in PE/COFF Authenticode.\r
+ // According to PKCS#7 Definition: \r
+ // SignedData ::= SEQUENCE {\r
+ // version Version,\r
+ // digestAlgorithms DigestAlgorithmIdentifiers,\r
+ // contentInfo ContentInfo,\r
+ // .... }\r
+ // The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing\r
+ // This field has the fixed offset (+32) in final Authenticode ASN.1 data.\r
+ // Fixed offset (+32) is calculated based on two bytes of length encoding.\r
+ //\r
+ if ((*(PkcsCertData->CertData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {\r
+ //\r
+ // Only support two bytes of Long Form of Length Encoding.\r
+ //\r
+ continue;\r
+ }\r
+\r
+ // \r
+ if (CompareMem (PkcsCertData->CertData + 32, mHash[Index].OidValue, mHash[Index].OidLength) == 0) {\r
+ break;\r
+ }\r
+ }\r
+\r
+ if (Index == HASHALG_MAX) {\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+\r
+ //\r
+ // HASH PE Image based on Hash algorithm in PE/COFF Authenticode.\r
+ //\r
+ if (!HashPeImage(Index)) {\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+/**\r
+ Enroll a new executable's signature into Signature Database. \r
+\r
+ @param[in] PrivateData The module's private data.\r
+ @param[in] VariableName Variable name of signature database, must be \r
+ EFI_IMAGE_SECURITY_DATABASE or EFI_IMAGE_SECURITY_DATABASE1.\r
+\r
+ @retval EFI_SUCCESS New signature is enrolled successfully.\r
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.\r
+ @retval EFI_UNSUPPORTED Unsupported command.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
+\r
+**/\r
+EFI_STATUS\r
+EnrollImageSignatureToSigDB (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,\r
+ IN CHAR16 *VariableName\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ EFI_SIGNATURE_LIST *SigDBCert;\r
+ EFI_SIGNATURE_DATA *SigDBCertData;\r
+ VOID *Data;\r
+ UINTN DataSize;\r
+ UINTN SigDBSize;\r
+ UINT32 Attr;\r
+ WIN_CERTIFICATE_UEFI_GUID *GuidCertData;\r
+\r
+ Data = NULL;\r
+ GuidCertData = NULL;\r
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS \r
+ | EFI_VARIABLE_BOOTSERVICE_ACCESS;\r
+\r
+ //\r
+ // Form the SigDB certificate list.\r
+ // Format the data item into EFI_SIGNATURE_LIST type.\r
+ //\r
+ // We need to parse executable's signature data from specified signed executable file.\r
+ // In current implementation, we simply trust the pass-in signed executable file.\r
+ // In reality, it's OS's responsibility to verify the signed executable file.\r
+ //\r
+\r
+ //\r
+ // Read the whole file content\r
+ //\r
+ Status = ReadFileContent(\r
+ Private->FileContext->FHandle,\r
+ (VOID **) &mImageBase, \r
+ &mImageSize, \r
+ 0\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ } \r
+\r
+ Status = LoadPeImage ();\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ if (mSecDataDir->SizeOfCert == 0) {\r
+ if (!HashPeImage (HASHALG_SHA256)) {\r
+ Status = EFI_SECURITY_VIOLATION;\r
+ goto ON_EXIT;\r
+ }\r
+ } else {\r
+ \r
+ //\r
+ // Read the certificate data\r
+ //\r
+ mCertificate = (WIN_CERTIFICATE *)(mImageBase + mSecDataDir->Offset);\r
+\r
+ if (mCertificate->wCertificateType == WIN_CERT_TYPE_EFI_GUID) {\r
+ GuidCertData = (WIN_CERTIFICATE_UEFI_GUID*) mCertificate;\r
+ if (CompareMem (&GuidCertData->CertType, &gEfiCertTypeRsa2048Sha256Guid, sizeof(EFI_GUID)) != 0) {\r
+ Status = EFI_ABORTED;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ if (!HashPeImage (HASHALG_SHA256)) {\r
+ Status = EFI_ABORTED;\r
+ goto ON_EXIT;;\r
+ }\r
+ \r
+ } else if (mCertificate->wCertificateType == WIN_CERT_TYPE_PKCS_SIGNED_DATA) {\r
+\r
+ Status = HashPeImageByType ();\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;;\r
+ }\r
+ } else {\r
+ Status = EFI_ABORTED;\r
+ goto ON_EXIT;\r
+ }\r
+ }\r
+\r
+ //\r
+ // Create a new SigDB entry.\r
+ //\r
+ SigDBSize = sizeof(EFI_SIGNATURE_LIST) \r
+ + sizeof(EFI_SIGNATURE_DATA) - 1\r
+ + (UINT32) mImageDigestSize;\r
+\r
+ Data = (UINT8*) AllocateZeroPool (SigDBSize);\r
+ if (Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+ \r
+ //\r
+ // Adjust the Certificate Database parameters.\r
+ // \r
+ SigDBCert = (EFI_SIGNATURE_LIST*) Data;\r
+ SigDBCert->SignatureListSize = (UINT32) SigDBSize;\r
+ SigDBCert->SignatureHeaderSize = 0;\r
+ SigDBCert->SignatureSize = sizeof(EFI_SIGNATURE_DATA) - 1 + (UINT32) mImageDigestSize;\r
+ CopyGuid (&SigDBCert->SignatureType, &mCertType);\r
+\r
+ SigDBCertData = (EFI_SIGNATURE_DATA*)((UINT8*)SigDBCert + sizeof(EFI_SIGNATURE_LIST));\r
+ CopyGuid (&SigDBCertData->SignatureOwner, Private->SignatureGUID);\r
+ CopyMem (SigDBCertData->SignatureData, mImageDigest, mImageDigestSize);\r
+\r
+ //\r
+ // Check if SigDB variable has been already existed. \r
+ // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the \r
+ // new signature data to original variable\r
+ // \r
+ DataSize = 0;\r
+ Status = gRT->GetVariable(\r
+ VariableName, \r
+ &gEfiImageSecurityDatabaseGuid, \r
+ NULL, \r
+ &DataSize, \r
+ NULL\r
+ );\r
+ if (Status == EFI_BUFFER_TOO_SMALL) {\r
+ Attr |= EFI_VARIABLE_APPEND_WRITE;\r
+ } else if (Status != EFI_NOT_FOUND) {\r
+ goto ON_EXIT;\r
+ } \r
+\r
+ //\r
+ // Enroll the variable.\r
+ //\r
+ Status = gRT->SetVariable(\r
+ VariableName, \r
+ &gEfiImageSecurityDatabaseGuid, \r
+ Attr, \r
+ SigDBSize, \r
+ Data\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ON_EXIT:\r
+\r
+ CloseFile (Private->FileContext->FHandle);\r
+ Private->FileContext->FHandle = NULL;\r
+ Private->FileContext->FileName = NULL;\r
+\r
+ if (Private->SignatureGUID != NULL) {\r
+ FreePool (Private->SignatureGUID);\r
+ Private->SignatureGUID = NULL;\r
+ }\r
+\r
+ if (Data != NULL) {\r
+ FreePool (Data);\r
+ }\r
+\r
+ if (mImageBase != NULL) {\r
+ FreePool (mImageBase);\r
+ mImageBase = NULL;\r
+ }\r
+\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Enroll signature into DB/DBX without KEK's authentication.\r
+ The SignatureOwner GUID will be Private->SignatureGUID.\r
+ \r
+ @param[in] PrivateData The module's private data.\r
+ @param[in] VariableName Variable name of signature database, must be \r
+ EFI_IMAGE_SECURITY_DATABASE or EFI_IMAGE_SECURITY_DATABASE1.\r
+ \r
+ @retval EFI_SUCCESS New signature enrolled successfully.\r
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.\r
+ @retval others Fail to enroll signature data.\r
+ \r
+**/\r
+EFI_STATUS\r
+EnrollSignatureDatabase (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,\r
+ IN CHAR16 *VariableName\r
+ ) \r
+{\r
+ UINT16* FilePostFix;\r
+\r
+ if ((Private->FileContext->FileName == NULL) || (Private->FileContext->FHandle == NULL) || (Private->SignatureGUID == NULL)) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ //\r
+ // Parse the file's postfix. \r
+ //\r
+ FilePostFix = Private->FileContext->FileName + StrLen (Private->FileContext->FileName) - 4;\r
+ if ((CompareMem (FilePostFix, L".cer",4) == 0) || (CompareMem (FilePostFix, L".der",4) == 0)) {\r
+ //\r
+ // Supports .cer and .der file as X509 certificate.\r
+ //\r
+ return EnrollX509toSigDB (Private, VariableName);\r
+ }\r
+\r
+ return EnrollImageSignatureToSigDB (Private, VariableName);\r
+}\r
+\r
+/**\r
+ List all signatures in specified signature database (e.g. KEK/DB/DBX)\r
+ by GUID in the page for user to select and delete as needed.\r
+\r
+ @param[in] PrivateData Module's private data.\r
+ @param[in] VariableName The variable name of the vendor's signature database.\r
+ @param[in] VendorGuid A unique identifier for the vendor.\r
+ @param[in] LabelNumber Label number to insert opcodes.\r
+ @param[in] FormId Form ID of current page.\r
+ @param[in] QuestionIdBase Base question id of the signature list.\r
+\r
+ @retval EFI_SUCCESS Success to update the signature list page\r
+ @retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.\r
+ \r
+**/\r
+EFI_STATUS\r
+UpdateDeletePage (\r
+ IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData,\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid,\r
+ IN UINT16 LabelNumber,\r
+ IN EFI_FORM_ID FormId,\r
+ IN EFI_QUESTION_ID QuestionIdBase\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT32 Index;\r
+ UINTN CertCount;\r
+ UINTN GuidIndex;\r
+ VOID *StartOpCodeHandle;\r
+ VOID *EndOpCodeHandle;\r
+ EFI_IFR_GUID_LABEL *StartLabel;\r
+ EFI_IFR_GUID_LABEL *EndLabel; \r
+ UINTN DataSize;\r
+ UINT8 *Data;\r
+ EFI_SIGNATURE_LIST *CertList;\r
+ EFI_SIGNATURE_DATA *Cert;\r
+ UINT32 ItemDataSize;\r
+ CHAR16 *GuidStr;\r
+ EFI_STRING_ID GuidID;\r
+ EFI_STRING_ID Help;\r
+\r
+ Data = NULL;\r
+ CertList = NULL;\r
+ Cert = NULL;\r
+ GuidStr = NULL;\r
+ StartOpCodeHandle = NULL;\r
+ EndOpCodeHandle = NULL;\r
+ \r
+ //\r
+ // Initialize the container for dynamic opcodes.\r
+ //\r
+ StartOpCodeHandle = HiiAllocateOpCodeHandle ();\r
+ if (StartOpCodeHandle == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT; \r
+ }\r
+\r
+ EndOpCodeHandle = HiiAllocateOpCodeHandle ();\r
+ if (EndOpCodeHandle == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT; \r
+ }\r
+\r
+ //\r
+ // Create Hii Extend Label OpCode.\r
+ //\r
+ StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (\r
+ StartOpCodeHandle,\r
+ &gEfiIfrTianoGuid,\r
+ NULL,\r
+ sizeof (EFI_IFR_GUID_LABEL)\r
+ );\r
+ StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
+ StartLabel->Number = LabelNumber;\r
+\r
+ EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (\r
+ EndOpCodeHandle,\r
+ &gEfiIfrTianoGuid,\r
+ NULL,\r
+ sizeof (EFI_IFR_GUID_LABEL)\r
+ );\r
+ EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
+ EndLabel->Number = LABEL_END;\r
+\r
+ //\r
+ // Read Variable.\r
+ //\r
+ DataSize = 0;\r
+ Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data); \r
+ if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ Data = (UINT8 *) AllocateZeroPool (DataSize);\r
+ if (Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ GuidStr = AllocateZeroPool (100);\r
+ if (GuidStr == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Enumerate all KEK pub data.\r
+ //\r
+ ItemDataSize = (UINT32) DataSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) Data;\r
+ GuidIndex = 0;\r
+\r
+ while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {\r
+\r
+ if (CompareGuid (&CertList->SignatureType, &gEfiCertRsa2048Guid)) {\r
+ Help = STRING_TOKEN (STR_CERT_TYPE_RSA2048_SHA256_GUID);\r
+ } else if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {\r
+ Help = STRING_TOKEN (STR_CERT_TYPE_PCKS7_GUID);\r
+ } else if (CompareGuid (&CertList->SignatureType, &gEfiCertSha1Guid)) {\r
+ Help = STRING_TOKEN (STR_CERT_TYPE_SHA1_GUID);\r
+ } else if (CompareGuid (&CertList->SignatureType, &gEfiCertSha256Guid)) {\r
+ Help = STRING_TOKEN (STR_CERT_TYPE_SHA256_GUID);\r
+ } else {\r
+ //\r
+ // The signature type is not supported in current implementation.\r
+ //\r
+ continue;\r
+ }\r
+\r
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
+ for (Index = 0; Index < CertCount; Index++) {\r
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList \r
+ + sizeof (EFI_SIGNATURE_LIST) \r
+ + CertList->SignatureHeaderSize \r
+ + Index * CertList->SignatureSize);\r
+ //\r
+ // Display GUID and help \r
+ //\r
+ GuidToString (&Cert->SignatureOwner, GuidStr, 100);\r
+ GuidID = HiiSetString (PrivateData->HiiHandle, 0, GuidStr, NULL);\r
+ HiiCreateCheckBoxOpCode (\r
+ StartOpCodeHandle,\r
+ (EFI_QUESTION_ID) (QuestionIdBase + GuidIndex++),\r
+ 0, \r
+ 0, \r
+ GuidID, \r
+ Help,\r
+ EFI_IFR_FLAG_CALLBACK,\r
+ 0,\r
+ NULL\r
+ ); \r
+ }\r
+\r
+ ItemDataSize -= CertList->SignatureListSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);\r
+ }\r
+\r
+ON_EXIT:\r
+ HiiUpdateForm (\r
+ PrivateData->HiiHandle,\r
+ &gSecureBootConfigFormSetGuid,\r
+ FormId,\r
+ StartOpCodeHandle,\r
+ EndOpCodeHandle\r
+ );\r
+\r
+ if (StartOpCodeHandle != NULL) {\r
+ HiiFreeOpCodeHandle (StartOpCodeHandle);\r
+ }\r
+\r
+ if (EndOpCodeHandle != NULL) {\r
+ HiiFreeOpCodeHandle (EndOpCodeHandle);\r
+ }\r
+ \r
+ if (Data != NULL) {\r
+ FreePool (Data);\r
+ }\r
+\r
+ if (GuidStr != NULL) {\r
+ FreePool (GuidStr);\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r