SecurityPkg/Library/AuthVariableLib/AuthService.c File Reference


Functions

EFI_STATUS AuthServiceInternalFindVariable (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, OUT VOID **Data, OUT UINTN *DataSize)
EFI_STATUS AuthServiceInternalUpdateVariable (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN DataSize, IN UINT32 Attributes)
EFI_STATUS AuthServiceInternalUpdateVariableWithMonotonicCount (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN DataSize, IN UINT32 Attributes, IN UINT32 KeyIndex, IN UINT64 MonotonicCount)
EFI_STATUS AuthServiceInternalUpdateVariableWithTimeStamp (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN DataSize, IN UINT32 Attributes, IN EFI_TIME *TimeStamp)
BOOLEAN NeedPhysicallyPresent (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid)
BOOLEAN InCustomMode (VOID)
UINT32 GetAvailableKeyIndex (IN UINT8 *PubKey)
UINT32 AddPubKeyInStore (IN UINT8 *PubKey, IN VARIABLE_ENTRY_CONSISTENCY *VariableDataEntry)
EFI_STATUS VerifyCounterBasedPayload (IN UINT8 *Data, IN UINTN DataSize, IN UINT8 *PubKey)
EFI_STATUS UpdatePlatformMode (IN UINT32 Mode)
EFI_STATUS CheckSignatureListFormat (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN DataSize)
EFI_STATUS VendorKeyIsModified (VOID)
EFI_STATUS ProcessVarWithPk (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN DataSize, IN UINT32 Attributes, IN BOOLEAN IsPk)
EFI_STATUS ProcessVarWithKek (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN DataSize, IN UINT32 Attributes)
BOOLEAN IsDeleteAuthVariable (IN UINT32 OrgAttributes, IN VOID *Data, IN UINTN DataSize, IN UINT32 Attributes)
EFI_STATUS ProcessVariable (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN DataSize, IN UINT32 Attributes)
EFI_STATUS FilterSignatureList (IN VOID *Data, IN UINTN DataSize, IN OUT VOID *NewData, IN OUT UINTN *NewDataSize)
BOOLEAN AuthServiceInternalCompareTimeStamp (IN EFI_TIME *FirstTime, IN EFI_TIME *SecondTime)
EFI_STATUS FindCertsFromDb (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN UINT8 *Data, IN UINTN DataSize, OUT UINT32 *CertOffset, OUT UINT32 *CertDataSize, OUT UINT32 *CertNodeOffset, OUT UINT32 *CertNodeSize)
EFI_STATUS GetCertsFromDb (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, OUT UINT8 **CertData, OUT UINT32 *CertDataSize)
EFI_STATUS DeleteCertsFromDb (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid)
EFI_STATUS InsertCertsToDb (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN UINT8 *CertData, IN UINTN CertDataSize)
EFI_STATUS CleanCertsFromDb (VOID)
EFI_STATUS VerifyTimeBasedPayload (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN DataSize, IN UINT32 Attributes, IN AUTHVAR_TYPE AuthVarType, IN EFI_TIME *OrgTimeStamp, OUT UINT8 **VarPayloadPtr, OUT UINTN *VarPayloadSize)
EFI_STATUS VerifyTimeBasedPayloadAndUpdate (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN DataSize, IN UINT32 Attributes, IN AUTHVAR_TYPE AuthVarType, OUT BOOLEAN *VarDel)

Variables

CONST UINT8 mRsaE [] = { 0x01, 0x00, 0x01 }
EFI_SIGNATURE_ITEM mSupportSigItem []

Detailed Description

Implement authentication services for the authenticated variables.

Caution: This module requires additional review when modified. This driver will have external input - variable data. It may be input in SMM mode. This external input must be validated carefully to avoid security issue like buffer overflow, integer overflow. Variable attribute should also be checked to avoid authentication bypass. The whole SMM authentication variable design relies on the integrity of flash part and SMM. which is assumed to be protected by platform. All variable code and metadata in flash/SMM Memory may not be modified without authorization. If platform fails to protect these resources, the authentication service provided in this driver will be broken, and the behavior is undefined.

ProcessVarWithPk(), ProcessVarWithKek() and ProcessVariable() are the function to do variable authentication.

VerifyTimeBasedPayloadAndUpdate() and VerifyCounterBasedPayload() are sub function to do verification. They will do basic validation for authentication data structure, then call crypto library to verify the signature.

Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php

THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.


Function Documentation

UINT32 AddPubKeyInStore ( IN UINT8 *  PubKey,
IN VARIABLE_ENTRY_CONSISTENCY *  VariableDataEntry 
)

Add public key in store and return its index.

Parameters:
[in] PubKey Input pointer to Public Key data.
[in] VariableDataEntry The variable data entry.
Returns:
Index of new added public key.

References AuthServiceInternalUpdateVariable(), AUTHVAR_KEYDB_NAME, EFI_CERT_TYPE_RSA2048_SIZE, EFI_STATUS(), GetAvailableKeyIndex(), mAuthVarLibContextIn, mPubKeyNumber, and mPubKeyStore.

Referenced by ProcessVariable(), and VerifyVariable().

BOOLEAN AuthServiceInternalCompareTimeStamp ( IN EFI_TIME *  FirstTime,
IN EFI_TIME *  SecondTime 
)

Compare two EFI_TIME data.

Parameters:
FirstTime A pointer to the first EFI_TIME data.
SecondTime A pointer to the second EFI_TIME data.
Return values:
TRUE The FirstTime is not later than the SecondTime.
FALSE The FirstTime is later than the SecondTime.

References BOOLEAN().

Referenced by VerifyTimeBasedPayload().

EFI_STATUS AuthServiceInternalFindVariable ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid,
OUT VOID **  Data,
OUT UINTN *  DataSize 
)

Finds variable in storage blocks of volatile and non-volatile storage areas.

This code finds variable in storage blocks of volatile and non-volatile storage areas. If VariableName is an empty string, then we just return the first qualified variable without comparing VariableName and VendorGuid.

Parameters:
[in] VariableName Name of the variable to be found.
[in] VendorGuid Variable vendor GUID to be found.
[out] Data Pointer to data address.
[out] DataSize Pointer to data size.
Return values:
EFI_INVALID_PARAMETER If VariableName is not an empty string, while VendorGuid is NULL.
EFI_SUCCESS Variable successfully found.
EFI_NOT_FOUND Variable not found

References EFI_STATUS(), and mAuthVarLibContextIn.

Referenced by AuthServiceInternalUpdateVariableWithTimeStamp(), AuthVariableLibInitialize(), CleanCertsFromDb(), DeleteCertsFromDb(), GetAvailableKeyIndex(), GetCertsFromDb(), InCustomMode(), InsertCertsToDb(), UpdatePlatformMode(), and VerifyTimeBasedPayload().

EFI_STATUS AuthServiceInternalUpdateVariable ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid,
IN VOID *  Data,
IN UINTN  DataSize,
IN UINT32  Attributes 
)

Update the variable region with Variable information.

Parameters:
[in] VariableName Name of variable.
[in] VendorGuid Guid of variable.
[in] Data Data pointer.
[in] DataSize Size of Data.
[in] Attributes Attribute value of the variable.
Return values:
EFI_SUCCESS The update operation is success.
EFI_INVALID_PARAMETER Invalid parameter.
EFI_WRITE_PROTECTED Variable is write-protected.
EFI_OUT_OF_RESOURCES There is not enough resource.

References mAuthVarLibContextIn.

Referenced by AddPubKeyInStore(), AuthVariableLibInitialize(), DeleteCertsFromDb(), InsertCertsToDb(), ProcessVariable(), UpdatePlatformMode(), and VendorKeyIsModified().

EFI_STATUS AuthServiceInternalUpdateVariableWithMonotonicCount ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid,
IN VOID *  Data,
IN UINTN  DataSize,
IN UINT32  Attributes,
IN UINT32  KeyIndex,
IN UINT64  MonotonicCount 
)

Update the variable region with Variable information.

Parameters:
[in] VariableName Name of variable.
[in] VendorGuid Guid of variable.
[in] Data Data pointer.
[in] DataSize Size of Data.
[in] Attributes Attribute value of the variable.
[in] KeyIndex Index of associated public key.
[in] MonotonicCount Value of associated monotonic count.
Return values:
EFI_SUCCESS The update operation is success.
EFI_INVALID_PARAMETER Invalid parameter.
EFI_WRITE_PROTECTED Variable is write-protected.
EFI_OUT_OF_RESOURCES There is not enough resource.

References mAuthVarLibContextIn.

Referenced by ProcessVariable().

EFI_STATUS AuthServiceInternalUpdateVariableWithTimeStamp ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid,
IN VOID *  Data,
IN UINTN  DataSize,
IN UINT32  Attributes,
IN EFI_TIME *  TimeStamp 
)

Update the variable region with Variable information.

Parameters:
[in] VariableName Name of variable.
[in] VendorGuid Guid of variable.
[in] Data Data pointer.
[in] DataSize Size of Data.
[in] Attributes Attribute value of the variable.
[in] TimeStamp Value of associated TimeStamp.
Return values:
EFI_SUCCESS The update operation is success.
EFI_INVALID_PARAMETER Invalid parameter.
EFI_WRITE_PROTECTED Variable is write-protected.
EFI_OUT_OF_RESOURCES There is not enough resource.

References AuthServiceInternalFindVariable(), EFI_STATUS(), FilterSignatureList(), mAuthVarLibContextIn, and UINTN().

Referenced by ProcessVarWithKek(), ProcessVarWithPk(), and VerifyTimeBasedPayloadAndUpdate().

EFI_STATUS CheckSignatureListFormat ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid,
IN VOID *  Data,
IN UINTN  DataSize 
)

Check input data form to make sure it is a valid EFI_SIGNATURE_LIST for PK/KEK/db/dbx/dbt variable.

Parameters:
[in] VariableName Name of Variable to be check.
[in] VendorGuid Variable vendor GUID.
[in] Data Point to the variable data to be checked.
[in] DataSize Size of Data.
Returns:
EFI_INVALID_PARAMETER Invalid signature list format.

EFI_SUCCESS Passed signature list format check successfully.

References BOOLEAN(), EFI_SIGNATURE_ITEM::SigHeaderSize, EFI_SIGNATURE_ITEM::SigType, TRUE, and UINTN().

Referenced by ProcessVarWithKek(), ProcessVarWithPk(), and VerifyTimeBasedPayload().

EFI_STATUS CleanCertsFromDb ( VOID   ) 

Clean up signer's certificates for common authenticated variable by corresponding VariableName and VendorGuid from "certdb". Sytem may break down during Timebased Variable update & certdb update, make them inconsistent, this function is called in AuthVariable Init to ensure consistency

Return values:
EFI_NOT_FOUND Fail to find matching certs.
EFI_SUCCESS Find matching certs and output parameters.

References AuthServiceInternalFindVariable(), BOOLEAN(), AUTH_CERT_DB_DATA::CertNodeSize, DeleteCertsFromDb(), EFI_CERT_DB_NAME, EFI_STATUS(), gEfiCertDbGuid, AUTH_CERT_DB_DATA::NameSize, TRUE, UINTN(), and AUTH_CERT_DB_DATA::VendorGuid.

Referenced by AuthVariableLibInitialize().

EFI_STATUS DeleteCertsFromDb ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid 
)

Delete matching signer's certificates when deleting common authenticated variable by corresponding VariableName and VendorGuid from "certdb".

Parameters:
[in] VariableName Name of authenticated Variable.
[in] VendorGuid Vendor GUID of authenticated Variable.
Return values:
EFI_INVALID_PARAMETER Any input parameter is invalid.
EFI_NOT_FOUND Fail to find "certdb" or matching certs.
EFI_OUT_OF_RESOURCES The operation is failed due to lack of resources.
EFI_SUCCESS The operation is completed successfully.

References AuthServiceInternalFindVariable(), AuthServiceInternalUpdateVariable(), EFI_CERT_DB_NAME, EFI_STATUS(), FindCertsFromDb(), gEfiCertDbGuid, mCertDbStore, and UINTN().

Referenced by CleanCertsFromDb(), ProcessVariable(), and VerifyTimeBasedPayloadAndUpdate().

EFI_STATUS FilterSignatureList ( IN VOID *  Data,
IN UINTN  DataSize,
IN OUT VOID *  NewData,
IN OUT UINTN *  NewDataSize 
)

Filter out the duplicated EFI_SIGNATURE_DATA from the new data by comparing to the original data.

Parameters:
[in] Data Pointer to original EFI_SIGNATURE_LIST.
[in] DataSize Size of Data buffer.
[in,out] NewData Pointer to new EFI_SIGNATURE_LIST.
[in,out] NewDataSize Size of NewData buffer.

References BOOLEAN(), EFI_STATUS(), mAuthVarLibContextIn, TRUE, and UINTN().

Referenced by AuthServiceInternalUpdateVariableWithTimeStamp().

EFI_STATUS FindCertsFromDb ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid,
IN UINT8 *  Data,
IN UINTN  DataSize,
OUT UINT32 *  CertOffset,
OUT UINT32 *  CertDataSize,
OUT UINT32 *  CertNodeOffset,
OUT UINT32 *  CertNodeSize 
)

Find matching signer's certificates for common authenticated variable by corresponding VariableName and VendorGuid from "certdb".

The data format of "certdb":

UINT32 CertDbListSize; /// AUTH_CERT_DB_DATA Certs1[]; /// AUTH_CERT_DB_DATA Certs2[]; /// ... /// AUTH_CERT_DB_DATA Certsn[];

Parameters:
[in] VariableName Name of authenticated Variable.
[in] VendorGuid Vendor GUID of authenticated Variable.
[in] Data Pointer to variable "certdb".
[in] DataSize Size of variable "certdb".
[out] CertOffset Offset of matching CertData, from starting of Data.
[out] CertDataSize Length of CertData in bytes.
[out] CertNodeOffset Offset of matching AUTH_CERT_DB_DATA , from starting of Data.
[out] CertNodeSize Length of AUTH_CERT_DB_DATA in bytes.
Return values:
EFI_INVALID_PARAMETER Any input parameter is invalid.
EFI_NOT_FOUND Fail to find matching certs.
EFI_SUCCESS Find matching certs and output parameters.

References AUTH_CERT_DB_DATA::CertDataSize, AUTH_CERT_DB_DATA::CertNodeSize, AUTH_CERT_DB_DATA::NameSize, and AUTH_CERT_DB_DATA::VendorGuid.

Referenced by DeleteCertsFromDb(), GetCertsFromDb(), and InsertCertsToDb().

UINT32 GetAvailableKeyIndex ( IN UINT8 *  PubKey  ) 

Get available public key index.

Parameters:
[in] PubKey Pointer to Public Key data.
Returns:
Public key index, 0 if no any public key index available.

References AuthServiceInternalFindVariable(), AUTHVAR_KEYDB_NAME, BOOLEAN(), EFI_STATUS(), mAuthVarLibContextIn, mMaxKeyNumber, mPubKeyNumber, mPubKeyStore, TRUE, and UINTN().

Referenced by AddPubKeyInStore().

EFI_STATUS GetCertsFromDb ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid,
OUT UINT8 **  CertData,
OUT UINT32 *  CertDataSize 
)

Retrieve signer's certificates for common authenticated variable by corresponding VariableName and VendorGuid from "certdb".

Parameters:
[in] VariableName Name of authenticated Variable.
[in] VendorGuid Vendor GUID of authenticated Variable.
[out] CertData Pointer to signer's certificates.
[out] CertDataSize Length of CertData in bytes.
Return values:
EFI_INVALID_PARAMETER Any input parameter is invalid.
EFI_NOT_FOUND Fail to find "certdb" or matching certs.
EFI_SUCCESS Get signer's certificates successfully.

References AuthServiceInternalFindVariable(), EFI_CERT_DB_NAME, EFI_STATUS(), FindCertsFromDb(), gEfiCertDbGuid, and UINTN().

Referenced by VerifyTimeBasedPayload().

BOOLEAN InCustomMode ( VOID   ) 

Determine whether the platform is operating in Custom Secure Boot mode.

Return values:
TRUE The platform is operating in Custom mode.
FALSE The platform is operating in Standard mode.

References AuthServiceInternalFindVariable(), CUSTOM_SECURE_BOOT_MODE, EFI_CUSTOM_MODE_NAME, EFI_STATUS(), gEfiCustomModeEnableGuid, TRUE, and UINTN().

Referenced by ProcessVarWithKek(), and ProcessVarWithPk().

EFI_STATUS InsertCertsToDb ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid,
IN UINT8 *  CertData,
IN UINTN  CertDataSize 
)

Insert signer's certificates for common authenticated variable with VariableName and VendorGuid in AUTH_CERT_DB_DATA to "certdb".

Parameters:
[in] VariableName Name of authenticated Variable.
[in] VendorGuid Vendor GUID of authenticated Variable.
[in] CertData Pointer to signer's certificates.
[in] CertDataSize Length of CertData in bytes.
Return values:
EFI_INVALID_PARAMETER Any input parameter is invalid.
EFI_ACCESS_DENIED An AUTH_CERT_DB_DATA entry with same VariableName and VendorGuid already exists.
EFI_OUT_OF_RESOURCES The operation is failed due to lack of resources.
EFI_SUCCESS Insert an AUTH_CERT_DB_DATA entry to "certdb"

References AuthServiceInternalFindVariable(), AuthServiceInternalUpdateVariable(), AUTH_CERT_DB_DATA::CertDataSize, AUTH_CERT_DB_DATA::CertNodeSize, EFI_CERT_DB_NAME, EFI_STATUS(), FindCertsFromDb(), gEfiCertDbGuid, mCertDbStore, mMaxCertDbSize, AUTH_CERT_DB_DATA::NameSize, UINTN(), and AUTH_CERT_DB_DATA::VendorGuid.

Referenced by VerifyTimeBasedPayload().

BOOLEAN IsDeleteAuthVariable ( IN UINT32  OrgAttributes,
IN VOID *  Data,
IN UINTN  DataSize,
IN UINT32  Attributes 
)

Check if it is to delete auth variable.

Parameters:
[in] OrgAttributes Original attribute value of the variable.
[in] Data Data pointer.
[in] DataSize Size of Data.
[in] Attributes Attribute value of the variable.
Return values:
TRUE It is to delete auth variable.
FALSE It is not to delete auth variable.

References AUTHINFO_SIZE, BOOLEAN(), TRUE, and UINTN().

Referenced by ProcessVariable().

BOOLEAN NeedPhysicallyPresent ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid 
)

Determine whether this operation needs a physical present user.

Parameters:
[in] VariableName Name of the Variable.
[in] VendorGuid GUID of the Variable.
Return values:
TRUE This variable is protected, only a physical present user could set this variable.
FALSE This variable is not protected.

References EFI_CUSTOM_MODE_NAME, EFI_SECURE_BOOT_ENABLE_NAME, gEfiCustomModeEnableGuid, gEfiSecureBootEnableDisableGuid, and TRUE.

Referenced by ProcessVariable().

EFI_STATUS ProcessVariable ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid,
IN VOID *  Data,
IN UINTN  DataSize,
IN UINT32  Attributes 
)

Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS/EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set

Caution: This function may receive untrusted input. This function may be invoked in SMM mode, and datasize and data are external input. This function will do basic validation, before parse the data. This function will parse the authentication carefully to avoid security issues, like buffer overflow, integer overflow. This function will check attribute carefully to avoid authentication bypass.

Parameters:
[in] VariableName Name of the variable.
[in] VendorGuid Variable vendor GUID.
[in] Data Data pointer.
[in] DataSize Size of Data.
[in] Attributes Attribute value of the variable.
Returns:
EFI_INVALID_PARAMETER Invalid parameter.

EFI_WRITE_PROTECTED Variable is write-protected and needs authentication with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.

EFI_OUT_OF_RESOURCES The Database to save the public key is full.

EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set, but the AuthInfo does NOT pass the validation check carried out by the firmware.

EFI_SUCCESS Variable is not write-protected or pass validation successfully.

References AddPubKeyInStore(), AUTHINFO_SIZE, AuthServiceInternalUpdateVariable(), AuthServiceInternalUpdateVariableWithMonotonicCount(), AuthVarTypePriv, BOOLEAN(), DeleteCertsFromDb(), EFI_CERT_TYPE_RSA2048_SIZE, EFI_STATUS(), IsDeleteAuthVariable(), mAuthVarLibContextIn, mPubKeyNumber, mPubKeyStore, NeedPhysicallyPresent(), TRUE, UserPhysicalPresent(), VerifyCounterBasedPayload(), and VerifyTimeBasedPayloadAndUpdate().

Referenced by AuthVariableLibProcessVariable().

EFI_STATUS ProcessVarWithKek ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid,
IN VOID *  Data,
IN UINTN  DataSize,
IN UINT32  Attributes 
)

Process variable with key exchange key for verification.

Caution: This function may receive untrusted input. This function may be invoked in SMM mode, and datasize and data are external input. This function will do basic validation, before parse the data. This function will parse the authentication carefully to avoid security issues, like buffer overflow, integer overflow. This function will check attribute carefully to avoid authentication bypass.

Parameters:
[in] VariableName Name of Variable to be found.
[in] VendorGuid Variable vendor GUID.
[in] Data Data pointer.
[in] DataSize Size of Data found. If size is less than the data, this value contains the required size.
[in] Attributes Attribute value of the variable.
Returns:
EFI_INVALID_PARAMETER Invalid parameter.

EFI_SECURITY_VIOLATION The variable does NOT pass the validation check carried out by the firmware.

EFI_SUCCESS Variable pass validation successfully.

References AuthServiceInternalUpdateVariableWithTimeStamp(), AuthVarTypeKek, CheckSignatureListFormat(), EFI_STATUS(), InCustomMode(), mPlatformMode, UINTN(), UserPhysicalPresent(), VendorKeyIsModified(), and VerifyTimeBasedPayloadAndUpdate().

Referenced by AuthVariableLibProcessVariable(), and EsalSetVariable().

EFI_STATUS ProcessVarWithPk ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid,
IN VOID *  Data,
IN UINTN  DataSize,
IN UINT32  Attributes,
IN BOOLEAN  IsPk 
)

Process variable with platform key for verification.

Caution: This function may receive untrusted input. This function may be invoked in SMM mode, and datasize and data are external input. This function will do basic validation, before parse the data. This function will parse the authentication carefully to avoid security issues, like buffer overflow, integer overflow. This function will check attribute carefully to avoid authentication bypass.

Parameters:
[in] VariableName Name of Variable to be found.
[in] VendorGuid Variable vendor GUID.
[in] Data Data pointer.
[in] DataSize Size of Data found. If size is less than the data, this value contains the required size.
[in] Attributes Attribute value of the variable
[in] IsPk Indicate whether it is to process pk.
Returns:
EFI_INVALID_PARAMETER Invalid parameter.

EFI_SECURITY_VIOLATION The variable does NOT pass the validation. check carried out by the firmware.

EFI_SUCCESS Variable passed validation successfully.

References AuthServiceInternalUpdateVariableWithTimeStamp(), AuthVarTypePayload, AuthVarTypePk, BOOLEAN(), CheckSignatureListFormat(), EFI_STATUS(), InCustomMode(), mPlatformMode, TRUE, UINTN(), UpdatePlatformMode(), UserPhysicalPresent(), VendorKeyIsModified(), and VerifyTimeBasedPayloadAndUpdate().

Referenced by AuthVariableLibProcessVariable(), and EsalSetVariable().

EFI_STATUS UpdatePlatformMode ( IN UINT32  Mode  ) 

Update platform mode.

Parameters:
[in] Mode SETUP_MODE or USER_MODE.
Returns:
EFI_INVALID_PARAMETER Invalid parameter.

EFI_SUCCESS Update platform mode successfully.

References AuthServiceInternalFindVariable(), AuthServiceInternalUpdateVariable(), EFI_SECURE_BOOT_ENABLE_NAME, EFI_STATUS(), gEfiSecureBootEnableDisableGuid, mAuthVarLibContextIn, mPlatformMode, SECURE_BOOT_DISABLE, SECURE_BOOT_ENABLE, and UINTN().

Referenced by ProcessVarWithPk().

EFI_STATUS VendorKeyIsModified ( VOID   ) 

Update "VendorKeys" variable to record the out of band secure boot key modification.

Returns:
EFI_SUCCESS Variable is updated successfully.

Others Failed to update variable.

References AuthServiceInternalUpdateVariable(), EFI_STATUS(), EFI_VENDOR_KEYS_NV_VARIABLE_NAME, gEfiVendorKeysNvGuid, mVendorKeyState, and VENDOR_KEYS_MODIFIED.

Referenced by ProcessVarWithKek(), and ProcessVarWithPk().

EFI_STATUS VerifyCounterBasedPayload ( IN UINT8 *  Data,
IN UINTN  DataSize,
IN UINT8 *  PubKey 
)

Verify data payload with AuthInfo in EFI_CERT_TYPE_RSA2048_SHA256_GUID type. Follow the steps in UEFI2.2.

Caution: This function may receive untrusted input. This function may be invoked in SMM mode, and datasize and data are external input. This function will do basic validation, before parse the data. This function will parse the authentication carefully to avoid security issues, like buffer overflow, integer overflow.

Parameters:
[in] Data Pointer to data with AuthInfo.
[in] DataSize Size of Data.
[in] PubKey Public key used for verification.
Return values:
EFI_INVALID_PARAMETER Invalid parameter.
EFI_SECURITY_VIOLATION If authentication failed.
EFI_SUCCESS Authentication successful.

References AUTHINFO_SIZE, BOOLEAN(), EFI_CERT_TYPE_RSA2048_SHA256_SIZE, EFI_CERT_TYPE_RSA2048_SIZE, mHashCtx, mRsaE, SHA256_DIGEST_SIZE, and UINTN().

Referenced by ProcessVariable().

EFI_STATUS VerifyTimeBasedPayload ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid,
IN VOID *  Data,
IN UINTN  DataSize,
IN UINT32  Attributes,
IN AUTHVAR_TYPE  AuthVarType,
IN EFI_TIME *  OrgTimeStamp,
OUT UINT8 **  VarPayloadPtr,
OUT UINTN *  VarPayloadSize 
)

Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set

Caution: This function may receive untrusted input. This function may be invoked in SMM mode, and datasize and data are external input. This function will do basic validation, before parse the data. This function will parse the authentication carefully to avoid security issues, like buffer overflow, integer overflow.

Parameters:
[in] VariableName Name of Variable to be found.
[in] VendorGuid Variable vendor GUID.
[in] Data Data pointer.
[in] DataSize Size of Data found. If size is less than the data, this value contains the required size.
[in] Attributes Attribute value of the variable.
[in] AuthVarType Verify against PK, KEK database, private database or certificate in data payload.
[in] OrgTimeStamp Pointer to original time stamp, original variable is not found if NULL.
[out] VarPayloadPtr Pointer to variable payload address.
[out] VarPayloadSize Pointer to variable payload size.
Return values:
EFI_INVALID_PARAMETER Invalid parameter.
EFI_SECURITY_VIOLATION The variable does NOT pass the validation check carried out by the firmware.
EFI_OUT_OF_RESOURCES Failed to process variable due to lack of resources.
EFI_SUCCESS Variable pass validation successfully.

References AuthServiceInternalCompareTimeStamp(), AuthServiceInternalFindVariable(), AuthVarTypeKek, AuthVarTypePayload, AuthVarTypePk, AuthVarTypePriv, BOOLEAN(), CheckSignatureListFormat(), EFI_STATUS(), GetCertsFromDb(), InsertCertsToDb(), mAuthVarLibContextIn, and UINTN().

Referenced by VerifyTimeBasedPayloadAndUpdate().

EFI_STATUS VerifyTimeBasedPayloadAndUpdate ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid,
IN VOID *  Data,
IN UINTN  DataSize,
IN UINT32  Attributes,
IN AUTHVAR_TYPE  AuthVarType,
OUT BOOLEAN *  VarDel 
)

Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set

Caution: This function may receive untrusted input. This function may be invoked in SMM mode, and datasize and data are external input. This function will do basic validation, before parse the data. This function will parse the authentication carefully to avoid security issues, like buffer overflow, integer overflow.

Parameters:
[in] VariableName Name of Variable to be found.
[in] VendorGuid Variable vendor GUID.
[in] Data Data pointer.
[in] DataSize Size of Data found. If size is less than the data, this value contains the required size.
[in] Attributes Attribute value of the variable.
[in] AuthVarType Verify against PK, KEK database, private database or certificate in data payload.
[out] VarDel Delete the variable or not.
Return values:
EFI_INVALID_PARAMETER Invalid parameter.
EFI_SECURITY_VIOLATION The variable does NOT pass the validation check carried out by the firmware.
EFI_OUT_OF_RESOURCES Failed to process variable due to lack of resources.
EFI_SUCCESS Variable pass validation successfully.

References AuthServiceInternalUpdateVariableWithTimeStamp(), AuthVarTypePriv, BOOLEAN(), DeleteCertsFromDb(), EFI_STATUS(), mAuthVarLibContextIn, TRUE, UINTN(), and VerifyTimeBasedPayload().

Referenced by ProcessVariable(), ProcessVarWithKek(), and ProcessVarWithPk().


Variable Documentation

CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 }

Initial value:

 {

  {EFI_CERT_SHA256_GUID,          0,               32           },
  {EFI_CERT_RSA2048_GUID,         0,               256          },
  {EFI_CERT_RSA2048_SHA256_GUID,  0,               256          },
  {EFI_CERT_SHA1_GUID,            0,               20           },
  {EFI_CERT_RSA2048_SHA1_GUID,    0,               256          },
  {EFI_CERT_X509_GUID,            0,               ((UINT32) ~0)},
  {EFI_CERT_SHA224_GUID,          0,               28           },
  {EFI_CERT_SHA384_GUID,          0,               48           },
  {EFI_CERT_SHA512_GUID,          0,               64           },
  {EFI_CERT_X509_SHA256_GUID,     0,               48           },
  {EFI_CERT_X509_SHA384_GUID,     0,               64           },
  {EFI_CERT_X509_SHA512_GUID,     0,               80           }
}


Generated on Thu Sep 24 23:44:24 2015 for SecurityPkg[ALL] by  doxygen 1.5.7.1