2011-09-02 09:49:32 +02:00
|
|
|
/** @file
|
|
|
|
Usb Credential Provider driver implemenetation.
|
|
|
|
|
2014-03-21 01:57:42 +01:00
|
|
|
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
|
2011-09-02 09:49:32 +02:00
|
|
|
This program and the accompanying materials
|
|
|
|
are licensed and made available under the terms and conditions of the BSD License
|
|
|
|
which accompanies this distribution. The full text of the license may be found at
|
|
|
|
http://opensource.org/licenses/bsd-license.php
|
|
|
|
|
|
|
|
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
|
|
|
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
|
|
|
|
|
|
|
**/
|
|
|
|
|
|
|
|
#include "UsbCredentialProvider.h"
|
|
|
|
|
|
|
|
CREDENTIAL_TABLE *mUsbTable = NULL;
|
|
|
|
USB_PROVIDER_CALLBACK_INFO *mCallbackInfo = NULL;
|
|
|
|
USB_CREDENTIAL_INFO *mUsbInfoHandle = NULL;
|
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
EFI_USER_CREDENTIAL2_PROTOCOL gUsbCredentialProviderDriver = {
|
2011-09-02 09:49:32 +02:00
|
|
|
USB_CREDENTIAL_PROVIDER_GUID,
|
|
|
|
EFI_USER_CREDENTIAL_CLASS_SECURE_CARD,
|
|
|
|
CredentialEnroll,
|
|
|
|
CredentialForm,
|
|
|
|
CredentialTile,
|
|
|
|
CredentialTitle,
|
|
|
|
CredentialUser,
|
|
|
|
CredentialSelect,
|
|
|
|
CredentialDeselect,
|
|
|
|
CredentialDefault,
|
|
|
|
CredentialGetInfo,
|
2011-10-12 05:38:19 +02:00
|
|
|
CredentialGetNextInfo,
|
|
|
|
EFI_CREDENTIAL_CAPABILITIES_ENROLL,
|
|
|
|
CredentialDelete
|
2011-09-02 09:49:32 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Get string by string id from HII Interface.
|
|
|
|
|
|
|
|
|
|
|
|
@param[in] Id String ID to get the string from.
|
|
|
|
|
|
|
|
@retval CHAR16 * String from ID.
|
|
|
|
@retval NULL If error occurs.
|
|
|
|
|
|
|
|
**/
|
|
|
|
CHAR16 *
|
|
|
|
GetStringById (
|
|
|
|
IN EFI_STRING_ID Id
|
|
|
|
)
|
|
|
|
{
|
|
|
|
//
|
|
|
|
// Get the current string for the current Language
|
|
|
|
//
|
|
|
|
return HiiGetString (mCallbackInfo->HiiHandle, Id, NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Expand password table size.
|
|
|
|
|
|
|
|
**/
|
|
|
|
VOID
|
|
|
|
ExpandTableSize (
|
|
|
|
VOID
|
|
|
|
)
|
|
|
|
{
|
|
|
|
CREDENTIAL_TABLE *NewTable;
|
|
|
|
UINTN Count;
|
|
|
|
|
|
|
|
Count = mUsbTable->MaxCount + USB_TABLE_INC;
|
|
|
|
//
|
|
|
|
// Create new credential table.
|
|
|
|
//
|
|
|
|
NewTable = AllocateZeroPool (
|
|
|
|
sizeof (CREDENTIAL_TABLE) - sizeof (USB_INFO) +
|
|
|
|
Count * sizeof (USB_INFO)
|
|
|
|
);
|
|
|
|
ASSERT (NewTable != NULL);
|
|
|
|
|
|
|
|
NewTable->MaxCount = Count;
|
|
|
|
NewTable->Count = mUsbTable->Count;
|
|
|
|
|
|
|
|
//
|
|
|
|
// Copy old entries.
|
|
|
|
//
|
|
|
|
CopyMem (
|
|
|
|
&NewTable->UserInfo,
|
|
|
|
&mUsbTable->UserInfo,
|
|
|
|
mUsbTable->Count * sizeof (USB_INFO)
|
|
|
|
);
|
|
|
|
FreePool (mUsbTable);
|
|
|
|
mUsbTable = NewTable;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
2011-10-12 05:38:19 +02:00
|
|
|
Add, update or delete info in table, and sync with NV variable.
|
2011-09-02 09:49:32 +02:00
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
@param[in] Index The index of the password in table. If index is found in
|
|
|
|
table, update the info, else add the into to table.
|
|
|
|
@param[in] Info The new credential info to add into table. If Info is NULL,
|
|
|
|
delete the info by Index.
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
@retval EFI_INVALID_PARAMETER Info is NULL when save the info.
|
|
|
|
@retval EFI_SUCCESS Modify the table successfully.
|
|
|
|
@retval Others Failed to modify the table.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
ModifyTable (
|
|
|
|
IN UINTN Index,
|
|
|
|
IN USB_INFO * Info OPTIONAL
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
2011-10-12 05:38:19 +02:00
|
|
|
USB_INFO *NewUsbInfo;
|
2011-09-02 09:49:32 +02:00
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
NewUsbInfo = NULL;
|
2011-09-02 09:49:32 +02:00
|
|
|
if (Index < mUsbTable->Count) {
|
2011-10-12 05:38:19 +02:00
|
|
|
if (Info == NULL) {
|
|
|
|
//
|
|
|
|
// Delete the specified entry.
|
|
|
|
//
|
|
|
|
mUsbTable->Count--;
|
|
|
|
if (Index != mUsbTable->Count) {
|
|
|
|
NewUsbInfo = &mUsbTable->UserInfo[mUsbTable->Count];
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
//
|
|
|
|
// Update the specified entry.
|
|
|
|
//
|
|
|
|
NewUsbInfo = Info;
|
2011-09-02 09:49:32 +02:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
//
|
|
|
|
// Add a new entry
|
|
|
|
//
|
|
|
|
if (Info == NULL) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (mUsbTable->Count >= mUsbTable->MaxCount) {
|
|
|
|
ExpandTableSize ();
|
|
|
|
}
|
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
NewUsbInfo = Info;
|
2011-09-02 09:49:32 +02:00
|
|
|
mUsbTable->Count++;
|
|
|
|
}
|
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
if (NewUsbInfo != NULL) {
|
|
|
|
CopyMem (&mUsbTable->UserInfo[Index], NewUsbInfo, sizeof (USB_INFO));
|
|
|
|
}
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
//
|
|
|
|
// Save the credential table.
|
|
|
|
//
|
|
|
|
Status = gRT->SetVariable (
|
|
|
|
L"UsbCredential",
|
2011-09-18 14:25:27 +02:00
|
|
|
&gUsbCredentialProviderGuid,
|
2011-09-02 09:49:32 +02:00
|
|
|
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
|
|
|
|
mUsbTable->Count * sizeof (USB_INFO),
|
|
|
|
&mUsbTable->UserInfo
|
|
|
|
);
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Create a credential table
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Create a credential table successfully.
|
|
|
|
@retval Others Failed to create a password.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
InitCredentialTable (
|
|
|
|
VOID
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
UINT8 *Var;
|
|
|
|
UINTN VarSize;
|
|
|
|
|
|
|
|
//
|
|
|
|
// Get Usb credential data from NV variable.
|
|
|
|
//
|
|
|
|
VarSize = 0;
|
|
|
|
Var = NULL;
|
|
|
|
Status = gRT->GetVariable (
|
|
|
|
L"UsbCredential",
|
2011-09-18 14:25:27 +02:00
|
|
|
&gUsbCredentialProviderGuid,
|
2011-09-02 09:49:32 +02:00
|
|
|
NULL,
|
|
|
|
&VarSize,
|
|
|
|
Var
|
|
|
|
);
|
|
|
|
if (Status == EFI_BUFFER_TOO_SMALL) {
|
|
|
|
Var = AllocateZeroPool (VarSize);
|
|
|
|
if (Var == NULL) {
|
|
|
|
return EFI_OUT_OF_RESOURCES;
|
|
|
|
}
|
|
|
|
Status = gRT->GetVariable (
|
|
|
|
L"UsbCredential",
|
2011-09-18 14:25:27 +02:00
|
|
|
&gUsbCredentialProviderGuid,
|
2011-09-02 09:49:32 +02:00
|
|
|
NULL,
|
|
|
|
&VarSize,
|
|
|
|
Var
|
|
|
|
);
|
|
|
|
}
|
|
|
|
if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Init Usb credential table.
|
|
|
|
//
|
|
|
|
mUsbTable = AllocateZeroPool (
|
|
|
|
sizeof (CREDENTIAL_TABLE) - sizeof (USB_INFO) +
|
|
|
|
USB_TABLE_INC * sizeof (USB_INFO) +
|
|
|
|
VarSize
|
|
|
|
);
|
|
|
|
if (mUsbTable == NULL) {
|
|
|
|
FreePool (Var);
|
|
|
|
return EFI_OUT_OF_RESOURCES;
|
|
|
|
}
|
|
|
|
|
|
|
|
mUsbTable->Count = VarSize / sizeof (USB_INFO);
|
|
|
|
mUsbTable->MaxCount = mUsbTable->Count + USB_TABLE_INC;
|
|
|
|
if (Var != NULL) {
|
|
|
|
CopyMem (mUsbTable->UserInfo, Var, VarSize);
|
|
|
|
FreePool (Var);
|
|
|
|
}
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Read the specified file by FileName in the Usb key and return the file size in BufferSize
|
|
|
|
and file content in Buffer.
|
|
|
|
Note: the caller is responsible to free the buffer memory.
|
|
|
|
|
|
|
|
@param FileName File to read.
|
|
|
|
@param Buffer Returned with data read from the file.
|
|
|
|
@param BufferSize Size of the data buffer.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS The command completed successfully.
|
|
|
|
@retval EFI_OUT_OF_RESOURCES Resource allocation failed.
|
|
|
|
@retval EFI_NOT_FOUND File not found.
|
|
|
|
@retval EFI_DEVICE_ERROR Device I/O error.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
GetFileData (
|
|
|
|
IN CHAR16 *FileName,
|
|
|
|
OUT VOID **Buffer,
|
|
|
|
OUT UINTN *BufferSize
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
UINTN Index;
|
|
|
|
UINTN HandleCount;
|
|
|
|
UINTN ScratchBufferSize;
|
|
|
|
EFI_HANDLE *HandleBuffer;
|
|
|
|
EFI_FILE *RootFs;
|
|
|
|
EFI_FILE *FileHandle;
|
|
|
|
EFI_FILE_INFO *FileInfo;
|
|
|
|
EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *SimpleFileSystem;
|
|
|
|
EFI_BLOCK_IO_PROTOCOL *BlkIo;
|
|
|
|
|
|
|
|
FileInfo = NULL;
|
|
|
|
FileHandle = NULL;
|
|
|
|
|
|
|
|
Status = gBS->LocateHandleBuffer (
|
|
|
|
ByProtocol,
|
|
|
|
&gEfiSimpleFileSystemProtocolGuid,
|
|
|
|
NULL,
|
|
|
|
&HandleCount,
|
|
|
|
&HandleBuffer
|
|
|
|
);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
DEBUG ((DEBUG_ERROR, "Can not Locate SimpleFileSystemProtocol\n"));
|
|
|
|
goto Done;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Find and open the file in removable media disk.
|
|
|
|
//
|
|
|
|
for (Index = 0; Index < HandleCount; Index++) {
|
|
|
|
Status = gBS->HandleProtocol (
|
|
|
|
HandleBuffer[Index],
|
|
|
|
&gEfiBlockIoProtocolGuid,
|
|
|
|
(VOID **) &BlkIo
|
|
|
|
);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (BlkIo->Media->RemovableMedia) {
|
|
|
|
Status = gBS->HandleProtocol (
|
|
|
|
HandleBuffer[Index],
|
|
|
|
&gEfiSimpleFileSystemProtocolGuid,
|
|
|
|
(VOID **) &SimpleFileSystem
|
|
|
|
);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
Status = SimpleFileSystem->OpenVolume (
|
|
|
|
SimpleFileSystem,
|
|
|
|
&RootFs
|
|
|
|
);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
Status = RootFs->Open (
|
|
|
|
RootFs,
|
|
|
|
&FileHandle,
|
|
|
|
FileName,
|
|
|
|
EFI_FILE_MODE_READ,
|
|
|
|
0
|
|
|
|
);
|
|
|
|
if (!EFI_ERROR (Status)) {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
FreePool (HandleBuffer);
|
|
|
|
|
|
|
|
if (Index >= HandleCount) {
|
|
|
|
DEBUG ((DEBUG_ERROR, "Can not found the token file!\n"));
|
|
|
|
Status = EFI_NOT_FOUND;
|
|
|
|
goto Done;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Figure out how big the file is.
|
|
|
|
//
|
|
|
|
ScratchBufferSize = 0;
|
|
|
|
Status = FileHandle->GetInfo (
|
|
|
|
FileHandle,
|
|
|
|
&gEfiFileInfoGuid,
|
|
|
|
&ScratchBufferSize,
|
|
|
|
NULL
|
|
|
|
);
|
|
|
|
if (EFI_ERROR (Status) && (Status != EFI_BUFFER_TOO_SMALL)) {
|
|
|
|
DEBUG ((DEBUG_ERROR, "Can not obtain file size info!\n"));
|
|
|
|
Status = EFI_DEVICE_ERROR;
|
|
|
|
goto Done;
|
|
|
|
}
|
|
|
|
|
|
|
|
FileInfo = AllocateZeroPool (ScratchBufferSize);
|
|
|
|
if (FileInfo == NULL) {
|
|
|
|
DEBUG ((DEBUG_ERROR, "Can not allocate enough memory for the token file!\n"));
|
|
|
|
Status = EFI_OUT_OF_RESOURCES;
|
|
|
|
goto Done;
|
|
|
|
}
|
|
|
|
|
|
|
|
Status = FileHandle->GetInfo (
|
|
|
|
FileHandle,
|
|
|
|
&gEfiFileInfoGuid,
|
|
|
|
&ScratchBufferSize,
|
|
|
|
FileInfo
|
|
|
|
);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
DEBUG ((DEBUG_ERROR, "Can not obtain file info from the token file!\n"));
|
|
|
|
Status = EFI_DEVICE_ERROR;
|
|
|
|
goto Done;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Allocate a buffer for the file.
|
|
|
|
//
|
|
|
|
*BufferSize = (UINT32) FileInfo->FileSize;
|
|
|
|
*Buffer = AllocateZeroPool (*BufferSize);
|
|
|
|
if (*Buffer == NULL) {
|
|
|
|
DEBUG ((DEBUG_ERROR, "Can not allocate a buffer for the file!\n"));
|
|
|
|
Status = EFI_OUT_OF_RESOURCES;
|
|
|
|
goto Done;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Load file into the allocated memory.
|
|
|
|
//
|
|
|
|
Status = FileHandle->Read (FileHandle, BufferSize, *Buffer);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
FreePool (*Buffer);
|
|
|
|
DEBUG ((DEBUG_ERROR, "Can not read the token file!\n"));
|
|
|
|
Status = EFI_DEVICE_ERROR;
|
|
|
|
goto Done;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Close file.
|
|
|
|
//
|
|
|
|
Status = FileHandle->Close (FileHandle);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
FreePool (*Buffer);
|
|
|
|
DEBUG ((DEBUG_ERROR, "Can not close the token file !\n"));
|
|
|
|
Status = EFI_DEVICE_ERROR;
|
|
|
|
}
|
|
|
|
|
|
|
|
Done:
|
|
|
|
|
|
|
|
if (FileInfo != NULL) {
|
|
|
|
FreePool (FileInfo);
|
|
|
|
}
|
|
|
|
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Hash the data to get credential.
|
|
|
|
|
|
|
|
@param[in] Buffer Points to the data buffer
|
|
|
|
@param[in] BufferSize The size of data in buffer, in bytes.
|
|
|
|
@param[out] Credential Points to the hashed result
|
|
|
|
|
|
|
|
@retval TRUE Hash the data successfully.
|
|
|
|
@retval FALSE Failed to hash the data.
|
|
|
|
|
|
|
|
**/
|
|
|
|
BOOLEAN
|
|
|
|
GenerateCredential (
|
|
|
|
IN UINT8 *Buffer,
|
|
|
|
IN UINTN BufferSize,
|
|
|
|
OUT UINT8 *Credential
|
|
|
|
)
|
|
|
|
{
|
|
|
|
BOOLEAN Status;
|
|
|
|
UINTN HashSize;
|
|
|
|
VOID *Hash;
|
|
|
|
|
|
|
|
HashSize = Sha1GetContextSize ();
|
|
|
|
Hash = AllocatePool (HashSize);
|
|
|
|
ASSERT (Hash != NULL);
|
|
|
|
|
|
|
|
Status = Sha1Init (Hash);
|
|
|
|
if (!Status) {
|
|
|
|
goto Done;
|
|
|
|
}
|
|
|
|
|
|
|
|
Status = Sha1Update (Hash, Buffer, BufferSize);
|
|
|
|
if (!Status) {
|
|
|
|
goto Done;
|
|
|
|
}
|
|
|
|
|
|
|
|
Status = Sha1Final (Hash, Credential);
|
|
|
|
|
|
|
|
Done:
|
|
|
|
FreePool (Hash);
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Read the token file, and default the Token is saved at the begining of the file.
|
|
|
|
|
|
|
|
@param[out] Token Token read from a Token file.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Read a Token successfully.
|
|
|
|
@retval Others Fails to read a Token.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
GetToken (
|
|
|
|
OUT UINT8 *Token
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
UINT8 *Buffer;
|
|
|
|
UINTN BufSize;
|
|
|
|
CHAR16 *TokenFile;
|
|
|
|
|
|
|
|
BufSize = 0;
|
|
|
|
Buffer = NULL;
|
2014-08-15 10:10:55 +02:00
|
|
|
TokenFile = PcdGetPtr (PcdFixedUsbCredentialProviderTokenFileName);
|
2011-09-02 09:49:32 +02:00
|
|
|
Status = GetFileData (TokenFile, (VOID *)&Buffer, &BufSize);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
DEBUG ((DEBUG_ERROR, "Read file %s from USB error! Status=(%r)\n", TokenFile, Status));
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!GenerateCredential (Buffer, BufSize, Token)) {
|
|
|
|
DEBUG ((DEBUG_ERROR, "Generate credential from read data failed!\n"));
|
|
|
|
FreePool (Buffer);
|
|
|
|
return EFI_SECURITY_VIOLATION;
|
|
|
|
}
|
|
|
|
|
|
|
|
FreePool (Buffer);
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Find a user infomation record by the information record type.
|
|
|
|
|
|
|
|
This function searches all user information records of User from beginning
|
|
|
|
until either the information is found or there are no more user infomation
|
|
|
|
record. A match occurs when a Info.InfoType field matches the user information
|
|
|
|
record type.
|
|
|
|
|
|
|
|
@param[in] User Points to the user profile record to search.
|
|
|
|
@param[in] InfoType The infomation type to be searched.
|
|
|
|
@param[out] Info Points to the user info found, the caller is responsible
|
|
|
|
to free.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Find the user information successfully.
|
|
|
|
@retval Others Fail to find the user information.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
FindUserInfoByType (
|
|
|
|
IN EFI_USER_PROFILE_HANDLE User,
|
|
|
|
IN UINT8 InfoType,
|
|
|
|
OUT EFI_USER_INFO **Info
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
EFI_USER_INFO *UserInfo;
|
|
|
|
UINTN UserInfoSize;
|
|
|
|
EFI_USER_INFO_HANDLE UserInfoHandle;
|
|
|
|
EFI_USER_MANAGER_PROTOCOL *UserManager;
|
|
|
|
|
|
|
|
//
|
|
|
|
// Find user information by information type.
|
|
|
|
//
|
|
|
|
if (Info == NULL) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
|
|
|
|
Status = gBS->LocateProtocol (
|
|
|
|
&gEfiUserManagerProtocolGuid,
|
|
|
|
NULL,
|
|
|
|
(VOID **) &UserManager
|
|
|
|
);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
return EFI_NOT_FOUND;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Get each user information.
|
|
|
|
//
|
|
|
|
|
|
|
|
UserInfoHandle = NULL;
|
|
|
|
UserInfo = NULL;
|
|
|
|
UserInfoSize = 0;
|
|
|
|
while (TRUE) {
|
|
|
|
Status = UserManager->GetNextInfo (UserManager, User, &UserInfoHandle);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
//
|
|
|
|
// Get information.
|
|
|
|
//
|
|
|
|
Status = UserManager->GetInfo (
|
|
|
|
UserManager,
|
|
|
|
User,
|
|
|
|
UserInfoHandle,
|
|
|
|
UserInfo,
|
|
|
|
&UserInfoSize
|
|
|
|
);
|
|
|
|
if (Status == EFI_BUFFER_TOO_SMALL) {
|
|
|
|
if (UserInfo != NULL) {
|
|
|
|
FreePool (UserInfo);
|
|
|
|
}
|
|
|
|
UserInfo = AllocateZeroPool (UserInfoSize);
|
|
|
|
if (UserInfo == NULL) {
|
|
|
|
return EFI_OUT_OF_RESOURCES;
|
|
|
|
}
|
|
|
|
Status = UserManager->GetInfo (
|
|
|
|
UserManager,
|
|
|
|
User,
|
|
|
|
UserInfoHandle,
|
|
|
|
UserInfo,
|
|
|
|
&UserInfoSize
|
|
|
|
);
|
|
|
|
}
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
ASSERT (UserInfo != NULL);
|
|
|
|
if (UserInfo->InfoType == InfoType) {
|
|
|
|
*Info = UserInfo;
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (UserInfo != NULL) {
|
|
|
|
FreePool (UserInfo);
|
|
|
|
}
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
This function initialize the data mainly used in form browser.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Initialize form data successfully.
|
|
|
|
@retval Others Fail to Initialize form data.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
InitFormBrowser (
|
|
|
|
VOID
|
|
|
|
)
|
|
|
|
{
|
|
|
|
USB_PROVIDER_CALLBACK_INFO *CallbackInfo;
|
|
|
|
|
|
|
|
//
|
|
|
|
// Initialize driver private data.
|
|
|
|
//
|
|
|
|
CallbackInfo = AllocateZeroPool (sizeof (USB_PROVIDER_CALLBACK_INFO));
|
|
|
|
if (CallbackInfo == NULL) {
|
|
|
|
return EFI_OUT_OF_RESOURCES;
|
|
|
|
}
|
|
|
|
|
|
|
|
CallbackInfo->DriverHandle = NULL;
|
|
|
|
|
|
|
|
//
|
|
|
|
// Publish HII data.
|
|
|
|
//
|
|
|
|
CallbackInfo->HiiHandle = HiiAddPackages (
|
2011-09-18 14:25:27 +02:00
|
|
|
&gUsbCredentialProviderGuid,
|
2011-09-02 09:49:32 +02:00
|
|
|
CallbackInfo->DriverHandle,
|
|
|
|
UsbCredentialProviderStrings,
|
|
|
|
NULL
|
|
|
|
);
|
|
|
|
if (CallbackInfo->HiiHandle == NULL) {
|
|
|
|
return EFI_OUT_OF_RESOURCES;
|
|
|
|
}
|
|
|
|
mCallbackInfo = CallbackInfo;
|
|
|
|
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Enroll a user on a credential provider.
|
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
This function enrolls a user on this credential provider. If the user exists on
|
|
|
|
this credential provider, update the user information on this credential provider;
|
|
|
|
otherwise add the user information on credential provider.
|
2011-09-02 09:49:32 +02:00
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
@param[in] This Points to this instance of EFI_USER_CREDENTIAL2_PROTOCOL.
|
2011-09-02 09:49:32 +02:00
|
|
|
@param[in] User The user profile to enroll.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS User profile was successfully enrolled.
|
|
|
|
@retval EFI_ACCESS_DENIED Current user profile does not permit enrollment on the
|
|
|
|
user profile handle. Either the user profile cannot enroll
|
|
|
|
on any user profile or cannot enroll on a user profile
|
|
|
|
other than the current user profile.
|
|
|
|
@retval EFI_UNSUPPORTED This credential provider does not support enrollment in
|
|
|
|
the pre-OS.
|
|
|
|
@retval EFI_DEVICE_ERROR The new credential could not be created because of a device
|
|
|
|
error.
|
|
|
|
@retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
CredentialEnroll (
|
2011-10-12 05:38:19 +02:00
|
|
|
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
|
2011-09-02 09:49:32 +02:00
|
|
|
IN EFI_USER_PROFILE_HANDLE User
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
UINTN Index;
|
|
|
|
USB_INFO UsbInfo;
|
|
|
|
EFI_USER_INFO *UserInfo;
|
|
|
|
EFI_INPUT_KEY Key;
|
|
|
|
UINT8 *UserId;
|
|
|
|
CHAR16 *QuestionStr;
|
|
|
|
CHAR16 *PromptStr;
|
|
|
|
|
|
|
|
if ((This == NULL) || (User == NULL)) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Get User Identifier
|
|
|
|
//
|
|
|
|
UserInfo = NULL;
|
|
|
|
Status = FindUserInfoByType (
|
|
|
|
User,
|
|
|
|
EFI_USER_INFO_IDENTIFIER_RECORD,
|
|
|
|
&UserInfo
|
|
|
|
);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
CopyMem (UsbInfo.UserId, (UINT8 *) (UserInfo + 1), sizeof (EFI_USER_INFO_IDENTIFIER));
|
|
|
|
FreePool (UserInfo);
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
//
|
|
|
|
// Get Token and User ID to UsbInfo.
|
|
|
|
//
|
|
|
|
Status = GetToken (UsbInfo.Token);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
QuestionStr = GetStringById (STRING_TOKEN (STR_READ_USB_TOKEN_ERROR));
|
|
|
|
PromptStr = GetStringById (STRING_TOKEN (STR_INSERT_USB_TOKEN));
|
|
|
|
CreatePopUp (
|
|
|
|
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
|
|
|
|
&Key,
|
|
|
|
QuestionStr,
|
|
|
|
L"",
|
|
|
|
PromptStr,
|
|
|
|
NULL
|
|
|
|
);
|
|
|
|
FreePool (QuestionStr);
|
|
|
|
FreePool (PromptStr);
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
2011-10-12 05:38:19 +02:00
|
|
|
// Check whether User is ever enrolled in the provider.
|
|
|
|
//
|
|
|
|
for (Index = 0; Index < mUsbTable->Count; Index++) {
|
|
|
|
UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
|
|
|
|
if (CompareMem (UserId, (UINT8 *) &UsbInfo.UserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
|
|
|
|
//
|
|
|
|
// User already exists, update the password.
|
|
|
|
//
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Enroll the User to the provider.
|
2011-09-02 09:49:32 +02:00
|
|
|
//
|
2011-10-12 05:38:19 +02:00
|
|
|
Status = ModifyTable (Index, &UsbInfo);
|
2011-09-02 09:49:32 +02:00
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Returns the user interface information used during user identification.
|
|
|
|
|
|
|
|
This function returns information about the form used when interacting with the
|
|
|
|
user during user identification. The form is the first enabled form in the form-set
|
|
|
|
class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII handle HiiHandle. If
|
|
|
|
the user credential provider does not require a form to identify the user, then this
|
|
|
|
function should return EFI_NOT_FOUND.
|
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
|
2011-09-02 09:49:32 +02:00
|
|
|
@param[out] Hii On return, holds the HII database handle.
|
|
|
|
@param[out] FormSetId On return, holds the identifier of the form set which contains
|
|
|
|
the form used during user identification.
|
|
|
|
@param[out] FormId On return, holds the identifier of the form used during user
|
|
|
|
identification.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Form returned successfully.
|
|
|
|
@retval EFI_NOT_FOUND Form not returned.
|
|
|
|
@retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or FormId is NULL.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
CredentialForm (
|
2011-10-12 05:38:19 +02:00
|
|
|
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
|
2011-09-02 09:49:32 +02:00
|
|
|
OUT EFI_HII_HANDLE *Hii,
|
|
|
|
OUT EFI_GUID *FormSetId,
|
|
|
|
OUT EFI_FORM_ID *FormId
|
|
|
|
)
|
|
|
|
{
|
|
|
|
if ((This == NULL) || (Hii == NULL) ||
|
|
|
|
(FormSetId == NULL) || (FormId == NULL)) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
return EFI_NOT_FOUND;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Returns bitmap used to describe the credential provider type.
|
|
|
|
|
|
|
|
This optional function returns a bitmap which is less than or equal to the number
|
|
|
|
of pixels specified by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND
|
|
|
|
is returned.
|
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
|
2011-09-02 09:49:32 +02:00
|
|
|
@param[in, out] Width On entry, points to the desired bitmap width. If NULL then no
|
|
|
|
bitmap information will be returned. On exit, points to the
|
|
|
|
width of the bitmap returned.
|
|
|
|
@param[in, out] Height On entry, points to the desired bitmap height. If NULL then no
|
|
|
|
bitmap information will be returned. On exit, points to the
|
|
|
|
height of the bitmap returned.
|
|
|
|
@param[out] Hii On return, holds the HII database handle.
|
|
|
|
@param[out] Image On return, holds the HII image identifier.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Image identifier returned successfully.
|
|
|
|
@retval EFI_NOT_FOUND Image identifier not returned.
|
|
|
|
@retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
CredentialTile (
|
2011-10-12 05:38:19 +02:00
|
|
|
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
|
2011-09-02 09:49:32 +02:00
|
|
|
IN OUT UINTN *Width,
|
|
|
|
IN OUT UINTN *Height,
|
|
|
|
OUT EFI_HII_HANDLE *Hii,
|
|
|
|
OUT EFI_IMAGE_ID *Image
|
|
|
|
)
|
|
|
|
{
|
|
|
|
if ((This == NULL) || (Hii == NULL) || (Image == NULL)) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
return EFI_NOT_FOUND;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Returns string used to describe the credential provider type.
|
|
|
|
|
|
|
|
This function returns a string which describes the credential provider. If no
|
|
|
|
such string exists, then EFI_NOT_FOUND is returned.
|
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
|
2011-09-02 09:49:32 +02:00
|
|
|
@param[out] Hii On return, holds the HII database handle.
|
|
|
|
@param[out] String On return, holds the HII string identifier.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS String identifier returned successfully.
|
|
|
|
@retval EFI_NOT_FOUND String identifier not returned.
|
|
|
|
@retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
CredentialTitle (
|
2011-10-12 05:38:19 +02:00
|
|
|
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
|
2011-09-02 09:49:32 +02:00
|
|
|
OUT EFI_HII_HANDLE *Hii,
|
|
|
|
OUT EFI_STRING_ID *String
|
|
|
|
)
|
|
|
|
{
|
|
|
|
if ((This == NULL) || (Hii == NULL) || (String == NULL)) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
//
|
|
|
|
// Set Hii handle and String ID.
|
|
|
|
//
|
|
|
|
*Hii = mCallbackInfo->HiiHandle;
|
|
|
|
*String = STRING_TOKEN (STR_CREDENTIAL_TITLE);
|
|
|
|
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Return the user identifier associated with the currently authenticated user.
|
|
|
|
|
|
|
|
This function returns the user identifier of the user authenticated by this credential
|
|
|
|
provider. This function is called after the credential-related information has been
|
|
|
|
submitted on a form OR after a call to Default() has returned that this credential is
|
|
|
|
ready to log on.
|
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
|
2011-09-02 09:49:32 +02:00
|
|
|
@param[in] User The user profile handle of the user profile currently being
|
|
|
|
considered by the user identity manager. If NULL, then no user
|
|
|
|
profile is currently under consideration.
|
|
|
|
@param[out] Identifier On return, points to the user identifier.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS User identifier returned successfully.
|
|
|
|
@retval EFI_NOT_READY No user identifier can be returned.
|
|
|
|
@retval EFI_ACCESS_DENIED The user has been locked out of this user credential.
|
|
|
|
@retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
|
|
|
|
@retval EFI_NOT_FOUND User is not NULL, and the specified user handle can't be
|
|
|
|
found in user profile database.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
CredentialUser (
|
2011-10-12 05:38:19 +02:00
|
|
|
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
|
2011-09-02 09:49:32 +02:00
|
|
|
IN EFI_USER_PROFILE_HANDLE User,
|
|
|
|
OUT EFI_USER_INFO_IDENTIFIER *Identifier
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
UINTN Index;
|
|
|
|
EFI_USER_INFO *UserInfo;
|
|
|
|
UINT8 *UserId;
|
|
|
|
UINT8 *NewUserId;
|
|
|
|
UINT8 *UserToken;
|
|
|
|
UINT8 ReadToken[HASHED_CREDENTIAL_LEN];
|
|
|
|
EFI_INPUT_KEY Key;
|
|
|
|
CHAR16 *QuestionStr;
|
|
|
|
CHAR16 *PromptStr;
|
|
|
|
|
|
|
|
if ((This == NULL) || (Identifier == NULL)) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (User == NULL) {
|
|
|
|
//
|
|
|
|
// Verify the auto logon user, get user id by matched token.
|
|
|
|
//
|
|
|
|
if (mUsbTable->Count == 0) {
|
|
|
|
return EFI_NOT_READY;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// No user selected, get token first and verify the user existed in user database.
|
|
|
|
//
|
|
|
|
Status = GetToken (ReadToken);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
return EFI_NOT_READY;
|
|
|
|
}
|
|
|
|
|
|
|
|
for (Index = 0; Index < mUsbTable->Count; Index++) {
|
|
|
|
//
|
|
|
|
// find the specified credential in the Usb credential database.
|
|
|
|
//
|
|
|
|
UserToken = mUsbTable->UserInfo[Index].Token;
|
|
|
|
if (CompareMem (UserToken, ReadToken, HASHED_CREDENTIAL_LEN) == 0) {
|
|
|
|
UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
|
|
|
|
CopyMem (Identifier, UserId, sizeof (EFI_USER_INFO_IDENTIFIER));
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return EFI_NOT_READY;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// User is not NULL here. Read a token, and check whether the token matches with
|
|
|
|
// the selected user's Token. If not, try to find a token in token DB to matches
|
|
|
|
// with read token.
|
|
|
|
//
|
|
|
|
|
|
|
|
Status = GetToken (ReadToken);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
QuestionStr = GetStringById (STRING_TOKEN (STR_READ_USB_TOKEN_ERROR));
|
|
|
|
PromptStr = GetStringById (STRING_TOKEN (STR_INSERT_USB_TOKEN));
|
|
|
|
CreatePopUp (
|
|
|
|
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
|
|
|
|
&Key,
|
|
|
|
QuestionStr,
|
|
|
|
L"",
|
|
|
|
PromptStr,
|
|
|
|
NULL
|
|
|
|
);
|
|
|
|
FreePool (QuestionStr);
|
|
|
|
FreePool (PromptStr);
|
|
|
|
return EFI_NOT_FOUND;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Get the selected user's identifier.
|
|
|
|
//
|
|
|
|
Status = FindUserInfoByType (User, EFI_USER_INFO_IDENTIFIER_RECORD, &UserInfo);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
return EFI_NOT_FOUND;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Check the selected user's Token with the read token.
|
|
|
|
//
|
|
|
|
for (Index = 0; Index < mUsbTable->Count; Index++) {
|
|
|
|
UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
|
|
|
|
NewUserId = (UINT8 *) (UserInfo + 1);
|
|
|
|
if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
|
|
|
|
//
|
|
|
|
// The user's ID is found in the UsbTable.
|
|
|
|
//
|
|
|
|
UserToken = mUsbTable->UserInfo[Index].Token;
|
|
|
|
if (CompareMem (UserToken, ReadToken, HASHED_CREDENTIAL_LEN) == 0) {
|
|
|
|
//
|
|
|
|
// The read token matches with the one in UsbTable.
|
|
|
|
//
|
|
|
|
CopyMem (Identifier, UserId, sizeof (EFI_USER_INFO_IDENTIFIER));
|
|
|
|
FreePool (UserInfo);
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2011-09-14 04:28:51 +02:00
|
|
|
|
|
|
|
FreePool (UserInfo);
|
|
|
|
|
|
|
|
return EFI_NOT_READY;
|
2011-09-02 09:49:32 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Indicate that user interface interaction has begun for the specified credential.
|
|
|
|
|
|
|
|
This function is called when a credential provider is selected by the user. If
|
|
|
|
AutoLogon returns FALSE, then the user interface will be constructed by the User
|
|
|
|
Identity Manager.
|
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
|
2011-09-02 09:49:32 +02:00
|
|
|
@param[out] AutoLogon On return, points to the credential provider's capabilities
|
|
|
|
after the credential provider has been selected by the user.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Credential provider successfully selected.
|
|
|
|
@retval EFI_INVALID_PARAMETER AutoLogon is NULL.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
CredentialSelect (
|
2011-10-12 05:38:19 +02:00
|
|
|
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
|
2011-09-02 09:49:32 +02:00
|
|
|
OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
|
|
|
|
)
|
|
|
|
{
|
|
|
|
if ((This == NULL) || (AutoLogon == NULL)) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
|
|
|
|
*AutoLogon = EFI_CREDENTIAL_LOGON_FLAG_DEFAULT | EFI_CREDENTIAL_LOGON_FLAG_AUTO;
|
|
|
|
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Indicate that user interface interaction has ended for the specified credential.
|
|
|
|
|
|
|
|
This function is called when a credential provider is deselected by the user.
|
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
@retval EFI_SUCCESS Credential provider successfully deselected.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
CredentialDeselect (
|
2011-10-12 05:38:19 +02:00
|
|
|
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
|
2011-09-02 09:49:32 +02:00
|
|
|
)
|
|
|
|
{
|
|
|
|
if (This == NULL) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Return the default logon behavior for this user credential.
|
|
|
|
|
|
|
|
This function reports the default login behavior regarding this credential provider.
|
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
|
2011-09-02 09:49:32 +02:00
|
|
|
@param[out] AutoLogon On return, holds whether the credential provider should be used
|
|
|
|
by default to automatically log on the user.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Default information successfully returned.
|
|
|
|
@retval EFI_INVALID_PARAMETER AutoLogon is NULL.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
CredentialDefault (
|
2011-10-12 05:38:19 +02:00
|
|
|
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
|
2011-09-02 09:49:32 +02:00
|
|
|
OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
|
|
|
|
)
|
|
|
|
{
|
|
|
|
if ((This == NULL) || (AutoLogon == NULL)) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
|
|
|
|
*AutoLogon = EFI_CREDENTIAL_LOGON_FLAG_DEFAULT | EFI_CREDENTIAL_LOGON_FLAG_AUTO;
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Return information attached to the credential provider.
|
|
|
|
|
|
|
|
This function returns user information.
|
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
|
2011-09-02 09:49:32 +02:00
|
|
|
@param[in] UserInfo Handle of the user information data record.
|
|
|
|
@param[out] Info On entry, points to a buffer of at least *InfoSize bytes. On
|
|
|
|
exit, holds the user information. If the buffer is too small
|
|
|
|
to hold the information, then EFI_BUFFER_TOO_SMALL is returned
|
|
|
|
and InfoSize is updated to contain the number of bytes actually
|
|
|
|
required.
|
|
|
|
@param[in, out] InfoSize On entry, points to the size of Info. On return, points to the
|
|
|
|
size of the user information.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Information returned successfully.
|
|
|
|
@retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small to hold all of the
|
|
|
|
user information. The size required is returned in *InfoSize.
|
|
|
|
@retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
|
|
|
|
@retval EFI_NOT_FOUND The specified UserInfo does not refer to a valid user info handle.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
CredentialGetInfo (
|
2011-10-12 05:38:19 +02:00
|
|
|
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
|
2011-09-02 09:49:32 +02:00
|
|
|
IN EFI_USER_INFO_HANDLE UserInfo,
|
|
|
|
OUT EFI_USER_INFO *Info,
|
|
|
|
IN OUT UINTN *InfoSize
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_USER_INFO *CredentialInfo;
|
|
|
|
UINTN Index;
|
|
|
|
|
|
|
|
if ((This == NULL) || (InfoSize == NULL) || (Info == NULL)) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ((UserInfo == NULL) || (mUsbInfoHandle == NULL)) {
|
|
|
|
return EFI_NOT_FOUND;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Find information handle in credential info table.
|
|
|
|
//
|
|
|
|
for (Index = 0; Index < mUsbInfoHandle->Count; Index++) {
|
|
|
|
CredentialInfo = mUsbInfoHandle->Info[Index];
|
|
|
|
if (UserInfo == (EFI_USER_INFO_HANDLE)CredentialInfo) {
|
|
|
|
//
|
|
|
|
// The handle is found, copy the user info.
|
|
|
|
//
|
|
|
|
if (CredentialInfo->InfoSize > *InfoSize) {
|
|
|
|
*InfoSize = CredentialInfo->InfoSize;
|
|
|
|
return EFI_BUFFER_TOO_SMALL;
|
|
|
|
}
|
|
|
|
|
|
|
|
CopyMem (Info, CredentialInfo, CredentialInfo->InfoSize);
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return EFI_NOT_FOUND;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Enumerate all of the user informations on the credential provider.
|
|
|
|
|
|
|
|
This function returns the next user information record. To retrieve the first user
|
|
|
|
information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
|
|
|
|
another user information record handle until there are no more, at which point UserInfo
|
|
|
|
will point to NULL.
|
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
|
2011-09-02 09:49:32 +02:00
|
|
|
@param[in, out] UserInfo On entry, points to the previous user information handle or NULL
|
|
|
|
to start enumeration. On exit, points to the next user information
|
|
|
|
handle or NULL if there is no more user information.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS User information returned.
|
|
|
|
@retval EFI_NOT_FOUND No more user information found.
|
|
|
|
@retval EFI_INVALID_PARAMETER UserInfo is NULL.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
CredentialGetNextInfo (
|
2011-10-12 05:38:19 +02:00
|
|
|
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
|
2011-09-02 09:49:32 +02:00
|
|
|
IN OUT EFI_USER_INFO_HANDLE *UserInfo
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_USER_INFO *Info;
|
|
|
|
CHAR16 *ProvNameStr;
|
|
|
|
UINTN InfoLen;
|
|
|
|
UINTN Index;
|
|
|
|
UINTN ProvStrLen;
|
|
|
|
|
|
|
|
if ((This == NULL) || (UserInfo == NULL)) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (mUsbInfoHandle == NULL) {
|
|
|
|
//
|
|
|
|
// Initilized user info table. There are 4 user info records in the table.
|
|
|
|
//
|
|
|
|
InfoLen = sizeof (USB_CREDENTIAL_INFO) + (4 - 1) * sizeof (EFI_USER_INFO *);
|
|
|
|
mUsbInfoHandle = AllocateZeroPool (InfoLen);
|
|
|
|
if (mUsbInfoHandle == NULL) {
|
|
|
|
*UserInfo = NULL;
|
|
|
|
return EFI_NOT_FOUND;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// The first information, Credential Provider info.
|
|
|
|
//
|
|
|
|
InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
|
|
|
|
Info = AllocateZeroPool (InfoLen);
|
|
|
|
ASSERT (Info != NULL);
|
|
|
|
|
|
|
|
Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD;
|
|
|
|
Info->InfoSize = (UINT32) InfoLen;
|
|
|
|
Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
|
2011-09-18 14:25:27 +02:00
|
|
|
CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
|
|
|
|
CopyGuid ((EFI_GUID *)(Info + 1), &gUsbCredentialProviderGuid);
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
mUsbInfoHandle->Info[0] = Info;
|
|
|
|
mUsbInfoHandle->Count++;
|
|
|
|
|
|
|
|
//
|
|
|
|
// The second information, Credential Provider name info.
|
|
|
|
//
|
|
|
|
ProvNameStr = GetStringById (STRING_TOKEN (STR_PROVIDER_NAME));
|
|
|
|
ProvStrLen = StrSize (ProvNameStr);
|
|
|
|
InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
|
|
|
|
Info = AllocateZeroPool (InfoLen);
|
|
|
|
ASSERT (Info != NULL);
|
|
|
|
|
|
|
|
Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
|
|
|
|
Info->InfoSize = (UINT32) InfoLen;
|
|
|
|
Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
|
2011-09-18 14:25:27 +02:00
|
|
|
CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
|
2011-09-02 09:49:32 +02:00
|
|
|
CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
|
|
|
|
FreePool (ProvNameStr);
|
|
|
|
|
|
|
|
mUsbInfoHandle->Info[1] = Info;
|
|
|
|
mUsbInfoHandle->Count++;
|
|
|
|
|
|
|
|
//
|
|
|
|
// The third information, Credential Provider type info.
|
|
|
|
//
|
|
|
|
InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
|
|
|
|
Info = AllocateZeroPool (InfoLen);
|
|
|
|
ASSERT (Info != NULL);
|
|
|
|
|
|
|
|
Info->InfoType = EFI_USER_INFO_CREDENTIAL_TYPE_RECORD;
|
|
|
|
Info->InfoSize = (UINT32) InfoLen;
|
|
|
|
Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
|
2011-09-18 14:25:27 +02:00
|
|
|
CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
|
2011-09-02 09:49:32 +02:00
|
|
|
CopyGuid ((EFI_GUID *)(Info + 1), &gEfiUserCredentialClassSecureCardGuid);
|
|
|
|
|
|
|
|
mUsbInfoHandle->Info[2] = Info;
|
|
|
|
mUsbInfoHandle->Count++;
|
|
|
|
|
|
|
|
//
|
|
|
|
// The fourth information, Credential Provider type name info.
|
|
|
|
//
|
|
|
|
ProvNameStr = GetStringById (STRING_TOKEN (STR_PROVIDER_TYPE_NAME));
|
|
|
|
ProvStrLen = StrSize (ProvNameStr);
|
|
|
|
InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
|
|
|
|
Info = AllocateZeroPool (InfoLen);
|
|
|
|
ASSERT (Info != NULL);
|
|
|
|
|
|
|
|
Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
|
|
|
|
Info->InfoSize = (UINT32) InfoLen;
|
|
|
|
Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
|
2011-09-18 14:25:27 +02:00
|
|
|
CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
|
2011-09-02 09:49:32 +02:00
|
|
|
CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
|
|
|
|
FreePool (ProvNameStr);
|
|
|
|
|
|
|
|
mUsbInfoHandle->Info[3] = Info;
|
|
|
|
mUsbInfoHandle->Count++;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (*UserInfo == NULL) {
|
|
|
|
//
|
|
|
|
// Return the first info handle.
|
|
|
|
//
|
|
|
|
*UserInfo = (EFI_USER_INFO_HANDLE) mUsbInfoHandle->Info[0];
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Find information handle in credential info table.
|
|
|
|
//
|
|
|
|
for (Index = 0; Index < mUsbInfoHandle->Count; Index++) {
|
|
|
|
Info = mUsbInfoHandle->Info[Index];
|
|
|
|
if (*UserInfo == (EFI_USER_INFO_HANDLE)Info) {
|
|
|
|
//
|
|
|
|
// The handle is found, get the next one.
|
|
|
|
//
|
|
|
|
if (Index == mUsbInfoHandle->Count - 1) {
|
|
|
|
//
|
|
|
|
// Already last one.
|
|
|
|
//
|
|
|
|
*UserInfo = NULL;
|
|
|
|
return EFI_NOT_FOUND;
|
|
|
|
}
|
|
|
|
Index++;
|
|
|
|
*UserInfo = (EFI_USER_INFO_HANDLE)mUsbInfoHandle->Info[Index];
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
*UserInfo = NULL;
|
|
|
|
return EFI_NOT_FOUND;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2011-10-12 05:38:19 +02:00
|
|
|
/**
|
|
|
|
Delete a user on this credential provider.
|
|
|
|
|
|
|
|
This function deletes a user on this credential provider.
|
|
|
|
|
|
|
|
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
|
|
|
|
@param[in] User The user profile handle to delete.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS User profile was successfully deleted.
|
|
|
|
@retval EFI_ACCESS_DENIED Current user profile does not permit deletion on the user profile handle.
|
|
|
|
Either the user profile cannot delete on any user profile or cannot delete
|
|
|
|
on a user profile other than the current user profile.
|
|
|
|
@retval EFI_UNSUPPORTED This credential provider does not support deletion in the pre-OS.
|
|
|
|
@retval EFI_DEVICE_ERROR The new credential could not be deleted because of a device error.
|
|
|
|
@retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
CredentialDelete (
|
|
|
|
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
|
|
|
|
IN EFI_USER_PROFILE_HANDLE User
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
EFI_USER_INFO *UserInfo;
|
|
|
|
UINT8 *UserId;
|
|
|
|
UINT8 *NewUserId;
|
|
|
|
UINTN Index;
|
|
|
|
|
|
|
|
if ((This == NULL) || (User == NULL)) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Get User Identifier.
|
|
|
|
//
|
|
|
|
UserInfo = NULL;
|
|
|
|
Status = FindUserInfoByType (
|
|
|
|
User,
|
|
|
|
EFI_USER_INFO_IDENTIFIER_RECORD,
|
|
|
|
&UserInfo
|
|
|
|
);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Find the user by user identifier in mPwdTable.
|
|
|
|
//
|
|
|
|
for (Index = 0; Index < mUsbTable->Count; Index++) {
|
|
|
|
UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
|
|
|
|
NewUserId = (UINT8 *) (UserInfo + 1);
|
|
|
|
if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
|
|
|
|
//
|
|
|
|
// Found the user, delete it.
|
|
|
|
//
|
|
|
|
ModifyTable (Index, NULL);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
FreePool (UserInfo);
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
/**
|
|
|
|
Main entry for this driver.
|
|
|
|
|
|
|
|
@param ImageHandle Image handle this driver.
|
|
|
|
@param SystemTable Pointer to SystemTable.
|
|
|
|
|
|
|
|
@retval EFI_SUCESS This function always complete successfully.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
UsbProviderInit (
|
|
|
|
IN EFI_HANDLE ImageHandle,
|
|
|
|
IN EFI_SYSTEM_TABLE *SystemTable
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
|
2014-03-21 01:57:42 +01:00
|
|
|
//
|
|
|
|
// It is NOT robust enough to be included in production.
|
|
|
|
//
|
|
|
|
#error "This implementation is just a sample, please comment this line if you really want to use this driver."
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
//
|
|
|
|
// Init credential table.
|
|
|
|
//
|
|
|
|
Status = InitCredentialTable ();
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Init Form Browser
|
|
|
|
//
|
|
|
|
Status = InitFormBrowser ();
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Install protocol interfaces for the Usb Credential Provider.
|
|
|
|
//
|
|
|
|
Status = gBS->InstallProtocolInterface (
|
|
|
|
&mCallbackInfo->DriverHandle,
|
2011-10-12 05:38:19 +02:00
|
|
|
&gEfiUserCredential2ProtocolGuid,
|
2011-09-02 09:49:32 +02:00
|
|
|
EFI_NATIVE_INTERFACE,
|
|
|
|
&gUsbCredentialProviderDriver
|
|
|
|
);
|
|
|
|
return Status;
|
|
|
|
}
|