mirror of https://github.com/acidanthera/audk.git
368 lines
14 KiB
C
368 lines
14 KiB
C
/** @file
|
|
FMP Authentication RSA2048SHA256 handler.
|
|
Provide generic FMP authentication functions for DXE/PEI post memory phase.
|
|
|
|
Caution: This module requires additional review when modified.
|
|
This module will have external input - capsule image.
|
|
This external input must be validated carefully to avoid security issue like
|
|
buffer overflow, integer overflow.
|
|
|
|
FmpAuthenticatedHandlerRsa2048Sha256(), AuthenticateFmpImage() will receive
|
|
untrusted input and do basic validation.
|
|
|
|
Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
|
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
|
|
**/
|
|
|
|
#include <Uefi.h>
|
|
|
|
#include <Guid/SystemResourceTable.h>
|
|
#include <Guid/FirmwareContentsSigned.h>
|
|
#include <Guid/WinCertificate.h>
|
|
|
|
#include <Library/BaseLib.h>
|
|
#include <Library/BaseMemoryLib.h>
|
|
#include <Library/DebugLib.h>
|
|
#include <Library/MemoryAllocationLib.h>
|
|
#include <Library/BaseCryptLib.h>
|
|
#include <Library/FmpAuthenticationLib.h>
|
|
#include <Library/PcdLib.h>
|
|
#include <Protocol/FirmwareManagement.h>
|
|
#include <Guid/SystemResourceTable.h>
|
|
|
|
///
|
|
/// Public Exponent of RSA Key.
|
|
///
|
|
STATIC CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };
|
|
|
|
/**
|
|
The handler is used to do the authentication for FMP capsule based upon
|
|
EFI_FIRMWARE_IMAGE_AUTHENTICATION.
|
|
|
|
Caution: This function may receive untrusted input.
|
|
|
|
This function assumes the caller AuthenticateFmpImage()
|
|
already did basic validation for EFI_FIRMWARE_IMAGE_AUTHENTICATION.
|
|
|
|
@param[in] Image Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
|
|
@param[in] ImageSize Size of the authentication image in bytes.
|
|
@param[in] PublicKeyData The public key data used to validate the signature.
|
|
@param[in] PublicKeyDataLength The length of the public key data.
|
|
|
|
@retval RETURN_SUCCESS Authentication pass.
|
|
The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
|
|
@retval RETURN_SECURITY_VIOLATION Authentication fail.
|
|
The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
|
|
@retval RETURN_INVALID_PARAMETER The image is in an invalid format.
|
|
The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
|
|
@retval RETURN_OUT_OF_RESOURCES No Authentication handler associated with CertType.
|
|
The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
|
|
**/
|
|
RETURN_STATUS
|
|
FmpAuthenticatedHandlerRsa2048Sha256 (
|
|
IN EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image,
|
|
IN UINTN ImageSize,
|
|
IN CONST UINT8 *PublicKeyData,
|
|
IN UINTN PublicKeyDataLength
|
|
)
|
|
{
|
|
RETURN_STATUS Status;
|
|
EFI_CERT_BLOCK_RSA_2048_SHA256 *CertBlockRsa2048Sha256;
|
|
BOOLEAN CryptoStatus;
|
|
UINT8 Digest[SHA256_DIGEST_SIZE];
|
|
UINT8 *PublicKey;
|
|
UINTN PublicKeyBufferSize;
|
|
VOID *HashContext;
|
|
VOID *Rsa;
|
|
|
|
DEBUG ((DEBUG_INFO, "FmpAuthenticatedHandlerRsa2048Sha256 - Image: 0x%08x - 0x%08x\n", (UINTN)Image, (UINTN)ImageSize));
|
|
|
|
if (Image->AuthInfo.Hdr.dwLength != OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData) + sizeof (EFI_CERT_BLOCK_RSA_2048_SHA256)) {
|
|
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256 - dwLength: 0x%04x, dwLength - 0x%04x\n", (UINTN)Image->AuthInfo.Hdr.dwLength, (UINTN)OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData) + sizeof (EFI_CERT_BLOCK_RSA_2048_SHA256)));
|
|
return RETURN_INVALID_PARAMETER;
|
|
}
|
|
|
|
CertBlockRsa2048Sha256 = (EFI_CERT_BLOCK_RSA_2048_SHA256 *)Image->AuthInfo.CertData;
|
|
if (!CompareGuid (&CertBlockRsa2048Sha256->HashType, &gEfiHashAlgorithmSha256Guid)) {
|
|
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256 - HashType: %g, expect - %g\n", &CertBlockRsa2048Sha256->HashType, &gEfiHashAlgorithmSha256Guid));
|
|
return RETURN_INVALID_PARAMETER;
|
|
}
|
|
|
|
HashContext = NULL;
|
|
Rsa = NULL;
|
|
|
|
//
|
|
// Allocate hash context buffer required for SHA 256
|
|
//
|
|
HashContext = AllocatePool (Sha256GetContextSize ());
|
|
if (HashContext == NULL) {
|
|
CryptoStatus = FALSE;
|
|
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Can not allocate hash context\n"));
|
|
Status = RETURN_OUT_OF_RESOURCES;
|
|
goto Done;
|
|
}
|
|
|
|
//
|
|
// Hash public key from data payload with SHA256.
|
|
//
|
|
ZeroMem (Digest, SHA256_DIGEST_SIZE);
|
|
CryptoStatus = Sha256Init (HashContext);
|
|
if (!CryptoStatus) {
|
|
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Init() failed\n"));
|
|
Status = RETURN_OUT_OF_RESOURCES;
|
|
goto Done;
|
|
}
|
|
|
|
CryptoStatus = Sha256Update (HashContext, &CertBlockRsa2048Sha256->PublicKey, sizeof (CertBlockRsa2048Sha256->PublicKey));
|
|
if (!CryptoStatus) {
|
|
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
|
|
Status = RETURN_OUT_OF_RESOURCES;
|
|
goto Done;
|
|
}
|
|
|
|
CryptoStatus = Sha256Final (HashContext, Digest);
|
|
if (!CryptoStatus) {
|
|
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Final() failed\n"));
|
|
Status = RETURN_OUT_OF_RESOURCES;
|
|
goto Done;
|
|
}
|
|
|
|
//
|
|
// Fail if the PublicKey is not one of the public keys in the input PublicKeyData.
|
|
//
|
|
PublicKey = (VOID *)PublicKeyData;
|
|
PublicKeyBufferSize = PublicKeyDataLength;
|
|
CryptoStatus = FALSE;
|
|
while (PublicKeyBufferSize != 0) {
|
|
if (CompareMem (Digest, PublicKey, SHA256_DIGEST_SIZE) == 0) {
|
|
CryptoStatus = TRUE;
|
|
break;
|
|
}
|
|
|
|
PublicKey = PublicKey + SHA256_DIGEST_SIZE;
|
|
PublicKeyBufferSize = PublicKeyBufferSize - SHA256_DIGEST_SIZE;
|
|
}
|
|
|
|
if (!CryptoStatus) {
|
|
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Public key in section is not supported\n"));
|
|
Status = RETURN_SECURITY_VIOLATION;
|
|
goto Done;
|
|
}
|
|
|
|
//
|
|
// Generate & Initialize RSA Context.
|
|
//
|
|
Rsa = RsaNew ();
|
|
if (Rsa == NULL) {
|
|
CryptoStatus = FALSE;
|
|
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: RsaNew() failed\n"));
|
|
Status = RETURN_OUT_OF_RESOURCES;
|
|
goto Done;
|
|
}
|
|
|
|
//
|
|
// Set RSA Key Components.
|
|
// NOTE: Only N and E are needed to be set as RSA public key for signature verification.
|
|
//
|
|
CryptoStatus = RsaSetKey (Rsa, RsaKeyN, CertBlockRsa2048Sha256->PublicKey, sizeof (CertBlockRsa2048Sha256->PublicKey));
|
|
if (!CryptoStatus) {
|
|
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: RsaSetKey(RsaKeyN) failed\n"));
|
|
Status = RETURN_OUT_OF_RESOURCES;
|
|
goto Done;
|
|
}
|
|
|
|
CryptoStatus = RsaSetKey (Rsa, RsaKeyE, mRsaE, sizeof (mRsaE));
|
|
if (!CryptoStatus) {
|
|
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: RsaSetKey(RsaKeyE) failed\n"));
|
|
Status = RETURN_OUT_OF_RESOURCES;
|
|
goto Done;
|
|
}
|
|
|
|
//
|
|
// Hash data payload with SHA256.
|
|
//
|
|
ZeroMem (Digest, SHA256_DIGEST_SIZE);
|
|
CryptoStatus = Sha256Init (HashContext);
|
|
if (!CryptoStatus) {
|
|
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Init() failed\n"));
|
|
Status = RETURN_OUT_OF_RESOURCES;
|
|
goto Done;
|
|
}
|
|
|
|
// It is a signature across the variable data and the Monotonic Count value.
|
|
CryptoStatus = Sha256Update (
|
|
HashContext,
|
|
(UINT8 *)Image + sizeof (Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength,
|
|
ImageSize - sizeof (Image->MonotonicCount) - Image->AuthInfo.Hdr.dwLength
|
|
);
|
|
if (!CryptoStatus) {
|
|
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
|
|
Status = RETURN_OUT_OF_RESOURCES;
|
|
goto Done;
|
|
}
|
|
|
|
CryptoStatus = Sha256Update (
|
|
HashContext,
|
|
(UINT8 *)&Image->MonotonicCount,
|
|
sizeof (Image->MonotonicCount)
|
|
);
|
|
if (!CryptoStatus) {
|
|
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
|
|
Status = RETURN_OUT_OF_RESOURCES;
|
|
goto Done;
|
|
}
|
|
|
|
CryptoStatus = Sha256Final (HashContext, Digest);
|
|
if (!CryptoStatus) {
|
|
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Final() failed\n"));
|
|
Status = RETURN_OUT_OF_RESOURCES;
|
|
goto Done;
|
|
}
|
|
|
|
//
|
|
// Verify the RSA 2048 SHA 256 signature.
|
|
//
|
|
CryptoStatus = RsaPkcs1Verify (
|
|
Rsa,
|
|
Digest,
|
|
SHA256_DIGEST_SIZE,
|
|
CertBlockRsa2048Sha256->Signature,
|
|
sizeof (CertBlockRsa2048Sha256->Signature)
|
|
);
|
|
if (!CryptoStatus) {
|
|
//
|
|
// If RSA 2048 SHA 256 signature verification fails, AUTH tested failed bit is set.
|
|
//
|
|
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: RsaPkcs1Verify() failed\n"));
|
|
Status = RETURN_SECURITY_VIOLATION;
|
|
goto Done;
|
|
}
|
|
|
|
DEBUG ((DEBUG_INFO, "FmpAuthenticatedHandlerRsa2048Sha256: PASS verification\n"));
|
|
|
|
Status = RETURN_SUCCESS;
|
|
|
|
Done:
|
|
//
|
|
// Free allocated resources used to perform RSA 2048 SHA 256 signature verification
|
|
//
|
|
if (Rsa != NULL) {
|
|
RsaFree (Rsa);
|
|
}
|
|
|
|
if (HashContext != NULL) {
|
|
FreePool (HashContext);
|
|
}
|
|
|
|
return Status;
|
|
}
|
|
|
|
/**
|
|
The function is used to do the authentication for FMP capsule based upon
|
|
EFI_FIRMWARE_IMAGE_AUTHENTICATION.
|
|
|
|
The FMP capsule image should start with EFI_FIRMWARE_IMAGE_AUTHENTICATION,
|
|
followed by the payload.
|
|
|
|
If the return status is RETURN_SUCCESS, the caller may continue the rest
|
|
FMP update process.
|
|
If the return status is NOT RETURN_SUCCESS, the caller should stop the FMP
|
|
update process and convert the return status to LastAttemptStatus
|
|
to indicate that FMP update fails.
|
|
The LastAttemptStatus can be got from ESRT table or via
|
|
EFI_FIRMWARE_MANAGEMENT_PROTOCOL.GetImageInfo().
|
|
|
|
Caution: This function may receive untrusted input.
|
|
|
|
@param[in] Image Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
|
|
@param[in] ImageSize Size of the authentication image in bytes.
|
|
@param[in] PublicKeyData The public key data used to validate the signature.
|
|
@param[in] PublicKeyDataLength The length of the public key data.
|
|
|
|
@retval RETURN_SUCCESS Authentication pass.
|
|
The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
|
|
@retval RETURN_SECURITY_VIOLATION Authentication fail.
|
|
The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
|
|
@retval RETURN_INVALID_PARAMETER The image is in an invalid format.
|
|
The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
|
|
@retval RETURN_UNSUPPORTED No Authentication handler associated with CertType.
|
|
The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
|
|
@retval RETURN_UNSUPPORTED Image or ImageSize is invalid.
|
|
The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
|
|
@retval RETURN_OUT_OF_RESOURCES No Authentication handler associated with CertType.
|
|
The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
|
|
**/
|
|
RETURN_STATUS
|
|
EFIAPI
|
|
AuthenticateFmpImage (
|
|
IN EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image,
|
|
IN UINTN ImageSize,
|
|
IN CONST UINT8 *PublicKeyData,
|
|
IN UINTN PublicKeyDataLength
|
|
)
|
|
{
|
|
GUID *CertType;
|
|
EFI_STATUS Status;
|
|
|
|
if ((Image == NULL) || (ImageSize == 0)) {
|
|
return RETURN_UNSUPPORTED;
|
|
}
|
|
|
|
if ((PublicKeyDataLength % SHA256_DIGEST_SIZE) != 0) {
|
|
DEBUG ((DEBUG_ERROR, "PublicKeyDataLength is not multiple SHA256 size\n"));
|
|
return RETURN_UNSUPPORTED;
|
|
}
|
|
|
|
if (ImageSize < sizeof (EFI_FIRMWARE_IMAGE_AUTHENTICATION)) {
|
|
DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
|
|
return RETURN_INVALID_PARAMETER;
|
|
}
|
|
|
|
if (Image->AuthInfo.Hdr.dwLength <= OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)) {
|
|
DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too small\n"));
|
|
return RETURN_INVALID_PARAMETER;
|
|
}
|
|
|
|
if ((UINTN)Image->AuthInfo.Hdr.dwLength > MAX_UINTN - sizeof (UINT64)) {
|
|
DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too big\n"));
|
|
return RETURN_INVALID_PARAMETER;
|
|
}
|
|
|
|
if (ImageSize <= sizeof (Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength) {
|
|
DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
|
|
return RETURN_INVALID_PARAMETER;
|
|
}
|
|
|
|
if (Image->AuthInfo.Hdr.wRevision != 0x0200) {
|
|
DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - wRevision: 0x%02x, expect - 0x%02x\n", (UINTN)Image->AuthInfo.Hdr.wRevision, (UINTN)0x0200));
|
|
return RETURN_INVALID_PARAMETER;
|
|
}
|
|
|
|
if (Image->AuthInfo.Hdr.wCertificateType != WIN_CERT_TYPE_EFI_GUID) {
|
|
DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - wCertificateType: 0x%02x, expect - 0x%02x\n", (UINTN)Image->AuthInfo.Hdr.wCertificateType, (UINTN)WIN_CERT_TYPE_EFI_GUID));
|
|
return RETURN_INVALID_PARAMETER;
|
|
}
|
|
|
|
CertType = &Image->AuthInfo.CertType;
|
|
DEBUG ((DEBUG_INFO, "AuthenticateFmpImage - CertType: %g\n", CertType));
|
|
|
|
if (CompareGuid (&gEfiCertTypeRsa2048Sha256Guid, CertType)) {
|
|
//
|
|
// Call the match handler to extract raw data for the input section data.
|
|
//
|
|
Status = FmpAuthenticatedHandlerRsa2048Sha256 (
|
|
Image,
|
|
ImageSize,
|
|
PublicKeyData,
|
|
PublicKeyDataLength
|
|
);
|
|
return Status;
|
|
}
|
|
|
|
//
|
|
// Not found, the input guided section is not supported.
|
|
//
|
|
return RETURN_UNSUPPORTED;
|
|
}
|