• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /** @file
2 
3   This library registers RSA 2048 SHA 256 guided section handler
4   to parse RSA 2048 SHA 256 encapsulation section and extract raw data.
5   It uses the BaseCrypyLib based on OpenSSL to authenticate the signature.
6 
7 Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
8 This program and the accompanying materials
9 are licensed and made available under the terms and conditions of the BSD License
10 which accompanies this distribution.  The full text of the license may be found at
11 http://opensource.org/licenses/bsd-license.php
12 
13 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
14 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15 
16 **/
17 
18 #include <PiPei.h>
19 #include <Protocol/Hash.h>
20 #include <Library/ExtractGuidedSectionLib.h>
21 #include <Library/DebugLib.h>
22 #include <Library/BaseMemoryLib.h>
23 #include <Library/MemoryAllocationLib.h>
24 #include <Library/PcdLib.h>
25 #include <Guid/WinCertificate.h>
26 #include <Library/BaseCryptLib.h>
27 #include <Library/PerformanceLib.h>
28 #include <Guid/SecurityPkgTokenSpace.h>
29 
30 ///
31 /// RSA 2048 SHA 256 Guided Section header
32 ///
33 typedef struct {
34   EFI_GUID_DEFINED_SECTION        GuidedSectionHeader;     ///< EFI guided section header
35   EFI_CERT_BLOCK_RSA_2048_SHA256  CertBlockRsa2048Sha256;  ///< RSA 2048-bit Signature
36 } RSA_2048_SHA_256_SECTION_HEADER;
37 
38 typedef struct {
39   EFI_GUID_DEFINED_SECTION2       GuidedSectionHeader;     ///< EFI guided section header
40   EFI_CERT_BLOCK_RSA_2048_SHA256  CertBlockRsa2048Sha256;  ///< RSA 2048-bit Signature
41 } RSA_2048_SHA_256_SECTION2_HEADER;
42 
43 ///
44 /// Public Exponent of RSA Key.
45 ///
46 CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };
47 
48 /**
49 
50   GetInfo gets raw data size and attribute of the input guided section.
51   It first checks whether the input guid section is supported.
52   If not, EFI_INVALID_PARAMETER will return.
53 
54   @param InputSection       Buffer containing the input GUIDed section to be processed.
55   @param OutputBufferSize   The size of OutputBuffer.
56   @param ScratchBufferSize  The size of ScratchBuffer.
57   @param SectionAttribute   The attribute of the input guided section.
58 
59   @retval EFI_SUCCESS            The size of destination buffer, the size of scratch buffer and
60                                  the attribute of the input section are successull retrieved.
61   @retval EFI_INVALID_PARAMETER  The GUID in InputSection does not match this instance guid.
62 
63 **/
64 EFI_STATUS
65 EFIAPI
Rsa2048Sha256GuidedSectionGetInfo(IN CONST VOID * InputSection,OUT UINT32 * OutputBufferSize,OUT UINT32 * ScratchBufferSize,OUT UINT16 * SectionAttribute)66 Rsa2048Sha256GuidedSectionGetInfo (
67   IN  CONST VOID  *InputSection,
68   OUT UINT32      *OutputBufferSize,
69   OUT UINT32      *ScratchBufferSize,
70   OUT UINT16      *SectionAttribute
71   )
72 {
73   if (IS_SECTION2 (InputSection)) {
74     //
75     // Check whether the input guid section is recognized.
76     //
77     if (!CompareGuid (
78         &gEfiCertTypeRsa2048Sha256Guid,
79         &(((EFI_GUID_DEFINED_SECTION2 *) InputSection)->SectionDefinitionGuid))) {
80       return EFI_INVALID_PARAMETER;
81     }
82     //
83     // Retrieve the size and attribute of the input section data.
84     //
85     *SectionAttribute  = ((EFI_GUID_DEFINED_SECTION2 *) InputSection)->Attributes;
86     *ScratchBufferSize = 0;
87     *OutputBufferSize  = SECTION2_SIZE (InputSection) - sizeof(RSA_2048_SHA_256_SECTION2_HEADER);
88   } else {
89     //
90     // Check whether the input guid section is recognized.
91     //
92     if (!CompareGuid (
93         &gEfiCertTypeRsa2048Sha256Guid,
94         &(((EFI_GUID_DEFINED_SECTION *) InputSection)->SectionDefinitionGuid))) {
95       return EFI_INVALID_PARAMETER;
96     }
97     //
98     // Retrieve the size and attribute of the input section data.
99     //
100     *SectionAttribute  = ((EFI_GUID_DEFINED_SECTION *) InputSection)->Attributes;
101     *ScratchBufferSize = 0;
102     *OutputBufferSize  = SECTION_SIZE (InputSection) - sizeof(RSA_2048_SHA_256_SECTION_HEADER);
103   }
104 
105   return EFI_SUCCESS;
106 }
107 
108 /**
109 
110   Extraction handler tries to extract raw data from the input guided section.
111   It also does authentication check for RSA 2048 SHA 256 signature in the input guided section.
112   It first checks whether the input guid section is supported.
113   If not, EFI_INVALID_PARAMETER will return.
114 
115   @param InputSection    Buffer containing the input GUIDed section to be processed.
116   @param OutputBuffer    Buffer to contain the output raw data allocated by the caller.
117   @param ScratchBuffer   A pointer to a caller-allocated buffer for function internal use.
118   @param AuthenticationStatus A pointer to a caller-allocated UINT32 that indicates the
119                               authentication status of the output buffer.
120 
121   @retval EFI_SUCCESS            Section Data and Auth Status is extracted successfully.
122   @retval EFI_INVALID_PARAMETER  The GUID in InputSection does not match this instance guid.
123 
124 **/
125 EFI_STATUS
126 EFIAPI
Rsa2048Sha256GuidedSectionHandler(IN CONST VOID * InputSection,OUT VOID ** OutputBuffer,IN VOID * ScratchBuffer,OPTIONAL OUT UINT32 * AuthenticationStatus)127 Rsa2048Sha256GuidedSectionHandler (
128   IN CONST  VOID    *InputSection,
129   OUT       VOID    **OutputBuffer,
130   IN        VOID    *ScratchBuffer,        OPTIONAL
131   OUT       UINT32  *AuthenticationStatus
132   )
133 {
134   EFI_STATUS                      Status;
135   UINT32                          OutputBufferSize;
136   EFI_CERT_BLOCK_RSA_2048_SHA256  *CertBlockRsa2048Sha256;
137   BOOLEAN                         CryptoStatus;
138   UINT8                           Digest[SHA256_DIGEST_SIZE];
139   UINT8                           *PublicKey;
140   UINTN                           PublicKeyBufferSize;
141   VOID                            *HashContext;
142   VOID                            *Rsa;
143 
144   HashContext = NULL;
145   Rsa         = NULL;
146 
147   if (IS_SECTION2 (InputSection)) {
148     //
149     // Check whether the input guid section is recognized.
150     //
151     if (!CompareGuid (
152         &gEfiCertTypeRsa2048Sha256Guid,
153         &(((EFI_GUID_DEFINED_SECTION2 *)InputSection)->SectionDefinitionGuid))) {
154       return EFI_INVALID_PARAMETER;
155     }
156 
157     //
158     // Get the RSA 2048 SHA 256 information.
159     //
160     CertBlockRsa2048Sha256 = &((RSA_2048_SHA_256_SECTION2_HEADER *) InputSection)->CertBlockRsa2048Sha256;
161     OutputBufferSize       = SECTION2_SIZE (InputSection) - sizeof (RSA_2048_SHA_256_SECTION2_HEADER);
162     if ((((EFI_GUID_DEFINED_SECTION *)InputSection)->Attributes & EFI_GUIDED_SECTION_PROCESSING_REQUIRED) != 0) {
163       PERF_START (NULL, "RsaCopy", "PEI", 0);
164       CopyMem (*OutputBuffer, (UINT8 *)InputSection + sizeof (RSA_2048_SHA_256_SECTION2_HEADER), OutputBufferSize);
165       PERF_END (NULL, "RsaCopy", "PEI", 0);
166     } else {
167       *OutputBuffer = (UINT8 *)InputSection + sizeof (RSA_2048_SHA_256_SECTION2_HEADER);
168     }
169 
170     //
171     // Implicitly RSA 2048 SHA 256 GUIDed section should have STATUS_VALID bit set
172     //
173     ASSERT ((((EFI_GUID_DEFINED_SECTION2 *)InputSection)->Attributes & EFI_GUIDED_SECTION_AUTH_STATUS_VALID) != 0);
174     *AuthenticationStatus = EFI_AUTH_STATUS_IMAGE_SIGNED;
175   } else {
176     //
177     // Check whether the input guid section is recognized.
178     //
179     if (!CompareGuid (
180         &gEfiCertTypeRsa2048Sha256Guid,
181         &(((EFI_GUID_DEFINED_SECTION *)InputSection)->SectionDefinitionGuid))) {
182       return EFI_INVALID_PARAMETER;
183     }
184 
185     //
186     // Get the RSA 2048 SHA 256 information.
187     //
188     CertBlockRsa2048Sha256 = &((RSA_2048_SHA_256_SECTION_HEADER *)InputSection)->CertBlockRsa2048Sha256;
189     OutputBufferSize       = SECTION_SIZE (InputSection) - sizeof (RSA_2048_SHA_256_SECTION_HEADER);
190     if ((((EFI_GUID_DEFINED_SECTION *)InputSection)->Attributes & EFI_GUIDED_SECTION_PROCESSING_REQUIRED) != 0) {
191       PERF_START (NULL, "RsaCopy", "PEI", 0);
192       CopyMem (*OutputBuffer, (UINT8 *)InputSection + sizeof (RSA_2048_SHA_256_SECTION_HEADER), OutputBufferSize);
193       PERF_END (NULL, "RsaCopy", "PEI", 0);
194     } else {
195       *OutputBuffer = (UINT8 *)InputSection + sizeof (RSA_2048_SHA_256_SECTION_HEADER);
196     }
197 
198     //
199     // Implicitly RSA 2048 SHA 256 GUIDed section should have STATUS_VALID bit set
200     //
201     ASSERT ((((EFI_GUID_DEFINED_SECTION *) InputSection)->Attributes & EFI_GUIDED_SECTION_AUTH_STATUS_VALID) != 0);
202     *AuthenticationStatus = EFI_AUTH_STATUS_IMAGE_SIGNED;
203   }
204 
205   //
206   // All paths from here return EFI_SUCESS and result is returned in AuthenticationStatus
207   //
208   Status = EFI_SUCCESS;
209 
210   //
211   // Fail if the HashType is not SHA 256
212   //
213   if (!CompareGuid (&gEfiHashAlgorithmSha256Guid, &CertBlockRsa2048Sha256->HashType)) {
214     DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: HASH type of section is not supported\n"));
215     *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
216     goto Done;
217   }
218 
219   //
220   // Allocate hash context buffer required for SHA 256
221   //
222   HashContext = AllocatePool (Sha256GetContextSize ());
223   if (HashContext == NULL) {
224     DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Can not allocate hash context\n"));
225     *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
226     goto Done;
227   }
228 
229   //
230   // Hash public key from data payload with SHA256.
231   //
232   ZeroMem (Digest, SHA256_DIGEST_SIZE);
233   CryptoStatus = Sha256Init (HashContext);
234   if (!CryptoStatus) {
235     DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Sha256Init() failed\n"));
236     *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
237     goto Done;
238   }
239   CryptoStatus = Sha256Update (HashContext, &CertBlockRsa2048Sha256->PublicKey, sizeof(CertBlockRsa2048Sha256->PublicKey));
240   if (!CryptoStatus) {
241     DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Sha256Update() failed\n"));
242     *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
243     goto Done;
244   }
245   CryptoStatus  = Sha256Final (HashContext, Digest);
246   if (!CryptoStatus) {
247     DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Sha256Final() failed\n"));
248     *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
249     goto Done;
250   }
251 
252   //
253   // Fail if the PublicKey is not one of the public keys in PcdRsa2048Sha256PublicKeyBuffer
254   //
255   PublicKey = (UINT8 *)PcdGetPtr (PcdRsa2048Sha256PublicKeyBuffer);
256   DEBUG ((DEBUG_VERBOSE, "PeiPcdRsa2048Sha256: PublicKeyBuffer = %p\n", PublicKey));
257   ASSERT (PublicKey != NULL);
258   DEBUG ((DEBUG_VERBOSE, "PeiPcdRsa2048Sha256: PublicKeyBuffer Token = %08x\n", PcdToken (PcdRsa2048Sha256PublicKeyBuffer)));
259   PublicKeyBufferSize = PcdGetSize (PcdRsa2048Sha256PublicKeyBuffer);
260   DEBUG ((DEBUG_VERBOSE, "PeiPcdRsa2048Sha256: PublicKeyBuffer Size = %08x\n", PublicKeyBufferSize));
261   ASSERT ((PublicKeyBufferSize % SHA256_DIGEST_SIZE) == 0);
262   CryptoStatus = FALSE;
263   while (PublicKeyBufferSize != 0) {
264     if (CompareMem (Digest, PublicKey, SHA256_DIGEST_SIZE) == 0) {
265       CryptoStatus = TRUE;
266       break;
267     }
268     PublicKey = PublicKey + SHA256_DIGEST_SIZE;
269     PublicKeyBufferSize = PublicKeyBufferSize - SHA256_DIGEST_SIZE;
270   }
271   if (!CryptoStatus) {
272     DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Public key in section is not supported\n"));
273     *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
274     goto Done;
275   }
276 
277   //
278   // Generate & Initialize RSA Context.
279   //
280   Rsa = RsaNew ();
281   if (Rsa == NULL) {
282     DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: RsaNew() failed\n"));
283     *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
284     goto Done;
285   }
286 
287   //
288   // Set RSA Key Components.
289   // NOTE: Only N and E are needed to be set as RSA public key for signature verification.
290   //
291   CryptoStatus = RsaSetKey (Rsa, RsaKeyN, CertBlockRsa2048Sha256->PublicKey, sizeof(CertBlockRsa2048Sha256->PublicKey));
292   if (!CryptoStatus) {
293     DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: RsaSetKey(RsaKeyN) failed\n"));
294     *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
295     goto Done;
296   }
297   CryptoStatus = RsaSetKey (Rsa, RsaKeyE, mRsaE, sizeof (mRsaE));
298   if (!CryptoStatus) {
299     DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: RsaSetKey(RsaKeyE) failed\n"));
300     *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
301     goto Done;
302   }
303 
304   //
305   // Hash data payload with SHA256.
306   //
307   ZeroMem (Digest, SHA256_DIGEST_SIZE);
308   CryptoStatus = Sha256Init (HashContext);
309   if (!CryptoStatus) {
310     DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Sha256Init() failed\n"));
311     *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
312     goto Done;
313   }
314   PERF_START (NULL, "RsaShaData", "PEI", 0);
315   CryptoStatus = Sha256Update (HashContext, *OutputBuffer, OutputBufferSize);
316   PERF_END (NULL, "RsaShaData", "PEI", 0);
317   if (!CryptoStatus) {
318     DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Sha256Update() failed\n"));
319     *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
320     goto Done;
321   }
322   CryptoStatus  = Sha256Final (HashContext, Digest);
323   if (!CryptoStatus) {
324     DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Sha256Final() failed\n"));
325     *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
326     goto Done;
327   }
328 
329   //
330   // Verify the RSA 2048 SHA 256 signature.
331   //
332   PERF_START (NULL, "RsaVerify", "PEI", 0);
333   CryptoStatus = RsaPkcs1Verify (
334                    Rsa,
335                    Digest,
336                    SHA256_DIGEST_SIZE,
337                    CertBlockRsa2048Sha256->Signature,
338                    sizeof (CertBlockRsa2048Sha256->Signature)
339                    );
340   PERF_END (NULL, "RsaVerify", "PEI", 0);
341   if (!CryptoStatus) {
342     //
343     // If RSA 2048 SHA 256 signature verification fails, AUTH tested failed bit is set.
344     //
345     DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: RsaPkcs1Verify() failed\n"));
346     *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
347   }
348 
349 Done:
350   //
351   // Free allocated resources used to perform RSA 2048 SHA 256 signature verification
352   //
353   if (Rsa != NULL) {
354     RsaFree (Rsa);
355   }
356   if (HashContext != NULL) {
357     FreePool (HashContext);
358   }
359 
360   DEBUG ((DEBUG_VERBOSE, "PeiRsa2048Sha256: Status = %r  AuthenticationStatus = %08x\n", Status, *AuthenticationStatus));
361 
362   return Status;
363 }
364 
365 /**
366   Register the handler to extract RSA 2048 SHA 256 guided section.
367 
368   @param  FileHandle   The handle of FFS header the loaded driver.
369   @param  PeiServices  The pointer to the PEI services.
370 
371   @retval  EFI_SUCCESS           Register successfully.
372   @retval  EFI_OUT_OF_RESOURCES  Not enough memory to register this handler.
373 
374 **/
375 EFI_STATUS
376 EFIAPI
PeiRsa2048Sha256GuidedSectionExtractLibConstructor(IN EFI_PEI_FILE_HANDLE FileHandle,IN CONST EFI_PEI_SERVICES ** PeiServices)377 PeiRsa2048Sha256GuidedSectionExtractLibConstructor (
378   IN EFI_PEI_FILE_HANDLE        FileHandle,
379   IN CONST EFI_PEI_SERVICES     **PeiServices
380   )
381 {
382   return ExtractGuidedSectionRegisterHandlers (
383            &gEfiCertTypeRsa2048Sha256Guid,
384            Rsa2048Sha256GuidedSectionGetInfo,
385            Rsa2048Sha256GuidedSectionHandler
386            );
387 }
388