#include <Uefi.h>
#include <Guid/SystemResourceTable.h>
#include <Guid/FirmwareContentsSigned.h>
#include <Guid/WinCertificate.h>
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/BaseCryptLib.h>
#include <Library/FmpAuthenticationLib.h>
#include <Library/PcdLib.h>
#include <Protocol/FirmwareManagement.h>

Functions
RETURN_STATUS	FmpAuthenticatedHandlerPkcs7 (IN EFI_FIRMWARE_IMAGE_AUTHENTICATION Image, IN UINTN ImageSize, IN CONST UINT8 PublicKeyData, IN UINTN PublicKeyDataLength)

RETURN_STATUS EFIAPI	AuthenticateFmpImage (IN EFI_FIRMWARE_IMAGE_AUTHENTICATION Image, IN UINTN ImageSize, IN CONST UINT8 PublicKeyData, IN UINTN PublicKeyDataLength)

Detailed Description

FMP Authentication PKCS7 handler. Provide generic FMP authentication functions for DXE/PEI post memory phase.

Caution: This module requires additional review when modified. This module will have external input - capsule image. This external input must be validated carefully to avoid security issue like buffer overflow, integer overflow.

FmpAuthenticatedHandlerPkcs7(), AuthenticateFmpImage() will receive untrusted input and do basic validation.

Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent

Definition in file FmpAuthenticationLibPkcs7.c.

Function Documentation

◆ AuthenticateFmpImage()

RETURN_STATUS EFIAPI AuthenticateFmpImage	(	IN EFI_FIRMWARE_IMAGE_AUTHENTICATION *	Image,
		IN UINTN	ImageSize,
		IN CONST UINT8 *	PublicKeyData,
		IN UINTN	PublicKeyDataLength
	)

The function is used to do the authentication for FMP capsule based upon EFI_FIRMWARE_IMAGE_AUTHENTICATION.

The FMP capsule image should start with EFI_FIRMWARE_IMAGE_AUTHENTICATION, followed by the payload.

If the return status is RETURN_SUCCESS, the caller may continue the rest FMP update process. If the return status is NOT RETURN_SUCCESS, the caller should stop the FMP update process and convert the return status to LastAttemptStatus to indicate that FMP update fails. The LastAttemptStatus can be got from ESRT table or via EFI_FIRMWARE_MANAGEMENT_PROTOCOL.GetImageInfo().

Caution: This function may receive untrusted input.

Parameters

[in]	Image	Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
[in]	ImageSize	Size of the authentication image in bytes.
[in]	PublicKeyData	The public key data used to validate the signature.
[in]	PublicKeyDataLength	The length of the public key data.

Return values

RETURN_SUCCESS	Authentication pass. The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
RETURN_SECURITY_VIOLATION	Authentication fail. The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
RETURN_INVALID_PARAMETER	The image is in an invalid format. The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
RETURN_UNSUPPORTED	No Authentication handler associated with CertType. The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
RETURN_UNSUPPORTED	Image or ImageSize is invalid. The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
RETURN_OUT_OF_RESOURCES	No Authentication handler associated with CertType. The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.

Definition at line 157 of file FmpAuthenticationLibPkcs7.c.

◆ FmpAuthenticatedHandlerPkcs7()

RETURN_STATUS FmpAuthenticatedHandlerPkcs7	(	IN EFI_FIRMWARE_IMAGE_AUTHENTICATION *	Image,
		IN UINTN	ImageSize,
		IN CONST UINT8 *	PublicKeyData,
		IN UINTN	PublicKeyDataLength
	)

The handler is used to do the authentication for FMP capsule based upon EFI_FIRMWARE_IMAGE_AUTHENTICATION.