[edk2-devel] [Patch v2 16/28] SecurityPkg: Add EncryptionVariable lib with AES
Judah Vang
judah.vang at intel.com
Fri Apr 29 18:04:18 UTC 2022
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594
Add encryption/decryption of protected variable functionality.
Add functions to get/set cipher data of a protected variable.
This is use for supporting confidentiality for protected
variables.
Cc: Jian J Wang <jian.j.wang at intel.com>
Cc: Jiewen Yao <jiewen.yao at intel.com>
Cc: Nishant C Mistry <nishant.c.mistry at intel.com>
Signed-off-by: Jian J Wang <jian.j.wang at intel.com>
Signed-off-by: Nishant C Mistry <nishant.c.mistry at intel.com>
Signed-off-by: Judah Vang <judah.vang at intel.com>
---
SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf | 43 ++
SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h | 49 ++
SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c | 728 ++++++++++++++++++++
3 files changed, 820 insertions(+)
diff --git a/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf
new file mode 100644
index 000000000000..7ece52f2fb58
--- /dev/null
+++ b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf
@@ -0,0 +1,43 @@
+## @file
+# Provides variable encryption/decryption services.
+#
+# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010029
+ BASE_NAME = EncryptionVariableLib
+ FILE_GUID = 459E2CB0-AF4B-4415-B6A1-335E71FD8B85
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = EncryptionVariableLib
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64
+#
+
+[Sources]
+ EncryptionVariable.c
+ EncryptionVariable.h
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ SecurityPkg/SecurityPkg.dec
+ CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ BaseMemoryLib
+ DebugLib
+ MemoryAllocationLib
+ BaseCryptLib
+
+[Guids]
+ gEfiVariableGuid
+ gEfiAuthenticatedVariableGuid
diff --git a/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h
new file mode 100644
index 000000000000..f35f9f9e3ad7
--- /dev/null
+++ b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h
@@ -0,0 +1,49 @@
+/** @file
+ Definitions used by this library implementation.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef ENCRYPTION_VARIABLE_H_
+#define ENCRYPTION_VARIABLE_H_
+
+#define ENC_KEY_SEP L":"
+#define ENC_KEY_SEP_SIZE 2
+#define ENC_KEY_NAME L"VAR_ENC_KEY"
+#define ENC_KEY_NAME_SIZE 22
+
+#define ENC_KEY_SIZE (256/8)
+#define ENC_BLOCK_SIZE AES_BLOCK_SIZE
+#define ENC_IVEC_SIZE ENC_BLOCK_SIZE
+
+#define ENC_PADDING_BYTE 0x0F
+
+//
+// PKCS#5 padding
+//
+// #define AES_CIPHER_DATA_SIZE(PlainDataSize)
+// (AES_BLOCK_SIZE + (PlainDataSize)) & (~(AES_BLOCK_SIZE - 1))
+//
+#define AES_CIPHER_DATA_SIZE(PlainDataSize) ALIGN_VALUE (PlainDataSize, AES_BLOCK_SIZE)
+
+#define FREE_POOL(Address) \
+ if ((Address) != NULL) { \
+ FreePool (Address); \
+ (Address) = NULL; \
+ }
+
+#pragma pack(1)
+
+typedef struct {
+ UINT32 DataType; // SYM_TYPE_AES
+ UINT32 HeaderSize; // sizeof(VARIABLE_ENCRYPTION_HEADER)
+ UINT32 PlainDataSize; // Plain data size
+ UINT32 CipherDataSize; // Cipher data size
+ UINT8 KeyIvec[ENC_IVEC_SIZE];
+} VARIABLE_ENCRYPTION_HEADER;
+
+#pragma pack()
+
+#endif // _ENCRYPTION_VARIABLE_H_
diff --git a/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c
new file mode 100644
index 000000000000..58ffb09e0373
--- /dev/null
+++ b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c
@@ -0,0 +1,728 @@
+/** @file
+ Implementation of EncryptionVariableLib with AES algorithm support.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Uefi.h>
+
+#include <Guid/VariableFormat.h>
+#include <Library/EncryptionVariableLib.h>
+#include <Library/BaseCryptLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+
+#include "EncryptionVariable.h"
+
+/**
+ Derive encryption key for given variable from variable root key.
+
+ The derivation algorithm is depicted below
+
+ HKDF_Expand(SHA256, RootKey, Name||':'||Guid||':'||Attr||"VAR_ENC_KEY")
+
+ @param[in] VarEncInfo Pointer to structure containing detailed
+ information about a variable.
+ @param[in] EncKeySize Size of key requested.
+ @param[out] EncKey Buffer of key.
+
+ @retval TRUE The key was derived successfully.
+ @retval FALSE Failed to generate encryption key.
+
+**/
+STATIC
+BOOLEAN
+EncVarLibGenEncKey (
+ IN VARIABLE_ENCRYPTION_INFO *VarEncInfo,
+ IN UINTN EncKeySize,
+ OUT UINT8 *EncKey
+ )
+{
+ BOOLEAN Status;
+
+ struct {
+ VOID *Data;
+ UINTN Size;
+ } InfoGroup[6];
+ UINT8 *Info;
+ UINTN InfoSize;
+ UINTN Index;
+ UINT8 Salt[16];
+
+ //
+ // info: Name||':'||Guid||':'||Attr||"VAR_ENC_KEY"
+ //
+ InfoGroup[0].Size = VarEncInfo->Header.NameSize;
+ InfoGroup[0].Data = VarEncInfo->Header.VariableName;
+
+ InfoGroup[1].Size = ENC_KEY_SEP_SIZE;
+ InfoGroup[1].Data = ENC_KEY_SEP;
+
+ InfoGroup[2].Size = sizeof (*VarEncInfo->Header.VendorGuid);
+ InfoGroup[2].Data = VarEncInfo->Header.VendorGuid;
+
+ InfoGroup[3].Size = ENC_KEY_SEP_SIZE;
+ InfoGroup[3].Data = ENC_KEY_SEP;
+
+ InfoGroup[4].Size = sizeof (VarEncInfo->Header.Attributes);
+ InfoGroup[4].Data = &VarEncInfo->Header.Attributes;
+
+ InfoGroup[5].Size = ENC_KEY_NAME_SIZE;
+ InfoGroup[5].Data = ENC_KEY_NAME;
+
+ for (InfoSize = 0, Index = 0; Index < ARRAY_SIZE (InfoGroup); ++Index) {
+ InfoSize += InfoGroup[Index].Size;
+ }
+
+ Info = AllocateZeroPool (InfoSize);
+ if (Info == NULL) {
+ ASSERT (Info != NULL);
+ return FALSE;
+ }
+
+ for (InfoSize = 0, Index = 0; Index < ARRAY_SIZE (InfoGroup); ++Index) {
+ CopyMem (Info + InfoSize, InfoGroup[Index].Data, InfoGroup[Index].Size);
+ InfoSize += InfoGroup[Index].Size;
+ }
+
+ Status = HkdfSha256ExtractAndExpand (
+ VarEncInfo->Key,
+ VarEncInfo->KeySize,
+ Salt,
+ 0,
+ Info,
+ InfoSize,
+ EncKey,
+ EncKeySize
+ );
+
+ FreePool (Info);
+
+ return Status;
+}
+
+/**
+ Generate init-vector for AES encryption.
+
+ @param[out] InitVector IVEC buffer.
+ @param[in] Size Size of IVEC requested.
+
+ @retval TRUE IVEC was generated successfully.
+ @retval FALSE Failed to generate IVEC.
+
+**/
+STATIC
+BOOLEAN
+EncVarLibGenIvec (
+ OUT UINT8 *InitVector,
+ IN UINTN Size
+ )
+{
+ return RandomBytes (InitVector, Size);
+}
+
+/**
+ Check if there's valid variable information needed by encrypting or decrypting.
+
+ @param[in] VarEncInfo Buffer conveying details about a variable.
+ @param[in] CheckForEnc Flag indicating check for encrypting (TRUE) or
+ decrypting (FALSE).
+
+ @retval TRUE VarEncInfo is valid.
+ @retval FALSE VarEncInfo is invalid.
+
+**/
+STATIC
+BOOLEAN
+IsValidVariableInfo (
+ IN VARIABLE_ENCRYPTION_INFO *VarEncInfo,
+ IN BOOLEAN CheckForEnc
+ )
+{
+ BOOLEAN Valid;
+
+ if (CheckForEnc) {
+ Valid = (VarEncInfo->Header.Data != NULL && VarEncInfo->Header.DataSize > 0)
+ || (VarEncInfo->PlainData != NULL && VarEncInfo->PlainDataSize > 0);
+ if (!Valid) {
+ ASSERT (
+ (VarEncInfo->Header.Data != NULL && VarEncInfo->Header.DataSize > 0)
+ || (VarEncInfo->PlainData != NULL && VarEncInfo->PlainDataSize > 0)
+ );
+ }
+ } else {
+ Valid = (VarEncInfo->Header.Data != NULL && VarEncInfo->Header.DataSize > 0)
+ || (VarEncInfo->CipherData != NULL && VarEncInfo->CipherDataSize > 0);
+ if (!Valid) {
+ ASSERT (
+ (VarEncInfo->Header.Data != NULL && VarEncInfo->Header.DataSize > 0)
+ || (VarEncInfo->CipherData != NULL && VarEncInfo->CipherDataSize > 0)
+ );
+ }
+ }
+
+ Valid = Valid
+ && VarEncInfo->Header.VariableName != NULL
+ && VarEncInfo->Header.NameSize > 0
+ && VarEncInfo->Header.VendorGuid != NULL
+ && VarEncInfo->Key != NULL
+ && VarEncInfo->KeySize > 0;
+ if (!Valid) {
+ ASSERT (VarEncInfo->Header.VariableName != NULL);
+ ASSERT (VarEncInfo->Header.NameSize != 0);
+ ASSERT (VarEncInfo->Header.VendorGuid != NULL);
+ ASSERT (VarEncInfo->Key != NULL);
+ ASSERT (VarEncInfo->KeySize > 0);
+ }
+
+ return Valid;
+}
+
+/**
+ Sanity check of encrption header prefixed to encrypted data.
+
+ @param[in] EncHeader Pointer to VARIABLE_ENCRYPTION_HEADER.
+ @param[in] DataSize Size of variable data payload.
+
+ @retval TRUE EncHeader is valid.
+ @retval FALSE EncHeader is invalid.
+
+**/
+STATIC
+BOOLEAN
+IsValidEncrptionHeader (
+ IN VARIABLE_ENCRYPTION_HEADER *EncHeader,
+ IN UINT32 DataSize
+ )
+{
+ if ( (DataSize > sizeof (VARIABLE_ENCRYPTION_HEADER))
+ && ((EncHeader->DataType == ENC_TYPE_AES) || (EncHeader->DataType == ENC_TYPE_NULL))
+ && (EncHeader->HeaderSize >= sizeof (VARIABLE_ENCRYPTION_HEADER))
+ && (EncHeader->CipherDataSize > 0)
+ && ((EncHeader->CipherDataSize % ENC_BLOCK_SIZE) == 0)
+ && (EncHeader->PlainDataSize > 0)
+ && (EncHeader->PlainDataSize <= EncHeader->CipherDataSize)
+ && ((EncHeader->CipherDataSize + EncHeader->HeaderSize) <= DataSize))
+ {
+ return TRUE;
+ }
+
+ return FALSE;
+}
+
+/**
+ Encrypt variable data.
+
+ If VarEncInfo->PlainData is not NULL, VarEncInfo->PlainData holds the plain
+ data. Otherwise, VarEncInfo->Headr.Data is supposed to be the plain data.
+
+ If VarEncInfo->CipherData is not NULL, The encrypted data is stored in
+ VarEncInfo->CipherData. Otherwise, the encrypted data is stored directly
+ in variable data buffer, i.e. VarEncInfo->Headr.Data.
+
+ @param[in, out] VarEncInfo Pointer to structure containing detailed
+ information about a variable.
+
+ @retval EFI_SUCCESS Variable was encrypted successfully.
+ @retval EFI_INVALID_PARAMETER Variable information in VarEncInfo is invalid.
+ @retval EFI_BUFFER_TOO_SMALL VarEncInfo->CipherData is not NULL but
+ VarEncInfo->CipherDataSize is too small.
+ @retval EFI_ABORTED Uknown error occurred during encrypting.
+ @retval EFI_OUT_OF_RESOURCES Fail to allocate enough resource.
+ @retval EFI_UNSUPPORTED Unsupported to encrypt variable.
+
+**/
+EFI_STATUS
+EFIAPI
+EncryptVariable (
+ IN OUT VARIABLE_ENCRYPTION_INFO *VarEncInfo
+ )
+{
+ EFI_STATUS Status;
+ VOID *AesContext;
+ UINT8 EncKey[ENC_KEY_SIZE];
+ UINT8 Ivec[ENC_IVEC_SIZE];
+ UINT8 *PlainBuffer;
+ UINT8 *CipherBuffer;
+ UINT8 *PlainData;
+ UINT32 PlainDataSize;
+ VARIABLE_ENCRYPTION_HEADER *CipherData;
+ UINT32 CipherDataSize;
+ UINT32 PaddingBytes;
+
+ Status = EFI_ABORTED;
+ AesContext = NULL;
+ PlainBuffer = NULL;
+ CipherBuffer = NULL;
+
+ if (!IsValidVariableInfo (VarEncInfo, TRUE)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ if (VarEncInfo->PlainData != NULL) {
+ PlainData = VarEncInfo->PlainData;
+ PlainDataSize = VarEncInfo->PlainDataSize;
+ } else {
+ PlainData = VarEncInfo->Header.Data;
+ PlainDataSize = (UINT32)VarEncInfo->Header.DataSize;
+ }
+
+ CipherDataSize = AES_CIPHER_DATA_SIZE (PlainDataSize);
+ if (VarEncInfo->CipherData != NULL) {
+ if (VarEncInfo->CipherDataSize
+ < (CipherDataSize + sizeof (VARIABLE_ENCRYPTION_HEADER)))
+ {
+ VarEncInfo->CipherDataSize = CipherDataSize
+ + sizeof (VARIABLE_ENCRYPTION_HEADER);
+ return EFI_BUFFER_TOO_SMALL;
+ }
+
+ CipherData = VarEncInfo->CipherData;
+ } else {
+ CipherData = VarEncInfo->Header.Data;
+ }
+
+ //
+ // Prepare buffer for encrypted data.
+ //
+ if ((UINTN)CipherData == (UINTN)PlainData) {
+ //
+ // Need buffer to store the encrypted data temporarily.
+ //
+ CipherBuffer = (UINT8 *)AllocateZeroPool (
+ CipherDataSize
+ + sizeof (VARIABLE_ENCRYPTION_HEADER)
+ );
+ if (CipherBuffer == NULL) {
+ ASSERT (CipherBuffer != NULL);
+ return EFI_OUT_OF_RESOURCES;
+ }
+ } else {
+ CipherBuffer = (UINT8 *)CipherData;
+ }
+
+ //
+ // Plain variable data must also be multiple of ENC_BLOCK_SIZE.
+ //
+ PaddingBytes = ALIGN_VALUE (PlainDataSize, ENC_BLOCK_SIZE) - PlainDataSize;
+ if (PaddingBytes != 0) {
+ //
+ // Since the plain data size will be saved in the VARIABLE_ENCRYPTION_HEADER,
+ // there's no need to do PKCS way of padding. To save space, just padding
+ // the plain data to be of the nearest n*ENC_BLOCK_SIZE.
+ //
+ PlainBuffer = AllocateZeroPool (PlainDataSize + PaddingBytes);
+ if (PlainBuffer == NULL) {
+ ASSERT (PlainBuffer != NULL);
+ goto Done;
+ }
+
+ CopyMem (PlainBuffer, PlainData, PlainDataSize);
+ SetMem (PlainBuffer + PlainDataSize, PaddingBytes, ENC_PADDING_BYTE);
+ } else {
+ PlainBuffer = PlainData;
+ }
+
+ //
+ // Skip EFI_VARIABLE_APPEND_WRITE bit in generating encryption key.
+ //
+ VarEncInfo->Header.Attributes &= (~EFI_VARIABLE_APPEND_WRITE);
+ if (!EncVarLibGenEncKey (VarEncInfo, ENC_KEY_SIZE, EncKey)) {
+ ASSERT (FALSE);
+ return EFI_ABORTED;
+ }
+
+ if (!EncVarLibGenIvec (Ivec, ENC_IVEC_SIZE)) {
+ ASSERT (FALSE);
+ return EFI_ABORTED;
+ }
+
+ AesContext = AllocateZeroPool (AesGetContextSize ());
+ if (AesContext == NULL) {
+ ASSERT (AesContext != NULL);
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ if (!AesInit (AesContext, EncKey, ENC_KEY_SIZE * 8)) {
+ ASSERT (FALSE);
+ goto Done;
+ }
+
+ if (AesCbcEncrypt (
+ AesContext,
+ PlainBuffer,
+ PlainDataSize + PaddingBytes,
+ Ivec,
+ CipherBuffer + sizeof (VARIABLE_ENCRYPTION_HEADER)
+ ))
+ {
+ //
+ // Keep the IV for decryption.
+ //
+ CopyMem (CipherData->KeyIvec, Ivec, ENC_BLOCK_SIZE);
+
+ if ((UINTN)CipherBuffer != (UINTN)CipherData) {
+ CopyMem (
+ CipherData + 1,
+ CipherBuffer + sizeof (VARIABLE_ENCRYPTION_HEADER),
+ CipherDataSize
+ );
+ }
+
+ CipherData->CipherDataSize = CipherDataSize;
+ CipherData->PlainDataSize = PlainDataSize;
+ CipherData->DataType = ENC_TYPE_AES;
+ CipherData->HeaderSize = sizeof (VARIABLE_ENCRYPTION_HEADER);
+
+ VarEncInfo->CipherData = CipherData;
+ VarEncInfo->CipherDataSize = CipherDataSize + sizeof (VARIABLE_ENCRYPTION_HEADER);
+ VarEncInfo->CipherHeaderSize = sizeof (VARIABLE_ENCRYPTION_HEADER);
+ VarEncInfo->CipherDataType = ENC_TYPE_AES;
+
+ Status = EFI_SUCCESS;
+ } else {
+ VarEncInfo->CipherData = NULL;
+ VarEncInfo->CipherDataSize = 0;
+ VarEncInfo->CipherHeaderSize = 0;
+ VarEncInfo->CipherDataType = ENC_TYPE_NULL;
+
+ ASSERT (FALSE);
+ }
+
+Done:
+ FREE_POOL (AesContext);
+ if (PlainBuffer != PlainData) {
+ FREE_POOL (PlainBuffer);
+ }
+
+ if (CipherBuffer != (UINT8 *)CipherData) {
+ FREE_POOL (CipherBuffer);
+ }
+
+ return Status;
+}
+
+/**
+ Decrypt variable data.
+
+ If VarEncInfo->CipherData is not NULL, it must holds the cipher data to be
+ decrypted. Otherwise, assume the cipher data from variable data buffer, i.e.
+ VarEncInfo->Header.Data.
+
+ If VarEncInfo->Flags.DecryptInPlace is TRUE, the decrypted data will be put
+ back in the same buffer as cipher buffer got above, after encryption header,
+ which helps to identify later if the data in buffer is decrypted or not. This
+ can avoid repeat decryption when accessing the same variable more than once.
+
+ If VarEncInfo->Flags.DecryptInPlace is FALSE, VarEncInfo->PlainData must be
+ passed in with a valid buffer with VarEncInfo->PlainDataSize set correctly
+ with its size.
+
+ Note the VarEncInfo->PlainData is always pointing to the buffer address with
+ decrypted data without encryption header, and VarEncInfo->PlainDataSize is
+ always the size of original variable data, if this function returned
+ successfully.
+
+ @param[in, out] VarEncInfo Pointer to structure containing detailed
+ information about a variable.
+
+ @retval EFI_SUCCESS Variable was decrypted successfully.
+ @retval EFI_INVALID_PARAMETER Variable information in VarEncInfo is invalid.
+ @retval EFI_BUFFER_TOO_SMALL VarEncInfo->PlainData is not NULL but
+ VarEncInfo->PlainDataSize is too small.
+ @retval EFI_ABORTED Uknown error occurred during decrypting.
+ @retval EFI_OUT_OF_RESOURCES Fail to allocate enough resource.
+ @retval EFI_COMPROMISED_DATA The cipher header is not valid.
+ @retval EFI_UNSUPPORTED Unsupported to encrypt variable.
+
+**/
+EFI_STATUS
+EFIAPI
+DecryptVariable (
+ IN OUT VARIABLE_ENCRYPTION_INFO *VarEncInfo
+ )
+{
+ VOID *AesContext;
+ UINT8 EncKey[ENC_KEY_SIZE];
+ UINT8 *PlainBuffer;
+ UINT8 *PlainData;
+ VARIABLE_ENCRYPTION_HEADER *CipherData;
+ UINT32 CipherDataSize;
+ EFI_STATUS Status;
+
+ Status = EFI_ABORTED;
+ AesContext = NULL;
+ PlainBuffer = NULL;
+
+ if (!IsValidVariableInfo (VarEncInfo, FALSE)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ if (VarEncInfo->CipherData != NULL) {
+ CipherData = VarEncInfo->CipherData;
+ CipherDataSize = VarEncInfo->CipherDataSize;
+ } else {
+ CipherData = VarEncInfo->Header.Data;
+ CipherDataSize = (UINT32)VarEncInfo->Header.DataSize;
+ }
+
+ //
+ // Sanity check of cipher header.
+ //
+ if (!IsValidEncrptionHeader (CipherData, CipherDataSize)) {
+ return EFI_COMPROMISED_DATA;
+ }
+
+ if ( (VarEncInfo->PlainData != NULL)
+ && (VarEncInfo->PlainDataSize < CipherData->PlainDataSize))
+ {
+ VarEncInfo->PlainDataSize = CipherData->PlainDataSize;
+ return EFI_BUFFER_TOO_SMALL;
+ }
+
+ if (CipherData->DataType == ENC_TYPE_AES) {
+ if (VarEncInfo->Flags.DecryptInPlace) {
+ //
+ // Reusing cipher data buffer needs to keep the encryption header.
+ //
+ PlainData = (UINT8 *)CipherData + CipherData->HeaderSize;
+ } else {
+ PlainData = VarEncInfo->PlainData;
+ }
+
+ if (PlainData == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ //
+ // Always need buffer to store the decrypted data temporarily, due to
+ // padding bytes or buffer reuse. Then the buffer must be larger than
+ // CipherData->PlainDataSize.
+ //
+ PlainBuffer = AllocatePages (EFI_SIZE_TO_PAGES (CipherDataSize));
+ if (PlainBuffer == NULL) {
+ ASSERT (PlainBuffer != NULL);
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ if (!EncVarLibGenEncKey (VarEncInfo, ENC_KEY_SIZE, EncKey)) {
+ ASSERT (FALSE);
+ goto Done;
+ }
+
+ AesContext = AllocatePages (EFI_SIZE_TO_PAGES (AesGetContextSize ()));
+ if (AesContext == NULL) {
+ ASSERT (AesContext != NULL);
+ Status = EFI_OUT_OF_RESOURCES;
+ goto Done;
+ }
+
+ if (!AesInit (AesContext, EncKey, ENC_KEY_SIZE * 8)) {
+ ASSERT (FALSE);
+ goto Done;
+ }
+
+ if (AesCbcDecrypt (
+ AesContext,
+ (UINT8 *)CipherData + CipherData->HeaderSize,
+ CipherDataSize - CipherData->HeaderSize,
+ CipherData->KeyIvec,
+ PlainBuffer
+ ))
+ {
+ Status = EFI_SUCCESS;
+ } else {
+ Status = EFI_COMPROMISED_DATA;
+ }
+ } else {
+ //
+ // The data has been decrypted already.
+ //
+ PlainBuffer = (UINT8 *)CipherData + CipherData->HeaderSize;
+
+ if (VarEncInfo->PlainData != NULL) {
+ PlainData = VarEncInfo->PlainData;
+ } else {
+ PlainData = PlainBuffer;
+ }
+
+ Status = EFI_SUCCESS;
+ }
+
+ if (!EFI_ERROR (Status)) {
+ if (PlainBuffer != PlainData) {
+ CopyMem (PlainData, PlainBuffer, CipherData->PlainDataSize);
+ }
+
+ if (VarEncInfo->PlainData != NULL) {
+ if (VarEncInfo->PlainData != PlainBuffer) {
+ CopyMem (VarEncInfo->PlainData, PlainBuffer, CipherData->PlainDataSize);
+ }
+ } else {
+ VarEncInfo->PlainData = PlainData;
+ }
+
+ VarEncInfo->PlainDataSize = CipherData->PlainDataSize;
+ VarEncInfo->CipherHeaderSize = CipherData->HeaderSize;
+ VarEncInfo->CipherDataType = CipherData->DataType;
+
+ if (VarEncInfo->Flags.DecryptInPlace) {
+ CipherData->DataType = ENC_TYPE_NULL;
+ }
+ }
+
+Done:
+ FreePages (PlainBuffer, EFI_SIZE_TO_PAGES ((CipherDataSize)));
+ FreePages (AesContext, EFI_SIZE_TO_PAGES (AesGetContextSize ()));
+ return Status;
+}
+
+/**
+ Get cipher information about a variable, including plaindata size,
+ cipher algorithm type, etc.
+
+ For data passed in with VarEncInfo,
+
+ VarEncInfo->Header.Data
+ - The variable data in normal variable structure.
+ VarEncInfo->Header.DataSize
+ - The size of variable data.
+
+ For data passed out with VarEncInfo (valid only if EFI_SUCCESS is returned),
+
+ VarEncInfo->CipherDataType
+ - ENC_TYPE_NULL, if the variable is not encrypted or has been decrypted;
+ - ENC_TYPE_AES, if the variable is encrypted.
+ VarEncInfo->CipherHeaderSize
+ - Size of cipher header put before encrypted or decrypted data.
+ VarEncInfo->PlainData
+ - NULL, if the variable is encrypted; Or
+ - pointer to original variable data, if the variable has been decrypted.
+ VarEncInfo->PlainDataSize
+ - The size of original variable data
+ VarEncInfo->CipherData
+ - NULL, if the variable is decrypted; Or
+ - pointer to start of encrypted variable data, including encryption header;
+ VarEncInfo->CipherDataSize
+ - The size of encrypted variable data, including encryption header.
+
+ @param[in] VarEncInfo Pointer to structure containing detailed
+ information about a variable.
+
+ @retval EFI_SUCCESS The information was retrieved successfully.
+ @retval EFI_INVALID_PARAMETER Variable information in VarEncInfo is invalid.
+ @retval EFI_NOT_FOUND No cipher information recognized.
+ @retval EFI_UNSUPPORTED Unsupported interface.
+
+**/
+EFI_STATUS
+EFIAPI
+GetCipherDataInfo (
+ IN VARIABLE_ENCRYPTION_INFO *VarEncInfo
+ )
+{
+ VARIABLE_ENCRYPTION_HEADER *EncHeader;
+
+ if ((VarEncInfo->Header.Data == NULL) || (VarEncInfo->Header.DataSize == 0)) {
+ ASSERT (VarEncInfo->Header.Data != NULL);
+ ASSERT (VarEncInfo->Header.DataSize != 0);
+ return EFI_INVALID_PARAMETER;
+ }
+
+ //
+ // Validate encryption header.
+ //
+ EncHeader = (VARIABLE_ENCRYPTION_HEADER *)VarEncInfo->Header.Data;
+ if (!IsValidEncrptionHeader (EncHeader, (UINT32)VarEncInfo->Header.DataSize)) {
+ //
+ // Not an encrypted variable.
+ //
+ return EFI_NOT_FOUND;
+ }
+
+ if (EncHeader->DataType == ENC_TYPE_NULL) {
+ //
+ // The data must have been decrypted.
+ //
+ VarEncInfo->PlainData = (UINT8 *)VarEncInfo->Header.Data + EncHeader->HeaderSize;
+ VarEncInfo->CipherData = NULL;
+ VarEncInfo->Flags.DecryptInPlace = TRUE;
+ } else {
+ //
+ // The data is encrypted.
+ //
+ VarEncInfo->CipherData = VarEncInfo->Header.Data;
+ VarEncInfo->PlainData = NULL;
+ VarEncInfo->Flags.DecryptInPlace = FALSE;
+ }
+
+ VarEncInfo->PlainDataSize = EncHeader->PlainDataSize;
+ VarEncInfo->CipherDataSize = EncHeader->CipherDataSize + EncHeader->HeaderSize;
+ VarEncInfo->CipherDataType = EncHeader->DataType;
+ VarEncInfo->CipherHeaderSize = EncHeader->HeaderSize;
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Force set cipher information for a variable, like plaindata size,
+ cipher algorithm type, cipher data etc.
+
+ The destination buffer must be passed via VarEncInfo->Header.Data.
+
+ This method is only used to update and/or change plain data information.
+
+ @param[in] VarEncInfo Pointer to structure containing detailed
+ information about a variable.
+
+ @retval EFI_SUCCESS The information was updated successfully.
+ @retval EFI_INVALID_PARAMETER Variable information in VarEncInfo is invalid.
+ @retval EFI_UNSUPPORTED If this method is not supported.
+
+**/
+EFI_STATUS
+EFIAPI
+SetCipherDataInfo (
+ IN VARIABLE_ENCRYPTION_INFO *VarEncInfo
+ )
+{
+ VARIABLE_ENCRYPTION_HEADER *EncHeader;
+ UINT8 *Data;
+
+ if ( (VarEncInfo->Header.Data == NULL)
+ || (VarEncInfo->Header.DataSize < sizeof (VARIABLE_ENCRYPTION_HEADER))
+ || (VarEncInfo->CipherDataType != ENC_TYPE_NULL))
+ {
+ ASSERT (VarEncInfo->Header.Data != NULL);
+ ASSERT (VarEncInfo->Header.DataSize >= sizeof (VARIABLE_ENCRYPTION_HEADER));
+ ASSERT (VarEncInfo->CipherDataType == ENC_TYPE_NULL);
+ return EFI_INVALID_PARAMETER;
+ }
+
+ Data = VarEncInfo->Header.Data;
+ EncHeader = (VARIABLE_ENCRYPTION_HEADER *)Data;
+
+ if ( !IsValidEncrptionHeader (EncHeader, (UINT32)VarEncInfo->Header.DataSize)
+ || (VarEncInfo->PlainDataSize > EncHeader->CipherDataSize))
+ {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ if ((VarEncInfo->PlainData != NULL) && (VarEncInfo->PlainDataSize > 0)) {
+ CopyMem (
+ Data + EncHeader->HeaderSize,
+ VarEncInfo->PlainData,
+ VarEncInfo->PlainDataSize
+ );
+ }
+
+ EncHeader->DataType = VarEncInfo->CipherDataType;
+ if (VarEncInfo->PlainDataSize != 0) {
+ EncHeader->PlainDataSize = VarEncInfo->PlainDataSize;
+ }
+
+ return EFI_SUCCESS;
+}
--
2.35.1.windows.2
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89434): https://edk2.groups.io/g/devel/message/89434
Mute This Topic: https://groups.io/mt/90781904/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list