From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 4CEFAD80D4E for ; Tue, 23 Apr 2024 02:34:48 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=i3coC5yLi5CabTm5NIi0WBzgjMmiFTvpO1AN4fmhcJM=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20240206; t=1713839687; v=1; b=f8qWSwWjepL2M2V8X+czM4/aYYJXX5aQ65qa5lGrTvjGjRmiTuNLaEQPGJxuxPrhUmFZBqlS 1kl0rG3+PbchL+onxa0ISbM+G+C2NevgE91ozK9vFF88tDYiFo92M9kL9/d9LjfYBpMgNLC/pF8 0bnWpcYR7M6AeRzqXcmZyX1yUerSYbERXrJjITWo5mgQmR3H83OOkTpY/88NC09LGMUG7OHIf0N v8xRZ5Ixfb9NttL20k/gp3ki655IE/VzNBUBrkRekUAcV9oO+mbBGqH49wSpe7Lmr2XQ0sEYnZm 8AGs7yNwd6g78VEtF4SIeebFaSwKJ3iHjST+/Pht+lVEw== X-Received: by 127.0.0.2 with SMTP id iqkfYY7687511xAGi8DPnCoK; Mon, 22 Apr 2024 19:34:47 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.9]) by mx.groups.io with SMTP id smtpd.web11.9729.1713839676006757263 for ; Mon, 22 Apr 2024 19:34:46 -0700 X-CSE-ConnectionGUID: 8xaG3YigS06Dt2ZxtBYKYw== X-CSE-MsgGUID: /FTWZgV0R2mZVnbZ+3U9ew== X-IronPort-AV: E=McAfee;i="6600,9927,11052"; a="20102782" X-IronPort-AV: E=Sophos;i="6.07,222,1708416000"; d="scan'208";a="20102782" X-Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by fmvoesa103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Apr 2024 19:34:46 -0700 X-CSE-ConnectionGUID: kUqSPiBLS1ew8t9qKuVPiQ== X-CSE-MsgGUID: jO3aEA4wRcmVgLERatv5dw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,222,1708416000"; d="scan'208";a="55429018" X-Received: from shwdejointd777.ccr.corp.intel.com ([10.239.58.116]) by fmviesa001.fm.intel.com with ESMTP; 22 Apr 2024 19:34:45 -0700 From: "Wenxing Hou" To: devel@edk2.groups.io Cc: Jiewen Yao , Yi Li Subject: [edk2-devel] [PATCH v2 8/9] CryptoPkg: Add AuthenticodeVerify based on Mbedtls Date: Tue, 23 Apr 2024 10:34:31 +0800 Message-Id: <20240423023432.2147-9-wenxing.hou@intel.com> In-Reply-To: <20240423023432.2147-1-wenxing.hou@intel.com> References: <20240423023432.2147-1-wenxing.hou@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Mon, 22 Apr 2024 19:34:46 -0700 Resent-From: wenxing.hou@intel.com Reply-To: devel@edk2.groups.io,wenxing.hou@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 80yHBC3MkIEOdmm8KkMfsrZkx7686176AA= Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=f8qWSwWj; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none) REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4177 Implement AuthenticodeVerify based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Pk/CryptAuthenticode.c | 214 ++++++++++++++++++ 1 file changed, 214 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthentic= ode.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticode.c b= /CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticode.c new file mode 100644 index 0000000000..9d8301b2c0 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticode.c @@ -0,0 +1,214 @@ +/** @file=0D + Authenticode Portable Executable Signature Verification which does not p= rovide=0D + real capabilities.=0D +=0D +Copyright (c) 2024, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include "InternalCryptLib.h"=0D +#include =0D +=0D +//=0D +// OID ASN.1 Value for SPC_INDIRECT_DATA_OBJID=0D +//=0D +GLOBAL_REMOVE_IF_UNREFERENCED const UINT8 mSpcIndirectOidValue[] =3D {=0D + 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x04=0D +};=0D +=0D +/**=0D + Verifies the validity of a PE/COFF Authenticode Signature as described i= n "Windows=0D + Authenticode Portable Executable Signature Format".=0D +=0D + Return FALSE to indicate this interface is not supported.=0D +=0D + @param[in] AuthData Pointer to the Authenticode Signature retrieved= from signed=0D + PE/COFF image to be verified.=0D + @param[in] DataSize Size of the Authenticode Signature in bytes.=0D + @param[in] TrustedCert Pointer to a trusted/root certificate encoded i= n DER, which=0D + is used for certificate chain verification.=0D + @param[in] CertSize Size of the trusted certificate in bytes.=0D + @param[in] ImageHash Pointer to the original image file hash value. = The procedure=0D + for calculating the image hash value is describ= ed in Authenticode=0D + specification.=0D + @param[in] HashSize Size of Image hash value in bytes.=0D +=0D + @retval FALSE This interface is not supported.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +AuthenticodeVerify (=0D + IN CONST UINT8 *AuthData,=0D + IN UINTN DataSize,=0D + IN CONST UINT8 *TrustedCert,=0D + IN UINTN CertSize,=0D + IN CONST UINT8 *ImageHash,=0D + IN UINTN HashSize=0D + )=0D +{=0D + BOOLEAN Status;=0D + CONST UINT8 *OrigAuthData;=0D + UINT8 *SpcIndirectDataContent;=0D + UINT8 Asn1Byte;=0D + UINTN ContentSize;=0D + CONST UINT8 *SpcIndirectDataOid;=0D + UINT8 *Ptr;=0D + UINT8 *End;=0D + INT32 Len;=0D + UINTN ObjLen;=0D +=0D + OrigAuthData =3D AuthData;=0D +=0D + //=0D + // Check input parameters.=0D + //=0D + if ((AuthData =3D=3D NULL) || (TrustedCert =3D=3D NULL) || (ImageHash = =3D=3D NULL)) {=0D + return FALSE;=0D + }=0D +=0D + if ((DataSize > INT_MAX) || (CertSize > INT_MAX) || (HashSize > INT_MAX)= ) {=0D + return FALSE;=0D + }=0D +=0D + if (DataSize <=3D HashSize) {=0D + return FALSE;=0D + }=0D +=0D + Ptr =3D (UINT8 *)(UINTN)AuthData;=0D + Len =3D (UINT32)DataSize;=0D + End =3D Ptr + Len;=0D +=0D + // ContentInfo=0D + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED |= MBEDTLS_ASN1_SEQUENCE) !=3D 0) {=0D + return FALSE;=0D + }=0D +=0D + // ContentType=0D + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_OID) !=3D 0) = {=0D + return FALSE;=0D + }=0D +=0D + Ptr +=3D ObjLen;=0D + // content=0D + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED |= MBEDTLS_ASN1_CONTEXT_SPECIFIC) !=3D 0) {=0D + return FALSE;=0D + }=0D +=0D + End =3D Ptr + ObjLen;=0D + // signedData=0D + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED |= MBEDTLS_ASN1_SEQUENCE) !=3D 0) {=0D + return FALSE;=0D + }=0D +=0D + // version=0D + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_INTEGER) !=3D= 0) {=0D + return FALSE;=0D + }=0D +=0D + Ptr +=3D ObjLen;=0D + // digestAlgo=0D + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED |= MBEDTLS_ASN1_SET) !=3D 0) {=0D + return FALSE;=0D + }=0D +=0D + Ptr +=3D ObjLen;=0D +=0D + // encapContentInfo=0D + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED |= MBEDTLS_ASN1_SEQUENCE) !=3D 0) {=0D + return FALSE;=0D + }=0D +=0D + End =3D Ptr + ObjLen;=0D + // eContentType=0D + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_OID) !=3D 0) = {=0D + return FALSE;=0D + }=0D +=0D + Status =3D FALSE;=0D +=0D + SpcIndirectDataOid =3D Ptr;=0D + if ((ObjLen !=3D sizeof (mSpcIndirectOidValue)) ||=0D + (CompareMem (=0D + SpcIndirectDataOid,=0D + mSpcIndirectOidValue,=0D + sizeof (mSpcIndirectOidValue)=0D + ) !=3D 0))=0D + {=0D + //=0D + // Un-matched SPC_INDIRECT_DATA_OBJID.=0D + //=0D + goto _Exit;=0D + }=0D +=0D + Ptr +=3D ObjLen;=0D + // eContent=0D + if (mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED |= MBEDTLS_ASN1_CONTEXT_SPECIFIC) !=3D 0) {=0D + return FALSE;=0D + }=0D +=0D + SpcIndirectDataContent =3D Ptr;=0D +=0D + //=0D + // Retrieve the SEQUENCE data size from ASN.1-encoded SpcIndirectDataCon= tent.=0D + //=0D + Asn1Byte =3D *(SpcIndirectDataContent + 1);=0D +=0D + if ((Asn1Byte & 0x80) =3D=3D 0) {=0D + //=0D + // Short Form of Length Encoding (Length < 128)=0D + //=0D + ContentSize =3D (UINTN)(Asn1Byte & 0x7F);=0D + //=0D + // Skip the SEQUENCE Tag;=0D + //=0D + SpcIndirectDataContent +=3D 2;=0D + } else if ((Asn1Byte & 0x81) =3D=3D 0x81) {=0D + //=0D + // Long Form of Length Encoding (128 <=3D Length < 255, Single Octet)= =0D + //=0D + ContentSize =3D (UINTN)(*(UINT8 *)(SpcIndirectDataContent + 2));=0D + //=0D + // Skip the SEQUENCE Tag;=0D + //=0D + SpcIndirectDataContent +=3D 3;=0D + } else if ((Asn1Byte & 0x82) =3D=3D 0x82) {=0D + //=0D + // Long Form of Length Encoding (Length > 255, Two Octet)=0D + //=0D + ContentSize =3D (UINTN)(*(UINT8 *)(SpcIndirectDataContent + 2));=0D + ContentSize =3D (ContentSize << 8) + (UINTN)(*(UINT8 *)(SpcIndirectDat= aContent + 3));=0D + //=0D + // Skip the SEQUENCE Tag;=0D + //=0D + SpcIndirectDataContent +=3D 4;=0D + } else {=0D + goto _Exit;=0D + }=0D +=0D + //=0D + // Compare the original file hash value to the digest retrieve from SpcI= ndirectDataContent=0D + // defined in Authenticode=0D + // NOTE: Need to double-check HashLength here!=0D + //=0D + if (ContentSize < HashSize) {=0D + return FALSE;=0D + }=0D +=0D + if (CompareMem (SpcIndirectDataContent + ContentSize - HashSize, ImageHa= sh, HashSize) !=3D 0) {=0D + //=0D + // Un-matched PE/COFF Hash Value=0D + //=0D + goto _Exit;=0D + }=0D +=0D + //=0D + // Verifies the PKCS#7 Signed Data in PE/COFF Authenticode Signature=0D + //=0D + Status =3D (BOOLEAN)Pkcs7Verify (OrigAuthData, DataSize, TrustedCert, Ce= rtSize, SpcIndirectDataContent, ContentSize);=0D +=0D +_Exit:=0D +=0D + return Status;=0D +}=0D --=20 2.26.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118118): https://edk2.groups.io/g/devel/message/118118 Mute This Topic: https://groups.io/mt/105683592/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-