DxeImageVerification Support#260
Draft
Flickdm wants to merge 9 commits into
Draft
Conversation
mu-automation
Bot
added
the
impact:non-functional
Flickdm
force-pushed
the
feat/dxe-image-verification-support
branch
from
578d0ac to
46bf199
Compare
Add the OneCrypto v1.1 GetAuthenticodeHash() implementation in the OpensslPkg BaseCryptLib instance. The function computes a PE/COFF Authenticode-style image hash: it parses and validates the PE/COFF headers, hashes the image header up to and excluding the CheckSum and Cert Directory entry, hashes the sections in PointerToRawData order, and hashes any trailing bytes between the end of the last section and the start of the certificate table. The hashing primitives are the BaseCryptLib Sha1 / Sha256 / Sha384 / Sha512 routines, so this source is independent of the underlying provider library. The digest algorithm is selected by GUID (gEfiCertSha1Guid, gEfiCertSha256Guid, gEfiCertSha384Guid, gEfiCertSha512Guid). A separate CryptAuthenticodeHashNull.c stub is added for the PEI / Runtime / SEC / SMM phase library instances that do not provide the implementation. Caution: The PE/COFF image is treated as untrusted input. All header fields are bounds-checked against FileSize before use to avoid out-of-bounds reads. Signed-off-by: Doug Flick <dougflick@microsoft.com>
Add the OneCrypto v1.1 GetAuthenticodeHash() implementation in the MbedTlsPkg BaseCryptLib instance. The function computes a PE/COFF Authenticode-style image hash: it parses and validates the PE/COFF headers, hashes the image header up to and excluding the CheckSum and Cert Directory entry, hashes the sections in PointerToRawData order, and hashes any trailing bytes between the end of the last section and the start of the certificate table. The hashing primitives are the BaseCryptLib Sha1 / Sha256 / Sha384 / Sha512 routines, so this source is independent of the underlying provider library. The digest algorithm is selected by GUID (gEfiCertSha1Guid, gEfiCertSha256Guid, gEfiCertSha384Guid, gEfiCertSha512Guid). A separate CryptAuthenticodeHashNull.c stub is added for the PEI / Runtime / SEC / SMM phase library instances that do not provide the implementation. Caution: The PE/COFF image is treated as untrusted input. All header fields are bounds-checked against FileSize before use to avoid out-of-bounds reads. Signed-off-by: Doug Flick <dougflick@microsoft.com>
Wire the GetAuthenticodeHash function pointer into the OneCryptoBin ONE_CRYPTO_PROTOCOL initialization so the v1.1 protocol field is populated for both the OpensslPkg and MbedTlsPkg builds of the unified OneCrypto binary. Signed-off-by: Doug Flick <dougflick@microsoft.com>
Add the OneCrypto v1.1 GetTrustAnchorX509FromAuthData() and FreeTrustAnchorX509Cache() implementation in the OpensslPkg BaseCryptLib instance. The function walks a PKCS#7 SignedData blob, hashes each embedded X.509 certificate's TBSCertificate, and returns the certificate whose digest matches the caller-supplied hash. The PKCS#7 ASN.1 DER is parsed in-place with bounds-checked length decoding; both the bare SignedData and the ContentInfo wrapper forms are accepted. The certificates [0] IMPLICIT field is enumerated and each Certificate SEQUENCE is matched on its TBSCertificate digest. The hash algorithm is selected by the caller-supplied hash size (20=SHA-1, 32=SHA-256, 48=SHA-384, 64=SHA-512). The hashing primitives are taken from BaseCryptLib so the source is independent of the underlying provider library. The optional caller-managed cache stores up to 64 entries; each entry holds a copy of the certificate DER bytes and lazily-computed TBS digests under each algorithm. A separate CryptTrustAnchorNull.c stub is added for the PEI / Runtime / SEC / SMM phase library instances that do not provide the implementation. Caution: AuthData is treated as untrusted input. All ASN.1 length fields are bounds-checked against the remaining input before the parser advances. Signed-off-by: Doug Flick <dougflick@microsoft.com>
Add the OneCrypto v1.1 GetTrustAnchorX509FromAuthData() and FreeTrustAnchorX509Cache() implementation in the MbedTlsPkg BaseCryptLib instance. The implementation walks a PKCS#7 SignedData blob, hashes each embedded X.509 certificate's TBSCertificate, and returns the certificate whose digest matches the caller-supplied hash. The source is shared with OpensslPkg: the parser uses only ASN.1 DER primitives and the BaseCryptLib hash API, so it does not depend on the underlying provider library. This is required because the MbedTlsPkg PKCS#7 helper Pkcs7GetCertificatesList() is currently ASSERT(FALSE)-stubbed and cannot be used for certificate enumeration. A CryptTrustAnchorNull.c stub is added for the PEI / Runtime / SEC / SMM phase library instances. Caution: AuthData is treated as untrusted input. All ASN.1 length fields are bounds-checked against the remaining input before the parser advances. Signed-off-by: Doug Flick <dougflick@microsoft.com>
Wire the OneCrypto v1.1 GetTrustAnchorX509FromAuthData and FreeTrustAnchorX509Cache slots in the OneCryptoBin protocol producer. The slots dispatch to the BaseCryptLib implementation provided by either OpensslPkg or MbedTlsPkg depending on which binary is linked. Signed-off-by: Doug Flick <dougflick@microsoft.com>
Flickdm
force-pushed
the
feat/dxe-image-verification-support
branch
from
46bf199 to
33da9f3
Compare
Add the GetAuthenticodeHashAlgorithm implementation and its Null variant to the OpensslPkg and MbedTlsPkg BaseCryptLib instances, and wire it into the OneCryptoBin protocol dispatch table. The byte-identical provider copies parse the Authenticode SpcIndirectDataContent with bounds-checked ASN.1 decoding to recover the digest-algorithm GUID from untrusted signature data, mapping the digestAlgorithm OID to the matching signature-type GUID. Signed-off-by: Doug Flick <dougflick@microsoft.com>
Implement X509GetTbsCertHash() for the OpenSSL and Mbed TLS BaseCryptLib instances. The implementation reuses the existing X509GetTBSCert() to extract the TBSCertificate byte range and the provider-independent hash dispatch table to digest it under the caller-selected algorithm. Add the matching BaseCryptLib null stub and wire the new service into the OneCrypto protocol binary. The OpenSSL and Mbed TLS sources remain byte-identical. Signed-off-by: Doug Flick <dougflick@microsoft.com>
Point the MU_BASECORE GetDependencies entry in CISettings.py and OneCryptoPkg/DriverBuild.py at the flickdm/mu_basecore fork commit 709ab9b016, which carries the new BaseCryptLib and OneCrypto protocol APIs (GetAuthenticodeHash, GetTrustAnchorX509FromAuthData, FreeTrustAnchorX509Cache, GetAuthenticodeHashAlgorithm, X509GetTbsCertHash). The previously pinned microsoft/mu_basecore commit predates these members, so OneCryptoBin.c failed to build. This pin is temporary and must be reverted to https://github.com/microsoft/mu_basecore.git once the dependency changes merge. Signed-off-by: Doug Flick <dougflick@microsoft.com>
mu-automation
Bot
added
the
language:python
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add the OneCrypto v1.1 GetAuthenticodeHash() implementation that computes a PE/COFF Authenticode-style image hash. The implementation parses and validates the PE/COFF headers, hashes the image header up to and excluding the CheckSum and Cert Directory entry, hashes the sections in PointerToRawData order, and hashes any trailing bytes between the end of the last section and the start of the certificate table.
The hashing primitives are taken from BaseCryptLib (Sha1/Sha256/ Sha384/Sha512), so the same source compiles in both the OpensslPkg and MbedTlsPkg backends. The digest algorithm is selected by GUID (gEfiCertSha1Guid, gEfiCertSha256Guid, gEfiCertSha384Guid, gEfiCertSha512Guid). A separate CryptAuthenticodeHashNull.c stub is added for the PEI / Runtime / SEC / SMM phase library instances that do not provide the implementation.
OneCryptoBin is updated to publish the new function pointer in the v1.1 ONE_CRYPTO_PROTOCOL.
Caution: The PE/COFF image is treated as untrusted input. All header fields are bounds-checked against FileSize before use to avoid out-of-bounds reads.
Description
<Include a description of the change and why this change was made.>
For details on how to complete these options and their meaning refer to CONTRIBUTING.md.
How This Was Tested
<Describe the test(s) that were run to verify the changes.>
Integration Instructions
<Describe how these changes should be integrated. Use N/A if nothing is required.>