odin-abl/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProvider.h
2021-07-23 18:06:52 +00:00

362 lines
14 KiB
C

/** @file
Usb Credential Provider driver header file.
Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef _USB_CREDENTIAL_PROVIDER_H_
#define _USB_CREDENTIAL_PROVIDER_H_
#include <Uefi.h>
#include <Guid/GlobalVariable.h>
#include <Guid/FileInfo.h>
#include <Guid/SecurityPkgTokenSpace.h>
#include <Guid/UsbCredentialProviderHii.h>
#include <Protocol/SimpleFileSystem.h>
#include <Protocol/BlockIo.h>
#include <Protocol/UserCredential2.h>
#include <Protocol/UserManager.h>
#include <Library/UefiRuntimeServicesTableLib.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/DevicePathLib.h>
#include <Library/BaseCryptLib.h>
#include <Library/DebugLib.h>
#include <Library/UefiLib.h>
#include <Library/PrintLib.h>
#include <Library/HiiLib.h>
#include <Library/PcdLib.h>
extern UINT8 UsbCredentialProviderStrings[];
#define USB_TABLE_INC 16
#define HASHED_CREDENTIAL_LEN 20
//
// Save the enroll user credential Information.
//
typedef struct {
EFI_USER_INFO_IDENTIFIER UserId;
UINT8 Token[HASHED_CREDENTIAL_LEN];
} USB_INFO;
//
// USB Credential Table.
//
typedef struct {
UINTN Count;
UINTN MaxCount;
USB_INFO UserInfo[1];
} CREDENTIAL_TABLE;
//
// The user information on the USB provider.
//
typedef struct {
UINTN Count;
EFI_USER_INFO *Info[1];
} USB_CREDENTIAL_INFO;
#define USB_PROVIDER_SIGNATURE SIGNATURE_32 ('U', 'S', 'B', 'P')
typedef struct {
UINTN Signature;
EFI_HANDLE DriverHandle;
EFI_HII_HANDLE HiiHandle;
} USB_PROVIDER_CALLBACK_INFO;
/**
Enroll a user on a credential provider.
This function enrolls and deletes a user profile using this credential provider.
If a user profile is successfully enrolled, it calls the User Manager Protocol
function Notify() to notify the user manager driver that credential information
has changed. If an enrolled user does exist, delete the user on the credential
provider.
@param[in] This Points to this instance of EFI_USER_CREDENTIAL2_PROTOCOL.
@param[in] User The user profile to enroll.
@retval EFI_SUCCESS User profile was successfully enrolled.
@retval EFI_ACCESS_DENIED Current user profile does not permit enrollment on the
user profile handle. Either the user profile cannot enroll
on any user profile or cannot enroll on a user profile
other than the current user profile.
@retval EFI_UNSUPPORTED This credential provider does not support enrollment in
the pre-OS.
@retval EFI_DEVICE_ERROR The new credential could not be created because of a device
error.
@retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
**/
EFI_STATUS
EFIAPI
CredentialEnroll (
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
IN EFI_USER_PROFILE_HANDLE User
);
/**
Returns the user interface information used during user identification.
This function enrolls a user on this credential provider. If the user exists on
this credential provider, update the user information on this credential provider;
otherwise delete the user information on credential provider.
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[out] Hii On return, holds the HII database handle.
@param[out] FormSetId On return, holds the identifier of the form set which contains
the form used during user identification.
@param[out] FormId On return, holds the identifier of the form used during user
identification.
@retval EFI_SUCCESS Form returned successfully.
@retval EFI_NOT_FOUND Form not returned.
@retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or FormId is NULL.
**/
EFI_STATUS
EFIAPI
CredentialForm (
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
OUT EFI_HII_HANDLE *Hii,
OUT EFI_GUID *FormSetId,
OUT EFI_FORM_ID *FormId
);
/**
Returns bitmap used to describe the credential provider type.
This optional function returns a bitmap which is less than or equal to the number
of pixels specified by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND
is returned.
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[in, out] Width On entry, points to the desired bitmap width. If NULL then no
bitmap information will be returned. On exit, points to the
width of the bitmap returned.
@param[in, out] Height On entry, points to the desired bitmap height. If NULL then no
bitmap information will be returned. On exit, points to the
height of the bitmap returned.
@param[out] Hii On return, holds the HII database handle.
@param[out] Image On return, holds the HII image identifier.
@retval EFI_SUCCESS Image identifier returned successfully.
@retval EFI_NOT_FOUND Image identifier not returned.
@retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
**/
EFI_STATUS
EFIAPI
CredentialTile (
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
IN OUT UINTN *Width,
IN OUT UINTN *Height,
OUT EFI_HII_HANDLE *Hii,
OUT EFI_IMAGE_ID *Image
);
/**
Returns string used to describe the credential provider type.
This function returns a string which describes the credential provider. If no
such string exists, then EFI_NOT_FOUND is returned.
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[out] Hii On return, holds the HII database handle.
@param[out] String On return, holds the HII string identifier.
@retval EFI_SUCCESS String identifier returned successfully.
@retval EFI_NOT_FOUND String identifier not returned.
@retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
**/
EFI_STATUS
EFIAPI
CredentialTitle (
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
OUT EFI_HII_HANDLE *Hii,
OUT EFI_STRING_ID *String
);
/**
Return the user identifier associated with the currently authenticated user.
This function returns the user identifier of the user authenticated by this credential
provider. This function is called after the credential-related information has been
submitted on a form OR after a call to Default() has returned that this credential is
ready to log on.
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[in] User The user profile handle of the user profile currently being
considered by the user identity manager. If NULL, then no user
profile is currently under consideration.
@param[out] Identifier On return, points to the user identifier.
@retval EFI_SUCCESS User identifier returned successfully.
@retval EFI_NOT_READY No user identifier can be returned.
@retval EFI_ACCESS_DENIED The user has been locked out of this user credential.
@retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
@retval EFI_NOT_FOUND User is not NULL, and the specified user handle can't be
found in user profile database.
**/
EFI_STATUS
EFIAPI
CredentialUser (
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
IN EFI_USER_PROFILE_HANDLE User,
OUT EFI_USER_INFO_IDENTIFIER *Identifier
);
/**
Indicate that user interface interaction has begun for the specified credential.
This function is called when a credential provider is selected by the user. If
AutoLogon returns FALSE, then the user interface will be constructed by the User
Identity Manager.
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[out] AutoLogon On return, points to the credential provider's capabilities
after the credential provider has been selected by the user.
@retval EFI_SUCCESS Credential provider successfully selected.
@retval EFI_INVALID_PARAMETER AutoLogon is NULL.
**/
EFI_STATUS
EFIAPI
CredentialSelect (
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
);
/**
Indicate that user interface interaction has ended for the specified credential.
This function is called when a credential provider is deselected by the user.
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@retval EFI_SUCCESS Credential provider successfully deselected.
**/
EFI_STATUS
EFIAPI
CredentialDeselect (
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
);
/**
Return the default logon behavior for this user credential.
This function reports the default login behavior regarding this credential provider.
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[out] AutoLogon On return, holds whether the credential provider should be used
by default to automatically log on the user.
@retval EFI_SUCCESS Default information successfully returned.
@retval EFI_INVALID_PARAMETER AutoLogon is NULL.
**/
EFI_STATUS
EFIAPI
CredentialDefault (
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
);
/**
Return information attached to the credential provider.
This function returns user information.
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[in] UserInfo Handle of the user information data record.
@param[out] Info On entry, points to a buffer of at least *InfoSize bytes. On
exit, holds the user information. If the buffer is too small
to hold the information, then EFI_BUFFER_TOO_SMALL is returned
and InfoSize is updated to contain the number of bytes actually
required.
@param[in, out] InfoSize On entry, points to the size of Info. On return, points to the
size of the user information.
@retval EFI_SUCCESS Information returned successfully.
@retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small to hold all of the
user information. The size required is returned in *InfoSize.
@retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
@retval EFI_NOT_FOUND The specified UserInfo does not refer to a valid user info handle.
**/
EFI_STATUS
EFIAPI
CredentialGetInfo (
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
IN EFI_USER_INFO_HANDLE UserInfo,
OUT EFI_USER_INFO *Info,
IN OUT UINTN *InfoSize
);
/**
Enumerate all of the user informations on the credential provider.
This function returns the next user information record. To retrieve the first user
information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
another user information record handle until there are no more, at which point UserInfo
will point to NULL.
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[in, out] UserInfo On entry, points to the previous user information handle or NULL
to start enumeration. On exit, points to the next user information
handle or NULL if there is no more user information.
@retval EFI_SUCCESS User information returned.
@retval EFI_NOT_FOUND No more user information found.
@retval EFI_INVALID_PARAMETER UserInfo is NULL.
**/
EFI_STATUS
EFIAPI
CredentialGetNextInfo (
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
IN OUT EFI_USER_INFO_HANDLE *UserInfo
);
/**
Delete a user on this credential provider.
This function deletes a user on this credential provider.
@param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
@param[in] User The user profile handle to delete.
@retval EFI_SUCCESS User profile was successfully deleted.
@retval EFI_ACCESS_DENIED Current user profile does not permit deletion on the user profile handle.
Either the user profile cannot delete on any user profile or cannot delete
on a user profile other than the current user profile.
@retval EFI_UNSUPPORTED This credential provider does not support deletion in the pre-OS.
@retval EFI_DEVICE_ERROR The new credential could not be deleted because of a device error.
@retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
**/
EFI_STATUS
EFIAPI
CredentialDelete (
IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
IN EFI_USER_PROFILE_HANDLE User
);
#endif