From 1921b89c48680ec0a180adeaab26a23c3e5a3f72 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Thu, 28 Nov 2019 18:36:36 +0100 Subject: Fix F5 showing previous password after failed authentication attempt. Ensure that even wrong password value are cleared from memory. --- DcsInt/DcsInt.c | 48 ++++++++++++++++++++++++++++++------------------ 1 file changed, 30 insertions(+), 18 deletions(-) (limited to 'DcsInt') diff --git a/DcsInt/DcsInt.c b/DcsInt/DcsInt.c index 7dd98ec..b7e392f 100644 --- a/DcsInt/DcsInt.c +++ b/DcsInt/DcsInt.c @@ -160,29 +160,33 @@ PrepareBootParams( IN PCRYPTO_INFO cryptoInfo) { BootArguments *bootArgs; - if (bootParams == NULL) return EFI_UNSUPPORTED; - bootArgs = &bootParams->BootArgs; - TC_SET_BOOT_ARGUMENTS_SIGNATURE(bootArgs->Signature); - bootArgs->BootLoaderVersion = VERSION_NUM; - bootArgs->CryptoInfoOffset = (uint16)(FIELD_OFFSET(BOOT_PARAMS, BootCryptoInfo)); - bootArgs->CryptoInfoLength = (uint16)(sizeof(BOOT_CRYPTO_HEADER) + 2 + sizeof(SECREGION_BOOT_PARAMS)); - bootArgs->HeaderSaltCrc32 = gHeaderSaltCrc32; - CopyMem(&bootArgs->BootPassword, &gAuthPassword, sizeof(gAuthPassword)); - bootArgs->HiddenSystemPartitionStart = 0; - bootArgs->DecoySystemPartitionStart = 0; - bootArgs->BootDriveSignature = bootDriveSignature; - bootArgs->Flags = (uint32)(gAuthPim << 16); - bootArgs->BootArgumentsCrc32 = GetCrc32((byte *)bootArgs, (int)((byte *)&bootArgs->BootArgumentsCrc32 - (byte *)bootArgs)); - bootParams->BootCryptoInfo.ea = (uint16)cryptoInfo->ea; - bootParams->BootCryptoInfo.mode = (uint16)cryptoInfo->mode; - bootParams->BootCryptoInfo.pkcs5 = (uint16)cryptoInfo->pkcs5; - SetSecRegionParamsMemory(); + EFI_STATUS status; + if (bootParams == NULL) status = EFI_UNSUPPORTED; + else { + bootArgs = &bootParams->BootArgs; + TC_SET_BOOT_ARGUMENTS_SIGNATURE(bootArgs->Signature); + bootArgs->BootLoaderVersion = VERSION_NUM; + bootArgs->CryptoInfoOffset = (uint16)(FIELD_OFFSET(BOOT_PARAMS, BootCryptoInfo)); + bootArgs->CryptoInfoLength = (uint16)(sizeof(BOOT_CRYPTO_HEADER) + 2 + sizeof(SECREGION_BOOT_PARAMS)); + bootArgs->HeaderSaltCrc32 = gHeaderSaltCrc32; + CopyMem(&bootArgs->BootPassword, &gAuthPassword, sizeof(gAuthPassword)); + bootArgs->HiddenSystemPartitionStart = 0; + bootArgs->DecoySystemPartitionStart = 0; + bootArgs->BootDriveSignature = bootDriveSignature; + bootArgs->Flags = (uint32)(gAuthPim << 16); + bootArgs->BootArgumentsCrc32 = GetCrc32((byte *)bootArgs, (int)((byte *)&bootArgs->BootArgumentsCrc32 - (byte *)bootArgs)); + bootParams->BootCryptoInfo.ea = (uint16)cryptoInfo->ea; + bootParams->BootCryptoInfo.mode = (uint16)cryptoInfo->mode; + bootParams->BootCryptoInfo.pkcs5 = (uint16)cryptoInfo->pkcs5; + SetSecRegionParamsMemory(); + status = EFI_SUCCESS; + } // Clean auth data MEM_BURN(&gAuthPassword, sizeof(gAuthPassword)); MEM_BURN(&gAuthPim, sizeof(gAuthPim)); - return EFI_SUCCESS; + return status; } void GetIntersection(uint64 start1, uint32 length1, uint64 start2, uint64 end2, uint64 *intersectStart, uint32 *intersectLength) @@ -708,6 +712,10 @@ SecRegionTryDecrypt() break; } else { ERR_PRINT(L"%a", gAuthErrorMsg); + // clear previous failed authentication information + MEM_BURN(&gAuthPassword, sizeof(gAuthPassword)); + if (gAuthPimRqt) + MEM_BURN(&gAuthPim, sizeof(gAuthPim)); } retry--; } while (vcres != 0 && retry > 0); @@ -1186,6 +1194,10 @@ UefiMain( gST->ConIn->Reset(gST->ConIn, FALSE); if (EFI_ERROR(res)) { + // clear buffers with potential authentication data + MEM_BURN(&gAuthPassword, sizeof(gAuthPassword)); + MEM_BURN(&gAuthPim, sizeof(gAuthPim)); + if (res == EFI_TIMEOUT) return OnExit(gOnExitTimeout, OnExitAuthTimeout, res); else if (res == EFI_DCS_USER_CANCELED) -- cgit v1.2.3