Fork: 0
ajax / AMI-Aptio-BIOS-Reversed
Transfer to URL with SHA Find file
Newer
Older
AMI-Aptio-BIOS-Reversed / CryptoSMM / README.md
@Ajax Dong Ajax Dong 2 days ago 1 KB Init
Raw Blame History

CryptoSMM

Index

0190

Size

154A4h (87,204 bytes)

Phase

DXE SMM (System Management Mode driver)

Source Package

AmiCryptoPkg/CryptoProtocols

Overview

CryptoSMM is an SMM driver that provides cryptographic services within System Management Mode. It implements SMM-safe versions of cryptographic operations including PKCS7 signature verification, certificate parsing, hashing, and encryption/decryption. This is a substantial driver (87 KB) that embeds significant portions of a crypto library (likely OpenSSL-derived) to enable trusted boot, secure firmware update verification, and measured boot operations within the SMM sandbox.

Key Functions

  • ModuleEntryPoint (0x4D0): Entry point; initializes the crypto protocol provider in SMM and installs the crypto protocol interface.
  • sub_584 (21 callees): Main crypto library initialization; sets up ASN.1/DER parsing context, PKCS7 verification state, and BIGNUM resources.
  • sub_15FC (7 callees): Crypto protocol implementation; wraps internal crypto functions into UEFI protocol-compatible interfaces for SMM callers.
  • sub_1780: Crypto service cleanup and resource release on termination.

Strings

  • PKCS7 ASN.1 parsing: "Expected SEQUENCE (AlgorithmIdentifier)", "Expected SEQUENCE (AttributeTypeAndValue)"
  • "No INTEGER tag found for version field"
  • BIGNUM debug: "BIGNUM: %a failed"
  • Large string table (382 total strings) indicating embedded crypto library data
  • Build path: AmiCryptoPkg\CryptoProtocols\CryptoSMM

Platform

Intel Purley (HR650X server platform)