]>
Commit | Line | Data |
---|---|---|
532616bb | 1 | /** @file\r |
2 | PKCS#7 SignedData Verification Wrapper Implementation which does not provide\r | |
3 | real capabilities.\r | |
4 | \r | |
630f67dd | 5 | Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>\r |
2009f6b4 | 6 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
532616bb | 7 | \r |
8 | **/\r | |
9 | \r | |
10 | #include "InternalCryptLib.h"\r | |
11 | \r | |
12 | /**\r | |
13 | Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7:\r | |
14 | Cryptographic Message Syntax Standard". The input signed data could be wrapped\r | |
15 | in a ContentInfo structure.\r | |
16 | \r | |
17 | Return FALSE to indicate this interface is not supported.\r | |
18 | \r | |
19 | @param[in] P7Data Pointer to the PKCS#7 message to verify.\r | |
20 | @param[in] P7Length Length of the PKCS#7 message in bytes.\r | |
21 | @param[out] CertStack Pointer to Signer's certificates retrieved from P7Data.\r | |
6fe575d0 LQ |
22 | It's caller's responsibility to free the buffer with\r |
23 | Pkcs7FreeSigners().\r | |
3702637a | 24 | This data structure is EFI_CERT_STACK type.\r |
532616bb | 25 | @param[out] StackLength Length of signer's certificates in bytes.\r |
26 | @param[out] TrustedCert Pointer to a trusted certificate from Signer's certificates.\r | |
6fe575d0 LQ |
27 | It's caller's responsibility to free the buffer with\r |
28 | Pkcs7FreeSigners().\r | |
532616bb | 29 | @param[out] CertLength Length of the trusted certificate in bytes.\r |
30 | \r | |
31 | @retval FALSE This interface is not supported.\r | |
32 | \r | |
33 | **/\r | |
34 | BOOLEAN\r | |
35 | EFIAPI\r | |
36 | Pkcs7GetSigners (\r | |
37 | IN CONST UINT8 *P7Data,\r | |
38 | IN UINTN P7Length,\r | |
39 | OUT UINT8 **CertStack,\r | |
40 | OUT UINTN *StackLength,\r | |
41 | OUT UINT8 **TrustedCert,\r | |
42 | OUT UINTN *CertLength\r | |
43 | )\r | |
44 | {\r | |
45 | ASSERT (FALSE);\r | |
46 | return FALSE;\r | |
47 | }\r | |
48 | \r | |
49 | /**\r | |
50 | Wrap function to use free() to free allocated memory for certificates.\r | |
51 | \r | |
52 | If the interface is not supported, then ASSERT().\r | |
630f67dd | 53 | \r |
532616bb | 54 | @param[in] Certs Pointer to the certificates to be freed.\r |
55 | \r | |
56 | **/\r | |
57 | VOID\r | |
58 | EFIAPI\r | |
59 | Pkcs7FreeSigners (\r | |
7c342378 | 60 | IN UINT8 *Certs\r |
532616bb | 61 | )\r |
62 | {\r | |
63 | ASSERT (FALSE);\r | |
64 | }\r | |
65 | \r | |
45419de6 QL |
66 | /**\r |
67 | Retrieves all embedded certificates from PKCS#7 signed data as described in "PKCS #7:\r | |
68 | Cryptographic Message Syntax Standard", and outputs two certificate lists chained and\r | |
69 | unchained to the signer's certificates.\r | |
70 | The input signed data could be wrapped in a ContentInfo structure.\r | |
71 | \r | |
72 | @param[in] P7Data Pointer to the PKCS#7 message.\r | |
73 | @param[in] P7Length Length of the PKCS#7 message in bytes.\r | |
0f5f6b3d | 74 | @param[out] SignerChainCerts Pointer to the certificates list chained to signer's\r |
6fe575d0 LQ |
75 | certificate. It's caller's responsibility to free the buffer\r |
76 | with Pkcs7FreeSigners().\r | |
3702637a | 77 | This data structure is EFI_CERT_STACK type.\r |
45419de6 QL |
78 | @param[out] ChainLength Length of the chained certificates list buffer in bytes.\r |
79 | @param[out] UnchainCerts Pointer to the unchained certificates lists. It's caller's\r | |
6fe575d0 | 80 | responsibility to free the buffer with Pkcs7FreeSigners().\r |
3702637a | 81 | This data structure is EFI_CERT_STACK type.\r |
45419de6 QL |
82 | @param[out] UnchainLength Length of the unchained certificates list buffer in bytes.\r |
83 | \r | |
84 | @retval TRUE The operation is finished successfully.\r | |
85 | @retval FALSE Error occurs during the operation.\r | |
86 | \r | |
87 | **/\r | |
88 | BOOLEAN\r | |
89 | EFIAPI\r | |
90 | Pkcs7GetCertificatesList (\r | |
91 | IN CONST UINT8 *P7Data,\r | |
92 | IN UINTN P7Length,\r | |
93 | OUT UINT8 **SignerChainCerts,\r | |
94 | OUT UINTN *ChainLength,\r | |
95 | OUT UINT8 **UnchainCerts,\r | |
96 | OUT UINTN *UnchainLength\r | |
97 | )\r | |
98 | {\r | |
99 | ASSERT (FALSE);\r | |
100 | return FALSE;\r | |
101 | }\r | |
102 | \r | |
532616bb | 103 | /**\r |
2998af86 | 104 | Verifies the validity of a PKCS#7 signed data as described in "PKCS #7:\r |
532616bb | 105 | Cryptographic Message Syntax Standard". The input signed data could be wrapped\r |
106 | in a ContentInfo structure.\r | |
107 | \r | |
108 | Return FALSE to indicate this interface is not supported.\r | |
109 | \r | |
110 | @param[in] P7Data Pointer to the PKCS#7 message to verify.\r | |
111 | @param[in] P7Length Length of the PKCS#7 message in bytes.\r | |
112 | @param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which\r | |
113 | is used for certificate chain verification.\r | |
114 | @param[in] CertLength Length of the trusted certificate in bytes.\r | |
115 | @param[in] InData Pointer to the content to be verified.\r | |
116 | @param[in] DataLength Length of InData in bytes.\r | |
117 | \r | |
118 | @retval FALSE This interface is not supported.\r | |
119 | \r | |
120 | **/\r | |
121 | BOOLEAN\r | |
122 | EFIAPI\r | |
123 | Pkcs7Verify (\r | |
124 | IN CONST UINT8 *P7Data,\r | |
125 | IN UINTN P7Length,\r | |
126 | IN CONST UINT8 *TrustedCert,\r | |
127 | IN UINTN CertLength,\r | |
128 | IN CONST UINT8 *InData,\r | |
129 | IN UINTN DataLength\r | |
130 | )\r | |
131 | {\r | |
132 | ASSERT (FALSE);\r | |
133 | return FALSE;\r | |
134 | }\r | |
afeb55e4 QL |
135 | \r |
136 | /**\r | |
137 | Extracts the attached content from a PKCS#7 signed data if existed. The input signed\r | |
138 | data could be wrapped in a ContentInfo structure.\r | |
139 | \r | |
140 | Return FALSE to indicate this interface is not supported.\r | |
141 | \r | |
142 | @param[in] P7Data Pointer to the PKCS#7 signed data to process.\r | |
143 | @param[in] P7Length Length of the PKCS#7 signed data in bytes.\r | |
144 | @param[out] Content Pointer to the extracted content from the PKCS#7 signedData.\r | |
6fe575d0 | 145 | It's caller's responsibility to free the buffer with FreePool().\r |
afeb55e4 QL |
146 | @param[out] ContentSize The size of the extracted content in bytes.\r |
147 | \r | |
148 | @retval TRUE The P7Data was correctly formatted for processing.\r | |
149 | @retval FALSE The P7Data was not correctly formatted for processing.\r | |
150 | \r | |
b134fe98 | 151 | **/\r |
afeb55e4 QL |
152 | BOOLEAN\r |
153 | EFIAPI\r | |
154 | Pkcs7GetAttachedContent (\r | |
155 | IN CONST UINT8 *P7Data,\r | |
156 | IN UINTN P7Length,\r | |
157 | OUT VOID **Content,\r | |
158 | OUT UINTN *ContentSize\r | |
159 | )\r | |
160 | {\r | |
161 | ASSERT (FALSE);\r | |
162 | return FALSE;\r | |
163 | }\r |