]>
Commit | Line | Data |
---|---|---|
532616bb | 1 | /** @file\r |
2 | PKCS#7 SignedData Verification Wrapper Implementation which does not provide\r | |
3 | real capabilities.\r | |
4 | \r | |
afeb55e4 | 5 | Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>\r |
532616bb | 6 | This program and the accompanying materials\r |
7 | are licensed and made available under the terms and conditions of the BSD License\r | |
8 | which accompanies this distribution. The full text of the license may be found at\r | |
9 | http://opensource.org/licenses/bsd-license.php\r | |
10 | \r | |
11 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r | |
12 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
13 | \r | |
14 | **/\r | |
15 | \r | |
16 | #include "InternalCryptLib.h"\r | |
17 | \r | |
18 | /**\r | |
19 | Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7:\r | |
20 | Cryptographic Message Syntax Standard". The input signed data could be wrapped\r | |
21 | in a ContentInfo structure.\r | |
22 | \r | |
23 | Return FALSE to indicate this interface is not supported.\r | |
24 | \r | |
25 | @param[in] P7Data Pointer to the PKCS#7 message to verify.\r | |
26 | @param[in] P7Length Length of the PKCS#7 message in bytes.\r | |
27 | @param[out] CertStack Pointer to Signer's certificates retrieved from P7Data.\r | |
210abffd | 28 | It's caller's responsibility to free the buffer.\r |
532616bb | 29 | @param[out] StackLength Length of signer's certificates in bytes.\r |
30 | @param[out] TrustedCert Pointer to a trusted certificate from Signer's certificates.\r | |
210abffd | 31 | It's caller's responsibility to free the buffer.\r |
532616bb | 32 | @param[out] CertLength Length of the trusted certificate in bytes.\r |
33 | \r | |
34 | @retval FALSE This interface is not supported.\r | |
35 | \r | |
36 | **/\r | |
37 | BOOLEAN\r | |
38 | EFIAPI\r | |
39 | Pkcs7GetSigners (\r | |
40 | IN CONST UINT8 *P7Data,\r | |
41 | IN UINTN P7Length,\r | |
42 | OUT UINT8 **CertStack,\r | |
43 | OUT UINTN *StackLength,\r | |
44 | OUT UINT8 **TrustedCert,\r | |
45 | OUT UINTN *CertLength\r | |
46 | )\r | |
47 | {\r | |
48 | ASSERT (FALSE);\r | |
49 | return FALSE;\r | |
50 | }\r | |
51 | \r | |
52 | /**\r | |
53 | Wrap function to use free() to free allocated memory for certificates.\r | |
54 | \r | |
55 | If the interface is not supported, then ASSERT().\r | |
56 | \r | |
57 | @param[in] Certs Pointer to the certificates to be freed.\r | |
58 | \r | |
59 | **/\r | |
60 | VOID\r | |
61 | EFIAPI\r | |
62 | Pkcs7FreeSigners (\r | |
63 | IN UINT8 *Certs\r | |
64 | )\r | |
65 | {\r | |
66 | ASSERT (FALSE);\r | |
67 | }\r | |
68 | \r | |
45419de6 QL |
69 | /**\r |
70 | Retrieves all embedded certificates from PKCS#7 signed data as described in "PKCS #7:\r | |
71 | Cryptographic Message Syntax Standard", and outputs two certificate lists chained and\r | |
72 | unchained to the signer's certificates.\r | |
73 | The input signed data could be wrapped in a ContentInfo structure.\r | |
74 | \r | |
75 | @param[in] P7Data Pointer to the PKCS#7 message.\r | |
76 | @param[in] P7Length Length of the PKCS#7 message in bytes.\r | |
0f5f6b3d | 77 | @param[out] SignerChainCerts Pointer to the certificates list chained to signer's\r |
210abffd | 78 | certificate. It's caller's responsibility to free the buffer.\r |
45419de6 QL |
79 | @param[out] ChainLength Length of the chained certificates list buffer in bytes.\r |
80 | @param[out] UnchainCerts Pointer to the unchained certificates lists. It's caller's\r | |
210abffd | 81 | responsibility to free the buffer.\r |
45419de6 QL |
82 | @param[out] UnchainLength Length of the unchained certificates list buffer in bytes.\r |
83 | \r | |
84 | @retval TRUE The operation is finished successfully.\r | |
85 | @retval FALSE Error occurs during the operation.\r | |
86 | \r | |
87 | **/\r | |
88 | BOOLEAN\r | |
89 | EFIAPI\r | |
90 | Pkcs7GetCertificatesList (\r | |
91 | IN CONST UINT8 *P7Data,\r | |
92 | IN UINTN P7Length,\r | |
93 | OUT UINT8 **SignerChainCerts,\r | |
94 | OUT UINTN *ChainLength,\r | |
95 | OUT UINT8 **UnchainCerts,\r | |
96 | OUT UINTN *UnchainLength\r | |
97 | )\r | |
98 | {\r | |
99 | ASSERT (FALSE);\r | |
100 | return FALSE;\r | |
101 | }\r | |
102 | \r | |
532616bb | 103 | /**\r |
104 | Verifies the validility of a PKCS#7 signed data as described in "PKCS #7:\r | |
105 | Cryptographic Message Syntax Standard". The input signed data could be wrapped\r | |
106 | in a ContentInfo structure.\r | |
107 | \r | |
108 | Return FALSE to indicate this interface is not supported.\r | |
109 | \r | |
110 | @param[in] P7Data Pointer to the PKCS#7 message to verify.\r | |
111 | @param[in] P7Length Length of the PKCS#7 message in bytes.\r | |
112 | @param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which\r | |
113 | is used for certificate chain verification.\r | |
114 | @param[in] CertLength Length of the trusted certificate in bytes.\r | |
115 | @param[in] InData Pointer to the content to be verified.\r | |
116 | @param[in] DataLength Length of InData in bytes.\r | |
117 | \r | |
118 | @retval FALSE This interface is not supported.\r | |
119 | \r | |
120 | **/\r | |
121 | BOOLEAN\r | |
122 | EFIAPI\r | |
123 | Pkcs7Verify (\r | |
124 | IN CONST UINT8 *P7Data,\r | |
125 | IN UINTN P7Length,\r | |
126 | IN CONST UINT8 *TrustedCert,\r | |
127 | IN UINTN CertLength,\r | |
128 | IN CONST UINT8 *InData,\r | |
129 | IN UINTN DataLength\r | |
130 | )\r | |
131 | {\r | |
132 | ASSERT (FALSE);\r | |
133 | return FALSE;\r | |
134 | }\r | |
afeb55e4 QL |
135 | \r |
136 | /**\r | |
137 | Extracts the attached content from a PKCS#7 signed data if existed. The input signed\r | |
138 | data could be wrapped in a ContentInfo structure.\r | |
139 | \r | |
140 | Return FALSE to indicate this interface is not supported.\r | |
141 | \r | |
142 | @param[in] P7Data Pointer to the PKCS#7 signed data to process.\r | |
143 | @param[in] P7Length Length of the PKCS#7 signed data in bytes.\r | |
144 | @param[out] Content Pointer to the extracted content from the PKCS#7 signedData.\r | |
210abffd | 145 | It's caller's responsibility to free the buffer.\r |
afeb55e4 QL |
146 | @param[out] ContentSize The size of the extracted content in bytes.\r |
147 | \r | |
148 | @retval TRUE The P7Data was correctly formatted for processing.\r | |
149 | @retval FALSE The P7Data was not correctly formatted for processing.\r | |
150 | \r | |
b134fe98 | 151 | **/\r |
afeb55e4 QL |
152 | BOOLEAN\r |
153 | EFIAPI\r | |
154 | Pkcs7GetAttachedContent (\r | |
155 | IN CONST UINT8 *P7Data,\r | |
156 | IN UINTN P7Length,\r | |
157 | OUT VOID **Content,\r | |
158 | OUT UINTN *ContentSize\r | |
159 | )\r | |
160 | {\r | |
161 | ASSERT (FALSE);\r | |
162 | return FALSE;\r | |
163 | }\r |