]>
Commit | Line | Data |
---|---|---|
532616bb | 1 | /** @file\r |
2 | PKCS#7 SignedData Verification Wrapper Implementation which does not provide\r | |
3 | real capabilities.\r | |
4 | \r | |
afeb55e4 | 5 | Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>\r |
532616bb | 6 | This program and the accompanying materials\r |
7 | are licensed and made available under the terms and conditions of the BSD License\r | |
8 | which accompanies this distribution. The full text of the license may be found at\r | |
9 | http://opensource.org/licenses/bsd-license.php\r | |
10 | \r | |
11 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r | |
12 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
13 | \r | |
14 | **/\r | |
15 | \r | |
16 | #include "InternalCryptLib.h"\r | |
17 | \r | |
18 | /**\r | |
19 | Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7:\r | |
20 | Cryptographic Message Syntax Standard". The input signed data could be wrapped\r | |
21 | in a ContentInfo structure.\r | |
22 | \r | |
23 | Return FALSE to indicate this interface is not supported.\r | |
24 | \r | |
25 | @param[in] P7Data Pointer to the PKCS#7 message to verify.\r | |
26 | @param[in] P7Length Length of the PKCS#7 message in bytes.\r | |
27 | @param[out] CertStack Pointer to Signer's certificates retrieved from P7Data.\r | |
6fe575d0 LQ |
28 | It's caller's responsibility to free the buffer with\r |
29 | Pkcs7FreeSigners().\r | |
532616bb | 30 | @param[out] StackLength Length of signer's certificates in bytes.\r |
31 | @param[out] TrustedCert Pointer to a trusted certificate from Signer's certificates.\r | |
6fe575d0 LQ |
32 | It's caller's responsibility to free the buffer with\r |
33 | Pkcs7FreeSigners().\r | |
532616bb | 34 | @param[out] CertLength Length of the trusted certificate in bytes.\r |
35 | \r | |
36 | @retval FALSE This interface is not supported.\r | |
37 | \r | |
38 | **/\r | |
39 | BOOLEAN\r | |
40 | EFIAPI\r | |
41 | Pkcs7GetSigners (\r | |
42 | IN CONST UINT8 *P7Data,\r | |
43 | IN UINTN P7Length,\r | |
44 | OUT UINT8 **CertStack,\r | |
45 | OUT UINTN *StackLength,\r | |
46 | OUT UINT8 **TrustedCert,\r | |
47 | OUT UINTN *CertLength\r | |
48 | )\r | |
49 | {\r | |
50 | ASSERT (FALSE);\r | |
51 | return FALSE;\r | |
52 | }\r | |
53 | \r | |
54 | /**\r | |
55 | Wrap function to use free() to free allocated memory for certificates.\r | |
56 | \r | |
57 | If the interface is not supported, then ASSERT().\r | |
58 | \r | |
59 | @param[in] Certs Pointer to the certificates to be freed.\r | |
60 | \r | |
61 | **/\r | |
62 | VOID\r | |
63 | EFIAPI\r | |
64 | Pkcs7FreeSigners (\r | |
65 | IN UINT8 *Certs\r | |
66 | )\r | |
67 | {\r | |
68 | ASSERT (FALSE);\r | |
69 | }\r | |
70 | \r | |
45419de6 QL |
71 | /**\r |
72 | Retrieves all embedded certificates from PKCS#7 signed data as described in "PKCS #7:\r | |
73 | Cryptographic Message Syntax Standard", and outputs two certificate lists chained and\r | |
74 | unchained to the signer's certificates.\r | |
75 | The input signed data could be wrapped in a ContentInfo structure.\r | |
76 | \r | |
77 | @param[in] P7Data Pointer to the PKCS#7 message.\r | |
78 | @param[in] P7Length Length of the PKCS#7 message in bytes.\r | |
0f5f6b3d | 79 | @param[out] SignerChainCerts Pointer to the certificates list chained to signer's\r |
6fe575d0 LQ |
80 | certificate. It's caller's responsibility to free the buffer\r |
81 | with Pkcs7FreeSigners().\r | |
45419de6 QL |
82 | @param[out] ChainLength Length of the chained certificates list buffer in bytes.\r |
83 | @param[out] UnchainCerts Pointer to the unchained certificates lists. It's caller's\r | |
6fe575d0 | 84 | responsibility to free the buffer with Pkcs7FreeSigners().\r |
45419de6 QL |
85 | @param[out] UnchainLength Length of the unchained certificates list buffer in bytes.\r |
86 | \r | |
87 | @retval TRUE The operation is finished successfully.\r | |
88 | @retval FALSE Error occurs during the operation.\r | |
89 | \r | |
90 | **/\r | |
91 | BOOLEAN\r | |
92 | EFIAPI\r | |
93 | Pkcs7GetCertificatesList (\r | |
94 | IN CONST UINT8 *P7Data,\r | |
95 | IN UINTN P7Length,\r | |
96 | OUT UINT8 **SignerChainCerts,\r | |
97 | OUT UINTN *ChainLength,\r | |
98 | OUT UINT8 **UnchainCerts,\r | |
99 | OUT UINTN *UnchainLength\r | |
100 | )\r | |
101 | {\r | |
102 | ASSERT (FALSE);\r | |
103 | return FALSE;\r | |
104 | }\r | |
105 | \r | |
532616bb | 106 | /**\r |
2998af86 | 107 | Verifies the validity of a PKCS#7 signed data as described in "PKCS #7:\r |
532616bb | 108 | Cryptographic Message Syntax Standard". The input signed data could be wrapped\r |
109 | in a ContentInfo structure.\r | |
110 | \r | |
111 | Return FALSE to indicate this interface is not supported.\r | |
112 | \r | |
113 | @param[in] P7Data Pointer to the PKCS#7 message to verify.\r | |
114 | @param[in] P7Length Length of the PKCS#7 message in bytes.\r | |
115 | @param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which\r | |
116 | is used for certificate chain verification.\r | |
117 | @param[in] CertLength Length of the trusted certificate in bytes.\r | |
118 | @param[in] InData Pointer to the content to be verified.\r | |
119 | @param[in] DataLength Length of InData in bytes.\r | |
120 | \r | |
121 | @retval FALSE This interface is not supported.\r | |
122 | \r | |
123 | **/\r | |
124 | BOOLEAN\r | |
125 | EFIAPI\r | |
126 | Pkcs7Verify (\r | |
127 | IN CONST UINT8 *P7Data,\r | |
128 | IN UINTN P7Length,\r | |
129 | IN CONST UINT8 *TrustedCert,\r | |
130 | IN UINTN CertLength,\r | |
131 | IN CONST UINT8 *InData,\r | |
132 | IN UINTN DataLength\r | |
133 | )\r | |
134 | {\r | |
135 | ASSERT (FALSE);\r | |
136 | return FALSE;\r | |
137 | }\r | |
afeb55e4 QL |
138 | \r |
139 | /**\r | |
140 | Extracts the attached content from a PKCS#7 signed data if existed. The input signed\r | |
141 | data could be wrapped in a ContentInfo structure.\r | |
142 | \r | |
143 | Return FALSE to indicate this interface is not supported.\r | |
144 | \r | |
145 | @param[in] P7Data Pointer to the PKCS#7 signed data to process.\r | |
146 | @param[in] P7Length Length of the PKCS#7 signed data in bytes.\r | |
147 | @param[out] Content Pointer to the extracted content from the PKCS#7 signedData.\r | |
6fe575d0 | 148 | It's caller's responsibility to free the buffer with FreePool().\r |
afeb55e4 QL |
149 | @param[out] ContentSize The size of the extracted content in bytes.\r |
150 | \r | |
151 | @retval TRUE The P7Data was correctly formatted for processing.\r | |
152 | @retval FALSE The P7Data was not correctly formatted for processing.\r | |
153 | \r | |
b134fe98 | 154 | **/\r |
afeb55e4 QL |
155 | BOOLEAN\r |
156 | EFIAPI\r | |
157 | Pkcs7GetAttachedContent (\r | |
158 | IN CONST UINT8 *P7Data,\r | |
159 | IN UINTN P7Length,\r | |
160 | OUT VOID **Content,\r | |
161 | OUT UINTN *ContentSize\r | |
162 | )\r | |
163 | {\r | |
164 | ASSERT (FALSE);\r | |
165 | return FALSE;\r | |
166 | }\r |