[mirror_edk2.git] / CryptoPkg / Library / BaseCryptLib / Pk / CryptPkcs7VerifyNull.c

/** @file\r
  PKCS#7 SignedData Verification Wrapper Implementation which does not provide\r
  real capabilities.\r
\r
Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution.  The full text of the license may be found at\r
http://opensource.org/licenses/bsd-license.php\r
\r
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
#include "InternalCryptLib.h"\r
\r
/**\r
  Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7:\r
  Cryptographic Message Syntax Standard". The input signed data could be wrapped\r
  in a ContentInfo structure.\r
\r
  Return FALSE to indicate this interface is not supported.\r
\r
  @param[in]  P7Data       Pointer to the PKCS#7 message to verify.\r
  @param[in]  P7Length     Length of the PKCS#7 message in bytes.\r
  @param[out] CertStack    Pointer to Signer's certificates retrieved from P7Data.\r
                           It's caller's responsibility to free the buffer with\r
                           Pkcs7FreeSigners().\r
                           This data structure is EFI_CERT_STACK type.\r
  @param[out] StackLength  Length of signer's certificates in bytes.\r
  @param[out] TrustedCert  Pointer to a trusted certificate from Signer's certificates.\r
                           It's caller's responsibility to free the buffer with\r
                           Pkcs7FreeSigners().\r
  @param[out] CertLength   Length of the trusted certificate in bytes.\r
\r
  @retval FALSE  This interface is not supported.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
Pkcs7GetSigners (\r
  IN  CONST UINT8  *P7Data,\r
  IN  UINTN        P7Length,\r
  OUT UINT8        **CertStack,\r
  OUT UINTN        *StackLength,\r
  OUT UINT8        **TrustedCert,\r
  OUT UINTN        *CertLength\r
  )\r
{\r
  ASSERT (FALSE);\r
  return FALSE;\r
}\r
\r
/**\r
  Wrap function to use free() to free allocated memory for certificates.\r
\r
  If the interface is not supported, then ASSERT().\r
\r
  @param[in]  Certs        Pointer to the certificates to be freed.\r
\r
**/\r
VOID\r
EFIAPI\r
Pkcs7FreeSigners (\r
  IN  UINT8        *Certs\r
  )\r
{\r
  ASSERT (FALSE);\r
}\r
\r
/**\r
  Retrieves all embedded certificates from PKCS#7 signed data as described in "PKCS #7:\r
  Cryptographic Message Syntax Standard", and outputs two certificate lists chained and\r
  unchained to the signer's certificates.\r
  The input signed data could be wrapped in a ContentInfo structure.\r
\r
  @param[in]  P7Data            Pointer to the PKCS#7 message.\r
  @param[in]  P7Length          Length of the PKCS#7 message in bytes.\r
  @param[out] SignerChainCerts  Pointer to the certificates list chained to signer's\r
                                certificate. It's caller's responsibility to free the buffer\r
                                with Pkcs7FreeSigners().\r
                                This data structure is EFI_CERT_STACK type.\r
  @param[out] ChainLength       Length of the chained certificates list buffer in bytes.\r
  @param[out] UnchainCerts      Pointer to the unchained certificates lists. It's caller's\r
                                responsibility to free the buffer with Pkcs7FreeSigners().\r
                                This data structure is EFI_CERT_STACK type.\r
  @param[out] UnchainLength     Length of the unchained certificates list buffer in bytes.\r
\r
  @retval  TRUE         The operation is finished successfully.\r
  @retval  FALSE        Error occurs during the operation.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
Pkcs7GetCertificatesList (\r
  IN  CONST UINT8  *P7Data,\r
  IN  UINTN        P7Length,\r
  OUT UINT8        **SignerChainCerts,\r
  OUT UINTN        *ChainLength,\r
  OUT UINT8        **UnchainCerts,\r
  OUT UINTN        *UnchainLength\r
  )\r
{\r
  ASSERT (FALSE);\r
  return FALSE;\r
}\r
\r
/**\r
  Verifies the validity of a PKCS#7 signed data as described in "PKCS #7:\r
  Cryptographic Message Syntax Standard". The input signed data could be wrapped\r
  in a ContentInfo structure.\r
\r
  Return FALSE to indicate this interface is not supported.\r
\r
  @param[in]  P7Data       Pointer to the PKCS#7 message to verify.\r
  @param[in]  P7Length     Length of the PKCS#7 message in bytes.\r
  @param[in]  TrustedCert  Pointer to a trusted/root certificate encoded in DER, which\r
                           is used for certificate chain verification.\r
  @param[in]  CertLength   Length of the trusted certificate in bytes.\r
  @param[in]  InData       Pointer to the content to be verified.\r
  @param[in]  DataLength   Length of InData in bytes.\r
\r
  @retval FALSE  This interface is not supported.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
Pkcs7Verify (\r
  IN  CONST UINT8  *P7Data,\r
  IN  UINTN        P7Length,\r
  IN  CONST UINT8  *TrustedCert,\r
  IN  UINTN        CertLength,\r
  IN  CONST UINT8  *InData,\r
  IN  UINTN        DataLength\r
  )\r
{\r
  ASSERT (FALSE);\r
  return FALSE;\r
}\r
\r
/**\r
  Extracts the attached content from a PKCS#7 signed data if existed. The input signed\r
  data could be wrapped in a ContentInfo structure.\r
\r
  Return FALSE to indicate this interface is not supported.\r
\r
  @param[in]   P7Data       Pointer to the PKCS#7 signed data to process.\r
  @param[in]   P7Length     Length of the PKCS#7 signed data in bytes.\r
  @param[out]  Content      Pointer to the extracted content from the PKCS#7 signedData.\r
                            It's caller's responsibility to free the buffer with FreePool().\r
  @param[out]  ContentSize  The size of the extracted content in bytes.\r
\r
  @retval     TRUE          The P7Data was correctly formatted for processing.\r
  @retval     FALSE         The P7Data was not correctly formatted for processing.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
Pkcs7GetAttachedContent (\r
  IN  CONST UINT8  *P7Data,\r
  IN  UINTN        P7Length,\r
  OUT VOID         **Content,\r
  OUT UINTN        *ContentSize\r
  )\r
{\r
  ASSERT (FALSE);\r
  return FALSE;\r
}\r
Commit	Line	Data
532616bb	1	/** @file\r
	2	PKCS#7 SignedData Verification Wrapper Implementation which does not provide\r
	3	real capabilities.\r
	4	\r
630f67dd	5	Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>\r
532616bb	6	This program and the accompanying materials\r
	7	are licensed and made available under the terms and conditions of the BSD License\r
	8	which accompanies this distribution. The full text of the license may be found at\r
	9	http://opensource.org/licenses/bsd-license.php\r
	10	\r
	11	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
	12	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	13	\r
	14	**/\r
	15	\r
	16	#include "InternalCryptLib.h"\r
	17	\r
	18	/**\r
	19	Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7:\r
	20	Cryptographic Message Syntax Standard". The input signed data could be wrapped\r
	21	in a ContentInfo structure.\r
	22	\r
	23	Return FALSE to indicate this interface is not supported.\r
	24	\r
	25	@param[in] P7Data Pointer to the PKCS#7 message to verify.\r
	26	@param[in] P7Length Length of the PKCS#7 message in bytes.\r
	27	@param[out] CertStack Pointer to Signer's certificates retrieved from P7Data.\r
6fe575d0 LQ	28	It's caller's responsibility to free the buffer with\r
6fe575d0 LQ	29	Pkcs7FreeSigners().\r
3702637a	30	This data structure is EFI_CERT_STACK type.\r
532616bb	31	@param[out] StackLength Length of signer's certificates in bytes.\r
532616bb	32	@param[out] TrustedCert Pointer to a trusted certificate from Signer's certificates.\r
6fe575d0 LQ	33	It's caller's responsibility to free the buffer with\r
6fe575d0 LQ	34	Pkcs7FreeSigners().\r
532616bb	35	@param[out] CertLength Length of the trusted certificate in bytes.\r
	36	\r
	37	@retval FALSE This interface is not supported.\r
	38	\r
	39	**/\r
	40	BOOLEAN\r
	41	EFIAPI\r
	42	Pkcs7GetSigners (\r
	43	IN CONST UINT8 *P7Data,\r
	44	IN UINTN P7Length,\r
	45	OUT UINT8 **CertStack,\r
	46	OUT UINTN *StackLength,\r
	47	OUT UINT8 **TrustedCert,\r
	48	OUT UINTN *CertLength\r
	49	)\r
	50	{\r
	51	ASSERT (FALSE);\r
	52	return FALSE;\r
	53	}\r
	54	\r
	55	/**\r
	56	Wrap function to use free() to free allocated memory for certificates.\r
	57	\r
	58	If the interface is not supported, then ASSERT().\r
630f67dd	59	\r
532616bb	60	@param[in] Certs Pointer to the certificates to be freed.\r
	61	\r
	62	**/\r
	63	VOID\r
	64	EFIAPI\r
	65	Pkcs7FreeSigners (\r
	66	IN UINT8 *Certs\r
	67	)\r
	68	{\r
	69	ASSERT (FALSE);\r
	70	}\r
	71	\r
45419de6 QL	72	/**\r
	73	Retrieves all embedded certificates from PKCS#7 signed data as described in "PKCS #7:\r
	74	Cryptographic Message Syntax Standard", and outputs two certificate lists chained and\r
	75	unchained to the signer's certificates.\r
	76	The input signed data could be wrapped in a ContentInfo structure.\r
	77	\r
	78	@param[in] P7Data Pointer to the PKCS#7 message.\r
	79	@param[in] P7Length Length of the PKCS#7 message in bytes.\r
0f5f6b3d	80	@param[out] SignerChainCerts Pointer to the certificates list chained to signer's\r
6fe575d0 LQ	81	certificate. It's caller's responsibility to free the buffer\r
6fe575d0 LQ	82	with Pkcs7FreeSigners().\r
3702637a	83	This data structure is EFI_CERT_STACK type.\r
45419de6 QL	84	@param[out] ChainLength Length of the chained certificates list buffer in bytes.\r
45419de6 QL	85	@param[out] UnchainCerts Pointer to the unchained certificates lists. It's caller's\r
6fe575d0	86	responsibility to free the buffer with Pkcs7FreeSigners().\r
3702637a	87	This data structure is EFI_CERT_STACK type.\r
45419de6 QL	88	@param[out] UnchainLength Length of the unchained certificates list buffer in bytes.\r
	89	\r
	90	@retval TRUE The operation is finished successfully.\r
	91	@retval FALSE Error occurs during the operation.\r
	92	\r
	93	**/\r
	94	BOOLEAN\r
	95	EFIAPI\r
	96	Pkcs7GetCertificatesList (\r
	97	IN CONST UINT8 *P7Data,\r
	98	IN UINTN P7Length,\r
	99	OUT UINT8 **SignerChainCerts,\r
	100	OUT UINTN *ChainLength,\r
	101	OUT UINT8 **UnchainCerts,\r
	102	OUT UINTN *UnchainLength\r
	103	)\r
	104	{\r
	105	ASSERT (FALSE);\r
	106	return FALSE;\r
	107	}\r
	108	\r
532616bb	109	/**\r
2998af86	110	Verifies the validity of a PKCS#7 signed data as described in "PKCS #7:\r
532616bb	111	Cryptographic Message Syntax Standard". The input signed data could be wrapped\r
	112	in a ContentInfo structure.\r
	113	\r
	114	Return FALSE to indicate this interface is not supported.\r
	115	\r
	116	@param[in] P7Data Pointer to the PKCS#7 message to verify.\r
	117	@param[in] P7Length Length of the PKCS#7 message in bytes.\r
	118	@param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which\r
	119	is used for certificate chain verification.\r
	120	@param[in] CertLength Length of the trusted certificate in bytes.\r
	121	@param[in] InData Pointer to the content to be verified.\r
	122	@param[in] DataLength Length of InData in bytes.\r
	123	\r
	124	@retval FALSE This interface is not supported.\r
	125	\r
	126	**/\r
	127	BOOLEAN\r
	128	EFIAPI\r
	129	Pkcs7Verify (\r
	130	IN CONST UINT8 *P7Data,\r
	131	IN UINTN P7Length,\r
	132	IN CONST UINT8 *TrustedCert,\r
	133	IN UINTN CertLength,\r
	134	IN CONST UINT8 *InData,\r
	135	IN UINTN DataLength\r
	136	)\r
	137	{\r
	138	ASSERT (FALSE);\r
	139	return FALSE;\r
	140	}\r
afeb55e4 QL	141	\r
	142	/**\r
	143	Extracts the attached content from a PKCS#7 signed data if existed. The input signed\r
	144	data could be wrapped in a ContentInfo structure.\r
	145	\r
	146	Return FALSE to indicate this interface is not supported.\r
	147	\r
	148	@param[in] P7Data Pointer to the PKCS#7 signed data to process.\r
	149	@param[in] P7Length Length of the PKCS#7 signed data in bytes.\r
	150	@param[out] Content Pointer to the extracted content from the PKCS#7 signedData.\r
6fe575d0	151	It's caller's responsibility to free the buffer with FreePool().\r
afeb55e4 QL	152	@param[out] ContentSize The size of the extracted content in bytes.\r
	153	\r
	154	@retval TRUE The P7Data was correctly formatted for processing.\r
	155	@retval FALSE The P7Data was not correctly formatted for processing.\r
	156	\r
b134fe98	157	**/\r
afeb55e4 QL	158	BOOLEAN\r
	159	EFIAPI\r
	160	Pkcs7GetAttachedContent (\r
	161	IN CONST UINT8 *P7Data,\r
	162	IN UINTN P7Length,\r
	163	OUT VOID **Content,\r
	164	OUT UINTN *ContentSize\r
	165	)\r
	166	{\r
	167	ASSERT (FALSE);\r
	168	return FALSE;\r
	169	}\r