]> git.proxmox.com Git - mirror_edk2.git/blame - CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
UefiCpuPkg: Move AsmRelocateApLoopStart from Mpfuncs.nasm to AmdSev.nasm
[mirror_edk2.git] / CryptoPkg / Library / BaseCryptLib / Pk / CryptX509Null.c
CommitLineData
532616bb 1/** @file\r
2 X.509 Certificate Handler Wrapper Implementation which does not provide\r
3 real capabilities.\r
4\r
66862136 5Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.<BR>\r
2009f6b4 6SPDX-License-Identifier: BSD-2-Clause-Patent\r
532616bb 7\r
8**/\r
9\r
10#include "InternalCryptLib.h"\r
11\r
12/**\r
13 Construct a X509 object from DER-encoded certificate data.\r
14\r
15 Return FALSE to indicate this interface is not supported.\r
16\r
17 @param[in] Cert Pointer to the DER-encoded certificate data.\r
18 @param[in] CertSize The size of certificate data in bytes.\r
19 @param[out] SingleX509Cert The generated X509 object.\r
20\r
21 @retval FALSE This interface is not supported.\r
22\r
23**/\r
24BOOLEAN\r
25EFIAPI\r
26X509ConstructCertificate (\r
27 IN CONST UINT8 *Cert,\r
28 IN UINTN CertSize,\r
29 OUT UINT8 **SingleX509Cert\r
30 )\r
31{\r
32 ASSERT (FALSE);\r
33 return FALSE;\r
34}\r
35\r
66862136
MK		 36/**\r
37 Construct a X509 stack object from a list of DER-encoded certificate data.\r
38\r
39 If X509Stack is NULL, then return FALSE.\r
40 If this interface is not supported, then return FALSE.\r
41\r
42 @param[in, out] X509Stack On input, pointer to an existing or NULL X509 stack object.\r
43 On output, pointer to the X509 stack object with new\r
44 inserted X509 certificate.\r
45 @param[in] Args VA_LIST marker for the variable argument list.\r
46 A list of DER-encoded single certificate data followed\r
47 by certificate size. A NULL terminates the list. The\r
48 pairs are the arguments to X509ConstructCertificate().\r
49\r
50 @retval TRUE The X509 stack construction succeeded.\r
51 @retval FALSE The construction operation failed.\r
52 @retval FALSE This interface is not supported.\r
53\r
54**/\r
55BOOLEAN\r
56EFIAPI\r
57X509ConstructCertificateStackV (\r
58 IN OUT UINT8 **X509Stack,\r
59 IN VA_LIST Args\r
60 )\r
61{\r
62 ASSERT (FALSE);\r
63 return FALSE;\r
64}\r
65\r
532616bb 66/**\r
67 Construct a X509 stack object from a list of DER-encoded certificate data.\r
68\r
69 Return FALSE to indicate this interface is not supported.\r
70\r
952bd229 71 @param[in, out] X509Stack On input, pointer to an existing or NULL X509 stack object.\r
532616bb 72 On output, pointer to the X509 stack object with new\r
73 inserted X509 certificate.\r
74 @param ... A list of DER-encoded single certificate data followed\r
75 by certificate size. A NULL terminates the list. The\r
76 pairs are the arguments to X509ConstructCertificate().\r
630f67dd 77\r
532616bb 78 @retval FALSE This interface is not supported.\r
79\r
80**/\r
81BOOLEAN\r
82EFIAPI\r
83X509ConstructCertificateStack (\r
84 IN OUT UINT8 **X509Stack,\r
630f67dd 85 ...\r
532616bb 86 )\r
87{\r
88 ASSERT (FALSE);\r
89 return FALSE;\r
90}\r
91\r
92/**\r
93 Release the specified X509 object.\r
94\r
95 If the interface is not supported, then ASSERT().\r
96\r
97 @param[in] X509Cert Pointer to the X509 object to be released.\r
98\r
99**/\r
100VOID\r
101EFIAPI\r
102X509Free (\r
103 IN VOID *X509Cert\r
104 )\r
630f67dd 105{\r
532616bb 106 ASSERT (FALSE);\r
107}\r
108\r
109/**\r
110 Release the specified X509 stack object.\r
111\r
112 If the interface is not supported, then ASSERT().\r
113\r
114 @param[in] X509Stack Pointer to the X509 stack object to be released.\r
115\r
116**/\r
117VOID\r
118EFIAPI\r
119X509StackFree (\r
120 IN VOID *X509Stack\r
121 )\r
122{\r
123 ASSERT (FALSE);\r
124}\r
125\r
126/**\r
127 Retrieve the subject bytes from one X.509 certificate.\r
128\r
129 Return FALSE to indicate this interface is not supported.\r
130\r
131 @param[in] Cert Pointer to the DER-encoded X509 certificate.\r
132 @param[in] CertSize Size of the X509 certificate in bytes.\r
133 @param[out] CertSubject Pointer to the retrieved certificate subject bytes.\r
134 @param[in, out] SubjectSize The size in bytes of the CertSubject buffer on input,\r
135 and the size of buffer returned CertSubject on output.\r
136\r
137\r
138 @retval FALSE This interface is not supported.\r
139\r
140**/\r
141BOOLEAN\r
142EFIAPI\r
143X509GetSubjectName (\r
144 IN CONST UINT8 *Cert,\r
145 IN UINTN CertSize,\r
146 OUT UINT8 *CertSubject,\r
147 IN OUT UINTN *SubjectSize\r
148 )\r
149{\r
150 ASSERT (FALSE);\r
151 return FALSE;\r
152}\r
153\r
5b7c2245
QL		 154/**\r
155 Retrieve the common name (CN) string from one X.509 certificate.\r
156\r
157 Return RETURN_UNSUPPORTED to indicate this interface is not supported.\r
158\r
159 @param[in] Cert Pointer to the DER-encoded X509 certificate.\r
160 @param[in] CertSize Size of the X509 certificate in bytes.\r
161 @param[out] CommonName Buffer to contain the retrieved certificate common\r
0b6457ef 162 name string (UTF8). At most CommonNameSize bytes will be\r
5b7c2245
QL		 163 written and the string will be null terminated. May be\r
164 NULL in order to determine the size buffer needed.\r
165 @param[in,out] CommonNameSize The size in bytes of the CommonName buffer on input,\r
166 and the size of buffer returned CommonName on output.\r
167 If CommonName is NULL then the amount of space needed\r
168 in buffer (including the final null) is returned.\r
169\r
170 @retval RETURN_UNSUPPORTED The operation is not supported.\r
171\r
172**/\r
173RETURN_STATUS\r
174EFIAPI\r
175X509GetCommonName (\r
176 IN CONST UINT8 *Cert,\r
177 IN UINTN CertSize,\r
c8f46130 178 OUT CHAR8 *CommonName OPTIONAL,\r
5b7c2245
QL		 179 IN OUT UINTN *CommonNameSize\r
180 )\r
181{\r
182 ASSERT (FALSE);\r
183 return RETURN_UNSUPPORTED;\r
184}\r
185\r
912e1e1e
BB		 186/**\r
187 Retrieve the organization name (ON) string from one X.509 certificate.\r
188\r
189 Return RETURN_UNSUPPORTED to indicate this interface is not supported.\r
190\r
191 @param[in] Cert Pointer to the DER-encoded X509 certificate.\r
192 @param[in] CertSize Size of the X509 certificate in bytes.\r
193 @param[out] NameBuffer Buffer to contain the retrieved certificate organization\r
194 name string. At most NameBufferSize bytes will be\r
195 written and the string will be null terminated. May be\r
196 NULL in order to determine the size buffer needed.\r
197 @param[in,out] NameBufferSize The size in bytes of the Name buffer on input,\r
198 and the size of buffer returned Name on output.\r
199 If NameBuffer is NULL then the amount of space needed\r
200 in buffer (including the final null) is returned.\r
201\r
202 @retval RETURN_UNSUPPORTED The operation is not supported.\r
203\r
204**/\r
205RETURN_STATUS\r
206EFIAPI\r
207X509GetOrganizationName (\r
7c342378
MK		 208 IN CONST UINT8 *Cert,\r
209 IN UINTN CertSize,\r
210 OUT CHAR8 *NameBuffer OPTIONAL,\r
211 IN OUT UINTN *NameBufferSize\r
912e1e1e
BB		 212 )\r
213{\r
214 ASSERT (FALSE);\r
215 return RETURN_UNSUPPORTED;\r
216}\r
217\r
532616bb 218/**\r
219 Retrieve the RSA Public Key from one DER-encoded X509 certificate.\r
220\r
221 Return FALSE to indicate this interface is not supported.\r
222\r
223 @param[in] Cert Pointer to the DER-encoded X509 certificate.\r
224 @param[in] CertSize Size of the X509 certificate in bytes.\r
225 @param[out] RsaContext Pointer to new-generated RSA context which contain the retrieved\r
226 RSA public key component. Use RsaFree() function to free the\r
227 resource.\r
228\r
229 @retval FALSE This interface is not supported.\r
230\r
231**/\r
232BOOLEAN\r
233EFIAPI\r
234RsaGetPublicKeyFromX509 (\r
235 IN CONST UINT8 *Cert,\r
236 IN UINTN CertSize,\r
237 OUT VOID **RsaContext\r
238 )\r
239{\r
240 ASSERT (FALSE);\r
241 return FALSE;\r
242}\r
243\r
244/**\r
245 Verify one X509 certificate was issued by the trusted CA.\r
246\r
247 Return FALSE to indicate this interface is not supported.\r
248\r
249 @param[in] Cert Pointer to the DER-encoded X509 certificate to be verified.\r
250 @param[in] CertSize Size of the X509 certificate in bytes.\r
251 @param[in] CACert Pointer to the DER-encoded trusted CA certificate.\r
252 @param[in] CACertSize Size of the CA Certificate in bytes.\r
253\r
254 @retval FALSE This interface is not supported.\r
630f67dd 255\r
532616bb 256**/\r
257BOOLEAN\r
258EFIAPI\r
259X509VerifyCert (\r
260 IN CONST UINT8 *Cert,\r
261 IN UINTN CertSize,\r
262 IN CONST UINT8 *CACert,\r
263 IN UINTN CACertSize\r
264 )\r
265{\r
266 ASSERT (FALSE);\r
267 return FALSE;\r
268}\r
12d95665
LQ		 269\r
270/**\r
271 Retrieve the TBSCertificate from one given X.509 certificate.\r
272\r
273 Return FALSE to indicate this interface is not supported.\r
274\r
275 @param[in] Cert Pointer to the given DER-encoded X509 certificate.\r
276 @param[in] CertSize Size of the X509 certificate in bytes.\r
277 @param[out] TBSCert DER-Encoded To-Be-Signed certificate.\r
278 @param[out] TBSCertSize Size of the TBS certificate in bytes.\r
279\r
280 @retval FALSE This interface is not supported.\r
281\r
282**/\r
283BOOLEAN\r
284EFIAPI\r
285X509GetTBSCert (\r
286 IN CONST UINT8 *Cert,\r
287 IN UINTN CertSize,\r
288 OUT UINT8 **TBSCert,\r
289 OUT UINTN *TBSCertSize\r
290 )\r
291{\r
292 ASSERT (FALSE);\r
293 return FALSE;\r
294}\r
f21a1d48
QZ		 295\r
296/**\r
297 Retrieve the EC Public Key from one DER-encoded X509 certificate.\r
298\r
299 @param[in] Cert Pointer to the DER-encoded X509 certificate.\r
300 @param[in] CertSize Size of the X509 certificate in bytes.\r
301 @param[out] EcContext Pointer to new-generated EC DSA context which contain the retrieved\r
302 EC public key component. Use EcFree() function to free the\r
303 resource.\r
304\r
305 If Cert is NULL, then return FALSE.\r
306 If EcContext is NULL, then return FALSE.\r
307\r
308 @retval TRUE EC Public Key was retrieved successfully.\r
309 @retval FALSE Fail to retrieve EC public key from X509 certificate.\r
310\r
311**/\r
312BOOLEAN\r
313EFIAPI\r
314EcGetPublicKeyFromX509 (\r
315 IN CONST UINT8 *Cert,\r
316 IN UINTN CertSize,\r
317 OUT VOID **EcContext\r
318 )\r
319{\r
320 ASSERT (FALSE);\r
321 return FALSE;\r
322}\r
8ecae3d6
QZ		 323\r
324/**\r
325 Retrieve the version from one X.509 certificate.\r
326\r
327 If Cert is NULL, then return FALSE.\r
328 If CertSize is 0, then return FALSE.\r
329 If this interface is not supported, then return FALSE.\r
330\r
331 @param[in] Cert Pointer to the DER-encoded X509 certificate.\r
332 @param[in] CertSize Size of the X509 certificate in bytes.\r
333 @param[out] Version Pointer to the retrieved version integer.\r
334\r
335 @retval TRUE The certificate version retrieved successfully.\r
336 @retval FALSE If Cert is NULL or CertSize is Zero.\r
337 @retval FALSE The operation is not supported.\r
338\r
339**/\r
340BOOLEAN\r
341EFIAPI\r
342X509GetVersion (\r
343 IN CONST UINT8 *Cert,\r
344 IN UINTN CertSize,\r
345 OUT UINTN *Version\r
346 )\r
347{\r
348 ASSERT (FALSE);\r
349 return FALSE;\r
350}\r
351\r
352/**\r
353 Retrieve the serialNumber from one X.509 certificate.\r
354\r
355 If Cert is NULL, then return FALSE.\r
356 If CertSize is 0, then return FALSE.\r
357 If this interface is not supported, then return FALSE.\r
358\r
359 @param[in] Cert Pointer to the DER-encoded X509 certificate.\r
360 @param[in] CertSize Size of the X509 certificate in bytes.\r
361 @param[out] SerialNumber Pointer to the retrieved certificate SerialNumber bytes.\r
362 @param[in, out] SerialNumberSize The size in bytes of the SerialNumber buffer on input,\r
363 and the size of buffer returned SerialNumber on output.\r
364\r
365 @retval TRUE The certificate serialNumber retrieved successfully.\r
366 @retval FALSE If Cert is NULL or CertSize is Zero.\r
367 If SerialNumberSize is NULL.\r
368 If Certificate is invalid.\r
369 @retval FALSE If no SerialNumber exists.\r
370 @retval FALSE If the SerialNumber is NULL. The required buffer size\r
371 (including the final null) is returned in the\r
372 SerialNumberSize parameter.\r
373 @retval FALSE The operation is not supported.\r
374**/\r
375BOOLEAN\r
376EFIAPI\r
377X509GetSerialNumber (\r
378 IN CONST UINT8 *Cert,\r
379 IN UINTN CertSize,\r
380 OUT UINT8 *SerialNumber, OPTIONAL\r
381 IN OUT UINTN *SerialNumberSize\r
382 )\r
383{\r
384 ASSERT (FALSE);\r
385 return FALSE;\r
386}\r
387\r
388/**\r
389 Retrieve the issuer bytes from one X.509 certificate.\r
390\r
391 If Cert is NULL, then return FALSE.\r
392 If CertIssuerSize is NULL, then return FALSE.\r
393 If this interface is not supported, then return FALSE.\r
394\r
395 @param[in] Cert Pointer to the DER-encoded X509 certificate.\r
396 @param[in] CertSize Size of the X509 certificate in bytes.\r
397 @param[out] CertIssuer Pointer to the retrieved certificate subject bytes.\r
398 @param[in, out] CertIssuerSize The size in bytes of the CertIssuer buffer on input,\r
399 and the size of buffer returned CertSubject on output.\r
400\r
401 @retval TRUE The certificate issuer retrieved successfully.\r
402 @retval FALSE Invalid certificate, or the CertIssuerSize is too small for the result.\r
403 The CertIssuerSize will be updated with the required size.\r
404 @retval FALSE This interface is not supported.\r
405\r
406**/\r
407BOOLEAN\r
408EFIAPI\r
409X509GetIssuerName (\r
410 IN CONST UINT8 *Cert,\r
411 IN UINTN CertSize,\r
412 OUT UINT8 *CertIssuer,\r
413 IN OUT UINTN *CertIssuerSize\r
414 )\r
415{\r
416 ASSERT (FALSE);\r
417 return FALSE;\r
418}\r
419\r
420/**\r
421 Retrieve the Signature Algorithm from one X.509 certificate.\r
422\r
423 @param[in] Cert Pointer to the DER-encoded X509 certificate.\r
424 @param[in] CertSize Size of the X509 certificate in bytes.\r
425 @param[out] Oid Signature Algorithm Object identifier buffer.\r
426 @param[in,out] OidSize Signature Algorithm Object identifier buffer size\r
427\r
428 @retval TRUE The certificate Extension data retrieved successfully.\r
429 @retval FALSE If Cert is NULL.\r
430 If OidSize is NULL.\r
431 If Oid is not NULL and *OidSize is 0.\r
432 If Certificate is invalid.\r
433 @retval FALSE If no SignatureType.\r
434 @retval FALSE If the Oid is NULL. The required buffer size\r
435 is returned in the OidSize.\r
436 @retval FALSE The operation is not supported.\r
437**/\r
438BOOLEAN\r
439EFIAPI\r
440X509GetSignatureAlgorithm (\r
441 IN CONST UINT8 *Cert,\r
442 IN UINTN CertSize,\r
443 OUT UINT8 *Oid, OPTIONAL\r
444 IN OUT UINTN *OidSize\r
445 )\r
446{\r
447 ASSERT (FALSE);\r
448 return FALSE;\r
449}\r
450\r
451/**\r
452 Retrieve Extension data from one X.509 certificate.\r
453\r
454 @param[in] Cert Pointer to the DER-encoded X509 certificate.\r
455 @param[in] CertSize Size of the X509 certificate in bytes.\r
456 @param[in] Oid Object identifier buffer\r
457 @param[in] OidSize Object identifier buffer size\r
458 @param[out] ExtensionData Extension bytes.\r
459 @param[in, out] ExtensionDataSize Extension bytes size.\r
460\r
461 @retval TRUE The certificate Extension data retrieved successfully.\r
462 @retval FALSE If Cert is NULL.\r
463 If ExtensionDataSize is NULL.\r
464 If ExtensionData is not NULL and *ExtensionDataSize is 0.\r
465 If Certificate is invalid.\r
466 @retval FALSE If no Extension entry match Oid.\r
467 @retval FALSE If the ExtensionData is NULL. The required buffer size\r
468 is returned in the ExtensionDataSize parameter.\r
469 @retval FALSE The operation is not supported.\r
470**/\r
471BOOLEAN\r
472EFIAPI\r
473X509GetExtensionData (\r
474 IN CONST UINT8 *Cert,\r
475 IN UINTN CertSize,\r
476 IN CONST UINT8 *Oid,\r
477 IN UINTN OidSize,\r
478 OUT UINT8 *ExtensionData,\r
479 IN OUT UINTN *ExtensionDataSize\r
480 )\r
481{\r
482 ASSERT (FALSE);\r
483 return FALSE;\r
484}\r
485\r
486/**\r
487 Retrieve the Extended Key Usage from one X.509 certificate.\r
488\r
489 @param[in] Cert Pointer to the DER-encoded X509 certificate.\r
490 @param[in] CertSize Size of the X509 certificate in bytes.\r
491 @param[out] Usage Key Usage bytes.\r
492 @param[in, out] UsageSize Key Usage buffer sizs in bytes.\r
493\r
494 @retval TRUE The Usage bytes retrieve successfully.\r
495 @retval FALSE If Cert is NULL.\r
496 If CertSize is NULL.\r
497 If Usage is not NULL and *UsageSize is 0.\r
498 If Cert is invalid.\r
499 @retval FALSE If the Usage is NULL. The required buffer size\r
500 is returned in the UsageSize parameter.\r
501 @retval FALSE The operation is not supported.\r
502**/\r
503BOOLEAN\r
504EFIAPI\r
505X509GetExtendedKeyUsage (\r
506 IN CONST UINT8 *Cert,\r
507 IN UINTN CertSize,\r
508 OUT UINT8 *Usage,\r
509 IN OUT UINTN *UsageSize\r
510 )\r
511{\r
512 ASSERT (FALSE);\r
513 return FALSE;\r
514}\r
515\r
516/**\r
517 Retrieve the Validity from one X.509 certificate\r
518\r
519 If Cert is NULL, then return FALSE.\r
520 If CertIssuerSize is NULL, then return FALSE.\r
521 If this interface is not supported, then return FALSE.\r
522\r
523 @param[in] Cert Pointer to the DER-encoded X509 certificate.\r
524 @param[in] CertSize Size of the X509 certificate in bytes.\r
525 @param[in] From notBefore Pointer to DateTime object.\r
526 @param[in,out] FromSize notBefore DateTime object size.\r
527 @param[in] To notAfter Pointer to DateTime object.\r
528 @param[in,out] ToSize notAfter DateTime object size.\r
529\r
530 Note: X509CompareDateTime to compare DateTime oject\r
531 x509SetDateTime to get a DateTime object from a DateTimeStr\r
532\r
533 @retval TRUE The certificate Validity retrieved successfully.\r
534 @retval FALSE Invalid certificate, or Validity retrieve failed.\r
535 @retval FALSE This interface is not supported.\r
536**/\r
537BOOLEAN\r
538EFIAPI\r
539X509GetValidity (\r
540 IN CONST UINT8 *Cert,\r
541 IN UINTN CertSize,\r
542 IN UINT8 *From,\r
543 IN OUT UINTN *FromSize,\r
544 IN UINT8 *To,\r
545 IN OUT UINTN *ToSize\r
546 )\r
547{\r
548 ASSERT (FALSE);\r
549 return FALSE;\r
550}\r
551\r
552/**\r
553 Format a DateTimeStr to DataTime object in DataTime Buffer\r
554\r
555 If DateTimeStr is NULL, then return FALSE.\r
556 If DateTimeSize is NULL, then return FALSE.\r
557 If this interface is not supported, then return FALSE.\r
558\r
559 @param[in] DateTimeStr DateTime string like YYYYMMDDhhmmssZ\r
560 Ref: https://www.w3.org/TR/NOTE-datetime\r
561 Z stand for UTC time\r
562 @param[out] DateTime Pointer to a DateTime object.\r
563 @param[in,out] DateTimeSize DateTime object buffer size.\r
564\r
565 @retval TRUE The DateTime object create successfully.\r
566 @retval FALSE If DateTimeStr is NULL.\r
567 If DateTimeSize is NULL.\r
568 If DateTime is not NULL and *DateTimeSize is 0.\r
569 If Year Month Day Hour Minute Second combination is invalid datetime.\r
570 @retval FALSE If the DateTime is NULL. The required buffer size\r
571 (including the final null) is returned in the\r
572 DateTimeSize parameter.\r
573 @retval FALSE The operation is not supported.\r
574**/\r
575BOOLEAN\r
576EFIAPI\r
577X509FormatDateTime (\r
578 IN CONST CHAR8 *DateTimeStr,\r
579 OUT VOID *DateTime,\r
580 IN OUT UINTN *DateTimeSize\r
581 )\r
582{\r
583 ASSERT (FALSE);\r
584 return FALSE;\r
585}\r
586\r
587/**\r
588 Compare DateTime1 object and DateTime2 object.\r
589\r
590 If DateTime1 is NULL, then return -2.\r
591 If DateTime2 is NULL, then return -2.\r
592 If DateTime1 == DateTime2, then return 0\r
593 If DateTime1 > DateTime2, then return 1\r
594 If DateTime1 < DateTime2, then return -1\r
595\r
596 @param[in] DateTime1 Pointer to a DateTime Ojbect\r
597 @param[in] DateTime2 Pointer to a DateTime Object\r
598\r
599 @retval 0 If DateTime1 == DateTime2\r
600 @retval 1 If DateTime1 > DateTime2\r
601 @retval -1 If DateTime1 < DateTime2\r
602**/\r
603INT32\r
604EFIAPI\r
605X509CompareDateTime (\r
606 IN CONST VOID *DateTime1,\r
607 IN CONST VOID *DateTime2\r
608 )\r
609{\r
610 ASSERT (FALSE);\r
611 return -3;\r
612}\r
613\r
614/**\r
615 Retrieve the Key Usage from one X.509 certificate.\r
616\r
617 @param[in] Cert Pointer to the DER-encoded X509 certificate.\r
618 @param[in] CertSize Size of the X509 certificate in bytes.\r
619 @param[out] Usage Key Usage (CRYPTO_X509_KU_*)\r
620\r
621 @retval TRUE The certificate Key Usage retrieved successfully.\r
622 @retval FALSE Invalid certificate, or Usage is NULL\r
623 @retval FALSE This interface is not supported.\r
624**/\r
625BOOLEAN\r
626EFIAPI\r
627X509GetKeyUsage (\r
628 IN CONST UINT8 *Cert,\r
629 IN UINTN CertSize,\r
630 OUT UINTN *Usage\r
631 )\r
632{\r
633 ASSERT (FALSE);\r
634 return FALSE;\r
635}\r
636\r
637/**\r
638 Verify one X509 certificate was issued by the trusted CA.\r
639 @param[in] RootCert Trusted Root Certificate buffer\r
640\r
641 @param[in] RootCertLength Trusted Root Certificate buffer length\r
642 @param[in] CertChain One or more ASN.1 DER-encoded X.509 certificates\r
643 where the first certificate is signed by the Root\r
644 Certificate or is the Root Cerificate itself. and\r
645 subsequent cerificate is signed by the preceding\r
646 cerificate.\r
647 @param[in] CertChainLength Total length of the certificate chain, in bytes.\r
648\r
649 @retval TRUE All cerificates was issued by the first certificate in X509Certchain.\r
650 @retval FALSE Invalid certificate or the certificate was not issued by the given\r
651 trusted CA.\r
652**/\r
653BOOLEAN\r
654EFIAPI\r
655X509VerifyCertChain (\r
656 IN CONST UINT8 *RootCert,\r
657 IN UINTN RootCertLength,\r
658 IN CONST UINT8 *CertChain,\r
659 IN UINTN CertChainLength\r
660 )\r
661{\r
662 ASSERT (FALSE);\r
663 return FALSE;\r
664}\r
665\r
666/**\r
667 Get one X509 certificate from CertChain.\r
668\r
669 @param[in] CertChain One or more ASN.1 DER-encoded X.509 certificates\r
670 where the first certificate is signed by the Root\r
671 Certificate or is the Root Cerificate itself. and\r
672 subsequent cerificate is signed by the preceding\r
673 cerificate.\r
674 @param[in] CertChainLength Total length of the certificate chain, in bytes.\r
675\r
676 @param[in] CertIndex Index of certificate.\r
677\r
678 @param[out] Cert The certificate at the index of CertChain.\r
679 @param[out] CertLength The length certificate at the index of CertChain.\r
680\r
681 @retval TRUE Success.\r
682 @retval FALSE Failed to get certificate from certificate chain.\r
683**/\r
684BOOLEAN\r
685EFIAPI\r
686X509GetCertFromCertChain (\r
687 IN CONST UINT8 *CertChain,\r
688 IN UINTN CertChainLength,\r
689 IN CONST INT32 CertIndex,\r
690 OUT CONST UINT8 **Cert,\r
691 OUT UINTN *CertLength\r
692 )\r
693{\r
694 ASSERT (FALSE);\r
695 return FALSE;\r
696}\r
697\r
698/**\r
699 Retrieve the tag and length of the tag.\r
700\r
701 @param Ptr The position in the ASN.1 data\r
702 @param End End of data\r
703 @param Length The variable that will receive the length\r
704 @param Tag The expected tag\r
705\r
706 @retval TRUE Get tag successful\r
707 @retval FALSe Failed to get tag or tag not match\r
708**/\r
709BOOLEAN\r
710EFIAPI\r
711Asn1GetTag (\r
712 IN OUT UINT8 **Ptr,\r
713 IN CONST UINT8 *End,\r
714 OUT UINTN *Length,\r
715 IN UINT32 Tag\r
716 )\r
717{\r
718 ASSERT (FALSE);\r
719 return FALSE;\r
720}\r
721\r
722/**\r
723 Retrieve the basic constraints from one X.509 certificate.\r
724\r
725 @param[in] Cert Pointer to the DER-encoded X509 certificate.\r
726 @param[in] CertSize size of the X509 certificate in bytes.\r
727 @param[out] BasicConstraints basic constraints bytes.\r
728 @param[in, out] BasicConstraintsSize basic constraints buffer sizs in bytes.\r
729\r
730 @retval TRUE The basic constraints retrieve successfully.\r
731 @retval FALSE If cert is NULL.\r
732 If cert_size is NULL.\r
733 If basic_constraints is not NULL and *basic_constraints_size is 0.\r
734 If cert is invalid.\r
735 @retval FALSE The required buffer size is small.\r
736 The return buffer size is basic_constraints_size parameter.\r
737 @retval FALSE If no Extension entry match oid.\r
738 @retval FALSE The operation is not supported.\r
739 **/\r
740BOOLEAN\r
741EFIAPI\r
742X509GetExtendedBasicConstraints (\r
743 CONST UINT8 *Cert,\r
744 UINTN CertSize,\r
745 UINT8 *BasicConstraints,\r
746 UINTN *BasicConstraintsSize\r
747 )\r
748{\r
749 ASSERT (FALSE);\r
750 return FALSE;\r
751}\r
EFI Development Kit II mirror for PVE