]>
git.proxmox.com Git - mirror_edk2.git/blob - CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyNull.c
2 PKCS#7 SignedData Verification Wrapper Implementation which does not provide
5 Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution. The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
16 #include "InternalCryptLib.h"
19 Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7:
20 Cryptographic Message Syntax Standard". The input signed data could be wrapped
21 in a ContentInfo structure.
23 Return FALSE to indicate this interface is not supported.
25 @param[in] P7Data Pointer to the PKCS#7 message to verify.
26 @param[in] P7Length Length of the PKCS#7 message in bytes.
27 @param[out] CertStack Pointer to Signer's certificates retrieved from P7Data.
28 It's caller's responsibility to free the buffer with
30 This data structure is EFI_CERT_STACK type.
31 @param[out] StackLength Length of signer's certificates in bytes.
32 @param[out] TrustedCert Pointer to a trusted certificate from Signer's certificates.
33 It's caller's responsibility to free the buffer with
35 @param[out] CertLength Length of the trusted certificate in bytes.
37 @retval FALSE This interface is not supported.
43 IN CONST UINT8
*P7Data
,
45 OUT UINT8
**CertStack
,
46 OUT UINTN
*StackLength
,
47 OUT UINT8
**TrustedCert
,
56 Wrap function to use free() to free allocated memory for certificates.
58 If the interface is not supported, then ASSERT().
60 @param[in] Certs Pointer to the certificates to be freed.
73 Retrieves all embedded certificates from PKCS#7 signed data as described in "PKCS #7:
74 Cryptographic Message Syntax Standard", and outputs two certificate lists chained and
75 unchained to the signer's certificates.
76 The input signed data could be wrapped in a ContentInfo structure.
78 @param[in] P7Data Pointer to the PKCS#7 message.
79 @param[in] P7Length Length of the PKCS#7 message in bytes.
80 @param[out] SignerChainCerts Pointer to the certificates list chained to signer's
81 certificate. It's caller's responsibility to free the buffer
82 with Pkcs7FreeSigners().
83 This data structure is EFI_CERT_STACK type.
84 @param[out] ChainLength Length of the chained certificates list buffer in bytes.
85 @param[out] UnchainCerts Pointer to the unchained certificates lists. It's caller's
86 responsibility to free the buffer with Pkcs7FreeSigners().
87 This data structure is EFI_CERT_STACK type.
88 @param[out] UnchainLength Length of the unchained certificates list buffer in bytes.
90 @retval TRUE The operation is finished successfully.
91 @retval FALSE Error occurs during the operation.
96 Pkcs7GetCertificatesList (
97 IN CONST UINT8
*P7Data
,
99 OUT UINT8
**SignerChainCerts
,
100 OUT UINTN
*ChainLength
,
101 OUT UINT8
**UnchainCerts
,
102 OUT UINTN
*UnchainLength
110 Verifies the validity of a PKCS#7 signed data as described in "PKCS #7:
111 Cryptographic Message Syntax Standard". The input signed data could be wrapped
112 in a ContentInfo structure.
114 Return FALSE to indicate this interface is not supported.
116 @param[in] P7Data Pointer to the PKCS#7 message to verify.
117 @param[in] P7Length Length of the PKCS#7 message in bytes.
118 @param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which
119 is used for certificate chain verification.
120 @param[in] CertLength Length of the trusted certificate in bytes.
121 @param[in] InData Pointer to the content to be verified.
122 @param[in] DataLength Length of InData in bytes.
124 @retval FALSE This interface is not supported.
130 IN CONST UINT8
*P7Data
,
132 IN CONST UINT8
*TrustedCert
,
134 IN CONST UINT8
*InData
,
143 Extracts the attached content from a PKCS#7 signed data if existed. The input signed
144 data could be wrapped in a ContentInfo structure.
146 Return FALSE to indicate this interface is not supported.
148 @param[in] P7Data Pointer to the PKCS#7 signed data to process.
149 @param[in] P7Length Length of the PKCS#7 signed data in bytes.
150 @param[out] Content Pointer to the extracted content from the PKCS#7 signedData.
151 It's caller's responsibility to free the buffer with FreePool().
152 @param[out] ContentSize The size of the extracted content in bytes.
154 @retval TRUE The P7Data was correctly formatted for processing.
155 @retval FALSE The P7Data was not correctly formatted for processing.
160 Pkcs7GetAttachedContent (
161 IN CONST UINT8
*P7Data
,
164 OUT UINTN
*ContentSize