IN VOID *X509Stack\r
);\r
\r
+/**\r
+ Retrieve the TBSCertificate from one given X.509 certificate.\r
+\r
+ @param[in] Cert Pointer to the given DER-encoded X509 certificate.\r
+ @param[in] CertSize Size of the X509 certificate in bytes.\r
+ @param[out] TBSCert DER-Encoded To-Be-Signed certificate.\r
+ @param[out] TBSCertSize Size of the TBS certificate in bytes.\r
+\r
+ If Cert is NULL, then return FALSE.\r
+ If TBSCert is NULL, then return FALSE.\r
+ If TBSCertSize is NULL, then return FALSE.\r
+ If this interface is not supported, then return FALSE.\r
+\r
+ @retval TRUE The TBSCertificate was retrieved successfully.\r
+ @retval FALSE Invalid X.509 certificate.\r
+\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+X509GetTBSCert (\r
+ IN CONST UINT8 *Cert,\r
+ IN UINTN CertSize,\r
+ OUT UINT8 **TBSCert,\r
+ OUT UINTN *TBSCertSize\r
+ );\r
+\r
/**\r
Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7:\r
Cryptographic Message Syntax Standard". The input signed data could be wrapped\r
signature.\r
\r
If AuthData is NULL, then return FALSE.\r
+ If this interface is not supported, then return FALSE.\r
\r
@param[in] AuthData Pointer to the Authenticode Signature retrieved from signed\r
PE/COFF image to be verified.\r