CryptoPkg/BaseCryptLib: split CryptPkcs7Verify.c on behalf of runtime

[mirror_edk2.git] / CryptoPkg / Library / BaseCryptLib / InternalCryptLib.h

diff --git a/CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h b/CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h
index 8cccf72567de358c5fd61489681d10e9830950c6..026793f66453776ec75593bc239c10fb963486ee 100644 (file)
--- a/CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h
+++ b/CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h
@@ -33,4 +33,36 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #define OBJ_length(o) ((o)->length)\r
 #endif\r
 \r
+/**\r
+  Check input P7Data is a wrapped ContentInfo structure or not. If not construct\r
+  a new structure to wrap P7Data.\r
+\r
+  Caution: This function may receive untrusted input.\r
+  UEFI Authenticated Variable is external input, so this function will do basic\r
+  check for PKCS#7 data structure.\r
+\r
+  @param[in]  P7Data       Pointer to the PKCS#7 message to verify.\r
+  @param[in]  P7Length     Length of the PKCS#7 message in bytes.\r
+  @param[out] WrapFlag     If TRUE P7Data is a ContentInfo structure, otherwise\r
+                           return FALSE.\r
+  @param[out] WrapData     If return status of this function is TRUE:\r
+                           1) when WrapFlag is TRUE, pointer to P7Data.\r
+                           2) when WrapFlag is FALSE, pointer to a new ContentInfo\r
+                           structure. It's caller's responsibility to free this\r
+                           buffer.\r
+  @param[out] WrapDataSize Length of ContentInfo structure in bytes.\r
+\r
+  @retval     TRUE         The operation is finished successfully.\r
+  @retval     FALSE        The operation is failed due to lack of resources.\r
+\r
+**/\r
+BOOLEAN\r
+WrapPkcs7Data (\r
+  IN  CONST UINT8  *P7Data,\r
+  IN  UINTN        P7Length,\r
+  OUT BOOLEAN      *WrapFlag,\r
+  OUT UINT8        **WrapData,\r
+  OUT UINTN        *WrapDataSize\r
+  );\r
+\r
 #endif\r