PKCS#7 SignedData Verification Wrapper Implementation which does not provide\r
real capabilities.\r
\r
-Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at\r
@param[in] P7Data Pointer to the PKCS#7 message to verify.\r
@param[in] P7Length Length of the PKCS#7 message in bytes.\r
@param[out] CertStack Pointer to Signer's certificates retrieved from P7Data.\r
- It's caller's responsiblity to free the buffer.\r
+ It's caller's responsibility to free the buffer with\r
+ Pkcs7FreeSigners().\r
+ This data structure is EFI_CERT_STACK type.\r
@param[out] StackLength Length of signer's certificates in bytes.\r
@param[out] TrustedCert Pointer to a trusted certificate from Signer's certificates.\r
- It's caller's responsiblity to free the buffer.\r
+ It's caller's responsibility to free the buffer with\r
+ Pkcs7FreeSigners().\r
@param[out] CertLength Length of the trusted certificate in bytes.\r
\r
@retval FALSE This interface is not supported.\r
Wrap function to use free() to free allocated memory for certificates.\r
\r
If the interface is not supported, then ASSERT().\r
- \r
+\r
@param[in] Certs Pointer to the certificates to be freed.\r
\r
**/\r
}\r
\r
/**\r
- Verifies the validility of a PKCS#7 signed data as described in "PKCS #7:\r
+ Retrieves all embedded certificates from PKCS#7 signed data as described in "PKCS #7:\r
+ Cryptographic Message Syntax Standard", and outputs two certificate lists chained and\r
+ unchained to the signer's certificates.\r
+ The input signed data could be wrapped in a ContentInfo structure.\r
+\r
+ @param[in] P7Data Pointer to the PKCS#7 message.\r
+ @param[in] P7Length Length of the PKCS#7 message in bytes.\r
+ @param[out] SignerChainCerts Pointer to the certificates list chained to signer's\r
+ certificate. It's caller's responsibility to free the buffer\r
+ with Pkcs7FreeSigners().\r
+ This data structure is EFI_CERT_STACK type.\r
+ @param[out] ChainLength Length of the chained certificates list buffer in bytes.\r
+ @param[out] UnchainCerts Pointer to the unchained certificates lists. It's caller's\r
+ responsibility to free the buffer with Pkcs7FreeSigners().\r
+ This data structure is EFI_CERT_STACK type.\r
+ @param[out] UnchainLength Length of the unchained certificates list buffer in bytes.\r
+\r
+ @retval TRUE The operation is finished successfully.\r
+ @retval FALSE Error occurs during the operation.\r
+\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+Pkcs7GetCertificatesList (\r
+ IN CONST UINT8 *P7Data,\r
+ IN UINTN P7Length,\r
+ OUT UINT8 **SignerChainCerts,\r
+ OUT UINTN *ChainLength,\r
+ OUT UINT8 **UnchainCerts,\r
+ OUT UINTN *UnchainLength\r
+ )\r
+{\r
+ ASSERT (FALSE);\r
+ return FALSE;\r
+}\r
+\r
+/**\r
+ Verifies the validity of a PKCS#7 signed data as described in "PKCS #7:\r
Cryptographic Message Syntax Standard". The input signed data could be wrapped\r
in a ContentInfo structure.\r
\r
@param[in] P7Data Pointer to the PKCS#7 signed data to process.\r
@param[in] P7Length Length of the PKCS#7 signed data in bytes.\r
@param[out] Content Pointer to the extracted content from the PKCS#7 signedData.\r
- It's caller's responsiblity to free the buffer.\r
+ It's caller's responsibility to free the buffer with FreePool().\r
@param[out] ContentSize The size of the extracted content in bytes.\r
\r
@retval TRUE The P7Data was correctly formatted for processing.\r
@retval FALSE The P7Data was not correctly formatted for processing.\r
\r
-*/\r
+**/\r
BOOLEAN\r
EFIAPI\r
Pkcs7GetAttachedContent (\r
projects / mirror_edk2.git / blobdiff