//\r
// OID ASN.1 Value for SPC_RFC3161_OBJID ("1.3.6.1.4.1.311.3.3.1")\r
//\r
-UINT8 mSpcRFC3161OidValue[] = {\r
+UINT8 mSpcRFC3161OidValue[] = {\r
0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x03, 0x03, 0x01\r
- };\r
+};\r
\r
///\r
/// The messageImprint field SHOULD contain the hash of the datum to be\r
/// hashedMessage OCTET STRING }\r
///\r
typedef struct {\r
- X509_ALGOR *HashAlgorithm;\r
- ASN1_OCTET_STRING *HashedMessage;\r
+ X509_ALGOR *HashAlgorithm;\r
+ ASN1_OCTET_STRING *HashedMessage;\r
} TS_MESSAGE_IMPRINT;\r
\r
//\r
/// micros [1] INTEGER (1..999) OPTIONAL }\r
///\r
typedef struct {\r
- ASN1_INTEGER *Seconds;\r
- ASN1_INTEGER *Millis;\r
- ASN1_INTEGER *Micros;\r
+ ASN1_INTEGER *Seconds;\r
+ ASN1_INTEGER *Millis;\r
+ ASN1_INTEGER *Micros;\r
} TS_ACCURACY;\r
\r
//\r
//\r
DECLARE_ASN1_FUNCTIONS (TS_ACCURACY)\r
ASN1_SEQUENCE (TS_ACCURACY) = {\r
- ASN1_OPT (TS_ACCURACY, Seconds, ASN1_INTEGER),\r
+ ASN1_OPT (TS_ACCURACY, Seconds, ASN1_INTEGER),\r
ASN1_IMP_OPT (TS_ACCURACY, Millis, ASN1_INTEGER, 0),\r
ASN1_IMP_OPT (TS_ACCURACY, Micros, ASN1_INTEGER, 1)\r
} ASN1_SEQUENCE_END (TS_ACCURACY)\r
/// extensions [1] IMPLICIT Extensions OPTIONAL }\r
///\r
typedef struct {\r
- ASN1_INTEGER *Version;\r
- ASN1_OBJECT *Policy;\r
- TS_MESSAGE_IMPRINT *MessageImprint;\r
- ASN1_INTEGER *SerialNumber;\r
- ASN1_GENERALIZEDTIME *GenTime;\r
- TS_ACCURACY *Accuracy;\r
- ASN1_BOOLEAN Ordering;\r
- ASN1_INTEGER *Nonce;\r
- GENERAL_NAME *Tsa;\r
- STACK_OF(X509_EXTENSION) *Extensions;\r
+ ASN1_INTEGER *Version;\r
+ ASN1_OBJECT *Policy;\r
+ TS_MESSAGE_IMPRINT *MessageImprint;\r
+ ASN1_INTEGER *SerialNumber;\r
+ ASN1_GENERALIZEDTIME *GenTime;\r
+ TS_ACCURACY *Accuracy;\r
+ ASN1_BOOLEAN Ordering;\r
+ ASN1_INTEGER *Nonce;\r
+ GENERAL_NAME *Tsa;\r
+ STACK_OF (X509_EXTENSION) *Extensions;\r
} TS_TST_INFO;\r
\r
//\r
//\r
DECLARE_ASN1_FUNCTIONS (TS_TST_INFO)\r
ASN1_SEQUENCE (TS_TST_INFO) = {\r
- ASN1_SIMPLE (TS_TST_INFO, Version, ASN1_INTEGER),\r
- ASN1_SIMPLE (TS_TST_INFO, Policy, ASN1_OBJECT),\r
- ASN1_SIMPLE (TS_TST_INFO, MessageImprint, TS_MESSAGE_IMPRINT),\r
- ASN1_SIMPLE (TS_TST_INFO, SerialNumber, ASN1_INTEGER),\r
- ASN1_SIMPLE (TS_TST_INFO, GenTime, ASN1_GENERALIZEDTIME),\r
- ASN1_OPT (TS_TST_INFO, Accuracy, TS_ACCURACY),\r
- ASN1_OPT (TS_TST_INFO, Ordering, ASN1_FBOOLEAN),\r
- ASN1_OPT (TS_TST_INFO, Nonce, ASN1_INTEGER),\r
- ASN1_EXP_OPT(TS_TST_INFO, Tsa, GENERAL_NAME, 0),\r
- ASN1_IMP_SEQUENCE_OF_OPT (TS_TST_INFO, Extensions, X509_EXTENSION, 1)\r
+ ASN1_SIMPLE (TS_TST_INFO, Version, ASN1_INTEGER),\r
+ ASN1_SIMPLE (TS_TST_INFO, Policy, ASN1_OBJECT),\r
+ ASN1_SIMPLE (TS_TST_INFO, MessageImprint, TS_MESSAGE_IMPRINT),\r
+ ASN1_SIMPLE (TS_TST_INFO, SerialNumber, ASN1_INTEGER),\r
+ ASN1_SIMPLE (TS_TST_INFO, GenTime, ASN1_GENERALIZEDTIME),\r
+ ASN1_OPT (TS_TST_INFO, Accuracy, TS_ACCURACY),\r
+ ASN1_OPT (TS_TST_INFO, Ordering, ASN1_FBOOLEAN),\r
+ ASN1_OPT (TS_TST_INFO, Nonce, ASN1_INTEGER),\r
+ ASN1_EXP_OPT (TS_TST_INFO, Tsa, GENERAL_NAME, 0),\r
+ ASN1_IMP_SEQUENCE_OF_OPT (TS_TST_INFO, Extensions, X509_EXTENSION, 1)\r
} ASN1_SEQUENCE_END (TS_TST_INFO)\r
IMPLEMENT_ASN1_FUNCTIONS (TS_TST_INFO)\r
\r
-\r
/**\r
Convert ASN.1 GeneralizedTime to EFI Time.\r
\r
return FALSE;\r
}\r
\r
- Str = (CONST CHAR8*)Asn1Time->data;\r
+ Str = (CONST CHAR8 *)Asn1Time->data;\r
SetMem (EfiTime, sizeof (EFI_TIME), 0);\r
\r
Index = 0;\r
- if (Asn1Time->type == V_ASN1_UTCTIME) { /* two digit year */\r
+ if (Asn1Time->type == V_ASN1_UTCTIME) {\r
+ /* two digit year */\r
EfiTime->Year = (Str[Index++] - '0') * 10;\r
EfiTime->Year += (Str[Index++] - '0');\r
if (EfiTime->Year < 70) {\r
EfiTime->Year += 100;\r
}\r
- } else if (Asn1Time->type == V_ASN1_GENERALIZEDTIME) { /* four digit year */\r
+ } else if (Asn1Time->type == V_ASN1_GENERALIZEDTIME) {\r
+ /* four digit year */\r
EfiTime->Year = (Str[Index++] - '0') * 1000;\r
EfiTime->Year += (Str[Index++] - '0') * 100;\r
EfiTime->Year += (Str[Index++] - '0') * 10;\r
}\r
}\r
\r
- EfiTime->Month = (Str[Index++] - '0') * 10;\r
- EfiTime->Month += (Str[Index++] - '0');\r
+ EfiTime->Month = (Str[Index++] - '0') * 10;\r
+ EfiTime->Month += (Str[Index++] - '0');\r
if ((EfiTime->Month < 1) || (EfiTime->Month > 12)) {\r
return FALSE;\r
}\r
\r
- EfiTime->Day = (Str[Index++] - '0') * 10;\r
- EfiTime->Day += (Str[Index++] - '0');\r
+ EfiTime->Day = (Str[Index++] - '0') * 10;\r
+ EfiTime->Day += (Str[Index++] - '0');\r
if ((EfiTime->Day < 1) || (EfiTime->Day > 31)) {\r
return FALSE;\r
}\r
\r
- EfiTime->Hour = (Str[Index++] - '0') * 10;\r
- EfiTime->Hour += (Str[Index++] - '0');\r
+ EfiTime->Hour = (Str[Index++] - '0') * 10;\r
+ EfiTime->Hour += (Str[Index++] - '0');\r
if (EfiTime->Hour > 23) {\r
return FALSE;\r
}\r
goto _Exit;\r
}\r
\r
- MdSize = EVP_MD_size (Md);\r
+ MdSize = EVP_MD_size (Md);\r
HashedMsg = AllocateZeroPool (MdSize);\r
if (HashedMsg == NULL) {\r
goto _Exit;\r
}\r
+\r
MdCtx = EVP_MD_CTX_new ();\r
if (MdCtx == NULL) {\r
goto _Exit;\r
}\r
+\r
if ((EVP_DigestInit_ex (MdCtx, Md, NULL) != 1) ||\r
(EVP_DigestUpdate (MdCtx, TimestampedData, DataSize) != 1) ||\r
- (EVP_DigestFinal (MdCtx, HashedMsg, NULL) != 1)) {\r
+ (EVP_DigestFinal (MdCtx, HashedMsg, NULL) != 1))\r
+ {\r
goto _Exit;\r
}\r
+\r
if ((MdSize == (UINTN)ASN1_STRING_length (Imprint->HashedMessage)) &&\r
- (CompareMem (HashedMsg, ASN1_STRING_get0_data (Imprint->HashedMessage), MdSize) != 0)) {\r
+ (CompareMem (HashedMsg, ASN1_STRING_get0_data (Imprint->HashedMessage), MdSize) != 0))\r
+ {\r
goto _Exit;\r
}\r
\r
// Check input parameters\r
//\r
if ((TSToken == NULL) || (TsaCert == NULL) || (TimestampedData == NULL) ||\r
- (TokenSize > INT_MAX) || (CertSize > INT_MAX) || (DataSize > INT_MAX)) {\r
+ (TokenSize > INT_MAX) || (CertSize > INT_MAX) || (DataSize > INT_MAX))\r
+ {\r
return FALSE;\r
}\r
\r
if (SigningTime != NULL) {\r
SetMem (SigningTime, sizeof (EFI_TIME), 0);\r
}\r
+\r
Pkcs7 = NULL;\r
Cert = NULL;\r
CertStore = NULL;\r
// TimeStamp Token should contain one valid DER-encoded ASN.1 PKCS#7 structure.\r
//\r
TokenTemp = TSToken;\r
- Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **) &TokenTemp, (int) TokenSize);\r
+ Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **)&TokenTemp, (int)TokenSize);\r
if (Pkcs7 == NULL) {\r
goto _Exit;\r
}\r
// Read the trusted TSA certificate (DER-encoded), and Construct X509 Certificate.\r
//\r
CertTemp = TsaCert;\r
- Cert = d2i_X509 (NULL, &CertTemp, (long) CertSize);\r
+ Cert = d2i_X509 (NULL, &CertTemp, (long)CertSize);\r
if (Cert == NULL) {\r
goto _Exit;\r
}\r
// Allow partial certificate chains, terminated by a non-self-signed but\r
// still trusted intermediate certificate. Also disable time checks.\r
//\r
- X509_STORE_set_flags (CertStore,\r
- X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME);\r
+ X509_STORE_set_flags (\r
+ CertStore,\r
+ X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME\r
+ );\r
\r
X509_STORE_set_purpose (CertStore, X509_PURPOSE_ANY);\r
\r
if (OutBio == NULL) {\r
goto _Exit;\r
}\r
+\r
if (!PKCS7_verify (Pkcs7, NULL, CertStore, NULL, OutBio, PKCS7_BINARY)) {\r
goto _Exit;\r
}\r
if (TstData == NULL) {\r
goto _Exit;\r
}\r
- TstSize = BIO_read (OutBio, (void *) TstData, 2048);\r
+\r
+ TstSize = BIO_read (OutBio, (void *)TstData, 2048);\r
\r
//\r
// Construct TS_TST_INFO structure from the signed contents.\r
//\r
TstTemp = TstData;\r
- TstInfo = d2i_TS_TST_INFO (NULL, (const unsigned char **) &TstTemp,\r
- (int)TstSize);\r
+ TstInfo = d2i_TS_TST_INFO (\r
+ NULL,\r
+ (const unsigned char **)&TstTemp,\r
+ (int)TstSize\r
+ );\r
if (TstInfo == NULL) {\r
goto _Exit;\r
}\r
OUT EFI_TIME *SigningTime\r
)\r
{\r
- BOOLEAN Status;\r
- PKCS7 *Pkcs7;\r
- CONST UINT8 *Temp;\r
- STACK_OF(PKCS7_SIGNER_INFO) *SignerInfos;\r
- PKCS7_SIGNER_INFO *SignInfo;\r
- UINTN Index;\r
- STACK_OF(X509_ATTRIBUTE) *Sk;\r
- X509_ATTRIBUTE *Xa;\r
- ASN1_OBJECT *XaObj;\r
- ASN1_TYPE *Asn1Type;\r
- ASN1_OCTET_STRING *EncDigest;\r
- UINT8 *TSToken;\r
- UINTN TokenSize;\r
+ BOOLEAN Status;\r
+ PKCS7 *Pkcs7;\r
+ CONST UINT8 *Temp;\r
+\r
+ STACK_OF (PKCS7_SIGNER_INFO) *SignerInfos;\r
+ PKCS7_SIGNER_INFO *SignInfo;\r
+ UINTN Index;\r
+\r
+ STACK_OF (X509_ATTRIBUTE) *Sk;\r
+ X509_ATTRIBUTE *Xa;\r
+ ASN1_OBJECT *XaObj;\r
+ ASN1_TYPE *Asn1Type;\r
+ ASN1_OCTET_STRING *EncDigest;\r
+ UINT8 *TSToken;\r
+ UINTN TokenSize;\r
\r
//\r
// Input Parameters Checking.\r
// Register & Initialize necessary digest algorithms for PKCS#7 Handling.\r
//\r
if ((EVP_add_digest (EVP_md5 ()) == 0) || (EVP_add_digest (EVP_sha1 ()) == 0) ||\r
- (EVP_add_digest (EVP_sha256 ()) == 0) || (EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA)) == 0) {\r
+ (EVP_add_digest (EVP_sha256 ()) == 0) || ((EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA)) == 0))\r
+ {\r
return FALSE;\r
}\r
\r
//\r
// Initialization.\r
//\r
- Status = FALSE;\r
- Pkcs7 = NULL;\r
- SignInfo = NULL;\r
+ Status = FALSE;\r
+ Pkcs7 = NULL;\r
+ SignInfo = NULL;\r
\r
//\r
// Decode ASN.1-encoded Authenticode data into PKCS7 structure.\r
//\r
Temp = AuthData;\r
- Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **) &Temp, (int) DataSize);\r
+ Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **)&Temp, (int)DataSize);\r
if (Pkcs7 == NULL) {\r
goto _Exit;\r
}\r
// of SignerInfo.\r
//\r
Sk = SignInfo->unauth_attr;\r
- if (Sk == NULL) { // No timestamp counterSignature.\r
+ if (Sk == NULL) {\r
+ // No timestamp counterSignature.\r
goto _Exit;\r
}\r
\r
Asn1Type = NULL;\r
- for (Index = 0; Index < (UINTN) sk_X509_ATTRIBUTE_num (Sk); Index++) {\r
+ for (Index = 0; Index < (UINTN)sk_X509_ATTRIBUTE_num (Sk); Index++) {\r
//\r
// Search valid RFC3161 timestamp counterSignature based on OBJID.\r
//\r
if (Xa == NULL) {\r
continue;\r
}\r
- XaObj = X509_ATTRIBUTE_get0_object(Xa);\r
+\r
+ XaObj = X509_ATTRIBUTE_get0_object (Xa);\r
if (XaObj == NULL) {\r
continue;\r
}\r
- if ((OBJ_length(XaObj) != sizeof (mSpcRFC3161OidValue)) ||\r
- (CompareMem (OBJ_get0_data(XaObj), mSpcRFC3161OidValue, sizeof (mSpcRFC3161OidValue)) != 0)) {\r
+\r
+ if ((OBJ_length (XaObj) != sizeof (mSpcRFC3161OidValue)) ||\r
+ (CompareMem (OBJ_get0_data (XaObj), mSpcRFC3161OidValue, sizeof (mSpcRFC3161OidValue)) != 0))\r
+ {\r
continue;\r
}\r
- Asn1Type = X509_ATTRIBUTE_get0_type(Xa, 0);\r
+\r
+ Asn1Type = X509_ATTRIBUTE_get0_type (Xa, 0);\r
}\r
\r
if (Asn1Type == NULL) {\r
Status = FALSE;\r
goto _Exit;\r
}\r
+\r
TSToken = Asn1Type->value.octet_string->data;\r
TokenSize = Asn1Type->value.octet_string->length;\r
\r