2012-07-18 11:32:05 +02:00
|
|
|
/** @file
|
|
|
|
X.509 Certificate Handler Wrapper Implementation which does not provide
|
|
|
|
real capabilities.
|
|
|
|
|
2019-11-21 02:14:16 +01:00
|
|
|
Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.<BR>
|
2019-04-04 01:03:30 +02:00
|
|
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
2012-07-18 11:32:05 +02:00
|
|
|
|
|
|
|
**/
|
|
|
|
|
|
|
|
#include "InternalCryptLib.h"
|
|
|
|
|
|
|
|
/**
|
|
|
|
Construct a X509 object from DER-encoded certificate data.
|
|
|
|
|
|
|
|
Return FALSE to indicate this interface is not supported.
|
|
|
|
|
|
|
|
@param[in] Cert Pointer to the DER-encoded certificate data.
|
|
|
|
@param[in] CertSize The size of certificate data in bytes.
|
|
|
|
@param[out] SingleX509Cert The generated X509 object.
|
|
|
|
|
|
|
|
@retval FALSE This interface is not supported.
|
|
|
|
|
|
|
|
**/
|
|
|
|
BOOLEAN
|
|
|
|
EFIAPI
|
|
|
|
X509ConstructCertificate (
|
|
|
|
IN CONST UINT8 *Cert,
|
|
|
|
IN UINTN CertSize,
|
|
|
|
OUT UINT8 **SingleX509Cert
|
|
|
|
)
|
|
|
|
{
|
|
|
|
ASSERT (FALSE);
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
2019-11-21 02:14:16 +01:00
|
|
|
/**
|
|
|
|
Construct a X509 stack object from a list of DER-encoded certificate data.
|
|
|
|
|
|
|
|
If X509Stack is NULL, then return FALSE.
|
|
|
|
If this interface is not supported, then return FALSE.
|
|
|
|
|
|
|
|
@param[in, out] X509Stack On input, pointer to an existing or NULL X509 stack object.
|
|
|
|
On output, pointer to the X509 stack object with new
|
|
|
|
inserted X509 certificate.
|
|
|
|
@param[in] Args VA_LIST marker for the variable argument list.
|
|
|
|
A list of DER-encoded single certificate data followed
|
|
|
|
by certificate size. A NULL terminates the list. The
|
|
|
|
pairs are the arguments to X509ConstructCertificate().
|
|
|
|
|
|
|
|
@retval TRUE The X509 stack construction succeeded.
|
|
|
|
@retval FALSE The construction operation failed.
|
|
|
|
@retval FALSE This interface is not supported.
|
|
|
|
|
|
|
|
**/
|
|
|
|
BOOLEAN
|
|
|
|
EFIAPI
|
|
|
|
X509ConstructCertificateStackV (
|
|
|
|
IN OUT UINT8 **X509Stack,
|
|
|
|
IN VA_LIST Args
|
|
|
|
)
|
|
|
|
{
|
|
|
|
ASSERT (FALSE);
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
2012-07-18 11:32:05 +02:00
|
|
|
/**
|
|
|
|
Construct a X509 stack object from a list of DER-encoded certificate data.
|
|
|
|
|
|
|
|
Return FALSE to indicate this interface is not supported.
|
|
|
|
|
2015-06-19 04:46:51 +02:00
|
|
|
@param[in, out] X509Stack On input, pointer to an existing or NULL X509 stack object.
|
2012-07-18 11:32:05 +02:00
|
|
|
On output, pointer to the X509 stack object with new
|
|
|
|
inserted X509 certificate.
|
|
|
|
@param ... A list of DER-encoded single certificate data followed
|
|
|
|
by certificate size. A NULL terminates the list. The
|
|
|
|
pairs are the arguments to X509ConstructCertificate().
|
2018-06-27 11:32:13 +02:00
|
|
|
|
2012-07-18 11:32:05 +02:00
|
|
|
@retval FALSE This interface is not supported.
|
|
|
|
|
|
|
|
**/
|
|
|
|
BOOLEAN
|
|
|
|
EFIAPI
|
|
|
|
X509ConstructCertificateStack (
|
|
|
|
IN OUT UINT8 **X509Stack,
|
2018-06-27 11:32:13 +02:00
|
|
|
...
|
2012-07-18 11:32:05 +02:00
|
|
|
)
|
|
|
|
{
|
|
|
|
ASSERT (FALSE);
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
Release the specified X509 object.
|
|
|
|
|
|
|
|
If the interface is not supported, then ASSERT().
|
|
|
|
|
|
|
|
@param[in] X509Cert Pointer to the X509 object to be released.
|
|
|
|
|
|
|
|
**/
|
|
|
|
VOID
|
|
|
|
EFIAPI
|
|
|
|
X509Free (
|
|
|
|
IN VOID *X509Cert
|
|
|
|
)
|
2018-06-27 11:32:13 +02:00
|
|
|
{
|
2012-07-18 11:32:05 +02:00
|
|
|
ASSERT (FALSE);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
Release the specified X509 stack object.
|
|
|
|
|
|
|
|
If the interface is not supported, then ASSERT().
|
|
|
|
|
|
|
|
@param[in] X509Stack Pointer to the X509 stack object to be released.
|
|
|
|
|
|
|
|
**/
|
|
|
|
VOID
|
|
|
|
EFIAPI
|
|
|
|
X509StackFree (
|
|
|
|
IN VOID *X509Stack
|
|
|
|
)
|
|
|
|
{
|
|
|
|
ASSERT (FALSE);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
Retrieve the subject bytes from one X.509 certificate.
|
|
|
|
|
|
|
|
Return FALSE to indicate this interface is not supported.
|
|
|
|
|
|
|
|
@param[in] Cert Pointer to the DER-encoded X509 certificate.
|
|
|
|
@param[in] CertSize Size of the X509 certificate in bytes.
|
|
|
|
@param[out] CertSubject Pointer to the retrieved certificate subject bytes.
|
|
|
|
@param[in, out] SubjectSize The size in bytes of the CertSubject buffer on input,
|
|
|
|
and the size of buffer returned CertSubject on output.
|
|
|
|
|
|
|
|
|
|
|
|
@retval FALSE This interface is not supported.
|
|
|
|
|
|
|
|
**/
|
|
|
|
BOOLEAN
|
|
|
|
EFIAPI
|
|
|
|
X509GetSubjectName (
|
|
|
|
IN CONST UINT8 *Cert,
|
|
|
|
IN UINTN CertSize,
|
|
|
|
OUT UINT8 *CertSubject,
|
|
|
|
IN OUT UINTN *SubjectSize
|
|
|
|
)
|
|
|
|
{
|
|
|
|
ASSERT (FALSE);
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
2017-09-24 17:42:16 +02:00
|
|
|
/**
|
|
|
|
Retrieve the common name (CN) string from one X.509 certificate.
|
|
|
|
|
|
|
|
Return RETURN_UNSUPPORTED to indicate this interface is not supported.
|
|
|
|
|
|
|
|
@param[in] Cert Pointer to the DER-encoded X509 certificate.
|
|
|
|
@param[in] CertSize Size of the X509 certificate in bytes.
|
|
|
|
@param[out] CommonName Buffer to contain the retrieved certificate common
|
2018-05-24 10:08:51 +02:00
|
|
|
name string (UTF8). At most CommonNameSize bytes will be
|
2017-09-24 17:42:16 +02:00
|
|
|
written and the string will be null terminated. May be
|
|
|
|
NULL in order to determine the size buffer needed.
|
|
|
|
@param[in,out] CommonNameSize The size in bytes of the CommonName buffer on input,
|
|
|
|
and the size of buffer returned CommonName on output.
|
|
|
|
If CommonName is NULL then the amount of space needed
|
|
|
|
in buffer (including the final null) is returned.
|
|
|
|
|
|
|
|
@retval RETURN_UNSUPPORTED The operation is not supported.
|
|
|
|
|
|
|
|
**/
|
|
|
|
RETURN_STATUS
|
|
|
|
EFIAPI
|
|
|
|
X509GetCommonName (
|
|
|
|
IN CONST UINT8 *Cert,
|
|
|
|
IN UINTN CertSize,
|
2021-12-03 03:00:39 +01:00
|
|
|
OUT CHAR8 *CommonName OPTIONAL,
|
2017-09-24 17:42:16 +02:00
|
|
|
IN OUT UINTN *CommonNameSize
|
|
|
|
)
|
|
|
|
{
|
|
|
|
ASSERT (FALSE);
|
|
|
|
return RETURN_UNSUPPORTED;
|
|
|
|
}
|
|
|
|
|
2019-03-25 05:01:09 +01:00
|
|
|
/**
|
|
|
|
Retrieve the organization name (ON) string from one X.509 certificate.
|
|
|
|
|
|
|
|
Return RETURN_UNSUPPORTED to indicate this interface is not supported.
|
|
|
|
|
|
|
|
@param[in] Cert Pointer to the DER-encoded X509 certificate.
|
|
|
|
@param[in] CertSize Size of the X509 certificate in bytes.
|
|
|
|
@param[out] NameBuffer Buffer to contain the retrieved certificate organization
|
|
|
|
name string. At most NameBufferSize bytes will be
|
|
|
|
written and the string will be null terminated. May be
|
|
|
|
NULL in order to determine the size buffer needed.
|
|
|
|
@param[in,out] NameBufferSize The size in bytes of the Name buffer on input,
|
|
|
|
and the size of buffer returned Name on output.
|
|
|
|
If NameBuffer is NULL then the amount of space needed
|
|
|
|
in buffer (including the final null) is returned.
|
|
|
|
|
|
|
|
@retval RETURN_UNSUPPORTED The operation is not supported.
|
|
|
|
|
|
|
|
**/
|
|
|
|
RETURN_STATUS
|
|
|
|
EFIAPI
|
|
|
|
X509GetOrganizationName (
|
2021-12-05 23:53:54 +01:00
|
|
|
IN CONST UINT8 *Cert,
|
|
|
|
IN UINTN CertSize,
|
|
|
|
OUT CHAR8 *NameBuffer OPTIONAL,
|
|
|
|
IN OUT UINTN *NameBufferSize
|
2019-03-25 05:01:09 +01:00
|
|
|
)
|
|
|
|
{
|
|
|
|
ASSERT (FALSE);
|
|
|
|
return RETURN_UNSUPPORTED;
|
|
|
|
}
|
|
|
|
|
2012-07-18 11:32:05 +02:00
|
|
|
/**
|
|
|
|
Retrieve the RSA Public Key from one DER-encoded X509 certificate.
|
|
|
|
|
|
|
|
Return FALSE to indicate this interface is not supported.
|
|
|
|
|
|
|
|
@param[in] Cert Pointer to the DER-encoded X509 certificate.
|
|
|
|
@param[in] CertSize Size of the X509 certificate in bytes.
|
|
|
|
@param[out] RsaContext Pointer to new-generated RSA context which contain the retrieved
|
|
|
|
RSA public key component. Use RsaFree() function to free the
|
|
|
|
resource.
|
|
|
|
|
|
|
|
@retval FALSE This interface is not supported.
|
|
|
|
|
|
|
|
**/
|
|
|
|
BOOLEAN
|
|
|
|
EFIAPI
|
|
|
|
RsaGetPublicKeyFromX509 (
|
|
|
|
IN CONST UINT8 *Cert,
|
|
|
|
IN UINTN CertSize,
|
|
|
|
OUT VOID **RsaContext
|
|
|
|
)
|
|
|
|
{
|
|
|
|
ASSERT (FALSE);
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
Verify one X509 certificate was issued by the trusted CA.
|
|
|
|
|
|
|
|
Return FALSE to indicate this interface is not supported.
|
|
|
|
|
|
|
|
@param[in] Cert Pointer to the DER-encoded X509 certificate to be verified.
|
|
|
|
@param[in] CertSize Size of the X509 certificate in bytes.
|
|
|
|
@param[in] CACert Pointer to the DER-encoded trusted CA certificate.
|
|
|
|
@param[in] CACertSize Size of the CA Certificate in bytes.
|
|
|
|
|
|
|
|
@retval FALSE This interface is not supported.
|
2018-06-27 11:32:13 +02:00
|
|
|
|
2012-07-18 11:32:05 +02:00
|
|
|
**/
|
|
|
|
BOOLEAN
|
|
|
|
EFIAPI
|
|
|
|
X509VerifyCert (
|
|
|
|
IN CONST UINT8 *Cert,
|
|
|
|
IN UINTN CertSize,
|
|
|
|
IN CONST UINT8 *CACert,
|
|
|
|
IN UINTN CACertSize
|
|
|
|
)
|
|
|
|
{
|
|
|
|
ASSERT (FALSE);
|
|
|
|
return FALSE;
|
|
|
|
}
|
2014-12-25 09:37:08 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
Retrieve the TBSCertificate from one given X.509 certificate.
|
|
|
|
|
|
|
|
Return FALSE to indicate this interface is not supported.
|
|
|
|
|
|
|
|
@param[in] Cert Pointer to the given DER-encoded X509 certificate.
|
|
|
|
@param[in] CertSize Size of the X509 certificate in bytes.
|
|
|
|
@param[out] TBSCert DER-Encoded To-Be-Signed certificate.
|
|
|
|
@param[out] TBSCertSize Size of the TBS certificate in bytes.
|
|
|
|
|
|
|
|
@retval FALSE This interface is not supported.
|
|
|
|
|
|
|
|
**/
|
|
|
|
BOOLEAN
|
|
|
|
EFIAPI
|
|
|
|
X509GetTBSCert (
|
|
|
|
IN CONST UINT8 *Cert,
|
|
|
|
IN UINTN CertSize,
|
|
|
|
OUT UINT8 **TBSCert,
|
|
|
|
OUT UINTN *TBSCertSize
|
|
|
|
)
|
|
|
|
{
|
|
|
|
ASSERT (FALSE);
|
|
|
|
return FALSE;
|
|
|
|
}
|