mirror of https://github.com/acidanthera/audk.git
101 lines
3.1 KiB
C
101 lines
3.1 KiB
C
/** @file
|
|
PKCS#7 SignedData Verification Wrapper Implementation which does not provide
|
|
real capabilities.
|
|
|
|
Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
|
|
This program and the accompanying materials
|
|
are licensed and made available under the terms and conditions of the BSD License
|
|
which accompanies this distribution. The full text of the license may be found at
|
|
http://opensource.org/licenses/bsd-license.php
|
|
|
|
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
|
|
|
**/
|
|
|
|
#include "InternalCryptLib.h"
|
|
|
|
/**
|
|
Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7:
|
|
Cryptographic Message Syntax Standard". The input signed data could be wrapped
|
|
in a ContentInfo structure.
|
|
|
|
Return FALSE to indicate this interface is not supported.
|
|
|
|
@param[in] P7Data Pointer to the PKCS#7 message to verify.
|
|
@param[in] P7Length Length of the PKCS#7 message in bytes.
|
|
@param[out] CertStack Pointer to Signer's certificates retrieved from P7Data.
|
|
It's caller's responsiblity to free the buffer.
|
|
@param[out] StackLength Length of signer's certificates in bytes.
|
|
@param[out] TrustedCert Pointer to a trusted certificate from Signer's certificates.
|
|
It's caller's responsiblity to free the buffer.
|
|
@param[out] CertLength Length of the trusted certificate in bytes.
|
|
|
|
@retval FALSE This interface is not supported.
|
|
|
|
**/
|
|
BOOLEAN
|
|
EFIAPI
|
|
Pkcs7GetSigners (
|
|
IN CONST UINT8 *P7Data,
|
|
IN UINTN P7Length,
|
|
OUT UINT8 **CertStack,
|
|
OUT UINTN *StackLength,
|
|
OUT UINT8 **TrustedCert,
|
|
OUT UINTN *CertLength
|
|
)
|
|
{
|
|
ASSERT (FALSE);
|
|
return FALSE;
|
|
}
|
|
|
|
/**
|
|
Wrap function to use free() to free allocated memory for certificates.
|
|
|
|
If the interface is not supported, then ASSERT().
|
|
|
|
@param[in] Certs Pointer to the certificates to be freed.
|
|
|
|
**/
|
|
VOID
|
|
EFIAPI
|
|
Pkcs7FreeSigners (
|
|
IN UINT8 *Certs
|
|
)
|
|
{
|
|
ASSERT (FALSE);
|
|
}
|
|
|
|
/**
|
|
Verifies the validility of a PKCS#7 signed data as described in "PKCS #7:
|
|
Cryptographic Message Syntax Standard". The input signed data could be wrapped
|
|
in a ContentInfo structure.
|
|
|
|
Return FALSE to indicate this interface is not supported.
|
|
|
|
@param[in] P7Data Pointer to the PKCS#7 message to verify.
|
|
@param[in] P7Length Length of the PKCS#7 message in bytes.
|
|
@param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which
|
|
is used for certificate chain verification.
|
|
@param[in] CertLength Length of the trusted certificate in bytes.
|
|
@param[in] InData Pointer to the content to be verified.
|
|
@param[in] DataLength Length of InData in bytes.
|
|
|
|
@retval FALSE This interface is not supported.
|
|
|
|
**/
|
|
BOOLEAN
|
|
EFIAPI
|
|
Pkcs7Verify (
|
|
IN CONST UINT8 *P7Data,
|
|
IN UINTN P7Length,
|
|
IN CONST UINT8 *TrustedCert,
|
|
IN UINTN CertLength,
|
|
IN CONST UINT8 *InData,
|
|
IN UINTN DataLength
|
|
)
|
|
{
|
|
ASSERT (FALSE);
|
|
return FALSE;
|
|
}
|