- Generated on Fri Nov 15 2024 18:01:28 for TianoCore EDK2 by
1.9.6
|
TianoCore EDK2 master
|
#include "InternalCryptLib.h"#include <openssl/objects.h>#include <openssl/x509.h>#include <openssl/pkcs7.h>Go to the source code of this file.
Functions | |
| BOOLEAN EFIAPI | AuthenticodeVerify (IN CONST UINT8 *AuthData, IN UINTN DataSize, IN CONST UINT8 *TrustedCert, IN UINTN CertSize, IN CONST UINT8 *ImageHash, IN UINTN HashSize) |
Variables | |
| GLOBAL_REMOVE_IF_UNREFERENCED const UINT8 | mSpcIndirectOidValue [] |
Authenticode Portable Executable Signature Verification over OpenSSL.
Caution: This module requires additional review when modified. This library will have external input - signature (e.g. PE/COFF Authenticode). This external input must be validated carefully to avoid security issue like buffer overflow, integer overflow.
AuthenticodeVerify() will get PE/COFF Authenticode and will do basic check for data structure.
Copyright (c) 2011 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent
Definition in file CryptAuthenticode.c.
| BOOLEAN EFIAPI AuthenticodeVerify | ( | IN CONST UINT8 * | AuthData, |
| IN UINTN | DataSize, | ||
| IN CONST UINT8 * | TrustedCert, | ||
| IN UINTN | CertSize, | ||
| IN CONST UINT8 * | ImageHash, | ||
| IN UINTN | HashSize | ||
| ) |
Verifies the validity of a PE/COFF Authenticode Signature as described in "Windows Authenticode Portable Executable Signature Format".
If AuthData is NULL, then return FALSE. If ImageHash is NULL, then return FALSE.
Caution: This function may receive untrusted input. PE/COFF Authenticode is external input, so this function will do basic check for Authenticode data structure.
| [in] | AuthData | Pointer to the Authenticode Signature retrieved from signed PE/COFF image to be verified. |
| [in] | DataSize | Size of the Authenticode Signature in bytes. |
| [in] | TrustedCert | Pointer to a trusted/root certificate encoded in DER, which is used for certificate chain verification. |
| [in] | CertSize | Size of the trusted certificate in bytes. |
| [in] | ImageHash | Pointer to the original image file hash value. The procedure for calculating the image hash value is described in Authenticode specification. |
| [in] | HashSize | Size of Image hash value in bytes. |
| TRUE | The specified Authenticode Signature is valid. |
| FALSE | Invalid Authenticode Signature. |
Definition at line 58 of file CryptAuthenticode.c.
| GLOBAL_REMOVE_IF_UNREFERENCED const UINT8 mSpcIndirectOidValue[] |
Definition at line 26 of file CryptAuthenticode.c.
1.9.6