TianoCore EDK2 master
Loading...
Searching...
No Matches
CryptPkcs7VerifyNull.c File Reference
#include "InternalCryptLib.h"

Go to the source code of this file.

Functions

BOOLEAN EFIAPI Pkcs7GetSigners (IN CONST UINT8 *P7Data, IN UINTN P7Length, OUT UINT8 **CertStack, OUT UINTN *StackLength, OUT UINT8 **TrustedCert, OUT UINTN *CertLength)
 
VOID EFIAPI Pkcs7FreeSigners (IN UINT8 *Certs)
 
BOOLEAN EFIAPI Pkcs7GetCertificatesList (IN CONST UINT8 *P7Data, IN UINTN P7Length, OUT UINT8 **SignerChainCerts, OUT UINTN *ChainLength, OUT UINT8 **UnchainCerts, OUT UINTN *UnchainLength)
 
BOOLEAN EFIAPI Pkcs7Verify (IN CONST UINT8 *P7Data, IN UINTN P7Length, IN CONST UINT8 *TrustedCert, IN UINTN CertLength, IN CONST UINT8 *InData, IN UINTN DataLength)
 
BOOLEAN EFIAPI Pkcs7GetAttachedContent (IN CONST UINT8 *P7Data, IN UINTN P7Length, OUT VOID **Content, OUT UINTN *ContentSize)
 

Detailed Description

PKCS#7 SignedData Verification Wrapper Implementation which does not provide real capabilities.

Copyright (c) 2023, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent

Definition in file CryptPkcs7VerifyNull.c.

Function Documentation

◆ Pkcs7FreeSigners()

VOID EFIAPI Pkcs7FreeSigners ( IN UINT8 *  Certs)

Wrap function to use free() to free allocated memory for certificates.

If the interface is not supported, then ASSERT().

Parameters
[in]CertsPointer to the certificates to be freed.

Definition at line 59 of file CryptPkcs7VerifyNull.c.

◆ Pkcs7GetAttachedContent()

BOOLEAN EFIAPI Pkcs7GetAttachedContent ( IN CONST UINT8 *  P7Data,
IN UINTN  P7Length,
OUT VOID **  Content,
OUT UINTN ContentSize 
)

Extracts the attached content from a PKCS#7 signed data if existed. The input signed data could be wrapped in a ContentInfo structure.

Return FALSE to indicate this interface is not supported.

Parameters
[in]P7DataPointer to the PKCS#7 signed data to process.
[in]P7LengthLength of the PKCS#7 signed data in bytes.
[out]ContentPointer to the extracted content from the PKCS#7 signedData. It's caller's responsibility to free the buffer with FreePool().
[out]ContentSizeThe size of the extracted content in bytes.
Return values
TRUEThe P7Data was correctly formatted for processing.
FALSEThe P7Data was not correctly formatted for processing.

Definition at line 154 of file CryptPkcs7VerifyNull.c.

◆ Pkcs7GetCertificatesList()

BOOLEAN EFIAPI Pkcs7GetCertificatesList ( IN CONST UINT8 *  P7Data,
IN UINTN  P7Length,
OUT UINT8 **  SignerChainCerts,
OUT UINTN ChainLength,
OUT UINT8 **  UnchainCerts,
OUT UINTN UnchainLength 
)

Retrieves all embedded certificates from PKCS#7 signed data as described in "PKCS #7: Cryptographic Message Syntax Standard", and outputs two certificate lists chained and unchained to the signer's certificates. The input signed data could be wrapped in a ContentInfo structure.

Parameters
[in]P7DataPointer to the PKCS#7 message.
[in]P7LengthLength of the PKCS#7 message in bytes.
[out]SignerChainCertsPointer to the certificates list chained to signer's certificate. It's caller's responsibility to free the buffer with Pkcs7FreeSigners(). This data structure is EFI_CERT_STACK type.
[out]ChainLengthLength of the chained certificates list buffer in bytes.
[out]UnchainCertsPointer to the unchained certificates lists. It's caller's responsibility to free the buffer with Pkcs7FreeSigners(). This data structure is EFI_CERT_STACK type.
[out]UnchainLengthLength of the unchained certificates list buffer in bytes.
Return values
TRUEThe operation is finished successfully.
FALSEError occurs during the operation.

Definition at line 90 of file CryptPkcs7VerifyNull.c.

◆ Pkcs7GetSigners()

BOOLEAN EFIAPI Pkcs7GetSigners ( IN CONST UINT8 *  P7Data,
IN UINTN  P7Length,
OUT UINT8 **  CertStack,
OUT UINTN StackLength,
OUT UINT8 **  TrustedCert,
OUT UINTN CertLength 
)

Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7: Cryptographic Message Syntax Standard". The input signed data could be wrapped in a ContentInfo structure.

Return FALSE to indicate this interface is not supported.

Parameters
[in]P7DataPointer to the PKCS#7 message to verify.
[in]P7LengthLength of the PKCS#7 message in bytes.
[out]CertStackPointer to Signer's certificates retrieved from P7Data. It's caller's responsibility to free the buffer with Pkcs7FreeSigners(). This data structure is EFI_CERT_STACK type.
[out]StackLengthLength of signer's certificates in bytes.
[out]TrustedCertPointer to a trusted certificate from Signer's certificates. It's caller's responsibility to free the buffer with Pkcs7FreeSigners().
[out]CertLengthLength of the trusted certificate in bytes.
Return values
FALSEThis interface is not supported.

Definition at line 36 of file CryptPkcs7VerifyNull.c.

◆ Pkcs7Verify()

BOOLEAN EFIAPI Pkcs7Verify ( IN CONST UINT8 *  P7Data,
IN UINTN  P7Length,
IN CONST UINT8 *  TrustedCert,
IN UINTN  CertLength,
IN CONST UINT8 *  InData,
IN UINTN  DataLength 
)

Verifies the validity of a PKCS#7 signed data as described in "PKCS #7: Cryptographic Message Syntax Standard". The input signed data could be wrapped in a ContentInfo structure.

Return FALSE to indicate this interface is not supported.

Parameters
[in]P7DataPointer to the PKCS#7 message to verify.
[in]P7LengthLength of the PKCS#7 message in bytes.
[in]TrustedCertPointer to a trusted/root certificate encoded in DER, which is used for certificate chain verification.
[in]CertLengthLength of the trusted certificate in bytes.
[in]InDataPointer to the content to be verified.
[in]DataLengthLength of InData in bytes.
Return values
FALSEThis interface is not supported.

Definition at line 123 of file CryptPkcs7VerifyNull.c.