TianoCore EDK2 master
Loading...
Searching...
No Matches
CryptX509.c
Go to the documentation of this file.
1
9#include "InternalCryptLib.h"
10#include <mbedtls/x509.h>
11#include <mbedtls/x509_crt.h>
12#include <mbedtls/rsa.h>
13#include <mbedtls/ecp.h>
14#include <mbedtls/ecdh.h>
15#include <mbedtls/ecdsa.h>
16
20STATIC CONST UINT8 OID_commonName[] = {
21 0x55, 0x04, 0x03
22};
23STATIC CONST UINT8 OID_organizationName[] = {
24 0x55, 0x04, 0x0A
25};
26STATIC CONST UINT8 OID_extKeyUsage[] = {
27 0x55, 0x1D, 0x25
28};
29STATIC CONST UINT8 OID_BasicConstraints[] = {
30 0x55, 0x1D, 0x13
31};
32
33/* Profile for backward compatibility. Allows RSA 1024, unlike the default
34 profile. */
35STATIC mbedtls_x509_crt_profile gCompatProfile =
36{
37 /* Hashes from SHA-256 and above. Note that this selection
38 * should be aligned with ssl_preset_default_hashes in ssl_tls.c. */
39 MBEDTLS_X509_ID_FLAG (MBEDTLS_MD_SHA256) |
40 MBEDTLS_X509_ID_FLAG (MBEDTLS_MD_SHA384) |
41 MBEDTLS_X509_ID_FLAG (MBEDTLS_MD_SHA512),
42 0xFFFFFFF, /* Any PK alg */
43
44 /* Curves at or above 128-bit security level. Note that this selection
45 * should be aligned with ssl_preset_default_curves in ssl_tls.c. */
46 MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_SECP256R1) |
47 MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_SECP384R1) |
48 MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_SECP521R1) |
49 MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_BP256R1) |
50 MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_BP384R1) |
51 MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_BP512R1) |
52 0,
53 1024,
54};
55
70BOOLEAN
71EFIAPI
72X509ConstructCertificate (
73 IN CONST UINT8 *Cert,
74 IN UINTN CertSize,
75 OUT UINT8 **SingleX509Cert
76 )
77{
78 mbedtls_x509_crt *MbedTlsCert;
79 INT32 Ret;
80
81 if ((Cert == NULL) || (SingleX509Cert == NULL) || (CertSize == 0)) {
82 return FALSE;
83 }
84
85 MbedTlsCert = AllocateZeroPool (sizeof (mbedtls_x509_crt));
86 if (MbedTlsCert == NULL) {
87 return FALSE;
88 }
89
90 mbedtls_x509_crt_init (MbedTlsCert);
91
92 *SingleX509Cert = (UINT8 *)(VOID *)MbedTlsCert;
93 Ret = mbedtls_x509_crt_parse_der (MbedTlsCert, Cert, CertSize);
94 if (Ret == 0) {
95 return TRUE;
96 } else {
97 mbedtls_x509_crt_free (MbedTlsCert);
98 FreePool (MbedTlsCert);
99 return FALSE;
100 }
101}
102
122BOOLEAN
123EFIAPI
124X509ConstructCertificateStackV (
125 IN OUT UINT8 **X509Stack,
126 IN VA_LIST Args
127 )
128{
129 UINT8 *Cert;
130 UINTN CertSize;
131 INT32 Index;
132 INT32 Ret;
133 mbedtls_x509_crt *Crt;
134
135 if (X509Stack == NULL) {
136 return FALSE;
137 }
138
139 Ret = 0;
140 Crt = NULL;
141 if (*X509Stack == NULL) {
142 Crt = AllocateZeroPool (sizeof (mbedtls_x509_crt));
143 if (Crt == NULL) {
144 return FALSE;
145 }
146
147 mbedtls_x509_crt_init (Crt);
148 *X509Stack = (UINT8 *)Crt;
149 }
150
151 for (Index = 0; ; Index++) {
152 //
153 // If Cert is NULL, then it is the end of the list.
154 //
155 Cert = VA_ARG (Args, UINT8 *);
156 if (Cert == NULL) {
157 break;
158 }
159
160 CertSize = VA_ARG (Args, UINTN);
161 if (CertSize == 0) {
162 break;
163 }
164
165 Ret = mbedtls_x509_crt_parse_der ((mbedtls_x509_crt *)*X509Stack, Cert, CertSize);
166
167 if (Ret != 0) {
168 break;
169 }
170 }
171
172 if (Ret == 0) {
173 return TRUE;
174 } else {
175 if (Crt != NULL) {
176 mbedtls_x509_crt_free (Crt);
177 FreePool (Crt);
178 *X509Stack = NULL;
179 }
180
181 return FALSE;
182 }
183}
184
201BOOLEAN
202EFIAPI
203X509ConstructCertificateStack (
204 IN OUT UINT8 **X509Stack,
205 ...
206 )
207{
208 VA_LIST Args;
209 BOOLEAN Result;
210
211 VA_START (Args, X509Stack);
212 Result = X509ConstructCertificateStackV (X509Stack, Args);
213 VA_END (Args);
214 return Result;
215}
216
225VOID
226EFIAPI
227X509Free (
228 IN VOID *X509Cert
229 )
230{
231 if (X509Cert != NULL) {
232 mbedtls_x509_crt_free (X509Cert);
233 FreePool (X509Cert);
234 }
235}
236
245VOID
246EFIAPI
247X509StackFree (
248 IN VOID *X509Stack
249 )
250{
251 if (X509Stack == NULL) {
252 return;
253 }
254
255 mbedtls_x509_crt_free (X509Stack);
256}
257
269BOOLEAN
270EFIAPI
271Asn1GetTag (
272 IN OUT UINT8 **Ptr,
273 IN CONST UINT8 *End,
274 OUT UINTN *Length,
275 IN UINT32 Tag
276 )
277{
278 if (mbedtls_asn1_get_tag (Ptr, End, Length, (INT32)Tag) == 0) {
279 return TRUE;
280 } else {
281 return FALSE;
282 }
283}
284
302BOOLEAN
303EFIAPI
304X509GetSubjectName (
305 IN CONST UINT8 *Cert,
306 IN UINTN CertSize,
307 OUT UINT8 *CertSubject,
308 IN OUT UINTN *SubjectSize
309 )
310{
311 mbedtls_x509_crt Crt;
312 INT32 Ret;
313
314 if (Cert == NULL) {
315 return FALSE;
316 }
317
318 mbedtls_x509_crt_init (&Crt);
319
320 Ret = mbedtls_x509_crt_parse_der (&Crt, Cert, CertSize);
321
322 if (Ret == 0) {
323 if (CertSubject != NULL) {
324 CopyMem (CertSubject, Crt.subject_raw.p, Crt.subject_raw.len);
325 }
326
327 *SubjectSize = Crt.subject_raw.len;
328 }
329
330 mbedtls_x509_crt_free (&Crt);
331
332 return Ret == 0;
333}
334
362RETURN_STATUS
363EFIAPI
364InternalX509GetNIDName (
365 IN mbedtls_x509_name *Name,
366 IN CHAR8 *Oid,
367 IN UINTN OidSize,
368 IN OUT CHAR8 *CommonName OPTIONAL,
369 IN OUT UINTN *CommonNameSize
370 )
371{
372 CONST mbedtls_asn1_named_data *data;
373
374 data = mbedtls_asn1_find_named_data (Name, Oid, OidSize);
375 if (data != NULL) {
376 if (*CommonNameSize <= data->val.len) {
377 *CommonNameSize = data->val.len + 1;
378 return RETURN_BUFFER_TOO_SMALL;
379 }
380
381 if (CommonName != NULL) {
382 CopyMem (CommonName, data->val.p, data->val.len);
383 CommonName[data->val.len] = '\0';
384 }
385
386 *CommonNameSize = data->val.len + 1;
387 return RETURN_SUCCESS;
388 } else {
389 return RETURN_NOT_FOUND;
390 }
391}
392
421RETURN_STATUS
422EFIAPI
423InternalX509GetSubjectNIDName (
424 IN CONST UINT8 *Cert,
425 IN UINTN CertSize,
426 IN CHAR8 *Oid,
427 IN UINTN OidSize,
428 IN OUT CHAR8 *CommonName OPTIONAL,
429 IN OUT UINTN *CommonNameSize
430 )
431{
432 mbedtls_x509_crt Crt;
433 INT32 Ret;
434 mbedtls_x509_name *Name;
435 RETURN_STATUS ReturnStatus;
436
437 if (Cert == NULL) {
438 return FALSE;
439 }
440
441 ReturnStatus = RETURN_INVALID_PARAMETER;
442
443 mbedtls_x509_crt_init (&Crt);
444
445 Ret = mbedtls_x509_crt_parse_der (&Crt, Cert, CertSize);
446
447 if (Ret == 0) {
448 Name = &(Crt.subject);
449 ReturnStatus = InternalX509GetNIDName (Name, Oid, OidSize, CommonName, CommonNameSize);
450 }
451
452 mbedtls_x509_crt_free (&Crt);
453
454 return ReturnStatus;
455}
456
485RETURN_STATUS
486EFIAPI
487InternalX509GetIssuerNIDName (
488 IN CONST UINT8 *Cert,
489 IN UINTN CertSize,
490 IN CHAR8 *Oid,
491 IN UINTN OidSize,
492 OUT CHAR8 *CommonName OPTIONAL,
493 IN OUT UINTN *CommonNameSize
494 )
495{
496 mbedtls_x509_crt Crt;
497 INT32 Ret;
498 mbedtls_x509_name *Name;
499 RETURN_STATUS ReturnStatus;
500
501 if (Cert == NULL) {
502 return FALSE;
503 }
504
505 ReturnStatus = RETURN_INVALID_PARAMETER;
506
507 mbedtls_x509_crt_init (&Crt);
508
509 Ret = mbedtls_x509_crt_parse_der (&Crt, Cert, CertSize);
510
511 if (Ret == 0) {
512 Name = &(Crt.issuer);
513 ReturnStatus = InternalX509GetNIDName (Name, Oid, OidSize, CommonName, CommonNameSize);
514 }
515
516 mbedtls_x509_crt_free (&Crt);
517
518 return ReturnStatus;
519}
520
547RETURN_STATUS
548EFIAPI
549X509GetCommonName (
550 IN CONST UINT8 *Cert,
551 IN UINTN CertSize,
552 OUT CHAR8 *CommonName OPTIONAL,
553 IN OUT UINTN *CommonNameSize
554 )
555{
556 return InternalX509GetSubjectNIDName (Cert, CertSize, (CHAR8 *)OID_commonName, sizeof (OID_commonName), CommonName, CommonNameSize);
557}
558
585RETURN_STATUS
586EFIAPI
587X509GetOrganizationName (
588 IN CONST UINT8 *Cert,
589 IN UINTN CertSize,
590 OUT CHAR8 *NameBuffer OPTIONAL,
591 IN OUT UINTN *NameBufferSize
592 )
593{
594 return InternalX509GetSubjectNIDName (Cert, CertSize, (CHAR8 *)OID_organizationName, sizeof (OID_organizationName), NameBuffer, NameBufferSize);
595}
596
613BOOLEAN
614EFIAPI
615RsaGetPublicKeyFromX509 (
616 IN CONST UINT8 *Cert,
617 IN UINTN CertSize,
618 OUT VOID **RsaContext
619 )
620{
621 mbedtls_x509_crt Crt;
622 mbedtls_rsa_context *Rsa;
623 INT32 Ret;
624
625 mbedtls_x509_crt_init (&Crt);
626
627 if (mbedtls_x509_crt_parse_der (&Crt, Cert, CertSize) != 0) {
628 return FALSE;
629 }
630
631 if (mbedtls_pk_get_type (&Crt.pk) != MBEDTLS_PK_RSA) {
632 mbedtls_x509_crt_free (&Crt);
633 return FALSE;
634 }
635
636 Rsa = RsaNew ();
637 if (Rsa == NULL) {
638 mbedtls_x509_crt_free (&Crt);
639 return FALSE;
640 }
641
642 Ret = mbedtls_rsa_copy (Rsa, mbedtls_pk_rsa (Crt.pk));
643 if (Ret != 0) {
644 RsaFree (Rsa);
645 mbedtls_x509_crt_free (&Crt);
646 return FALSE;
647 }
648
649 mbedtls_x509_crt_free (&Crt);
650
651 *RsaContext = Rsa;
652 return TRUE;
653}
654
671BOOLEAN
672EFIAPI
673EcGetPublicKeyFromX509 (
674 IN CONST UINT8 *Cert,
675 IN UINTN CertSize,
676 OUT VOID **EcContext
677 )
678{
679 ASSERT (FALSE);
680 return FALSE;
681}
682
699BOOLEAN
700EFIAPI
701X509VerifyCert (
702 IN CONST UINT8 *Cert,
703 IN UINTN CertSize,
704 IN CONST UINT8 *CACert,
705 IN UINTN CACertSize
706 )
707{
708 INT32 Ret;
709 mbedtls_x509_crt Ca;
710 mbedtls_x509_crt End;
711 UINT32 VFlag;
712 mbedtls_x509_crt_profile Profile;
713
714 if ((Cert == NULL) || (CACert == NULL)) {
715 return FALSE;
716 }
717
718 VFlag = 0;
719 CopyMem (&Profile, &gCompatProfile, sizeof (mbedtls_x509_crt_profile));
720
721 mbedtls_x509_crt_init (&Ca);
722 mbedtls_x509_crt_init (&End);
723
724 Ret = mbedtls_x509_crt_parse_der (&Ca, CACert, CACertSize);
725
726 if (Ret == 0) {
727 Ret = mbedtls_x509_crt_parse_der (&End, Cert, CertSize);
728 }
729
730 if (Ret == 0) {
731 Ret = mbedtls_x509_crt_verify_with_profile (&End, &Ca, NULL, &Profile, NULL, &VFlag, NULL, NULL);
732 }
733
734 mbedtls_x509_crt_free (&Ca);
735 mbedtls_x509_crt_free (&End);
736
737 return Ret == 0;
738}
739
756BOOLEAN
757EFIAPI
758X509VerifyCertChain (
759 IN CONST UINT8 *RootCert,
760 IN UINTN RootCertLength,
761 IN CONST UINT8 *CertChain,
762 IN UINTN CertChainLength
763 )
764{
765 UINTN Asn1Len;
766 UINTN PrecedingCertLen;
767 CONST UINT8 *PrecedingCert;
768 UINTN CurrentCertLen;
769 CONST UINT8 *CurrentCert;
770 CONST UINT8 *TmpPtr;
771 UINT32 Ret;
772 BOOLEAN VerifyFlag;
773
774 VerifyFlag = FALSE;
775 PrecedingCert = RootCert;
776 PrecedingCertLen = RootCertLength;
777
778 CurrentCert = CertChain;
779
780 //
781 // Get Current certificate from Certificates buffer and Verify with preciding cert
782 //
783 do {
784 TmpPtr = CurrentCert;
785 Ret = mbedtls_asn1_get_tag ((UINT8 **)&TmpPtr, CertChain + CertChainLength, &Asn1Len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
786 if (Ret != 0) {
787 break;
788 }
789
790 CurrentCertLen = Asn1Len + (TmpPtr - CurrentCert);
791
792 if (!X509VerifyCert (CurrentCert, CurrentCertLen, PrecedingCert, PrecedingCertLen)) {
793 VerifyFlag = FALSE;
794 break;
795 } else {
796 VerifyFlag = TRUE;
797 }
798
799 //
800 // Save preceding certificate
801 //
802 PrecedingCert = CurrentCert;
803 PrecedingCertLen = CurrentCertLen;
804
805 //
806 // Move current certificate to next;
807 //
808 CurrentCert = CurrentCert + CurrentCertLen;
809 } while (1);
810
811 return VerifyFlag;
812}
813
832BOOLEAN
833EFIAPI
834X509GetCertFromCertChain (
835 IN CONST UINT8 *CertChain,
836 IN UINTN CertChainLength,
837 IN CONST INT32 CertIndex,
838 OUT CONST UINT8 **Cert,
839 OUT UINTN *CertLength
840 )
841{
842 UINTN Asn1Len;
843 INT32 CurrentIndex;
844 UINTN CurrentCertLen;
845 CONST UINT8 *CurrentCert;
846 CONST UINT8 *TmpPtr;
847 INT32 Ret;
848
849 //
850 // Check input parameters.
851 //
852 if ((CertChain == NULL) || (Cert == NULL) ||
853 (CertIndex < -1) || (CertLength == NULL))
854 {
855 return FALSE;
856 }
857
858 CurrentCert = CertChain;
859 CurrentIndex = -1;
860
861 //
862 // Traverse the certificate chain
863 //
864 while (TRUE) {
865 //
866 // Get asn1 tag len
867 //
868 TmpPtr = CurrentCert;
869 Ret = mbedtls_asn1_get_tag ((UINT8 **)&TmpPtr, CertChain + CertChainLength, &Asn1Len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
870 if (Ret != 0) {
871 break;
872 }
873
874 CurrentCertLen = Asn1Len + (TmpPtr - CurrentCert);
875 CurrentIndex++;
876
877 if (CurrentIndex == CertIndex) {
878 *Cert = CurrentCert;
879 *CertLength = CurrentCertLen;
880 return TRUE;
881 }
882
883 //
884 // Move to next
885 //
886 CurrentCert = CurrentCert + CurrentCertLen;
887 }
888
889 //
890 // If CertIndex is -1, Return the last certificate
891 //
892 if ((CertIndex == -1) && (CurrentIndex >= 0)) {
893 *Cert = CurrentCert - CurrentCertLen;
894 *CertLength = CurrentCertLen;
895 return TRUE;
896 }
897
898 return FALSE;
899}
900
917BOOLEAN
918EFIAPI
919X509GetTBSCert (
920 IN CONST UINT8 *Cert,
921 IN UINTN CertSize,
922 OUT UINT8 **TBSCert,
923 OUT UINTN *TBSCertSize
924 )
925{
926 UINTN Length;
927 UINTN Ret;
928 UINT8 *Ptr;
929 CONST UINT8 *Temp;
930 CONST UINT8 *End;
931
932 //
933 // Check input parameters.
934 //
935 if ((Cert == NULL) || (TBSCert == NULL) ||
936 (TBSCertSize == NULL) || (CertSize > INT_MAX))
937 {
938 return FALSE;
939 }
940
941 //
942 // An X.509 Certificate is: (defined in RFC3280)
943 // Certificate ::= SEQUENCE {
944 // tbsCertificate TBSCertificate,
945 // signatureAlgorithm AlgorithmIdentifier,
946 // signature BIT STRING }
947 //
948 // and
949 //
950 // TBSCertificate ::= SEQUENCE {
951 // version [0] Version DEFAULT v1,
952 // ...
953 // }
954 //
955 // So we can just ASN1-parse the x.509 DER-encoded data. If we strip
956 // the first SEQUENCE, the second SEQUENCE is the TBSCertificate.
957 //
958
959 Length = 0;
960
961 Ptr = (UINT8 *)Cert;
962 End = Cert + CertSize;
963
964 Ret = mbedtls_asn1_get_tag (&Ptr, End, &Length, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
965 if (Ret != 0) {
966 return FALSE;
967 }
968
969 Temp = Ptr;
970 End = Ptr + Length;
971 Ret = mbedtls_asn1_get_tag (&Ptr, End, &Length, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
972 if (Ret != 0) {
973 return FALSE;
974 }
975
976 *TBSCert = (UINT8 *)Temp;
977 *TBSCertSize = Length + (Ptr - Temp);
978
979 return TRUE;
980}
981
998BOOLEAN
999EFIAPI
1000X509GetVersion (
1001 IN CONST UINT8 *Cert,
1002 IN UINTN CertSize,
1003 OUT UINTN *Version
1004 )
1005{
1006 mbedtls_x509_crt Crt;
1007 INT32 Ret;
1008 BOOLEAN ReturnStatus;
1009
1010 if (Cert == NULL) {
1011 return FALSE;
1012 }
1013
1014 ReturnStatus = FALSE;
1015
1016 mbedtls_x509_crt_init (&Crt);
1017
1018 Ret = mbedtls_x509_crt_parse_der (&Crt, Cert, CertSize);
1019
1020 if (Ret == 0) {
1021 *Version = Crt.version - 1;
1022 ReturnStatus = TRUE;
1023 }
1024
1025 mbedtls_x509_crt_free (&Crt);
1026
1027 return ReturnStatus;
1028}
1029
1053BOOLEAN
1054EFIAPI
1055X509GetSerialNumber (
1056 IN CONST UINT8 *Cert,
1057 IN UINTN CertSize,
1058 OUT UINT8 *SerialNumber OPTIONAL,
1059 IN OUT UINTN *SerialNumberSize
1060 )
1061{
1062 mbedtls_x509_crt Crt;
1063 INT32 Ret;
1064 BOOLEAN ReturnStatus;
1065
1066 if (Cert == NULL) {
1067 return FALSE;
1068 }
1069
1070 ReturnStatus = FALSE;
1071
1072 mbedtls_x509_crt_init (&Crt);
1073
1074 Ret = mbedtls_x509_crt_parse_der (&Crt, Cert, CertSize);
1075
1076 if (Ret == 0) {
1077 if (*SerialNumberSize <= Crt.serial.len) {
1078 *SerialNumberSize = Crt.serial.len + 1;
1079 ReturnStatus = FALSE;
1080 goto Cleanup;
1081 }
1082
1083 if (SerialNumber != NULL) {
1084 CopyMem (SerialNumber, Crt.serial.p, Crt.serial.len);
1085 SerialNumber[Crt.serial.len] = '\0';
1086 }
1087
1088 *SerialNumberSize = Crt.serial.len + 1;
1089 ReturnStatus = TRUE;
1090 }
1091
1092Cleanup:
1093 mbedtls_x509_crt_free (&Crt);
1094
1095 return ReturnStatus;
1096}
1097
1117BOOLEAN
1118EFIAPI
1119X509GetIssuerName (
1120 IN CONST UINT8 *Cert,
1121 IN UINTN CertSize,
1122 OUT UINT8 *CertIssuer,
1123 IN OUT UINTN *CertIssuerSize
1124 )
1125{
1126 mbedtls_x509_crt Crt;
1127 INT32 Ret;
1128 BOOLEAN Status;
1129
1130 if (Cert == NULL) {
1131 return FALSE;
1132 }
1133
1134 Status = FALSE;
1135
1136 mbedtls_x509_crt_init (&Crt);
1137
1138 Ret = mbedtls_x509_crt_parse_der (&Crt, Cert, CertSize);
1139
1140 if (Ret == 0) {
1141 if (*CertIssuerSize < Crt.serial.len) {
1142 *CertIssuerSize = Crt.serial.len;
1143 Status = FALSE;
1144 goto Cleanup;
1145 }
1146
1147 if (CertIssuer != NULL) {
1148 CopyMem (CertIssuer, Crt.serial.p, Crt.serial.len);
1149 }
1150
1151 *CertIssuerSize = Crt.serial.len;
1152 Status = TRUE;
1153 }
1154
1155Cleanup:
1156 mbedtls_x509_crt_free (&Crt);
1157
1158 return Status;
1159}
1160
1187RETURN_STATUS
1188EFIAPI
1189X509GetIssuerCommonName (
1190 IN CONST UINT8 *Cert,
1191 IN UINTN CertSize,
1192 OUT CHAR8 *CommonName OPTIONAL,
1193 IN OUT UINTN *CommonNameSize
1194 )
1195{
1196 return InternalX509GetIssuerNIDName (Cert, CertSize, (CHAR8 *)OID_commonName, sizeof (OID_commonName), CommonName, CommonNameSize);
1197}
1198
1225RETURN_STATUS
1226EFIAPI
1227X509GetIssuerOrganizationName (
1228 IN CONST UINT8 *Cert,
1229 IN UINTN CertSize,
1230 OUT CHAR8 *NameBuffer OPTIONAL,
1231 IN OUT UINTN *NameBufferSize
1232 )
1233{
1234 return InternalX509GetIssuerNIDName (Cert, CertSize, (CHAR8 *)OID_organizationName, sizeof (OID_organizationName), NameBuffer, NameBufferSize);
1235}
1236
1255BOOLEAN
1256EFIAPI
1257X509GetSignatureAlgorithm (
1258 IN CONST UINT8 *Cert,
1259 IN UINTN CertSize,
1260 OUT UINT8 *Oid OPTIONAL,
1261 IN OUT UINTN *OidSize
1262 )
1263{
1264 mbedtls_x509_crt Crt;
1265 INT32 Ret;
1266 BOOLEAN ReturnStatus;
1267
1268 if ((Cert == NULL) || (CertSize == 0) || (OidSize == NULL)) {
1269 return FALSE;
1270 }
1271
1272 ReturnStatus = FALSE;
1273
1274 mbedtls_x509_crt_init (&Crt);
1275
1276 Ret = mbedtls_x509_crt_parse_der (&Crt, Cert, CertSize);
1277
1278 if (Ret == 0) {
1279 if (*OidSize < Crt.sig_oid.len) {
1280 *OidSize = Crt.serial.len;
1281 ReturnStatus = FALSE;
1282 goto Cleanup;
1283 }
1284
1285 if (Oid != NULL) {
1286 CopyMem (Oid, Crt.sig_oid.p, Crt.sig_oid.len);
1287 }
1288
1289 *OidSize = Crt.sig_oid.len;
1290 ReturnStatus = TRUE;
1291 }
1292
1293Cleanup:
1294 mbedtls_x509_crt_free (&Crt);
1295
1296 return ReturnStatus;
1297}
1298
1310STATIC
1311RETURN_STATUS
1312InternalX509FindExtensionData (
1313 UINT8 *Start,
1314 UINT8 *End,
1315 CONST UINT8 *Oid,
1316 UINTN OidSize,
1317 UINT8 **FindExtensionData,
1318 UINTN *FindExtensionDataLen
1319 )
1320{
1321 UINT8 *Ptr;
1322 UINT8 *ExtensionPtr;
1323 size_t ObjLen;
1324 INT32 Ret;
1325 RETURN_STATUS ReturnStatus;
1326 size_t FindExtensionLen;
1327 size_t HeaderLen;
1328
1329 ReturnStatus = RETURN_INVALID_PARAMETER;
1330 Ptr = Start;
1331
1332 Ret = 0;
1333
1334 while (TRUE) {
1335 /*
1336 * Extension ::= SEQUENCE {
1337 * extnID OBJECT IDENTIFIER,
1338 * critical BOOLEAN DEFAULT FALSE,
1339 * extnValue OCTET STRING }
1340 */
1341 ExtensionPtr = Ptr;
1342 Ret = mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
1343 if (Ret == 0) {
1344 HeaderLen = (size_t)(Ptr - ExtensionPtr);
1345 FindExtensionLen = ObjLen;
1346 // Get Object Identifier
1347 Ret = mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_OID);
1348 } else {
1349 break;
1350 }
1351
1352 if ((Ret == 0) && (CompareMem (Ptr, Oid, OidSize) == 0)) {
1353 Ptr += ObjLen;
1354
1355 Ret = mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_BOOLEAN);
1356 if (Ret == 0) {
1357 Ptr += ObjLen;
1358 }
1359
1360 Ret = mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_OCTET_STRING);
1361 } else {
1362 Ret = 1;
1363 }
1364
1365 if (Ret == 0) {
1366 *FindExtensionData = Ptr;
1367 *FindExtensionDataLen = ObjLen;
1368 ReturnStatus = RETURN_SUCCESS;
1369 break;
1370 }
1371
1372 // move to next
1373 Ptr = ExtensionPtr + HeaderLen + FindExtensionLen;
1374 Ret = 0;
1375 }
1376
1377 return ReturnStatus;
1378}
1379
1400BOOLEAN
1401EFIAPI
1402X509GetExtensionData (
1403 IN CONST UINT8 *Cert,
1404 IN UINTN CertSize,
1405 IN CONST UINT8 *Oid,
1406 IN UINTN OidSize,
1407 OUT UINT8 *ExtensionData,
1408 IN OUT UINTN *ExtensionDataSize
1409 )
1410{
1411 mbedtls_x509_crt Crt;
1412 INT32 Ret;
1413 RETURN_STATUS ReturnStatus;
1414 BOOLEAN Status;
1415 UINT8 *Ptr;
1416 UINT8 *End;
1417 size_t ObjLen;
1418
1419 if ((Cert == NULL) ||
1420 (CertSize == 0) ||
1421 (Oid == NULL) ||
1422 (OidSize == 0) ||
1423 (ExtensionDataSize == NULL))
1424 {
1425 return FALSE;
1426 }
1427
1428 ReturnStatus = RETURN_INVALID_PARAMETER;
1429 Status = FALSE;
1430
1431 mbedtls_x509_crt_init (&Crt);
1432
1433 Ret = mbedtls_x509_crt_parse_der (&Crt, Cert, CertSize);
1434
1435 if (Ret == 0) {
1436 Ptr = Crt.v3_ext.p;
1437 End = Crt.v3_ext.p + Crt.v3_ext.len;
1438 Ret = mbedtls_asn1_get_tag (&Ptr, End, &ObjLen, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
1439 }
1440
1441 if (Ret == 0) {
1442 ReturnStatus = InternalX509FindExtensionData (Ptr, End, Oid, OidSize, &Ptr, &ObjLen);
1443 }
1444
1445 if (ReturnStatus == RETURN_SUCCESS) {
1446 if (*ExtensionDataSize < ObjLen) {
1447 *ExtensionDataSize = ObjLen;
1448 Status = FALSE;
1449 goto Cleanup;
1450 }
1451
1452 if (Oid != NULL) {
1453 CopyMem (ExtensionData, Ptr, ObjLen);
1454 }
1455
1456 *ExtensionDataSize = ObjLen;
1457 Status = TRUE;
1458 }
1459
1460Cleanup:
1461 mbedtls_x509_crt_free (&Crt);
1462
1463 return Status;
1464}
1465
1487BOOLEAN
1488EFIAPI
1489X509GetValidity (
1490 IN CONST UINT8 *Cert,
1491 IN UINTN CertSize,
1492 IN UINT8 *From,
1493 IN OUT UINTN *FromSize,
1494 IN UINT8 *To,
1495 IN OUT UINTN *ToSize
1496 )
1497{
1498 mbedtls_x509_crt Crt;
1499 INT32 Ret;
1500 BOOLEAN Status;
1501 UINTN TSize;
1502 UINTN FSize;
1503
1504 if (Cert == NULL) {
1505 return FALSE;
1506 }
1507
1508 Status = FALSE;
1509
1510 mbedtls_x509_crt_init (&Crt);
1511
1512 Ret = mbedtls_x509_crt_parse_der (&Crt, Cert, CertSize);
1513
1514 if (Ret == 0) {
1515 FSize = sizeof (mbedtls_x509_time);
1516 if (*FromSize < FSize) {
1517 *FromSize = FSize;
1518 goto _Exit;
1519 }
1520
1521 *FromSize = FSize;
1522 if (From != NULL) {
1523 CopyMem (From, &(Crt.valid_from), FSize);
1524 }
1525
1526 TSize = sizeof (mbedtls_x509_time);
1527 if (*ToSize < TSize) {
1528 *ToSize = TSize;
1529 goto _Exit;
1530 }
1531
1532 *ToSize = TSize;
1533 if (To != NULL) {
1534 CopyMem (To, &(Crt.valid_to), sizeof (mbedtls_x509_time));
1535 }
1536
1537 Status = TRUE;
1538 }
1539
1540_Exit:
1541 mbedtls_x509_crt_free (&Crt);
1542
1543 return Status;
1544}
1545
1557BOOLEAN
1558EFIAPI
1559X509GetKeyUsage (
1560 IN CONST UINT8 *Cert,
1561 IN UINTN CertSize,
1562 OUT UINTN *Usage
1563 )
1564{
1565 mbedtls_x509_crt Crt;
1566 INT32 Ret;
1567 BOOLEAN Status;
1568
1569 if (Cert == NULL) {
1570 return FALSE;
1571 }
1572
1573 Status = FALSE;
1574
1575 mbedtls_x509_crt_init (&Crt);
1576
1577 Ret = mbedtls_x509_crt_parse_der (&Crt, Cert, CertSize);
1578
1579 if (Ret == 0) {
1580 *Usage = Crt.key_usage;
1581 Status = TRUE;
1582 }
1583
1584 mbedtls_x509_crt_free (&Crt);
1585
1586 return Status;
1587}
1588
1606BOOLEAN
1607EFIAPI
1608X509GetExtendedKeyUsage (
1609 IN CONST UINT8 *Cert,
1610 IN UINTN CertSize,
1611 OUT UINT8 *Usage,
1612 IN OUT UINTN *UsageSize
1613 )
1614{
1615 BOOLEAN ReturnStatus;
1616
1617 if ((Cert == NULL) || (CertSize == 0) || (UsageSize == NULL)) {
1618 return FALSE;
1619 }
1620
1621 ReturnStatus = X509GetExtensionData ((UINT8 *)Cert, CertSize, (UINT8 *)OID_extKeyUsage, sizeof (OID_extKeyUsage), Usage, UsageSize);
1622
1623 return ReturnStatus;
1624}
1625
1635STATIC
1636INTN
1637InternalX509CheckTime (
1638 CONST mbedtls_x509_time *Before,
1639 CONST mbedtls_x509_time *After
1640 )
1641{
1642 if (Before->year > After->year) {
1643 return (1);
1644 }
1645
1646 if ((Before->year == After->year) &&
1647 (Before->mon > After->mon))
1648 {
1649 return (1);
1650 }
1651
1652 if ((Before->year == After->year) &&
1653 (Before->mon == After->mon) &&
1654 (Before->day > After->day))
1655 {
1656 return (1);
1657 }
1658
1659 if ((Before->year == After->year) &&
1660 (Before->mon == After->mon) &&
1661 (Before->day == After->day) &&
1662 (Before->hour > After->hour))
1663 {
1664 return (1);
1665 }
1666
1667 if ((Before->year == After->year) &&
1668 (Before->mon == After->mon) &&
1669 (Before->day == After->day) &&
1670 (Before->hour == After->hour) &&
1671 (Before->min > After->min))
1672 {
1673 return (1);
1674 }
1675
1676 if ((Before->year == After->year) &&
1677 (Before->mon == After->mon) &&
1678 (Before->day == After->day) &&
1679 (Before->hour == After->hour) &&
1680 (Before->min == After->min) &&
1681 (Before->sec > After->sec))
1682 {
1683 return (1);
1684 }
1685
1686 return (0);
1687}
1688
1697STATIC
1698INT32
1699InternalAtoI (
1700 CHAR8 *PStart,
1701 CHAR8 *PEnd
1702 )
1703{
1704 CHAR8 *Ptr;
1705 INT32 Knum;
1706
1707 Knum = 0;
1708 Ptr = PStart;
1709
1710 while (Ptr < PEnd) {
1714 Knum = (Knum << 3) + (Knum << 1) + (*Ptr) - '0';
1715 Ptr++;
1716 }
1717
1718 return Knum;
1719}
1720
1744RETURN_STATUS
1745EFIAPI
1746X509SetDateTime (
1747 CHAR8 *DateTimeStr,
1748 IN OUT VOID *DateTime,
1749 IN OUT UINTN *DateTimeSize
1750 )
1751{
1752 mbedtls_x509_time Dt;
1753
1754 INT32 Year;
1755 INT32 Month;
1756 INT32 Day;
1757 INT32 Hour;
1758 INT32 Minute;
1759 INT32 Second;
1760 RETURN_STATUS ReturnStatus;
1761 CHAR8 *Ptr;
1762
1763 Ptr = DateTimeStr;
1764
1765 Year = InternalAtoI (Ptr, Ptr + 4);
1766 Ptr += 4;
1767 Month = InternalAtoI (Ptr, Ptr + 2);
1768 Ptr += 2;
1769 Day = InternalAtoI (Ptr, Ptr + 2);
1770 Ptr += 2;
1771 Hour = InternalAtoI (Ptr, Ptr + 2);
1772 Ptr += 2;
1773 Minute = InternalAtoI (Ptr, Ptr + 2);
1774 Ptr += 2;
1775 Second = InternalAtoI (Ptr, Ptr + 2);
1776 Ptr += 2;
1777 Dt.year = (int)Year;
1778 Dt.mon = (int)Month;
1779 Dt.day = (int)Day;
1780 Dt.hour = (int)Hour;
1781 Dt.min = (int)Minute;
1782 Dt.sec = (int)Second;
1783
1784 if (*DateTimeSize < sizeof (mbedtls_x509_time)) {
1785 *DateTimeSize = sizeof (mbedtls_x509_time);
1786 ReturnStatus = RETURN_BUFFER_TOO_SMALL;
1787 goto Cleanup;
1788 }
1789
1790 if (DateTime != NULL) {
1791 CopyMem (DateTime, &Dt, sizeof (mbedtls_x509_time));
1792 }
1793
1794 *DateTimeSize = sizeof (mbedtls_x509_time);
1795 ReturnStatus = RETURN_SUCCESS;
1796Cleanup:
1797 return ReturnStatus;
1798}
1799
1816INT32
1817EFIAPI
1818X509CompareDateTime (
1819 IN CONST VOID *DateTime1,
1820 IN CONST VOID *DateTime2
1821 )
1822{
1823 if ((DateTime1 == NULL) || (DateTime2 == NULL)) {
1824 return -2;
1825 }
1826
1827 if (CompareMem (DateTime2, DateTime1, sizeof (mbedtls_x509_time)) == 0) {
1828 return 0;
1829 }
1830
1831 if (InternalX509CheckTime ((mbedtls_x509_time *)DateTime1, (mbedtls_x509_time *)DateTime2) == 0) {
1832 return -1;
1833 } else {
1834 return 1;
1835 }
1836}
1837
1856BOOLEAN
1857EFIAPI
1858X509GetExtendedBasicConstraints (
1859 CONST UINT8 *Cert,
1860 UINTN CertSize,
1861 UINT8 *BasicConstraints,
1862 UINTN *BasicConstraintsSize
1863 )
1864{
1865 BOOLEAN Status;
1866
1867 if ((Cert == NULL) || (CertSize == 0) || (BasicConstraintsSize == NULL)) {
1868 return FALSE;
1869 }
1870
1871 Status = X509GetExtensionData (
1872 (UINT8 *)Cert,
1873 CertSize,
1874 OID_BasicConstraints,
1875 sizeof (OID_BasicConstraints),
1876 BasicConstraints,
1877 BasicConstraintsSize
1878 );
1879
1880 return Status;
1881}
1882
1906BOOLEAN
1907EFIAPI
1908X509FormatDateTime (
1909 IN CONST CHAR8 *DateTimeStr,
1910 OUT VOID *DateTime,
1911 IN OUT UINTN *DateTimeSize
1912 )
1913{
1914 mbedtls_x509_time *Tm;
1915
1916 if (*DateTimeSize < sizeof (mbedtls_x509_time)) {
1917 return FALSE;
1918 }
1919
1920 if (DateTime == NULL) {
1921 return FALSE;
1922 }
1923
1924 Tm = (mbedtls_x509_time *)DateTime;
1925
1926 Tm->year = (DateTimeStr[0] + '0') * 1000 + (DateTimeStr[1] + '0') * 100 +
1927 (DateTimeStr[2] + '0') * 10 + (DateTimeStr[3] + '0') * 1;
1928
1929 Tm->mon = (DateTimeStr[4] + '0') * 10 + (DateTimeStr[5] + '0') * 1;
1930
1931 Tm->day = (DateTimeStr[6] + '0') * 10 + (DateTimeStr[7] + '0') * 1;
1932
1933 Tm->hour = (DateTimeStr[8] + '0') * 10 + (DateTimeStr[9] + '0') * 1;
1934
1935 Tm->min = (DateTimeStr[10] + '0') * 10 + (DateTimeStr[11] + '0') * 1;
1936
1937 Tm->sec = (DateTimeStr[12] + '0') * 10 + (DateTimeStr[13] + '0') * 1;
1938
1939 return TRUE;
1940}
UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112
INTN
INT64 INTN
Definition: ProcessorBind.h:118
RsaNew
VOID *EFIAPI RsaNew(VOID)
Definition: CryptRsaBasic.c:30
RsaFree
VOID EFIAPI RsaFree(IN VOID *RsaContext)
Definition: CryptRsaBasic.c:48
CompareMem
INTN EFIAPI CompareMem(IN CONST VOID *DestinationBuffer, IN CONST VOID *SourceBuffer, IN UINTN Length)
Definition: CompareMemWrapper.c:45
CopyMem
VOID *EFIAPI CopyMem(OUT VOID *DestinationBuffer, IN CONST VOID *SourceBuffer, IN UINTN Length)
Definition: CopyMemWrapper.c:41
AllocateZeroPool
VOID *EFIAPI AllocateZeroPool(IN UINTN AllocationSize)
Definition: MemoryAllocationLib.c:234
FreePool
VOID EFIAPI FreePool(IN VOID *Buffer)
Definition: MemoryAllocationLib.c:266
NULL
#define NULL
Definition: Base.h:319
CONST
#define CONST
Definition: Base.h:259
RETURN_BUFFER_TOO_SMALL
#define RETURN_BUFFER_TOO_SMALL
Definition: Base.h:1093
STATIC
#define STATIC
Definition: Base.h:264
RETURN_NOT_FOUND
#define RETURN_NOT_FOUND
Definition: Base.h:1142
VA_ARG
#define VA_ARG(Marker, TYPE)
Definition: Base.h:679
VA_START
#define VA_START(Marker, Parameter)
Definition: Base.h:661
RETURN_SUCCESS
#define RETURN_SUCCESS
Definition: Base.h:1066
TRUE
#define TRUE
Definition: Base.h:301
FALSE
#define FALSE
Definition: Base.h:307
VA_LIST
CHAR8 * VA_LIST
Definition: Base.h:643
IN
#define IN
Definition: Base.h:279
OUT
#define OUT
Definition: Base.h:284
RETURN_INVALID_PARAMETER
#define RETURN_INVALID_PARAMETER
Definition: Base.h:1076
VA_END
#define VA_END(Marker)
Definition: Base.h:691
X509GetSerialNumber
BOOLEAN EFIAPI X509GetSerialNumber(IN CONST UINT8 *Cert, IN UINTN CertSize, OUT UINT8 *SerialNumber, OPTIONAL IN OUT UINTN *SerialNumberSize)
Definition: CryptX509.c:1011
X509CompareDateTime
INT32 EFIAPI X509CompareDateTime(IN CONST VOID *DateTime1, IN CONST VOID *DateTime2)
Definition: CryptX509.c:1618
X509GetVersion
BOOLEAN EFIAPI X509GetVersion(IN CONST UINT8 *Cert, IN UINTN CertSize, OUT UINTN *Version)
Definition: CryptX509.c:957
X509GetExtensionData
BOOLEAN EFIAPI X509GetExtensionData(IN CONST UINT8 *Cert, IN UINTN CertSize, IN CONST UINT8 *Oid, IN UINTN OidSize, OUT UINT8 *ExtensionData, IN OUT UINTN *ExtensionDataSize)
Definition: CryptX509.c:1274
X509ConstructCertificateStack
BOOLEAN EFIAPI X509ConstructCertificateStack(IN OUT UINT8 **X509Stack,...)
Definition: CryptX509.c:190
X509GetIssuerName
BOOLEAN EFIAPI X509GetIssuerName(IN CONST UINT8 *Cert, IN UINTN CertSize, OUT UINT8 *CertIssuer, IN OUT UINTN *CertIssuerSize)
Definition: CryptX509.c:1097
InternalX509GetNIDName
STATIC RETURN_STATUS InternalX509GetNIDName(IN CONST UINT8 *Cert, IN UINTN CertSize, IN INT32 Request_NID, OUT CHAR8 *CommonName OPTIONAL, IN OUT UINTN *CommonNameSize)
Definition: CryptX509.c:369
X509FormatDateTime
BOOLEAN EFIAPI X509FormatDateTime(IN CONST CHAR8 *DateTimeStr, OUT VOID *DateTime, IN OUT UINTN *DateTimeSize)
Definition: CryptX509.c:1550
X509VerifyCert
BOOLEAN EFIAPI X509VerifyCert(IN CONST UINT8 *Cert, IN UINTN CertSize, IN CONST UINT8 *CACert, IN UINTN CACertSize)
Definition: CryptX509.c:659
X509GetSignatureAlgorithm
BOOLEAN EFIAPI X509GetSignatureAlgorithm(IN CONST UINT8 *Cert, IN UINTN CertSize, OUT UINT8 *Oid, OPTIONAL IN OUT UINTN *OidSize)
Definition: CryptX509.c:1180
RsaGetPublicKeyFromX509
BOOLEAN EFIAPI RsaGetPublicKeyFromX509(IN CONST UINT8 *Cert, IN UINTN CertSize, OUT VOID **RsaContext)
Definition: CryptX509.c:580
X509GetOrganizationName
RETURN_STATUS EFIAPI X509GetOrganizationName(IN CONST UINT8 *Cert, IN UINTN CertSize, OUT CHAR8 *NameBuffer OPTIONAL, IN OUT UINTN *NameBufferSize)
Definition: CryptX509.c:552
X509StackFree
VOID EFIAPI X509StackFree(IN VOID *X509Stack)
Definition: CryptX509.c:241
X509GetExtendedKeyUsage
BOOLEAN EFIAPI X509GetExtendedKeyUsage(IN CONST UINT8 *Cert, IN UINTN CertSize, OUT UINT8 *Usage, IN OUT UINTN *UsageSize)
Definition: CryptX509.c:1406
X509GetValidity
BOOLEAN EFIAPI X509GetValidity(IN CONST UINT8 *Cert, IN UINTN CertSize, IN UINT8 *From, IN OUT UINTN *FromSize, IN UINT8 *To, IN OUT UINTN *ToSize)
Definition: CryptX509.c:1442
Asn1GetTag
BOOLEAN EFIAPI Asn1GetTag(IN OUT UINT8 **Ptr, IN CONST UINT8 *End, OUT UINTN *Length, IN UINT32 Tag)
Definition: CryptX509.c:1884
EcGetPublicKeyFromX509
BOOLEAN EFIAPI EcGetPublicKeyFromX509(IN CONST UINT8 *Cert, IN UINTN CertSize, OUT VOID **EcContext)
Definition: CryptX509.c:878
X509Free
VOID EFIAPI X509Free(IN VOID *X509Cert)
Definition: CryptX509.c:214
X509ConstructCertificateStackV
BOOLEAN EFIAPI X509ConstructCertificateStackV(IN OUT UINT8 **X509Stack, IN VA_LIST Args)
Definition: CryptX509.c:94
X509GetCertFromCertChain
BOOLEAN EFIAPI X509GetCertFromCertChain(IN CONST UINT8 *CertChain, IN UINTN CertChainLength, IN CONST INT32 CertIndex, OUT CONST UINT8 **Cert, OUT UINTN *CertLength)
Definition: CryptX509.c:1792
X509GetSubjectName
BOOLEAN EFIAPI X509GetSubjectName(IN CONST UINT8 *Cert, IN UINTN CertSize, OUT UINT8 *CertSubject, IN OUT UINTN *SubjectSize)
Definition: CryptX509.c:277
X509GetKeyUsage
BOOLEAN EFIAPI X509GetKeyUsage(IN CONST UINT8 *Cert, IN UINTN CertSize, OUT UINTN *Usage)
Definition: CryptX509.c:1639
X509GetTBSCert
BOOLEAN EFIAPI X509GetTBSCert(IN CONST UINT8 *Cert, IN UINTN CertSize, OUT UINT8 **TBSCert, OUT UINTN *TBSCertSize)
Definition: CryptX509.c:798
X509GetExtendedBasicConstraints
BOOLEAN EFIAPI X509GetExtendedBasicConstraints(CONST UINT8 *Cert, UINTN CertSize, UINT8 *BasicConstraints, UINTN *BasicConstraintsSize)
Definition: CryptX509.c:1938
X509GetCommonName
RETURN_STATUS EFIAPI X509GetCommonName(IN CONST UINT8 *Cert, IN UINTN CertSize, OUT CHAR8 *CommonName OPTIONAL, IN OUT UINTN *CommonNameSize)
Definition: CryptX509.c:514
X509VerifyCertChain
BOOLEAN EFIAPI X509VerifyCertChain(IN CONST UINT8 *RootCert, IN UINTN RootCertLength, IN CONST UINT8 *CertChain, IN UINTN CertChainLength)
Definition: CryptX509.c:1705
X509ConstructCertificate
BOOLEAN EFIAPI X509ConstructCertificate(IN CONST UINT8 *Cert, IN UINTN CertSize, OUT UINT8 **SingleX509Cert)
Definition: CryptX509.c:43
X509SetDateTime
RETURN_STATUS EFIAPI X509SetDateTime(CHAR8 *DateTimeStr, IN OUT VOID *DateTime, IN OUT UINTN *DateTimeSize)
Definition: CryptX509.c:1746
InternalX509GetSubjectNIDName
RETURN_STATUS EFIAPI InternalX509GetSubjectNIDName(IN CONST UINT8 *Cert, IN UINTN CertSize, IN CHAR8 *Oid, IN UINTN OidSize, IN OUT CHAR8 *CommonName OPTIONAL, IN OUT UINTN *CommonNameSize)
Definition: CryptX509.c:423
InternalX509GetIssuerNIDName
RETURN_STATUS EFIAPI InternalX509GetIssuerNIDName(IN CONST UINT8 *Cert, IN UINTN CertSize, IN CHAR8 *Oid, IN UINTN OidSize, OUT CHAR8 *CommonName OPTIONAL, IN OUT UINTN *CommonNameSize)
Definition: CryptX509.c:487
X509GetIssuerOrganizationName
RETURN_STATUS EFIAPI X509GetIssuerOrganizationName(IN CONST UINT8 *Cert, IN UINTN CertSize, OUT CHAR8 *NameBuffer OPTIONAL, IN OUT UINTN *NameBufferSize)
Definition: CryptX509.c:1227
InternalX509CheckTime
STATIC INTN InternalX509CheckTime(CONST mbedtls_x509_time *Before, CONST mbedtls_x509_time *After)
Definition: CryptX509.c:1637
X509GetIssuerCommonName
RETURN_STATUS EFIAPI X509GetIssuerCommonName(IN CONST UINT8 *Cert, IN UINTN CertSize, OUT CHAR8 *CommonName OPTIONAL, IN OUT UINTN *CommonNameSize)
Definition: CryptX509.c:1189
InternalAtoI
STATIC INT32 InternalAtoI(CHAR8 *PStart, CHAR8 *PEnd)
Definition: CryptX509.c:1699
OID_commonName
STATIC CONST UINT8 OID_commonName[]
Definition: CryptX509.c:20
InternalX509FindExtensionData
STATIC RETURN_STATUS InternalX509FindExtensionData(UINT8 *Start, UINT8 *End, CONST UINT8 *Oid, UINTN OidSize, UINT8 **FindExtensionData, UINTN *FindExtensionDataLen)
Definition: CryptX509.c:1312