1/** @file
2  PKCS#7 SignedData Verification Wrapper Implementation which does not provide
3  real capabilities.
4
5Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>
6This program and the accompanying materials
7are licensed and made available under the terms and conditions of the BSD License
8which accompanies this distribution.  The full text of the license may be found at
9http://opensource.org/licenses/bsd-license.php
10
11THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13
14**/
15
16#include "InternalCryptLib.h"
17
18/**
19  Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7:
20  Cryptographic Message Syntax Standard". The input signed data could be wrapped
21  in a ContentInfo structure.
22
23  Return FALSE to indicate this interface is not supported.
24
25  @param[in]  P7Data       Pointer to the PKCS#7 message to verify.
26  @param[in]  P7Length     Length of the PKCS#7 message in bytes.
27  @param[out] CertStack    Pointer to Signer's certificates retrieved from P7Data.
28                           It's caller's responsiblity to free the buffer.
29  @param[out] StackLength  Length of signer's certificates in bytes.
30  @param[out] TrustedCert  Pointer to a trusted certificate from Signer's certificates.
31                           It's caller's responsiblity to free the buffer.
32  @param[out] CertLength   Length of the trusted certificate in bytes.
33
34  @retval FALSE  This interface is not supported.
35
36**/
37BOOLEAN
38EFIAPI
39Pkcs7GetSigners (
40  IN  CONST UINT8  *P7Data,
41  IN  UINTN        P7Length,
42  OUT UINT8        **CertStack,
43  OUT UINTN        *StackLength,
44  OUT UINT8        **TrustedCert,
45  OUT UINTN        *CertLength
46  )
47{
48  ASSERT (FALSE);
49  return FALSE;
50}
51
52/**
53  Wrap function to use free() to free allocated memory for certificates.
54
55  If the interface is not supported, then ASSERT().
56
57  @param[in]  Certs        Pointer to the certificates to be freed.
58
59**/
60VOID
61EFIAPI
62Pkcs7FreeSigners (
63  IN  UINT8        *Certs
64  )
65{
66  ASSERT (FALSE);
67}
68
69/**
70  Retrieves all embedded certificates from PKCS#7 signed data as described in "PKCS #7:
71  Cryptographic Message Syntax Standard", and outputs two certificate lists chained and
72  unchained to the signer's certificates.
73  The input signed data could be wrapped in a ContentInfo structure.
74
75  @param[in]  P7Data            Pointer to the PKCS#7 message.
76  @param[in]  P7Length          Length of the PKCS#7 message in bytes.
77  @param[out] SignerChainCerts  Pointer to the certificates list chained to signer's
78                                certificate. It's caller's responsiblity to free the buffer.
79  @param[out] ChainLength       Length of the chained certificates list buffer in bytes.
80  @param[out] UnchainCerts      Pointer to the unchained certificates lists. It's caller's
81                                responsiblity to free the buffer.
82  @param[out] UnchainLength     Length of the unchained certificates list buffer in bytes.
83
84  @retval  TRUE         The operation is finished successfully.
85  @retval  FALSE        Error occurs during the operation.
86
87**/
88BOOLEAN
89EFIAPI
90Pkcs7GetCertificatesList (
91  IN  CONST UINT8  *P7Data,
92  IN  UINTN        P7Length,
93  OUT UINT8        **SignerChainCerts,
94  OUT UINTN        *ChainLength,
95  OUT UINT8        **UnchainCerts,
96  OUT UINTN        *UnchainLength
97  )
98{
99  ASSERT (FALSE);
100  return FALSE;
101}
102
103/**
104  Verifies the validility of a PKCS#7 signed data as described in "PKCS #7:
105  Cryptographic Message Syntax Standard". The input signed data could be wrapped
106  in a ContentInfo structure.
107
108  Return FALSE to indicate this interface is not supported.
109
110  @param[in]  P7Data       Pointer to the PKCS#7 message to verify.
111  @param[in]  P7Length     Length of the PKCS#7 message in bytes.
112  @param[in]  TrustedCert  Pointer to a trusted/root certificate encoded in DER, which
113                           is used for certificate chain verification.
114  @param[in]  CertLength   Length of the trusted certificate in bytes.
115  @param[in]  InData       Pointer to the content to be verified.
116  @param[in]  DataLength   Length of InData in bytes.
117
118  @retval FALSE  This interface is not supported.
119
120**/
121BOOLEAN
122EFIAPI
123Pkcs7Verify (
124  IN  CONST UINT8  *P7Data,
125  IN  UINTN        P7Length,
126  IN  CONST UINT8  *TrustedCert,
127  IN  UINTN        CertLength,
128  IN  CONST UINT8  *InData,
129  IN  UINTN        DataLength
130  )
131{
132  ASSERT (FALSE);
133  return FALSE;
134}
135
136/**
137  Extracts the attached content from a PKCS#7 signed data if existed. The input signed
138  data could be wrapped in a ContentInfo structure.
139
140  Return FALSE to indicate this interface is not supported.
141
142  @param[in]   P7Data       Pointer to the PKCS#7 signed data to process.
143  @param[in]   P7Length     Length of the PKCS#7 signed data in bytes.
144  @param[out]  Content      Pointer to the extracted content from the PKCS#7 signedData.
145                            It's caller's responsiblity to free the buffer.
146  @param[out]  ContentSize  The size of the extracted content in bytes.
147
148  @retval     TRUE          The P7Data was correctly formatted for processing.
149  @retval     FALSE         The P7Data was not correctly formatted for processing.
150
151**/
152BOOLEAN
153EFIAPI
154Pkcs7GetAttachedContent (
155  IN  CONST UINT8  *P7Data,
156  IN  UINTN        P7Length,
157  OUT VOID         **Content,
158  OUT UINTN        *ContentSize
159  )
160{
161  ASSERT (FALSE);
162  return FALSE;
163}
164