1/** @file 2 PKCS#7 SignedData Verification Wrapper Implementation which does not provide 3 real capabilities. 4 5Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR> 6This program and the accompanying materials 7are licensed and made available under the terms and conditions of the BSD License 8which accompanies this distribution. The full text of the license may be found at 9http://opensource.org/licenses/bsd-license.php 10 11THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 12WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. 13 14**/ 15 16#include "InternalCryptLib.h" 17 18/** 19 Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7: 20 Cryptographic Message Syntax Standard". The input signed data could be wrapped 21 in a ContentInfo structure. 22 23 Return FALSE to indicate this interface is not supported. 24 25 @param[in] P7Data Pointer to the PKCS#7 message to verify. 26 @param[in] P7Length Length of the PKCS#7 message in bytes. 27 @param[out] CertStack Pointer to Signer's certificates retrieved from P7Data. 28 It's caller's responsiblity to free the buffer. 29 @param[out] StackLength Length of signer's certificates in bytes. 30 @param[out] TrustedCert Pointer to a trusted certificate from Signer's certificates. 31 It's caller's responsiblity to free the buffer. 32 @param[out] CertLength Length of the trusted certificate in bytes. 33 34 @retval FALSE This interface is not supported. 35 36**/ 37BOOLEAN 38EFIAPI 39Pkcs7GetSigners ( 40 IN CONST UINT8 *P7Data, 41 IN UINTN P7Length, 42 OUT UINT8 **CertStack, 43 OUT UINTN *StackLength, 44 OUT UINT8 **TrustedCert, 45 OUT UINTN *CertLength 46 ) 47{ 48 ASSERT (FALSE); 49 return FALSE; 50} 51 52/** 53 Wrap function to use free() to free allocated memory for certificates. 54 55 If the interface is not supported, then ASSERT(). 56 57 @param[in] Certs Pointer to the certificates to be freed. 58 59**/ 60VOID 61EFIAPI 62Pkcs7FreeSigners ( 63 IN UINT8 *Certs 64 ) 65{ 66 ASSERT (FALSE); 67} 68 69/** 70 Retrieves all embedded certificates from PKCS#7 signed data as described in "PKCS #7: 71 Cryptographic Message Syntax Standard", and outputs two certificate lists chained and 72 unchained to the signer's certificates. 73 The input signed data could be wrapped in a ContentInfo structure. 74 75 @param[in] P7Data Pointer to the PKCS#7 message. 76 @param[in] P7Length Length of the PKCS#7 message in bytes. 77 @param[out] SignerChainCerts Pointer to the certificates list chained to signer's 78 certificate. It's caller's responsiblity to free the buffer. 79 @param[out] ChainLength Length of the chained certificates list buffer in bytes. 80 @param[out] UnchainCerts Pointer to the unchained certificates lists. It's caller's 81 responsiblity to free the buffer. 82 @param[out] UnchainLength Length of the unchained certificates list buffer in bytes. 83 84 @retval TRUE The operation is finished successfully. 85 @retval FALSE Error occurs during the operation. 86 87**/ 88BOOLEAN 89EFIAPI 90Pkcs7GetCertificatesList ( 91 IN CONST UINT8 *P7Data, 92 IN UINTN P7Length, 93 OUT UINT8 **SignerChainCerts, 94 OUT UINTN *ChainLength, 95 OUT UINT8 **UnchainCerts, 96 OUT UINTN *UnchainLength 97 ) 98{ 99 ASSERT (FALSE); 100 return FALSE; 101} 102 103/** 104 Verifies the validility of a PKCS#7 signed data as described in "PKCS #7: 105 Cryptographic Message Syntax Standard". The input signed data could be wrapped 106 in a ContentInfo structure. 107 108 Return FALSE to indicate this interface is not supported. 109 110 @param[in] P7Data Pointer to the PKCS#7 message to verify. 111 @param[in] P7Length Length of the PKCS#7 message in bytes. 112 @param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which 113 is used for certificate chain verification. 114 @param[in] CertLength Length of the trusted certificate in bytes. 115 @param[in] InData Pointer to the content to be verified. 116 @param[in] DataLength Length of InData in bytes. 117 118 @retval FALSE This interface is not supported. 119 120**/ 121BOOLEAN 122EFIAPI 123Pkcs7Verify ( 124 IN CONST UINT8 *P7Data, 125 IN UINTN P7Length, 126 IN CONST UINT8 *TrustedCert, 127 IN UINTN CertLength, 128 IN CONST UINT8 *InData, 129 IN UINTN DataLength 130 ) 131{ 132 ASSERT (FALSE); 133 return FALSE; 134} 135 136/** 137 Extracts the attached content from a PKCS#7 signed data if existed. The input signed 138 data could be wrapped in a ContentInfo structure. 139 140 Return FALSE to indicate this interface is not supported. 141 142 @param[in] P7Data Pointer to the PKCS#7 signed data to process. 143 @param[in] P7Length Length of the PKCS#7 signed data in bytes. 144 @param[out] Content Pointer to the extracted content from the PKCS#7 signedData. 145 It's caller's responsiblity to free the buffer. 146 @param[out] ContentSize The size of the extracted content in bytes. 147 148 @retval TRUE The P7Data was correctly formatted for processing. 149 @retval FALSE The P7Data was not correctly formatted for processing. 150 151**/ 152BOOLEAN 153EFIAPI 154Pkcs7GetAttachedContent ( 155 IN CONST UINT8 *P7Data, 156 IN UINTN P7Length, 157 OUT VOID **Content, 158 OUT UINTN *ContentSize 159 ) 160{ 161 ASSERT (FALSE); 162 return FALSE; 163} 164