summaryrefslogtreecommitdiff
path: root/CryptoPkg/Include/Library
diff options
context:
space:
mode:
Diffstat (limited to 'CryptoPkg/Include/Library')
-rw-r--r--CryptoPkg/Include/Library/BaseCryptLib.h27
1 files changed, 27 insertions, 0 deletions
diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h
index e36041b..bc36ac7 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -1907,6 +1907,32 @@ X509StackFree (
);
/**
+ Retrieve the TBSCertificate from one given X.509 certificate.
+
+ @param[in] Cert Pointer to the given DER-encoded X509 certificate.
+ @param[in] CertSize Size of the X509 certificate in bytes.
+ @param[out] TBSCert DER-Encoded To-Be-Signed certificate.
+ @param[out] TBSCertSize Size of the TBS certificate in bytes.
+
+ If Cert is NULL, then return FALSE.
+ If TBSCert is NULL, then return FALSE.
+ If TBSCertSize is NULL, then return FALSE.
+ If this interface is not supported, then return FALSE.
+
+ @retval TRUE The TBSCertificate was retrieved successfully.
+ @retval FALSE Invalid X.509 certificate.
+
+**/
+BOOLEAN
+EFIAPI
+X509GetTBSCert (
+ IN CONST UINT8 *Cert,
+ IN UINTN CertSize,
+ OUT UINT8 **TBSCert,
+ OUT UINTN *TBSCertSize
+ );
+
+/**
Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7:
Cryptographic Message Syntax Standard". The input signed data could be wrapped
in a ContentInfo structure.
@@ -2067,6 +2093,7 @@ AuthenticodeVerify (
signature.
If AuthData is NULL, then return FALSE.
+ If this interface is not supported, then return FALSE.
@param[in] AuthData Pointer to the Authenticode Signature retrieved from signed
PE/COFF image to be verified.