Reviewed-by: Jian J Wang <jian.j.w...@intel.com>
Regards, Jian > -----Original Message----- > From: Kinney, Michael D <michael.d.kin...@intel.com> > Sent: Thursday, January 30, 2020 3:01 PM > To: devel@edk2.groups.io > Cc: Wang, Jian J <jian.j.w...@intel.com>; Lu, XiaoyuX <xiaoyux...@intel.com> > Subject: [Patch 1/5] CryptoPkg/BaseCryptLib: Add > X509ConstructCertificateStackV(). > > https://bugzilla.tianocore.org/show_bug.cgi?id=2420 > > Add X509ConstructCertificateStackV() to BaseCryptLib that is > identical in behavior to X509ConstructCertificateStack(), but > it takes a VA_LIST parameter for the variable argument list. > > The VA_LIST form of this function is required for BaseCryptLib > functions to be wrapped in a Protocol/PPI. > > Cc: Jian J Wang <jian.j.w...@intel.com> > Cc: Xiaoyu Lu <xiaoyux...@intel.com> > Signed-off-by: Michael D Kinney <michael.d.kin...@intel.com> > --- > CryptoPkg/Include/Library/BaseCryptLib.h | 26 ++++++++++ > CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 50 +++++++++++++++---- > .../Library/BaseCryptLib/Pk/CryptX509Null.c | 32 +++++++++++- > .../BaseCryptLibNull/Pk/CryptX509Null.c | 32 +++++++++++- > 4 files changed, 128 insertions(+), 12 deletions(-) > > diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h > b/CryptoPkg/Include/Library/BaseCryptLib.h > index 8320fddc4c..5e8f2e0a10 100644 > --- a/CryptoPkg/Include/Library/BaseCryptLib.h > +++ b/CryptoPkg/Include/Library/BaseCryptLib.h > @@ -2371,6 +2371,32 @@ X509ConstructCertificate ( > OUT UINT8 **SingleX509Cert > ); > > +/** > + Construct a X509 stack object from a list of DER-encoded certificate data. > + > + If X509Stack is NULL, then return FALSE. > + If this interface is not supported, then return FALSE. > + > + @param[in, out] X509Stack On input, pointer to an existing or NULL X509 > stack object. > + On output, pointer to the X509 stack object > with new > + inserted X509 certificate. > + @param[in] Args VA_LIST marker for the variable argument list. > + A list of DER-encoded single certificate data > followed > + by certificate size. A NULL terminates the > list. The > + pairs are the arguments to > X509ConstructCertificate(). > + > + @retval TRUE The X509 stack construction succeeded. > + @retval FALSE The construction operation failed. > + @retval FALSE This interface is not supported. > + > +**/ > +BOOLEAN > +EFIAPI > +X509ConstructCertificateStackV ( > + IN OUT UINT8 **X509Stack, > + IN VA_LIST Args > + ); > + > /** > Construct a X509 stack object from a list of DER-encoded certificate data. > > diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c > index 9b5579e71a..b1393a89c5 100644 > --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c > @@ -1,7 +1,7 @@ > /** @file > X.509 Certificate Handler Wrapper Implementation over OpenSSL. > > -Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR> > +Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR> > SPDX-License-Identifier: BSD-2-Clause-Patent > > **/ > @@ -60,23 +60,26 @@ X509ConstructCertificate ( > Construct a X509 stack object from a list of DER-encoded certificate data. > > If X509Stack is NULL, then return FALSE. > + If this interface is not supported, then return FALSE. > > @param[in, out] X509Stack On input, pointer to an existing or NULL X509 > stack object. > On output, pointer to the X509 stack object > with new > inserted X509 certificate. > - @param ... A list of DER-encoded single certificate data > followed > + @param[in] Args VA_LIST marker for the variable argument list. > + A list of DER-encoded single certificate data > followed > by certificate size. A NULL terminates the > list. The > pairs are the arguments to > X509ConstructCertificate(). > > @retval TRUE The X509 stack construction succeeded. > @retval FALSE The construction operation failed. > + @retval FALSE This interface is not supported. > > **/ > BOOLEAN > EFIAPI > -X509ConstructCertificateStack ( > - IN OUT UINT8 **X509Stack, > - ... > +X509ConstructCertificateStackV ( > + IN OUT UINT8 **X509Stack, > + IN VA_LIST Args > ) > { > UINT8 *Cert; > @@ -84,7 +87,6 @@ X509ConstructCertificateStack ( > X509 *X509Cert; > STACK_OF(X509) *CertStack; > BOOLEAN Status; > - VA_LIST Args; > UINTN Index; > > // > @@ -107,8 +109,6 @@ X509ConstructCertificateStack ( > } > } > > - VA_START (Args, X509Stack); > - > for (Index = 0; ; Index++) { > // > // If Cert is NULL, then it is the end of the list. > @@ -145,8 +145,6 @@ X509ConstructCertificateStack ( > sk_X509_push (CertStack, X509Cert); > } > > - VA_END (Args); > - > if (!Status) { > sk_X509_pop_free (CertStack, X509_free); > } else { > @@ -156,6 +154,38 @@ X509ConstructCertificateStack ( > return Status; > } > > +/** > + Construct a X509 stack object from a list of DER-encoded certificate data. > + > + If X509Stack is NULL, then return FALSE. > + > + @param[in, out] X509Stack On input, pointer to an existing or NULL X509 > stack object. > + On output, pointer to the X509 stack object > with new > + inserted X509 certificate. > + @param ... A list of DER-encoded single certificate data > followed > + by certificate size. A NULL terminates the > list. The > + pairs are the arguments to > X509ConstructCertificate(). > + > + @retval TRUE The X509 stack construction succeeded. > + @retval FALSE The construction operation failed. > + > +**/ > +BOOLEAN > +EFIAPI > +X509ConstructCertificateStack ( > + IN OUT UINT8 **X509Stack, > + ... > + ) > +{ > + VA_LIST Args; > + BOOLEAN Result; > + > + VA_START (Args, X509Stack); > + Result = X509ConstructCertificateStackV (X509Stack, Args); > + VA_END (Args); > + return Result; > +} > + > /** > Release the specified X509 object. > > diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c > index 5e59cb1634..14309825ed 100644 > --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c > @@ -2,7 +2,7 @@ > X.509 Certificate Handler Wrapper Implementation which does not provide > real capabilities. > > -Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR> > +Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.<BR> > SPDX-License-Identifier: BSD-2-Clause-Patent > > **/ > @@ -33,6 +33,36 @@ X509ConstructCertificate ( > return FALSE; > } > > +/** > + Construct a X509 stack object from a list of DER-encoded certificate data. > + > + If X509Stack is NULL, then return FALSE. > + If this interface is not supported, then return FALSE. > + > + @param[in, out] X509Stack On input, pointer to an existing or NULL X509 > stack object. > + On output, pointer to the X509 stack object > with new > + inserted X509 certificate. > + @param[in] Args VA_LIST marker for the variable argument list. > + A list of DER-encoded single certificate data > followed > + by certificate size. A NULL terminates the > list. The > + pairs are the arguments to > X509ConstructCertificate(). > + > + @retval TRUE The X509 stack construction succeeded. > + @retval FALSE The construction operation failed. > + @retval FALSE This interface is not supported. > + > +**/ > +BOOLEAN > +EFIAPI > +X509ConstructCertificateStackV ( > + IN OUT UINT8 **X509Stack, > + IN VA_LIST Args > + ) > +{ > + ASSERT (FALSE); > + return FALSE; > +} > + > /** > Construct a X509 stack object from a list of DER-encoded certificate data. > > diff --git a/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptX509Null.c > b/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptX509Null.c > index 5e59cb1634..14309825ed 100644 > --- a/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptX509Null.c > +++ b/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptX509Null.c > @@ -2,7 +2,7 @@ > X.509 Certificate Handler Wrapper Implementation which does not provide > real capabilities. > > -Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR> > +Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.<BR> > SPDX-License-Identifier: BSD-2-Clause-Patent > > **/ > @@ -33,6 +33,36 @@ X509ConstructCertificate ( > return FALSE; > } > > +/** > + Construct a X509 stack object from a list of DER-encoded certificate data. > + > + If X509Stack is NULL, then return FALSE. > + If this interface is not supported, then return FALSE. > + > + @param[in, out] X509Stack On input, pointer to an existing or NULL X509 > stack object. > + On output, pointer to the X509 stack object > with new > + inserted X509 certificate. > + @param[in] Args VA_LIST marker for the variable argument list. > + A list of DER-encoded single certificate data > followed > + by certificate size. A NULL terminates the > list. The > + pairs are the arguments to > X509ConstructCertificate(). > + > + @retval TRUE The X509 stack construction succeeded. > + @retval FALSE The construction operation failed. > + @retval FALSE This interface is not supported. > + > +**/ > +BOOLEAN > +EFIAPI > +X509ConstructCertificateStackV ( > + IN OUT UINT8 **X509Stack, > + IN VA_LIST Args > + ) > +{ > + ASSERT (FALSE); > + return FALSE; > +} > + > /** > Construct a X509 stack object from a list of DER-encoded certificate data. > > -- > 2.21.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#53708): https://edk2.groups.io/g/devel/message/53708 Mute This Topic: https://groups.io/mt/70266458/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-