From: "Wang, Jian J" <jian.j.wang@intel.com>
To: "Kinney, Michael D" <michael.d.kinney@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: "Lu, XiaoyuX" <xiaoyux.lu@intel.com>
Subject: Re: [Patch 1/5] CryptoPkg/BaseCryptLib: Add X509ConstructCertificateStackV().
Date: Tue, 4 Feb 2020 07:31:36 +0000 [thread overview]
Message-ID: <D827630B58408649ACB04F44C510003625A0750C@SHSMSX107.ccr.corp.intel.com> (raw)
In-Reply-To: <20200130070037.8516-2-michael.d.kinney@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Regards,
Jian
> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney@intel.com>
> Sent: Thursday, January 30, 2020 3:01 PM
> To: devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>
> Subject: [Patch 1/5] CryptoPkg/BaseCryptLib: Add
> X509ConstructCertificateStackV().
>
> https://bugzilla.tianocore.org/show_bug.cgi?id=2420
>
> Add X509ConstructCertificateStackV() to BaseCryptLib that is
> identical in behavior to X509ConstructCertificateStack(), but
> it takes a VA_LIST parameter for the variable argument list.
>
> The VA_LIST form of this function is required for BaseCryptLib
> functions to be wrapped in a Protocol/PPI.
>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
> ---
> CryptoPkg/Include/Library/BaseCryptLib.h | 26 ++++++++++
> CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 50 +++++++++++++++----
> .../Library/BaseCryptLib/Pk/CryptX509Null.c | 32 +++++++++++-
> .../BaseCryptLibNull/Pk/CryptX509Null.c | 32 +++++++++++-
> 4 files changed, 128 insertions(+), 12 deletions(-)
>
> diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h
> b/CryptoPkg/Include/Library/BaseCryptLib.h
> index 8320fddc4c..5e8f2e0a10 100644
> --- a/CryptoPkg/Include/Library/BaseCryptLib.h
> +++ b/CryptoPkg/Include/Library/BaseCryptLib.h
> @@ -2371,6 +2371,32 @@ X509ConstructCertificate (
> OUT UINT8 **SingleX509Cert
> );
>
> +/**
> + Construct a X509 stack object from a list of DER-encoded certificate data.
> +
> + If X509Stack is NULL, then return FALSE.
> + If this interface is not supported, then return FALSE.
> +
> + @param[in, out] X509Stack On input, pointer to an existing or NULL X509
> stack object.
> + On output, pointer to the X509 stack object with new
> + inserted X509 certificate.
> + @param[in] Args VA_LIST marker for the variable argument list.
> + A list of DER-encoded single certificate data followed
> + by certificate size. A NULL terminates the list. The
> + pairs are the arguments to X509ConstructCertificate().
> +
> + @retval TRUE The X509 stack construction succeeded.
> + @retval FALSE The construction operation failed.
> + @retval FALSE This interface is not supported.
> +
> +**/
> +BOOLEAN
> +EFIAPI
> +X509ConstructCertificateStackV (
> + IN OUT UINT8 **X509Stack,
> + IN VA_LIST Args
> + );
> +
> /**
> Construct a X509 stack object from a list of DER-encoded certificate data.
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
> b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
> index 9b5579e71a..b1393a89c5 100644
> --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
> +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
> @@ -1,7 +1,7 @@
> /** @file
> X.509 Certificate Handler Wrapper Implementation over OpenSSL.
>
> -Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
> SPDX-License-Identifier: BSD-2-Clause-Patent
>
> **/
> @@ -60,23 +60,26 @@ X509ConstructCertificate (
> Construct a X509 stack object from a list of DER-encoded certificate data.
>
> If X509Stack is NULL, then return FALSE.
> + If this interface is not supported, then return FALSE.
>
> @param[in, out] X509Stack On input, pointer to an existing or NULL X509
> stack object.
> On output, pointer to the X509 stack object with new
> inserted X509 certificate.
> - @param ... A list of DER-encoded single certificate data followed
> + @param[in] Args VA_LIST marker for the variable argument list.
> + A list of DER-encoded single certificate data followed
> by certificate size. A NULL terminates the list. The
> pairs are the arguments to X509ConstructCertificate().
>
> @retval TRUE The X509 stack construction succeeded.
> @retval FALSE The construction operation failed.
> + @retval FALSE This interface is not supported.
>
> **/
> BOOLEAN
> EFIAPI
> -X509ConstructCertificateStack (
> - IN OUT UINT8 **X509Stack,
> - ...
> +X509ConstructCertificateStackV (
> + IN OUT UINT8 **X509Stack,
> + IN VA_LIST Args
> )
> {
> UINT8 *Cert;
> @@ -84,7 +87,6 @@ X509ConstructCertificateStack (
> X509 *X509Cert;
> STACK_OF(X509) *CertStack;
> BOOLEAN Status;
> - VA_LIST Args;
> UINTN Index;
>
> //
> @@ -107,8 +109,6 @@ X509ConstructCertificateStack (
> }
> }
>
> - VA_START (Args, X509Stack);
> -
> for (Index = 0; ; Index++) {
> //
> // If Cert is NULL, then it is the end of the list.
> @@ -145,8 +145,6 @@ X509ConstructCertificateStack (
> sk_X509_push (CertStack, X509Cert);
> }
>
> - VA_END (Args);
> -
> if (!Status) {
> sk_X509_pop_free (CertStack, X509_free);
> } else {
> @@ -156,6 +154,38 @@ X509ConstructCertificateStack (
> return Status;
> }
>
> +/**
> + Construct a X509 stack object from a list of DER-encoded certificate data.
> +
> + If X509Stack is NULL, then return FALSE.
> +
> + @param[in, out] X509Stack On input, pointer to an existing or NULL X509
> stack object.
> + On output, pointer to the X509 stack object with new
> + inserted X509 certificate.
> + @param ... A list of DER-encoded single certificate data followed
> + by certificate size. A NULL terminates the list. The
> + pairs are the arguments to X509ConstructCertificate().
> +
> + @retval TRUE The X509 stack construction succeeded.
> + @retval FALSE The construction operation failed.
> +
> +**/
> +BOOLEAN
> +EFIAPI
> +X509ConstructCertificateStack (
> + IN OUT UINT8 **X509Stack,
> + ...
> + )
> +{
> + VA_LIST Args;
> + BOOLEAN Result;
> +
> + VA_START (Args, X509Stack);
> + Result = X509ConstructCertificateStackV (X509Stack, Args);
> + VA_END (Args);
> + return Result;
> +}
> +
> /**
> Release the specified X509 object.
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c
> b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c
> index 5e59cb1634..14309825ed 100644
> --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c
> +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c
> @@ -2,7 +2,7 @@
> X.509 Certificate Handler Wrapper Implementation which does not provide
> real capabilities.
>
> -Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.<BR>
> SPDX-License-Identifier: BSD-2-Clause-Patent
>
> **/
> @@ -33,6 +33,36 @@ X509ConstructCertificate (
> return FALSE;
> }
>
> +/**
> + Construct a X509 stack object from a list of DER-encoded certificate data.
> +
> + If X509Stack is NULL, then return FALSE.
> + If this interface is not supported, then return FALSE.
> +
> + @param[in, out] X509Stack On input, pointer to an existing or NULL X509
> stack object.
> + On output, pointer to the X509 stack object with new
> + inserted X509 certificate.
> + @param[in] Args VA_LIST marker for the variable argument list.
> + A list of DER-encoded single certificate data followed
> + by certificate size. A NULL terminates the list. The
> + pairs are the arguments to X509ConstructCertificate().
> +
> + @retval TRUE The X509 stack construction succeeded.
> + @retval FALSE The construction operation failed.
> + @retval FALSE This interface is not supported.
> +
> +**/
> +BOOLEAN
> +EFIAPI
> +X509ConstructCertificateStackV (
> + IN OUT UINT8 **X509Stack,
> + IN VA_LIST Args
> + )
> +{
> + ASSERT (FALSE);
> + return FALSE;
> +}
> +
> /**
> Construct a X509 stack object from a list of DER-encoded certificate data.
>
> diff --git a/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptX509Null.c
> b/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptX509Null.c
> index 5e59cb1634..14309825ed 100644
> --- a/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptX509Null.c
> +++ b/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptX509Null.c
> @@ -2,7 +2,7 @@
> X.509 Certificate Handler Wrapper Implementation which does not provide
> real capabilities.
>
> -Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.<BR>
> SPDX-License-Identifier: BSD-2-Clause-Patent
>
> **/
> @@ -33,6 +33,36 @@ X509ConstructCertificate (
> return FALSE;
> }
>
> +/**
> + Construct a X509 stack object from a list of DER-encoded certificate data.
> +
> + If X509Stack is NULL, then return FALSE.
> + If this interface is not supported, then return FALSE.
> +
> + @param[in, out] X509Stack On input, pointer to an existing or NULL X509
> stack object.
> + On output, pointer to the X509 stack object with new
> + inserted X509 certificate.
> + @param[in] Args VA_LIST marker for the variable argument list.
> + A list of DER-encoded single certificate data followed
> + by certificate size. A NULL terminates the list. The
> + pairs are the arguments to X509ConstructCertificate().
> +
> + @retval TRUE The X509 stack construction succeeded.
> + @retval FALSE The construction operation failed.
> + @retval FALSE This interface is not supported.
> +
> +**/
> +BOOLEAN
> +EFIAPI
> +X509ConstructCertificateStackV (
> + IN OUT UINT8 **X509Stack,
> + IN VA_LIST Args
> + )
> +{
> + ASSERT (FALSE);
> + return FALSE;
> +}
> +
> /**
> Construct a X509 stack object from a list of DER-encoded certificate data.
>
> --
> 2.21.0.windows.1
next prev parent reply other threads:[~2020-02-04 7:31 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-30 7:00 [Patch 0/5] CryptoPkg: Add modules that produce BaseCryptLib services Michael D Kinney
2020-01-30 7:00 ` [Patch 1/5] CryptoPkg/BaseCryptLib: Add X509ConstructCertificateStackV() Michael D Kinney
2020-02-04 7:31 ` Wang, Jian J [this message]
2020-01-30 7:00 ` [Patch 2/5] CryptoPkg: Add EDK II Crypto Protocols/PPIs/PCDs Michael D Kinney
2020-02-04 7:59 ` Wang, Jian J
2020-02-05 1:04 ` Michael D Kinney
2020-01-30 7:00 ` [Patch 3/5] CryptoPkg/Driver: Add Crypto PEIM, DXE, and SMM modules Michael D Kinney
2020-01-30 13:53 ` [edk2-devel] " Laszlo Ersek
2020-01-30 17:10 ` Michael D Kinney
2020-01-30 17:25 ` Laszlo Ersek
2020-02-04 8:16 ` Wang, Jian J
2020-02-05 1:38 ` Michael D Kinney
2020-01-30 7:00 ` [Patch 4/5] CryptoPkg/Library: Add BaseCryptLibOnProtocolPpi instances Michael D Kinney
2020-02-04 9:00 ` Wang, Jian J
2020-02-05 1:39 ` Michael D Kinney
2020-01-30 7:00 ` [Patch 5/5] CryptoPkg/CryptoPkg.dsc: Add build of Crypto libraries/modules Michael D Kinney
2020-02-04 9:01 ` Wang, Jian J
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=D827630B58408649ACB04F44C510003625A0750C@SHSMSX107.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox