From nobody Mon Feb 9 02:12:30 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+53561+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+53561+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1580367649657695.7450715667779; Wed, 29 Jan 2020 23:00:49 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id zynLYY1788612x2CnqlRBk4m; Wed, 29 Jan 2020 23:00:48 -0800 X-Received: from mga03.intel.com (mga03.intel.com []) by mx.groups.io with SMTP id smtpd.web11.4622.1580367646496651347 for ; Wed, 29 Jan 2020 23:00:47 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 29 Jan 2020 23:00:40 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.70,380,1574150400"; d="scan'208";a="224049729" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.254.44.187]) by fmsmga008.fm.intel.com with ESMTP; 29 Jan 2020 23:00:40 -0800 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Jian J Wang , Xiaoyu Lu Subject: [edk2-devel] [Patch 1/5] CryptoPkg/BaseCryptLib: Add X509ConstructCertificateStackV(). Date: Wed, 29 Jan 2020 23:00:33 -0800 Message-Id: <20200130070037.8516-2-michael.d.kinney@intel.com> In-Reply-To: <20200130070037.8516-1-michael.d.kinney@intel.com> References: <20200130070037.8516-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: kMkiwWpD41tVe9mNxj5Jgv2Bx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1580367648; bh=mve1+S6KQTKZ+yR9EuJ8+XiqkuANhDIOwXkh0dq/GoE=; h=Cc:Date:From:Reply-To:Subject:To; b=Rk1PXt8CYrfzMldCOXPZe/vcLxx0TkeV/9tyzcw5HaN9tX0tF0Y7Uy+a8g2soGkeYCD o1XhwjYd+d174411BkpFmQPWmlDik8O6ho7JAMInQZIX7DRJjm+kGX+om7lhXOiEWHOu/ Eworm/TOBfqEpaahaLy1/vSJU1NpvCEZCfU= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2420 Add X509ConstructCertificateStackV() to BaseCryptLib that is identical in behavior to X509ConstructCertificateStack(), but it takes a VA_LIST parameter for the variable argument list. The VA_LIST form of this function is required for BaseCryptLib functions to be wrapped in a Protocol/PPI. Cc: Jian J Wang Cc: Xiaoyu Lu Signed-off-by: Michael D Kinney Reviewed-by: Jian J Wang --- CryptoPkg/Include/Library/BaseCryptLib.h | 26 ++++++++++ CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 50 +++++++++++++++---- .../Library/BaseCryptLib/Pk/CryptX509Null.c | 32 +++++++++++- .../BaseCryptLibNull/Pk/CryptX509Null.c | 32 +++++++++++- 4 files changed, 128 insertions(+), 12 deletions(-) diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/L= ibrary/BaseCryptLib.h index 8320fddc4c..5e8f2e0a10 100644 --- a/CryptoPkg/Include/Library/BaseCryptLib.h +++ b/CryptoPkg/Include/Library/BaseCryptLib.h @@ -2371,6 +2371,32 @@ X509ConstructCertificate ( OUT UINT8 **SingleX509Cert ); =20 +/** + Construct a X509 stack object from a list of DER-encoded certificate dat= a. + + If X509Stack is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] X509Stack On input, pointer to an existing or NULL X50= 9 stack object. + On output, pointer to the X509 stack object = with new + inserted X509 certificate. + @param[in] Args VA_LIST marker for the variable argument lis= t. + A list of DER-encoded single certificate dat= a followed + by certificate size. A NULL terminates the l= ist. The + pairs are the arguments to X509ConstructCert= ificate(). + + @retval TRUE The X509 stack construction succeeded. + @retval FALSE The construction operation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +X509ConstructCertificateStackV ( + IN OUT UINT8 **X509Stack, + IN VA_LIST Args + ); + /** Construct a X509 stack object from a list of DER-encoded certificate dat= a. =20 diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Libr= ary/BaseCryptLib/Pk/CryptX509.c index 9b5579e71a..b1393a89c5 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -1,7 +1,7 @@ /** @file X.509 Certificate Handler Wrapper Implementation over OpenSSL. =20 -Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -60,23 +60,26 @@ X509ConstructCertificate ( Construct a X509 stack object from a list of DER-encoded certificate dat= a. =20 If X509Stack is NULL, then return FALSE. + If this interface is not supported, then return FALSE. =20 @param[in, out] X509Stack On input, pointer to an existing or NULL X50= 9 stack object. On output, pointer to the X509 stack object = with new inserted X509 certificate. - @param ... A list of DER-encoded single certificate dat= a followed + @param[in] Args VA_LIST marker for the variable argument lis= t. + A list of DER-encoded single certificate dat= a followed by certificate size. A NULL terminates the l= ist. The pairs are the arguments to X509ConstructCert= ificate(). =20 @retval TRUE The X509 stack construction succeeded. @retval FALSE The construction operation failed. + @retval FALSE This interface is not supported. =20 **/ BOOLEAN EFIAPI -X509ConstructCertificateStack ( - IN OUT UINT8 **X509Stack, - ... +X509ConstructCertificateStackV ( + IN OUT UINT8 **X509Stack, + IN VA_LIST Args ) { UINT8 *Cert; @@ -84,7 +87,6 @@ X509ConstructCertificateStack ( X509 *X509Cert; STACK_OF(X509) *CertStack; BOOLEAN Status; - VA_LIST Args; UINTN Index; =20 // @@ -107,8 +109,6 @@ X509ConstructCertificateStack ( } } =20 - VA_START (Args, X509Stack); - for (Index =3D 0; ; Index++) { // // If Cert is NULL, then it is the end of the list. @@ -145,8 +145,6 @@ X509ConstructCertificateStack ( sk_X509_push (CertStack, X509Cert); } =20 - VA_END (Args); - if (!Status) { sk_X509_pop_free (CertStack, X509_free); } else { @@ -156,6 +154,38 @@ X509ConstructCertificateStack ( return Status; } =20 +/** + Construct a X509 stack object from a list of DER-encoded certificate dat= a. + + If X509Stack is NULL, then return FALSE. + + @param[in, out] X509Stack On input, pointer to an existing or NULL X50= 9 stack object. + On output, pointer to the X509 stack object = with new + inserted X509 certificate. + @param ... A list of DER-encoded single certificate dat= a followed + by certificate size. A NULL terminates the l= ist. The + pairs are the arguments to X509ConstructCert= ificate(). + + @retval TRUE The X509 stack construction succeeded. + @retval FALSE The construction operation failed. + +**/ +BOOLEAN +EFIAPI +X509ConstructCertificateStack ( + IN OUT UINT8 **X509Stack, + ... + ) +{ + VA_LIST Args; + BOOLEAN Result; + + VA_START (Args, X509Stack); + Result =3D X509ConstructCertificateStackV (X509Stack, Args); + VA_END (Args); + return Result; +} + /** Release the specified X509 object. =20 diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c b/CryptoPkg/= Library/BaseCryptLib/Pk/CryptX509Null.c index 5e59cb1634..14309825ed 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c @@ -2,7 +2,7 @@ X.509 Certificate Handler Wrapper Implementation which does not provide real capabilities. =20 -Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -33,6 +33,36 @@ X509ConstructCertificate ( return FALSE; } =20 +/** + Construct a X509 stack object from a list of DER-encoded certificate dat= a. + + If X509Stack is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] X509Stack On input, pointer to an existing or NULL X50= 9 stack object. + On output, pointer to the X509 stack object = with new + inserted X509 certificate. + @param[in] Args VA_LIST marker for the variable argument lis= t. + A list of DER-encoded single certificate dat= a followed + by certificate size. A NULL terminates the l= ist. The + pairs are the arguments to X509ConstructCert= ificate(). + + @retval TRUE The X509 stack construction succeeded. + @retval FALSE The construction operation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +X509ConstructCertificateStackV ( + IN OUT UINT8 **X509Stack, + IN VA_LIST Args + ) +{ + ASSERT (FALSE); + return FALSE; +} + /** Construct a X509 stack object from a list of DER-encoded certificate dat= a. =20 diff --git a/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptX509Null.c b/Crypto= Pkg/Library/BaseCryptLibNull/Pk/CryptX509Null.c index 5e59cb1634..14309825ed 100644 --- a/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptX509Null.c +++ b/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptX509Null.c @@ -2,7 +2,7 @@ X.509 Certificate Handler Wrapper Implementation which does not provide real capabilities. =20 -Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -33,6 +33,36 @@ X509ConstructCertificate ( return FALSE; } =20 +/** + Construct a X509 stack object from a list of DER-encoded certificate dat= a. + + If X509Stack is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] X509Stack On input, pointer to an existing or NULL X50= 9 stack object. + On output, pointer to the X509 stack object = with new + inserted X509 certificate. + @param[in] Args VA_LIST marker for the variable argument lis= t. + A list of DER-encoded single certificate dat= a followed + by certificate size. A NULL terminates the l= ist. The + pairs are the arguments to X509ConstructCert= ificate(). + + @retval TRUE The X509 stack construction succeeded. + @retval FALSE The construction operation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +X509ConstructCertificateStackV ( + IN OUT UINT8 **X509Stack, + IN VA_LIST Args + ) +{ + ASSERT (FALSE); + return FALSE; +} + /** Construct a X509 stack object from a list of DER-encoded certificate dat= a. =20 --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#53561): https://edk2.groups.io/g/devel/message/53561 Mute This Topic: https://groups.io/mt/70266458/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-