1. Adjust SignedData to comply with latest UEFI spec: 1) remove SignerInfo.authenticatedAttributes; 2) remove SignedData.contentInfo.content;
2. Fix some coding style problems.
Signed-off-by: tye
Reviewed-by: hhuan13
Reviewed-by: qlong
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12349 6f19259b-4bc3-4df7-8a09-765794883524
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c
index 816ae53..e866284 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c
@@ -30,15 +30,19 @@
@retval 0 Verification failed.
**/
-STATIC int X509VerifyCb (int Status, X509_STORE_CTX *Context)
+int
+X509VerifyCb (
+ IN int Status,
+ IN X509_STORE_CTX *Context
+ )
{
X509_OBJECT *Obj;
- int Error;
- int Index;
- int Count;
+ INTN Error;
+ INTN Index;
+ INTN Count;
Obj = NULL;
- Error = X509_STORE_CTX_get_error (Context);
+ Error = (INTN) X509_STORE_CTX_get_error (Context);
//
// X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT and X509_V_ERR_UNABLE_TO_GET_ISSUER_
@@ -70,9 +74,9 @@
// pass the certificate verification.
//
if (Error == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY) {
- Count = sk_X509_num (Context->chain);
+ Count = (INTN) sk_X509_num (Context->chain);
for (Index = 0; Index < Count; Index++) {
- Obj->data.x509 = sk_X509_value (Context->chain, Index);
+ Obj->data.x509 = sk_X509_value (Context->chain, (int) Index);
if (X509_OBJECT_retrieve_match (Context->ctx->objs, Obj)) {
Status = 1;
break;
@@ -203,7 +207,7 @@
Key,
(STACK_OF(X509) *) OtherCerts,
DataBio,
- PKCS7_BINARY
+ PKCS7_BINARY | PKCS7_NOATTR | PKCS7_DETACHED
);
if (Pkcs7 == NULL) {
goto _Exit;