mirror of https://github.com/acidanthera/audk.git
CryptoPkg Updates to support RFC3161 timestamp signature verification.
The main changes includes: 1. Enabling SHA384 and SHA512 digest algorithm; (Sha512.c) 2. RFC 3161 timestamp signature verification support; (CryptTs.c) 3. Fixed one ASN.1 length encoding issue in Authenticode verification routine. (CryptAuthenticode.c) 4. Add the corresponding test cases in Cryptest utility (SHA384 & SHA512 & Timestamp verification) Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> Reviewed-by: Ting Ye <ting.ye@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16339 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
parent
bcbdc75535
commit
2ac68e8b54
|
@ -1,7 +1,7 @@
|
||||||
/** @file
|
/** @file
|
||||||
Application for Cryptographic Primitives Validation.
|
Application for Cryptographic Primitives Validation.
|
||||||
|
|
||||||
Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
|
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
This program and the accompanying materials
|
This program and the accompanying materials
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
|
@ -73,6 +73,11 @@ CryptestMain (
|
||||||
return Status;
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Status = ValidateTSCounterSignature ();
|
||||||
|
if (EFI_ERROR (Status)) {
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
Status = ValidateCryptDh ();
|
Status = ValidateCryptDh ();
|
||||||
if (EFI_ERROR (Status)) {
|
if (EFI_ERROR (Status)) {
|
||||||
return Status;
|
return Status;
|
||||||
|
@ -84,4 +89,4 @@ CryptestMain (
|
||||||
}
|
}
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
return EFI_SUCCESS;
|
||||||
}
|
}
|
|
@ -1,7 +1,7 @@
|
||||||
/** @file
|
/** @file
|
||||||
Application for Cryptographic Primitives Validation.
|
Application for Cryptographic Primitives Validation.
|
||||||
|
|
||||||
Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
|
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
This program and the accompanying materials
|
This program and the accompanying materials
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
|
@ -108,6 +108,18 @@ ValidateAuthenticode (
|
||||||
VOID
|
VOID
|
||||||
);
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
Validate UEFI-OpenSSL RFC3161 Timestamp CounterSignature Verification Interfaces.
|
||||||
|
|
||||||
|
@retval EFI_SUCCESS Validation succeeded.
|
||||||
|
@retval EFI_ABORTED Validation failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
ValidateTSCounterSignature (
|
||||||
|
VOID
|
||||||
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
Validate UEFI-OpenSSL DH Interfaces.
|
Validate UEFI-OpenSSL DH Interfaces.
|
||||||
|
|
||||||
|
@ -132,4 +144,4 @@ ValidateCryptPrng (
|
||||||
VOID
|
VOID
|
||||||
);
|
);
|
||||||
|
|
||||||
#endif
|
#endif
|
|
@ -38,6 +38,7 @@
|
||||||
RsaVerify.c
|
RsaVerify.c
|
||||||
RsaVerify2.c
|
RsaVerify2.c
|
||||||
AuthenticodeVerify.c
|
AuthenticodeVerify.c
|
||||||
|
TSVerify.c
|
||||||
DhVerify.c
|
DhVerify.c
|
||||||
RandVerify.c
|
RandVerify.c
|
||||||
|
|
||||||
|
@ -57,4 +58,4 @@
|
||||||
|
|
||||||
[UserExtensions.TianoCore."ExtraFiles"]
|
[UserExtensions.TianoCore."ExtraFiles"]
|
||||||
CryptestExtra.uni
|
CryptestExtra.uni
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
/** @file
|
/** @file
|
||||||
Application for Diffie-Hellman Primitives Validation.
|
Application for Diffie-Hellman Primitives Validation.
|
||||||
|
|
||||||
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
|
Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
This program and the accompanying materials
|
This program and the accompanying materials
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
|
@ -41,6 +41,14 @@ ValidateCryptDh (
|
||||||
|
|
||||||
Print (L"\nUEFI-OpenSSL DH Engine Testing:\n");
|
Print (L"\nUEFI-OpenSSL DH Engine Testing:\n");
|
||||||
|
|
||||||
|
//
|
||||||
|
// Initialize Key Length
|
||||||
|
//
|
||||||
|
PublicKey1Length = sizeof (PublicKey1);
|
||||||
|
PublicKey2Length = sizeof (PublicKey2);
|
||||||
|
Key1Length = sizeof (Key1);
|
||||||
|
Key2Length = sizeof (Key2);
|
||||||
|
|
||||||
//
|
//
|
||||||
// Generate & Initialize DH Context
|
// Generate & Initialize DH Context
|
||||||
//
|
//
|
||||||
|
@ -114,4 +122,4 @@ ValidateCryptDh (
|
||||||
Print (L"[Pass]\n");
|
Print (L"[Pass]\n");
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
return EFI_SUCCESS;
|
||||||
}
|
}
|
|
@ -1,7 +1,7 @@
|
||||||
/** @file
|
/** @file
|
||||||
Application for Hash Primitives Validation.
|
Application for Hash Primitives Validation.
|
||||||
|
|
||||||
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
|
Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
This program and the accompanying materials
|
This program and the accompanying materials
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
|
@ -54,6 +54,25 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Sha256Digest[SHA256_DIGEST_SIZE] = {
|
||||||
0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
|
0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
|
||||||
};
|
};
|
||||||
|
|
||||||
|
//
|
||||||
|
// Result for SHA-384("abc"). (From "D.1 SHA-384 Example" of NIST FIPS 180-2)
|
||||||
|
//
|
||||||
|
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Sha384Digest[SHA384_DIGEST_SIZE] = {
|
||||||
|
0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b, 0xb5, 0xa0, 0x3d, 0x69, 0x9a, 0xc6, 0x50, 0x07,
|
||||||
|
0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63, 0x1a, 0x8b, 0x60, 0x5a, 0x43, 0xff, 0x5b, 0xed,
|
||||||
|
0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23, 0x58, 0xba, 0xec, 0xa1, 0x34, 0xc8, 0x25, 0xa7
|
||||||
|
};
|
||||||
|
|
||||||
|
//
|
||||||
|
// Result for SHA-512("abc"). (From "C.1 SHA-512 Example" of NIST FIPS 180-2)
|
||||||
|
//
|
||||||
|
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Sha512Digest[SHA512_DIGEST_SIZE] = {
|
||||||
|
0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba, 0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31,
|
||||||
|
0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2, 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a,
|
||||||
|
0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8, 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd,
|
||||||
|
0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e, 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f
|
||||||
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
Validate UEFI-OpenSSL Digest Interfaces.
|
Validate UEFI-OpenSSL Digest Interfaces.
|
||||||
|
|
||||||
|
@ -76,7 +95,7 @@ ValidateCryptDigest (
|
||||||
DataSize = AsciiStrLen (HashData);
|
DataSize = AsciiStrLen (HashData);
|
||||||
|
|
||||||
Print (L"- MD4: ");
|
Print (L"- MD4: ");
|
||||||
|
|
||||||
//
|
//
|
||||||
// MD4 Digest Validation
|
// MD4 Digest Validation
|
||||||
//
|
//
|
||||||
|
@ -234,6 +253,86 @@ ValidateCryptDigest (
|
||||||
}
|
}
|
||||||
|
|
||||||
Print (L"[Pass]\n");
|
Print (L"[Pass]\n");
|
||||||
|
|
||||||
|
Print (L"- SHA384: ");
|
||||||
|
|
||||||
|
//
|
||||||
|
// SHA384 Digest Validation
|
||||||
|
//
|
||||||
|
ZeroMem (Digest, MAX_DIGEST_SIZE);
|
||||||
|
CtxSize = Sha384GetContextSize ();
|
||||||
|
HashCtx = AllocatePool (CtxSize);
|
||||||
|
|
||||||
|
Print (L"Init... ");
|
||||||
|
Status = Sha384Init (HashCtx);
|
||||||
|
if (!Status) {
|
||||||
|
Print (L"[Fail]");
|
||||||
|
return EFI_ABORTED;
|
||||||
|
}
|
||||||
|
|
||||||
|
Print (L"Update... ");
|
||||||
|
Status = Sha384Update (HashCtx, HashData, DataSize);
|
||||||
|
if (!Status) {
|
||||||
|
Print (L"[Fail]");
|
||||||
|
return EFI_ABORTED;
|
||||||
|
}
|
||||||
|
|
||||||
|
Print (L"Finalize... ");
|
||||||
|
Status = Sha384Final (HashCtx, Digest);
|
||||||
|
if (!Status) {
|
||||||
|
Print (L"[Fail]");
|
||||||
|
return EFI_ABORTED;
|
||||||
|
}
|
||||||
|
|
||||||
|
FreePool (HashCtx);
|
||||||
|
|
||||||
|
Print (L"Check Value... ");
|
||||||
|
if (CompareMem (Digest, Sha384Digest, SHA384_DIGEST_SIZE) != 0) {
|
||||||
|
Print (L"[Fail]");
|
||||||
|
return EFI_ABORTED;
|
||||||
|
}
|
||||||
|
|
||||||
|
Print (L"[Pass]\n");
|
||||||
|
|
||||||
|
Print (L"- SHA512: ");
|
||||||
|
|
||||||
|
//
|
||||||
|
// SHA512 Digest Validation
|
||||||
|
//
|
||||||
|
ZeroMem (Digest, MAX_DIGEST_SIZE);
|
||||||
|
CtxSize = Sha512GetContextSize ();
|
||||||
|
HashCtx = AllocatePool (CtxSize);
|
||||||
|
|
||||||
|
Print (L"Init... ");
|
||||||
|
Status = Sha512Init (HashCtx);
|
||||||
|
if (!Status) {
|
||||||
|
Print (L"[Fail]");
|
||||||
|
return EFI_ABORTED;
|
||||||
|
}
|
||||||
|
|
||||||
|
Print (L"Update... ");
|
||||||
|
Status = Sha512Update (HashCtx, HashData, DataSize);
|
||||||
|
if (!Status) {
|
||||||
|
Print (L"[Fail]");
|
||||||
|
return EFI_ABORTED;
|
||||||
|
}
|
||||||
|
|
||||||
|
Print (L"Finalize... ");
|
||||||
|
Status = Sha512Final (HashCtx, Digest);
|
||||||
|
if (!Status) {
|
||||||
|
Print (L"[Fail]");
|
||||||
|
return EFI_ABORTED;
|
||||||
|
}
|
||||||
|
|
||||||
|
FreePool (HashCtx);
|
||||||
|
|
||||||
|
Print (L"Check Value... ");
|
||||||
|
if (CompareMem (Digest, Sha512Digest, SHA512_DIGEST_SIZE) != 0) {
|
||||||
|
Print (L"[Fail]");
|
||||||
|
return EFI_ABORTED;
|
||||||
|
}
|
||||||
|
|
||||||
|
Print (L"[Pass]\n");
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
return EFI_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,501 @@
|
||||||
|
/** @file
|
||||||
|
Sample Implementation for RFC3161 Time Stamping Verification.
|
||||||
|
|
||||||
|
Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
|
This program and the accompanying materials
|
||||||
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
|
http://opensource.org/licenses/bsd-license.php
|
||||||
|
|
||||||
|
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||||
|
|
||||||
|
**/
|
||||||
|
|
||||||
|
#include "Cryptest.h"
|
||||||
|
|
||||||
|
//
|
||||||
|
// Sample Authenticode Data with RFC3161 time stamping signature.
|
||||||
|
// The data retrieved from one signed sample UEFI image, which is generated by MSFT's signtool
|
||||||
|
// utility in conjunction with RFC3161 timestamping, as the following command:
|
||||||
|
// signtool sign /ac <xxx.cer> / f <xxx.pfx> /p <pass> /fd <digestAlg>
|
||||||
|
// /tr http://timestamp.comodoca.com/rfc3161 sample.efi
|
||||||
|
//
|
||||||
|
GLOBAL_REMOVE_IF_UNREFERENCED UINT8 AuthenticodeWithTS[] = {
|
||||||
|
0x30, 0x82, 0x0c, 0x00, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, 0xa0,
|
||||||
|
0x82, 0x0b, 0xf1, 0x30, 0x82, 0x0b, 0xed, 0x02, 0x01, 0x01, 0x31, 0x0f, 0x30, 0x0d, 0x06, 0x09,
|
||||||
|
0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x30, 0x78, 0x06, 0x0a, 0x2b,
|
||||||
|
0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x04, 0xa0, 0x6a, 0x30, 0x68, 0x30, 0x33, 0x06,
|
||||||
|
0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0f, 0x30, 0x25, 0x03, 0x01, 0x00,
|
||||||
|
0xa0, 0x20, 0xa2, 0x1e, 0x80, 0x1c, 0x00, 0x3c, 0x00, 0x3c, 0x00, 0x3c, 0x00, 0x4f, 0x00, 0x62,
|
||||||
|
0x00, 0x73, 0x00, 0x6f, 0x00, 0x6c, 0x00, 0x65, 0x00, 0x74, 0x00, 0x65, 0x00, 0x3e, 0x00, 0x3e,
|
||||||
|
0x00, 0x3e, 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02,
|
||||||
|
0x01, 0x05, 0x00, 0x04, 0x20, 0x1e, 0x9e, 0x74, 0x31, 0xe1, 0x3e, 0x51, 0x46, 0xab, 0xce, 0x10,
|
||||||
|
0x0d, 0x7c, 0x38, 0x66, 0x34, 0xd4, 0xdd, 0x04, 0xa5, 0xe7, 0x75, 0x40, 0xdd, 0x99, 0x73, 0xf3,
|
||||||
|
0x2a, 0x54, 0x3e, 0xa8, 0x18, 0xa0, 0x82, 0x01, 0xee, 0x30, 0x82, 0x01, 0xea, 0x30, 0x82, 0x01,
|
||||||
|
0x57, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0x2c, 0x65, 0xcf, 0xcf, 0xdd, 0x61, 0x7b, 0xa4,
|
||||||
|
0x41, 0xad, 0x26, 0x1b, 0x63, 0xce, 0x91, 0x0f, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02,
|
||||||
|
0x1d, 0x05, 0x00, 0x30, 0x13, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x08,
|
||||||
|
0x54, 0x65, 0x73, 0x74, 0x52, 0x6f, 0x6f, 0x74, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x34, 0x30, 0x37,
|
||||||
|
0x32, 0x38, 0x30, 0x37, 0x33, 0x38, 0x35, 0x39, 0x5a, 0x17, 0x0d, 0x33, 0x39, 0x31, 0x32, 0x33,
|
||||||
|
0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x12, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03,
|
||||||
|
0x55, 0x04, 0x03, 0x13, 0x07, 0x54, 0x65, 0x73, 0x74, 0x53, 0x75, 0x62, 0x30, 0x81, 0x9f, 0x30,
|
||||||
|
0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81,
|
||||||
|
0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0x94, 0xa6, 0x02, 0x15, 0x87, 0xd6, 0xbf,
|
||||||
|
0x71, 0xe8, 0xc6, 0x68, 0xf6, 0x9f, 0x66, 0x09, 0x6c, 0xe7, 0x39, 0x52, 0xf4, 0x4e, 0xaf, 0xf5,
|
||||||
|
0xe0, 0xba, 0x0f, 0xfd, 0xe6, 0x77, 0xa9, 0x71, 0x5b, 0x5c, 0x92, 0x50, 0x1d, 0xfd, 0x9b, 0x6e,
|
||||||
|
0x52, 0x92, 0x9e, 0x3a, 0x75, 0x86, 0x41, 0x2a, 0x41, 0x30, 0x1b, 0x67, 0x66, 0x91, 0xde, 0x71,
|
||||||
|
0x84, 0xe0, 0x90, 0xc3, 0x50, 0x36, 0x78, 0xb5, 0xa0, 0x1e, 0x72, 0xde, 0xe7, 0x66, 0x42, 0x4f,
|
||||||
|
0x59, 0x5e, 0x3d, 0xf3, 0x85, 0x82, 0x0b, 0xa8, 0x26, 0x2d, 0xd9, 0xe3, 0x14, 0xda, 0x9d, 0x2e,
|
||||||
|
0x3f, 0x53, 0x4d, 0x8d, 0x10, 0xbf, 0xa4, 0x7c, 0xe5, 0xaf, 0x3a, 0xa6, 0xaf, 0x49, 0x64, 0xb0,
|
||||||
|
0x60, 0x17, 0x87, 0x71, 0x77, 0x59, 0x52, 0xe5, 0x5a, 0xed, 0x96, 0x7d, 0x7e, 0x5d, 0xc1, 0xef,
|
||||||
|
0x6b, 0xfb, 0x80, 0xc5, 0x2b, 0x10, 0xfe, 0xe7, 0xd3, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x48,
|
||||||
|
0x30, 0x46, 0x30, 0x44, 0x06, 0x03, 0x55, 0x1d, 0x01, 0x04, 0x3d, 0x30, 0x3b, 0x80, 0x10, 0x19,
|
||||||
|
0x8d, 0x48, 0xa1, 0xb9, 0xf3, 0x5e, 0x3c, 0x13, 0xb4, 0x08, 0xb6, 0xd9, 0xf3, 0x4f, 0x0a, 0xa1,
|
||||||
|
0x15, 0x30, 0x13, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x08, 0x54, 0x65,
|
||||||
|
0x73, 0x74, 0x52, 0x6f, 0x6f, 0x74, 0x82, 0x10, 0x27, 0xcb, 0x16, 0x33, 0x8b, 0xed, 0x4d, 0xa8,
|
||||||
|
0x47, 0xf0, 0x86, 0x47, 0x10, 0xef, 0x15, 0xd9, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02,
|
||||||
|
0x1d, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x51, 0x94, 0xed, 0x7a, 0x5c, 0x0b, 0x34, 0x16, 0x9c,
|
||||||
|
0xf4, 0x5f, 0x88, 0x16, 0xa8, 0x4b, 0x13, 0xfc, 0xa4, 0x0a, 0xc7, 0xd9, 0x20, 0xb1, 0x93, 0xc5,
|
||||||
|
0x81, 0x4f, 0x35, 0x3a, 0x89, 0x10, 0x04, 0xc4, 0xcc, 0x10, 0x34, 0xc3, 0x15, 0x57, 0x06, 0x97,
|
||||||
|
0xee, 0x06, 0x2f, 0xf3, 0x24, 0xa1, 0xe6, 0x3a, 0x89, 0x4d, 0xb4, 0x7b, 0x12, 0x87, 0x90, 0x8c,
|
||||||
|
0xfc, 0x5b, 0xb0, 0xf0, 0xdd, 0xaa, 0x3a, 0x24, 0x6d, 0x55, 0x47, 0x8a, 0xf2, 0x61, 0x08, 0x7a,
|
||||||
|
0x59, 0x5f, 0x6e, 0x7b, 0xcb, 0x34, 0xbe, 0xb6, 0x5d, 0xcb, 0x60, 0xae, 0xc4, 0xda, 0x62, 0xbb,
|
||||||
|
0x7f, 0x17, 0x1e, 0x73, 0xd1, 0x4e, 0x9f, 0x6e, 0xd3, 0xc8, 0x35, 0x58, 0x30, 0xd2, 0x89, 0xe5,
|
||||||
|
0x22, 0x5e, 0x86, 0xac, 0x7a, 0x56, 0xd6, 0x70, 0xdb, 0x54, 0x10, 0x6c, 0xd3, 0xd5, 0x38, 0xfb,
|
||||||
|
0x69, 0xcb, 0x4f, 0x36, 0x83, 0xc2, 0xe8, 0x31, 0x82, 0x09, 0x69, 0x30, 0x82, 0x09, 0x65, 0x02,
|
||||||
|
0x01, 0x01, 0x30, 0x27, 0x30, 0x13, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
|
||||||
|
0x08, 0x54, 0x65, 0x73, 0x74, 0x52, 0x6f, 0x6f, 0x74, 0x02, 0x10, 0x2c, 0x65, 0xcf, 0xcf, 0xdd,
|
||||||
|
0x61, 0x7b, 0xa4, 0x41, 0xad, 0x26, 0x1b, 0x63, 0xce, 0x91, 0x0f, 0x30, 0x0d, 0x06, 0x09, 0x60,
|
||||||
|
0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0xa0, 0x5e, 0x30, 0x10, 0x06, 0x0a,
|
||||||
|
0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0c, 0x31, 0x02, 0x30, 0x00, 0x30, 0x19,
|
||||||
|
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x03, 0x31, 0x0c, 0x06, 0x0a, 0x2b,
|
||||||
|
0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x04, 0x30, 0x2f, 0x06, 0x09, 0x2a, 0x86, 0x48,
|
||||||
|
0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04, 0x31, 0x22, 0x04, 0x20, 0x97, 0x6e, 0x29, 0x47, 0xc4, 0x03,
|
||||||
|
0x68, 0x70, 0x1c, 0x99, 0x2c, 0x61, 0xb0, 0xbc, 0xde, 0x77, 0xe1, 0xa1, 0xeb, 0x4c, 0x1c, 0xac,
|
||||||
|
0x4c, 0x64, 0xf6, 0x43, 0x96, 0x94, 0x0b, 0xc0, 0xbb, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
|
||||||
|
0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x81, 0x80, 0x85, 0x93, 0xad, 0x93,
|
||||||
|
0x92, 0x9e, 0xa4, 0x94, 0x30, 0x02, 0xe1, 0xc8, 0xcd, 0x37, 0xb2, 0xe1, 0xcb, 0xb2, 0x0f, 0x1c,
|
||||||
|
0x67, 0xd1, 0xc9, 0xeb, 0x4d, 0x68, 0x85, 0x97, 0x5a, 0xa6, 0x0c, 0x03, 0xc7, 0x86, 0xae, 0xb3,
|
||||||
|
0x35, 0xb4, 0x1d, 0x0e, 0x95, 0x5f, 0xed, 0x37, 0x13, 0x6b, 0x1e, 0x94, 0x80, 0xf1, 0xac, 0x55,
|
||||||
|
0x73, 0xd1, 0x31, 0xf9, 0xad, 0x13, 0x7b, 0x26, 0xbf, 0xe7, 0x55, 0x7b, 0xb2, 0xf9, 0x21, 0x42,
|
||||||
|
0x23, 0x64, 0xe6, 0x45, 0x03, 0x67, 0xcb, 0x42, 0xd3, 0x71, 0x3f, 0xd5, 0x29, 0x17, 0x4b, 0x49,
|
||||||
|
0x45, 0x0e, 0x8b, 0xba, 0x1f, 0x15, 0x5a, 0x7f, 0x7b, 0x5e, 0x9b, 0x22, 0x46, 0xa7, 0x9c, 0x0d,
|
||||||
|
0x25, 0x9c, 0x76, 0x25, 0x02, 0xc8, 0x15, 0x00, 0x51, 0xe6, 0x73, 0x39, 0xac, 0x8d, 0x41, 0x7b,
|
||||||
|
0xc8, 0x42, 0xc9, 0xdb, 0x1b, 0x16, 0x13, 0xf6, 0x44, 0x32, 0xef, 0x17, 0xa1, 0x82, 0x08, 0x34,
|
||||||
|
0x30, 0x82, 0x08, 0x30, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x03, 0x03, 0x01,
|
||||||
|
0x31, 0x82, 0x08, 0x20,
|
||||||
|
0x30, 0x82, 0x08, 0x1c, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, 0xa0,
|
||||||
|
0x82, 0x08, 0x0d, 0x30, 0x82, 0x08, 0x09, 0x02, 0x01, 0x03, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x05,
|
||||||
|
0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x30, 0x81, 0xf6, 0x06, 0x0b, 0x2a, 0x86, 0x48, 0x86,
|
||||||
|
0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x04, 0xa0, 0x81, 0xe6, 0x04, 0x81, 0xe3, 0x30, 0x81, 0xe0,
|
||||||
|
0x02, 0x01, 0x01, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xb2, 0x31, 0x02, 0x01, 0x01, 0x30,
|
||||||
|
0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0xcd, 0x06,
|
||||||
|
0xf0, 0xbd, 0x8b, 0xcd, 0x5c, 0x2e, 0x5a, 0x7c, 0x42, 0x56, 0x2c, 0x20, 0x4a, 0x15, 0xcb, 0x1d,
|
||||||
|
0x8b, 0x0e, 0x02, 0x15, 0x00, 0xb6, 0xff, 0x47, 0x05, 0xb6, 0x2d, 0x15, 0xac, 0x3f, 0x5d, 0xd9,
|
||||||
|
0xcf, 0x9d, 0x54, 0x35, 0x56, 0x7c, 0xc1, 0x6e, 0x8b, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34, 0x30,
|
||||||
|
0x37, 0x32, 0x38, 0x30, 0x38, 0x35, 0x30, 0x30, 0x33, 0x5a, 0xa0, 0x81, 0x83, 0xa4, 0x81, 0x80,
|
||||||
|
0x30, 0x7e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, 0x42, 0x31,
|
||||||
|
0x1b, 0x30, 0x19, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x12, 0x47, 0x72, 0x65, 0x61, 0x74, 0x65,
|
||||||
|
0x72, 0x20, 0x4d, 0x61, 0x6e, 0x63, 0x68, 0x65, 0x73, 0x74, 0x65, 0x72, 0x31, 0x10, 0x30, 0x0e,
|
||||||
|
0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x53, 0x61, 0x6c, 0x66, 0x6f, 0x72, 0x64, 0x31, 0x1a,
|
||||||
|
0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x11, 0x43, 0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20,
|
||||||
|
0x43, 0x41, 0x20, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x65, 0x64, 0x31, 0x24, 0x30, 0x22, 0x06, 0x03,
|
||||||
|
0x55, 0x04, 0x03, 0x13, 0x1b, 0x43, 0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20, 0x54, 0x69, 0x6d, 0x65,
|
||||||
|
0x20, 0x53, 0x74, 0x61, 0x6d, 0x70, 0x69, 0x6e, 0x67, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x65, 0x72,
|
||||||
|
0xa0, 0x82, 0x04, 0x97, 0x30, 0x82, 0x04, 0x93, 0x30, 0x82, 0x03, 0x7b, 0xa0, 0x03, 0x02, 0x01,
|
||||||
|
0x02, 0x02, 0x10, 0x47, 0x8a, 0x8e, 0xfb, 0x59, 0xe1, 0xd8, 0x3f, 0x0c, 0xe1, 0x42, 0xd2, 0xa2,
|
||||||
|
0x87, 0x07, 0xbe, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
|
||||||
|
0x05, 0x00, 0x30, 0x81, 0x95, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
|
||||||
|
0x55, 0x53, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x02, 0x55, 0x54, 0x31,
|
||||||
|
0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x0e, 0x53, 0x61, 0x6c, 0x74, 0x20, 0x4c,
|
||||||
|
0x61, 0x6b, 0x65, 0x20, 0x43, 0x69, 0x74, 0x79, 0x31, 0x1e, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x04,
|
||||||
|
0x0a, 0x13, 0x15, 0x54, 0x68, 0x65, 0x20, 0x55, 0x53, 0x45, 0x52, 0x54, 0x52, 0x55, 0x53, 0x54,
|
||||||
|
0x20, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04,
|
||||||
|
0x0b, 0x13, 0x18, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x75, 0x73,
|
||||||
|
0x65, 0x72, 0x74, 0x72, 0x75, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1d, 0x30, 0x1b, 0x06,
|
||||||
|
0x03, 0x55, 0x04, 0x03, 0x13, 0x14, 0x55, 0x54, 0x4e, 0x2d, 0x55, 0x53, 0x45, 0x52, 0x46, 0x69,
|
||||||
|
0x72, 0x73, 0x74, 0x2d, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x30,
|
||||||
|
0x30, 0x35, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x31, 0x35, 0x30,
|
||||||
|
0x35, 0x31, 0x30, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x7e, 0x31, 0x0b, 0x30, 0x09,
|
||||||
|
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, 0x42, 0x31, 0x1b, 0x30, 0x19, 0x06, 0x03, 0x55,
|
||||||
|
0x04, 0x08, 0x13, 0x12, 0x47, 0x72, 0x65, 0x61, 0x74, 0x65, 0x72, 0x20, 0x4d, 0x61, 0x6e, 0x63,
|
||||||
|
0x68, 0x65, 0x73, 0x74, 0x65, 0x72, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13,
|
||||||
|
0x07, 0x53, 0x61, 0x6c, 0x66, 0x6f, 0x72, 0x64, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04,
|
||||||
|
0x0a, 0x13, 0x11, 0x43, 0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20, 0x43, 0x41, 0x20, 0x4c, 0x69, 0x6d,
|
||||||
|
0x69, 0x74, 0x65, 0x64, 0x31, 0x24, 0x30, 0x22, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x1b, 0x43,
|
||||||
|
0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20, 0x54, 0x69, 0x6d, 0x65, 0x20, 0x53, 0x74, 0x61, 0x6d, 0x70,
|
||||||
|
0x69, 0x6e, 0x67, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x65, 0x72, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d,
|
||||||
|
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01,
|
||||||
|
0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xbc, 0x35, 0xa0, 0x36, 0x70,
|
||||||
|
0x22, 0x81, 0x11, 0xc3, 0xb2, 0x83, 0xb9, 0xd3, 0x28, 0xc6, 0x36, 0xcd, 0x25, 0x6b, 0xa9, 0x7b,
|
||||||
|
0xb2, 0x1c, 0xf6, 0x9b, 0x51, 0x9c, 0xef, 0x35, 0xf4, 0xed, 0x08, 0x8e, 0x5e, 0x38, 0x08, 0xf8,
|
||||||
|
0x77, 0x3c, 0x0a, 0x42, 0xe0, 0xf3, 0x70, 0xdc, 0xa3, 0xd7, 0xca, 0xf5, 0x4c, 0x0b, 0xcf, 0xff,
|
||||||
|
0x22, 0x9c, 0x0a, 0x7e, 0x68, 0xd6, 0x09, 0xa2, 0x2a, 0x84, 0x7b, 0xa6, 0x9d, 0xb4, 0xa9, 0xc1,
|
||||||
|
0x33, 0xe2, 0xef, 0x1f, 0x17, 0x48, 0xca, 0x3a, 0xcd, 0x46, 0xe6, 0xc5, 0xaa, 0x77, 0xbd, 0xe3,
|
||||||
|
0x77, 0x9a, 0xfa, 0x47, 0x53, 0x40, 0x28, 0x59, 0x43, 0x93, 0xf1, 0xa4, 0x81, 0xea, 0xef, 0x80,
|
||||||
|
0xb5, 0x4f, 0xa7, 0x08, 0xce, 0xba, 0x6e, 0xbc, 0xca, 0x76, 0x0c, 0x97, 0x64, 0x59, 0x86, 0x24,
|
||||||
|
0xbb, 0x3d, 0x82, 0x90, 0xa8, 0x55, 0xb1, 0x92, 0xd3, 0xa0, 0xa7, 0x05, 0xac, 0x9f, 0x53, 0x25,
|
||||||
|
0x08, 0x10, 0x47, 0x99, 0xcd, 0x98, 0xde, 0x68, 0xe5, 0xb4, 0x50, 0x78, 0xa3, 0xaf, 0x01, 0xcc,
|
||||||
|
0x59, 0x43, 0x58, 0xe4, 0x76, 0x6e, 0x7e, 0xac, 0xc7, 0xe2, 0x9e, 0x1f, 0x4f, 0xb0, 0x47, 0x2d,
|
||||||
|
0xc8, 0x0c, 0xa3, 0x49, 0x27, 0x80, 0x75, 0x8c, 0xbb, 0x06, 0x91, 0x65, 0x0f, 0x90, 0x9b, 0xf4,
|
||||||
|
0xba, 0xd1, 0x81, 0xc8, 0x5c, 0x6a, 0xec, 0x14, 0xe9, 0x25, 0x09, 0xbf, 0x23, 0x16, 0xf4, 0x95,
|
||||||
|
0x46, 0x40, 0x40, 0x21, 0xbb, 0x83, 0x96, 0xfd, 0x86, 0x1f, 0x7a, 0xc8, 0x0d, 0x10, 0x8e, 0xa2,
|
||||||
|
0xf8, 0x19, 0x07, 0x58, 0x7f, 0x9f, 0xbd, 0x37, 0x02, 0x60, 0xf2, 0xa4, 0xe9, 0x9d, 0x44, 0x3f,
|
||||||
|
0x30, 0x05, 0xe4, 0xa7, 0x70, 0x99, 0x51, 0x9a, 0xe8, 0x17, 0xf1, 0x55, 0xca, 0xb2, 0x61, 0x89,
|
||||||
|
0x65, 0x46, 0xa7, 0x6a, 0xf2, 0x58, 0x46, 0x7e, 0xaa, 0xa0, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
|
||||||
|
0xa3, 0x81, 0xf4, 0x30, 0x81, 0xf1, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30,
|
||||||
|
0x16, 0x80, 0x14, 0xda, 0xed, 0x64, 0x74, 0x14, 0x9c, 0x14, 0x3c, 0xab, 0xdd, 0x99, 0xa9, 0xbd,
|
||||||
|
0x5b, 0x28, 0x4d, 0x8b, 0x3c, 0xc9, 0xd8, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16,
|
||||||
|
0x04, 0x14, 0x2e, 0x2d, 0xb0, 0x0a, 0x44, 0x4a, 0xd3, 0x87, 0xc0, 0x02, 0x07, 0xce, 0x97, 0x7d,
|
||||||
|
0x50, 0x62, 0x20, 0xfd, 0x0f, 0x83, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff,
|
||||||
|
0x04, 0x04, 0x03, 0x02, 0x06, 0xc0, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff,
|
||||||
|
0x04, 0x02, 0x30, 0x00, 0x30, 0x16, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x01, 0x01, 0xff, 0x04, 0x0c,
|
||||||
|
0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x08, 0x30, 0x42, 0x06, 0x03,
|
||||||
|
0x55, 0x1d, 0x1f, 0x04, 0x3b, 0x30, 0x39, 0x30, 0x37, 0xa0, 0x35, 0xa0, 0x33, 0x86, 0x31, 0x68,
|
||||||
|
0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x63, 0x72, 0x6c, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72,
|
||||||
|
0x75, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x55, 0x54, 0x4e, 0x2d, 0x55, 0x53, 0x45, 0x52,
|
||||||
|
0x46, 0x69, 0x72, 0x73, 0x74, 0x2d, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x2e, 0x63, 0x72, 0x6c,
|
||||||
|
0x30, 0x35, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x29, 0x30, 0x27,
|
||||||
|
0x30, 0x25, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x86, 0x19, 0x68, 0x74,
|
||||||
|
0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x6f, 0x63, 0x73, 0x70, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72,
|
||||||
|
0x75, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
|
||||||
|
0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xc8, 0xfb, 0x63, 0xf8, 0x0b,
|
||||||
|
0x75, 0x75, 0x2c, 0x3a, 0xf1, 0xf2, 0x13, 0xa7, 0x2d, 0xb6, 0xa3, 0x1a, 0x9c, 0xad, 0x01, 0x07,
|
||||||
|
0xd3, 0x34, 0x8e, 0x77, 0xe0, 0xc2, 0x6e, 0xae, 0x02, 0x5d, 0x48, 0x4f, 0xa4, 0xd2, 0x21, 0xb6,
|
||||||
|
0x36, 0xfd, 0x2a, 0x35, 0x43, 0x7c, 0x6b, 0xdf, 0x80, 0x87, 0x0b, 0x15, 0xf0, 0x76, 0x32, 0x00,
|
||||||
|
0xb4, 0xce, 0xb5, 0x67, 0xa4, 0x2f, 0x2f, 0x20, 0x1b, 0x9c, 0x54, 0x9e, 0x83, 0x3f, 0x1f, 0x5f,
|
||||||
|
0x14, 0x95, 0x62, 0x82, 0x0f, 0x22, 0x41, 0x22, 0x1f, 0x70, 0xb3, 0xf3, 0xf7, 0x42, 0xde, 0x6c,
|
||||||
|
0x51, 0xcd, 0x4b, 0xf8, 0x21, 0xac, 0x9b, 0x3b, 0x8c, 0xb1, 0xe5, 0xe6, 0x28, 0x8f, 0xce, 0x2a,
|
||||||
|
0x8a, 0xf9, 0xaa, 0x52, 0x4d, 0x8c, 0x5b, 0x77, 0xba, 0x4d, 0x5a, 0x58, 0xdb, 0xbb, 0x6a, 0x04,
|
||||||
|
0xcc, 0x52, 0x1e, 0x9d, 0xe2, 0x28, 0x37, 0x0e, 0xbb, 0xe7, 0x0e, 0x91, 0xc7, 0xf8, 0xdb, 0xf1,
|
||||||
|
0x81, 0x98, 0xeb, 0xcd, 0x37, 0xb3, 0x0e, 0xab, 0x65, 0xd3, 0x62, 0xec, 0x3a, 0xa5, 0x76, 0xeb,
|
||||||
|
0x13, 0xa8, 0x35, 0x93, 0xc9, 0x2e, 0x0a, 0x01, 0xec, 0xc0, 0xe8, 0xcc, 0x3d, 0x7e, 0xb6, 0xeb,
|
||||||
|
0xe2, 0xc1, 0xec, 0xd3, 0x14, 0x92, 0x82, 0x66, 0x87, 0x50, 0xdc, 0xfd, 0x50, 0x97, 0xac, 0xb3,
|
||||||
|
0x4a, 0x76, 0x73, 0x06, 0xc4, 0x86, 0x11, 0x3a, 0xb3, 0x5f, 0x43, 0x04, 0x52, 0x6f, 0xea, 0xb3,
|
||||||
|
0xd0, 0x74, 0x36, 0x4c, 0xca, 0xf1, 0x1b, 0x79, 0x84, 0x37, 0x70, 0x63, 0xad, 0x74, 0xb9, 0xaa,
|
||||||
|
0x0e, 0xf3, 0x98, 0xb0, 0x86, 0x08, 0xeb, 0xdb, 0xe0, 0x1f, 0x8c, 0x10, 0xf2, 0x39, 0x64, 0x9b,
|
||||||
|
0xae, 0x4f, 0x0a, 0x2c, 0x92, 0x8a, 0x4f, 0x18, 0xb5, 0x91, 0xe5, 0x8d, 0x1a, 0x93, 0x5f, 0x1f,
|
||||||
|
0xae, 0xf1, 0xa6, 0xf0, 0x2e, 0x97, 0xd0, 0xd2, 0xf6, 0x2b, 0x3c, 0x31, 0x82, 0x02, 0x61, 0x30,
|
||||||
|
0x82, 0x02, 0x5d, 0x02, 0x01, 0x01, 0x30, 0x81, 0xaa, 0x30, 0x81, 0x95, 0x31, 0x0b, 0x30, 0x09,
|
||||||
|
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55,
|
||||||
|
0x04, 0x08, 0x13, 0x02, 0x55, 0x54, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13,
|
||||||
|
0x0e, 0x53, 0x61, 0x6c, 0x74, 0x20, 0x4c, 0x61, 0x6b, 0x65, 0x20, 0x43, 0x69, 0x74, 0x79, 0x31,
|
||||||
|
0x1e, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x15, 0x54, 0x68, 0x65, 0x20, 0x55, 0x53,
|
||||||
|
0x45, 0x52, 0x54, 0x52, 0x55, 0x53, 0x54, 0x20, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x31,
|
||||||
|
0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x18, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f,
|
||||||
|
0x2f, 0x77, 0x77, 0x77, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72, 0x75, 0x73, 0x74, 0x2e, 0x63,
|
||||||
|
0x6f, 0x6d, 0x31, 0x1d, 0x30, 0x1b, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x14, 0x55, 0x54, 0x4e,
|
||||||
|
0x2d, 0x55, 0x53, 0x45, 0x52, 0x46, 0x69, 0x72, 0x73, 0x74, 0x2d, 0x4f, 0x62, 0x6a, 0x65, 0x63,
|
||||||
|
0x74, 0x02, 0x10, 0x47, 0x8a, 0x8e, 0xfb, 0x59, 0xe1, 0xd8, 0x3f, 0x0c, 0xe1, 0x42, 0xd2, 0xa2,
|
||||||
|
0x87, 0x07, 0xbe, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0xa0, 0x81,
|
||||||
|
0x8c, 0x30, 0x1a, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x03, 0x31, 0x0d,
|
||||||
|
0x06, 0x0b, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x04, 0x30, 0x1c, 0x06,
|
||||||
|
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x05, 0x31, 0x0f, 0x17, 0x0d, 0x31, 0x34,
|
||||||
|
0x30, 0x37, 0x32, 0x38, 0x30, 0x38, 0x35, 0x30, 0x30, 0x33, 0x5a, 0x30, 0x23, 0x06, 0x09, 0x2a,
|
||||||
|
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04, 0x31, 0x16, 0x04, 0x14, 0x7a, 0xad, 0x35, 0xdc,
|
||||||
|
0x5b, 0xd6, 0x00, 0xd7, 0x44, 0xac, 0x80, 0x8f, 0x4f, 0xb6, 0xb4, 0x03, 0x62, 0x34, 0x53, 0xdc,
|
||||||
|
0x30, 0x2b, 0x06, 0x0b, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x0c, 0x31,
|
||||||
|
0x1c, 0x30, 0x1a, 0x30, 0x18, 0x30, 0x16, 0x04, 0x14, 0x3d, 0xbb, 0x6d, 0xb5, 0x08, 0x5c, 0x6d,
|
||||||
|
0xd5, 0xa1, 0xca, 0x7f, 0x9c, 0xf8, 0x4e, 0xcb, 0x1a, 0x39, 0x10, 0xca, 0xc8, 0x30, 0x0d, 0x06,
|
||||||
|
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x01, 0x00,
|
||||||
|
0x73, 0x64, 0xb9, 0xa3, 0x54, 0x6f, 0x50, 0x97, 0x01, 0xa7, 0xf6, 0x0d, 0xb8, 0xce, 0x4b, 0xaa,
|
||||||
|
0x43, 0xa2, 0x8f, 0xa3, 0xea, 0x93, 0xf2, 0xa3, 0xd0, 0x46, 0xde, 0xdd, 0x45, 0xe5, 0x94, 0x5a,
|
||||||
|
0x45, 0xc2, 0x13, 0x1b, 0x90, 0x9b, 0xcf, 0x73, 0xcd, 0x28, 0x70, 0xf0, 0xf4, 0x54, 0xb5, 0x2d,
|
||||||
|
0x31, 0xf9, 0xf3, 0x2d, 0x38, 0x78, 0xfe, 0x68, 0xea, 0x3c, 0xc0, 0xbe, 0x0b, 0x5a, 0x91, 0x49,
|
||||||
|
0x63, 0xeb, 0x26, 0x32, 0x5b, 0x86, 0xcf, 0xe5, 0x8a, 0xa5, 0x9d, 0xe6, 0x4b, 0x57, 0x91, 0x8f,
|
||||||
|
0x3c, 0xdc, 0xa6, 0x53, 0xd8, 0xdb, 0x8a, 0xfd, 0x3e, 0x7e, 0x19, 0x6f, 0x27, 0x72, 0x95, 0xc2,
|
||||||
|
0x79, 0x73, 0xdf, 0xfb, 0x08, 0x5c, 0x5b, 0xc8, 0xb7, 0x94, 0x75, 0x88, 0x7a, 0x9a, 0x85, 0x9f,
|
||||||
|
0x1b, 0xa3, 0x98, 0x30, 0x91, 0xee, 0xc0, 0x52, 0xd2, 0x75, 0x9c, 0xcb, 0x45, 0x0d, 0x94, 0x43,
|
||||||
|
0x67, 0x7a, 0x49, 0x1c, 0xb1, 0x89, 0x9d, 0x6e, 0xfa, 0x87, 0xd2, 0x4d, 0x6e, 0x74, 0x90, 0xf5,
|
||||||
|
0x80, 0x8c, 0x92, 0xda, 0xd9, 0xa1, 0x48, 0x20, 0x31, 0x02, 0x79, 0xde, 0xe3, 0xbd, 0x09, 0x04,
|
||||||
|
0xa8, 0xd4, 0x99, 0xd7, 0x3b, 0xea, 0xf8, 0xdf, 0xb3, 0xb9, 0xd7, 0xa3, 0x36, 0xa1, 0xdb, 0xd3,
|
||||||
|
0xec, 0x65, 0x8c, 0xb8, 0x8f, 0xfb, 0xd6, 0xef, 0x9c, 0x32, 0x3e, 0xab, 0x20, 0x74, 0xb9, 0x65,
|
||||||
|
0x4c, 0xc6, 0x15, 0x2f, 0x31, 0x2a, 0x34, 0x3e, 0x84, 0x09, 0xb4, 0x75, 0xbc, 0xbe, 0xaf, 0xb3,
|
||||||
|
0x9e, 0x85, 0xf1, 0xbb, 0x99, 0x1a, 0x07, 0xbd, 0x20, 0xa6, 0xed, 0xcf, 0xd1, 0xa6, 0x9a, 0x22,
|
||||||
|
0xb2, 0x6d, 0x75, 0xf4, 0x23, 0x58, 0x13, 0x78, 0x73, 0x1a, 0xb2, 0x84, 0xde, 0xad, 0xe8, 0x6d,
|
||||||
|
0xe6, 0xe7, 0x5c, 0xb6, 0xe6, 0x5b, 0x10, 0x37, 0x1f, 0xe3, 0x6e, 0xbd, 0x83, 0xd7, 0x51, 0xb1,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x0a
|
||||||
|
};
|
||||||
|
|
||||||
|
//
|
||||||
|
// The RFC3161 timestamping counterSignature retrieved from the above AuthenticodeWithTS.
|
||||||
|
//
|
||||||
|
GLOBAL_REMOVE_IF_UNREFERENCED UINT8 TSCounterSignature[] = {
|
||||||
|
0x30, 0x82, 0x08, 0x1c, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, 0xa0,
|
||||||
|
0x82, 0x08, 0x0d, 0x30, 0x82, 0x08, 0x09, 0x02, 0x01, 0x03, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x05,
|
||||||
|
0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x30, 0x81, 0xf6, 0x06, 0x0b, 0x2a, 0x86, 0x48, 0x86,
|
||||||
|
0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x04, 0xa0, 0x81, 0xe6, 0x04, 0x81, 0xe3, 0x30, 0x81, 0xe0,
|
||||||
|
0x02, 0x01, 0x01, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xb2, 0x31, 0x02, 0x01, 0x01, 0x30,
|
||||||
|
0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0xcd, 0x06,
|
||||||
|
0xf0, 0xbd, 0x8b, 0xcd, 0x5c, 0x2e, 0x5a, 0x7c, 0x42, 0x56, 0x2c, 0x20, 0x4a, 0x15, 0xcb, 0x1d,
|
||||||
|
0x8b, 0x0e, 0x02, 0x15, 0x00, 0xb6, 0xff, 0x47, 0x05, 0xb6, 0x2d, 0x15, 0xac, 0x3f, 0x5d, 0xd9,
|
||||||
|
0xcf, 0x9d, 0x54, 0x35, 0x56, 0x7c, 0xc1, 0x6e, 0x8b, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34, 0x30,
|
||||||
|
0x37, 0x32, 0x38, 0x30, 0x38, 0x35, 0x30, 0x30, 0x33, 0x5a, 0xa0, 0x81, 0x83, 0xa4, 0x81, 0x80,
|
||||||
|
0x30, 0x7e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, 0x42, 0x31,
|
||||||
|
0x1b, 0x30, 0x19, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x12, 0x47, 0x72, 0x65, 0x61, 0x74, 0x65,
|
||||||
|
0x72, 0x20, 0x4d, 0x61, 0x6e, 0x63, 0x68, 0x65, 0x73, 0x74, 0x65, 0x72, 0x31, 0x10, 0x30, 0x0e,
|
||||||
|
0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x53, 0x61, 0x6c, 0x66, 0x6f, 0x72, 0x64, 0x31, 0x1a,
|
||||||
|
0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x11, 0x43, 0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20,
|
||||||
|
0x43, 0x41, 0x20, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x65, 0x64, 0x31, 0x24, 0x30, 0x22, 0x06, 0x03,
|
||||||
|
0x55, 0x04, 0x03, 0x13, 0x1b, 0x43, 0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20, 0x54, 0x69, 0x6d, 0x65,
|
||||||
|
0x20, 0x53, 0x74, 0x61, 0x6d, 0x70, 0x69, 0x6e, 0x67, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x65, 0x72,
|
||||||
|
0xa0, 0x82, 0x04, 0x97, 0x30, 0x82, 0x04, 0x93, 0x30, 0x82, 0x03, 0x7b, 0xa0, 0x03, 0x02, 0x01,
|
||||||
|
0x02, 0x02, 0x10, 0x47, 0x8a, 0x8e, 0xfb, 0x59, 0xe1, 0xd8, 0x3f, 0x0c, 0xe1, 0x42, 0xd2, 0xa2,
|
||||||
|
0x87, 0x07, 0xbe, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
|
||||||
|
0x05, 0x00, 0x30, 0x81, 0x95, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
|
||||||
|
0x55, 0x53, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x02, 0x55, 0x54, 0x31,
|
||||||
|
0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x0e, 0x53, 0x61, 0x6c, 0x74, 0x20, 0x4c,
|
||||||
|
0x61, 0x6b, 0x65, 0x20, 0x43, 0x69, 0x74, 0x79, 0x31, 0x1e, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x04,
|
||||||
|
0x0a, 0x13, 0x15, 0x54, 0x68, 0x65, 0x20, 0x55, 0x53, 0x45, 0x52, 0x54, 0x52, 0x55, 0x53, 0x54,
|
||||||
|
0x20, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04,
|
||||||
|
0x0b, 0x13, 0x18, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x75, 0x73,
|
||||||
|
0x65, 0x72, 0x74, 0x72, 0x75, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1d, 0x30, 0x1b, 0x06,
|
||||||
|
0x03, 0x55, 0x04, 0x03, 0x13, 0x14, 0x55, 0x54, 0x4e, 0x2d, 0x55, 0x53, 0x45, 0x52, 0x46, 0x69,
|
||||||
|
0x72, 0x73, 0x74, 0x2d, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x30,
|
||||||
|
0x30, 0x35, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x31, 0x35, 0x30,
|
||||||
|
0x35, 0x31, 0x30, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x7e, 0x31, 0x0b, 0x30, 0x09,
|
||||||
|
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, 0x42, 0x31, 0x1b, 0x30, 0x19, 0x06, 0x03, 0x55,
|
||||||
|
0x04, 0x08, 0x13, 0x12, 0x47, 0x72, 0x65, 0x61, 0x74, 0x65, 0x72, 0x20, 0x4d, 0x61, 0x6e, 0x63,
|
||||||
|
0x68, 0x65, 0x73, 0x74, 0x65, 0x72, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13,
|
||||||
|
0x07, 0x53, 0x61, 0x6c, 0x66, 0x6f, 0x72, 0x64, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04,
|
||||||
|
0x0a, 0x13, 0x11, 0x43, 0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20, 0x43, 0x41, 0x20, 0x4c, 0x69, 0x6d,
|
||||||
|
0x69, 0x74, 0x65, 0x64, 0x31, 0x24, 0x30, 0x22, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x1b, 0x43,
|
||||||
|
0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20, 0x54, 0x69, 0x6d, 0x65, 0x20, 0x53, 0x74, 0x61, 0x6d, 0x70,
|
||||||
|
0x69, 0x6e, 0x67, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x65, 0x72, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d,
|
||||||
|
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01,
|
||||||
|
0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xbc, 0x35, 0xa0, 0x36, 0x70,
|
||||||
|
0x22, 0x81, 0x11, 0xc3, 0xb2, 0x83, 0xb9, 0xd3, 0x28, 0xc6, 0x36, 0xcd, 0x25, 0x6b, 0xa9, 0x7b,
|
||||||
|
0xb2, 0x1c, 0xf6, 0x9b, 0x51, 0x9c, 0xef, 0x35, 0xf4, 0xed, 0x08, 0x8e, 0x5e, 0x38, 0x08, 0xf8,
|
||||||
|
0x77, 0x3c, 0x0a, 0x42, 0xe0, 0xf3, 0x70, 0xdc, 0xa3, 0xd7, 0xca, 0xf5, 0x4c, 0x0b, 0xcf, 0xff,
|
||||||
|
0x22, 0x9c, 0x0a, 0x7e, 0x68, 0xd6, 0x09, 0xa2, 0x2a, 0x84, 0x7b, 0xa6, 0x9d, 0xb4, 0xa9, 0xc1,
|
||||||
|
0x33, 0xe2, 0xef, 0x1f, 0x17, 0x48, 0xca, 0x3a, 0xcd, 0x46, 0xe6, 0xc5, 0xaa, 0x77, 0xbd, 0xe3,
|
||||||
|
0x77, 0x9a, 0xfa, 0x47, 0x53, 0x40, 0x28, 0x59, 0x43, 0x93, 0xf1, 0xa4, 0x81, 0xea, 0xef, 0x80,
|
||||||
|
0xb5, 0x4f, 0xa7, 0x08, 0xce, 0xba, 0x6e, 0xbc, 0xca, 0x76, 0x0c, 0x97, 0x64, 0x59, 0x86, 0x24,
|
||||||
|
0xbb, 0x3d, 0x82, 0x90, 0xa8, 0x55, 0xb1, 0x92, 0xd3, 0xa0, 0xa7, 0x05, 0xac, 0x9f, 0x53, 0x25,
|
||||||
|
0x08, 0x10, 0x47, 0x99, 0xcd, 0x98, 0xde, 0x68, 0xe5, 0xb4, 0x50, 0x78, 0xa3, 0xaf, 0x01, 0xcc,
|
||||||
|
0x59, 0x43, 0x58, 0xe4, 0x76, 0x6e, 0x7e, 0xac, 0xc7, 0xe2, 0x9e, 0x1f, 0x4f, 0xb0, 0x47, 0x2d,
|
||||||
|
0xc8, 0x0c, 0xa3, 0x49, 0x27, 0x80, 0x75, 0x8c, 0xbb, 0x06, 0x91, 0x65, 0x0f, 0x90, 0x9b, 0xf4,
|
||||||
|
0xba, 0xd1, 0x81, 0xc8, 0x5c, 0x6a, 0xec, 0x14, 0xe9, 0x25, 0x09, 0xbf, 0x23, 0x16, 0xf4, 0x95,
|
||||||
|
0x46, 0x40, 0x40, 0x21, 0xbb, 0x83, 0x96, 0xfd, 0x86, 0x1f, 0x7a, 0xc8, 0x0d, 0x10, 0x8e, 0xa2,
|
||||||
|
0xf8, 0x19, 0x07, 0x58, 0x7f, 0x9f, 0xbd, 0x37, 0x02, 0x60, 0xf2, 0xa4, 0xe9, 0x9d, 0x44, 0x3f,
|
||||||
|
0x30, 0x05, 0xe4, 0xa7, 0x70, 0x99, 0x51, 0x9a, 0xe8, 0x17, 0xf1, 0x55, 0xca, 0xb2, 0x61, 0x89,
|
||||||
|
0x65, 0x46, 0xa7, 0x6a, 0xf2, 0x58, 0x46, 0x7e, 0xaa, 0xa0, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
|
||||||
|
0xa3, 0x81, 0xf4, 0x30, 0x81, 0xf1, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30,
|
||||||
|
0x16, 0x80, 0x14, 0xda, 0xed, 0x64, 0x74, 0x14, 0x9c, 0x14, 0x3c, 0xab, 0xdd, 0x99, 0xa9, 0xbd,
|
||||||
|
0x5b, 0x28, 0x4d, 0x8b, 0x3c, 0xc9, 0xd8, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16,
|
||||||
|
0x04, 0x14, 0x2e, 0x2d, 0xb0, 0x0a, 0x44, 0x4a, 0xd3, 0x87, 0xc0, 0x02, 0x07, 0xce, 0x97, 0x7d,
|
||||||
|
0x50, 0x62, 0x20, 0xfd, 0x0f, 0x83, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff,
|
||||||
|
0x04, 0x04, 0x03, 0x02, 0x06, 0xc0, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff,
|
||||||
|
0x04, 0x02, 0x30, 0x00, 0x30, 0x16, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x01, 0x01, 0xff, 0x04, 0x0c,
|
||||||
|
0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x08, 0x30, 0x42, 0x06, 0x03,
|
||||||
|
0x55, 0x1d, 0x1f, 0x04, 0x3b, 0x30, 0x39, 0x30, 0x37, 0xa0, 0x35, 0xa0, 0x33, 0x86, 0x31, 0x68,
|
||||||
|
0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x63, 0x72, 0x6c, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72,
|
||||||
|
0x75, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x55, 0x54, 0x4e, 0x2d, 0x55, 0x53, 0x45, 0x52,
|
||||||
|
0x46, 0x69, 0x72, 0x73, 0x74, 0x2d, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x2e, 0x63, 0x72, 0x6c,
|
||||||
|
0x30, 0x35, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x29, 0x30, 0x27,
|
||||||
|
0x30, 0x25, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x86, 0x19, 0x68, 0x74,
|
||||||
|
0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x6f, 0x63, 0x73, 0x70, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72,
|
||||||
|
0x75, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
|
||||||
|
0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xc8, 0xfb, 0x63, 0xf8, 0x0b,
|
||||||
|
0x75, 0x75, 0x2c, 0x3a, 0xf1, 0xf2, 0x13, 0xa7, 0x2d, 0xb6, 0xa3, 0x1a, 0x9c, 0xad, 0x01, 0x07,
|
||||||
|
0xd3, 0x34, 0x8e, 0x77, 0xe0, 0xc2, 0x6e, 0xae, 0x02, 0x5d, 0x48, 0x4f, 0xa4, 0xd2, 0x21, 0xb6,
|
||||||
|
0x36, 0xfd, 0x2a, 0x35, 0x43, 0x7c, 0x6b, 0xdf, 0x80, 0x87, 0x0b, 0x15, 0xf0, 0x76, 0x32, 0x00,
|
||||||
|
0xb4, 0xce, 0xb5, 0x67, 0xa4, 0x2f, 0x2f, 0x20, 0x1b, 0x9c, 0x54, 0x9e, 0x83, 0x3f, 0x1f, 0x5f,
|
||||||
|
0x14, 0x95, 0x62, 0x82, 0x0f, 0x22, 0x41, 0x22, 0x1f, 0x70, 0xb3, 0xf3, 0xf7, 0x42, 0xde, 0x6c,
|
||||||
|
0x51, 0xcd, 0x4b, 0xf8, 0x21, 0xac, 0x9b, 0x3b, 0x8c, 0xb1, 0xe5, 0xe6, 0x28, 0x8f, 0xce, 0x2a,
|
||||||
|
0x8a, 0xf9, 0xaa, 0x52, 0x4d, 0x8c, 0x5b, 0x77, 0xba, 0x4d, 0x5a, 0x58, 0xdb, 0xbb, 0x6a, 0x04,
|
||||||
|
0xcc, 0x52, 0x1e, 0x9d, 0xe2, 0x28, 0x37, 0x0e, 0xbb, 0xe7, 0x0e, 0x91, 0xc7, 0xf8, 0xdb, 0xf1,
|
||||||
|
0x81, 0x98, 0xeb, 0xcd, 0x37, 0xb3, 0x0e, 0xab, 0x65, 0xd3, 0x62, 0xec, 0x3a, 0xa5, 0x76, 0xeb,
|
||||||
|
0x13, 0xa8, 0x35, 0x93, 0xc9, 0x2e, 0x0a, 0x01, 0xec, 0xc0, 0xe8, 0xcc, 0x3d, 0x7e, 0xb6, 0xeb,
|
||||||
|
0xe2, 0xc1, 0xec, 0xd3, 0x14, 0x92, 0x82, 0x66, 0x87, 0x50, 0xdc, 0xfd, 0x50, 0x97, 0xac, 0xb3,
|
||||||
|
0x4a, 0x76, 0x73, 0x06, 0xc4, 0x86, 0x11, 0x3a, 0xb3, 0x5f, 0x43, 0x04, 0x52, 0x6f, 0xea, 0xb3,
|
||||||
|
0xd0, 0x74, 0x36, 0x4c, 0xca, 0xf1, 0x1b, 0x79, 0x84, 0x37, 0x70, 0x63, 0xad, 0x74, 0xb9, 0xaa,
|
||||||
|
0x0e, 0xf3, 0x98, 0xb0, 0x86, 0x08, 0xeb, 0xdb, 0xe0, 0x1f, 0x8c, 0x10, 0xf2, 0x39, 0x64, 0x9b,
|
||||||
|
0xae, 0x4f, 0x0a, 0x2c, 0x92, 0x8a, 0x4f, 0x18, 0xb5, 0x91, 0xe5, 0x8d, 0x1a, 0x93, 0x5f, 0x1f,
|
||||||
|
0xae, 0xf1, 0xa6, 0xf0, 0x2e, 0x97, 0xd0, 0xd2, 0xf6, 0x2b, 0x3c, 0x31, 0x82, 0x02, 0x61, 0x30,
|
||||||
|
0x82, 0x02, 0x5d, 0x02, 0x01, 0x01, 0x30, 0x81, 0xaa, 0x30, 0x81, 0x95, 0x31, 0x0b, 0x30, 0x09,
|
||||||
|
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55,
|
||||||
|
0x04, 0x08, 0x13, 0x02, 0x55, 0x54, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13,
|
||||||
|
0x0e, 0x53, 0x61, 0x6c, 0x74, 0x20, 0x4c, 0x61, 0x6b, 0x65, 0x20, 0x43, 0x69, 0x74, 0x79, 0x31,
|
||||||
|
0x1e, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x15, 0x54, 0x68, 0x65, 0x20, 0x55, 0x53,
|
||||||
|
0x45, 0x52, 0x54, 0x52, 0x55, 0x53, 0x54, 0x20, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x31,
|
||||||
|
0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x18, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f,
|
||||||
|
0x2f, 0x77, 0x77, 0x77, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72, 0x75, 0x73, 0x74, 0x2e, 0x63,
|
||||||
|
0x6f, 0x6d, 0x31, 0x1d, 0x30, 0x1b, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x14, 0x55, 0x54, 0x4e,
|
||||||
|
0x2d, 0x55, 0x53, 0x45, 0x52, 0x46, 0x69, 0x72, 0x73, 0x74, 0x2d, 0x4f, 0x62, 0x6a, 0x65, 0x63,
|
||||||
|
0x74, 0x02, 0x10, 0x47, 0x8a, 0x8e, 0xfb, 0x59, 0xe1, 0xd8, 0x3f, 0x0c, 0xe1, 0x42, 0xd2, 0xa2,
|
||||||
|
0x87, 0x07, 0xbe, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0xa0, 0x81,
|
||||||
|
0x8c, 0x30, 0x1a, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x03, 0x31, 0x0d,
|
||||||
|
0x06, 0x0b, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x04, 0x30, 0x1c, 0x06,
|
||||||
|
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x05, 0x31, 0x0f, 0x17, 0x0d, 0x31, 0x34,
|
||||||
|
0x30, 0x37, 0x32, 0x38, 0x30, 0x38, 0x35, 0x30, 0x30, 0x33, 0x5a, 0x30, 0x23, 0x06, 0x09, 0x2a,
|
||||||
|
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04, 0x31, 0x16, 0x04, 0x14, 0x7a, 0xad, 0x35, 0xdc,
|
||||||
|
0x5b, 0xd6, 0x00, 0xd7, 0x44, 0xac, 0x80, 0x8f, 0x4f, 0xb6, 0xb4, 0x03, 0x62, 0x34, 0x53, 0xdc,
|
||||||
|
0x30, 0x2b, 0x06, 0x0b, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x0c, 0x31,
|
||||||
|
0x1c, 0x30, 0x1a, 0x30, 0x18, 0x30, 0x16, 0x04, 0x14, 0x3d, 0xbb, 0x6d, 0xb5, 0x08, 0x5c, 0x6d,
|
||||||
|
0xd5, 0xa1, 0xca, 0x7f, 0x9c, 0xf8, 0x4e, 0xcb, 0x1a, 0x39, 0x10, 0xca, 0xc8, 0x30, 0x0d, 0x06,
|
||||||
|
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x01, 0x00,
|
||||||
|
0x73, 0x64, 0xb9, 0xa3, 0x54, 0x6f, 0x50, 0x97, 0x01, 0xa7, 0xf6, 0x0d, 0xb8, 0xce, 0x4b, 0xaa,
|
||||||
|
0x43, 0xa2, 0x8f, 0xa3, 0xea, 0x93, 0xf2, 0xa3, 0xd0, 0x46, 0xde, 0xdd, 0x45, 0xe5, 0x94, 0x5a,
|
||||||
|
0x45, 0xc2, 0x13, 0x1b, 0x90, 0x9b, 0xcf, 0x73, 0xcd, 0x28, 0x70, 0xf0, 0xf4, 0x54, 0xb5, 0x2d,
|
||||||
|
0x31, 0xf9, 0xf3, 0x2d, 0x38, 0x78, 0xfe, 0x68, 0xea, 0x3c, 0xc0, 0xbe, 0x0b, 0x5a, 0x91, 0x49,
|
||||||
|
0x63, 0xeb, 0x26, 0x32, 0x5b, 0x86, 0xcf, 0xe5, 0x8a, 0xa5, 0x9d, 0xe6, 0x4b, 0x57, 0x91, 0x8f,
|
||||||
|
0x3c, 0xdc, 0xa6, 0x53, 0xd8, 0xdb, 0x8a, 0xfd, 0x3e, 0x7e, 0x19, 0x6f, 0x27, 0x72, 0x95, 0xc2,
|
||||||
|
0x79, 0x73, 0xdf, 0xfb, 0x08, 0x5c, 0x5b, 0xc8, 0xb7, 0x94, 0x75, 0x88, 0x7a, 0x9a, 0x85, 0x9f,
|
||||||
|
0x1b, 0xa3, 0x98, 0x30, 0x91, 0xee, 0xc0, 0x52, 0xd2, 0x75, 0x9c, 0xcb, 0x45, 0x0d, 0x94, 0x43,
|
||||||
|
0x67, 0x7a, 0x49, 0x1c, 0xb1, 0x89, 0x9d, 0x6e, 0xfa, 0x87, 0xd2, 0x4d, 0x6e, 0x74, 0x90, 0xf5,
|
||||||
|
0x80, 0x8c, 0x92, 0xda, 0xd9, 0xa1, 0x48, 0x20, 0x31, 0x02, 0x79, 0xde, 0xe3, 0xbd, 0x09, 0x04,
|
||||||
|
0xa8, 0xd4, 0x99, 0xd7, 0x3b, 0xea, 0xf8, 0xdf, 0xb3, 0xb9, 0xd7, 0xa3, 0x36, 0xa1, 0xdb, 0xd3,
|
||||||
|
0xec, 0x65, 0x8c, 0xb8, 0x8f, 0xfb, 0xd6, 0xef, 0x9c, 0x32, 0x3e, 0xab, 0x20, 0x74, 0xb9, 0x65,
|
||||||
|
0x4c, 0xc6, 0x15, 0x2f, 0x31, 0x2a, 0x34, 0x3e, 0x84, 0x09, 0xb4, 0x75, 0xbc, 0xbe, 0xaf, 0xb3,
|
||||||
|
0x9e, 0x85, 0xf1, 0xbb, 0x99, 0x1a, 0x07, 0xbd, 0x20, 0xa6, 0xed, 0xcf, 0xd1, 0xa6, 0x9a, 0x22,
|
||||||
|
0xb2, 0x6d, 0x75, 0xf4, 0x23, 0x58, 0x13, 0x78, 0x73, 0x1a, 0xb2, 0x84, 0xde, 0xad, 0xe8, 0x6d,
|
||||||
|
0xe6, 0xe7, 0x5c, 0xb6, 0xe6, 0x5b, 0x10, 0x37, 0x1f, 0xe3, 0x6e, 0xbd, 0x83, 0xd7, 0x51, 0xb1,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x0a
|
||||||
|
};
|
||||||
|
|
||||||
|
//
|
||||||
|
// The Comodo Time Stamping Signer Certificate Used for the verification of TimeStamp signature.
|
||||||
|
//
|
||||||
|
GLOBAL_REMOVE_IF_UNREFERENCED UINT8 TSTrustedCert[] = {
|
||||||
|
0x30, 0x82, 0x04, 0x93, 0x30, 0x82, 0x03, 0x7b, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0x47,
|
||||||
|
0x8a, 0x8e, 0xfb, 0x59, 0xe1, 0xd8, 0x3f, 0x0c, 0xe1, 0x42, 0xd2, 0xa2, 0x87, 0x07, 0xbe, 0x30,
|
||||||
|
0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x81,
|
||||||
|
0x95, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0b,
|
||||||
|
0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x02, 0x55, 0x54, 0x31, 0x17, 0x30, 0x15, 0x06,
|
||||||
|
0x03, 0x55, 0x04, 0x07, 0x13, 0x0e, 0x53, 0x61, 0x6c, 0x74, 0x20, 0x4c, 0x61, 0x6b, 0x65, 0x20,
|
||||||
|
0x43, 0x69, 0x74, 0x79, 0x31, 0x1e, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x15, 0x54,
|
||||||
|
0x68, 0x65, 0x20, 0x55, 0x53, 0x45, 0x52, 0x54, 0x52, 0x55, 0x53, 0x54, 0x20, 0x4e, 0x65, 0x74,
|
||||||
|
0x77, 0x6f, 0x72, 0x6b, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x18, 0x68,
|
||||||
|
0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72,
|
||||||
|
0x75, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1d, 0x30, 0x1b, 0x06, 0x03, 0x55, 0x04, 0x03,
|
||||||
|
0x13, 0x14, 0x55, 0x54, 0x4e, 0x2d, 0x55, 0x53, 0x45, 0x52, 0x46, 0x69, 0x72, 0x73, 0x74, 0x2d,
|
||||||
|
0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x30, 0x30, 0x35, 0x31, 0x30,
|
||||||
|
0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x31, 0x35, 0x30, 0x35, 0x31, 0x30, 0x32,
|
||||||
|
0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x7e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
|
||||||
|
0x06, 0x13, 0x02, 0x47, 0x42, 0x31, 0x1b, 0x30, 0x19, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x12,
|
||||||
|
0x47, 0x72, 0x65, 0x61, 0x74, 0x65, 0x72, 0x20, 0x4d, 0x61, 0x6e, 0x63, 0x68, 0x65, 0x73, 0x74,
|
||||||
|
0x65, 0x72, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x53, 0x61, 0x6c,
|
||||||
|
0x66, 0x6f, 0x72, 0x64, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x11, 0x43,
|
||||||
|
0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20, 0x43, 0x41, 0x20, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x65, 0x64,
|
||||||
|
0x31, 0x24, 0x30, 0x22, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x1b, 0x43, 0x4f, 0x4d, 0x4f, 0x44,
|
||||||
|
0x4f, 0x20, 0x54, 0x69, 0x6d, 0x65, 0x20, 0x53, 0x74, 0x61, 0x6d, 0x70, 0x69, 0x6e, 0x67, 0x20,
|
||||||
|
0x53, 0x69, 0x67, 0x6e, 0x65, 0x72, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
|
||||||
|
0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82,
|
||||||
|
0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xbc, 0x35, 0xa0, 0x36, 0x70, 0x22, 0x81, 0x11, 0xc3,
|
||||||
|
0xb2, 0x83, 0xb9, 0xd3, 0x28, 0xc6, 0x36, 0xcd, 0x25, 0x6b, 0xa9, 0x7b, 0xb2, 0x1c, 0xf6, 0x9b,
|
||||||
|
0x51, 0x9c, 0xef, 0x35, 0xf4, 0xed, 0x08, 0x8e, 0x5e, 0x38, 0x08, 0xf8, 0x77, 0x3c, 0x0a, 0x42,
|
||||||
|
0xe0, 0xf3, 0x70, 0xdc, 0xa3, 0xd7, 0xca, 0xf5, 0x4c, 0x0b, 0xcf, 0xff, 0x22, 0x9c, 0x0a, 0x7e,
|
||||||
|
0x68, 0xd6, 0x09, 0xa2, 0x2a, 0x84, 0x7b, 0xa6, 0x9d, 0xb4, 0xa9, 0xc1, 0x33, 0xe2, 0xef, 0x1f,
|
||||||
|
0x17, 0x48, 0xca, 0x3a, 0xcd, 0x46, 0xe6, 0xc5, 0xaa, 0x77, 0xbd, 0xe3, 0x77, 0x9a, 0xfa, 0x47,
|
||||||
|
0x53, 0x40, 0x28, 0x59, 0x43, 0x93, 0xf1, 0xa4, 0x81, 0xea, 0xef, 0x80, 0xb5, 0x4f, 0xa7, 0x08,
|
||||||
|
0xce, 0xba, 0x6e, 0xbc, 0xca, 0x76, 0x0c, 0x97, 0x64, 0x59, 0x86, 0x24, 0xbb, 0x3d, 0x82, 0x90,
|
||||||
|
0xa8, 0x55, 0xb1, 0x92, 0xd3, 0xa0, 0xa7, 0x05, 0xac, 0x9f, 0x53, 0x25, 0x08, 0x10, 0x47, 0x99,
|
||||||
|
0xcd, 0x98, 0xde, 0x68, 0xe5, 0xb4, 0x50, 0x78, 0xa3, 0xaf, 0x01, 0xcc, 0x59, 0x43, 0x58, 0xe4,
|
||||||
|
0x76, 0x6e, 0x7e, 0xac, 0xc7, 0xe2, 0x9e, 0x1f, 0x4f, 0xb0, 0x47, 0x2d, 0xc8, 0x0c, 0xa3, 0x49,
|
||||||
|
0x27, 0x80, 0x75, 0x8c, 0xbb, 0x06, 0x91, 0x65, 0x0f, 0x90, 0x9b, 0xf4, 0xba, 0xd1, 0x81, 0xc8,
|
||||||
|
0x5c, 0x6a, 0xec, 0x14, 0xe9, 0x25, 0x09, 0xbf, 0x23, 0x16, 0xf4, 0x95, 0x46, 0x40, 0x40, 0x21,
|
||||||
|
0xbb, 0x83, 0x96, 0xfd, 0x86, 0x1f, 0x7a, 0xc8, 0x0d, 0x10, 0x8e, 0xa2, 0xf8, 0x19, 0x07, 0x58,
|
||||||
|
0x7f, 0x9f, 0xbd, 0x37, 0x02, 0x60, 0xf2, 0xa4, 0xe9, 0x9d, 0x44, 0x3f, 0x30, 0x05, 0xe4, 0xa7,
|
||||||
|
0x70, 0x99, 0x51, 0x9a, 0xe8, 0x17, 0xf1, 0x55, 0xca, 0xb2, 0x61, 0x89, 0x65, 0x46, 0xa7, 0x6a,
|
||||||
|
0xf2, 0x58, 0x46, 0x7e, 0xaa, 0xa0, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x81, 0xf4, 0x30,
|
||||||
|
0x81, 0xf1, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xda,
|
||||||
|
0xed, 0x64, 0x74, 0x14, 0x9c, 0x14, 0x3c, 0xab, 0xdd, 0x99, 0xa9, 0xbd, 0x5b, 0x28, 0x4d, 0x8b,
|
||||||
|
0x3c, 0xc9, 0xd8, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x2e, 0x2d,
|
||||||
|
0xb0, 0x0a, 0x44, 0x4a, 0xd3, 0x87, 0xc0, 0x02, 0x07, 0xce, 0x97, 0x7d, 0x50, 0x62, 0x20, 0xfd,
|
||||||
|
0x0f, 0x83, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02,
|
||||||
|
0x06, 0xc0, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00,
|
||||||
|
0x30, 0x16, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x01, 0x01, 0xff, 0x04, 0x0c, 0x30, 0x0a, 0x06, 0x08,
|
||||||
|
0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x08, 0x30, 0x42, 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04,
|
||||||
|
0x3b, 0x30, 0x39, 0x30, 0x37, 0xa0, 0x35, 0xa0, 0x33, 0x86, 0x31, 0x68, 0x74, 0x74, 0x70, 0x3a,
|
||||||
|
0x2f, 0x2f, 0x63, 0x72, 0x6c, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72, 0x75, 0x73, 0x74, 0x2e,
|
||||||
|
0x63, 0x6f, 0x6d, 0x2f, 0x55, 0x54, 0x4e, 0x2d, 0x55, 0x53, 0x45, 0x52, 0x46, 0x69, 0x72, 0x73,
|
||||||
|
0x74, 0x2d, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x2e, 0x63, 0x72, 0x6c, 0x30, 0x35, 0x06, 0x08,
|
||||||
|
0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x29, 0x30, 0x27, 0x30, 0x25, 0x06, 0x08,
|
||||||
|
0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x86, 0x19, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f,
|
||||||
|
0x2f, 0x6f, 0x63, 0x73, 0x70, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72, 0x75, 0x73, 0x74, 0x2e,
|
||||||
|
0x63, 0x6f, 0x6d, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
|
||||||
|
0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xc8, 0xfb, 0x63, 0xf8, 0x0b, 0x75, 0x75, 0x2c, 0x3a,
|
||||||
|
0xf1, 0xf2, 0x13, 0xa7, 0x2d, 0xb6, 0xa3, 0x1a, 0x9c, 0xad, 0x01, 0x07, 0xd3, 0x34, 0x8e, 0x77,
|
||||||
|
0xe0, 0xc2, 0x6e, 0xae, 0x02, 0x5d, 0x48, 0x4f, 0xa4, 0xd2, 0x21, 0xb6, 0x36, 0xfd, 0x2a, 0x35,
|
||||||
|
0x43, 0x7c, 0x6b, 0xdf, 0x80, 0x87, 0x0b, 0x15, 0xf0, 0x76, 0x32, 0x00, 0xb4, 0xce, 0xb5, 0x67,
|
||||||
|
0xa4, 0x2f, 0x2f, 0x20, 0x1b, 0x9c, 0x54, 0x9e, 0x83, 0x3f, 0x1f, 0x5f, 0x14, 0x95, 0x62, 0x82,
|
||||||
|
0x0f, 0x22, 0x41, 0x22, 0x1f, 0x70, 0xb3, 0xf3, 0xf7, 0x42, 0xde, 0x6c, 0x51, 0xcd, 0x4b, 0xf8,
|
||||||
|
0x21, 0xac, 0x9b, 0x3b, 0x8c, 0xb1, 0xe5, 0xe6, 0x28, 0x8f, 0xce, 0x2a, 0x8a, 0xf9, 0xaa, 0x52,
|
||||||
|
0x4d, 0x8c, 0x5b, 0x77, 0xba, 0x4d, 0x5a, 0x58, 0xdb, 0xbb, 0x6a, 0x04, 0xcc, 0x52, 0x1e, 0x9d,
|
||||||
|
0xe2, 0x28, 0x37, 0x0e, 0xbb, 0xe7, 0x0e, 0x91, 0xc7, 0xf8, 0xdb, 0xf1, 0x81, 0x98, 0xeb, 0xcd,
|
||||||
|
0x37, 0xb3, 0x0e, 0xab, 0x65, 0xd3, 0x62, 0xec, 0x3a, 0xa5, 0x76, 0xeb, 0x13, 0xa8, 0x35, 0x93,
|
||||||
|
0xc9, 0x2e, 0x0a, 0x01, 0xec, 0xc0, 0xe8, 0xcc, 0x3d, 0x7e, 0xb6, 0xeb, 0xe2, 0xc1, 0xec, 0xd3,
|
||||||
|
0x14, 0x92, 0x82, 0x66, 0x87, 0x50, 0xdc, 0xfd, 0x50, 0x97, 0xac, 0xb3, 0x4a, 0x76, 0x73, 0x06,
|
||||||
|
0xc4, 0x86, 0x11, 0x3a, 0xb3, 0x5f, 0x43, 0x04, 0x52, 0x6f, 0xea, 0xb3, 0xd0, 0x74, 0x36, 0x4c,
|
||||||
|
0xca, 0xf1, 0x1b, 0x79, 0x84, 0x37, 0x70, 0x63, 0xad, 0x74, 0xb9, 0xaa, 0x0e, 0xf3, 0x98, 0xb0,
|
||||||
|
0x86, 0x08, 0xeb, 0xdb, 0xe0, 0x1f, 0x8c, 0x10, 0xf2, 0x39, 0x64, 0x9b, 0xae, 0x4f, 0x0a, 0x2c,
|
||||||
|
0x92, 0x8a, 0x4f, 0x18, 0xb5, 0x91, 0xe5, 0x8d, 0x1a, 0x93, 0x5f, 0x1f, 0xae, 0xf1, 0xa6, 0xf0,
|
||||||
|
0x2e, 0x97, 0xd0, 0xd2, 0xf6, 0x2b, 0x3c, 0x0a
|
||||||
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
Validate MSFT Authenticode & Timestamping CounterSignature.
|
||||||
|
|
||||||
|
@retval TRUE Validation succeeded.
|
||||||
|
@retval FALSE Validation failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
VerifyTSCounterSignature (
|
||||||
|
VOID
|
||||||
|
)
|
||||||
|
{
|
||||||
|
BOOLEAN Status;
|
||||||
|
EFI_TIME SigningTime;
|
||||||
|
|
||||||
|
Status = FALSE;
|
||||||
|
|
||||||
|
Print (L"\n- Verify RFC3161 TimeStamp CounterSignature in PE/COFF Authenticode ... ");
|
||||||
|
//
|
||||||
|
// Verify RFC3161 Timestamp CounterSignature.
|
||||||
|
//
|
||||||
|
Status = ImageTimestampVerify (
|
||||||
|
AuthenticodeWithTS,
|
||||||
|
sizeof (AuthenticodeWithTS),
|
||||||
|
TSTrustedCert,
|
||||||
|
sizeof (TSTrustedCert),
|
||||||
|
&SigningTime
|
||||||
|
);
|
||||||
|
if (Status) {
|
||||||
|
Print (L"[Pass]\n");
|
||||||
|
Print (L" --> The PE/COFF was signed at <%t>", &SigningTime);
|
||||||
|
} else {
|
||||||
|
Print (L"[Fail]");
|
||||||
|
}
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Validate UEFI-OpenSSL RFC3161 Timestamp CounterSignature Verification Interfaces.
|
||||||
|
|
||||||
|
@retval EFI_SUCCESS Validation succeeded.
|
||||||
|
@retval EFI_ABORTED Validation failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
EFI_STATUS
|
||||||
|
ValidateTSCounterSignature (
|
||||||
|
VOID
|
||||||
|
)
|
||||||
|
{
|
||||||
|
BOOLEAN Status;
|
||||||
|
|
||||||
|
Print (L"\nUEFI-OpenSSL RFC3161 Timestamp Signature Testing: ");
|
||||||
|
|
||||||
|
Status = VerifyTSCounterSignature ();
|
||||||
|
|
||||||
|
Print (L"\n");
|
||||||
|
|
||||||
|
if (Status) {
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
} else {
|
||||||
|
return EFI_ABORTED;
|
||||||
|
}
|
||||||
|
}
|
|
@ -4,7 +4,7 @@
|
||||||
primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI security
|
primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI security
|
||||||
functionality enabling.
|
functionality enabling.
|
||||||
|
|
||||||
Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
|
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
This program and the accompanying materials
|
This program and the accompanying materials
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
|
@ -38,6 +38,16 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||||
///
|
///
|
||||||
#define SHA256_DIGEST_SIZE 32
|
#define SHA256_DIGEST_SIZE 32
|
||||||
|
|
||||||
|
///
|
||||||
|
/// SHA-384 digest size in bytes
|
||||||
|
///
|
||||||
|
#define SHA384_DIGEST_SIZE 48
|
||||||
|
|
||||||
|
///
|
||||||
|
/// SHA-512 digest size in bytes
|
||||||
|
///
|
||||||
|
#define SHA512_DIGEST_SIZE 64
|
||||||
|
|
||||||
///
|
///
|
||||||
/// TDES block size in bytes
|
/// TDES block size in bytes
|
||||||
///
|
///
|
||||||
|
@ -513,6 +523,215 @@ Sha256Final (
|
||||||
OUT UINT8 *HashValue
|
OUT UINT8 *HashValue
|
||||||
);
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
Retrieves the size, in bytes, of the context buffer required for SHA-384 hash operations.
|
||||||
|
|
||||||
|
@return The size, in bytes, of the context buffer required for SHA-384 hash operations.
|
||||||
|
|
||||||
|
**/
|
||||||
|
UINTN
|
||||||
|
EFIAPI
|
||||||
|
Sha384GetContextSize (
|
||||||
|
VOID
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
Initializes user-supplied memory pointed by Sha384Context as SHA-384 hash context for
|
||||||
|
subsequent use.
|
||||||
|
|
||||||
|
If Sha384Context is NULL, then return FALSE.
|
||||||
|
|
||||||
|
@param[out] Sha384Context Pointer to SHA-384 context being initialized.
|
||||||
|
|
||||||
|
@retval TRUE SHA-384 context initialization succeeded.
|
||||||
|
@retval FALSE SHA-384 context initialization failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha384Init (
|
||||||
|
OUT VOID *Sha384Context
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
Makes a copy of an existing SHA-384 context.
|
||||||
|
|
||||||
|
If Sha384Context is NULL, then return FALSE.
|
||||||
|
If NewSha384Context is NULL, then return FALSE.
|
||||||
|
If this interface is not supported, then return FALSE.
|
||||||
|
|
||||||
|
@param[in] Sha384Context Pointer to SHA-384 context being copied.
|
||||||
|
@param[out] NewSha384Context Pointer to new SHA-384 context.
|
||||||
|
|
||||||
|
@retval TRUE SHA-384 context copy succeeded.
|
||||||
|
@retval FALSE SHA-384 context copy failed.
|
||||||
|
@retval FALSE This interface is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha384Duplicate (
|
||||||
|
IN CONST VOID *Sha384Context,
|
||||||
|
OUT VOID *NewSha384Context
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
Digests the input data and updates SHA-384 context.
|
||||||
|
|
||||||
|
This function performs SHA-384 digest on a data buffer of the specified size.
|
||||||
|
It can be called multiple times to compute the digest of long or discontinuous data streams.
|
||||||
|
SHA-384 context should be already correctly intialized by Sha384Init(), and should not be finalized
|
||||||
|
by Sha384Final(). Behavior with invalid context is undefined.
|
||||||
|
|
||||||
|
If Sha384Context is NULL, then return FALSE.
|
||||||
|
|
||||||
|
@param[in, out] Sha384Context Pointer to the SHA-384 context.
|
||||||
|
@param[in] Data Pointer to the buffer containing the data to be hashed.
|
||||||
|
@param[in] DataSize Size of Data buffer in bytes.
|
||||||
|
|
||||||
|
@retval TRUE SHA-384 data digest succeeded.
|
||||||
|
@retval FALSE SHA-384 data digest failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha384Update (
|
||||||
|
IN OUT VOID *Sha384Context,
|
||||||
|
IN CONST VOID *Data,
|
||||||
|
IN UINTN DataSize
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
Completes computation of the SHA-384 digest value.
|
||||||
|
|
||||||
|
This function completes SHA-384 hash computation and retrieves the digest value into
|
||||||
|
the specified memory. After this function has been called, the SHA-384 context cannot
|
||||||
|
be used again.
|
||||||
|
SHA-384 context should be already correctly intialized by Sha384Init(), and should not be
|
||||||
|
finalized by Sha384Final(). Behavior with invalid SHA-384 context is undefined.
|
||||||
|
|
||||||
|
If Sha384Context is NULL, then return FALSE.
|
||||||
|
If HashValue is NULL, then return FALSE.
|
||||||
|
|
||||||
|
@param[in, out] Sha384Context Pointer to the SHA-384 context.
|
||||||
|
@param[out] HashValue Pointer to a buffer that receives the SHA-384 digest
|
||||||
|
value (48 bytes).
|
||||||
|
|
||||||
|
@retval TRUE SHA-384 digest computation succeeded.
|
||||||
|
@retval FALSE SHA-384 digest computation failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha384Final (
|
||||||
|
IN OUT VOID *Sha384Context,
|
||||||
|
OUT UINT8 *HashValue
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
Retrieves the size, in bytes, of the context buffer required for SHA-512 hash operations.
|
||||||
|
|
||||||
|
@return The size, in bytes, of the context buffer required for SHA-512 hash operations.
|
||||||
|
|
||||||
|
**/
|
||||||
|
UINTN
|
||||||
|
EFIAPI
|
||||||
|
Sha512GetContextSize (
|
||||||
|
VOID
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
Initializes user-supplied memory pointed by Sha512Context as SHA-512 hash context for
|
||||||
|
subsequent use.
|
||||||
|
|
||||||
|
If Sha512Context is NULL, then return FALSE.
|
||||||
|
|
||||||
|
@param[out] Sha512Context Pointer to SHA-512 context being initialized.
|
||||||
|
|
||||||
|
@retval TRUE SHA-512 context initialization succeeded.
|
||||||
|
@retval FALSE SHA-512 context initialization failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha512Init (
|
||||||
|
OUT VOID *Sha512Context
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
Makes a copy of an existing SHA-512 context.
|
||||||
|
|
||||||
|
If Sha512Context is NULL, then return FALSE.
|
||||||
|
If NewSha512Context is NULL, then return FALSE.
|
||||||
|
If this interface is not supported, then return FALSE.
|
||||||
|
|
||||||
|
@param[in] Sha512Context Pointer to SHA-512 context being copied.
|
||||||
|
@param[out] NewSha512Context Pointer to new SHA-512 context.
|
||||||
|
|
||||||
|
@retval TRUE SHA-512 context copy succeeded.
|
||||||
|
@retval FALSE SHA-512 context copy failed.
|
||||||
|
@retval FALSE This interface is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha512Duplicate (
|
||||||
|
IN CONST VOID *Sha512Context,
|
||||||
|
OUT VOID *NewSha512Context
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
Digests the input data and updates SHA-512 context.
|
||||||
|
|
||||||
|
This function performs SHA-512 digest on a data buffer of the specified size.
|
||||||
|
It can be called multiple times to compute the digest of long or discontinuous data streams.
|
||||||
|
SHA-512 context should be already correctly intialized by Sha512Init(), and should not be finalized
|
||||||
|
by Sha512Final(). Behavior with invalid context is undefined.
|
||||||
|
|
||||||
|
If Sha512Context is NULL, then return FALSE.
|
||||||
|
|
||||||
|
@param[in, out] Sha512Context Pointer to the SHA-512 context.
|
||||||
|
@param[in] Data Pointer to the buffer containing the data to be hashed.
|
||||||
|
@param[in] DataSize Size of Data buffer in bytes.
|
||||||
|
|
||||||
|
@retval TRUE SHA-512 data digest succeeded.
|
||||||
|
@retval FALSE SHA-512 data digest failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha512Update (
|
||||||
|
IN OUT VOID *Sha512Context,
|
||||||
|
IN CONST VOID *Data,
|
||||||
|
IN UINTN DataSize
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
Completes computation of the SHA-512 digest value.
|
||||||
|
|
||||||
|
This function completes SHA-512 hash computation and retrieves the digest value into
|
||||||
|
the specified memory. After this function has been called, the SHA-512 context cannot
|
||||||
|
be used again.
|
||||||
|
SHA-512 context should be already correctly intialized by Sha512Init(), and should not be
|
||||||
|
finalized by Sha512Final(). Behavior with invalid SHA-512 context is undefined.
|
||||||
|
|
||||||
|
If Sha512Context is NULL, then return FALSE.
|
||||||
|
If HashValue is NULL, then return FALSE.
|
||||||
|
|
||||||
|
@param[in, out] Sha512Context Pointer to the SHA-512 context.
|
||||||
|
@param[out] HashValue Pointer to a buffer that receives the SHA-512 digest
|
||||||
|
value (64 bytes).
|
||||||
|
|
||||||
|
@retval TRUE SHA-512 digest computation succeeded.
|
||||||
|
@retval FALSE SHA-512 digest computation failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha512Final (
|
||||||
|
IN OUT VOID *Sha512Context,
|
||||||
|
OUT UINT8 *HashValue
|
||||||
|
);
|
||||||
|
|
||||||
//=====================================================================================
|
//=====================================================================================
|
||||||
// MAC (Message Authentication Code) Primitive
|
// MAC (Message Authentication Code) Primitive
|
||||||
|
@ -754,7 +973,6 @@ HmacSha1Final (
|
||||||
OUT UINT8 *HmacValue
|
OUT UINT8 *HmacValue
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
||||||
//=====================================================================================
|
//=====================================================================================
|
||||||
// Symmetric Cryptography Primitive
|
// Symmetric Cryptography Primitive
|
||||||
//=====================================================================================
|
//=====================================================================================
|
||||||
|
@ -1395,7 +1613,7 @@ RsaGetKey (
|
||||||
@param[in, out] RsaContext Pointer to RSA context being set.
|
@param[in, out] RsaContext Pointer to RSA context being set.
|
||||||
@param[in] ModulusLength Length of RSA modulus N in bits.
|
@param[in] ModulusLength Length of RSA modulus N in bits.
|
||||||
@param[in] PublicExponent Pointer to RSA public exponent.
|
@param[in] PublicExponent Pointer to RSA public exponent.
|
||||||
@param[in] PublicExponentSize Size of RSA public exponent buffer in bytes.
|
@param[in] PublicExponentSize Size of RSA public exponent buffer in bytes.
|
||||||
|
|
||||||
@retval TRUE RSA key component was generated successfully.
|
@retval TRUE RSA key component was generated successfully.
|
||||||
@retval FALSE Invalid RSA key component tag.
|
@retval FALSE Invalid RSA key component tag.
|
||||||
|
@ -1519,7 +1737,6 @@ RsaPkcs1Verify (
|
||||||
@retval TRUE RSA Private Key was retrieved successfully.
|
@retval TRUE RSA Private Key was retrieved successfully.
|
||||||
@retval FALSE Invalid PEM key data or incorrect password.
|
@retval FALSE Invalid PEM key data or incorrect password.
|
||||||
@retval FALSE This interface is not supported.
|
@retval FALSE This interface is not supported.
|
||||||
|
|
||||||
|
|
||||||
**/
|
**/
|
||||||
BOOLEAN
|
BOOLEAN
|
||||||
|
@ -1648,7 +1865,7 @@ X509ConstructCertificate (
|
||||||
@param ... A list of DER-encoded single certificate data followed
|
@param ... A list of DER-encoded single certificate data followed
|
||||||
by certificate size. A NULL terminates the list. The
|
by certificate size. A NULL terminates the list. The
|
||||||
pairs are the arguments to X509ConstructCertificate().
|
pairs are the arguments to X509ConstructCertificate().
|
||||||
|
|
||||||
@retval TRUE The X509 stack construction succeeded.
|
@retval TRUE The X509 stack construction succeeded.
|
||||||
@retval FALSE The construction operation failed.
|
@retval FALSE The construction operation failed.
|
||||||
@retval FALSE This interface is not supported.
|
@retval FALSE This interface is not supported.
|
||||||
|
@ -1658,7 +1875,7 @@ BOOLEAN
|
||||||
EFIAPI
|
EFIAPI
|
||||||
X509ConstructCertificateStack (
|
X509ConstructCertificateStack (
|
||||||
IN OUT UINT8 **X509Stack,
|
IN OUT UINT8 **X509Stack,
|
||||||
...
|
...
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -1845,6 +2062,35 @@ AuthenticodeVerify (
|
||||||
IN UINTN HashSize
|
IN UINTN HashSize
|
||||||
);
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
Verifies the validility of a RFC3161 Timestamp CounterSignature embedded in PE/COFF Authenticode
|
||||||
|
signature.
|
||||||
|
|
||||||
|
If AuthData is NULL, then return FALSE.
|
||||||
|
|
||||||
|
@param[in] AuthData Pointer to the Authenticode Signature retrieved from signed
|
||||||
|
PE/COFF image to be verified.
|
||||||
|
@param[in] DataSize Size of the Authenticode Signature in bytes.
|
||||||
|
@param[in] TsaCert Pointer to a trusted/root TSA certificate encoded in DER, which
|
||||||
|
is used for TSA certificate chain verification.
|
||||||
|
@param[in] CertSize Size of the trusted certificate in bytes.
|
||||||
|
@param[out] SigningTime Return the time of timestamp generation time if the timestamp
|
||||||
|
signature is valid.
|
||||||
|
|
||||||
|
@retval TRUE The specified Authenticode includes a valid RFC3161 Timestamp CounterSignature.
|
||||||
|
@retval FALSE No valid RFC3161 Timestamp CounterSignature in the specified Authenticode data.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
ImageTimestampVerify (
|
||||||
|
IN CONST UINT8 *AuthData,
|
||||||
|
IN UINTN DataSize,
|
||||||
|
IN CONST UINT8 *TsaCert,
|
||||||
|
IN UINTN CertSize,
|
||||||
|
OUT EFI_TIME *SigningTime
|
||||||
|
);
|
||||||
|
|
||||||
//=====================================================================================
|
//=====================================================================================
|
||||||
// DH Key Exchange Primitive
|
// DH Key Exchange Primitive
|
||||||
//=====================================================================================
|
//=====================================================================================
|
||||||
|
@ -1882,7 +2128,7 @@ DhFree (
|
||||||
|
|
||||||
Given generator g, and length of prime number p in bits, this function generates p,
|
Given generator g, and length of prime number p in bits, this function generates p,
|
||||||
and sets DH context according to value of g and p.
|
and sets DH context according to value of g and p.
|
||||||
|
|
||||||
Before this function can be invoked, pseudorandom number generator must be correctly
|
Before this function can be invoked, pseudorandom number generator must be correctly
|
||||||
initialized by RandomSeed().
|
initialized by RandomSeed().
|
||||||
|
|
||||||
|
@ -1945,7 +2191,7 @@ DhSetParameter (
|
||||||
/**
|
/**
|
||||||
Generates DH public key.
|
Generates DH public key.
|
||||||
|
|
||||||
This function generates random secret exponent, and computes the public key, which is
|
This function generates random secret exponent, and computes the public key, which is
|
||||||
returned via parameter PublicKey and PublicKeySize. DH context is updated accordingly.
|
returned via parameter PublicKey and PublicKeySize. DH context is updated accordingly.
|
||||||
If the PublicKey buffer is too small to hold the public key, FALSE is returned and
|
If the PublicKey buffer is too small to hold the public key, FALSE is returned and
|
||||||
PublicKeySize is set to the required buffer size to obtain the public key.
|
PublicKeySize is set to the required buffer size to obtain the public key.
|
||||||
|
@ -2060,4 +2306,4 @@ RandomBytes (
|
||||||
IN UINTN Size
|
IN UINTN Size
|
||||||
);
|
);
|
||||||
|
|
||||||
#endif // __BASE_CRYPT_LIB_H__
|
#endif // __BASE_CRYPT_LIB_H__
|
|
@ -3,7 +3,7 @@
|
||||||
#
|
#
|
||||||
# Caution: This module requires additional review when modified.
|
# Caution: This module requires additional review when modified.
|
||||||
# This library will have external input - signature.
|
# This library will have external input - signature.
|
||||||
# This external input must be validated carefully to avoid security issues such as
|
# This external input must be validated carefully to avoid security issues such as
|
||||||
# buffer overflow or integer overflow.
|
# buffer overflow or integer overflow.
|
||||||
#
|
#
|
||||||
# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
|
# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
|
@ -11,10 +11,10 @@
|
||||||
# are licensed and made available under the terms and conditions of the BSD License
|
# are licensed and made available under the terms and conditions of the BSD License
|
||||||
# which accompanies this distribution. The full text of the license may be found at
|
# which accompanies this distribution. The full text of the license may be found at
|
||||||
# http://opensource.org/licenses/bsd-license.php
|
# http://opensource.org/licenses/bsd-license.php
|
||||||
#
|
#
|
||||||
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||||
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||||
#
|
#
|
||||||
##
|
##
|
||||||
|
|
||||||
[Defines]
|
[Defines]
|
||||||
|
@ -38,6 +38,7 @@
|
||||||
Hash/CryptMd5.c
|
Hash/CryptMd5.c
|
||||||
Hash/CryptSha1.c
|
Hash/CryptSha1.c
|
||||||
Hash/CryptSha256.c
|
Hash/CryptSha256.c
|
||||||
|
Hash/CryptSha512.c
|
||||||
Hmac/CryptHmacMd5.c
|
Hmac/CryptHmacMd5.c
|
||||||
Hmac/CryptHmacSha1.c
|
Hmac/CryptHmacSha1.c
|
||||||
Cipher/CryptAes.c
|
Cipher/CryptAes.c
|
||||||
|
@ -50,6 +51,7 @@
|
||||||
Pk/CryptDh.c
|
Pk/CryptDh.c
|
||||||
Pk/CryptX509.c
|
Pk/CryptX509.c
|
||||||
Pk/CryptAuthenticode.c
|
Pk/CryptAuthenticode.c
|
||||||
|
Pk/CryptTs.c
|
||||||
Pem/CryptPem.c
|
Pem/CryptPem.c
|
||||||
|
|
||||||
SysCall/CrtWrapper.c
|
SysCall/CrtWrapper.c
|
||||||
|
@ -57,24 +59,6 @@
|
||||||
SysCall/BaseMemAllocation.c
|
SysCall/BaseMemAllocation.c
|
||||||
|
|
||||||
[Sources.Ia32]
|
[Sources.Ia32]
|
||||||
SysCall/Ia32/MathMultS64x64.c | MSFT
|
|
||||||
SysCall/Ia32/MathDivU64x64.c | MSFT
|
|
||||||
SysCall/Ia32/MathReminderU64x64.c | MSFT
|
|
||||||
SysCall/Ia32/MathLShiftS64.c | MSFT
|
|
||||||
SysCall/Ia32/MathRShiftU64.c | MSFT
|
|
||||||
|
|
||||||
SysCall/Ia32/MathMultS64x64.c | INTEL
|
|
||||||
SysCall/Ia32/MathDivU64x64.c | INTEL
|
|
||||||
SysCall/Ia32/MathReminderU64x64.c | INTEL
|
|
||||||
SysCall/Ia32/MathLShiftS64.c | INTEL
|
|
||||||
SysCall/Ia32/MathRShiftU64.c | INTEL
|
|
||||||
|
|
||||||
SysCall/Ia32/MathMultS64x64.S | GCC
|
|
||||||
SysCall/Ia32/MathDivU64x64.S | GCC
|
|
||||||
SysCall/Ia32/MathReminderU64x64.S | GCC
|
|
||||||
SysCall/Ia32/MathLShiftS64.S | GCC
|
|
||||||
SysCall/Ia32/MathRShiftU64.S | GCC
|
|
||||||
|
|
||||||
Rand/CryptRandTsc.c
|
Rand/CryptRandTsc.c
|
||||||
|
|
||||||
[Sources.X64]
|
[Sources.X64]
|
||||||
|
@ -107,4 +91,7 @@
|
||||||
# Remove these [BuildOptions] after this library is cleaned up
|
# Remove these [BuildOptions] after this library is cleaned up
|
||||||
#
|
#
|
||||||
[BuildOptions]
|
[BuildOptions]
|
||||||
|
# suppress the following warnings so we do not break the build with warnings-as-errors:
|
||||||
|
# C4305: truncation from type1 to type2 (Introduced by RFC3161 Timestamp ASN.1 declarations)
|
||||||
|
MSFT:*_*_X64_CC_FLAGS = /wd4305
|
||||||
GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))" "-D__declspec(t)=__attribute__((t))"
|
GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))" "-D__declspec(t)=__attribute__((t))"
|
||||||
|
|
|
@ -0,0 +1,354 @@
|
||||||
|
/** @file
|
||||||
|
SHA-384 and SHA-512 Digest Wrapper Implementations over OpenSSL.
|
||||||
|
|
||||||
|
Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
|
This program and the accompanying materials
|
||||||
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
|
http://opensource.org/licenses/bsd-license.php
|
||||||
|
|
||||||
|
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||||
|
|
||||||
|
**/
|
||||||
|
|
||||||
|
#include "InternalCryptLib.h"
|
||||||
|
#include <openssl/sha.h>
|
||||||
|
|
||||||
|
/**
|
||||||
|
Retrieves the size, in bytes, of the context buffer required for SHA-384 hash operations.
|
||||||
|
|
||||||
|
@return The size, in bytes, of the context buffer required for SHA-384 hash operations.
|
||||||
|
|
||||||
|
**/
|
||||||
|
UINTN
|
||||||
|
EFIAPI
|
||||||
|
Sha384GetContextSize (
|
||||||
|
VOID
|
||||||
|
)
|
||||||
|
{
|
||||||
|
//
|
||||||
|
// Retrieves OpenSSL SHA-384 Context Size
|
||||||
|
//
|
||||||
|
return (UINTN) (sizeof (SHA512_CTX));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Initializes user-supplied memory pointed by Sha384Context as SHA-384 hash context for
|
||||||
|
subsequent use.
|
||||||
|
|
||||||
|
If Sha384Context is NULL, then return FALSE.
|
||||||
|
|
||||||
|
@param[out] Sha384Context Pointer to SHA-384 context being initialized.
|
||||||
|
|
||||||
|
@retval TRUE SHA-384 context initialization succeeded.
|
||||||
|
@retval FALSE SHA-384 context initialization failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha384Init (
|
||||||
|
OUT VOID *Sha384Context
|
||||||
|
)
|
||||||
|
{
|
||||||
|
//
|
||||||
|
// Check input parameters.
|
||||||
|
//
|
||||||
|
if (Sha384Context == NULL) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// OpenSSL SHA-384 Context Initialization
|
||||||
|
//
|
||||||
|
return (BOOLEAN) (SHA384_Init ((SHA512_CTX *) Sha384Context));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Makes a copy of an existing SHA-384 context.
|
||||||
|
|
||||||
|
If Sha384Context is NULL, then return FALSE.
|
||||||
|
If NewSha384Context is NULL, then return FALSE.
|
||||||
|
If this interface is not supported, then return FALSE.
|
||||||
|
|
||||||
|
@param[in] Sha384Context Pointer to SHA-384 context being copied.
|
||||||
|
@param[out] NewSha384Context Pointer to new SHA-384 context.
|
||||||
|
|
||||||
|
@retval TRUE SHA-384 context copy succeeded.
|
||||||
|
@retval FALSE SHA-384 context copy failed.
|
||||||
|
@retval FALSE This interface is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha384Duplicate (
|
||||||
|
IN CONST VOID *Sha384Context,
|
||||||
|
OUT VOID *NewSha384Context
|
||||||
|
)
|
||||||
|
{
|
||||||
|
//
|
||||||
|
// Check input parameters.
|
||||||
|
//
|
||||||
|
if (Sha384Context == NULL || NewSha384Context == NULL) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
CopyMem (NewSha384Context, Sha384Context, sizeof (SHA512_CTX));
|
||||||
|
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Digests the input data and updates SHA-384 context.
|
||||||
|
|
||||||
|
This function performs SHA-384 digest on a data buffer of the specified size.
|
||||||
|
It can be called multiple times to compute the digest of long or discontinuous data streams.
|
||||||
|
SHA-384 context should be already correctly intialized by Sha384Init(), and should not be finalized
|
||||||
|
by Sha384Final(). Behavior with invalid context is undefined.
|
||||||
|
|
||||||
|
If Sha384Context is NULL, then return FALSE.
|
||||||
|
|
||||||
|
@param[in, out] Sha384Context Pointer to the SHA-384 context.
|
||||||
|
@param[in] Data Pointer to the buffer containing the data to be hashed.
|
||||||
|
@param[in] DataSize Size of Data buffer in bytes.
|
||||||
|
|
||||||
|
@retval TRUE SHA-384 data digest succeeded.
|
||||||
|
@retval FALSE SHA-384 data digest failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha384Update (
|
||||||
|
IN OUT VOID *Sha384Context,
|
||||||
|
IN CONST VOID *Data,
|
||||||
|
IN UINTN DataSize
|
||||||
|
)
|
||||||
|
{
|
||||||
|
//
|
||||||
|
// Check input parameters.
|
||||||
|
//
|
||||||
|
if (Sha384Context == NULL) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Check invalid parameters, in case that only DataLength was checked in OpenSSL
|
||||||
|
//
|
||||||
|
if (Data == NULL && DataSize != 0) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// OpenSSL SHA-384 Hash Update
|
||||||
|
//
|
||||||
|
return (BOOLEAN) (SHA384_Update ((SHA512_CTX *) Sha384Context, Data, DataSize));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Completes computation of the SHA-384 digest value.
|
||||||
|
|
||||||
|
This function completes SHA-384 hash computation and retrieves the digest value into
|
||||||
|
the specified memory. After this function has been called, the SHA-384 context cannot
|
||||||
|
be used again.
|
||||||
|
SHA-384 context should be already correctly intialized by Sha384Init(), and should not be
|
||||||
|
finalized by Sha384Final(). Behavior with invalid SHA-384 context is undefined.
|
||||||
|
|
||||||
|
If Sha384Context is NULL, then return FALSE.
|
||||||
|
If HashValue is NULL, then return FALSE.
|
||||||
|
|
||||||
|
@param[in, out] Sha384Context Pointer to the SHA-384 context.
|
||||||
|
@param[out] HashValue Pointer to a buffer that receives the SHA-384 digest
|
||||||
|
value (48 bytes).
|
||||||
|
|
||||||
|
@retval TRUE SHA-384 digest computation succeeded.
|
||||||
|
@retval FALSE SHA-384 digest computation failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha384Final (
|
||||||
|
IN OUT VOID *Sha384Context,
|
||||||
|
OUT UINT8 *HashValue
|
||||||
|
)
|
||||||
|
{
|
||||||
|
//
|
||||||
|
// Check input parameters.
|
||||||
|
//
|
||||||
|
if (Sha384Context == NULL || HashValue == NULL) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// OpenSSL SHA-384 Hash Finalization
|
||||||
|
//
|
||||||
|
return (BOOLEAN) (SHA384_Final (HashValue, (SHA512_CTX *) Sha384Context));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Retrieves the size, in bytes, of the context buffer required for SHA-512 hash operations.
|
||||||
|
|
||||||
|
@return The size, in bytes, of the context buffer required for SHA-512 hash operations.
|
||||||
|
|
||||||
|
**/
|
||||||
|
UINTN
|
||||||
|
EFIAPI
|
||||||
|
Sha512GetContextSize (
|
||||||
|
VOID
|
||||||
|
)
|
||||||
|
{
|
||||||
|
//
|
||||||
|
// Retrieves OpenSSL SHA-512 Context Size
|
||||||
|
//
|
||||||
|
return (UINTN) (sizeof (SHA512_CTX));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Initializes user-supplied memory pointed by Sha512Context as SHA-512 hash context for
|
||||||
|
subsequent use.
|
||||||
|
|
||||||
|
If Sha512Context is NULL, then return FALSE.
|
||||||
|
|
||||||
|
@param[out] Sha512Context Pointer to SHA-512 context being initialized.
|
||||||
|
|
||||||
|
@retval TRUE SHA-512 context initialization succeeded.
|
||||||
|
@retval FALSE SHA-512 context initialization failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha512Init (
|
||||||
|
OUT VOID *Sha512Context
|
||||||
|
)
|
||||||
|
{
|
||||||
|
//
|
||||||
|
// Check input parameters.
|
||||||
|
//
|
||||||
|
if (Sha512Context == NULL) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// OpenSSL SHA-512 Context Initialization
|
||||||
|
//
|
||||||
|
return (BOOLEAN) (SHA512_Init ((SHA512_CTX *) Sha512Context));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Makes a copy of an existing SHA-512 context.
|
||||||
|
|
||||||
|
If Sha512Context is NULL, then return FALSE.
|
||||||
|
If NewSha512Context is NULL, then return FALSE.
|
||||||
|
If this interface is not supported, then return FALSE.
|
||||||
|
|
||||||
|
@param[in] Sha512Context Pointer to SHA-512 context being copied.
|
||||||
|
@param[out] NewSha512Context Pointer to new SHA-512 context.
|
||||||
|
|
||||||
|
@retval TRUE SHA-512 context copy succeeded.
|
||||||
|
@retval FALSE SHA-512 context copy failed.
|
||||||
|
@retval FALSE This interface is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha512Duplicate (
|
||||||
|
IN CONST VOID *Sha512Context,
|
||||||
|
OUT VOID *NewSha512Context
|
||||||
|
)
|
||||||
|
{
|
||||||
|
//
|
||||||
|
// Check input parameters.
|
||||||
|
//
|
||||||
|
if (Sha512Context == NULL || NewSha512Context == NULL) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
CopyMem (NewSha512Context, Sha512Context, sizeof (SHA512_CTX));
|
||||||
|
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Digests the input data and updates SHA-512 context.
|
||||||
|
|
||||||
|
This function performs SHA-512 digest on a data buffer of the specified size.
|
||||||
|
It can be called multiple times to compute the digest of long or discontinuous data streams.
|
||||||
|
SHA-512 context should be already correctly intialized by Sha512Init(), and should not be finalized
|
||||||
|
by Sha512Final(). Behavior with invalid context is undefined.
|
||||||
|
|
||||||
|
If Sha512Context is NULL, then return FALSE.
|
||||||
|
|
||||||
|
@param[in, out] Sha512Context Pointer to the SHA-512 context.
|
||||||
|
@param[in] Data Pointer to the buffer containing the data to be hashed.
|
||||||
|
@param[in] DataSize Size of Data buffer in bytes.
|
||||||
|
|
||||||
|
@retval TRUE SHA-512 data digest succeeded.
|
||||||
|
@retval FALSE SHA-512 data digest failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha512Update (
|
||||||
|
IN OUT VOID *Sha512Context,
|
||||||
|
IN CONST VOID *Data,
|
||||||
|
IN UINTN DataSize
|
||||||
|
)
|
||||||
|
{
|
||||||
|
//
|
||||||
|
// Check input parameters.
|
||||||
|
//
|
||||||
|
if (Sha512Context == NULL) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Check invalid parameters, in case that only DataLength was checked in OpenSSL
|
||||||
|
//
|
||||||
|
if (Data == NULL && DataSize != 0) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// OpenSSL SHA-512 Hash Update
|
||||||
|
//
|
||||||
|
return (BOOLEAN) (SHA512_Update ((SHA512_CTX *) Sha512Context, Data, DataSize));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Completes computation of the SHA-512 digest value.
|
||||||
|
|
||||||
|
This function completes SHA-512 hash computation and retrieves the digest value into
|
||||||
|
the specified memory. After this function has been called, the SHA-512 context cannot
|
||||||
|
be used again.
|
||||||
|
SHA-512 context should be already correctly intialized by Sha512Init(), and should not be
|
||||||
|
finalized by Sha512Final(). Behavior with invalid SHA-512 context is undefined.
|
||||||
|
|
||||||
|
If Sha512Context is NULL, then return FALSE.
|
||||||
|
If HashValue is NULL, then return FALSE.
|
||||||
|
|
||||||
|
@param[in, out] Sha512Context Pointer to the SHA-512 context.
|
||||||
|
@param[out] HashValue Pointer to a buffer that receives the SHA-512 digest
|
||||||
|
value (64 bytes).
|
||||||
|
|
||||||
|
@retval TRUE SHA-512 digest computation succeeded.
|
||||||
|
@retval FALSE SHA-512 digest computation failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha512Final (
|
||||||
|
IN OUT VOID *Sha512Context,
|
||||||
|
OUT UINT8 *HashValue
|
||||||
|
)
|
||||||
|
{
|
||||||
|
//
|
||||||
|
// Check input parameters.
|
||||||
|
//
|
||||||
|
if (Sha512Context == NULL || HashValue == NULL) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// OpenSSL SHA-512 Hash Finalization
|
||||||
|
//
|
||||||
|
return (BOOLEAN) (SHA384_Final (HashValue, (SHA512_CTX *) Sha512Context));
|
||||||
|
}
|
|
@ -0,0 +1,231 @@
|
||||||
|
/** @file
|
||||||
|
SHA-384 and SHA-512 Digest Wrapper Implementations which does not provide real capabilities.
|
||||||
|
|
||||||
|
Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
|
This program and the accompanying materials
|
||||||
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
|
http://opensource.org/licenses/bsd-license.php
|
||||||
|
|
||||||
|
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||||
|
|
||||||
|
**/
|
||||||
|
|
||||||
|
#include "InternalCryptLib.h"
|
||||||
|
|
||||||
|
/**
|
||||||
|
Retrieves the size, in bytes, of the context buffer required for SHA-384 hash operations.
|
||||||
|
|
||||||
|
Return zero to indicate this interface is not supported.
|
||||||
|
|
||||||
|
@retval 0 This interface is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
UINTN
|
||||||
|
EFIAPI
|
||||||
|
Sha384GetContextSize (
|
||||||
|
VOID
|
||||||
|
)
|
||||||
|
{
|
||||||
|
ASSERT (FALSE);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Initializes user-supplied memory pointed by Sha384Context as SHA-384 hash context for
|
||||||
|
subsequent use.
|
||||||
|
|
||||||
|
Return FALSE to indicate this interface is not supported.
|
||||||
|
|
||||||
|
@param[out] Sha384Context Pointer to SHA-384 context being initialized.
|
||||||
|
|
||||||
|
@retval FALSE This interface is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha384Init (
|
||||||
|
OUT VOID *Sha384Context
|
||||||
|
)
|
||||||
|
{
|
||||||
|
ASSERT (FALSE);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Makes a copy of an existing SHA-384 context.
|
||||||
|
|
||||||
|
Return FALSE to indicate this interface is not supported.
|
||||||
|
|
||||||
|
@param[in] Sha384Context Pointer to SHA-384 context being copied.
|
||||||
|
@param[out] NewSha384Context Pointer to new SHA-384 context.
|
||||||
|
|
||||||
|
@retval FALSE This interface is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha384Duplicate (
|
||||||
|
IN CONST VOID *Sha384Context,
|
||||||
|
OUT VOID *NewSha384Context
|
||||||
|
)
|
||||||
|
{
|
||||||
|
ASSERT (FALSE);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Digests the input data and updates SHA-384 context.
|
||||||
|
|
||||||
|
Return FALSE to indicate this interface is not supported.
|
||||||
|
|
||||||
|
@param[in, out] Sha384Context Pointer to the SHA-384 context.
|
||||||
|
@param[in] Data Pointer to the buffer containing the data to be hashed.
|
||||||
|
@param[in] DataSize Size of Data buffer in bytes.
|
||||||
|
|
||||||
|
@retval FALSE This interface is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha384Update (
|
||||||
|
IN OUT VOID *Sha384Context,
|
||||||
|
IN CONST VOID *Data,
|
||||||
|
IN UINTN DataSize
|
||||||
|
)
|
||||||
|
{
|
||||||
|
ASSERT (FALSE);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Completes computation of the SHA-384 digest value.
|
||||||
|
|
||||||
|
Return FALSE to indicate this interface is not supported.
|
||||||
|
|
||||||
|
@param[in, out] Sha384Context Pointer to the SHA-384 context.
|
||||||
|
@param[out] HashValue Pointer to a buffer that receives the SHA-384 digest
|
||||||
|
value (48 bytes).
|
||||||
|
|
||||||
|
@retval FALSE This interface is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha384Final (
|
||||||
|
IN OUT VOID *Sha384Context,
|
||||||
|
OUT UINT8 *HashValue
|
||||||
|
)
|
||||||
|
{
|
||||||
|
ASSERT (FALSE);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Retrieves the size, in bytes, of the context buffer required for SHA-512 hash operations.
|
||||||
|
|
||||||
|
Return zero to indicate this interface is not supported.
|
||||||
|
|
||||||
|
@retval 0 This interface is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
UINTN
|
||||||
|
EFIAPI
|
||||||
|
Sha512GetContextSize (
|
||||||
|
VOID
|
||||||
|
)
|
||||||
|
{
|
||||||
|
ASSERT (FALSE);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Initializes user-supplied memory pointed by Sha512Context as SHA-512 hash context for
|
||||||
|
subsequent use.
|
||||||
|
|
||||||
|
Return FALSE to indicate this interface is not supported.
|
||||||
|
|
||||||
|
@param[out] Sha512Context Pointer to SHA-512 context being initialized.
|
||||||
|
|
||||||
|
@retval FALSE This interface is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha512Init (
|
||||||
|
OUT VOID *Sha512Context
|
||||||
|
)
|
||||||
|
{
|
||||||
|
ASSERT (FALSE);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Makes a copy of an existing SHA-512 context.
|
||||||
|
|
||||||
|
Return FALSE to indicate this interface is not supported.
|
||||||
|
|
||||||
|
@param[in] Sha512Context Pointer to SHA-512 context being copied.
|
||||||
|
@param[out] NewSha512Context Pointer to new SHA-512 context.
|
||||||
|
|
||||||
|
@retval FALSE This interface is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha512Duplicate (
|
||||||
|
IN CONST VOID *Sha512Context,
|
||||||
|
OUT VOID *NewSha512Context
|
||||||
|
)
|
||||||
|
{
|
||||||
|
ASSERT (FALSE);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Digests the input data and updates SHA-512 context.
|
||||||
|
|
||||||
|
Return FALSE to indicate this interface is not supported.
|
||||||
|
|
||||||
|
@param[in, out] Sha512Context Pointer to the SHA-512 context.
|
||||||
|
@param[in] Data Pointer to the buffer containing the data to be hashed.
|
||||||
|
@param[in] DataSize Size of Data buffer in bytes.
|
||||||
|
|
||||||
|
@retval FALSE This interface is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha512Update (
|
||||||
|
IN OUT VOID *Sha512Context,
|
||||||
|
IN CONST VOID *Data,
|
||||||
|
IN UINTN DataSize
|
||||||
|
)
|
||||||
|
{
|
||||||
|
ASSERT (FALSE);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Completes computation of the SHA-512 digest value.
|
||||||
|
|
||||||
|
Return FALSE to indicate this interface is not supported.
|
||||||
|
|
||||||
|
@param[in, out] Sha512Context Pointer to the SHA-512 context.
|
||||||
|
@param[out] HashValue Pointer to a buffer that receives the SHA-512 digest
|
||||||
|
value (64 bytes).
|
||||||
|
|
||||||
|
@retval FALSE This interface is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
Sha512Final (
|
||||||
|
IN OUT VOID *Sha512Context,
|
||||||
|
OUT UINT8 *HashValue
|
||||||
|
)
|
||||||
|
{
|
||||||
|
ASSERT (FALSE);
|
||||||
|
return FALSE;
|
||||||
|
}
|
|
@ -3,24 +3,25 @@
|
||||||
#
|
#
|
||||||
# Caution: This module requires additional review when modified.
|
# Caution: This module requires additional review when modified.
|
||||||
# This library will have external input - signature.
|
# This library will have external input - signature.
|
||||||
# This external input must be validated carefully to avoid security issues such as
|
# This external input must be validated carefully to avoid security issues such as
|
||||||
# buffer overflow or integer overflow.
|
# buffer overflow or integer overflow.
|
||||||
#
|
#
|
||||||
# Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/
|
# Note: MD4 Digest functions, SHA-384 Digest functions, SHA-512 Digest functions,
|
||||||
# TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
|
# HMAC-MD5 functions, HMAC-SHA1 functions, AES/TDES/ARC4 functions, RSA external
|
||||||
# Diffie-Hellman functions, X.509 certificate handler functions, authenticode
|
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509
|
||||||
# signature verification functions, PEM handler functions, and pseudorandom number
|
# certificate handler functions, authenticode signature verification functions,
|
||||||
# generator functions are not supported in this instance.
|
# PEM handler functions, and pseudorandom number generator functions are not
|
||||||
|
# supported in this instance.
|
||||||
#
|
#
|
||||||
# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
|
# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
# This program and the accompanying materials
|
# This program and the accompanying materials
|
||||||
# are licensed and made available under the terms and conditions of the BSD License
|
# are licensed and made available under the terms and conditions of the BSD License
|
||||||
# which accompanies this distribution. The full text of the license may be found at
|
# which accompanies this distribution. The full text of the license may be found at
|
||||||
# http://opensource.org/licenses/bsd-license.php
|
# http://opensource.org/licenses/bsd-license.php
|
||||||
#
|
#
|
||||||
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||||
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||||
#
|
#
|
||||||
##
|
##
|
||||||
|
|
||||||
[Defines]
|
[Defines]
|
||||||
|
@ -43,6 +44,7 @@
|
||||||
Hash/CryptMd5.c
|
Hash/CryptMd5.c
|
||||||
Hash/CryptSha1.c
|
Hash/CryptSha1.c
|
||||||
Hash/CryptSha256.c
|
Hash/CryptSha256.c
|
||||||
|
Hash/CryptSha512Null.c
|
||||||
Hmac/CryptHmacMd5Null.c
|
Hmac/CryptHmacMd5Null.c
|
||||||
Hmac/CryptHmacSha1Null.c
|
Hmac/CryptHmacSha1Null.c
|
||||||
Cipher/CryptAesNull.c
|
Cipher/CryptAesNull.c
|
||||||
|
@ -57,6 +59,7 @@
|
||||||
Pk/CryptDhNull.c
|
Pk/CryptDhNull.c
|
||||||
Pk/CryptX509Null.c
|
Pk/CryptX509Null.c
|
||||||
Pk/CryptAuthenticodeNull.c
|
Pk/CryptAuthenticodeNull.c
|
||||||
|
Pk/CryptTsNull.c
|
||||||
Pem/CryptPemNull.c
|
Pem/CryptPemNull.c
|
||||||
|
|
||||||
Rand/CryptRandNull.c
|
Rand/CryptRandNull.c
|
||||||
|
@ -65,26 +68,6 @@
|
||||||
SysCall/ConstantTimeClock.c
|
SysCall/ConstantTimeClock.c
|
||||||
SysCall/BaseMemAllocation.c
|
SysCall/BaseMemAllocation.c
|
||||||
|
|
||||||
|
|
||||||
[Sources.Ia32]
|
|
||||||
SysCall/Ia32/MathMultS64x64.c | MSFT
|
|
||||||
SysCall/Ia32/MathDivU64x64.c | MSFT
|
|
||||||
SysCall/Ia32/MathReminderU64x64.c | MSFT
|
|
||||||
SysCall/Ia32/MathLShiftS64.c | MSFT
|
|
||||||
SysCall/Ia32/MathRShiftU64.c | MSFT
|
|
||||||
|
|
||||||
SysCall/Ia32/MathMultS64x64.c | INTEL
|
|
||||||
SysCall/Ia32/MathDivU64x64.c | INTEL
|
|
||||||
SysCall/Ia32/MathReminderU64x64.c | INTEL
|
|
||||||
SysCall/Ia32/MathLShiftS64.c | INTEL
|
|
||||||
SysCall/Ia32/MathRShiftU64.c | INTEL
|
|
||||||
|
|
||||||
SysCall/Ia32/MathMultS64x64.S | GCC
|
|
||||||
SysCall/Ia32/MathDivU64x64.S | GCC
|
|
||||||
SysCall/Ia32/MathReminderU64x64.S | GCC
|
|
||||||
SysCall/Ia32/MathLShiftS64.S | GCC
|
|
||||||
SysCall/Ia32/MathRShiftU64.S | GCC
|
|
||||||
|
|
||||||
[Packages]
|
[Packages]
|
||||||
MdePkg/MdePkg.dec
|
MdePkg/MdePkg.dec
|
||||||
CryptoPkg/CryptoPkg.dec
|
CryptoPkg/CryptoPkg.dec
|
||||||
|
@ -102,4 +85,3 @@
|
||||||
#
|
#
|
||||||
[BuildOptions]
|
[BuildOptions]
|
||||||
GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))" "-D__declspec(t)=__attribute__((t))"
|
GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))" "-D__declspec(t)=__attribute__((t))"
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
AuthenticodeVerify() will get PE/COFF Authenticode and will do basic check for
|
AuthenticodeVerify() will get PE/COFF Authenticode and will do basic check for
|
||||||
data structure.
|
data structure.
|
||||||
|
|
||||||
Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>
|
Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
This program and the accompanying materials
|
This program and the accompanying materials
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
|
@ -123,7 +123,7 @@ AuthenticodeVerify (
|
||||||
// Un-matched SPC_INDIRECT_DATA_OBJID.
|
// Un-matched SPC_INDIRECT_DATA_OBJID.
|
||||||
//
|
//
|
||||||
goto _Exit;
|
goto _Exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
SpcIndirectDataContent = (UINT8 *)(Pkcs7->d.sign->contents->d.other->value.asn1_string->data);
|
SpcIndirectDataContent = (UINT8 *)(Pkcs7->d.sign->contents->d.other->value.asn1_string->data);
|
||||||
|
@ -135,16 +135,27 @@ AuthenticodeVerify (
|
||||||
|
|
||||||
if ((Asn1Byte & 0x80) == 0) {
|
if ((Asn1Byte & 0x80) == 0) {
|
||||||
//
|
//
|
||||||
// Short Form of Length Encoding
|
// Short Form of Length Encoding (Length < 128)
|
||||||
//
|
//
|
||||||
ContentSize = (UINTN) (Asn1Byte & 0x7F);
|
ContentSize = (UINTN) (Asn1Byte & 0x7F);
|
||||||
//
|
//
|
||||||
// Skip the SEQUENCE Tag;
|
// Skip the SEQUENCE Tag;
|
||||||
//
|
//
|
||||||
SpcIndirectDataContent += 2;
|
SpcIndirectDataContent += 2;
|
||||||
|
|
||||||
|
} else if ((Asn1Byte & 0x81) == 0x81) {
|
||||||
|
//
|
||||||
|
// Long Form of Length Encoding (128 <= Length < 255, Single Octet)
|
||||||
|
//
|
||||||
|
ContentSize = (UINTN) (*(UINT8 *)(SpcIndirectDataContent + 2));
|
||||||
|
//
|
||||||
|
// Skip the SEQUENCE Tag;
|
||||||
|
//
|
||||||
|
SpcIndirectDataContent += 3;
|
||||||
|
|
||||||
} else if ((Asn1Byte & 0x82) == 0x82) {
|
} else if ((Asn1Byte & 0x82) == 0x82) {
|
||||||
//
|
//
|
||||||
// Long Form of Length Encoding, only support two bytes.
|
// Long Form of Length Encoding (Length > 255, Two Octet)
|
||||||
//
|
//
|
||||||
ContentSize = (UINTN) (*(UINT8 *)(SpcIndirectDataContent + 2));
|
ContentSize = (UINTN) (*(UINT8 *)(SpcIndirectDataContent + 2));
|
||||||
ContentSize = (ContentSize << 8) + (UINTN)(*(UINT8 *)(SpcIndirectDataContent + 3));
|
ContentSize = (ContentSize << 8) + (UINTN)(*(UINT8 *)(SpcIndirectDataContent + 3));
|
||||||
|
@ -152,6 +163,7 @@ AuthenticodeVerify (
|
||||||
// Skip the SEQUENCE Tag;
|
// Skip the SEQUENCE Tag;
|
||||||
//
|
//
|
||||||
SpcIndirectDataContent += 4;
|
SpcIndirectDataContent += 4;
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
goto _Exit;
|
goto _Exit;
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,7 +10,7 @@
|
||||||
WrapPkcs7Data(), Pkcs7GetSigners(), Pkcs7Verify() will get UEFI Authenticated
|
WrapPkcs7Data(), Pkcs7GetSigners(), Pkcs7Verify() will get UEFI Authenticated
|
||||||
Variable and will do basic check for data structure.
|
Variable and will do basic check for data structure.
|
||||||
|
|
||||||
Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
|
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
This program and the accompanying materials
|
This program and the accompanying materials
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
|
@ -123,7 +123,7 @@ X509VerifyCb (
|
||||||
@param[in] P7Length Length of the PKCS#7 message in bytes.
|
@param[in] P7Length Length of the PKCS#7 message in bytes.
|
||||||
@param[out] WrapFlag If TRUE P7Data is a ContentInfo structure, otherwise
|
@param[out] WrapFlag If TRUE P7Data is a ContentInfo structure, otherwise
|
||||||
return FALSE.
|
return FALSE.
|
||||||
@param[out] WrapData If return status of this function is TRUE:
|
@param[out] WrapData If return status of this function is TRUE:
|
||||||
1) when WrapFlag is TRUE, pointer to P7Data.
|
1) when WrapFlag is TRUE, pointer to P7Data.
|
||||||
2) when WrapFlag is FALSE, pointer to a new ContentInfo
|
2) when WrapFlag is FALSE, pointer to a new ContentInfo
|
||||||
structure. It's caller's responsibility to free this
|
structure. It's caller's responsibility to free this
|
||||||
|
@ -227,7 +227,7 @@ WrapPkcs7Data (
|
||||||
@param[in] X509Stack Pointer to a X509 stack object.
|
@param[in] X509Stack Pointer to a X509 stack object.
|
||||||
@param[out] Cert Pointer to a X509 certificate.
|
@param[out] Cert Pointer to a X509 certificate.
|
||||||
@param[out] CertSize Length of output X509 certificate in bytes.
|
@param[out] CertSize Length of output X509 certificate in bytes.
|
||||||
|
|
||||||
@retval TRUE The X509 stack pop succeeded.
|
@retval TRUE The X509 stack pop succeeded.
|
||||||
@retval FALSE The pop operation failed.
|
@retval FALSE The pop operation failed.
|
||||||
|
|
||||||
|
@ -359,7 +359,7 @@ Pkcs7GetSigners (
|
||||||
(TrustedCert == NULL) || (CertLength == NULL) || (P7Length > INT_MAX)) {
|
(TrustedCert == NULL) || (CertLength == NULL) || (P7Length > INT_MAX)) {
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
Status = WrapPkcs7Data (P7Data, P7Length, &Wrapped, &SignedData, &SignedDataSize);
|
Status = WrapPkcs7Data (P7Data, P7Length, &Wrapped, &SignedData, &SignedDataSize);
|
||||||
if (!Status) {
|
if (!Status) {
|
||||||
return Status;
|
return Status;
|
||||||
|
@ -410,7 +410,7 @@ Pkcs7GetSigners (
|
||||||
//
|
//
|
||||||
BufferSize = sizeof (UINT8);
|
BufferSize = sizeof (UINT8);
|
||||||
OldSize = BufferSize;
|
OldSize = BufferSize;
|
||||||
|
|
||||||
for (Index = 0; ; Index++) {
|
for (Index = 0; ; Index++) {
|
||||||
Status = X509PopCertificate (Stack, &SingleCert, &SingleCertSize);
|
Status = X509PopCertificate (Stack, &SingleCert, &SingleCertSize);
|
||||||
if (!Status) {
|
if (!Status) {
|
||||||
|
@ -455,7 +455,7 @@ Pkcs7GetSigners (
|
||||||
*CertStack = CertBuf;
|
*CertStack = CertBuf;
|
||||||
*StackLength = BufferSize;
|
*StackLength = BufferSize;
|
||||||
Status = TRUE;
|
Status = TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
_Exit:
|
_Exit:
|
||||||
//
|
//
|
||||||
|
@ -485,7 +485,7 @@ _Exit:
|
||||||
if (OldBuf != NULL) {
|
if (OldBuf != NULL) {
|
||||||
free (OldBuf);
|
free (OldBuf);
|
||||||
}
|
}
|
||||||
|
|
||||||
return Status;
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -556,11 +556,11 @@ Pkcs7Verify (
|
||||||
//
|
//
|
||||||
// Check input parameters.
|
// Check input parameters.
|
||||||
//
|
//
|
||||||
if (P7Data == NULL || TrustedCert == NULL || InData == NULL ||
|
if (P7Data == NULL || TrustedCert == NULL || InData == NULL ||
|
||||||
P7Length > INT_MAX || CertLength > INT_MAX || DataLength > INT_MAX) {
|
P7Length > INT_MAX || CertLength > INT_MAX || DataLength > INT_MAX) {
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
Pkcs7 = NULL;
|
Pkcs7 = NULL;
|
||||||
DataBio = NULL;
|
DataBio = NULL;
|
||||||
Cert = NULL;
|
Cert = NULL;
|
||||||
|
@ -578,18 +578,23 @@ Pkcs7Verify (
|
||||||
if (EVP_add_digest (EVP_sha256 ()) == 0) {
|
if (EVP_add_digest (EVP_sha256 ()) == 0) {
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
if (EVP_add_digest (EVP_sha384 ()) == 0) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
if (EVP_add_digest (EVP_sha512 ()) == 0) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
if (EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA) == 0) {
|
if (EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA) == 0) {
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
Status = WrapPkcs7Data (P7Data, P7Length, &Wrapped, &SignedData, &SignedDataSize);
|
Status = WrapPkcs7Data (P7Data, P7Length, &Wrapped, &SignedData, &SignedDataSize);
|
||||||
if (!Status) {
|
if (!Status) {
|
||||||
return Status;
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
Status = FALSE;
|
Status = FALSE;
|
||||||
|
|
||||||
//
|
//
|
||||||
// Retrieve PKCS#7 Data (DER encoding)
|
// Retrieve PKCS#7 Data (DER encoding)
|
||||||
//
|
//
|
||||||
|
@ -674,4 +679,4 @@ _Exit:
|
||||||
}
|
}
|
||||||
|
|
||||||
return Status;
|
return Status;
|
||||||
}
|
}
|
|
@ -0,0 +1,724 @@
|
||||||
|
/** @file
|
||||||
|
RFC3161 Timestamp Countersignature Verification over OpenSSL.
|
||||||
|
The timestamp is generated by a TimeStamping Authority (TSA) and asserts that a
|
||||||
|
publisher's signature existed before the specified time. The timestamp extends
|
||||||
|
the lifetime of the signature when a signing certificate expires or is later
|
||||||
|
revoked.
|
||||||
|
|
||||||
|
Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
|
This program and the accompanying materials
|
||||||
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
|
http://opensource.org/licenses/bsd-license.php
|
||||||
|
|
||||||
|
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||||
|
|
||||||
|
**/
|
||||||
|
|
||||||
|
#include "InternalCryptLib.h"
|
||||||
|
|
||||||
|
#include <openssl/asn1.h>
|
||||||
|
#include <openssl/asn1t.h>
|
||||||
|
#include <openssl/x509.h>
|
||||||
|
#include <openssl/x509v3.h>
|
||||||
|
#include <openssl/pkcs7.h>
|
||||||
|
|
||||||
|
//
|
||||||
|
// OID ASN.1 Value for SPC_RFC3161_OBJID ("1.3.6.1.4.1.311.3.3.1")
|
||||||
|
//
|
||||||
|
UINT8 mSpcRFC3161OidValue[] = {
|
||||||
|
0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x03, 0x03, 0x01
|
||||||
|
};
|
||||||
|
|
||||||
|
///
|
||||||
|
/// The messageImprint field SHOULD contain the hash of the datum to be
|
||||||
|
/// time-stamped. The hash is represented as an OCTET STRING. Its
|
||||||
|
/// length MUST match the length of the hash value for that algorithm
|
||||||
|
/// (e.g., 20 bytes for SHA-1 or 16 bytes for MD5).
|
||||||
|
///
|
||||||
|
/// MessageImprint ::= SEQUENCE {
|
||||||
|
/// hashAlgorithm AlgorithmIdentifier,
|
||||||
|
/// hashedMessage OCTET STRING }
|
||||||
|
///
|
||||||
|
typedef struct {
|
||||||
|
X509_ALGOR *HashAlgorithm;
|
||||||
|
ASN1_OCTET_STRING *HashedMessage;
|
||||||
|
} TS_MESSAGE_IMPRINT;
|
||||||
|
|
||||||
|
//
|
||||||
|
// ASN.1 Functions for TS_MESSAGE_IMPRINT
|
||||||
|
//
|
||||||
|
DECLARE_ASN1_FUNCTIONS (TS_MESSAGE_IMPRINT)
|
||||||
|
ASN1_SEQUENCE (TS_MESSAGE_IMPRINT) = {
|
||||||
|
ASN1_SIMPLE (TS_MESSAGE_IMPRINT, HashAlgorithm, X509_ALGOR),
|
||||||
|
ASN1_SIMPLE (TS_MESSAGE_IMPRINT, HashedMessage, ASN1_OCTET_STRING)
|
||||||
|
} ASN1_SEQUENCE_END (TS_MESSAGE_IMPRINT)
|
||||||
|
IMPLEMENT_ASN1_FUNCTIONS (TS_MESSAGE_IMPRINT)
|
||||||
|
|
||||||
|
///
|
||||||
|
/// Accuracy represents the time deviation around the UTC time contained
|
||||||
|
/// in GeneralizedTime of time-stamp token.
|
||||||
|
///
|
||||||
|
/// Accuracy ::= SEQUENCE {
|
||||||
|
/// seconds INTEGER OPTIONAL,
|
||||||
|
/// millis [0] INTEGER (1..999) OPTIONAL,
|
||||||
|
/// micros [1] INTEGER (1..999) OPTIONAL }
|
||||||
|
///
|
||||||
|
typedef struct {
|
||||||
|
ASN1_INTEGER *Seconds;
|
||||||
|
ASN1_INTEGER *Millis;
|
||||||
|
ASN1_INTEGER *Micros;
|
||||||
|
} TS_ACCURACY;
|
||||||
|
|
||||||
|
//
|
||||||
|
// ASN.1 Functions for TS_ACCURACY
|
||||||
|
//
|
||||||
|
DECLARE_ASN1_FUNCTIONS (TS_ACCURACY)
|
||||||
|
ASN1_SEQUENCE (TS_ACCURACY) = {
|
||||||
|
ASN1_OPT (TS_ACCURACY, Seconds, ASN1_INTEGER),
|
||||||
|
ASN1_IMP_OPT (TS_ACCURACY, Millis, ASN1_INTEGER, 0),
|
||||||
|
ASN1_IMP_OPT (TS_ACCURACY, Micros, ASN1_INTEGER, 1)
|
||||||
|
} ASN1_SEQUENCE_END (TS_ACCURACY)
|
||||||
|
IMPLEMENT_ASN1_FUNCTIONS (TS_ACCURACY)
|
||||||
|
|
||||||
|
///
|
||||||
|
/// The timestamp token info resulting from a successful timestamp request,
|
||||||
|
/// as defined in RFC 3161.
|
||||||
|
///
|
||||||
|
/// TSTInfo ::= SEQUENCE {
|
||||||
|
/// version INTEGER { v1(1) },
|
||||||
|
/// policy TSAPolicyId,
|
||||||
|
/// messageImprint MessageImprint,
|
||||||
|
/// -- MUST have the same value as the similar field in
|
||||||
|
/// -- TimeStampReq
|
||||||
|
/// serialNumber INTEGER,
|
||||||
|
/// -- Time-Stamping users MUST be ready to accommodate integers
|
||||||
|
/// -- up to 160 bits.
|
||||||
|
/// genTime GeneralizedTime,
|
||||||
|
/// accuracy Accuracy OPTIONAL,
|
||||||
|
/// ordering BOOLEAN DEFAULT FALSE,
|
||||||
|
/// nonce INTEGER OPTIONAL,
|
||||||
|
/// -- MUST be present if the similar field was present
|
||||||
|
/// -- in TimeStampReq. In that case it MUST have the same value.
|
||||||
|
/// tsa [0] GeneralName OPTIONAL,
|
||||||
|
/// extensions [1] IMPLICIT Extensions OPTIONAL }
|
||||||
|
///
|
||||||
|
typedef struct {
|
||||||
|
ASN1_INTEGER *Version;
|
||||||
|
ASN1_OBJECT *Policy;
|
||||||
|
TS_MESSAGE_IMPRINT *MessageImprint;
|
||||||
|
ASN1_INTEGER *SerialNumber;
|
||||||
|
ASN1_GENERALIZEDTIME *GenTime;
|
||||||
|
TS_ACCURACY *Accuracy;
|
||||||
|
ASN1_BOOLEAN Ordering;
|
||||||
|
ASN1_INTEGER *Nonce;
|
||||||
|
GENERAL_NAME *Tsa;
|
||||||
|
STACK_OF(X509_EXTENSION) *Extensions;
|
||||||
|
} TS_TST_INFO;
|
||||||
|
|
||||||
|
//
|
||||||
|
// ASN.1 Functions for TS_TST_INFO
|
||||||
|
//
|
||||||
|
DECLARE_ASN1_FUNCTIONS (TS_TST_INFO)
|
||||||
|
ASN1_SEQUENCE (TS_TST_INFO) = {
|
||||||
|
ASN1_SIMPLE (TS_TST_INFO, Version, ASN1_INTEGER),
|
||||||
|
ASN1_SIMPLE (TS_TST_INFO, Policy, ASN1_OBJECT),
|
||||||
|
ASN1_SIMPLE (TS_TST_INFO, MessageImprint, TS_MESSAGE_IMPRINT),
|
||||||
|
ASN1_SIMPLE (TS_TST_INFO, SerialNumber, ASN1_INTEGER),
|
||||||
|
ASN1_SIMPLE (TS_TST_INFO, GenTime, ASN1_GENERALIZEDTIME),
|
||||||
|
ASN1_OPT (TS_TST_INFO, Accuracy, TS_ACCURACY),
|
||||||
|
ASN1_OPT (TS_TST_INFO, Ordering, ASN1_FBOOLEAN),
|
||||||
|
ASN1_OPT (TS_TST_INFO, Nonce, ASN1_INTEGER),
|
||||||
|
ASN1_EXP_OPT(TS_TST_INFO, Tsa, GENERAL_NAME, 0),
|
||||||
|
ASN1_IMP_SEQUENCE_OF_OPT (TS_TST_INFO, Extensions, X509_EXTENSION, 1)
|
||||||
|
} ASN1_SEQUENCE_END (TS_TST_INFO)
|
||||||
|
IMPLEMENT_ASN1_FUNCTIONS (TS_TST_INFO)
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
Verification callback function to override any existing callbacks in OpenSSL
|
||||||
|
for intermediate TSA certificate supports.
|
||||||
|
|
||||||
|
@param[in] Status Original status before calling this callback.
|
||||||
|
@param[in] Context X509 store context.
|
||||||
|
|
||||||
|
@retval 1 Current X509 certificate is verified successfully.
|
||||||
|
@retval 0 Verification failed.
|
||||||
|
|
||||||
|
**/
|
||||||
|
int
|
||||||
|
TSVerifyCallback (
|
||||||
|
IN int Status,
|
||||||
|
IN X509_STORE_CTX *Context
|
||||||
|
)
|
||||||
|
{
|
||||||
|
X509_OBJECT *Obj;
|
||||||
|
INTN Error;
|
||||||
|
INTN Index;
|
||||||
|
INTN Count;
|
||||||
|
|
||||||
|
Obj = NULL;
|
||||||
|
Error = (INTN) X509_STORE_CTX_get_error (Context);
|
||||||
|
|
||||||
|
//
|
||||||
|
// X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT and X509_V_ERR_UNABLE_TO_GET_ISSUER_
|
||||||
|
// CERT_LOCALLY mean a X509 certificate is not self signed and its issuer
|
||||||
|
// can not be found in X509_verify_cert of X509_vfy.c.
|
||||||
|
// In order to support intermediate certificate node, we override the
|
||||||
|
// errors if the certification is obtained from X509 store, i.e. it is
|
||||||
|
// a trusted ceritifcate node that is enrolled by user.
|
||||||
|
// Besides,X509_V_ERR_CERT_UNTRUSTED and X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE
|
||||||
|
// are also ignored to enable such feature.
|
||||||
|
//
|
||||||
|
if ((Error == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT) ||
|
||||||
|
(Error == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY)) {
|
||||||
|
Obj = (X509_OBJECT *) malloc (sizeof (X509_OBJECT));
|
||||||
|
if (Obj == NULL) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
Obj->type = X509_LU_X509;
|
||||||
|
Obj->data.x509 = Context->current_cert;
|
||||||
|
|
||||||
|
CRYPTO_w_lock (CRYPTO_LOCK_X509_STORE);
|
||||||
|
|
||||||
|
if (X509_OBJECT_retrieve_match (Context->ctx->objs, Obj)) {
|
||||||
|
Status = 1;
|
||||||
|
} else {
|
||||||
|
//
|
||||||
|
// If any certificate in the chain is enrolled as trusted certificate,
|
||||||
|
// pass the certificate verification.
|
||||||
|
//
|
||||||
|
if (Error == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY) {
|
||||||
|
Count = (INTN) sk_X509_num (Context->chain);
|
||||||
|
for (Index = 0; Index < Count; Index++) {
|
||||||
|
Obj->data.x509 = sk_X509_value (Context->chain, (int) Index);
|
||||||
|
if (X509_OBJECT_retrieve_match (Context->ctx->objs, Obj)) {
|
||||||
|
Status = 1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
CRYPTO_w_unlock (CRYPTO_LOCK_X509_STORE);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((Error == X509_V_ERR_CERT_UNTRUSTED) ||
|
||||||
|
(Error == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE)) {
|
||||||
|
Status = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (Obj != NULL) {
|
||||||
|
OPENSSL_free (Obj);
|
||||||
|
}
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Convert ASN.1 GeneralizedTime to EFI Time.
|
||||||
|
|
||||||
|
@param[in] Asn1Time Pointer to the ASN.1 GeneralizedTime to be converted.
|
||||||
|
@param[out] SigningTime Return the corresponding EFI Time.
|
||||||
|
|
||||||
|
@retval TRUE The time convertion succeeds.
|
||||||
|
@retval FALSE Invalid parameters.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
ConvertAsn1TimeToEfiTime (
|
||||||
|
IN ASN1_TIME *Asn1Time,
|
||||||
|
OUT EFI_TIME *EfiTime
|
||||||
|
)
|
||||||
|
{
|
||||||
|
CONST CHAR8 *Str;
|
||||||
|
UINTN Index;
|
||||||
|
|
||||||
|
if ((Asn1Time == NULL) || (EfiTime == NULL)) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
Str = (CONST CHAR8*)Asn1Time->data;
|
||||||
|
SetMem (EfiTime, 0, sizeof (EFI_TIME));
|
||||||
|
|
||||||
|
Index = 0;
|
||||||
|
if (Asn1Time->type == V_ASN1_UTCTIME) { /* two digit year */
|
||||||
|
EfiTime->Year = (Str[Index++] - '0') * 10;
|
||||||
|
EfiTime->Year += (Str[Index++] - '0');
|
||||||
|
if (EfiTime->Year < 70) {
|
||||||
|
EfiTime->Year += 100;
|
||||||
|
}
|
||||||
|
} else if (Asn1Time->type == V_ASN1_GENERALIZEDTIME) { /* four digit year */
|
||||||
|
EfiTime->Year = (Str[Index++] - '0') * 1000;
|
||||||
|
EfiTime->Year += (Str[Index++] - '0') * 100;
|
||||||
|
EfiTime->Year += (Str[Index++] - '0') * 10;
|
||||||
|
EfiTime->Year += (Str[Index++] - '0');
|
||||||
|
if ((EfiTime->Year < 1900) || (EfiTime->Year > 9999)) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
EfiTime->Month = (Str[Index++] - '0') * 10;
|
||||||
|
EfiTime->Month += (Str[Index++] - '0');
|
||||||
|
if ((EfiTime->Month < 1) || (EfiTime->Month > 12)) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
EfiTime->Day = (Str[Index++] - '0') * 10;
|
||||||
|
EfiTime->Day += (Str[Index++] - '0');
|
||||||
|
if ((EfiTime->Day < 1) || (EfiTime->Day > 31)) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
EfiTime->Hour = (Str[Index++] - '0') * 10;
|
||||||
|
EfiTime->Hour += (Str[Index++] - '0');
|
||||||
|
if (EfiTime->Hour > 23) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
EfiTime->Minute = (Str[Index++] - '0') * 10;
|
||||||
|
EfiTime->Minute += (Str[Index++] - '0');
|
||||||
|
if (EfiTime->Minute > 59) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
EfiTime->Second = (Str[Index++] - '0') * 10;
|
||||||
|
EfiTime->Second += (Str[Index++] - '0');
|
||||||
|
if (EfiTime->Second > 59) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Note: we did not adjust the time based on time zone information */
|
||||||
|
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
|
||||||
|
Check the validity of TimeStamp Token Information.
|
||||||
|
|
||||||
|
@param[in] TstInfo Pointer to the TS_TST_INFO structure.
|
||||||
|
@param[in] TimestampedData Pointer to the data to be time-stamped.
|
||||||
|
@param[in] DataSize Size of timestamped data in bytes.
|
||||||
|
|
||||||
|
@retval TRUE The TimeStamp Token Information is valid.
|
||||||
|
@retval FALSE Invalid TimeStamp Token Information.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
CheckTSTInfo (
|
||||||
|
IN CONST TS_TST_INFO *TstInfo,
|
||||||
|
IN CONST UINT8 *TimestampedData,
|
||||||
|
IN UINTN DataSize
|
||||||
|
)
|
||||||
|
{
|
||||||
|
BOOLEAN Status;
|
||||||
|
TS_MESSAGE_IMPRINT *Imprint;
|
||||||
|
X509_ALGOR *HashAlgo;
|
||||||
|
CONST EVP_MD *Md;
|
||||||
|
EVP_MD_CTX MdCtx;
|
||||||
|
UINTN MdSize;
|
||||||
|
UINT8 *HashedMsg;
|
||||||
|
|
||||||
|
//
|
||||||
|
// Initialization
|
||||||
|
//
|
||||||
|
Status = FALSE;
|
||||||
|
HashAlgo = NULL;
|
||||||
|
HashedMsg = NULL;
|
||||||
|
|
||||||
|
//
|
||||||
|
// -- Check version number of Timestamp:
|
||||||
|
// The version field (currently v1) describes the version of the time-stamp token.
|
||||||
|
// Conforming time-stamping servers MUST be able to provide version 1 time-stamp tokens.
|
||||||
|
//
|
||||||
|
if ((ASN1_INTEGER_get (TstInfo->Version)) != 1) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// -- Check Policies
|
||||||
|
// The policy field MUST indicate the TSA's policy under which the response was produced.
|
||||||
|
//
|
||||||
|
if (TstInfo->Policy == NULL) {
|
||||||
|
/// NOTE: Need to check if the requested and returned policies.
|
||||||
|
/// We have no information about the Requested TSA Policy.
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// -- Compute & Check Message Imprint
|
||||||
|
//
|
||||||
|
Imprint = TstInfo->MessageImprint;
|
||||||
|
HashAlgo = X509_ALGOR_dup (Imprint->HashAlgorithm);
|
||||||
|
|
||||||
|
Md = EVP_get_digestbyobj (HashAlgo->algorithm);
|
||||||
|
if (Md == NULL) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
MdSize = EVP_MD_size (Md);
|
||||||
|
HashedMsg = AllocateZeroPool (MdSize);
|
||||||
|
if (HashedMsg == NULL) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
EVP_DigestInit (&MdCtx, Md);
|
||||||
|
EVP_DigestUpdate (&MdCtx, TimestampedData, DataSize);
|
||||||
|
EVP_DigestFinal (&MdCtx, HashedMsg, NULL);
|
||||||
|
if ((MdSize == (UINTN)ASN1_STRING_length (Imprint->HashedMessage)) &&
|
||||||
|
(CompareMem (HashedMsg, ASN1_STRING_data (Imprint->HashedMessage), MdSize) != 0)) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// -- Check Nonces
|
||||||
|
//
|
||||||
|
if (TstInfo->Nonce != NULL) {
|
||||||
|
//
|
||||||
|
// Nonces is optional, No error if no nonce is returned;
|
||||||
|
//
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// -- Check if the TSA name and signer certificate is matched.
|
||||||
|
//
|
||||||
|
if (TstInfo->Tsa != NULL) {
|
||||||
|
//
|
||||||
|
// Ignored the optional Tsa field checking.
|
||||||
|
//
|
||||||
|
}
|
||||||
|
|
||||||
|
Status = TRUE;
|
||||||
|
|
||||||
|
_Exit:
|
||||||
|
X509_ALGOR_free (HashAlgo);
|
||||||
|
if (HashedMsg != NULL) {
|
||||||
|
FreePool (HashedMsg);
|
||||||
|
}
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Verifies the validility of a TimeStamp Token as described in RFC 3161 ("Internet
|
||||||
|
X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)").
|
||||||
|
|
||||||
|
If TSToken is NULL, then return FALSE.
|
||||||
|
If TimestampedData is NULL, then return FALSE.
|
||||||
|
|
||||||
|
@param[in] TSToken Pointer to the RFC3161 TimeStamp Token, which is generated
|
||||||
|
by a TSA and located in the software publisher's SignerInfo
|
||||||
|
structure.
|
||||||
|
@param[in] TokenSize Size of the TimeStamp Token in bytes.
|
||||||
|
@param[in] TsaCert Pointer to a trusted/root TSA certificate encoded in DER.
|
||||||
|
@param[in] CertSize Size of the trusted TSA certificate in bytes.
|
||||||
|
@param[in] TimestampedData Pointer to the data to be time-stamped.
|
||||||
|
@param[in] DataSize Size of timestamped data in bytes.
|
||||||
|
@param[out] SigningTime Return the time of timestamp generation time if the timestamp
|
||||||
|
signature is valid.
|
||||||
|
|
||||||
|
@retval TRUE The specified timestamp token is valid.
|
||||||
|
@retval FALSE Invalid timestamp token.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
TimestampTokenVerify (
|
||||||
|
IN CONST UINT8 *TSToken,
|
||||||
|
IN UINTN TokenSize,
|
||||||
|
IN CONST UINT8 *TsaCert,
|
||||||
|
IN UINTN CertSize,
|
||||||
|
IN CONST UINT8 *TimestampedData,
|
||||||
|
IN UINTN DataSize,
|
||||||
|
OUT EFI_TIME *SigningTime
|
||||||
|
)
|
||||||
|
{
|
||||||
|
BOOLEAN Status;
|
||||||
|
CONST UINT8 *TokenTemp;
|
||||||
|
PKCS7 *Pkcs7;
|
||||||
|
X509 *Cert;
|
||||||
|
X509_STORE *CertStore;
|
||||||
|
BIO *OutBio;
|
||||||
|
UINT8 *TstData;
|
||||||
|
UINTN TstSize;
|
||||||
|
UINT8 *TstTemp;
|
||||||
|
TS_TST_INFO *TstInfo;
|
||||||
|
|
||||||
|
Status = FALSE;
|
||||||
|
|
||||||
|
//
|
||||||
|
// Check input parameters
|
||||||
|
//
|
||||||
|
if ((TSToken == NULL) || (TsaCert == NULL) || (TimestampedData == NULL) ||
|
||||||
|
(TokenSize > INT_MAX) || (CertSize > INT_MAX) || (DataSize > INT_MAX)) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Initializations
|
||||||
|
//
|
||||||
|
if (SigningTime != NULL) {
|
||||||
|
SetMem (SigningTime, sizeof (EFI_TIME), 0);
|
||||||
|
}
|
||||||
|
Pkcs7 = NULL;
|
||||||
|
Cert = NULL;
|
||||||
|
CertStore = NULL;
|
||||||
|
OutBio = NULL;
|
||||||
|
TstData = NULL;
|
||||||
|
TstInfo = NULL;
|
||||||
|
|
||||||
|
//
|
||||||
|
// TimeStamp Token should contain one valid DER-encoded ASN.1 PKCS#7 structure.
|
||||||
|
//
|
||||||
|
TokenTemp = TSToken;
|
||||||
|
Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **) &TokenTemp, (int) TokenSize);
|
||||||
|
if (Pkcs7 == NULL) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// The timestamp signature (TSA's response) will be one PKCS#7 signed data.
|
||||||
|
//
|
||||||
|
if (!PKCS7_type_is_signed (Pkcs7)) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Read the trusted TSA certificate (DER-encoded), and Construct X509 Certificate.
|
||||||
|
//
|
||||||
|
Cert = d2i_X509 (NULL, &TsaCert, (long) CertSize);
|
||||||
|
if (Cert == NULL) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Setup X509 Store for trusted certificate.
|
||||||
|
//
|
||||||
|
CertStore = X509_STORE_new ();
|
||||||
|
if ((CertStore == NULL) || !(X509_STORE_add_cert (CertStore, Cert))) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Register customized X509 verification callback function to support
|
||||||
|
// trusted intermediate TSA certificate anchor.
|
||||||
|
//
|
||||||
|
CertStore->verify_cb = TSVerifyCallback;
|
||||||
|
|
||||||
|
X509_STORE_set_purpose (CertStore, X509_PURPOSE_ANY);
|
||||||
|
|
||||||
|
//
|
||||||
|
// Verifies the PKCS#7 signedData structure, and output the signed contents.
|
||||||
|
//
|
||||||
|
OutBio = BIO_new (BIO_s_mem ());
|
||||||
|
if (OutBio == NULL) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
if (!PKCS7_verify (Pkcs7, NULL, CertStore, NULL, OutBio, PKCS7_BINARY)) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Read the signed contents detached in timestamp signature.
|
||||||
|
//
|
||||||
|
TstData = AllocateZeroPool (2048);
|
||||||
|
if (TstData == NULL) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
TstSize = BIO_read (OutBio, (void *) TstData, 2048);
|
||||||
|
|
||||||
|
//
|
||||||
|
// Construct TS_TST_INFO structure from the signed contents.
|
||||||
|
//
|
||||||
|
TstTemp = TstData;
|
||||||
|
TstInfo = d2i_TS_TST_INFO (NULL, &TstTemp, (int)TstSize);
|
||||||
|
if (TstInfo == NULL) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Check TS_TST_INFO structure.
|
||||||
|
//
|
||||||
|
Status = CheckTSTInfo (TstInfo, TimestampedData, DataSize);
|
||||||
|
if (!Status) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Retrieve the signing time from TS_TST_INFO structure.
|
||||||
|
//
|
||||||
|
if (SigningTime != NULL) {
|
||||||
|
SetMem (SigningTime, sizeof (EFI_TIME), 0);
|
||||||
|
Status = ConvertAsn1TimeToEfiTime (TstInfo->GenTime, SigningTime);
|
||||||
|
}
|
||||||
|
|
||||||
|
_Exit:
|
||||||
|
//
|
||||||
|
// Release Resources
|
||||||
|
//
|
||||||
|
PKCS7_free (Pkcs7);
|
||||||
|
X509_free (Cert);
|
||||||
|
X509_STORE_free (CertStore);
|
||||||
|
BIO_free (OutBio);
|
||||||
|
TS_TST_INFO_free (TstInfo);
|
||||||
|
|
||||||
|
if (TstData != NULL) {
|
||||||
|
FreePool (TstData);
|
||||||
|
}
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
Verifies the validility of a RFC3161 Timestamp CounterSignature embedded in PE/COFF Authenticode
|
||||||
|
signature.
|
||||||
|
|
||||||
|
If AuthData is NULL, then return FALSE.
|
||||||
|
|
||||||
|
@param[in] AuthData Pointer to the Authenticode Signature retrieved from signed
|
||||||
|
PE/COFF image to be verified.
|
||||||
|
@param[in] DataSize Size of the Authenticode Signature in bytes.
|
||||||
|
@param[in] TsaCert Pointer to a trusted/root TSA certificate encoded in DER, which
|
||||||
|
is used for TSA certificate chain verification.
|
||||||
|
@param[in] CertSize Size of the trusted certificate in bytes.
|
||||||
|
@param[out] SigningTime Return the time of timestamp generation time if the timestamp
|
||||||
|
signature is valid.
|
||||||
|
|
||||||
|
@retval TRUE The specified Authenticode includes a valid RFC3161 Timestamp CounterSignature.
|
||||||
|
@retval FALSE No valid RFC3161 Timestamp CounterSignature in the specified Authenticode data.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
ImageTimestampVerify (
|
||||||
|
IN CONST UINT8 *AuthData,
|
||||||
|
IN UINTN DataSize,
|
||||||
|
IN CONST UINT8 *TsaCert,
|
||||||
|
IN UINTN CertSize,
|
||||||
|
OUT EFI_TIME *SigningTime
|
||||||
|
)
|
||||||
|
{
|
||||||
|
BOOLEAN Status;
|
||||||
|
PKCS7 *Pkcs7;
|
||||||
|
STACK_OF(PKCS7_SIGNER_INFO) *SignerInfos;
|
||||||
|
PKCS7_SIGNER_INFO *SignInfo;
|
||||||
|
UINTN Index;
|
||||||
|
STACK_OF(X509_ATTRIBUTE) *Sk;
|
||||||
|
X509_ATTRIBUTE *Xa;
|
||||||
|
ASN1_TYPE *Asn1Type;
|
||||||
|
ASN1_OCTET_STRING *EncDigest;
|
||||||
|
UINT8 *TSToken;
|
||||||
|
UINTN TokenSize;
|
||||||
|
|
||||||
|
//
|
||||||
|
// Input Parameters Checking.
|
||||||
|
//
|
||||||
|
if ((AuthData == NULL) || (TsaCert == NULL)) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((DataSize > INT_MAX) || (CertSize > INT_MAX)) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Register & Initialize necessary digest algorithms for PKCS#7 Handling.
|
||||||
|
//
|
||||||
|
if ((EVP_add_digest (EVP_md5 ()) == 0) || (EVP_add_digest (EVP_sha1 ()) == 0) ||
|
||||||
|
(EVP_add_digest (EVP_sha256 ()) == 0) || (EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA)) == 0) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Initialization.
|
||||||
|
//
|
||||||
|
Status = FALSE;
|
||||||
|
Pkcs7 = NULL;
|
||||||
|
SignInfo = NULL;
|
||||||
|
|
||||||
|
//
|
||||||
|
// Decode ASN.1-encoded Authenticode data into PKCS7 structure.
|
||||||
|
//
|
||||||
|
Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **) &AuthData, (int) DataSize);
|
||||||
|
if (Pkcs7 == NULL) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Check if there is one and only one signer.
|
||||||
|
//
|
||||||
|
SignerInfos = PKCS7_get_signer_info (Pkcs7);
|
||||||
|
if (!SignerInfos || (sk_PKCS7_SIGNER_INFO_num (SignerInfos) != 1)) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Locate the TimeStamp CounterSignature.
|
||||||
|
//
|
||||||
|
SignInfo = sk_PKCS7_SIGNER_INFO_value (SignerInfos, 0);
|
||||||
|
if (SignInfo == NULL) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Locate Message Digest which will be the data to be time-stamped.
|
||||||
|
//
|
||||||
|
EncDigest = SignInfo->enc_digest;
|
||||||
|
if (EncDigest == NULL) {
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// The RFC3161 timestamp counterSignature is contained in unauthenticatedAttributes field
|
||||||
|
// of SignerInfo.
|
||||||
|
//
|
||||||
|
Sk = SignInfo->unauth_attr;
|
||||||
|
if (Sk == NULL) { // No timestamp counterSignature.
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
Asn1Type = NULL;
|
||||||
|
for (Index = 0; Index < (UINTN) sk_X509_ATTRIBUTE_num (Sk); Index++) {
|
||||||
|
//
|
||||||
|
// Search valid RFC3161 timestamp counterSignature based on OBJID.
|
||||||
|
//
|
||||||
|
Xa = sk_X509_ATTRIBUTE_value (Sk, (int)Index);
|
||||||
|
if ((Xa->object->length != sizeof (mSpcRFC3161OidValue)) ||
|
||||||
|
(CompareMem (Xa->object->data, mSpcRFC3161OidValue, sizeof (mSpcRFC3161OidValue)) != 0)) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
Asn1Type = sk_ASN1_TYPE_value (Xa->value.set, 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (Asn1Type == NULL) {
|
||||||
|
Status = FALSE;
|
||||||
|
goto _Exit;
|
||||||
|
}
|
||||||
|
TSToken = Asn1Type->value.octet_string->data;
|
||||||
|
TokenSize = Asn1Type->value.octet_string->length;
|
||||||
|
|
||||||
|
//
|
||||||
|
// TimeStamp counterSignature (Token) verification.
|
||||||
|
//
|
||||||
|
Status = TimestampTokenVerify (
|
||||||
|
TSToken,
|
||||||
|
TokenSize,
|
||||||
|
TsaCert,
|
||||||
|
CertSize,
|
||||||
|
EncDigest->data,
|
||||||
|
EncDigest->length,
|
||||||
|
SigningTime
|
||||||
|
);
|
||||||
|
|
||||||
|
_Exit:
|
||||||
|
//
|
||||||
|
// Release Resources
|
||||||
|
//
|
||||||
|
PKCS7_free (Pkcs7);
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
|
@ -0,0 +1,48 @@
|
||||||
|
/** @file
|
||||||
|
RFC3161 Timestamp Countersignature Verification Wrapper Implementation which does
|
||||||
|
not provide real capabilities.
|
||||||
|
|
||||||
|
Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
|
This program and the accompanying materials
|
||||||
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
|
http://opensource.org/licenses/bsd-license.php
|
||||||
|
|
||||||
|
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||||
|
|
||||||
|
**/
|
||||||
|
|
||||||
|
#include "InternalCryptLib.h"
|
||||||
|
|
||||||
|
/**
|
||||||
|
Verifies the validility of a RFC3161 Timestamp CounterSignature embedded in PE/COFF Authenticode
|
||||||
|
signature.
|
||||||
|
|
||||||
|
Return FALSE to indicate this interface is not supported.
|
||||||
|
|
||||||
|
@param[in] AuthData Pointer to the Authenticode Signature retrieved from signed
|
||||||
|
PE/COFF image to be verified.
|
||||||
|
@param[in] DataSize Size of the Authenticode Signature in bytes.
|
||||||
|
@param[in] TsaCert Pointer to a trusted/root TSA certificate encoded in DER, which
|
||||||
|
is used for TSA certificate chain verification.
|
||||||
|
@param[in] CertSize Size of the trusted certificate in bytes.
|
||||||
|
@param[out] SigningTime Return the time of timestamp generation time if the timestamp
|
||||||
|
signature is valid.
|
||||||
|
|
||||||
|
@retval FALSE This interface is not supported.
|
||||||
|
|
||||||
|
**/
|
||||||
|
BOOLEAN
|
||||||
|
EFIAPI
|
||||||
|
ImageTimestampVerify (
|
||||||
|
IN CONST UINT8 *AuthData,
|
||||||
|
IN UINTN DataSize,
|
||||||
|
IN CONST UINT8 *TsaCert,
|
||||||
|
IN UINTN CertSize,
|
||||||
|
OUT EFI_TIME *SigningTime
|
||||||
|
)
|
||||||
|
{
|
||||||
|
ASSERT (FALSE);
|
||||||
|
return FALSE;
|
||||||
|
}
|
|
@ -3,23 +3,23 @@
|
||||||
#
|
#
|
||||||
# Caution: This module requires additional review when modified.
|
# Caution: This module requires additional review when modified.
|
||||||
# This library will have external input - signature.
|
# This library will have external input - signature.
|
||||||
# This external input must be validated carefully to avoid security issues such as
|
# This external input must be validated carefully to avoid security issues such as
|
||||||
# buffer overflow or integer overflow.
|
# buffer overflow or integer overflow.
|
||||||
#
|
#
|
||||||
# Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/
|
# Note: MD4 Digest functions, SHA-384 Digest functions, SHA-512 Digest functions,
|
||||||
# TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
|
# HMAC-MD5 functions, HMAC-SHA1 functions, AES/TDES/ARC4 functions, RSA external
|
||||||
# Diffie-Hellman functions, and authenticode signature verification functions are
|
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
|
||||||
# not supported in this instance.
|
# authenticode signature verification functions are not supported in this instance.
|
||||||
#
|
#
|
||||||
# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
|
# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
# This program and the accompanying materials
|
# This program and the accompanying materials
|
||||||
# are licensed and made available under the terms and conditions of the BSD License
|
# are licensed and made available under the terms and conditions of the BSD License
|
||||||
# which accompanies this distribution. The full text of the license may be found at
|
# which accompanies this distribution. The full text of the license may be found at
|
||||||
# http://opensource.org/licenses/bsd-license.php
|
# http://opensource.org/licenses/bsd-license.php
|
||||||
#
|
#
|
||||||
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||||
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||||
#
|
#
|
||||||
##
|
##
|
||||||
|
|
||||||
[Defines]
|
[Defines]
|
||||||
|
@ -43,6 +43,7 @@
|
||||||
Hash/CryptMd5.c
|
Hash/CryptMd5.c
|
||||||
Hash/CryptSha1.c
|
Hash/CryptSha1.c
|
||||||
Hash/CryptSha256.c
|
Hash/CryptSha256.c
|
||||||
|
Hash/CryptSha512Null.c
|
||||||
Hmac/CryptHmacMd5Null.c
|
Hmac/CryptHmacMd5Null.c
|
||||||
Hmac/CryptHmacSha1Null.c
|
Hmac/CryptHmacSha1Null.c
|
||||||
Cipher/CryptAesNull.c
|
Cipher/CryptAesNull.c
|
||||||
|
@ -51,10 +52,11 @@
|
||||||
Pk/CryptRsaBasic.c
|
Pk/CryptRsaBasic.c
|
||||||
Pk/CryptRsaExtNull.c
|
Pk/CryptRsaExtNull.c
|
||||||
Pk/CryptPkcs7SignNull.c
|
Pk/CryptPkcs7SignNull.c
|
||||||
Pk/CryptPkcs7Verify.c
|
Pk/CryptPkcs7Verify.c
|
||||||
Pk/CryptDhNull.c
|
Pk/CryptDhNull.c
|
||||||
Pk/CryptX509.c
|
Pk/CryptX509.c
|
||||||
Pk/CryptAuthenticodeNull.c
|
Pk/CryptAuthenticodeNull.c
|
||||||
|
Pk/CryptTsNull.c
|
||||||
Pem/CryptPem.c
|
Pem/CryptPem.c
|
||||||
|
|
||||||
SysCall/CrtWrapper.c
|
SysCall/CrtWrapper.c
|
||||||
|
@ -62,24 +64,6 @@
|
||||||
SysCall/RuntimeMemAllocation.c
|
SysCall/RuntimeMemAllocation.c
|
||||||
|
|
||||||
[Sources.Ia32]
|
[Sources.Ia32]
|
||||||
SysCall/Ia32/MathMultS64x64.c | MSFT
|
|
||||||
SysCall/Ia32/MathDivU64x64.c | MSFT
|
|
||||||
SysCall/Ia32/MathReminderU64x64.c | MSFT
|
|
||||||
SysCall/Ia32/MathLShiftS64.c | MSFT
|
|
||||||
SysCall/Ia32/MathRShiftU64.c | MSFT
|
|
||||||
|
|
||||||
SysCall/Ia32/MathMultS64x64.c | INTEL
|
|
||||||
SysCall/Ia32/MathDivU64x64.c | INTEL
|
|
||||||
SysCall/Ia32/MathReminderU64x64.c | INTEL
|
|
||||||
SysCall/Ia32/MathLShiftS64.c | INTEL
|
|
||||||
SysCall/Ia32/MathRShiftU64.c | INTEL
|
|
||||||
|
|
||||||
SysCall/Ia32/MathMultS64x64.S | GCC
|
|
||||||
SysCall/Ia32/MathDivU64x64.S | GCC
|
|
||||||
SysCall/Ia32/MathReminderU64x64.S | GCC
|
|
||||||
SysCall/Ia32/MathLShiftS64.S | GCC
|
|
||||||
SysCall/Ia32/MathRShiftU64.S | GCC
|
|
||||||
|
|
||||||
Rand/CryptRandTsc.c
|
Rand/CryptRandTsc.c
|
||||||
|
|
||||||
[Sources.X64]
|
[Sources.X64]
|
||||||
|
@ -114,4 +98,3 @@
|
||||||
#
|
#
|
||||||
[BuildOptions]
|
[BuildOptions]
|
||||||
GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))" "-D__declspec(t)=__attribute__((t))"
|
GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))" "-D__declspec(t)=__attribute__((t))"
|
||||||
|
|
||||||
|
|
|
@ -3,23 +3,23 @@
|
||||||
#
|
#
|
||||||
# Caution: This module requires additional review when modified.
|
# Caution: This module requires additional review when modified.
|
||||||
# This library will have external input - signature.
|
# This library will have external input - signature.
|
||||||
# This external input must be validated carefully to avoid security issues such as
|
# This external input must be validated carefully to avoid security issues such as
|
||||||
# buffer overflow or integer overflow.
|
# buffer overflow or integer overflow.
|
||||||
#
|
#
|
||||||
# Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/
|
# Note: MD4 Digest functions, SHA-384 Digest functions, SHA-512 Digest functions,
|
||||||
# TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
|
# HMAC-MD5 functions, HMAC-SHA1 functions, AES/TDES/ARC4 functions, RSA external
|
||||||
# Diffie-Hellman functions, and authenticode signature verification functions are
|
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
|
||||||
# not supported in this instance.
|
# authenticode signature verification functions are not supported in this instance.
|
||||||
#
|
#
|
||||||
# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
|
# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
# This program and the accompanying materials
|
# This program and the accompanying materials
|
||||||
# are licensed and made available under the terms and conditions of the BSD License
|
# are licensed and made available under the terms and conditions of the BSD License
|
||||||
# which accompanies this distribution. The full text of the license may be found at
|
# which accompanies this distribution. The full text of the license may be found at
|
||||||
# http://opensource.org/licenses/bsd-license.php
|
# http://opensource.org/licenses/bsd-license.php
|
||||||
#
|
#
|
||||||
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||||
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||||
#
|
#
|
||||||
##
|
##
|
||||||
|
|
||||||
[Defines]
|
[Defines]
|
||||||
|
@ -43,6 +43,7 @@
|
||||||
Hash/CryptMd5.c
|
Hash/CryptMd5.c
|
||||||
Hash/CryptSha1.c
|
Hash/CryptSha1.c
|
||||||
Hash/CryptSha256.c
|
Hash/CryptSha256.c
|
||||||
|
Hash/CryptSha512Null.c
|
||||||
Hmac/CryptHmacMd5Null.c
|
Hmac/CryptHmacMd5Null.c
|
||||||
Hmac/CryptHmacSha1Null.c
|
Hmac/CryptHmacSha1Null.c
|
||||||
Cipher/CryptAesNull.c
|
Cipher/CryptAesNull.c
|
||||||
|
@ -55,6 +56,7 @@
|
||||||
Pk/CryptDhNull.c
|
Pk/CryptDhNull.c
|
||||||
Pk/CryptX509.c
|
Pk/CryptX509.c
|
||||||
Pk/CryptAuthenticodeNull.c
|
Pk/CryptAuthenticodeNull.c
|
||||||
|
Pk/CryptTsNull.c
|
||||||
Pem/CryptPem.c
|
Pem/CryptPem.c
|
||||||
|
|
||||||
SysCall/CrtWrapper.c
|
SysCall/CrtWrapper.c
|
||||||
|
@ -62,24 +64,6 @@
|
||||||
SysCall/BaseMemAllocation.c
|
SysCall/BaseMemAllocation.c
|
||||||
|
|
||||||
[Sources.Ia32]
|
[Sources.Ia32]
|
||||||
SysCall/Ia32/MathMultS64x64.c | MSFT
|
|
||||||
SysCall/Ia32/MathDivU64x64.c | MSFT
|
|
||||||
SysCall/Ia32/MathReminderU64x64.c | MSFT
|
|
||||||
SysCall/Ia32/MathLShiftS64.c | MSFT
|
|
||||||
SysCall/Ia32/MathRShiftU64.c | MSFT
|
|
||||||
|
|
||||||
SysCall/Ia32/MathMultS64x64.c | INTEL
|
|
||||||
SysCall/Ia32/MathDivU64x64.c | INTEL
|
|
||||||
SysCall/Ia32/MathReminderU64x64.c | INTEL
|
|
||||||
SysCall/Ia32/MathLShiftS64.c | INTEL
|
|
||||||
SysCall/Ia32/MathRShiftU64.c | INTEL
|
|
||||||
|
|
||||||
SysCall/Ia32/MathMultS64x64.S | GCC
|
|
||||||
SysCall/Ia32/MathDivU64x64.S | GCC
|
|
||||||
SysCall/Ia32/MathReminderU64x64.S | GCC
|
|
||||||
SysCall/Ia32/MathLShiftS64.S | GCC
|
|
||||||
SysCall/Ia32/MathRShiftU64.S | GCC
|
|
||||||
|
|
||||||
Rand/CryptRandTsc.c
|
Rand/CryptRandTsc.c
|
||||||
|
|
||||||
[Sources.X64]
|
[Sources.X64]
|
||||||
|
|
|
@ -1,83 +0,0 @@
|
||||||
#------------------------------------------------------------------------------
|
|
||||||
#
|
|
||||||
# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
|
|
||||||
# This program and the accompanying materials
|
|
||||||
# are licensed and made available under the terms and conditions of the BSD License
|
|
||||||
# which accompanies this distribution. The full text of the license may be found at
|
|
||||||
# http://opensource.org/licenses/bsd-license.php.
|
|
||||||
#
|
|
||||||
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
|
||||||
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
|
||||||
#
|
|
||||||
# Module Name:
|
|
||||||
#
|
|
||||||
# MathDivU64x64.S
|
|
||||||
#
|
|
||||||
# Abstract:
|
|
||||||
#
|
|
||||||
# 64-bit Math Worker Function.
|
|
||||||
# Divides a 64-bit unsigned value with a 64-bit unsigned value and returns
|
|
||||||
# a 64-bit unsigned result.
|
|
||||||
#
|
|
||||||
#------------------------------------------------------------------------------
|
|
||||||
|
|
||||||
.686:
|
|
||||||
.code:
|
|
||||||
|
|
||||||
ASM_GLOBAL ASM_PFX(__udivdi3), ASM_PFX(DivU64x64Remainder)
|
|
||||||
|
|
||||||
#------------------------------------------------------------------------------
|
|
||||||
#
|
|
||||||
# void __cdecl __udivdi3 (void)
|
|
||||||
#
|
|
||||||
#------------------------------------------------------------------------------
|
|
||||||
ASM_PFX(__udivdi3):
|
|
||||||
# Original local stack when calling __udivdi3
|
|
||||||
# -----------------
|
|
||||||
# | |
|
|
||||||
# |---------------|
|
|
||||||
# | |
|
|
||||||
# |-- Divisor --|
|
|
||||||
# | |
|
|
||||||
# |---------------|
|
|
||||||
# | |
|
|
||||||
# |-- Dividend --|
|
|
||||||
# | |
|
|
||||||
# |---------------|
|
|
||||||
# | ReturnAddr** |
|
|
||||||
# ESP---->|---------------|
|
|
||||||
#
|
|
||||||
|
|
||||||
#
|
|
||||||
# Set up the local stack for NULL Reminder pointer
|
|
||||||
#
|
|
||||||
xorl %eax, %eax
|
|
||||||
push %eax
|
|
||||||
|
|
||||||
#
|
|
||||||
# Set up the local stack for Divisor parameter
|
|
||||||
#
|
|
||||||
movl 20(%esp), %eax
|
|
||||||
push %eax
|
|
||||||
movl 20(%esp), %eax
|
|
||||||
push %eax
|
|
||||||
|
|
||||||
#
|
|
||||||
# Set up the local stack for Dividend parameter
|
|
||||||
#
|
|
||||||
movl 20(%esp), %eax
|
|
||||||
push %eax
|
|
||||||
movl 20(%esp), %eax
|
|
||||||
push %eax
|
|
||||||
|
|
||||||
#
|
|
||||||
# Call native DivU64x64Remainder of BaseLib
|
|
||||||
#
|
|
||||||
jmp ASM_PFX(DivU64x64Remainder)
|
|
||||||
|
|
||||||
#
|
|
||||||
# Adjust stack
|
|
||||||
#
|
|
||||||
addl $20, %esp
|
|
||||||
|
|
||||||
ret $16
|
|
|
@ -1,88 +0,0 @@
|
||||||
/** @file
|
|
||||||
64-bit Math Worker Function.
|
|
||||||
The 32-bit versions of C compiler generate calls to library routines
|
|
||||||
to handle 64-bit math. These functions use non-standard calling conventions.
|
|
||||||
|
|
||||||
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
|
|
||||||
This program and the accompanying materials
|
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
|
||||||
http://opensource.org/licenses/bsd-license.php
|
|
||||||
|
|
||||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
|
||||||
|
|
||||||
**/
|
|
||||||
|
|
||||||
#include <Library/BaseLib.h>
|
|
||||||
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Divides a 64-bit unsigned value with a 64-bit unsigned value and returns
|
|
||||||
* a 64-bit unsigned result.
|
|
||||||
*/
|
|
||||||
__declspec(naked) void __cdecl _aulldiv (void)
|
|
||||||
{
|
|
||||||
//
|
|
||||||
// Wrapper Implementation over EDKII DivU64x64Reminder() routine
|
|
||||||
// UINT64
|
|
||||||
// EFIAPI
|
|
||||||
// DivU64x64Remainder (
|
|
||||||
// IN UINT64 Dividend,
|
|
||||||
// IN UINT64 Divisor,
|
|
||||||
// OUT UINT64 *Remainder OPTIONAL
|
|
||||||
// )
|
|
||||||
//
|
|
||||||
_asm {
|
|
||||||
|
|
||||||
; Original local stack when calling _aulldiv
|
|
||||||
; -----------------
|
|
||||||
; | |
|
|
||||||
; |---------------|
|
|
||||||
; | |
|
|
||||||
; |-- Divisor --|
|
|
||||||
; | |
|
|
||||||
; |---------------|
|
|
||||||
; | |
|
|
||||||
; |-- Dividend --|
|
|
||||||
; | |
|
|
||||||
; |---------------|
|
|
||||||
; | ReturnAddr** |
|
|
||||||
; ESP---->|---------------|
|
|
||||||
;
|
|
||||||
|
|
||||||
;
|
|
||||||
; Set up the local stack for NULL Reminder pointer
|
|
||||||
;
|
|
||||||
xor eax, eax
|
|
||||||
push eax
|
|
||||||
|
|
||||||
;
|
|
||||||
; Set up the local stack for Divisor parameter
|
|
||||||
;
|
|
||||||
mov eax, [esp + 20]
|
|
||||||
push eax
|
|
||||||
mov eax, [esp + 20]
|
|
||||||
push eax
|
|
||||||
|
|
||||||
;
|
|
||||||
; Set up the local stack for Dividend parameter
|
|
||||||
;
|
|
||||||
mov eax, [esp + 20]
|
|
||||||
push eax
|
|
||||||
mov eax, [esp + 20]
|
|
||||||
push eax
|
|
||||||
|
|
||||||
;
|
|
||||||
; Call native DivU64x64Remainder of BaseLib
|
|
||||||
;
|
|
||||||
call DivU64x64Remainder
|
|
||||||
|
|
||||||
;
|
|
||||||
; Adjust stack
|
|
||||||
;
|
|
||||||
add esp, 20
|
|
||||||
|
|
||||||
ret 16
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,77 +0,0 @@
|
||||||
#------------------------------------------------------------------------------
|
|
||||||
#
|
|
||||||
# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
|
|
||||||
# This program and the accompanying materials
|
|
||||||
# are licensed and made available under the terms and conditions of the BSD License
|
|
||||||
# which accompanies this distribution. The full text of the license may be found at
|
|
||||||
# http://opensource.org/licenses/bsd-license.php.
|
|
||||||
#
|
|
||||||
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
|
||||||
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
|
||||||
#
|
|
||||||
# Module Name:
|
|
||||||
#
|
|
||||||
# MathMultS64x64.S
|
|
||||||
#
|
|
||||||
# Abstract:
|
|
||||||
#
|
|
||||||
# 64-bit Math Worker Function.
|
|
||||||
# Multiplies a 64-bit signed or unsigned value by a 64-bit signed or unsigned value
|
|
||||||
# and returns a 64-bit result
|
|
||||||
#
|
|
||||||
#------------------------------------------------------------------------------
|
|
||||||
|
|
||||||
.686:
|
|
||||||
.code:
|
|
||||||
|
|
||||||
ASM_GLOBAL ASM_PFX(_mulll), ASM_PFX(MultS64x64)
|
|
||||||
|
|
||||||
#------------------------------------------------------------------------------
|
|
||||||
#
|
|
||||||
# void __cdecl __mulll (void)
|
|
||||||
#
|
|
||||||
#------------------------------------------------------------------------------
|
|
||||||
ASM_PFX(__mulll):
|
|
||||||
# Original local stack when calling __mulll
|
|
||||||
# -----------------
|
|
||||||
# | |
|
|
||||||
# |---------------|
|
|
||||||
# | |
|
|
||||||
# |--Multiplier --|
|
|
||||||
# | |
|
|
||||||
# |---------------|
|
|
||||||
# | |
|
|
||||||
# |--Multiplicand-|
|
|
||||||
# | |
|
|
||||||
# |---------------|
|
|
||||||
# | ReturnAddr** |
|
|
||||||
# ESP---->|---------------|
|
|
||||||
#
|
|
||||||
|
|
||||||
#
|
|
||||||
# Set up the local stack for Multiplicand parameter
|
|
||||||
#
|
|
||||||
movl 16(%esp), %eax
|
|
||||||
push %eax
|
|
||||||
movl 16(%esp), %eax
|
|
||||||
push %eax
|
|
||||||
|
|
||||||
#
|
|
||||||
# Set up the local stack for Multiplier parameter
|
|
||||||
#
|
|
||||||
movl 16(%esp), %eax
|
|
||||||
push %eax
|
|
||||||
movl 16(%esp), %eax
|
|
||||||
push %eax
|
|
||||||
|
|
||||||
#
|
|
||||||
# Call native MulS64x64 of BaseLib
|
|
||||||
#
|
|
||||||
jmp ASM_PFX(MultS64x64)
|
|
||||||
|
|
||||||
#
|
|
||||||
# Adjust stack
|
|
||||||
#
|
|
||||||
add $16, %esp
|
|
||||||
|
|
||||||
ret $16
|
|
|
@ -1,79 +0,0 @@
|
||||||
/** @file
|
|
||||||
64-bit Math Worker Function.
|
|
||||||
The 32-bit versions of C compiler generate calls to library routines
|
|
||||||
to handle 64-bit math. These functions use non-standard calling conventions.
|
|
||||||
|
|
||||||
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
|
|
||||||
This program and the accompanying materials
|
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
|
||||||
http://opensource.org/licenses/bsd-license.php
|
|
||||||
|
|
||||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
|
||||||
|
|
||||||
**/
|
|
||||||
|
|
||||||
#include <Library/BaseLib.h>
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Multiplies a 64-bit signed or unsigned value by a 64-bit signed or unsigned value
|
|
||||||
* and returns a 64-bit result.
|
|
||||||
*/
|
|
||||||
__declspec(naked) void __cdecl _allmul (void)
|
|
||||||
{
|
|
||||||
//
|
|
||||||
// Wrapper Implementation over EDKII MultS64x64() routine
|
|
||||||
// INT64
|
|
||||||
// EFIAPI
|
|
||||||
// MultS64x64 (
|
|
||||||
// IN INT64 Multiplicand,
|
|
||||||
// IN INT64 Multiplier
|
|
||||||
// )
|
|
||||||
//
|
|
||||||
_asm {
|
|
||||||
; Original local stack when calling _allmul
|
|
||||||
; -----------------
|
|
||||||
; | |
|
|
||||||
; |---------------|
|
|
||||||
; | |
|
|
||||||
; |--Multiplier --|
|
|
||||||
; | |
|
|
||||||
; |---------------|
|
|
||||||
; | |
|
|
||||||
; |--Multiplicand-|
|
|
||||||
; | |
|
|
||||||
; |---------------|
|
|
||||||
; | ReturnAddr** |
|
|
||||||
; ESP---->|---------------|
|
|
||||||
;
|
|
||||||
|
|
||||||
;
|
|
||||||
; Set up the local stack for Multiplicand parameter
|
|
||||||
;
|
|
||||||
mov eax, [esp + 16]
|
|
||||||
push eax
|
|
||||||
mov eax, [esp + 16]
|
|
||||||
push eax
|
|
||||||
|
|
||||||
;
|
|
||||||
; Set up the local stack for Multiplier parameter
|
|
||||||
;
|
|
||||||
mov eax, [esp + 16]
|
|
||||||
push eax
|
|
||||||
mov eax, [esp + 16]
|
|
||||||
push eax
|
|
||||||
|
|
||||||
;
|
|
||||||
; Call native MulS64x64 of BaseLib
|
|
||||||
;
|
|
||||||
call MultS64x64
|
|
||||||
|
|
||||||
;
|
|
||||||
; Adjust stack
|
|
||||||
;
|
|
||||||
add esp, 16
|
|
||||||
|
|
||||||
ret 16
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,89 +0,0 @@
|
||||||
#------------------------------------------------------------------------------
|
|
||||||
#
|
|
||||||
# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
|
|
||||||
# This program and the accompanying materials
|
|
||||||
# are licensed and made available under the terms and conditions of the BSD License
|
|
||||||
# which accompanies this distribution. The full text of the license may be found at
|
|
||||||
# http://opensource.org/licenses/bsd-license.php.
|
|
||||||
#
|
|
||||||
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
|
||||||
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
|
||||||
#
|
|
||||||
# Module Name:
|
|
||||||
#
|
|
||||||
# MathReminderU64x64.S
|
|
||||||
#
|
|
||||||
# Abstract:
|
|
||||||
#
|
|
||||||
# 64-bit Math Worker Function.
|
|
||||||
# Divides a 64-bit unsigned value by another 64-bit unsigned value and returns
|
|
||||||
# the 64-bit unsigned remainder
|
|
||||||
#
|
|
||||||
#------------------------------------------------------------------------------
|
|
||||||
|
|
||||||
.686:
|
|
||||||
.code:
|
|
||||||
|
|
||||||
ASM_GLOBAL ASM_PFX(__umoddi3), ASM_PFX(DivU64x64Remainder)
|
|
||||||
|
|
||||||
#------------------------------------------------------------------------------
|
|
||||||
#
|
|
||||||
# void __cdecl __umoddi3 (void)
|
|
||||||
#
|
|
||||||
#------------------------------------------------------------------------------
|
|
||||||
ASM_PFX(__umoddi3):
|
|
||||||
# Original local stack when calling __umoddi3
|
|
||||||
# -----------------
|
|
||||||
# | |
|
|
||||||
# |---------------|
|
|
||||||
# | |
|
|
||||||
# |-- Divisor --|
|
|
||||||
# | |
|
|
||||||
# |---------------|
|
|
||||||
# | |
|
|
||||||
# |-- Dividend --|
|
|
||||||
# | |
|
|
||||||
# |---------------|
|
|
||||||
# | ReturnAddr** |
|
|
||||||
# ESP---->|---------------|
|
|
||||||
#
|
|
||||||
|
|
||||||
#
|
|
||||||
# Set up the local stack for Reminder pointer
|
|
||||||
#
|
|
||||||
sub $8, %esp
|
|
||||||
push %esp
|
|
||||||
|
|
||||||
#
|
|
||||||
# Set up the local stack for Divisor parameter
|
|
||||||
#
|
|
||||||
movl 28(%esp), %eax
|
|
||||||
push %eax
|
|
||||||
movl 28(%esp), %eax
|
|
||||||
push %eax
|
|
||||||
|
|
||||||
#
|
|
||||||
# Set up the local stack for Dividend parameter
|
|
||||||
#
|
|
||||||
movl 28(%esp), %eax
|
|
||||||
push %eax
|
|
||||||
movl 28(%esp), %eax
|
|
||||||
push %eax
|
|
||||||
|
|
||||||
#
|
|
||||||
# Call native DivU64x64Remainder of BaseLib
|
|
||||||
#
|
|
||||||
jmp ASM_PFX(DivU64x64Remainder)
|
|
||||||
|
|
||||||
#
|
|
||||||
# Put the Reminder in EDX:EAX as return value
|
|
||||||
#
|
|
||||||
movl 20(%esp), %eax
|
|
||||||
movl 24(%esp), %edx
|
|
||||||
|
|
||||||
#
|
|
||||||
# Adjust stack
|
|
||||||
#
|
|
||||||
add $28, %esp
|
|
||||||
|
|
||||||
ret $16
|
|
|
@ -1,93 +0,0 @@
|
||||||
/** @file
|
|
||||||
64-bit Math Worker Function.
|
|
||||||
The 32-bit versions of C compiler generate calls to library routines
|
|
||||||
to handle 64-bit math. These functions use non-standard calling conventions.
|
|
||||||
|
|
||||||
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
|
|
||||||
This program and the accompanying materials
|
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
|
||||||
http://opensource.org/licenses/bsd-license.php
|
|
||||||
|
|
||||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
|
||||||
|
|
||||||
**/
|
|
||||||
|
|
||||||
#include <Library/BaseLib.h>
|
|
||||||
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Divides a 64-bit unsigned value by another 64-bit unsigned value and returns
|
|
||||||
* the 64-bit unsigned remainder.
|
|
||||||
*/
|
|
||||||
__declspec(naked) void __cdecl _aullrem(void)
|
|
||||||
{
|
|
||||||
//
|
|
||||||
// Wrapper Implementation over EDKII DivU64x64Remainder() routine
|
|
||||||
// UINT64
|
|
||||||
// EFIAPI
|
|
||||||
// DivU64x64Remainder (
|
|
||||||
// IN UINT64 Dividend,
|
|
||||||
// IN UINT64 Divisor,
|
|
||||||
// OUT UINT64 *Remainder OPTIONAL
|
|
||||||
// )
|
|
||||||
//
|
|
||||||
_asm {
|
|
||||||
; Original local stack when calling _aullrem
|
|
||||||
; -----------------
|
|
||||||
; | |
|
|
||||||
; |---------------|
|
|
||||||
; | |
|
|
||||||
; |-- Divisor --|
|
|
||||||
; | |
|
|
||||||
; |---------------|
|
|
||||||
; | |
|
|
||||||
; |-- Dividend --|
|
|
||||||
; | |
|
|
||||||
; |---------------|
|
|
||||||
; | ReturnAddr** |
|
|
||||||
; ESP---->|---------------|
|
|
||||||
;
|
|
||||||
|
|
||||||
;
|
|
||||||
; Set up the local stack for Reminder pointer
|
|
||||||
;
|
|
||||||
sub esp, 8
|
|
||||||
push esp
|
|
||||||
|
|
||||||
;
|
|
||||||
; Set up the local stack for Divisor parameter
|
|
||||||
;
|
|
||||||
mov eax, [esp + 28]
|
|
||||||
push eax
|
|
||||||
mov eax, [esp + 28]
|
|
||||||
push eax
|
|
||||||
|
|
||||||
;
|
|
||||||
; Set up the local stack for Dividend parameter
|
|
||||||
;
|
|
||||||
mov eax, [esp + 28]
|
|
||||||
push eax
|
|
||||||
mov eax, [esp + 28]
|
|
||||||
push eax
|
|
||||||
|
|
||||||
;
|
|
||||||
; Call native DivU64x64Remainder of BaseLib
|
|
||||||
;
|
|
||||||
call DivU64x64Remainder
|
|
||||||
|
|
||||||
;
|
|
||||||
; Put the Reminder in EDX:EAX as return value
|
|
||||||
;
|
|
||||||
mov eax, [esp + 20]
|
|
||||||
mov edx, [esp + 24]
|
|
||||||
|
|
||||||
;
|
|
||||||
; Adjust stack
|
|
||||||
;
|
|
||||||
add esp, 28
|
|
||||||
|
|
||||||
ret 16
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,6 +1,6 @@
|
||||||
#------------------------------------------------------------------------------
|
#------------------------------------------------------------------------------
|
||||||
#
|
#
|
||||||
# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
|
# Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
# This program and the accompanying materials
|
# This program and the accompanying materials
|
||||||
# are licensed and made available under the terms and conditions of the BSD License
|
# are licensed and made available under the terms and conditions of the BSD License
|
||||||
# which accompanies this distribution. The full text of the license may be found at
|
# which accompanies this distribution. The full text of the license may be found at
|
|
@ -3,7 +3,7 @@
|
||||||
The 32-bit versions of C compiler generate calls to library routines
|
The 32-bit versions of C compiler generate calls to library routines
|
||||||
to handle 64-bit math. These functions use non-standard calling conventions.
|
to handle 64-bit math. These functions use non-standard calling conventions.
|
||||||
|
|
||||||
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
|
Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
This program and the accompanying materials
|
This program and the accompanying materials
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
|
@ -30,7 +30,7 @@ __declspec(naked) void __cdecl _allshl (void)
|
||||||
;
|
;
|
||||||
; Handle shifting of between 0 and 31 bits
|
; Handle shifting of between 0 and 31 bits
|
||||||
;
|
;
|
||||||
cmp cl, 32
|
cmp cl, 32
|
||||||
jae short More32
|
jae short More32
|
||||||
shld edx, eax, cl
|
shld edx, eax, cl
|
||||||
shl eax, cl
|
shl eax, cl
|
|
@ -1,6 +1,6 @@
|
||||||
#------------------------------------------------------------------------------
|
#------------------------------------------------------------------------------
|
||||||
#
|
#
|
||||||
# Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
|
# Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
# This program and the accompanying materials
|
# This program and the accompanying materials
|
||||||
# are licensed and made available under the terms and conditions of the BSD License
|
# are licensed and made available under the terms and conditions of the BSD License
|
||||||
# which accompanies this distribution. The full text of the license may be found at
|
# which accompanies this distribution. The full text of the license may be found at
|
|
@ -3,7 +3,7 @@
|
||||||
The 32-bit versions of C compiler generate calls to library routines
|
The 32-bit versions of C compiler generate calls to library routines
|
||||||
to handle 64-bit math. These functions use non-standard calling conventions.
|
to handle 64-bit math. These functions use non-standard calling conventions.
|
||||||
|
|
||||||
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
|
Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
This program and the accompanying materials
|
This program and the accompanying materials
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
which accompanies this distribution. The full text of the license may be found at
|
|
@ -6,10 +6,10 @@
|
||||||
# are licensed and made available under the terms and conditions of the BSD License
|
# are licensed and made available under the terms and conditions of the BSD License
|
||||||
# which accompanies this distribution. The full text of the license may be found at
|
# which accompanies this distribution. The full text of the license may be found at
|
||||||
# http://opensource.org/licenses/bsd-license.php
|
# http://opensource.org/licenses/bsd-license.php
|
||||||
#
|
#
|
||||||
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||||
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||||
#
|
#
|
||||||
##
|
##
|
||||||
|
|
||||||
[Defines]
|
[Defines]
|
||||||
|
@ -33,6 +33,15 @@
|
||||||
[Sources.IA32]
|
[Sources.IA32]
|
||||||
CopyMem.c
|
CopyMem.c
|
||||||
|
|
||||||
|
Ia32/MathLShiftS64.c | MSFT
|
||||||
|
Ia32/MathRShiftU64.c | MSFT
|
||||||
|
|
||||||
|
Ia32/MathLShiftS64.c | INTEL
|
||||||
|
Ia32/MathRShiftU64.c | INTEL
|
||||||
|
|
||||||
|
Ia32/MathLShiftS64.S | GCC
|
||||||
|
Ia32/MathRShiftU64.S | GCC
|
||||||
|
|
||||||
[Sources.X64]
|
[Sources.X64]
|
||||||
CopyMem.c
|
CopyMem.c
|
||||||
|
|
||||||
|
@ -70,4 +79,4 @@
|
||||||
MSFT:DEBUG_*_IPF_CC_FLAGS == /nologo /c /WX /GS- /X /W4 /EHs-c- /GR- /Gy /Os /FIAutoGen.h /QIPF_fr32 /Zi
|
MSFT:DEBUG_*_IPF_CC_FLAGS == /nologo /c /WX /GS- /X /W4 /EHs-c- /GR- /Gy /Os /FIAutoGen.h /QIPF_fr32 /Zi
|
||||||
MSFT:RELEASE_*_IPF_CC_FLAGS == /nologo /c /WX /GS- /X /W4 /EHs-c- /GR- /Gy /Os /FIAutoGen.h /QIPF_fr32
|
MSFT:RELEASE_*_IPF_CC_FLAGS == /nologo /c /WX /GS- /X /W4 /EHs-c- /GR- /Gy /Os /FIAutoGen.h /QIPF_fr32
|
||||||
INTEL:*_*_*_CC_FLAGS = /Oi-
|
INTEL:*_*_*_CC_FLAGS = /Oi-
|
||||||
GCC:*_*_*_CC_FLAGS = -fno-builtin
|
GCC:*_*_*_CC_FLAGS = -fno-builtin
|
|
@ -1,15 +1,15 @@
|
||||||
## @file
|
## @file
|
||||||
# This module provides openSSL Library implementation.
|
# This module provides openSSL Library implementation.
|
||||||
#
|
#
|
||||||
# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
|
# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||||
# This program and the accompanying materials
|
# This program and the accompanying materials
|
||||||
# are licensed and made available under the terms and conditions of the BSD License
|
# are licensed and made available under the terms and conditions of the BSD License
|
||||||
# which accompanies this distribution. The full text of the license may be found at
|
# which accompanies this distribution. The full text of the license may be found at
|
||||||
# http://opensource.org/licenses/bsd-license.php
|
# http://opensource.org/licenses/bsd-license.php
|
||||||
#
|
#
|
||||||
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||||
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||||
#
|
#
|
||||||
##
|
##
|
||||||
|
|
||||||
[Defines]
|
[Defines]
|
||||||
|
@ -22,35 +22,35 @@
|
||||||
LIBRARY_CLASS = OpensslLib
|
LIBRARY_CLASS = OpensslLib
|
||||||
DEFINE OPENSSL_PATH = openssl-0.9.8zb
|
DEFINE OPENSSL_PATH = openssl-0.9.8zb
|
||||||
DEFINE OPENSSL_FLAGS = -DOPENSSL_SYSNAME_UWIN -DOPENSSL_SYS_UEFI -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_SEED -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SOCK -DOPENSSL_NO_CMS -DOPENSSL_NO_JPAKE -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_ERR -DOPENSSL_NO_KRB5 -DOPENSSL_NO_DYNAMIC_ENGINE -DGETPID_IS_MEANINGLESS -DOPENSSL_NO_STDIO -DOPENSSL_NO_FP_API -DOPENSSL_NO_DGRAM -DOPENSSL_NO_ASM
|
DEFINE OPENSSL_FLAGS = -DOPENSSL_SYSNAME_UWIN -DOPENSSL_SYS_UEFI -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_SEED -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SOCK -DOPENSSL_NO_CMS -DOPENSSL_NO_JPAKE -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_ERR -DOPENSSL_NO_KRB5 -DOPENSSL_NO_DYNAMIC_ENGINE -DGETPID_IS_MEANINGLESS -DOPENSSL_NO_STDIO -DOPENSSL_NO_FP_API -DOPENSSL_NO_DGRAM -DOPENSSL_NO_ASM
|
||||||
DEFINE OPENSSL_EXFLAGS = -DOPENSSL_SMALL_FOOTPRINT -DOPENSSL_NO_MD2 -DOPENSSL_NO_SHA0 -DOPENSSL_NO_SHA512 -DOPENSSL_NO_LHASH -DOPENSSL_NO_HW -DOPENSSL_NO_OCSP -DOPENSSL_NO_LOCKING -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_RIPEMD -DOPENSSL_NO_RC2 -DOPENSSL_NO_IDEA -DOPENSSL_NO_BF -DOPENSSL_NO_CAST -DOPENSSL_NO_WHIRLPOOL -DOPENSSL_NO_DSA -DOPENSSL_NO_EC -DOPENSSL_NO_ECDH -DOPENSSL_NO_ECDSA -DOPENSSL_NO_ENGINE
|
DEFINE OPENSSL_EXFLAGS = -DOPENSSL_SMALL_FOOTPRINT -DOPENSSL_NO_MD2 -DOPENSSL_NO_SHA0 -DOPENSSL_NO_LHASH -DOPENSSL_NO_HW -DOPENSSL_NO_OCSP -DOPENSSL_NO_LOCKING -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_RIPEMD -DOPENSSL_NO_RC2 -DOPENSSL_NO_IDEA -DOPENSSL_NO_BF -DOPENSSL_NO_CAST -DOPENSSL_NO_WHIRLPOOL -DOPENSSL_NO_DSA -DOPENSSL_NO_EC -DOPENSSL_NO_ECDH -DOPENSSL_NO_ECDSA -DOPENSSL_NO_ENGINE
|
||||||
|
|
||||||
#
|
#
|
||||||
# OPENSSL_FLAGS is set to define the following flags to be compatible with
|
# OPENSSL_FLAGS is set to define the following flags to be compatible with
|
||||||
# EDK II build system and UEFI executiuon environment
|
# EDK II build system and UEFI executiuon environment
|
||||||
#
|
#
|
||||||
# OPENSSL_SYSNAME_UWIN
|
# OPENSSL_SYSNAME_UWIN
|
||||||
# OPENSSL_SYS_UEFI
|
# OPENSSL_SYS_UEFI
|
||||||
# L_ENDIAN
|
# L_ENDIAN
|
||||||
# _CRT_SECURE_NO_DEPRECATE
|
# _CRT_SECURE_NO_DEPRECATE
|
||||||
# _CRT_NONSTDC_NO_DEPRECATE
|
# _CRT_NONSTDC_NO_DEPRECATE
|
||||||
# OPENSSL_NO_CAMELLIA
|
# OPENSSL_NO_CAMELLIA
|
||||||
# OPENSSL_NO_SEED
|
# OPENSSL_NO_SEED
|
||||||
# OPENSSL_NO_RC5
|
# OPENSSL_NO_RC5
|
||||||
# OPENSSL_NO_MDC2
|
# OPENSSL_NO_MDC2
|
||||||
# OPENSSL_NO_SOCK
|
# OPENSSL_NO_SOCK
|
||||||
# OPENSSL_NO_CMS
|
# OPENSSL_NO_CMS
|
||||||
# OPENSSL_NO_JPAKE
|
# OPENSSL_NO_JPAKE
|
||||||
# OPENSSL_NO_CAPIENG
|
# OPENSSL_NO_CAPIENG
|
||||||
# OPENSSL_NO_ERR
|
# OPENSSL_NO_ERR
|
||||||
# OPENSSL_NO_KRB5
|
# OPENSSL_NO_KRB5
|
||||||
# OPENSSL_NO_DYNAMIC_ENGINE
|
# OPENSSL_NO_DYNAMIC_ENGINE
|
||||||
# GETPID_IS_MEANINGLESS
|
# GETPID_IS_MEANINGLESS
|
||||||
# OPENSSL_NO_STDIO
|
# OPENSSL_NO_STDIO
|
||||||
# OPENSSL_NO_FP_API
|
# OPENSSL_NO_FP_API
|
||||||
# OPENSSL_NO_DGRAM
|
# OPENSSL_NO_DGRAM
|
||||||
# OPENSSL_NO_ASM
|
# OPENSSL_NO_ASM
|
||||||
#
|
#
|
||||||
|
|
||||||
#
|
#
|
||||||
# VALID_ARCHITECTURES = IA32 X64 IPF ARM AARCH64
|
# VALID_ARCHITECTURES = IA32 X64 IPF ARM AARCH64
|
||||||
#
|
#
|
||||||
|
@ -306,7 +306,7 @@
|
||||||
# Not required for UEFI.
|
# Not required for UEFI.
|
||||||
#
|
#
|
||||||
# $(OPENSSL_PATH)/crypto/bio/b_print.c
|
# $(OPENSSL_PATH)/crypto/bio/b_print.c
|
||||||
|
|
||||||
$(OPENSSL_PATH)/crypto/bio/b_dump.c
|
$(OPENSSL_PATH)/crypto/bio/b_dump.c
|
||||||
$(OPENSSL_PATH)/crypto/bio/bf_nbio.c
|
$(OPENSSL_PATH)/crypto/bio/bf_nbio.c
|
||||||
$(OPENSSL_PATH)/crypto/bio/bss_log.c
|
$(OPENSSL_PATH)/crypto/bio/bss_log.c
|
||||||
|
@ -674,4 +674,4 @@
|
||||||
# 1296: Extended constant initialiser used
|
# 1296: Extended constant initialiser used
|
||||||
RVCT:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) --library_interface=aeabi_clib99 --fpu=vfpv3 -DTHIRTY_TWO_BIT --diag_suppress=1296,1295,550,1293,111,68,177,223,144,513,188
|
RVCT:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) --library_interface=aeabi_clib99 --fpu=vfpv3 -DTHIRTY_TWO_BIT --diag_suppress=1296,1295,550,1293,111,68,177,223,144,513,188
|
||||||
XCODE:*_*_IA32_CC_FLAGS = -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) -w -DTHIRTY_TWO_BIT
|
XCODE:*_*_IA32_CC_FLAGS = -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) -w -DTHIRTY_TWO_BIT
|
||||||
XCODE:*_*_X64_CC_FLAGS = -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) -w -DSIXTY_FOUR_BIT_LONG
|
XCODE:*_*_X64_CC_FLAGS = -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) -w -DSIXTY_FOUR_BIT_LONG
|
Loading…
Reference in New Issue