Commit Graph

51 Commits

Author SHA1 Message Date
Long, Qin f61d69cc44 OpenSSL 0.9.8zb was released at 06-Aug-2014, including bug and security fixes.
This patch is to catch the latest OpenSSL release.
NOTE: The content of EDKII_openssl-0.9.8zb.patch is same with the old EDKII_openssl-0.9.8za.patch, and the extra changes 
      are only name / directory modifications. 

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long, Qin  <qin.long@intel.com>
Reviewed-by: Ye, Ting <ting.ye@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15802 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14 10:16:57 +00:00
qlong 0e24145420 Clean up code.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed off by: Long Qin <qin.long@intel.com>
Reviewed by: Eric Dong <eric.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15768 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-07 07:56:31 +00:00
Eugene Cohen 86110f65ab Fix OpensslLib build issue for ARM. The changes are:
The changes are:
  1. Add RVCT ARM build target
  2. Add suppression of warnings to get openssl building (1295,550,1293,111,68,177,223,144,513,188)
  3. Remove architectures that RVCT cannot build for (IA32, X64, and IPF)
  4. Add the -DOPENSSL_NO_MD2 flag to prevent link errors from MD2 references; the comments in the .inf assumes that this flag exists but it wasn’t actually set

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eugene Cohen <eugene@hp.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15767 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-07 07:44:37 +00:00
Long, Qin 1b98d6ce44 Add comments for clarification about memset implementation.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long, Qin <qin.long@intel.com>
Reviewed-by: Ye, Ting <ting.ye@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15662 6f19259b-4bc3-4df7-8a09-765794883524
2014-07-16 02:48:20 +00:00
Long, Qin a6908c99aa Update OpenSSL from 0.9.8w to the latest 0.9.8za.
Main changes include:
1. Update the patch file for 0.9.8za;
2. Update the install scripts to align the path for 0.9.8za;
3. OpensslLib.inf : Update the OPENSSL_PATH for 0.9.8za; enable more OPENSLL FLAGS to disable those un-used algorithms for better build performance and size;
4. Update the HOWTO file to align new OpenSSL version.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long, Qin <qin.long@intel.com>
Reviewed-by: Ye, Ting <ting.ye@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong, Guo <guo.dong@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15638 6f19259b-4bc3-4df7-8a09-765794883524
2014-07-08 03:03:24 +00:00
Andrew Fish 7bf3ce9ff9 Fix build issues with Xcode in CryptoPkg and SecurityPkg.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Andrew Fish <afish@apple.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15560 6f19259b-4bc3-4df7-8a09-765794883524
2014-06-16 08:30:41 +00:00
Long, Qin 38d91622fa Fixed one typo in MathRShiftU64.S stub implementation; Add one digest algorithm registration to make sure the underlying algorithm is available for the default OpenSSL software PRNG implementation.
Signed-off-by: Long, Qin <qin.long@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14860 6f19259b-4bc3-4df7-8a09-765794883524
2013-11-19 02:57:19 +00:00
Ye Ting 5b2956ea63 Enhance error handling code after calling BIO_new in BaseCryptLib.
Signed-off-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14528 6f19259b-4bc3-4df7-8a09-765794883524
2013-08-07 08:11:14 +00:00
Gary Ching-Pang Lin 04a3cfa78a Per gmtime manpage, tm_mon is the number of months since January
while MonthNo is the month of the year, so tm_mon should be MonthNo-1.

Similarly, tm_mday is the day of the month, and DayNo is the number 
of days since the first day of the month. Assigning DayNo+1 to 
tm_mday to fit the definition.

This commit also corrected miscalculated MonthNo and DayNo for the 
first day of the month. (Thanks to Laszlo Ersek!)

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14481 6f19259b-4bc3-4df7-8a09-765794883524
2013-07-17 07:53:04 +00:00
tye1 b3a18a1a17 Though the comment of RandomSeed() states it should return FALSE if there is not enough entropy for random generation, the function always returns TRUE. This commit checks the status of pseudorandom number generator to match the comment.
Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14392 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-29 05:30:13 +00:00
sfu5 86b5c3ee54 The openssl API RSA_public_decrypt() and RSA_private_encrypt() are deprecated, use RSA_sign(), RSA_verify() instead.
Signed-off-by: Long Qin < qin.long@intel.com >
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14309 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-23 01:52:17 +00:00
sfu5 02ee8d3b4c 1. Enable the whole X509v3 extension checking.
2. Replace d2i_X509_bio with d2i_X509.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ling Qin <qin.long@intel.com>
Reviewed-by: Ouyang Qian <qian.ouyang@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14026 6f19259b-4bc3-4df7-8a09-765794883524
2012-12-28 01:20:57 +00:00
tye1 8c5720b465 Fix issue that RsaPkcs1Verify() may not work in PEI phase.
Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13958 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-22 05:07:22 +00:00
tye1 eb58f55912 Fix coding style issue in CryptoPkg.
Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Eric <yong.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13864 6f19259b-4bc3-4df7-8a09-765794883524
2012-10-18 09:09:36 +00:00
sfu5 e98e59c237 Fix a bug in OpensslLib that PKCS7_verify will use over 8k stack space.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13858 6f19259b-4bc3-4df7-8a09-765794883524
2012-10-17 08:17:33 +00:00
tye1 fe5eea5e00 Add SPC_INDIRECT_DATA_OBJID check to make sure contentType equals to the
specific value defined in Authenticode PE specification.

Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by:Dong Guo <guo.dong@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13853 6f19259b-4bc3-4df7-8a09-765794883524
2012-10-17 02:13:54 +00:00
tye1 efad60c584 Fix PeiCryptLib build issue.
Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13670 6f19259b-4bc3-4df7-8a09-765794883524
2012-08-23 03:31:00 +00:00
sfu5 f4184cbd9b Update openssl patch to replaces the “__FILE__” and “__LINE__” with NULL and 0.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13605 6f19259b-4bc3-4df7-8a09-765794883524
2012-08-10 01:27:30 +00:00
tye1 dda39f3a58 Fix several issues in BaseCryptLib:
1. Add input length check for several APIs in BaseCryptLib.
2. Add return status check when calling OpensslLib functions
3. Adjust BaseCryptLib API to match description of wrapped OpensslLib API.
4. Update INF file to add missed RuntimeServicesTableLib.
5. Fix return status issue of APIs in CryptX509.c that incorrect when error occurs.

Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13579 6f19259b-4bc3-4df7-8a09-765794883524
2012-08-02 02:49:24 +00:00
tye1 6b8ebcb8de Fix some typo and coding style issues in BaseCryptLib instances.
Signed-off by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu, Siyuan <Siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13564 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-27 07:49:42 +00:00
tye1 532616bbd6 Add interfaces to several library instances of BaseCryptLib.
Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>




git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13539 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-18 09:32:05 +00:00
tye1 c4de8e2eb9 Fix incorrect return status in Pkcs7Verify().
Signed-off by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu, Siyuan <Siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13469 6f19259b-4bc3-4df7-8a09-765794883524
2012-06-25 05:15:40 +00:00
vanjeff 4f6904db4c Enable execute property to avoid format is changed carelessly.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13451 6f19259b-4bc3-4df7-8a09-765794883524
2012-06-14 06:43:08 +00:00
vanjeff 1300608777 Remove Carriage-Return character.
signed-off-by: Jeff Fan <jeff.fan@intel.com>
reviewed-by: Ting Ye <ting.ye@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13450 6f19259b-4bc3-4df7-8a09-765794883524
2012-06-14 06:31:44 +00:00
jyao1 dc204d5a0f Add comment for modules which have external input.
signed-off-by: jiewen.yao@intel.com
reviewed-by: guo.dong@intel.com
reviewed-by: ting.ye@intel.com
reviewed-by: liming.gao@intel.com
reviewed-by: elvin.li@intel.com



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13446 6f19259b-4bc3-4df7-8a09-765794883524
2012-06-12 08:28:43 +00:00
tye1 38fcd0270f Fix SmmCryptLib issue when calling time() in RealTimeClock.c
Signed-off by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13417 6f19259b-4bc3-4df7-8a09-765794883524
2012-06-01 02:37:24 +00:00
tye1 7ce960e712 Use current time value as default random seed in BaseCryptLib.
Signed-off by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Sun Rui <rui.sun@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13300 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-10 07:58:02 +00:00
tye1 5359174326 Upgrade openssl version to 0.98w.
Signed-off by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13289 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-07 10:29:58 +00:00
tye1 e8b4eb0417 Add two new interfaces Pkcs7GetSigners and Pkcs7FreeSigners to BaseCryptLib.
Signed-off by: tye1
Reviewed-by: geekboy15a
Reviewed-by: sfu5
Reviewed-by: gdong1

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13158 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-31 04:49:02 +00:00
sfu5 16d2c32c4d 1. Remove conducting ASSERT in BaseCryptLib.
Signed-off-by: sfu5
Reviewed-by: qianouyang
Reviewed-by: gdong1

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13110 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-19 05:52:16 +00:00
li-elvin 855790a56f Change Openssl build option for IPF back to SIXTY_FOUR_BIT.
Signed-off-by: li-elvin
Reviewed-by: vanjeff

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12893 6f19259b-4bc3-4df7-8a09-765794883524
2011-12-26 02:18:13 +00:00
tye1 c79111f6f1 Fix Windows 2008 R2 installation fail issue in IPF ICC tip.
Signed-off-by: tye1
Reviewed-by: gdong1
Reviewed-by: li-elvin

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12832 6f19259b-4bc3-4df7-8a09-765794883524
2011-12-09 09:25:12 +00:00
tye1 0bdcfe7592 Fix openssl lib build issue in IPF tip.
Signed-off-by: tye
Reviewed-by: gdong1
Reviewed-by: ftian


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12794 6f19259b-4bc3-4df7-8a09-765794883524
2011-11-28 07:12:20 +00:00
lgao4 c21ddf7c43 Add the missing options for X64 and IPF arch of MSFT:NOOPT target.
Signed-off-by: lgao4

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12793 6f19259b-4bc3-4df7-8a09-765794883524
2011-11-28 06:24:39 +00:00
tye1 4d6afad3b9 Fix CrytoPkg issue in GCC X64 tip.
Signed-off-by: tye
Reviewed-by: gdong1
Reviewed-by: ftian


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12784 6f19259b-4bc3-4df7-8a09-765794883524
2011-11-25 07:07:01 +00:00
tye1 d3945da644 Update return FALSE to ASSERT() for code consistent.
Signed-off-by: tye
Reviewed-by: jyao1




git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12659 6f19259b-4bc3-4df7-8a09-765794883524
2011-11-04 02:55:30 +00:00
xdu2 421fb3b504 CryptoPkg: Fix GCC build break for BaseCryptLib.
Signed-off-by: xdu2

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12601 6f19259b-4bc3-4df7-8a09-765794883524
2011-10-28 14:35:01 +00:00
tye1 da9e7418da 1. Fix build break issue for NOOPT target.
2. Fix potential system hang issue in X509_STORE_CTX_cleanup.
3. Fix potential overflow when convert UINTN to INT.
4. Update Pkcs7Sign() to output stripped PKCS#7 SignedData.
5. Update Pkcs7Verify() to support both wrapped/stripped PKCS#7 SignedData.

Signed-off-by: tye
Reviewed-by: xdu2



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12593 6f19259b-4bc3-4df7-8a09-765794883524
2011-10-28 07:41:26 +00:00
tye1 a2d111ed25 Replace SHA1 with SHA256 digest algorithm.
Signed-off-by: tye
Reviewed-by: hhuan13
Reviewed-by: qlong



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12350 6f19259b-4bc3-4df7-8a09-765794883524
2011-09-14 11:12:08 +00:00
tye1 55581f953a 1. Adjust SignedData to comply with latest UEFI spec: 1) remove SignerInfo.authenticatedAttributes; 2) remove SignedData.contentInfo.content;
2. Fix some coding style problems.


Signed-off-by: tye
Reviewed-by: hhuan13
Reviewed-by: qlong


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12349 6f19259b-4bc3-4df7-8a09-765794883524
2011-09-14 10:20:53 +00:00
tye1 b7d320f811 Add new interfaces to support PKCS7#7 signed data and authenticode signature. Update Cryptest to validate functionality of new interfaces.
Signed-off-by: tye1
Reviewed-by: hhuan13
Reviewed-by: qlong


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12142 6f19259b-4bc3-4df7-8a09-765794883524
2011-08-16 06:46:52 +00:00
lzeng14 d490265ca6 Update code to pass packaging tool.
Signed-off-by: lzeng14
Reviewed-by: lgao4

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11712 6f19259b-4bc3-4df7-8a09-765794883524
2011-05-30 09:56:57 +00:00
jljusten f114914b39 CryptoPkg SysCall Lib: Fix warning with GCC in CrtWrapper.c
Exit is declared to be 'noreturn' function, but GCC sees
that the empty function will return.  Therefore, GCC flags
a warning.

To work-around this, we use a function pointer, along with
a cast to force the code to think that a 'noreturn' function
is being called.

Signed-off-by: jljusten
Reviewed-by: qlong

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11609 6f19259b-4bc3-4df7-8a09-765794883524
2011-05-04 00:56:33 +00:00
jljusten c61fb9c8a4 CryptoPkg OpenSslSupport.h: Do not instantiate data in an include file
Include files should never instantiate data.  Data should only
be referenced as an 'extern' within include files.

The previous code would generate a GCC warning, since the static
data items were not always referenced.

Signed-off-by: jljusten
Reviewed-by: qlong

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11608 6f19259b-4bc3-4df7-8a09-765794883524
2011-05-04 00:56:11 +00:00
qlong 8e01b449de Patch from open source community for CryptoPkg to allow it to build for ARM using the RVCT toolchain.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11565 6f19259b-4bc3-4df7-8a09-765794883524
2011-04-19 16:25:31 +00:00
ydong10 96488aa25a Refine code to make code follow the coding style.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11247 6f19259b-4bc3-4df7-8a09-765794883524
2011-01-13 01:05:59 +00:00
qlong 4a567c9690 1. Add new API supports for PEM & X509 key retrieving & verification;
2. Add new MD4 hash supports;
3. Add corresponding test case in Cryptest utility;
4. Fix MACRO definition issue in OpensslLib.inf and parameter checking issues in some wrapper implementations.

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11214 6f19259b-4bc3-4df7-8a09-765794883524
2010-12-31 07:22:48 +00:00
vanjeff f754e613fc 1. enable /GL optimization building on OpensslLib.
2. add DDK3790 compiler option for IA32.


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11099 6f19259b-4bc3-4df7-8a09-765794883524
2010-11-26 07:23:30 +00:00
vanjeff d0bf0f8872 Override MSFT build option in INF files to remove /GL or /Oi.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11059 6f19259b-4bc3-4df7-8a09-765794883524
2010-11-16 02:06:29 +00:00
qlong a8c4464502 Update CryptoPkg for new ciphers (HMAC, Block Cipher, etc) supports.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10997 6f19259b-4bc3-4df7-8a09-765794883524
2010-11-02 06:06:38 +00:00