This patch added one new X509GetTBSCert() interface in BaseCryptLib to retrieve the TBSCertificate,
and also corrected the hash calculation for revoked certificate to aligned the RFC3280 and UEFI 2.4 spec.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Long, Qin" <qin.long@intel.com>
Reviewed-by: "Dong, Guo" <guo.dong@initel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16559 6f19259b-4bc3-4df7-8a09-765794883524
SVN r16339 ("CryptoPkg Updates to support RFC3161 timestamp signature
verification.") introduced the following build failure:
> CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c: In function
> 'TimestampTokenVerify':
> CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c:538:3: error: passing
> argument 2 of 'd2i_TS_TST_INFO' from incompatible pointer type [-Werror]
> TstInfo = d2i_TS_TST_INFO (NULL, &TstTemp, (int)TstSize);
> ^
> In file included from CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c:22:0:
> CryptoPkg/Include/openssl/asn1t.h:803:10: note: expected 'const unsigned
> char **' but argument is of type 'UINT8 **'
> stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
> ^
> CryptoPkg/Include/openssl/asn1t.h:799:2: note: in expansion of macro
> 'IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname'
> IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
> ^
> CryptoPkg/Include/openssl/asn1t.h:778:42: note: in expansion of macro
> 'IMPLEMENT_ASN1_FUNCTIONS_fname'
> #define IMPLEMENT_ASN1_FUNCTIONS(stname)
> IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
> ^
> CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c:136:1: note: in expansion of
> macro 'IMPLEMENT_ASN1_FUNCTIONS'
> IMPLEMENT_ASN1_FUNCTIONS (TS_TST_INFO)
> ^
> cc1: all warnings being treated as errors
Note that the cast
(const unsigned char **) &TstTemp
does not match the general edk2 coding style, but it *does* match
other similar casts in this file.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Build-tested-by: Scott Duplichan <scott@notabs.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16387 6f19259b-4bc3-4df7-8a09-765794883524
Module UNI and Package UNI files are not DOS format. Convert them to DOS format.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gao, Liming <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16051 6f19259b-4bc3-4df7-8a09-765794883524
2. Add MODULE_UNI_FILE file that contains the localized Abstract and Description of a module.
a. Addresses an information gap between INF files and the UEFI Distribution Packaging Specification XML schema
b. There will be an associated update to UPT in BaseTools to consume MODULE_UNI_FILE and associated UNI file during UDP creation that performs the INF -> XML conversion.
c. There will be an associated update to UPT in BaseTools to produce MODULE_UNI_FILE and associated UNI file during UDP installation that performs the XML -> INF conversion.
3. Add Module Extra UNI file that provides the localized Name of a module.
a. [UserExtensions.TianoCore."ExtraFiles"] provides an easy method for a module to specify extra files not listed in [Sources] or [Binaries] sections to be added to a UDP without having to list the files in the UPT package information data file.
b. There will be an associated update to UPT in BaseTools to package up files listed in [UserExtensions.TianoCore."ExtraFiles"] during UDP creation.
c. UNI file contains localized name of a module to go along with the localized Abstract and Description from the MODULE_UNI_FILE.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dong, Guo <guo.dong@intel.com>
Reviewed-by: Gao, Liming <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15955 6f19259b-4bc3-4df7-8a09-765794883524
1. Usage information in INF file comment blocks are either incomplete or incorrect.
This includes usage information for Protocols/PPIs/GUIDs/PCDs/HOBs/Events/BootModes.
The syntax for usage information in comment blocks is defined in the EDK II Module Information (INF) Specification
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dong, Guo <guo.dong@intel.com>
Reviewed-by: Gao, Liming <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15954 6f19259b-4bc3-4df7-8a09-765794883524
Update RVCT compile options for the CryptoPkg to compile.
Add support for stack protector with BaseStackCheckLib to link.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Reviewed-By: Olivier Martin <olivier.martin@arm.com>
Reviewed-By: Long, Qin <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15911 6f19259b-4bc3-4df7-8a09-765794883524
This patch is to catch the latest OpenSSL release.
NOTE: The content of EDKII_openssl-0.9.8zb.patch is same with the old EDKII_openssl-0.9.8za.patch, and the extra changes
are only name / directory modifications.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long, Qin <qin.long@intel.com>
Reviewed-by: Ye, Ting <ting.ye@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15802 6f19259b-4bc3-4df7-8a09-765794883524
Contributed-under: TianoCore Contribution Agreement 1.0
Signed off by: Long Qin <qin.long@intel.com>
Reviewed by: Eric Dong <eric.dong@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15768 6f19259b-4bc3-4df7-8a09-765794883524
The changes are:
1. Add RVCT ARM build target
2. Add suppression of warnings to get openssl building (1295,550,1293,111,68,177,223,144,513,188)
3. Remove architectures that RVCT cannot build for (IA32, X64, and IPF)
4. Add the -DOPENSSL_NO_MD2 flag to prevent link errors from MD2 references; the comments in the .inf assumes that this flag exists but it wasn’t actually set
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eugene Cohen <eugene@hp.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15767 6f19259b-4bc3-4df7-8a09-765794883524
Main changes include:
1. Update the patch file for 0.9.8za;
2. Update the install scripts to align the path for 0.9.8za;
3. OpensslLib.inf : Update the OPENSSL_PATH for 0.9.8za; enable more OPENSLL FLAGS to disable those un-used algorithms for better build performance and size;
4. Update the HOWTO file to align new OpenSSL version.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long, Qin <qin.long@intel.com>
Reviewed-by: Ye, Ting <ting.ye@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong, Guo <guo.dong@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15638 6f19259b-4bc3-4df7-8a09-765794883524
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Andrew Fish <afish@apple.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15560 6f19259b-4bc3-4df7-8a09-765794883524
while MonthNo is the month of the year, so tm_mon should be MonthNo-1.
Similarly, tm_mday is the day of the month, and DayNo is the number
of days since the first day of the month. Assigning DayNo+1 to
tm_mday to fit the definition.
This commit also corrected miscalculated MonthNo and DayNo for the
first day of the month. (Thanks to Laszlo Ersek!)
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14481 6f19259b-4bc3-4df7-8a09-765794883524
specific value defined in Authenticode PE specification.
Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by:Dong Guo <guo.dong@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13853 6f19259b-4bc3-4df7-8a09-765794883524
1. Add input length check for several APIs in BaseCryptLib.
2. Add return status check when calling OpensslLib functions
3. Adjust BaseCryptLib API to match description of wrapped OpensslLib API.
4. Update INF file to add missed RuntimeServicesTableLib.
5. Fix return status issue of APIs in CryptX509.c that incorrect when error occurs.
Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13579 6f19259b-4bc3-4df7-8a09-765794883524
Signed-off by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Sun Rui <rui.sun@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13300 6f19259b-4bc3-4df7-8a09-765794883524
2. Fix potential system hang issue in X509_STORE_CTX_cleanup.
3. Fix potential overflow when convert UINTN to INT.
4. Update Pkcs7Sign() to output stripped PKCS#7 SignedData.
5. Update Pkcs7Verify() to support both wrapped/stripped PKCS#7 SignedData.
Signed-off-by: tye
Reviewed-by: xdu2
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12593 6f19259b-4bc3-4df7-8a09-765794883524
Long, Qin
Laszlo Ersek
Ard Biesheuvel
Gao, Liming
Dong, Guo
Ronald Cron
qlong
Eugene Cohen
Andrew Fish
Ye Ting
Gary Ching-Pang Lin
tye1
sfu5
vanjeff
jyao1
li-elvin
lgao4
xdu2