CryptoPkg Updates to support RFC3161 timestamp signature verification.

The main changes includes:
1. Enabling SHA384 and SHA512 digest algorithm; (Sha512.c)
2. RFC 3161 timestamp signature verification support; (CryptTs.c)
3. Fixed one ASN.1 length encoding issue in Authenticode verification routine. (CryptAuthenticode.c)
4. Add the corresponding test cases in Cryptest utility (SHA384 & SHA512 & Timestamp verification)

Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Qin Long <qin.long@intel.com> 
Reviewed-by: Guo Dong <guo.dong@intel.com>
Reviewed-by: Ting Ye <ting.ye@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16339 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Qin Long
2014-11-12 08:51:45 +00:00
committed by qlong
parent bcbdc75535
commit 2ac68e8b54
29 changed files with 2369 additions and 687 deletions

View File

@@ -3,23 +3,23 @@
#
# Caution: This module requires additional review when modified.
# This library will have external input - signature.
# This external input must be validated carefully to avoid security issues such as
# This external input must be validated carefully to avoid security issues such as
# buffer overflow or integer overflow.
#
# Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/
# TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
# Diffie-Hellman functions, and authenticode signature verification functions are
# not supported in this instance.
# Note: MD4 Digest functions, SHA-384 Digest functions, SHA-512 Digest functions,
# HMAC-MD5 functions, HMAC-SHA1 functions, AES/TDES/ARC4 functions, RSA external
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
# authenticode signature verification functions are not supported in this instance.
#
# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
#
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
#
##
[Defines]
@@ -43,6 +43,7 @@
Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
Hash/CryptSha512Null.c
Hmac/CryptHmacMd5Null.c
Hmac/CryptHmacSha1Null.c
Cipher/CryptAesNull.c
@@ -55,6 +56,7 @@
Pk/CryptDhNull.c
Pk/CryptX509.c
Pk/CryptAuthenticodeNull.c
Pk/CryptTsNull.c
Pem/CryptPem.c
SysCall/CrtWrapper.c
@@ -62,24 +64,6 @@
SysCall/BaseMemAllocation.c
[Sources.Ia32]
SysCall/Ia32/MathMultS64x64.c | MSFT
SysCall/Ia32/MathDivU64x64.c | MSFT
SysCall/Ia32/MathReminderU64x64.c | MSFT
SysCall/Ia32/MathLShiftS64.c | MSFT
SysCall/Ia32/MathRShiftU64.c | MSFT
SysCall/Ia32/MathMultS64x64.c | INTEL
SysCall/Ia32/MathDivU64x64.c | INTEL
SysCall/Ia32/MathReminderU64x64.c | INTEL
SysCall/Ia32/MathLShiftS64.c | INTEL
SysCall/Ia32/MathRShiftU64.c | INTEL
SysCall/Ia32/MathMultS64x64.S | GCC
SysCall/Ia32/MathDivU64x64.S | GCC
SysCall/Ia32/MathReminderU64x64.S | GCC
SysCall/Ia32/MathLShiftS64.S | GCC
SysCall/Ia32/MathRShiftU64.S | GCC
Rand/CryptRandTsc.c
[Sources.X64]