sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CryptoPkg: Apply uncrustify changes

Browse Source 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737

Apply uncrustify changes to .c/.h files in the CryptoPkg package

Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
This commit is contained in:
Michael Kubacki
2021-12-05 14:53:54 -08:00
committed by mergify[bot]
parent 2b16a4fb91
commit 7c34237831
101 changed files with 4323 additions and 3711 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
CryptoPkg/Driver/Crypto.c
View File

@ -18,7 +18,7 @@
A macro used to retrieve the FixedAtBuild PcdCryptoServiceFamilyEnable with a A macro used to retrieve the FixedAtBuild PcdCryptoServiceFamilyEnable with a
typecast to its associcted structure type PCD_CRYPTO_SERVICE_FAMILY_ENABLE. typecast to its associcted structure type PCD_CRYPTO_SERVICE_FAMILY_ENABLE.
**/ **/
#define EDKII_CRYPTO_PCD ((const PCD_CRYPTO_SERVICE_FAMILY_ENABLE *) \ #define EDKII_CRYPTO_PCD ((const PCD_CRYPTO_SERVICE_FAMILY_ENABLE *)\
(FixedPcdGetPtr (PcdCryptoServiceFamilyEnable))) (FixedPcdGetPtr (PcdCryptoServiceFamilyEnable)))
/** /**
@ -119,9 +119,9 @@ CryptoServiceGetCryptoVersion (
return EDKII_CRYPTO_VERSION; return EDKII_CRYPTO_VERSION;
} }
//===================================================================================== // =====================================================================================
// One-Way Cryptographic Hash Primitives // One-Way Cryptographic Hash Primitives
//===================================================================================== // =====================================================================================
/** /**
MD4 is deprecated and unsupported any longer. MD4 is deprecated and unsupported any longer.
@ -244,6 +244,7 @@ DeprecatedCryptoServiceMd4HashAll (
} }
#ifndef ENABLE_MD5_DEPRECATED_INTERFACES #ifndef ENABLE_MD5_DEPRECATED_INTERFACES
/** /**
Retrieves the size, in bytes, of the context buffer required for MD5 hash operations. Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
@ -390,7 +391,9 @@ DeprecatedCryptoServiceMd5HashAll (
{ {
return BaseCryptLibServiceDeprecated ("Md5HashAll"), FALSE; return BaseCryptLibServiceDeprecated ("Md5HashAll"), FALSE;
} }
#else #else
/** /**
Retrieves the size, in bytes, of the context buffer required for MD5 hash operations. Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
@ -548,9 +551,11 @@ CryptoServiceMd5HashAll (
{ {
return CALL_BASECRYPTLIB (Md5.Services.HashAll, Md5HashAll, (Data, DataSize, HashValue), FALSE); return CALL_BASECRYPTLIB (Md5.Services.HashAll, Md5HashAll, (Data, DataSize, HashValue), FALSE);
} }
#endif #endif
#ifdef DISABLE_SHA1_DEPRECATED_INTERFACES #ifdef DISABLE_SHA1_DEPRECATED_INTERFACES
/** /**
Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations. Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
@ -699,7 +704,9 @@ DeprecatedCryptoServiceSha1HashAll (
{ {
return BaseCryptLibServiceDeprecated ("Sha1HashAll"), FALSE; return BaseCryptLibServiceDeprecated ("Sha1HashAll"), FALSE;
} }
#else #else
/** /**
Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations. Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
@ -857,6 +864,7 @@ CryptoServiceSha1HashAll (
{ {
return CALL_BASECRYPTLIB (Sha1.Services.HashAll, Sha1HashAll, (Data, DataSize, HashValue), FALSE); return CALL_BASECRYPTLIB (Sha1.Services.HashAll, Sha1HashAll, (Data, DataSize, HashValue), FALSE);
} }
#endif #endif
/** /**
@ -1455,9 +1463,9 @@ CryptoServiceSm3HashAll (
return CALL_BASECRYPTLIB (Sm3.Services.HashAll, Sm3HashAll, (Data, DataSize, HashValue), FALSE); return CALL_BASECRYPTLIB (Sm3.Services.HashAll, Sm3HashAll, (Data, DataSize, HashValue), FALSE);
} }
//===================================================================================== // =====================================================================================
// MAC (Message Authentication Code) Primitive // MAC (Message Authentication Code) Primitive
//===================================================================================== // =====================================================================================
/** /**
HMAC MD5 is deprecated and unsupported any longer. HMAC MD5 is deprecated and unsupported any longer.
@ -1839,9 +1847,9 @@ CryptoServiceHmacSha256Final (
return CALL_BASECRYPTLIB (HmacSha256.Services.Final, HmacSha256Final, (HmacSha256Context, HmacValue), FALSE); return CALL_BASECRYPTLIB (HmacSha256.Services.Final, HmacSha256Final, (HmacSha256Context, HmacValue), FALSE);
} }
//===================================================================================== // =====================================================================================
// Symmetric Cryptography Primitive // Symmetric Cryptography Primitive
//===================================================================================== // =====================================================================================
/** /**
TDES is deprecated and unsupported any longer. TDES is deprecated and unsupported any longer.
@ -2268,9 +2276,9 @@ DeprecatedCryptoServiceArc4Reset (
return BaseCryptLibServiceDeprecated ("Arc4Reset"), FALSE; return BaseCryptLibServiceDeprecated ("Arc4Reset"), FALSE;
} }
//===================================================================================== // =====================================================================================
// Asymmetric Cryptography Primitive // Asymmetric Cryptography Primitive
//===================================================================================== // =====================================================================================
/** /**
Allocates and initializes one RSA context for subsequent use. Allocates and initializes one RSA context for subsequent use.
@ -3172,7 +3180,6 @@ CryptoServiceVerifyEKUsInPkcs7Signature (
return CALL_BASECRYPTLIB (Pkcs.Services.VerifyEKUsInPkcs7Signature, VerifyEKUsInPkcs7Signature, (Pkcs7Signature, SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE); return CALL_BASECRYPTLIB (Pkcs.Services.VerifyEKUsInPkcs7Signature, VerifyEKUsInPkcs7Signature, (Pkcs7Signature, SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE);
} }
/** /**
Extracts the attached content from a PKCS#7 signed data if existed. The input signed Extracts the attached content from a PKCS#7 signed data if existed. The input signed
data could be wrapped in a ContentInfo structure. data could be wrapped in a ContentInfo structure.
@ -3276,9 +3283,9 @@ CryptoServiceImageTimestampVerify (
return CALL_BASECRYPTLIB (Pkcs.Services.ImageTimestampVerify, ImageTimestampVerify, (AuthData, DataSize, TsaCert, CertSize, SigningTime), FALSE); return CALL_BASECRYPTLIB (Pkcs.Services.ImageTimestampVerify, ImageTimestampVerify, (AuthData, DataSize, TsaCert, CertSize, SigningTime), FALSE);
} }
//===================================================================================== // =====================================================================================
// DH Key Exchange Primitive // DH Key Exchange Primitive
//===================================================================================== // =====================================================================================
/** /**
Allocates and Initializes one Diffie-Hellman Context for subsequent use. Allocates and Initializes one Diffie-Hellman Context for subsequent use.
@ -3459,9 +3466,9 @@ CryptoServiceDhComputeKey (
return CALL_BASECRYPTLIB (Dh.Services.ComputeKey, DhComputeKey, (DhContext, PeerPublicKey, PeerPublicKeySize, Key, KeySize), FALSE); return CALL_BASECRYPTLIB (Dh.Services.ComputeKey, DhComputeKey, (DhContext, PeerPublicKey, PeerPublicKeySize, Key, KeySize), FALSE);
} }
//===================================================================================== // =====================================================================================
// Pseudo-Random Generation Primitive // Pseudo-Random Generation Primitive
//===================================================================================== // =====================================================================================
/** /**
Sets up the seed value for the pseudorandom number generator. Sets up the seed value for the pseudorandom number generator.
@ -3515,9 +3522,9 @@ CryptoServiceRandomBytes (
return CALL_BASECRYPTLIB (Random.Services.Bytes, RandomBytes, (Output, Size), FALSE); return CALL_BASECRYPTLIB (Random.Services.Bytes, RandomBytes, (Output, Size), FALSE);
} }
//===================================================================================== // =====================================================================================
// Key Derivation Function Primitive // Key Derivation Function Primitive
//===================================================================================== // =====================================================================================
/** /**
Derive key data using HMAC-SHA256 based KDF. Derive key data using HMAC-SHA256 based KDF.
@ -4494,7 +4501,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
DeprecatedCryptoServiceMd4Update, DeprecatedCryptoServiceMd4Update,
DeprecatedCryptoServiceMd4Final, DeprecatedCryptoServiceMd4Final,
DeprecatedCryptoServiceMd4HashAll, DeprecatedCryptoServiceMd4HashAll,
#ifndef ENABLE_MD5_DEPRECATED_INTERFACES #ifndef ENABLE_MD5_DEPRECATED_INTERFACES
/// Md5 - deprecated and unsupported /// Md5 - deprecated and unsupported
DeprecatedCryptoServiceMd5GetContextSize, DeprecatedCryptoServiceMd5GetContextSize,
DeprecatedCryptoServiceMd5Init, DeprecatedCryptoServiceMd5Init,
@ -4502,7 +4509,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
DeprecatedCryptoServiceMd5Update, DeprecatedCryptoServiceMd5Update,
DeprecatedCryptoServiceMd5Final, DeprecatedCryptoServiceMd5Final,
DeprecatedCryptoServiceMd5HashAll, DeprecatedCryptoServiceMd5HashAll,
#else #else
/// Md5 /// Md5
CryptoServiceMd5GetContextSize, CryptoServiceMd5GetContextSize,
CryptoServiceMd5Init, CryptoServiceMd5Init,
@ -4510,7 +4517,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
CryptoServiceMd5Update, CryptoServiceMd5Update,
CryptoServiceMd5Final, CryptoServiceMd5Final,
CryptoServiceMd5HashAll, CryptoServiceMd5HashAll,
#endif #endif
/// Pkcs /// Pkcs
CryptoServicePkcs1v2Encrypt, CryptoServicePkcs1v2Encrypt,
CryptoServicePkcs5HashPassword, CryptoServicePkcs5HashPassword,
@ -4545,7 +4552,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
CryptoServiceRsaPkcs1Verify, CryptoServiceRsaPkcs1Verify,
CryptoServiceRsaGetPrivateKeyFromPem, CryptoServiceRsaGetPrivateKeyFromPem,
CryptoServiceRsaGetPublicKeyFromX509, CryptoServiceRsaGetPublicKeyFromX509,
#ifdef DISABLE_SHA1_DEPRECATED_INTERFACES #ifdef DISABLE_SHA1_DEPRECATED_INTERFACES
/// Sha1 - deprecated and unsupported /// Sha1 - deprecated and unsupported
DeprecatedCryptoServiceSha1GetContextSize, DeprecatedCryptoServiceSha1GetContextSize,
DeprecatedCryptoServiceSha1Init, DeprecatedCryptoServiceSha1Init,
@ -4553,7 +4560,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
DeprecatedCryptoServiceSha1Update, DeprecatedCryptoServiceSha1Update,
DeprecatedCryptoServiceSha1Final, DeprecatedCryptoServiceSha1Final,
DeprecatedCryptoServiceSha1HashAll, DeprecatedCryptoServiceSha1HashAll,
#else #else
/// Sha1 /// Sha1
CryptoServiceSha1GetContextSize, CryptoServiceSha1GetContextSize,
CryptoServiceSha1Init, CryptoServiceSha1Init,
@ -4561,7 +4568,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
CryptoServiceSha1Update, CryptoServiceSha1Update,
CryptoServiceSha1Final, CryptoServiceSha1Final,
CryptoServiceSha1HashAll, CryptoServiceSha1HashAll,
#endif #endif
/// Sha256 /// Sha256
CryptoServiceSha256GetContextSize, CryptoServiceSha256GetContextSize,
CryptoServiceSha256Init, CryptoServiceSha256Init,

4
CryptoPkg/Driver/CryptoDxe.c
View File

@ -29,10 +29,10 @@ CryptoDxeEntry (
IN EFI_SYSTEM_TABLE *SystemTable IN EFI_SYSTEM_TABLE *SystemTable
) )
{ {
return gBS->InstallMultipleProtocolInterfaces( return gBS->InstallMultipleProtocolInterfaces (
&ImageHandle, &ImageHandle,
&gEdkiiCryptoProtocolGuid, &gEdkiiCryptoProtocolGuid,
(EDKII_CRYPTO_PROTOCOL *) &mEdkiiCrypto, (EDKII_CRYPTO_PROTOCOL *)&mEdkiiCrypto,
NULL NULL
); );
} }

4
CryptoPkg/Driver/CryptoPei.c
View File

@ -18,7 +18,7 @@ extern CONST EDKII_CRYPTO_PROTOCOL mEdkiiCrypto;
CONST EFI_PEI_PPI_DESCRIPTOR mEdkiiCryptoPpiList = { CONST EFI_PEI_PPI_DESCRIPTOR mEdkiiCryptoPpiList = {
(EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST), (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
&gEdkiiCryptoPpiGuid, &gEdkiiCryptoPpiGuid,
(EDKII_CRYPTO_PPI *) &mEdkiiCrypto (EDKII_CRYPTO_PPI *)&mEdkiiCrypto
}; };
/** /**
@ -81,7 +81,7 @@ CryptoPeiEntry (
// //
// CryptoPei was also dispatched before gEfiPeiMemoryDiscoveredPpiGuid // CryptoPei was also dispatched before gEfiPeiMemoryDiscoveredPpiGuid
// //
DEBUG((DEBUG_INFO, "CryptoPeiEntry: ReInstall Post-Memmory Crypto PPI\n")); DEBUG ((DEBUG_INFO, "CryptoPeiEntry: ReInstall Post-Memmory Crypto PPI\n"));
Status = PeiServicesReInstallPpi ( Status = PeiServicesReInstallPpi (
EdkiiCryptoPpiDescriptor, EdkiiCryptoPpiDescriptor,
&mEdkiiCryptoPpiList &mEdkiiCryptoPpiList

2
CryptoPkg/Driver/CryptoSmm.c
View File

@ -36,6 +36,6 @@ CryptoSmmEntry (
&Handle, &Handle,
&gEdkiiSmmCryptoProtocolGuid, &gEdkiiSmmCryptoProtocolGuid,
EFI_NATIVE_INTERFACE, EFI_NATIVE_INTERFACE,
(EDKII_CRYPTO_PROTOCOL *) &mEdkiiCrypto (EDKII_CRYPTO_PROTOCOL *)&mEdkiiCrypto
); );
} }

34
CryptoPkg/Include/Library/BaseCryptLib.h
View File

@ -68,11 +68,12 @@ typedef enum {
RsaKeyQInv ///< The CRT coefficient (== 1/q mod p) RsaKeyQInv ///< The CRT coefficient (== 1/q mod p)
} RSA_KEY_TAG; } RSA_KEY_TAG;
//===================================================================================== // =====================================================================================
// One-Way Cryptographic Hash Primitives // One-Way Cryptographic Hash Primitives
//===================================================================================== // =====================================================================================
#ifdef ENABLE_MD5_DEPRECATED_INTERFACES #ifdef ENABLE_MD5_DEPRECATED_INTERFACES
/** /**
Retrieves the size, in bytes, of the context buffer required for MD5 hash operations. Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
@ -212,9 +213,11 @@ Md5HashAll (
IN UINTN DataSize, IN UINTN DataSize,
OUT UINT8 *HashValue OUT UINT8 *HashValue
); );
#endif #endif
#ifndef DISABLE_SHA1_DEPRECATED_INTERFACES #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES
/** /**
Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations. Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
@ -354,6 +357,7 @@ Sha1HashAll (
IN UINTN DataSize, IN UINTN DataSize,
OUT UINT8 *HashValue OUT UINT8 *HashValue
); );
#endif #endif
/** /**
@ -880,9 +884,9 @@ Sm3HashAll (
OUT UINT8 *HashValue OUT UINT8 *HashValue
); );
//===================================================================================== // =====================================================================================
// MAC (Message Authentication Code) Primitive // MAC (Message Authentication Code) Primitive
//===================================================================================== // =====================================================================================
/** /**
Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use. Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use.
@ -1012,9 +1016,9 @@ HmacSha256Final (
OUT UINT8 *HmacValue OUT UINT8 *HmacValue
); );
//===================================================================================== // =====================================================================================
// Symmetric Cryptography Primitive // Symmetric Cryptography Primitive
//===================================================================================== // =====================================================================================
/** /**
Retrieves the size, in bytes, of the context buffer required for AES operations. Retrieves the size, in bytes, of the context buffer required for AES operations.
@ -1139,9 +1143,9 @@ AesCbcDecrypt (
OUT UINT8 *Output OUT UINT8 *Output
); );
//===================================================================================== // =====================================================================================
// Asymmetric Cryptography Primitive // Asymmetric Cryptography Primitive
//===================================================================================== // =====================================================================================
/** /**
Allocates and initializes one RSA context for subsequent use. Allocates and initializes one RSA context for subsequent use.
@ -1852,7 +1856,7 @@ typedef struct {
typedef struct { typedef struct {
UINT8 CertNumber; // Number of X.509 certificate. UINT8 CertNumber; // Number of X.509 certificate.
//EFI_CERT_DATA CertArray[]; // An array of X.509 certificate. // EFI_CERT_DATA CertArray[]; // An array of X.509 certificate.
} EFI_CERT_STACK; } EFI_CERT_STACK;
#pragma pack() #pragma pack()
@ -2151,9 +2155,9 @@ ImageTimestampVerify (
OUT EFI_TIME *SigningTime OUT EFI_TIME *SigningTime
); );
//===================================================================================== // =====================================================================================
// DH Key Exchange Primitive // DH Key Exchange Primitive
//===================================================================================== // =====================================================================================
/** /**
Allocates and Initializes one Diffie-Hellman Context for subsequent use. Allocates and Initializes one Diffie-Hellman Context for subsequent use.
@ -2316,9 +2320,9 @@ DhComputeKey (
IN OUT UINTN *KeySize IN OUT UINTN *KeySize
); );
//===================================================================================== // =====================================================================================
// Pseudo-Random Generation Primitive // Pseudo-Random Generation Primitive
//===================================================================================== // =====================================================================================
/** /**
Sets up the seed value for the pseudorandom number generator. Sets up the seed value for the pseudorandom number generator.
@ -2366,9 +2370,9 @@ RandomBytes (
IN UINTN Size IN UINTN Size
); );
//===================================================================================== // =====================================================================================
// Key Derivation Function Primitive // Key Derivation Function Primitive
//===================================================================================== // =====================================================================================
/** /**
Derive key data using HMAC-SHA256 based KDF. Derive key data using HMAC-SHA256 based KDF.

308
CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
View File

@ -25,208 +25,208 @@
typedef struct { typedef struct {
union { union {
struct { struct {
UINT8 New:1; UINT8 New : 1;
UINT8 Free:1; UINT8 Free : 1;
UINT8 SetKey:1; UINT8 SetKey : 1;
UINT8 Duplicate:1; UINT8 Duplicate : 1;
UINT8 Update:1; UINT8 Update : 1;
UINT8 Final:1; UINT8 Final : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} HmacMd5; } HmacMd5;
union { union {
struct { struct {
UINT8 New:1; UINT8 New : 1;
UINT8 Free:1; UINT8 Free : 1;
UINT8 SetKey:1; UINT8 SetKey : 1;
UINT8 Duplicate:1; UINT8 Duplicate : 1;
UINT8 Update:1; UINT8 Update : 1;
UINT8 Final:1; UINT8 Final : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} HmacSha1; } HmacSha1;
union { union {
struct { struct {
UINT8 New:1; UINT8 New : 1;
UINT8 Free:1; UINT8 Free : 1;
UINT8 SetKey:1; UINT8 SetKey : 1;
UINT8 Duplicate:1; UINT8 Duplicate : 1;
UINT8 Update:1; UINT8 Update : 1;
UINT8 Final:1; UINT8 Final : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} HmacSha256; } HmacSha256;
union { union {
struct { struct {
UINT8 GetContextSize:1; UINT8 GetContextSize : 1;
UINT8 Init:1; UINT8 Init : 1;
UINT8 Duplicate:1; UINT8 Duplicate : 1;
UINT8 Update:1; UINT8 Update : 1;
UINT8 Final:1; UINT8 Final : 1;
UINT8 HashAll:1; UINT8 HashAll : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} Md4; } Md4;
union { union {
struct { struct {
UINT8 GetContextSize:1; UINT8 GetContextSize : 1;
UINT8 Init:1; UINT8 Init : 1;
UINT8 Duplicate:1; UINT8 Duplicate : 1;
UINT8 Update:1; UINT8 Update : 1;
UINT8 Final:1; UINT8 Final : 1;
UINT8 HashAll:1; UINT8 HashAll : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} Md5; } Md5;
union { union {
struct { struct {
UINT8 Pkcs1v2Encrypt:1; UINT8 Pkcs1v2Encrypt : 1;
UINT8 Pkcs5HashPassword:1; UINT8 Pkcs5HashPassword : 1;
UINT8 Pkcs7Verify:1; UINT8 Pkcs7Verify : 1;
UINT8 VerifyEKUsInPkcs7Signature:1; UINT8 VerifyEKUsInPkcs7Signature : 1;
UINT8 Pkcs7GetSigners:1; UINT8 Pkcs7GetSigners : 1;
UINT8 Pkcs7FreeSigners:1; UINT8 Pkcs7FreeSigners : 1;
UINT8 Pkcs7Sign:1; UINT8 Pkcs7Sign : 1;
UINT8 Pkcs7GetAttachedContent:1; UINT8 Pkcs7GetAttachedContent : 1;
UINT8 Pkcs7GetCertificatesList:1; UINT8 Pkcs7GetCertificatesList : 1;
UINT8 AuthenticodeVerify:1; UINT8 AuthenticodeVerify : 1;
UINT8 ImageTimestampVerify:1; UINT8 ImageTimestampVerify : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} Pkcs; } Pkcs;
union { union {
struct { struct {
UINT8 New:1; UINT8 New : 1;
UINT8 Free:1; UINT8 Free : 1;
UINT8 GenerateParameter:1; UINT8 GenerateParameter : 1;
UINT8 SetParameter:1; UINT8 SetParameter : 1;
UINT8 GenerateKey:1; UINT8 GenerateKey : 1;
UINT8 ComputeKey:1; UINT8 ComputeKey : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} Dh; } Dh;
union { union {
struct { struct {
UINT8 Seed:1; UINT8 Seed : 1;
UINT8 Bytes:1; UINT8 Bytes : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} Random; } Random;
union { union {
struct { struct {
UINT8 VerifyPkcs1:1; UINT8 VerifyPkcs1 : 1;
UINT8 New:1; UINT8 New : 1;
UINT8 Free:1; UINT8 Free : 1;
UINT8 SetKey:1; UINT8 SetKey : 1;
UINT8 GetKey:1; UINT8 GetKey : 1;
UINT8 GenerateKey:1; UINT8 GenerateKey : 1;
UINT8 CheckKey:1; UINT8 CheckKey : 1;
UINT8 Pkcs1Sign:1; UINT8 Pkcs1Sign : 1;
UINT8 Pkcs1Verify:1; UINT8 Pkcs1Verify : 1;
UINT8 GetPrivateKeyFromPem:1; UINT8 GetPrivateKeyFromPem : 1;
UINT8 GetPublicKeyFromX509:1; UINT8 GetPublicKeyFromX509 : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} Rsa; } Rsa;
union { union {
struct { struct {
UINT8 GetContextSize:1; UINT8 GetContextSize : 1;
UINT8 Init:1; UINT8 Init : 1;
UINT8 Duplicate:1; UINT8 Duplicate : 1;
UINT8 Update:1; UINT8 Update : 1;
UINT8 Final:1; UINT8 Final : 1;
UINT8 HashAll:1; UINT8 HashAll : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} Sha1; } Sha1;
union { union {
struct { struct {
UINT8 GetContextSize:1; UINT8 GetContextSize : 1;
UINT8 Init:1; UINT8 Init : 1;
UINT8 Duplicate:1; UINT8 Duplicate : 1;
UINT8 Update:1; UINT8 Update : 1;
UINT8 Final:1; UINT8 Final : 1;
UINT8 HashAll:1; UINT8 HashAll : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} Sha256; } Sha256;
union { union {
struct { struct {
UINT8 GetContextSize:1; UINT8 GetContextSize : 1;
UINT8 Init:1; UINT8 Init : 1;
UINT8 Duplicate:1; UINT8 Duplicate : 1;
UINT8 Update:1; UINT8 Update : 1;
UINT8 Final:1; UINT8 Final : 1;
UINT8 HashAll:1; UINT8 HashAll : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} Sha384; } Sha384;
union { union {
struct { struct {
UINT8 GetContextSize:1; UINT8 GetContextSize : 1;
UINT8 Init:1; UINT8 Init : 1;
UINT8 Duplicate:1; UINT8 Duplicate : 1;
UINT8 Update:1; UINT8 Update : 1;
UINT8 Final:1; UINT8 Final : 1;
UINT8 HashAll:1; UINT8 HashAll : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} Sha512; } Sha512;
union { union {
struct { struct {
UINT8 GetSubjectName:1; UINT8 GetSubjectName : 1;
UINT8 GetCommonName:1; UINT8 GetCommonName : 1;
UINT8 GetOrganizationName:1; UINT8 GetOrganizationName : 1;
UINT8 VerifyCert:1; UINT8 VerifyCert : 1;
UINT8 ConstructCertificate:1; UINT8 ConstructCertificate : 1;
UINT8 ConstructCertificateStack:1; UINT8 ConstructCertificateStack : 1;
UINT8 ConstructCertificateStackV:1; UINT8 ConstructCertificateStackV : 1;
UINT8 Free:1; UINT8 Free : 1;
UINT8 StackFree:1; UINT8 StackFree : 1;
UINT8 GetTBSCert:1; UINT8 GetTBSCert : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} X509; } X509;
union { union {
struct { struct {
UINT8 GetContextSize:1; UINT8 GetContextSize : 1;
UINT8 Init:1; UINT8 Init : 1;
UINT8 EcbEncrypt:1; UINT8 EcbEncrypt : 1;
UINT8 EcbDecrypt:1; UINT8 EcbDecrypt : 1;
UINT8 CbcEncrypt:1; UINT8 CbcEncrypt : 1;
UINT8 CbcDecrypt:1; UINT8 CbcDecrypt : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} Tdes; } Tdes;
union { union {
struct { struct {
UINT8 GetContextSize:1; UINT8 GetContextSize : 1;
UINT8 Init:1; UINT8 Init : 1;
UINT8 EcbEncrypt:1; UINT8 EcbEncrypt : 1;
UINT8 EcbDecrypt:1; UINT8 EcbDecrypt : 1;
UINT8 CbcEncrypt:1; UINT8 CbcEncrypt : 1;
UINT8 CbcDecrypt:1; UINT8 CbcDecrypt : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} Aes; } Aes;
union { union {
struct { struct {
UINT8 GetContextSize:1; UINT8 GetContextSize : 1;
UINT8 Init:1; UINT8 Init : 1;
UINT8 Encrypt:1; UINT8 Encrypt : 1;
UINT8 Decrypt:1; UINT8 Decrypt : 1;
UINT8 Reset:1; UINT8 Reset : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} Arc4; } Arc4;
union { union {
struct { struct {
UINT8 GetContextSize:1; UINT8 GetContextSize : 1;
UINT8 Init:1; UINT8 Init : 1;
UINT8 Duplicate:1; UINT8 Duplicate : 1;
UINT8 Update:1; UINT8 Update : 1;
UINT8 Final:1; UINT8 Final : 1;
UINT8 HashAll:1; UINT8 HashAll : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} Sm3; } Sm3;
@ -238,53 +238,53 @@ typedef struct {
} Hkdf; } Hkdf;
union { union {
struct { struct {
UINT8 Initialize:1; UINT8 Initialize : 1;
UINT8 CtxFree:1; UINT8 CtxFree : 1;
UINT8 CtxNew:1; UINT8 CtxNew : 1;
UINT8 Free:1; UINT8 Free : 1;
UINT8 New:1; UINT8 New : 1;
UINT8 InHandshake:1; UINT8 InHandshake : 1;
UINT8 DoHandshake:1; UINT8 DoHandshake : 1;
UINT8 HandleAlert:1; UINT8 HandleAlert : 1;
UINT8 CloseNotify:1; UINT8 CloseNotify : 1;
UINT8 CtrlTrafficOut:1; UINT8 CtrlTrafficOut : 1;
UINT8 CtrlTrafficIn:1; UINT8 CtrlTrafficIn : 1;
UINT8 Read:1; UINT8 Read : 1;
UINT8 Write:1; UINT8 Write : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} Tls; } Tls;
union { union {
struct { struct {
UINT8 Version:1; UINT8 Version : 1;
UINT8 ConnectionEnd:1; UINT8 ConnectionEnd : 1;
UINT8 CipherList:1; UINT8 CipherList : 1;
UINT8 CompressionMethod:1; UINT8 CompressionMethod : 1;
UINT8 Verify:1; UINT8 Verify : 1;
UINT8 VerifyHost:1; UINT8 VerifyHost : 1;
UINT8 SessionId:1; UINT8 SessionId : 1;
UINT8 CaCertificate:1; UINT8 CaCertificate : 1;
UINT8 HostPublicCert:1; UINT8 HostPublicCert : 1;
UINT8 HostPrivateKey:1; UINT8 HostPrivateKey : 1;
UINT8 CertRevocationList:1; UINT8 CertRevocationList : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} TlsSet; } TlsSet;
union { union {
struct { struct {
UINT8 Version:1; UINT8 Version : 1;
UINT8 ConnectionEnd:1; UINT8 ConnectionEnd : 1;
UINT8 CurrentCipher:1; UINT8 CurrentCipher : 1;
UINT8 CurrentCompressionId:1; UINT8 CurrentCompressionId : 1;
UINT8 Verify:1; UINT8 Verify : 1;
UINT8 SessionId:1; UINT8 SessionId : 1;
UINT8 ClientRandom:1; UINT8 ClientRandom : 1;
UINT8 ServerRandom:1; UINT8 ServerRandom : 1;
UINT8 KeyMaterial:1; UINT8 KeyMaterial : 1;
UINT8 CaCertificate:1; UINT8 CaCertificate : 1;
UINT8 HostPublicCert:1; UINT8 HostPublicCert : 1;
UINT8 HostPrivateKey:1; UINT8 HostPrivateKey : 1;
UINT8 CertRevocationList:1; UINT8 CertRevocationList : 1;
} Services; } Services;
UINT32 Family; UINT32 Family;
} TlsGet; } TlsGet;

28
CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c
View File

@ -25,7 +25,7 @@ AesGetContextSize (
// AES uses different key contexts for encryption and decryption, so here memory // AES uses different key contexts for encryption and decryption, so here memory
// for 2 copies of AES_KEY is allocated. // for 2 copies of AES_KEY is allocated.
// //
return (UINTN) (2 * sizeof (AES_KEY)); return (UINTN)(2 * sizeof (AES_KEY));
} }
/** /**
@ -61,20 +61,22 @@ AesInit (
// //
// Check input parameters. // Check input parameters.
// //
if (AesContext == NULL || Key == NULL || (KeyLength != 128 && KeyLength != 192 && KeyLength != 256)) { if ((AesContext == NULL) || (Key == NULL) || ((KeyLength != 128) && (KeyLength != 192) && (KeyLength != 256))) {
return FALSE; return FALSE;
} }
// //
// Initialize AES encryption & decryption key schedule. // Initialize AES encryption & decryption key schedule.
// //
AesKey = (AES_KEY *) AesContext; AesKey = (AES_KEY *)AesContext;
if (AES_set_encrypt_key (Key, (UINT32) KeyLength, AesKey) != 0) { if (AES_set_encrypt_key (Key, (UINT32)KeyLength, AesKey) != 0) {
return FALSE; return FALSE;
} }
if (AES_set_decrypt_key (Key, (UINT32) KeyLength, AesKey + 1) != 0) {
if (AES_set_decrypt_key (Key, (UINT32)KeyLength, AesKey + 1) != 0) {
return FALSE; return FALSE;
} }
return TRUE; return TRUE;
} }
@ -121,21 +123,21 @@ AesCbcEncrypt (
// //
// Check input parameters. // Check input parameters.
// //
if (AesContext == NULL || Input == NULL || (InputSize % AES_BLOCK_SIZE) != 0) { if ((AesContext == NULL) || (Input == NULL) || ((InputSize % AES_BLOCK_SIZE) != 0)) {
return FALSE; return FALSE;
} }
if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) { if ((Ivec == NULL) || (Output == NULL) || (InputSize > INT_MAX)) {
return FALSE; return FALSE;
} }
AesKey = (AES_KEY *) AesContext; AesKey = (AES_KEY *)AesContext;
CopyMem (IvecBuffer, Ivec, AES_BLOCK_SIZE); CopyMem (IvecBuffer, Ivec, AES_BLOCK_SIZE);
// //
// Perform AES data encryption with CBC mode // Perform AES data encryption with CBC mode
// //
AES_cbc_encrypt (Input, Output, (UINT32) InputSize, AesKey, IvecBuffer, AES_ENCRYPT); AES_cbc_encrypt (Input, Output, (UINT32)InputSize, AesKey, IvecBuffer, AES_ENCRYPT);
return TRUE; return TRUE;
} }
@ -183,21 +185,21 @@ AesCbcDecrypt (
// //
// Check input parameters. // Check input parameters.
// //
if (AesContext == NULL || Input == NULL || (InputSize % AES_BLOCK_SIZE) != 0) { if ((AesContext == NULL) || (Input == NULL) || ((InputSize % AES_BLOCK_SIZE) != 0)) {
return FALSE; return FALSE;
} }
if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) { if ((Ivec == NULL) || (Output == NULL) || (InputSize > INT_MAX)) {
return FALSE; return FALSE;
} }
AesKey = (AES_KEY *) AesContext; AesKey = (AES_KEY *)AesContext;
CopyMem (IvecBuffer, Ivec, AES_BLOCK_SIZE); CopyMem (IvecBuffer, Ivec, AES_BLOCK_SIZE);
// //
// Perform AES data decryption with CBC mode // Perform AES data decryption with CBC mode
// //
AES_cbc_encrypt (Input, Output, (UINT32) InputSize, AesKey + 1, IvecBuffer, AES_DECRYPT); AES_cbc_encrypt (Input, Output, (UINT32)InputSize, AesKey + 1, IvecBuffer, AES_DECRYPT);
return TRUE; return TRUE;
} }

20
CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c
View File

@ -10,6 +10,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <openssl/md5.h> #include <openssl/md5.h>
#ifdef ENABLE_MD5_DEPRECATED_INTERFACES #ifdef ENABLE_MD5_DEPRECATED_INTERFACES
/** /**
Retrieves the size, in bytes, of the context buffer required for MD5 hash operations. Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
@ -25,10 +26,9 @@ Md5GetContextSize (
// //
// Retrieves the OpenSSL MD5 Context Size // Retrieves the OpenSSL MD5 Context Size
// //
return (UINTN) (sizeof (MD5_CTX)); return (UINTN)(sizeof (MD5_CTX));
} }
/** /**
Initializes user-supplied memory pointed by Md5Context as MD5 hash context for Initializes user-supplied memory pointed by Md5Context as MD5 hash context for
subsequent use. subsequent use.
@ -57,7 +57,7 @@ Md5Init (
// //
// OpenSSL MD5 Context Initialization // OpenSSL MD5 Context Initialization
// //
return (BOOLEAN) (MD5_Init ((MD5_CTX *) Md5Context)); return (BOOLEAN)(MD5_Init ((MD5_CTX *)Md5Context));
} }
/** /**
@ -83,7 +83,7 @@ Md5Duplicate (
// //
// Check input parameters. // Check input parameters.
// //
if (Md5Context == NULL || NewMd5Context == NULL) { if ((Md5Context == NULL) || (NewMd5Context == NULL)) {
return FALSE; return FALSE;
} }
@ -128,14 +128,14 @@ Md5Update (
// //
// Check invalid parameters, in case that only DataLength was checked in OpenSSL // Check invalid parameters, in case that only DataLength was checked in OpenSSL
// //
if (Data == NULL && (DataSize != 0)) { if ((Data == NULL) && (DataSize != 0)) {
return FALSE; return FALSE;
} }
// //
// OpenSSL MD5 Hash Update // OpenSSL MD5 Hash Update
// //
return (BOOLEAN) (MD5_Update ((MD5_CTX *) Md5Context, Data, DataSize)); return (BOOLEAN)(MD5_Update ((MD5_CTX *)Md5Context, Data, DataSize));
} }
/** /**
@ -168,14 +168,14 @@ Md5Final (
// //
// Check input parameters. // Check input parameters.
// //
if (Md5Context == NULL || HashValue == NULL) { if ((Md5Context == NULL) || (HashValue == NULL)) {
return FALSE; return FALSE;
} }
// //
// OpenSSL MD5 Hash Finalization // OpenSSL MD5 Hash Finalization
// //
return (BOOLEAN) (MD5_Final (HashValue, (MD5_CTX *) Md5Context)); return (BOOLEAN)(MD5_Final (HashValue, (MD5_CTX *)Md5Context));
} }
/** /**
@ -210,7 +210,8 @@ Md5HashAll (
if (HashValue == NULL) { if (HashValue == NULL) {
return FALSE; return FALSE;
} }
if (Data == NULL && (DataSize != 0)) {
if ((Data == NULL) && (DataSize != 0)) {
return FALSE; return FALSE;
} }
@ -223,4 +224,5 @@ Md5HashAll (
return TRUE; return TRUE;
} }
} }
#endif #endif

19
CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c
View File

@ -10,6 +10,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <openssl/sha.h> #include <openssl/sha.h>
#ifndef DISABLE_SHA1_DEPRECATED_INTERFACES #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES
/** /**
Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations. Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
@ -25,7 +26,7 @@ Sha1GetContextSize (
// //
// Retrieves OpenSSL SHA Context Size // Retrieves OpenSSL SHA Context Size
// //
return (UINTN) (sizeof (SHA_CTX)); return (UINTN)(sizeof (SHA_CTX));
} }
/** /**
@ -56,7 +57,7 @@ Sha1Init (
// //
// OpenSSL SHA-1 Context Initialization // OpenSSL SHA-1 Context Initialization
// //
return (BOOLEAN) (SHA1_Init ((SHA_CTX *) Sha1Context)); return (BOOLEAN)(SHA1_Init ((SHA_CTX *)Sha1Context));
} }
/** /**
@ -82,7 +83,7 @@ Sha1Duplicate (
// //
// Check input parameters. // Check input parameters.
// //
if (Sha1Context == NULL || NewSha1Context == NULL) { if ((Sha1Context == NULL) || (NewSha1Context == NULL)) {
return FALSE; return FALSE;
} }
@ -127,14 +128,14 @@ Sha1Update (
// //
// Check invalid parameters, in case that only DataLength was checked in OpenSSL // Check invalid parameters, in case that only DataLength was checked in OpenSSL
// //
if (Data == NULL && DataSize != 0) { if ((Data == NULL) && (DataSize != 0)) {
return FALSE; return FALSE;
} }
// //
// OpenSSL SHA-1 Hash Update // OpenSSL SHA-1 Hash Update
// //
return (BOOLEAN) (SHA1_Update ((SHA_CTX *) Sha1Context, Data, DataSize)); return (BOOLEAN)(SHA1_Update ((SHA_CTX *)Sha1Context, Data, DataSize));
} }
/** /**
@ -167,14 +168,14 @@ Sha1Final (
// //
// Check input parameters. // Check input parameters.
// //
if (Sha1Context == NULL || HashValue == NULL) { if ((Sha1Context == NULL) || (HashValue == NULL)) {
return FALSE; return FALSE;
} }
// //
// OpenSSL SHA-1 Hash Finalization // OpenSSL SHA-1 Hash Finalization
// //
return (BOOLEAN) (SHA1_Final (HashValue, (SHA_CTX *) Sha1Context)); return (BOOLEAN)(SHA1_Final (HashValue, (SHA_CTX *)Sha1Context));
} }
/** /**
@ -209,7 +210,8 @@ Sha1HashAll (
if (HashValue == NULL) { if (HashValue == NULL) {
return FALSE; return FALSE;
} }
if (Data == NULL && DataSize != 0) {
if ((Data == NULL) && (DataSize != 0)) {
return FALSE; return FALSE;
} }
@ -222,4 +224,5 @@ Sha1HashAll (
return TRUE; return TRUE;
} }
} }
#endif #endif

17
CryptoPkg/Library/BaseCryptLib/Hash/CryptSha256.c
View File

@ -24,7 +24,7 @@ Sha256GetContextSize (
// //
// Retrieves OpenSSL SHA-256 Context Size // Retrieves OpenSSL SHA-256 Context Size
// //
return (UINTN) (sizeof (SHA256_CTX)); return (UINTN)(sizeof (SHA256_CTX));
} }
/** /**
@ -55,7 +55,7 @@ Sha256Init (
// //
// OpenSSL SHA-256 Context Initialization // OpenSSL SHA-256 Context Initialization
// //
return (BOOLEAN) (SHA256_Init ((SHA256_CTX *) Sha256Context)); return (BOOLEAN)(SHA256_Init ((SHA256_CTX *)Sha256Context));
} }
/** /**
@ -81,7 +81,7 @@ Sha256Duplicate (
// //
// Check input parameters. // Check input parameters.
// //
if (Sha256Context == NULL || NewSha256Context == NULL) { if ((Sha256Context == NULL) || (NewSha256Context == NULL)) {
return FALSE; return FALSE;
} }
@ -126,14 +126,14 @@ Sha256Update (
// //
// Check invalid parameters, in case that only DataLength was checked in OpenSSL // Check invalid parameters, in case that only DataLength was checked in OpenSSL
// //
if (Data == NULL && DataSize != 0) { if ((Data == NULL) && (DataSize != 0)) {
return FALSE; return FALSE;
} }
// //
// OpenSSL SHA-256 Hash Update // OpenSSL SHA-256 Hash Update
// //
return (BOOLEAN) (SHA256_Update ((SHA256_CTX *) Sha256Context, Data, DataSize)); return (BOOLEAN)(SHA256_Update ((SHA256_CTX *)Sha256Context, Data, DataSize));
} }
/** /**
@ -166,14 +166,14 @@ Sha256Final (
// //
// Check input parameters. // Check input parameters.
// //
if (Sha256Context == NULL || HashValue == NULL) { if ((Sha256Context == NULL) || (HashValue == NULL)) {
return FALSE; return FALSE;
} }
// //
// OpenSSL SHA-256 Hash Finalization // OpenSSL SHA-256 Hash Finalization
// //
return (BOOLEAN) (SHA256_Final (HashValue, (SHA256_CTX *) Sha256Context)); return (BOOLEAN)(SHA256_Final (HashValue, (SHA256_CTX *)Sha256Context));
} }
/** /**
@ -208,7 +208,8 @@ Sha256HashAll (
if (HashValue == NULL) { if (HashValue == NULL) {
return FALSE; return FALSE;
} }
if (Data == NULL && DataSize != 0) {
if ((Data == NULL) && (DataSize != 0)) {
return FALSE; return FALSE;
} }

34
CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c
View File

@ -24,7 +24,7 @@ Sha384GetContextSize (
// //
// Retrieves OpenSSL SHA-384 Context Size // Retrieves OpenSSL SHA-384 Context Size
// //
return (UINTN) (sizeof (SHA512_CTX)); return (UINTN)(sizeof (SHA512_CTX));
} }
/** /**
@ -55,7 +55,7 @@ Sha384Init (
// //
// OpenSSL SHA-384 Context Initialization // OpenSSL SHA-384 Context Initialization
// //
return (BOOLEAN) (SHA384_Init ((SHA512_CTX *) Sha384Context)); return (BOOLEAN)(SHA384_Init ((SHA512_CTX *)Sha384Context));
} }
/** /**
@ -83,7 +83,7 @@ Sha384Duplicate (
// //
// Check input parameters. // Check input parameters.
// //
if (Sha384Context == NULL || NewSha384Context == NULL) { if ((Sha384Context == NULL) || (NewSha384Context == NULL)) {
return FALSE; return FALSE;
} }
@ -128,14 +128,14 @@ Sha384Update (
// //
// Check invalid parameters, in case that only DataLength was checked in OpenSSL // Check invalid parameters, in case that only DataLength was checked in OpenSSL
// //
if (Data == NULL && DataSize != 0) { if ((Data == NULL) && (DataSize != 0)) {
return FALSE; return FALSE;
} }
// //
// OpenSSL SHA-384 Hash Update // OpenSSL SHA-384 Hash Update
// //
return (BOOLEAN) (SHA384_Update ((SHA512_CTX *) Sha384Context, Data, DataSize)); return (BOOLEAN)(SHA384_Update ((SHA512_CTX *)Sha384Context, Data, DataSize));
} }
/** /**
@ -168,14 +168,14 @@ Sha384Final (
// //
// Check input parameters. // Check input parameters.
// //
if (Sha384Context == NULL || HashValue == NULL) { if ((Sha384Context == NULL) || (HashValue == NULL)) {
return FALSE; return FALSE;
} }
// //
// OpenSSL SHA-384 Hash Finalization // OpenSSL SHA-384 Hash Finalization
// //
return (BOOLEAN) (SHA384_Final (HashValue, (SHA512_CTX *) Sha384Context)); return (BOOLEAN)(SHA384_Final (HashValue, (SHA512_CTX *)Sha384Context));
} }
/** /**
@ -210,7 +210,8 @@ Sha384HashAll (
if (HashValue == NULL) { if (HashValue == NULL) {
return FALSE; return FALSE;
} }
if (Data == NULL && DataSize != 0) {
if ((Data == NULL) && (DataSize != 0)) {
return FALSE; return FALSE;
} }
@ -239,7 +240,7 @@ Sha512GetContextSize (
// //
// Retrieves OpenSSL SHA-512 Context Size // Retrieves OpenSSL SHA-512 Context Size
// //
return (UINTN) (sizeof (SHA512_CTX)); return (UINTN)(sizeof (SHA512_CTX));
} }
/** /**
@ -270,7 +271,7 @@ Sha512Init (
// //
// OpenSSL SHA-512 Context Initialization // OpenSSL SHA-512 Context Initialization
// //
return (BOOLEAN) (SHA512_Init ((SHA512_CTX *) Sha512Context)); return (BOOLEAN)(SHA512_Init ((SHA512_CTX *)Sha512Context));
} }
/** /**
@ -298,7 +299,7 @@ Sha512Duplicate (
// //
// Check input parameters. // Check input parameters.
// //
if (Sha512Context == NULL || NewSha512Context == NULL) { if ((Sha512Context == NULL) || (NewSha512Context == NULL)) {
return FALSE; return FALSE;
} }
@ -343,14 +344,14 @@ Sha512Update (
// //
// Check invalid parameters, in case that only DataLength was checked in OpenSSL // Check invalid parameters, in case that only DataLength was checked in OpenSSL
// //
if (Data == NULL && DataSize != 0) { if ((Data == NULL) && (DataSize != 0)) {
return FALSE; return FALSE;
} }
// //
// OpenSSL SHA-512 Hash Update // OpenSSL SHA-512 Hash Update
// //
return (BOOLEAN) (SHA512_Update ((SHA512_CTX *) Sha512Context, Data, DataSize)); return (BOOLEAN)(SHA512_Update ((SHA512_CTX *)Sha512Context, Data, DataSize));
} }
/** /**
@ -383,14 +384,14 @@ Sha512Final (
// //
// Check input parameters. // Check input parameters.
// //
if (Sha512Context == NULL || HashValue == NULL) { if ((Sha512Context == NULL) || (HashValue == NULL)) {
return FALSE; return FALSE;
} }
// //
// OpenSSL SHA-512 Hash Finalization // OpenSSL SHA-512 Hash Finalization
// //
return (BOOLEAN) (SHA384_Final (HashValue, (SHA512_CTX *) Sha512Context)); return (BOOLEAN)(SHA384_Final (HashValue, (SHA512_CTX *)Sha512Context));
} }
/** /**
@ -425,7 +426,8 @@ Sha512HashAll (
if (HashValue == NULL) { if (HashValue == NULL) {
return FALSE; return FALSE;
} }
if (Data == NULL && DataSize != 0) {
if ((Data == NULL) && (DataSize != 0)) {
return FALSE; return FALSE;
} }

23
CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c
View File

@ -24,7 +24,7 @@ Sm3GetContextSize (
// //
// Retrieves Openssl SM3 Context Size // Retrieves Openssl SM3 Context Size
// //
return (UINTN) (sizeof (SM3_CTX)); return (UINTN)(sizeof (SM3_CTX));
} }
/** /**
@ -55,7 +55,7 @@ Sm3Init (
// //
// Openssl SM3 Context Initialization // Openssl SM3 Context Initialization
// //
sm3_init ((SM3_CTX *) Sm3Context); sm3_init ((SM3_CTX *)Sm3Context);
return TRUE; return TRUE;
} }
@ -84,7 +84,7 @@ Sm3Duplicate (
// //
// Check input parameters. // Check input parameters.
// //
if (Sm3Context == NULL || NewSm3Context == NULL) { if ((Sm3Context == NULL) || (NewSm3Context == NULL)) {
return FALSE; return FALSE;
} }
@ -129,14 +129,14 @@ Sm3Update (
// //
// Check invalid parameters, in case that only DataLength was checked in Openssl // Check invalid parameters, in case that only DataLength was checked in Openssl
// //
if (Data == NULL && DataSize != 0) { if ((Data == NULL) && (DataSize != 0)) {
return FALSE; return FALSE;
} }
// //
// Openssl SM3 Hash Update // Openssl SM3 Hash Update
// //
sm3_update ((SM3_CTX *) Sm3Context, Data, DataSize); sm3_update ((SM3_CTX *)Sm3Context, Data, DataSize);
return TRUE; return TRUE;
} }
@ -171,14 +171,14 @@ Sm3Final (
// //
// Check input parameters. // Check input parameters.
// //
if (Sm3Context == NULL || HashValue == NULL) { if ((Sm3Context == NULL) || (HashValue == NULL)) {
return FALSE; return FALSE;
} }
// //
// Openssl SM3 Hash Finalization // Openssl SM3 Hash Finalization
// //
sm3_final (HashValue, (SM3_CTX *) Sm3Context); sm3_final (HashValue, (SM3_CTX *)Sm3Context);
return TRUE; return TRUE;
} }
@ -217,18 +217,19 @@ Sm3HashAll (
if (HashValue == NULL) { if (HashValue == NULL) {
return FALSE; return FALSE;
} }
if (Data == NULL && DataSize != 0) {
if ((Data == NULL) && (DataSize != 0)) {
return FALSE; return FALSE;
} }
// //
// SM3 Hash Computation. // SM3 Hash Computation.
// //
sm3_init(&Ctx); sm3_init (&Ctx);
sm3_update(&Ctx, Data, DataSize); sm3_update (&Ctx, Data, DataSize);
sm3_final(HashValue, &Ctx); sm3_final (HashValue, &Ctx);
return TRUE; return TRUE;
} }

13
CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c
View File

@ -25,7 +25,7 @@ HmacSha256New (
// //
// Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new() // Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new()
// //
return (VOID *) HMAC_CTX_new (); return (VOID *)HMAC_CTX_new ();
} }
/** /**
@ -71,11 +71,11 @@ HmacSha256SetKey (
// //
// Check input parameters. // Check input parameters.
// //
if (HmacSha256Context == NULL || KeySize > INT_MAX) { if ((HmacSha256Context == NULL) || (KeySize > INT_MAX)) {
return FALSE; return FALSE;
} }
if (HMAC_Init_ex ((HMAC_CTX *)HmacSha256Context, Key, (UINT32) KeySize, EVP_sha256(), NULL) != 1) { if (HMAC_Init_ex ((HMAC_CTX *)HmacSha256Context, Key, (UINT32)KeySize, EVP_sha256 (), NULL) != 1) {
return FALSE; return FALSE;
} }
@ -105,7 +105,7 @@ HmacSha256Duplicate (
// //
// Check input parameters. // Check input parameters.
// //
if (HmacSha256Context == NULL || NewHmacSha256Context == NULL) { if ((HmacSha256Context == NULL) || (NewHmacSha256Context == NULL)) {
return FALSE; return FALSE;
} }
@ -152,7 +152,7 @@ HmacSha256Update (
// //
// Check invalid parameters, in case that only DataLength was checked in OpenSSL // Check invalid parameters, in case that only DataLength was checked in OpenSSL
// //
if (Data == NULL && DataSize != 0) { if ((Data == NULL) && (DataSize != 0)) {
return FALSE; return FALSE;
} }
@ -198,7 +198,7 @@ HmacSha256Final (
// //
// Check input parameters. // Check input parameters.
// //
if (HmacSha256Context == NULL || HmacValue == NULL) { if ((HmacSha256Context == NULL) || (HmacValue == NULL)) {
return FALSE; return FALSE;
} }
@ -208,6 +208,7 @@ HmacSha256Final (
if (HMAC_Final ((HMAC_CTX *)HmacSha256Context, HmacValue, &Length) != 1) { if (HMAC_Final ((HMAC_CTX *)HmacSha256Context, HmacValue, &Length) != 1) {
return FALSE; return FALSE;
} }
if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha256Context) != 1) { if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha256Context) != 1) {
return FALSE; return FALSE;
} }

41
CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdf.c
View File

@ -42,34 +42,39 @@ HkdfSha256ExtractAndExpand (
EVP_PKEY_CTX *pHkdfCtx; EVP_PKEY_CTX *pHkdfCtx;
BOOLEAN Result; BOOLEAN Result;
if (Key == NULL || Salt == NULL || Info == NULL || Out == NULL || if ((Key == NULL) || (Salt == NULL) || (Info == NULL) || (Out == NULL) ||
KeySize > INT_MAX || SaltSize > INT_MAX || InfoSize > INT_MAX || OutSize > INT_MAX ) { (KeySize > INT_MAX) || (SaltSize > INT_MAX) || (InfoSize > INT_MAX) || (OutSize > INT_MAX))
{
return FALSE; return FALSE;
} }
pHkdfCtx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); pHkdfCtx = EVP_PKEY_CTX_new_id (EVP_PKEY_HKDF, NULL);
if (pHkdfCtx == NULL) { if (pHkdfCtx == NULL) {
return FALSE; return FALSE;
} }
Result = EVP_PKEY_derive_init(pHkdfCtx) > 0; Result = EVP_PKEY_derive_init (pHkdfCtx) > 0;
if (Result) { if (Result) {
Result = EVP_PKEY_CTX_set_hkdf_md(pHkdfCtx, EVP_sha256()) > 0; Result = EVP_PKEY_CTX_set_hkdf_md (pHkdfCtx, EVP_sha256 ()) > 0;
}
if (Result) {
Result = EVP_PKEY_CTX_set1_hkdf_salt(pHkdfCtx, Salt, (UINT32)SaltSize) > 0;
}
if (Result) {
Result = EVP_PKEY_CTX_set1_hkdf_key(pHkdfCtx, Key, (UINT32)KeySize) > 0;
}
if (Result) {
Result = EVP_PKEY_CTX_add1_hkdf_info(pHkdfCtx, Info, (UINT32)InfoSize) > 0;
}
if (Result) {
Result = EVP_PKEY_derive(pHkdfCtx, Out, &OutSize) > 0;
} }
EVP_PKEY_CTX_free(pHkdfCtx); if (Result) {
Result = EVP_PKEY_CTX_set1_hkdf_salt (pHkdfCtx, Salt, (UINT32)SaltSize) > 0;
}
if (Result) {
Result = EVP_PKEY_CTX_set1_hkdf_key (pHkdfCtx, Key, (UINT32)KeySize) > 0;
}
if (Result) {
Result = EVP_PKEY_CTX_add1_hkdf_info (pHkdfCtx, Info, (UINT32)InfoSize) > 0;
}
if (Result) {
Result = EVP_PKEY_derive (pHkdfCtx, Out, &OutSize) > 0;
}
EVP_PKEY_CTX_free (pHkdfCtx);
pHkdfCtx = NULL; pHkdfCtx = NULL;
return Result; return Result;
} }

16
CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c
View File

@ -30,14 +30,14 @@ PasswordCallback (
{ {
INTN KeyLength; INTN KeyLength;
ZeroMem ((VOID *) Buf, (UINTN) Size); ZeroMem ((VOID *)Buf, (UINTN)Size);
if (Key != NULL) { if (Key != NULL) {
// //
// Duplicate key phrase directly. // Duplicate key phrase directly.
// //
KeyLength = (INTN) AsciiStrLen ((CHAR8 *)Key); KeyLength = (INTN)AsciiStrLen ((CHAR8 *)Key);
KeyLength = (KeyLength > Size ) ? Size : KeyLength; KeyLength = (KeyLength > Size) ? Size : KeyLength;
CopyMem (Buf, Key, (UINTN) KeyLength); CopyMem (Buf, Key, (UINTN)KeyLength);
return KeyLength; return KeyLength;
} else { } else {
return 0; return 0;
@ -76,7 +76,7 @@ RsaGetPrivateKeyFromPem (
// //
// Check input parameters. // Check input parameters.
// //
if (PemData == NULL || RsaContext == NULL || PemSize > INT_MAX) { if ((PemData == NULL) || (RsaContext == NULL) || (PemSize > INT_MAX)) {
return FALSE; return FALSE;
} }
@ -87,9 +87,11 @@ RsaGetPrivateKeyFromPem (
if (EVP_add_cipher (EVP_aes_128_cbc ()) == 0) { if (EVP_add_cipher (EVP_aes_128_cbc ()) == 0) {
return FALSE; return FALSE;
} }
if (EVP_add_cipher (EVP_aes_192_cbc ()) == 0) { if (EVP_add_cipher (EVP_aes_192_cbc ()) == 0) {
return FALSE; return FALSE;
} }
if (EVP_add_cipher (EVP_aes_256_cbc ()) == 0) { if (EVP_add_cipher (EVP_aes_256_cbc ()) == 0) {
return FALSE; return FALSE;
} }
@ -104,14 +106,14 @@ RsaGetPrivateKeyFromPem (
goto _Exit; goto _Exit;
} }
if (BIO_write (PemBio, PemData, (int) PemSize) <= 0) { if (BIO_write (PemBio, PemData, (int)PemSize) <= 0) {
goto _Exit; goto _Exit;
} }
// //
// Retrieve RSA Private Key from encrypted PEM data. // Retrieve RSA Private Key from encrypted PEM data.
// //
*RsaContext = PEM_read_bio_RSAPrivateKey (PemBio, NULL, (pem_password_cb *) &PasswordCallback, (void *) Password); *RsaContext = PEM_read_bio_RSAPrivateKey (PemBio, NULL, (pem_password_cb *)&PasswordCallback, (void *)Password);
if (*RsaContext != NULL) { if (*RsaContext != NULL) {
Status = TRUE; Status = TRUE;
} }

23
CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
View File

@ -25,7 +25,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
// //
UINT8 mSpcIndirectOidValue[] = { UINT8 mSpcIndirectOidValue[] = {
0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x04 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x04
}; };
/** /**
Verifies the validity of a PE/COFF Authenticode Signature as described in "Windows Verifies the validity of a PE/COFF Authenticode Signature as described in "Windows
@ -109,20 +109,20 @@ AuthenticodeVerify (
// some authenticode-specific structure. Use opaque ASN.1 string to retrieve // some authenticode-specific structure. Use opaque ASN.1 string to retrieve
// PKCS#7 ContentInfo here. // PKCS#7 ContentInfo here.
// //
SpcIndirectDataOid = OBJ_get0_data(Pkcs7->d.sign->contents->type); SpcIndirectDataOid = OBJ_get0_data (Pkcs7->d.sign->contents->type);
if (OBJ_length(Pkcs7->d.sign->contents->type) != sizeof(mSpcIndirectOidValue) || if ((OBJ_length (Pkcs7->d.sign->contents->type) != sizeof (mSpcIndirectOidValue)) ||
CompareMem ( (CompareMem (
SpcIndirectDataOid, SpcIndirectDataOid,
mSpcIndirectOidValue, mSpcIndirectOidValue,
sizeof (mSpcIndirectOidValue) sizeof (mSpcIndirectOidValue)
) != 0) { ) != 0))
{
// //
// Un-matched SPC_INDIRECT_DATA_OBJID. // Un-matched SPC_INDIRECT_DATA_OBJID.
// //
goto _Exit; goto _Exit;
} }
SpcIndirectDataContent = (UINT8 *)(Pkcs7->d.sign->contents->d.other->value.asn1_string->data); SpcIndirectDataContent = (UINT8 *)(Pkcs7->d.sign->contents->d.other->value.asn1_string->data);
// //
@ -134,33 +134,30 @@ AuthenticodeVerify (
// //
// Short Form of Length Encoding (Length < 128) // Short Form of Length Encoding (Length < 128)
// //
ContentSize = (UINTN) (Asn1Byte & 0x7F); ContentSize = (UINTN)(Asn1Byte & 0x7F);
// //
// Skip the SEQUENCE Tag; // Skip the SEQUENCE Tag;
// //
SpcIndirectDataContent += 2; SpcIndirectDataContent += 2;
} else if ((Asn1Byte & 0x81) == 0x81) { } else if ((Asn1Byte & 0x81) == 0x81) {
// //
// Long Form of Length Encoding (128 <= Length < 255, Single Octet) // Long Form of Length Encoding (128 <= Length < 255, Single Octet)
// //
ContentSize = (UINTN) (*(UINT8 *)(SpcIndirectDataContent + 2)); ContentSize = (UINTN)(*(UINT8 *)(SpcIndirectDataContent + 2));
// //
// Skip the SEQUENCE Tag; // Skip the SEQUENCE Tag;
// //
SpcIndirectDataContent += 3; SpcIndirectDataContent += 3;
} else if ((Asn1Byte & 0x82) == 0x82) { } else if ((Asn1Byte & 0x82) == 0x82) {
// //
// Long Form of Length Encoding (Length > 255, Two Octet) // Long Form of Length Encoding (Length > 255, Two Octet)
// //
ContentSize = (UINTN) (*(UINT8 *)(SpcIndirectDataContent + 2)); ContentSize = (UINTN)(*(UINT8 *)(SpcIndirectDataContent + 2));
ContentSize = (ContentSize << 8) + (UINTN)(*(UINT8 *)(SpcIndirectDataContent + 3)); ContentSize = (ContentSize << 8) + (UINTN)(*(UINT8 *)(SpcIndirectDataContent + 3));
// //
// Skip the SEQUENCE Tag; // Skip the SEQUENCE Tag;
// //
SpcIndirectDataContent += 4; SpcIndirectDataContent += 4;
} else { } else {
goto _Exit; goto _Exit;
} }
@ -180,7 +177,7 @@ AuthenticodeVerify (
// //
// Verifies the PKCS#7 Signed Data in PE/COFF Authenticode Signature // Verifies the PKCS#7 Signed Data in PE/COFF Authenticode Signature
// //
Status = (BOOLEAN) Pkcs7Verify (OrigAuthData, DataSize, TrustedCert, CertSize, SpcIndirectDataContent, ContentSize); Status = (BOOLEAN)Pkcs7Verify (OrigAuthData, DataSize, TrustedCert, CertSize, SpcIndirectDataContent, ContentSize);
_Exit: _Exit:
// //

31
CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c
View File

@ -26,7 +26,7 @@ DhNew (
// //
// Allocates & Initializes DH Context by OpenSSL DH_new() // Allocates & Initializes DH Context by OpenSSL DH_new()
// //
return (VOID *) DH_new (); return (VOID *)DH_new ();
} }
/** /**
@ -46,7 +46,7 @@ DhFree (
// //
// Free OpenSSL DH Context // Free OpenSSL DH Context
// //
DH_free ((DH *) DhContext); DH_free ((DH *)DhContext);
} }
/** /**
@ -86,15 +86,15 @@ DhGenerateParameter (
// //
// Check input parameters. // Check input parameters.
// //
if (DhContext == NULL || Prime == NULL || PrimeLength > INT_MAX) { if ((DhContext == NULL) || (Prime == NULL) || (PrimeLength > INT_MAX)) {
return FALSE; return FALSE;
} }
if (Generator != DH_GENERATOR_2 && Generator != DH_GENERATOR_5) { if ((Generator != DH_GENERATOR_2) && (Generator != DH_GENERATOR_5)) {
return FALSE; return FALSE;
} }
RetVal = (BOOLEAN) DH_generate_parameters_ex (DhContext, (UINT32) PrimeLength, (UINT32) Generator, NULL); RetVal = (BOOLEAN)DH_generate_parameters_ex (DhContext, (UINT32)PrimeLength, (UINT32)Generator, NULL);
if (!RetVal) { if (!RetVal) {
return FALSE; return FALSE;
} }
@ -142,11 +142,11 @@ DhSetParameter (
// //
// Check input parameters. // Check input parameters.
// //
if (DhContext == NULL || Prime == NULL || PrimeLength > INT_MAX) { if ((DhContext == NULL) || (Prime == NULL) || (PrimeLength > INT_MAX)) {
return FALSE; return FALSE;
} }
if (Generator != DH_GENERATOR_2 && Generator != DH_GENERATOR_5) { if ((Generator != DH_GENERATOR_2) && (Generator != DH_GENERATOR_5)) {
return FALSE; return FALSE;
} }
@ -207,21 +207,21 @@ DhGenerateKey (
// //
// Check input parameters. // Check input parameters.
// //
if (DhContext == NULL || PublicKeySize == NULL) { if ((DhContext == NULL) || (PublicKeySize == NULL)) {
return FALSE; return FALSE;
} }
if (PublicKey == NULL && *PublicKeySize != 0) { if ((PublicKey == NULL) && (*PublicKeySize != 0)) {
return FALSE; return FALSE;
} }
Dh = (DH *) DhContext; Dh = (DH *)DhContext;
RetVal = (BOOLEAN) DH_generate_key (DhContext); RetVal = (BOOLEAN)DH_generate_key (DhContext);
if (RetVal) { if (RetVal) {
DH_get0_key (Dh, (const BIGNUM **)&DhPubKey, NULL); DH_get0_key (Dh, (const BIGNUM **)&DhPubKey, NULL);
Size = BN_num_bytes (DhPubKey); Size = BN_num_bytes (DhPubKey);
if ((Size > 0) && (*PublicKeySize < (UINTN) Size)) { if ((Size > 0) && (*PublicKeySize < (UINTN)Size)) {
*PublicKeySize = Size; *PublicKeySize = Size;
return FALSE; return FALSE;
} }
@ -229,6 +229,7 @@ DhGenerateKey (
if (PublicKey != NULL) { if (PublicKey != NULL) {
BN_bn2bin (DhPubKey, PublicKey); BN_bn2bin (DhPubKey, PublicKey);
} }
*PublicKeySize = Size; *PublicKeySize = Size;
} }
@ -275,7 +276,7 @@ DhComputeKey (
// //
// Check input parameters. // Check input parameters.
// //
if (DhContext == NULL || PeerPublicKey == NULL || KeySize == NULL || Key == NULL) { if ((DhContext == NULL) || (PeerPublicKey == NULL) || (KeySize == NULL) || (Key == NULL)) {
return FALSE; return FALSE;
} }
@ -283,7 +284,7 @@ DhComputeKey (
return FALSE; return FALSE;
} }
Bn = BN_bin2bn (PeerPublicKey, (UINT32) PeerPublicKeySize, NULL); Bn = BN_bin2bn (PeerPublicKey, (UINT32)PeerPublicKeySize, NULL);
if (Bn == NULL) { if (Bn == NULL) {
return FALSE; return FALSE;
} }
@ -294,7 +295,7 @@ DhComputeKey (
return FALSE; return FALSE;
} }
if (*KeySize < (UINTN) Size) { if (*KeySize < (UINTN)Size) {
*KeySize = Size; *KeySize = Size;
BN_free (Bn); BN_free (Bn);
return FALSE; return FALSE;

15
CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs1Oaep.c
View File

@ -67,8 +67,9 @@ Pkcs1v2Encrypt (
// //
// Check input parameters. // Check input parameters.
// //
if (PublicKey == NULL || InData == NULL || if ((PublicKey == NULL) || (InData == NULL) ||
EncryptedData == NULL || EncryptedDataSize == NULL) { (EncryptedData == NULL) || (EncryptedDataSize == NULL))
{
return FALSE; return FALSE;
} }
@ -137,11 +138,13 @@ Pkcs1v2Encrypt (
// //
goto _Exit; goto _Exit;
} }
// //
// Initialize the context and set the desired padding. // Initialize the context and set the desired padding.
// //
if (EVP_PKEY_encrypt_init (PkeyCtx) <= 0 || if ((EVP_PKEY_encrypt_init (PkeyCtx) <= 0) ||
EVP_PKEY_CTX_set_rsa_padding (PkeyCtx, RSA_PKCS1_OAEP_PADDING) <= 0) { (EVP_PKEY_CTX_set_rsa_padding (PkeyCtx, RSA_PKCS1_OAEP_PADDING) <= 0))
{
// //
// Fail to initialize the context. // Fail to initialize the context.
// //
@ -194,11 +197,13 @@ _Exit:
// Release Resources // Release Resources
// //
if (CertData != NULL) { if (CertData != NULL) {
X509_free (CertData ); X509_free (CertData);
} }
if (InternalPublicKey != NULL) { if (InternalPublicKey != NULL) {
EVP_PKEY_free (InternalPublicKey); EVP_PKEY_free (InternalPublicKey);
} }
if (PkeyCtx != NULL) { if (PkeyCtx != NULL) {
EVP_PKEY_CTX_free (PkeyCtx); EVP_PKEY_CTX_free (PkeyCtx);
} }

9
CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
View File

@ -58,21 +58,24 @@ Pkcs5HashPassword (
if ((Password == NULL) || (Salt == NULL) || (OutKey == NULL)) { if ((Password == NULL) || (Salt == NULL) || (OutKey == NULL)) {
return FALSE; return FALSE;
} }
if ((PasswordLength == 0) || (PasswordLength > INT_MAX) || if ((PasswordLength == 0) || (PasswordLength > INT_MAX) ||
(SaltLength == 0) || (SaltLength > INT_MAX) || (SaltLength == 0) || (SaltLength > INT_MAX) ||
(KeyLength == 0) || (KeyLength > INT_MAX) || (KeyLength == 0) || (KeyLength > INT_MAX) ||
(IterationCount < 1) || (IterationCount > INT_MAX)) { (IterationCount < 1) || (IterationCount > INT_MAX))
{
return FALSE; return FALSE;
} }
// //
// Make sure the digest algorithm is supported. // Make sure the digest algorithm is supported.
// //
switch (DigestSize) { switch (DigestSize) {
case SHA1_DIGEST_SIZE: case SHA1_DIGEST_SIZE:
HashAlg = EVP_sha1(); HashAlg = EVP_sha1 ();
break; break;
case SHA256_DIGEST_SIZE: case SHA256_DIGEST_SIZE:
HashAlg = EVP_sha256(); HashAlg = EVP_sha256 ();
break; break;
default: default:
return FALSE; return FALSE;

22
CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c
View File

@ -62,8 +62,9 @@ Pkcs7Sign (
// //
// Check input parameters. // Check input parameters.
// //
if (PrivateKey == NULL || KeyPassword == NULL || InData == NULL || if ((PrivateKey == NULL) || (KeyPassword == NULL) || (InData == NULL) ||
SignCert == NULL || SignedData == NULL || SignedDataSize == NULL || InDataSize > INT_MAX) { (SignCert == NULL) || (SignedData == NULL) || (SignedDataSize == NULL) || (InDataSize > INT_MAX))
{
return FALSE; return FALSE;
} }
@ -79,8 +80,8 @@ Pkcs7Sign (
Status = RsaGetPrivateKeyFromPem ( Status = RsaGetPrivateKeyFromPem (
PrivateKey, PrivateKey,
PrivateKeySize, PrivateKeySize,
(CONST CHAR8 *) KeyPassword, (CONST CHAR8 *)KeyPassword,
(VOID **) &RsaContext (VOID **)&RsaContext
); );
if (!Status) { if (!Status) {
return Status; return Status;
@ -94,9 +95,11 @@ Pkcs7Sign (
if (EVP_add_digest (EVP_md5 ()) == 0) { if (EVP_add_digest (EVP_md5 ()) == 0) {
goto _Exit; goto _Exit;
} }
if (EVP_add_digest (EVP_sha1 ()) == 0) { if (EVP_add_digest (EVP_sha1 ()) == 0) {
goto _Exit; goto _Exit;
} }
if (EVP_add_digest (EVP_sha256 ()) == 0) { if (EVP_add_digest (EVP_sha256 ()) == 0) {
goto _Exit; goto _Exit;
} }
@ -110,7 +113,8 @@ Pkcs7Sign (
if (Key == NULL) { if (Key == NULL) {
goto _Exit; goto _Exit;
} }
if (EVP_PKEY_assign_RSA (Key, (RSA *) RsaContext) == 0) {
if (EVP_PKEY_assign_RSA (Key, (RSA *)RsaContext) == 0) {
goto _Exit; goto _Exit;
} }
@ -122,7 +126,7 @@ Pkcs7Sign (
goto _Exit; goto _Exit;
} }
if (BIO_write (DataBio, InData, (int) InDataSize) <= 0) { if (BIO_write (DataBio, InData, (int)InDataSize) <= 0) {
goto _Exit; goto _Exit;
} }
@ -130,9 +134,9 @@ Pkcs7Sign (
// Create the PKCS#7 signedData structure. // Create the PKCS#7 signedData structure.
// //
Pkcs7 = PKCS7_sign ( Pkcs7 = PKCS7_sign (
(X509 *) SignCert, (X509 *)SignCert,
Key, Key,
(STACK_OF(X509) *) OtherCerts, (STACK_OF (X509) *) OtherCerts,
DataBio, DataBio,
PKCS7_BINARY | PKCS7_NOATTR | PKCS7_DETACHED PKCS7_BINARY | PKCS7_NOATTR | PKCS7_DETACHED
); );
@ -154,7 +158,7 @@ Pkcs7Sign (
} }
Tmp = P7Data; Tmp = P7Data;
P7DataSize = i2d_PKCS7 (Pkcs7, (unsigned char **) &Tmp); P7DataSize = i2d_PKCS7 (Pkcs7, (unsigned char **)&Tmp);
ASSERT (P7DataSize > 19); ASSERT (P7DataSize > 19);
// //

1
CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7SignNull.c
View File

@ -51,4 +51,3 @@ Pkcs7Sign (
ASSERT (FALSE); ASSERT (FALSE);
return FALSE; return FALSE;
} }

9
CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyBase.c
View File

@ -57,7 +57,7 @@ Pkcs7TypeIsOther (
@return ASN1_OCTET_STRING ASN.1 string. @return ASN1_OCTET_STRING ASN.1 string.
**/ **/
STATIC STATIC
ASN1_OCTET_STRING* ASN1_OCTET_STRING *
Pkcs7GetOctetString ( Pkcs7GetOctetString (
IN PKCS7 *P7 IN PKCS7 *P7
) )
@ -66,8 +66,9 @@ Pkcs7GetOctetString (
return P7->d.data; return P7->d.data;
} }
if (Pkcs7TypeIsOther(P7) && (P7->d.other != NULL) && if (Pkcs7TypeIsOther (P7) && (P7->d.other != NULL) &&
(P7->d.other->type == V_ASN1_OCTET_STRING)) { (P7->d.other->type == V_ASN1_OCTET_STRING))
{
return P7->d.other->value.octet_string; return P7->d.other->value.octet_string;
} }
@ -171,9 +172,11 @@ Pkcs7GetAttachedContent (
*ContentSize = 0; *ContentSize = 0;
goto _Exit; goto _Exit;
} }
CopyMem (*Content, OctStr->data, *ContentSize); CopyMem (*Content, OctStr->data, *ContentSize);
} }
} }
Status = TRUE; Status = TRUE;
_Exit: _Exit:

85
CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c
View File

@ -72,7 +72,7 @@ WrapPkcs7Data (
} }
if (Wrapped) { if (Wrapped) {
*WrapData = (UINT8 *) P7Data; *WrapData = (UINT8 *)P7Data;
*WrapDataSize = P7Length; *WrapDataSize = P7Length;
} else { } else {
// //
@ -96,8 +96,8 @@ WrapPkcs7Data (
// //
// Part2: Length1 = P7Length + 19 - 4, in big endian. // Part2: Length1 = P7Length + 19 - 4, in big endian.
// //
SignedData[2] = (UINT8) (((UINT16) (*WrapDataSize - 4)) >> 8); SignedData[2] = (UINT8)(((UINT16)(*WrapDataSize - 4)) >> 8);
SignedData[3] = (UINT8) (((UINT16) (*WrapDataSize - 4)) & 0xff); SignedData[3] = (UINT8)(((UINT16)(*WrapDataSize - 4)) & 0xff);
// //
// Part3: 0x06, 0x09. // Part3: 0x06, 0x09.
@ -119,8 +119,8 @@ WrapPkcs7Data (
// //
// Part6: Length2 = P7Length, in big endian. // Part6: Length2 = P7Length, in big endian.
// //
SignedData[17] = (UINT8) (((UINT16) P7Length) >> 8); SignedData[17] = (UINT8)(((UINT16)P7Length) >> 8);
SignedData[18] = (UINT8) (((UINT16) P7Length) & 0xff); SignedData[18] = (UINT8)(((UINT16)P7Length) & 0xff);
// //
// Part7: P7Data. // Part7: P7Data.
@ -154,7 +154,8 @@ X509PopCertificate (
{ {
BIO *CertBio; BIO *CertBio;
X509 *X509Cert; X509 *X509Cert;
STACK_OF(X509) *CertStack;
STACK_OF (X509) *CertStack;
BOOLEAN Status; BOOLEAN Status;
INT32 Result; INT32 Result;
BUF_MEM *Ptr; BUF_MEM *Ptr;
@ -167,7 +168,7 @@ X509PopCertificate (
return Status; return Status;
} }
CertStack = (STACK_OF(X509) *) X509Stack; CertStack = (STACK_OF (X509) *) X509Stack;
X509Cert = sk_X509_pop (CertStack); X509Cert = sk_X509_pop (CertStack);
@ -264,7 +265,8 @@ Pkcs7GetSigners (
CONST UINT8 *Temp; CONST UINT8 *Temp;
UINTN SignedDataSize; UINTN SignedDataSize;
BOOLEAN Wrapped; BOOLEAN Wrapped;
STACK_OF(X509) *Stack;
STACK_OF (X509) *Stack;
UINT8 Index; UINT8 Index;
UINT8 *CertBuf; UINT8 *CertBuf;
UINT8 *OldBuf; UINT8 *OldBuf;
@ -274,7 +276,8 @@ Pkcs7GetSigners (
UINTN SingleCertSize; UINTN SingleCertSize;
if ((P7Data == NULL) || (CertStack == NULL) || (StackLength == NULL) || if ((P7Data == NULL) || (CertStack == NULL) || (StackLength == NULL) ||
(TrustedCert == NULL) || (CertLength == NULL) || (P7Length > INT_MAX)) { (TrustedCert == NULL) || (CertLength == NULL) || (P7Length > INT_MAX))
{
return FALSE; return FALSE;
} }
@ -298,7 +301,7 @@ Pkcs7GetSigners (
} }
Temp = SignedData; Temp = SignedData;
Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **) &Temp, (int) SignedDataSize); Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **)&Temp, (int)SignedDataSize);
if (Pkcs7 == NULL) { if (Pkcs7 == NULL) {
goto _Exit; goto _Exit;
} }
@ -310,7 +313,7 @@ Pkcs7GetSigners (
goto _Exit; goto _Exit;
} }
Stack = PKCS7_get0_signers(Pkcs7, NULL, PKCS7_BINARY); Stack = PKCS7_get0_signers (Pkcs7, NULL, PKCS7_BINARY);
if (Stack == NULL) { if (Stack == NULL) {
goto _Exit; goto _Exit;
} }
@ -350,7 +353,7 @@ Pkcs7GetSigners (
OldBuf = NULL; OldBuf = NULL;
} }
WriteUnaligned32 ((UINT32 *) (CertBuf + OldSize), (UINT32) SingleCertSize); WriteUnaligned32 ((UINT32 *)(CertBuf + OldSize), (UINT32)SingleCertSize);
CopyMem (CertBuf + OldSize + sizeof (UINT32), SingleCert, SingleCertSize); CopyMem (CertBuf + OldSize + sizeof (UINT32), SingleCert, SingleCertSize);
free (SingleCert); free (SingleCert);
@ -388,7 +391,7 @@ _Exit:
} }
if (Stack != NULL) { if (Stack != NULL) {
sk_X509_pop_free(Stack, X509_free); sk_X509_pop_free (Stack, X509_free);
} }
if (SingleCert != NULL) { if (SingleCert != NULL) {
@ -466,10 +469,12 @@ Pkcs7GetCertificatesList (
UINT8 Index; UINT8 Index;
PKCS7 *Pkcs7; PKCS7 *Pkcs7;
X509_STORE_CTX *CertCtx; X509_STORE_CTX *CertCtx;
STACK_OF(X509) *CtxChain;
STACK_OF(X509) *CtxUntrusted; STACK_OF (X509) *CtxChain;
STACK_OF (X509) *CtxUntrusted;
X509 *CtxCert; X509 *CtxCert;
STACK_OF(X509) *Signers;
STACK_OF (X509) *Signers;
X509 *Signer; X509 *Signer;
X509 *Cert; X509 *Cert;
X509 *Issuer; X509 *Issuer;
@ -503,7 +508,8 @@ Pkcs7GetCertificatesList (
// Parameter Checking // Parameter Checking
// //
if ((P7Data == NULL) || (SignerChainCerts == NULL) || (ChainLength == NULL) || if ((P7Data == NULL) || (SignerChainCerts == NULL) || (ChainLength == NULL) ||
(UnchainCerts == NULL) || (UnchainLength == NULL) || (P7Length > INT_MAX)) { (UnchainCerts == NULL) || (UnchainLength == NULL) || (P7Length > INT_MAX))
{
return Status; return Status;
} }
@ -523,7 +529,7 @@ Pkcs7GetCertificatesList (
// //
// Decodes PKCS#7 SignedData // Decodes PKCS#7 SignedData
// //
Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **) &NewP7Data, (int) NewP7Length); Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **)&NewP7Data, (int)NewP7Length);
if ((Pkcs7 == NULL) || (!PKCS7_type_is_signed (Pkcs7))) { if ((Pkcs7 == NULL) || (!PKCS7_type_is_signed (Pkcs7))) {
goto _Error; goto _Error;
} }
@ -537,15 +543,18 @@ Pkcs7GetCertificatesList (
if ((Signers == NULL) || (sk_X509_num (Signers) != 1)) { if ((Signers == NULL) || (sk_X509_num (Signers) != 1)) {
goto _Error; goto _Error;
} }
Signer = sk_X509_value (Signers, 0); Signer = sk_X509_value (Signers, 0);
CertCtx = X509_STORE_CTX_new (); CertCtx = X509_STORE_CTX_new ();
if (CertCtx == NULL) { if (CertCtx == NULL) {
goto _Error; goto _Error;
} }
if (!X509_STORE_CTX_init (CertCtx, NULL, Signer, Pkcs7->d.sign->cert)) { if (!X509_STORE_CTX_init (CertCtx, NULL, Signer, Pkcs7->d.sign->cert)) {
goto _Error; goto _Error;
} }
// //
// Initialize Chained & Untrusted stack // Initialize Chained & Untrusted stack
// //
@ -553,10 +562,12 @@ Pkcs7GetCertificatesList (
CtxCert = X509_STORE_CTX_get0_cert (CertCtx); CtxCert = X509_STORE_CTX_get0_cert (CertCtx);
if (CtxChain == NULL) { if (CtxChain == NULL) {
if (((CtxChain = sk_X509_new_null ()) == NULL) || if (((CtxChain = sk_X509_new_null ()) == NULL) ||
(!sk_X509_push (CtxChain, CtxCert))) { (!sk_X509_push (CtxChain, CtxCert)))
{
goto _Error; goto _Error;
} }
} }
CtxUntrusted = X509_STORE_CTX_get0_untrusted (CertCtx); CtxUntrusted = X509_STORE_CTX_get0_untrusted (CertCtx);
if (CtxUntrusted != NULL) { if (CtxUntrusted != NULL) {
(VOID)sk_X509_delete_ptr (CtxUntrusted, Signer); (VOID)sk_X509_delete_ptr (CtxUntrusted, Signer);
@ -566,7 +577,7 @@ Pkcs7GetCertificatesList (
// Build certificates stack chained from Signer's certificate. // Build certificates stack chained from Signer's certificate.
// //
Cert = Signer; Cert = Signer;
for (; ;) { for ( ; ;) {
// //
// Self-Issue checking // Self-Issue checking
// //
@ -588,6 +599,7 @@ Pkcs7GetCertificatesList (
if (!sk_X509_push (CtxChain, Issuer)) { if (!sk_X509_push (CtxChain, Issuer)) {
goto _Error; goto _Error;
} }
(VOID)sk_X509_delete_ptr (CtxUntrusted, Issuer); (VOID)sk_X509_delete_ptr (CtxUntrusted, Issuer);
Cert = Issuer; Cert = Issuer;
@ -629,13 +641,14 @@ Pkcs7GetCertificatesList (
Status = FALSE; Status = FALSE;
goto _Error; goto _Error;
} }
if (OldBuf != NULL) { if (OldBuf != NULL) {
CopyMem (CertBuf, OldBuf, OldSize); CopyMem (CertBuf, OldBuf, OldSize);
free (OldBuf); free (OldBuf);
OldBuf = NULL; OldBuf = NULL;
} }
WriteUnaligned32 ((UINT32 *) (CertBuf + OldSize), (UINT32) CertSize); WriteUnaligned32 ((UINT32 *)(CertBuf + OldSize), (UINT32)CertSize);
CopyMem (CertBuf + OldSize + sizeof (UINT32), SingleCert, CertSize); CopyMem (CertBuf + OldSize + sizeof (UINT32), SingleCert, CertSize);
free (SingleCert); free (SingleCert);
@ -672,13 +685,14 @@ Pkcs7GetCertificatesList (
Status = FALSE; Status = FALSE;
goto _Error; goto _Error;
} }
if (OldBuf != NULL) { if (OldBuf != NULL) {
CopyMem (CertBuf, OldBuf, OldSize); CopyMem (CertBuf, OldBuf, OldSize);
free (OldBuf); free (OldBuf);
OldBuf = NULL; OldBuf = NULL;
} }
WriteUnaligned32 ((UINT32 *) (CertBuf + OldSize), (UINT32) CertSize); WriteUnaligned32 ((UINT32 *)(CertBuf + OldSize), (UINT32)CertSize);
CopyMem (CertBuf + OldSize + sizeof (UINT32), SingleCert, CertSize); CopyMem (CertBuf + OldSize + sizeof (UINT32), SingleCert, CertSize);
free (SingleCert); free (SingleCert);
@ -709,6 +723,7 @@ _Error:
if (Pkcs7 != NULL) { if (Pkcs7 != NULL) {
PKCS7_free (Pkcs7); PKCS7_free (Pkcs7);
} }
sk_X509_free (Signers); sk_X509_free (Signers);
if (CertCtx != NULL) { if (CertCtx != NULL) {
@ -781,8 +796,9 @@ Pkcs7Verify (
// //
// Check input parameters. // Check input parameters.
// //
if (P7Data == NULL || TrustedCert == NULL || InData == NULL || if ((P7Data == NULL) || (TrustedCert == NULL) || (InData == NULL) ||
P7Length > INT_MAX || CertLength > INT_MAX || DataLength > INT_MAX) { (P7Length > INT_MAX) || (CertLength > INT_MAX) || (DataLength > INT_MAX))
{
return FALSE; return FALSE;
} }
@ -797,18 +813,23 @@ Pkcs7Verify (
if (EVP_add_digest (EVP_md5 ()) == 0) { if (EVP_add_digest (EVP_md5 ()) == 0) {
return FALSE; return FALSE;
} }
if (EVP_add_digest (EVP_sha1 ()) == 0) { if (EVP_add_digest (EVP_sha1 ()) == 0) {
return FALSE; return FALSE;
} }
if (EVP_add_digest (EVP_sha256 ()) == 0) { if (EVP_add_digest (EVP_sha256 ()) == 0) {
return FALSE; return FALSE;
} }
if (EVP_add_digest (EVP_sha384 ()) == 0) { if (EVP_add_digest (EVP_sha384 ()) == 0) {
return FALSE; return FALSE;
} }
if (EVP_add_digest (EVP_sha512 ()) == 0) { if (EVP_add_digest (EVP_sha512 ()) == 0) {
return FALSE; return FALSE;
} }
if (EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA) == 0) { if (EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA) == 0) {
return FALSE; return FALSE;
} }
@ -828,7 +849,7 @@ Pkcs7Verify (
} }
Temp = SignedData; Temp = SignedData;
Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **) &Temp, (int) SignedDataSize); Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **)&Temp, (int)SignedDataSize);
if (Pkcs7 == NULL) { if (Pkcs7 == NULL) {
goto _Exit; goto _Exit;
} }
@ -844,7 +865,7 @@ Pkcs7Verify (
// Read DER-encoded root certificate and Construct X509 Certificate // Read DER-encoded root certificate and Construct X509 Certificate
// //
Temp = TrustedCert; Temp = TrustedCert;
Cert = d2i_X509 (NULL, &Temp, (long) CertLength); Cert = d2i_X509 (NULL, &Temp, (long)CertLength);
if (Cert == NULL) { if (Cert == NULL) {
goto _Exit; goto _Exit;
} }
@ -856,6 +877,7 @@ Pkcs7Verify (
if (CertStore == NULL) { if (CertStore == NULL) {
goto _Exit; goto _Exit;
} }
if (!(X509_STORE_add_cert (CertStore, Cert))) { if (!(X509_STORE_add_cert (CertStore, Cert))) {
goto _Exit; goto _Exit;
} }
@ -864,7 +886,7 @@ Pkcs7Verify (
// For generic PKCS#7 handling, InData may be NULL if the content is present // For generic PKCS#7 handling, InData may be NULL if the content is present
// in PKCS#7 structure. So ignore NULL checking here. // in PKCS#7 structure. So ignore NULL checking here.
// //
DataBio = BIO_new_mem_buf (InData, (int) DataLength); DataBio = BIO_new_mem_buf (InData, (int)DataLength);
if (DataBio == NULL) { if (DataBio == NULL) {
goto _Exit; goto _Exit;
} }
@ -873,8 +895,10 @@ Pkcs7Verify (
// Allow partial certificate chains, terminated by a non-self-signed but // Allow partial certificate chains, terminated by a non-self-signed but
// still trusted intermediate certificate. Also disable time checks. // still trusted intermediate certificate. Also disable time checks.
// //
X509_STORE_set_flags (CertStore, X509_STORE_set_flags (
X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME); CertStore,
X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME
);
// //
// OpenSSL PKCS7 Verification by default checks for SMIME (email signing) and // OpenSSL PKCS7 Verification by default checks for SMIME (email signing) and
@ -886,7 +910,7 @@ Pkcs7Verify (
// //
// Verifies the PKCS#7 signedData structure // Verifies the PKCS#7 signedData structure
// //
Status = (BOOLEAN) PKCS7_verify (Pkcs7, NULL, CertStore, DataBio, NULL, PKCS7_BINARY); Status = (BOOLEAN)PKCS7_verify (Pkcs7, NULL, CertStore, DataBio, NULL, PKCS7_BINARY);
_Exit: _Exit:
// //
@ -903,4 +927,3 @@ _Exit:
return Status; return Status;
} }

56
CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c
View File

@ -69,14 +69,15 @@ GetSignerCertificate (
) )
{ {
EFI_STATUS Status; EFI_STATUS Status;
STACK_OF(X509) *Signers;
STACK_OF (X509) *Signers;
INT32 NumberSigners; INT32 NumberSigners;
Status = EFI_SUCCESS; Status = EFI_SUCCESS;
Signers = NULL; Signers = NULL;
NumberSigners = 0; NumberSigners = 0;
if (CertChain == NULL || SignerCert == NULL) { if ((CertChain == NULL) || (SignerCert == NULL)) {
Status = EFI_INVALID_PARAMETER; Status = EFI_INVALID_PARAMETER;
goto Exit; goto Exit;
} }
@ -84,7 +85,7 @@ GetSignerCertificate (
// //
// Get the signers from the chain. // Get the signers from the chain.
// //
Signers = PKCS7_get0_signers ((PKCS7*) CertChain, NULL, PKCS7_BINARY); Signers = PKCS7_get0_signers ((PKCS7 *)CertChain, NULL, PKCS7_BINARY);
if (Signers == NULL) { if (Signers == NULL) {
// //
// Fail to get signers form PKCS7 // Fail to get signers form PKCS7
@ -118,7 +119,6 @@ Exit:
return Status; return Status;
} }
/** /**
Determines if the specified EKU represented in ASN1 form is present Determines if the specified EKU represented in ASN1 form is present
in a given certificate. in a given certificate.
@ -155,7 +155,7 @@ IsEkuInCertificate (
NumExtensions = 0; NumExtensions = 0;
Asn1InCert = NULL; Asn1InCert = NULL;
if (Cert == NULL || Asn1ToFind == NULL) { if ((Cert == NULL) || (Asn1ToFind == NULL)) {
Status = EFI_INVALID_PARAMETER; Status = EFI_INVALID_PARAMETER;
goto Exit; goto Exit;
} }
@ -164,7 +164,7 @@ IsEkuInCertificate (
// Clone the certificate. This is required because the Extension API's // Clone the certificate. This is required because the Extension API's
// only work once per instance of an X509 object. // only work once per instance of an X509 object.
// //
ClonedCert = X509_dup ((X509*)Cert); ClonedCert = X509_dup ((X509 *)Cert);
if (ClonedCert == NULL) { if (ClonedCert == NULL) {
// //
// Fail to duplicate cert. // Fail to duplicate cert.
@ -193,7 +193,7 @@ IsEkuInCertificate (
goto Exit; goto Exit;
} }
Eku = (EXTENDED_KEY_USAGE*)X509V3_EXT_d2i (Extension); Eku = (EXTENDED_KEY_USAGE *)X509V3_EXT_d2i (Extension);
if (Eku == NULL) { if (Eku == NULL) {
// //
// Fail to get Eku from extension. // Fail to get Eku from extension.
@ -215,8 +215,9 @@ IsEkuInCertificate (
goto Exit; goto Exit;
} }
if (Asn1InCert->length == Asn1ToFind->length && if ((Asn1InCert->length == Asn1ToFind->length) &&
CompareMem (Asn1InCert->data, Asn1ToFind->data, Asn1InCert->length) == 0) { (CompareMem (Asn1InCert->data, Asn1ToFind->data, Asn1InCert->length) == 0))
{
// //
// Found Eku in certificate. // Found Eku in certificate.
// //
@ -241,7 +242,6 @@ Exit:
return Status; return Status;
} }
/** /**
Determines if the specified EKUs are present in a signing certificate. Determines if the specified EKUs are present in a signing certificate.
@ -256,7 +256,7 @@ Exit:
@retval EFI_NOT_FOUND One or more EKU's were not found in the signature. @retval EFI_NOT_FOUND One or more EKU's were not found in the signature.
**/ **/
EFI_STATUS EFI_STATUS
CheckEKUs( CheckEKUs (
IN CONST X509 *SignerCert, IN CONST X509 *SignerCert,
IN CONST CHAR8 *RequiredEKUs[], IN CONST CHAR8 *RequiredEKUs[],
IN CONST UINT32 RequiredEKUsSize, IN CONST UINT32 RequiredEKUsSize,
@ -272,7 +272,7 @@ CheckEKUs(
Asn1ToFind = NULL; Asn1ToFind = NULL;
NumEkusFound = 0; NumEkusFound = 0;
if (SignerCert == NULL || RequiredEKUs == NULL || RequiredEKUsSize == 0) { if ((SignerCert == NULL) || (RequiredEKUs == NULL) || (RequiredEKUsSize == 0)) {
Status = EFI_INVALID_PARAMETER; Status = EFI_INVALID_PARAMETER;
goto Exit; goto Exit;
} }
@ -282,7 +282,7 @@ CheckEKUs(
// Finding required EKU in cert. // Finding required EKU in cert.
// //
if (Asn1ToFind != NULL) { if (Asn1ToFind != NULL) {
ASN1_OBJECT_free(Asn1ToFind); ASN1_OBJECT_free (Asn1ToFind);
Asn1ToFind = NULL; Asn1ToFind = NULL;
} }
@ -314,11 +314,12 @@ CheckEKUs(
Exit: Exit:
if (Asn1ToFind != NULL) { if (Asn1ToFind != NULL) {
ASN1_OBJECT_free(Asn1ToFind); ASN1_OBJECT_free (Asn1ToFind);
} }
if (RequireAllPresent && if (RequireAllPresent &&
NumEkusFound == RequiredEKUsSize) { (NumEkusFound == RequiredEKUsSize))
{
// //
// Found all required EKUs in certificate. // Found all required EKUs in certificate.
// //
@ -370,7 +371,8 @@ VerifyEKUsInPkcs7Signature (
{ {
EFI_STATUS Status; EFI_STATUS Status;
PKCS7 *Pkcs7; PKCS7 *Pkcs7;
STACK_OF(X509) *CertChain;
STACK_OF (X509) *CertChain;
INT32 SignatureType; INT32 SignatureType;
INT32 NumberCertsInSignature; INT32 NumberCertsInSignature;
X509 *SignerCert; X509 *SignerCert;
@ -392,12 +394,13 @@ VerifyEKUsInPkcs7Signature (
Ok = FALSE; Ok = FALSE;
// //
//Validate the input parameters. // Validate the input parameters.
// //
if (Pkcs7Signature == NULL || if ((Pkcs7Signature == NULL) ||
SignatureSize == 0 || (SignatureSize == 0) ||
RequiredEKUs == NULL || (RequiredEKUs == NULL) ||
RequiredEKUsSize == 0) { (RequiredEKUsSize == 0))
{
Status = EFI_INVALID_PARAMETER; Status = EFI_INVALID_PARAMETER;
goto Exit; goto Exit;
} }
@ -409,11 +412,13 @@ VerifyEKUsInPkcs7Signature (
// //
// Wrap the PKCS7 data if needed. // Wrap the PKCS7 data if needed.
// //
Ok = WrapPkcs7Data (Pkcs7Signature, Ok = WrapPkcs7Data (
Pkcs7Signature,
SignatureSize, SignatureSize,
&IsWrapped, &IsWrapped,
&SignedData, &SignedData,
&SignedDataSize); &SignedDataSize
);
if (!Ok) { if (!Ok) {
// //
// Fail to Wrap the PKCS7 data. // Fail to Wrap the PKCS7 data.
@ -445,11 +450,13 @@ VerifyEKUsInPkcs7Signature (
if (Pkcs7->d.sign != NULL) { if (Pkcs7->d.sign != NULL) {
CertChain = Pkcs7->d.sign->cert; CertChain = Pkcs7->d.sign->cert;
} }
break; break;
case NID_pkcs7_signedAndEnveloped: case NID_pkcs7_signedAndEnveloped:
if (Pkcs7->d.signed_and_enveloped != NULL) { if (Pkcs7->d.signed_and_enveloped != NULL) {
CertChain = Pkcs7->d.signed_and_enveloped->cert; CertChain = Pkcs7->d.signed_and_enveloped->cert;
} }
break; break;
default: default:
break; break;
@ -483,7 +490,7 @@ VerifyEKUsInPkcs7Signature (
// Get the leaf signer. // Get the leaf signer.
// //
Status = GetSignerCertificate (Pkcs7, &SignerCert); Status = GetSignerCertificate (Pkcs7, &SignerCert);
if (Status != EFI_SUCCESS || SignerCert == NULL) { if ((Status != EFI_SUCCESS) || (SignerCert == NULL)) {
// //
// Fail to get the end-entity leaf signer certificate. // Fail to get the end-entity leaf signer certificate.
// //
@ -514,4 +521,3 @@ Exit:
return Status; return Status;
} }

1
CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEkuRuntime.c
View File

@ -54,4 +54,3 @@ VerifyEKUsInPkcs7Signature (
ASSERT (FALSE); ASSERT (FALSE);
return RETURN_UNSUPPORTED; return RETURN_UNSUPPORTED;
} }

1
CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyRuntime.c
View File

@ -36,4 +36,3 @@ Pkcs7GetAttachedContent (
ASSERT (FALSE); ASSERT (FALSE);
return FALSE; return FALSE;
} }

39
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
View File

@ -34,7 +34,7 @@ RsaNew (
// //
// Allocates & Initializes RSA Context by OpenSSL RSA_new() // Allocates & Initializes RSA Context by OpenSSL RSA_new()
// //
return (VOID *) RSA_new (); return (VOID *)RSA_new ();
} }
/** /**
@ -52,7 +52,7 @@ RsaFree (
// //
// Free OpenSSL RSA Context // Free OpenSSL RSA Context
// //
RSA_free ((RSA *) RsaContext); RSA_free ((RSA *)RsaContext);
} }
/** /**
@ -99,7 +99,7 @@ RsaSetKey (
// //
// Check input parameters. // Check input parameters.
// //
if (RsaContext == NULL || BnSize > INT_MAX) { if ((RsaContext == NULL) || (BnSize > INT_MAX)) {
return FALSE; return FALSE;
} }
@ -115,7 +115,7 @@ RsaSetKey (
// //
// Retrieve the components from RSA object. // Retrieve the components from RSA object.
// //
RsaKey = (RSA *) RsaContext; RsaKey = (RSA *)RsaContext;
RSA_get0_key (RsaKey, (const BIGNUM **)&BnN, (const BIGNUM **)&BnE, (const BIGNUM **)&BnD); RSA_get0_key (RsaKey, (const BIGNUM **)&BnN, (const BIGNUM **)&BnE, (const BIGNUM **)&BnD);
RSA_get0_factors (RsaKey, (const BIGNUM **)&BnP, (const BIGNUM **)&BnQ); RSA_get0_factors (RsaKey, (const BIGNUM **)&BnP, (const BIGNUM **)&BnQ);
RSA_get0_crt_params (RsaKey, (const BIGNUM **)&BnDp, (const BIGNUM **)&BnDq, (const BIGNUM **)&BnQInv); RSA_get0_crt_params (RsaKey, (const BIGNUM **)&BnDp, (const BIGNUM **)&BnDq, (const BIGNUM **)&BnQInv);
@ -126,7 +126,6 @@ RsaSetKey (
// (N, e) are needed. // (N, e) are needed.
// //
switch (KeyTag) { switch (KeyTag) {
// //
// RSA Public Modulus (N), Public Exponent (e) and Private Exponent (d) // RSA Public Modulus (N), Public Exponent (e) and Private Exponent (d)
// //
@ -136,9 +135,11 @@ RsaSetKey (
if (BnN == NULL) { if (BnN == NULL) {
BnN = BN_new (); BnN = BN_new ();
} }
if (BnE == NULL) { if (BnE == NULL) {
BnE = BN_new (); BnE = BN_new ();
} }
if (BnD == NULL) { if (BnD == NULL) {
BnD = BN_new (); BnD = BN_new ();
} }
@ -160,7 +161,8 @@ RsaSetKey (
default: default:
return FALSE; return FALSE;
} }
if (RSA_set0_key (RsaKey, BN_dup(BnN), BN_dup(BnE), BN_dup(BnD)) == 0) {
if (RSA_set0_key (RsaKey, BN_dup (BnN), BN_dup (BnE), BN_dup (BnD)) == 0) {
return FALSE; return FALSE;
} }
@ -174,9 +176,11 @@ RsaSetKey (
if (BnP == NULL) { if (BnP == NULL) {
BnP = BN_new (); BnP = BN_new ();
} }
if (BnQ == NULL) { if (BnQ == NULL) {
BnQ = BN_new (); BnQ = BN_new ();
} }
if ((BnP == NULL) || (BnQ == NULL)) { if ((BnP == NULL) || (BnQ == NULL)) {
return FALSE; return FALSE;
} }
@ -191,7 +195,8 @@ RsaSetKey (
default: default:
return FALSE; return FALSE;
} }
if (RSA_set0_factors (RsaKey, BN_dup(BnP), BN_dup(BnQ)) == 0) {
if (RSA_set0_factors (RsaKey, BN_dup (BnP), BN_dup (BnQ)) == 0) {
return FALSE; return FALSE;
} }
@ -207,12 +212,15 @@ RsaSetKey (
if (BnDp == NULL) { if (BnDp == NULL) {
BnDp = BN_new (); BnDp = BN_new ();
} }
if (BnDq == NULL) { if (BnDq == NULL) {
BnDq = BN_new (); BnDq = BN_new ();
} }
if (BnQInv == NULL) { if (BnQInv == NULL) {
BnQInv = BN_new (); BnQInv = BN_new ();
} }
if ((BnDp == NULL) || (BnDq == NULL) || (BnQInv == NULL)) { if ((BnDp == NULL) || (BnDq == NULL) || (BnQInv == NULL)) {
return FALSE; return FALSE;
} }
@ -230,7 +238,8 @@ RsaSetKey (
default: default:
return FALSE; return FALSE;
} }
if (RSA_set0_crt_params (RsaKey, BN_dup(BnDp), BN_dup(BnDq), BN_dup(BnQInv)) == 0) {
if (RSA_set0_crt_params (RsaKey, BN_dup (BnDp), BN_dup (BnDq), BN_dup (BnQInv)) == 0) {
return FALSE; return FALSE;
} }
@ -278,11 +287,11 @@ RsaPkcs1Verify (
// //
// Check input parameters. // Check input parameters.
// //
if (RsaContext == NULL || MessageHash == NULL || Signature == NULL) { if ((RsaContext == NULL) || (MessageHash == NULL) || (Signature == NULL)) {
return FALSE; return FALSE;
} }
if (SigSize > INT_MAX || SigSize == 0) { if ((SigSize > INT_MAX) || (SigSize == 0)) {
return FALSE; return FALSE;
} }
@ -315,13 +324,13 @@ RsaPkcs1Verify (
return FALSE; return FALSE;
} }
SigBuf = (UINT8 *) Signature; SigBuf = (UINT8 *)Signature;
return (BOOLEAN) RSA_verify ( return (BOOLEAN)RSA_verify (
DigestType, DigestType,
MessageHash, MessageHash,
(UINT32) HashSize, (UINT32)HashSize,
SigBuf, SigBuf,
(UINT32) SigSize, (UINT32)SigSize,
(RSA *) RsaContext (RSA *)RsaContext
); );
} }

37
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
View File

@ -61,17 +61,16 @@ RsaGetKey (
// //
// Check input parameters. // Check input parameters.
// //
if (RsaContext == NULL || BnSize == NULL) { if ((RsaContext == NULL) || (BnSize == NULL)) {
return FALSE; return FALSE;
} }
RsaKey = (RSA *) RsaContext; RsaKey = (RSA *)RsaContext;
Size = *BnSize; Size = *BnSize;
*BnSize = 0; *BnSize = 0;
BnKey = NULL; BnKey = NULL;
switch (KeyTag) { switch (KeyTag) {
// //
// RSA Public Modulus (N) // RSA Public Modulus (N)
// //
@ -148,7 +147,8 @@ RsaGetKey (
*BnSize = Size; *BnSize = Size;
return TRUE; return TRUE;
} }
*BnSize = BN_bn2bin (BnKey, BigNumber) ;
*BnSize = BN_bn2bin (BnKey, BigNumber);
return TRUE; return TRUE;
} }
@ -189,7 +189,7 @@ RsaGenerateKey (
// //
// Check input parameters. // Check input parameters.
// //
if (RsaContext == NULL || ModulusLength > INT_MAX || PublicExponentSize > INT_MAX) { if ((RsaContext == NULL) || (ModulusLength > INT_MAX) || (PublicExponentSize > INT_MAX)) {
return FALSE; return FALSE;
} }
@ -205,12 +205,12 @@ RsaGenerateKey (
goto _Exit; goto _Exit;
} }
} else { } else {
if (BN_bin2bn (PublicExponent, (UINT32) PublicExponentSize, KeyE) == NULL) { if (BN_bin2bn (PublicExponent, (UINT32)PublicExponentSize, KeyE) == NULL) {
goto _Exit; goto _Exit;
} }
} }
if (RSA_generate_key_ex ((RSA *) RsaContext, (UINT32) ModulusLength, KeyE, NULL) == 1) { if (RSA_generate_key_ex ((RSA *)RsaContext, (UINT32)ModulusLength, KeyE, NULL) == 1) {
RetVal = TRUE; RetVal = TRUE;
} }
@ -253,12 +253,13 @@ RsaCheckKey (
return FALSE; return FALSE;
} }
if (RSA_check_key ((RSA *) RsaContext) != 1) { if (RSA_check_key ((RSA *)RsaContext) != 1) {
Reason = ERR_GET_REASON (ERR_peek_last_error ()); Reason = ERR_GET_REASON (ERR_peek_last_error ());
if (Reason == RSA_R_P_NOT_PRIME || if ((Reason == RSA_R_P_NOT_PRIME) ||
Reason == RSA_R_Q_NOT_PRIME || (Reason == RSA_R_Q_NOT_PRIME) ||
Reason == RSA_R_N_DOES_NOT_EQUAL_P_Q || (Reason == RSA_R_N_DOES_NOT_EQUAL_P_Q) ||
Reason == RSA_R_D_E_NOT_CONGRUENT_TO_1) { (Reason == RSA_R_D_E_NOT_CONGRUENT_TO_1))
{
return FALSE; return FALSE;
} }
} }
@ -308,11 +309,11 @@ RsaPkcs1Sign (
// //
// Check input parameters. // Check input parameters.
// //
if (RsaContext == NULL || MessageHash == NULL) { if ((RsaContext == NULL) || (MessageHash == NULL)) {
return FALSE; return FALSE;
} }
Rsa = (RSA *) RsaContext; Rsa = (RSA *)RsaContext;
Size = RSA_size (Rsa); Size = RSA_size (Rsa);
if (*SigSize < Size) { if (*SigSize < Size) {
@ -353,12 +354,12 @@ RsaPkcs1Sign (
return FALSE; return FALSE;
} }
return (BOOLEAN) RSA_sign ( return (BOOLEAN)RSA_sign (
DigestType, DigestType,
MessageHash, MessageHash,
(UINT32) HashSize, (UINT32)HashSize,
Signature, Signature,
(UINT32 *) SigSize, (UINT32 *)SigSize,
(RSA *) RsaContext (RSA *)RsaContext
); );
} }

2
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExtNull.c
View File

@ -115,5 +115,3 @@ RsaPkcs1Sign (
ASSERT (FALSE); ASSERT (FALSE);
return FALSE; return FALSE;
} }

68
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
View File

@ -16,7 +16,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <openssl/objects.h> #include <openssl/objects.h>
#include <openssl/evp.h> #include <openssl/evp.h>
/** /**
Retrieve a pointer to EVP message digest object. Retrieve a pointer to EVP message digest object.
@ -25,27 +24,26 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
STATIC STATIC
const const
EVP_MD* EVP_MD *
GetEvpMD ( GetEvpMD (
IN UINT16 DigestLen IN UINT16 DigestLen
) )
{ {
switch (DigestLen){ switch (DigestLen) {
case SHA256_DIGEST_SIZE: case SHA256_DIGEST_SIZE:
return EVP_sha256(); return EVP_sha256 ();
break; break;
case SHA384_DIGEST_SIZE: case SHA384_DIGEST_SIZE:
return EVP_sha384(); return EVP_sha384 ();
break; break;
case SHA512_DIGEST_SIZE: case SHA512_DIGEST_SIZE:
return EVP_sha512(); return EVP_sha512 ();
break; break;
default: default:
return NULL; return NULL;
} }
} }
/** /**
Verifies the RSA signature with RSASSA-PSS signature scheme defined in RFC 8017. Verifies the RSA signature with RSASSA-PSS signature scheme defined in RFC 8017.
Implementation determines salt length automatically from the signature encoding. Implementation determines salt length automatically from the signature encoding.
@ -91,61 +89,69 @@ RsaPssVerify (
if (RsaContext == NULL) { if (RsaContext == NULL) {
return FALSE; return FALSE;
} }
if (Message == NULL || MsgSize == 0 || MsgSize > INT_MAX) {
if ((Message == NULL) || (MsgSize == 0) || (MsgSize > INT_MAX)) {
return FALSE; return FALSE;
} }
if (Signature == NULL || SigSize == 0 || SigSize > INT_MAX) {
if ((Signature == NULL) || (SigSize == 0) || (SigSize > INT_MAX)) {
return FALSE; return FALSE;
} }
if (SaltLen != DigestLen) { if (SaltLen != DigestLen) {
return FALSE; return FALSE;
} }
HashAlg = GetEvpMD(DigestLen); HashAlg = GetEvpMD (DigestLen);
if (HashAlg == NULL) { if (HashAlg == NULL) {
return FALSE; return FALSE;
} }
EvpRsaKey = EVP_PKEY_new(); EvpRsaKey = EVP_PKEY_new ();
if (EvpRsaKey == NULL) { if (EvpRsaKey == NULL) {
goto _Exit; goto _Exit;
} }
EVP_PKEY_set1_RSA(EvpRsaKey, RsaContext); EVP_PKEY_set1_RSA (EvpRsaKey, RsaContext);
EvpVerifyCtx = EVP_MD_CTX_create(); EvpVerifyCtx = EVP_MD_CTX_create ();
if (EvpVerifyCtx == NULL) { if (EvpVerifyCtx == NULL) {
goto _Exit; goto _Exit;
} }
Result = EVP_DigestVerifyInit(EvpVerifyCtx, &KeyCtx, HashAlg, NULL, EvpRsaKey) > 0; Result = EVP_DigestVerifyInit (EvpVerifyCtx, &KeyCtx, HashAlg, NULL, EvpRsaKey) > 0;
if (KeyCtx == NULL) { if (KeyCtx == NULL) {
goto _Exit; goto _Exit;
} }
if (Result) { if (Result) {
Result = EVP_PKEY_CTX_set_rsa_padding(KeyCtx, RSA_PKCS1_PSS_PADDING) > 0; Result = EVP_PKEY_CTX_set_rsa_padding (KeyCtx, RSA_PKCS1_PSS_PADDING) > 0;
}
if (Result) {
Result = EVP_PKEY_CTX_set_rsa_pss_saltlen(KeyCtx, SaltLen) > 0;
}
if (Result) {
Result = EVP_PKEY_CTX_set_rsa_mgf1_md(KeyCtx, HashAlg) > 0;
}
if (Result) {
Result = EVP_DigestVerifyUpdate(EvpVerifyCtx, Message, (UINT32)MsgSize) > 0;
}
if (Result) {
Result = EVP_DigestVerifyFinal(EvpVerifyCtx, Signature, (UINT32)SigSize) > 0;
} }
_Exit : if (Result) {
if (EvpRsaKey != NULL) { Result = EVP_PKEY_CTX_set_rsa_pss_saltlen (KeyCtx, SaltLen) > 0;
EVP_PKEY_free(EvpRsaKey);
} }
if (Result) {
Result = EVP_PKEY_CTX_set_rsa_mgf1_md (KeyCtx, HashAlg) > 0;
}
if (Result) {
Result = EVP_DigestVerifyUpdate (EvpVerifyCtx, Message, (UINT32)MsgSize) > 0;
}
if (Result) {
Result = EVP_DigestVerifyFinal (EvpVerifyCtx, Signature, (UINT32)SigSize) > 0;
}
_Exit:
if (EvpRsaKey != NULL) {
EVP_PKEY_free (EvpRsaKey);
}
if (EvpVerifyCtx != NULL) { if (EvpVerifyCtx != NULL) {
EVP_MD_CTX_destroy(EvpVerifyCtx); EVP_MD_CTX_destroy (EvpVerifyCtx);
} }
return Result; return Result;

64
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c
View File

@ -16,7 +16,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <openssl/objects.h> #include <openssl/objects.h>
#include <openssl/evp.h> #include <openssl/evp.h>
/** /**
Retrieve a pointer to EVP message digest object. Retrieve a pointer to EVP message digest object.
@ -25,27 +24,26 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
STATIC STATIC
const const
EVP_MD* EVP_MD *
GetEvpMD ( GetEvpMD (
IN UINT16 DigestLen IN UINT16 DigestLen
) )
{ {
switch (DigestLen){ switch (DigestLen) {
case SHA256_DIGEST_SIZE: case SHA256_DIGEST_SIZE:
return EVP_sha256(); return EVP_sha256 ();
break; break;
case SHA384_DIGEST_SIZE: case SHA384_DIGEST_SIZE:
return EVP_sha384(); return EVP_sha384 ();
break; break;
case SHA512_DIGEST_SIZE: case SHA512_DIGEST_SIZE:
return EVP_sha512(); return EVP_sha512 ();
break; break;
default: default:
return NULL; return NULL;
} }
} }
/** /**
Carries out the RSA-SSA signature generation with EMSA-PSS encoding scheme. Carries out the RSA-SSA signature generation with EMSA-PSS encoding scheme.
@ -106,7 +104,8 @@ RsaPssSign (
if (RsaContext == NULL) { if (RsaContext == NULL) {
return FALSE; return FALSE;
} }
if (Message == NULL || MsgSize == 0 || MsgSize > INT_MAX) {
if ((Message == NULL) || (MsgSize == 0) || (MsgSize > INT_MAX)) {
return FALSE; return FALSE;
} }
@ -124,51 +123,56 @@ RsaPssSign (
return FALSE; return FALSE;
} }
HashAlg = GetEvpMD(DigestLen); HashAlg = GetEvpMD (DigestLen);
if (HashAlg == NULL) { if (HashAlg == NULL) {
return FALSE; return FALSE;
} }
EvpRsaKey = EVP_PKEY_new(); EvpRsaKey = EVP_PKEY_new ();
if (EvpRsaKey == NULL) { if (EvpRsaKey == NULL) {
goto _Exit; goto _Exit;
} }
EVP_PKEY_set1_RSA(EvpRsaKey, RsaContext); EVP_PKEY_set1_RSA (EvpRsaKey, RsaContext);
EvpVerifyCtx = EVP_MD_CTX_create(); EvpVerifyCtx = EVP_MD_CTX_create ();
if (EvpVerifyCtx == NULL) { if (EvpVerifyCtx == NULL) {
goto _Exit; goto _Exit;
} }
Result = EVP_DigestSignInit(EvpVerifyCtx, &KeyCtx, HashAlg, NULL, EvpRsaKey) > 0; Result = EVP_DigestSignInit (EvpVerifyCtx, &KeyCtx, HashAlg, NULL, EvpRsaKey) > 0;
if (KeyCtx == NULL) { if (KeyCtx == NULL) {
goto _Exit; goto _Exit;
} }
if (Result) { if (Result) {
Result = EVP_PKEY_CTX_set_rsa_padding(KeyCtx, RSA_PKCS1_PSS_PADDING) > 0; Result = EVP_PKEY_CTX_set_rsa_padding (KeyCtx, RSA_PKCS1_PSS_PADDING) > 0;
}
if (Result) {
Result = EVP_PKEY_CTX_set_rsa_pss_saltlen(KeyCtx, SaltLen) > 0;
}
if (Result) {
Result = EVP_PKEY_CTX_set_rsa_mgf1_md(KeyCtx, HashAlg) > 0;
}
if (Result) {
Result = EVP_DigestSignUpdate(EvpVerifyCtx, Message, (UINT32)MsgSize) > 0;
}
if (Result) {
Result = EVP_DigestSignFinal(EvpVerifyCtx, Signature, SigSize) > 0;
} }
_Exit : if (Result) {
if (EvpRsaKey != NULL) { Result = EVP_PKEY_CTX_set_rsa_pss_saltlen (KeyCtx, SaltLen) > 0;
EVP_PKEY_free(EvpRsaKey);
} }
if (Result) {
Result = EVP_PKEY_CTX_set_rsa_mgf1_md (KeyCtx, HashAlg) > 0;
}
if (Result) {
Result = EVP_DigestSignUpdate (EvpVerifyCtx, Message, (UINT32)MsgSize) > 0;
}
if (Result) {
Result = EVP_DigestSignFinal (EvpVerifyCtx, Signature, SigSize) > 0;
}
_Exit:
if (EvpRsaKey != NULL) {
EVP_PKEY_free (EvpRsaKey);
}
if (EvpVerifyCtx != NULL) { if (EvpVerifyCtx != NULL) {
EVP_MD_CTX_destroy(EvpVerifyCtx); EVP_MD_CTX_destroy (EvpVerifyCtx);
} }
return Result; return Result;

78
CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c
View File

@ -23,7 +23,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
// //
UINT8 mSpcRFC3161OidValue[] = { UINT8 mSpcRFC3161OidValue[] = {
0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x03, 0x03, 0x01 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x03, 0x03, 0x01
}; };
/// ///
/// The messageImprint field SHOULD contain the hash of the datum to be /// The messageImprint field SHOULD contain the hash of the datum to be
@ -108,7 +108,7 @@ typedef struct {
ASN1_BOOLEAN Ordering; ASN1_BOOLEAN Ordering;
ASN1_INTEGER *Nonce; ASN1_INTEGER *Nonce;
GENERAL_NAME *Tsa; GENERAL_NAME *Tsa;
STACK_OF(X509_EXTENSION) *Extensions; STACK_OF (X509_EXTENSION) *Extensions;
} TS_TST_INFO; } TS_TST_INFO;
// //
@ -124,12 +124,11 @@ ASN1_SEQUENCE (TS_TST_INFO) = {
ASN1_OPT (TS_TST_INFO, Accuracy, TS_ACCURACY), ASN1_OPT (TS_TST_INFO, Accuracy, TS_ACCURACY),
ASN1_OPT (TS_TST_INFO, Ordering, ASN1_FBOOLEAN), ASN1_OPT (TS_TST_INFO, Ordering, ASN1_FBOOLEAN),
ASN1_OPT (TS_TST_INFO, Nonce, ASN1_INTEGER), ASN1_OPT (TS_TST_INFO, Nonce, ASN1_INTEGER),
ASN1_EXP_OPT(TS_TST_INFO, Tsa, GENERAL_NAME, 0), ASN1_EXP_OPT (TS_TST_INFO, Tsa, GENERAL_NAME, 0),
ASN1_IMP_SEQUENCE_OF_OPT (TS_TST_INFO, Extensions, X509_EXTENSION, 1) ASN1_IMP_SEQUENCE_OF_OPT (TS_TST_INFO, Extensions, X509_EXTENSION, 1)
} ASN1_SEQUENCE_END (TS_TST_INFO) } ASN1_SEQUENCE_END (TS_TST_INFO)
IMPLEMENT_ASN1_FUNCTIONS (TS_TST_INFO) IMPLEMENT_ASN1_FUNCTIONS (TS_TST_INFO)
/** /**
Convert ASN.1 GeneralizedTime to EFI Time. Convert ASN.1 GeneralizedTime to EFI Time.
@ -154,17 +153,19 @@ ConvertAsn1TimeToEfiTime (
return FALSE; return FALSE;
} }
Str = (CONST CHAR8*)Asn1Time->data; Str = (CONST CHAR8 *)Asn1Time->data;
SetMem (EfiTime, sizeof (EFI_TIME), 0); SetMem (EfiTime, sizeof (EFI_TIME), 0);
Index = 0; Index = 0;
if (Asn1Time->type == V_ASN1_UTCTIME) { /* two digit year */ if (Asn1Time->type == V_ASN1_UTCTIME) {
/* two digit year */
EfiTime->Year = (Str[Index++] - '0') * 10; EfiTime->Year = (Str[Index++] - '0') * 10;
EfiTime->Year += (Str[Index++] - '0'); EfiTime->Year += (Str[Index++] - '0');
if (EfiTime->Year < 70) { if (EfiTime->Year < 70) {
EfiTime->Year += 100; EfiTime->Year += 100;
} }
} else if (Asn1Time->type == V_ASN1_GENERALIZEDTIME) { /* four digit year */ } else if (Asn1Time->type == V_ASN1_GENERALIZEDTIME) {
/* four digit year */
EfiTime->Year = (Str[Index++] - '0') * 1000; EfiTime->Year = (Str[Index++] - '0') * 1000;
EfiTime->Year += (Str[Index++] - '0') * 100; EfiTime->Year += (Str[Index++] - '0') * 100;
EfiTime->Year += (Str[Index++] - '0') * 10; EfiTime->Year += (Str[Index++] - '0') * 10;
@ -280,17 +281,22 @@ CheckTSTInfo (
if (HashedMsg == NULL) { if (HashedMsg == NULL) {
goto _Exit; goto _Exit;
} }
MdCtx = EVP_MD_CTX_new (); MdCtx = EVP_MD_CTX_new ();
if (MdCtx == NULL) { if (MdCtx == NULL) {
goto _Exit; goto _Exit;
} }
if ((EVP_DigestInit_ex (MdCtx, Md, NULL) != 1) || if ((EVP_DigestInit_ex (MdCtx, Md, NULL) != 1) ||
(EVP_DigestUpdate (MdCtx, TimestampedData, DataSize) != 1) || (EVP_DigestUpdate (MdCtx, TimestampedData, DataSize) != 1) ||
(EVP_DigestFinal (MdCtx, HashedMsg, NULL) != 1)) { (EVP_DigestFinal (MdCtx, HashedMsg, NULL) != 1))
{
goto _Exit; goto _Exit;
} }
if ((MdSize == (UINTN)ASN1_STRING_length (Imprint->HashedMessage)) && if ((MdSize == (UINTN)ASN1_STRING_length (Imprint->HashedMessage)) &&
(CompareMem (HashedMsg, ASN1_STRING_get0_data (Imprint->HashedMessage), MdSize) != 0)) { (CompareMem (HashedMsg, ASN1_STRING_get0_data (Imprint->HashedMessage), MdSize) != 0))
{
goto _Exit; goto _Exit;
} }
@ -376,7 +382,8 @@ TimestampTokenVerify (
// Check input parameters // Check input parameters
// //
if ((TSToken == NULL) || (TsaCert == NULL) || (TimestampedData == NULL) || if ((TSToken == NULL) || (TsaCert == NULL) || (TimestampedData == NULL) ||
(TokenSize > INT_MAX) || (CertSize > INT_MAX) || (DataSize > INT_MAX)) { (TokenSize > INT_MAX) || (CertSize > INT_MAX) || (DataSize > INT_MAX))
{
return FALSE; return FALSE;
} }
@ -386,6 +393,7 @@ TimestampTokenVerify (
if (SigningTime != NULL) { if (SigningTime != NULL) {
SetMem (SigningTime, sizeof (EFI_TIME), 0); SetMem (SigningTime, sizeof (EFI_TIME), 0);
} }
Pkcs7 = NULL; Pkcs7 = NULL;
Cert = NULL; Cert = NULL;
CertStore = NULL; CertStore = NULL;
@ -397,7 +405,7 @@ TimestampTokenVerify (
// TimeStamp Token should contain one valid DER-encoded ASN.1 PKCS#7 structure. // TimeStamp Token should contain one valid DER-encoded ASN.1 PKCS#7 structure.
// //
TokenTemp = TSToken; TokenTemp = TSToken;
Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **) &TokenTemp, (int) TokenSize); Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **)&TokenTemp, (int)TokenSize);
if (Pkcs7 == NULL) { if (Pkcs7 == NULL) {
goto _Exit; goto _Exit;
} }
@ -413,7 +421,7 @@ TimestampTokenVerify (
// Read the trusted TSA certificate (DER-encoded), and Construct X509 Certificate. // Read the trusted TSA certificate (DER-encoded), and Construct X509 Certificate.
// //
CertTemp = TsaCert; CertTemp = TsaCert;
Cert = d2i_X509 (NULL, &CertTemp, (long) CertSize); Cert = d2i_X509 (NULL, &CertTemp, (long)CertSize);
if (Cert == NULL) { if (Cert == NULL) {
goto _Exit; goto _Exit;
} }
@ -430,8 +438,10 @@ TimestampTokenVerify (
// Allow partial certificate chains, terminated by a non-self-signed but // Allow partial certificate chains, terminated by a non-self-signed but
// still trusted intermediate certificate. Also disable time checks. // still trusted intermediate certificate. Also disable time checks.
// //
X509_STORE_set_flags (CertStore, X509_STORE_set_flags (
X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME); CertStore,
X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME
);
X509_STORE_set_purpose (CertStore, X509_PURPOSE_ANY); X509_STORE_set_purpose (CertStore, X509_PURPOSE_ANY);
@ -442,6 +452,7 @@ TimestampTokenVerify (
if (OutBio == NULL) { if (OutBio == NULL) {
goto _Exit; goto _Exit;
} }
if (!PKCS7_verify (Pkcs7, NULL, CertStore, NULL, OutBio, PKCS7_BINARY)) { if (!PKCS7_verify (Pkcs7, NULL, CertStore, NULL, OutBio, PKCS7_BINARY)) {
goto _Exit; goto _Exit;
} }
@ -453,14 +464,18 @@ TimestampTokenVerify (
if (TstData == NULL) { if (TstData == NULL) {
goto _Exit; goto _Exit;
} }
TstSize = BIO_read (OutBio, (void *) TstData, 2048);
TstSize = BIO_read (OutBio, (void *)TstData, 2048);
// //
// Construct TS_TST_INFO structure from the signed contents. // Construct TS_TST_INFO structure from the signed contents.
// //
TstTemp = TstData; TstTemp = TstData;
TstInfo = d2i_TS_TST_INFO (NULL, (const unsigned char **) &TstTemp, TstInfo = d2i_TS_TST_INFO (
(int)TstSize); NULL,
(const unsigned char **)&TstTemp,
(int)TstSize
);
if (TstInfo == NULL) { if (TstInfo == NULL) {
goto _Exit; goto _Exit;
} }
@ -530,10 +545,12 @@ ImageTimestampVerify (
BOOLEAN Status; BOOLEAN Status;
PKCS7 *Pkcs7; PKCS7 *Pkcs7;
CONST UINT8 *Temp; CONST UINT8 *Temp;
STACK_OF(PKCS7_SIGNER_INFO) *SignerInfos;
STACK_OF (PKCS7_SIGNER_INFO) *SignerInfos;
PKCS7_SIGNER_INFO *SignInfo; PKCS7_SIGNER_INFO *SignInfo;
UINTN Index; UINTN Index;
STACK_OF(X509_ATTRIBUTE) *Sk;
STACK_OF (X509_ATTRIBUTE) *Sk;
X509_ATTRIBUTE *Xa; X509_ATTRIBUTE *Xa;
ASN1_OBJECT *XaObj; ASN1_OBJECT *XaObj;
ASN1_TYPE *Asn1Type; ASN1_TYPE *Asn1Type;
@ -556,7 +573,8 @@ ImageTimestampVerify (
// Register & Initialize necessary digest algorithms for PKCS#7 Handling. // Register & Initialize necessary digest algorithms for PKCS#7 Handling.
// //
if ((EVP_add_digest (EVP_md5 ()) == 0) || (EVP_add_digest (EVP_sha1 ()) == 0) || if ((EVP_add_digest (EVP_md5 ()) == 0) || (EVP_add_digest (EVP_sha1 ()) == 0) ||
(EVP_add_digest (EVP_sha256 ()) == 0) || (EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA)) == 0) { (EVP_add_digest (EVP_sha256 ()) == 0) || ((EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA)) == 0))
{
return FALSE; return FALSE;
} }
@ -571,7 +589,7 @@ ImageTimestampVerify (
// Decode ASN.1-encoded Authenticode data into PKCS7 structure. // Decode ASN.1-encoded Authenticode data into PKCS7 structure.
// //
Temp = AuthData; Temp = AuthData;
Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **) &Temp, (int) DataSize); Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **)&Temp, (int)DataSize);
if (Pkcs7 == NULL) { if (Pkcs7 == NULL) {
goto _Exit; goto _Exit;
} }
@ -605,12 +623,13 @@ ImageTimestampVerify (
// of SignerInfo. // of SignerInfo.
// //
Sk = SignInfo->unauth_attr; Sk = SignInfo->unauth_attr;
if (Sk == NULL) { // No timestamp counterSignature. if (Sk == NULL) {
// No timestamp counterSignature.
goto _Exit; goto _Exit;
} }
Asn1Type = NULL; Asn1Type = NULL;
for (Index = 0; Index < (UINTN) sk_X509_ATTRIBUTE_num (Sk); Index++) { for (Index = 0; Index < (UINTN)sk_X509_ATTRIBUTE_num (Sk); Index++) {
// //
// Search valid RFC3161 timestamp counterSignature based on OBJID. // Search valid RFC3161 timestamp counterSignature based on OBJID.
// //
@ -618,21 +637,26 @@ ImageTimestampVerify (
if (Xa == NULL) { if (Xa == NULL) {
continue; continue;
} }
XaObj = X509_ATTRIBUTE_get0_object(Xa);
XaObj = X509_ATTRIBUTE_get0_object (Xa);
if (XaObj == NULL) { if (XaObj == NULL) {
continue; continue;
} }
if ((OBJ_length(XaObj) != sizeof (mSpcRFC3161OidValue)) ||
(CompareMem (OBJ_get0_data(XaObj), mSpcRFC3161OidValue, sizeof (mSpcRFC3161OidValue)) != 0)) { if ((OBJ_length (XaObj) != sizeof (mSpcRFC3161OidValue)) ||
(CompareMem (OBJ_get0_data (XaObj), mSpcRFC3161OidValue, sizeof (mSpcRFC3161OidValue)) != 0))
{
continue; continue;
} }
Asn1Type = X509_ATTRIBUTE_get0_type(Xa, 0);
Asn1Type = X509_ATTRIBUTE_get0_type (Xa, 0);
} }
if (Asn1Type == NULL) { if (Asn1Type == NULL) {
Status = FALSE; Status = FALSE;
goto _Exit; goto _Exit;
} }
TSToken = Asn1Type->value.octet_string->data; TSToken = Asn1Type->value.octet_string->data;
TokenSize = Asn1Type->value.octet_string->length; TokenSize = Asn1Type->value.octet_string->length;

60
CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
View File

@ -38,7 +38,7 @@ X509ConstructCertificate (
// //
// Check input parameters. // Check input parameters.
// //
if (Cert == NULL || SingleX509Cert == NULL || CertSize > INT_MAX) { if ((Cert == NULL) || (SingleX509Cert == NULL) || (CertSize > INT_MAX)) {
return FALSE; return FALSE;
} }
@ -46,12 +46,12 @@ X509ConstructCertificate (
// Read DER-encoded X509 Certificate and Construct X509 object. // Read DER-encoded X509 Certificate and Construct X509 object.
// //
Temp = Cert; Temp = Cert;
X509Cert = d2i_X509 (NULL, &Temp, (long) CertSize); X509Cert = d2i_X509 (NULL, &Temp, (long)CertSize);
if (X509Cert == NULL) { if (X509Cert == NULL) {
return FALSE; return FALSE;
} }
*SingleX509Cert = (UINT8 *) X509Cert; *SingleX509Cert = (UINT8 *)X509Cert;
return TRUE; return TRUE;
} }
@ -85,7 +85,8 @@ X509ConstructCertificateStackV (
UINT8 *Cert; UINT8 *Cert;
UINTN CertSize; UINTN CertSize;
X509 *X509Cert; X509 *X509Cert;
STACK_OF(X509) *CertStack;
STACK_OF (X509) *CertStack;
BOOLEAN Status; BOOLEAN Status;
UINTN Index; UINTN Index;
@ -101,7 +102,7 @@ X509ConstructCertificateStackV (
// //
// Initialize X509 stack object. // Initialize X509 stack object.
// //
CertStack = (STACK_OF(X509) *) (*X509Stack); CertStack = (STACK_OF (X509) *)(*X509Stack);
if (CertStack == NULL) { if (CertStack == NULL) {
CertStack = sk_X509_new_null (); CertStack = sk_X509_new_null ();
if (CertStack == NULL) { if (CertStack == NULL) {
@ -128,14 +129,15 @@ X509ConstructCertificateStackV (
// //
X509Cert = NULL; X509Cert = NULL;
Status = X509ConstructCertificate ( Status = X509ConstructCertificate (
(CONST UINT8 *) Cert, (CONST UINT8 *)Cert,
CertSize, CertSize,
(UINT8 **) &X509Cert (UINT8 **)&X509Cert
); );
if (!Status) { if (!Status) {
if (X509Cert != NULL) { if (X509Cert != NULL) {
X509_free (X509Cert); X509_free (X509Cert);
} }
break; break;
} }
@ -148,7 +150,7 @@ X509ConstructCertificateStackV (
if (!Status) { if (!Status) {
sk_X509_pop_free (CertStack, X509_free); sk_X509_pop_free (CertStack, X509_free);
} else { } else {
*X509Stack = (UINT8 *) CertStack; *X509Stack = (UINT8 *)CertStack;
} }
return Status; return Status;
@ -210,7 +212,7 @@ X509Free (
// //
// Free OpenSSL X509 object. // Free OpenSSL X509 object.
// //
X509_free ((X509 *) X509Cert); X509_free ((X509 *)X509Cert);
} }
/** /**
@ -237,7 +239,7 @@ X509StackFree (
// //
// Free OpenSSL X509 stack object. // Free OpenSSL X509 stack object.
// //
sk_X509_pop_free ((STACK_OF(X509) *) X509Stack, X509_free); sk_X509_pop_free ((STACK_OF (X509) *) X509Stack, X509_free);
} }
/** /**
@ -274,7 +276,7 @@ X509GetSubjectName (
// //
// Check input parameters. // Check input parameters.
// //
if (Cert == NULL || SubjectSize == NULL) { if ((Cert == NULL) || (SubjectSize == NULL)) {
return FALSE; return FALSE;
} }
@ -283,7 +285,7 @@ X509GetSubjectName (
// //
// Read DER-encoded X509 Certificate and Construct X509 object. // Read DER-encoded X509 Certificate and Construct X509 object.
// //
Status = X509ConstructCertificate (Cert, CertSize, (UINT8 **) &X509Cert); Status = X509ConstructCertificate (Cert, CertSize, (UINT8 **)&X509Cert);
if ((X509Cert == NULL) || (!Status)) { if ((X509Cert == NULL) || (!Status)) {
Status = FALSE; Status = FALSE;
goto _Exit; goto _Exit;
@ -299,14 +301,15 @@ X509GetSubjectName (
goto _Exit; goto _Exit;
} }
X509NameSize = i2d_X509_NAME(X509Name, NULL); X509NameSize = i2d_X509_NAME (X509Name, NULL);
if (*SubjectSize < X509NameSize) { if (*SubjectSize < X509NameSize) {
*SubjectSize = X509NameSize; *SubjectSize = X509NameSize;
goto _Exit; goto _Exit;
} }
*SubjectSize = X509NameSize; *SubjectSize = X509NameSize;
if (CertSubject != NULL) { if (CertSubject != NULL) {
i2d_X509_NAME(X509Name, &CertSubject); i2d_X509_NAME (X509Name, &CertSubject);
Status = TRUE; Status = TRUE;
} }
@ -377,6 +380,7 @@ InternalX509GetNIDName (
if ((Cert == NULL) || (CertSize > INT_MAX) || (CommonNameSize == NULL)) { if ((Cert == NULL) || (CertSize > INT_MAX) || (CommonNameSize == NULL)) {
return ReturnStatus; return ReturnStatus;
} }
if ((CommonName != NULL) && (*CommonNameSize == 0)) { if ((CommonName != NULL) && (*CommonNameSize == 0)) {
return ReturnStatus; return ReturnStatus;
} }
@ -385,7 +389,7 @@ InternalX509GetNIDName (
// //
// Read DER-encoded X509 Certificate and Construct X509 object. // Read DER-encoded X509 Certificate and Construct X509 object.
// //
Status = X509ConstructCertificate (Cert, CertSize, (UINT8 **) &X509Cert); Status = X509ConstructCertificate (Cert, CertSize, (UINT8 **)&X509Cert);
if ((X509Cert == NULL) || (!Status)) { if ((X509Cert == NULL) || (!Status)) {
// //
// Invalid X.509 Certificate // Invalid X.509 Certificate
@ -458,6 +462,7 @@ _Exit:
if (X509Cert != NULL) { if (X509Cert != NULL) {
X509_free (X509Cert); X509_free (X509Cert);
} }
if (UTF8Name != NULL) { if (UTF8Name != NULL) {
OPENSSL_free (UTF8Name); OPENSSL_free (UTF8Name);
} }
@ -572,7 +577,7 @@ RsaGetPublicKeyFromX509 (
// //
// Check input parameters. // Check input parameters.
// //
if (Cert == NULL || RsaContext == NULL) { if ((Cert == NULL) || (RsaContext == NULL)) {
return FALSE; return FALSE;
} }
@ -582,7 +587,7 @@ RsaGetPublicKeyFromX509 (
// //
// Read DER-encoded X509 Certificate and Construct X509 object. // Read DER-encoded X509 Certificate and Construct X509 object.
// //
Status = X509ConstructCertificate (Cert, CertSize, (UINT8 **) &X509Cert); Status = X509ConstructCertificate (Cert, CertSize, (UINT8 **)&X509Cert);
if ((X509Cert == NULL) || (!Status)) { if ((X509Cert == NULL) || (!Status)) {
Status = FALSE; Status = FALSE;
goto _Exit; goto _Exit;
@ -654,7 +659,7 @@ X509VerifyCert (
// //
// Check input parameters. // Check input parameters.
// //
if (Cert == NULL || CACert == NULL) { if ((Cert == NULL) || (CACert == NULL)) {
return FALSE; return FALSE;
} }
@ -670,9 +675,11 @@ X509VerifyCert (
if (EVP_add_digest (EVP_md5 ()) == 0) { if (EVP_add_digest (EVP_md5 ()) == 0) {
goto _Exit; goto _Exit;
} }
if (EVP_add_digest (EVP_sha1 ()) == 0) { if (EVP_add_digest (EVP_sha1 ()) == 0) {
goto _Exit; goto _Exit;
} }
if (EVP_add_digest (EVP_sha256 ()) == 0) { if (EVP_add_digest (EVP_sha256 ()) == 0) {
goto _Exit; goto _Exit;
} }
@ -680,7 +687,7 @@ X509VerifyCert (
// //
// Read DER-encoded certificate to be verified and Construct X509 object. // Read DER-encoded certificate to be verified and Construct X509 object.
// //
Status = X509ConstructCertificate (Cert, CertSize, (UINT8 **) &X509Cert); Status = X509ConstructCertificate (Cert, CertSize, (UINT8 **)&X509Cert);
if ((X509Cert == NULL) || (!Status)) { if ((X509Cert == NULL) || (!Status)) {
Status = FALSE; Status = FALSE;
goto _Exit; goto _Exit;
@ -689,7 +696,7 @@ X509VerifyCert (
// //
// Read DER-encoded root certificate and Construct X509 object. // Read DER-encoded root certificate and Construct X509 object.
// //
Status = X509ConstructCertificate (CACert, CACertSize, (UINT8 **) &X509CACert); Status = X509ConstructCertificate (CACert, CACertSize, (UINT8 **)&X509CACert);
if ((X509CACert == NULL) || (!Status)) { if ((X509CACert == NULL) || (!Status)) {
Status = FALSE; Status = FALSE;
goto _Exit; goto _Exit;
@ -704,6 +711,7 @@ X509VerifyCert (
if (CertStore == NULL) { if (CertStore == NULL) {
goto _Exit; goto _Exit;
} }
if (!(X509_STORE_add_cert (CertStore, X509CACert))) { if (!(X509_STORE_add_cert (CertStore, X509CACert))) {
goto _Exit; goto _Exit;
} }
@ -712,8 +720,10 @@ X509VerifyCert (
// Allow partial certificate chains, terminated by a non-self-signed but // Allow partial certificate chains, terminated by a non-self-signed but
// still trusted intermediate certificate. Also disable time checks. // still trusted intermediate certificate. Also disable time checks.
// //
X509_STORE_set_flags (CertStore, X509_STORE_set_flags (
X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME); CertStore,
X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME
);
// //
// Set up X509_STORE_CTX for the subsequent verification operation. // Set up X509_STORE_CTX for the subsequent verification operation.
@ -722,6 +732,7 @@ X509VerifyCert (
if (CertCtx == NULL) { if (CertCtx == NULL) {
goto _Exit; goto _Exit;
} }
if (!X509_STORE_CTX_init (CertCtx, CertStore, X509Cert, NULL)) { if (!X509_STORE_CTX_init (CertCtx, CertStore, X509Cert, NULL)) {
goto _Exit; goto _Exit;
} }
@ -729,7 +740,7 @@ X509VerifyCert (
// //
// X509 Certificate Verification. // X509 Certificate Verification.
// //
Status = (BOOLEAN) X509_verify_cert (CertCtx); Status = (BOOLEAN)X509_verify_cert (CertCtx);
X509_STORE_CTX_cleanup (CertCtx); X509_STORE_CTX_cleanup (CertCtx);
_Exit: _Exit:
@ -787,7 +798,8 @@ X509GetTBSCert (
// Check input parameters. // Check input parameters.
// //
if ((Cert == NULL) || (TBSCert == NULL) || if ((Cert == NULL) || (TBSCert == NULL) ||
(TBSCertSize == NULL) || (CertSize > INT_MAX)) { (TBSCertSize == NULL) || (CertSize > INT_MAX))
{
return FALSE; return FALSE;
} }

6
CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c
View File

@ -55,7 +55,7 @@ RandomSeed (
// NOTE: A cryptographic PRNG must be seeded with unpredictable data. // NOTE: A cryptographic PRNG must be seeded with unpredictable data.
// //
if (Seed != NULL) { if (Seed != NULL) {
RAND_seed (Seed, (UINT32) SeedSize); RAND_seed (Seed, (UINT32)SeedSize);
} else { } else {
RAND_seed (DefaultSeed, sizeof (DefaultSeed)); RAND_seed (DefaultSeed, sizeof (DefaultSeed));
} }
@ -89,14 +89,14 @@ RandomBytes (
// //
// Check input parameters. // Check input parameters.
// //
if (Output == NULL || Size > INT_MAX) { if ((Output == NULL) || (Size > INT_MAX)) {
return FALSE; return FALSE;
} }
// //
// Generate random data. // Generate random data.
// //
if (RAND_bytes (Output, (UINT32) Size) != 1) { if (RAND_bytes (Output, (UINT32)Size) != 1) {
return FALSE; return FALSE;
} }

1
CryptoPkg/Library/BaseCryptLib/Rand/CryptRandNull.c
View File

@ -9,7 +9,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "InternalCryptLib.h" #include "InternalCryptLib.h"
/** /**
Sets up the seed value for the pseudorandom number generator. Sets up the seed value for the pseudorandom number generator.

6
CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c
View File

@ -53,7 +53,7 @@ RandomSeed (
// NOTE: A cryptographic PRNG must be seeded with unpredictable data. // NOTE: A cryptographic PRNG must be seeded with unpredictable data.
// //
if (Seed != NULL) { if (Seed != NULL) {
RAND_seed (Seed, (UINT32) SeedSize); RAND_seed (Seed, (UINT32)SeedSize);
} else { } else {
// //
// Retrieve current time. // Retrieve current time.
@ -97,14 +97,14 @@ RandomBytes (
// //
// Check input parameters. // Check input parameters.
// //
if (Output == NULL || Size > INT_MAX) { if ((Output == NULL) || (Size > INT_MAX)) {
return FALSE; return FALSE;
} }
// //
// Generate random data. // Generate random data.
// //
if (RAND_bytes (Output, (UINT32) Size) != 1) { if (RAND_bytes (Output, (UINT32)Size) != 1) {
return FALSE; return FALSE;
} }

16
CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
View File

@ -27,7 +27,10 @@ typedef struct {
// //
/* Allocates memory blocks */ /* Allocates memory blocks */
void *malloc (size_t size) void *
malloc (
size_t size
)
{ {
CRYPTMEM_HEAD *PoolHdr; CRYPTMEM_HEAD *PoolHdr;
UINTN NewSize; UINTN NewSize;
@ -57,7 +60,11 @@ void *malloc (size_t size)
} }
/* Reallocate memory blocks */ /* Reallocate memory blocks */
void *realloc (void *ptr, size_t size) void *
realloc (
void *ptr,
size_t size
)
{ {
CRYPTMEM_HEAD *OldPoolHdr; CRYPTMEM_HEAD *OldPoolHdr;
CRYPTMEM_HEAD *NewPoolHdr; CRYPTMEM_HEAD *NewPoolHdr;
@ -96,7 +103,10 @@ void *realloc (void *ptr, size_t size)
} }
/* De-allocates or frees a memory block */ /* De-allocates or frees a memory block */
void free (void *ptr) void
free (
void *ptr
)
{ {
CRYPTMEM_HEAD *PoolHdr; CRYPTMEM_HEAD *PoolHdr;

11
CryptoPkg/Library/BaseCryptLib/SysCall/ConstantTimeClock.c
View File

@ -23,15 +23,22 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
// -- Time Management Routines -- // -- Time Management Routines --
// //
time_t time (time_t *timer) time_t
time (
time_t *timer
)
{ {
if (timer != NULL) { if (timer != NULL) {
*timer = 0; *timer = 0;
} }
return 0; return 0;
} }
struct tm * gmtime (const time_t *timer) struct tm *
gmtime (
const time_t *timer
)
{ {
return NULL; return NULL;
} }

217
CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
View File

@ -39,11 +39,11 @@ QuickSortWorker (
UINTN LoopCount; UINTN LoopCount;
UINTN NextSwapLocation; UINTN NextSwapLocation;
ASSERT(BufferToSort != NULL); ASSERT (BufferToSort != NULL);
ASSERT(CompareFunction != NULL); ASSERT (CompareFunction != NULL);
ASSERT(Buffer != NULL); ASSERT (Buffer != NULL);
if (Count < 2 || ElementSize < 1) { if ((Count < 2) || (ElementSize < 1)) {
return; return;
} }
@ -58,8 +58,7 @@ QuickSortWorker (
// Now get the pivot such that all on "left" are below it // Now get the pivot such that all on "left" are below it
// and everything "right" are above it // and everything "right" are above it
// //
for (LoopCount = 0; LoopCount < Count - 1; LoopCount++) for (LoopCount = 0; LoopCount < Count - 1; LoopCount++) {
{
// //
// If the element is less than the pivot // If the element is less than the pivot
// //
@ -77,6 +76,7 @@ QuickSortWorker (
NextSwapLocation++; NextSwapLocation++;
} }
} }
// //
// Swap pivot to its final position (NextSwapLocation) // Swap pivot to its final position (NextSwapLocation)
// //
@ -107,28 +107,37 @@ QuickSortWorker (
return; return;
} }
//--------------------------------------------------------- // ---------------------------------------------------------
// Standard C Run-time Library Interface Wrapper // Standard C Run-time Library Interface Wrapper
//--------------------------------------------------------- // ---------------------------------------------------------
// //
// -- String Manipulation Routines -- // -- String Manipulation Routines --
// //
char *strchr(const char *str, int ch) char *
strchr (
const char *str,
int ch
)
{ {
return ScanMem8 (str, AsciiStrSize (str), (UINT8)ch); return ScanMem8 (str, AsciiStrSize (str), (UINT8)ch);
} }
/* Scan a string for the last occurrence of a character */ /* Scan a string for the last occurrence of a character */
char *strrchr (const char *str, int c) char *
strrchr (
const char *str,
int c
)
{ {
char * save; char *save;
for (save = NULL; ; ++str) { for (save = NULL; ; ++str) {
if (*str == c) { if (*str == c) {
save = (char *)str; save = (char *)str;
} }
if (*str == 0) { if (*str == 0) {
return (save); return (save);
} }
@ -136,19 +145,25 @@ char *strrchr (const char *str, int c)
} }
/* Compare first n bytes of string s1 with string s2, ignoring case */ /* Compare first n bytes of string s1 with string s2, ignoring case */
int strncasecmp (const char *s1, const char *s2, size_t n) int
strncasecmp (
const char *s1,
const char *s2,
size_t n
)
{ {
int Val; int Val;
ASSERT(s1 != NULL); ASSERT (s1 != NULL);
ASSERT(s2 != NULL); ASSERT (s2 != NULL);
if (n != 0) { if (n != 0) {
do { do {
Val = tolower(*s1) - tolower(*s2); Val = tolower (*s1) - tolower (*s2);
if (Val != 0) { if (Val != 0) {
return Val; return Val;
} }
++s1; ++s1;
++s2; ++s2;
if (*s1 == '\0') { if (*s1 == '\0') {
@ -156,11 +171,17 @@ int strncasecmp (const char *s1, const char *s2, size_t n)
} }
} while (--n != 0); } while (--n != 0);
} }
return 0; return 0;
} }
/* Read formatted data from a string */ /* Read formatted data from a string */
int sscanf (const char *buffer, const char *format, ...) int
sscanf (
const char *buffer,
const char *format,
...
)
{ {
// //
// Null sscanf() function implementation to satisfy the linker, since // Null sscanf() function implementation to satisfy the linker, since
@ -170,14 +191,21 @@ int sscanf (const char *buffer, const char *format, ...)
} }
/* Maps errnum to an error-message string */ /* Maps errnum to an error-message string */
char * strerror (int errnum) char *
strerror (
int errnum
)
{ {
return NULL; return NULL;
} }
/* Computes the length of the maximum initial segment of the string pointed to by s1 /* Computes the length of the maximum initial segment of the string pointed to by s1
which consists entirely of characters from the string pointed to by s2. */ which consists entirely of characters from the string pointed to by s2. */
size_t strspn (const char *s1 , const char *s2) size_t
strspn (
const char *s1,
const char *s2
)
{ {
UINT8 Map[32]; UINT8 Map[32];
UINT32 Index; UINT32 Index;
@ -207,7 +235,11 @@ size_t strspn (const char *s1 , const char *s2)
/* Computes the length of the maximum initial segment of the string pointed to by s1 /* Computes the length of the maximum initial segment of the string pointed to by s1
which consists entirely of characters not from the string pointed to by s2. */ which consists entirely of characters not from the string pointed to by s2. */
size_t strcspn (const char *s1, const char *s2) size_t
strcspn (
const char *s1,
const char *s2
)
{ {
UINT8 Map[32]; UINT8 Map[32];
UINT32 Index; UINT32 Index;
@ -226,7 +258,7 @@ size_t strcspn (const char *s1, const char *s2)
Count = 0; Count = 0;
while (!(Map[*s1 >> 3] & (1 << (*s1 & 7)))) { while (!(Map[*s1 >> 3] & (1 << (*s1 & 7)))) {
Count ++; Count++;
s1++; s1++;
} }
@ -238,7 +270,10 @@ size_t strcspn (const char *s1, const char *s2)
// //
/* Determines if a particular character is a decimal-digit character */ /* Determines if a particular character is a decimal-digit character */
int isdigit (int c) int
isdigit (
int c
)
{ {
// //
// <digit> ::= [0-9] // <digit> ::= [0-9]
@ -247,7 +282,10 @@ int isdigit (int c)
} }
/* Determine if an integer represents character that is a hex digit */ /* Determine if an integer represents character that is a hex digit */
int isxdigit (int c) int
isxdigit (
int c
)
{ {
// //
// <hexdigit> ::= [0-9] | [a-f] | [A-F] // <hexdigit> ::= [0-9] | [a-f] | [A-F]
@ -258,7 +296,10 @@ int isxdigit (int c)
} }
/* Determines if a particular character represents a space character */ /* Determines if a particular character represents a space character */
int isspace (int c) int
isspace (
int c
)
{ {
// //
// <space> ::= [ ] // <space> ::= [ ]
@ -267,7 +308,10 @@ int isspace (int c)
} }
/* Determine if a particular character is an alphanumeric character */ /* Determine if a particular character is an alphanumeric character */
int isalnum (int c) int
isalnum (
int c
)
{ {
// //
// <alnum> ::= [0-9] | [a-z] | [A-Z] // <alnum> ::= [0-9] | [a-z] | [A-Z]
@ -278,7 +322,10 @@ int isalnum (int c)
} }
/* Determines if a particular character is in upper case */ /* Determines if a particular character is in upper case */
int isupper (int c) int
isupper (
int c
)
{ {
// //
// <uppercase letter> := [A-Z] // <uppercase letter> := [A-Z]
@ -291,7 +338,12 @@ int isupper (int c)
// //
/* Convert strings to a long-integer value */ /* Convert strings to a long-integer value */
long strtol (const char *nptr, char **endptr, int base) long
strtol (
const char *nptr,
char **endptr,
int base
)
{ {
// //
// Null strtol() function implementation to satisfy the linker, since there is // Null strtol() function implementation to satisfy the linker, since there is
@ -301,7 +353,12 @@ long strtol (const char *nptr, char **endptr, int base)
} }
/* Convert strings to an unsigned long-integer value */ /* Convert strings to an unsigned long-integer value */
unsigned long strtoul (const char *nptr, char **endptr, int base) unsigned long
strtoul (
const char *nptr,
char **endptr,
int base
)
{ {
// //
// Null strtoul() function implementation to satisfy the linker, since there is // Null strtoul() function implementation to satisfy the linker, since there is
@ -311,11 +368,15 @@ unsigned long strtoul (const char *nptr, char **endptr, int base)
} }
/* Convert character to lowercase */ /* Convert character to lowercase */
int tolower (int c) int
tolower (
int c
)
{ {
if (('A' <= (c)) && ((c) <= 'Z')) { if (('A' <= (c)) && ((c) <= 'Z')) {
return (c - ('A' - 'a')); return (c - ('A' - 'a'));
} }
return (c); return (c);
} }
@ -324,7 +385,13 @@ int tolower (int c)
// //
/* Performs a quick sort */ /* Performs a quick sort */
void qsort (void *base, size_t num, size_t width, int (*compare)(const void *, const void *)) void
qsort (
void *base,
size_t num,
size_t width,
int ( *compare )(const void *, const void *)
)
{ {
VOID *Buffer; VOID *Buffer;
@ -351,7 +418,10 @@ void qsort (void *base, size_t num, size_t width, int (*compare)(const void *, c
// //
/* Get a value from the current environment */ /* Get a value from the current environment */
char *getenv (const char *varname) char *
getenv (
const char *varname
)
{ {
// //
// Null getenv() function implementation to satisfy the linker, since there is // Null getenv() function implementation to satisfy the linker, since there is
@ -361,7 +431,10 @@ char *getenv (const char *varname)
} }
/* Get a value from the current environment */ /* Get a value from the current environment */
char *secure_getenv (const char *varname) char *
secure_getenv (
const char *varname
)
{ {
// //
// Null secure_getenv() function implementation to satisfy the linker, since // Null secure_getenv() function implementation to satisfy the linker, since
@ -378,7 +451,13 @@ char *secure_getenv (const char *varname)
// //
/* Write data to a stream */ /* Write data to a stream */
size_t fwrite (const void *buffer, size_t size, size_t count, FILE *stream) size_t
fwrite (
const void *buffer,
size_t size,
size_t count,
FILE *stream
)
{ {
return 0; return 0;
} }
@ -387,12 +466,23 @@ size_t fwrite (const void *buffer, size_t size, size_t count, FILE *stream)
// -- Dummy OpenSSL Support Routines -- // -- Dummy OpenSSL Support Routines --
// //
int BIO_printf (void *bio, const char *format, ...) int
BIO_printf (
void *bio,
const char *format,
...
)
{ {
return 0; return 0;
} }
int BIO_snprintf(char *buf, size_t n, const char *format, ...) int
BIO_snprintf (
char *buf,
size_t n,
const char *format,
...
)
{ {
return 0; return 0;
} }
@ -403,7 +493,7 @@ typedef
VOID VOID
(EFIAPI *NoReturnFuncPtr)( (EFIAPI *NoReturnFuncPtr)(
VOID VOID
) __attribute__((__noreturn__)); ) __attribute__ ((__noreturn__));
STATIC STATIC
VOID VOID
@ -414,60 +504,95 @@ NopFunction (
{ {
} }
void abort (void) void
abort (
void
)
{ {
NoReturnFuncPtr NoReturnFunc; NoReturnFuncPtr NoReturnFunc;
NoReturnFunc = (NoReturnFuncPtr) NopFunction; NoReturnFunc = (NoReturnFuncPtr)NopFunction;
NoReturnFunc (); NoReturnFunc ();
} }
#else #else
void abort (void) void
abort (
void
)
{ {
// Do nothing // Do nothing
} }
#endif #endif
int fclose (FILE *f) int
fclose (
FILE *f
)
{ {
return 0; return 0;
} }
FILE *fopen (const char *c, const char *m) FILE *
fopen (
const char *c,
const char *m
)
{ {
return NULL; return NULL;
} }
size_t fread (void *b, size_t c, size_t i, FILE *f) size_t
fread (
void *b,
size_t c,
size_t i,
FILE *f
)
{ {
return 0; return 0;
} }
uid_t getuid (void) uid_t
getuid (
void
)
{ {
return 0; return 0;
} }
uid_t geteuid (void) uid_t
geteuid (
void
)
{ {
return 0; return 0;
} }
gid_t getgid (void) gid_t
getgid (
void
)
{ {
return 0; return 0;
} }
gid_t getegid (void) gid_t
getegid (
void
)
{ {
return 0; return 0;
} }
int printf (char const *fmt, ...) int
printf (
char const *fmt,
...
)
{ {
return 0; return 0;
} }

47
CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c
View File

@ -13,9 +13,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/MemoryAllocationLib.h> #include <Library/MemoryAllocationLib.h>
#include <Guid/EventGroup.h> #include <Guid/EventGroup.h>
//---------------------------------------------------------------- // ----------------------------------------------------------------
// Initial version. Needs further optimizations. // Initial version. Needs further optimizations.
//---------------------------------------------------------------- // ----------------------------------------------------------------
// //
// Definitions for Runtime Memory Operations // Definitions for Runtime Memory Operations
@ -61,7 +61,6 @@ RT_MEMORY_PAGE_TABLE *mRTPageTable = NULL;
// //
STATIC EFI_EVENT mVirtualAddressChangeEvent; STATIC EFI_EVENT mVirtualAddressChangeEvent;
/** /**
Initializes pre-allocated memory pointed by ScratchBuffer for subsequent Initializes pre-allocated memory pointed by ScratchBuffer for subsequent
runtime use. runtime use.
@ -114,7 +113,6 @@ InitializeScratchMemory (
return EFI_SUCCESS; return EFI_SUCCESS;
} }
/** /**
Look-up Free memory Region for object allocation. Look-up Free memory Region for object allocation.
@ -182,6 +180,7 @@ LookupFreeMemRegion (
// //
return (UINTN)(-1); return (UINTN)(-1);
} }
for (Index = 0; Index < (StartPageIndex - ReqPages); ) { for (Index = 0; Index < (StartPageIndex - ReqPages); ) {
// //
// Check Consecutive ReqPages Pages. // Check Consecutive ReqPages Pages.
@ -203,7 +202,8 @@ LookupFreeMemRegion (
// Failed! Skip current adjacent Used pages // Failed! Skip current adjacent Used pages
// //
while ((SubIndex < (StartPageIndex - ReqPages)) && while ((SubIndex < (StartPageIndex - ReqPages)) &&
((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0)) { ((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0))
{
SubIndex++; SubIndex++;
} }
@ -216,7 +216,6 @@ LookupFreeMemRegion (
return (UINTN)(-1); return (UINTN)(-1);
} }
/** /**
Allocates a buffer at runtime phase. Allocates a buffer at runtime phase.
@ -274,7 +273,6 @@ RuntimeAllocateMem (
return AllocPtr; return AllocPtr;
} }
/** /**
Frees a buffer that was previously allocated at runtime phase. Frees a buffer that was previously allocated at runtime phase.
@ -290,11 +288,12 @@ RuntimeFreeMem (
UINTN StartPageIndex; UINTN StartPageIndex;
StartOffset = (UINTN)Buffer - (UINTN)mRTPageTable->DataAreaBase; StartOffset = (UINTN)Buffer - (UINTN)mRTPageTable->DataAreaBase;
StartPageIndex = RT_SIZE_TO_PAGES (mRTPageTable->Pages[RT_SIZE_TO_PAGES(StartOffset)].StartPageOffset); StartPageIndex = RT_SIZE_TO_PAGES (mRTPageTable->Pages[RT_SIZE_TO_PAGES (StartOffset)].StartPageOffset);
while (StartPageIndex < mRTPageTable->PageCount) { while (StartPageIndex < mRTPageTable->PageCount) {
if (((mRTPageTable->Pages[StartPageIndex].PageFlag & RT_PAGE_USED) != 0) && if (((mRTPageTable->Pages[StartPageIndex].PageFlag & RT_PAGE_USED) != 0) &&
(mRTPageTable->Pages[StartPageIndex].StartPageOffset == StartOffset)) { (mRTPageTable->Pages[StartPageIndex].StartPageOffset == StartOffset))
{
// //
// Free this page // Free this page
// //
@ -311,7 +310,6 @@ RuntimeFreeMem (
return; return;
} }
/** /**
Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE. Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE.
@ -332,11 +330,10 @@ RuntimeCryptLibAddressChangeEvent (
// //
// Converts a pointer for runtime memory management to a new virtual address. // Converts a pointer for runtime memory management to a new virtual address.
// //
EfiConvertPointer (0x0, (VOID **) &mRTPageTable->DataAreaBase); EfiConvertPointer (0x0, (VOID **)&mRTPageTable->DataAreaBase);
EfiConvertPointer (0x0, (VOID **) &mRTPageTable); EfiConvertPointer (0x0, (VOID **)&mRTPageTable);
} }
/** /**
Constructor routine for runtime crypt library instance. Constructor routine for runtime crypt library instance.
@ -384,19 +381,25 @@ RuntimeCryptLibConstructor (
return Status; return Status;
} }
// //
// -- Memory-Allocation Routines Wrapper for UEFI-OpenSSL Library -- // -- Memory-Allocation Routines Wrapper for UEFI-OpenSSL Library --
// //
/* Allocates memory blocks */ /* Allocates memory blocks */
void *malloc (size_t size) void *
malloc (
size_t size
)
{ {
return RuntimeAllocateMem ((UINTN) size); return RuntimeAllocateMem ((UINTN)size);
} }
/* Reallocate memory blocks */ /* Reallocate memory blocks */
void *realloc (void *ptr, size_t size) void *
realloc (
void *ptr,
size_t size
)
{ {
VOID *NewPtr; VOID *NewPtr;
UINTN StartOffset; UINTN StartOffset;
@ -415,7 +418,8 @@ void *realloc (void *ptr, size_t size)
PageCount = 0; PageCount = 0;
while (StartPageIndex < mRTPageTable->PageCount) { while (StartPageIndex < mRTPageTable->PageCount) {
if (((mRTPageTable->Pages[StartPageIndex].PageFlag & RT_PAGE_USED) != 0) && if (((mRTPageTable->Pages[StartPageIndex].PageFlag & RT_PAGE_USED) != 0) &&
(mRTPageTable->Pages[StartPageIndex].StartPageOffset == StartOffset)) { (mRTPageTable->Pages[StartPageIndex].StartPageOffset == StartOffset))
{
StartPageIndex++; StartPageIndex++;
PageCount++; PageCount++;
} else { } else {
@ -430,7 +434,7 @@ void *realloc (void *ptr, size_t size)
return ptr; return ptr;
} }
NewPtr = RuntimeAllocateMem ((UINTN) size); NewPtr = RuntimeAllocateMem ((UINTN)size);
if (NewPtr == NULL) { if (NewPtr == NULL) {
return NULL; return NULL;
} }
@ -443,7 +447,10 @@ void *realloc (void *ptr, size_t size)
} }
/* Deallocates or frees a memory block */ /* Deallocates or frees a memory block */
void free (void *ptr) void
free (
void *ptr
)
{ {
// //
// In Standard C, free() handles a null pointer argument transparently. This // In Standard C, free() handles a null pointer argument transparently. This

46
CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
View File

@ -61,10 +61,13 @@ UINTN CumulativeDays[2][14] = {
}; };
/* Get the system time as seconds elapsed since midnight, January 1, 1970. */ /* Get the system time as seconds elapsed since midnight, January 1, 1970. */
//INTN time( // INTN time(
// INTN *timer // INTN *timer
// ) // )
time_t time (time_t *timer) time_t
time (
time_t *timer
)
{ {
EFI_STATUS Status; EFI_STATUS Status;
EFI_TIME Time; EFI_TIME Time;
@ -84,7 +87,7 @@ time_t time (time_t *timer)
// UTime should now be set to 00:00:00 on Jan 1 of the current year. // UTime should now be set to 00:00:00 on Jan 1 of the current year.
// //
for (Year = 1970, CalTime = 0; Year != Time.Year; Year++) { for (Year = 1970, CalTime = 0; Year != Time.Year; Year++) {
CalTime = CalTime + (time_t)(CumulativeDays[IsLeap(Year)][13] * SECSPERDAY); CalTime = CalTime + (time_t)(CumulativeDays[IsLeap (Year)][13] * SECSPERDAY);
} }
// //
@ -92,7 +95,7 @@ time_t time (time_t *timer)
// //
CalTime = CalTime + CalTime = CalTime +
(time_t)((Time.TimeZone != EFI_UNSPECIFIED_TIMEZONE) ? (Time.TimeZone * 60) : 0) + (time_t)((Time.TimeZone != EFI_UNSPECIFIED_TIMEZONE) ? (Time.TimeZone * 60) : 0) +
(time_t)(CumulativeDays[IsLeap(Time.Year)][Time.Month] * SECSPERDAY) + (time_t)(CumulativeDays[IsLeap (Time.Year)][Time.Month] * SECSPERDAY) +
(time_t)(((Time.Day > 0) ? Time.Day - 1 : 0) * SECSPERDAY) + (time_t)(((Time.Day > 0) ? Time.Day - 1 : 0) * SECSPERDAY) +
(time_t)(Time.Hour * SECSPERHOUR) + (time_t)(Time.Hour * SECSPERHOUR) +
(time_t)(Time.Minute * 60) + (time_t)(Time.Minute * 60) +
@ -108,7 +111,10 @@ time_t time (time_t *timer)
// //
// Convert a time value from type time_t to struct tm. // Convert a time value from type time_t to struct tm.
// //
struct tm * gmtime (const time_t *timer) struct tm *
gmtime (
const time_t *timer
)
{ {
struct tm *GmTime; struct tm *GmTime;
UINT16 DayNo; UINT16 DayNo;
@ -127,38 +133,38 @@ struct tm * gmtime (const time_t *timer)
return NULL; return NULL;
} }
ZeroMem ((VOID *) GmTime, (UINTN) sizeof (struct tm)); ZeroMem ((VOID *)GmTime, (UINTN)sizeof (struct tm));
DayNo = (UINT16) (*timer / SECSPERDAY); DayNo = (UINT16)(*timer / SECSPERDAY);
DayRemainder = (UINT16) (*timer % SECSPERDAY); DayRemainder = (UINT16)(*timer % SECSPERDAY);
GmTime->tm_sec = (int) (DayRemainder % SECSPERMIN); GmTime->tm_sec = (int)(DayRemainder % SECSPERMIN);
GmTime->tm_min = (int) ((DayRemainder % SECSPERHOUR) / SECSPERMIN); GmTime->tm_min = (int)((DayRemainder % SECSPERHOUR) / SECSPERMIN);
GmTime->tm_hour = (int) (DayRemainder / SECSPERHOUR); GmTime->tm_hour = (int)(DayRemainder / SECSPERHOUR);
GmTime->tm_wday = (int) ((DayNo + 4) % 7); GmTime->tm_wday = (int)((DayNo + 4) % 7);
for (Year = 1970, YearNo = 0; DayNo > 0; Year++) { for (Year = 1970, YearNo = 0; DayNo > 0; Year++) {
TotalDays = (UINT16) (IsLeap (Year) ? 366 : 365); TotalDays = (UINT16)(IsLeap (Year) ? 366 : 365);
if (DayNo >= TotalDays) { if (DayNo >= TotalDays) {
DayNo = (UINT16) (DayNo - TotalDays); DayNo = (UINT16)(DayNo - TotalDays);
YearNo++; YearNo++;
} else { } else {
break; break;
} }
} }
GmTime->tm_year = (int) (YearNo + (1970 - 1900)); GmTime->tm_year = (int)(YearNo + (1970 - 1900));
GmTime->tm_yday = (int) DayNo; GmTime->tm_yday = (int)DayNo;
for (MonthNo = 12; MonthNo > 1; MonthNo--) { for (MonthNo = 12; MonthNo > 1; MonthNo--) {
if (DayNo >= CumulativeDays[IsLeap(Year)][MonthNo]) { if (DayNo >= CumulativeDays[IsLeap (Year)][MonthNo]) {
DayNo = (UINT16) (DayNo - (UINT16) (CumulativeDays[IsLeap(Year)][MonthNo])); DayNo = (UINT16)(DayNo - (UINT16)(CumulativeDays[IsLeap (Year)][MonthNo]));
break; break;
} }
} }
GmTime->tm_mon = (int) MonthNo - 1; GmTime->tm_mon = (int)MonthNo - 1;
GmTime->tm_mday = (int) DayNo + 1; GmTime->tm_mday = (int)DayNo + 1;
GmTime->tm_isdst = 0; GmTime->tm_isdst = 0;
GmTime->tm_gmtoff = 0; GmTime->tm_gmtoff = 0;

63
CryptoPkg/Library/BaseCryptLib/SysCall/UnitTestHostCrtWrapper.c
View File

@ -14,28 +14,38 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/DebugLib.h> #include <Library/DebugLib.h>
/* Convert character to lowercase */ /* Convert character to lowercase */
int tolower (int c) int
tolower (
int c
)
{ {
if (('A' <= (c)) && ((c) <= 'Z')) { if (('A' <= (c)) && ((c) <= 'Z')) {
return (c - ('A' - 'a')); return (c - ('A' - 'a'));
} }
return (c); return (c);
} }
/* Compare first n bytes of string s1 with string s2, ignoring case */ /* Compare first n bytes of string s1 with string s2, ignoring case */
int strncasecmp (const char *s1, const char *s2, size_t n) int
strncasecmp (
const char *s1,
const char *s2,
size_t n
)
{ {
int Val; int Val;
ASSERT(s1 != NULL); ASSERT (s1 != NULL);
ASSERT(s2 != NULL); ASSERT (s2 != NULL);
if (n != 0) { if (n != 0) {
do { do {
Val = tolower(*s1) - tolower(*s2); Val = tolower (*s1) - tolower (*s2);
if (Val != 0) { if (Val != 0) {
return Val; return Val;
} }
++s1; ++s1;
++s2; ++s2;
if (*s1 == '\0') { if (*s1 == '\0') {
@ -43,11 +53,17 @@ int strncasecmp (const char *s1, const char *s2, size_t n)
} }
} while (--n != 0); } while (--n != 0);
} }
return 0; return 0;
} }
/* Read formatted data from a string */ /* Read formatted data from a string */
int sscanf (const char *buffer, const char *format, ...) int
sscanf (
const char *buffer,
const char *format,
...
)
{ {
// //
// Null sscanf() function implementation to satisfy the linker, since // Null sscanf() function implementation to satisfy the linker, since
@ -60,32 +76,55 @@ int sscanf (const char *buffer, const char *format, ...)
// -- Dummy OpenSSL Support Routines -- // -- Dummy OpenSSL Support Routines --
// //
int BIO_printf (void *bio, const char *format, ...) int
BIO_printf (
void *bio,
const char *format,
...
)
{ {
return 0; return 0;
} }
int BIO_snprintf(char *buf, size_t n, const char *format, ...) int
BIO_snprintf (
char *buf,
size_t n,
const char *format,
...
)
{ {
return 0; return 0;
} }
uid_t getuid (void) uid_t
getuid (
void
)
{ {
return 0; return 0;
} }
uid_t geteuid (void) uid_t
geteuid (
void
)
{ {
return 0; return 0;
} }
gid_t getgid (void) gid_t
getgid (
void
)
{ {
return 0; return 0;
} }
gid_t getegid (void) gid_t
getegid (
void
)
{ {
return 0; return 0;
} }

121
CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c
View File

@ -54,7 +54,7 @@
* *
*/ */
#if defined(LIBC_SCCS) && !defined(lint) #if defined (LIBC_SCCS) && !defined (lint)
static char rcsid[] = "$Id: inet_pton.c,v 1.1.1.1 2003/11/19 01:51:30 kyu3 Exp $"; static char rcsid[] = "$Id: inet_pton.c,v 1.1.1.1 2003/11/19 01:51:30 kyu3 Exp $";
#endif /* LIBC_SCCS and not lint */ #endif /* LIBC_SCCS and not lint */
@ -72,8 +72,17 @@ static char rcsid[] = "$Id: inet_pton.c,v 1.1.1.1 2003/11/19 01:51:30 kyu3 Exp $
* sizeof(int) < 4. sizeof(int) > 4 is fine; all the world's not a VAX. * sizeof(int) < 4. sizeof(int) > 4 is fine; all the world's not a VAX.
*/ */
static int inet_pton4 (const char *src, u_char *dst); static int
static int inet_pton6 (const char *src, u_char *dst); inet_pton4 (
const char *src,
u_char *dst
);
static int
inet_pton6 (
const char *src,
u_char *dst
);
/* int /* int
* inet_pton(af, src, dst) * inet_pton(af, src, dst)
@ -87,7 +96,7 @@ static int inet_pton6 (const char *src, u_char *dst);
* Paul Vixie, 1996. * Paul Vixie, 1996.
*/ */
int int
inet_pton( inet_pton (
int af, int af,
const char *src, const char *src,
void *dst void *dst
@ -95,13 +104,14 @@ inet_pton(
{ {
switch (af) { switch (af) {
case AF_INET: case AF_INET:
return (inet_pton4(src, dst)); return (inet_pton4 (src, dst));
case AF_INET6: case AF_INET6:
return (inet_pton6(src, dst)); return (inet_pton6 (src, dst));
default: default:
errno = EAFNOSUPPORT; errno = EAFNOSUPPORT;
return (-1); return (-1);
} }
/* NOTREACHED */ /* NOTREACHED */
} }
@ -116,7 +126,7 @@ inet_pton(
* Paul Vixie, 1996. * Paul Vixie, 1996.
*/ */
static int static int
inet_pton4( inet_pton4 (
const char *src, const char *src,
u_char *dst u_char *dst
) )
@ -131,29 +141,38 @@ inet_pton4(
while ((ch = *src++) != '\0') { while ((ch = *src++) != '\0') {
const char *pch; const char *pch;
if ((pch = strchr(digits, ch)) != NULL) { if ((pch = strchr (digits, ch)) != NULL) {
u_int new = *tp * 10 + (u_int)(pch - digits); u_int new = *tp * 10 + (u_int)(pch - digits);
if (new > 255) if (new > 255) {
return (0); return (0);
}
*tp = (u_char)new; *tp = (u_char)new;
if (! saw_digit) { if (!saw_digit) {
if (++octets > 4) if (++octets > 4) {
return (0); return (0);
}
saw_digit = 1; saw_digit = 1;
} }
} else if (ch == '.' && saw_digit) { } else if ((ch == '.') && saw_digit) {
if (octets == 4) if (octets == 4) {
return (0);
*++tp = 0;
saw_digit = 0;
} else
return (0); return (0);
} }
if (octets < 4)
return (0);
memcpy(dst, tmp, NS_INADDRSZ); *++tp = 0;
saw_digit = 0;
} else {
return (0);
}
}
if (octets < 4) {
return (0);
}
memcpy (dst, tmp, NS_INADDRSZ);
return (1); return (1);
} }
@ -171,7 +190,7 @@ inet_pton4(
* Paul Vixie, 1996. * Paul Vixie, 1996.
*/ */
static int static int
inet_pton6( inet_pton6 (
const char *src, const char *src,
u_char *dst u_char *dst
) )
@ -183,59 +202,79 @@ inet_pton6(
int ch, saw_xdigit; int ch, saw_xdigit;
u_int val; u_int val;
memset((tp = tmp), '\0', NS_IN6ADDRSZ); memset ((tp = tmp), '\0', NS_IN6ADDRSZ);
endp = tp + NS_IN6ADDRSZ; endp = tp + NS_IN6ADDRSZ;
colonp = NULL; colonp = NULL;
/* Leading :: requires some special handling. */ /* Leading :: requires some special handling. */
if (*src == ':') if (*src == ':') {
if (*++src != ':') if (*++src != ':') {
return (0); return (0);
}
}
curtok = src; curtok = src;
saw_xdigit = 0; saw_xdigit = 0;
val = 0; val = 0;
while ((ch = *src++) != '\0') { while ((ch = *src++) != '\0') {
const char *pch; const char *pch;
if ((pch = strchr((xdigits = xdigits_l), ch)) == NULL) if ((pch = strchr ((xdigits = xdigits_l), ch)) == NULL) {
pch = strchr((xdigits = xdigits_u), ch); pch = strchr ((xdigits = xdigits_u), ch);
}
if (pch != NULL) { if (pch != NULL) {
val <<= 4; val <<= 4;
val |= (pch - xdigits); val |= (pch - xdigits);
if (val > 0xffff) if (val > 0xffff) {
return (0); return (0);
}
saw_xdigit = 1; saw_xdigit = 1;
continue; continue;
} }
if (ch == ':') { if (ch == ':') {
curtok = src; curtok = src;
if (!saw_xdigit) { if (!saw_xdigit) {
if (colonp) if (colonp) {
return (0); return (0);
}
colonp = tp; colonp = tp;
continue; continue;
} }
if (tp + NS_INT16SZ > endp)
if (tp + NS_INT16SZ > endp) {
return (0); return (0);
*tp++ = (u_char) (val >> 8) & 0xff; }
*tp++ = (u_char) val & 0xff;
*tp++ = (u_char)(val >> 8) & 0xff;
*tp++ = (u_char)val & 0xff;
saw_xdigit = 0; saw_xdigit = 0;
val = 0; val = 0;
continue; continue;
} }
if (ch == '.' && ((tp + NS_INADDRSZ) <= endp) &&
inet_pton4(curtok, tp) > 0) { if ((ch == '.') && ((tp + NS_INADDRSZ) <= endp) &&
(inet_pton4 (curtok, tp) > 0))
{
tp += NS_INADDRSZ; tp += NS_INADDRSZ;
saw_xdigit = 0; saw_xdigit = 0;
break; /* '\0' was seen by inet_pton4(). */ break; /* '\0' was seen by inet_pton4(). */
} }
return (0); return (0);
} }
if (saw_xdigit) { if (saw_xdigit) {
if (tp + NS_INT16SZ > endp) if (tp + NS_INT16SZ > endp) {
return (0); return (0);
*tp++ = (u_char) (val >> 8) & 0xff;
*tp++ = (u_char) val & 0xff;
} }
*tp++ = (u_char)(val >> 8) & 0xff;
*tp++ = (u_char)val & 0xff;
}
if (colonp != NULL) { if (colonp != NULL) {
/* /*
* Since some memmove()'s erroneously fail to handle * Since some memmove()'s erroneously fail to handle
@ -245,13 +284,17 @@ inet_pton6(
int i; int i;
for (i = 1; i <= n; i++) { for (i = 1; i <= n; i++) {
endp[- i] = colonp[n - i]; endp[-i] = colonp[n - i];
colonp[n - i] = 0; colonp[n - i] = 0;
} }
tp = endp; tp = endp;
} }
if (tp != endp)
if (tp != endp) {
return (0); return (0);
memcpy(dst, tmp, NS_IN6ADDRSZ); }
memcpy (dst, tmp, NS_IN6ADDRSZ);
return (1); return (1);
} }

8
CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd5Null.c
View File

@ -9,7 +9,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "InternalCryptLib.h" #include "InternalCryptLib.h"
/** /**
Retrieves the size, in bytes, of the context buffer required for MD5 hash operations. Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
@ -26,7 +25,6 @@ Md5GetContextSize (
return 0; return 0;
} }
/** /**
Initializes user-supplied memory pointed by Md5Context as MD5 hash context for Initializes user-supplied memory pointed by Md5Context as MD5 hash context for
subsequent use. subsequent use.
@ -154,12 +152,12 @@ value (16 bytes).
**/ **/
BOOLEAN BOOLEAN
EFIAPI EFIAPI
Md5HashAll( Md5HashAll (
IN CONST VOID *Data, IN CONST VOID *Data,
IN UINTN DataSize, IN UINTN DataSize,
OUT UINT8 *HashValue OUT UINT8 *HashValue
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return FALSE; return FALSE;
} }

1
CryptoPkg/Library/BaseCryptLibNull/Hash/CryptSha1Null.c
View File

@ -8,7 +8,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "InternalCryptLib.h" #include "InternalCryptLib.h"
/** /**
Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations. Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.

1
CryptoPkg/Library/BaseCryptLibNull/Pk/CryptPkcs7SignNull.c
View File

@ -51,4 +51,3 @@ Pkcs7Sign (
ASSERT (FALSE); ASSERT (FALSE);
return FALSE; return FALSE;
} }

14
CryptoPkg/Library/BaseCryptLibNull/Pk/CryptPkcs7VerifyEkuNull.c
View File

@ -55,12 +55,10 @@ GetSignerCertificate (
OUT VOID **SignerCert OUT VOID **SignerCert
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_NOT_READY; return EFI_NOT_READY;
} }
/** /**
Determines if the specified EKU represented in ASN1 form is present Determines if the specified EKU represented in ASN1 form is present
in a given certificate. in a given certificate.
@ -80,11 +78,10 @@ IsEkuInCertificate (
IN VOID *Asn1ToFind IN VOID *Asn1ToFind
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_NOT_READY; return EFI_NOT_READY;
} }
/** /**
Determines if the specified EKUs are present in a signing certificate. Determines if the specified EKUs are present in a signing certificate.
@ -99,14 +96,14 @@ IsEkuInCertificate (
@retval EFI_NOT_FOUND One or more EKU's were not found in the signature. @retval EFI_NOT_FOUND One or more EKU's were not found in the signature.
**/ **/
EFI_STATUS EFI_STATUS
CheckEKUs( CheckEKUs (
IN CONST VOID *SignerCert, IN CONST VOID *SignerCert,
IN CONST CHAR8 *RequiredEKUs[], IN CONST CHAR8 *RequiredEKUs[],
IN CONST UINT32 RequiredEKUsSize, IN CONST UINT32 RequiredEKUsSize,
IN BOOLEAN RequireAllPresent IN BOOLEAN RequireAllPresent
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_NOT_READY; return EFI_NOT_READY;
} }
@ -150,7 +147,6 @@ VerifyEKUsInPkcs7Signature (
IN BOOLEAN RequireAllPresent IN BOOLEAN RequireAllPresent
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_NOT_READY; return EFI_NOT_READY;
} }

2
CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaExtNull.c
View File

@ -115,5 +115,3 @@ RsaPkcs1Sign (
ASSERT (FALSE); ASSERT (FALSE);
return FALSE; return FALSE;
} }

1
CryptoPkg/Library/BaseCryptLibNull/Rand/CryptRandNull.c
View File

@ -9,7 +9,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "InternalCryptLib.h" #include "InternalCryptLib.h"
/** /**
Sets up the seed value for the pseudorandom number generator. Sets up the seed value for the pseudorandom number generator.

33
CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
View File

@ -95,11 +95,12 @@ CryptoServiceNotAvailable (
ASSERT_EFI_ERROR (EFI_UNSUPPORTED); ASSERT_EFI_ERROR (EFI_UNSUPPORTED);
} }
//===================================================================================== // =====================================================================================
// One-Way Cryptographic Hash Primitives // One-Way Cryptographic Hash Primitives
//===================================================================================== // =====================================================================================
#ifdef ENABLE_MD5_DEPRECATED_INTERFACES #ifdef ENABLE_MD5_DEPRECATED_INTERFACES
/** /**
Retrieves the size, in bytes, of the context buffer required for MD5 hash operations. Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
@ -257,9 +258,11 @@ Md5HashAll (
{ {
CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), FALSE); CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), FALSE);
} }
#endif #endif
#ifndef DISABLE_SHA1_DEPRECATED_INTERFACES #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES
/** /**
Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations. Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
@ -417,6 +420,7 @@ Sha1HashAll (
{ {
CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), FALSE); CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), FALSE);
} }
#endif #endif
/** /**
@ -1015,9 +1019,9 @@ Sm3HashAll (
CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), FALSE); CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), FALSE);
} }
//===================================================================================== // =====================================================================================
// MAC (Message Authentication Code) Primitive // MAC (Message Authentication Code) Primitive
//===================================================================================== // =====================================================================================
/** /**
Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use. Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use.
@ -1165,9 +1169,9 @@ HmacSha256Final (
CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, HmacValue), FALSE); CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, HmacValue), FALSE);
} }
//===================================================================================== // =====================================================================================
// Symmetric Cryptography Primitive // Symmetric Cryptography Primitive
//===================================================================================== // =====================================================================================
/** /**
Retrieves the size, in bytes, of the context buffer required for AES operations. Retrieves the size, in bytes, of the context buffer required for AES operations.
@ -1304,9 +1308,9 @@ AesCbcDecrypt (
CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, Ivec, Output), FALSE); CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, Ivec, Output), FALSE);
} }
//===================================================================================== // =====================================================================================
// Asymmetric Cryptography Primitive // Asymmetric Cryptography Primitive
//===================================================================================== // =====================================================================================
/** /**
Allocates and initializes one RSA context for subsequent use. Allocates and initializes one RSA context for subsequent use.
@ -2287,7 +2291,6 @@ VerifyEKUsInPkcs7Signature (
CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE); CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE);
} }
/** /**
Extracts the attached content from a PKCS#7 signed data if existed. The input signed Extracts the attached content from a PKCS#7 signed data if existed. The input signed
data could be wrapped in a ContentInfo structure. data could be wrapped in a ContentInfo structure.
@ -2391,9 +2394,9 @@ ImageTimestampVerify (
CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, TsaCert, CertSize, SigningTime), FALSE); CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, TsaCert, CertSize, SigningTime), FALSE);
} }
//===================================================================================== // =====================================================================================
// DH Key Exchange Primitive // DH Key Exchange Primitive
//===================================================================================== // =====================================================================================
/** /**
Allocates and Initializes one Diffie-Hellman Context for subsequent use. Allocates and Initializes one Diffie-Hellman Context for subsequent use.
@ -2574,9 +2577,9 @@ DhComputeKey (
CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, PeerPublicKeySize, Key, KeySize), FALSE); CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, PeerPublicKeySize, Key, KeySize), FALSE);
} }
//===================================================================================== // =====================================================================================
// Pseudo-Random Generation Primitive // Pseudo-Random Generation Primitive
//===================================================================================== // =====================================================================================
/** /**
Sets up the seed value for the pseudorandom number generator. Sets up the seed value for the pseudorandom number generator.
@ -2630,9 +2633,9 @@ RandomBytes (
CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE); CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE);
} }
//===================================================================================== // =====================================================================================
// Key Derivation Function Primitive // Key Derivation Function Primitive
//===================================================================================== // =====================================================================================
/** /**
Derive key data using HMAC-SHA256 based KDF. Derive key data using HMAC-SHA256 based KDF.

6
CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c
View File

@ -57,8 +57,8 @@ DxeCryptLibConstructor (
(VOID **)&mCryptoProtocol (VOID **)&mCryptoProtocol
); );
if (EFI_ERROR (Status) || mCryptoProtocol == NULL) { if (EFI_ERROR (Status) || (mCryptoProtocol == NULL)) {
DEBUG((DEBUG_ERROR, "[DxeCryptLib] Failed to locate Crypto Protocol. Status = %r\n", Status)); DEBUG ((DEBUG_ERROR, "[DxeCryptLib] Failed to locate Crypto Protocol. Status = %r\n", Status));
ASSERT_EFI_ERROR (Status); ASSERT_EFI_ERROR (Status);
ASSERT (mCryptoProtocol != NULL); ASSERT (mCryptoProtocol != NULL);
mCryptoProtocol = NULL; mCryptoProtocol = NULL;
@ -67,7 +67,7 @@ DxeCryptLibConstructor (
Version = mCryptoProtocol->GetVersion (); Version = mCryptoProtocol->GetVersion ();
if (Version < EDKII_CRYPTO_VERSION) { if (Version < EDKII_CRYPTO_VERSION) {
DEBUG((DEBUG_ERROR, "[DxeCryptLib] Crypto Protocol unsupported version %d\n", Version)); DEBUG ((DEBUG_ERROR, "[DxeCryptLib] Crypto Protocol unsupported version %d\n", Version));
ASSERT (Version >= EDKII_CRYPTO_VERSION); ASSERT (Version >= EDKII_CRYPTO_VERSION);
mCryptoProtocol = NULL; mCryptoProtocol = NULL;
return EFI_NOT_FOUND; return EFI_NOT_FOUND;

6
CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c
View File

@ -39,8 +39,8 @@ GetCryptoServices (
NULL, NULL,
(VOID **)&CryptoPpi (VOID **)&CryptoPpi
); );
if (EFI_ERROR (Status) || CryptoPpi == NULL) { if (EFI_ERROR (Status) || (CryptoPpi == NULL)) {
DEBUG((DEBUG_ERROR, "[PeiCryptLib] Failed to locate Crypto PPI. Status = %r\n", Status)); DEBUG ((DEBUG_ERROR, "[PeiCryptLib] Failed to locate Crypto PPI. Status = %r\n", Status));
ASSERT_EFI_ERROR (Status); ASSERT_EFI_ERROR (Status);
ASSERT (CryptoPpi != NULL); ASSERT (CryptoPpi != NULL);
return NULL; return NULL;
@ -48,7 +48,7 @@ GetCryptoServices (
Version = CryptoPpi->GetVersion (); Version = CryptoPpi->GetVersion ();
if (Version < EDKII_CRYPTO_VERSION) { if (Version < EDKII_CRYPTO_VERSION) {
DEBUG((DEBUG_ERROR, "[PeiCryptLib] Crypto PPI unsupported version %d\n", Version)); DEBUG ((DEBUG_ERROR, "[PeiCryptLib] Crypto PPI unsupported version %d\n", Version));
ASSERT (Version >= EDKII_CRYPTO_VERSION); ASSERT (Version >= EDKII_CRYPTO_VERSION);
return NULL; return NULL;
} }

6
CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c
View File

@ -59,8 +59,8 @@ SmmCryptLibConstructor (
NULL, NULL,
(VOID **)&mSmmCryptoProtocol (VOID **)&mSmmCryptoProtocol
); );
if (EFI_ERROR (Status) || mSmmCryptoProtocol == NULL) { if (EFI_ERROR (Status) || (mSmmCryptoProtocol == NULL)) {
DEBUG((DEBUG_ERROR, "[SmmCryptLib] Failed to locate Crypto SMM Protocol. Status = %r\n", Status)); DEBUG ((DEBUG_ERROR, "[SmmCryptLib] Failed to locate Crypto SMM Protocol. Status = %r\n", Status));
ASSERT_EFI_ERROR (Status); ASSERT_EFI_ERROR (Status);
ASSERT (mSmmCryptoProtocol != NULL); ASSERT (mSmmCryptoProtocol != NULL);
mSmmCryptoProtocol = NULL; mSmmCryptoProtocol = NULL;
@ -69,7 +69,7 @@ SmmCryptLibConstructor (
Version = mSmmCryptoProtocol->GetVersion (); Version = mSmmCryptoProtocol->GetVersion ();
if (Version < EDKII_CRYPTO_VERSION) { if (Version < EDKII_CRYPTO_VERSION) {
DEBUG((DEBUG_ERROR, "[SmmCryptLib] Crypto SMM Protocol unsupported version %d\n", Version)); DEBUG ((DEBUG_ERROR, "[SmmCryptLib] Crypto SMM Protocol unsupported version %d\n", Version));
ASSERT (Version >= EDKII_CRYPTO_VERSION); ASSERT (Version >= EDKII_CRYPTO_VERSION);
mSmmCryptoProtocol = NULL; mSmmCryptoProtocol = NULL;
return EFI_NOT_FOUND; return EFI_NOT_FOUND;

316
CryptoPkg/Library/Include/CrtLibSupport.h
View File

@ -39,30 +39,30 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
// define our own here. // define our own here.
// //
#ifdef CONFIG_HEADER_BN_H #ifdef CONFIG_HEADER_BN_H
#error CONFIG_HEADER_BN_H already defined #error CONFIG_HEADER_BN_H already defined
#endif #endif
#define CONFIG_HEADER_BN_H #define CONFIG_HEADER_BN_H
#if !defined(SIXTY_FOUR_BIT) && !defined (THIRTY_TWO_BIT) #if !defined (SIXTY_FOUR_BIT) && !defined (THIRTY_TWO_BIT)
#if defined(MDE_CPU_X64) || defined(MDE_CPU_AARCH64) || defined(MDE_CPU_IA64) || defined(MDE_CPU_RISCV64) #if defined (MDE_CPU_X64) || defined (MDE_CPU_AARCH64) || defined (MDE_CPU_IA64) || defined (MDE_CPU_RISCV64)
// //
// With GCC we would normally use SIXTY_FOUR_BIT_LONG, but MSVC needs // With GCC we would normally use SIXTY_FOUR_BIT_LONG, but MSVC needs
// SIXTY_FOUR_BIT, because 'long' is 32-bit and only 'long long' is // SIXTY_FOUR_BIT, because 'long' is 32-bit and only 'long long' is
// 64-bit. Since using 'long long' works fine on GCC too, just do that. // 64-bit. Since using 'long long' works fine on GCC too, just do that.
// //
#define SIXTY_FOUR_BIT #define SIXTY_FOUR_BIT
#elif defined(MDE_CPU_IA32) || defined(MDE_CPU_ARM) || defined(MDE_CPU_EBC) #elif defined (MDE_CPU_IA32) || defined (MDE_CPU_ARM) || defined (MDE_CPU_EBC)
#define THIRTY_TWO_BIT #define THIRTY_TWO_BIT
#else #else
#error Unknown target architecture #error Unknown target architecture
#endif #endif
#endif #endif
// //
// Map all va_xxxx elements to VA_xxx defined in MdePkg/Include/Base.h // Map all va_xxxx elements to VA_xxx defined in MdePkg/Include/Base.h
// //
#if !defined(__CC_ARM) // if va_list is not already defined #if !defined (__CC_ARM) // if va_list is not already defined
#define va_list VA_LIST #define va_list VA_LIST
#define va_arg VA_ARG #define va_arg VA_ARG
#define va_start VA_START #define va_start VA_START
@ -155,69 +155,261 @@ extern FILE *stderr;
// //
// Function prototypes of CRT Library routines // Function prototypes of CRT Library routines
// //
void *malloc (size_t); void *
void *realloc (void *, size_t); malloc (
void free (void *); size_t
void *memset (void *, int, size_t); );
int memcmp (const void *, const void *, size_t);
int isdigit (int); void *
int isspace (int); realloc (
int isxdigit (int); void *,
int isalnum (int); size_t
int isupper (int); );
int tolower (int);
int strcmp (const char *, const char *); void
int strncasecmp (const char *, const char *, size_t); free (
char *strchr (const char *, int); void *
char *strrchr (const char *, int); );
unsigned long strtoul (const char *, char **, int);
long strtol (const char *, char **, int); void *
char *strerror (int); memset (
size_t strspn (const char *, const char *); void *,
size_t strcspn (const char *, const char *); int,
int printf (const char *, ...); size_t
int sscanf (const char *, const char *, ...); );
FILE *fopen (const char *, const char *);
size_t fread (void *, size_t, size_t, FILE *); int
size_t fwrite (const void *, size_t, size_t, FILE *); memcmp (
int fclose (FILE *); const void *,
int fprintf (FILE *, const char *, ...); const void *,
time_t time (time_t *); size_t
struct tm *gmtime (const time_t *); );
uid_t getuid (void);
uid_t geteuid (void); int
gid_t getgid (void); isdigit (
gid_t getegid (void); int
int issetugid (void); );
void qsort (void *, size_t, size_t, int (*)(const void *, const void *));
char *getenv (const char *); int
char *secure_getenv (const char *); isspace (
#if defined(__GNUC__) && (__GNUC__ >= 2) int
void abort (void) __attribute__((__noreturn__)); );
int
isxdigit (
int
);
int
isalnum (
int
);
int
isupper (
int
);
int
tolower (
int
);
int
strcmp (
const char *,
const char *
);
int
strncasecmp (
const char *,
const char *,
size_t
);
char *
strchr (
const char *,
int
);
char *
strrchr (
const char *,
int
);
unsigned long
strtoul (
const char *,
char **,
int
);
long
strtol (
const char *,
char **,
int
);
char *
strerror (
int
);
size_t
strspn (
const char *,
const char *
);
size_t
strcspn (
const char *,
const char *
);
int
printf (
const char *,
...
);
int
sscanf (
const char *,
const char *,
...
);
FILE *
fopen (
const char *,
const char *
);
size_t
fread (
void *,
size_t,
size_t,
FILE *
);
size_t
fwrite (
const void *,
size_t,
size_t,
FILE *
);
int
fclose (
FILE *
);
int
fprintf (
FILE *,
const char *,
...
);
time_t
time (
time_t *
);
struct tm *
gmtime (
const time_t *
);
uid_t
getuid (
void
);
uid_t
geteuid (
void
);
gid_t
getgid (
void
);
gid_t
getegid (
void
);
int
issetugid (
void
);
void
qsort (
void *,
size_t,
size_t,
int (*)(const void *, const void *)
);
char *
getenv (
const char *
);
char *
secure_getenv (
const char *
);
#if defined (__GNUC__) && (__GNUC__ >= 2)
void
abort (
void
) __attribute__ ((__noreturn__));
#else #else
void abort (void); void
abort (
void
);
#endif #endif
int inet_pton (int, const char *, void *); int
inet_pton (
int,
const char *,
void *
);
// //
// Macros that directly map functions to BaseLib, BaseMemoryLib, and DebugLib functions // Macros that directly map functions to BaseLib, BaseMemoryLib, and DebugLib functions
// //
#define memcpy(dest,source,count) CopyMem(dest,source,(UINTN)(count)) #define memcpy(dest, source, count) CopyMem(dest,source,(UINTN)(count))
#define memset(dest,ch,count) SetMem(dest,(UINTN)(count),(UINT8)(ch)) #define memset(dest, ch, count) SetMem(dest,(UINTN)(count),(UINT8)(ch))
#define memchr(buf,ch,count) ScanMem8(buf,(UINTN)(count),(UINT8)ch) #define memchr(buf, ch, count) ScanMem8(buf,(UINTN)(count),(UINT8)ch)
#define memcmp(buf1,buf2,count) (int)(CompareMem(buf1,buf2,(UINTN)(count))) #define memcmp(buf1, buf2, count) (int)(CompareMem(buf1,buf2,(UINTN)(count)))
#define memmove(dest,source,count) CopyMem(dest,source,(UINTN)(count)) #define memmove(dest, source, count) CopyMem(dest,source,(UINTN)(count))
#define strlen(str) (size_t)(AsciiStrnLenS(str,MAX_STRING_SIZE)) #define strlen(str) (size_t)(AsciiStrnLenS(str,MAX_STRING_SIZE))
#define strcpy(strDest,strSource) AsciiStrCpyS(strDest,MAX_STRING_SIZE,strSource) #define strcpy(strDest, strSource) AsciiStrCpyS(strDest,MAX_STRING_SIZE,strSource)
#define strncpy(strDest,strSource,count) AsciiStrnCpyS(strDest,MAX_STRING_SIZE,strSource,(UINTN)count) #define strncpy(strDest, strSource, count) AsciiStrnCpyS(strDest,MAX_STRING_SIZE,strSource,(UINTN)count)
#define strcat(strDest,strSource) AsciiStrCatS(strDest,MAX_STRING_SIZE,strSource) #define strcat(strDest, strSource) AsciiStrCatS(strDest,MAX_STRING_SIZE,strSource)
#define strncmp(string1,string2,count) (int)(AsciiStrnCmp(string1,string2,(UINTN)(count))) #define strncmp(string1, string2, count) (int)(AsciiStrnCmp(string1,string2,(UINTN)(count)))
#define strcasecmp(str1,str2) (int)AsciiStriCmp(str1,str2) #define strcasecmp(str1, str2) (int)AsciiStriCmp(str1,str2)
#define sprintf(buf,...) AsciiSPrint(buf,MAX_STRING_SIZE,__VA_ARGS__) #define sprintf(buf, ...) AsciiSPrint(buf,MAX_STRING_SIZE,__VA_ARGS__)
#define localtime(timer) NULL #define localtime(timer) NULL
#define assert(expression) #define assert(expression)
#define offsetof(type,member) OFFSET_OF(type,member) #define offsetof(type, member) OFFSET_OF(type,member)
#define atoi(nptr) AsciiStrDecimalToUintn(nptr) #define atoi(nptr) AsciiStrDecimalToUintn(nptr)
#define gettimeofday(tvp,tz) do { (tvp)->tv_sec = time(NULL); (tvp)->tv_usec = 0; } while (0) #define gettimeofday(tvp, tz) do { (tvp)->tv_sec = time(NULL); (tvp)->tv_usec = 0; } while (0)
#endif #endif

7
CryptoPkg/Library/Include/crypto/dso_conf.h
View File

@ -1,5 +1,6 @@
/* WARNING: do not edit! */ /* WARNING: do not edit! */
/* Generated from include/crypto/dso_conf.h.in */ /* Generated from include/crypto/dso_conf.h.in */
/* /*
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
* *
@ -10,7 +11,7 @@
*/ */
#ifndef OSSL_CRYPTO_DSO_CONF_H #ifndef OSSL_CRYPTO_DSO_CONF_H
# define OSSL_CRYPTO_DSO_CONF_H #define OSSL_CRYPTO_DSO_CONF_H
# define DSO_NONE #define DSO_NONE
# define DSO_EXTENSION ".so" #define DSO_EXTENSION ".so"
#endif #endif

221
CryptoPkg/Library/Include/openssl/opensslconf.h
View File

@ -17,7 +17,7 @@ extern "C" {
#endif #endif
#ifdef OPENSSL_ALGORITHM_DEFINES #ifdef OPENSSL_ALGORITHM_DEFINES
# error OPENSSL_ALGORITHM_DEFINES no longer supported #error OPENSSL_ALGORITHM_DEFINES no longer supported
#endif #endif
/* /*
@ -25,227 +25,226 @@ extern "C" {
*/ */
#ifndef OPENSSL_SYS_UEFI #ifndef OPENSSL_SYS_UEFI
# define OPENSSL_SYS_UEFI 1 #define OPENSSL_SYS_UEFI 1
#endif #endif
#define OPENSSL_MIN_API 0x10100000L #define OPENSSL_MIN_API 0x10100000L
#ifndef OPENSSL_NO_BF #ifndef OPENSSL_NO_BF
# define OPENSSL_NO_BF #define OPENSSL_NO_BF
#endif #endif
#ifndef OPENSSL_NO_BLAKE2 #ifndef OPENSSL_NO_BLAKE2
# define OPENSSL_NO_BLAKE2 #define OPENSSL_NO_BLAKE2
#endif #endif
#ifndef OPENSSL_NO_CAMELLIA #ifndef OPENSSL_NO_CAMELLIA
# define OPENSSL_NO_CAMELLIA #define OPENSSL_NO_CAMELLIA
#endif #endif
#ifndef OPENSSL_NO_CAST #ifndef OPENSSL_NO_CAST
# define OPENSSL_NO_CAST #define OPENSSL_NO_CAST
#endif #endif
#ifndef OPENSSL_NO_CHACHA #ifndef OPENSSL_NO_CHACHA
# define OPENSSL_NO_CHACHA #define OPENSSL_NO_CHACHA
#endif #endif
#ifndef OPENSSL_NO_CMS #ifndef OPENSSL_NO_CMS
# define OPENSSL_NO_CMS #define OPENSSL_NO_CMS
#endif #endif
#ifndef OPENSSL_NO_CT #ifndef OPENSSL_NO_CT
# define OPENSSL_NO_CT #define OPENSSL_NO_CT
#endif #endif
#ifndef OPENSSL_NO_DES #ifndef OPENSSL_NO_DES
# define OPENSSL_NO_DES #define OPENSSL_NO_DES
#endif #endif
#ifndef OPENSSL_NO_DSA #ifndef OPENSSL_NO_DSA
# define OPENSSL_NO_DSA #define OPENSSL_NO_DSA
#endif #endif
#ifndef OPENSSL_NO_EC #ifndef OPENSSL_NO_EC
# define OPENSSL_NO_EC #define OPENSSL_NO_EC
#endif #endif
#ifndef OPENSSL_NO_IDEA #ifndef OPENSSL_NO_IDEA
# define OPENSSL_NO_IDEA #define OPENSSL_NO_IDEA
#endif #endif
#ifndef OPENSSL_NO_MD2 #ifndef OPENSSL_NO_MD2
# define OPENSSL_NO_MD2 #define OPENSSL_NO_MD2
#endif #endif
#ifndef OPENSSL_NO_MD4 #ifndef OPENSSL_NO_MD4
# define OPENSSL_NO_MD4 #define OPENSSL_NO_MD4
#endif #endif
#ifndef OPENSSL_NO_MDC2 #ifndef OPENSSL_NO_MDC2
# define OPENSSL_NO_MDC2 #define OPENSSL_NO_MDC2
#endif #endif
#ifndef OPENSSL_NO_POLY1305 #ifndef OPENSSL_NO_POLY1305
# define OPENSSL_NO_POLY1305 #define OPENSSL_NO_POLY1305
#endif #endif
#ifndef OPENSSL_NO_RC2 #ifndef OPENSSL_NO_RC2
# define OPENSSL_NO_RC2 #define OPENSSL_NO_RC2
#endif #endif
#ifndef OPENSSL_NO_RC4 #ifndef OPENSSL_NO_RC4
# define OPENSSL_NO_RC4 #define OPENSSL_NO_RC4
#endif #endif
#ifndef OPENSSL_NO_RC5 #ifndef OPENSSL_NO_RC5
# define OPENSSL_NO_RC5 #define OPENSSL_NO_RC5
#endif #endif
#ifndef OPENSSL_NO_RMD160 #ifndef OPENSSL_NO_RMD160
# define OPENSSL_NO_RMD160 #define OPENSSL_NO_RMD160
#endif #endif
#ifndef OPENSSL_NO_SEED #ifndef OPENSSL_NO_SEED
# define OPENSSL_NO_SEED #define OPENSSL_NO_SEED
#endif #endif
#ifndef OPENSSL_NO_SM2 #ifndef OPENSSL_NO_SM2
# define OPENSSL_NO_SM2 #define OPENSSL_NO_SM2
#endif #endif
#ifndef OPENSSL_NO_SRP #ifndef OPENSSL_NO_SRP
# define OPENSSL_NO_SRP #define OPENSSL_NO_SRP
#endif #endif
#ifndef OPENSSL_NO_TS #ifndef OPENSSL_NO_TS
# define OPENSSL_NO_TS #define OPENSSL_NO_TS
#endif #endif
#ifndef OPENSSL_NO_WHIRLPOOL #ifndef OPENSSL_NO_WHIRLPOOL
# define OPENSSL_NO_WHIRLPOOL #define OPENSSL_NO_WHIRLPOOL
#endif #endif
#ifndef OPENSSL_RAND_SEED_NONE #ifndef OPENSSL_RAND_SEED_NONE
# define OPENSSL_RAND_SEED_NONE #define OPENSSL_RAND_SEED_NONE
#endif #endif
#ifndef OPENSSL_NO_AFALGENG #ifndef OPENSSL_NO_AFALGENG
# define OPENSSL_NO_AFALGENG #define OPENSSL_NO_AFALGENG
#endif #endif
#ifndef OPENSSL_NO_APPS #ifndef OPENSSL_NO_APPS
# define OPENSSL_NO_APPS #define OPENSSL_NO_APPS
#endif #endif
#ifndef OPENSSL_NO_ASAN #ifndef OPENSSL_NO_ASAN
# define OPENSSL_NO_ASAN #define OPENSSL_NO_ASAN
#endif #endif
#ifndef OPENSSL_NO_ASYNC #ifndef OPENSSL_NO_ASYNC
# define OPENSSL_NO_ASYNC #define OPENSSL_NO_ASYNC
#endif #endif
#ifndef OPENSSL_NO_AUTOERRINIT #ifndef OPENSSL_NO_AUTOERRINIT
# define OPENSSL_NO_AUTOERRINIT #define OPENSSL_NO_AUTOERRINIT
#endif #endif
#ifndef OPENSSL_NO_AUTOLOAD_CONFIG #ifndef OPENSSL_NO_AUTOLOAD_CONFIG
# define OPENSSL_NO_AUTOLOAD_CONFIG #define OPENSSL_NO_AUTOLOAD_CONFIG
#endif #endif
#ifndef OPENSSL_NO_CAPIENG #ifndef OPENSSL_NO_CAPIENG
# define OPENSSL_NO_CAPIENG #define OPENSSL_NO_CAPIENG
#endif #endif
#ifndef OPENSSL_NO_CRYPTO_MDEBUG #ifndef OPENSSL_NO_CRYPTO_MDEBUG
# define OPENSSL_NO_CRYPTO_MDEBUG #define OPENSSL_NO_CRYPTO_MDEBUG
#endif #endif
#ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE #ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
# define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE #define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
#endif #endif
#ifndef OPENSSL_NO_DEPRECATED #ifndef OPENSSL_NO_DEPRECATED
# define OPENSSL_NO_DEPRECATED #define OPENSSL_NO_DEPRECATED
#endif #endif
#ifndef OPENSSL_NO_DEVCRYPTOENG #ifndef OPENSSL_NO_DEVCRYPTOENG
# define OPENSSL_NO_DEVCRYPTOENG #define OPENSSL_NO_DEVCRYPTOENG
#endif #endif
#ifndef OPENSSL_NO_DGRAM #ifndef OPENSSL_NO_DGRAM
# define OPENSSL_NO_DGRAM #define OPENSSL_NO_DGRAM
#endif #endif
#ifndef OPENSSL_NO_DTLS #ifndef OPENSSL_NO_DTLS
# define OPENSSL_NO_DTLS #define OPENSSL_NO_DTLS
#endif #endif
#ifndef OPENSSL_NO_DTLS1 #ifndef OPENSSL_NO_DTLS1
# define OPENSSL_NO_DTLS1 #define OPENSSL_NO_DTLS1
#endif #endif
#ifndef OPENSSL_NO_DTLS1_2 #ifndef OPENSSL_NO_DTLS1_2
# define OPENSSL_NO_DTLS1_2 #define OPENSSL_NO_DTLS1_2
#endif #endif
#ifndef OPENSSL_NO_EC2M #ifndef OPENSSL_NO_EC2M
# define OPENSSL_NO_EC2M #define OPENSSL_NO_EC2M
#endif #endif
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
# define OPENSSL_NO_EC_NISTP_64_GCC_128 #define OPENSSL_NO_EC_NISTP_64_GCC_128
#endif #endif
#ifndef OPENSSL_NO_ECDH #ifndef OPENSSL_NO_ECDH
# define OPENSSL_NO_ECDH #define OPENSSL_NO_ECDH
#endif #endif
#ifndef OPENSSL_NO_ECDSA #ifndef OPENSSL_NO_ECDSA
# define OPENSSL_NO_ECDSA #define OPENSSL_NO_ECDSA
#endif #endif
#ifndef OPENSSL_NO_EGD #ifndef OPENSSL_NO_EGD
# define OPENSSL_NO_EGD #define OPENSSL_NO_EGD
#endif #endif
#ifndef OPENSSL_NO_ENGINE #ifndef OPENSSL_NO_ENGINE
# define OPENSSL_NO_ENGINE #define OPENSSL_NO_ENGINE
#endif #endif
#ifndef OPENSSL_NO_ERR #ifndef OPENSSL_NO_ERR
# define OPENSSL_NO_ERR #define OPENSSL_NO_ERR
#endif #endif
#ifndef OPENSSL_NO_EXTERNAL_TESTS #ifndef OPENSSL_NO_EXTERNAL_TESTS
# define OPENSSL_NO_EXTERNAL_TESTS #define OPENSSL_NO_EXTERNAL_TESTS
#endif #endif
#ifndef OPENSSL_NO_FILENAMES #ifndef OPENSSL_NO_FILENAMES
# define OPENSSL_NO_FILENAMES #define OPENSSL_NO_FILENAMES
#endif #endif
#ifndef OPENSSL_NO_FUZZ_AFL #ifndef OPENSSL_NO_FUZZ_AFL
# define OPENSSL_NO_FUZZ_AFL #define OPENSSL_NO_FUZZ_AFL
#endif #endif
#ifndef OPENSSL_NO_FUZZ_LIBFUZZER #ifndef OPENSSL_NO_FUZZ_LIBFUZZER
# define OPENSSL_NO_FUZZ_LIBFUZZER #define OPENSSL_NO_FUZZ_LIBFUZZER
#endif #endif
#ifndef OPENSSL_NO_GOST #ifndef OPENSSL_NO_GOST
# define OPENSSL_NO_GOST #define OPENSSL_NO_GOST
#endif #endif
#ifndef OPENSSL_NO_HEARTBEATS #ifndef OPENSSL_NO_HEARTBEATS
# define OPENSSL_NO_HEARTBEATS #define OPENSSL_NO_HEARTBEATS
#endif #endif
#ifndef OPENSSL_NO_HW #ifndef OPENSSL_NO_HW
# define OPENSSL_NO_HW #define OPENSSL_NO_HW
#endif #endif
#ifndef OPENSSL_NO_MSAN #ifndef OPENSSL_NO_MSAN
# define OPENSSL_NO_MSAN #define OPENSSL_NO_MSAN
#endif #endif
#ifndef OPENSSL_NO_OCB #ifndef OPENSSL_NO_OCB
# define OPENSSL_NO_OCB #define OPENSSL_NO_OCB
#endif #endif
#ifndef OPENSSL_NO_POSIX_IO #ifndef OPENSSL_NO_POSIX_IO
# define OPENSSL_NO_POSIX_IO #define OPENSSL_NO_POSIX_IO
#endif #endif
#ifndef OPENSSL_NO_RFC3779 #ifndef OPENSSL_NO_RFC3779
# define OPENSSL_NO_RFC3779 #define OPENSSL_NO_RFC3779
#endif #endif
#ifndef OPENSSL_NO_SCRYPT #ifndef OPENSSL_NO_SCRYPT
# define OPENSSL_NO_SCRYPT #define OPENSSL_NO_SCRYPT
#endif #endif
#ifndef OPENSSL_NO_SCTP #ifndef OPENSSL_NO_SCTP
# define OPENSSL_NO_SCTP #define OPENSSL_NO_SCTP
#endif #endif
#ifndef OPENSSL_NO_SOCK #ifndef OPENSSL_NO_SOCK
# define OPENSSL_NO_SOCK #define OPENSSL_NO_SOCK
#endif #endif
#ifndef OPENSSL_NO_SSL_TRACE #ifndef OPENSSL_NO_SSL_TRACE
# define OPENSSL_NO_SSL_TRACE #define OPENSSL_NO_SSL_TRACE
#endif #endif
#ifndef OPENSSL_NO_SSL3 #ifndef OPENSSL_NO_SSL3
# define OPENSSL_NO_SSL3 #define OPENSSL_NO_SSL3
#endif #endif
#ifndef OPENSSL_NO_SSL3_METHOD #ifndef OPENSSL_NO_SSL3_METHOD
# define OPENSSL_NO_SSL3_METHOD #define OPENSSL_NO_SSL3_METHOD
#endif #endif
#ifndef OPENSSL_NO_STDIO #ifndef OPENSSL_NO_STDIO
# define OPENSSL_NO_STDIO #define OPENSSL_NO_STDIO
#endif #endif
#ifndef OPENSSL_NO_TESTS #ifndef OPENSSL_NO_TESTS
# define OPENSSL_NO_TESTS #define OPENSSL_NO_TESTS
#endif #endif
#ifndef OPENSSL_NO_TLS1_3 #ifndef OPENSSL_NO_TLS1_3
# define OPENSSL_NO_TLS1_3 #define OPENSSL_NO_TLS1_3
#endif #endif
#ifndef OPENSSL_NO_UBSAN #ifndef OPENSSL_NO_UBSAN
# define OPENSSL_NO_UBSAN #define OPENSSL_NO_UBSAN
#endif #endif
#ifndef OPENSSL_NO_UI_CONSOLE #ifndef OPENSSL_NO_UI_CONSOLE
# define OPENSSL_NO_UI_CONSOLE #define OPENSSL_NO_UI_CONSOLE
#endif #endif
#ifndef OPENSSL_NO_UNIT_TEST #ifndef OPENSSL_NO_UNIT_TEST
# define OPENSSL_NO_UNIT_TEST #define OPENSSL_NO_UNIT_TEST
#endif #endif
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
# define OPENSSL_NO_WEAK_SSL_CIPHERS #define OPENSSL_NO_WEAK_SSL_CIPHERS
#endif #endif
#ifndef OPENSSL_NO_DYNAMIC_ENGINE #ifndef OPENSSL_NO_DYNAMIC_ENGINE
# define OPENSSL_NO_DYNAMIC_ENGINE #define OPENSSL_NO_DYNAMIC_ENGINE
#endif #endif
/* /*
* Sometimes OPENSSSL_NO_xxx ends up with an empty file and some compilers * Sometimes OPENSSSL_NO_xxx ends up with an empty file and some compilers
* don't like that. This will hopefully silence them. * don't like that. This will hopefully silence them.
@ -259,37 +258,37 @@ extern "C" {
* functions. * functions.
*/ */
#ifndef DECLARE_DEPRECATED #ifndef DECLARE_DEPRECATED
# define DECLARE_DEPRECATED(f) f; #define DECLARE_DEPRECATED(f) f;
# ifdef __GNUC__ #ifdef __GNUC__
# if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0) #if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
# undef DECLARE_DEPRECATED #undef DECLARE_DEPRECATED
# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
# endif
#elif defined(__SUNPRO_C)
#if (__SUNPRO_C >= 0x5130)
#undef DECLARE_DEPRECATED
#define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); #define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
#endif #endif
# endif #elif defined (__SUNPRO_C)
#if (__SUNPRO_C >= 0x5130)
#undef DECLARE_DEPRECATED
#define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
#endif
#endif
#endif #endif
#ifndef OPENSSL_FILE #ifndef OPENSSL_FILE
# ifdef OPENSSL_NO_FILENAMES #ifdef OPENSSL_NO_FILENAMES
# define OPENSSL_FILE "" #define OPENSSL_FILE ""
# define OPENSSL_LINE 0 #define OPENSSL_LINE 0
# else #else
# define OPENSSL_FILE __FILE__ #define OPENSSL_FILE __FILE__
# define OPENSSL_LINE __LINE__ #define OPENSSL_LINE __LINE__
# endif #endif
#endif #endif
#ifndef OPENSSL_MIN_API #ifndef OPENSSL_MIN_API
# define OPENSSL_MIN_API 0 #define OPENSSL_MIN_API 0
#endif #endif
#if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < OPENSSL_MIN_API #if !defined (OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < OPENSSL_MIN_API
# undef OPENSSL_API_COMPAT #undef OPENSSL_API_COMPAT
# define OPENSSL_API_COMPAT OPENSSL_MIN_API #define OPENSSL_API_COMPAT OPENSSL_MIN_API
#endif #endif
/* /*
@ -297,29 +296,29 @@ extern "C" {
* OpenSSL version number matches. * OpenSSL version number matches.
*/ */
#if OPENSSL_VERSION_NUMBER < 0x10200000L #if OPENSSL_VERSION_NUMBER < 0x10200000L
# define DEPRECATEDIN_1_2_0(f) f; #define DEPRECATEDIN_1_2_0(f) f;
#elif OPENSSL_API_COMPAT < 0x10200000L #elif OPENSSL_API_COMPAT < 0x10200000L
# define DEPRECATEDIN_1_2_0(f) DECLARE_DEPRECATED(f) #define DEPRECATEDIN_1_2_0(f) DECLARE_DEPRECATED(f)
#else #else
# define DEPRECATEDIN_1_2_0(f) #define DEPRECATEDIN_1_2_0(f)
#endif #endif
#if OPENSSL_API_COMPAT < 0x10100000L #if OPENSSL_API_COMPAT < 0x10100000L
# define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f) #define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f)
#else #else
# define DEPRECATEDIN_1_1_0(f) #define DEPRECATEDIN_1_1_0(f)
#endif #endif
#if OPENSSL_API_COMPAT < 0x10000000L #if OPENSSL_API_COMPAT < 0x10000000L
# define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f) #define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f)
#else #else
# define DEPRECATEDIN_1_0_0(f) #define DEPRECATEDIN_1_0_0(f)
#endif #endif
#if OPENSSL_API_COMPAT < 0x00908000L #if OPENSSL_API_COMPAT < 0x00908000L
# define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f) #define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f)
#else #else
# define DEPRECATEDIN_0_9_8(f) #define DEPRECATEDIN_0_9_8(f)
#endif #endif
/* Generate 80386 code? */ /* Generate 80386 code? */
@ -333,12 +332,12 @@ extern "C" {
/* /*
* The following are cipher-specific, but are part of the public API. * The following are cipher-specific, but are part of the public API.
*/ */
#if !defined(OPENSSL_SYS_UEFI) #if !defined (OPENSSL_SYS_UEFI)
# undef BN_LLONG #undef BN_LLONG
/* Only one for the following should be defined */ /* Only one for the following should be defined */
# undef SIXTY_FOUR_BIT_LONG #undef SIXTY_FOUR_BIT_LONG
# undef SIXTY_FOUR_BIT #undef SIXTY_FOUR_BIT
# define THIRTY_TWO_BIT #define THIRTY_TWO_BIT
#endif #endif
#define RC4_INT unsigned int #define RC4_INT unsigned int

1
CryptoPkg/Library/Include/sys/syscall.h
View File

@ -8,4 +8,3 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
#include <CrtLibSupport.h> #include <CrtLibSupport.h>

29
CryptoPkg/Library/IntrinsicLib/CopyMem.c
View File

@ -10,21 +10,38 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Base.h> #include <Base.h>
#include <Library/BaseMemoryLib.h> #include <Library/BaseMemoryLib.h>
#if defined(__clang__) && !defined(__APPLE__) #if defined (__clang__) && !defined (__APPLE__)
/* Copies bytes between buffers */ /* Copies bytes between buffers */
static __attribute__((__used__)) static __attribute__ ((__used__))
void * __memcpy (void *dest, const void *src, unsigned int count) void *
__memcpy (
void *dest,
const void *src,
unsigned int count
)
{ {
return CopyMem (dest, src, (UINTN)count); return CopyMem (dest, src, (UINTN)count);
} }
__attribute__((__alias__("__memcpy")))
void * memcpy (void *dest, const void *src, unsigned int count); __attribute__ ((__alias__ ("__memcpy")))
void *
memcpy (
void *dest,
const void *src,
unsigned int count
);
#else #else
/* Copies bytes between buffers */ /* Copies bytes between buffers */
void * memcpy (void *dest, const void *src, unsigned int count) void *
memcpy (
void *dest,
const void *src,
unsigned int count
)
{ {
return CopyMem (dest, src, (UINTN)count); return CopyMem (dest, src, (UINTN)count);
} }
#endif #endif

5
CryptoPkg/Library/IntrinsicLib/Ia32/MathFtol.c
View File

@ -11,7 +11,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
/* /*
* Floating point to integer conversion. * Floating point to integer conversion.
*/ */
__declspec(naked) void _ftol2 (void) __declspec(naked) void
_ftol2 (
void
)
{ {
_asm { _asm {
fistp qword ptr [esp-8] fistp qword ptr [esp-8]

7
CryptoPkg/Library/IntrinsicLib/Ia32/MathLShiftS64.c
View File

@ -8,16 +8,19 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
/* /*
* Shifts a 64-bit signed value left by a particular number of bits. * Shifts a 64-bit signed value left by a particular number of bits.
*/ */
__declspec(naked) void __cdecl _allshl (void) __declspec(naked) void __cdecl
_allshl (
void
)
{ {
_asm { _asm {
; ;
; Handle shifting of 64 or more bits (return 0) ; Handle shifting of 64 or more bits (return 0)
; ;
cmp cl, 64 cmp cl, 64
jae short ReturnZero jae short ReturnZero

7
CryptoPkg/Library/IntrinsicLib/Ia32/MathRShiftU64.c
View File

@ -8,11 +8,13 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
/* /*
* Shifts a 64-bit unsigned value right by a certain number of bits. * Shifts a 64-bit unsigned value right by a certain number of bits.
*/ */
__declspec(naked) void __cdecl _aullshr (void) __declspec(naked) void __cdecl
_aullshr (
void
)
{ {
_asm { _asm {
; ;
@ -43,6 +45,7 @@ More32:
; ;
; Invalid number (less then 32bits), return 0 ; Invalid number (less then 32bits), return 0
; ;
_Exit: _Exit:
xor eax, eax xor eax, eax
xor edx, edx xor edx, edx

30
CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c
View File

@ -13,10 +13,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
typedef UINTN size_t; typedef UINTN size_t;
#if defined(__GNUC__) || defined(__clang__) #if defined (__GNUC__) || defined (__clang__)
#define GLOBAL_USED __attribute__((used)) #define GLOBAL_USED __attribute__((used))
#else #else
#define GLOBAL_USED #define GLOBAL_USED
#endif #endif
/* OpenSSL will use floating point support, and C compiler produces the _fltused /* OpenSSL will use floating point support, and C compiler produces the _fltused
@ -24,7 +24,12 @@ typedef UINTN size_t;
int GLOBAL_USED _fltused = 1; int GLOBAL_USED _fltused = 1;
/* Sets buffers to a specified character */ /* Sets buffers to a specified character */
void * memset (void *dest, int ch, size_t count) void *
memset (
void *dest,
int ch,
size_t count
)
{ {
// //
// NOTE: Here we use one base implementation for memset, instead of the direct // NOTE: Here we use one base implementation for memset, instead of the direct
@ -49,12 +54,21 @@ void * memset (void *dest, int ch, size_t count)
} }
/* Compare bytes in two buffers. */ /* Compare bytes in two buffers. */
int memcmp (const void *buf1, const void *buf2, size_t count) int
memcmp (
const void *buf1,
const void *buf2,
size_t count
)
{ {
return (int)CompareMem(buf1, buf2, count); return (int)CompareMem (buf1, buf2, count);
} }
int strcmp (const char *s1, const char *s2) int
strcmp (
const char *s1,
const char *s2
)
{ {
return (int)AsciiStrCmp(s1, s2); return (int)AsciiStrCmp (s1, s2);
} }

2
CryptoPkg/Library/OpensslLib/OpensslLibConstructor.c
View File

@ -8,7 +8,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Uefi.h> #include <Uefi.h>
/** /**
An internal OpenSSL function which fetches a local copy of the hardware An internal OpenSSL function which fetches a local copy of the hardware
capability flags. capability flags.
@ -41,4 +40,3 @@ OpensslLibConstructor (
return EFI_SUCCESS; return EFI_SUCCESS;
} }

3
CryptoPkg/Library/OpensslLib/X64/ApiHooks.c
View File

@ -14,9 +14,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
VOID * VOID *
__imp_RtlVirtualUnwind ( __imp_RtlVirtualUnwind (
VOID * Args VOID *Args
) )
{ {
return NULL; return NULL;
} }

2
CryptoPkg/Library/OpensslLib/buildinf.h
View File

@ -1,4 +1,4 @@
#define PLATFORM "UEFI" #define PLATFORM "UEFI"
#define DATE "Fri Dec 22 01:23:45 PDT 2017" #define DATE "Fri Dec 22 01:23:45 PDT 2017"
const char * compiler_flags = "compiler: information not available from edk2"; const char *compiler_flags = "compiler: information not available from edk2";

6
CryptoPkg/Library/OpensslLib/ossl_store.c
View File

@ -11,7 +11,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
* *
* Dummy Implement for UEFI * Dummy Implement for UEFI
*/ */
void ossl_store_cleanup_int(void) void
ossl_store_cleanup_int (
void
)
{ {
} }

24
CryptoPkg/Library/OpensslLib/rand_pool.c
View File

@ -39,12 +39,11 @@ RandGetBytes (
Ret = FALSE; Ret = FALSE;
if (RandBuffer == NULL) { if (RandBuffer == NULL) {
DEBUG((DEBUG_ERROR, "[OPENSSL_RAND_POOL] NULL RandBuffer. No random numbers are generated and your system is not secure\n")); DEBUG ((DEBUG_ERROR, "[OPENSSL_RAND_POOL] NULL RandBuffer. No random numbers are generated and your system is not secure\n"));
ASSERT (RandBuffer != NULL); // Since we can't generate random numbers, we should assert. Otherwise we will just blow up later. ASSERT (RandBuffer != NULL); // Since we can't generate random numbers, we should assert. Otherwise we will just blow up later.
return Ret; return Ret;
} }
while (Length > 0) { while (Length > 0) {
// Use RngLib to get random number // Use RngLib to get random number
Ret = GetRandomNumber64 (&TempRand); Ret = GetRandomNumber64 (&TempRand);
@ -52,12 +51,12 @@ RandGetBytes (
if (!Ret) { if (!Ret) {
return Ret; return Ret;
} }
if (Length >= sizeof (TempRand)) { if (Length >= sizeof (TempRand)) {
*((UINT64*) RandBuffer) = TempRand; *((UINT64 *)RandBuffer) = TempRand;
RandBuffer += sizeof (UINT64); RandBuffer += sizeof (UINT64);
Length -= sizeof (TempRand); Length -= sizeof (TempRand);
} } else {
else {
CopyMem (RandBuffer, &TempRand, Length); CopyMem (RandBuffer, &TempRand, Length);
Length = 0; Length = 0;
} }
@ -91,8 +90,7 @@ rand_pool_acquire_entropy (
Ret = RandGetBytes (Bytes_needed, Buffer); Ret = RandGetBytes (Bytes_needed, Buffer);
if (FALSE == Ret) { if (FALSE == Ret) {
rand_pool_add_end (pool, 0, 0); rand_pool_add_end (pool, 0, 0);
} } else {
else {
rand_pool_add_end (pool, Bytes_needed, 8 * Bytes_needed); rand_pool_add_end (pool, Bytes_needed, 8 * Bytes_needed);
} }
} }
@ -112,9 +110,10 @@ rand_pool_add_nonce_data (
) )
{ {
UINT8 data[16]; UINT8 data[16];
RandGetBytes (sizeof(data), data);
return rand_pool_add (pool, (unsigned char*)&data, sizeof(data), 0); RandGetBytes (sizeof (data), data);
return rand_pool_add (pool, (unsigned char *)&data, sizeof (data), 0);
} }
/* /*
@ -128,9 +127,10 @@ rand_pool_add_additional_data (
) )
{ {
UINT8 data[16]; UINT8 data[16];
RandGetBytes (sizeof(data), data);
return rand_pool_add (pool, (unsigned char*)&data, sizeof(data), 0); RandGetBytes (sizeof (data), data);
return rand_pool_add (pool, (unsigned char *)&data, sizeof (data), 0);
} }
/* /*
@ -152,7 +152,7 @@ rand_pool_init (
* This is OpenSSL required interface. * This is OpenSSL required interface.
*/ */
VOID VOID
rand_pool_cleanup( rand_pool_cleanup (
VOID VOID
) )
{ {

1
CryptoPkg/Library/TlsLib/InternalTlsLib.h
View File

@ -38,4 +38,3 @@ typedef struct {
} TLS_CONNECTION; } TLS_CONNECTION;
#endif #endif

212
CryptoPkg/Library/TlsLib/TlsConfig.c
View File

@ -39,29 +39,29 @@ typedef struct {
// Keep the table uniquely sorted by the IanaCipher field, in increasing order. // Keep the table uniquely sorted by the IanaCipher field, in increasing order.
// //
STATIC CONST TLS_CIPHER_MAPPING TlsCipherMappingTable[] = { STATIC CONST TLS_CIPHER_MAPPING TlsCipherMappingTable[] = {
MAP ( 0x0001, "NULL-MD5" ), /// TLS_RSA_WITH_NULL_MD5 MAP (0x0001, "NULL-MD5"), /// TLS_RSA_WITH_NULL_MD5
MAP ( 0x0002, "NULL-SHA" ), /// TLS_RSA_WITH_NULL_SHA MAP (0x0002, "NULL-SHA"), /// TLS_RSA_WITH_NULL_SHA
MAP ( 0x0004, "RC4-MD5" ), /// TLS_RSA_WITH_RC4_128_MD5 MAP (0x0004, "RC4-MD5"), /// TLS_RSA_WITH_RC4_128_MD5
MAP ( 0x0005, "RC4-SHA" ), /// TLS_RSA_WITH_RC4_128_SHA MAP (0x0005, "RC4-SHA"), /// TLS_RSA_WITH_RC4_128_SHA
MAP ( 0x000A, "DES-CBC3-SHA" ), /// TLS_RSA_WITH_3DES_EDE_CBC_SHA, mandatory TLS 1.1 MAP (0x000A, "DES-CBC3-SHA"), /// TLS_RSA_WITH_3DES_EDE_CBC_SHA, mandatory TLS 1.1
MAP ( 0x0016, "DHE-RSA-DES-CBC3-SHA" ), /// TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA MAP (0x0016, "DHE-RSA-DES-CBC3-SHA"), /// TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
MAP ( 0x002F, "AES128-SHA" ), /// TLS_RSA_WITH_AES_128_CBC_SHA, mandatory TLS 1.2 MAP (0x002F, "AES128-SHA"), /// TLS_RSA_WITH_AES_128_CBC_SHA, mandatory TLS 1.2
MAP ( 0x0030, "DH-DSS-AES128-SHA" ), /// TLS_DH_DSS_WITH_AES_128_CBC_SHA MAP (0x0030, "DH-DSS-AES128-SHA"), /// TLS_DH_DSS_WITH_AES_128_CBC_SHA
MAP ( 0x0031, "DH-RSA-AES128-SHA" ), /// TLS_DH_RSA_WITH_AES_128_CBC_SHA MAP (0x0031, "DH-RSA-AES128-SHA"), /// TLS_DH_RSA_WITH_AES_128_CBC_SHA
MAP ( 0x0033, "DHE-RSA-AES128-SHA" ), /// TLS_DHE_RSA_WITH_AES_128_CBC_SHA MAP (0x0033, "DHE-RSA-AES128-SHA"), /// TLS_DHE_RSA_WITH_AES_128_CBC_SHA
MAP ( 0x0035, "AES256-SHA" ), /// TLS_RSA_WITH_AES_256_CBC_SHA MAP (0x0035, "AES256-SHA"), /// TLS_RSA_WITH_AES_256_CBC_SHA
MAP ( 0x0036, "DH-DSS-AES256-SHA" ), /// TLS_DH_DSS_WITH_AES_256_CBC_SHA MAP (0x0036, "DH-DSS-AES256-SHA"), /// TLS_DH_DSS_WITH_AES_256_CBC_SHA
MAP ( 0x0037, "DH-RSA-AES256-SHA" ), /// TLS_DH_RSA_WITH_AES_256_CBC_SHA MAP (0x0037, "DH-RSA-AES256-SHA"), /// TLS_DH_RSA_WITH_AES_256_CBC_SHA
MAP ( 0x0039, "DHE-RSA-AES256-SHA" ), /// TLS_DHE_RSA_WITH_AES_256_CBC_SHA MAP (0x0039, "DHE-RSA-AES256-SHA"), /// TLS_DHE_RSA_WITH_AES_256_CBC_SHA
MAP ( 0x003B, "NULL-SHA256" ), /// TLS_RSA_WITH_NULL_SHA256 MAP (0x003B, "NULL-SHA256"), /// TLS_RSA_WITH_NULL_SHA256
MAP ( 0x003C, "AES128-SHA256" ), /// TLS_RSA_WITH_AES_128_CBC_SHA256 MAP (0x003C, "AES128-SHA256"), /// TLS_RSA_WITH_AES_128_CBC_SHA256
MAP ( 0x003D, "AES256-SHA256" ), /// TLS_RSA_WITH_AES_256_CBC_SHA256 MAP (0x003D, "AES256-SHA256"), /// TLS_RSA_WITH_AES_256_CBC_SHA256
MAP ( 0x003E, "DH-DSS-AES128-SHA256" ), /// TLS_DH_DSS_WITH_AES_128_CBC_SHA256 MAP (0x003E, "DH-DSS-AES128-SHA256"), /// TLS_DH_DSS_WITH_AES_128_CBC_SHA256
MAP ( 0x003F, "DH-RSA-AES128-SHA256" ), /// TLS_DH_RSA_WITH_AES_128_CBC_SHA256 MAP (0x003F, "DH-RSA-AES128-SHA256"), /// TLS_DH_RSA_WITH_AES_128_CBC_SHA256
MAP ( 0x0067, "DHE-RSA-AES128-SHA256" ), /// TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 MAP (0x0067, "DHE-RSA-AES128-SHA256"), /// TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
MAP ( 0x0068, "DH-DSS-AES256-SHA256" ), /// TLS_DH_DSS_WITH_AES_256_CBC_SHA256 MAP (0x0068, "DH-DSS-AES256-SHA256"), /// TLS_DH_DSS_WITH_AES_256_CBC_SHA256
MAP ( 0x0069, "DH-RSA-AES256-SHA256" ), /// TLS_DH_RSA_WITH_AES_256_CBC_SHA256 MAP (0x0069, "DH-RSA-AES256-SHA256"), /// TLS_DH_RSA_WITH_AES_256_CBC_SHA256
MAP ( 0x006B, "DHE-RSA-AES256-SHA256" ), /// TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 MAP (0x006B, "DHE-RSA-AES256-SHA256"), /// TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
}; };
/** /**
@ -138,7 +138,7 @@ TlsSetVersion (
UINT16 ProtoVersion; UINT16 ProtoVersion;
TlsConn = (TLS_CONNECTION *)Tls; TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
@ -176,7 +176,7 @@ TlsSetVersion (
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
return EFI_SUCCESS;; return EFI_SUCCESS;
} }
/** /**
@ -201,8 +201,8 @@ TlsSetConnectionEnd (
{ {
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
@ -216,7 +216,7 @@ TlsSetConnectionEnd (
// Set TLS to work in Server mode. // Set TLS to work in Server mode.
// It is unsupported for UEFI version currently. // It is unsupported for UEFI version currently.
// //
//SSL_set_accept_state (TlsConn->Ssl); // SSL_set_accept_state (TlsConn->Ssl);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -260,8 +260,8 @@ TlsSetCipherList (
CHAR8 *CipherString; CHAR8 *CipherString;
CHAR8 *CipherStringPosition; CHAR8 *CipherStringPosition;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL || CipherId == NULL) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (CipherId == NULL)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
@ -269,11 +269,15 @@ TlsSetCipherList (
// Allocate the MappedCipher array for recording the mappings that we find // Allocate the MappedCipher array for recording the mappings that we find
// for the input IANA identifiers in CipherId. // for the input IANA identifiers in CipherId.
// //
Status = SafeUintnMult (CipherNum, sizeof (*MappedCipher), Status = SafeUintnMult (
&MappedCipherBytes); CipherNum,
sizeof (*MappedCipher),
&MappedCipherBytes
);
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
return EFI_OUT_OF_RESOURCES; return EFI_OUT_OF_RESOURCES;
} }
MappedCipher = AllocatePool (MappedCipherBytes); MappedCipher = AllocatePool (MappedCipherBytes);
if (MappedCipher == NULL) { if (MappedCipher == NULL) {
return EFI_OUT_OF_RESOURCES; return EFI_OUT_OF_RESOURCES;
@ -291,8 +295,13 @@ TlsSetCipherList (
// //
Mapping = TlsGetCipherMapping (CipherId[Index]); Mapping = TlsGetCipherMapping (CipherId[Index]);
if (Mapping == NULL) { if (Mapping == NULL) {
DEBUG ((DEBUG_VERBOSE, "%a:%a: skipping CipherId=0x%04x\n", DEBUG ((
gEfiCallerBaseName, __FUNCTION__, CipherId[Index])); DEBUG_VERBOSE,
"%a:%a: skipping CipherId=0x%04x\n",
gEfiCallerBaseName,
__FUNCTION__,
CipherId[Index]
));
// //
// Skipping the cipher is valid because CipherId is an ordered // Skipping the cipher is valid because CipherId is an ordered
// preference list of ciphers, thus we can filter it as long as we // preference list of ciphers, thus we can filter it as long as we
@ -300,6 +309,7 @@ TlsSetCipherList (
// //
continue; continue;
} }
// //
// Accumulate Mapping->OpensslCipherLength into CipherStringSize. If this // Accumulate Mapping->OpensslCipherLength into CipherStringSize. If this
// is not the first successful mapping, account for a colon (":") prefix // is not the first successful mapping, account for a colon (":") prefix
@ -312,12 +322,17 @@ TlsSetCipherList (
goto FreeMappedCipher; goto FreeMappedCipher;
} }
} }
Status = SafeUintnAdd (CipherStringSize, Mapping->OpensslCipherLength,
&CipherStringSize); Status = SafeUintnAdd (
CipherStringSize,
Mapping->OpensslCipherLength,
&CipherStringSize
);
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
Status = EFI_OUT_OF_RESOURCES; Status = EFI_OUT_OF_RESOURCES;
goto FreeMappedCipher; goto FreeMappedCipher;
} }
// //
// Record the mapping. // Record the mapping.
// //
@ -329,16 +344,22 @@ TlsSetCipherList (
// terminating NUL character in CipherStringSize; allocate CipherString. // terminating NUL character in CipherStringSize; allocate CipherString.
// //
if (MappedCipherCount == 0) { if (MappedCipherCount == 0) {
DEBUG ((DEBUG_ERROR, "%a:%a: no CipherId could be mapped\n", DEBUG ((
gEfiCallerBaseName, __FUNCTION__)); DEBUG_ERROR,
"%a:%a: no CipherId could be mapped\n",
gEfiCallerBaseName,
__FUNCTION__
));
Status = EFI_UNSUPPORTED; Status = EFI_UNSUPPORTED;
goto FreeMappedCipher; goto FreeMappedCipher;
} }
Status = SafeUintnAdd (CipherStringSize, 1, &CipherStringSize); Status = SafeUintnAdd (CipherStringSize, 1, &CipherStringSize);
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
Status = EFI_OUT_OF_RESOURCES; Status = EFI_OUT_OF_RESOURCES;
goto FreeMappedCipher; goto FreeMappedCipher;
} }
CipherString = AllocatePool (CipherStringSize); CipherString = AllocatePool (CipherStringSize);
if (CipherString == NULL) { if (CipherString == NULL) {
Status = EFI_OUT_OF_RESOURCES; Status = EFI_OUT_OF_RESOURCES;
@ -358,8 +379,12 @@ TlsSetCipherList (
if (Index > 0) { if (Index > 0) {
*(CipherStringPosition++) = ':'; *(CipherStringPosition++) = ':';
} }
CopyMem (CipherStringPosition, Mapping->OpensslCipher,
Mapping->OpensslCipherLength); CopyMem (
CipherStringPosition,
Mapping->OpensslCipher,
Mapping->OpensslCipherLength
);
CipherStringPosition += Mapping->OpensslCipherLength; CipherStringPosition += Mapping->OpensslCipherLength;
} }
@ -380,17 +405,24 @@ TlsSetCipherList (
UINTN SegmentLength; UINTN SegmentLength;
FullLength = CipherStringSize - 1; FullLength = CipherStringSize - 1;
DEBUG ((DEBUG_VERBOSE, "%a:%a: CipherString={\n", gEfiCallerBaseName, DEBUG ((
__FUNCTION__)); DEBUG_VERBOSE,
"%a:%a: CipherString={\n",
gEfiCallerBaseName,
__FUNCTION__
));
for (CipherStringPosition = CipherString; for (CipherStringPosition = CipherString;
CipherStringPosition < CipherString + FullLength; CipherStringPosition < CipherString + FullLength;
CipherStringPosition += SegmentLength) { CipherStringPosition += SegmentLength)
{
SegmentLength = FullLength - (CipherStringPosition - CipherString); SegmentLength = FullLength - (CipherStringPosition - CipherString);
if (SegmentLength > 79) { if (SegmentLength > 79) {
SegmentLength = 79; SegmentLength = 79;
} }
DEBUG ((DEBUG_VERBOSE, "%.*a\n", SegmentLength, CipherStringPosition)); DEBUG ((DEBUG_VERBOSE, "%.*a\n", SegmentLength, CipherStringPosition));
} }
DEBUG ((DEBUG_VERBOSE, "}\n")); DEBUG ((DEBUG_VERBOSE, "}\n"));
// //
// Restore the pre-debug value of CipherStringPosition by skipping over the // Restore the pre-debug value of CipherStringPosition by skipping over the
@ -451,7 +483,7 @@ TlsSetCompressionMethod (
// //
return EFI_SUCCESS; return EFI_SUCCESS;
} else if (CompMethod == 1) { } else if (CompMethod == 1) {
Cm = COMP_zlib(); Cm = COMP_zlib ();
} else { } else {
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -486,8 +518,8 @@ TlsSetVerify (
{ {
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
return; return;
} }
@ -523,12 +555,12 @@ TlsSetVerifyHost (
UINT8 BinaryAddress[MAX (NS_INADDRSZ, NS_IN6ADDRSZ)]; UINT8 BinaryAddress[MAX (NS_INADDRSZ, NS_IN6ADDRSZ)];
INTN ParamStatus; INTN ParamStatus;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL || HostName == NULL) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (HostName == NULL)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
SSL_set_hostflags(TlsConn->Ssl, Flags); SSL_set_hostflags (TlsConn->Ssl, Flags);
VerifyParam = SSL_get0_param (TlsConn->Ssl); VerifyParam = SSL_get0_param (TlsConn->Ssl);
ASSERT (VerifyParam != NULL); ASSERT (VerifyParam != NULL);
@ -541,11 +573,20 @@ TlsSetVerifyHost (
} }
if (BinaryAddressSize > 0) { if (BinaryAddressSize > 0) {
DEBUG ((DEBUG_VERBOSE, "%a:%a: parsed \"%a\" as an IPv%c address " DEBUG ((
"literal\n", gEfiCallerBaseName, __FUNCTION__, HostName, DEBUG_VERBOSE,
(UINTN)((BinaryAddressSize == NS_IN6ADDRSZ) ? '6' : '4'))); "%a:%a: parsed \"%a\" as an IPv%c address "
ParamStatus = X509_VERIFY_PARAM_set1_ip (VerifyParam, BinaryAddress, "literal\n",
BinaryAddressSize); gEfiCallerBaseName,
__FUNCTION__,
HostName,
(UINTN)((BinaryAddressSize == NS_IN6ADDRSZ) ? '6' : '4')
));
ParamStatus = X509_VERIFY_PARAM_set1_ip (
VerifyParam,
BinaryAddress,
BinaryAddressSize
);
} else { } else {
ParamStatus = X509_VERIFY_PARAM_set1_host (VerifyParam, HostName, 0); ParamStatus = X509_VERIFY_PARAM_set1_host (VerifyParam, HostName, 0);
} }
@ -579,10 +620,10 @@ TlsSetSessionId (
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
SSL_SESSION *Session; SSL_SESSION *Session;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
Session = NULL; Session = NULL;
if (TlsConn == NULL || TlsConn->Ssl == NULL || SessionId == NULL) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (SessionId == NULL)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
@ -634,10 +675,10 @@ TlsSetCaCertificate (
Cert = NULL; Cert = NULL;
X509Store = NULL; X509Store = NULL;
Status = EFI_SUCCESS; Status = EFI_SUCCESS;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
Ret = 0; Ret = 0;
if (TlsConn == NULL || TlsConn->Ssl == NULL || Data == NULL || DataSize == 0) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (Data == NULL) || (DataSize == 0)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
@ -645,7 +686,7 @@ TlsSetCaCertificate (
// DER-encoded binary X.509 certificate or PEM-encoded X.509 certificate. // DER-encoded binary X.509 certificate or PEM-encoded X.509 certificate.
// Determine whether certificate is from DER encoding, if so, translate it to X509 structure. // Determine whether certificate is from DER encoding, if so, translate it to X509 structure.
// //
Cert = d2i_X509 (NULL, (const unsigned char ** )&Data, (long) DataSize); Cert = d2i_X509 (NULL, (const unsigned char **)&Data, (long)DataSize);
if (Cert == NULL) { if (Cert == NULL) {
// //
// Certificate is from PEM encoding. // Certificate is from PEM encoding.
@ -656,7 +697,7 @@ TlsSetCaCertificate (
goto ON_EXIT; goto ON_EXIT;
} }
if (BIO_write (BioCert, Data, (UINT32) DataSize) <= 0) { if (BIO_write (BioCert, Data, (UINT32)DataSize) <= 0) {
Status = EFI_ABORTED; Status = EFI_ABORTED;
goto ON_EXIT; goto ON_EXIT;
} }
@ -684,8 +725,9 @@ TlsSetCaCertificate (
// //
// Ignore "already in table" errors // Ignore "already in table" errors
// //
if (!(ERR_GET_FUNC (ErrorCode) == X509_F_X509_STORE_ADD_CERT && if (!((ERR_GET_FUNC (ErrorCode) == X509_F_X509_STORE_ADD_CERT) &&
ERR_GET_REASON (ErrorCode) == X509_R_CERT_ALREADY_IN_HASH_TABLE)) { (ERR_GET_REASON (ErrorCode) == X509_R_CERT_ALREADY_IN_HASH_TABLE)))
{
Status = EFI_ABORTED; Status = EFI_ABORTED;
goto ON_EXIT; goto ON_EXIT;
} }
@ -736,9 +778,9 @@ TlsSetHostPublicCert (
BioCert = NULL; BioCert = NULL;
Cert = NULL; Cert = NULL;
Status = EFI_SUCCESS; Status = EFI_SUCCESS;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL || Data == NULL || DataSize == 0) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (Data == NULL) || (DataSize == 0)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
@ -746,7 +788,7 @@ TlsSetHostPublicCert (
// DER-encoded binary X.509 certificate or PEM-encoded X.509 certificate. // DER-encoded binary X.509 certificate or PEM-encoded X.509 certificate.
// Determine whether certificate is from DER encoding, if so, translate it to X509 structure. // Determine whether certificate is from DER encoding, if so, translate it to X509 structure.
// //
Cert = d2i_X509 (NULL, (const unsigned char ** )&Data, (long) DataSize); Cert = d2i_X509 (NULL, (const unsigned char **)&Data, (long)DataSize);
if (Cert == NULL) { if (Cert == NULL) {
// //
// Certificate is from PEM encoding. // Certificate is from PEM encoding.
@ -757,7 +799,7 @@ TlsSetHostPublicCert (
goto ON_EXIT; goto ON_EXIT;
} }
if (BIO_write (BioCert, Data, (UINT32) DataSize) <= 0) { if (BIO_write (BioCert, Data, (UINT32)DataSize) <= 0) {
Status = EFI_ABORTED; Status = EFI_ABORTED;
goto ON_EXIT; goto ON_EXIT;
} }
@ -858,7 +900,7 @@ TlsGetVersion (
{ {
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
ASSERT (TlsConn != NULL); ASSERT (TlsConn != NULL);
@ -886,7 +928,7 @@ TlsGetConnectionEnd (
{ {
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
ASSERT (TlsConn != NULL); ASSERT (TlsConn != NULL);
@ -917,10 +959,10 @@ TlsGetCurrentCipher (
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
CONST SSL_CIPHER *Cipher; CONST SSL_CIPHER *Cipher;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
Cipher = NULL; Cipher = NULL;
if (TlsConn == NULL || TlsConn->Ssl == NULL || CipherId == NULL) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (CipherId == NULL)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
@ -981,7 +1023,7 @@ TlsGetVerify (
{ {
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
ASSERT (TlsConn != NULL); ASSERT (TlsConn != NULL);
@ -1015,10 +1057,10 @@ TlsGetSessionId (
SSL_SESSION *Session; SSL_SESSION *Session;
CONST UINT8 *SslSessionId; CONST UINT8 *SslSessionId;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
Session = NULL; Session = NULL;
if (TlsConn == NULL || TlsConn->Ssl == NULL || SessionId == NULL || SessionIdLen == NULL) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (SessionId == NULL) || (SessionIdLen == NULL)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
@ -1053,9 +1095,9 @@ TlsGetClientRandom (
{ {
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL || ClientRandom == NULL) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (ClientRandom == NULL)) {
return; return;
} }
@ -1082,9 +1124,9 @@ TlsGetServerRandom (
{ {
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL || ServerRandom == NULL) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (ServerRandom == NULL)) {
return; return;
} }
@ -1115,10 +1157,10 @@ TlsGetKeyMaterial (
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
SSL_SESSION *Session; SSL_SESSION *Session;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
Session = NULL; Session = NULL;
if (TlsConn == NULL || TlsConn->Ssl == NULL || KeyMaterial == NULL) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (KeyMaterial == NULL)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
@ -1189,13 +1231,13 @@ TlsGetHostPublicCert (
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
Cert = NULL; Cert = NULL;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL || DataSize == NULL || (*DataSize != 0 && Data == NULL)) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (DataSize == NULL) || ((*DataSize != 0) && (Data == NULL))) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
Cert = SSL_get_certificate(TlsConn->Ssl); Cert = SSL_get_certificate (TlsConn->Ssl);
if (Cert == NULL) { if (Cert == NULL) {
return EFI_NOT_FOUND; return EFI_NOT_FOUND;
} }
@ -1203,12 +1245,12 @@ TlsGetHostPublicCert (
// //
// Only DER encoding is supported currently. // Only DER encoding is supported currently.
// //
if (*DataSize < (UINTN) i2d_X509 (Cert, NULL)) { if (*DataSize < (UINTN)i2d_X509 (Cert, NULL)) {
*DataSize = (UINTN) i2d_X509 (Cert, NULL); *DataSize = (UINTN)i2d_X509 (Cert, NULL);
return EFI_BUFFER_TOO_SMALL; return EFI_BUFFER_TOO_SMALL;
} }
*DataSize = (UINTN) i2d_X509 (Cert, (unsigned char **) &Data); *DataSize = (UINTN)i2d_X509 (Cert, (unsigned char **)&Data);
return EFI_SUCCESS; return EFI_SUCCESS;
} }

22
CryptoPkg/Library/TlsLib/TlsInit.c
View File

@ -63,7 +63,7 @@ TlsCtxFree (
} }
if (TlsCtx != NULL) { if (TlsCtx != NULL) {
SSL_CTX_free ((SSL_CTX *) (TlsCtx)); SSL_CTX_free ((SSL_CTX *)(TlsCtx));
} }
} }
@ -106,7 +106,7 @@ TlsCtxNew (
// //
SSL_CTX_set_min_proto_version (TlsCtx, ProtoVersion); SSL_CTX_set_min_proto_version (TlsCtx, ProtoVersion);
return (VOID *) TlsCtx; return (VOID *)TlsCtx;
} }
/** /**
@ -126,7 +126,7 @@ TlsFree (
{ {
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL) { if (TlsConn == NULL) {
return; return;
} }
@ -169,7 +169,7 @@ TlsNew (
// //
// Allocate one new TLS_CONNECTION object // Allocate one new TLS_CONNECTION object
// //
TlsConn = (TLS_CONNECTION *) OPENSSL_malloc (sizeof (TLS_CONNECTION)); TlsConn = (TLS_CONNECTION *)OPENSSL_malloc (sizeof (TLS_CONNECTION));
if (TlsConn == NULL) { if (TlsConn == NULL) {
return NULL; return NULL;
} }
@ -179,9 +179,9 @@ TlsNew (
// //
// Create a new SSL Object // Create a new SSL Object
// //
TlsConn->Ssl = SSL_new ((SSL_CTX *) TlsCtx); TlsConn->Ssl = SSL_new ((SSL_CTX *)TlsCtx);
if (TlsConn->Ssl == NULL) { if (TlsConn->Ssl == NULL) {
TlsFree ((VOID *) TlsConn); TlsFree ((VOID *)TlsConn);
return NULL; return NULL;
} }
@ -202,7 +202,7 @@ TlsNew (
// //
TlsConn->InBio = BIO_new (BIO_s_mem ()); TlsConn->InBio = BIO_new (BIO_s_mem ());
if (TlsConn->InBio == NULL) { if (TlsConn->InBio == NULL) {
TlsFree ((VOID *) TlsConn); TlsFree ((VOID *)TlsConn);
return NULL; return NULL;
} }
@ -219,7 +219,7 @@ TlsNew (
// //
TlsConn->OutBio = BIO_new (BIO_s_mem ()); TlsConn->OutBio = BIO_new (BIO_s_mem ());
if (TlsConn->OutBio == NULL) { if (TlsConn->OutBio == NULL) {
TlsFree ((VOID *) TlsConn); TlsFree ((VOID *)TlsConn);
return NULL; return NULL;
} }
@ -244,9 +244,10 @@ TlsNew (
if (X509Store == NULL) { if (X509Store == NULL) {
X509Store = X509_STORE_new (); X509Store = X509_STORE_new ();
if (X509Store == NULL) { if (X509Store == NULL) {
TlsFree ((VOID *) TlsConn); TlsFree ((VOID *)TlsConn);
return NULL; return NULL;
} }
SSL_CTX_set1_verify_cert_store (SslCtx, X509Store); SSL_CTX_set1_verify_cert_store (SslCtx, X509Store);
X509_STORE_free (X509Store); X509_STORE_free (X509Store);
} }
@ -258,6 +259,5 @@ TlsNew (
X509Store, X509Store,
X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME
); );
return (VOID *) TlsConn; return (VOID *)TlsConn;
} }

115
CryptoPkg/Library/TlsLib/TlsProcess.c
View File

@ -31,8 +31,8 @@ TlsInHandshake (
{ {
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
return FALSE; return FALSE;
} }
@ -83,45 +83,47 @@ TlsDoHandshake (
INTN Ret; INTN Ret;
UINTN ErrorCode; UINTN ErrorCode;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
PendingBufferSize = 0; PendingBufferSize = 0;
Ret = 1; Ret = 1;
if (TlsConn == NULL || \ if ((TlsConn == NULL) || \
TlsConn->Ssl == NULL || TlsConn->InBio == NULL || TlsConn->OutBio == NULL || \ (TlsConn->Ssl == NULL) || (TlsConn->InBio == NULL) || (TlsConn->OutBio == NULL) || \
BufferOutSize == NULL || \ (BufferOutSize == NULL) || \
(BufferIn == NULL && BufferInSize != 0) || \ ((BufferIn == NULL) && (BufferInSize != 0)) || \
(BufferIn != NULL && BufferInSize == 0) || \ ((BufferIn != NULL) && (BufferInSize == 0)) || \
(BufferOut == NULL && *BufferOutSize != 0)) { ((BufferOut == NULL) && (*BufferOutSize != 0)))
{
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
if(BufferIn == NULL && BufferInSize == 0) { if ((BufferIn == NULL) && (BufferInSize == 0)) {
// //
// If RequestBuffer is NULL and RequestSize is 0, and TLS session // If RequestBuffer is NULL and RequestSize is 0, and TLS session
// status is EfiTlsSessionNotStarted, the TLS session will be initiated // status is EfiTlsSessionNotStarted, the TLS session will be initiated
// and the response packet needs to be ClientHello. // and the response packet needs to be ClientHello.
// //
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio); PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
if (PendingBufferSize == 0) { if (PendingBufferSize == 0) {
SSL_set_connect_state (TlsConn->Ssl); SSL_set_connect_state (TlsConn->Ssl);
Ret = SSL_do_handshake (TlsConn->Ssl); Ret = SSL_do_handshake (TlsConn->Ssl);
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio); PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
} }
} else { } else {
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio); PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
if (PendingBufferSize == 0) { if (PendingBufferSize == 0) {
BIO_write (TlsConn->InBio, BufferIn, (UINT32) BufferInSize); BIO_write (TlsConn->InBio, BufferIn, (UINT32)BufferInSize);
Ret = SSL_do_handshake (TlsConn->Ssl); Ret = SSL_do_handshake (TlsConn->Ssl);
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio); PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
} }
} }
if (Ret < 1) { if (Ret < 1) {
Ret = SSL_get_error (TlsConn->Ssl, (int) Ret); Ret = SSL_get_error (TlsConn->Ssl, (int)Ret);
if (Ret == SSL_ERROR_SSL || if ((Ret == SSL_ERROR_SSL) ||
Ret == SSL_ERROR_SYSCALL || (Ret == SSL_ERROR_SYSCALL) ||
Ret == SSL_ERROR_ZERO_RETURN) { (Ret == SSL_ERROR_ZERO_RETURN))
{
DEBUG (( DEBUG ((
DEBUG_ERROR, DEBUG_ERROR,
"%a SSL_HANDSHAKE_ERROR State=0x%x SSL_ERROR_%a\n", "%a SSL_HANDSHAKE_ERROR State=0x%x SSL_ERROR_%a\n",
@ -135,6 +137,7 @@ TlsDoHandshake (
if (ErrorCode == 0) { if (ErrorCode == 0) {
break; break;
} }
DEBUG (( DEBUG ((
DEBUG_ERROR, DEBUG_ERROR,
"%a ERROR 0x%x=L%x:F%x:R%x\n", "%a ERROR 0x%x=L%x:F%x:R%x\n",
@ -145,6 +148,7 @@ TlsDoHandshake (
ERR_GET_REASON (ErrorCode) ERR_GET_REASON (ErrorCode)
)); ));
} }
DEBUG_CODE_END (); DEBUG_CODE_END ();
return EFI_ABORTED; return EFI_ABORTED;
} }
@ -156,7 +160,7 @@ TlsDoHandshake (
} }
if (PendingBufferSize > 0) { if (PendingBufferSize > 0) {
*BufferOutSize = BIO_read (TlsConn->OutBio, BufferOut, (UINT32) PendingBufferSize); *BufferOutSize = BIO_read (TlsConn->OutBio, BufferOut, (UINT32)PendingBufferSize);
} else { } else {
*BufferOutSize = 0; *BufferOutSize = 0;
} }
@ -204,28 +208,29 @@ TlsHandleAlert (
UINT8 *TempBuffer; UINT8 *TempBuffer;
INTN Ret; INTN Ret;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
PendingBufferSize = 0; PendingBufferSize = 0;
TempBuffer = NULL; TempBuffer = NULL;
Ret = 0; Ret = 0;
if (TlsConn == NULL || \ if ((TlsConn == NULL) || \
TlsConn->Ssl == NULL || TlsConn->InBio == NULL || TlsConn->OutBio == NULL || \ (TlsConn->Ssl == NULL) || (TlsConn->InBio == NULL) || (TlsConn->OutBio == NULL) || \
BufferOutSize == NULL || \ (BufferOutSize == NULL) || \
(BufferIn == NULL && BufferInSize != 0) || \ ((BufferIn == NULL) && (BufferInSize != 0)) || \
(BufferIn != NULL && BufferInSize == 0) || \ ((BufferIn != NULL) && (BufferInSize == 0)) || \
(BufferOut == NULL && *BufferOutSize != 0)) { ((BufferOut == NULL) && (*BufferOutSize != 0)))
{
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio); PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
if (PendingBufferSize == 0 && BufferIn != NULL && BufferInSize != 0) { if ((PendingBufferSize == 0) && (BufferIn != NULL) && (BufferInSize != 0)) {
Ret = BIO_write (TlsConn->InBio, BufferIn, (UINT32) BufferInSize); Ret = BIO_write (TlsConn->InBio, BufferIn, (UINT32)BufferInSize);
if (Ret != (INTN) BufferInSize) { if (Ret != (INTN)BufferInSize) {
return EFI_ABORTED; return EFI_ABORTED;
} }
TempBuffer = (UINT8 *) OPENSSL_malloc (MAX_BUFFER_SIZE); TempBuffer = (UINT8 *)OPENSSL_malloc (MAX_BUFFER_SIZE);
// //
// ssl3_send_alert() will be called in ssl3_read_bytes() function. // ssl3_send_alert() will be called in ssl3_read_bytes() function.
@ -235,7 +240,7 @@ TlsHandleAlert (
OPENSSL_free (TempBuffer); OPENSSL_free (TempBuffer);
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio); PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
} }
if (PendingBufferSize > *BufferOutSize) { if (PendingBufferSize > *BufferOutSize) {
@ -244,7 +249,7 @@ TlsHandleAlert (
} }
if (PendingBufferSize > 0) { if (PendingBufferSize > 0) {
*BufferOutSize = BIO_read (TlsConn->OutBio, BufferOut, (UINT32) PendingBufferSize); *BufferOutSize = BIO_read (TlsConn->OutBio, BufferOut, (UINT32)PendingBufferSize);
} else { } else {
*BufferOutSize = 0; *BufferOutSize = 0;
} }
@ -281,23 +286,24 @@ TlsCloseNotify (
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
UINTN PendingBufferSize; UINTN PendingBufferSize;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
PendingBufferSize = 0; PendingBufferSize = 0;
if (TlsConn == NULL || \ if ((TlsConn == NULL) || \
TlsConn->Ssl == NULL || TlsConn->InBio == NULL || TlsConn->OutBio == NULL || \ (TlsConn->Ssl == NULL) || (TlsConn->InBio == NULL) || (TlsConn->OutBio == NULL) || \
BufferSize == NULL || \ (BufferSize == NULL) || \
(Buffer == NULL && *BufferSize != 0)) { ((Buffer == NULL) && (*BufferSize != 0)))
{
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio); PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
if (PendingBufferSize == 0) { if (PendingBufferSize == 0) {
// //
// ssl3_send_alert() and ssl3_dispatch_alert() function will be called. // ssl3_send_alert() and ssl3_dispatch_alert() function will be called.
// //
SSL_shutdown (TlsConn->Ssl); SSL_shutdown (TlsConn->Ssl);
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio); PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
} }
if (PendingBufferSize > *BufferSize) { if (PendingBufferSize > *BufferSize) {
@ -306,7 +312,7 @@ TlsCloseNotify (
} }
if (PendingBufferSize > 0) { if (PendingBufferSize > 0) {
*BufferSize = BIO_read (TlsConn->OutBio, Buffer, (UINT32) PendingBufferSize); *BufferSize = BIO_read (TlsConn->OutBio, Buffer, (UINT32)PendingBufferSize);
} else { } else {
*BufferSize = 0; *BufferSize = 0;
} }
@ -338,15 +344,15 @@ TlsCtrlTrafficOut (
{ {
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->OutBio == 0) { if ((TlsConn == NULL) || (TlsConn->OutBio == 0)) {
return -1; return -1;
} }
// //
// Read and return the amount of data from the BIO. // Read and return the amount of data from the BIO.
// //
return BIO_read (TlsConn->OutBio, Buffer, (UINT32) BufferSize); return BIO_read (TlsConn->OutBio, Buffer, (UINT32)BufferSize);
} }
/** /**
@ -373,16 +379,17 @@ TlsCtrlTrafficIn (
{ {
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->InBio == 0) { if ((TlsConn == NULL) || (TlsConn->InBio == 0)) {
return -1; return -1;
} }
// //
// Write and return the amount of data to the BIO. // Write and return the amount of data to the BIO.
// //
return BIO_write (TlsConn->InBio, Buffer, (UINT32) BufferSize); return BIO_write (TlsConn->InBio, Buffer, (UINT32)BufferSize);
} }
/** /**
Attempts to read bytes from the specified TLS connection into the buffer. Attempts to read bytes from the specified TLS connection into the buffer.
@ -408,15 +415,15 @@ TlsRead (
{ {
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
return -1; return -1;
} }
// //
// Read bytes from the specified TLS connection. // Read bytes from the specified TLS connection.
// //
return SSL_read (TlsConn->Ssl, Buffer, (UINT32) BufferSize); return SSL_read (TlsConn->Ssl, Buffer, (UINT32)BufferSize);
} }
/** /**
@ -444,13 +451,13 @@ TlsWrite (
{ {
TLS_CONNECTION *TlsConn; TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls; TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL) { if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
return -1; return -1;
} }
// //
// Write bytes to the specified TLS connection. // Write bytes to the specified TLS connection.
// //
return SSL_write (TlsConn->Ssl, Buffer, (UINT32) BufferSize); return SSL_write (TlsConn->Ssl, Buffer, (UINT32)BufferSize);
} }

49
CryptoPkg/Library/TlsLibNull/TlsConfigNull.c
View File

@ -31,7 +31,7 @@ TlsSetVersion (
IN UINT8 MinorVer IN UINT8 MinorVer
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -55,7 +55,7 @@ TlsSetConnectionEnd (
IN BOOLEAN IsServer IN BOOLEAN IsServer
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -85,7 +85,7 @@ TlsSetCipherList (
IN UINTN CipherNum IN UINTN CipherNum
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -107,7 +107,7 @@ TlsSetCompressionMethod (
IN UINT8 CompMethod IN UINT8 CompMethod
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -127,10 +127,11 @@ TlsSetVerify (
IN UINT32 VerifyMode IN UINT32 VerifyMode
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
} }
// MU_CHANGE - Proposed fixes for TCBZ960, invalid domain name (CN) accepted. [BEGIN] // MU_CHANGE - Proposed fixes for TCBZ960, invalid domain name (CN) accepted. [BEGIN]
/** /**
Set the specified host name to be verified. Set the specified host name to be verified.
@ -151,7 +152,7 @@ TlsSetVerifyHost (
IN CHAR8 *HostName IN CHAR8 *HostName
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -180,7 +181,7 @@ TlsSetSessionId (
IN UINT16 SessionIdLen IN UINT16 SessionIdLen
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -209,7 +210,7 @@ TlsSetCaCertificate (
IN UINTN DataSize IN UINTN DataSize
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -238,7 +239,7 @@ TlsSetHostPublicCert (
IN UINTN DataSize IN UINTN DataSize
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -266,7 +267,7 @@ TlsSetHostPrivateKey (
IN UINTN DataSize IN UINTN DataSize
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -291,7 +292,7 @@ TlsSetCertRevocationList (
IN UINTN DataSize IN UINTN DataSize
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -314,7 +315,7 @@ TlsGetVersion (
IN VOID *Tls IN VOID *Tls
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return 0; return 0;
} }
@ -337,7 +338,7 @@ TlsGetConnectionEnd (
IN VOID *Tls IN VOID *Tls
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return 0; return 0;
} }
@ -362,7 +363,7 @@ TlsGetCurrentCipher (
IN OUT UINT16 *CipherId IN OUT UINT16 *CipherId
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -389,7 +390,7 @@ TlsGetCurrentCompressionId (
IN OUT UINT8 *CompressionId IN OUT UINT8 *CompressionId
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -412,7 +413,7 @@ TlsGetVerify (
IN VOID *Tls IN VOID *Tls
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return 0; return 0;
} }
@ -439,7 +440,7 @@ TlsGetSessionId (
IN OUT UINT16 *SessionIdLen IN OUT UINT16 *SessionIdLen
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -461,7 +462,7 @@ TlsGetClientRandom (
IN OUT UINT8 *ClientRandom IN OUT UINT8 *ClientRandom
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
} }
/** /**
@ -482,7 +483,7 @@ TlsGetServerRandom (
IN OUT UINT8 *ServerRandom IN OUT UINT8 *ServerRandom
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
} }
/** /**
@ -506,7 +507,7 @@ TlsGetKeyMaterial (
IN OUT UINT8 *KeyMaterial IN OUT UINT8 *KeyMaterial
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -534,7 +535,7 @@ TlsGetCaCertificate (
IN OUT UINTN *DataSize IN OUT UINTN *DataSize
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -563,7 +564,7 @@ TlsGetHostPublicCert (
IN OUT UINTN *DataSize IN OUT UINTN *DataSize
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -591,7 +592,7 @@ TlsGetHostPrivateKey (
IN OUT UINTN *DataSize IN OUT UINTN *DataSize
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -617,6 +618,6 @@ TlsGetCertRevocationList (
IN OUT UINTN *DataSize IN OUT UINTN *DataSize
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }

11
CryptoPkg/Library/TlsLibNull/TlsInitNull.c
View File

@ -26,7 +26,7 @@ TlsInitialize (
VOID VOID
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return FALSE; return FALSE;
} }
@ -42,7 +42,7 @@ TlsCtxFree (
IN VOID *TlsCtx IN VOID *TlsCtx
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return; return;
} }
@ -64,7 +64,7 @@ TlsCtxNew (
IN UINT8 MinorVer IN UINT8 MinorVer
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return NULL; return NULL;
} }
@ -83,7 +83,7 @@ TlsFree (
IN VOID *Tls IN VOID *Tls
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
} }
/** /**
@ -105,7 +105,6 @@ TlsNew (
IN VOID *TlsCtx IN VOID *TlsCtx
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return NULL; return NULL;
} }

17
CryptoPkg/Library/TlsLibNull/TlsProcessNull.c
View File

@ -27,7 +27,7 @@ TlsInHandshake (
IN VOID *Tls IN VOID *Tls
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return FALSE; return FALSE;
} }
@ -67,7 +67,7 @@ TlsDoHandshake (
IN OUT UINTN *BufferOutSize IN OUT UINTN *BufferOutSize
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -106,7 +106,7 @@ TlsHandleAlert (
IN OUT UINTN *BufferOutSize IN OUT UINTN *BufferOutSize
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -136,7 +136,7 @@ TlsCloseNotify (
IN OUT UINTN *BufferSize IN OUT UINTN *BufferSize
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -162,7 +162,7 @@ TlsCtrlTrafficOut (
IN UINTN BufferSize IN UINTN BufferSize
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return 0; return 0;
} }
@ -188,9 +188,10 @@ TlsCtrlTrafficIn (
IN UINTN BufferSize IN UINTN BufferSize
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return 0; return 0;
} }
/** /**
Attempts to read bytes from the specified TLS connection into the buffer. Attempts to read bytes from the specified TLS connection into the buffer.
@ -214,7 +215,7 @@ TlsRead (
IN UINTN BufferSize IN UINTN BufferSize
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return 0; return 0;
} }
@ -241,6 +242,6 @@ TlsWrite (
IN UINTN BufferSize IN UINTN BufferSize
) )
{ {
ASSERT(FALSE); ASSERT (FALSE);
return 0; return 0;
} }

471
CryptoPkg/Private/Protocol/Crypto.h
View File

File diff suppressed because it is too large Load Diff

16
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/AuthenticodeTests.c
View File

@ -15,7 +15,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
GLOBAL_REMOVE_IF_UNREFERENCED UINT8 PeSha1Hash[] = { GLOBAL_REMOVE_IF_UNREFERENCED UINT8 PeSha1Hash[] = {
0x44, 0xFD, 0x4F, 0xA9, 0x17, 0xEE, 0xAC, 0xCF, 0x1F, 0x0B, 0xE3, 0xA1, 0x4D, 0x5B, 0xA6, 0x61, 0x44, 0xFD, 0x4F, 0xA9, 0x17, 0xEE, 0xAC, 0xCF, 0x1F, 0x0B, 0xE3, 0xA1, 0x4D, 0x5B, 0xA6, 0x61,
0x82, 0x97, 0xC4, 0xB6 0x82, 0x97, 0xC4, 0xB6
}; };
// //
// Sample PE/COFF Image Hash Value (Digested by SHA-256). // Sample PE/COFF Image Hash Value (Digested by SHA-256).
@ -23,7 +23,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED UINT8 PeSha1Hash[] = {
GLOBAL_REMOVE_IF_UNREFERENCED UINT8 PeSha256Hash[] = { GLOBAL_REMOVE_IF_UNREFERENCED UINT8 PeSha256Hash[] = {
0x61, 0x82, 0xB7, 0xF8, 0x8C, 0xFF, 0xC2, 0xEB, 0x79, 0x6E, 0x9D, 0xA9, 0xDD, 0x39, 0x52, 0xDD, 0x61, 0x82, 0xB7, 0xF8, 0x8C, 0xFF, 0xC2, 0xEB, 0x79, 0x6E, 0x9D, 0xA9, 0xDD, 0x39, 0x52, 0xDD,
0x36, 0xDD, 0xF1, 0x43, 0x27, 0x58, 0x8C, 0xA7, 0xCC, 0xAE, 0xDE, 0xDD, 0x3C, 0x02, 0x12, 0x49 0x36, 0xDD, 0xF1, 0x43, 0x27, 0x58, 0x8C, 0xA7, 0xCC, 0xAE, 0xDE, 0xDD, 0x3C, 0x02, 0x12, 0x49
}; };
// //
// Sample Authenticode Data with SHA-1 hash algorithm. // Sample Authenticode Data with SHA-1 hash algorithm.
@ -484,7 +484,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED UINT8 AuthenticodeWithSha1[] = {
0x0E, 0x99, 0x1F, 0xDF, 0x7E, 0xC9, 0x10, 0x56, 0xC7, 0x00, 0x6D, 0x5F, 0x23, 0x57, 0x12, 0x84, 0x0E, 0x99, 0x1F, 0xDF, 0x7E, 0xC9, 0x10, 0x56, 0xC7, 0x00, 0x6D, 0x5F, 0x23, 0x57, 0x12, 0x84,
0xCD, 0xAC, 0x82, 0xAE, 0x39, 0x52, 0xA5, 0x19, 0x23, 0xA3, 0x6B, 0xE7, 0x49, 0x8F, 0x86, 0x74, 0xCD, 0xAC, 0x82, 0xAE, 0x39, 0x52, 0xA5, 0x19, 0x23, 0xA3, 0x6B, 0xE7, 0x49, 0x8F, 0x86, 0x74,
0x46, 0x41, 0x2A, 0x0F, 0x3D, 0x29, 0xB7, 0xAE, 0x8C, 0x00 0x46, 0x41, 0x2A, 0x0F, 0x3D, 0x29, 0xB7, 0xAE, 0x8C, 0x00
}; };
// //
// Sample Authenticode Data with SHA-256 hash algorithm. // Sample Authenticode Data with SHA-256 hash algorithm.
@ -730,7 +730,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED UINT8 AuthenticodeWithSha256[] = {
0x22, 0xb6, 0x17, 0x3f, 0x4f, 0x33, 0xed, 0xa6, 0xd9, 0x0f, 0x74, 0xfa, 0x97, 0x8d, 0x98, 0x55, 0x22, 0xb6, 0x17, 0x3f, 0x4f, 0x33, 0xed, 0xa6, 0xd9, 0x0f, 0x74, 0xfa, 0x97, 0x8d, 0x98, 0x55,
0x42, 0x14, 0x76, 0xd4, 0x89, 0x07, 0xf2, 0x30, 0x5a, 0x27, 0x96, 0x1b, 0x92, 0x70, 0x5a, 0x83, 0x42, 0x14, 0x76, 0xd4, 0x89, 0x07, 0xf2, 0x30, 0x5a, 0x27, 0x96, 0x1b, 0x92, 0x70, 0x5a, 0x83,
0x89, 0x0f, 0xdb, 0x47, 0x7a, 0x00, 0x00, 0x00, 0x0a 0x89, 0x0f, 0xdb, 0x47, 0x7a, 0x00, 0x00, 0x00, 0x0a
}; };
// //
// Sample root certificate for code signing. // Sample root certificate for code signing.
@ -928,7 +928,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED UINT8 TestRootCert2[] = {
0x5f, 0x70, 0x44, 0xfa, 0x89, 0x59, 0x93, 0xb0, 0x7b, 0x12, 0x0f, 0x5e, 0x62, 0x62, 0x51, 0x11, 0x5f, 0x70, 0x44, 0xfa, 0x89, 0x59, 0x93, 0xb0, 0x7b, 0x12, 0x0f, 0x5e, 0x62, 0x62, 0x51, 0x11,
0xbd, 0xba, 0x5a, 0xd0, 0xce, 0xa1, 0xb6, 0xef, 0x80, 0x20, 0xe6, 0x73, 0x4b, 0x11, 0x06, 0x56, 0xbd, 0xba, 0x5a, 0xd0, 0xce, 0xa1, 0xb6, 0xef, 0x80, 0x20, 0xe6, 0x73, 0x4b, 0x11, 0x06, 0x56,
0xe2, 0x0a 0xe2, 0x0a
}; };
// //
// OID ASN.1 Value for Hash Algorithms // OID ASN.1 Value for Hash Algorithms
@ -940,7 +940,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED UINT8 HashOidValue[] = {
0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, // OBJ_sha256 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, // OBJ_sha256
0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, // OBJ_sha384 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, // OBJ_sha384
0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, // OBJ_sha512 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, // OBJ_sha512
}; };
UNIT_TEST_STATUS UNIT_TEST_STATUS
EFIAPI EFIAPI
@ -996,7 +996,7 @@ TEST_DESC mAuthenticodeTest[] = {
// //
// -----Description--------------------------------------Class----------------------Function-----------------Pre---Post--Context // -----Description--------------------------------------Class----------------------Function-----------------Pre---Post--Context
// //
{"TestVerifyAuthenticodeVerify()", "CryptoPkg.BaseCryptLib.Authenticode", TestVerifyAuthenticodeVerify, NULL, NULL, NULL}, { "TestVerifyAuthenticodeVerify()", "CryptoPkg.BaseCryptLib.Authenticode", TestVerifyAuthenticodeVerify, NULL, NULL, NULL },
}; };
UINTN mAuthenticodeTestNum = ARRAY_SIZE(mAuthenticodeTest); UINTN mAuthenticodeTestNum = ARRAY_SIZE (mAuthenticodeTest);

48
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/BaseCryptLibUnitTests.c
View File

@ -11,57 +11,61 @@ SUITE_DESC mSuiteDesc[] = {
// //
// Title--------------------------Package-------------------Sup--Tdn----TestNum------------TestDesc // Title--------------------------Package-------------------Sup--Tdn----TestNum------------TestDesc
// //
{"EKU verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mPkcs7EkuTestNum, mPkcs7EkuTest}, { "EKU verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mPkcs7EkuTestNum, mPkcs7EkuTest },
{"HASH verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mHashTestNum, mHashTest}, { "HASH verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mHashTestNum, mHashTest },
{"HMAC verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mHmacTestNum, mHmacTest}, { "HMAC verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mHmacTestNum, mHmacTest },
{"BlockCipher verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mBlockCipherTestNum, mBlockCipherTest}, { "BlockCipher verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mBlockCipherTestNum, mBlockCipherTest },
{"RSA verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mRsaTestNum, mRsaTest}, { "RSA verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mRsaTestNum, mRsaTest },
{"RSA PSS verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mRsaPssTestNum, mRsaPssTest}, { "RSA PSS verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mRsaPssTestNum, mRsaPssTest },
{"RSACert verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mRsaCertTestNum, mRsaCertTest}, { "RSACert verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mRsaCertTestNum, mRsaCertTest },
{"PKCS7 verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mPkcs7TestNum, mPkcs7Test}, { "PKCS7 verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mPkcs7TestNum, mPkcs7Test },
{"PKCS5 verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mPkcs5TestNum, mPkcs5Test}, { "PKCS5 verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mPkcs5TestNum, mPkcs5Test },
{"Authenticode verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mAuthenticodeTestNum, mAuthenticodeTest}, { "Authenticode verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mAuthenticodeTestNum, mAuthenticodeTest },
{"ImageTimestamp verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mImageTimestampTestNum, mImageTimestampTest}, { "ImageTimestamp verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mImageTimestampTestNum, mImageTimestampTest },
{"DH verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mDhTestNum, mDhTest}, { "DH verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mDhTestNum, mDhTest },
{"PRNG verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mPrngTestNum, mPrngTest}, { "PRNG verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mPrngTestNum, mPrngTest },
{"OAEP encrypt verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mOaepTestNum, mOaepTest}, { "OAEP encrypt verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mOaepTestNum, mOaepTest },
}; };
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
CreateUnitTest ( CreateUnitTest (
IN CHAR8* UnitTestName, IN CHAR8 *UnitTestName,
IN CHAR8* UnitTestVersion, IN CHAR8 *UnitTestVersion,
IN OUT UNIT_TEST_FRAMEWORK_HANDLE* Framework IN OUT UNIT_TEST_FRAMEWORK_HANDLE *Framework
) { )
{
EFI_STATUS Status; EFI_STATUS Status;
UINTN SuiteIndex; UINTN SuiteIndex;
UINTN TestIndex; UINTN TestIndex;
if ( Framework == NULL || UnitTestVersion == NULL || UnitTestName == NULL) { if ((Framework == NULL) || (UnitTestVersion == NULL) || (UnitTestName == NULL)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
Status = EFI_SUCCESS; Status = EFI_SUCCESS;
// //
// Start setting up the test framework for running the tests. // Start setting up the test framework for running the tests.
// //
Status = InitUnitTestFramework (Framework, UnitTestName, gEfiCallerBaseName, UnitTestVersion); Status = InitUnitTestFramework (Framework, UnitTestName, gEfiCallerBaseName, UnitTestVersion);
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
DEBUG((DEBUG_ERROR, "Failed in InitUnitTestFramework. Status = %r\n", Status)); DEBUG ((DEBUG_ERROR, "Failed in InitUnitTestFramework. Status = %r\n", Status));
goto EXIT; goto EXIT;
} }
for (SuiteIndex = 0; SuiteIndex < ARRAY_SIZE(mSuiteDesc); SuiteIndex++) { for (SuiteIndex = 0; SuiteIndex < ARRAY_SIZE (mSuiteDesc); SuiteIndex++) {
UNIT_TEST_SUITE_HANDLE Suite = NULL; UNIT_TEST_SUITE_HANDLE Suite = NULL;
Status = CreateUnitTestSuite (&Suite, *Framework, mSuiteDesc[SuiteIndex].Title, mSuiteDesc[SuiteIndex].Package, mSuiteDesc[SuiteIndex].Sup, mSuiteDesc[SuiteIndex].Tdn); Status = CreateUnitTestSuite (&Suite, *Framework, mSuiteDesc[SuiteIndex].Title, mSuiteDesc[SuiteIndex].Package, mSuiteDesc[SuiteIndex].Sup, mSuiteDesc[SuiteIndex].Tdn);
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
Status = EFI_OUT_OF_RESOURCES; Status = EFI_OUT_OF_RESOURCES;
goto EXIT; goto EXIT;
} }
for (TestIndex = 0; TestIndex < *mSuiteDesc[SuiteIndex].TestNum; TestIndex++) { for (TestIndex = 0; TestIndex < *mSuiteDesc[SuiteIndex].TestNum; TestIndex++) {
AddTestCase (Suite, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->Description, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->ClassName, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->Func, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->PreReq, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->CleanUp, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->Context); AddTestCase (Suite, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->Description, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->ClassName, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->Func, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->PreReq, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->CleanUp, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->Context);
} }
} }
EXIT:
EXIT:
return Status; return Status;
} }

91
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/BlockCipherTests.c
View File

@ -13,101 +13,101 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
// //
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcbData[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcbData[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcbKey[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcbKey[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcbCipher[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcbCipher[] = {
0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7, 0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7,
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcb2Cipher[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcb2Cipher[] = {
0x92, 0x95, 0xB5, 0x9B, 0xB3, 0x84, 0x73, 0x6E, 0x92, 0x95, 0xB5, 0x9B, 0xB3, 0x84, 0x73, 0x6E,
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesCbcData[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesCbcData[] = {
0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20, 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20,
0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74, 0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74,
0x68, 0x65, 0x20, 0x74, 0x69, 0x6D, 0x65, 0x20 0x68, 0x65, 0x20, 0x74, 0x69, 0x6D, 0x65, 0x20
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesCbcKey[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesCbcKey[] = {
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xf1, 0xe0, 0xd3, 0xc2, 0xb5, 0xa4, 0x97, 0x86, 0xf1, 0xe0, 0xd3, 0xc2, 0xb5, 0xa4, 0x97, 0x86,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
}; };
GLOBAL_REMOVE_IF_UNREFERENCED UINT8 TdesCbcIvec[] = { GLOBAL_REMOVE_IF_UNREFERENCED UINT8 TdesCbcIvec[] = {
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesCbc3Cipher[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesCbc3Cipher[] = {
0x3F, 0xE3, 0x01, 0xC9, 0x62, 0xAC, 0x01, 0xD0, 0x3F, 0xE3, 0x01, 0xC9, 0x62, 0xAC, 0x01, 0xD0,
0x22, 0x13, 0x76, 0x3C, 0x1C, 0xBD, 0x4C, 0xDC, 0x22, 0x13, 0x76, 0x3C, 0x1C, 0xBD, 0x4C, 0xDC,
0x79, 0x96, 0x57, 0xC0, 0x64, 0xEC, 0xF5, 0xD4 0x79, 0x96, 0x57, 0xC0, 0x64, 0xEC, 0xF5, 0xD4
}; };
// //
// AES test vectors are from NIST KAT of AES // AES test vectors are from NIST KAT of AES
// //
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128EcbData[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128EcbData[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128EcbKey[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128EcbKey[] = {
0x10, 0xa5, 0x88, 0x69, 0xd7, 0x4b, 0xe5, 0xa3, 0x74, 0xcf, 0x86, 0x7c, 0xfb, 0x47, 0x38, 0x59 0x10, 0xa5, 0x88, 0x69, 0xd7, 0x4b, 0xe5, 0xa3, 0x74, 0xcf, 0x86, 0x7c, 0xfb, 0x47, 0x38, 0x59
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128EcbCipher[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128EcbCipher[] = {
0x6d, 0x25, 0x1e, 0x69, 0x44, 0xb0, 0x51, 0xe0, 0x4e, 0xaa, 0x6f, 0xb4, 0xdb, 0xf7, 0x84, 0x65 0x6d, 0x25, 0x1e, 0x69, 0x44, 0xb0, 0x51, 0xe0, 0x4e, 0xaa, 0x6f, 0xb4, 0xdb, 0xf7, 0x84, 0x65
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes192EcbData[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes192EcbData[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes192EcbKey[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes192EcbKey[] = {
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes192EcbCipher[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes192EcbCipher[] = {
0xdd, 0x8a, 0x49, 0x35, 0x14, 0x23, 0x1c, 0xbf, 0x56, 0xec, 0xce, 0xe4, 0xc4, 0x08, 0x89, 0xfb 0xdd, 0x8a, 0x49, 0x35, 0x14, 0x23, 0x1c, 0xbf, 0x56, 0xec, 0xce, 0xe4, 0xc4, 0x08, 0x89, 0xfb
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes256EcbData[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes256EcbData[] = {
0x01, 0x47, 0x30, 0xf8, 0x0a, 0xc6, 0x25, 0xfe, 0x84, 0xf0, 0x26, 0xc6, 0x0b, 0xfd, 0x54, 0x7d 0x01, 0x47, 0x30, 0xf8, 0x0a, 0xc6, 0x25, 0xfe, 0x84, 0xf0, 0x26, 0xc6, 0x0b, 0xfd, 0x54, 0x7d
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes256EcbKey[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes256EcbKey[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes256EcbCipher[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes256EcbCipher[] = {
0x5c, 0x9d, 0x84, 0x4e, 0xd4, 0x6f, 0x98, 0x85, 0x08, 0x5e, 0x5d, 0x6a, 0x4f, 0x94, 0xc7, 0xd7 0x5c, 0x9d, 0x84, 0x4e, 0xd4, 0x6f, 0x98, 0x85, 0x08, 0x5e, 0x5d, 0x6a, 0x4f, 0x94, 0xc7, 0xd7
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcData[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcData[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcKey[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcKey[] = {
0xc2, 0x86, 0x69, 0x6d, 0x88, 0x7c, 0x9a, 0xa0, 0x61, 0x1b, 0xbb, 0x3e, 0x20, 0x25, 0xa4, 0x5a 0xc2, 0x86, 0x69, 0x6d, 0x88, 0x7c, 0x9a, 0xa0, 0x61, 0x1b, 0xbb, 0x3e, 0x20, 0x25, 0xa4, 0x5a
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcIvec[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcIvec[] = {
0x56, 0x2e, 0x17, 0x99, 0x6d, 0x09, 0x3d, 0x28, 0xdd, 0xb3, 0xba, 0x69, 0x5a, 0x2e, 0x6f, 0x58 0x56, 0x2e, 0x17, 0x99, 0x6d, 0x09, 0x3d, 0x28, 0xdd, 0xb3, 0xba, 0x69, 0x5a, 0x2e, 0x6f, 0x58
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcCipher[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcCipher[] = {
0xd2, 0x96, 0xcd, 0x94, 0xc2, 0xcc, 0xcf, 0x8a, 0x3a, 0x86, 0x30, 0x28, 0xb5, 0xe1, 0xdc, 0x0a, 0xd2, 0x96, 0xcd, 0x94, 0xc2, 0xcc, 0xcf, 0x8a, 0x3a, 0x86, 0x30, 0x28, 0xb5, 0xe1, 0xdc, 0x0a,
0x75, 0x86, 0x60, 0x2d, 0x25, 0x3c, 0xff, 0xf9, 0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1 0x75, 0x86, 0x60, 0x2d, 0x25, 0x3c, 0xff, 0xf9, 0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1
}; };
// //
// ARC4 Test Vector defined in "Appendix A.1 Test Vectors from [CRYPTLIB]" of // ARC4 Test Vector defined in "Appendix A.1 Test Vectors from [CRYPTLIB]" of
@ -115,26 +115,25 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcCipher[] = {
// //
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Arc4Data[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Arc4Data[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Arc4Key[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Arc4Key[] = {
0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Arc4Cipher[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Arc4Cipher[] = {
0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79 0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79
}; };
typedef typedef
UINTN UINTN
(EFIAPI *EFI_BLOCK_CIPHER_GET_CONTEXT_SIZE) ( (EFIAPI *EFI_BLOCK_CIPHER_GET_CONTEXT_SIZE)(
VOID VOID
); );
typedef typedef
BOOLEAN BOOLEAN
(EFIAPI *EFI_BLOCK_CIPHER_INIT) ( (EFIAPI *EFI_BLOCK_CIPHER_INIT)(
OUT VOID *BlockCipherContext, OUT VOID *BlockCipherContext,
IN CONST UINT8 *Key, IN CONST UINT8 *Key,
IN UINTN KeyLength IN UINTN KeyLength
@ -142,7 +141,7 @@ BOOLEAN
typedef typedef
BOOLEAN BOOLEAN
(EFIAPI *EFI_BLOCK_CIPHER_ECB_ENCRYPT_DECRYPT) ( (EFIAPI *EFI_BLOCK_CIPHER_ECB_ENCRYPT_DECRYPT)(
IN VOID *BlockCipherContext, IN VOID *BlockCipherContext,
IN CONST UINT8 *Input, IN CONST UINT8 *Input,
IN UINTN InputSize, IN UINTN InputSize,
@ -151,7 +150,7 @@ BOOLEAN
typedef typedef
BOOLEAN BOOLEAN
(EFIAPI *EFI_BLOCK_CIPHER_CBC_ENCRYPT_DECRYPT) ( (EFIAPI *EFI_BLOCK_CIPHER_CBC_ENCRYPT_DECRYPT)(
IN VOID *BlockCipherContext, IN VOID *BlockCipherContext,
IN CONST UINT8 *Input, IN CONST UINT8 *Input,
IN UINTN InputSize, IN UINTN InputSize,
@ -161,7 +160,7 @@ BOOLEAN
typedef typedef
BOOLEAN BOOLEAN
(EFIAPI *EFI_BLOCK_CIPHER_RESET) ( (EFIAPI *EFI_BLOCK_CIPHER_RESET)(
IN OUT VOID *BlockCipherContext IN OUT VOID *BlockCipherContext
); );
@ -184,14 +183,13 @@ typedef struct {
} BLOCK_CIPHER_TEST_CONTEXT; } BLOCK_CIPHER_TEST_CONTEXT;
// These are commented out as they are deprecated, but are left in should they be used again // These are commented out as they are deprecated, but are left in should they be used again
//BLOCK_CIPHER_TEST_CONTEXT mTdesEcbTestCtx = {TdesGetContextSize, TdesInit, TdesEcbEncrypt, TdesEcbDecrypt, NULL, NULL, NULL, TdesEcbKey, 64, NULL, TdesEcbData, 8, TdesEcbCipher, 8}; // BLOCK_CIPHER_TEST_CONTEXT mTdesEcbTestCtx = {TdesGetContextSize, TdesInit, TdesEcbEncrypt, TdesEcbDecrypt, NULL, NULL, NULL, TdesEcbKey, 64, NULL, TdesEcbData, 8, TdesEcbCipher, 8};
//BLOCK_CIPHER_TEST_CONTEXT mTdesCbcTestCtx = {TdesGetContextSize, TdesInit, NULL, NULL, TdesCbcEncrypt, TdesCbcDecrypt, NULL, TdesCbcKey, 192, TdesCbcIvec, TdesCbcData, sizeof(TdesCbcData), TdesCbc3Cipher, sizeof(TdesCbc3Cipher)}; // BLOCK_CIPHER_TEST_CONTEXT mTdesCbcTestCtx = {TdesGetContextSize, TdesInit, NULL, NULL, TdesCbcEncrypt, TdesCbcDecrypt, NULL, TdesCbcKey, 192, TdesCbcIvec, TdesCbcData, sizeof(TdesCbcData), TdesCbc3Cipher, sizeof(TdesCbc3Cipher)};
//BLOCK_CIPHER_TEST_CONTEXT mAes128EcbTestCtx = {AesGetContextSize, AesInit, AesEcbEncrypt, AesEcbDecrypt, NULL, NULL, NULL, Aes128EcbKey, 128, NULL, Aes128EcbData, sizeof(Aes128EcbData), Aes128EcbCipher, sizeof(Aes128EcbCipher)}; // BLOCK_CIPHER_TEST_CONTEXT mAes128EcbTestCtx = {AesGetContextSize, AesInit, AesEcbEncrypt, AesEcbDecrypt, NULL, NULL, NULL, Aes128EcbKey, 128, NULL, Aes128EcbData, sizeof(Aes128EcbData), Aes128EcbCipher, sizeof(Aes128EcbCipher)};
//BLOCK_CIPHER_TEST_CONTEXT mAes192EcbTestCtx = {AesGetContextSize, AesInit, AesEcbEncrypt, AesEcbDecrypt, NULL, NULL, NULL, Aes192EcbKey, 192, NULL, Aes192EcbData, sizeof(Aes192EcbData), Aes192EcbCipher, sizeof(Aes192EcbCipher)}; // BLOCK_CIPHER_TEST_CONTEXT mAes192EcbTestCtx = {AesGetContextSize, AesInit, AesEcbEncrypt, AesEcbDecrypt, NULL, NULL, NULL, Aes192EcbKey, 192, NULL, Aes192EcbData, sizeof(Aes192EcbData), Aes192EcbCipher, sizeof(Aes192EcbCipher)};
//BLOCK_CIPHER_TEST_CONTEXT mAes256EcbTestCtx = {AesGetContextSize, AesInit, AesEcbEncrypt, AesEcbDecrypt, NULL, NULL, NULL, Aes256EcbKey, 256, NULL, Aes256EcbData, sizeof(Aes256EcbData), Aes256EcbCipher, sizeof(Aes256EcbCipher)}; // BLOCK_CIPHER_TEST_CONTEXT mAes256EcbTestCtx = {AesGetContextSize, AesInit, AesEcbEncrypt, AesEcbDecrypt, NULL, NULL, NULL, Aes256EcbKey, 256, NULL, Aes256EcbData, sizeof(Aes256EcbData), Aes256EcbCipher, sizeof(Aes256EcbCipher)};
//BLOCK_CIPHER_TEST_CONTEXT mArc4TestCtx = {Arc4GetContextSize, Arc4Init, Arc4Encrypt, (EFI_BLOCK_CIPHER_ECB_ENCRYPT_DECRYPT), Arc4Decrypt, NULL, NULL, Arc4Reset, Arc4Key, sizeof(Arc4Key), NULL, Arc4Data, sizeof(Arc4Data), Arc4Cipher, sizeof(Arc4Cipher)}; // BLOCK_CIPHER_TEST_CONTEXT mArc4TestCtx = {Arc4GetContextSize, Arc4Init, Arc4Encrypt, (EFI_BLOCK_CIPHER_ECB_ENCRYPT_DECRYPT), Arc4Decrypt, NULL, NULL, Arc4Reset, Arc4Key, sizeof(Arc4Key), NULL, Arc4Data, sizeof(Arc4Data), Arc4Cipher, sizeof(Arc4Cipher)};
BLOCK_CIPHER_TEST_CONTEXT mAes128CbcTestCtx = {AesGetContextSize, AesInit, NULL, NULL, AesCbcEncrypt, AesCbcDecrypt, NULL, Aes128CbcKey, 128, Aes128CbcIvec, Aes128CbcData, sizeof(Aes128CbcData), Aes128CbcCipher, sizeof(Aes128CbcCipher)}; BLOCK_CIPHER_TEST_CONTEXT mAes128CbcTestCtx = { AesGetContextSize, AesInit, NULL, NULL, AesCbcEncrypt, AesCbcDecrypt, NULL, Aes128CbcKey, 128, Aes128CbcIvec, Aes128CbcData, sizeof (Aes128CbcData), Aes128CbcCipher, sizeof (Aes128CbcCipher) };
UNIT_TEST_STATUS UNIT_TEST_STATUS
EFIAPI EFIAPI
@ -256,7 +254,6 @@ TestVerifyBLockCiper (
Status = TestContext->EcbDecrypt (TestContext->Ctx, Encrypt, TestContext->DataSize, Decrypt); Status = TestContext->EcbDecrypt (TestContext->Ctx, Encrypt, TestContext->DataSize, Decrypt);
UT_ASSERT_TRUE (Status); UT_ASSERT_TRUE (Status);
} else { } else {
Status = TestContext->CbcEncrypt (TestContext->Ctx, TestContext->Data, TestContext->DataSize, TestContext->Ivec, Encrypt); Status = TestContext->CbcEncrypt (TestContext->Ctx, TestContext->Data, TestContext->DataSize, TestContext->Ivec, Encrypt);
UT_ASSERT_TRUE (Status); UT_ASSERT_TRUE (Status);
@ -280,14 +277,14 @@ TEST_DESC mBlockCipherTest[] = {
// //
// -----Description-------------------------Class-------------------------Function---------------Pre---------------------------Post------------------Context // -----Description-------------------------Class-------------------------Function---------------Pre---------------------------Post------------------Context
// //
{"TestVerifyAes128Cbc()", "CryptoPkg.BaseCryptLib.BlockCipher", TestVerifyBLockCiper, TestVerifyBLockCiperPreReq, TestVerifyBLockCiperCleanUp, &mAes128CbcTestCtx}, { "TestVerifyAes128Cbc()", "CryptoPkg.BaseCryptLib.BlockCipher", TestVerifyBLockCiper, TestVerifyBLockCiperPreReq, TestVerifyBLockCiperCleanUp, &mAes128CbcTestCtx },
// These are commented out as these functions have been deprecated, but they have been left in for future reference // These are commented out as these functions have been deprecated, but they have been left in for future reference
//{"TestVerifyTdesEcb()", "CryptoPkg.BaseCryptLib.BlockCipher", TestVerifyBLockCiper, TestVerifyBLockCiperPreReq, TestVerifyBLockCiperCleanUp, &mTdesEcbTestCtx}, // {"TestVerifyTdesEcb()", "CryptoPkg.BaseCryptLib.BlockCipher", TestVerifyBLockCiper, TestVerifyBLockCiperPreReq, TestVerifyBLockCiperCleanUp, &mTdesEcbTestCtx},
//{"TestVerifyTdesCbc()", "CryptoPkg.BaseCryptLib.BlockCipher", TestVerifyBLockCiper, TestVerifyBLockCiperPreReq, TestVerifyBLockCiperCleanUp, &mTdesCbcTestCtx}, // {"TestVerifyTdesCbc()", "CryptoPkg.BaseCryptLib.BlockCipher", TestVerifyBLockCiper, TestVerifyBLockCiperPreReq, TestVerifyBLockCiperCleanUp, &mTdesCbcTestCtx},
//{"TestVerifyAes128Ecb()", "CryptoPkg.BaseCryptLib.BlockCipher", TestVerifyBLockCiper, TestVerifyBLockCiperPreReq, TestVerifyBLockCiperCleanUp, &mAes128EcbTestCtx}, // {"TestVerifyAes128Ecb()", "CryptoPkg.BaseCryptLib.BlockCipher", TestVerifyBLockCiper, TestVerifyBLockCiperPreReq, TestVerifyBLockCiperCleanUp, &mAes128EcbTestCtx},
//{"TestVerifyAes192Ecb()", "CryptoPkg.BaseCryptLib.BlockCipher", TestVerifyBLockCiper, TestVerifyBLockCiperPreReq, TestVerifyBLockCiperCleanUp, &mAes192EcbTestCtx}, // {"TestVerifyAes192Ecb()", "CryptoPkg.BaseCryptLib.BlockCipher", TestVerifyBLockCiper, TestVerifyBLockCiperPreReq, TestVerifyBLockCiperCleanUp, &mAes192EcbTestCtx},
//{"TestVerifyAes256Ecb()", "CryptoPkg.BaseCryptLib.BlockCipher", TestVerifyBLockCiper, TestVerifyBLockCiperPreReq, TestVerifyBLockCiperCleanUp, &mAes256EcbTestCtx}, // {"TestVerifyAes256Ecb()", "CryptoPkg.BaseCryptLib.BlockCipher", TestVerifyBLockCiper, TestVerifyBLockCiperPreReq, TestVerifyBLockCiperCleanUp, &mAes256EcbTestCtx},
//{"TestVerifyArc4()", "CryptoPkg.BaseCryptLib.BlockCipher", TestVerifyBLockCiper, TestVerifyBLockCiperPreReq, TestVerifyBLockCiperCleanUp, &mArc4TestCtx}, // {"TestVerifyArc4()", "CryptoPkg.BaseCryptLib.BlockCipher", TestVerifyBLockCiper, TestVerifyBLockCiperPreReq, TestVerifyBLockCiperCleanUp, &mArc4TestCtx},
}; };
UINTN mBlockCipherTestNum = ARRAY_SIZE(mBlockCipherTest); UINTN mBlockCipherTestNum = ARRAY_SIZE (mBlockCipherTest);

5
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/DhTests.c
View File

@ -40,6 +40,7 @@ TestVerifyDhCleanUp (
DhFree (mDh1); DhFree (mDh1);
mDh1 = NULL; mDh1 = NULL;
} }
if (mDh2 != NULL) { if (mDh2 != NULL) {
DhFree (mDh2); DhFree (mDh2);
mDh2 = NULL; mDh2 = NULL;
@ -100,7 +101,7 @@ TEST_DESC mDhTest[] = {
// //
// -----Description--------------------------------Class---------------------Function----------------Pre-----------------Post------------Context // -----Description--------------------------------Class---------------------Function----------------Pre-----------------Post------------Context
// //
{"TestVerifyDhGenerateKey()", "CryptoPkg.BaseCryptLib.Dh", TestVerifyDhGenerateKey, TestVerifyDhPreReq, TestVerifyDhCleanUp, NULL}, { "TestVerifyDhGenerateKey()", "CryptoPkg.BaseCryptLib.Dh", TestVerifyDhGenerateKey, TestVerifyDhPreReq, TestVerifyDhCleanUp, NULL },
}; };
UINTN mDhTestNum = ARRAY_SIZE(mDhTest); UINTN mDhTestNum = ARRAY_SIZE (mDhTest);

46
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HashTests.c
View File

@ -24,7 +24,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8 *HashData = "abc";
#ifdef ENABLE_MD5_DEPRECATED_INTERFACES #ifdef ENABLE_MD5_DEPRECATED_INTERFACES
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Md5Digest[MD5_DIGEST_SIZE] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Md5Digest[MD5_DIGEST_SIZE] = {
0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0, 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72 0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0, 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72
}; };
#endif #endif
// //
@ -33,7 +33,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Md5Digest[MD5_DIGEST_SIZE] = {
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Sha1Digest[SHA1_DIGEST_SIZE] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Sha1Digest[SHA1_DIGEST_SIZE] = {
0xa9, 0x99, 0x3e, 0x36, 0x47, 0x06, 0x81, 0x6a, 0xba, 0x3e, 0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c, 0xa9, 0x99, 0x3e, 0x36, 0x47, 0x06, 0x81, 0x6a, 0xba, 0x3e, 0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c,
0x9c, 0xd0, 0xd8, 0x9d 0x9c, 0xd0, 0xd8, 0x9d
}; };
// //
// Result for SHA-256("abc"). (From "B.1 SHA-256 Example" of NIST FIPS 180-2) // Result for SHA-256("abc"). (From "B.1 SHA-256 Example" of NIST FIPS 180-2)
@ -41,7 +41,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Sha1Digest[SHA1_DIGEST_SIZE] = {
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Sha256Digest[SHA256_DIGEST_SIZE] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Sha256Digest[SHA256_DIGEST_SIZE] = {
0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23, 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
}; };
// //
// Result for SHA-384("abc"). (From "D.1 SHA-384 Example" of NIST FIPS 180-2) // Result for SHA-384("abc"). (From "D.1 SHA-384 Example" of NIST FIPS 180-2)
@ -50,7 +50,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Sha384Digest[SHA384_DIGEST_SIZE] = {
0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b, 0xb5, 0xa0, 0x3d, 0x69, 0x9a, 0xc6, 0x50, 0x07, 0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b, 0xb5, 0xa0, 0x3d, 0x69, 0x9a, 0xc6, 0x50, 0x07,
0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63, 0x1a, 0x8b, 0x60, 0x5a, 0x43, 0xff, 0x5b, 0xed, 0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63, 0x1a, 0x8b, 0x60, 0x5a, 0x43, 0xff, 0x5b, 0xed,
0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23, 0x58, 0xba, 0xec, 0xa1, 0x34, 0xc8, 0x25, 0xa7 0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23, 0x58, 0xba, 0xec, 0xa1, 0x34, 0xc8, 0x25, 0xa7
}; };
// //
// Result for SHA-512("abc"). (From "C.1 SHA-512 Example" of NIST FIPS 180-2) // Result for SHA-512("abc"). (From "C.1 SHA-512 Example" of NIST FIPS 180-2)
@ -60,23 +60,23 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Sha512Digest[SHA512_DIGEST_SIZE] = {
0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2, 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a, 0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2, 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a,
0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8, 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd, 0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8, 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd,
0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e, 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f 0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e, 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f
}; };
typedef typedef
UINTN UINTN
(EFIAPI *EFI_HASH_GET_CONTEXT_SIZE) ( (EFIAPI *EFI_HASH_GET_CONTEXT_SIZE)(
VOID VOID
); );
typedef typedef
BOOLEAN BOOLEAN
(EFIAPI *EFI_HASH_INIT) ( (EFIAPI *EFI_HASH_INIT)(
OUT VOID *HashContext OUT VOID *HashContext
); );
typedef typedef
BOOLEAN BOOLEAN
(EFIAPI *EFI_HASH_UPDATE) ( (EFIAPI *EFI_HASH_UPDATE)(
IN OUT VOID *HashContext, IN OUT VOID *HashContext,
IN CONST VOID *Data, IN CONST VOID *Data,
IN UINTN DataSize IN UINTN DataSize
@ -84,14 +84,14 @@ BOOLEAN
typedef typedef
BOOLEAN BOOLEAN
(EFIAPI *EFI_HASH_FINAL) ( (EFIAPI *EFI_HASH_FINAL)(
IN OUT VOID *HashContext, IN OUT VOID *HashContext,
OUT UINT8 *HashValue OUT UINT8 *HashValue
); );
typedef typedef
BOOLEAN BOOLEAN
(EFIAPI *EFI_HASH_ALL) ( (EFIAPI *EFI_HASH_ALL)(
IN CONST VOID *Data, IN CONST VOID *Data,
IN UINTN DataSize, IN UINTN DataSize,
OUT UINT8 *HashValue OUT UINT8 *HashValue
@ -109,12 +109,12 @@ typedef struct {
} HASH_TEST_CONTEXT; } HASH_TEST_CONTEXT;
#ifdef ENABLE_MD5_DEPRECATED_INTERFACES #ifdef ENABLE_MD5_DEPRECATED_INTERFACES
HASH_TEST_CONTEXT mMd5TestCtx = {MD5_DIGEST_SIZE, Md5GetContextSize, Md5Init, Md5Update, Md5Final, Md5HashAll, Md5Digest}; HASH_TEST_CONTEXT mMd5TestCtx = { MD5_DIGEST_SIZE, Md5GetContextSize, Md5Init, Md5Update, Md5Final, Md5HashAll, Md5Digest };
#endif #endif
HASH_TEST_CONTEXT mSha1TestCtx = {SHA1_DIGEST_SIZE, Sha1GetContextSize, Sha1Init, Sha1Update, Sha1Final, Sha1HashAll, Sha1Digest}; HASH_TEST_CONTEXT mSha1TestCtx = { SHA1_DIGEST_SIZE, Sha1GetContextSize, Sha1Init, Sha1Update, Sha1Final, Sha1HashAll, Sha1Digest };
HASH_TEST_CONTEXT mSha256TestCtx = {SHA256_DIGEST_SIZE, Sha256GetContextSize, Sha256Init, Sha256Update, Sha256Final, Sha256HashAll, Sha256Digest}; HASH_TEST_CONTEXT mSha256TestCtx = { SHA256_DIGEST_SIZE, Sha256GetContextSize, Sha256Init, Sha256Update, Sha256Final, Sha256HashAll, Sha256Digest };
HASH_TEST_CONTEXT mSha384TestCtx = {SHA384_DIGEST_SIZE, Sha384GetContextSize, Sha384Init, Sha384Update, Sha384Final, Sha384HashAll, Sha384Digest}; HASH_TEST_CONTEXT mSha384TestCtx = { SHA384_DIGEST_SIZE, Sha384GetContextSize, Sha384Init, Sha384Update, Sha384Final, Sha384HashAll, Sha384Digest };
HASH_TEST_CONTEXT mSha512TestCtx = {SHA512_DIGEST_SIZE, Sha512GetContextSize, Sha512Init, Sha512Update, Sha512Final, Sha512HashAll, Sha512Digest}; HASH_TEST_CONTEXT mSha512TestCtx = { SHA512_DIGEST_SIZE, Sha512GetContextSize, Sha512Init, Sha512Update, Sha512Final, Sha512HashAll, Sha512Digest };
UNIT_TEST_STATUS UNIT_TEST_STATUS
EFIAPI EFIAPI
@ -190,13 +190,13 @@ TEST_DESC mHashTest[] = {
// //
// -----Description----------------Class---------------------Function---------------Pre------------------Post------------Context // -----Description----------------Class---------------------Function---------------Pre------------------Post------------Context
// //
#ifdef ENABLE_MD5_DEPRECATED_INTERFACES #ifdef ENABLE_MD5_DEPRECATED_INTERFACES
{"TestVerifyMd5()", "CryptoPkg.BaseCryptLib.Hash", TestVerifyHash, TestVerifyHashPreReq, TestVerifyHashCleanUp, &mMd5TestCtx}, { "TestVerifyMd5()", "CryptoPkg.BaseCryptLib.Hash", TestVerifyHash, TestVerifyHashPreReq, TestVerifyHashCleanUp, &mMd5TestCtx },
#endif #endif
{"TestVerifySha1()", "CryptoPkg.BaseCryptLib.Hash", TestVerifyHash, TestVerifyHashPreReq, TestVerifyHashCleanUp, &mSha1TestCtx}, { "TestVerifySha1()", "CryptoPkg.BaseCryptLib.Hash", TestVerifyHash, TestVerifyHashPreReq, TestVerifyHashCleanUp, &mSha1TestCtx },
{"TestVerifySha256()", "CryptoPkg.BaseCryptLib.Hash", TestVerifyHash, TestVerifyHashPreReq, TestVerifyHashCleanUp, &mSha256TestCtx}, { "TestVerifySha256()", "CryptoPkg.BaseCryptLib.Hash", TestVerifyHash, TestVerifyHashPreReq, TestVerifyHashCleanUp, &mSha256TestCtx },
{"TestVerifySha384()", "CryptoPkg.BaseCryptLib.Hash", TestVerifyHash, TestVerifyHashPreReq, TestVerifyHashCleanUp, &mSha384TestCtx}, { "TestVerifySha384()", "CryptoPkg.BaseCryptLib.Hash", TestVerifyHash, TestVerifyHashPreReq, TestVerifyHashCleanUp, &mSha384TestCtx },
{"TestVerifySha512()", "CryptoPkg.BaseCryptLib.Hash", TestVerifyHash, TestVerifyHashPreReq, TestVerifyHashCleanUp, &mSha512TestCtx}, { "TestVerifySha512()", "CryptoPkg.BaseCryptLib.Hash", TestVerifyHash, TestVerifyHashPreReq, TestVerifyHashCleanUp, &mSha512TestCtx },
}; };
UINTN mHashTestNum = ARRAY_SIZE(mHashTest); UINTN mHashTestNum = ARRAY_SIZE (mHashTest);

40
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c
View File

@ -23,14 +23,14 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8 *HmacData = "Hi There";
// //
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacMd5Key[16] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacMd5Key[16] = {
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b
}; };
// //
// Result for HMAC-MD5("Hi There"). (From "2. Test Cases for HMAC-MD5" of IETF RFC2202) // Result for HMAC-MD5("Hi There"). (From "2. Test Cases for HMAC-MD5" of IETF RFC2202)
// //
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacMd5Digest[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacMd5Digest[] = {
0x92, 0x94, 0x72, 0x7a, 0x36, 0x38, 0xbb, 0x1c, 0x13, 0xf4, 0x8e, 0xf8, 0x15, 0x8b, 0xfc, 0x9d 0x92, 0x94, 0x72, 0x7a, 0x36, 0x38, 0xbb, 0x1c, 0x13, 0xf4, 0x8e, 0xf8, 0x15, 0x8b, 0xfc, 0x9d
}; };
// //
// Key value for HMAC-SHA-1 validation. (From "3. Test Cases for HMAC-SHA-1" of IETF RFC2202) // Key value for HMAC-SHA-1 validation. (From "3. Test Cases for HMAC-SHA-1" of IETF RFC2202)
@ -38,7 +38,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacMd5Digest[] = {
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha1Key[20] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha1Key[20] = {
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b 0x0b, 0x0b, 0x0b, 0x0b
}; };
// //
// Result for HMAC-SHA-1 ("Hi There"). (From "3. Test Cases for HMAC-SHA-1" of IETF RFC2202) // Result for HMAC-SHA-1 ("Hi There"). (From "3. Test Cases for HMAC-SHA-1" of IETF RFC2202)
@ -46,7 +46,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha1Key[20] = {
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha1Digest[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha1Digest[] = {
0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xe2, 0x8b, 0xc0, 0xb6, 0xfb, 0x37, 0x8c, 0x8e, 0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xe2, 0x8b, 0xc0, 0xb6, 0xfb, 0x37, 0x8c, 0x8e,
0xf1, 0x46, 0xbe, 0x00 0xf1, 0x46, 0xbe, 0x00
}; };
// //
// Key value for HMAC-SHA-256 validation. (From "4. Test Vectors" of IETF RFC4231) // Key value for HMAC-SHA-256 validation. (From "4. Test Vectors" of IETF RFC4231)
@ -54,7 +54,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha1Digest[] = {
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha256Key[20] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha256Key[20] = {
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b 0x0b, 0x0b, 0x0b, 0x0b
}; };
// //
// Result for HMAC-SHA-256 ("Hi There"). (From "4. Test Vectors" of IETF RFC4231) // Result for HMAC-SHA-256 ("Hi There"). (From "4. Test Vectors" of IETF RFC4231)
@ -62,17 +62,17 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha256Key[20] = {
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha256Digest[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha256Digest[] = {
0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf, 0x0b, 0xf1, 0x2b, 0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf, 0x0b, 0xf1, 0x2b,
0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7
}; };
typedef typedef
VOID* VOID *
(EFIAPI *EFI_HMAC_NEW) ( (EFIAPI *EFI_HMAC_NEW)(
VOID VOID
); );
typedef typedef
BOOLEAN BOOLEAN
(EFIAPI *EFI_HMAC_INIT) ( (EFIAPI *EFI_HMAC_INIT)(
IN OUT VOID *HashContext, IN OUT VOID *HashContext,
IN CONST UINT8 *Key, IN CONST UINT8 *Key,
IN UINTN KeySize IN UINTN KeySize
@ -80,7 +80,7 @@ BOOLEAN
typedef typedef
BOOLEAN BOOLEAN
(EFIAPI *EFI_HMAC_UPDATE) ( (EFIAPI *EFI_HMAC_UPDATE)(
IN OUT VOID *HashContext, IN OUT VOID *HashContext,
IN CONST VOID *Data, IN CONST VOID *Data,
IN UINTN DataSize IN UINTN DataSize
@ -88,7 +88,7 @@ BOOLEAN
typedef typedef
BOOLEAN BOOLEAN
(EFIAPI *EFI_HMAC_FINAL) ( (EFIAPI *EFI_HMAC_FINAL)(
IN OUT VOID *HashContext, IN OUT VOID *HashContext,
OUT UINT8 *HashValue OUT UINT8 *HashValue
); );
@ -106,10 +106,9 @@ typedef struct {
} HMAC_TEST_CONTEXT; } HMAC_TEST_CONTEXT;
// These functions have been deprecated but they've been left commented out for future reference // These functions have been deprecated but they've been left commented out for future reference
//HMAC_TEST_CONTEXT mHmacMd5TestCtx = {MD5_DIGEST_SIZE, HmacMd5New, HmacMd5SetKey, HmacMd5Update, HmacMd5Final, HmacMd5Key, sizeof(HmacMd5Key), HmacMd5Digest}; // HMAC_TEST_CONTEXT mHmacMd5TestCtx = {MD5_DIGEST_SIZE, HmacMd5New, HmacMd5SetKey, HmacMd5Update, HmacMd5Final, HmacMd5Key, sizeof(HmacMd5Key), HmacMd5Digest};
//HMAC_TEST_CONTEXT mHmacSha1TestCtx = {SHA1_DIGEST_SIZE, HmacSha1New, HmacSha1SetKey, HmacSha1Update, HmacSha1Final, HmacSha1Key, sizeof(HmacSha1Key), HmacSha1Digest}; // HMAC_TEST_CONTEXT mHmacSha1TestCtx = {SHA1_DIGEST_SIZE, HmacSha1New, HmacSha1SetKey, HmacSha1Update, HmacSha1Final, HmacSha1Key, sizeof(HmacSha1Key), HmacSha1Digest};
HMAC_TEST_CONTEXT mHmacSha256TestCtx = {SHA256_DIGEST_SIZE, HmacSha256New, HmacSha256SetKey, HmacSha256Update, HmacSha256Final, HmacSha256Key, sizeof(HmacSha256Key), HmacSha256Digest}; HMAC_TEST_CONTEXT mHmacSha256TestCtx = { SHA256_DIGEST_SIZE, HmacSha256New, HmacSha256SetKey, HmacSha256Update, HmacSha256Final, HmacSha256Key, sizeof (HmacSha256Key), HmacSha256Digest };
UNIT_TEST_STATUS UNIT_TEST_STATUS
EFIAPI EFIAPI
@ -120,7 +119,7 @@ TestVerifyHmacPreReq (
HMAC_TEST_CONTEXT *HmacTestContext; HMAC_TEST_CONTEXT *HmacTestContext;
HmacTestContext = Context; HmacTestContext = Context;
HmacTestContext->HmacCtx = HmacTestContext->HmacNew(); HmacTestContext->HmacCtx = HmacTestContext->HmacNew ();
if (HmacTestContext->HmacCtx == NULL) { if (HmacTestContext->HmacCtx == NULL) {
return UNIT_TEST_ERROR_TEST_FAILED; return UNIT_TEST_ERROR_TEST_FAILED;
} }
@ -174,11 +173,10 @@ TEST_DESC mHmacTest[] = {
// //
// -----Description---------------------Class---------------------Function---------------Pre------------------Post------------Context // -----Description---------------------Class---------------------Function---------------Pre------------------Post------------Context
// //
{"TestVerifyHmacSha256()", "CryptoPkg.BaseCryptLib.Hmac", TestVerifyHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacSha256TestCtx}, { "TestVerifyHmacSha256()", "CryptoPkg.BaseCryptLib.Hmac", TestVerifyHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacSha256TestCtx },
// These functions have been deprecated but they've been left commented out for future reference // These functions have been deprecated but they've been left commented out for future reference
//{"TestVerifyHmacMd5()", "CryptoPkg.BaseCryptLib.Hmac", TestVerifyHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacMd5TestCtx}, // {"TestVerifyHmacMd5()", "CryptoPkg.BaseCryptLib.Hmac", TestVerifyHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacMd5TestCtx},
//{"TestVerifyHmacSha1()", "CryptoPkg.BaseCryptLib.Hmac", TestVerifyHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacSha1TestCtx}, // {"TestVerifyHmacSha1()", "CryptoPkg.BaseCryptLib.Hmac", TestVerifyHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacSha1TestCtx},
}; };
UINTN mHmacTestNum = ARRAY_SIZE(mHmacTest); UINTN mHmacTestNum = ARRAY_SIZE (mHmacTest);

10
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/OaepEncryptTests.c
View File

@ -73,7 +73,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 SelfTestCert[] = {
0xF2, 0x6C, 0xCC, 0x57, 0x36, 0x20, 0x06, 0xE6, 0xA7, 0x24, 0x22, 0xB0, 0xB1, 0xC4, 0xBC, 0x2C, 0xF2, 0x6C, 0xCC, 0x57, 0x36, 0x20, 0x06, 0xE6, 0xA7, 0x24, 0x22, 0xB0, 0xB1, 0xC4, 0xBC, 0x2C,
0x5C, 0xCE, 0x92, 0x11, 0xFF, 0x6F, 0x8C, 0x14, 0x7E, 0xC4, 0x10, 0x02, 0xF6, 0x69, 0x86, 0x6D, 0x5C, 0xCE, 0x92, 0x11, 0xFF, 0x6F, 0x8C, 0x14, 0x7E, 0xC4, 0x10, 0x02, 0xF6, 0x69, 0x86, 0x6D,
0x5B, 0x64, 0x81, 0x13, 0x5B, 0x64, 0x81, 0x13,
}; };
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 PrivateKey[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 PrivateKey[] = {
0x30, 0x82, 0x04, 0xA4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xBC, 0xE4, 0x67, 0xDC, 0x30, 0x82, 0x04, 0xA4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xBC, 0xE4, 0x67, 0xDC,
@ -151,7 +151,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 PrivateKey[] = {
0x6E, 0x35, 0x24, 0xA6, 0xDA, 0x42, 0x63, 0xC6, 0xBF, 0xCA, 0xE8, 0x32, 0xFD, 0x61, 0xC0, 0x80, 0x6E, 0x35, 0x24, 0xA6, 0xDA, 0x42, 0x63, 0xC6, 0xBF, 0xCA, 0xE8, 0x32, 0xFD, 0x61, 0xC0, 0x80,
0x39, 0xD2, 0xB7, 0x0D, 0xF3, 0xA2, 0xF3, 0xE4, 0x49, 0x26, 0x89, 0xD0, 0xA0, 0x24, 0xC8, 0x27, 0x39, 0xD2, 0xB7, 0x0D, 0xF3, 0xA2, 0xF3, 0xE4, 0x49, 0x26, 0x89, 0xD0, 0xA0, 0x24, 0xC8, 0x27,
0x86, 0x10, 0x09, 0x88, 0x6C, 0x35, 0x60, 0xF2, 0x86, 0x10, 0x09, 0x88, 0x6C, 0x35, 0x60, 0xF2,
}; };
UNIT_TEST_STATUS UNIT_TEST_STATUS
EFIAPI EFIAPI
@ -300,9 +300,7 @@ TEST_DESC mOaepTest[] = {
// //
// -----Description--------------------------------------Class----------------------Function-----------------Pre---Post--Context // -----Description--------------------------------------Class----------------------Function-----------------Pre---Post--Context
// //
{"TestVerifyOaepEncrypt()", "CryptoPkg.BaseCryptLib.Pkcs1v2Encrypt", TestVerifyOaepEncrypt, NULL, NULL, NULL}, { "TestVerifyOaepEncrypt()", "CryptoPkg.BaseCryptLib.Pkcs1v2Encrypt", TestVerifyOaepEncrypt, NULL, NULL, NULL },
}; };
UINTN mOaepTestNum = ARRAY_SIZE(mOaepTest); UINTN mOaepTestNum = ARRAY_SIZE (mOaepTest);

9
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/Pkcs5Pbkdf2Tests.c
View File

@ -17,10 +17,11 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8 *Salt = "salt"; // Input Sal
GLOBAL_REMOVE_IF_UNREFERENCED UINTN SaltLen = 4; // Length of Input Salt GLOBAL_REMOVE_IF_UNREFERENCED UINTN SaltLen = 4; // Length of Input Salt
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN Count = 2; // InterationCount GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN Count = 2; // InterationCount
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN KeyLen = 20; // Length of derived key GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN KeyLen = 20; // Length of derived key
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 DerivedKey[] = { // Expected output key GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 DerivedKey[] = {
// Expected output key
0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c, 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0, 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c, 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
0xd8, 0xde, 0x89, 0x57 0xd8, 0xde, 0x89, 0x57
}; };
UNIT_TEST_STATUS UNIT_TEST_STATUS
EFIAPI EFIAPI
@ -65,7 +66,7 @@ TEST_DESC mPkcs5Test[] = {
// //
// -----Description------------------------------Class----------------------Function-----------------Pre---Post--Context // -----Description------------------------------Class----------------------Function-----------------Pre---Post--Context
// //
{"TestVerifyPkcs5Pbkdf2()", "CryptoPkg.BaseCryptLib.Pkcs5", TestVerifyPkcs5Pbkdf2, NULL, NULL, NULL}, { "TestVerifyPkcs5Pbkdf2()", "CryptoPkg.BaseCryptLib.Pkcs5", TestVerifyPkcs5Pbkdf2, NULL, NULL, NULL },
}; };
UINTN mPkcs5TestNum = ARRAY_SIZE(mPkcs5Test); UINTN mPkcs5TestNum = ARRAY_SIZE (mPkcs5Test);

2
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/Pkcs7EkuTestSignatures.h
View File

@ -24,7 +24,6 @@ Abstract:
signature files. signature files.
--*/ --*/
// //
// This is the ProductionECCSignature.p7b in byte array format. It has one // This is the ProductionECCSignature.p7b in byte array format. It has one
// EKU in it. (Firmware signing) // EKU in it. (Firmware signing)
@ -301,7 +300,6 @@ CONST UINT8 TestSignedWithMultipleEKUsInCert[] =
0xB5, 0xEA, 0xBA, 0x90, 0x51, 0xC0, 0xC6, 0x94, 0x09, 0xE4, 0xB7, 0x15, 0x3F, 0x07, 0x23, 0xE8, 0xB5, 0xEA, 0xBA, 0x90, 0x51, 0xC0, 0xC6, 0x94, 0x09, 0xE4, 0xB7, 0x15, 0x3F, 0x07, 0x23, 0xE8,
0x46, 0x93, 0xA5, 0x7B, 0x7A, 0x91, 0xDA, 0x8E, 0x7C, 0xAF, 0xBD, 0x41, 0xB9, 0xDE, 0x85, 0x04, 0x46, 0x93, 0xA5, 0x7B, 0x7A, 0x91, 0xDA, 0x8E, 0x7C, 0xAF, 0xBD, 0x41, 0xB9, 0xDE, 0x85, 0x04,
0xBC, 0x08, 0x6C, 0x08, 0x56, 0x16, 0xDB, 0xB5, 0xEE, 0x65, 0x76, 0xE9, 0x78, 0xD3, 0xDD, 0xD8, 0xBC, 0x08, 0x6C, 0x08, 0x56, 0x16, 0xDB, 0xB5, 0xEE, 0x65, 0x76, 0xE9, 0x78, 0xD3, 0xDD, 0xD8,
}; };
// //

247
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/Pkcs7EkuTests.c
View File

@ -57,17 +57,16 @@ VerifyEKUsInPkcs7Signature (
IN BOOLEAN RequireAllPresent IN BOOLEAN RequireAllPresent
); );
///================================================================================================ /// ================================================================================================
///================================================================================================ /// ================================================================================================
/// ///
/// TEST CASES /// TEST CASES
/// ///
///================================================================================================ /// ================================================================================================
///================================================================================================ /// ================================================================================================
CONST CHAR8 FIRMWARE_SIGNER_EKU[] = "1.3.6.1.4.1.311.76.9.21.1"; CONST CHAR8 FIRMWARE_SIGNER_EKU[] = "1.3.6.1.4.1.311.76.9.21.1";
/** /**
TestVerifyEKUsInSignature() TestVerifyEKUsInSignature()
@ -90,19 +89,20 @@ TestVerifyEKUsInSignature (
{ {
EFI_STATUS Status = EFI_SUCCESS; EFI_STATUS Status = EFI_SUCCESS;
CONST CHAR8* RequiredEKUs[] = { FIRMWARE_SIGNER_EKU }; CONST CHAR8 *RequiredEKUs[] = { FIRMWARE_SIGNER_EKU };
Status = VerifyEKUsInPkcs7Signature(ProductionECCSignature, Status = VerifyEKUsInPkcs7Signature (
ARRAY_SIZE(ProductionECCSignature), ProductionECCSignature,
(CONST CHAR8**)RequiredEKUs, ARRAY_SIZE (ProductionECCSignature),
ARRAY_SIZE(RequiredEKUs), (CONST CHAR8 **)RequiredEKUs,
TRUE); ARRAY_SIZE (RequiredEKUs),
TRUE
);
UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS); UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS);
return UNIT_TEST_PASSED; return UNIT_TEST_PASSED;
}// TestVerifyEKUsInSignature() }// TestVerifyEKUsInSignature()
/** /**
TestVerifyEKUsWith3CertsInSignature() TestVerifyEKUsWith3CertsInSignature()
@ -125,13 +125,15 @@ TestVerifyEKUsWith3CertsInSignature (
{ {
EFI_STATUS Status = EFI_SUCCESS; EFI_STATUS Status = EFI_SUCCESS;
CONST CHAR8* RequiredEKUs[] = { FIRMWARE_SIGNER_EKU }; CONST CHAR8 *RequiredEKUs[] = { FIRMWARE_SIGNER_EKU };
Status = VerifyEKUsInPkcs7Signature(TestSignEKUsWith3CertsInSignature, Status = VerifyEKUsInPkcs7Signature (
ARRAY_SIZE(TestSignEKUsWith3CertsInSignature), TestSignEKUsWith3CertsInSignature,
(CONST CHAR8**)RequiredEKUs, ARRAY_SIZE (TestSignEKUsWith3CertsInSignature),
ARRAY_SIZE(RequiredEKUs), (CONST CHAR8 **)RequiredEKUs,
TRUE); ARRAY_SIZE (RequiredEKUs),
TRUE
);
UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS); UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS);
return UNIT_TEST_PASSED; return UNIT_TEST_PASSED;
@ -158,19 +160,20 @@ TestVerifyEKUsWith2CertsInSignature (
{ {
EFI_STATUS Status = EFI_SUCCESS; EFI_STATUS Status = EFI_SUCCESS;
CONST CHAR8* RequiredEKUs[] = { FIRMWARE_SIGNER_EKU }; CONST CHAR8 *RequiredEKUs[] = { FIRMWARE_SIGNER_EKU };
Status = VerifyEKUsInPkcs7Signature(TestSignEKUsWith2CertsInSignature, Status = VerifyEKUsInPkcs7Signature (
ARRAY_SIZE(TestSignEKUsWith2CertsInSignature), TestSignEKUsWith2CertsInSignature,
(CONST CHAR8**)RequiredEKUs, ARRAY_SIZE (TestSignEKUsWith2CertsInSignature),
ARRAY_SIZE(RequiredEKUs), (CONST CHAR8 **)RequiredEKUs,
TRUE); ARRAY_SIZE (RequiredEKUs),
TRUE
);
UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS); UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS);
return UNIT_TEST_PASSED; return UNIT_TEST_PASSED;
}// TestVerifyEKUsWith2CertsInSignature() }// TestVerifyEKUsWith2CertsInSignature()
/** /**
TestVerifyEKUsWith1CertInSignature() TestVerifyEKUsWith1CertInSignature()
@ -192,19 +195,20 @@ TestVerifyEKUsWith1CertInSignature (
{ {
EFI_STATUS Status = EFI_SUCCESS; EFI_STATUS Status = EFI_SUCCESS;
CONST CHAR8* RequiredEKUs[] = { FIRMWARE_SIGNER_EKU }; CONST CHAR8 *RequiredEKUs[] = { FIRMWARE_SIGNER_EKU };
Status = VerifyEKUsInPkcs7Signature(TestSignEKUsWith1CertInSignature, Status = VerifyEKUsInPkcs7Signature (
ARRAY_SIZE(TestSignEKUsWith1CertInSignature), TestSignEKUsWith1CertInSignature,
(CONST CHAR8**)RequiredEKUs, ARRAY_SIZE (TestSignEKUsWith1CertInSignature),
ARRAY_SIZE(RequiredEKUs), (CONST CHAR8 **)RequiredEKUs,
TRUE); ARRAY_SIZE (RequiredEKUs),
TRUE
);
UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS); UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS);
return UNIT_TEST_PASSED; return UNIT_TEST_PASSED;
}// TestVerifyEKUsWith1CertInSignature() }// TestVerifyEKUsWith1CertInSignature()
/** /**
TestVerifyEKUsWithMultipleEKUsInCert() TestVerifyEKUsWithMultipleEKUsInCert()
@ -229,20 +233,23 @@ TestVerifyEKUsWithMultipleEKUsInCert (
{ {
EFI_STATUS Status = EFI_SUCCESS; EFI_STATUS Status = EFI_SUCCESS;
CONST CHAR8* RequiredEKUs[] = { "1.3.6.1.4.1.311.76.9.21.1", CONST CHAR8 *RequiredEKUs[] = {
"1.3.6.1.4.1.311.76.9.21.1.2" }; "1.3.6.1.4.1.311.76.9.21.1",
"1.3.6.1.4.1.311.76.9.21.1.2"
};
Status = VerifyEKUsInPkcs7Signature(TestSignedWithMultipleEKUsInCert, Status = VerifyEKUsInPkcs7Signature (
ARRAY_SIZE(TestSignedWithMultipleEKUsInCert), TestSignedWithMultipleEKUsInCert,
(CONST CHAR8**)RequiredEKUs, ARRAY_SIZE (TestSignedWithMultipleEKUsInCert),
ARRAY_SIZE(RequiredEKUs), (CONST CHAR8 **)RequiredEKUs,
TRUE); ARRAY_SIZE (RequiredEKUs),
TRUE
);
UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS); UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS);
return UNIT_TEST_PASSED; return UNIT_TEST_PASSED;
}// TestVerifyEKUsWithMultipleEKUsInCert() }// TestVerifyEKUsWithMultipleEKUsInCert()
/** /**
TestEkusNotPresentInSignature() TestEkusNotPresentInSignature()
@ -267,13 +274,15 @@ TestEkusNotPresentInSignature (
// //
// This EKU is not in the signature. // This EKU is not in the signature.
// //
CONST CHAR8* RequiredEKUs[] = { "1.3.6.1.4.1.311.76.9.21.3" }; CONST CHAR8 *RequiredEKUs[] = { "1.3.6.1.4.1.311.76.9.21.3" };
Status = VerifyEKUsInPkcs7Signature(TestSignedWithMultipleEKUsInCert, Status = VerifyEKUsInPkcs7Signature (
ARRAY_SIZE(TestSignedWithMultipleEKUsInCert), TestSignedWithMultipleEKUsInCert,
(CONST CHAR8**)RequiredEKUs, ARRAY_SIZE (TestSignedWithMultipleEKUsInCert),
ARRAY_SIZE(RequiredEKUs), (CONST CHAR8 **)RequiredEKUs,
TRUE); ARRAY_SIZE (RequiredEKUs),
TRUE
);
UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS); UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS);
return UNIT_TEST_PASSED; return UNIT_TEST_PASSED;
@ -292,33 +301,35 @@ TestEkusNotPresentInSignature (
@retval UNIT_TEST_PASSED - The required EKUs were found in the signature. @retval UNIT_TEST_PASSED - The required EKUs were found in the signature.
@retval UNIT_TEST_ERROR_TEST_FAILED - Something failed, check the debug output. @retval UNIT_TEST_ERROR_TEST_FAILED - Something failed, check the debug output.
**/ **/
static static
UNIT_TEST_STATUS UNIT_TEST_STATUS
EFIAPI EFIAPI
TestProductId10001PresentInSignature( TestProductId10001PresentInSignature (
IN UNIT_TEST_CONTEXT Context IN UNIT_TEST_CONTEXT Context
) )
{ {
EFI_STATUS Status = EFI_SUCCESS; EFI_STATUS Status = EFI_SUCCESS;
// //
// These EKU's are present in the leaf signer certificate. // These EKU's are present in the leaf signer certificate.
// //
CONST CHAR8* RequiredEKUs[] = { "1.3.6.1.4.1.311.76.9.21.1", CONST CHAR8 *RequiredEKUs[] = {
"1.3.6.1.4.1.311.76.9.21.1.10001" }; "1.3.6.1.4.1.311.76.9.21.1",
"1.3.6.1.4.1.311.76.9.21.1.10001"
};
Status = VerifyEKUsInPkcs7Signature(TestSignedWithProductId10001, Status = VerifyEKUsInPkcs7Signature (
ARRAY_SIZE(TestSignedWithProductId10001), TestSignedWithProductId10001,
(CONST CHAR8**)RequiredEKUs, ARRAY_SIZE (TestSignedWithProductId10001),
ARRAY_SIZE(RequiredEKUs), (CONST CHAR8 **)RequiredEKUs,
TRUE); ARRAY_SIZE (RequiredEKUs),
TRUE
);
UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS); UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS);
return UNIT_TEST_PASSED; return UNIT_TEST_PASSED;
}// TestProductId10001PresentInSignature() }// TestProductId10001PresentInSignature()
/** /**
TestOnlyOneEkuInListRequired() TestOnlyOneEkuInListRequired()
@ -337,13 +348,12 @@ TestProductId10001PresentInSignature(
@retval UNIT_TEST_PASSED - The required EKUs were found in the signature. @retval UNIT_TEST_PASSED - The required EKUs were found in the signature.
@retval UNIT_TEST_ERROR_TEST_FAILED - Something failed, check the debug output. @retval UNIT_TEST_ERROR_TEST_FAILED - Something failed, check the debug output.
**/ **/
static static
UNIT_TEST_STATUS UNIT_TEST_STATUS
EFIAPI EFIAPI
TestOnlyOneEkuInListRequired( TestOnlyOneEkuInListRequired (
IN UNIT_TEST_CONTEXT Context IN UNIT_TEST_CONTEXT Context
) )
{ {
EFI_STATUS Status = EFI_SUCCESS; EFI_STATUS Status = EFI_SUCCESS;
@ -351,13 +361,15 @@ TestOnlyOneEkuInListRequired(
// This will test the flag that specifies it is OK to succeed if // This will test the flag that specifies it is OK to succeed if
// any one of the EKU's passed in is found. // any one of the EKU's passed in is found.
// //
CONST CHAR8* RequiredEKUs[] = { "1.3.6.1.4.1.311.76.9.21.1.10001" }; CONST CHAR8 *RequiredEKUs[] = { "1.3.6.1.4.1.311.76.9.21.1.10001" };
Status = VerifyEKUsInPkcs7Signature(TestSignedWithProductId10001, Status = VerifyEKUsInPkcs7Signature (
ARRAY_SIZE(TestSignedWithProductId10001), TestSignedWithProductId10001,
(CONST CHAR8**)RequiredEKUs, ARRAY_SIZE (TestSignedWithProductId10001),
ARRAY_SIZE(RequiredEKUs), (CONST CHAR8 **)RequiredEKUs,
FALSE); ARRAY_SIZE (RequiredEKUs),
FALSE
);
UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS); UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS);
return UNIT_TEST_PASSED; return UNIT_TEST_PASSED;
@ -376,32 +388,32 @@ TestOnlyOneEkuInListRequired(
@retval UNIT_TEST_PASSED - The required EKUs were found in the signature. @retval UNIT_TEST_PASSED - The required EKUs were found in the signature.
@retval UNIT_TEST_ERROR_TEST_FAILED - Something failed, check the debug output. @retval UNIT_TEST_ERROR_TEST_FAILED - Something failed, check the debug output.
**/ **/
static static
UNIT_TEST_STATUS UNIT_TEST_STATUS
EFIAPI EFIAPI
TestNoEKUsInSignature( TestNoEKUsInSignature (
IN UNIT_TEST_CONTEXT Context IN UNIT_TEST_CONTEXT Context
) )
{ {
EFI_STATUS Status = EFI_SUCCESS; EFI_STATUS Status = EFI_SUCCESS;
// //
// This EKU is not in the certificate, so it should fail. // This EKU is not in the certificate, so it should fail.
// //
CONST CHAR8* RequiredEKUs[] = { "1.3.6.1.4.1.311.76.9.21.1" }; CONST CHAR8 *RequiredEKUs[] = { "1.3.6.1.4.1.311.76.9.21.1" };
Status = VerifyEKUsInPkcs7Signature(TestSignatureWithNoEKUsPresent, Status = VerifyEKUsInPkcs7Signature (
ARRAY_SIZE(TestSignatureWithNoEKUsPresent), TestSignatureWithNoEKUsPresent,
(CONST CHAR8**)RequiredEKUs, ARRAY_SIZE (TestSignatureWithNoEKUsPresent),
ARRAY_SIZE(RequiredEKUs), (CONST CHAR8 **)RequiredEKUs,
TRUE); ARRAY_SIZE (RequiredEKUs),
TRUE
);
UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS); UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS);
return UNIT_TEST_PASSED; return UNIT_TEST_PASSED;
}// TestNoEKUsInSignature() }// TestNoEKUsInSignature()
/** /**
TestInvalidParameters() TestInvalidParameters()
@ -416,38 +428,41 @@ TestNoEKUsInSignature(
static static
UNIT_TEST_STATUS UNIT_TEST_STATUS
EFIAPI EFIAPI
TestInvalidParameters( TestInvalidParameters (
IN UNIT_TEST_CONTEXT Context IN UNIT_TEST_CONTEXT Context
) )
{ {
EFI_STATUS Status = EFI_SUCCESS; EFI_STATUS Status = EFI_SUCCESS;
CONST CHAR8* RequiredEKUs[] = { "1.3.6.1.4.1.311.76.9.21.1" }; CONST CHAR8 *RequiredEKUs[] = { "1.3.6.1.4.1.311.76.9.21.1" };
// //
// Check bad signature. // Check bad signature.
// //
Status = VerifyEKUsInPkcs7Signature(NULL, Status = VerifyEKUsInPkcs7Signature (
NULL,
0, 0,
(CONST CHAR8**)RequiredEKUs, (CONST CHAR8 **)RequiredEKUs,
ARRAY_SIZE(RequiredEKUs), ARRAY_SIZE (RequiredEKUs),
TRUE); TRUE
);
UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER); UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);
// //
// Check invalid EKU's // Check invalid EKU's
// //
Status = VerifyEKUsInPkcs7Signature(TestSignatureWithNoEKUsPresent, Status = VerifyEKUsInPkcs7Signature (
ARRAY_SIZE(TestSignatureWithNoEKUsPresent), TestSignatureWithNoEKUsPresent,
(CONST CHAR8**)NULL, ARRAY_SIZE (TestSignatureWithNoEKUsPresent),
(CONST CHAR8 **)NULL,
0, 0,
TRUE); TRUE
);
UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER); UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);
return UNIT_TEST_PASSED; return UNIT_TEST_PASSED;
}// TestInvalidParameters() }// TestInvalidParameters()
/** /**
TestEKUSubStringFails() TestEKUSubStringFails()
@ -463,9 +478,9 @@ TestInvalidParameters(
static static
UNIT_TEST_STATUS UNIT_TEST_STATUS
EFIAPI EFIAPI
TestEKUSubsetSupersetFails( TestEKUSubsetSupersetFails (
IN UNIT_TEST_CONTEXT Context IN UNIT_TEST_CONTEXT Context
) )
{ {
EFI_STATUS Status = EFI_SUCCESS; EFI_STATUS Status = EFI_SUCCESS;
@ -476,13 +491,15 @@ TestEKUSubsetSupersetFails(
// "1.3.6.1.4.1.311.76.9.21" // "1.3.6.1.4.1.311.76.9.21"
// does not pass. // does not pass.
// //
CONST CHAR8* RequiredEKUs1[] = { "1.3.6.1.4.1.311.76.9.21" }; CONST CHAR8 *RequiredEKUs1[] = { "1.3.6.1.4.1.311.76.9.21" };
Status = VerifyEKUsInPkcs7Signature(TestSignedWithProductId10001, Status = VerifyEKUsInPkcs7Signature (
ARRAY_SIZE(TestSignedWithProductId10001), TestSignedWithProductId10001,
(CONST CHAR8**)RequiredEKUs1, ARRAY_SIZE (TestSignedWithProductId10001),
ARRAY_SIZE(RequiredEKUs1), (CONST CHAR8 **)RequiredEKUs1,
TRUE); ARRAY_SIZE (RequiredEKUs1),
TRUE
);
UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS); UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS);
// //
@ -492,13 +509,15 @@ TestEKUSubsetSupersetFails(
// "1.3.6.1.4.1.311.76.9.21.1.10001.1" // "1.3.6.1.4.1.311.76.9.21.1.10001.1"
// does not pass. // does not pass.
// //
CONST CHAR8* RequiredEKUs2[] = { "1.3.6.1.4.1.311.76.9.21.1.10001.1" }; CONST CHAR8 *RequiredEKUs2[] = { "1.3.6.1.4.1.311.76.9.21.1.10001.1" };
Status = VerifyEKUsInPkcs7Signature(TestSignedWithProductId10001, Status = VerifyEKUsInPkcs7Signature (
ARRAY_SIZE(TestSignedWithProductId10001), TestSignedWithProductId10001,
(CONST CHAR8**)RequiredEKUs2, ARRAY_SIZE (TestSignedWithProductId10001),
ARRAY_SIZE(RequiredEKUs2), (CONST CHAR8 **)RequiredEKUs2,
TRUE); ARRAY_SIZE (RequiredEKUs2),
TRUE
);
UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS); UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS);
return UNIT_TEST_PASSED; return UNIT_TEST_PASSED;
@ -508,17 +527,17 @@ TEST_DESC mPkcs7EkuTest[] = {
// //
// -----Description--------------------------------Class----------------------------Function------------------------------Pre---Post--Context // -----Description--------------------------------Class----------------------------Function------------------------------Pre---Post--Context
// //
{"TestVerifyEKUsInSignature()", "CryptoPkg.BaseCryptLib.Eku", TestVerifyEKUsInSignature, NULL, NULL, NULL}, { "TestVerifyEKUsInSignature()", "CryptoPkg.BaseCryptLib.Eku", TestVerifyEKUsInSignature, NULL, NULL, NULL },
{"TestVerifyEKUsWith3CertsInSignature()", "CryptoPkg.BaseCryptLib.Eku", TestVerifyEKUsWith3CertsInSignature, NULL, NULL, NULL}, { "TestVerifyEKUsWith3CertsInSignature()", "CryptoPkg.BaseCryptLib.Eku", TestVerifyEKUsWith3CertsInSignature, NULL, NULL, NULL },
{"TestVerifyEKUsWith2CertsInSignature()", "CryptoPkg.BaseCryptLib.Eku", TestVerifyEKUsWith2CertsInSignature, NULL, NULL, NULL}, { "TestVerifyEKUsWith2CertsInSignature()", "CryptoPkg.BaseCryptLib.Eku", TestVerifyEKUsWith2CertsInSignature, NULL, NULL, NULL },
{"TestVerifyEKUsWith1CertInSignature()", "CryptoPkg.BaseCryptLib.Eku", TestVerifyEKUsWith1CertInSignature, NULL, NULL, NULL}, { "TestVerifyEKUsWith1CertInSignature()", "CryptoPkg.BaseCryptLib.Eku", TestVerifyEKUsWith1CertInSignature, NULL, NULL, NULL },
{"TestVerifyEKUsWithMultipleEKUsInCert()", "CryptoPkg.BaseCryptLib.Eku", TestVerifyEKUsWithMultipleEKUsInCert, NULL, NULL, NULL}, { "TestVerifyEKUsWithMultipleEKUsInCert()", "CryptoPkg.BaseCryptLib.Eku", TestVerifyEKUsWithMultipleEKUsInCert, NULL, NULL, NULL },
{"TestEkusNotPresentInSignature()", "CryptoPkg.BaseCryptLib.Eku", TestEkusNotPresentInSignature, NULL, NULL, NULL}, { "TestEkusNotPresentInSignature()", "CryptoPkg.BaseCryptLib.Eku", TestEkusNotPresentInSignature, NULL, NULL, NULL },
{"TestProductId10001PresentInSignature()", "CryptoPkg.BaseCryptLib.Eku", TestProductId10001PresentInSignature, NULL, NULL, NULL}, { "TestProductId10001PresentInSignature()", "CryptoPkg.BaseCryptLib.Eku", TestProductId10001PresentInSignature, NULL, NULL, NULL },
{"TestOnlyOneEkuInListRequired()", "CryptoPkg.BaseCryptLib.Eku", TestOnlyOneEkuInListRequired, NULL, NULL, NULL}, { "TestOnlyOneEkuInListRequired()", "CryptoPkg.BaseCryptLib.Eku", TestOnlyOneEkuInListRequired, NULL, NULL, NULL },
{"TestNoEKUsInSignature()", "CryptoPkg.BaseCryptLib.Eku", TestNoEKUsInSignature, NULL, NULL, NULL}, { "TestNoEKUsInSignature()", "CryptoPkg.BaseCryptLib.Eku", TestNoEKUsInSignature, NULL, NULL, NULL },
{"TestInvalidParameters()", "CryptoPkg.BaseCryptLib.Eku", TestInvalidParameters, NULL, NULL, NULL}, { "TestInvalidParameters()", "CryptoPkg.BaseCryptLib.Eku", TestInvalidParameters, NULL, NULL, NULL },
{"TestEKUSubsetSupersetFails()", "CryptoPkg.BaseCryptLib.Eku", TestEKUSubsetSupersetFails, NULL, NULL, NULL}, { "TestEKUSubsetSupersetFails()", "CryptoPkg.BaseCryptLib.Eku", TestEKUSubsetSupersetFails, NULL, NULL, NULL },
}; };
UINTN mPkcs7EkuTestNum = ARRAY_SIZE(mPkcs7EkuTest); UINTN mPkcs7EkuTestNum = ARRAY_SIZE (mPkcs7EkuTest);

6
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RandTests.c
View File

@ -28,7 +28,7 @@ TestVerifyPrngGeneration (
Status = RandomSeed (SeedString, sizeof (SeedString)); Status = RandomSeed (SeedString, sizeof (SeedString));
UT_ASSERT_TRUE (Status); UT_ASSERT_TRUE (Status);
for (Index = 0; Index < 10; Index ++) { for (Index = 0; Index < 10; Index++) {
Status = RandomBytes (RandomBuffer, RANDOM_NUMBER_SIZE); Status = RandomBytes (RandomBuffer, RANDOM_NUMBER_SIZE);
UT_ASSERT_TRUE (Status); UT_ASSERT_TRUE (Status);
@ -45,7 +45,7 @@ TEST_DESC mPrngTest[] = {
// //
// -----Description--------------------------------Class--------------------Function----------------Pre---Post--Context // -----Description--------------------------------Class--------------------Function----------------Pre---Post--Context
// //
{"TestVerifyPrngGeneration()", "CryptoPkg.BaseCryptLib.Prng", TestVerifyPrngGeneration, NULL, NULL, NULL}, { "TestVerifyPrngGeneration()", "CryptoPkg.BaseCryptLib.Prng", TestVerifyPrngGeneration, NULL, NULL, NULL },
}; };
UINTN mPrngTestNum = ARRAY_SIZE(mPrngTest); UINTN mPrngTestNum = ARRAY_SIZE (mPrngTest);

23
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaPkcs7Tests.c
View File

@ -9,7 +9,6 @@
#include "TestBaseCryptLib.h" #include "TestBaseCryptLib.h"
// //
// Password-protected PEM Key data for RSA Private Key Retrieving (encryption key is "client"). // Password-protected PEM Key data for RSA Private Key Retrieving (encryption key is "client").
// (Generated by OpenSSL utility). // (Generated by OpenSSL utility).
@ -99,7 +98,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TestKeyPem[] = {
0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x52, 0x53, 0x41, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x52, 0x53, 0x41,
0x20, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4b, 0x45, 0x59, 0x20, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4b, 0x45, 0x59,
0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a
}; };
// //
// Password for private key retrieving from encrypted PEM ("TestKeyPem"). // Password for private key retrieving from encrypted PEM ("TestKeyPem").
@ -234,14 +233,13 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TestCert[] = {
GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 MsgHash[] = { GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 MsgHash[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09
}; };
// //
// Payload for PKCS#7 Signing & Verification Validation. // Payload for PKCS#7 Signing & Verification Validation.
// //
GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8 *Payload = "Payload Data for PKCS#7 Signing"; GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8 *Payload = "Payload Data for PKCS#7 Signing";
UNIT_TEST_STATUS UNIT_TEST_STATUS
EFIAPI EFIAPI
TestVerifyRsaCertPkcs1SignVerify ( TestVerifyRsaCertPkcs1SignVerify (
@ -354,7 +352,7 @@ TestVerifyPkcs7SignVerify (
// //
// Construct Signer Certificate from RAW data. // Construct Signer Certificate from RAW data.
// //
Status = X509ConstructCertificate (TestCert, sizeof (TestCert), (UINT8 **) &SignCert); Status = X509ConstructCertificate (TestCert, sizeof (TestCert), (UINT8 **)&SignCert);
UT_ASSERT_TRUE (Status); UT_ASSERT_TRUE (Status);
UT_ASSERT_NOT_NULL (SignCert); UT_ASSERT_NOT_NULL (SignCert);
@ -365,8 +363,8 @@ TestVerifyPkcs7SignVerify (
Status = Pkcs7Sign ( Status = Pkcs7Sign (
TestKeyPem, TestKeyPem,
sizeof (TestKeyPem), sizeof (TestKeyPem),
(CONST UINT8 *) PemPass, (CONST UINT8 *)PemPass,
(UINT8 *) Payload, (UINT8 *)Payload,
AsciiStrLen (Payload), AsciiStrLen (Payload),
SignCert, SignCert,
NULL, NULL,
@ -381,7 +379,7 @@ TestVerifyPkcs7SignVerify (
P7SignedDataSize, P7SignedDataSize,
TestCACert, TestCACert,
sizeof (TestCACert), sizeof (TestCACert),
(UINT8 *) Payload, (UINT8 *)Payload,
AsciiStrLen (Payload) AsciiStrLen (Payload)
); );
UT_ASSERT_TRUE (Status); UT_ASSERT_TRUE (Status);
@ -389,6 +387,7 @@ TestVerifyPkcs7SignVerify (
if (P7SignedData != NULL) { if (P7SignedData != NULL) {
FreePool (P7SignedData); FreePool (P7SignedData);
} }
if (SignCert != NULL) { if (SignCert != NULL) {
X509Free (SignCert); X509Free (SignCert);
} }
@ -400,16 +399,16 @@ TEST_DESC mRsaCertTest[] = {
// //
// -----Description--------------------------------------Class----------------------Function-----------------Pre---Post--Context // -----Description--------------------------------------Class----------------------Function-----------------Pre---Post--Context
// //
{"TestVerifyRsaCertPkcs1SignVerify()", "CryptoPkg.BaseCryptLib.RsaCert", TestVerifyRsaCertPkcs1SignVerify, NULL, NULL, NULL}, { "TestVerifyRsaCertPkcs1SignVerify()", "CryptoPkg.BaseCryptLib.RsaCert", TestVerifyRsaCertPkcs1SignVerify, NULL, NULL, NULL },
}; };
UINTN mRsaCertTestNum = ARRAY_SIZE(mRsaCertTest); UINTN mRsaCertTestNum = ARRAY_SIZE (mRsaCertTest);
TEST_DESC mPkcs7Test[] = { TEST_DESC mPkcs7Test[] = {
// //
// -----Description--------------------------------------Class----------------------Function-----------------Pre---Post--Context // -----Description--------------------------------------Class----------------------Function-----------------Pre---Post--Context
// //
{"TestVerifyPkcs7SignVerify()", "CryptoPkg.BaseCryptLib.Pkcs7", TestVerifyPkcs7SignVerify, NULL, NULL, NULL}, { "TestVerifyPkcs7SignVerify()", "CryptoPkg.BaseCryptLib.Pkcs7", TestVerifyPkcs7SignVerify, NULL, NULL, NULL },
}; };
UINTN mPkcs7TestNum = ARRAY_SIZE(mPkcs7Test); UINTN mPkcs7TestNum = ARRAY_SIZE (mPkcs7Test);

39
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaPssTests.c
View File

@ -15,7 +15,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
// //
// Public Modulus of RSA Key // Public Modulus of RSA Key
// //
UINT8 RsaPssN[]={ UINT8 RsaPssN[] = {
0xa4, 0x7d, 0x04, 0xe7, 0xca, 0xcd, 0xba, 0x4e, 0xa2, 0x6e, 0xca, 0x8a, 0x4c, 0x6e, 0x14, 0x56, 0xa4, 0x7d, 0x04, 0xe7, 0xca, 0xcd, 0xba, 0x4e, 0xa2, 0x6e, 0xca, 0x8a, 0x4c, 0x6e, 0x14, 0x56,
0x3c, 0x2c, 0xe0, 0x3b, 0x62, 0x3b, 0x76, 0x8c, 0x0d, 0x49, 0x86, 0x8a, 0x57, 0x12, 0x13, 0x01, 0x3c, 0x2c, 0xe0, 0x3b, 0x62, 0x3b, 0x76, 0x8c, 0x0d, 0x49, 0x86, 0x8a, 0x57, 0x12, 0x13, 0x01,
0xdb, 0xf7, 0x83, 0xd8, 0x2f, 0x4c, 0x05, 0x5e, 0x73, 0x96, 0x0e, 0x70, 0x55, 0x01, 0x87, 0xd0, 0xdb, 0xf7, 0x83, 0xd8, 0x2f, 0x4c, 0x05, 0x5e, 0x73, 0x96, 0x0e, 0x70, 0x55, 0x01, 0x87, 0xd0,
@ -32,17 +32,17 @@ UINT8 RsaPssN[]={
0xb0, 0x3a, 0xd9, 0x4f, 0x14, 0x33, 0xd2, 0xc9, 0x4d, 0x08, 0xe6, 0x0b, 0xc1, 0xfd, 0xef, 0x05, 0xb0, 0x3a, 0xd9, 0x4f, 0x14, 0x33, 0xd2, 0xc9, 0x4d, 0x08, 0xe6, 0x0b, 0xc1, 0xfd, 0xef, 0x05,
0x43, 0xcd, 0x29, 0x51, 0xe7, 0x65, 0xb3, 0x82, 0x30, 0xfd, 0xd1, 0x8d, 0xe5, 0xd2, 0xca, 0x62, 0x43, 0xcd, 0x29, 0x51, 0xe7, 0x65, 0xb3, 0x82, 0x30, 0xfd, 0xd1, 0x8d, 0xe5, 0xd2, 0xca, 0x62,
0x7d, 0xdc, 0x03, 0x2f, 0xe0, 0x5b, 0xbd, 0x2f, 0xf2, 0x1e, 0x2d, 0xb1, 0xc2, 0xf9, 0x4d, 0x8b, 0x7d, 0xdc, 0x03, 0x2f, 0xe0, 0x5b, 0xbd, 0x2f, 0xf2, 0x1e, 0x2d, 0xb1, 0xc2, 0xf9, 0x4d, 0x8b,
}; };
// //
// Public Exponent of RSA Key // Public Exponent of RSA Key
// //
UINT8 RsaPssE[]={ 0x10, 0xe4, 0x3f }; UINT8 RsaPssE[] = { 0x10, 0xe4, 0x3f };
// //
// Private Exponent of RSA Key // Private Exponent of RSA Key
// //
UINT8 RsaPssD[]={ UINT8 RsaPssD[] = {
0x11, 0xa0, 0xdd, 0x28, 0x5f, 0x66, 0x47, 0x1a, 0x8d, 0xa3, 0x0b, 0xcb, 0x8c, 0x24, 0xa1, 0xd5, 0x11, 0xa0, 0xdd, 0x28, 0x5f, 0x66, 0x47, 0x1a, 0x8d, 0xa3, 0x0b, 0xcb, 0x8c, 0x24, 0xa1, 0xd5,
0xc8, 0xdb, 0x94, 0x2f, 0xc9, 0x92, 0x07, 0x97, 0xca, 0x44, 0x24, 0x60, 0xa8, 0x00, 0xb7, 0x5b, 0xc8, 0xdb, 0x94, 0x2f, 0xc9, 0x92, 0x07, 0x97, 0xca, 0x44, 0x24, 0x60, 0xa8, 0x00, 0xb7, 0x5b,
0xbc, 0x73, 0x8b, 0xeb, 0x8e, 0xe0, 0xe8, 0x74, 0xb0, 0x53, 0xe6, 0x47, 0x07, 0xdf, 0x4c, 0xfc, 0xbc, 0x73, 0x8b, 0xeb, 0x8e, 0xe0, 0xe8, 0x74, 0xb0, 0x53, 0xe6, 0x47, 0x07, 0xdf, 0x4c, 0xfc,
@ -59,12 +59,12 @@ UINT8 RsaPssD[]={
0x59, 0xee, 0xae, 0x27, 0x68, 0x6c, 0xd8, 0x88, 0x57, 0xe9, 0xad, 0xad, 0xc2, 0xd4, 0xb8, 0x2b, 0x59, 0xee, 0xae, 0x27, 0x68, 0x6c, 0xd8, 0x88, 0x57, 0xe9, 0xad, 0xad, 0xc2, 0xd4, 0xb8, 0x2b,
0x07, 0xa6, 0x1a, 0x35, 0x84, 0x56, 0xaa, 0xf8, 0x07, 0x66, 0x96, 0x93, 0xff, 0xb1, 0x3c, 0x99, 0x07, 0xa6, 0x1a, 0x35, 0x84, 0x56, 0xaa, 0xf8, 0x07, 0x66, 0x96, 0x93, 0xff, 0xb1, 0x3c, 0x99,
0x64, 0xa6, 0x36, 0x54, 0xca, 0xdc, 0x81, 0xee, 0x59, 0xdf, 0x51, 0x1c, 0xa3, 0xa4, 0xbd, 0x67, 0x64, 0xa6, 0x36, 0x54, 0xca, 0xdc, 0x81, 0xee, 0x59, 0xdf, 0x51, 0x1c, 0xa3, 0xa4, 0xbd, 0x67,
}; };
// //
// Binary message to be signed and verified // Binary message to be signed and verified
// //
UINT8 PssMessage[]={ UINT8 PssMessage[] = {
0xe0, 0x02, 0x37, 0x7a, 0xff, 0xb0, 0x4f, 0x0f, 0xe4, 0x59, 0x8d, 0xe9, 0xd9, 0x2d, 0x31, 0xd6, 0xe0, 0x02, 0x37, 0x7a, 0xff, 0xb0, 0x4f, 0x0f, 0xe4, 0x59, 0x8d, 0xe9, 0xd9, 0x2d, 0x31, 0xd6,
0xc7, 0x86, 0x04, 0x0d, 0x57, 0x76, 0x97, 0x65, 0x56, 0xa2, 0xcf, 0xc5, 0x5e, 0x54, 0xa1, 0xdc, 0xc7, 0x86, 0x04, 0x0d, 0x57, 0x76, 0x97, 0x65, 0x56, 0xa2, 0xcf, 0xc5, 0x5e, 0x54, 0xa1, 0xdc,
0xb3, 0xcb, 0x1b, 0x12, 0x6b, 0xd6, 0xa4, 0xbe, 0xd2, 0xa1, 0x84, 0x99, 0x0c, 0xce, 0xa7, 0x73, 0xb3, 0xcb, 0x1b, 0x12, 0x6b, 0xd6, 0xa4, 0xbe, 0xd2, 0xa1, 0x84, 0x99, 0x0c, 0xce, 0xa7, 0x73,
@ -73,20 +73,20 @@ UINT8 PssMessage[]={
0x4c, 0xf8, 0xa9, 0x27, 0xef, 0xfd, 0x0f, 0xd7, 0x75, 0xe7, 0x1e, 0x83, 0x29, 0xe4, 0x1f, 0xdd, 0x4c, 0xf8, 0xa9, 0x27, 0xef, 0xfd, 0x0f, 0xd7, 0x75, 0xe7, 0x1e, 0x83, 0x29, 0xe4, 0x1f, 0xdd,
0x44, 0x57, 0xb3, 0x91, 0x11, 0x73, 0x18, 0x7b, 0x4f, 0x09, 0xa8, 0x17, 0xd7, 0x9e, 0xa2, 0x39, 0x44, 0x57, 0xb3, 0x91, 0x11, 0x73, 0x18, 0x7b, 0x4f, 0x09, 0xa8, 0x17, 0xd7, 0x9e, 0xa2, 0x39,
0x7f, 0xc1, 0x2d, 0xfe, 0x3d, 0x9c, 0x9a, 0x02, 0x90, 0xc8, 0xea, 0xd3, 0x1b, 0x66, 0x90, 0xa6, 0x7f, 0xc1, 0x2d, 0xfe, 0x3d, 0x9c, 0x9a, 0x02, 0x90, 0xc8, 0xea, 0xd3, 0x1b, 0x66, 0x90, 0xa6,
}; };
// //
// Binary message to be signed and verified // Binary message to be signed and verified
// //
UINT8 PssSalt[]={ UINT8 PssSalt[] = {
0xd6, 0x6f, 0x72, 0xf1, 0x0b, 0x69, 0x00, 0x1a, 0x5b, 0x59, 0xcf, 0x10, 0x92, 0xad, 0x27, 0x4d, 0xd6, 0x6f, 0x72, 0xf1, 0x0b, 0x69, 0x00, 0x1a, 0x5b, 0x59, 0xcf, 0x10, 0x92, 0xad, 0x27, 0x4d,
0x50, 0x56, 0xc4, 0xe9, 0x5c, 0xcc, 0xcf, 0xbe, 0x3b, 0x53, 0x0d, 0xcb, 0x02, 0x7e, 0x57, 0xd6 0x50, 0x56, 0xc4, 0xe9, 0x5c, 0xcc, 0xcf, 0xbe, 0x3b, 0x53, 0x0d, 0xcb, 0x02, 0x7e, 0x57, 0xd6
}; };
// //
// RSASSA-PSS Signature over above message using above keys, salt and SHA256 digest(and MGF1) algo. // RSASSA-PSS Signature over above message using above keys, salt and SHA256 digest(and MGF1) algo.
// //
UINT8 TestVectorSignature[]={ UINT8 TestVectorSignature[] = {
0x4f, 0x9b, 0x42, 0x5c, 0x20, 0x58, 0x46, 0x0e, 0x4a, 0xb2, 0xf5, 0xc9, 0x63, 0x84, 0xda, 0x23, 0x4f, 0x9b, 0x42, 0x5c, 0x20, 0x58, 0x46, 0x0e, 0x4a, 0xb2, 0xf5, 0xc9, 0x63, 0x84, 0xda, 0x23,
0x27, 0xfd, 0x29, 0x15, 0x0f, 0x01, 0x95, 0x5a, 0x76, 0xb4, 0xef, 0xe9, 0x56, 0xaf, 0x06, 0xdc, 0x27, 0xfd, 0x29, 0x15, 0x0f, 0x01, 0x95, 0x5a, 0x76, 0xb4, 0xef, 0xe9, 0x56, 0xaf, 0x06, 0xdc,
0x08, 0x77, 0x9a, 0x37, 0x4e, 0xe4, 0x60, 0x7e, 0xab, 0x61, 0xa9, 0x3a, 0xdc, 0x56, 0x08, 0xf4, 0x08, 0x77, 0x9a, 0x37, 0x4e, 0xe4, 0x60, 0x7e, 0xab, 0x61, 0xa9, 0x3a, 0xdc, 0x56, 0x08, 0xf4,
@ -103,8 +103,7 @@ UINT8 TestVectorSignature[]={
0xae, 0x7e, 0x26, 0x23, 0xfc, 0x0f, 0xda, 0x80, 0x52, 0xcf, 0x4b, 0xf3, 0x37, 0x91, 0x02, 0xfb, 0xae, 0x7e, 0x26, 0x23, 0xfc, 0x0f, 0xda, 0x80, 0x52, 0xcf, 0x4b, 0xf3, 0x37, 0x91, 0x02, 0xfb,
0xf7, 0x1d, 0x7c, 0x98, 0xe8, 0x25, 0x86, 0x64, 0xce, 0xed, 0x63, 0x7d, 0x20, 0xf9, 0x5f, 0xf0, 0xf7, 0x1d, 0x7c, 0x98, 0xe8, 0x25, 0x86, 0x64, 0xce, 0xed, 0x63, 0x7d, 0x20, 0xf9, 0x5f, 0xf0,
0x11, 0x18, 0x81, 0xe6, 0x50, 0xce, 0x61, 0xf2, 0x51, 0xd9, 0xc3, 0xa6, 0x29, 0xef, 0x22, 0x2d, 0x11, 0x18, 0x81, 0xe6, 0x50, 0xce, 0x61, 0xf2, 0x51, 0xd9, 0xc3, 0xa6, 0x29, 0xef, 0x22, 0x2d,
}; };
STATIC VOID *mRsa; STATIC VOID *mRsa;
@ -135,7 +134,6 @@ TestVerifyRsaPssCleanUp (
} }
} }
UNIT_TEST_STATUS UNIT_TEST_STATUS
EFIAPI EFIAPI
TestVerifyRsaPssSignVerify ( TestVerifyRsaPssSignVerify (
@ -156,36 +154,35 @@ TestVerifyRsaPssSignVerify (
UT_ASSERT_TRUE (Status); UT_ASSERT_TRUE (Status);
SigSize = 0; SigSize = 0;
Status = RsaPssSign (mRsa, PssMessage, sizeof(PssMessage), SHA256_DIGEST_SIZE, SHA256_DIGEST_SIZE, NULL, &SigSize); Status = RsaPssSign (mRsa, PssMessage, sizeof (PssMessage), SHA256_DIGEST_SIZE, SHA256_DIGEST_SIZE, NULL, &SigSize);
UT_ASSERT_FALSE (Status); UT_ASSERT_FALSE (Status);
UT_ASSERT_NOT_EQUAL (SigSize, 0); UT_ASSERT_NOT_EQUAL (SigSize, 0);
Signature = AllocatePool (SigSize); Signature = AllocatePool (SigSize);
Status = RsaPssSign (mRsa, PssMessage, sizeof(PssMessage), SHA256_DIGEST_SIZE, SHA256_DIGEST_SIZE, Signature, &SigSize); Status = RsaPssSign (mRsa, PssMessage, sizeof (PssMessage), SHA256_DIGEST_SIZE, SHA256_DIGEST_SIZE, Signature, &SigSize);
UT_ASSERT_TRUE (Status); UT_ASSERT_TRUE (Status);
// //
// Verify RSA PSS encoded Signature generated in above step // Verify RSA PSS encoded Signature generated in above step
// //
Status = RsaPssVerify (mRsa, PssMessage, sizeof(PssMessage), Signature, SigSize, SHA256_DIGEST_SIZE, SHA256_DIGEST_SIZE); Status = RsaPssVerify (mRsa, PssMessage, sizeof (PssMessage), Signature, SigSize, SHA256_DIGEST_SIZE, SHA256_DIGEST_SIZE);
UT_ASSERT_TRUE (Status); UT_ASSERT_TRUE (Status);
// //
// Verify NIST FIPS 186-3 RSA test vector signature // Verify NIST FIPS 186-3 RSA test vector signature
// //
Status = RsaPssVerify (mRsa, PssMessage, sizeof(PssMessage), TestVectorSignature, sizeof(TestVectorSignature), SHA256_DIGEST_SIZE, SHA256_DIGEST_SIZE); Status = RsaPssVerify (mRsa, PssMessage, sizeof (PssMessage), TestVectorSignature, sizeof (TestVectorSignature), SHA256_DIGEST_SIZE, SHA256_DIGEST_SIZE);
UT_ASSERT_TRUE (Status); UT_ASSERT_TRUE (Status);
FreePool(Signature); FreePool (Signature);
return UNIT_TEST_PASSED; return UNIT_TEST_PASSED;
} }
TEST_DESC mRsaPssTest[] = { TEST_DESC mRsaPssTest[] = {
// //
// -----Description--------------------------------------Class----------------------Function---------------------------------Pre---------------------Post---------Context // -----Description--------------------------------------Class----------------------Function---------------------------------Pre---------------------Post---------Context
// //
{"TestVerifyRsaPssSignVerify()", "CryptoPkg.BaseCryptLib.Rsa", TestVerifyRsaPssSignVerify, TestVerifyRsaPssPreReq, TestVerifyRsaPssCleanUp, NULL}, { "TestVerifyRsaPssSignVerify()", "CryptoPkg.BaseCryptLib.Rsa", TestVerifyRsaPssSignVerify, TestVerifyRsaPssPreReq, TestVerifyRsaPssCleanUp, NULL },
}; };
UINTN mRsaPssTestNum = ARRAY_SIZE(mRsaPssTest); UINTN mRsaPssTestNum = ARRAY_SIZE (mRsaPssTest);

16
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaTests.c
View File

@ -26,7 +26,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaN[] = {
0xEE, 0x6A, 0x64, 0x9D, 0x06, 0x09, 0x53, 0x74, 0x88, 0x34, 0xB2, 0x45, 0x45, 0x98, 0x39, 0x4E, 0xEE, 0x6A, 0x64, 0x9D, 0x06, 0x09, 0x53, 0x74, 0x88, 0x34, 0xB2, 0x45, 0x45, 0x98, 0x39, 0x4E,
0xE0, 0xAA, 0xB1, 0x2D, 0x7B, 0x61, 0xA5, 0x1F, 0x52, 0x7A, 0x9A, 0x41, 0xF6, 0xC1, 0x68, 0x7F, 0xE0, 0xAA, 0xB1, 0x2D, 0x7B, 0x61, 0xA5, 0x1F, 0x52, 0x7A, 0x9A, 0x41, 0xF6, 0xC1, 0x68, 0x7F,
0xE2, 0x53, 0x72, 0x98, 0xCA, 0x2A, 0x8F, 0x59, 0x46, 0xF8, 0xE5, 0xFD, 0x09, 0x1D, 0xBD, 0xCB 0xE2, 0x53, 0x72, 0x98, 0xCA, 0x2A, 0x8F, 0x59, 0x46, 0xF8, 0xE5, 0xFD, 0x09, 0x1D, 0xBD, 0xCB
}; };
// //
// Public Exponent of RSA Key // Public Exponent of RSA Key
@ -45,7 +45,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaD[] = {
0xE5, 0x6A, 0xAF, 0x68, 0xC5, 0x6C, 0x09, 0x2C, 0xD3, 0x8D, 0xC3, 0xBE, 0xF5, 0xD2, 0x0A, 0x93, 0xE5, 0x6A, 0xAF, 0x68, 0xC5, 0x6C, 0x09, 0x2C, 0xD3, 0x8D, 0xC3, 0xBE, 0xF5, 0xD2, 0x0A, 0x93,
0x99, 0x26, 0xED, 0x4F, 0x74, 0xA1, 0x3E, 0xDD, 0xFB, 0xE1, 0xA1, 0xCE, 0xCC, 0x48, 0x94, 0xAF, 0x99, 0x26, 0xED, 0x4F, 0x74, 0xA1, 0x3E, 0xDD, 0xFB, 0xE1, 0xA1, 0xCE, 0xCC, 0x48, 0x94, 0xAF,
0x94, 0x28, 0xC2, 0xB7, 0xB8, 0x88, 0x3F, 0xE4, 0x46, 0x3A, 0x4B, 0xC8, 0x5B, 0x1C, 0xB3, 0xC1 0x94, 0x28, 0xC2, 0xB7, 0xB8, 0x88, 0x3F, 0xE4, 0x46, 0x3A, 0x4B, 0xC8, 0x5B, 0x1C, 0xB3, 0xC1
}; };
// //
// Known Answer Test (KAT) Data for RSA PKCS#1 Signing // Known Answer Test (KAT) Data for RSA PKCS#1 Signing
@ -64,7 +64,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaPkcs1Signature[] = {
0x4E, 0xCA, 0x2E, 0x4E, 0xBC, 0x29, 0xA8, 0x67, 0x13, 0xB7, 0x9F, 0x1D, 0x04, 0x44, 0xE5, 0x5F, 0x4E, 0xCA, 0x2E, 0x4E, 0xBC, 0x29, 0xA8, 0x67, 0x13, 0xB7, 0x9F, 0x1D, 0x04, 0x44, 0xE5, 0x5F,
0x35, 0x07, 0x11, 0xBC, 0xED, 0x19, 0x37, 0x21, 0xCF, 0x23, 0x48, 0x1F, 0x72, 0x05, 0xDE, 0xE6, 0x35, 0x07, 0x11, 0xBC, 0xED, 0x19, 0x37, 0x21, 0xCF, 0x23, 0x48, 0x1F, 0x72, 0x05, 0xDE, 0xE6,
0xE8, 0x7F, 0x33, 0x8A, 0x76, 0x4B, 0x2F, 0x95, 0xDF, 0xF1, 0x5F, 0x84, 0x80, 0xD9, 0x46, 0xB4 0xE8, 0x7F, 0x33, 0x8A, 0x76, 0x4B, 0x2F, 0x95, 0xDF, 0xF1, 0x5F, 0x84, 0x80, 0xD9, 0x46, 0xB4
}; };
// //
// Default public key 0x10001 = 65537 // Default public key 0x10001 = 65537
@ -295,7 +295,7 @@ TestVerifyRsaPkcs1SignVerify (
Status = RsaPkcs1Verify (mRsa, HashValue, HashSize, Signature, SigSize); Status = RsaPkcs1Verify (mRsa, HashValue, HashSize, Signature, SigSize);
UT_ASSERT_TRUE (Status); UT_ASSERT_TRUE (Status);
FreePool(Signature); FreePool (Signature);
return UNIT_TEST_PASSED; return UNIT_TEST_PASSED;
} }
@ -304,9 +304,9 @@ TEST_DESC mRsaTest[] = {
// //
// -----Description--------------------------------------Class----------------------Function---------------------------------Pre---------------------Post---------Context // -----Description--------------------------------------Class----------------------Function---------------------------------Pre---------------------Post---------Context
// //
{"TestVerifyRsaSetGetKeyComponents()", "CryptoPkg.BaseCryptLib.Rsa", TestVerifyRsaSetGetKeyComponents, TestVerifyRsaPreReq, TestVerifyRsaCleanUp, NULL}, { "TestVerifyRsaSetGetKeyComponents()", "CryptoPkg.BaseCryptLib.Rsa", TestVerifyRsaSetGetKeyComponents, TestVerifyRsaPreReq, TestVerifyRsaCleanUp, NULL },
{"TestVerifyRsaGenerateKeyComponents()", "CryptoPkg.BaseCryptLib.Rsa", TestVerifyRsaGenerateKeyComponents, TestVerifyRsaPreReq, TestVerifyRsaCleanUp, NULL}, { "TestVerifyRsaGenerateKeyComponents()", "CryptoPkg.BaseCryptLib.Rsa", TestVerifyRsaGenerateKeyComponents, TestVerifyRsaPreReq, TestVerifyRsaCleanUp, NULL },
{"TestVerifyRsaPkcs1SignVerify()", "CryptoPkg.BaseCryptLib.Rsa", TestVerifyRsaPkcs1SignVerify, TestVerifyRsaPreReq, TestVerifyRsaCleanUp, NULL}, { "TestVerifyRsaPkcs1SignVerify()", "CryptoPkg.BaseCryptLib.Rsa", TestVerifyRsaPkcs1SignVerify, TestVerifyRsaPreReq, TestVerifyRsaCleanUp, NULL },
}; };
UINTN mRsaTestNum = ARRAY_SIZE(mRsaTest); UINTN mRsaTestNum = ARRAY_SIZE (mRsaTest);

8
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TSTests.c
View File

@ -210,7 +210,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED UINT8 AuthenticodeWithTS[] = {
0xb2, 0x6d, 0x75, 0xf4, 0x23, 0x58, 0x13, 0x78, 0x73, 0x1a, 0xb2, 0x84, 0xde, 0xad, 0xe8, 0x6d, 0xb2, 0x6d, 0x75, 0xf4, 0x23, 0x58, 0x13, 0x78, 0x73, 0x1a, 0xb2, 0x84, 0xde, 0xad, 0xe8, 0x6d,
0xe6, 0xe7, 0x5c, 0xb6, 0xe6, 0x5b, 0x10, 0x37, 0x1f, 0xe3, 0x6e, 0xbd, 0x83, 0xd7, 0x51, 0xb1, 0xe6, 0xe7, 0x5c, 0xb6, 0xe6, 0x5b, 0x10, 0x37, 0x1f, 0xe3, 0x6e, 0xbd, 0x83, 0xd7, 0x51, 0xb1,
0x00, 0x00, 0x00, 0x00, 0x0a 0x00, 0x00, 0x00, 0x00, 0x0a
}; };
// //
// The Comodo Time Stamping Signer Certificate Used for the verification of TimeStamp signature. // The Comodo Time Stamping Signer Certificate Used for the verification of TimeStamp signature.
@ -290,7 +290,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED UINT8 TSTrustedCert[] = {
0x86, 0x08, 0xeb, 0xdb, 0xe0, 0x1f, 0x8c, 0x10, 0xf2, 0x39, 0x64, 0x9b, 0xae, 0x4f, 0x0a, 0x2c, 0x86, 0x08, 0xeb, 0xdb, 0xe0, 0x1f, 0x8c, 0x10, 0xf2, 0x39, 0x64, 0x9b, 0xae, 0x4f, 0x0a, 0x2c,
0x92, 0x8a, 0x4f, 0x18, 0xb5, 0x91, 0xe5, 0x8d, 0x1a, 0x93, 0x5f, 0x1f, 0xae, 0xf1, 0xa6, 0xf0, 0x92, 0x8a, 0x4f, 0x18, 0xb5, 0x91, 0xe5, 0x8d, 0x1a, 0x93, 0x5f, 0x1f, 0xae, 0xf1, 0xa6, 0xf0,
0x2e, 0x97, 0xd0, 0xd2, 0xf6, 0x2b, 0x3c, 0x0a 0x2e, 0x97, 0xd0, 0xd2, 0xf6, 0x2b, 0x3c, 0x0a
}; };
UNIT_TEST_STATUS UNIT_TEST_STATUS
EFIAPI EFIAPI
@ -329,7 +329,7 @@ TEST_DESC mImageTimestampTest[] = {
// //
// -----Description--------------------------------------Class----------------------------Function-----------------Pre---Post--Context // -----Description--------------------------------------Class----------------------------Function-----------------Pre---Post--Context
// //
{"TestVerifyImageTimestampVerify()", "CryptoPkg.BaseCryptLib.ImageTimestamp", TestVerifyImageTimestampVerify, NULL, NULL, NULL}, { "TestVerifyImageTimestampVerify()", "CryptoPkg.BaseCryptLib.ImageTimestamp", TestVerifyImageTimestampVerify, NULL, NULL, NULL },
}; };
UINTN mImageTimestampTestNum = ARRAY_SIZE(mImageTimestampTest); UINTN mImageTimestampTestNum = ARRAY_SIZE (mImageTimestampTest);

14
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLib.h
View File

@ -19,9 +19,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/BaseLib.h> #include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h> #include <Library/BaseMemoryLib.h>
#include <Library/MemoryAllocationLib.h> #include <Library/MemoryAllocationLib.h>
//#include <UnitTestTypes.h> // #include <UnitTestTypes.h>
#include <Library/UnitTestLib.h> #include <Library/UnitTestLib.h>
//#include <Library/UnitTestAssertLib.h> // #include <Library/UnitTestAssertLib.h>
#define UNIT_TEST_NAME "BaseCryptLib Unit Test" #define UNIT_TEST_NAME "BaseCryptLib Unit Test"
#define UNIT_TEST_VERSION "1.0" #define UNIT_TEST_VERSION "1.0"
@ -90,10 +90,10 @@ extern TEST_DESC mRsaPssTest[];
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
CreateUnitTest ( CreateUnitTest (
IN CHAR8* UnitTestName, IN CHAR8 *UnitTestName,
IN CHAR8* UnitTestVersion, IN CHAR8 *UnitTestVersion,
IN OUT UNIT_TEST_FRAMEWORK_HANDLE* Framework IN OUT UNIT_TEST_FRAMEWORK_HANDLE *Framework
); );
/** /**
Validate UEFI-OpenSSL DH Interfaces. Validate UEFI-OpenSSL DH Interfaces.
@ -119,6 +119,4 @@ ValidateCryptPrng (
VOID VOID
); );
#endif #endif

5
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c
View File

@ -8,7 +8,6 @@
**/ **/
#include "TestBaseCryptLib.h" #include "TestBaseCryptLib.h"
/** /**
Initialize the unit test framework, suite, and unit tests for the Initialize the unit test framework, suite, and unit tests for the
sample unit tests and run the unit tests. sample unit tests and run the unit tests.
@ -26,8 +25,8 @@ UefiTestMain (
EFI_STATUS Status; EFI_STATUS Status;
UNIT_TEST_FRAMEWORK_HANDLE Framework; UNIT_TEST_FRAMEWORK_HANDLE Framework;
DEBUG(( DEBUG_INFO, "%a v%a\n", UNIT_TEST_NAME, UNIT_TEST_VERSION )); DEBUG ((DEBUG_INFO, "%a v%a\n", UNIT_TEST_NAME, UNIT_TEST_VERSION));
CreateUnitTest(UNIT_TEST_NAME, UNIT_TEST_VERSION, &Framework); CreateUnitTest (UNIT_TEST_NAME, UNIT_TEST_VERSION, &Framework);
// //
// Execute the tests. // Execute the tests.