Add CryptoPkg (from UDK2010.UP3)

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10987 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
hhtian
2010-11-01 06:30:58 +00:00
parent a3bcde70e6
commit 97f98500c1
76 changed files with 7305 additions and 0 deletions

View File

@@ -0,0 +1,79 @@
## @file
# Cryptographic Library Instance for DXE_DRIVER.
#
# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = BaseCryptLib
FILE_GUID = be3bb803-91b6-4da0-bd91-a8b21c18ca5d
MODULE_TYPE = BASE
VERSION_STRING = 1.0
LIBRARY_CLASS = BaseCryptLib
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF
#
[Sources]
Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
Pk/CryptRsa.c
Pk/CryptPkcs7.c
SysCall/CrtWrapper.c
SysCall/TimerWrapper.c
SysCall/BaseMemAllocation.c
[Sources.Ia32]
SysCall/HelperWrapper.c
SysCall/Ia32/MathMultS64x64.c | MSFT
SysCall/Ia32/MathDivU64x64.c | MSFT
SysCall/Ia32/MathReminderU64x64.c | MSFT
SysCall/Ia32/MathLShiftS64.c | MSFT
SysCall/Ia32/MathRShiftU64.c | MSFT
SysCall/Ia32/MathMultS64x64.c | INTEL
SysCall/Ia32/MathDivU64x64.c | INTEL
SysCall/Ia32/MathReminderU64x64.c | INTEL
SysCall/Ia32/MathLShiftS64.c | INTEL
SysCall/Ia32/MathRShiftU64.c | INTEL
SysCall/Ia32/MathMultS64x64.S | GCC
SysCall/Ia32/MathDivU64x64.S | GCC
SysCall/Ia32/MathReminderU64x64.S | GCC
SysCall/Ia32/MathLShiftS64.S | GCC
SysCall/Ia32/MathRShiftU64.S | GCC
SysCall/Ia32/Alloca.S | GCC
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
[LibraryClasses]
BaseLib
BaseMemoryLib
MemoryAllocationLib
DebugLib
OpensslLib
IntrinsicLib
#
# Remove these [BuildOptions] after this library is cleaned up
#
[BuildOptions]
GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))" "-D__declspec(t)=__attribute__((t))"

View File

@@ -0,0 +1,145 @@
/** @file
MD5 Digest Wrapper Implementation over OpenSSL.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
#include <Library/BaseCryptLib.h>
#include <openssl/md5.h>
/**
Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
@return The size, in bytes, of the context buffer required for MD5 hash operations.
**/
UINTN
EFIAPI
Md5GetContextSize (
VOID
)
{
//
// Retrieves the OpenSSL MD5 Context Size
//
return (UINTN)(sizeof (MD5_CTX));
}
/**
Initializes user-supplied memory pointed by Md5Context as MD5 hash context for
subsequent use.
If Md5Context is NULL, then ASSERT().
@param[in, out] Md5Context Pointer to MD5 Context being initialized.
@retval TRUE MD5 context initialization succeeded.
@retval FALSE MD5 context initialization failed.
**/
BOOLEAN
EFIAPI
Md5Init (
IN OUT VOID *Md5Context
)
{
//
// ASSERT if Md5Context is NULL.
//
ASSERT (Md5Context != NULL);
//
// OpenSSL MD5 Context Initialization
//
return (BOOLEAN) (MD5_Init ((MD5_CTX *)Md5Context));
}
/**
Performs MD5 digest on a data buffer of the specified length. This function can
be called multiple times to compute the digest of long or discontinuous data streams.
If Md5Context is NULL, then ASSERT().
@param[in, out] Md5Context Pointer to the MD5 context.
@param[in] Data Pointer to the buffer containing the data to be hashed.
@param[in] DataLength Length of Data buffer in bytes.
@retval TRUE MD5 data digest succeeded.
@retval FALSE Invalid MD5 context. After Md5Final function has been called, the
MD5 context cannot be reused.
**/
BOOLEAN
EFIAPI
Md5Update (
IN OUT VOID *Md5Context,
IN CONST VOID *Data,
IN UINTN DataLength
)
{
//
// ASSERT if Md5Context is NULL
//
ASSERT (Md5Context != NULL);
//
// ASSERT if invalid parameters, in case that only DataLength was checked in OpenSSL
//
if (Data == NULL) {
ASSERT (DataLength == 0);
}
//
// OpenSSL MD5 Hash Update
//
return (BOOLEAN) (MD5_Update ((MD5_CTX *)Md5Context, Data, DataLength));
}
/**
Completes MD5 hash computation and retrieves the digest value into the specified
memory. After this function has been called, the MD5 context cannot be used again.
If Md5Context is NULL, then ASSERT().
If HashValue is NULL, then ASSERT().
@param[in, out] Md5Context Pointer to the MD5 context
@param[out] HashValue Pointer to a buffer that receives the MD5 digest
value (16 bytes).
@retval TRUE MD5 digest computation succeeded.
@retval FALSE MD5 digest computation failed.
**/
BOOLEAN
EFIAPI
Md5Final (
IN OUT VOID *Md5Context,
OUT UINT8 *HashValue
)
{
//
// ASSERT if Md5Context is NULL or HashValue is NULL
//
ASSERT (Md5Context != NULL);
ASSERT (HashValue != NULL);
//
// OpenSSL MD5 Hash Finalization
//
return (BOOLEAN) (MD5_Final (HashValue, (MD5_CTX *)Md5Context));
}

View File

@@ -0,0 +1,145 @@
/** @file
SHA-1 Digest Wrapper Implementation over OpenSSL.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
#include <Library/BaseCryptLib.h>
#include <openssl/sha.h>
/**
Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
@return The size, in bytes, of the context buffer required for SHA-1 hash operations.
**/
UINTN
EFIAPI
Sha1GetContextSize (
VOID
)
{
//
// Retrieves OpenSSL SHA Context Size
//
return (UINTN)(sizeof (SHA_CTX));
}
/**
Initializes user-supplied memory pointed by Sha1Context as the SHA-1 hash context for
subsequent use.
If Sha1Context is NULL, then ASSERT().
@param[in, out] Sha1Context Pointer to the SHA-1 Context being initialized.
@retval TRUE SHA-1 initialization succeeded.
@retval FALSE SHA-1 initialization failed.
**/
BOOLEAN
EFIAPI
Sha1Init (
IN OUT VOID *Sha1Context
)
{
//
// ASSERT if Sha1Context is NULL
//
ASSERT (Sha1Context != NULL);
//
// OpenSSL SHA-1 Context Initialization
//
return (BOOLEAN) (SHA1_Init ((SHA_CTX *)Sha1Context));
}
/**
Performs SHA-1 digest on a data buffer of the specified length. This function can
be called multiple times to compute the digest of long or discontinuous data streams.
If Sha1Context is NULL, then ASSERT().
@param[in, out] Sha1Context Pointer to the SHA-1 context.
@param[in] Data Pointer to the buffer containing the data to be hashed.
@param[in] DataLength Length of Data buffer in bytes.
@retval TRUE SHA-1 data digest succeeded.
@retval FALSE Invalid SHA-1 context. After Sha1Final function has been called, the
SHA-1 context cannot be reused.
**/
BOOLEAN
EFIAPI
Sha1Update (
IN OUT VOID *Sha1Context,
IN CONST VOID *Data,
IN UINTN DataLength
)
{
//
// ASSERT if Sha1Context is NULL
//
ASSERT (Sha1Context != NULL);
//
// ASSERT if invalid parameters, in case that only DataLength was checked in OpenSSL
//
if (Data == NULL) {
ASSERT (DataLength == 0);
}
//
// OpenSSL SHA-1 Hash Update
//
return (BOOLEAN) (SHA1_Update ((SHA_CTX *)Sha1Context, Data, DataLength));
}
/**
Completes SHA-1 hash computation and retrieves the digest value into the specified
memory. After this function has been called, the SHA-1 context cannot be used again.
If Sha1Context is NULL, then ASSERT().
If HashValue is NULL, then ASSERT().
@param[in, out] Sha1Context Pointer to the SHA-1 context
@param[out] HashValue Pointer to a buffer that receives the SHA-1 digest
value (20 bytes).
@retval TRUE SHA-1 digest computation succeeded.
@retval FALSE SHA-1 digest computation failed.
**/
BOOLEAN
EFIAPI
Sha1Final (
IN OUT VOID *Sha1Context,
OUT UINT8 *HashValue
)
{
//
// ASSERT if Sha1Context is NULL or HashValue is NULL
//
ASSERT (Sha1Context != NULL);
ASSERT (HashValue != NULL);
//
// OpenSSL SHA-1 Hash Finalization
//
return (BOOLEAN) (SHA1_Final (HashValue, (SHA_CTX *)Sha1Context));
}

View File

@@ -0,0 +1,145 @@
/** @file
SHA-256 Digest Wrapper Implementation over OpenSSL.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
#include <Library/BaseCryptLib.h>
#include <openssl/sha.h>
/**
Retrieves the size, in bytes, of the context buffer required for SHA-256 operations.
@return The size, in bytes, of the context buffer required for SHA-256 operations.
**/
UINTN
EFIAPI
Sha256GetContextSize (
VOID
)
{
//
// Retrieves OpenSSL SHA-256 Context Size
//
return (UINTN)(sizeof (SHA256_CTX));
}
/**
Initializes user-supplied memory pointed by Sha256Context as SHA-256 hash context for
subsequent use.
If Sha256Context is NULL, then ASSERT().
@param[in, out] Sha256Context Pointer to SHA-256 Context being initialized.
@retval TRUE SHA-256 context initialization succeeded.
@retval FALSE SHA-256 context initialization failed.
**/
BOOLEAN
EFIAPI
Sha256Init (
IN OUT VOID *Sha256Context
)
{
//
// ASSERT if Sha256Context is NULL
//
ASSERT (Sha256Context != NULL);
//
// OpenSSL SHA-256 Context Initialization
//
return (BOOLEAN) (SHA256_Init ((SHA256_CTX *)Sha256Context));
}
/**
Performs SHA-256 digest on a data buffer of the specified length. This function can
be called multiple times to compute the digest of long or discontinuous data streams.
If Sha256Context is NULL, then ASSERT().
@param[in, out] Sha256Context Pointer to the SHA-256 context.
@param[in] Data Pointer to the buffer containing the data to be hashed.
@param[in] DataLength Length of Data buffer in bytes.
@retval TRUE SHA-256 data digest succeeded.
@retval FALSE Invalid SHA-256 context. After Sha256Final function has been called, the
SHA-256 context cannot be reused.
**/
BOOLEAN
EFIAPI
Sha256Update (
IN OUT VOID *Sha256Context,
IN CONST VOID *Data,
IN UINTN DataLength
)
{
//
// ASSERT if Sha256Context is NULL
//
ASSERT (Sha256Context != NULL);
//
// ASSERT if invalid parameters, in case that only DataLength was checked in OpenSSL
//
if (Data == NULL) {
ASSERT (DataLength == 0);
}
//
// OpenSSL SHA-256 Hash Update
//
return (BOOLEAN) (SHA256_Update ((SHA256_CTX *)Sha256Context, Data, DataLength));
}
/**
Completes SHA-256 hash computation and retrieves the digest value into the specified
memory. After this function has been called, the SHA-256 context cannot be used again.
If Sha256Context is NULL, then ASSERT().
If HashValue is NULL, then ASSERT().
@param[in, out] Sha256Context Pointer to SHA-256 context
@param[out] HashValue Pointer to a buffer that receives the SHA-256 digest
value (32 bytes).
@retval TRUE SHA-256 digest computation succeeded.
@retval FALSE SHA-256 digest computation failed.
**/
BOOLEAN
EFIAPI
Sha256Final (
IN OUT VOID *Sha256Context,
OUT UINT8 *HashValue
)
{
//
// ASSERT if Sha256Context is NULL or HashValue is NULL
//
ASSERT (Sha256Context != NULL);
ASSERT (HashValue != NULL);
//
// OpenSSL SHA-256 Hash Finalization
//
return (BOOLEAN) (SHA256_Final (HashValue, (SHA256_CTX *)Sha256Context));
}

View File

@@ -0,0 +1,77 @@
## @file
# Cryptographic Library Instance for PEIM.
#
# Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = PeiCryptLib
FILE_GUID = 9a2a4375-194c-4e97-9f67-547ec98d96ca
MODULE_TYPE = PEIM
VERSION_STRING = 1.0
LIBRARY_CLASS = BaseCryptLib|PEIM PEI_CORE SEC
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64
#
[Sources]
Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
Pk/CryptRsa.c
SysCall/CrtWrapper.c
SysCall/HelperWrapper.c
SysCall/BaseMemAllocation.c
[Sources.Ia32]
SysCall/Ia32/MathMultS64x64.c | MSFT
SysCall/Ia32/MathDivU64x64.c | MSFT
SysCall/Ia32/MathReminderU64x64.c | MSFT
SysCall/Ia32/MathLShiftS64.c | MSFT
SysCall/Ia32/MathRShiftU64.c | MSFT
SysCall/Ia32/MathMultS64x64.c | INTEL
SysCall/Ia32/MathDivU64x64.c | INTEL
SysCall/Ia32/MathReminderU64x64.c | INTEL
SysCall/Ia32/MathLShiftS64.c | INTEL
SysCall/Ia32/MathRShiftU64.c | INTEL
SysCall/Ia32/MathMultS64x64.S | GCC
SysCall/Ia32/MathDivU64x64.S | GCC
SysCall/Ia32/MathReminderU64x64.S | GCC
SysCall/Ia32/MathLShiftS64.S | GCC
SysCall/Ia32/MathRShiftU64.S | GCC
SysCall/Ia32/Alloca.S | GCC
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
[LibraryClasses]
BaseLib
BaseMemoryLib
MemoryAllocationLib
DebugLib
OpensslLib
IntrinsicLib
#
# Remove these [BuildOptions] after this library is cleaned up
#
[BuildOptions]
GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))" "-D__declspec(t)=__attribute__((t))"

View File

@@ -0,0 +1,160 @@
/** @file
PKCS#7 SignedData Verification Wrapper Implementation over OpenSSL.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
#include <Library/BaseCryptLib.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/pkcs7.h>
/**
Verifies the validility of a PKCS#7 signed data as described in "PKCS #7: Cryptographic
Message Syntax Standard".
If P7Data is NULL, then ASSERT().
@param[in] P7Data Pointer to the PKCS#7 message to verify.
@param[in] P7Length Length of the PKCS#7 message in bytes.
@param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which
is used for certificate chain verification.
@param[in] CertLength Length of the trusted certificate in bytes.
@param[in] InData Pointer to the content to be verified.
@param[in] DataLength Length of InData in bytes.
@return TRUE The specified PKCS#7 signed data is valid.
@return FALSE Invalid PKCS#7 signed data.
**/
BOOLEAN
EFIAPI
Pkcs7Verify (
IN CONST UINT8 *P7Data,
IN UINTN P7Length,
IN CONST UINT8 *TrustedCert,
IN UINTN CertLength,
IN CONST UINT8 *InData,
IN UINTN DataLength
)
{
PKCS7 *Pkcs7;
UINT8 *Content;
BIO *CertBio;
BIO *DataBio;
BOOLEAN Status;
X509 *Cert;
X509_STORE *CertStore;
//
// ASSERT if P7Data is NULL
//
ASSERT (P7Data != NULL);
Status = FALSE;
Pkcs7 = NULL;
CertBio = NULL;
DataBio = NULL;
Cert = NULL;
CertStore = NULL;
//
// Register & Initialize necessary digest algorithms for PKCS#7 Handling
//
EVP_add_digest (EVP_md5());
EVP_add_digest (EVP_sha1());
EVP_add_digest (EVP_sha256());
//
// Retrieve PKCS#7 Data (DER encoding)
//
Pkcs7 = d2i_PKCS7 (NULL, &P7Data, (int)P7Length);
if (Pkcs7 == NULL) {
goto _Exit;
}
//
// Check if it's PKCS#7 Signed Data (for Authenticode Scenario)
//
if (!PKCS7_type_is_signed (Pkcs7)) {
goto _Exit;
}
//
// Check PKCS#7 embedded signed content with InData.
//
if (InData != NULL) {
//
// NOTE: PKCS7_dataDecode() didn't work for Authenticode-format signed data due to
// some authenticode-specific structure. Use opaque ASN.1 string to retrieve
// PKCS#7 ContentInfo here.
//
Content = (UINT8 *)(Pkcs7->d.sign->contents->d.other->value.asn1_string->data);
// Ignore two bytes for DER encoding of ASN.1 "SEQUENCE"
if (CompareMem (Content + 2, InData, DataLength) != 0) {
goto _Exit;
}
}
//
// Read DER-encoded root certificate and Construct X509 Certificate
//
CertBio = BIO_new (BIO_s_mem ());
BIO_write (CertBio, TrustedCert, (int)CertLength);
if (CertBio == NULL) {
goto _Exit;
}
Cert = d2i_X509_bio (CertBio, NULL);
if (Cert == NULL) {
goto _Exit;
}
//
// Setup X509 Store for trusted certificate
//
CertStore = X509_STORE_new ();
if (CertStore == NULL) {
goto _Exit;
}
if (!(X509_STORE_add_cert (CertStore, Cert))) {
goto _Exit;
}
//
// For generic PKCS#7 handling, InData may be NULL if the content is present
// in PKCS#7 structure. So ignore NULL checking here.
//
DataBio = BIO_new (BIO_s_mem ());
BIO_write (DataBio, InData, (int)DataLength);
//
// Verifies the PKCS#7 signedData structure
//
Status = (BOOLEAN) PKCS7_verify (Pkcs7, NULL, CertStore, DataBio, NULL, 0);
_Exit:
//
// Release Resources
//
BIO_free (DataBio);
BIO_free (CertBio);
X509_free (Cert);
X509_STORE_free (CertStore);
PKCS7_free (Pkcs7);
return Status;
}

View File

@@ -0,0 +1,277 @@
/** @file
RSA Asymmetric Cipher Wrapper Implementation over OpenSSL.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/BaseCryptLib.h>
#include <openssl/rsa.h>
/**
Allocates and Initializes one RSA Context for subsequent use.
@return Pointer to the RSA Context that has been initialized.
If the allocations fails, RsaNew() returns NULL.
**/
VOID *
EFIAPI
RsaNew (
VOID
)
{
//
// Allocates & Initializes RSA Context by OpenSSL RSA_new()
//
return (VOID *)RSA_new ();
}
/**
Release the specified RSA Context.
@param[in] RsaContext Pointer to the RSA context to be released.
**/
VOID
EFIAPI
RsaFree (
IN VOID *RsaContext
)
{
//
// Free OpenSSL RSA Context
//
RSA_free ((RSA *)RsaContext);
}
/**
Sets the tag-designated RSA key component into the established RSA context from
the user-specified nonnegative integer (octet string format represented in RSA
PKCS#1).
If RsaContext is NULL, then ASSERT().
@param[in, out] RsaContext Pointer to RSA context being set.
@param[in] KeyTag Tag of RSA key component being set.
@param[in] BigNumber Pointer to octet integer buffer.
@param[in] BnLength Length of big number buffer in bytes.
@return TRUE RSA key component was set successfully.
@return FALSE Invalid RSA key component tag.
**/
BOOLEAN
EFIAPI
RsaSetKey (
IN OUT VOID *RsaContext,
IN RSA_KEY_TAG KeyTag,
IN CONST UINT8 *BigNumber,
IN UINTN BnLength
)
{
RSA *RsaKey;
//
// ASSERT if RsaContext is NULL
//
ASSERT (RsaContext != NULL);
RsaKey = (RSA *)RsaContext;
//
// Set RSA Key Components by converting octet string to OpenSSL BN representation.
// NOTE: For RSA public key (used in signature verification), only public components
// (N, e) are needed.
//
switch (KeyTag) {
//
// RSA Public Modulus (N)
//
case RsaKeyN:
if (RsaKey->n != NULL) {
BN_free (RsaKey->n);
}
RsaKey->n = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->n);
break;
//
// RSA Public Exponent (e)
//
case RsaKeyE:
if (RsaKey->e != NULL) {
BN_free (RsaKey->e);
}
RsaKey->e = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->e);
break;
//
// RSA Private Exponent (d)
//
case RsaKeyD:
if (RsaKey->d != NULL) {
BN_free (RsaKey->d);
}
RsaKey->d = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->d);
break;
//
// RSA Secret Prime Factor of Modulus (p)
//
case RsaKeyP:
if (RsaKey->p != NULL) {
BN_free (RsaKey->p);
}
RsaKey->p = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->p);
break;
//
// RSA Secret Prime Factor of Modules (q)
//
case RsaKeyQ:
if (RsaKey->q != NULL) {
BN_free (RsaKey->q);
}
RsaKey->q = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->q);
break;
//
// p's CRT Exponent (== d mod (p - 1))
//
case RsaKeyDp:
if (RsaKey->dmp1 != NULL) {
BN_free (RsaKey->dmp1);
}
RsaKey->dmp1 = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->dmp1);
break;
//
// q's CRT Exponent (== d mod (q - 1))
//
case RsaKeyDq:
if (RsaKey->dmq1 != NULL) {
BN_free (RsaKey->dmq1);
}
RsaKey->dmq1 = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->dmq1);
break;
//
// The CRT Coefficient (== 1/q mod p)
//
case RsaKeyQInv:
if (RsaKey->iqmp != NULL) {
BN_free (RsaKey->iqmp);
}
RsaKey->iqmp = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->iqmp);
break;
default:
return FALSE;
}
return TRUE;
}
/**
Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in
RSA PKCS#1.
If RsaContext is NULL, then ASSERT().
If MessageHash is NULL, then ASSERT().
If Signature is NULL, then ASSERT().
If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, then ASSERT().
@param[in] RsaContext Pointer to RSA context for signature verification.
@param[in] MessageHash Pointer to octet message hash to be checked.
@param[in] HashLength Length of the message hash in bytes.
@param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verified.
@param[in] SigLength Length of signature in bytes.
@return TRUE Valid signature encoded in PKCS1-v1_5.
@return FALSE Invalid signature or invalid RSA context.
**/
BOOLEAN
EFIAPI
RsaPkcs1Verify (
IN VOID *RsaContext,
IN CONST UINT8 *MessageHash,
IN UINTN HashLength,
IN UINT8 *Signature,
IN UINTN SigLength
)
{
INTN Length;
//
// ASSERT if RsaContext, MessageHash or Signature is NULL
//
ASSERT (RsaContext != NULL);
ASSERT (MessageHash != NULL);
ASSERT (Signature != NULL);
//
// ASSERT if unsupported hash length:
// Only MD5, SHA-1 or SHA-256 digest size is supported
//
ASSERT ((HashLength == MD5_DIGEST_SIZE) || (HashLength == SHA1_DIGEST_SIZE) ||
(HashLength == SHA256_DIGEST_SIZE));
//
// RSA PKCS#1 Signature Decoding using OpenSSL RSA Decryption with Public Key
//
Length = RSA_public_decrypt (
(int)SigLength,
Signature,
Signature,
RsaContext,
RSA_PKCS1_PADDING
);
//
// Invalid RSA Key or PKCS#1 Padding Checking Failed (if Length < 0)
// NOTE: Length should be the addition of HashLength and some DER value.
// Ignore more strict length checking here.
//
if (Length < (INTN) HashLength) {
return FALSE;
}
//
// Validate the MessageHash and Decoded Signature
// NOTE: The decoded Signature should be the DER encoding of the DigestInfo value
// DigestInfo ::= SEQUENCE {
// digestAlgorithm AlgorithmIdentifier
// digest OCTET STRING
// }
// Then Memory Comparing should skip the DER value of the underlying SEQUENCE
// type and AlgorithmIdentifier.
//
if (CompareMem (MessageHash, Signature + Length - HashLength, HashLength) == 0) {
//
// Valid RSA PKCS#1 Signature
//
return TRUE;
} else {
//
// Failed to verification
//
return FALSE;
}
}

View File

@@ -0,0 +1,81 @@
## @file
# Cryptographic Library Instance for DXE_RUNTIME_DRIVER
#
# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = RuntimeCryptLib
FILE_GUID = 78189cc0-727d-46a4-84ea-f7dd860de64a
MODULE_TYPE = DXE_RUNTIME_DRIVER
VERSION_STRING = 1.0
LIBRARY_CLASS = BaseCryptLib
CONSTRUCTOR = RuntimeCryptLibConstructor
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF
#
[Sources]
Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
Pk/CryptRsa.c
SysCall/CrtWrapper.c
SysCall/TimerWrapper.c
SysCall/HelperWrapper.c
SysCall/RuntimeMemAllocation.c
[Sources.Ia32]
SysCall/Ia32/MathMultS64x64.c | MSFT
SysCall/Ia32/MathDivU64x64.c | MSFT
SysCall/Ia32/MathReminderU64x64.c | MSFT
SysCall/Ia32/MathLShiftS64.c | MSFT
SysCall/Ia32/MathRShiftU64.c | MSFT
SysCall/Ia32/MathMultS64x64.c | INTEL
SysCall/Ia32/MathDivU64x64.c | INTEL
SysCall/Ia32/MathReminderU64x64.c | INTEL
SysCall/Ia32/MathLShiftS64.c | INTEL
SysCall/Ia32/MathRShiftU64.c | INTEL
SysCall/Ia32/MathMultS64x64.S | GCC
SysCall/Ia32/MathDivU64x64.S | GCC
SysCall/Ia32/MathReminderU64x64.S | GCC
SysCall/Ia32/MathLShiftS64.S | GCC
SysCall/Ia32/MathRShiftU64.S | GCC
SysCall/Ia32/Alloca.S | GCC
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
[LibraryClasses]
BaseLib
BaseMemoryLib
MemoryAllocationLib
UefiBootServicesTableLib
UefiRuntimeServicesTableLib
DebugLib
OpensslLib
IntrinsicLib
#
# Remove these [BuildOptions] after this library is cleaned up
#
[BuildOptions]
GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))" "-D__declspec(t)=__attribute__((t))"

View File

@@ -0,0 +1,42 @@
/** @file
Base Memory Allocation Routines Wrapper for Crypto library over OpenSSL
during PEI & DXE phases.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <OpenSslSupport.h>
//
// -- Memory-Allocation Routines --
//
/* Allocates memory blocks */
void *malloc (size_t size)
{
return AllocatePool ((UINTN)size);
}
/* Reallocate memory blocks */
void *realloc (void *ptr, size_t size)
{
//
// BUG: hardcode OldSize == size! We have no any knowledge about
// memory size of original pointer ptr.
//
return ReallocatePool ((UINTN)size, (UINTN)size, ptr);
}
/* De-allocates or frees a memory block */
void free (void *ptr)
{
FreePool (ptr);
}

View File

@@ -0,0 +1,281 @@
/** @file
C Run-Time Libraries (CRT) Wrapper Implementation for OpenSSL-based
Cryptographic Library.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <OpenSslSupport.h>
typedef
INTN
(*SORT_COMPARE)(
IN VOID *Buffer1,
IN VOID *Buffer2
);
//
// Duplicated from EDKII BaseSortLib for qsort() wrapper
//
STATIC
VOID
QuickSortWorker (
IN OUT VOID *BufferToSort,
IN CONST UINTN Count,
IN CONST UINTN ElementSize,
IN SORT_COMPARE CompareFunction,
IN VOID *Buffer
)
{
VOID *Pivot;
UINTN LoopCount;
UINTN NextSwapLocation;
ASSERT(BufferToSort != NULL);
ASSERT(CompareFunction != NULL);
ASSERT(Buffer != NULL);
if (Count < 2 || ElementSize < 1) {
return;
}
NextSwapLocation = 0;
//
// Pick a pivot (we choose last element)
//
Pivot = ((UINT8 *)BufferToSort + ((Count - 1) * ElementSize));
//
// Now get the pivot such that all on "left" are below it
// and everything "right" are above it
//
for (LoopCount = 0; LoopCount < Count - 1; LoopCount++)
{
//
// If the element is less than the pivot
//
if (CompareFunction ((VOID *)((UINT8 *)BufferToSort + ((LoopCount) * ElementSize)), Pivot) <= 0) {
//
// Swap
//
CopyMem (Buffer, (UINT8 *)BufferToSort + (NextSwapLocation * ElementSize), ElementSize);
CopyMem ((UINT8 *)BufferToSort + (NextSwapLocation * ElementSize), (UINT8 *)BufferToSort + ((LoopCount) * ElementSize), ElementSize);
CopyMem ((UINT8 *)BufferToSort + ((LoopCount) * ElementSize), Buffer, ElementSize);
//
// Increment NextSwapLocation
//
NextSwapLocation++;
}
}
//
// Swap pivot to it's final position (NextSwapLocaiton)
//
CopyMem (Buffer, Pivot, ElementSize);
CopyMem (Pivot, (UINT8 *)BufferToSort + (NextSwapLocation * ElementSize), ElementSize);
CopyMem ((UINT8 *)BufferToSort + (NextSwapLocation * ElementSize), Buffer, ElementSize);
//
// Now recurse on 2 paritial lists. Neither of these will have the 'pivot' element.
// IE list is sorted left half, pivot element, sorted right half...
//
QuickSortWorker (
BufferToSort,
NextSwapLocation,
ElementSize,
CompareFunction,
Buffer
);
QuickSortWorker (
(UINT8 *)BufferToSort + (NextSwapLocation + 1) * ElementSize,
Count - NextSwapLocation - 1,
ElementSize,
CompareFunction,
Buffer
);
return;
}
//---------------------------------------------------------
// Standard C Run-time Library Interface Wrapper
//---------------------------------------------------------
//
// -- String Manipulation Routines --
//
/* Scan a string for the last occurrence of a character */
char *strrchr (const char *str, int c)
{
char * save;
for (save = NULL; ; ++str) {
if (*str == c) {
save = (char *)str;
}
if (*str == 0) {
return (save);
}
}
}
/* Read formatted data from a string */
int sscanf (const char *buffer, const char *format, ...)
{
//
// Null sscanf() function implementation to satisfy the linker, since
// no direct functionality logic dependency in present UEFI cases.
//
return 0;
}
//
// -- Character Classification Routines --
//
/* Determines if a particular character is a decimal-digit character */
int isdigit (int c)
{
//
// <digit> ::= [0-9]
//
return (('0' <= (c)) && ((c) <= '9'));
}
/* Determine if an integer represents character that is a hex digit */
int isxdigit (int c)
{
//
// <hexdigit> ::= [0-9] | [a-f] | [A-F]
//
return ((('0' <= (c)) && ((c) <= '9')) ||
(('a' <= (c)) && ((c) <= 'f')) ||
(('A' <= (c)) && ((c) <= 'F')));
}
/* Determines if a particular character represents a space character */
int isspace (int c)
{
//
// <space> ::= [ ]
//
return ((c) == ' ');
}
/* Determine if a particular character is an alphanumeric character */
int isalnum (int c)
{
//
// <alnum> ::= [0-9] | [a-z] | [A-Z]
//
return ((('0' <= (c)) && ((c) <= '9')) ||
(('a' <= (c)) && ((c) <= 'z')) ||
(('A' <= (c)) && ((c) <= 'Z')));
}
/* Determines if a particular character is in upper case */
int isupper (int c)
{
//
// <uppercase letter> := [A-Z]
//
return (('A' <= (c)) && ((c) <= 'Z'));
}
//
// -- Data Conversion Routines --
//
/* Convert strings to a long-integer value */
long strtol (const char *nptr, char **endptr, int base)
{
//
// Null strtol() function implementation to satisfy the linker, since there is
// no direct functionality logic dependency in present UEFI cases.
//
return 0;
}
/* Convert strings to an unsigned long-integer value */
unsigned long strtoul (const char *nptr, char **endptr, int base)
{
//
// Null strtoul() function implementation to satisfy the linker, since there is
// no direct functionality logic dependency in present UEFI cases.
//
return 0;
}
/* Convert character to lowercase */
int tolower (int c)
{
if (('A' <= (c)) && ((c) <= 'Z')) {
return (c - ('A' - 'a'));
}
return (c);
}
//
// -- Searching and Sorting Routines --
//
/* Performs a quick sort */
void qsort (void *base, size_t num, size_t width, int (*compare)(const void *, const void *))
{
VOID *Buffer;
ASSERT (base != NULL);
ASSERT (compare != NULL);
Buffer = AllocatePool (width);
ASSERT (Buffer != NULL);
//
// Re-use PerformQuickSort() function Implementation in EDKII BaseSortLib.
//
QuickSortWorker (base, (UINTN)num, (UINTN)width, (SORT_COMPARE)compare, Buffer);
FreePool (Buffer);
return;
}
//
// -- Process and Environment Control Routines --
//
/* Get a value from the current environment */
char *getenv (const char *varname)
{
//
// Null getenv() function implementation to satisfy the linker, since there is
// no direct functionality logic dependency in present UEFI cases.
//
return NULL;
}
//
// -- Stream I/O Routines --
//
/* Write formatted output using a pointer to a list of arguments */
int vfprintf (FILE *stream, const char *format, VA_LIST arg)
{
return 0;
}
/* Write data to a stream */
size_t fwrite (const void *buffer, size_t size, size_t count, FILE *stream)
{
return 0;
}

View File

@@ -0,0 +1,54 @@
/** @file
Wrapper Implementation of Helper Routines produced by the C Compiler
for the OpenSSL-based Cryptographic Library.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <OpenSslSupport.h>
//---------------------------------------------------------
// Helper Routines Wrapper
//---------------------------------------------------------
/* Divides a 64-bit signed value with a 64-bit signed value and returns
a 64-bit signed quotient and reminder */
void _aulldvrm ()
{
//
// Null _aulldvrm() Math function implementation to satisfy the linker, since
// there is no direct functionality logic dependency in present UEFI cases.
//
return;
}
/* Converts a scalar double-precision floating point value to a 32-bit integer */
long _ftol2_sse (double dblSource)
{
//
// OpenSSL uses this function due to using floating-point inside it.
// It is only present in 32-bit versions of the compiler.
// Null _ftol2_sse() function implementation to satisfy the linker, since
// there is no direct functionality logic dependency in present UEFI cases.
//
return 0;
}
/* Converts a scalar double-precision floating point value to a 32-bit integer */
long _ftol2 (double dblSource)
{
//
// Null _ftol2() function implementation to satisfy the linker, since
// there is no direct functionality logic dependency in present UEFI cases.
//
return 0;
}

View File

@@ -0,0 +1,59 @@
#------------------------------------------------------------------------------
#
# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php.
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
# Module Name:
#
# Alloca.S
#
# Abstract:
#
# Implementation for allocation of automatically reclaimed memory, which is
# used to allocate space off the runtime stack.
# (NOTE: There is a assumption in this code that the page size equal to 4K)
#
#------------------------------------------------------------------------------
.686:
.code:
ASM_GLOBAL ASM_PFX(_alloca)
#------------------------------------------------------------------------------
#
# void __cdecl _alloca (unsigned size)
#
#------------------------------------------------------------------------------
ASM_PFX(_alloca):
pushl %ecx
cmpl $0x1000, %eax
leal 8(%esp), %ecx
jb LastPage
ProbePages:
subl $0x1000, %ecx
subl $0x1000, %eax
testl %eax, 0(%ecx)
cmpl $0x1000, %eax
jae ProbePages
LastPage:
subl %eax, %ecx
movl %esp, %eax
testl %eax, 0(%ecx)
movl %ecx, %esp
movl 0(%eax), %ecx
movl 4(%eax), %eax
pushl %eax
ret

View File

@@ -0,0 +1,83 @@
#------------------------------------------------------------------------------
#
# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php.
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
# Module Name:
#
# MathDivU64x64.S
#
# Abstract:
#
# 64-bit Math Worker Function.
# Divides a 64-bit unsigned value with a 64-bit unsigned value and returns
# a 64-bit unsigned result.
#
#------------------------------------------------------------------------------
.686:
.code:
ASM_GLOBAL ASM_PFX(__udivdi3), ASM_PFX(DivU64x64Remainder)
#------------------------------------------------------------------------------
#
# void __cdecl __udivdi3 (void)
#
#------------------------------------------------------------------------------
ASM_PFX(__udivdi3):
# Original local stack when calling __udivdi3
# -----------------
# | |
# |---------------|
# | |
# |-- Divisor --|
# | |
# |---------------|
# | |
# |-- Dividend --|
# | |
# |---------------|
# | ReturnAddr** |
# ESP---->|---------------|
#
#
# Set up the local stack for NULL Reminder pointer
#
xorl %eax, %eax
push %eax
#
# Set up the local stack for Divisor parameter
#
movl 20(%esp), %eax
push %eax
movl 20(%esp), %eax
push %eax
#
# Set up the local stack for Dividend parameter
#
movl 20(%esp), %eax
push %eax
movl 20(%esp), %eax
push %eax
#
# Call native DivU64x64Remainder of BaseLib
#
jmp ASM_PFX(DivU64x64Remainder)
#
# Adjust stack
#
addl $20, %esp
ret $16

View File

@@ -0,0 +1,88 @@
/** @file
64-bit Math Worker Function.
The 32-bit versions of C compiler generate calls to library routines
to handle 64-bit math. These functions use non-standard calling conventions.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Library/BaseLib.h>
/*
* Divides a 64-bit unsigned value with a 64-bit unsigned value and returns
* a 64-bit unsigned result.
*/
__declspec(naked) void __cdecl _aulldiv (void)
{
//
// Wrapper Implementation over EDKII DivU64x64Reminder() routine
// UINT64
// EFIAPI
// DivU64x64Remainder (
// IN UINT64 Dividend,
// IN UINT64 Divisor,
// OUT UINT64 *Remainder OPTIONAL
// )
//
_asm {
; Original local stack when calling _aulldiv
; -----------------
; | |
; |---------------|
; | |
; |-- Divisor --|
; | |
; |---------------|
; | |
; |-- Dividend --|
; | |
; |---------------|
; | ReturnAddr** |
; ESP---->|---------------|
;
;
; Set up the local stack for NULL Reminder pointer
;
xor eax, eax
push eax
;
; Set up the local stack for Divisor parameter
;
mov eax, [esp + 20]
push eax
mov eax, [esp + 20]
push eax
;
; Set up the local stack for Dividend parameter
;
mov eax, [esp + 20]
push eax
mov eax, [esp + 20]
push eax
;
; Call native DivU64x64Remainder of BaseLib
;
call DivU64x64Remainder
;
; Adjust stack
;
add esp, 20
ret 16
}
}

View File

@@ -0,0 +1,62 @@
#------------------------------------------------------------------------------
#
# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php.
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
# Module Name:
#
# MathLShiftS64.S
#
# Abstract:
#
# 64-bit Math Worker Function.
# Shifts a 64-bit signed value left by a certain number of bits.
#
#------------------------------------------------------------------------------
.686:
.code:
ASM_GLOBAL ASM_PFX(__ashldi3)
#------------------------------------------------------------------------------
#
# void __cdecl __ashldi3 (void)
#
#------------------------------------------------------------------------------
ASM_PFX(__ashldi3):
#
# Handle shifting of 64 or more bits (return 0)
#
cmpb $64, %cl
jae ReturnZero
#
# Handle shifting of between 0 and 31 bits
#
cmpb $32, %cl
jae More32
shld %cl, %eax, %edx
shl %cl, %eax
ret
#
# Handle shifting of between 32 and 63 bits
#
More32:
movl %eax, %edx
xor %eax, %eax
and $31, %cl
shl %cl, %edx
ret
ReturnZero:
xor %eax, %eax
xor %edx, %edx
ret

View File

@@ -0,0 +1,54 @@
/** @file
64-bit Math Worker Function.
The 32-bit versions of C compiler generate calls to library routines
to handle 64-bit math. These functions use non-standard calling conventions.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
/*
* Shifts a 64-bit signed value left by a particular number of bits.
*/
__declspec(naked) void __cdecl _allshl (void)
{
_asm {
;
; Handle shifting of 64 or more bits (return 0)
;
cmp cl, 64
jae short ReturnZero
;
; Handle shifting of between 0 and 31 bits
;
cmp cl, 32
jae short More32
shld edx, eax, cl
shl eax, cl
ret
;
; Handle shifting of between 32 and 63 bits
;
More32:
mov edx, eax
xor eax, eax
and cl, 31
shl edx, cl
ret
ReturnZero:
xor eax,eax
xor edx,edx
ret
}
}

View File

@@ -0,0 +1,77 @@
#------------------------------------------------------------------------------
#
# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php.
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
# Module Name:
#
# MathMultS64x64.S
#
# Abstract:
#
# 64-bit Math Worker Function.
# Multiplies a 64-bit signed or unsigned value by a 64-bit signed or unsigned value
# and returns a 64-bit result
#
#------------------------------------------------------------------------------
.686:
.code:
ASM_GLOBAL ASM_PFX(_mulll), ASM_PFX(MultS64x64)
#------------------------------------------------------------------------------
#
# void __cdecl __mulll (void)
#
#------------------------------------------------------------------------------
ASM_PFX(__mulll):
# Original local stack when calling __mulll
# -----------------
# | |
# |---------------|
# | |
# |--Multiplier --|
# | |
# |---------------|
# | |
# |--Multiplicand-|
# | |
# |---------------|
# | ReturnAddr** |
# ESP---->|---------------|
#
#
# Set up the local stack for Multiplicand parameter
#
movl 16(%esp), %eax
push %eax
movl 16(%esp), %eax
push %eax
#
# Set up the local stack for Multiplier parameter
#
movl 16(%esp), %eax
push %eax
movl 16(%esp), %eax
push %eax
#
# Call native MulS64x64 of BaseLib
#
jmp ASM_PFX(MultS64x64)
#
# Adjust stack
#
add $16, %esp
ret $16

View File

@@ -0,0 +1,79 @@
/** @file
64-bit Math Worker Function.
The 32-bit versions of C compiler generate calls to library routines
to handle 64-bit math. These functions use non-standard calling conventions.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Library/BaseLib.h>
/*
* Multiplies a 64-bit signed or unsigned value by a 64-bit signed or unsigned value
* and returns a 64-bit result.
*/
__declspec(naked) void __cdecl _allmul (void)
{
//
// Wrapper Implementation over EDKII MultS64x64() routine
// INT64
// EFIAPI
// MultS64x64 (
// IN INT64 Multiplicand,
// IN INT64 Multiplier
// )
//
_asm {
; Original local stack when calling _allmul
; -----------------
; | |
; |---------------|
; | |
; |--Multiplier --|
; | |
; |---------------|
; | |
; |--Multiplicand-|
; | |
; |---------------|
; | ReturnAddr** |
; ESP---->|---------------|
;
;
; Set up the local stack for Multiplicand parameter
;
mov eax, [esp + 16]
push eax
mov eax, [esp + 16]
push eax
;
; Set up the local stack for Multiplier parameter
;
mov eax, [esp + 16]
push eax
mov eax, [esp + 16]
push eax
;
; Call native MulS64x64 of BaseLib
;
call MultS64x64
;
; Adjust stack
;
add esp, 16
ret 16
}
}

View File

@@ -0,0 +1,66 @@
#------------------------------------------------------------------------------
#
# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php.
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
# Module Name:
#
# MathRShiftU64.S
#
# Abstract:
#
# 64-bit Math Worker Function.
# Shifts a 64-bit unsigned value right by a certain number of bits.
#
#------------------------------------------------------------------------------
.686:
.code:
ASM_GLOBAL ASM_PFX(__ashrdi3)
#------------------------------------------------------------------------------
#
# void __cdecl __ashrdi3 (void)
#
#------------------------------------------------------------------------------
ASM_PFX(__ashrdi3):
#
# Checking: Only handle 64bit shifting or more
#
cmpb $64, %cl
jae _Exit
#
# Handle shifting between 0 and 31 bits
#
cmpb $32, %cl
jae More32
shrd %cl, %edx, %eax
shr %cl, %edx
ret
#
# Handle shifting of 32-63 bits
#
More32:
movl %edx, %eax
xor %edx, %edx
and $32, %cl
shr %cl, %eax
ret
#
# Invalid number (less then 32bits), return 0
#
_Exit:
xor %eax, %eax
xor %edx, %edx
ret

View File

@@ -0,0 +1,57 @@
/** @file
64-bit Math Worker Function.
The 32-bit versions of C compiler generate calls to library routines
to handle 64-bit math. These functions use non-standard calling conventions.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
/*
* Shifts a 64-bit unsigned value right by a certain number of bits.
*/
__declspec(naked) void __cdecl _aullshr (void)
{
_asm {
;
; Checking: Only handle 64bit shifting or more
;
cmp cl, 64
jae _Exit
;
; Handle shifting between 0 and 31 bits
;
cmp cl, 32
jae More32
shrd eax, edx, cl
shr edx, cl
ret
;
; Handle shifting of 32-63 bits
;
More32:
mov eax, edx
xor edx, edx
and cl, 31
shr eax, cl
ret
;
; Invalid number (less then 32bits), return 0
;
_Exit:
xor eax, eax
xor edx, edx
ret
}
}

View File

@@ -0,0 +1,89 @@
#------------------------------------------------------------------------------
#
# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php.
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
# Module Name:
#
# MathReminderU64x64.S
#
# Abstract:
#
# 64-bit Math Worker Function.
# Divides a 64-bit unsigned value by another 64-bit unsigned value and returns
# the 64-bit unsigned remainder
#
#------------------------------------------------------------------------------
.686:
.code:
ASM_GLOBAL ASM_PFX(__umoddi3), ASM_PFX(DivU64x64Remainder)
#------------------------------------------------------------------------------
#
# void __cdecl __umoddi3 (void)
#
#------------------------------------------------------------------------------
ASM_PFX(__umoddi3):
# Original local stack when calling __umoddi3
# -----------------
# | |
# |---------------|
# | |
# |-- Divisor --|
# | |
# |---------------|
# | |
# |-- Dividend --|
# | |
# |---------------|
# | ReturnAddr** |
# ESP---->|---------------|
#
#
# Set up the local stack for Reminder pointer
#
sub $8, %esp
push %esp
#
# Set up the local stack for Divisor parameter
#
movl 28(%esp), %eax
push %eax
movl 28(%esp), %eax
push %eax
#
# Set up the local stack for Dividend parameter
#
movl 28(%esp), %eax
push %eax
movl 28(%esp), %eax
push %eax
#
# Call native DivU64x64Remainder of BaseLib
#
jmp ASM_PFX(DivU64x64Remainder)
#
# Put the Reminder in EDX:EAX as return value
#
movl 20(%esp), %eax
movl 24(%esp), %edx
#
# Adjust stack
#
add $28, %esp
ret $16

View File

@@ -0,0 +1,93 @@
/** @file
64-bit Math Worker Function.
The 32-bit versions of C compiler generate calls to library routines
to handle 64-bit math. These functions use non-standard calling conventions.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Library/BaseLib.h>
/*
* Divides a 64-bit unsigned value by another 64-bit unsigned value and returns
* the 64-bit unsigned remainder.
*/
__declspec(naked) void __cdecl _aullrem(void)
{
//
// Wrapper Implementation over EDKII DivU64x64Remainder() routine
// UINT64
// EFIAPI
// DivU64x64Remainder (
// IN UINT64 Dividend,
// IN UINT64 Divisor,
// OUT UINT64 *Remainder OPTIONAL
// )
//
_asm {
; Original local stack when calling _aullrem
; -----------------
; | |
; |---------------|
; | |
; |-- Divisor --|
; | |
; |---------------|
; | |
; |-- Dividend --|
; | |
; |---------------|
; | ReturnAddr** |
; ESP---->|---------------|
;
;
; Set up the local stack for Reminder pointer
;
sub esp, 8
push esp
;
; Set up the local stack for Divisor parameter
;
mov eax, [esp + 28]
push eax
mov eax, [esp + 28]
push eax
;
; Set up the local stack for Dividend parameter
;
mov eax, [esp + 28]
push eax
mov eax, [esp + 28]
push eax
;
; Call native DivU64x64Remainder of BaseLib
;
call DivU64x64Remainder
;
; Put the Reminder in EDX:EAX as return value
;
mov eax, [esp + 20]
mov edx, [esp + 24]
;
; Adjust stack
;
add esp, 28
ret 16
}
}

View File

@@ -0,0 +1,438 @@
/** @file
Light-weight Memory Management Routines for OpenSSL-based Crypto
Library at Runtime Phase.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <OpenSslSupport.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/UefiRuntimeLib.h>
#include <Guid/EventGroup.h>
//----------------------------------------------------------------
// Initial version. Needs further optimizations.
//----------------------------------------------------------------
//
// Definitions for Runtime Memory Operations
//
#define RT_PAGE_SIZE 0x200
#define RT_PAGE_MASK 0x1FF
#define RT_PAGE_SHIFT 9
#define RT_SIZE_TO_PAGES(a) (((a) >> RT_PAGE_SHIFT) + (((a) & RT_PAGE_MASK) ? 1 : 0))
#define RT_PAGES_TO_SIZE(a) ((a) << RT_PAGE_SHIFT)
//
// Page Flag Definitions
//
#define RT_PAGE_FREE 0x00000000
#define RT_PAGE_USED 0x00000001
#define MIN_REQUIRED_BLOCKS 24
//
// Memory Page Table
//
typedef struct {
UINTN StartPageOffset; // Offset of the starting page allocated.
// Only available for USED pages.
UINT32 PageFlag; // Page Attributes.
} RT_MEMORY_PAGE_ENTRY;
typedef struct {
UINTN PageCount;
UINTN LastEmptyPageOffset;
UINT8 *DataAreaBase; // Pointer to data Area.
RT_MEMORY_PAGE_ENTRY Pages[1]; // Page Table Entries.
} RT_MEMORY_PAGE_TABLE;
//
// Global Page Table for Runtime Cryptographic Provider.
//
RT_MEMORY_PAGE_TABLE *mRTPageTable = NULL;
//
// Event for Runtime Address Conversion.
//
EFI_EVENT mVirtualAddressChangeEvent;
/**
Initializes pre-allocated memory pointed by ScratchBuffer for subsequent
runtime use.
@param[in, out] ScratchBuffer Pointer to user-supplied memory buffer.
@param[in] ScratchBufferSize Size of supplied buffer in bytes.
@retval EFI_SUCCESS Successful initialization.
**/
EFI_STATUS
InitializeScratchMemory (
IN OUT UINT8 *ScratchBuffer,
IN UINTN ScratchBufferSize
)
{
UINTN Index;
UINTN MemorySize;
//
// Parameters Checking
//
if (ScratchBuffer == NULL) {
return EFI_INVALID_PARAMETER;
}
if (ScratchBufferSize < MIN_REQUIRED_BLOCKS * 1024) {
return EFI_BUFFER_TOO_SMALL;
}
mRTPageTable = (RT_MEMORY_PAGE_TABLE *)ScratchBuffer;
//
// Initialize Internal Page Table for Memory Management
//
SetMem (mRTPageTable, ScratchBufferSize, 0xFF);
MemorySize = ScratchBufferSize - sizeof (RT_MEMORY_PAGE_TABLE) + sizeof (RT_MEMORY_PAGE_ENTRY);
mRTPageTable->PageCount = MemorySize / (RT_PAGE_SIZE + sizeof (RT_MEMORY_PAGE_ENTRY));
mRTPageTable->LastEmptyPageOffset = 0x0;
for (Index = 0; Index < mRTPageTable->PageCount; Index++) {
mRTPageTable->Pages[Index].PageFlag = RT_PAGE_FREE;
mRTPageTable->Pages[Index].StartPageOffset = 0;
}
mRTPageTable->DataAreaBase = ScratchBuffer + sizeof (RT_MEMORY_PAGE_TABLE) +
(mRTPageTable->PageCount - 1) * sizeof (RT_MEMORY_PAGE_ENTRY);
return EFI_SUCCESS;
}
/**
Look-up Free memory Region for object allocation.
@param[in] AllocationSize Bytes to be allocated.
@return Return available page offset for object allocation.
**/
UINTN
LookupFreeMemRegion (
IN UINTN AllocationSize
)
{
UINTN StartPageIndex;
UINTN Index;
UINTN SubIndex;
UINTN ReqPages;
StartPageIndex = RT_SIZE_TO_PAGES (mRTPageTable->LastEmptyPageOffset);
ReqPages = RT_SIZE_TO_PAGES (AllocationSize);
//
// Look up the free memory region with in current memory map table.
//
for (Index = StartPageIndex; Index <= (mRTPageTable->PageCount - ReqPages); ) {
//
// Check consecutive ReqPages pages.
//
for (SubIndex = 0; SubIndex < ReqPages; SubIndex++) {
if ((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0) {
break;
}
}
if (SubIndex == ReqPages) {
//
// Succeed! Return the Starting Offset.
//
return RT_PAGES_TO_SIZE (Index);
}
//
// Failed! Skip current free memory pages and adjacent Used pages
//
while ((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0) {
SubIndex++;
}
Index += SubIndex;
}
//
// Look up the free memory region from the beginning of the memory table
// until the StartCursorOffset
//
for (Index = 0; Index < (StartPageIndex - ReqPages); ) {
//
// Check Consecutive ReqPages Pages.
//
for (SubIndex = 0; SubIndex < ReqPages; SubIndex++) {
if ((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0) {
break;
}
}
if (SubIndex == ReqPages) {
//
// Succeed! Return the Starting Offset.
//
return RT_PAGES_TO_SIZE (Index);
}
//
// Failed! Skip current adjacent Used pages
//
while ((SubIndex < (StartPageIndex - ReqPages)) &&
((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0)) {
SubIndex++;
}
Index += SubIndex;
}
//
// No availabe region for object allocation!
//
return (UINTN)(-1);
}
/**
Allocates a buffer at runtime phase.
@param[in] AllocationSize Bytes to be allocated.
@return A pointer to the allocated buffer or NULL if allocation fails.
**/
VOID *
RuntimeAllocateMem (
IN UINTN AllocationSize
)
{
UINT8 *AllocPtr;
UINTN ReqPages;
UINTN Index;
UINTN StartPage;
UINTN AllocOffset;
AllocPtr = NULL;
ReqPages = 0;
//
// Look for available consecutive memory region starting from LastEmptyPageOffset.
// If no proper memory region found, look up from the beginning.
// If still not found, return NULL to indicate failed allocation.
//
AllocOffset = LookupFreeMemRegion (AllocationSize);
if (AllocOffset == (UINTN)(-1)) {
return NULL;
}
//
// Allocates consecutive memory pages with length of Size. Update the page
// table status. Returns the starting address.
//
ReqPages = RT_SIZE_TO_PAGES (AllocationSize);
AllocPtr = mRTPageTable->DataAreaBase + AllocOffset;
StartPage = RT_SIZE_TO_PAGES (AllocOffset);
Index = 0;
while (Index < ReqPages) {
mRTPageTable->Pages[StartPage + Index].PageFlag |= RT_PAGE_USED;
mRTPageTable->Pages[StartPage + Index].StartPageOffset = AllocOffset;
Index++;
}
mRTPageTable->LastEmptyPageOffset = AllocOffset + RT_PAGES_TO_SIZE (ReqPages);
ZeroMem (AllocPtr, AllocationSize);
//
// Returns a void pointer to the allocated space
//
return AllocPtr;
}
/**
Frees a buffer that was previously allocated at runtime phase.
@param[in] Buffer Pointer to the buffer to free.
**/
VOID
RuntimeFreeMem (
IN VOID *Buffer
)
{
UINTN StartOffset;
UINTN StartPageIndex;
StartOffset = (UINTN) ((UINT8 *)Buffer - mRTPageTable->DataAreaBase);
StartPageIndex = RT_SIZE_TO_PAGES (mRTPageTable->Pages[RT_SIZE_TO_PAGES(StartOffset)].StartPageOffset);
while (StartPageIndex < mRTPageTable->PageCount) {
if (((mRTPageTable->Pages[StartPageIndex].PageFlag & RT_PAGE_USED) != 0) &&
(mRTPageTable->Pages[StartPageIndex].StartPageOffset == StartOffset)) {
//
// Free this page
//
mRTPageTable->Pages[StartPageIndex].PageFlag &= ~RT_PAGE_USED;
mRTPageTable->Pages[StartPageIndex].PageFlag |= RT_PAGE_FREE;
mRTPageTable->Pages[StartPageIndex].StartPageOffset = 0;
StartPageIndex++;
} else {
break;
}
}
return;
}
/**
Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE.
This is a notification function registered on EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE
event. It converts a pointer to a new virtual address.
@param[in] Event The event whose notification function is being invoked.
@param[in] Context The pointer to the notification function's context.
**/
VOID
EFIAPI
RuntimeCryptLibAddressChangeEvent (
IN EFI_EVENT Event,
IN VOID *Context
)
{
//
// Converts a pointer for runtime memory management to a new virtual address.
//
EfiConvertPointer (0x0, (VOID **) &mRTPageTable->DataAreaBase);
EfiConvertPointer (0x0, (VOID **) &mRTPageTable);
}
/**
Constructor routine for runtime crypt library instance.
The constructor function pre-allocates space for runtime cryptographic operation.
@param ImageHandle The firmware allocated handle for the EFI image.
@param SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The construction succeeded.
@retval EFI_OUT_OF_RESOURCE Failed to allocate memory.
**/
EFI_STATUS
EFIAPI
RuntimeCryptLibConstructor (
IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable
)
{
EFI_STATUS Status;
VOID *Buffer;
//
// Pre-allocates runtime space for possible cryptographic operations
//
Buffer = AllocateRuntimePool (MIN_REQUIRED_BLOCKS * 1024);
Status = InitializeScratchMemory (Buffer, MIN_REQUIRED_BLOCKS * 1024);
if (EFI_ERROR (Status)) {
return Status;
}
//
// Create address change event
//
Status = gBS->CreateEventEx (
EVT_NOTIFY_SIGNAL,
TPL_NOTIFY,
RuntimeCryptLibAddressChangeEvent,
NULL,
&gEfiEventVirtualAddressChangeGuid,
&mVirtualAddressChangeEvent
);
ASSERT_EFI_ERROR (Status);
return Status;
}
//
// -- Memory-Allocation Routines Wrapper for UEFI-OpenSSL Library --
//
/* Allocates memory blocks */
void *malloc (size_t size)
{
return RuntimeAllocateMem ((UINTN)size);
}
/* Reallocate memory blocks */
void *realloc (void *ptr, size_t size)
{
VOID *NewPtr;
UINTN StartOffset;
UINTN StartPageIndex;
UINTN PageCount;
//
// Get Original Size of ptr
//
StartOffset = (UINTN) ((UINT8 *)ptr - mRTPageTable->DataAreaBase);
StartPageIndex = RT_SIZE_TO_PAGES (mRTPageTable->Pages[RT_SIZE_TO_PAGES (StartOffset)].StartPageOffset);
PageCount = 0;
while (StartPageIndex < mRTPageTable->PageCount) {
if (((mRTPageTable->Pages[StartPageIndex].PageFlag & RT_PAGE_USED) != 0) &&
(mRTPageTable->Pages[StartPageIndex].StartPageOffset == StartOffset)) {
StartPageIndex++;
PageCount++;
} else {
break;
}
}
if (size <= RT_PAGES_TO_SIZE (PageCount)) {
//
// Return the original pointer, if Caller try to reduce region size;
//
return ptr;
}
NewPtr = RuntimeAllocateMem ((UINTN) size);
if (NewPtr == NULL) {
return NULL;
}
CopyMem (NewPtr, ptr, RT_PAGES_TO_SIZE (PageCount));
RuntimeFreeMem (ptr);
return NewPtr;
}
/* Deallocates or frees a memory block */
void free (void *ptr)
{
RuntimeFreeMem (ptr);
}

View File

@@ -0,0 +1,102 @@
/** @file
C Run-Time Libraries (CRT) Time Management Routines Wrapper Implementation
for OpenSSL-based Cryptographic Library (used in DXE & RUNTIME).
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Uefi.h>
#include <OpenSslSupport.h>
#include <Library/UefiRuntimeServicesTableLib.h>
//
// -- Time Management Routines --
//
#define IsLeap(y) (((y) % 4) == 0 && (((y) % 100) != 0 || ((y) % 400) == 0))
#define SECSPERHOUR (60 * 60)
#define SECSPERDAY (24 * SECSPERHOUR)
//
// The arrays give the cumulative number of days up to the first of the
// month number used as the index (1 -> 12) for regular and leap years.
// The value at index 13 is for the whole year.
//
UINTN CumulativeDays[2][14] = {
{
0,
0,
31,
31 + 28,
31 + 28 + 31,
31 + 28 + 31 + 30,
31 + 28 + 31 + 30 + 31,
31 + 28 + 31 + 30 + 31 + 30,
31 + 28 + 31 + 30 + 31 + 30 + 31,
31 + 28 + 31 + 30 + 31 + 30 + 31 + 31,
31 + 28 + 31 + 30 + 31 + 30 + 31 + 31 + 30,
31 + 28 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31,
31 + 28 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31 + 30,
31 + 28 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31 + 30 + 31
},
{
0,
0,
31,
31 + 29,
31 + 29 + 31,
31 + 29 + 31 + 30,
31 + 29 + 31 + 30 + 31,
31 + 29 + 31 + 30 + 31 + 30,
31 + 29 + 31 + 30 + 31 + 30 + 31,
31 + 29 + 31 + 30 + 31 + 30 + 31 + 31,
31 + 29 + 31 + 30 + 31 + 30 + 31 + 31 + 30,
31 + 29 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31,
31 + 29 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31 + 30,
31 + 29 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31 + 30 + 31
}
};
/* Get the system time as seconds elapsed since midnight, January 1, 1970. */
//INTN time(
// INTN *timer
// )
time_t time (time_t *timer)
{
EFI_TIME Time;
UINTN Year;
//
// Get the current time and date information
//
gRT->GetTime (&Time, NULL);
//
// Years Handling
// UTime should now be set to 00:00:00 on Jan 1 of the current year.
//
for (Year = 1970, *timer = 0; Year != Time.Year; Year++) {
*timer = *timer + (time_t)(CumulativeDays[IsLeap(Year)][13] * SECSPERDAY);
}
//
// Add in number of seconds for current Month, Day, Hour, Minute, Seconds, and TimeZone adjustment
//
*timer = *timer +
(time_t)((Time.TimeZone != EFI_UNSPECIFIED_TIMEZONE) ? (Time.TimeZone * 60) : 0) +
(time_t)(CumulativeDays[IsLeap(Time.Year)][Time.Month] * SECSPERDAY) +
(time_t)(((Time.Day > 0) ? Time.Day - 1 : 0) * SECSPERDAY) +
(time_t)(Time.Hour * SECSPERHOUR) +
(time_t)(Time.Minute * 60) +
(time_t)Time.Second;
return *timer;
}

View File

@@ -0,0 +1,49 @@
## @file
# Cryptographic Library Instance based on Runtime Crypt Protocol.
# This instance will be only used by the Authenticated Variable driver for IPF.
#
# Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = BaseCryptLibRuntimeCryptProtocol
FILE_GUID = BBB31581-855A-44D7-A550-8A585D9B2DE9
MODULE_TYPE = DXE_RUNTIME_DRIVER
VERSION_STRING = 1.0
LIBRARY_CLASS = BaseCryptLib|DXE_RUNTIME_DRIVER DXE_SAL_DRIVER
CONSTRUCTOR = RuntimeDxeIpfCryptLibConstructor
DESTRUCTOR = RuntimeDxeIpfCryptLibDestructor
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IPF
#
[Sources]
RuntimeDxeIpfCryptLib.c
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
[LibraryClasses]
BaseLib
DebugLib
[Guids]
gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
[Protocols]
gEfiRuntimeCryptProtocolGuid ## CONSUMES
[Depex]
gEfiRuntimeCryptProtocolGuid

View File

@@ -0,0 +1,390 @@
/** @file
Implementation of The runtime cryptographic library instance (for IPF).
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Uefi.h>
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/UefiRuntimeLib.h>
#include <Protocol/RuntimeCrypt.h>
#include <Guid/EventGroup.h>
EFI_RUNTIME_CRYPT_PROTOCOL *mCryptProtocol = NULL;
EFI_EVENT mIpfCryptLibVirtualNotifyEvent;
/**
Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE, which converts
pointer to new virtual address.
@param Event Event whose notification function is being invoked.
@param Context Pointer to the notification function's context
**/
VOID
EFIAPI
IpfCryptLibAddressChangeEvent (
IN EFI_EVENT Event,
IN VOID *Context
)
{
//
// Convert Address of Runtime Crypto Protocol.
//
EfiConvertPointer (0x0, (VOID **) &mCryptProtocol);
}
/**
Constructor of IPF Crypto Library Instance.
This function locates the Runtime Crypt Protocol and register notification
function for EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
@param ImageHandle The firmware allocated handle for the EFI image.
@param SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The constructor always returns EFI_SUCCESS.
**/
EFI_STATUS
EFIAPI
RuntimeDxeIpfCryptLibConstructor (
IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable
)
{
EFI_STATUS Status;
//
// Locate Runtime Crypt Protocol Instance
//
Status = gBS->LocateProtocol (
&gEfiRuntimeCryptProtocolGuid,
NULL,
(VOID**) &mCryptProtocol
);
ASSERT_EFI_ERROR (Status);
ASSERT (mCryptProtocol != NULL);
//
// Register SetVirtualAddressMap () notify function
//
Status = gBS->CreateEventEx (
EVT_NOTIFY_SIGNAL,
TPL_NOTIFY,
IpfCryptLibAddressChangeEvent,
NULL,
&gEfiEventVirtualAddressChangeGuid,
&mIpfCryptLibVirtualNotifyEvent
);
ASSERT_EFI_ERROR (Status);
return Status;
}
/**
Destructor of IPF Crypto Library Instance.
@param ImageHandle The firmware allocated handle for the EFI image.
@param SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The destructor completed successfully.
@retval Other value The destructor did not complete successfully.
**/
EFI_STATUS
EFIAPI
RuntimeDxeIpfCryptLibDestructor (
IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable
)
{
EFI_STATUS Status;
//
// Close the Set Virtual Address Map event
//
Status = gBS->CloseEvent (mIpfCryptLibVirtualNotifyEvent);
ASSERT_EFI_ERROR (Status);
return Status;
}
/**
Check whether crypto service provided by Runtime Crypt protocol is ready to use.
Crypto service is available if the call is in physical mode prior to
SetVirtualAddressMap() or virtual mode after SetVirtualAddressMap(). If either
of these two conditions are met, this routine will return TRUE; if neither of
these conditions are met, this routine will return FALSE.
@retval TRUE The Crypto service is ready to use.
@retval FALSE The Crypto service is not available.
**/
BOOLEAN
EFIAPI
InternalIsCryptServiveAvailable (
VOID
)
{
INT64 CpuMode;
BOOLEAN GoneVirtual;
CpuMode = AsmCpuVirtual();
if (CpuMode < 0) {
//
// CPU is in mixed mode, return failing the operation gracefully.
//
return FALSE;
}
GoneVirtual = EfiGoneVirtual();
if ((CpuMode > 0) && !GoneVirtual) {
//
// CPU is in virtual mode, but SetVirtualAddressMap() has not been called,
// so return failing the operation gracefully.
//
return FALSE;
}
if ((CpuMode == 0) && GoneVirtual) {
//
// CPU is in physical mode, but SetVirtualAddressMap() has been called,
// so return failing the operation gracefully.
//
return FALSE;
}
return TRUE;
}
/**
Retrieves the size, in bytes, of the context buffer required for SHA-256 operations.
@return The size, in bytes, of the context buffer required for SHA-256 operations.
**/
UINTN
EFIAPI
Sha256GetContextSize (
VOID
)
{
if (!InternalIsCryptServiveAvailable ()) {
return 0;
}
return mCryptProtocol->Sha256GetContextSize ();
}
/**
Initializes user-supplied memory pointed by Sha256Context as SHA-256 hash context for
subsequent use.
If Sha256Context is NULL, then ASSERT().
@param[in, out] Sha256Context Pointer to SHA-256 Context being initialized.
@retval TRUE SHA-256 context initialization succeeded.
@retval FALSE SHA-256 context initialization failed.
**/
BOOLEAN
EFIAPI
Sha256Init (
IN OUT VOID *Sha256Context
)
{
if (!InternalIsCryptServiveAvailable ()) {
return FALSE;
}
return mCryptProtocol->Sha256Init (Sha256Context);
}
/**
Performs SHA-256 digest on a data buffer of the specified length. This function can
be called multiple times to compute the digest of long or discontinuous data streams.
If Sha256Context is NULL, then ASSERT().
@param[in, out] Sha256Context Pointer to the SHA-256 context.
@param[in] Data Pointer to the buffer containing the data to be hashed.
@param[in] DataLength Length of Data buffer in bytes.
@retval TRUE SHA-256 data digest succeeded.
@retval FALSE Invalid SHA-256 context. After Sha256Final function has been called, the
SHA-256 context cannot be reused.
**/
BOOLEAN
EFIAPI
Sha256Update (
IN OUT VOID *Sha256Context,
IN CONST VOID *Data,
IN UINTN DataLength
)
{
if (!InternalIsCryptServiveAvailable ()) {
return FALSE;
}
return mCryptProtocol->Sha256Update (Sha256Context, Data, DataLength);
}
/**
Completes SHA-256 hash computation and retrieves the digest value into the specified
memory. After this function has been called, the SHA-256 context cannot be used again.
If Sha256Context is NULL, then ASSERT().
If HashValue is NULL, then ASSERT().
@param[in, out] Sha256Context Pointer to SHA-256 context
@param[out] HashValue Pointer to a buffer that receives the SHA-256 digest
value (32 bytes).
@retval TRUE SHA-256 digest computation succeeded.
@retval FALSE SHA-256 digest computation failed.
**/
BOOLEAN
EFIAPI
Sha256Final (
IN OUT VOID *Sha256Context,
OUT UINT8 *HashValue
)
{
if (!InternalIsCryptServiveAvailable ()) {
return FALSE;
}
return mCryptProtocol->Sha256Final (Sha256Context, HashValue);
}
/**
Allocates and Initializes one RSA Context for subsequent use.
@return Pointer to the RSA Context that has been initialized.
If the allocations fails, RsaNew() returns NULL.
**/
VOID *
EFIAPI
RsaNew (
VOID
)
{
if (!InternalIsCryptServiveAvailable ()) {
return FALSE;
}
return mCryptProtocol->RsaNew ();
}
/**
Release the specified RSA Context.
@param[in] RsaContext Pointer to the RSA context to be released.
**/
VOID
EFIAPI
RsaFree (
IN VOID *RsaContext
)
{
if (!InternalIsCryptServiveAvailable ()) {
return;
}
mCryptProtocol->RsaFree (RsaContext);
}
/**
Sets the tag-designated RSA key component into the established RSA context from
the user-specified nonnegative integer (octet string format represented in RSA
PKCS#1).
If RsaContext is NULL, then ASSERT().
@param[in, out] RsaContext Pointer to RSA context being set.
@param[in] KeyTag Tag of RSA key component being set.
@param[in] BigNumber Pointer to octet integer buffer.
@param[in] BnLength Length of big number buffer in bytes.
@return TRUE RSA key component was set successfully.
@return FALSE Invalid RSA key component tag.
**/
BOOLEAN
EFIAPI
RsaSetKey (
IN OUT VOID *RsaContext,
IN RSA_KEY_TAG KeyTag,
IN CONST UINT8 *BigNumber,
IN UINTN BnLength
)
{
if (!InternalIsCryptServiveAvailable ()) {
return FALSE;
}
return mCryptProtocol->RsaSetKey (RsaContext, KeyTag, BigNumber, BnLength);
}
/**
Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in
RSA PKCS#1.
If RsaContext is NULL, then ASSERT().
If MessageHash is NULL, then ASSERT().
If Signature is NULL, then ASSERT().
If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, then ASSERT().
@param[in] RsaContext Pointer to RSA context for signature verification.
@param[in] MessageHash Pointer to octet message hash to be checked.
@param[in] HashLength Length of the message hash in bytes.
@param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verified.
@param[in] SigLength Length of signature in bytes.
@return TRUE Valid signature encoded in PKCS1-v1_5.
@return FALSE Invalid signature or invalid RSA context.
**/
BOOLEAN
EFIAPI
RsaPkcs1Verify (
IN VOID *RsaContext,
IN CONST UINT8 *MessageHash,
IN UINTN HashLength,
IN UINT8 *Signature,
IN UINTN SigLength
)
{
if (!InternalIsCryptServiveAvailable ()) {
return FALSE;
}
return mCryptProtocol->RsaPkcs1Verify (
RsaContext,
MessageHash,
HashLength,
Signature,
SigLength
);
}

View File

@@ -0,0 +1,23 @@
/** @file
Intrinsic Memory Routines Wrapper Implementation for OpenSSL-based
Cryptographic Library.
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Base.h>
#include <Library/BaseMemoryLib.h>
/* Copies bytes between buffers */
void * memcpy (void *dest, const void *src, unsigned int count)
{
return CopyMem (dest, src, (UINTN)count);
}

View File

@@ -0,0 +1,56 @@
## @file
# Intrinsic Routines Wrapper Library Instance.
#
# Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = BaseIntrinsicLib
FILE_GUID = 63850097-3E97-4c4f-A52D-C811A0106105
MODULE_TYPE = BASE
VERSION_STRING = 1.0
LIBRARY_CLASS = IntrinsicLib
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF
#
[Sources]
MemoryIntrinsics.c
[Sources.IA32]
CopyMem.c
[Sources.X64]
CopyMem.c
[Sources.IPF]
CopyMem.c | MSFT
CopyMem.c | INTEL
#
# In tools_def.txt, GCC rename symbol name memcpy to be CopyMem for IPF,
# i.e. "DEFINE GCC_IPF_SYMRENAME_FLAGS = --redefine-sym memcpy=CopyMem",
# so there will be no source file CopyMem.c for GCC compiler family.
#
[Packages]
MdePkg/MdePkg.dec
[LibraryClasses]
BaseMemoryLib
[BuildOptions]
MSFT:*_*_*_CC_FLAGS = /GL- /Oi-
INTEL:*_*_*_CC_FLAGS = /Oi-
GCC:*_*_*_CC_FLAGS = -fno-builtin

View File

@@ -0,0 +1,27 @@
/** @file
Intrinsic Memory Routines Wrapper Implementation for OpenSSL-based
Cryptographic Library.
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Base.h>
#include <Library/BaseMemoryLib.h>
/* OpenSSL will use floating point support, and C compiler produces the _fltused
symbol by default. Simply define this symbol here to satisfy the linker. */
int _fltused = 1;
/* Sets buffers to a specified character */
void * memset (void *dest, char ch, unsigned int count)
{
return SetMem (dest, (UINTN)count, (UINT8)ch);
}

View File

@@ -0,0 +1,92 @@
--- crypto/bio/bss_file.c Thu Jan 15 17:14:12 1970
+++ crypto/bio/bss_file.c Thu Jan 15 17:14:12 1970
@@ -421,6 +421,23 @@
return(ret);
}
+#else
+
+BIO_METHOD *BIO_s_file(void)
+ {
+ return NULL;
+ }
+
+BIO *BIO_new_file(const char *filename, const char *mode)
+ {
+ return NULL;
+ }
+
+BIO *BIO_new_fp(FILE *stream, int close_flag)
+ {
+ return NULL;
+ }
+
#endif /* OPENSSL_NO_STDIO */
#endif /* HEADER_BSS_FILE_C */
--- crypto/rand/rand_egd.c Thu Jan 15 17:14:12 1970
+++ crypto/rand/rand_egd.c Thu Jan 15 17:14:12 1970
@@ -95,7 +95,7 @@
* RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
*/
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS)
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI)
int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
{
return(-1);
--- crypto/rand/rand_unix.c Thu Jan 15 17:14:12 1970
+++ crypto/rand/rand_unix.c Thu Jan 15 17:14:12 1970
@@ -116,7 +116,7 @@
#include <openssl/rand.h>
#include "rand_lcl.h"
-#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))
+#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_UEFI))
#include <sys/types.h>
#include <sys/time.h>
@@ -322,7 +322,7 @@
#endif /* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */
-#if defined(OPENSSL_SYS_VXWORKS)
+#if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)
int RAND_poll(void)
{
return 0;
--- crypto/x509/x509_vfy.c Thu Jan 15 17:14:12 1970
+++ crypto/x509/x509_vfy.c Thu Jan 15 17:14:12 1970
@@ -391,7 +391,12 @@
static int check_chain_extensions(X509_STORE_CTX *ctx)
{
-#ifdef OPENSSL_NO_CHAIN_VERIFY
+//#ifdef OPENSSL_NO_CHAIN_VERIFY
+#if defined(OPENSSL_NO_CHAIN_VERIFY) || defined(OPENSSL_SYS_UEFI)
+ /*
+ NOTE: Bypass KU Flags Checking for UEFI version. There are incorrect KU flag setting
+ in Authenticode Signing Certificates.
+ */
return 1;
#else
int i, ok=0, must_be_ca, plen = 0;
@@ -904,6 +909,10 @@
static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)
{
+#if defined(OPENSSL_SYS_UEFI)
+ /* Bypass Certificate Time Checking for UEFI version. */
+ return 1;
+#else
time_t *ptime;
int i;
@@ -947,6 +956,7 @@
}
return 1;
+#endif
}
static int internal_verify(X509_STORE_CTX *ctx)

View File

@@ -0,0 +1,71 @@
cd openssl-0.9.8l
copy e_os2.h ..\..\..\Include\openssl
copy crypto\crypto.h ..\..\..\Include\openssl
copy crypto\tmdiff.h ..\..\..\Include\openssl
copy crypto\opensslv.h ..\..\..\Include\openssl
copy crypto\opensslconf.h ..\..\..\Include\openssl
copy crypto\ebcdic.h ..\..\..\Include\openssl
copy crypto\symhacks.h ..\..\..\Include\openssl
copy crypto\ossl_typ.h ..\..\..\Include\openssl
copy crypto\md2\md2.h ..\..\..\Include\openssl
copy crypto\md4\md4.h ..\..\..\Include\openssl
copy crypto\md5\md5.h ..\..\..\Include\openssl
copy crypto\sha\sha.h ..\..\..\Include\openssl
copy crypto\hmac\hmac.h ..\..\..\Include\openssl
copy crypto\ripemd\ripemd.h ..\..\..\Include\openssl
copy crypto\des\des.h ..\..\..\Include\openssl
copy crypto\des\des_old.h ..\..\..\Include\openssl
copy crypto\rc2\rc2.h ..\..\..\Include\openssl
copy crypto\rc4\rc4.h ..\..\..\Include\openssl
copy crypto\idea\idea.h ..\..\..\Include\openssl
copy crypto\bf\blowfish.h ..\..\..\Include\openssl
copy crypto\cast\cast.h ..\..\..\Include\openssl
copy crypto\aes\aes.h ..\..\..\Include\openssl
copy crypto\bn\bn.h ..\..\..\Include\openssl
copy crypto\rsa\rsa.h ..\..\..\Include\openssl
copy crypto\dsa\dsa.h ..\..\..\Include\openssl
copy crypto\dso\dso.h ..\..\..\Include\openssl
copy crypto\dh\dh.h ..\..\..\Include\openssl
copy crypto\ec\ec.h ..\..\..\Include\openssl
copy crypto\ecdh\ecdh.h ..\..\..\Include\openssl
copy crypto\ecdsa\ecdsa.h ..\..\..\Include\openssl
copy crypto\buffer\buffer.h ..\..\..\Include\openssl
copy crypto\bio\bio.h ..\..\..\Include\openssl
copy crypto\stack\stack.h ..\..\..\Include\openssl
copy crypto\stack\safestack.h ..\..\..\Include\openssl
copy crypto\lhash\lhash.h ..\..\..\Include\openssl
copy crypto\rand\rand.h ..\..\..\Include\openssl
copy crypto\err\err.h ..\..\..\Include\openssl
copy crypto\objects\objects.h ..\..\..\Include\openssl
copy crypto\objects\obj_mac.h ..\..\..\Include\openssl
copy crypto\evp\evp.h ..\..\..\Include\openssl
copy crypto\asn1\asn1.h ..\..\..\Include\openssl
copy crypto\asn1\asn1_mac.h ..\..\..\Include\openssl
copy crypto\asn1\asn1t.h ..\..\..\Include\openssl
copy crypto\pem\pem.h ..\..\..\Include\openssl
copy crypto\pem\pem2.h ..\..\..\Include\openssl
copy crypto\x509\x509.h ..\..\..\Include\openssl
copy crypto\x509\x509_vfy.h ..\..\..\Include\openssl
copy crypto\x509v3\x509v3.h ..\..\..\Include\openssl
copy crypto\conf\conf.h ..\..\..\Include\openssl
copy crypto\conf\conf_api.h ..\..\..\Include\openssl
copy crypto\txt_db\txt_db.h ..\..\..\Include\openssl
copy crypto\pkcs7\pkcs7.h ..\..\..\Include\openssl
copy crypto\pkcs12\pkcs12.h ..\..\..\Include\openssl
copy crypto\comp\comp.h ..\..\..\Include\openssl
copy crypto\engine\engine.h ..\..\..\Include\openssl
copy crypto\ocsp\ocsp.h ..\..\..\Include\openssl
copy crypto\ui\ui.h ..\..\..\Include\openssl
copy crypto\ui\ui_compat.h ..\..\..\Include\openssl
copy crypto\krb5\krb5_asn.h ..\..\..\Include\openssl
copy crypto\store\store.h ..\..\..\Include\openssl
copy crypto\pqueue\pqueue.h ..\..\..\Include\openssl
copy crypto\pqueue\pq_compat.h ..\..\..\Include\openssl
copy ssl\ssl.h ..\..\..\Include\openssl
copy ssl\ssl2.h ..\..\..\Include\openssl
copy ssl\ssl3.h ..\..\..\Include\openssl
copy ssl\ssl23.h ..\..\..\Include\openssl
copy ssl\tls1.h ..\..\..\Include\openssl
copy ssl\dtls1.h ..\..\..\Include\openssl
copy ssl\kssl.h ..\..\..\Include\openssl
cd ..

View File

@@ -0,0 +1,73 @@
#!/bin/sh
cd openssl-0.9.8l
cp e_os2.h ../../../Include/openssl
cp crypto/crypto.h ../../../Include/openssl
cp crypto/tmdiff.h ../../../Include/openssl
cp crypto/opensslv.h ../../../Include/openssl
cp crypto/opensslconf.h ../../../Include/openssl
cp crypto/ebcdic.h ../../../Include/openssl
cp crypto/symhacks.h ../../../Include/openssl
cp crypto/ossl_typ.h ../../../Include/openssl
cp crypto/md2/md2.h ../../../Include/openssl
cp crypto/md4/md4.h ../../../Include/openssl
cp crypto/md5/md5.h ../../../Include/openssl
cp crypto/sha/sha.h ../../../Include/openssl
cp crypto/hmac/hmac.h ../../../Include/openssl
cp crypto/ripemd/ripemd.h ../../../Include/openssl
cp crypto/des/des.h ../../../Include/openssl
cp crypto/des/des_old.h ../../../Include/openssl
cp crypto/rc2/rc2.h ../../../Include/openssl
cp crypto/rc4/rc4.h ../../../Include/openssl
cp crypto/idea/idea.h ../../../Include/openssl
cp crypto/bf/blowfish.h ../../../Include/openssl
cp crypto/cast/cast.h ../../../Include/openssl
cp crypto/aes/aes.h ../../../Include/openssl
cp crypto/bn/bn.h ../../../Include/openssl
cp crypto/rsa/rsa.h ../../../Include/openssl
cp crypto/dsa/dsa.h ../../../Include/openssl
cp crypto/dso/dso.h ../../../Include/openssl
cp crypto/dh/dh.h ../../../Include/openssl
cp crypto/ec/ec.h ../../../Include/openssl
cp crypto/ecdh/ecdh.h ../../../Include/openssl
cp crypto/ecdsa/ecdsa.h ../../../Include/openssl
cp crypto/buffer/buffer.h ../../../Include/openssl
cp crypto/bio/bio.h ../../../Include/openssl
cp crypto/stack/stack.h ../../../Include/openssl
cp crypto/stack/safestack.h ../../../Include/openssl
cp crypto/lhash/lhash.h ../../../Include/openssl
cp crypto/rand/rand.h ../../../Include/openssl
cp crypto/err/err.h ../../../Include/openssl
cp crypto/objects/objects.h ../../../Include/openssl
cp crypto/objects/obj_mac.h ../../../Include/openssl
cp crypto/evp/evp.h ../../../Include/openssl
cp crypto/asn1/asn1.h ../../../Include/openssl
cp crypto/asn1/asn1_mac.h ../../../Include/openssl
cp crypto/asn1/asn1t.h ../../../Include/openssl
cp crypto/pem/pem.h ../../../Include/openssl
cp crypto/pem/pem2.h ../../../Include/openssl
cp crypto/x509/x509.h ../../../Include/openssl
cp crypto/x509/x509_vfy.h ../../../Include/openssl
cp crypto/x509v3/x509v3.h ../../../Include/openssl
cp crypto/conf/conf.h ../../../Include/openssl
cp crypto/conf/conf_api.h ../../../Include/openssl
cp crypto/txt_db/txt_db.h ../../../Include/openssl
cp crypto/pkcs7/pkcs7.h ../../../Include/openssl
cp crypto/pkcs12/pkcs12.h ../../../Include/openssl
cp crypto/comp/comp.h ../../../Include/openssl
cp crypto/engine/engine.h ../../../Include/openssl
cp crypto/ocsp/ocsp.h ../../../Include/openssl
cp crypto/ui/ui.h ../../../Include/openssl
cp crypto/ui/ui_compat.h ../../../Include/openssl
cp crypto/krb5/krb5_asn.h ../../../Include/openssl
cp crypto/store/store.h ../../../Include/openssl
cp crypto/pqueue/pqueue.h ../../../Include/openssl
cp crypto/pqueue/pq_compat.h ../../../Include/openssl
cp ssl/ssl.h ../../../Include/openssl
cp ssl/ssl2.h ../../../Include/openssl
cp ssl/ssl3.h ../../../Include/openssl
cp ssl/ssl23.h ../../../Include/openssl
cp ssl/tls1.h ../../../Include/openssl
cp ssl/dtls1.h ../../../Include/openssl
cp ssl/kssl.h ../../../Include/openssl
cd ..

View File

@@ -0,0 +1,579 @@
## @file
# OpenSSL Library implementation.
#
# Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = OpensslLib
FILE_GUID = C873A7D0-9824-409f-9B42-2C158B992E69
MODULE_TYPE = BASE
VERSION_STRING = 1.0
LIBRARY_CLASS = OpensslLib
OPENSSL_PATH = openssl-0.9.8l
OPENSSL_FLAGS = -DOPENSSL_SYSNAME_UWIN -DOPENSSL_SYS_UEFI -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_SEED -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SOCK -DOPENSSL_NO_CMS -DOPENSSL_NO_JPAKE -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_ERR -DOPENSSL_NO_KRB5 -DOPENSSL_NO_DYNAMIC_ENGINE -DGETPID_IS_MEANINGLESS -DOPENSSL_NO_STDIO -DOPENSSL_NO_FP_API -DOPENSSL_NO_DGRAM -DOPENSSL_NO_ASM
#
# OPENSSL_FLAGS is set to define the following flags to be compatible with
# EDK II build system and UEFI executiuon environment
#
# OPENSSL_SYSNAME_UWIN
# OPENSSL_SYS_UEFI
# L_ENDIAN
# _CRT_SECURE_NO_DEPRECATE
# _CRT_NONSTDC_NO_DEPRECATE
# OPENSSL_NO_CAMELLIA
# OPENSSL_NO_SEED
# OPENSSL_NO_RC5
# OPENSSL_NO_MDC2
# OPENSSL_NO_SOCK
# OPENSSL_NO_CMS
# OPENSSL_NO_JPAKE
# OPENSSL_NO_CAPIENG
# OPENSSL_NO_ERR
# OPENSSL_NO_KRB5
# OPENSSL_NO_DYNAMIC_ENGINE
# GETPID_IS_MEANINGLESS
# OPENSSL_NO_STDIO
# OPENSSL_NO_FP_API
# OPENSSL_NO_DGRAM
# OPENSSL_NO_ASM
#
#
# VALID_ARCHITECTURES = IA32 X64 IPF
#
[Sources]
$(OPENSSL_PATH)/e_os.h
$(OPENSSL_PATH)/crypto/cryptlib.c
$(OPENSSL_PATH)/crypto/dyn_lck.c
$(OPENSSL_PATH)/crypto/mem.c
$(OPENSSL_PATH)/crypto/mem_clr.c
$(OPENSSL_PATH)/crypto/mem_dbg.c
$(OPENSSL_PATH)/crypto/cversion.c
$(OPENSSL_PATH)/crypto/ex_data.c
#
# Not required for UEFI.
#
# $(OPENSSL_PATH)/crypto/tmdiff.c
$(OPENSSL_PATH)/crypto/cpt_err.c
$(OPENSSL_PATH)/crypto/ebcdic.c
$(OPENSSL_PATH)/crypto/uid.c
$(OPENSSL_PATH)/crypto/o_time.c
$(OPENSSL_PATH)/crypto/o_str.c
$(OPENSSL_PATH)/crypto/o_dir.c
$(OPENSSL_PATH)/crypto/o_init.c
$(OPENSSL_PATH)/crypto/fips_err.c
$(OPENSSL_PATH)/crypto/md2/md2_dgst.c
$(OPENSSL_PATH)/crypto/md2/md2_one.c
$(OPENSSL_PATH)/crypto/md4/md4_dgst.c
$(OPENSSL_PATH)/crypto/md4/md4_one.c
$(OPENSSL_PATH)/crypto/md5/md5_dgst.c
$(OPENSSL_PATH)/crypto/md5/md5_one.c
$(OPENSSL_PATH)/crypto/sha/sha_dgst.c
$(OPENSSL_PATH)/crypto/sha/sha1dgst.c
$(OPENSSL_PATH)/crypto/sha/sha_one.c
$(OPENSSL_PATH)/crypto/sha/sha1_one.c
$(OPENSSL_PATH)/crypto/sha/sha256.c
$(OPENSSL_PATH)/crypto/sha/sha512.c
$(OPENSSL_PATH)/crypto/hmac/hmac.c
$(OPENSSL_PATH)/crypto/ripemd/rmd_dgst.c
$(OPENSSL_PATH)/crypto/ripemd/rmd_one.c
$(OPENSSL_PATH)/crypto/des/des_lib.c
$(OPENSSL_PATH)/crypto/des/set_key.c
$(OPENSSL_PATH)/crypto/des/ecb_enc.c
$(OPENSSL_PATH)/crypto/des/cbc_enc.c
$(OPENSSL_PATH)/crypto/des/ecb3_enc.c
$(OPENSSL_PATH)/crypto/des/cfb64enc.c
$(OPENSSL_PATH)/crypto/des/cfb64ede.c
$(OPENSSL_PATH)/crypto/des/cfb_enc.c
$(OPENSSL_PATH)/crypto/des/ofb64ede.c
$(OPENSSL_PATH)/crypto/des/enc_read.c
$(OPENSSL_PATH)/crypto/des/enc_writ.c
$(OPENSSL_PATH)/crypto/des/ofb64enc.c
$(OPENSSL_PATH)/crypto/des/ofb_enc.c
$(OPENSSL_PATH)/crypto/des/str2key.c
$(OPENSSL_PATH)/crypto/des/pcbc_enc.c
$(OPENSSL_PATH)/crypto/des/qud_cksm.c
$(OPENSSL_PATH)/crypto/des/rand_key.c
$(OPENSSL_PATH)/crypto/des/des_enc.c
$(OPENSSL_PATH)/crypto/des/fcrypt_b.c
$(OPENSSL_PATH)/crypto/des/fcrypt.c
$(OPENSSL_PATH)/crypto/des/xcbc_enc.c
$(OPENSSL_PATH)/crypto/des/rpc_enc.c
$(OPENSSL_PATH)/crypto/des/cbc_cksm.c
$(OPENSSL_PATH)/crypto/des/ede_cbcm_enc.c
$(OPENSSL_PATH)/crypto/des/des_old.c
$(OPENSSL_PATH)/crypto/des/des_old2.c
$(OPENSSL_PATH)/crypto/des/read2pwd.c
$(OPENSSL_PATH)/crypto/rc2/rc2_ecb.c
$(OPENSSL_PATH)/crypto/rc2/rc2_skey.c
$(OPENSSL_PATH)/crypto/rc2/rc2_cbc.c
$(OPENSSL_PATH)/crypto/rc2/rc2cfb64.c
$(OPENSSL_PATH)/crypto/rc2/rc2ofb64.c
$(OPENSSL_PATH)/crypto/rc4/rc4_enc.c
$(OPENSSL_PATH)/crypto/rc4/rc4_skey.c
$(OPENSSL_PATH)/crypto/rc4/rc4_fblk.c
$(OPENSSL_PATH)/crypto/idea/i_cbc.c
$(OPENSSL_PATH)/crypto/idea/i_cfb64.c
$(OPENSSL_PATH)/crypto/idea/i_ofb64.c
$(OPENSSL_PATH)/crypto/idea/i_ecb.c
$(OPENSSL_PATH)/crypto/idea/i_skey.c
$(OPENSSL_PATH)/crypto/bf/bf_skey.c
$(OPENSSL_PATH)/crypto/bf/bf_ecb.c
$(OPENSSL_PATH)/crypto/bf/bf_enc.c
$(OPENSSL_PATH)/crypto/bf/bf_cfb64.c
$(OPENSSL_PATH)/crypto/bf/bf_ofb64.c
$(OPENSSL_PATH)/crypto/cast/c_skey.c
$(OPENSSL_PATH)/crypto/cast/c_ecb.c
$(OPENSSL_PATH)/crypto/cast/c_enc.c
$(OPENSSL_PATH)/crypto/cast/c_cfb64.c
$(OPENSSL_PATH)/crypto/cast/c_ofb64.c
$(OPENSSL_PATH)/crypto/aes/aes_misc.c
$(OPENSSL_PATH)/crypto/aes/aes_ecb.c
$(OPENSSL_PATH)/crypto/aes/aes_cfb.c
$(OPENSSL_PATH)/crypto/aes/aes_ofb.c
$(OPENSSL_PATH)/crypto/aes/aes_ctr.c
$(OPENSSL_PATH)/crypto/aes/aes_ige.c
$(OPENSSL_PATH)/crypto/aes/aes_wrap.c
$(OPENSSL_PATH)/crypto/aes/aes_core.c
$(OPENSSL_PATH)/crypto/aes/aes_cbc.c
$(OPENSSL_PATH)/crypto/bn/bn_add.c
$(OPENSSL_PATH)/crypto/bn/bn_div.c
$(OPENSSL_PATH)/crypto/bn/bn_exp.c
$(OPENSSL_PATH)/crypto/bn/bn_lib.c
$(OPENSSL_PATH)/crypto/bn/bn_ctx.c
$(OPENSSL_PATH)/crypto/bn/bn_mul.c
$(OPENSSL_PATH)/crypto/bn/bn_mod.c
$(OPENSSL_PATH)/crypto/bn/bn_print.c
$(OPENSSL_PATH)/crypto/bn/bn_rand.c
$(OPENSSL_PATH)/crypto/bn/bn_shift.c
$(OPENSSL_PATH)/crypto/bn/bn_word.c
$(OPENSSL_PATH)/crypto/bn/bn_blind.c
$(OPENSSL_PATH)/crypto/bn/bn_kron.c
$(OPENSSL_PATH)/crypto/bn/bn_sqrt.c
$(OPENSSL_PATH)/crypto/bn/bn_gcd.c
$(OPENSSL_PATH)/crypto/bn/bn_prime.c
$(OPENSSL_PATH)/crypto/bn/bn_err.c
$(OPENSSL_PATH)/crypto/bn/bn_sqr.c
$(OPENSSL_PATH)/crypto/bn/bn_asm.c
$(OPENSSL_PATH)/crypto/bn/bn_recp.c
$(OPENSSL_PATH)/crypto/bn/bn_mont.c
$(OPENSSL_PATH)/crypto/bn/bn_mpi.c
$(OPENSSL_PATH)/crypto/bn/bn_exp2.c
$(OPENSSL_PATH)/crypto/bn/bn_gf2m.c
$(OPENSSL_PATH)/crypto/bn/bn_nist.c
$(OPENSSL_PATH)/crypto/bn/bn_depr.c
$(OPENSSL_PATH)/crypto/bn/bn_x931p.c
$(OPENSSL_PATH)/crypto/bn/bn_const.c
$(OPENSSL_PATH)/crypto/bn/bn_opt.c
$(OPENSSL_PATH)/crypto/rsa/rsa_eay.c
$(OPENSSL_PATH)/crypto/rsa/rsa_gen.c
$(OPENSSL_PATH)/crypto/rsa/rsa_lib.c
$(OPENSSL_PATH)/crypto/rsa/rsa_sign.c
$(OPENSSL_PATH)/crypto/rsa/rsa_saos.c
$(OPENSSL_PATH)/crypto/rsa/rsa_err.c
$(OPENSSL_PATH)/crypto/rsa/rsa_pk1.c
$(OPENSSL_PATH)/crypto/rsa/rsa_ssl.c
$(OPENSSL_PATH)/crypto/rsa/rsa_none.c
$(OPENSSL_PATH)/crypto/rsa/rsa_oaep.c
$(OPENSSL_PATH)/crypto/rsa/rsa_chk.c
$(OPENSSL_PATH)/crypto/rsa/rsa_null.c
$(OPENSSL_PATH)/crypto/rsa/rsa_pss.c
$(OPENSSL_PATH)/crypto/rsa/rsa_x931.c
$(OPENSSL_PATH)/crypto/rsa/rsa_x931g.c
$(OPENSSL_PATH)/crypto/rsa/rsa_asn1.c
$(OPENSSL_PATH)/crypto/rsa/rsa_depr.c
$(OPENSSL_PATH)/crypto/rsa/rsa_eng.c
$(OPENSSL_PATH)/crypto/dsa/dsa_gen.c
$(OPENSSL_PATH)/crypto/dsa/dsa_key.c
$(OPENSSL_PATH)/crypto/dsa/dsa_lib.c
$(OPENSSL_PATH)/crypto/dsa/dsa_asn1.c
$(OPENSSL_PATH)/crypto/dsa/dsa_vrf.c
$(OPENSSL_PATH)/crypto/dsa/dsa_sign.c
$(OPENSSL_PATH)/crypto/dsa/dsa_err.c
$(OPENSSL_PATH)/crypto/dsa/dsa_ossl.c
$(OPENSSL_PATH)/crypto/dsa/dsa_depr.c
$(OPENSSL_PATH)/crypto/dsa/dsa_utl.c
$(OPENSSL_PATH)/crypto/dso/dso_dl.c
$(OPENSSL_PATH)/crypto/dso/dso_dlfcn.c
$(OPENSSL_PATH)/crypto/dso/dso_err.c
$(OPENSSL_PATH)/crypto/dso/dso_lib.c
$(OPENSSL_PATH)/crypto/dso/dso_null.c
$(OPENSSL_PATH)/crypto/dso/dso_openssl.c
$(OPENSSL_PATH)/crypto/dso/dso_win32.c
$(OPENSSL_PATH)/crypto/dso/dso_vms.c
$(OPENSSL_PATH)/crypto/dh/dh_asn1.c
$(OPENSSL_PATH)/crypto/dh/dh_gen.c
$(OPENSSL_PATH)/crypto/dh/dh_key.c
$(OPENSSL_PATH)/crypto/dh/dh_lib.c
$(OPENSSL_PATH)/crypto/dh/dh_check.c
$(OPENSSL_PATH)/crypto/dh/dh_err.c
$(OPENSSL_PATH)/crypto/dh/dh_depr.c
$(OPENSSL_PATH)/crypto/ec/ec_lib.c
$(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
$(OPENSSL_PATH)/crypto/ec/ecp_mont.c
$(OPENSSL_PATH)/crypto/ec/ecp_nist.c
$(OPENSSL_PATH)/crypto/ec/ec_cvt.c
$(OPENSSL_PATH)/crypto/ec/ec_mult.c
$(OPENSSL_PATH)/crypto/ec/ec_err.c
$(OPENSSL_PATH)/crypto/ec/ec_curve.c
$(OPENSSL_PATH)/crypto/ec/ec_check.c
$(OPENSSL_PATH)/crypto/ec/ec_print.c
$(OPENSSL_PATH)/crypto/ec/ec_asn1.c
$(OPENSSL_PATH)/crypto/ec/ec_key.c
$(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
$(OPENSSL_PATH)/crypto/ec/ec2_mult.c
$(OPENSSL_PATH)/crypto/ecdh/ech_lib.c
$(OPENSSL_PATH)/crypto/ecdh/ech_ossl.c
$(OPENSSL_PATH)/crypto/ecdh/ech_key.c
$(OPENSSL_PATH)/crypto/ecdh/ech_err.c
$(OPENSSL_PATH)/crypto/ecdsa/ecs_lib.c
$(OPENSSL_PATH)/crypto/ecdsa/ecs_asn1.c
$(OPENSSL_PATH)/crypto/ecdsa/ecs_ossl.c
$(OPENSSL_PATH)/crypto/ecdsa/ecs_sign.c
$(OPENSSL_PATH)/crypto/ecdsa/ecs_vrf.c
$(OPENSSL_PATH)/crypto/ecdsa/ecs_err.c
$(OPENSSL_PATH)/crypto/buffer/buffer.c
$(OPENSSL_PATH)/crypto/buffer/buf_str.c
$(OPENSSL_PATH)/crypto/buffer/buf_err.c
$(OPENSSL_PATH)/crypto/bio/bio_lib.c
$(OPENSSL_PATH)/crypto/bio/bio_cb.c
$(OPENSSL_PATH)/crypto/bio/bio_err.c
$(OPENSSL_PATH)/crypto/bio/bss_mem.c
$(OPENSSL_PATH)/crypto/bio/bss_null.c
$(OPENSSL_PATH)/crypto/bio/bss_fd.c
$(OPENSSL_PATH)/crypto/bio/bss_file.c
$(OPENSSL_PATH)/crypto/bio/bf_null.c
$(OPENSSL_PATH)/crypto/bio/bf_buff.c
$(OPENSSL_PATH)/crypto/bio/b_print.c
$(OPENSSL_PATH)/crypto/bio/b_dump.c
$(OPENSSL_PATH)/crypto/bio/bf_nbio.c
$(OPENSSL_PATH)/crypto/bio/bss_log.c
$(OPENSSL_PATH)/crypto/bio/bss_bio.c
$(OPENSSL_PATH)/crypto/bio/bss_dgram.c
$(OPENSSL_PATH)/crypto/stack/stack.c
$(OPENSSL_PATH)/crypto/lhash/lhash.c
$(OPENSSL_PATH)/crypto/lhash/lh_stats.c
$(OPENSSL_PATH)/crypto/rand/md_rand.c
$(OPENSSL_PATH)/crypto/rand/randfile.c
$(OPENSSL_PATH)/crypto/rand/rand_lib.c
$(OPENSSL_PATH)/crypto/rand/rand_eng.c
$(OPENSSL_PATH)/crypto/rand/rand_err.c
$(OPENSSL_PATH)/crypto/rand/rand_egd.c
$(OPENSSL_PATH)/crypto/rand/rand_win.c
$(OPENSSL_PATH)/crypto/rand/rand_unix.c
$(OPENSSL_PATH)/crypto/rand/rand_os2.c
$(OPENSSL_PATH)/crypto/rand/rand_nw.c
$(OPENSSL_PATH)/crypto/err/err.c
$(OPENSSL_PATH)/crypto/err/err_def.c
$(OPENSSL_PATH)/crypto/err/err_all.c
$(OPENSSL_PATH)/crypto/err/err_prn.c
$(OPENSSL_PATH)/crypto/err/err_str.c
$(OPENSSL_PATH)/crypto/err/err_bio.c
$(OPENSSL_PATH)/crypto/objects/o_names.c
$(OPENSSL_PATH)/crypto/objects/obj_dat.c
$(OPENSSL_PATH)/crypto/objects/obj_lib.c
$(OPENSSL_PATH)/crypto/objects/obj_err.c
$(OPENSSL_PATH)/crypto/evp/encode.c
$(OPENSSL_PATH)/crypto/evp/digest.c
$(OPENSSL_PATH)/crypto/evp/dig_eng.c
$(OPENSSL_PATH)/crypto/evp/evp_enc.c
$(OPENSSL_PATH)/crypto/evp/evp_key.c
$(OPENSSL_PATH)/crypto/evp/evp_acnf.c
$(OPENSSL_PATH)/crypto/evp/evp_cnf.c
$(OPENSSL_PATH)/crypto/evp/e_des.c
$(OPENSSL_PATH)/crypto/evp/e_bf.c
$(OPENSSL_PATH)/crypto/evp/e_idea.c
$(OPENSSL_PATH)/crypto/evp/e_des3.c
$(OPENSSL_PATH)/crypto/evp/e_rc4.c
$(OPENSSL_PATH)/crypto/evp/e_aes.c
$(OPENSSL_PATH)/crypto/evp/names.c
$(OPENSSL_PATH)/crypto/evp/e_xcbc_d.c
$(OPENSSL_PATH)/crypto/evp/e_rc2.c
$(OPENSSL_PATH)/crypto/evp/e_cast.c
$(OPENSSL_PATH)/crypto/evp/e_rc5.c
$(OPENSSL_PATH)/crypto/evp/enc_min.c
$(OPENSSL_PATH)/crypto/evp/m_null.c
$(OPENSSL_PATH)/crypto/evp/m_md2.c
$(OPENSSL_PATH)/crypto/evp/m_md4.c
$(OPENSSL_PATH)/crypto/evp/m_md5.c
$(OPENSSL_PATH)/crypto/evp/m_sha.c
$(OPENSSL_PATH)/crypto/evp/m_sha1.c
$(OPENSSL_PATH)/crypto/evp/m_dss.c
$(OPENSSL_PATH)/crypto/evp/m_dss1.c
$(OPENSSL_PATH)/crypto/evp/m_ripemd.c
$(OPENSSL_PATH)/crypto/evp/m_ecdsa.c
$(OPENSSL_PATH)/crypto/evp/p_open.c
$(OPENSSL_PATH)/crypto/evp/p_seal.c
$(OPENSSL_PATH)/crypto/evp/p_sign.c
$(OPENSSL_PATH)/crypto/evp/p_verify.c
$(OPENSSL_PATH)/crypto/evp/p_lib.c
$(OPENSSL_PATH)/crypto/evp/p_enc.c
$(OPENSSL_PATH)/crypto/evp/p_dec.c
$(OPENSSL_PATH)/crypto/evp/bio_md.c
$(OPENSSL_PATH)/crypto/evp/bio_b64.c
$(OPENSSL_PATH)/crypto/evp/bio_enc.c
$(OPENSSL_PATH)/crypto/evp/evp_err.c
$(OPENSSL_PATH)/crypto/evp/e_null.c
$(OPENSSL_PATH)/crypto/evp/c_all.c
$(OPENSSL_PATH)/crypto/evp/c_allc.c
$(OPENSSL_PATH)/crypto/evp/c_alld.c
$(OPENSSL_PATH)/crypto/evp/evp_lib.c
$(OPENSSL_PATH)/crypto/evp/bio_ok.c
$(OPENSSL_PATH)/crypto/evp/evp_pkey.c
$(OPENSSL_PATH)/crypto/evp/evp_pbe.c
$(OPENSSL_PATH)/crypto/evp/p5_crpt.c
$(OPENSSL_PATH)/crypto/evp/p5_crpt2.c
$(OPENSSL_PATH)/crypto/evp/e_old.c
$(OPENSSL_PATH)/crypto/asn1/a_object.c
$(OPENSSL_PATH)/crypto/asn1/a_bitstr.c
$(OPENSSL_PATH)/crypto/asn1/a_utctm.c
$(OPENSSL_PATH)/crypto/asn1/a_gentm.c
$(OPENSSL_PATH)/crypto/asn1/a_time.c
$(OPENSSL_PATH)/crypto/asn1/a_int.c
$(OPENSSL_PATH)/crypto/asn1/a_octet.c
$(OPENSSL_PATH)/crypto/asn1/a_print.c
$(OPENSSL_PATH)/crypto/asn1/a_type.c
$(OPENSSL_PATH)/crypto/asn1/a_set.c
$(OPENSSL_PATH)/crypto/asn1/a_dup.c
$(OPENSSL_PATH)/crypto/asn1/a_d2i_fp.c
$(OPENSSL_PATH)/crypto/asn1/a_i2d_fp.c
$(OPENSSL_PATH)/crypto/asn1/a_enum.c
$(OPENSSL_PATH)/crypto/asn1/a_utf8.c
$(OPENSSL_PATH)/crypto/asn1/a_sign.c
$(OPENSSL_PATH)/crypto/asn1/a_digest.c
$(OPENSSL_PATH)/crypto/asn1/a_verify.c
$(OPENSSL_PATH)/crypto/asn1/a_mbstr.c
$(OPENSSL_PATH)/crypto/asn1/a_strex.c
$(OPENSSL_PATH)/crypto/asn1/x_algor.c
$(OPENSSL_PATH)/crypto/asn1/x_val.c
$(OPENSSL_PATH)/crypto/asn1/x_pubkey.c
$(OPENSSL_PATH)/crypto/asn1/x_sig.c
$(OPENSSL_PATH)/crypto/asn1/x_req.c
$(OPENSSL_PATH)/crypto/asn1/x_attrib.c
$(OPENSSL_PATH)/crypto/asn1/x_bignum.c
$(OPENSSL_PATH)/crypto/asn1/x_long.c
$(OPENSSL_PATH)/crypto/asn1/x_name.c
$(OPENSSL_PATH)/crypto/asn1/x_x509.c
$(OPENSSL_PATH)/crypto/asn1/x_x509a.c
$(OPENSSL_PATH)/crypto/asn1/x_crl.c
$(OPENSSL_PATH)/crypto/asn1/x_info.c
$(OPENSSL_PATH)/crypto/asn1/x_spki.c
$(OPENSSL_PATH)/crypto/asn1/nsseq.c
$(OPENSSL_PATH)/crypto/asn1/d2i_pu.c
$(OPENSSL_PATH)/crypto/asn1/d2i_pr.c
$(OPENSSL_PATH)/crypto/asn1/i2d_pu.c
$(OPENSSL_PATH)/crypto/asn1/i2d_pr.c
$(OPENSSL_PATH)/crypto/asn1/t_req.c
$(OPENSSL_PATH)/crypto/asn1/t_x509.c
$(OPENSSL_PATH)/crypto/asn1/t_x509a.c
$(OPENSSL_PATH)/crypto/asn1/t_crl.c
$(OPENSSL_PATH)/crypto/asn1/t_pkey.c
$(OPENSSL_PATH)/crypto/asn1/t_spki.c
$(OPENSSL_PATH)/crypto/asn1/t_bitst.c
$(OPENSSL_PATH)/crypto/asn1/tasn_new.c
$(OPENSSL_PATH)/crypto/asn1/tasn_fre.c
$(OPENSSL_PATH)/crypto/asn1/tasn_enc.c
$(OPENSSL_PATH)/crypto/asn1/tasn_dec.c
$(OPENSSL_PATH)/crypto/asn1/tasn_utl.c
$(OPENSSL_PATH)/crypto/asn1/tasn_typ.c
$(OPENSSL_PATH)/crypto/asn1/f_int.c
$(OPENSSL_PATH)/crypto/asn1/f_string.c
$(OPENSSL_PATH)/crypto/asn1/n_pkey.c
$(OPENSSL_PATH)/crypto/asn1/f_enum.c
$(OPENSSL_PATH)/crypto/asn1/a_hdr.c
$(OPENSSL_PATH)/crypto/asn1/x_pkey.c
$(OPENSSL_PATH)/crypto/asn1/a_bool.c
$(OPENSSL_PATH)/crypto/asn1/x_exten.c
$(OPENSSL_PATH)/crypto/asn1/asn_mime.c
$(OPENSSL_PATH)/crypto/asn1/asn1_gen.c
$(OPENSSL_PATH)/crypto/asn1/asn1_par.c
$(OPENSSL_PATH)/crypto/asn1/asn1_lib.c
$(OPENSSL_PATH)/crypto/asn1/asn1_err.c
$(OPENSSL_PATH)/crypto/asn1/a_meth.c
$(OPENSSL_PATH)/crypto/asn1/a_bytes.c
$(OPENSSL_PATH)/crypto/asn1/a_strnid.c
$(OPENSSL_PATH)/crypto/asn1/evp_asn1.c
$(OPENSSL_PATH)/crypto/asn1/asn_pack.c
$(OPENSSL_PATH)/crypto/asn1/p5_pbe.c
$(OPENSSL_PATH)/crypto/asn1/p5_pbev2.c
$(OPENSSL_PATH)/crypto/asn1/p8_pkey.c
$(OPENSSL_PATH)/crypto/asn1/asn_moid.c
$(OPENSSL_PATH)/crypto/pem/pem_sign.c
$(OPENSSL_PATH)/crypto/pem/pem_seal.c
$(OPENSSL_PATH)/crypto/pem/pem_info.c
$(OPENSSL_PATH)/crypto/pem/pem_lib.c
$(OPENSSL_PATH)/crypto/pem/pem_all.c
$(OPENSSL_PATH)/crypto/pem/pem_err.c
$(OPENSSL_PATH)/crypto/pem/pem_x509.c
$(OPENSSL_PATH)/crypto/pem/pem_xaux.c
$(OPENSSL_PATH)/crypto/pem/pem_oth.c
$(OPENSSL_PATH)/crypto/pem/pem_pk8.c
$(OPENSSL_PATH)/crypto/pem/pem_pkey.c
$(OPENSSL_PATH)/crypto/x509/x509_def.c
$(OPENSSL_PATH)/crypto/x509/x509_d2.c
$(OPENSSL_PATH)/crypto/x509/x509_r2x.c
$(OPENSSL_PATH)/crypto/x509/x509_cmp.c
$(OPENSSL_PATH)/crypto/x509/x509_obj.c
$(OPENSSL_PATH)/crypto/x509/x509_req.c
$(OPENSSL_PATH)/crypto/x509/x509spki.c
$(OPENSSL_PATH)/crypto/x509/x509_vfy.c
$(OPENSSL_PATH)/crypto/x509/x509_set.c
$(OPENSSL_PATH)/crypto/x509/x509cset.c
$(OPENSSL_PATH)/crypto/x509/x509rset.c
$(OPENSSL_PATH)/crypto/x509/x509_err.c
$(OPENSSL_PATH)/crypto/x509/x509name.c
$(OPENSSL_PATH)/crypto/x509/x509_v3.c
$(OPENSSL_PATH)/crypto/x509/x509_ext.c
$(OPENSSL_PATH)/crypto/x509/x509_att.c
$(OPENSSL_PATH)/crypto/x509/x509type.c
$(OPENSSL_PATH)/crypto/x509/x509_lu.c
$(OPENSSL_PATH)/crypto/x509/x_all.c
$(OPENSSL_PATH)/crypto/x509/x509_txt.c
$(OPENSSL_PATH)/crypto/x509/x509_trs.c
$(OPENSSL_PATH)/crypto/x509/by_file.c
$(OPENSSL_PATH)/crypto/x509/by_dir.c
$(OPENSSL_PATH)/crypto/x509/x509_vpm.c
$(OPENSSL_PATH)/crypto/x509v3/v3_bcons.c
$(OPENSSL_PATH)/crypto/x509v3/v3_bitst.c
$(OPENSSL_PATH)/crypto/x509v3/v3_conf.c
$(OPENSSL_PATH)/crypto/x509v3/v3_extku.c
$(OPENSSL_PATH)/crypto/x509v3/v3_ia5.c
$(OPENSSL_PATH)/crypto/x509v3/v3_lib.c
$(OPENSSL_PATH)/crypto/x509v3/v3_prn.c
$(OPENSSL_PATH)/crypto/x509v3/v3_utl.c
$(OPENSSL_PATH)/crypto/x509v3/v3err.c
$(OPENSSL_PATH)/crypto/x509v3/v3_genn.c
$(OPENSSL_PATH)/crypto/x509v3/v3_alt.c
$(OPENSSL_PATH)/crypto/x509v3/v3_skey.c
$(OPENSSL_PATH)/crypto/x509v3/v3_akey.c
$(OPENSSL_PATH)/crypto/x509v3/v3_pku.c
$(OPENSSL_PATH)/crypto/x509v3/v3_int.c
$(OPENSSL_PATH)/crypto/x509v3/v3_enum.c
$(OPENSSL_PATH)/crypto/x509v3/v3_sxnet.c
$(OPENSSL_PATH)/crypto/x509v3/v3_cpols.c
$(OPENSSL_PATH)/crypto/x509v3/v3_crld.c
$(OPENSSL_PATH)/crypto/x509v3/v3_purp.c
$(OPENSSL_PATH)/crypto/x509v3/v3_info.c
$(OPENSSL_PATH)/crypto/x509v3/v3_ocsp.c
$(OPENSSL_PATH)/crypto/x509v3/v3_akeya.c
$(OPENSSL_PATH)/crypto/x509v3/v3_pmaps.c
$(OPENSSL_PATH)/crypto/x509v3/v3_pcons.c
$(OPENSSL_PATH)/crypto/x509v3/v3_ncons.c
$(OPENSSL_PATH)/crypto/x509v3/v3_pcia.c
$(OPENSSL_PATH)/crypto/x509v3/v3_pci.c
$(OPENSSL_PATH)/crypto/x509v3/pcy_cache.c
$(OPENSSL_PATH)/crypto/x509v3/pcy_node.c
$(OPENSSL_PATH)/crypto/x509v3/pcy_data.c
$(OPENSSL_PATH)/crypto/x509v3/pcy_map.c
$(OPENSSL_PATH)/crypto/x509v3/pcy_tree.c
$(OPENSSL_PATH)/crypto/x509v3/pcy_lib.c
$(OPENSSL_PATH)/crypto/x509v3/v3_asid.c
$(OPENSSL_PATH)/crypto/x509v3/v3_addr.c
$(OPENSSL_PATH)/crypto/conf/conf_err.c
$(OPENSSL_PATH)/crypto/conf/conf_lib.c
$(OPENSSL_PATH)/crypto/conf/conf_api.c
$(OPENSSL_PATH)/crypto/conf/conf_def.c
$(OPENSSL_PATH)/crypto/conf/conf_mod.c
$(OPENSSL_PATH)/crypto/conf/conf_mall.c
$(OPENSSL_PATH)/crypto/conf/conf_sap.c
$(OPENSSL_PATH)/crypto/txt_db/txt_db.c
$(OPENSSL_PATH)/crypto/pkcs7/pk7_asn1.c
$(OPENSSL_PATH)/crypto/pkcs7/pk7_lib.c
$(OPENSSL_PATH)/crypto/pkcs7/pkcs7err.c
$(OPENSSL_PATH)/crypto/pkcs7/pk7_doit.c
$(OPENSSL_PATH)/crypto/pkcs7/pk7_smime.c
$(OPENSSL_PATH)/crypto/pkcs7/pk7_attr.c
$(OPENSSL_PATH)/crypto/pkcs7/pk7_mime.c
$(OPENSSL_PATH)/crypto/pkcs12/p12_add.c
$(OPENSSL_PATH)/crypto/pkcs12/p12_asn.c
$(OPENSSL_PATH)/crypto/pkcs12/p12_attr.c
$(OPENSSL_PATH)/crypto/pkcs12/p12_crpt.c
$(OPENSSL_PATH)/crypto/pkcs12/p12_crt.c
$(OPENSSL_PATH)/crypto/pkcs12/p12_decr.c
$(OPENSSL_PATH)/crypto/pkcs12/p12_init.c
$(OPENSSL_PATH)/crypto/pkcs12/p12_key.c
$(OPENSSL_PATH)/crypto/pkcs12/p12_kiss.c
$(OPENSSL_PATH)/crypto/pkcs12/p12_mutl.c
$(OPENSSL_PATH)/crypto/pkcs12/p12_utl.c
$(OPENSSL_PATH)/crypto/pkcs12/p12_npas.c
$(OPENSSL_PATH)/crypto/pkcs12/pk12err.c
$(OPENSSL_PATH)/crypto/pkcs12/p12_p8d.c
$(OPENSSL_PATH)/crypto/pkcs12/p12_p8e.c
$(OPENSSL_PATH)/crypto/comp/comp_lib.c
$(OPENSSL_PATH)/crypto/comp/comp_err.c
$(OPENSSL_PATH)/crypto/comp/c_rle.c
$(OPENSSL_PATH)/crypto/comp/c_zlib.c
$(OPENSSL_PATH)/crypto/engine/eng_err.c
$(OPENSSL_PATH)/crypto/engine/eng_lib.c
$(OPENSSL_PATH)/crypto/engine/eng_list.c
$(OPENSSL_PATH)/crypto/engine/eng_init.c
$(OPENSSL_PATH)/crypto/engine/eng_ctrl.c
$(OPENSSL_PATH)/crypto/engine/eng_table.c
$(OPENSSL_PATH)/crypto/engine/eng_pkey.c
$(OPENSSL_PATH)/crypto/engine/eng_fat.c
$(OPENSSL_PATH)/crypto/engine/eng_all.c
$(OPENSSL_PATH)/crypto/engine/tb_rsa.c
$(OPENSSL_PATH)/crypto/engine/tb_dsa.c
$(OPENSSL_PATH)/crypto/engine/tb_ecdsa.c
$(OPENSSL_PATH)/crypto/engine/tb_dh.c
$(OPENSSL_PATH)/crypto/engine/tb_ecdh.c
$(OPENSSL_PATH)/crypto/engine/tb_rand.c
$(OPENSSL_PATH)/crypto/engine/tb_store.c
$(OPENSSL_PATH)/crypto/engine/tb_cipher.c
$(OPENSSL_PATH)/crypto/engine/tb_digest.c
$(OPENSSL_PATH)/crypto/engine/eng_openssl.c
$(OPENSSL_PATH)/crypto/engine/eng_cnf.c
$(OPENSSL_PATH)/crypto/engine/eng_dyn.c
$(OPENSSL_PATH)/crypto/engine/eng_cryptodev.c
$(OPENSSL_PATH)/crypto/engine/eng_padlock.c
$(OPENSSL_PATH)/crypto/ocsp/ocsp_asn.c
$(OPENSSL_PATH)/crypto/ocsp/ocsp_ext.c
$(OPENSSL_PATH)/crypto/ocsp/ocsp_ht.c
$(OPENSSL_PATH)/crypto/ocsp/ocsp_lib.c
$(OPENSSL_PATH)/crypto/ocsp/ocsp_cl.c
$(OPENSSL_PATH)/crypto/ocsp/ocsp_srv.c
$(OPENSSL_PATH)/crypto/ocsp/ocsp_prn.c
$(OPENSSL_PATH)/crypto/ocsp/ocsp_vfy.c
$(OPENSSL_PATH)/crypto/ocsp/ocsp_err.c
$(OPENSSL_PATH)/crypto/ui/ui_err.c
$(OPENSSL_PATH)/crypto/ui/ui_lib.c
#
# Not required when OPENSSL_NO_STDIO is set, which is is for UEFI.
#
# $(OPENSSL_PATH)/crypto/ui/ui_openssl.c
$(OPENSSL_PATH)/crypto/ui/ui_util.c
$(OPENSSL_PATH)/crypto/ui/ui_compat.c
$(OPENSSL_PATH)/crypto/krb5/krb5_asn.c
$(OPENSSL_PATH)/crypto/store/str_err.c
$(OPENSSL_PATH)/crypto/store/str_lib.c
$(OPENSSL_PATH)/crypto/store/str_meth.c
$(OPENSSL_PATH)/crypto/store/str_mem.c
$(OPENSSL_PATH)/crypto/pqueue/pqueue.c
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
[LibraryClasses]
DebugLib
[BuildOptions]
MSFT:*_*_*_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /WX- /GL-
INTEL:*_*_*_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) /WX-
GCC:*_*_*_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -w

View File

@@ -0,0 +1,61 @@
================================================================================
Introduction
================================================================================
OpenSSL is a well-known open source implementation of SSL and TLS protocols.
The core library implements the basic cryptographic functions and provides various
utility functions. The OpenSSL library is widely used in variety of security
products development as base crypto provider. (See http://www.openssl.org for more
information for OpenSSL).
UEFI (Unified Extensible Firmware Interface) is a specification detailing the
interfaces between OS and platform firmware. Several security features were
introduced (e.g. Authenticated Variable Service, Driver Signing, etc) from UEFI
2.2 (http://www.uefi.org). These security features highly depends on the
cryptography. This patch will enable openssl building under UEFI environment.
================================================================================
OpenSSL-Version
================================================================================
Current supported OpenSSL version for UEFI Crypto Library is 0.9.8l.
http://www.openssl.org/source/openssl-0.9.8l.tar.gz
================================================================================
HOW to Install Openssl for UEFI Building
================================================================================
1. Download OpenSSL 0.9.8l from official website:
http://www.openssl.org/source/openssl-0.9.8l.tar.gz
NOTE: Some web browsers may rename the downloaded TAR file to openssl-0.9.8l.tar.tar.
When you do the download, rename the "openssl-0.9.8l.tar.tar" to
"openssl-0.9.8l.tar.gz" or rename the local downloaded file with ".tar.tar"
extension to ".tar.gz".
2. Extract TAR into CryptoPkg/Library/OpenSslLib/openssl-0.9.8l
NOTE: If you use WinZip to unpack the openssl source in Windows, please
uncheck the WinZip smart CR/LF conversion option (WINZIP: Options -->
Configuration --> Miscellaneous --> "TAR file smart CR/LF conversion").
3. Apply this patch: EDKII_openssl-0.9.8l.patch, and make installation
For Windows Environment:
------------------------
1) Make sure the patch utility has been installed in your machine.
Install Cygwin or get the patch utility binary from
http://gnuwin32.sourceforge.net/packages/patch.htm
2) cd $(WORKSPACE)\CryptoPkg\Library\OpensslLib\openssl-0.9.8l
3) patch -p0 -i ..\EDKII_openssl-0.9.8l.patch
4) cd ..
5) install.cmd
For Linux* Environment:
-----------------------
1) Make sure the patch utility has been installed in your machine.
Patch utility is available from http://directory.fsf.org/project/patch/
2) cd $(WORKSPACE)/CryptoPkg/Library/OpensslLib/openssl-0.9.8l
3) patch -p0 -i ../EDKII_openssl-0.9.8l.patch
4) cd ..
5) ./install.sh

View File

@@ -0,0 +1,2 @@
#define PLATFORM "UEFI"
#define DATE "Mon Mar 8 14:17:05 PDT 2010"