diff options
| -rw-r--r-- | .pc/.version | 1 | ||||
| -rw-r--r-- | Cryptlib/Library/BaseMemoryLib.h | 0 | ||||
| -rw-r--r-- | debian/canonical-uefi-ca.der | bin | 0 -> 1080 bytes | |||
| -rw-r--r-- | debian/changelog | 127 | ||||
| -rw-r--r-- | debian/compat | 1 | ||||
| -rw-r--r-- | debian/control | 18 | ||||
| -rw-r--r-- | debian/copyright | 33 | ||||
| -rw-r--r-- | debian/patches/0001-Update-openssl-to-0.9.8za.patch | 4093 | ||||
| -rw-r--r-- | debian/patches/CVE-2014-3675.patch | 161 | ||||
| -rw-r--r-- | debian/patches/CVE-2014-3677.patch | 75 | ||||
| -rw-r--r-- | debian/patches/prototypes | 191 | ||||
| -rw-r--r-- | debian/patches/sbsigntool-not-pesign | 22 | ||||
| -rw-r--r-- | debian/patches/second-stage-path | 20 | ||||
| -rw-r--r-- | debian/patches/series | 5 | ||||
| -rwxr-xr-x | debian/rules | 7 | ||||
| -rw-r--r-- | debian/shim.install | 3 | ||||
| -rw-r--r-- | debian/source/format | 1 | ||||
| -rw-r--r-- | debian/source/include-binaries | 1 |
18 files changed, 4759 insertions, 0 deletions
diff --git a/.pc/.version b/.pc/.version new file mode 100644 index 00000000..0cfbf088 --- /dev/null +++ b/.pc/.version @@ -0,0 +1 @@ +2 diff --git a/Cryptlib/Library/BaseMemoryLib.h b/Cryptlib/Library/BaseMemoryLib.h deleted file mode 100644 index e69de29b..00000000 --- a/Cryptlib/Library/BaseMemoryLib.h +++ /dev/null diff --git a/debian/canonical-uefi-ca.der b/debian/canonical-uefi-ca.der Binary files differnew file mode 100644 index 00000000..b4098d9c --- /dev/null +++ b/debian/canonical-uefi-ca.der diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 00000000..953e8742 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,127 @@ +shim (0.8-0ubuntu1) UNRELEASED; urgency=medium + + * New upstream release. + + -- Mathieu Trudel-Lapierre <mathieu-tl@ubuntu.com> Wed, 06 May 2015 09:49:45 -0400 + +shim (0.7-0ubuntu4) utopic; urgency=medium + + * SECURITY UPDATE: heap overflow and out-of-bounds read access when + parsing DHCPv6 information + - debian/patches/CVE-2014-3675.patch: apply proper bounds checking + when parsing data provided in DHCPv6 packets. + - CVE-2014-3675 + - CVE-2014-3676 + * SECURITY UPDATE: memory corruption when processing user-provided key + lists + - debian/patches/CVE-2014-3677.patch: detect malformed machine owner + key (MOK) lists and ignore them, avoiding possible memory corruption. + - CVE-2014-3677 + + -- Steve Langasek <steve.langasek@ubuntu.com> Wed, 08 Oct 2014 06:40:40 +0000 + +shim (0.7-0ubuntu2) utopic; urgency=medium + + * Restore debian/patches/prototypes, which still is needed on shim 0.7 + but only detected on the buildds. + * Update debian/patches/prototypes with some new declarations needed for + openssl 0.9.8za update. + + -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 07 Oct 2014 16:20:08 -0700 + +shim (0.7-0ubuntu1) utopic; urgency=medium + + * New upstream release. + - fix spurious error message when fallback.efi is not present, as will + always be the case for removable media. LP: #1297069. + - drop most patches, included upstream. + * debian/patches/0001-Update-openssl-to-0.9.8za.patch: cherry-pick + openssl 0.9.8za in via upstream. + + -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 07 Oct 2014 05:40:41 +0000 + +shim (0.4-0ubuntu5) utopic; urgency=low + + * Install fallback.efi.signed as well, to lay the groundwork for fallback + handling (wanted when we have to move a drive between machines, or when + the firmware loses its marbles^W nvram). + + -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 04 Aug 2014 12:11:13 +0200 + +shim (0.4-0ubuntu4) saucy; urgency=low + + * debian/patches/fix-tftp-prototype: pass the right arguments to + EFI_PXE_BASE_CODE_TFTP_READ_FILE. + * debian/patches/build-with-Werror: Build with -Werror to catch future + prototype mismatches. + * debian/patches/fix-compiler-warnings: Fix remaining compiler + warnings in netboot.c. + * debian/patches/tftp-proper-nul-termination: fix nul termination + errors in filenames passed to tftp. + * debian/patches/netboot-cleanup: roll-up of miscellaneous fixes to + the netboot code. + + -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 23 Sep 2013 00:30:00 -0700 + +shim (0.4-0ubuntu3) saucy; urgency=low + + [ Steve Langasek ] + * Install MokManager.efi.signed in the package. + * debian/patches/no-output-by-default.patch: Don't print any + informational messages. Closes LP: #1074302. + + [ Stéphane Graber ] + * debian/patches/no-print-on-unsigned: Don't print an error message when + validating an unsigned binary as that tends to hang Lenovo machines. + (LP: #1087501) + + -- Stéphane Graber <stgraber@ubuntu.com> Thu, 08 Aug 2013 17:12:12 +0200 + +shim (0.4-0ubuntu2) saucy; urgency=low + + * Add missing build-dependency on openssl. + + -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 02 Jul 2013 20:30:43 +0000 + +shim (0.4-0ubuntu1) saucy; urgency=low + + * New upstream release. + * Drop debian/patches/shim-before-loadimage; upstream has changed this to + not call loadimage at all. + * debian/patches/sbsigntool-not-pesign: Sign MokManager with + sbsigntool instead of pesign. + * Add a versioned build-dependency on gnu-efi. + + -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 02 Jul 2013 12:53:24 -0700 + +shim (0~20120906.bcd0a4e8-0ubuntu4) quantal-proposed; urgency=low + + * debian/patches/shim-before-loadimage: Use direct verification first + before LoadImage. Addresses an issue where Lenovo's SecureBoot + implementation pops an error message on any verification failure - avoid + calling LoadImage at all unless we have to. + + -- Steve Langasek <steve.langasek@ubuntu.com> Wed, 10 Oct 2012 15:28:40 -0700 + +shim (0~20120906.bcd0a4e8-0ubuntu3) quantal; urgency=low + + * debian/patches/second-stage-path: Chainload grubx64.efi, not + grub.efi. + + -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 05 Oct 2012 11:20:58 -0700 + +shim (0~20120906.bcd0a4e8-0ubuntu2) quantal; urgency=low + + * debian/patches/prototypes: Include missing prototypes, and disable + use of BIO_new_file. + * Only build the package for amd64; we're not signing an i386 shim at this + stage so there's no point in building it. + + -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 04 Oct 2012 17:47:04 +0000 + +shim (0~20120906.bcd0a4e8-0ubuntu1) quantal; urgency=low + + * Initial release. + * Include the Canonical Secure Boot master CA. + + -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 04 Oct 2012 00:01:06 -0700 diff --git a/debian/compat b/debian/compat new file mode 100644 index 00000000..ec635144 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +9 diff --git a/debian/control b/debian/control new file mode 100644 index 00000000..0f71c7f7 --- /dev/null +++ b/debian/control @@ -0,0 +1,18 @@ +Source: shim +Section: admin +Priority: optional +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> +XSBC-Original-Maintainer: Steve Langasek <vorlon@debian.org> +Standards-Version: 3.9.3 +Build-Depends: debhelper (>= 9), gnu-efi (>= 3.0u), sbsigntool, openssl +Vcs-Bzr: lp:ubuntu/shim + +Package: shim +Architecture: amd64 +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: boot loader to chain-load signed boot loaders under Secure Boot + This package provides a minimalist boot loader which allows verifying + signatures of other UEFI binaries against either the Secure Boot DB/DBX or + against a built-in signature database. Its purpose is to allow a small, + infrequently-changing binary to be signed by the UEFI CA, while allowing + an OS distributor to revision their main bootloader independently of the CA. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 00000000..d9f12756 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,33 @@ +Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: shim +Upstream-Contact: Matthew Garrett <mjg@redhat.com> +Source: https://github.com/mjg59/shim.git + +Files: * +Copyright: 2012 Red Hat, Inc + 2009-2012 Intel Corporation +License: BSD-2-Clause + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + . + Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + . + Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the + distribution. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/debian/patches/0001-Update-openssl-to-0.9.8za.patch b/debian/patches/0001-Update-openssl-to-0.9.8za.patch new file mode 100644 index 00000000..a026b52b --- /dev/null +++ b/debian/patches/0001-Update-openssl-to-0.9.8za.patch @@ -0,0 +1,4093 @@ +From 76f8050ff6003e6048fdc4430d8b503aff934255 Mon Sep 17 00:00:00 2001 +From: Gary Ching-Pang Lin <glin@suse.com> +Date: Wed, 9 Jul 2014 15:02:50 +0800 +Subject: [PATCH] Update openssl to 0.9.8za + +Also update to Tiano Cryptlib r15638 +--- + Cryptlib/Cryptlib.diff | 4 +- + Cryptlib/Include/openssl/bn.h | 11 + + Cryptlib/Include/openssl/crypto.h | 37 +- + Cryptlib/Include/openssl/ec.h | 10 +- + Cryptlib/Include/openssl/engine.h | 8 +- + Cryptlib/Include/openssl/opensslv.h | 6 +- + Cryptlib/Include/openssl/ssl.h | 13 +- + Cryptlib/Include/openssl/ssl3.h | 10 + + Cryptlib/Include/openssl/symhacks.h | 10 +- + Cryptlib/Include/openssl/tls1.h | 14 + + Cryptlib/Makefile | 6 +- + Cryptlib/OpenSSL/crypto/asn1/a_int.c | 2 +- + Cryptlib/OpenSSL/crypto/asn1/a_strex.c | 1 + + Cryptlib/OpenSSL/crypto/asn1/a_strnid.c | 2 +- + Cryptlib/OpenSSL/crypto/asn1/a_verify.c | 6 + + Cryptlib/OpenSSL/crypto/asn1/t_pkey.c | 5 - + Cryptlib/OpenSSL/crypto/asn1/x_pubkey.c | 5 +- + Cryptlib/OpenSSL/crypto/bn/bn_lib.c | 52 ++ + Cryptlib/OpenSSL/crypto/bn/bn_mont.c | 46 +- + Cryptlib/OpenSSL/crypto/bn/bn_word.c | 25 +- + Cryptlib/OpenSSL/crypto/cryptlib.c | 16 + + Cryptlib/OpenSSL/crypto/ec/ec2_mult.c | 26 +- + Cryptlib/OpenSSL/crypto/ec/ec_key.c | 13 +- + Cryptlib/OpenSSL/crypto/ec/ec_lib.c | 10 +- + Cryptlib/OpenSSL/crypto/ecdh/ech_lib.c | 11 +- + Cryptlib/OpenSSL/crypto/ecdsa/ecs_lib.c | 11 +- + Cryptlib/OpenSSL/crypto/engine/eng_all.c | 6 +- + Cryptlib/OpenSSL/crypto/err/err_all.c | 2 + + Cryptlib/OpenSSL/crypto/evp/bio_b64.c | 3 +- + Cryptlib/OpenSSL/crypto/evp/encode.c | 1 + + Cryptlib/OpenSSL/crypto/o_init.c | 14 + + Cryptlib/OpenSSL/crypto/ocsp/ocsp_vfy.c | 10 +- + Cryptlib/OpenSSL/crypto/pkcs12/p12_crt.c | 8 + + Cryptlib/OpenSSL/crypto/pkcs12/p12_kiss.c | 2 +- + Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c | 4 +- + Cryptlib/OpenSSL/crypto/rsa/rsa_oaep.c | 2 +- + Cryptlib/OpenSSL/crypto/x509/x509_vfy.c | 6 +- + Cryptlib/OpenSSL/update.sh | 998 +++++++++++++++--------------- + Cryptlib/Pk/CryptPkcs7.c | 753 ---------------------- + Cryptlib/Pk/CryptPkcs7Sign.c | 207 +++++++ + Cryptlib/Pk/CryptPkcs7SignNull.c | 59 ++ + Cryptlib/Pk/CryptPkcs7Verify.c | 677 ++++++++++++++++++++ + Cryptlib/Pk/CryptPkcs7VerifyNull.c | 100 +++ + Cryptlib/Pk/CryptRsaExtNull.c | 125 ++++ + Cryptlib/Rand/CryptRand.c | 11 +- + Cryptlib/update.sh | 9 +- + 46 files changed, 1987 insertions(+), 1370 deletions(-) + delete mode 100644 Cryptlib/Pk/CryptPkcs7.c + create mode 100644 Cryptlib/Pk/CryptPkcs7Sign.c + create mode 100644 Cryptlib/Pk/CryptPkcs7SignNull.c + create mode 100644 Cryptlib/Pk/CryptPkcs7Verify.c + create mode 100644 Cryptlib/Pk/CryptPkcs7VerifyNull.c + create mode 100644 Cryptlib/Pk/CryptRsaExtNull.c + +diff --git a/Cryptlib/Cryptlib.diff b/Cryptlib/Cryptlib.diff +index 9663d90..a2f49d6 100644 +--- a/Cryptlib/Cryptlib.diff ++++ b/Cryptlib/Cryptlib.diff +@@ -6,8 +6,8 @@ index 68bc25a..1abe78e 100644 + // BUG: hardcode OldSize == size! We have no any knowledge about
+ // memory size of original pointer ptr.
+ //
+-- return ReallocatePool ((UINTN)size, (UINTN)size, ptr);
+-+ return ReallocatePool (ptr, (UINTN)size, (UINTN)size);
++- return ReallocatePool ((UINTN) size, (UINTN) size, ptr);
+++ return ReallocatePool (ptr, (UINTN) size, (UINTN) size);
+ }
+
+ /* De-allocates or frees a memory block */
+diff --git a/Cryptlib/Include/openssl/bn.h b/Cryptlib/Include/openssl/bn.h +index f1719a5..688a4e7 100644 +--- a/Cryptlib/Include/openssl/bn.h ++++ b/Cryptlib/Include/openssl/bn.h +@@ -511,6 +511,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *ret, + BIGNUM *BN_mod_sqrt(BIGNUM *ret, + const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); + ++void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords); ++ + /* Deprecated versions */ + #ifndef OPENSSL_NO_DEPRECATED + BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe, +@@ -740,11 +742,20 @@ int RAND_pseudo_bytes(unsigned char *buf,int num); + + #define bn_fix_top(a) bn_check_top(a) + ++#define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2) ++#define bn_wcheck_size(bn, words) \ ++ do { \ ++ const BIGNUM *_bnum2 = (bn); \ ++ assert(words <= (_bnum2)->dmax && words >= (_bnum2)->top); \ ++ } while(0) ++ + #else /* !BN_DEBUG */ + + #define bn_pollute(a) + #define bn_check_top(a) + #define bn_fix_top(a) bn_correct_top(a) ++#define bn_check_size(bn, bits) ++#define bn_wcheck_size(bn, words) + + #endif + +diff --git a/Cryptlib/Include/openssl/crypto.h b/Cryptlib/Include/openssl/crypto.h +index fc1374f..ac0c949 100644 +--- a/Cryptlib/Include/openssl/crypto.h ++++ b/Cryptlib/Include/openssl/crypto.h +@@ -235,15 +235,15 @@ typedef struct openssl_item_st + #ifndef OPENSSL_NO_LOCKING + #ifndef CRYPTO_w_lock + #define CRYPTO_w_lock(type) \ +- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) ++ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,NULL,0) + #define CRYPTO_w_unlock(type) \ +- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) ++ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,NULL,0) + #define CRYPTO_r_lock(type) \ +- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__) ++ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,NULL,0) + #define CRYPTO_r_unlock(type) \ +- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__) ++ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,NULL,0) + #define CRYPTO_add(addr,amount,type) \ +- CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__) ++ CRYPTO_add_lock(addr,amount,type,NULL,0) + #endif + #else + #define CRYPTO_w_lock(a) +@@ -361,19 +361,19 @@ int CRYPTO_is_mem_check_on(void); + #define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE) + #define is_MemCheck_on() CRYPTO_is_mem_check_on() + +-#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) +-#define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__) ++#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,NULL,0) ++#define OPENSSL_strdup(str) CRYPTO_strdup((str),NULL,0) + #define OPENSSL_realloc(addr,num) \ +- CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) ++ CRYPTO_realloc((char *)addr,(int)num,NULL,0) + #define OPENSSL_realloc_clean(addr,old_num,num) \ +- CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__) ++ CRYPTO_realloc_clean(addr,old_num,num,NULL,0) + #define OPENSSL_remalloc(addr,num) \ +- CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__) ++ CRYPTO_remalloc((char **)addr,(int)num,NULL,0) + #define OPENSSL_freeFunc CRYPTO_free + #define OPENSSL_free(addr) CRYPTO_free(addr) + + #define OPENSSL_malloc_locked(num) \ +- CRYPTO_malloc_locked((int)num,__FILE__,__LINE__) ++ CRYPTO_malloc_locked((int)num,NULL,0) + #define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr) + + +@@ -487,7 +487,7 @@ void CRYPTO_set_mem_debug_options(long bits); + long CRYPTO_get_mem_debug_options(void); + + #define CRYPTO_push_info(info) \ +- CRYPTO_push_info_(info, __FILE__, __LINE__); ++ CRYPTO_push_info_(info, NULL, 0); + int CRYPTO_push_info_(const char *info, const char *file, int line); + int CRYPTO_pop_info(void); + int CRYPTO_remove_all_info(void); +@@ -528,17 +528,17 @@ void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb); + + /* die if we have to */ + void OpenSSLDie(const char *file,int line,const char *assertion); +-#define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1)) ++#define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(NULL, 0, #e),1)) + + unsigned long *OPENSSL_ia32cap_loc(void); + #define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc())) + int OPENSSL_isservice(void); + + #ifdef OPENSSL_FIPS +-#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \ ++#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(NULL, 0, \ + alg " previous FIPS forbidden algorithm error ignored"); + +-#define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \ ++#define FIPS_BAD_ABORT(alg) OpenSSLDie(NULL, 0, \ + #alg " Algorithm forbidden in FIPS mode"); + + #ifdef OPENSSL_FIPS_STRICT +@@ -591,6 +591,13 @@ int OPENSSL_isservice(void); + #define OPENSSL_HAVE_INIT 1 + void OPENSSL_init(void); + ++/* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It ++ * takes an amount of time dependent on |len|, but independent of the contents ++ * of |a| and |b|. Unlike memcmp, it cannot be used to put elements into a ++ * defined order as the return value when a != b is undefined, other than to be ++ * non-zero. */ ++int CRYPTO_memcmp(const void *a, const void *b, size_t len); ++ + /* BEGIN ERROR CODES */ + /* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. +diff --git a/Cryptlib/Include/openssl/ec.h b/Cryptlib/Include/openssl/ec.h +index 8bc2a23..367307f 100644 +--- a/Cryptlib/Include/openssl/ec.h ++++ b/Cryptlib/Include/openssl/ec.h +@@ -321,7 +321,15 @@ void EC_KEY_set_conv_form(EC_KEY *, point_conversion_form_t); + /* functions to set/get method specific data */ + void *EC_KEY_get_key_method_data(EC_KEY *, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); +-void EC_KEY_insert_key_method_data(EC_KEY *, void *data, ++/** Sets the key method data of an EC_KEY object, if none has yet been set. ++ * \param key EC_KEY object ++ * \param data opaque data to install. ++ * \param dup_func a function that duplicates |data|. ++ * \param free_func a function that frees |data|. ++ * \param clear_free_func a function that wipes and frees |data|. ++ * \return the previously set data pointer, or NULL if |data| was inserted. ++ */ ++void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); + /* wrapper functions for the underlying EC_GROUP object */ + void EC_KEY_set_asn1_flag(EC_KEY *, int); +diff --git a/Cryptlib/Include/openssl/engine.h b/Cryptlib/Include/openssl/engine.h +index d4bc1ef..b4e0444 100644 +--- a/Cryptlib/Include/openssl/engine.h ++++ b/Cryptlib/Include/openssl/engine.h +@@ -335,15 +335,15 @@ void ENGINE_load_gmp(void); + void ENGINE_load_nuron(void); + void ENGINE_load_sureware(void); + void ENGINE_load_ubsec(void); +-#endif +-void ENGINE_load_cryptodev(void); +-void ENGINE_load_padlock(void); +-void ENGINE_load_builtin_engines(void); + #ifdef OPENSSL_SYS_WIN32 + #ifndef OPENSSL_NO_CAPIENG + void ENGINE_load_capi(void); + #endif + #endif ++#endif ++void ENGINE_load_cryptodev(void); ++void ENGINE_load_padlock(void); ++void ENGINE_load_builtin_engines(void); + + /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation + * "registry" handling. */ +diff --git a/Cryptlib/Include/openssl/opensslv.h b/Cryptlib/Include/openssl/opensslv.h +index 4a5a5ae..e5ab5c4 100644 +--- a/Cryptlib/Include/openssl/opensslv.h ++++ b/Cryptlib/Include/openssl/opensslv.h +@@ -25,11 +25,11 @@ + * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for + * major minor fix final patch/beta) + */ +-#define OPENSSL_VERSION_NUMBER 0x0090817fL ++#define OPENSSL_VERSION_NUMBER 0x009081afL + #ifdef OPENSSL_FIPS +-#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8w-fips 23 Apr 2012" ++#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8za-fips 5 Jun 2014" + #else +-#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8w 23 Apr 2012" ++#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8za 5 Jun 2014" + #endif + #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT + +diff --git a/Cryptlib/Include/openssl/ssl.h b/Cryptlib/Include/openssl/ssl.h +index eb50e14..5f2a04e 100644 +--- a/Cryptlib/Include/openssl/ssl.h ++++ b/Cryptlib/Include/openssl/ssl.h +@@ -490,11 +490,14 @@ typedef struct ssl_session_st + #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L + #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L + #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L +-#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect since 0.9.7h and 0.9.8b */ ++#define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040L + #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L + #define SSL_OP_TLS_D5_BUG 0x00000100L + #define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L + ++/* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */ ++#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0 ++ + /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added + * in OpenSSL 0.9.6d. Usually (depending on the application protocol) + * the workaround is not needed. Unfortunately some broken SSL/TLS +@@ -1204,6 +1207,8 @@ size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count); + #define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE + #define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME + #define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE ++#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE ++#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */ + + #define SSL_ERROR_NONE 0 + #define SSL_ERROR_SSL 1 +@@ -1820,6 +1825,7 @@ void ERR_load_SSL_strings(void); + #define SSL_F_SSL_GET_NEW_SESSION 181 + #define SSL_F_SSL_GET_PREV_SESSION 217 + #define SSL_F_SSL_GET_SERVER_SEND_CERT 182 ++#define SSL_F_SSL_GET_SERVER_SEND_PKEY 317 + #define SSL_F_SSL_GET_SIGN_PKEY 183 + #define SSL_F_SSL_INIT_WBIO_BUFFER 184 + #define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185 +@@ -2073,6 +2079,11 @@ void ERR_load_SSL_strings(void); + #define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022 + #define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048 + #define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 ++#define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE 1114 ++#define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE 1113 ++#define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE 1111 ++#define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112 ++#define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110 + #define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232 + #define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 227 + #define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233 +diff --git a/Cryptlib/Include/openssl/ssl3.h b/Cryptlib/Include/openssl/ssl3.h +index b9a85ef..de5e559 100644 +--- a/Cryptlib/Include/openssl/ssl3.h ++++ b/Cryptlib/Include/openssl/ssl3.h +@@ -333,6 +333,7 @@ typedef struct ssl3_buffer_st + #define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002 + #define SSL3_FLAGS_POP_BUFFER 0x0004 + #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 ++#define SSL3_FLAGS_CCS_OK 0x0080 + + /* SSL3_FLAGS_SGC_RESTART_DONE is set when we + * restart a handshake because of MS SGC and so prevents us +@@ -460,6 +461,15 @@ typedef struct ssl3_state_st + unsigned char previous_server_finished[EVP_MAX_MD_SIZE]; + unsigned char previous_server_finished_len; + int send_connection_binding; /* TODOEKR */ ++ ++#ifndef OPENSSL_NO_TLSEXT ++#ifndef OPENSSL_NO_EC ++ /* This is set to true if we believe that this is a version of Safari ++ * running on OS X 10.6 or newer. We wish to know this because Safari ++ * on 10.8 .. 10.8.3 has broken ECDHE-ECDSA support. */ ++ char is_probably_safari; ++#endif /* !OPENSSL_NO_EC */ ++#endif /* !OPENSSL_NO_TLSEXT */ + } SSL3_STATE; + + +diff --git a/Cryptlib/Include/openssl/symhacks.h b/Cryptlib/Include/openssl/symhacks.h +index 0114093..c540771 100644 +--- a/Cryptlib/Include/openssl/symhacks.h ++++ b/Cryptlib/Include/openssl/symhacks.h +@@ -252,15 +252,15 @@ + #define EC_POINT_set_compressed_coordinates_GF2m \ + EC_POINT_set_compr_coords_GF2m + #undef ec_GF2m_simple_group_clear_finish +-#define ec_GF2m_simple_group_clear_finish ec_GF2m_simple_grp_clr_finish ++#define ec_GF2m_simple_group_clear_finish ec_GF2m_simple_grp_clr_finish + #undef ec_GF2m_simple_group_check_discriminant + #define ec_GF2m_simple_group_check_discriminant ec_GF2m_simple_grp_chk_discrim + #undef ec_GF2m_simple_point_clear_finish +-#define ec_GF2m_simple_point_clear_finish ec_GF2m_simple_pt_clr_finish ++#define ec_GF2m_simple_point_clear_finish ec_GF2m_simple_pt_clr_finish + #undef ec_GF2m_simple_point_set_to_infinity +-#define ec_GF2m_simple_point_set_to_infinity ec_GF2m_simple_pt_set_to_inf ++#define ec_GF2m_simple_point_set_to_infinity ec_GF2m_simple_pt_set_to_inf + #undef ec_GF2m_simple_points_make_affine +-#define ec_GF2m_simple_points_make_affine ec_GF2m_simple_pts_make_affine ++#define ec_GF2m_simple_points_make_affine ec_GF2m_simple_pts_make_affine + #undef ec_GF2m_simple_point_set_affine_coordinates + #define ec_GF2m_simple_point_set_affine_coordinates \ + ec_GF2m_smp_pt_set_af_coords +@@ -288,8 +288,6 @@ + #define ec_GFp_simple_point_set_to_infinity ec_GFp_simple_pt_set_to_inf + #undef ec_GFp_simple_points_make_affine + #define ec_GFp_simple_points_make_affine ec_GFp_simple_pts_make_affine +-#undef ec_GFp_simple_group_get_curve_GFp +-#define ec_GFp_simple_group_get_curve_GFp ec_GFp_simple_grp_get_curve_GFp + #undef ec_GFp_simple_set_Jprojective_coordinates_GFp + #define ec_GFp_simple_set_Jprojective_coordinates_GFp \ + ec_GFp_smp_set_Jproj_coords_GFp +diff --git a/Cryptlib/Include/openssl/tls1.h b/Cryptlib/Include/openssl/tls1.h +index afe4807..47f25af 100644 +--- a/Cryptlib/Include/openssl/tls1.h ++++ b/Cryptlib/Include/openssl/tls1.h +@@ -80,10 +80,24 @@ extern "C" { + + #define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0 + ++#define TLS1_2_VERSION 0x0303 ++#define TLS1_2_VERSION_MAJOR 0x03 ++#define TLS1_2_VERSION_MINOR 0x03 ++ ++#define TLS1_1_VERSION 0x0302 ++#define TLS1_1_VERSION_MAJOR 0x03 ++#define TLS1_1_VERSION_MINOR 0x02 ++ + #define TLS1_VERSION 0x0301 + #define TLS1_VERSION_MAJOR 0x03 + #define TLS1_VERSION_MINOR 0x01 + ++#define TLS1_get_version(s) \ ++ ((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0) ++ ++#define TLS1_get_client_version(s) \ ++ ((s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0) ++ + #define TLS1_AD_DECRYPTION_FAILED 21 + #define TLS1_AD_RECORD_OVERFLOW 22 + #define TLS1_AD_UNKNOWN_CA 48 /* fatal */ +diff --git a/Cryptlib/Makefile b/Cryptlib/Makefile +index d24e59e..678baac 100644 +--- a/Cryptlib/Makefile ++++ b/Cryptlib/Makefile +@@ -30,7 +30,11 @@ OBJS = Hash/CryptMd4.o \ + Rand/CryptRand.o \ + Pk/CryptRsaBasic.o \ + Pk/CryptRsaExt.o \ +- Pk/CryptPkcs7.o \ ++ Pk/CryptRsaExtNull.o \ ++ Pk/CryptPkcs7Sign.o \ ++ Pk/CryptPkcs7SignNull.o \ ++ Pk/CryptPkcs7Verify.o \ ++ Pk/CryptPkcs7VerifyNull.o \ + Pk/CryptDh.o \ + Pk/CryptX509.o \ + Pk/CryptAuthenticode.o \ +diff --git a/Cryptlib/OpenSSL/crypto/asn1/a_int.c b/Cryptlib/OpenSSL/crypto/asn1/a_int.c +index f551bdb..ee26c31 100755 +--- a/Cryptlib/OpenSSL/crypto/asn1/a_int.c ++++ b/Cryptlib/OpenSSL/crypto/asn1/a_int.c +@@ -116,7 +116,7 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) + int pad=0,ret,i,neg; + unsigned char *p,*n,pb=0; + +- if ((a == NULL) || (a->data == NULL)) return(0); ++ if (a == NULL) return(0); + neg=a->type & V_ASN1_NEG; + if (a->length == 0) + ret=1; +diff --git a/Cryptlib/OpenSSL/crypto/asn1/a_strex.c b/Cryptlib/OpenSSL/crypto/asn1/a_strex.c +index 264ebf2..ead37ac 100755 +--- a/Cryptlib/OpenSSL/crypto/asn1/a_strex.c ++++ b/Cryptlib/OpenSSL/crypto/asn1/a_strex.c +@@ -567,6 +567,7 @@ int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in) + if(mbflag == -1) return -1; + mbflag |= MBSTRING_FLAG; + stmp.data = NULL; ++ stmp.length = 0; + ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING); + if(ret < 0) return ret; + *out = stmp.data; +diff --git a/Cryptlib/OpenSSL/crypto/asn1/a_strnid.c b/Cryptlib/OpenSSL/crypto/asn1/a_strnid.c +index b68ae43..9b7d688 100755 +--- a/Cryptlib/OpenSSL/crypto/asn1/a_strnid.c ++++ b/Cryptlib/OpenSSL/crypto/asn1/a_strnid.c +@@ -75,7 +75,7 @@ static int table_cmp(const void *a, const void *b); + * certain software (e.g. Netscape) has problems with them. + */ + +-static unsigned long global_mask = 0xFFFFFFFFL; ++static unsigned long global_mask = B_ASN1_UTF8STRING; + + void ASN1_STRING_set_default_mask(unsigned long mask) + { +diff --git a/Cryptlib/OpenSSL/crypto/asn1/a_verify.c b/Cryptlib/OpenSSL/crypto/asn1/a_verify.c +index da3efaa..7ded69b 100755 +--- a/Cryptlib/OpenSSL/crypto/asn1/a_verify.c ++++ b/Cryptlib/OpenSSL/crypto/asn1/a_verify.c +@@ -138,6 +138,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat + unsigned char *buf_in=NULL; + int ret= -1,i,inl; + ++ if (!pkey) ++ { ++ ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER); ++ return -1; ++ } ++ + EVP_MD_CTX_init(&ctx); + i=OBJ_obj2nid(a->algorithm); + type=EVP_get_digestbyname(OBJ_nid2sn(i)); +diff --git a/Cryptlib/OpenSSL/crypto/asn1/t_pkey.c b/Cryptlib/OpenSSL/crypto/asn1/t_pkey.c +index afb95d6..bc23f56 100755 +--- a/Cryptlib/OpenSSL/crypto/asn1/t_pkey.c ++++ b/Cryptlib/OpenSSL/crypto/asn1/t_pkey.c +@@ -208,11 +208,6 @@ int DSA_print(BIO *bp, const DSA *x, int off) + + if (x->p) + buf_len = (size_t)BN_num_bytes(x->p); +- else +- { +- DSAerr(DSA_F_DSA_PRINT,DSA_R_MISSING_PARAMETERS); +- goto err; +- } + if (x->q) + if (buf_len < (i = (size_t)BN_num_bytes(x->q))) + buf_len = i; +diff --git a/Cryptlib/OpenSSL/crypto/asn1/x_pubkey.c b/Cryptlib/OpenSSL/crypto/asn1/x_pubkey.c +index 94d9f7e..bc8a7bf 100755 +--- a/Cryptlib/OpenSSL/crypto/asn1/x_pubkey.c ++++ b/Cryptlib/OpenSSL/crypto/asn1/x_pubkey.c +@@ -371,12 +371,15 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) + CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY); + if (key->pkey) + { ++ CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); + EVP_PKEY_free(ret); + ret = key->pkey; + } + else ++ { + key->pkey = ret; +- CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); ++ CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); ++ } + CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY); + return(ret); + err: +diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_lib.c b/Cryptlib/OpenSSL/crypto/bn/bn_lib.c +index 32a8fba..b66f507 100755 +--- a/Cryptlib/OpenSSL/crypto/bn/bn_lib.c ++++ b/Cryptlib/OpenSSL/crypto/bn/bn_lib.c +@@ -824,3 +824,55 @@ int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, + } + return bn_cmp_words(a,b,cl); + } ++ ++/* ++ * Constant-time conditional swap of a and b. ++ * a and b are swapped if condition is not 0. The code assumes that at most one bit of condition is set. ++ * nwords is the number of words to swap. The code assumes that at least nwords are allocated in both a and b, ++ * and that no more than nwords are used by either a or b. ++ * a and b cannot be the same number ++ */ ++void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords) ++ { ++ BN_ULONG t; ++ int i; ++ ++ bn_wcheck_size(a, nwords); ++ bn_wcheck_size(b, nwords); ++ ++ assert(a != b); ++ assert((condition & (condition - 1)) == 0); ++ assert(sizeof(BN_ULONG) >= sizeof(int)); ++ ++ condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1; ++ ++ t = (a->top^b->top) & condition; ++ a->top ^= t; ++ b->top ^= t; ++ ++#define BN_CONSTTIME_SWAP(ind) \ ++ do { \ ++ t = (a->d[ind] ^ b->d[ind]) & condition; \ ++ a->d[ind] ^= t; \ ++ b->d[ind] ^= t; \ ++ } while (0) ++ ++ ++ switch (nwords) { ++ default: ++ for (i = 10; i < nwords; i++) ++ BN_CONSTTIME_SWAP(i); ++ /* Fallthrough */ ++ case 10: BN_CONSTTIME_SWAP(9); /* Fallthrough */ ++ case 9: BN_CONSTTIME_SWAP(8); /* Fallthrough */ ++ case 8: BN_CONSTTIME_SWAP(7); /* Fallthrough */ ++ case 7: BN_CONSTTIME_SWAP(6); /* Fallthrough */ ++ case 6: BN_CONSTTIME_SWAP(5); /* Fallthrough */ ++ case 5: BN_CONSTTIME_SWAP(4); /* Fallthrough */ ++ case 4: BN_CONSTTIME_SWAP(3); /* Fallthrough */ ++ case 3: BN_CONSTTIME_SWAP(2); /* Fallthrough */ ++ case 2: BN_CONSTTIME_SWAP(1); /* Fallthrough */ ++ case 1: BN_CONSTTIME_SWAP(0); ++ } ++#undef BN_CONSTTIME_SWAP ++} +diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_mont.c b/Cryptlib/OpenSSL/crypto/bn/bn_mont.c +index 4799b15..27cafb1 100755 +--- a/Cryptlib/OpenSSL/crypto/bn/bn_mont.c ++++ b/Cryptlib/OpenSSL/crypto/bn/bn_mont.c +@@ -701,32 +701,38 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from) + BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, + const BIGNUM *mod, BN_CTX *ctx) + { +- int got_write_lock = 0; + BN_MONT_CTX *ret; + + CRYPTO_r_lock(lock); +- if (!*pmont) ++ ret = *pmont; ++ CRYPTO_r_unlock(lock); ++ if (ret) ++ return ret; ++ ++ /* We don't want to serialise globally while doing our lazy-init math in ++ * BN_MONT_CTX_set. That punishes threads that are doing independent ++ * things. Instead, punish the case where more than one thread tries to ++ * lazy-init the same 'pmont', by having each do the lazy-init math work ++ * independently and only use the one from the thread that wins the race ++ * (the losers throw away the work they've done). */ ++ ret = BN_MONT_CTX_new(); ++ if (!ret) ++ return NULL; ++ if (!BN_MONT_CTX_set(ret, mod, ctx)) + { +- CRYPTO_r_unlock(lock); +- CRYPTO_w_lock(lock); +- got_write_lock = 1; ++ BN_MONT_CTX_free(ret); ++ return NULL; ++ } + +- if (!*pmont) +- { +- ret = BN_MONT_CTX_new(); +- if (ret && !BN_MONT_CTX_set(ret, mod, ctx)) +- BN_MONT_CTX_free(ret); +- else +- *pmont = ret; +- } ++ /* The locked compare-and-set, after the local work is done. */ ++ CRYPTO_w_lock(lock); ++ if (*pmont) ++ { ++ BN_MONT_CTX_free(ret); ++ ret = *pmont; + } +- +- ret = *pmont; +- +- if (got_write_lock) +- CRYPTO_w_unlock(lock); + else +- CRYPTO_r_unlock(lock); +- ++ *pmont = ret; ++ CRYPTO_w_unlock(lock); + return ret; + } +diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_word.c b/Cryptlib/OpenSSL/crypto/bn/bn_word.c +index ee7b87c..de83a15 100755 +--- a/Cryptlib/OpenSSL/crypto/bn/bn_word.c ++++ b/Cryptlib/OpenSSL/crypto/bn/bn_word.c +@@ -144,26 +144,17 @@ int BN_add_word(BIGNUM *a, BN_ULONG w) + a->neg=!(a->neg); + return(i); + } +- /* Only expand (and risk failing) if it's possibly necessary */ +- if (((BN_ULONG)(a->d[a->top - 1] + 1) == 0) && +- (bn_wexpand(a,a->top+1) == NULL)) +- return(0); +- i=0; +- for (;;) ++ for (i=0;w!=0 && i<a->top;i++) + { +- if (i >= a->top) +- l=w; +- else +- l=(a->d[i]+w)&BN_MASK2; +- a->d[i]=l; +- if (w > l) +- w=1; +- else +- break; +- i++; ++ a->d[i] = l = (a->d[i]+w)&BN_MASK2; ++ w = (w>l)?1:0; + } +- if (i >= a->top) ++ if (w && i==a->top) ++ { ++ if (bn_wexpand(a,a->top+1) == NULL) return 0; + a->top++; ++ a->d[i]=w; ++ } + bn_check_top(a); + return(1); + } +diff --git a/Cryptlib/OpenSSL/crypto/cryptlib.c b/Cryptlib/OpenSSL/crypto/cryptlib.c +index dd74ea8..dec3286 100755 +--- a/Cryptlib/OpenSSL/crypto/cryptlib.c ++++ b/Cryptlib/OpenSSL/crypto/cryptlib.c +@@ -542,3 +542,19 @@ void OpenSSLDie(const char *file,int line,const char *assertion) + } + + void *OPENSSL_stderr(void) { return stderr; } ++ ++#ifndef OPENSSL_FIPS ++ ++int CRYPTO_memcmp(const void *in_a, const void *in_b, size_t len) ++ { ++ size_t i; ++ const unsigned char *a = in_a; ++ const unsigned char *b = in_b; ++ unsigned char x = 0; ++ ++ for (i = 0; i < len; i++) ++ x |= a[i] ^ b[i]; ++ ++ return x; ++ } ++#endif +diff --git a/Cryptlib/OpenSSL/crypto/ec/ec2_mult.c b/Cryptlib/OpenSSL/crypto/ec/ec2_mult.c +index 7dca5e4..6b570a3 100755 +--- a/Cryptlib/OpenSSL/crypto/ec/ec2_mult.c ++++ b/Cryptlib/OpenSSL/crypto/ec/ec2_mult.c +@@ -208,9 +208,12 @@ static int gf2m_Mxy(const EC_GROUP *group, const BIGNUM *x, const BIGNUM *y, BIG + + /* Computes scalar*point and stores the result in r. + * point can not equal r. +- * Uses algorithm 2P of ++ * Uses a modified algorithm 2P of + * Lopex, J. and Dahab, R. "Fast multiplication on elliptic curves over + * GF(2^m) without precomputation". ++ * ++ * To protect against side-channel attack the function uses constant time ++ * swap avoiding conditional branches. + */ + static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, + const EC_POINT *point, BN_CTX *ctx) +@@ -244,6 +247,11 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r, + x2 = &r->X; + z2 = &r->Y; + ++ bn_wexpand(x1, group->field.top); ++ bn_wexpand(z1, group->field.top); ++ bn_wexpand(x2, group->field.top); ++ bn_wexpand(z2, group->field.top); ++ + if (!BN_GF2m_mod_arr(x1, &point->X, group->poly)) goto err; /* x1 = x */ + if (!BN_one(z1)) goto err; /* z1 = 1 */ + if (!group->meth->field_sqr(group, z2, x1, ctx)) goto err; /* z2 = x1^2 = x^2 */ +@@ -266,16 +274,12 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r, + { + for (; j >= 0; j--) + { +- if (scalar->d[i] & mask) +- { +- if (!gf2m_Madd(group, &point->X, x1, z1, x2, z2, ctx)) goto err; +- if (!gf2m_Mdouble(group, x2, z2, ctx)) goto err; +- } +- else +- { +- if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx)) goto err; +- if (!gf2m_Mdouble(group, x1, z1, ctx)) goto err; +- } ++ BN_consttime_swap(scalar->d[i] & mask, x1, x2, group->field.top); ++ BN_consttime_swap(scalar->d[i] & mask, z1, z2, group->field.top); ++ if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx)) goto err; ++ if (!gf2m_Mdouble(group, x1, z1, ctx)) goto err; ++ BN_consttime_swap(scalar->d[i] & mask, x1, x2, group->field.top); ++ BN_consttime_swap(scalar->d[i] & mask, z1, z2, group->field.top); + mask >>= 1; + } + j = BN_BITS2 - 1; +diff --git a/Cryptlib/OpenSSL/crypto/ec/ec_key.c b/Cryptlib/OpenSSL/crypto/ec/ec_key.c +index 522802c..6c933d2 100755 +--- a/Cryptlib/OpenSSL/crypto/ec/ec_key.c ++++ b/Cryptlib/OpenSSL/crypto/ec/ec_key.c +@@ -435,18 +435,27 @@ void EC_KEY_set_conv_form(EC_KEY *key, point_conversion_form_t cform) + void *EC_KEY_get_key_method_data(EC_KEY *key, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) + { +- return EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func); ++ void *ret; ++ ++ CRYPTO_r_lock(CRYPTO_LOCK_EC); ++ ret = EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func); ++ CRYPTO_r_unlock(CRYPTO_LOCK_EC); ++ ++ return ret; + } + +-void EC_KEY_insert_key_method_data(EC_KEY *key, void *data, ++void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) + { + EC_EXTRA_DATA *ex_data; ++ + CRYPTO_w_lock(CRYPTO_LOCK_EC); + ex_data = EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func); + if (ex_data == NULL) + EC_EX_DATA_set_data(&key->method_data, data, dup_func, free_func, clear_free_func); + CRYPTO_w_unlock(CRYPTO_LOCK_EC); ++ ++ return ex_data; + } + + void EC_KEY_set_asn1_flag(EC_KEY *key, int flag) +diff --git a/Cryptlib/OpenSSL/crypto/ec/ec_lib.c b/Cryptlib/OpenSSL/crypto/ec/ec_lib.c +index 5af8437..bbf2799 100755 +--- a/Cryptlib/OpenSSL/crypto/ec/ec_lib.c ++++ b/Cryptlib/OpenSSL/crypto/ec/ec_lib.c +@@ -480,10 +480,10 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx) + if (EC_METHOD_get_field_type(EC_GROUP_method_of(a)) != + EC_METHOD_get_field_type(EC_GROUP_method_of(b))) + return 1; +- /* compare the curve name (if present) */ ++ /* compare the curve name (if present in both) */ + if (EC_GROUP_get_curve_name(a) && EC_GROUP_get_curve_name(b) && +- EC_GROUP_get_curve_name(a) == EC_GROUP_get_curve_name(b)) +- return 0; ++ EC_GROUP_get_curve_name(a) != EC_GROUP_get_curve_name(b)) ++ return 1; + + if (!ctx) + ctx_new = ctx = BN_CTX_new(); +@@ -1061,12 +1061,12 @@ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN + if (group->meth->point_cmp == 0) + { + ECerr(EC_F_EC_POINT_CMP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); +- return 0; ++ return -1; + } + if ((group->meth != a->meth) || (a->meth != b->meth)) + { + ECerr(EC_F_EC_POINT_CMP, EC_R_INCOMPATIBLE_OBJECTS); +- return 0; ++ return -1; + } + return group->meth->point_cmp(group, a, b, ctx); + } +diff --git a/Cryptlib/OpenSSL/crypto/ecdh/ech_lib.c b/Cryptlib/OpenSSL/crypto/ecdh/ech_lib.c +index bf22234..f9ba5fb 100755 +--- a/Cryptlib/OpenSSL/crypto/ecdh/ech_lib.c ++++ b/Cryptlib/OpenSSL/crypto/ecdh/ech_lib.c +@@ -205,8 +205,15 @@ ECDH_DATA *ecdh_check(EC_KEY *key) + ecdh_data = (ECDH_DATA *)ecdh_data_new(); + if (ecdh_data == NULL) + return NULL; +- EC_KEY_insert_key_method_data(key, (void *)ecdh_data, +- ecdh_data_dup, ecdh_data_free, ecdh_data_free); ++ data = EC_KEY_insert_key_method_data(key, (void *)ecdh_data, ++ ecdh_data_dup, ecdh_data_free, ecdh_data_free); ++ if (data != NULL) ++ { ++ /* Another thread raced us to install the key_method ++ * data and won. */ ++ ecdh_data_free(ecdh_data); ++ ecdh_data = (ECDH_DATA *)data; ++ } + } + else + ecdh_data = (ECDH_DATA *)data; +diff --git a/Cryptlib/OpenSSL/crypto/ecdsa/ecs_lib.c b/Cryptlib/OpenSSL/crypto/ecdsa/ecs_lib.c +index 2ebae3a..81082c9 100755 +--- a/Cryptlib/OpenSSL/crypto/ecdsa/ecs_lib.c ++++ b/Cryptlib/OpenSSL/crypto/ecdsa/ecs_lib.c +@@ -188,8 +188,15 @@ ECDSA_DATA *ecdsa_check(EC_KEY *key) + ecdsa_data = (ECDSA_DATA *)ecdsa_data_new(); + if (ecdsa_data == NULL) + return NULL; +- EC_KEY_insert_key_method_data(key, (void *)ecdsa_data, +- ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free); ++ data = EC_KEY_insert_key_method_data(key, (void *)ecdsa_data, ++ ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free); ++ if (data != NULL) ++ { ++ /* Another thread raced us to install the key_method ++ * data and won. */ ++ ecdsa_data_free(ecdsa_data); ++ ecdsa_data = (ECDSA_DATA *)data; ++ } + } + else + ecdsa_data = (ECDSA_DATA *)data; +diff --git a/Cryptlib/OpenSSL/crypto/engine/eng_all.c b/Cryptlib/OpenSSL/crypto/engine/eng_all.c +index f29c167..8a1b9c7 100755 +--- a/Cryptlib/OpenSSL/crypto/engine/eng_all.c ++++ b/Cryptlib/OpenSSL/crypto/engine/eng_all.c +@@ -102,14 +102,14 @@ void ENGINE_load_builtin_engines(void) + #if !defined(OPENSSL_NO_GMP) && !defined(OPENSSL_NO_HW_GMP) + ENGINE_load_gmp(); + #endif ++#if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) ++ ENGINE_load_capi(); ++#endif + #endif + #ifndef OPENSSL_NO_HW + #if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) + ENGINE_load_cryptodev(); + #endif +-#if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) +- ENGINE_load_capi(); +-#endif + #endif + } + +diff --git a/Cryptlib/OpenSSL/crypto/err/err_all.c b/Cryptlib/OpenSSL/crypto/err/err_all.c +index 39796f7..0429389 100755 +--- a/Cryptlib/OpenSSL/crypto/err/err_all.c ++++ b/Cryptlib/OpenSSL/crypto/err/err_all.c +@@ -104,7 +104,9 @@ + #ifndef OPENSSL_NO_JPAKE + #include <openssl/jpake.h> + #endif ++#ifndef OPENSSL_NO_COMP + #include <openssl/comp.h> ++#endif + + void ERR_load_crypto_strings(void) + { +diff --git a/Cryptlib/OpenSSL/crypto/evp/bio_b64.c b/Cryptlib/OpenSSL/crypto/evp/bio_b64.c +index 72a2a67..16863fe 100755 +--- a/Cryptlib/OpenSSL/crypto/evp/bio_b64.c ++++ b/Cryptlib/OpenSSL/crypto/evp/bio_b64.c +@@ -226,6 +226,7 @@ static int b64_read(BIO *b, char *out, int outl) + else if (ctx->start) + { + q=p=(unsigned char *)ctx->tmp; ++ num = 0; + for (j=0; j<i; j++) + { + if (*(q++) != '\n') continue; +@@ -264,7 +265,7 @@ static int b64_read(BIO *b, char *out, int outl) + } + + /* we fell off the end without starting */ +- if (j == i) ++ if ((j == i) && (num == 0)) + { + /* Is this is one long chunk?, if so, keep on + * reading until a new line. */ +diff --git a/Cryptlib/OpenSSL/crypto/evp/encode.c b/Cryptlib/OpenSSL/crypto/evp/encode.c +index e8a5218..69f7cca 100755 +--- a/Cryptlib/OpenSSL/crypto/evp/encode.c ++++ b/Cryptlib/OpenSSL/crypto/evp/encode.c +@@ -324,6 +324,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, + v=EVP_DecodeBlock(out,d,n); + n=0; + if (v < 0) { rv=0; goto end; } ++ if (eof > v) { rv=-1; goto end; } + ret+=(v-eof); + } + else +diff --git a/Cryptlib/OpenSSL/crypto/o_init.c b/Cryptlib/OpenSSL/crypto/o_init.c +index d767a90..c89fda5 100755 +--- a/Cryptlib/OpenSSL/crypto/o_init.c ++++ b/Cryptlib/OpenSSL/crypto/o_init.c +@@ -93,4 +93,18 @@ void OPENSSL_init(void) + #endif + } + ++#ifdef OPENSSL_FIPS ++ ++int CRYPTO_memcmp(const void *in_a, const void *in_b, size_t len) ++ { ++ size_t i; ++ const unsigned char *a = in_a; ++ const unsigned char *b = in_b; ++ unsigned char x = 0; + ++ for (i = 0; i < len; i++) ++ x |= a[i] ^ b[i]; ++ ++ return x; ++ } ++#endif +diff --git a/Cryptlib/OpenSSL/crypto/ocsp/ocsp_vfy.c b/Cryptlib/OpenSSL/crypto/ocsp/ocsp_vfy.c +index 4a0c387..f24080f 100755 +--- a/Cryptlib/OpenSSL/crypto/ocsp/ocsp_vfy.c ++++ b/Cryptlib/OpenSSL/crypto/ocsp/ocsp_vfy.c +@@ -91,9 +91,12 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs, + { + EVP_PKEY *skey; + skey = X509_get_pubkey(signer); +- ret = OCSP_BASICRESP_verify(bs, skey, 0); +- EVP_PKEY_free(skey); +- if(ret <= 0) ++ if (skey) ++ { ++ ret = OCSP_BASICRESP_verify(bs, skey, 0); ++ EVP_PKEY_free(skey); ++ } ++ if(!skey || ret <= 0) + { + OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_SIGNATURE_FAILURE); + goto end; +@@ -108,6 +111,7 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs, + init_res = X509_STORE_CTX_init(&ctx, st, signer, bs->certs); + if(!init_res) + { ++ ret = -1; + OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,ERR_R_X509_LIB); + goto end; + } +diff --git a/Cryptlib/OpenSSL/crypto/pkcs12/p12_crt.c b/Cryptlib/OpenSSL/crypto/pkcs12/p12_crt.c +index 9522342..3ef3be1 100755 +--- a/Cryptlib/OpenSSL/crypto/pkcs12/p12_crt.c ++++ b/Cryptlib/OpenSSL/crypto/pkcs12/p12_crt.c +@@ -100,7 +100,11 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, + nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; + else + #endif ++#ifdef OPENSSL_NO_RC2 ++ nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; ++#else + nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; ++#endif + } + if (!nid_key) + nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; +@@ -290,7 +294,11 @@ int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, + free_safes = 0; + + if (nid_safe == 0) ++#ifdef OPENSSL_NO_RC2 ++ nid_safe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; ++#else + nid_safe = NID_pbe_WithSHA1And40BitRC2_CBC; ++#endif + + if (nid_safe == -1) + p7 = PKCS12_pack_p7data(bags); +diff --git a/Cryptlib/OpenSSL/crypto/pkcs12/p12_kiss.c b/Cryptlib/OpenSSL/crypto/pkcs12/p12_kiss.c +index 5c4c6ec..bdbbbec 100755 +--- a/Cryptlib/OpenSSL/crypto/pkcs12/p12_kiss.c ++++ b/Cryptlib/OpenSSL/crypto/pkcs12/p12_kiss.c +@@ -261,7 +261,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, + int len, r; + unsigned char *data; + len = ASN1_STRING_to_UTF8(&data, fname); +- if(len > 0) { ++ if(len >= 0) { + r = X509_alias_set1(x509, data, len); + OPENSSL_free(data); + if (!r) +diff --git a/Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c b/Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c +index b0ff89a..49b450d 100755 +--- a/Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c ++++ b/Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c +@@ -290,8 +290,8 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, + + bufsiz = 4096; + buf = OPENSSL_malloc (bufsiz); +- if (buf == NULL) { +- goto err; ++ if (buf == NULL) { ++ goto err; + } + + /* We now have to 'read' from p7bio to calculate digests etc. */ +diff --git a/Cryptlib/OpenSSL/crypto/rsa/rsa_oaep.c b/Cryptlib/OpenSSL/crypto/rsa/rsa_oaep.c +index 546ae5f..b8e3edc 100755 +--- a/Cryptlib/OpenSSL/crypto/rsa/rsa_oaep.c ++++ b/Cryptlib/OpenSSL/crypto/rsa/rsa_oaep.c +@@ -143,7 +143,7 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, + + EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL); + +- if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad) ++ if (CRYPTO_memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad) + goto decoding_err; + else + { +diff --git a/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c b/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c +index af12520..b87617a 100755 +--- a/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c ++++ b/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c +@@ -386,11 +386,7 @@ static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) + + static int check_chain_extensions(X509_STORE_CTX *ctx) + { +-#if defined(OPENSSL_NO_CHAIN_VERIFY) || defined(OPENSSL_SYS_UEFI) +- /* +- NOTE: Bypass KU Flags Checking for UEFI version. There are incorrect KU flag setting +- in Authenticode Signing Certificates. +- */ ++#ifdef OPENSSL_NO_CHAIN_VERIFY + return 1; + #else + int i, ok=0, must_be_ca, plen = 0; +diff --git a/Cryptlib/OpenSSL/update.sh b/Cryptlib/OpenSSL/update.sh +index cb25ccd..95875e7 100755 +--- a/Cryptlib/OpenSSL/update.sh ++++ b/Cryptlib/OpenSSL/update.sh +@@ -1,499 +1,501 @@ + #/bin/sh +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/e_os.h e_os.h +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/cryptlib.c crypto/cryptlib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dyn_lck.c crypto/dyn_lck.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/mem.c crypto/mem.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/mem_clr.c crypto/mem_clr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/mem_dbg.c crypto/mem_dbg.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/cversion.c crypto/cversion.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ex_data.c crypto/ex_data.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/cpt_err.c crypto/cpt_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ebcdic.c crypto/ebcdic.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/uid.c crypto/uid.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/o_time.c crypto/o_time.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/o_str.c crypto/o_str.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/o_dir.c crypto/o_dir.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/o_init.c crypto/o_init.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/fips_err.c crypto/fips_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/md2/md2_dgst.c crypto/md2/md2_dgst.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/md2/md2_one.c crypto/md2/md2_one.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/md4/md4_dgst.c crypto/md4/md4_dgst.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/md4/md4_one.c crypto/md4/md4_one.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/md5/md5_dgst.c crypto/md5/md5_dgst.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/md5/md5_one.c crypto/md5/md5_one.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/sha/sha_dgst.c crypto/sha/sha_dgst.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/sha/sha1dgst.c crypto/sha/sha1dgst.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/sha/sha_one.c crypto/sha/sha_one.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/sha/sha1_one.c crypto/sha/sha1_one.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/sha/sha256.c crypto/sha/sha256.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/sha/sha512.c crypto/sha/sha512.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/hmac/hmac.c crypto/hmac/hmac.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ripemd/rmd_dgst.c crypto/ripemd/rmd_dgst.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ripemd/rmd_one.c crypto/ripemd/rmd_one.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/des_lib.c crypto/des/des_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/set_key.c crypto/des/set_key.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/ecb_enc.c crypto/des/ecb_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/cbc_enc.c crypto/des/cbc_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/ecb3_enc.c crypto/des/ecb3_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/cfb64enc.c crypto/des/cfb64enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/cfb64ede.c crypto/des/cfb64ede.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/cfb_enc.c crypto/des/cfb_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/ofb64ede.c crypto/des/ofb64ede.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/enc_read.c crypto/des/enc_read.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/enc_writ.c crypto/des/enc_writ.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/ofb64enc.c crypto/des/ofb64enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/ofb_enc.c crypto/des/ofb_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/str2key.c crypto/des/str2key.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/pcbc_enc.c crypto/des/pcbc_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/qud_cksm.c crypto/des/qud_cksm.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/rand_key.c crypto/des/rand_key.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/des_enc.c crypto/des/des_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/fcrypt_b.c crypto/des/fcrypt_b.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/fcrypt.c crypto/des/fcrypt.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/xcbc_enc.c crypto/des/xcbc_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/rpc_enc.c crypto/des/rpc_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/cbc_cksm.c crypto/des/cbc_cksm.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/ede_cbcm_enc.c crypto/des/ede_cbcm_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/des_old.c crypto/des/des_old.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/des_old2.c crypto/des/des_old2.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/des/read2pwd.c crypto/des/read2pwd.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rc2/rc2_ecb.c crypto/rc2/rc2_ecb.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rc2/rc2_skey.c crypto/rc2/rc2_skey.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rc2/rc2_cbc.c crypto/rc2/rc2_cbc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rc2/rc2cfb64.c crypto/rc2/rc2cfb64.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rc2/rc2ofb64.c crypto/rc2/rc2ofb64.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rc4/rc4_enc.c crypto/rc4/rc4_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rc4/rc4_skey.c crypto/rc4/rc4_skey.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rc4/rc4_fblk.c crypto/rc4/rc4_fblk.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/idea/i_cbc.c crypto/idea/i_cbc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/idea/i_cfb64.c crypto/idea/i_cfb64.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/idea/i_ofb64.c crypto/idea/i_ofb64.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/idea/i_ecb.c crypto/idea/i_ecb.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/idea/i_skey.c crypto/idea/i_skey.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bf/bf_skey.c crypto/bf/bf_skey.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bf/bf_ecb.c crypto/bf/bf_ecb.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bf/bf_enc.c crypto/bf/bf_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bf/bf_cfb64.c crypto/bf/bf_cfb64.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bf/bf_ofb64.c crypto/bf/bf_ofb64.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/cast/c_skey.c crypto/cast/c_skey.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/cast/c_ecb.c crypto/cast/c_ecb.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/cast/c_enc.c crypto/cast/c_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/cast/c_cfb64.c crypto/cast/c_cfb64.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/cast/c_ofb64.c crypto/cast/c_ofb64.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/aes/aes_misc.c crypto/aes/aes_misc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/aes/aes_ecb.c crypto/aes/aes_ecb.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/aes/aes_cfb.c crypto/aes/aes_cfb.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/aes/aes_ofb.c crypto/aes/aes_ofb.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/aes/aes_ctr.c crypto/aes/aes_ctr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/aes/aes_ige.c crypto/aes/aes_ige.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/aes/aes_wrap.c crypto/aes/aes_wrap.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/aes/aes_core.c crypto/aes/aes_core.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/aes/aes_cbc.c crypto/aes/aes_cbc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_add.c crypto/bn/bn_add.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_div.c crypto/bn/bn_div.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_exp.c crypto/bn/bn_exp.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_lib.c crypto/bn/bn_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_ctx.c crypto/bn/bn_ctx.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_mul.c crypto/bn/bn_mul.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_mod.c crypto/bn/bn_mod.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_print.c crypto/bn/bn_print.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_rand.c crypto/bn/bn_rand.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_shift.c crypto/bn/bn_shift.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_word.c crypto/bn/bn_word.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_blind.c crypto/bn/bn_blind.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_kron.c crypto/bn/bn_kron.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_sqrt.c crypto/bn/bn_sqrt.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_gcd.c crypto/bn/bn_gcd.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_prime.c crypto/bn/bn_prime.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_err.c crypto/bn/bn_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_sqr.c crypto/bn/bn_sqr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_asm.c crypto/bn/bn_asm.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_recp.c crypto/bn/bn_recp.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_mont.c crypto/bn/bn_mont.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_mpi.c crypto/bn/bn_mpi.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_exp2.c crypto/bn/bn_exp2.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_gf2m.c crypto/bn/bn_gf2m.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_nist.c crypto/bn/bn_nist.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_depr.c crypto/bn/bn_depr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_x931p.c crypto/bn/bn_x931p.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_const.c crypto/bn/bn_const.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bn/bn_opt.c crypto/bn/bn_opt.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_eay.c crypto/rsa/rsa_eay.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_gen.c crypto/rsa/rsa_gen.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_lib.c crypto/rsa/rsa_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_sign.c crypto/rsa/rsa_sign.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_saos.c crypto/rsa/rsa_saos.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_err.c crypto/rsa/rsa_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_pk1.c crypto/rsa/rsa_pk1.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_ssl.c crypto/rsa/rsa_ssl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_none.c crypto/rsa/rsa_none.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_oaep.c crypto/rsa/rsa_oaep.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_chk.c crypto/rsa/rsa_chk.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_null.c crypto/rsa/rsa_null.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_pss.c crypto/rsa/rsa_pss.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_x931.c crypto/rsa/rsa_x931.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_x931g.c crypto/rsa/rsa_x931g.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_asn1.c crypto/rsa/rsa_asn1.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_depr.c crypto/rsa/rsa_depr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rsa/rsa_eng.c crypto/rsa/rsa_eng.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dsa/dsa_gen.c crypto/dsa/dsa_gen.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dsa/dsa_key.c crypto/dsa/dsa_key.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dsa/dsa_lib.c crypto/dsa/dsa_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dsa/dsa_asn1.c crypto/dsa/dsa_asn1.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dsa/dsa_vrf.c crypto/dsa/dsa_vrf.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dsa/dsa_sign.c crypto/dsa/dsa_sign.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dsa/dsa_err.c crypto/dsa/dsa_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dsa/dsa_ossl.c crypto/dsa/dsa_ossl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dsa/dsa_depr.c crypto/dsa/dsa_depr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dsa/dsa_utl.c crypto/dsa/dsa_utl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dso/dso_dl.c crypto/dso/dso_dl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dso/dso_dlfcn.c crypto/dso/dso_dlfcn.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dso/dso_err.c crypto/dso/dso_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dso/dso_lib.c crypto/dso/dso_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dso/dso_null.c crypto/dso/dso_null.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dso/dso_openssl.c crypto/dso/dso_openssl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dso/dso_win32.c crypto/dso/dso_win32.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dso/dso_vms.c crypto/dso/dso_vms.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dh/dh_asn1.c crypto/dh/dh_asn1.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dh/dh_gen.c crypto/dh/dh_gen.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dh/dh_key.c crypto/dh/dh_key.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dh/dh_lib.c crypto/dh/dh_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dh/dh_check.c crypto/dh/dh_check.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dh/dh_err.c crypto/dh/dh_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/dh/dh_depr.c crypto/dh/dh_depr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ec/ec_lib.c crypto/ec/ec_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ec/ecp_smpl.c crypto/ec/ecp_smpl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ec/ecp_mont.c crypto/ec/ecp_mont.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ec/ecp_nist.c crypto/ec/ecp_nist.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ec/ec_cvt.c crypto/ec/ec_cvt.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ec/ec_mult.c crypto/ec/ec_mult.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ec/ec_err.c crypto/ec/ec_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ec/ec_curve.c crypto/ec/ec_curve.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ec/ec_check.c crypto/ec/ec_check.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ec/ec_print.c crypto/ec/ec_print.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ec/ec_asn1.c crypto/ec/ec_asn1.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ec/ec_key.c crypto/ec/ec_key.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ec/ec2_smpl.c crypto/ec/ec2_smpl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ec/ec2_mult.c crypto/ec/ec2_mult.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ecdh/ech_lib.c crypto/ecdh/ech_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ecdh/ech_ossl.c crypto/ecdh/ech_ossl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ecdh/ech_key.c crypto/ecdh/ech_key.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ecdh/ech_err.c crypto/ecdh/ech_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ecdsa/ecs_lib.c crypto/ecdsa/ecs_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ecdsa/ecs_asn1.c crypto/ecdsa/ecs_asn1.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ecdsa/ecs_ossl.c crypto/ecdsa/ecs_ossl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ecdsa/ecs_sign.c crypto/ecdsa/ecs_sign.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ecdsa/ecs_vrf.c crypto/ecdsa/ecs_vrf.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ecdsa/ecs_err.c crypto/ecdsa/ecs_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/buffer/buffer.c crypto/buffer/buffer.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/buffer/buf_str.c crypto/buffer/buf_str.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/buffer/buf_err.c crypto/buffer/buf_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bio/bio_lib.c crypto/bio/bio_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bio/bio_cb.c crypto/bio/bio_cb.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bio/bio_err.c crypto/bio/bio_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bio/bss_mem.c crypto/bio/bss_mem.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bio/bss_null.c crypto/bio/bss_null.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bio/bss_fd.c crypto/bio/bss_fd.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bio/bss_file.c crypto/bio/bss_file.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bio/bf_null.c crypto/bio/bf_null.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bio/bf_buff.c crypto/bio/bf_buff.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bio/b_dump.c crypto/bio/b_dump.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bio/bf_nbio.c crypto/bio/bf_nbio.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bio/bss_log.c crypto/bio/bss_log.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bio/bss_bio.c crypto/bio/bss_bio.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/bio/bss_dgram.c crypto/bio/bss_dgram.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/stack/stack.c crypto/stack/stack.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/lhash/lhash.c crypto/lhash/lhash.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/lhash/lh_stats.c crypto/lhash/lh_stats.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rand/md_rand.c crypto/rand/md_rand.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rand/randfile.c crypto/rand/randfile.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rand/rand_lib.c crypto/rand/rand_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rand/rand_eng.c crypto/rand/rand_eng.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rand/rand_err.c crypto/rand/rand_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rand/rand_egd.c crypto/rand/rand_egd.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rand/rand_win.c crypto/rand/rand_win.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rand/rand_unix.c crypto/rand/rand_unix.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rand/rand_os2.c crypto/rand/rand_os2.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/rand/rand_nw.c crypto/rand/rand_nw.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/err/err.c crypto/err/err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/err/err_def.c crypto/err/err_def.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/err/err_all.c crypto/err/err_all.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/err/err_prn.c crypto/err/err_prn.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/err/err_str.c crypto/err/err_str.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/err/err_bio.c crypto/err/err_bio.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/objects/o_names.c crypto/objects/o_names.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/objects/obj_dat.c crypto/objects/obj_dat.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/objects/obj_lib.c crypto/objects/obj_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/objects/obj_err.c crypto/objects/obj_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/encode.c crypto/evp/encode.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/digest.c crypto/evp/digest.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/dig_eng.c crypto/evp/dig_eng.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/evp_enc.c crypto/evp/evp_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/evp_key.c crypto/evp/evp_key.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/evp_acnf.c crypto/evp/evp_acnf.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/evp_cnf.c crypto/evp/evp_cnf.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/e_des.c crypto/evp/e_des.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/e_bf.c crypto/evp/e_bf.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/e_idea.c crypto/evp/e_idea.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/e_des3.c crypto/evp/e_des3.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/e_rc4.c crypto/evp/e_rc4.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/e_aes.c crypto/evp/e_aes.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/names.c crypto/evp/names.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/e_xcbc_d.c crypto/evp/e_xcbc_d.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/e_rc2.c crypto/evp/e_rc2.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/e_cast.c crypto/evp/e_cast.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/e_rc5.c crypto/evp/e_rc5.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/enc_min.c crypto/evp/enc_min.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/m_null.c crypto/evp/m_null.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/m_md2.c crypto/evp/m_md2.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/m_md4.c crypto/evp/m_md4.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/m_md5.c crypto/evp/m_md5.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/m_sha.c crypto/evp/m_sha.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/m_sha1.c crypto/evp/m_sha1.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/m_dss.c crypto/evp/m_dss.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/m_dss1.c crypto/evp/m_dss1.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/m_ripemd.c crypto/evp/m_ripemd.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/m_ecdsa.c crypto/evp/m_ecdsa.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/p_open.c crypto/evp/p_open.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/p_seal.c crypto/evp/p_seal.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/p_sign.c crypto/evp/p_sign.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/p_verify.c crypto/evp/p_verify.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/p_lib.c crypto/evp/p_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/p_enc.c crypto/evp/p_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/p_dec.c crypto/evp/p_dec.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/bio_md.c crypto/evp/bio_md.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/bio_b64.c crypto/evp/bio_b64.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/bio_enc.c crypto/evp/bio_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/evp_err.c crypto/evp/evp_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/e_null.c crypto/evp/e_null.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/c_all.c crypto/evp/c_all.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/c_allc.c crypto/evp/c_allc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/c_alld.c crypto/evp/c_alld.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/evp_lib.c crypto/evp/evp_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/bio_ok.c crypto/evp/bio_ok.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/evp_pkey.c crypto/evp/evp_pkey.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/evp_pbe.c crypto/evp/evp_pbe.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/p5_crpt.c crypto/evp/p5_crpt.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/p5_crpt2.c crypto/evp/p5_crpt2.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/evp/e_old.c crypto/evp/e_old.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_object.c crypto/asn1/a_object.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_bitstr.c crypto/asn1/a_bitstr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_utctm.c crypto/asn1/a_utctm.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_gentm.c crypto/asn1/a_gentm.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_time.c crypto/asn1/a_time.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_int.c crypto/asn1/a_int.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_octet.c crypto/asn1/a_octet.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_print.c crypto/asn1/a_print.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_type.c crypto/asn1/a_type.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_set.c crypto/asn1/a_set.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_dup.c crypto/asn1/a_dup.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_d2i_fp.c crypto/asn1/a_d2i_fp.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_i2d_fp.c crypto/asn1/a_i2d_fp.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_enum.c crypto/asn1/a_enum.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_utf8.c crypto/asn1/a_utf8.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_sign.c crypto/asn1/a_sign.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_digest.c crypto/asn1/a_digest.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_verify.c crypto/asn1/a_verify.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_mbstr.c crypto/asn1/a_mbstr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_strex.c crypto/asn1/a_strex.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_algor.c crypto/asn1/x_algor.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_val.c crypto/asn1/x_val.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_pubkey.c crypto/asn1/x_pubkey.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_sig.c crypto/asn1/x_sig.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_req.c crypto/asn1/x_req.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_attrib.c crypto/asn1/x_attrib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_bignum.c crypto/asn1/x_bignum.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_long.c crypto/asn1/x_long.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_name.c crypto/asn1/x_name.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_x509.c crypto/asn1/x_x509.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_x509a.c crypto/asn1/x_x509a.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_crl.c crypto/asn1/x_crl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_info.c crypto/asn1/x_info.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_spki.c crypto/asn1/x_spki.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/nsseq.c crypto/asn1/nsseq.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/d2i_pu.c crypto/asn1/d2i_pu.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/d2i_pr.c crypto/asn1/d2i_pr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/i2d_pu.c crypto/asn1/i2d_pu.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/i2d_pr.c crypto/asn1/i2d_pr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/t_req.c crypto/asn1/t_req.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/t_x509.c crypto/asn1/t_x509.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/t_x509a.c crypto/asn1/t_x509a.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/t_crl.c crypto/asn1/t_crl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/t_pkey.c crypto/asn1/t_pkey.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/t_spki.c crypto/asn1/t_spki.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/t_bitst.c crypto/asn1/t_bitst.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/tasn_new.c crypto/asn1/tasn_new.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/tasn_fre.c crypto/asn1/tasn_fre.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/tasn_enc.c crypto/asn1/tasn_enc.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/tasn_dec.c crypto/asn1/tasn_dec.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/tasn_utl.c crypto/asn1/tasn_utl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/tasn_typ.c crypto/asn1/tasn_typ.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/f_int.c crypto/asn1/f_int.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/f_string.c crypto/asn1/f_string.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/n_pkey.c crypto/asn1/n_pkey.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/f_enum.c crypto/asn1/f_enum.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_hdr.c crypto/asn1/a_hdr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_pkey.c crypto/asn1/x_pkey.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_bool.c crypto/asn1/a_bool.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/x_exten.c crypto/asn1/x_exten.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/asn_mime.c crypto/asn1/asn_mime.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/asn1_gen.c crypto/asn1/asn1_gen.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/asn1_par.c crypto/asn1/asn1_par.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/asn1_lib.c crypto/asn1/asn1_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/asn1_err.c crypto/asn1/asn1_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_meth.c crypto/asn1/a_meth.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_bytes.c crypto/asn1/a_bytes.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/a_strnid.c crypto/asn1/a_strnid.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/evp_asn1.c crypto/asn1/evp_asn1.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/asn_pack.c crypto/asn1/asn_pack.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/p5_pbe.c crypto/asn1/p5_pbe.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/p5_pbev2.c crypto/asn1/p5_pbev2.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/p8_pkey.c crypto/asn1/p8_pkey.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/asn1/asn_moid.c crypto/asn1/asn_moid.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pem/pem_sign.c crypto/pem/pem_sign.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pem/pem_seal.c crypto/pem/pem_seal.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pem/pem_info.c crypto/pem/pem_info.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pem/pem_lib.c crypto/pem/pem_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pem/pem_all.c crypto/pem/pem_all.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pem/pem_err.c crypto/pem/pem_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pem/pem_x509.c crypto/pem/pem_x509.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pem/pem_xaux.c crypto/pem/pem_xaux.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pem/pem_oth.c crypto/pem/pem_oth.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pem/pem_pk8.c crypto/pem/pem_pk8.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pem/pem_pkey.c crypto/pem/pem_pkey.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_def.c crypto/x509/x509_def.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_d2.c crypto/x509/x509_d2.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_r2x.c crypto/x509/x509_r2x.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_cmp.c crypto/x509/x509_cmp.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_obj.c crypto/x509/x509_obj.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_req.c crypto/x509/x509_req.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509spki.c crypto/x509/x509spki.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_vfy.c crypto/x509/x509_vfy.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_set.c crypto/x509/x509_set.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509cset.c crypto/x509/x509cset.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509rset.c crypto/x509/x509rset.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_err.c crypto/x509/x509_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509name.c crypto/x509/x509name.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_v3.c crypto/x509/x509_v3.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_ext.c crypto/x509/x509_ext.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_att.c crypto/x509/x509_att.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509type.c crypto/x509/x509type.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_lu.c crypto/x509/x509_lu.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x_all.c crypto/x509/x_all.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_txt.c crypto/x509/x509_txt.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_trs.c crypto/x509/x509_trs.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/by_file.c crypto/x509/by_file.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/by_dir.c crypto/x509/by_dir.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509/x509_vpm.c crypto/x509/x509_vpm.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_bcons.c crypto/x509v3/v3_bcons.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_bitst.c crypto/x509v3/v3_bitst.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_conf.c crypto/x509v3/v3_conf.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_extku.c crypto/x509v3/v3_extku.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_ia5.c crypto/x509v3/v3_ia5.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_lib.c crypto/x509v3/v3_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_prn.c crypto/x509v3/v3_prn.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_utl.c crypto/x509v3/v3_utl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3err.c crypto/x509v3/v3err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_genn.c crypto/x509v3/v3_genn.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_alt.c crypto/x509v3/v3_alt.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_skey.c crypto/x509v3/v3_skey.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_akey.c crypto/x509v3/v3_akey.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_pku.c crypto/x509v3/v3_pku.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_int.c crypto/x509v3/v3_int.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_enum.c crypto/x509v3/v3_enum.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_sxnet.c crypto/x509v3/v3_sxnet.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_cpols.c crypto/x509v3/v3_cpols.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_crld.c crypto/x509v3/v3_crld.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_purp.c crypto/x509v3/v3_purp.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_info.c crypto/x509v3/v3_info.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_ocsp.c crypto/x509v3/v3_ocsp.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_akeya.c crypto/x509v3/v3_akeya.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_pmaps.c crypto/x509v3/v3_pmaps.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_pcons.c crypto/x509v3/v3_pcons.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_ncons.c crypto/x509v3/v3_ncons.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_pcia.c crypto/x509v3/v3_pcia.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_pci.c crypto/x509v3/v3_pci.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/pcy_cache.c crypto/x509v3/pcy_cache.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/pcy_node.c crypto/x509v3/pcy_node.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/pcy_data.c crypto/x509v3/pcy_data.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/pcy_map.c crypto/x509v3/pcy_map.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/pcy_tree.c crypto/x509v3/pcy_tree.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/pcy_lib.c crypto/x509v3/pcy_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_asid.c crypto/x509v3/v3_asid.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/x509v3/v3_addr.c crypto/x509v3/v3_addr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/conf/conf_err.c crypto/conf/conf_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/conf/conf_lib.c crypto/conf/conf_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/conf/conf_api.c crypto/conf/conf_api.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/conf/conf_def.c crypto/conf/conf_def.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/conf/conf_mod.c crypto/conf/conf_mod.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/conf/conf_mall.c crypto/conf/conf_mall.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/conf/conf_sap.c crypto/conf/conf_sap.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/txt_db/txt_db.c crypto/txt_db/txt_db.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs7/pk7_asn1.c crypto/pkcs7/pk7_asn1.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs7/pk7_lib.c crypto/pkcs7/pk7_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs7/pkcs7err.c crypto/pkcs7/pkcs7err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs7/pk7_doit.c crypto/pkcs7/pk7_doit.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs7/pk7_smime.c crypto/pkcs7/pk7_smime.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs7/pk7_attr.c crypto/pkcs7/pk7_attr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs7/pk7_mime.c crypto/pkcs7/pk7_mime.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs12/p12_add.c crypto/pkcs12/p12_add.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs12/p12_asn.c crypto/pkcs12/p12_asn.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs12/p12_attr.c crypto/pkcs12/p12_attr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs12/p12_crpt.c crypto/pkcs12/p12_crpt.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs12/p12_crt.c crypto/pkcs12/p12_crt.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs12/p12_decr.c crypto/pkcs12/p12_decr.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs12/p12_init.c crypto/pkcs12/p12_init.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs12/p12_key.c crypto/pkcs12/p12_key.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs12/p12_kiss.c crypto/pkcs12/p12_kiss.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs12/p12_mutl.c crypto/pkcs12/p12_mutl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs12/p12_utl.c crypto/pkcs12/p12_utl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs12/p12_npas.c crypto/pkcs12/p12_npas.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs12/pk12err.c crypto/pkcs12/pk12err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs12/p12_p8d.c crypto/pkcs12/p12_p8d.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pkcs12/p12_p8e.c crypto/pkcs12/p12_p8e.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/comp/comp_lib.c crypto/comp/comp_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/comp/comp_err.c crypto/comp/comp_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/comp/c_rle.c crypto/comp/c_rle.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/comp/c_zlib.c crypto/comp/c_zlib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/eng_err.c crypto/engine/eng_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/eng_lib.c crypto/engine/eng_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/eng_list.c crypto/engine/eng_list.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/eng_init.c crypto/engine/eng_init.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/eng_ctrl.c crypto/engine/eng_ctrl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/eng_table.c crypto/engine/eng_table.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/eng_pkey.c crypto/engine/eng_pkey.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/eng_fat.c crypto/engine/eng_fat.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/eng_all.c crypto/engine/eng_all.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/tb_rsa.c crypto/engine/tb_rsa.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/tb_dsa.c crypto/engine/tb_dsa.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/tb_ecdsa.c crypto/engine/tb_ecdsa.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/tb_dh.c crypto/engine/tb_dh.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/tb_ecdh.c crypto/engine/tb_ecdh.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/tb_rand.c crypto/engine/tb_rand.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/tb_store.c crypto/engine/tb_store.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/tb_cipher.c crypto/engine/tb_cipher.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/tb_digest.c crypto/engine/tb_digest.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/eng_openssl.c crypto/engine/eng_openssl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/eng_cnf.c crypto/engine/eng_cnf.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/eng_dyn.c crypto/engine/eng_dyn.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/eng_cryptodev.c crypto/engine/eng_cryptodev.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/engine/eng_padlock.c crypto/engine/eng_padlock.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ocsp/ocsp_asn.c crypto/ocsp/ocsp_asn.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ocsp/ocsp_ext.c crypto/ocsp/ocsp_ext.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ocsp/ocsp_ht.c crypto/ocsp/ocsp_ht.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ocsp/ocsp_lib.c crypto/ocsp/ocsp_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ocsp/ocsp_cl.c crypto/ocsp/ocsp_cl.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ocsp/ocsp_srv.c crypto/ocsp/ocsp_srv.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ocsp/ocsp_prn.c crypto/ocsp/ocsp_prn.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ocsp/ocsp_vfy.c crypto/ocsp/ocsp_vfy.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ocsp/ocsp_err.c crypto/ocsp/ocsp_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ui/ui_err.c crypto/ui/ui_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ui/ui_lib.c crypto/ui/ui_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ui/ui_util.c crypto/ui/ui_util.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/ui/ui_compat.c crypto/ui/ui_compat.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/krb5/krb5_asn.c crypto/krb5/krb5_asn.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/store/str_err.c crypto/store/str_err.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/store/str_lib.c crypto/store/str_lib.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/store/str_meth.c crypto/store/str_meth.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/store/str_mem.c crypto/store/str_mem.c +-install -D /home/mjg59/Source/efi/edk2/CryptoPkg/Library/OpensslLib/openssl-0.9.8w/crypto/pqueue/pqueue.c crypto/pqueue/pqueue.c ++DIR=$1 ++ ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/e_os.h e_os.h ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/cryptlib.c crypto/cryptlib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dyn_lck.c crypto/dyn_lck.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/mem.c crypto/mem.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/mem_clr.c crypto/mem_clr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/mem_dbg.c crypto/mem_dbg.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/cversion.c crypto/cversion.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ex_data.c crypto/ex_data.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/cpt_err.c crypto/cpt_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ebcdic.c crypto/ebcdic.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/uid.c crypto/uid.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/o_time.c crypto/o_time.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/o_str.c crypto/o_str.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/o_dir.c crypto/o_dir.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/o_init.c crypto/o_init.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/fips_err.c crypto/fips_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/md2/md2_dgst.c crypto/md2/md2_dgst.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/md2/md2_one.c crypto/md2/md2_one.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/md4/md4_dgst.c crypto/md4/md4_dgst.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/md4/md4_one.c crypto/md4/md4_one.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/md5/md5_dgst.c crypto/md5/md5_dgst.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/md5/md5_one.c crypto/md5/md5_one.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/sha/sha_dgst.c crypto/sha/sha_dgst.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/sha/sha1dgst.c crypto/sha/sha1dgst.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/sha/sha_one.c crypto/sha/sha_one.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/sha/sha1_one.c crypto/sha/sha1_one.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/sha/sha256.c crypto/sha/sha256.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/sha/sha512.c crypto/sha/sha512.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/hmac/hmac.c crypto/hmac/hmac.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ripemd/rmd_dgst.c crypto/ripemd/rmd_dgst.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ripemd/rmd_one.c crypto/ripemd/rmd_one.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/des_lib.c crypto/des/des_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/set_key.c crypto/des/set_key.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/ecb_enc.c crypto/des/ecb_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/cbc_enc.c crypto/des/cbc_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/ecb3_enc.c crypto/des/ecb3_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/cfb64enc.c crypto/des/cfb64enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/cfb64ede.c crypto/des/cfb64ede.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/cfb_enc.c crypto/des/cfb_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/ofb64ede.c crypto/des/ofb64ede.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/enc_read.c crypto/des/enc_read.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/enc_writ.c crypto/des/enc_writ.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/ofb64enc.c crypto/des/ofb64enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/ofb_enc.c crypto/des/ofb_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/str2key.c crypto/des/str2key.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/pcbc_enc.c crypto/des/pcbc_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/qud_cksm.c crypto/des/qud_cksm.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/rand_key.c crypto/des/rand_key.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/des_enc.c crypto/des/des_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/fcrypt_b.c crypto/des/fcrypt_b.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/fcrypt.c crypto/des/fcrypt.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/xcbc_enc.c crypto/des/xcbc_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/rpc_enc.c crypto/des/rpc_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/cbc_cksm.c crypto/des/cbc_cksm.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/ede_cbcm_enc.c crypto/des/ede_cbcm_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/des_old.c crypto/des/des_old.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/des_old2.c crypto/des/des_old2.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/des/read2pwd.c crypto/des/read2pwd.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rc2/rc2_ecb.c crypto/rc2/rc2_ecb.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rc2/rc2_skey.c crypto/rc2/rc2_skey.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rc2/rc2_cbc.c crypto/rc2/rc2_cbc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rc2/rc2cfb64.c crypto/rc2/rc2cfb64.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rc2/rc2ofb64.c crypto/rc2/rc2ofb64.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rc4/rc4_enc.c crypto/rc4/rc4_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rc4/rc4_skey.c crypto/rc4/rc4_skey.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rc4/rc4_fblk.c crypto/rc4/rc4_fblk.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/idea/i_cbc.c crypto/idea/i_cbc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/idea/i_cfb64.c crypto/idea/i_cfb64.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/idea/i_ofb64.c crypto/idea/i_ofb64.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/idea/i_ecb.c crypto/idea/i_ecb.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/idea/i_skey.c crypto/idea/i_skey.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bf/bf_skey.c crypto/bf/bf_skey.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bf/bf_ecb.c crypto/bf/bf_ecb.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bf/bf_enc.c crypto/bf/bf_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bf/bf_cfb64.c crypto/bf/bf_cfb64.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bf/bf_ofb64.c crypto/bf/bf_ofb64.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/cast/c_skey.c crypto/cast/c_skey.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/cast/c_ecb.c crypto/cast/c_ecb.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/cast/c_enc.c crypto/cast/c_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/cast/c_cfb64.c crypto/cast/c_cfb64.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/cast/c_ofb64.c crypto/cast/c_ofb64.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/aes/aes_misc.c crypto/aes/aes_misc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/aes/aes_ecb.c crypto/aes/aes_ecb.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/aes/aes_cfb.c crypto/aes/aes_cfb.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/aes/aes_ofb.c crypto/aes/aes_ofb.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/aes/aes_ctr.c crypto/aes/aes_ctr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/aes/aes_ige.c crypto/aes/aes_ige.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/aes/aes_wrap.c crypto/aes/aes_wrap.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/aes/aes_core.c crypto/aes/aes_core.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/aes/aes_cbc.c crypto/aes/aes_cbc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_add.c crypto/bn/bn_add.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_div.c crypto/bn/bn_div.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_exp.c crypto/bn/bn_exp.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_lib.c crypto/bn/bn_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_ctx.c crypto/bn/bn_ctx.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_mul.c crypto/bn/bn_mul.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_mod.c crypto/bn/bn_mod.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_print.c crypto/bn/bn_print.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_rand.c crypto/bn/bn_rand.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_shift.c crypto/bn/bn_shift.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_word.c crypto/bn/bn_word.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_blind.c crypto/bn/bn_blind.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_kron.c crypto/bn/bn_kron.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_sqrt.c crypto/bn/bn_sqrt.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_gcd.c crypto/bn/bn_gcd.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_prime.c crypto/bn/bn_prime.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_err.c crypto/bn/bn_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_sqr.c crypto/bn/bn_sqr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_asm.c crypto/bn/bn_asm.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_recp.c crypto/bn/bn_recp.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_mont.c crypto/bn/bn_mont.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_mpi.c crypto/bn/bn_mpi.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_exp2.c crypto/bn/bn_exp2.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_gf2m.c crypto/bn/bn_gf2m.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_nist.c crypto/bn/bn_nist.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_depr.c crypto/bn/bn_depr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_x931p.c crypto/bn/bn_x931p.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_const.c crypto/bn/bn_const.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bn/bn_opt.c crypto/bn/bn_opt.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_eay.c crypto/rsa/rsa_eay.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_gen.c crypto/rsa/rsa_gen.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_lib.c crypto/rsa/rsa_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_sign.c crypto/rsa/rsa_sign.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_saos.c crypto/rsa/rsa_saos.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_err.c crypto/rsa/rsa_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_pk1.c crypto/rsa/rsa_pk1.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_ssl.c crypto/rsa/rsa_ssl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_none.c crypto/rsa/rsa_none.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_oaep.c crypto/rsa/rsa_oaep.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_chk.c crypto/rsa/rsa_chk.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_null.c crypto/rsa/rsa_null.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_pss.c crypto/rsa/rsa_pss.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_x931.c crypto/rsa/rsa_x931.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_x931g.c crypto/rsa/rsa_x931g.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_asn1.c crypto/rsa/rsa_asn1.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_depr.c crypto/rsa/rsa_depr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rsa/rsa_eng.c crypto/rsa/rsa_eng.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dsa/dsa_gen.c crypto/dsa/dsa_gen.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dsa/dsa_key.c crypto/dsa/dsa_key.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dsa/dsa_lib.c crypto/dsa/dsa_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dsa/dsa_asn1.c crypto/dsa/dsa_asn1.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dsa/dsa_vrf.c crypto/dsa/dsa_vrf.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dsa/dsa_sign.c crypto/dsa/dsa_sign.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dsa/dsa_err.c crypto/dsa/dsa_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dsa/dsa_ossl.c crypto/dsa/dsa_ossl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dsa/dsa_depr.c crypto/dsa/dsa_depr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dsa/dsa_utl.c crypto/dsa/dsa_utl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dso/dso_dl.c crypto/dso/dso_dl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dso/dso_dlfcn.c crypto/dso/dso_dlfcn.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dso/dso_err.c crypto/dso/dso_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dso/dso_lib.c crypto/dso/dso_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dso/dso_null.c crypto/dso/dso_null.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dso/dso_openssl.c crypto/dso/dso_openssl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dso/dso_win32.c crypto/dso/dso_win32.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dso/dso_vms.c crypto/dso/dso_vms.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dh/dh_asn1.c crypto/dh/dh_asn1.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dh/dh_gen.c crypto/dh/dh_gen.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dh/dh_key.c crypto/dh/dh_key.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dh/dh_lib.c crypto/dh/dh_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dh/dh_check.c crypto/dh/dh_check.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dh/dh_err.c crypto/dh/dh_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/dh/dh_depr.c crypto/dh/dh_depr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ec/ec_lib.c crypto/ec/ec_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ec/ecp_smpl.c crypto/ec/ecp_smpl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ec/ecp_mont.c crypto/ec/ecp_mont.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ec/ecp_nist.c crypto/ec/ecp_nist.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ec/ec_cvt.c crypto/ec/ec_cvt.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ec/ec_mult.c crypto/ec/ec_mult.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ec/ec_err.c crypto/ec/ec_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ec/ec_curve.c crypto/ec/ec_curve.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ec/ec_check.c crypto/ec/ec_check.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ec/ec_print.c crypto/ec/ec_print.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ec/ec_asn1.c crypto/ec/ec_asn1.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ec/ec_key.c crypto/ec/ec_key.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ec/ec2_smpl.c crypto/ec/ec2_smpl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ec/ec2_mult.c crypto/ec/ec2_mult.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ecdh/ech_lib.c crypto/ecdh/ech_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ecdh/ech_ossl.c crypto/ecdh/ech_ossl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ecdh/ech_key.c crypto/ecdh/ech_key.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ecdh/ech_err.c crypto/ecdh/ech_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ecdsa/ecs_lib.c crypto/ecdsa/ecs_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ecdsa/ecs_asn1.c crypto/ecdsa/ecs_asn1.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ecdsa/ecs_ossl.c crypto/ecdsa/ecs_ossl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ecdsa/ecs_sign.c crypto/ecdsa/ecs_sign.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ecdsa/ecs_vrf.c crypto/ecdsa/ecs_vrf.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ecdsa/ecs_err.c crypto/ecdsa/ecs_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/buffer/buffer.c crypto/buffer/buffer.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/buffer/buf_str.c crypto/buffer/buf_str.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/buffer/buf_err.c crypto/buffer/buf_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bio/bio_lib.c crypto/bio/bio_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bio/bio_cb.c crypto/bio/bio_cb.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bio/bio_err.c crypto/bio/bio_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bio/bss_mem.c crypto/bio/bss_mem.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bio/bss_null.c crypto/bio/bss_null.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bio/bss_fd.c crypto/bio/bss_fd.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bio/bss_file.c crypto/bio/bss_file.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bio/bf_null.c crypto/bio/bf_null.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bio/bf_buff.c crypto/bio/bf_buff.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bio/b_dump.c crypto/bio/b_dump.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bio/bf_nbio.c crypto/bio/bf_nbio.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bio/bss_log.c crypto/bio/bss_log.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bio/bss_bio.c crypto/bio/bss_bio.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/bio/bss_dgram.c crypto/bio/bss_dgram.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/stack/stack.c crypto/stack/stack.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/lhash/lhash.c crypto/lhash/lhash.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/lhash/lh_stats.c crypto/lhash/lh_stats.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rand/md_rand.c crypto/rand/md_rand.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rand/randfile.c crypto/rand/randfile.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rand/rand_lib.c crypto/rand/rand_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rand/rand_eng.c crypto/rand/rand_eng.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rand/rand_err.c crypto/rand/rand_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rand/rand_egd.c crypto/rand/rand_egd.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rand/rand_win.c crypto/rand/rand_win.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rand/rand_unix.c crypto/rand/rand_unix.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rand/rand_os2.c crypto/rand/rand_os2.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/rand/rand_nw.c crypto/rand/rand_nw.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/err/err.c crypto/err/err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/err/err_def.c crypto/err/err_def.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/err/err_all.c crypto/err/err_all.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/err/err_prn.c crypto/err/err_prn.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/err/err_str.c crypto/err/err_str.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/err/err_bio.c crypto/err/err_bio.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/objects/o_names.c crypto/objects/o_names.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/objects/obj_dat.c crypto/objects/obj_dat.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/objects/obj_lib.c crypto/objects/obj_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/objects/obj_err.c crypto/objects/obj_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/encode.c crypto/evp/encode.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/digest.c crypto/evp/digest.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/dig_eng.c crypto/evp/dig_eng.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/evp_enc.c crypto/evp/evp_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/evp_key.c crypto/evp/evp_key.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/evp_acnf.c crypto/evp/evp_acnf.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/evp_cnf.c crypto/evp/evp_cnf.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/e_des.c crypto/evp/e_des.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/e_bf.c crypto/evp/e_bf.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/e_idea.c crypto/evp/e_idea.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/e_des3.c crypto/evp/e_des3.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/e_rc4.c crypto/evp/e_rc4.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/e_aes.c crypto/evp/e_aes.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/names.c crypto/evp/names.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/e_xcbc_d.c crypto/evp/e_xcbc_d.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/e_rc2.c crypto/evp/e_rc2.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/e_cast.c crypto/evp/e_cast.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/e_rc5.c crypto/evp/e_rc5.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/enc_min.c crypto/evp/enc_min.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/m_null.c crypto/evp/m_null.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/m_md2.c crypto/evp/m_md2.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/m_md4.c crypto/evp/m_md4.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/m_md5.c crypto/evp/m_md5.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/m_sha.c crypto/evp/m_sha.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/m_sha1.c crypto/evp/m_sha1.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/m_dss.c crypto/evp/m_dss.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/m_dss1.c crypto/evp/m_dss1.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/m_ripemd.c crypto/evp/m_ripemd.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/m_ecdsa.c crypto/evp/m_ecdsa.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/p_open.c crypto/evp/p_open.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/p_seal.c crypto/evp/p_seal.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/p_sign.c crypto/evp/p_sign.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/p_verify.c crypto/evp/p_verify.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/p_lib.c crypto/evp/p_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/p_enc.c crypto/evp/p_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/p_dec.c crypto/evp/p_dec.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/bio_md.c crypto/evp/bio_md.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/bio_b64.c crypto/evp/bio_b64.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/bio_enc.c crypto/evp/bio_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/evp_err.c crypto/evp/evp_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/e_null.c crypto/evp/e_null.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/c_all.c crypto/evp/c_all.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/c_allc.c crypto/evp/c_allc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/c_alld.c crypto/evp/c_alld.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/evp_lib.c crypto/evp/evp_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/bio_ok.c crypto/evp/bio_ok.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/evp_pkey.c crypto/evp/evp_pkey.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/evp_pbe.c crypto/evp/evp_pbe.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/p5_crpt.c crypto/evp/p5_crpt.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/p5_crpt2.c crypto/evp/p5_crpt2.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/evp/e_old.c crypto/evp/e_old.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_object.c crypto/asn1/a_object.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_bitstr.c crypto/asn1/a_bitstr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_utctm.c crypto/asn1/a_utctm.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_gentm.c crypto/asn1/a_gentm.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_time.c crypto/asn1/a_time.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_int.c crypto/asn1/a_int.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_octet.c crypto/asn1/a_octet.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_print.c crypto/asn1/a_print.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_type.c crypto/asn1/a_type.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_set.c crypto/asn1/a_set.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_dup.c crypto/asn1/a_dup.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_d2i_fp.c crypto/asn1/a_d2i_fp.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_i2d_fp.c crypto/asn1/a_i2d_fp.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_enum.c crypto/asn1/a_enum.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_utf8.c crypto/asn1/a_utf8.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_sign.c crypto/asn1/a_sign.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_digest.c crypto/asn1/a_digest.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_verify.c crypto/asn1/a_verify.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_mbstr.c crypto/asn1/a_mbstr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_strex.c crypto/asn1/a_strex.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_algor.c crypto/asn1/x_algor.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_val.c crypto/asn1/x_val.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_pubkey.c crypto/asn1/x_pubkey.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_sig.c crypto/asn1/x_sig.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_req.c crypto/asn1/x_req.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_attrib.c crypto/asn1/x_attrib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_bignum.c crypto/asn1/x_bignum.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_long.c crypto/asn1/x_long.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_name.c crypto/asn1/x_name.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_x509.c crypto/asn1/x_x509.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_x509a.c crypto/asn1/x_x509a.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_crl.c crypto/asn1/x_crl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_info.c crypto/asn1/x_info.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_spki.c crypto/asn1/x_spki.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/nsseq.c crypto/asn1/nsseq.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/d2i_pu.c crypto/asn1/d2i_pu.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/d2i_pr.c crypto/asn1/d2i_pr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/i2d_pu.c crypto/asn1/i2d_pu.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/i2d_pr.c crypto/asn1/i2d_pr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/t_req.c crypto/asn1/t_req.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/t_x509.c crypto/asn1/t_x509.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/t_x509a.c crypto/asn1/t_x509a.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/t_crl.c crypto/asn1/t_crl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/t_pkey.c crypto/asn1/t_pkey.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/t_spki.c crypto/asn1/t_spki.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/t_bitst.c crypto/asn1/t_bitst.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/tasn_new.c crypto/asn1/tasn_new.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/tasn_fre.c crypto/asn1/tasn_fre.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/tasn_enc.c crypto/asn1/tasn_enc.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/tasn_dec.c crypto/asn1/tasn_dec.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/tasn_utl.c crypto/asn1/tasn_utl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/tasn_typ.c crypto/asn1/tasn_typ.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/f_int.c crypto/asn1/f_int.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/f_string.c crypto/asn1/f_string.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/n_pkey.c crypto/asn1/n_pkey.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/f_enum.c crypto/asn1/f_enum.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_hdr.c crypto/asn1/a_hdr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_pkey.c crypto/asn1/x_pkey.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_bool.c crypto/asn1/a_bool.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/x_exten.c crypto/asn1/x_exten.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/asn_mime.c crypto/asn1/asn_mime.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/asn1_gen.c crypto/asn1/asn1_gen.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/asn1_par.c crypto/asn1/asn1_par.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/asn1_lib.c crypto/asn1/asn1_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/asn1_err.c crypto/asn1/asn1_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_meth.c crypto/asn1/a_meth.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_bytes.c crypto/asn1/a_bytes.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/a_strnid.c crypto/asn1/a_strnid.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/evp_asn1.c crypto/asn1/evp_asn1.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/asn_pack.c crypto/asn1/asn_pack.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/p5_pbe.c crypto/asn1/p5_pbe.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/p5_pbev2.c crypto/asn1/p5_pbev2.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/p8_pkey.c crypto/asn1/p8_pkey.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/asn1/asn_moid.c crypto/asn1/asn_moid.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pem/pem_sign.c crypto/pem/pem_sign.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pem/pem_seal.c crypto/pem/pem_seal.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pem/pem_info.c crypto/pem/pem_info.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pem/pem_lib.c crypto/pem/pem_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pem/pem_all.c crypto/pem/pem_all.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pem/pem_err.c crypto/pem/pem_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pem/pem_x509.c crypto/pem/pem_x509.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pem/pem_xaux.c crypto/pem/pem_xaux.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pem/pem_oth.c crypto/pem/pem_oth.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pem/pem_pk8.c crypto/pem/pem_pk8.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pem/pem_pkey.c crypto/pem/pem_pkey.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_def.c crypto/x509/x509_def.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_d2.c crypto/x509/x509_d2.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_r2x.c crypto/x509/x509_r2x.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_cmp.c crypto/x509/x509_cmp.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_obj.c crypto/x509/x509_obj.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_req.c crypto/x509/x509_req.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509spki.c crypto/x509/x509spki.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_vfy.c crypto/x509/x509_vfy.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_set.c crypto/x509/x509_set.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509cset.c crypto/x509/x509cset.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509rset.c crypto/x509/x509rset.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_err.c crypto/x509/x509_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509name.c crypto/x509/x509name.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_v3.c crypto/x509/x509_v3.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_ext.c crypto/x509/x509_ext.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_att.c crypto/x509/x509_att.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509type.c crypto/x509/x509type.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_lu.c crypto/x509/x509_lu.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x_all.c crypto/x509/x_all.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_txt.c crypto/x509/x509_txt.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_trs.c crypto/x509/x509_trs.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/by_file.c crypto/x509/by_file.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/by_dir.c crypto/x509/by_dir.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509/x509_vpm.c crypto/x509/x509_vpm.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_bcons.c crypto/x509v3/v3_bcons.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_bitst.c crypto/x509v3/v3_bitst.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_conf.c crypto/x509v3/v3_conf.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_extku.c crypto/x509v3/v3_extku.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_ia5.c crypto/x509v3/v3_ia5.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_lib.c crypto/x509v3/v3_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_prn.c crypto/x509v3/v3_prn.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_utl.c crypto/x509v3/v3_utl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3err.c crypto/x509v3/v3err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_genn.c crypto/x509v3/v3_genn.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_alt.c crypto/x509v3/v3_alt.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_skey.c crypto/x509v3/v3_skey.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_akey.c crypto/x509v3/v3_akey.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_pku.c crypto/x509v3/v3_pku.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_int.c crypto/x509v3/v3_int.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_enum.c crypto/x509v3/v3_enum.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_sxnet.c crypto/x509v3/v3_sxnet.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_cpols.c crypto/x509v3/v3_cpols.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_crld.c crypto/x509v3/v3_crld.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_purp.c crypto/x509v3/v3_purp.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_info.c crypto/x509v3/v3_info.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_ocsp.c crypto/x509v3/v3_ocsp.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_akeya.c crypto/x509v3/v3_akeya.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_pmaps.c crypto/x509v3/v3_pmaps.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_pcons.c crypto/x509v3/v3_pcons.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_ncons.c crypto/x509v3/v3_ncons.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_pcia.c crypto/x509v3/v3_pcia.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_pci.c crypto/x509v3/v3_pci.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/pcy_cache.c crypto/x509v3/pcy_cache.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/pcy_node.c crypto/x509v3/pcy_node.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/pcy_data.c crypto/x509v3/pcy_data.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/pcy_map.c crypto/x509v3/pcy_map.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/pcy_tree.c crypto/x509v3/pcy_tree.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/pcy_lib.c crypto/x509v3/pcy_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_asid.c crypto/x509v3/v3_asid.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/x509v3/v3_addr.c crypto/x509v3/v3_addr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/conf/conf_err.c crypto/conf/conf_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/conf/conf_lib.c crypto/conf/conf_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/conf/conf_api.c crypto/conf/conf_api.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/conf/conf_def.c crypto/conf/conf_def.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/conf/conf_mod.c crypto/conf/conf_mod.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/conf/conf_mall.c crypto/conf/conf_mall.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/conf/conf_sap.c crypto/conf/conf_sap.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/txt_db/txt_db.c crypto/txt_db/txt_db.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs7/pk7_asn1.c crypto/pkcs7/pk7_asn1.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs7/pk7_lib.c crypto/pkcs7/pk7_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs7/pkcs7err.c crypto/pkcs7/pkcs7err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs7/pk7_doit.c crypto/pkcs7/pk7_doit.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs7/pk7_smime.c crypto/pkcs7/pk7_smime.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs7/pk7_attr.c crypto/pkcs7/pk7_attr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs7/pk7_mime.c crypto/pkcs7/pk7_mime.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs12/p12_add.c crypto/pkcs12/p12_add.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs12/p12_asn.c crypto/pkcs12/p12_asn.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs12/p12_attr.c crypto/pkcs12/p12_attr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs12/p12_crpt.c crypto/pkcs12/p12_crpt.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs12/p12_crt.c crypto/pkcs12/p12_crt.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs12/p12_decr.c crypto/pkcs12/p12_decr.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs12/p12_init.c crypto/pkcs12/p12_init.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs12/p12_key.c crypto/pkcs12/p12_key.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs12/p12_kiss.c crypto/pkcs12/p12_kiss.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs12/p12_mutl.c crypto/pkcs12/p12_mutl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs12/p12_utl.c crypto/pkcs12/p12_utl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs12/p12_npas.c crypto/pkcs12/p12_npas.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs12/pk12err.c crypto/pkcs12/pk12err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs12/p12_p8d.c crypto/pkcs12/p12_p8d.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pkcs12/p12_p8e.c crypto/pkcs12/p12_p8e.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/comp/comp_lib.c crypto/comp/comp_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/comp/comp_err.c crypto/comp/comp_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/comp/c_rle.c crypto/comp/c_rle.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/comp/c_zlib.c crypto/comp/c_zlib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/eng_err.c crypto/engine/eng_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/eng_lib.c crypto/engine/eng_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/eng_list.c crypto/engine/eng_list.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/eng_init.c crypto/engine/eng_init.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/eng_ctrl.c crypto/engine/eng_ctrl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/eng_table.c crypto/engine/eng_table.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/eng_pkey.c crypto/engine/eng_pkey.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/eng_fat.c crypto/engine/eng_fat.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/eng_all.c crypto/engine/eng_all.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/tb_rsa.c crypto/engine/tb_rsa.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/tb_dsa.c crypto/engine/tb_dsa.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/tb_ecdsa.c crypto/engine/tb_ecdsa.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/tb_dh.c crypto/engine/tb_dh.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/tb_ecdh.c crypto/engine/tb_ecdh.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/tb_rand.c crypto/engine/tb_rand.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/tb_store.c crypto/engine/tb_store.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/tb_cipher.c crypto/engine/tb_cipher.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/tb_digest.c crypto/engine/tb_digest.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/eng_openssl.c crypto/engine/eng_openssl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/eng_cnf.c crypto/engine/eng_cnf.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/eng_dyn.c crypto/engine/eng_dyn.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/eng_cryptodev.c crypto/engine/eng_cryptodev.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/engine/eng_padlock.c crypto/engine/eng_padlock.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ocsp/ocsp_asn.c crypto/ocsp/ocsp_asn.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ocsp/ocsp_ext.c crypto/ocsp/ocsp_ext.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ocsp/ocsp_ht.c crypto/ocsp/ocsp_ht.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ocsp/ocsp_lib.c crypto/ocsp/ocsp_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ocsp/ocsp_cl.c crypto/ocsp/ocsp_cl.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ocsp/ocsp_srv.c crypto/ocsp/ocsp_srv.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ocsp/ocsp_prn.c crypto/ocsp/ocsp_prn.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ocsp/ocsp_vfy.c crypto/ocsp/ocsp_vfy.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ocsp/ocsp_err.c crypto/ocsp/ocsp_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ui/ui_err.c crypto/ui/ui_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ui/ui_lib.c crypto/ui/ui_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ui/ui_util.c crypto/ui/ui_util.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/ui/ui_compat.c crypto/ui/ui_compat.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/krb5/krb5_asn.c crypto/krb5/krb5_asn.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/store/str_err.c crypto/store/str_err.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/store/str_lib.c crypto/store/str_lib.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/store/str_meth.c crypto/store/str_meth.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/store/str_mem.c crypto/store/str_mem.c ++install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-0.9.8za/crypto/pqueue/pqueue.c crypto/pqueue/pqueue.c +diff --git a/Cryptlib/Pk/CryptPkcs7.c b/Cryptlib/Pk/CryptPkcs7.c +deleted file mode 100644 +index 218e7ac..0000000 +--- a/Cryptlib/Pk/CryptPkcs7.c ++++ /dev/null +@@ -1,753 +0,0 @@ +-/** @file
+- PKCS#7 SignedData Verification Wrapper Implementation over OpenSSL.
+-
+- Caution: This module requires additional review when modified.
+- This library will have external input - signature (e.g. UEFI Authenticated
+- Variable). It may by input in SMM mode.
+- This external input must be validated carefully to avoid security issue like
+- buffer overflow, integer overflow.
+-
+- WrapPkcs7Data(), Pkcs7GetSigners(), Pkcs7Verify() will get UEFI Authenticated
+- Variable and will do basic check for data structure.
+-
+-Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
+-This program and the accompanying materials
+-are licensed and made available under the terms and conditions of the BSD License
+-which accompanies this distribution. The full text of the license may be found at
+-http://opensource.org/licenses/bsd-license.php
+-
+-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+-
+-**/
+-
+-#include "InternalCryptLib.h"
+-
+-#include <openssl/objects.h>
+-#include <openssl/x509.h>
+-#include <openssl/pkcs7.h>
+-
+-UINT8 mOidValue[9] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02 };
+-
+-/**
+- Verification callback function to override any existing callbacks in OpenSSL
+- for intermediate certificate supports.
+-
+- @param[in] Status Original status before calling this callback.
+- @param[in] Context X509 store context.
+-
+- @retval 1 Current X509 certificate is verified successfully.
+- @retval 0 Verification failed.
+-
+-**/
+-int
+-X509VerifyCb (
+- IN int Status,
+- IN X509_STORE_CTX *Context
+- )
+-{
+- X509_OBJECT *Obj;
+- INTN Error;
+- INTN Index;
+- INTN Count;
+-
+- Obj = NULL;
+- Error = (INTN) X509_STORE_CTX_get_error (Context);
+-
+- //
+- // X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT and X509_V_ERR_UNABLE_TO_GET_ISSUER_
+- // CERT_LOCALLY mean a X509 certificate is not self signed and its issuer
+- // can not be found in X509_verify_cert of X509_vfy.c.
+- // In order to support intermediate certificate node, we override the
+- // errors if the certification is obtained from X509 store, i.e. it is
+- // a trusted ceritifcate node that is enrolled by user.
+- // Besides,X509_V_ERR_CERT_UNTRUSTED and X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE
+- // are also ignored to enable such feature.
+- //
+- if ((Error == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT) ||
+- (Error == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY)) {
+- Obj = (X509_OBJECT *) malloc (sizeof (X509_OBJECT));
+- if (Obj == NULL) {
+- return 0;
+- }
+-
+- Obj->type = X509_LU_X509;
+- Obj->data.x509 = Context->current_cert;
+-
+- CRYPTO_w_lock (CRYPTO_LOCK_X509_STORE);
+-
+- if (X509_OBJECT_retrieve_match (Context->ctx->objs, Obj)) {
+- Status = 1;
+- } else {
+- //
+- // If any certificate in the chain is enrolled as trusted certificate,
+- // pass the certificate verification.
+- //
+- if (Error == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY) {
+- Count = (INTN) sk_X509_num (Context->chain);
+- for (Index = 0; Index < Count; Index++) {
+- Obj->data.x509 = sk_X509_value (Context->chain, (int) Index);
+- if (X509_OBJECT_retrieve_match (Context->ctx->objs, Obj)) {
+- Status = 1;
+- break;
+- }
+- }
+- }
+- }
+-
+- CRYPTO_w_unlock (CRYPTO_LOCK_X509_STORE);
+- }
+-
+- if ((Error == X509_V_ERR_CERT_UNTRUSTED) ||
+- (Error == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE)) {
+- Status = 1;
+- }
+-
+- if (Obj != NULL) {
+- OPENSSL_free (Obj);
+- }
+-
+- return Status;
+-}
+-
+-/**
+- Creates a PKCS#7 signedData as described in "PKCS #7: Cryptographic Message
+- Syntax Standard, version 1.5". This interface is only intended to be used for
+- application to perform PKCS#7 functionality validation.
+-
+- @param[in] PrivateKey Pointer to the PEM-formatted private key data for
+- data signing.
+- @param[in] PrivateKeySize Size of the PEM private key data in bytes.
+- @param[in] KeyPassword NULL-terminated passphrase used for encrypted PEM
+- key data.
+- @param[in] InData Pointer to the content to be signed.
+- @param[in] InDataSize Size of InData in bytes.
+- @param[in] SignCert Pointer to signer's DER-encoded certificate to sign with.
+- @param[in] OtherCerts Pointer to an optional additional set of certificates to
+- include in the PKCS#7 signedData (e.g. any intermediate
+- CAs in the chain).
+- @param[out] SignedData Pointer to output PKCS#7 signedData.
+- @param[out] SignedDataSize Size of SignedData in bytes.
+-
+- @retval TRUE PKCS#7 data signing succeeded.
+- @retval FALSE PKCS#7 data signing failed.
+-
+-**/
+-BOOLEAN
+-EFIAPI
+-Pkcs7Sign (
+- IN CONST UINT8 *PrivateKey,
+- IN UINTN PrivateKeySize,
+- IN CONST UINT8 *KeyPassword,
+- IN UINT8 *InData,
+- IN UINTN InDataSize,
+- IN UINT8 *SignCert,
+- IN UINT8 *OtherCerts OPTIONAL,
+- OUT UINT8 **SignedData,
+- OUT UINTN *SignedDataSize
+- )
+-{
+- BOOLEAN Status;
+- EVP_PKEY *Key;
+- BIO *DataBio;
+- PKCS7 *Pkcs7;
+- UINT8 *RsaContext;
+- UINT8 *P7Data;
+- UINTN P7DataSize;
+- UINT8 *Tmp;
+-
+- //
+- // Check input parameters.
+- //
+- if (PrivateKey == NULL || KeyPassword == NULL || InData == NULL ||
+- SignCert == NULL || SignedData == NULL || SignedDataSize == NULL || InDataSize > INT_MAX) {
+- return FALSE;
+- }
+-
+- RsaContext = NULL;
+- Key = NULL;
+- Pkcs7 = NULL;
+- DataBio = NULL;
+- Status = FALSE;
+-
+- //
+- // Retrieve RSA private key from PEM data.
+- //
+- Status = RsaGetPrivateKeyFromPem (
+- PrivateKey,
+- PrivateKeySize,
+- (CONST CHAR8 *) KeyPassword,
+- (VOID **) &RsaContext
+- );
+- if (!Status) {
+- return Status;
+- }
+-
+- //
+- // Register & Initialize necessary digest algorithms and PRNG for PKCS#7 Handling
+- //
+- EVP_add_digest (EVP_md5());
+- EVP_add_digest (EVP_sha1());
+- EVP_add_digest (EVP_sha256());
+- RandomSeed (NULL, 0);
+-
+- //
+- // Construct OpenSSL EVP_PKEY for private key.
+- //
+- Key = EVP_PKEY_new ();
+- if (Key == NULL) {
+- Status = FALSE;
+- goto _Exit;
+- }
+- Key->save_type = EVP_PKEY_RSA;
+- Key->type = EVP_PKEY_type (EVP_PKEY_RSA);
+- Key->pkey.rsa = (RSA *) RsaContext;
+-
+- //
+- // Convert the data to be signed to BIO format.
+- //
+- DataBio = BIO_new (BIO_s_mem ());
+- BIO_write (DataBio, InData, (int) InDataSize);
+-
+- //
+- // Create the PKCS#7 signedData structure.
+- //
+- Pkcs7 = PKCS7_sign (
+- (X509 *) SignCert,
+- Key,
+- (STACK_OF(X509) *) OtherCerts,
+- DataBio,
+- PKCS7_BINARY | PKCS7_NOATTR | PKCS7_DETACHED
+- );
+- if (Pkcs7 == NULL) {
+- Status = FALSE;
+- goto _Exit;
+- }
+-
+- //
+- // Convert PKCS#7 signedData structure into DER-encoded buffer.
+- //
+- P7DataSize = i2d_PKCS7 (Pkcs7, NULL);
+- if (P7DataSize <= 19) {
+- Status = FALSE;
+- goto _Exit;
+- }
+-
+- P7Data = malloc (P7DataSize);
+- if (P7Data == NULL) {
+- Status = FALSE;
+- goto _Exit;
+- }
+-
+- Tmp = P7Data;
+- P7DataSize = i2d_PKCS7 (Pkcs7, (unsigned char **) &Tmp);
+-
+- //
+- // Strip ContentInfo to content only for signeddata. The data be trimmed off
+- // is totally 19 bytes.
+- //
+- *SignedDataSize = P7DataSize - 19;
+- *SignedData = malloc (*SignedDataSize);
+- if (*SignedData == NULL) {
+- Status = FALSE;
+- OPENSSL_free (P7Data);
+- goto _Exit;
+- }
+-
+- CopyMem (*SignedData, P7Data + 19, *SignedDataSize);
+-
+- OPENSSL_free (P7Data);
+-
+- Status = TRUE;
+-
+-_Exit:
+- //
+- // Release Resources
+- //
+- if (RsaContext != NULL) {
+- RsaFree (RsaContext);
+- if (Key != NULL) {
+- Key->pkey.rsa = NULL;
+- }
+- }
+-
+- if (Key != NULL) {
+- EVP_PKEY_free (Key);
+- }
+-
+- if (DataBio != NULL) {
+- BIO_free (DataBio);
+- }
+-
+- if (Pkcs7 != NULL) {
+- PKCS7_free (Pkcs7);
+- }
+-
+- return Status;
+-}
+-
+-/**
+- Check input P7Data is a wrapped ContentInfo structure or not. If not construct
+- a new structure to wrap P7Data.
+-
+- Caution: This function may receive untrusted input.
+- UEFI Authenticated Variable is external input, so this function will do basic
+- check for PKCS#7 data structure.
+-
+- @param[in] P7Data Pointer to the PKCS#7 message to verify.
+- @param[in] P7Length Length of the PKCS#7 message in bytes.
+- @param[out] WrapFlag If TRUE P7Data is a ContentInfo structure, otherwise
+- return FALSE.
+- @param[out] WrapData If return status of this function is TRUE:
+- 1) when WrapFlag is TRUE, pointer to P7Data.
+- 2) when WrapFlag is FALSE, pointer to a new ContentInfo
+- structure. It's caller's responsibility to free this
+- buffer.
+- @param[out] WrapDataSize Length of ContentInfo structure in bytes.
+-
+- @retval TRUE The operation is finished successfully.
+- @retval FALSE The operation is failed due to lack of resources.
+-
+-**/
+-BOOLEAN
+-WrapPkcs7Data (
+- IN CONST UINT8 *P7Data,
+- IN UINTN P7Length,
+- OUT BOOLEAN *WrapFlag,
+- OUT UINT8 **WrapData,
+- OUT UINTN *WrapDataSize
+- )
+-{
+- BOOLEAN Wrapped;
+- UINT8 *SignedData;
+-
+- //
+- // Check whether input P7Data is a wrapped ContentInfo structure or not.
+- //
+- Wrapped = FALSE;
+- if ((P7Data[4] == 0x06) && (P7Data[5] == 0x09)) {
+- if (CompareMem (P7Data + 6, mOidValue, sizeof (mOidValue)) == 0) {
+- if ((P7Data[15] == 0xA0) && (P7Data[16] == 0x82)) {
+- Wrapped = TRUE;
+- }
+- }
+- }
+-
+- if (Wrapped) {
+- *WrapData = (UINT8 *) P7Data;
+- *WrapDataSize = P7Length;
+- } else {
+- //
+- // Wrap PKCS#7 signeddata to a ContentInfo structure - add a header in 19 bytes.
+- //
+- *WrapDataSize = P7Length + 19;
+- *WrapData = malloc (*WrapDataSize);
+- if (*WrapData == NULL) {
+- *WrapFlag = Wrapped;
+- return FALSE;
+- }
+-
+- SignedData = *WrapData;
+-
+- //
+- // Part1: 0x30, 0x82.
+- //
+- SignedData[0] = 0x30;
+- SignedData[1] = 0x82;
+-
+- //
+- // Part2: Length1 = P7Length + 19 - 4, in big endian.
+- //
+- SignedData[2] = (UINT8) (((UINT16) (*WrapDataSize - 4)) >> 8);
+- SignedData[3] = (UINT8) (((UINT16) (*WrapDataSize - 4)) & 0xff);
+-
+- //
+- // Part3: 0x06, 0x09.
+- //
+- SignedData[4] = 0x06;
+- SignedData[5] = 0x09;
+-
+- //
+- // Part4: OID value -- 0x2A 0x86 0x48 0x86 0xF7 0x0D 0x01 0x07 0x02.
+- //
+- CopyMem (SignedData + 6, mOidValue, sizeof (mOidValue));
+-
+- //
+- // Part5: 0xA0, 0x82.
+- //
+- SignedData[15] = 0xA0;
+- SignedData[16] = 0x82;
+-
+- //
+- // Part6: Length2 = P7Length, in big endian.
+- //
+- SignedData[17] = (UINT8) (((UINT16) P7Length) >> 8);
+- SignedData[18] = (UINT8) (((UINT16) P7Length) & 0xff);
+-
+- //
+- // Part7: P7Data.
+- //
+- CopyMem (SignedData + 19, P7Data, P7Length);
+- }
+-
+- *WrapFlag = Wrapped;
+- return TRUE;
+-}
+-
+-/**
+- Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7:
+- Cryptographic Message Syntax Standard". The input signed data could be wrapped
+- in a ContentInfo structure.
+-
+- If P7Data, CertStack, StackLength, TrustedCert or CertLength is NULL, then
+- return FALSE. If P7Length overflow, then return FAlSE.
+-
+- Caution: This function may receive untrusted input.
+- UEFI Authenticated Variable is external input, so this function will do basic
+- check for PKCS#7 data structure.
+-
+- @param[in] P7Data Pointer to the PKCS#7 message to verify.
+- @param[in] P7Length Length of the PKCS#7 message in bytes.
+- @param[out] CertStack Pointer to Signer's certificates retrieved from P7Data.
+- It's caller's responsiblity to free the buffer.
+- @param[out] StackLength Length of signer's certificates in bytes.
+- @param[out] TrustedCert Pointer to a trusted certificate from Signer's certificates.
+- It's caller's responsiblity to free the buffer.
+- @param[out] CertLength Length of the trusted certificate in bytes.
+-
+- @retval TRUE The operation is finished successfully.
+- @retval FALSE Error occurs during the operation.
+-
+-**/
+-BOOLEAN
+-EFIAPI
+-Pkcs7GetSigners (
+- IN CONST UINT8 *P7Data,
+- IN UINTN P7Length,
+- OUT UINT8 **CertStack,
+- OUT UINTN *StackLength,
+- OUT UINT8 **TrustedCert,
+- OUT UINTN *CertLength
+- )
+-{
+- PKCS7 *Pkcs7;
+- BOOLEAN Status;
+- UINT8 *SignedData;
+- UINT8 *Temp;
+- UINTN SignedDataSize;
+- BOOLEAN Wrapped;
+- STACK_OF(X509) *Stack;
+- UINT8 Index;
+- UINT8 *CertBuf;
+- UINT8 *OldBuf;
+- UINTN BufferSize;
+- UINTN OldSize;
+- UINT8 *SingleCert;
+- UINTN SingleCertSize;
+-
+- if ((P7Data == NULL) || (CertStack == NULL) || (StackLength == NULL) ||
+- (TrustedCert == NULL) || (CertLength == NULL) || (P7Length > INT_MAX)) {
+- return FALSE;
+- }
+-
+- Status = WrapPkcs7Data (P7Data, P7Length, &Wrapped, &SignedData, &SignedDataSize);
+- if (!Status) {
+- return Status;
+- }
+-
+- Status = FALSE;
+- Pkcs7 = NULL;
+- Stack = NULL;
+- CertBuf = NULL;
+- OldBuf = NULL;
+- SingleCert = NULL;
+-
+- //
+- // Retrieve PKCS#7 Data (DER encoding)
+- //
+- if (SignedDataSize > INT_MAX) {
+- goto _Exit;
+- }
+-
+- Temp = SignedData;
+- Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **) &Temp, (int) SignedDataSize);
+- if (Pkcs7 == NULL) {
+- goto _Exit;
+- }
+-
+- //
+- // Check if it's PKCS#7 Signed Data (for Authenticode Scenario)
+- //
+- if (!PKCS7_type_is_signed (Pkcs7)) {
+- goto _Exit;
+- }
+-
+- Stack = PKCS7_get0_signers(Pkcs7, NULL, PKCS7_BINARY);
+- if (Stack == NULL) {
+- goto _Exit;
+- }
+-
+- //
+- // Convert CertStack to buffer in following format:
+- // UINT8 CertNumber;
+- // UINT32 Cert1Length;
+- // UINT8 Cert1[];
+- // UINT32 Cert2Length;
+- // UINT8 Cert2[];
+- // ...
+- // UINT32 CertnLength;
+- // UINT8 Certn[];
+- //
+- BufferSize = sizeof (UINT8);
+- OldSize = BufferSize;
+-
+- for (Index = 0; ; Index++) {
+- Status = X509PopCertificate (Stack, &SingleCert, &SingleCertSize);
+- if (!Status) {
+- break;
+- }
+-
+- OldSize = BufferSize;
+- OldBuf = CertBuf;
+- BufferSize = OldSize + SingleCertSize + sizeof (UINT32);
+- CertBuf = malloc (BufferSize);
+-
+- if (CertBuf == NULL) {
+- goto _Exit;
+- }
+-
+- if (OldBuf != NULL) {
+- CopyMem (CertBuf, OldBuf, OldSize);
+- free (OldBuf);
+- OldBuf = NULL;
+- }
+-
+- WriteUnaligned32 ((UINT32 *) (CertBuf + OldSize), (UINT32) SingleCertSize);
+- CopyMem (CertBuf + OldSize + sizeof (UINT32), SingleCert, SingleCertSize);
+-
+- free (SingleCert);
+- SingleCert = NULL;
+- }
+-
+- if (CertBuf != NULL) {
+- //
+- // Update CertNumber.
+- //
+- CertBuf[0] = Index;
+-
+- *CertLength = BufferSize - OldSize - sizeof (UINT32);
+- *TrustedCert = malloc (*CertLength);
+- if (*TrustedCert == NULL) {
+- goto _Exit;
+- }
+-
+- CopyMem (*TrustedCert, CertBuf + OldSize + sizeof (UINT32), *CertLength);
+- *CertStack = CertBuf;
+- *StackLength = BufferSize;
+- Status = TRUE;
+- }
+-
+-_Exit:
+- //
+- // Release Resources
+- //
+- if (!Wrapped) {
+- free (SignedData);
+- }
+-
+- if (Pkcs7 != NULL) {
+- PKCS7_free (Pkcs7);
+- }
+-
+- if (Stack != NULL) {
+- sk_X509_pop_free(Stack, X509_free);
+- }
+-
+- if (SingleCert != NULL) {
+- free (SingleCert);
+- }
+-
+- if (!Status && (CertBuf != NULL)) {
+- free (CertBuf);
+- *CertStack = NULL;
+- }
+-
+- if (OldBuf != NULL) {
+- free (OldBuf);
+- }
+-
+- return Status;
+-}
+-
+-/**
+- Wrap function to use free() to free allocated memory for certificates.
+-
+- @param[in] Certs Pointer to the certificates to be freed.
+-
+-**/
+-VOID
+-EFIAPI
+-Pkcs7FreeSigners (
+- IN UINT8 *Certs
+- )
+-{
+- if (Certs == NULL) {
+- return;
+- }
+-
+- free (Certs);
+-}
+-
+-/**
+- Verifies the validility of a PKCS#7 signed data as described in "PKCS #7:
+- Cryptographic Message Syntax Standard". The input signed data could be wrapped
+- in a ContentInfo structure.
+-
+- If P7Data, TrustedCert or InData is NULL, then return FALSE.
+- If P7Length, CertLength or DataLength overflow, then return FAlSE.
+-
+- Caution: This function may receive untrusted input.
+- UEFI Authenticated Variable is external input, so this function will do basic
+- check for PKCS#7 data structure.
+-
+- @param[in] P7Data Pointer to the PKCS#7 message to verify.
+- @param[in] P7Length Length of the PKCS#7 message in bytes.
+- @param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which
+- is used for certificate chain verification.
+- @param[in] CertLength Length of the trusted certificate in bytes.
+- @param[in] InData Pointer to the content to be verified.
+- @param[in] DataLength Length of InData in bytes.
+-
+- @retval TRUE The specified PKCS#7 signed data is valid.
+- @retval FALSE Invalid PKCS#7 signed data.
+-
+-**/
+-BOOLEAN
+-EFIAPI
+-Pkcs7Verify (
+- IN CONST UINT8 *P7Data,
+- IN UINTN P7Length,
+- IN CONST UINT8 *TrustedCert,
+- IN UINTN CertLength,
+- IN CONST UINT8 *InData,
+- IN UINTN DataLength
+- )
+-{
+- PKCS7 *Pkcs7;
+- BIO *CertBio;
+- BIO *DataBio;
+- BOOLEAN Status;
+- X509 *Cert;
+- X509_STORE *CertStore;
+- UINT8 *SignedData;
+- UINT8 *Temp;
+- UINTN SignedDataSize;
+- BOOLEAN Wrapped;
+-
+- //
+- // Check input parameters.
+- //
+- if (P7Data == NULL || TrustedCert == NULL || InData == NULL ||
+- P7Length > INT_MAX || CertLength > INT_MAX || DataLength > INT_MAX) {
+- return FALSE;
+- }
+-
+- Pkcs7 = NULL;
+- CertBio = NULL;
+- DataBio = NULL;
+- Cert = NULL;
+- CertStore = NULL;
+-
+- //
+- // Register & Initialize necessary digest algorithms for PKCS#7 Handling
+- //
+- EVP_add_digest (EVP_md5());
+- EVP_add_digest (EVP_sha1());
+- EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA);
+- EVP_add_digest (EVP_sha256());
+-
+- Status = WrapPkcs7Data (P7Data, P7Length, &Wrapped, &SignedData, &SignedDataSize);
+- if (!Status) {
+- return Status;
+- }
+-
+- Status = FALSE;
+-
+- //
+- // Retrieve PKCS#7 Data (DER encoding)
+- //
+- if (SignedDataSize > INT_MAX) {
+- goto _Exit;
+- }
+-
+- Temp = SignedData;
+- Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **) &Temp, (int) SignedDataSize);
+- if (Pkcs7 == NULL) {
+- goto _Exit;
+- }
+-
+- //
+- // Check if it's PKCS#7 Signed Data (for Authenticode Scenario)
+- //
+- if (!PKCS7_type_is_signed (Pkcs7)) {
+- goto _Exit;
+- }
+-
+- //
+- // Read DER-encoded root certificate and Construct X509 Certificate
+- //
+- CertBio = BIO_new (BIO_s_mem ());
+- BIO_write (CertBio, TrustedCert, (int)CertLength);
+- if (CertBio == NULL) {
+- goto _Exit;
+- }
+- Cert = d2i_X509_bio (CertBio, NULL);
+- if (Cert == NULL) {
+- goto _Exit;
+- }
+-
+- //
+- // Setup X509 Store for trusted certificate
+- //
+- CertStore = X509_STORE_new ();
+- if (CertStore == NULL) {
+- goto _Exit;
+- }
+- if (!(X509_STORE_add_cert (CertStore, Cert))) {
+- goto _Exit;
+- }
+-
+- //
+- // Register customized X509 verification callback function to support
+- // trusted intermediate certificate anchor.
+- //
+- CertStore->verify_cb = X509VerifyCb;
+-
+- //
+- // For generic PKCS#7 handling, InData may be NULL if the content is present
+- // in PKCS#7 structure. So ignore NULL checking here.
+- //
+- DataBio = BIO_new (BIO_s_mem ());
+- BIO_write (DataBio, InData, (int)DataLength);
+-
+- //
+- // Verifies the PKCS#7 signedData structure
+- //
+- Status = (BOOLEAN) PKCS7_verify (Pkcs7, NULL, CertStore, DataBio, NULL, PKCS7_BINARY);
+-
+-_Exit:
+- //
+- // Release Resources
+- //
+- BIO_free (DataBio);
+- BIO_free (CertBio);
+- X509_free (Cert);
+- X509_STORE_free (CertStore);
+- PKCS7_free (Pkcs7);
+-
+- if (!Wrapped) {
+- OPENSSL_free (SignedData);
+- }
+-
+- return Status;
+-}
+diff --git a/Cryptlib/Pk/CryptPkcs7Sign.c b/Cryptlib/Pk/CryptPkcs7Sign.c +new file mode 100644 +index 0000000..63fe78f +--- /dev/null ++++ b/Cryptlib/Pk/CryptPkcs7Sign.c +@@ -0,0 +1,207 @@ ++/** @file
++ PKCS#7 SignedData Sign Wrapper Implementation over OpenSSL.
++
++Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
++This program and the accompanying materials
++are licensed and made available under the terms and conditions of the BSD License
++which accompanies this distribution. The full text of the license may be found at
++http://opensource.org/licenses/bsd-license.php
++
++THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
++WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
++
++**/
++
++#include "InternalCryptLib.h"
++
++#include <openssl/objects.h>
++#include <openssl/x509.h>
++#include <openssl/pkcs7.h>
++
++
++/**
++ Creates a PKCS#7 signedData as described in "PKCS #7: Cryptographic Message
++ Syntax Standard, version 1.5". This interface is only intended to be used for
++ application to perform PKCS#7 functionality validation.
++
++ @param[in] PrivateKey Pointer to the PEM-formatted private key data for
++ data signing.
++ @param[in] PrivateKeySize Size of the PEM private key data in bytes.
++ @param[in] KeyPassword NULL-terminated passphrase used for encrypted PEM
++ key data.
++ @param[in] InData Pointer to the content to be signed.
++ @param[in] InDataSize Size of InData in bytes.
++ @param[in] SignCert Pointer to signer's DER-encoded certificate to sign with.
++ @param[in] OtherCerts Pointer to an optional additional set of certificates to
++ include in the PKCS#7 signedData (e.g. any intermediate
++ CAs in the chain).
++ @param[out] SignedData Pointer to output PKCS#7 signedData.
++ @param[out] SignedDataSize Size of SignedData in bytes.
++
++ @retval TRUE PKCS#7 data signing succeeded.
++ @retval FALSE PKCS#7 data signing failed.
++
++**/
++BOOLEAN
++EFIAPI
++Pkcs7Sign (
++ IN CONST UINT8 *PrivateKey,
++ IN UINTN PrivateKeySize,
++ IN CONST UINT8 *KeyPassword,
++ IN UINT8 *InData,
++ IN UINTN InDataSize,
++ IN UINT8 *SignCert,
++ IN UINT8 *OtherCerts OPTIONAL,
++ OUT UINT8 **SignedData,
++ OUT UINTN *SignedDataSize
++ )
++{
++ BOOLEAN Status;
++ EVP_PKEY *Key;
++ BIO *DataBio;
++ PKCS7 *Pkcs7;
++ UINT8 *RsaContext;
++ UINT8 *P7Data;
++ UINTN P7DataSize;
++ UINT8 *Tmp;
++
++ //
++ // Check input parameters.
++ //
++ if (PrivateKey == NULL || KeyPassword == NULL || InData == NULL ||
++ SignCert == NULL || SignedData == NULL || SignedDataSize == NULL || InDataSize > INT_MAX) {
++ return FALSE;
++ }
++
++ RsaContext = NULL;
++ Key = NULL;
++ Pkcs7 = NULL;
++ DataBio = NULL;
++ Status = FALSE;
++
++ //
++ // Retrieve RSA private key from PEM data.
++ //
++ Status = RsaGetPrivateKeyFromPem (
++ PrivateKey,
++ PrivateKeySize,
++ (CONST CHAR8 *) KeyPassword,
++ (VOID **) &RsaContext
++ );
++ if (!Status) {
++ return Status;
++ }
++
++ Status = FALSE;
++
++ //
++ // Register & Initialize necessary digest algorithms and PRNG for PKCS#7 Handling
++ //
++ if (EVP_add_digest (EVP_md5 ()) == 0) {
++ goto _Exit;
++ }
++ if (EVP_add_digest (EVP_sha1 ()) == 0) {
++ goto _Exit;
++ }
++ if (EVP_add_digest (EVP_sha256 ()) == 0) {
++ goto _Exit;
++ }
++
++ RandomSeed (NULL, 0);
++
++ //
++ // Construct OpenSSL EVP_PKEY for private key.
++ //
++ Key = EVP_PKEY_new ();
++ if (Key == NULL) {
++ goto _Exit;
++ }
++ Key->save_type = EVP_PKEY_RSA;
++ Key->type = EVP_PKEY_type (EVP_PKEY_RSA);
++ Key->pkey.rsa = (RSA *) RsaContext;
++
++ //
++ // Convert the data to be signed to BIO format.
++ //
++ DataBio = BIO_new (BIO_s_mem ());
++ if (DataBio == NULL) {
++ goto _Exit;
++ }
++
++ if (BIO_write (DataBio, InData, (int) InDataSize) <= 0) {
++ goto _Exit;
++ }
++
++ //
++ // Create the PKCS#7 signedData structure.
++ //
++ Pkcs7 = PKCS7_sign (
++ (X509 *) SignCert,
++ Key,
++ (STACK_OF(X509) *) OtherCerts,
++ DataBio,
++ PKCS7_BINARY | PKCS7_NOATTR | PKCS7_DETACHED
++ );
++ if (Pkcs7 == NULL) {
++ goto _Exit;
++ }
++
++ //
++ // Convert PKCS#7 signedData structure into DER-encoded buffer.
++ //
++ P7DataSize = i2d_PKCS7 (Pkcs7, NULL);
++ if (P7DataSize <= 19) {
++ goto _Exit;
++ }
++
++ P7Data = malloc (P7DataSize);
++ if (P7Data == NULL) {
++ goto _Exit;
++ }
++
++ Tmp = P7Data;
++ P7DataSize = i2d_PKCS7 (Pkcs7, (unsigned char **) &Tmp);
++ ASSERT (P7DataSize > 19);
++
++ //
++ // Strip ContentInfo to content only for signeddata. The data be trimmed off
++ // is totally 19 bytes.
++ //
++ *SignedDataSize = P7DataSize - 19;
++ *SignedData = malloc (*SignedDataSize);
++ if (*SignedData == NULL) {
++ OPENSSL_free (P7Data);
++ goto _Exit;
++ }
++
++ CopyMem (*SignedData, P7Data + 19, *SignedDataSize);
++
++ OPENSSL_free (P7Data);
++
++ Status = TRUE;
++
++_Exit:
++ //
++ // Release Resources
++ //
++ if (RsaContext != NULL) {
++ RsaFree (RsaContext);
++ if (Key != NULL) {
++ Key->pkey.rsa = NULL;
++ }
++ }
++
++ if (Key != NULL) {
++ EVP_PKEY_free (Key);
++ }
++
++ if (DataBio != NULL) {
++ BIO_free (DataBio);
++ }
++
++ if (Pkcs7 != NULL) {
++ PKCS7_free (Pkcs7);
++ }
++
++ return Status;
++}
+diff --git a/Cryptlib/Pk/CryptPkcs7SignNull.c b/Cryptlib/Pk/CryptPkcs7SignNull.c +new file mode 100644 +index 0000000..539bb6b +--- /dev/null ++++ b/Cryptlib/Pk/CryptPkcs7SignNull.c +@@ -0,0 +1,59 @@ ++/** @file
++ PKCS#7 SignedData Sign Wrapper Implementation which does not provide real
++ capabilities.
++
++Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
++This program and the accompanying materials
++are licensed and made available under the terms and conditions of the BSD License
++which accompanies this distribution. The full text of the license may be found at
++http://opensource.org/licenses/bsd-license.php
++
++THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
++WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
++
++**/
++
++#include "InternalCryptLib.h"
++
++/**
++ Creates a PKCS#7 signedData as described in "PKCS #7: Cryptographic Message
++ Syntax Standard, version 1.5". This interface is only intended to be used for
++ application to perform PKCS#7 functionality validation.
++
++ Return FALSE to indicate this interface is not supported.
++
++ @param[in] PrivateKey Pointer to the PEM-formatted private key data for
++ data signing.
++ @param[in] PrivateKeySize Size of the PEM private key data in bytes.
++ @param[in] KeyPassword NULL-terminated passphrase used for encrypted PEM
++ key data.
++ @param[in] InData Pointer to the content to be signed.
++ @param[in] InDataSize Size of InData in bytes.
++ @param[in] SignCert Pointer to signer's DER-encoded certificate to sign with.
++ @param[in] OtherCerts Pointer to an optional additional set of certificates to
++ include in the PKCS#7 signedData (e.g. any intermediate
++ CAs in the chain).
++ @param[out] SignedData Pointer to output PKCS#7 signedData.
++ @param[out] SignedDataSize Size of SignedData in bytes.
++
++ @retval FALSE This interface is not supported.
++
++**/
++BOOLEAN
++EFIAPI
++Pkcs7Sign (
++ IN CONST UINT8 *PrivateKey,
++ IN UINTN PrivateKeySize,
++ IN CONST UINT8 *KeyPassword,
++ IN UINT8 *InData,
++ IN UINTN InDataSize,
++ IN UINT8 *SignCert,
++ IN UINT8 *OtherCerts OPTIONAL,
++ OUT UINT8 **SignedData,
++ OUT UINTN *SignedDataSize
++ )
++{
++ ASSERT (FALSE);
++ return FALSE;
++}
++
+diff --git a/Cryptlib/Pk/CryptPkcs7Verify.c b/Cryptlib/Pk/CryptPkcs7Verify.c +new file mode 100644 +index 0000000..05c3f87 +--- /dev/null ++++ b/Cryptlib/Pk/CryptPkcs7Verify.c +@@ -0,0 +1,677 @@ ++/** @file
++ PKCS#7 SignedData Verification Wrapper Implementation over OpenSSL.
++
++ Caution: This module requires additional review when modified.
++ This library will have external input - signature (e.g. UEFI Authenticated
++ Variable). It may by input in SMM mode.
++ This external input must be validated carefully to avoid security issue like
++ buffer overflow, integer overflow.
++
++ WrapPkcs7Data(), Pkcs7GetSigners(), Pkcs7Verify() will get UEFI Authenticated
++ Variable and will do basic check for data structure.
++
++Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
++This program and the accompanying materials
++are licensed and made available under the terms and conditions of the BSD License
++which accompanies this distribution. The full text of the license may be found at
++http://opensource.org/licenses/bsd-license.php
++
++THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
++WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
++
++**/
++
++#include "InternalCryptLib.h"
++
++#include <openssl/objects.h>
++#include <openssl/x509.h>
++#include <openssl/x509v3.h>
++#include <openssl/pkcs7.h>
++
++UINT8 mOidValue[9] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02 };
++
++/**
++ Verification callback function to override any existing callbacks in OpenSSL
++ for intermediate certificate supports.
++
++ @param[in] Status Original status before calling this callback.
++ @param[in] Context X509 store context.
++
++ @retval 1 Current X509 certificate is verified successfully.
++ @retval 0 Verification failed.
++
++**/
++int
++X509VerifyCb (
++ IN int Status,
++ IN X509_STORE_CTX *Context
++ )
++{
++ X509_OBJECT *Obj;
++ INTN Error;
++ INTN Index;
++ INTN Count;
++
++ Obj = NULL;
++ Error = (INTN) X509_STORE_CTX_get_error (Context);
++
++ //
++ // X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT and X509_V_ERR_UNABLE_TO_GET_ISSUER_
++ // CERT_LOCALLY mean a X509 certificate is not self signed and its issuer
++ // can not be found in X509_verify_cert of X509_vfy.c.
++ // In order to support intermediate certificate node, we override the
++ // errors if the certification is obtained from X509 store, i.e. it is
++ // a trusted ceritifcate node that is enrolled by user.
++ // Besides,X509_V_ERR_CERT_UNTRUSTED and X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE
++ // are also ignored to enable such feature.
++ //
++ if ((Error == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT) ||
++ (Error == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY)) {
++ Obj = (X509_OBJECT *) malloc (sizeof (X509_OBJECT));
++ if (Obj == NULL) {
++ return 0;
++ }
++
++ Obj->type = X509_LU_X509;
++ Obj->data.x509 = Context->current_cert;
++
++ CRYPTO_w_lock (CRYPTO_LOCK_X509_STORE);
++
++ if (X509_OBJECT_retrieve_match (Context->ctx->objs, Obj)) {
++ Status = 1;
++ } else {
++ //
++ // If any certificate in the chain is enrolled as trusted certificate,
++ // pass the certificate verification.
++ //
++ if (Error == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY) {
++ Count = (INTN) sk_X509_num (Context->chain);
++ for (Index = 0; Index < Count; Index++) {
++ Obj->data.x509 = sk_X509_value (Context->chain, (int) Index);
++ if (X509_OBJECT_retrieve_match (Context->ctx->objs, Obj)) {
++ Status = 1;
++ break;
++ }
++ }
++ }
++ }
++
++ CRYPTO_w_unlock (CRYPTO_LOCK_X509_STORE);
++ }
++
++ if ((Error == X509_V_ERR_CERT_UNTRUSTED) ||
++ (Error == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE)) {
++ Status = 1;
++ }
++
++ if (Obj != NULL) {
++ OPENSSL_free (Obj);
++ }
++
++ return Status;
++}
++
++/**
++ Check input P7Data is a wrapped ContentInfo structure or not. If not construct
++ a new structure to wrap P7Data.
++
++ Caution: This function may receive untrusted input.
++ UEFI Authenticated Variable is external input, so this function will do basic
++ check for PKCS#7 data structure.
++
++ @param[in] P7Data Pointer to the PKCS#7 message to verify.
++ @param[in] P7Length Length of the PKCS#7 message in bytes.
++ @param[out] WrapFlag If TRUE P7Data is a ContentInfo structure, otherwise
++ return FALSE.
++ @param[out] WrapData If return status of this function is TRUE:
++ 1) when WrapFlag is TRUE, pointer to P7Data.
++ 2) when WrapFlag is FALSE, pointer to a new ContentInfo
++ structure. It's caller's responsibility to free this
++ buffer.
++ @param[out] WrapDataSize Length of ContentInfo structure in bytes.
++
++ @retval TRUE The operation is finished successfully.
++ @retval FALSE The operation is failed due to lack of resources.
++
++**/
++BOOLEAN
++WrapPkcs7Data (
++ IN CONST UINT8 *P7Data,
++ IN UINTN P7Length,
++ OUT BOOLEAN *WrapFlag,
++ OUT UINT8 **WrapData,
++ OUT UINTN *WrapDataSize
++ )
++{
++ BOOLEAN Wrapped;
++ UINT8 *SignedData;
++
++ //
++ // Check whether input P7Data is a wrapped ContentInfo structure or not.
++ //
++ Wrapped = FALSE;
++ if ((P7Data[4] == 0x06) && (P7Data[5] == 0x09)) {
++ if (CompareMem (P7Data + 6, mOidValue, sizeof (mOidValue)) == 0) {
++ if ((P7Data[15] == 0xA0) && (P7Data[16] == 0x82)) {
++ Wrapped = TRUE;
++ }
++ }
++ }
++
++ if (Wrapped) {
++ *WrapData = (UINT8 *) P7Data;
++ *WrapDataSize = P7Length;
++ } else {
++ //
++ // Wrap PKCS#7 signeddata to a ContentInfo structure - add a header in 19 bytes.
++ //
++ *WrapDataSize = P7Length + 19;
++ *WrapData = malloc (*WrapDataSize);
++ if (*WrapData == NULL) {
++ *WrapFlag = Wrapped;
++ return FALSE;
++ }
++
++ SignedData = *WrapData;
++
++ //
++ // Part1: 0x30, 0x82.
++ //
++ SignedData[0] = 0x30;
++ SignedData[1] = 0x82;
++
++ //
++ // Part2: Length1 = P7Length + 19 - 4, in big endian.
++ //
++ SignedData[2] = (UINT8) (((UINT16) (*WrapDataSize - 4)) >> 8);
++ SignedData[3] = (UINT8) (((UINT16) (*WrapDataSize - 4)) & 0xff);
++
++ //
++ // Part3: 0x06, 0x09.
++ //
++ SignedData[4] = 0x06;
++ SignedData[5] = 0x09;
++
++ //
++ // Part4: OID value -- 0x2A 0x86 0x48 0x86 0xF7 0x0D 0x01 0x07 0x02.
++ //
++ CopyMem (SignedData + 6, mOidValue, sizeof (mOidValue));
++
++ //
++ // Part5: 0xA0, 0x82.
++ //
++ SignedData[15] = 0xA0;
++ SignedData[16] = 0x82;
++
++ //
++ // Part6: Length2 = P7Length, in big endian.
++ //
++ SignedData[17] = (UINT8) (((UINT16) P7Length) >> 8);
++ SignedData[18] = (UINT8) (((UINT16) P7Length) & 0xff);
++
++ //
++ // Part7: P7Data.
++ //
++ CopyMem (SignedData + 19, P7Data, P7Length);
++ }
++
++ *WrapFlag = Wrapped;
++ return TRUE;
++}
++
++/**
++ Pop single certificate from STACK_OF(X509).
++
++ If X509Stack, Cert, or CertSize is NULL, then return FALSE.
++
++ @param[in] X509Stack Pointer to a X509 stack object.
++ @param[out] Cert Pointer to a X509 certificate.
++ @param[out] CertSize Length of output X509 certificate in bytes.
++
++ @retval TRUE The X509 stack pop succeeded.
++ @retval FALSE The pop operation failed.
++
++**/
++BOOLEAN
++X509PopCertificate (
++ IN VOID *X509Stack,
++ OUT UINT8 **Cert,
++ OUT UINTN *CertSize
++ )
++{
++ BIO *CertBio;
++ X509 *X509Cert;
++ STACK_OF(X509) *CertStack;
++ BOOLEAN Status;
++ INT32 Result;
++ INT32 Length;
++ VOID *Buffer;
++
++ Status = FALSE;
++
++ if ((X509Stack == NULL) || (Cert == NULL) || (CertSize == NULL)) {
++ return Status;
++ }
++
++ CertStack = (STACK_OF(X509) *) X509Stack;
++
++ X509Cert = sk_X509_pop (CertStack);
++
++ if (X509Cert == NULL) {
++ return Status;
++ }
++
++ Buffer = NULL;
++
++ CertBio = BIO_new (BIO_s_mem ());
++ if (CertBio == NULL) {
++ return Status;
++ }
++
++ Result = i2d_X509_bio (CertBio, X509Cert);
++ if (Result == 0) {
++ goto _Exit;
++ }
++
++ Length = ((BUF_MEM *) CertBio->ptr)->length;
++ if (Length <= 0) {
++ goto _Exit;
++ }
++
++ Buffer = malloc (Length);
++ if (Buffer == NULL) {
++ goto _Exit;
++ }
++
++ Result = BIO_read (CertBio, Buffer, Length);
++ if (Result != Length) {
++ goto _Exit;
++ }
++
++ *Cert = Buffer;
++ *CertSize = Length;
++
++ Status = TRUE;
++
++_Exit:
++
++ BIO_free (CertBio);
++
++ if (!Status && (Buffer != NULL)) {
++ free (Buffer);
++ }
++
++ return Status;
++}
++
++/**
++ Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7:
++ Cryptographic Message Syntax Standard". The input signed data could be wrapped
++ in a ContentInfo structure.
++
++ If P7Data, CertStack, StackLength, TrustedCert or CertLength is NULL, then
++ return FALSE. If P7Length overflow, then return FAlSE.
++
++ Caution: This function may receive untrusted input.
++ UEFI Authenticated Variable is external input, so this function will do basic
++ check for PKCS#7 data structure.
++
++ @param[in] P7Data Pointer to the PKCS#7 message to verify.
++ @param[in] P7Length Length of the PKCS#7 message in bytes.
++ @param[out] CertStack Pointer to Signer's certificates retrieved from P7Data.
++ It's caller's responsiblity to free the buffer.
++ @param[out] StackLength Length of signer's certificates in bytes.
++ @param[out] TrustedCert Pointer to a trusted certificate from Signer's certificates.
++ It's caller's responsiblity to free the buffer.
++ @param[out] CertLength Length of the trusted certificate in bytes.
++
++ @retval TRUE The operation is finished successfully.
++ @retval FALSE Error occurs during the operation.
++
++**/
++BOOLEAN
++EFIAPI
++Pkcs7GetSigners (
++ IN CONST UINT8 *P7Data,
++ IN UINTN P7Length,
++ OUT UINT8 **CertStack,
++ OUT UINTN *StackLength,
++ OUT UINT8 **TrustedCert,
++ OUT UINTN *CertLength
++ )
++{
++ PKCS7 *Pkcs7;
++ BOOLEAN Status;
++ UINT8 *SignedData;
++ UINT8 *Temp;
++ UINTN SignedDataSize;
++ BOOLEAN Wrapped;
++ STACK_OF(X509) *Stack;
++ UINT8 Index;
++ UINT8 *CertBuf;
++ UINT8 *OldBuf;
++ UINTN BufferSize;
++ UINTN OldSize;
++ UINT8 *SingleCert;
++ UINTN SingleCertSize;
++
++ if ((P7Data == NULL) || (CertStack == NULL) || (StackLength == NULL) ||
++ (TrustedCert == NULL) || (CertLength == NULL) || (P7Length > INT_MAX)) {
++ return FALSE;
++ }
++
++ Status = WrapPkcs7Data (P7Data, P7Length, &Wrapped, &SignedData, &SignedDataSize);
++ if (!Status) {
++ return Status;
++ }
++
++ Status = FALSE;
++ Pkcs7 = NULL;
++ Stack = NULL;
++ CertBuf = NULL;
++ OldBuf = NULL;
++ SingleCert = NULL;
++
++ //
++ // Retrieve PKCS#7 Data (DER encoding)
++ //
++ if (SignedDataSize > INT_MAX) {
++ goto _Exit;
++ }
++
++ Temp = SignedData;
++ Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **) &Temp, (int) SignedDataSize);
++ if (Pkcs7 == NULL) {
++ goto _Exit;
++ }
++
++ //
++ // Check if it's PKCS#7 Signed Data (for Authenticode Scenario)
++ //
++ if (!PKCS7_type_is_signed (Pkcs7)) {
++ goto _Exit;
++ }
++
++ Stack = PKCS7_get0_signers(Pkcs7, NULL, PKCS7_BINARY);
++ if (Stack == NULL) {
++ goto _Exit;
++ }
++
++ //
++ // Convert CertStack to buffer in following format:
++ // UINT8 CertNumber;
++ // UINT32 Cert1Length;
++ // UINT8 Cert1[];
++ // UINT32 Cert2Length;
++ // UINT8 Cert2[];
++ // ...
++ // UINT32 CertnLength;
++ // UINT8 Certn[];
++ //
++ BufferSize = sizeof (UINT8);
++ OldSize = BufferSize;
++
++ for (Index = 0; ; Index++) {
++ Status = X509PopCertificate (Stack, &SingleCert, &SingleCertSize);
++ if (!Status) {
++ break;
++ }
++
++ OldSize = BufferSize;
++ OldBuf = CertBuf;
++ BufferSize = OldSize + SingleCertSize + sizeof (UINT32);
++ CertBuf = malloc (BufferSize);
++
++ if (CertBuf == NULL) {
++ goto _Exit;
++ }
++
++ if (OldBuf != NULL) {
++ CopyMem (CertBuf, OldBuf, OldSize);
++ free (OldBuf);
++ OldBuf = NULL;
++ }
++
++ WriteUnaligned32 ((UINT32 *) (CertBuf + OldSize), (UINT32) SingleCertSize);
++ CopyMem (CertBuf + OldSize + sizeof (UINT32), SingleCert, SingleCertSize);
++
++ free (SingleCert);
++ SingleCert = NULL;
++ }
++
++ if (CertBuf != NULL) {
++ //
++ // Update CertNumber.
++ //
++ CertBuf[0] = Index;
++
++ *CertLength = BufferSize - OldSize - sizeof (UINT32);
++ *TrustedCert = malloc (*CertLength);
++ if (*TrustedCert == NULL) {
++ goto _Exit;
++ }
++
++ CopyMem (*TrustedCert, CertBuf + OldSize + sizeof (UINT32), *CertLength);
++ *CertStack = CertBuf;
++ *StackLength = BufferSize;
++ Status = TRUE;
++ }
++
++_Exit:
++ //
++ // Release Resources
++ //
++ if (!Wrapped) {
++ free (SignedData);
++ }
++
++ if (Pkcs7 != NULL) {
++ PKCS7_free (Pkcs7);
++ }
++
++ if (Stack != NULL) {
++ sk_X509_pop_free(Stack, X509_free);
++ }
++
++ if (SingleCert != NULL) {
++ free (SingleCert);
++ }
++
++ if (!Status && (CertBuf != NULL)) {
++ free (CertBuf);
++ *CertStack = NULL;
++ }
++
++ if (OldBuf != NULL) {
++ free (OldBuf);
++ }
++
++ return Status;
++}
++
++/**
++ Wrap function to use free() to free allocated memory for certificates.
++
++ @param[in] Certs Pointer to the certificates to be freed.
++
++**/
++VOID
++EFIAPI
++Pkcs7FreeSigners (
++ IN UINT8 *Certs
++ )
++{
++ if (Certs == NULL) {
++ return;
++ }
++
++ free (Certs);
++}
++
++/**
++ Verifies the validility of a PKCS#7 signed data as described in "PKCS #7:
++ Cryptographic Message Syntax Standard". The input signed data could be wrapped
++ in a ContentInfo structure.
++
++ If P7Data, TrustedCert or InData is NULL, then return FALSE.
++ If P7Length, CertLength or DataLength overflow, then return FAlSE.
++
++ Caution: This function may receive untrusted input.
++ UEFI Authenticated Variable is external input, so this function will do basic
++ check for PKCS#7 data structure.
++
++ @param[in] P7Data Pointer to the PKCS#7 message to verify.
++ @param[in] P7Length Length of the PKCS#7 message in bytes.
++ @param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which
++ is used for certificate chain verification.
++ @param[in] CertLength Length of the trusted certificate in bytes.
++ @param[in] InData Pointer to the content to be verified.
++ @param[in] DataLength Length of InData in bytes.
++
++ @retval TRUE The specified PKCS#7 signed data is valid.
++ @retval FALSE Invalid PKCS#7 signed data.
++
++**/
++BOOLEAN
++EFIAPI
++Pkcs7Verify (
++ IN CONST UINT8 *P7Data,
++ IN UINTN P7Length,
++ IN CONST UINT8 *TrustedCert,
++ IN UINTN CertLength,
++ IN CONST UINT8 *InData,
++ IN UINTN DataLength
++ )
++{
++ PKCS7 *Pkcs7;
++ BIO *DataBio;
++ BOOLEAN Status;
++ X509 *Cert;
++ X509_STORE *CertStore;
++ UINT8 *SignedData;
++ UINT8 *Temp;
++ UINTN SignedDataSize;
++ BOOLEAN Wrapped;
++
++ //
++ // Check input parameters.
++ //
++ if (P7Data == NULL || TrustedCert == NULL || InData == NULL ||
++ P7Length > INT_MAX || CertLength > INT_MAX || DataLength > INT_MAX) {
++ return FALSE;
++ }
++
++ Pkcs7 = NULL;
++ DataBio = NULL;
++ Cert = NULL;
++ CertStore = NULL;
++
++ //
++ // Register & Initialize necessary digest algorithms for PKCS#7 Handling
++ //
++ if (EVP_add_digest (EVP_md5 ()) == 0) {
++ return FALSE;
++ }
++ if (EVP_add_digest (EVP_sha1 ()) == 0) {
++ return FALSE;
++ }
++ if (EVP_add_digest (EVP_sha256 ()) == 0) {
++ return FALSE;
++ }
++ if (EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA) == 0) {
++ return FALSE;
++ }
++
++
++ Status = WrapPkcs7Data (P7Data, P7Length, &Wrapped, &SignedData, &SignedDataSize);
++ if (!Status) {
++ return Status;
++ }
++
++ Status = FALSE;
++
++ //
++ // Retrieve PKCS#7 Data (DER encoding)
++ //
++ if (SignedDataSize > INT_MAX) {
++ goto _Exit;
++ }
++
++ Temp = SignedData;
++ Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **) &Temp, (int) SignedDataSize);
++ if (Pkcs7 == NULL) {
++ goto _Exit;
++ }
++
++ //
++ // Check if it's PKCS#7 Signed Data (for Authenticode Scenario)
++ //
++ if (!PKCS7_type_is_signed (Pkcs7)) {
++ goto _Exit;
++ }
++
++ //
++ // Read DER-encoded root certificate and Construct X509 Certificate
++ //
++ Cert = d2i_X509 (NULL, &TrustedCert, (long) CertLength);
++ if (Cert == NULL) {
++ goto _Exit;
++ }
++
++ //
++ // Setup X509 Store for trusted certificate
++ //
++ CertStore = X509_STORE_new ();
++ if (CertStore == NULL) {
++ goto _Exit;
++ }
++ if (!(X509_STORE_add_cert (CertStore, Cert))) {
++ goto _Exit;
++ }
++
++ //
++ // Register customized X509 verification callback function to support
++ // trusted intermediate certificate anchor.
++ //
++ CertStore->verify_cb = X509VerifyCb;
++
++ //
++ // For generic PKCS#7 handling, InData may be NULL if the content is present
++ // in PKCS#7 structure. So ignore NULL checking here.
++ //
++ DataBio = BIO_new (BIO_s_mem ());
++ if (DataBio == NULL) {
++ goto _Exit;
++ }
++
++ if (BIO_write (DataBio, InData, (int) DataLength) <= 0) {
++ goto _Exit;
++ }
++
++ //
++ // OpenSSL PKCS7 Verification by default checks for SMIME (email signing) and
++ // doesn't support the extended key usage for Authenticode Code Signing.
++ // Bypass the certificate purpose checking by enabling any purposes setting.
++ //
++ X509_STORE_set_purpose (CertStore, X509_PURPOSE_ANY);
++
++ //
++ // Verifies the PKCS#7 signedData structure
++ //
++ Status = (BOOLEAN) PKCS7_verify (Pkcs7, NULL, CertStore, DataBio, NULL, PKCS7_BINARY);
++
++_Exit:
++ //
++ // Release Resources
++ //
++ BIO_free (DataBio);
++ X509_free (Cert);
++ X509_STORE_free (CertStore);
++ PKCS7_free (Pkcs7);
++
++ if (!Wrapped) {
++ OPENSSL_free (SignedData);
++ }
++
++ return Status;
++}
+diff --git a/Cryptlib/Pk/CryptPkcs7VerifyNull.c b/Cryptlib/Pk/CryptPkcs7VerifyNull.c +new file mode 100644 +index 0000000..9a4c77a +--- /dev/null ++++ b/Cryptlib/Pk/CryptPkcs7VerifyNull.c +@@ -0,0 +1,100 @@ ++/** @file
++ PKCS#7 SignedData Verification Wrapper Implementation which does not provide
++ real capabilities.
++
++Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
++This program and the accompanying materials
++are licensed and made available under the terms and conditions of the BSD License
++which accompanies this distribution. The full text of the license may be found at
++http://opensource.org/licenses/bsd-license.php
++
++THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
++WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
++
++**/
++
++#include "InternalCryptLib.h"
++
++/**
++ Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7:
++ Cryptographic Message Syntax Standard". The input signed data could be wrapped
++ in a ContentInfo structure.
++
++ Return FALSE to indicate this interface is not supported.
++
++ @param[in] P7Data Pointer to the PKCS#7 message to verify.
++ @param[in] P7Length Length of the PKCS#7 message in bytes.
++ @param[out] CertStack Pointer to Signer's certificates retrieved from P7Data.
++ It's caller's responsiblity to free the buffer.
++ @param[out] StackLength Length of signer's certificates in bytes.
++ @param[out] TrustedCert Pointer to a trusted certificate from Signer's certificates.
++ It's caller's responsiblity to free the buffer.
++ @param[out] CertLength Length of the trusted certificate in bytes.
++
++ @retval FALSE This interface is not supported.
++
++**/
++BOOLEAN
++EFIAPI
++Pkcs7GetSigners (
++ IN CONST UINT8 *P7Data,
++ IN UINTN P7Length,
++ OUT UINT8 **CertStack,
++ OUT UINTN *StackLength,
++ OUT UINT8 **TrustedCert,
++ OUT UINTN *CertLength
++ )
++{
++ ASSERT (FALSE);
++ return FALSE;
++}
++
++/**
++ Wrap function to use free() to free allocated memory for certificates.
++
++ If the interface is not supported, then ASSERT().
++
++ @param[in] Certs Pointer to the certificates to be freed.
++
++**/
++VOID
++EFIAPI
++Pkcs7FreeSigners (
++ IN UINT8 *Certs
++ )
++{
++ ASSERT (FALSE);
++}
++
++/**
++ Verifies the validility of a PKCS#7 signed data as described in "PKCS #7:
++ Cryptographic Message Syntax Standard". The input signed data could be wrapped
++ in a ContentInfo structure.
++
++ Return FALSE to indicate this interface is not supported.
++
++ @param[in] P7Data Pointer to the PKCS#7 message to verify.
++ @param[in] P7Length Length of the PKCS#7 message in bytes.
++ @param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which
++ is used for certificate chain verification.
++ @param[in] CertLength Length of the trusted certificate in bytes.
++ @param[in] InData Pointer to the content to be verified.
++ @param[in] DataLength Length of InData in bytes.
++
++ @retval FALSE This interface is not supported.
++
++**/
++BOOLEAN
++EFIAPI
++Pkcs7Verify (
++ IN CONST UINT8 *P7Data,
++ IN UINTN P7Length,
++ IN CONST UINT8 *TrustedCert,
++ IN UINTN CertLength,
++ IN CONST UINT8 *InData,
++ IN UINTN DataLength
++ )
++{
++ ASSERT (FALSE);
++ return FALSE;
++}
+diff --git a/Cryptlib/Pk/CryptRsaExtNull.c b/Cryptlib/Pk/CryptRsaExtNull.c +new file mode 100644 +index 0000000..e44cdde +--- /dev/null ++++ b/Cryptlib/Pk/CryptRsaExtNull.c +@@ -0,0 +1,125 @@ ++/** @file
++ RSA Asymmetric Cipher Wrapper Implementation over OpenSSL.
++
++ This file does not provide real capabilities for following APIs in RSA handling:
++ 1) RsaGetKey
++ 2) RsaGenerateKey
++ 3) RsaCheckKey
++ 4) RsaPkcs1Sign
++
++Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
++This program and the accompanying materials
++are licensed and made available under the terms and conditions of the BSD License
++which accompanies this distribution. The full text of the license may be found at
++http://opensource.org/licenses/bsd-license.php
++
++THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
++WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
++
++**/
++
++#include "InternalCryptLib.h"
++
++/**
++ Gets the tag-designated RSA key component from the established RSA context.
++
++ Return FALSE to indicate this interface is not supported.
++
++ @param[in, out] RsaContext Pointer to RSA context being set.
++ @param[in] KeyTag Tag of RSA key component being set.
++ @param[out] BigNumber Pointer to octet integer buffer.
++ @param[in, out] BnSize On input, the size of big number buffer in bytes.
++ On output, the size of data returned in big number buffer in bytes.
++
++ @retval FALSE This interface is not supported.
++
++**/
++BOOLEAN
++EFIAPI
++RsaGetKey (
++ IN OUT VOID *RsaContext,
++ IN RSA_KEY_TAG KeyTag,
++ OUT UINT8 *BigNumber,
++ IN OUT UINTN *BnSize
++ )
++{
++ ASSERT (FALSE);
++ return FALSE;
++}
++
++/**
++ Generates RSA key components.
++
++ Return FALSE to indicate this interface is not supported.
++
++ @param[in, out] RsaContext Pointer to RSA context being set.
++ @param[in] ModulusLength Length of RSA modulus N in bits.
++ @param[in] PublicExponent Pointer to RSA public exponent.
++ @param[in] PublicExponentSize Size of RSA public exponent buffer in bytes.
++
++ @retval FALSE This interface is not supported.
++
++**/
++BOOLEAN
++EFIAPI
++RsaGenerateKey (
++ IN OUT VOID *RsaContext,
++ IN UINTN ModulusLength,
++ IN CONST UINT8 *PublicExponent,
++ IN UINTN PublicExponentSize
++ )
++{
++ ASSERT (FALSE);
++ return FALSE;
++}
++
++/**
++ Validates key components of RSA context.
++
++ Return FALSE to indicate this interface is not supported.
++
++ @param[in] RsaContext Pointer to RSA context to check.
++
++ @retval FALSE This interface is not supported.
++
++**/
++BOOLEAN
++EFIAPI
++RsaCheckKey (
++ IN VOID *RsaContext
++ )
++{
++ ASSERT (FALSE);
++ return FALSE;
++}
++
++/**
++ Carries out the RSA-SSA signature generation with EMSA-PKCS1-v1_5 encoding scheme.
++
++ Return FALSE to indicate this interface is not supported.
++
++ @param[in] RsaContext Pointer to RSA context for signature generation.
++ @param[in] MessageHash Pointer to octet message hash to be signed.
++ @param[in] HashSize Size of the message hash in bytes.
++ @param[out] Signature Pointer to buffer to receive RSA PKCS1-v1_5 signature.
++ @param[in, out] SigSize On input, the size of Signature buffer in bytes.
++ On output, the size of data returned in Signature buffer in bytes.
++
++ @retval FALSE This interface is not supported.
++
++**/
++BOOLEAN
++EFIAPI
++RsaPkcs1Sign (
++ IN VOID *RsaContext,
++ IN CONST UINT8 *MessageHash,
++ IN UINTN HashSize,
++ OUT UINT8 *Signature,
++ IN OUT UINTN *SigSize
++ )
++{
++ ASSERT (FALSE);
++ return FALSE;
++}
++
++
+diff --git a/Cryptlib/Rand/CryptRand.c b/Cryptlib/Rand/CryptRand.c +index dc3ab99..895ce83 100644 +--- a/Cryptlib/Rand/CryptRand.c ++++ b/Cryptlib/Rand/CryptRand.c +@@ -1,7 +1,7 @@ + /** @file
+ Pseudorandom Number Generator Wrapper Implementation over OpenSSL.
+
+-Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
++Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR>
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+@@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +
+ #include "InternalCryptLib.h"
+ #include <openssl/rand.h>
++#include <openssl/evp.h>
+
+ //
+ // Default seed for UEFI Crypto Library
+@@ -48,6 +49,14 @@ RandomSeed ( + }
+
+ //
++ // The software PRNG implementation built in OpenSSL depends on message digest algorithm.
++ // Make sure SHA-1 digest algorithm is available here.
++ //
++ if (EVP_add_digest (EVP_sha1 ()) == 0) {
++ return FALSE;
++ }
++
++ //
+ // Seed the pseudorandom number generator with user-supplied value.
+ // NOTE: A cryptographic PRNG must be seeded with unpredictable data.
+ //
+diff --git a/Cryptlib/update.sh b/Cryptlib/update.sh +index 96bbece..57b6631 100755 +--- a/Cryptlib/update.sh ++++ b/Cryptlib/update.sh +@@ -13,8 +13,13 @@ cp $DIR/Cipher/CryptAes.c Cipher/CryptAes.c + cp $DIR/Cipher/CryptTdes.c Cipher/CryptTdes.c + cp $DIR/Cipher/CryptArc4.c Cipher/CryptArc4.c + cp $DIR/Rand/CryptRand.c Rand/CryptRand.c +-cp $DIR/Pk/CryptRsa.c Pk/CryptRsa.c +-cp $DIR/Pk/CryptPkcs7.c Pk/CryptPkcs7.c ++cp $DIR/Pk/CryptRsaBasic.c Pk/CryptRsaBasic.c ++cp $DIR/Pk/CryptRsaExt.c Pk/CryptRsaExt.c ++cp $DIR/Pk/CryptRsaExtNull.c Pk/CryptRsaExtNull.c ++cp $DIR/Pk/CryptPkcs7Sign.c Pk/CryptPkcs7Sign.c ++cp $DIR/Pk/CryptPkcs7SignNull.c Pk/CryptPkcs7SignNull.c ++cp $DIR/Pk/CryptPkcs7Verify.c Pk/CryptPkcs7Verify.c ++cp $DIR/Pk/CryptPkcs7VerifyNull.c Pk/CryptPkcs7VerifyNull.c + cp $DIR/Pk/CryptDh.c Pk/CryptDh.c + cp $DIR/Pk/CryptX509.c Pk/CryptX509.c + cp $DIR/Pk/CryptAuthenticode.c Pk/CryptAuthenticode.c +-- +2.1.0 + diff --git a/debian/patches/CVE-2014-3675.patch b/debian/patches/CVE-2014-3675.patch new file mode 100644 index 00000000..67b50fd6 --- /dev/null +++ b/debian/patches/CVE-2014-3675.patch @@ -0,0 +1,161 @@ +diff --git a/netboot.c b/netboot.c +index 5ef53f7..f01a9bc 100644 +--- a/netboot.c ++++ b/netboot.c +@@ -116,29 +116,34 @@ BOOLEAN findNetboot(EFI_HANDLE device) + + static CHAR8 *get_v6_bootfile_url(EFI_PXE_BASE_CODE_DHCPV6_PACKET *pkt) + { +- void *optr; +- EFI_DHCP6_PACKET_OPTION *option; +- CHAR8 *url; +- UINT32 urllen; ++ void *optr = NULL, *end = NULL; ++ EFI_DHCP6_PACKET_OPTION *option = NULL; ++ CHAR8 *url = NULL; ++ UINT32 urllen = 0; + + optr = pkt->DhcpOptions; ++ end = optr + sizeof(pkt->DhcpOptions); + +- for(;;) { ++ for (;;) { + option = (EFI_DHCP6_PACKET_OPTION *)optr; + + if (ntohs(option->OpCode) == 0) +- return NULL; ++ break; + + if (ntohs(option->OpCode) == 59) { + /* This is the bootfile url option */ + urllen = ntohs(option->Length); +- url = AllocateZeroPool(urllen+1); ++ if ((void *)(option->Data + urllen) > end) ++ break; ++ url = AllocateZeroPool(urllen + 1); + if (!url) +- return NULL; ++ break; + memcpy(url, option->Data, urllen); + return url; + } + optr += 4 + ntohs(option->Length); ++ if (optr + sizeof(EFI_DHCP6_PACKET_OPTION) > end) ++ break; + } + + return NULL; +@@ -164,45 +169,60 @@ static CHAR16 str2ns(CHAR8 *str) + + static CHAR8 *str2ip6(CHAR8 *str) + { +- UINT8 i, j, p; +- size_t len; +- CHAR8 *a, *b, t; +- static UINT16 ip[8]; ++ UINT8 i = 0, j = 0, p = 0; ++ size_t len = 0, dotcount = 0; ++ enum { MAX_IP6_DOTS = 7 }; ++ CHAR8 *a = NULL, *b = NULL, t = 0; ++ static UINT16 ip[8]; + +- for(i=0; i < 8; i++) { +- ip[i] = 0; +- } +- len = strlen(str); +- a = b = str; +- for(i=p=0; i < len; i++, b++) { +- if (*b != ':') +- continue; +- *b = '\0'; +- ip[p++] = str2ns(a); +- *b = ':'; +- a = b + 1; +- if ( *(b+1) == ':' ) +- break; +- } +- a = b = (str + len); +- for(j=len, p=7; j > i; j--, a--) { +- if (*a != ':') +- continue; +- t = *b; +- *b = '\0'; +- ip[p--] = str2ns(a+1); +- *b = t; +- b = a; +- } +- return (CHAR8 *)ip; ++ memset(ip, 0, sizeof(ip)); ++ ++ /* Count amount of ':' to prevent overflows. ++ * max. count = 7. Returns an invalid ip6 that ++ * can be checked against ++ */ ++ for (a = str; *a != 0; ++a) { ++ if (*a == ':') ++ ++dotcount; ++ } ++ if (dotcount > MAX_IP6_DOTS) ++ return (CHAR8 *)ip; ++ ++ len = strlen(str); ++ a = b = str; ++ for (i = p = 0; i < len; i++, b++) { ++ if (*b != ':') ++ continue; ++ *b = '\0'; ++ ip[p++] = str2ns(a); ++ *b = ':'; ++ a = b + 1; ++ if (b[1] == ':' ) ++ break; ++ } ++ a = b = (str + len); ++ for (j = len, p = 7; j > i; j--, a--) { ++ if (*a != ':') ++ continue; ++ t = *b; ++ *b = '\0'; ++ ip[p--] = str2ns(a+1); ++ *b = t; ++ b = a; ++ } ++ return (CHAR8 *)ip; + } + + static BOOLEAN extract_tftp_info(CHAR8 *url) + { + CHAR8 *start, *end; + CHAR8 ip6str[40]; ++ CHAR8 ip6inv[16]; + CHAR8 *template = (CHAR8 *)translate_slashes(DEFAULT_LOADER_CHAR); + ++ // to check against str2ip6() errors ++ memset(ip6inv, 0, sizeof(ip6inv)); ++ + if (strncmp((UINT8 *)url, (UINT8 *)"tftp://", 7)) { + Print(L"URLS MUST START WITH tftp://\n"); + return FALSE; +@@ -217,7 +237,7 @@ static BOOLEAN extract_tftp_info(CHAR8 *url) + end = start; + while ((*end != '\0') && (*end != ']')) { + end++; +- if (end - start > 39) { ++ if (end - start >= (int)sizeof(ip6str)) { + Print(L"TFTP URL includes malformed IPv6 address\n"); + return FALSE; + } +@@ -226,10 +246,12 @@ static BOOLEAN extract_tftp_info(CHAR8 *url) + Print(L"TFTP SERVER MUST BE ENCLOSED IN [..]\n"); + return FALSE; + } +- memset(ip6str, 0, 40); ++ memset(ip6str, 0, sizeof(ip6str)); + memcpy(ip6str, start, end - start); + end++; + memcpy(&tftp_addr.v6, str2ip6(ip6str), 16); ++ if (memcmp(&tftp_addr.v6, ip6inv, sizeof(ip6inv)) == 0) ++ return FALSE; + full_path = AllocateZeroPool(strlen(end)+strlen(template)+1); + if (!full_path) + return FALSE; diff --git a/debian/patches/CVE-2014-3677.patch b/debian/patches/CVE-2014-3677.patch new file mode 100644 index 00000000..4d05f05c --- /dev/null +++ b/debian/patches/CVE-2014-3677.patch @@ -0,0 +1,75 @@ +diff --git a/MokManager.c b/MokManager.c +index 50cb9d7..73d8ff4 100644 +--- a/MokManager.c ++++ b/MokManager.c +@@ -100,8 +100,18 @@ static UINT32 count_keys(void *Data, UINTN DataSize) + EFI_GUID HashType = EFI_CERT_SHA256_GUID; + UINTN dbsize = DataSize; + UINT32 MokNum = 0; ++ void *end = Data + DataSize; + + while ((dbsize > 0) && (dbsize >= CertList->SignatureListSize)) { ++ ++ /* Use ptr arithmetics to ensure bounded access. Do not allow 0 ++ * SignatureListSize that will cause endless loop. ++ */ ++ if ((void *)(CertList + 1) > end || CertList->SignatureListSize == 0) { ++ console_notify(L"Invalid MOK detected! Ignoring MOK List."); ++ return 0; ++ } ++ + if ((CompareGuid (&CertList->SignatureType, &CertType) != 0) && + (CompareGuid (&CertList->SignatureType, &HashType) != 0)) { + console_notify(L"Doesn't look like a key or hash"); +@@ -137,6 +147,7 @@ static MokListNode *build_mok_list(UINT32 num, void *Data, UINTN DataSize) { + EFI_GUID HashType = EFI_CERT_SHA256_GUID; + UINTN dbsize = DataSize; + UINTN count = 0; ++ void *end = Data + DataSize; + + list = AllocatePool(sizeof(MokListNode) * num); + +@@ -146,6 +157,11 @@ static MokListNode *build_mok_list(UINT32 num, void *Data, UINTN DataSize) { + } + + while ((dbsize > 0) && (dbsize >= CertList->SignatureListSize)) { ++ /* CertList out of bounds? */ ++ if ((void *)(CertList + 1) > end || CertList->SignatureListSize == 0) { ++ FreePool(list); ++ return NULL; ++ } + if ((CompareGuid (&CertList->SignatureType, &CertType) != 0) && + (CompareGuid (&CertList->SignatureType, &HashType) != 0)) { + dbsize -= CertList->SignatureListSize; +@@ -165,10 +181,22 @@ static MokListNode *build_mok_list(UINT32 num, void *Data, UINTN DataSize) { + Cert = (EFI_SIGNATURE_DATA *) (((UINT8 *) CertList) + + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize); + ++ /* Cert out of bounds? */ ++ if ((void *)(Cert + 1) > end || CertList->SignatureSize <= sizeof(EFI_GUID)) { ++ FreePool(list); ++ return NULL; ++ } ++ + list[count].MokSize = CertList->SignatureSize - sizeof(EFI_GUID); + list[count].Mok = (void *)Cert->SignatureData; + list[count].Type = CertList->SignatureType; + ++ /* MOK out of bounds? */ ++ if (list[count].MokSize > end - (void *)list[count].Mok) { ++ FreePool(list); ++ return NULL; ++ } ++ + count++; + dbsize -= CertList->SignatureListSize; + CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + +@@ -449,6 +477,8 @@ static EFI_STATUS list_keys (void *KeyList, UINTN KeyListSize, CHAR16 *title) + } + + MokNum = count_keys(KeyList, KeyListSize); ++ if (MokNum == 0) ++ return 0; + keys = build_mok_list(MokNum, KeyList, KeyListSize); + + if (!keys) { diff --git a/debian/patches/prototypes b/debian/patches/prototypes new file mode 100644 index 00000000..7191e102 --- /dev/null +++ b/debian/patches/prototypes @@ -0,0 +1,191 @@ +Description: Include missing prototypes, and disable use of BIO_new_file + Pull in missing prototypes for functions that are not yet upstream in + gnu-efi, and #ifdef out references to BIO_new_file(), BIO_new_fp(), and + X509_load_{cert,crl}_file since the prototypes are themselves #ifdef'ed + out. + . + Without these prototypes, we get implicit conversions on amd64, which + are sensibly treated as a build failure by Launchpad. +Author: Steve Langasek <steve.langasek@ubuntu.com> + +Index: shim/Cryptlib/Library/BaseMemoryLib.h +=================================================================== +--- /dev/null ++++ shim/Cryptlib/Library/BaseMemoryLib.h +@@ -0,0 +1,41 @@ ++#ifndef __BASE_MEMORY_LIB__ ++#define __BASE_MEMORY_LIB__ ++ ++CHAR8 * ++ScanMem8 ( ++ IN CHAR8 *Buffer, ++ IN UINTN Size, ++ IN CHAR8 Value ++ ); ++ ++UINT32 ++WriteUnaligned32( ++ UINT32 *Buffer, ++ UINT32 Value ++ ); ++ ++CHAR8 * ++AsciiStrCat( ++ CHAR8 *Destination, ++ CHAR8 *Source ++ ); ++ ++CHAR8 * ++AsciiStrCpy( ++ CHAR8 *Destination, ++ CHAR8 *Source ++ ); ++ ++CHAR8 * ++AsciiStrnCpy( ++ CHAR8 *Destination, ++ CHAR8 *Source, ++ UINTN count ++ ); ++ ++UINTN ++AsciiStrSize( ++ CHAR8 *string ++ ); ++ ++#endif +Index: shim/Cryptlib/OpenSSL/crypto/x509v3/v3_pci.c +=================================================================== +--- shim.orig/Cryptlib/OpenSSL/crypto/x509v3/v3_pci.c ++++ shim/Cryptlib/OpenSSL/crypto/x509v3/v3_pci.c +@@ -157,6 +157,7 @@ + } + OPENSSL_free(tmp_data2); + } ++#ifndef OPENSSL_NO_STDIO + else if (strncmp(val->value, "file:", 5) == 0) + { + unsigned char buf[2048]; +@@ -194,6 +195,7 @@ + goto err; + } + } ++#endif + else if (strncmp(val->value, "text:", 5) == 0) + { + val_len = strlen(val->value + 5); +Index: shim/Cryptlib/OpenSSL/crypto/conf/conf_def.c +=================================================================== +--- shim.orig/Cryptlib/OpenSSL/crypto/conf/conf_def.c ++++ shim/Cryptlib/OpenSSL/crypto/conf/conf_def.c +@@ -186,11 +186,13 @@ + int ret; + BIO *in=NULL; + ++#ifndef OPENSSL_NO_STDIO + #ifdef OPENSSL_SYS_VMS + in=BIO_new_file(name, "r"); + #else + in=BIO_new_file(name, "rb"); + #endif ++#endif + if (in == NULL) + { + if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE) +Index: shim/Cryptlib/OpenSSL/crypto/conf/conf_lib.c +=================================================================== +--- shim.orig/Cryptlib/OpenSSL/crypto/conf/conf_lib.c ++++ shim/Cryptlib/OpenSSL/crypto/conf/conf_lib.c +@@ -92,11 +92,13 @@ + LHASH *ltmp; + BIO *in=NULL; + ++#ifndef OPENSSL_NO_STDIO + #ifdef OPENSSL_SYS_VMS + in=BIO_new_file(file, "r"); + #else + in=BIO_new_file(file, "rb"); + #endif ++#endif + if (in == NULL) + { + CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB); +Index: shim/Cryptlib/OpenSSL/crypto/conf/conf_sap.c +=================================================================== +--- shim.orig/Cryptlib/OpenSSL/crypto/conf/conf_sap.c ++++ shim/Cryptlib/OpenSSL/crypto/conf/conf_sap.c +@@ -93,12 +93,14 @@ + { + BIO *bio_err; + ERR_load_crypto_strings(); ++#ifndef OPENSSL_NO_STDIO + if ((bio_err=BIO_new_fp(stderr, BIO_NOCLOSE)) != NULL) + { + BIO_printf(bio_err,"Auto configuration failed\n"); + ERR_print_errors(bio_err); + BIO_free(bio_err); + } ++#endif + exit(1); + } + +Index: shim/Cryptlib/OpenSSL/crypto/engine/eng_openssl.c +=================================================================== +--- shim.orig/Cryptlib/OpenSSL/crypto/engine/eng_openssl.c ++++ shim/Cryptlib/OpenSSL/crypto/engine/eng_openssl.c +@@ -374,11 +374,15 @@ + BIO *in; + EVP_PKEY *key; + fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n", key_id); ++#ifndef OPENSSL_NO_STDIO + in = BIO_new_file(key_id, "r"); + if (!in) + return NULL; + key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL); + BIO_free(in); ++#else ++ return NULL; ++#endif + return key; + } + #endif +Index: shim/Cryptlib/OpenSSL/crypto/x509/by_dir.c +=================================================================== +--- shim.orig/Cryptlib/OpenSSL/crypto/x509/by_dir.c ++++ shim/Cryptlib/OpenSSL/crypto/x509/by_dir.c +@@ -92,8 +92,10 @@ + static int new_dir(X509_LOOKUP *lu); + static void free_dir(X509_LOOKUP *lu); + static int add_cert_dir(BY_DIR *ctx,const char *dir,int type); ++#ifndef OPENSSL_NO_STDIO + static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name, + X509_OBJECT *ret); ++#endif + X509_LOOKUP_METHOD x509_dir_lookup= + { + "Load certs from files in a directory", +@@ -102,7 +104,11 @@ + NULL, /* init */ + NULL, /* shutdown */ + dir_ctrl, /* ctrl */ ++#ifdef OPENSSL_NO_STDIO ++ NULL, /* get_by_subject */ ++#else + get_cert_by_subject, /* get_by_subject */ ++#endif + NULL, /* get_by_issuer_serial */ + NULL, /* get_by_fingerprint */ + NULL, /* get_by_alias */ +@@ -242,6 +248,7 @@ + return(1); + } + ++#ifndef OPENSSL_NO_STDIO + static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, + X509_OBJECT *ret) + { +@@ -383,3 +390,4 @@ + if (b != NULL) BUF_MEM_free(b); + return(ok); + } ++#endif diff --git a/debian/patches/sbsigntool-not-pesign b/debian/patches/sbsigntool-not-pesign new file mode 100644 index 00000000..66b0f121 --- /dev/null +++ b/debian/patches/sbsigntool-not-pesign @@ -0,0 +1,22 @@ +Description: Sign MokManager with sbsigntool instead of pesign + Ubuntu infrastructure uses sbsigntool for all other EFI signing, so we use + the same thing for signing MokManager with our ephemeral key. This also + avoids an additional build dependency on libnss3-tools. +Author: Steve Langasek <steve.langasek@canonical.com> +Forwarded: not-needed + +Index: shim/Makefile +=================================================================== +--- shim.orig/Makefile ++++ shim/Makefile +@@ -88,8 +88,8 @@ + -j .debug_line -j .debug_str -j .debug_ranges \ + --target=efi-app-$(ARCH) $^ $@.debug + +-%.efi.signed: %.efi certdb/secmod.db +- pesign -n certdb -i $< -c "shim" -s -o $@ -f ++%.efi.signed: %.efi shim.crt ++ sbsign --key shim.key --cert shim.crt $< + + clean: + $(MAKE) -C Cryptlib clean diff --git a/debian/patches/second-stage-path b/debian/patches/second-stage-path new file mode 100644 index 00000000..d9265bea --- /dev/null +++ b/debian/patches/second-stage-path @@ -0,0 +1,20 @@ +Description: Chainload grubx64.efi, not grub.efi + We qualify the second stage bootloader image with the architecture name, + so we're forwards-compatible with any future 32-bit implementations. + (Non-SB grub doesn't conflict, since the image will be named bootia32.efi + anyway, not grub.efi.) +Author: Steve Langasek <steve.langasek@ubuntu.com> + +Index: shim/Makefile +=================================================================== +--- shim.orig/Makefile ++++ shim/Makefile +@@ -14,7 +14,7 @@ + EFI_CRT_OBJS = $(EFI_PATH)/crt0-efi-$(ARCH).o + EFI_LDS = elf_$(ARCH)_efi.lds + +-DEFAULT_LOADER := \\\\grub.efi ++DEFAULT_LOADER := \\\\grubx64.efi + CFLAGS = -ggdb -O0 -fno-stack-protector -fno-strict-aliasing -fpic \ + -fshort-wchar -Wall -Werror -mno-red-zone -maccumulate-outgoing-args \ + -mno-mmx -mno-sse -fno-builtin \ diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 00000000..fa2ce82d --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,5 @@ +prototypes +second-stage-path +sbsigntool-not-pesign +0001-Update-openssl-to-0.9.8za.patch +CVE-2014-3675.patch diff --git a/debian/rules b/debian/rules new file mode 100755 index 00000000..28523b56 --- /dev/null +++ b/debian/rules @@ -0,0 +1,7 @@ +#!/usr/bin/make -f + +%: + dh $@ + +override_dh_auto_build: + dh_auto_build -- EFI_PATH=/usr/lib VENDOR_CERT_FILE=debian/canonical-uefi-ca.der diff --git a/debian/shim.install b/debian/shim.install new file mode 100644 index 00000000..97d99c43 --- /dev/null +++ b/debian/shim.install @@ -0,0 +1,3 @@ +shim.efi /usr/lib/shim +MokManager.efi.signed /usr/lib/shim +fallback.efi.signed /usr/lib/shim diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 00000000..163aaf8d --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/source/include-binaries b/debian/source/include-binaries new file mode 100644 index 00000000..5be73be9 --- /dev/null +++ b/debian/source/include-binaries @@ -0,0 +1 @@ +debian/canonical-uefi-ca.der |