From f892ac66084ab0315adb0c52e4a39b518730d023 Mon Sep 17 00:00:00 2001 From: Mathieu Trudel-Lapierre Date: Tue, 24 Jul 2018 16:24:23 -0400 Subject: New upstream version 15+1531942534.dd3230d --- Cryptlib/Include/OpenSslSupport.h | 11 ++-- Cryptlib/InternalCryptLib.h | 10 +-- Cryptlib/Library/BaseLib.h | 1 + Cryptlib/Makefile | 14 ++-- Cryptlib/OpenSSL/Makefile | 10 +-- Cryptlib/Pem/CryptPem.c | 135 -------------------------------------- Cryptlib/Pem/CryptPemNull.c | 44 +++++++++++++ 7 files changed, 70 insertions(+), 155 deletions(-) delete mode 100644 Cryptlib/Pem/CryptPem.c create mode 100644 Cryptlib/Pem/CryptPemNull.c (limited to 'Cryptlib') diff --git a/Cryptlib/Include/OpenSslSupport.h b/Cryptlib/Include/OpenSslSupport.h index d7650b3c..b38043cb 100644 --- a/Cryptlib/Include/OpenSslSupport.h +++ b/Cryptlib/Include/OpenSslSupport.h @@ -17,11 +17,11 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include #include -#include -#include -#include -#include -#include +#include "Base.h" +#include "Library/BaseLib.h" +#include "Library/BaseMemoryLib.h" +#include "Library/MemoryAllocationLib.h" +#include "Library/DebugLib.h" /* * Include stddef.h to avoid redefining "offsetof" @@ -380,5 +380,6 @@ extern FILE *stdout; #define atoi(nptr) AsciiStrDecimalToUintn(nptr) #define gettimeofday(tvp,tz) do { (tvp)->tv_sec = time(NULL); (tvp)->tv_usec = 0; } while (0) #define gmtime_r(timer,result) (result = NULL) +#define abort() #endif diff --git a/Cryptlib/InternalCryptLib.h b/Cryptlib/InternalCryptLib.h index 92cc9630..e9a4c20a 100644 --- a/Cryptlib/InternalCryptLib.h +++ b/Cryptlib/InternalCryptLib.h @@ -15,11 +15,11 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #ifndef __INTERNAL_CRYPT_LIB_H__ #define __INTERNAL_CRYPT_LIB_H__ -#include -#include -#include -#include -#include +#include "Library/BaseLib.h" +#include "Library/BaseMemoryLib.h" +#include "Library/MemoryAllocationLib.h" +#include "Library/DebugLib.h" +#include "Library/BaseCryptLib.h" #include "OpenSslSupport.h" diff --git a/Cryptlib/Library/BaseLib.h b/Cryptlib/Library/BaseLib.h index c29919ea..5d326844 100644 --- a/Cryptlib/Library/BaseLib.h +++ b/Cryptlib/Library/BaseLib.h @@ -5,4 +5,5 @@ UINT32 WriteUnaligned32 (UINT32 *Buffer, UINT32 Value); UINTN AsciiStrSize (CHAR8 *string); char *AsciiStrnCpy(char *Destination, char *Source, UINTN count); char *AsciiStrCat(char *Destination, char *Source); +CHAR8 *AsciiStrCpy(CHAR8 *Destination, CHAR8 *Source); UINTN AsciiStrDecimalToUintn(const char *String); diff --git a/Cryptlib/Makefile b/Cryptlib/Makefile index bf9d0dc8..2aa56959 100644 --- a/Cryptlib/Makefile +++ b/Cryptlib/Makefile @@ -5,14 +5,16 @@ CFLAGS = -ggdb -O0 -I$(TOPDIR) -iquote $(TOPDIR) -fno-stack-protector -fno-stri -Wall $(EFI_INCLUDES) -std=gnu89 \ -ffreestanding -I$(shell $(CC) -print-file-name=include) +CLANG_BUGS = $(if $(findstring gcc,$(CC)),-maccumulate-outgoing-args,) + ifeq ($(ARCH),x86_64) - CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args \ - -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI -DNO_BUILTIN_VA_FUNCS \ - -DMDE_CPU_X64 + CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc $(CLANG_BUGS) \ + -m64 -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI \ + -DNO_BUILTIN_VA_FUNCS -DMDE_CPU_X64 endif ifeq ($(ARCH),ia32) - CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args -m32 \ - -DMDE_CPU_IA32 + CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc \ + $(CLANG_BUGS) -m32 -DMDE_CPU_IA32 endif ifeq ($(ARCH),aarch64) CFLAGS += -DMDE_CPU_AARCH64 @@ -40,7 +42,7 @@ OBJS = Hash/CryptMd4Null.o \ Pk/CryptTs.o \ Pk/CryptX509.o \ Pk/CryptAuthenticode.o \ - Pem/CryptPem.o \ + Pem/CryptPemNull.o \ SysCall/CrtWrapper.o \ SysCall/TimerWrapper.o \ SysCall/BaseMemAllocation.o \ diff --git a/Cryptlib/OpenSSL/Makefile b/Cryptlib/OpenSSL/Makefile index b61b66d8..916feac0 100644 --- a/Cryptlib/OpenSSL/Makefile +++ b/Cryptlib/OpenSSL/Makefile @@ -8,14 +8,16 @@ CFLAGS = -ggdb -O0 -I$(TOPDIR) -I$(TOPDIR)/.. -I$(TOPDIR)/../Include/ -I$(TOPDI -ffreestanding -std=gnu89 -I$(shell $(CC) -print-file-name=include) \ -Wall $(EFI_INCLUDES) -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_SMALL_FOOTPRINT -DPEDANTIC +CLANG_BUGS = $(if $(findstring gcc,$(CC)),-maccumulate-outgoing-args,) + ifeq ($(ARCH),x86_64) - CFLAGS += -mno-mmx -mno-sse -mno-red-zone -maccumulate-outgoing-args \ - -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI \ + CFLAGS += -mno-mmx -mno-sse -mno-red-zone $(CLANG_BUGS) \ + -m64 -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI \ -UNO_BUILTIN_VA_FUNCS -DMDE_CPU_X64 endif ifeq ($(ARCH),ia32) - CFLAGS += -mno-mmx -mno-sse -mno-red-zone -maccumulate-outgoing-args \ - -m32 -DMDE_CPU_IA32 + CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc \ + $(CLANG_BUGS) -m32 -DMDE_CPU_IA32 endif ifeq ($(ARCH),aarch64) CFLAGS += -O2 -DMDE_CPU_AARCH64 diff --git a/Cryptlib/Pem/CryptPem.c b/Cryptlib/Pem/CryptPem.c deleted file mode 100644 index 51e648b7..00000000 --- a/Cryptlib/Pem/CryptPem.c +++ /dev/null @@ -1,135 +0,0 @@ -/** @file - PEM (Privacy Enhanced Mail) Format Handler Wrapper Implementation over OpenSSL. - -Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.
-This program and the accompanying materials -are licensed and made available under the terms and conditions of the BSD License -which accompanies this distribution. The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#include "InternalCryptLib.h" -#include - -/** - Callback function for password phrase conversion used for retrieving the encrypted PEM. - - @param[out] Buf Pointer to the buffer to write the passphrase to. - @param[in] Size Maximum length of the passphrase (i.e. the size of Buf). - @param[in] Flag A flag which is set to 0 when reading and 1 when writing. - @param[in] Key Key data to be passed to the callback routine. - - @retval The number of characters in the passphrase or 0 if an error occurred. - -**/ -INTN -PasswordCallback ( - OUT CHAR8 *Buf, - IN INTN Size, - IN INTN Flag, - IN VOID *Key - ) -{ - INTN KeyLength; - - ZeroMem ((VOID *) Buf, (UINTN) Size); - if (Key != NULL) { - // - // Duplicate key phrase directly. - // - KeyLength = (INTN) AsciiStrLen ((CHAR8 *)Key); - KeyLength = (KeyLength > Size ) ? Size : KeyLength; - CopyMem (Buf, Key, (UINTN) KeyLength); - return KeyLength; - } else { - return 0; - } -} - -/** - Retrieve the RSA Private Key from the password-protected PEM key data. - - @param[in] PemData Pointer to the PEM-encoded key data to be retrieved. - @param[in] PemSize Size of the PEM key data in bytes. - @param[in] Password NULL-terminated passphrase used for encrypted PEM key data. - @param[out] RsaContext Pointer to new-generated RSA context which contain the retrieved - RSA private key component. Use RsaFree() function to free the - resource. - - If PemData is NULL, then return FALSE. - If RsaContext is NULL, then return FALSE. - - @retval TRUE RSA Private Key was retrieved successfully. - @retval FALSE Invalid PEM key data or incorrect password. - -**/ -BOOLEAN -EFIAPI -RsaGetPrivateKeyFromPem ( - IN CONST UINT8 *PemData, - IN UINTN PemSize, - IN CONST CHAR8 *Password, - OUT VOID **RsaContext - ) -{ - BOOLEAN Status; - BIO *PemBio; - - // - // Check input parameters. - // - if (PemData == NULL || RsaContext == NULL || PemSize > INT_MAX) { - return FALSE; - } - - // - // Add possible block-cipher descriptor for PEM data decryption. - // NOTE: Only support most popular ciphers (3DES, AES) for the encrypted PEM. - // - if (EVP_add_cipher (EVP_des_ede3_cbc ()) == 0) { - return FALSE; - } - if (EVP_add_cipher (EVP_aes_128_cbc ()) == 0) { - return FALSE; - } - if (EVP_add_cipher (EVP_aes_192_cbc ()) == 0) { - return FALSE; - } - if (EVP_add_cipher (EVP_aes_256_cbc ()) == 0) { - return FALSE; - } - - Status = FALSE; - - // - // Read encrypted PEM Data. - // - PemBio = BIO_new (BIO_s_mem ()); - if (PemBio == NULL) { - goto _Exit; - } - - if (BIO_write (PemBio, PemData, (int) PemSize) <= 0) { - goto _Exit; - } - - // - // Retrieve RSA Private Key from encrypted PEM data. - // - *RsaContext = PEM_read_bio_RSAPrivateKey (PemBio, NULL, (pem_password_cb *) &PasswordCallback, (void *) Password); - if (*RsaContext != NULL) { - Status = TRUE; - } - -_Exit: - // - // Release Resources. - // - BIO_free (PemBio); - - return Status; -} diff --git a/Cryptlib/Pem/CryptPemNull.c b/Cryptlib/Pem/CryptPemNull.c new file mode 100644 index 00000000..8c9e4f0b --- /dev/null +++ b/Cryptlib/Pem/CryptPemNull.c @@ -0,0 +1,44 @@ +/** @file + PEM (Privacy Enhanced Mail) Format Handler Wrapper Implementation which does + not provide real capabilities. + +Copyright (c) 2012, Intel Corporation. All rights reserved.
+This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#include "InternalCryptLib.h" + +/** + Retrieve the RSA Private Key from the password-protected PEM key data. + + Return FALSE to indicate this interface is not supported. + + @param[in] PemData Pointer to the PEM-encoded key data to be retrieved. + @param[in] PemSize Size of the PEM key data in bytes. + @param[in] Password NULL-terminated passphrase used for encrypted PEM key data. + @param[out] RsaContext Pointer to new-generated RSA context which contain the retrieved + RSA private key component. Use RsaFree() function to free the + resource. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +RsaGetPrivateKeyFromPem ( + IN CONST UINT8 *PemData, + IN UINTN PemSize, + IN CONST CHAR8 *Password, + OUT VOID **RsaContext + ) +{ + ASSERT (FALSE); + return FALSE; +} -- cgit v1.2.3