diff options
| author | Jeff Fan <jeff.fan@intel.com> | 2015-04-02 07:14:12 +0000 |
|---|---|---|
| committer | vanjeff <vanjeff@Edk2> | 2015-04-02 07:14:12 +0000 |
| commit | dcfa39fd63a76c504a69ee87a68d7faa3e5638f7 (patch) | |
| tree | bcbc260ac409a2d9453a197708866d64975e70d3 /CryptoPkg/Library/BaseCryptLib | |
| parent | bfd5c4c76011f6e29a42cb9a761610e55ec0584f (diff) | |
| download | edk2-dcfa39fd63a76c504a69ee87a68d7faa3e5638f7.zip edk2-dcfa39fd63a76c504a69ee87a68d7faa3e5638f7.tar.gz edk2-dcfa39fd63a76c504a69ee87a68d7faa3e5638f7.tar.bz2 | |
Copy head(r17080) from UDK2014.SP1 Branch with excluding UNI files.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/branches/UDK2010.SR1@17104 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'CryptoPkg/Library/BaseCryptLib')
10 files changed, 81 insertions, 33 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf index 95a76f2..08e9c24 100644 --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -3,10 +3,10 @@ #
# Caution: This module requires additional review when modified.
# This library will have external input - signature.
-# This external input must be validated carefully to avoid security issue like
-# buffer overflow, integer overflow.
+# This external input must be validated carefully to avoid security issues such as
+# buffer overflow or integer overflow.
#
-# Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -28,7 +28,7 @@ #
# The following information is for reference only and not required by the build tools.
#
-# VALID_ARCHITECTURES = IA32 X64 IPF ARM
+# VALID_ARCHITECTURES = IA32 X64 IPF ARM AARCH64
#
[Sources]
@@ -85,6 +85,9 @@ [Sources.ARM]
Rand/CryptRand.c
+[Sources.AARCH64]
+ Rand/CryptRand.c
+
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf index 97965b4..913e3e1 100644 --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf @@ -3,16 +3,16 @@ #
# Caution: This module requires additional review when modified.
# This library will have external input - signature.
-# This external input must be validated carefully to avoid security issue like
-# buffer overflow, integer overflow.
+# This external input must be validated carefully to avoid security issues such as
+# buffer overflow or integer overflow.
#
# Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/
# TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
# Diffie-Hellman functions, X.509 certificate handler functions, authenticode
-# signature verification functions, PEM handler functions, pseudorandom number
+# signature verification functions, PEM handler functions, and pseudorandom number
# generator functions are not supported in this instance.
#
-# Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c index bb5f6d4..7b8bca5 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c @@ -146,8 +146,8 @@ AuthenticodeVerify ( //
// Long Form of Length Encoding, only support two bytes.
//
- ContentSize = (UINTN) (*(SpcIndirectDataContent + 2));
- ContentSize = (ContentSize << 8) + (UINTN)(*(SpcIndirectDataContent + 3));
+ ContentSize = (UINTN) (*(UINT8 *)(SpcIndirectDataContent + 2));
+ ContentSize = (ContentSize << 8) + (UINTN)(*(UINT8 *)(SpcIndirectDataContent + 3));
//
// Skip the SEQUENCE Tag;
//
diff --git a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c index 4a056e8..895ce83 100644 --- a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c +++ b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c @@ -1,7 +1,7 @@ /** @file
Pseudorandom Number Generator Wrapper Implementation over OpenSSL.
-Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include "InternalCryptLib.h"
#include <openssl/rand.h>
+#include <openssl/evp.h>
//
// Default seed for UEFI Crypto Library
@@ -48,6 +49,14 @@ RandomSeed ( }
//
+ // The software PRNG implementation built in OpenSSL depends on message digest algorithm.
+ // Make sure SHA-1 digest algorithm is available here.
+ //
+ if (EVP_add_digest (EVP_sha1 ()) == 0) {
+ return FALSE;
+ }
+
+ //
// Seed the pseudorandom number generator with user-supplied value.
// NOTE: A cryptographic PRNG must be seeded with unpredictable data.
//
@@ -57,7 +66,11 @@ RandomSeed ( RAND_seed (DefaultSeed, sizeof (DefaultSeed));
}
- return TRUE;
+ if (RAND_status () == 1) {
+ return TRUE;
+ }
+
+ return FALSE;
}
/**
diff --git a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c index dcc1853..9f87087 100644 --- a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c +++ b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c @@ -1,7 +1,7 @@ /** @file
Pseudorandom Number Generator Wrapper Implementation over OpenSSL.
-Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2012 - 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include "InternalCryptLib.h"
#include <openssl/rand.h>
+#include <openssl/evp.h>
#include <Library/PrintLib.h>
/**
@@ -46,6 +47,14 @@ RandomSeed ( }
//
+ // The software PRNG implementation built in OpenSSL depends on message digest algorithm.
+ // Make sure SHA-1 digest algorithm is available here.
+ //
+ if (EVP_add_digest (EVP_sha1 ()) == 0) {
+ return FALSE;
+ }
+
+ //
// Seed the pseudorandom number generator with user-supplied value.
// NOTE: A cryptographic PRNG must be seeded with unpredictable data.
//
@@ -65,7 +74,11 @@ RandomSeed ( RAND_seed (DefaultSeed, sizeof (DefaultSeed));
}
- return TRUE;
+ if (RAND_status () == 1) {
+ return TRUE;
+ }
+
+ return FALSE;
}
/**
diff --git a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c index 7259ed5..9bd349d 100644 --- a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c +++ b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c @@ -1,7 +1,7 @@ /** @file
Pseudorandom Number Generator Wrapper Implementation over OpenSSL.
-Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2012 - 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include "InternalCryptLib.h"
#include <openssl/rand.h>
+#include <openssl/evp.h>
#include <Library/PrintLib.h>
/**
@@ -46,6 +47,14 @@ RandomSeed ( }
//
+ // The software PRNG implementation built in OpenSSL depends on message digest algorithm.
+ // Make sure SHA-1 digest algorithm is available here.
+ //
+ if (EVP_add_digest (EVP_sha1 ()) == 0) {
+ return FALSE;
+ }
+
+ //
// Seed the pseudorandom number generator with user-supplied value.
// NOTE: A cryptographic PRNG must be seeded with unpredictable data.
//
@@ -65,7 +74,11 @@ RandomSeed ( RAND_seed (DefaultSeed, sizeof (DefaultSeed));
}
- return TRUE;
+ if (RAND_status () == 1) {
+ return TRUE;
+ }
+
+ return FALSE;
}
/**
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf index 535ad51..d23e3db 100644 --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf @@ -1,17 +1,17 @@ ## @file
-# Cryptographic Library Instance for DXE_RUNTIME_DRIVER
+# Cryptographic Library Instance for DXE_RUNTIME_DRIVER.
#
# Caution: This module requires additional review when modified.
# This library will have external input - signature.
-# This external input must be validated carefully to avoid security issue like
-# buffer overflow, integer overflow.
+# This external input must be validated carefully to avoid security issues such as
+# buffer overflow or integer overflow.
#
# Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/
# TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
-# Diffie-Hellman functions, authenticode signature verification functions are
+# Diffie-Hellman functions, and authenticode signature verification functions are
# not supported in this instance.
#
-# Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -34,7 +34,7 @@ #
# The following information is for reference only and not required by the build tools.
#
-# VALID_ARCHITECTURES = IA32 X64 IPF ARM
+# VALID_ARCHITECTURES = IA32 X64 IPF ARM AARCH64
#
[Sources]
@@ -90,6 +90,9 @@ [Sources.ARM]
Rand/CryptRand.c
+[Sources.AARCH64]
+ Rand/CryptRand.c
+
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf index cdbe3ac..b31a785 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf @@ -3,15 +3,15 @@ #
# Caution: This module requires additional review when modified.
# This library will have external input - signature.
-# This external input must be validated carefully to avoid security issue like
-# buffer overflow, integer overflow.
+# This external input must be validated carefully to avoid security issues such as
+# buffer overflow or integer overflow.
#
# Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/
# TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
-# Diffie-Hellman functions, authenticode signature verification functions are
+# Diffie-Hellman functions, and authenticode signature verification functions are
# not supported in this instance.
#
-# Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -34,7 +34,7 @@ #
# The following information is for reference only and not required by the build tools.
#
-# VALID_ARCHITECTURES = IA32 X64
+# VALID_ARCHITECTURES = IA32 X64 ARM AARCH64
#
[Sources]
@@ -90,6 +90,9 @@ [Sources.ARM]
Rand/CryptRand.c
+[Sources.AARCH64]
+ Rand/CryptRand.c
+
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
@@ -108,4 +111,4 @@ #
[BuildOptions]
GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))" "-D__declspec(t)=__attribute__((t))"
-
+ XCODE:*_*_*_CC_FLAGS = -mmmx -msse
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathRShiftU64.S b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathRShiftU64.S index 3a8a132..bf05875 100644 --- a/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathRShiftU64.S +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathRShiftU64.S @@ -1,6 +1,6 @@ #------------------------------------------------------------------------------
#
-# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -53,7 +53,7 @@ ASM_PFX(__ashrdi3): More32:
movl %edx, %eax
xor %edx, %edx
- and $32, %cl
+ and $31, %cl
shr %cl, %eax
ret
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c index 805e6b4..6422d61 100644 --- a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c @@ -148,14 +148,14 @@ struct tm * gmtime (const time_t *timer) GmTime->tm_yday = (int) DayNo;
for (MonthNo = 12; MonthNo > 1; MonthNo--) {
- if (DayNo > CumulativeDays[IsLeap(Year)][MonthNo]) {
+ if (DayNo >= CumulativeDays[IsLeap(Year)][MonthNo]) {
DayNo = (UINT16) (DayNo - (UINT16) (CumulativeDays[IsLeap(Year)][MonthNo]));
break;
}
}
- GmTime->tm_mon = (int) MonthNo;
- GmTime->tm_mday = (int) DayNo;
+ GmTime->tm_mon = (int) MonthNo - 1;
+ GmTime->tm_mday = (int) DayNo + 1;
GmTime->tm_isdst = 0;
GmTime->tm_gmtoff = 0;
|