Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Fix bug for correct return value checking when get X509Cert
+Srinivasan Mani, +Prarthana Sagar, +Gayathri Thunuguntla
-Original Message-
From: Li, Yi1
Sent: Sunday, May 19, 2024 6:41 PM
To: Sountharya N
Cc: Yao, Jiewen ; devel@edk2.groups.io; Li, Yi1
; Shang, Qingyu
Subject: [EXTERNAL] RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Fix bug for correct
return value checking when get X509Cert
**CAUTION: The e-mail below is from an external source. Please exercise caution
before opening attachments, clicking links, or following guidance.**
Hi @sounthar...@ami.com,
I already asked Qingyu to help raise patch.
Will merge it after hard freeze.
Thanks,
Yi
-Original Message-
From: devel@edk2.groups.io On Behalf Of Li, Yi
Sent: Wednesday, May 15, 2024 11:32 PM
To: devel@edk2.groups.io; Shang, Qingyu
Cc: Yao, Jiewen
Subject: Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Fix bug for correct return
value checking when get X509Cert
Looks good to me.
Reviewed-by: Yi Li
We are in Hard Freeze phase, will push it after freeze. Thanks.
-Original Message-
From: devel@edk2.groups.io On Behalf Of Qingyu
Sent: Wednesday, May 15, 2024 8:58 PM
To: devel@edk2.groups.io
Cc: Shang, Qingyu ; Yao, Jiewen ;
Li, Yi1
Subject: [edk2-devel] [PATCH 1/1] CryptoPkg: Fix bug for correct return value
checking when get X509Cert
From: Qingyu
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509
CryptX509.c file has X509GetTBSCert() funtion and it is added Inf variable to
collect the return value of ASN1_get_object(), which return 0x80 in error case.
Supplement the return value check during the second function call and correct
the check logic.
Signed-off-by: Qingyu
Cc: Jiewen Yao
Cc: Yi Li
---
CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 1182323b63ee..7ebec9dbad5b 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -839,17 +839,17 @@ X509GetTBSCert (
Length = 0;
Inf= ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int
*)&ObjClass, (long)CertSize);
- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+ if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}
*TBSCert = (UINT8 *)Temp;
- ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass,
(long)Length);
+ Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int
+ *)&ObjClass, (long)Length);
//
// Verify the parsed TBSCertificate is one correct SEQUENCE data.
//
- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+ if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}
--
2.44.0.windows.1
-The information contained in this message may be confidential and proprietary
to American Megatrends (AMI). This communication is intended to be read only by
the individual or entity to whom it is addressed or by their designee. If the
reader of this message is not the intended recipient, you are on notice that
any distribution of this message, in any form, is strictly prohibited. Please
promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and
then delete or destroy all copies of the transmission.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119109): https://edk2.groups.io/g/devel/message/119109
Mute This Topic: https://groups.io/mt/106113214/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH] CryptoPkg: Check ASN1_get_object() return value
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509
In ASN1_get_object(), Inf should compare with 0x80 instead of 0x00.
Cc: Sountharya N
Signed-off-by: Sountharya N
---
CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 1182323b63..021cc328f8 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -839,17 +839,17 @@ X509GetTBSCert (
Length = 0;
Inf= ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int
*)&ObjClass, (long)CertSize);
- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+ if (((Inf & 0x80) == 0x80) || (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}
*TBSCert = (UINT8 *)Temp;
- ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass,
(long)Length);
+ Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int
*)&ObjClass, (long)Length);
//
// Verify the parsed TBSCertificate is one correct SEQUENCE data.
//
- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+ if (((Inf & 0x80) == 0x80) || (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}
--
2.35.1.windows.2
-The information contained in this message may be confidential and proprietary
to American Megatrends (AMI). This communication is intended to be read only by
the individual or entity to whom it is addressed or by their designee. If the
reader of this message is not the intended recipient, you are on notice that
any distribution of this message, in any form, is strictly prohibited. Please
promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and
then delete or destroy all copies of the transmission.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119054): https://edk2.groups.io/g/devel/message/119054
Mute This Topic: https://groups.io/mt/106158469/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH] CryptoPkg: Check ASN1_get_object() return value
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509
ASN1_get_object() returns (0x80) in error case and it is compared with (0x00).
If ASN1_get_object() returns 0x80 it should returns FALSE, but here it is
compared with (0x00) and if it returns 0x80 it is coming out of the condition
and makes the function TRUE.
Cc: Sountharya N
Cc: Prarthana Sagar V
Cc: Gayathri Thunuguntla
Cc: Srinivasan Mani
Cc: Yi Li
Signed-off-by: Sountharya N
---
...e-check-ASN1_get_object-return-value.patch | 47 +++
1 file changed, 47 insertions(+)
create mode 100644 0001-Add-variable-check-ASN1_get_object-return-value.patch
diff --git a/0001-Add-variable-check-ASN1_get_object-return-value.patch
b/0001-Add-variable-check-ASN1_get_object-return-value.patch
new file mode 100644
index 00..3bd7f69ab2
--- /dev/null
+++ b/0001-Add-variable-check-ASN1_get_object-return-value.patch
@@ -0,0 +1,47 @@
+grom 4bffb95cc9f16f1ee25155b0dde9e7dc7288134a Mon Sep 17 00:00:00 2001
+From: Sountharya N
+Date: Fri, 17 May 2024 15:30:51 +0530
+Subject: [PATCH] Add variable&check ASN1_get_object() return value
+To: sounthar...@ami.com
+
+REF: "https://bugzilla.tianocore.org/show_bug.cgi?id=4509";
+
+ASN1_get_object() returns (0x80) in error case and it is compared with (0x00).
If ASN1_get_object() returns 0x80 it should returns FALSE, but here it is
compared with (0x00) and if it returns 0x80 it is coming out of the condition
and makes the function TRUE.
+
+Cc: Sountharya N
+
+Cc: Shenba
+
+Signed-off-by: Sountharya N
+---
+ CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+index 1182323b63..021cc328f8 100644
+--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+@@ -839,17 +839,17 @@ X509GetTBSCert (
+ Length = 0;
+ Inf= ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int
*)&ObjClass, (long)CertSize);
+
+- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
++ if (((Inf & 0x80) == 0x80) || (Asn1Tag != V_ASN1_SEQUENCE)) {
+ return FALSE;
+ }
+
+ *TBSCert = (UINT8 *)Temp;
+
+- ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass,
(long)Length);
++ Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int
*)&ObjClass, (long)Length);
+ //
+ // Verify the parsed TBSCertificate is one correct SEQUENCE data.
+ //
+- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
++ if (((Inf & 0x80) == 0x80) || (Asn1Tag != V_ASN1_SEQUENCE)) {
+ return FALSE;
+ }
+
+--
+2.35.1.windows.2
+
--
2.35.1.windows.2
-The information contained in this message may be confidential and proprietary
to American Megatrends (AMI). This communication is intended to be read only by
the individual or entity to whom it is addressed or by their designee. If the
reader of this message is not the intended recipient, you are on notice that
any distribution of this message, in any form, is strictly prohibited. Please
promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and
then delete or destroy all copies of the transmission.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119053): https://edk2.groups.io/g/devel/message/119053
Mute This Topic: https://groups.io/mt/106158469/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c.
Hi Yi,
I Removed 'Reviewed-by: @yi1...@intel.com' and Sent V2 patch to
devel@edk2.groups.io.
Thanks,
Sountharya
-Original Message-
From: Li, Yi1
Sent: Tuesday, April 2, 2024 6:42 AM
To: Sountharya N ; devel@edk2.groups.io
Cc: Srinivasan Mani ; Prarthana Sagar V
; Yao, Jiewen ; Hou, Wenxing
Subject: RE: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object()
function return value is not checked properly in CryptX509.c.
Hi,
Please remove 'Reviewed-by: @yi1...@intel.com' and send V2 patch to
devel@edk2.groups.io by send-email.
Generate V2 patch:
Add '--subject-prefix="PATCH V2" ' when you format patch:
git format-patch --subject-prefix="PATCH V2" ...
The content of patch looks good to me, will give you my Reviewed-by and push it
after receiving your V2 patch.
Thanks,
Yi
-Original Message-
From: Sountharya N
Sent: Monday, April 1, 2024 7:23 PM
To: Li, Yi1 ; devel@edk2.groups.io
Cc: MANI, SRINIVASAN ; Prarthana Sagar V
; Yao, Jiewen ; Hou, Wenxing
Subject: RE: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object()
function return value is not checked properly in CryptX509.c.
Hi Yi,
As you suggested, modified the changes and gave PR. Here I have attached the
Link for reference.
https://github.com/tianocore/edk2/pull/5507
Thanks,
Sountharya
-Original Message-
From: Li, Yi1
Sent: Thursday, March 28, 2024 7:17 AM
To: devel@edk2.groups.io; Sountharya N
Cc: Srinivasan Mani ; Prarthana Sagar V
; Yao, Jiewen ; Hou, Wenxing
Subject: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object()
function return value is not checked properly in CryptX509.c.
**CAUTION: The e-mail below is from an external source. Please exercise caution
before opening attachments, clicking links, or following guidance.**
Hi,
Please follow the correct upstream process to avoid Github CI errors.
https://github.com/tianocore/tianocore.github.io/wiki/Laszlo%27s-unkempt-git-guide-for-edk2-contributors-and-maintainers#contributor-workflow
You are missing your Sign-off and Cc maintainers in this patch, And please add
BZ link to commit message: ''REF:
https://bugzilla.tianocore.org/show_bug.cgi?id=4509''.
For your code change, '''ASN1_get_object() return error''' or
''''''ASN1_get_object() success but Asn1Tag != V_ASN1_SEQUENCE ''' both need to
be treated as errors and returned.
So you should use logic or instead of and.
Before you send V2 patch, please create a PR in EDK2 github to test CI:
https://github.com/tianocore/edk2/pulls
Regards,
Yi
-Original Message-
From: devel@edk2.groups.io On Behalf Of Sountharya N via
groups.io
Sent: Tuesday, March 19, 2024 1:44 PM
To: devel@edk2.groups.io; Sountharya N
Cc: MANI, SRINIVASAN ; Prarthana Sagar V
Subject: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object()
function return value is not checked properly in CryptX509.c.
Added Inf variable, and the error case returned value was checked properly.
---
CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 1182323b63..ac05441383 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -839,17 +839,17 @@ X509GetTBSCert (
Length = 0;
Inf= ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int
*)&ObjClass, (long)CertSize);
- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+ if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}
*TBSCert = (UINT8 *)Temp;
- ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass,
(long)Length);
+ Inf= ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int
*)&ObjClass, (long)Length);
//
// Verify the parsed TBSCertificate is one correct SEQUENCE data.
//
- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+ if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}
--
2.35.1.windows.2
-The information contained in this message may be confidential and proprietary
to American Megatrends (AMI). This communication is intended to be read only by
the individual or entity to whom it is addressed or by their designee. If the
reader of this message is not the intended recipient, you are on notice that
any distribution of this message, in any form, is strictly prohibited. Please
promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and
then delete or destroy all copies of the transmission.
-The information contained in this message may be confidential
[edk2-devel] [PATCH] PATCH_V2
---
CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 1182323b63..021cc328f8 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -839,17 +839,17 @@ X509GetTBSCert (
Length = 0;
Inf= ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int
*)&ObjClass, (long)CertSize);
- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+ if (((Inf & 0x80) == 0x80) || (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}
*TBSCert = (UINT8 *)Temp;
- ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass,
(long)Length);
+ Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int
*)&ObjClass, (long)Length);
//
// Verify the parsed TBSCertificate is one correct SEQUENCE data.
//
- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+ if (((Inf & 0x80) == 0x80) || (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}
--
2.35.1.windows.2
-The information contained in this message may be confidential and proprietary
to American Megatrends (AMI). This communication is intended to be read only by
the individual or entity to whom it is addressed or by their designee. If the
reader of this message is not the intended recipient, you are on notice that
any distribution of this message, in any form, is strictly prohibited. Please
promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and
then delete or destroy all copies of the transmission.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117585): https://edk2.groups.io/g/devel/message/117585
Mute This Topic: https://groups.io/mt/105441473/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c.
Hi Yi,
As you suggested, modified the changes and gave PR. Here I have attached the
Link for reference.
https://github.com/tianocore/edk2/pull/5507
Thanks,
Sountharya
-Original Message-
From: Li, Yi1
Sent: Thursday, March 28, 2024 7:17 AM
To: devel@edk2.groups.io; Sountharya N
Cc: Srinivasan Mani ; Prarthana Sagar V
; Yao, Jiewen ; Hou, Wenxing
Subject: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object()
function return value is not checked properly in CryptX509.c.
**CAUTION: The e-mail below is from an external source. Please exercise caution
before opening attachments, clicking links, or following guidance.**
Hi,
Please follow the correct upstream process to avoid Github CI errors.
https://github.com/tianocore/tianocore.github.io/wiki/Laszlo%27s-unkempt-git-guide-for-edk2-contributors-and-maintainers#contributor-workflow
You are missing your Sign-off and Cc maintainers in this patch, And please add
BZ link to commit message: ''REF:
https://bugzilla.tianocore.org/show_bug.cgi?id=4509''.
For your code change, '''ASN1_get_object() return error''' or
''''''ASN1_get_object() success but Asn1Tag != V_ASN1_SEQUENCE ''' both need to
be treated as errors and returned.
So you should use logic or instead of and.
Before you send V2 patch, please create a PR in EDK2 github to test CI:
https://github.com/tianocore/edk2/pulls
Regards,
Yi
-Original Message-
From: devel@edk2.groups.io On Behalf Of Sountharya N via
groups.io
Sent: Tuesday, March 19, 2024 1:44 PM
To: devel@edk2.groups.io; Sountharya N
Cc: MANI, SRINIVASAN ; Prarthana Sagar V
Subject: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object()
function return value is not checked properly in CryptX509.c.
Added Inf variable, and the error case returned value was checked properly.
---
CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 1182323b63..ac05441383 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -839,17 +839,17 @@ X509GetTBSCert (
Length = 0;
Inf= ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int
*)&ObjClass, (long)CertSize);
- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+ if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}
*TBSCert = (UINT8 *)Temp;
- ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass,
(long)Length);
+ Inf= ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int
*)&ObjClass, (long)Length);
//
// Verify the parsed TBSCertificate is one correct SEQUENCE data.
//
- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+ if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}
--
2.35.1.windows.2
-The information contained in this message may be confidential and proprietary
to American Megatrends (AMI). This communication is intended to be read only by
the individual or entity to whom it is addressed or by their designee. If the
reader of this message is not the intended recipient, you are on notice that
any distribution of this message, in any form, is strictly prohibited. Please
promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and
then delete or destroy all copies of the transmission.
-The information contained in this message may be confidential and proprietary
to American Megatrends (AMI). This communication is intended to be read only by
the individual or entity to whom it is addressed or by their designee. If the
reader of this message is not the intended recipient, you are on notice that
any distribution of this message, in any form, is strictly prohibited. Please
promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and
then delete or destroy all copies of the transmission.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117317): https://edk2.groups.io/g/devel/message/117317
Mute This Topic: https://groups.io/mt/105019593/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c.
Added Inf variable, and the error case returned value was checked properly.
---
CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 1182323b63..ac05441383 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -839,17 +839,17 @@ X509GetTBSCert (
Length = 0;
Inf= ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int
*)&ObjClass, (long)CertSize);
- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+ if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}
*TBSCert = (UINT8 *)Temp;
- ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass,
(long)Length);
+ Inf= ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int
*)&ObjClass, (long)Length);
//
// Verify the parsed TBSCertificate is one correct SEQUENCE data.
//
- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+ if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}
--
2.35.1.windows.2
-The information contained in this message may be confidential and proprietary
to American Megatrends (AMI). This communication is intended to be read only by
the individual or entity to whom it is addressed or by their designee. If the
reader of this message is not the intended recipient, you are on notice that
any distribution of this message, in any form, is strictly prohibited. Please
promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and
then delete or destroy all copies of the transmission.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116878): https://edk2.groups.io/g/devel/message/116878
Mute This Topic: https://groups.io/mt/105019593/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] RE : when will Edk2 Update CryptoPkg with OpenSSL 3.0
Hi, OpenSSL 1.1.1 series reach End of Life (EOL) on 11th September 2023. For Next Edk2 Release, it is possible to update openssl to 3.0? or When Openssl_3.0 will be updated in edk2. Kindly provide your comments. Thanks, Sountharya From: Sountharya N Sent: Thursday, June 29, 2023 1:00 PM To: devel@edk2.groups.io Cc: Prarthana Sagar V ; Srinivasan Mani ; Gayathri Thunuguntla Subject: RE : when will Edk2 Update CryptoPkg with OpenSSL 3.0 Hi, OpenSSL 1.1.1 series reach End of Life (EOL) on 11th September 2023. For Next Edk2 Release, it is possible to update openssl to 3.0? or When Openssl_3.0 will be updated in edk2. Kindly provide your comments. Thanks, Sountharya -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#107425): https://edk2.groups.io/g/devel/message/107425 Mute This Topic: https://groups.io/mt/99849823/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] RE : when will Edk2 Update CryptoPkg with OpenSSL 3.0
Hi, OpenSSL 1.1.1 series reach End of Life (EOL) on 11th September 2023. For Next Edk2 Release, it is possible to update openssl to 3.0? or When Openssl_3.0 will be updated in edk2. Kindly provide your comments. Thanks, Sountharya -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#106516): https://edk2.groups.io/g/devel/message/106516 Mute This Topic: https://groups.io/mt/99849823/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] RE : Build Error after adding GLOBAL_REMOVE_IF_UNREFERENCED in CryptoPkg's CryptTs.c file
Hi, We are facing Build error in Old platforms after adding GLOBAL_REMOVE_IF_UNREFERENCED in CryptoPkg's CryptTs.c file in edk202211 tag. GLOBAL_REMOVE_IF_UNREFERENCED macro is defined in MdePkg/Include/Base.h // // The Microsoft* C compiler can removed references to unreferenced data items // if the /OPT:REF linker option is used. We defined a macro as this is a // a non standard extension // #if defined (_MSC_VER) && _MSC_VER < 1800 && !defined (MDE_CPU_EBC) /// /// Remove global variable from the linked image if there are no references to /// it after all compiler and linker optimizations have been performed. /// /// #define GLOBAL_REMOVE_IF_UNREFERENCED __declspec(selectany) #else /// /// Remove the global variable from the linked image if there are no references /// to it after all compiler and linker optimizations have been performed. /// /// #define GLOBAL_REMOVE_IF_UNREFERENCED #endif Facing Below Build Error: Building ... d:\bakerville\crypto\5.14_bakerville_0acjf044\MdePkg\Library\DxeServicesLib\DxeServicesLib.inf [X64] d:\bakerville\crypto\5.14_bakerville_0acjf044\CryptoPkg\Library\BaseCryptLib\Pk\CryptTs.c(58) : error C2496: 'TS_MESSAGE_IMPRINT_new' : 'selectany' can only be applied to data items with external linkage d:\bakerville\crypto\5.14_bakerville_0acjf044\CryptoPkg\Library\BaseCryptLib\Pk\CryptTs.c(89) : error C2496: 'TS_ACCURACY_new' : 'selectany' can only be applied to data items with external linkage d:\bakerville\crypto\5.14_bakerville_0acjf044\CryptoPkg\Library\BaseCryptLib\Pk\CryptTs.c(141) : error C2496: 'TS_TST_INFO_new' : 'selectany' can only be applied to data items with external linkage NMAKE : fatal error U1077: 'F:\Tools\WINDDK\7600.16385.1\bin\x86\amd64\cl.exe' : return code '0x2' Stop. AmiFlashLibCommon.c Assembling: d:\bakerville\crypto\5.14_bakerville_0acjf044\Build\YubaCity\RELEASE_MYTOOLS\X64\AmiCompatibilityPkg\Library\AmiDxeLib\OUTPUT\x64\x64AsmLib\GetCpuTimer.iii build... : error 7000: Failed to execute command nmake.exe /nologo -s tbuild [d:\bakerville\crypto\5.14_bakerville_0acjf044\Build\YubaCity\RELEASE_MYTOOLS\X64\CryptoPkg\Library\BaseCryptLib\BaseCryptLib] After commenting GLOBAL_REMOVE_IF_UNREFERENCED macro in CryptTs.c file, project builds successfully. Kindly, provide your comments. Thanks, Sountharya -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#98818): https://edk2.groups.io/g/devel/message/98818 Mute This Topic: https://groups.io/mt/96357910/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
