e new API (X509GetCommonName()) to retrieve the subject commonName
string from one X.509 certificate.
Cc: Laszlo Ersek
Cc: Ting Ye
Cc: Chao Zhang
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Application/Cryptest/RsaVerify2.c
Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Application/Cryptest/RsaVerify2.c| 32 +--
CryptoPkg/Include/Library/BaseCryptLib.h | 34 +++
CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 106 +
CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c
Add the size check for invalid format detection in AllowedDb,
RevokedDb and TimeStampDb list contents.
Cc: Chao Zhang
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
.../Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c| 66 --
1 file
Enable HMAC-SHA256 cipher support in SmmCryptLib instance.
Cc: Ting Ye
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/CryptoPkg/Library
dules were
cleaned. And this update of e_os2.h could also be upstreaming
into openssl to eliminate the potential risk.
Cc: Ting Ye
Cc: Laszlo Ersek
Cc: Hao Wu
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Include/openssl/e_os2.h | 315 +
uted-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Include/CrtLibSupport.h | 1 +
CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c | 6 ++
2 files changed, 7 insertions(+)
diff --git a/CryptoPkg/Include/CrtLibSupport.h
b/CryptoPkg/Include/CrtLi
: Ting Ye
Cc: Eric Dong
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Library/BaseCryptLib/SysCall/ConstantTimeClock.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall
() wrapper in ConstantTimeClock.c;
- One workaround to resolve macro re-definitions issue from some
external BaseCryptLib consumer.
(https://github.com/qloong/edk2/commits/dev-openssl-hotfix)
Qin Long (4):
CryptoPkg/OpensslLib: Suppress extra build warnings in openssl source
CryptoPkg: Fix
conversion from 'int' to 'ASN1_VALUE *' of greater size
Cc: Ting Ye
Cc: Hao Wu
Cc: Laszlo Ersek
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 15 ++-
CryptoPkg/Library/O
uild warning for PEI
module building.
Cc: Ting Ye
Cc: Eric Dong
Cc: Hao Wu
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/CryptoPkg/
Lin
Cc: Ronald Cron
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c| 69 +++-
CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c | 10 +-
.../Library/BaseCryptLib/Pk/CryptPkcs7Verify.c | 68
: Qin Long
---
CryptoPkg/Library/TlsLib/InternalTlsLib.h | 5 ++-
CryptoPkg/Library/TlsLib/TlsConfig.c | 21 -
CryptoPkg/Library/TlsLib/TlsInit.c| 51 +--
3 files changed, 31 insertions(+), 46 deletions(-)
diff --git a/CryptoPkg/Library/TlsLib
()) were added as the recommended
HMAC_CTX usage interfaces for HMAC- operations.
Cc: Ting Ye
Cc: Laszlo Ersek
Cc: Ard Biesheuvel
Cc: Gary Lin
Cc: Ronald Cron
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Include/Library/BaseCryptLib.h
: Ting Ye
Cc: Laszlo Ersek
Cc: Ard Biesheuvel
Cc: Gary Lin
Cc: Ronald Cron
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf| 9 ++---
CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h | 6
Woodhouse
Signed-off-by: Qin Long
---
CryptoPkg/Library/OpensslLib/process_files.pl | 223 ++
CryptoPkg/Library/OpensslLib/process_files.sh | 110 -
2 files changed, 223 insertions(+), 110 deletions(-)
create mode 100644 CryptoPkg/Library/OpensslLib/process_files.pl
Agreement 1.0
Signed-off-by: David Woodhouse
Signed-off-by: Qin Long
---
CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt | 53 ++
CryptoPkg/Library/OpensslLib/buildinf.h| 2 +-
2 files changed, 54 insertions(+), 1 deletion(-)
create mode 100644 CryptoPkg/Library
OpenSSL integrate the
extra PR request: https://github.com/openssl/openssl/pull/2961)
Cc: Ting Ye
Cc: Laszlo Ersek
Cc: Ard Biesheuvel
Cc: Gary Lin
Cc: Ronald Cron
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Include/CrtLibSupport.h
Lin
Cc: Ronald Cron
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse
Signed-off-by: Qin Long
---
CryptoPkg/CryptoPkg.dec | 8 +-
CryptoPkg/Include/OpenSslSupport.h| 7 +
CryptoPkg/Include/internal/dso_conf
nSSL 1.1.0xx. (By now, the latest OpenSSL
stable release is 1.1.0e). Refer to
"CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt" for the information
about the version and source installation.
(NOTE: The extra build options for ARM/RVCT/XCODE were kept as before,
and further optimizatio
cmp AsciiStrCmp.
Now, OpenSSL code *can* use &strcmp without problems.
Cc: Ting Ye
Cc: Laszlo Ersek
Cc: Ard Biesheuvel
Cc: Gary Lin
Cc: Ronald Cron
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse
Signed-off-by: Qin Long
---
CryptoPkg/Inclu
: David Woodhouse
Signed-off-by: Qin Long
---
.../Library/OpensslLib/EDKII_openssl-1.0.2k.patch | 2094
CryptoPkg/Library/OpensslLib/Install.cmd | 80 -
CryptoPkg/Library/OpensslLib/Install.sh| 82 -
CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt
in source directory.
Cc: Ting Ye
Cc: Laszlo Ersek
Cc: Ard Biesheuvel
Cc: Gary Lin
Cc: Ronald Cron
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/.gitignore | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/CryptoPkg/.gitign
Lin
Cc: Ronald Cron
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c| 69 +++-
CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c | 10 +-
.../Library/BaseCryptLib/Pk/CryptPkcs7Verify.c | 68
This patch update the wrapper implementation in TlsLib to align with the
latest OpenSSL-1.1.0xx API changes.
Cc: Jiaxin Wu
Cc: Ting Ye
Cc: Laszlo Ersek
Cc: Ard Biesheuvel
Cc: Gary Lin
Cc: Ronald Cron
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse
Signed-off-by: Qin Long
---
.../Library/OpensslLib/EDKII_openssl-1.0.2k.patch | 2094
CryptoPkg/Library/OpensslLib/Install.cmd | 80 -
CryptoPkg/Library/OpensslLib/Install.sh
: Laszlo Ersek
Cc: Ard Biesheuvel
Cc: Gary Lin
Cc: Ronald Cron
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf| 9 ++---
CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h | 7 +--
CryptoPkg/Library
heuvel
Cc: Gary Lin
Cc: Ronald Cron
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse
Signed-off-by: Qin Long
---
CryptoPkg/Include/OpenSslSupport.h| 3 +--
CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c | 8 +++-
2 files changed, 8 ins
HMAC_CTX
usage interfaces for HMAC- operations.
Cc: Ting Ye
Cc: Laszlo Ersek
Cc: Ard Biesheuvel
Cc: Gary Lin
Cc: Ronald Cron
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Include/Library/BaseCryptLib.h | 87
Gary Lin
Cc: Ronald Cron
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse
Signed-off-by: Qin Long
---
CryptoPkg/.gitignore | 3 +-
CryptoPkg/CryptoPkg.dec | 8 +-
CryptoPkg/Include/OpenSslSupport.h
OpenSSL integrate the
extra PR request: https://github.com/openssl/openssl/pull/2961)
Cc: Ting Ye
Cc: Laszlo Ersek
Cc: Ard Biesheuvel
Cc: Gary Lin
Cc: Ronald Cron
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Include/CrtLibSupport.h
Woodhouse
Signed-off-by: Qin Long
---
CryptoPkg/Library/OpensslLib/process_files.pl | 223 ++
CryptoPkg/Library/OpensslLib/process_files.sh | 110 -
2 files changed, 223 insertions(+), 110 deletions(-)
create mode 100644 CryptoPkg/Library/OpensslLib
from community)
Qin Long (9):
CryptoPkg/OpensslLib: Update INF files to support OpenSSL-1.1.0xx build.
CryptoPkg/OpensslLib: Remove patch file and installation scripts.
CryptoPkg: Fix handling of &strcmp function pointers
CryptoPkg/OpensslLib: Use new Perl script for file list generation.
1.0.2k.
Cc: Ye Ting
Cc: Wu Jiaxin
Cc: Laszlo Ersek
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/CryptoPkg.dec| 4 ++--
...ssl-1.0.2j.patch => EDKII_openssl-1.0.2k.patch} | 26 +++---
CryptoPkg/Libr
-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/CryptoPkg.dec| 4 ++--
...ssl-1.0.2j.patch => EDKII_openssl-1.0.2k.patch} | 26 +++---
CryptoPkg/Library/OpensslLib/Install.cmd | 2 +-
CryptoPkg/Libr
Add one wrapper implementation over assembly RdRand access to check
possible NULL parameter, for better alignment with comment description.
Cc: Liming Gao
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
MdePkg/Library/BaseLib/BaseLib.inf| 2
Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Application/Cryptest/Cryptest.c | 9 +-
CryptoPkg/Application/Cryptest/Cryptest.h | 16 +++-
CryptoPkg/Application/Cryptest/Cryptest.inf| 5 +-
CryptoPkg/Application/Cryptest/Pkcs5Pbkdf2Verify.c | 94
Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Application/Cryptest/HashVerify.c| 76 +-
CryptoPkg/Include/Library/BaseCryptLib.h | 158 -
CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c | 48 ++-
CryptoPkg/Library
Add new HMAC-SHA256 cipher support in CryptoPkg to meet more security
and industry requirements,
and update Cryptest utility to include new HMAC-SHA256 test case.
Cc: Ting Ye
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Application/Cryptest
Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Application/Cryptest/HashVerify.c| 74 +-
CryptoPkg/Include/Library/BaseCryptLib.h | 158 -
CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c | 48 ++-
CryptoPkg/Library
supported OpenSSL version in
CryptoPkg/OpensslLib to catch the latest release 1.0.2j.
Cc: Ting Ye
Cc: David Woodhouse
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/CryptoPkg.dec| 2 +-
...ssl-1.0.2h.patch => EDKII_open
Remove "TSCounterSignature" from TSVerify.c, which is not being
used by anyone.
Cc: Ting Ye
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Application/Cryptest/TSVerify.c | 137 --
1 file changed, 137 deletion
Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/CryptoPkg.dec| 2 +-
...ssl-1.0.2g.patch => EDKII_openssl-1.0.2h.patch} | 97 ++
CryptoPkg/Library/OpensslLib/Install.cmd | 2 +-
CryptoPkg/Library/OpensslLib/Install.sh|
Enable AES cipher support for SmmCryptLib instance.
Cc: Ting Ye
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/CryptoPkg/Library
-generated patch will remove this part. And the line
endings were still kept as before in this version for
consistency)
CC: David Woodhouse
CC: Ting Ye
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/CryptoPkg.dec
changes was introduced for 1.0.2f enabling)
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
CC: Ting Ye
---
...ssl-1.0.2e.patch => EDKII_openssl-1.0.2f.patch} | 63 +++---
CryptoPkg/Library/OpensslLib/Install.cmd | 2 +-
CryptoPkg/Libr
OpenSSL has released version 1.0.2e with security fixes.
Upgrade the supported OpenSSL version in CryptoPkg/OpensslLib
from 1.0.2d to 1.0.2e.
CC: Ard Biesheuvel
CC: Chao Zhang
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
...ssl-1.0.2d.patch
Correct one typo (SingerChainCerts --> SignerChainCerts) in the comments
for Pkcs7GetCertificatesList() API.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
CC: Shumin Qiu
---
CryptoPkg/Include/Library/BaseCryptLib.h
Adding one new API (Pkcs7GetCertificatesList) to retrieve and sort all
embedded certificates from Pkcs7 signedData. This new API will provide
the support for UEFI 2.5 Secure-Boot AuditMode feature.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg
.
Qin Long (2):
MdePkg: Add CPU RdRand access APIs for random number generation
MdePkg: Add RngLib into MdePkg
MdePkg/Include/Library/BaseLib.h | 51 ++
MdePkg/Include/Library/RngLib.h | 69 ++
MdePkg/Library/BaseLib/BaseLib.inf | 6 ++
MdePkg
Add one library class (RngLib.h) with three GetRandomNumber16/32/64
APIs to provide random number generator services, and one library
instance (BaseRngLib), based on Intel RdRand instruction access,
to provide high-quality random numbers generator.
Signed-off-by: Qin Long
Reviewed-by: Michael
Add AsmRdRand16/32/64 APIs for RdRand instruction access to generate
high-quality random number.
Signed-off-by: Qin Long
Reviewed-by: Michael Kinney
---
MdePkg/Include/Library/BaseLib.h | 51 ++
MdePkg/Library/BaseLib/Ia32/RdRand.S | 80
EDKII core suggest retire unsafe string functions. This patch is to
replace string wrapper functions with new-added safe string functions
for consistence.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Include/OpenSslSupport.h | 10 ++
1
VerifyBuffer() in PKCS7 Verify Protocol should return EFI_UNSUPPORTED
when the embedded content is found in SignedData but InData is not NULL.
This patch is to comply with the spec definition.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
SecurityPkg
VerifyBuffer() in PKCS7 Verify Protocol should return EFI_UNSUPPORTED
when signed data is embedded in SignedData but InData is not NULL.
This patch is to comply with the spec definition.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
SecurityPkg/Pkcs7Verify
Add a missed include file (UefiBaseType.h) into BaseCryptLib.h, since
EFI_TIME was introduced in the new crypto API (ImageTimestampVerify).
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Include/Library/BaseCryptLib.h | 2 ++
1 file changed, 2
Update Package version to 0.9.6
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/CryptoPkg.dec | 4 ++--
CryptoPkg/CryptoPkg.dsc | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg
56 matches
Mail list logo
