| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The OpenSSL function sk_X509_delete_ptr() resolves through preprocessor
substitution to '(X509 *)sk_delete_ptr()', in which the cast causes the
call to be interpreted as an expression (whose value is not used) rather
than a statement, resulting in the following error under Clang:
...: error: expression result unused [-Werror,-Wunused-value]
Add (VOID) casts to silence the error.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18730 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Adding one new API (Pkcs7GetCertificatesList) to retrieve and sort all
embedded certificates from Pkcs7 signedData. This new API will provide
the support for UEFI 2.5 Secure-Boot AuditMode feature.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Ting Ye <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18729 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Putting these on the command line as we do at the moment means that they
are *only* visible when actually building the OpenSSL code itself. When
building other things like BaseCryptLib, they were missing. Which could
lead to discrepancies in structures defined by the header files, between
the OpenSSL code and the EDK II code which calls it.
Move the definitions into opensslconf.h where they would normally live
in a standard build of OpenSSL.
Note: Do *not* set OPENSSL_NO_LHASH or OPENSSL_NO_OCSP since those weren't
effectively disabled before; the directories was still being included in
the build. If we actually disable then, the build breaks. We can hopefully
fix at least OCSP upstream later, but one thing at a time...
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18708 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
| |
OpenSSL ought to work this out for itself when OPENSSL_SYS_UEFI is set.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18707 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We were manually setting -DSIXTY_FOUR_BIT_LONG or -DTHIRTY_TWO_BIT on
the compiler command line when building OpensslLib itself, but not when
building BaseCryptLib.
But when building BaseCryptLib, we weren't setting OPENSSL_SYS_UEFI
*either*. This meant that *that* build was picking up the definition
from <openssl/opensslconf.h>, and was thus *different* to the version
the library was built with, in some cases.
So set OPENSSL_SYS_UEFI consistently in OpensslSupport.h and *also*
define either SIXTY_FOUR_BIT or THIRTY_TWO_BIT there too.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18706 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of patching OpenSSL to add EFIAPI to the one varargs function we
actually *noticed* breakage in, let's fix the problem in a more coherent
way by undefining NO_BUILTIN_VA_FUNCS.
That way, the VA_START and similar macros will actually do the right
thing for non-EFIAPI functions, which is to use the GCC builtins.
It's still fairly broken elsewhere in the tree, with the VA_START macro
being used from both EFIAPI and non-EFIAPI functions — and being broken
in the latter case. We probably ought to make EFIAPI a no-op everywhere
and add -mabi=ms to the GCC builds. But that's a project for another day.
For now, just fix the OpenSSL build in a cleaner fashion.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18705 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL HEAD is in the process of adding this flag to disable the validity
time checking. Backport it to 1.0.2 and use it too, for consistency.
https://rt.openssl.org/Ticket/Display.html?id=3951&user=guest&pass=guest
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18704 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since OpenSSL 1.0.2 we can set this flag on the X509_STORE to instruct
OpenSSL to accept non-self-signed certificates as trusted. So we don't
need two entirely identical copies of a verify_cb() function which makes
it ignore the resulting errors.
We also *didn't* use that verify_cb() function for X509VerifyCert(), but
probably should have done. So that can get X509_V_FLAG_PARTIAL_CHAIN for
consistency, too.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18703 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Use the new OBJ_get0_data() accessor to compare the data, and actually
check the length of the object too.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18702 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL 1.1 introduces new OBJ_get0_data() and OBJ_length() accessor
functions and makes ASN1_OBJECT an opaque type.
Unlike the accessors in previous commits which *did* actually exist
already but just weren't mandatory, these don't exist in older versions
of OpenSSL. So introduce macros which do the right thing, for
compatibility.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18701 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In OpenSSL 1.1, the X509_ATTRIBUTE becomes an opaque structure and we will
no longer get away with accessing its members directly. Use the accessor
functions X509_ATTRIBUTE_get0_object0() and X509_ATTRIBUTE_get0_type()
instead.
Also be slightly more defensive about unlikely failure modes.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18700 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In OpenSSL 1.1, the X509_NAME becomes an opaque structure and we will no
longer get away with accessing its members directly. Use i2d_X509_NAME()
instead.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18699 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL 1.1 has cleaned up its include files a little, and it will now
be necessary to directly include things like <openssl/bn.h> if we want
to use them, rather than assuming they are included indirectly from
other headers.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18698 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
| |
Fix one wrong offset which is passed into DES weak key checking in TdesInit().
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18389 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
| |
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Bruce Cran <bruce@cran.org.uk>
Reviewed-by: Qin Long <qin.long.intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17939 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
| |
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qiu Shumin <shumin.qiu@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17938 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream OpenSSL version 1.0.2c contained a fatal flaw
[CVE-2015-1793] and is no longer available from the openssl.org
download servers. So upgrade to its replacement, version 1.0.2d.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17928 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This patch is to fix one dereferenced pointer issue in new
Pkcs7GetAttachedContent API, and add the memory allocation
failure check.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17731 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Git commit f93f78ea70 (SVN r17633), with subject "CryptoPkg: Update
openssl patch file from 0.9.8zf to 1.0.2c", replaced the file
CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8zf.patch
with
CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2c.patch
In the process, two hunks were lost that used to add EFIAPI to the
declaration of the variadic function ERR_add_error_data().
The VA_START() macro, from "MdePkg/Include/Base.h", expands to an
EFIAPI-dependent implementation when
!defined(__CC_ARM) && (!defined(__GNUC__) ||
defined(NO_BUILTIN_VA_FUNCS))
Under such circumstances, the va_start() macro invocation in
ERR_add_error_data() -- which is translated to VA_START() by
"CryptoPkg/Include/OpenSslSupport.h" -- results in EFIAPI-dependent code,
but callers of the function pass the arguments incorrectly, because the
declaration doesn't state EFIAPI.
This leads to crashes when ERR_add_error_vdata(), called by
ERR_add_error_data(), tries to access the arguments forwarded to it.
Restore the missing hunk from before SVN r17633.
Cc: Qin Long <qin.long@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Gary Ching-Pang Lin <glin@suse.com>
Cc: Peter Jones <pjones@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Peter Jones <pjones@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17689 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This patch adds some comments for API usage clarification, and
adds one object initialization in X509ConstructCertificateStack
implementation to fix possible memory release issue.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Ting Ye <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17671 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
| |
This patch adds one new API (Pkcs7GetAttachedContent) to support
PKCS7 Verification Protocol defined in UEFI 2.5.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17669 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This patch updates some support header and wrapper files to support
openssl-1.0.2c build, and correct some openssl API usages and
boundary check.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17635 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
| |
This patch updates the INF file, installation scripts and HOWTO file
in OpensslLib for openssl-1.0.2c support.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17634 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
| |
This patch adds a patch file for openssl-1.0.2c, and removes
the patch file for openssl-0.9.8zf.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17633 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
| |
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long Qin <qin.long@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17072 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
| |
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long Qin <qin.long@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16641 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
RFC3280 and UEFI 2.4 Spec.
This patch added one new X509GetTBSCert() interface in BaseCryptLib to retrieve the TBSCertificate,
and also corrected the hash calculation for revoked certificate to aligned the RFC3280 and UEFI 2.4 spec.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Long, Qin" <qin.long@intel.com>
Reviewed-by: "Dong, Guo" <guo.dong@initel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16559 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
| |
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16492 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SVN r16339 ("CryptoPkg Updates to support RFC3161 timestamp signature
verification.") introduced the following build failure:
> CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c: In function
> 'TimestampTokenVerify':
> CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c:538:3: error: passing
> argument 2 of 'd2i_TS_TST_INFO' from incompatible pointer type [-Werror]
> TstInfo = d2i_TS_TST_INFO (NULL, &TstTemp, (int)TstSize);
> ^
> In file included from CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c:22:0:
> CryptoPkg/Include/openssl/asn1t.h:803:10: note: expected 'const unsigned
> char **' but argument is of type 'UINT8 **'
> stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
> ^
> CryptoPkg/Include/openssl/asn1t.h:799:2: note: in expansion of macro
> 'IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname'
> IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
> ^
> CryptoPkg/Include/openssl/asn1t.h:778:42: note: in expansion of macro
> 'IMPLEMENT_ASN1_FUNCTIONS_fname'
> #define IMPLEMENT_ASN1_FUNCTIONS(stname)
> IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
> ^
> CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c:136:1: note: in expansion of
> macro 'IMPLEMENT_ASN1_FUNCTIONS'
> IMPLEMENT_ASN1_FUNCTIONS (TS_TST_INFO)
> ^
> cc1: all warnings being treated as errors
Note that the cast
(const unsigned char **) &TstTemp
does not match the general edk2 coding style, but it *does* match
other similar casts in this file.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Build-tested-by: Scott Duplichan <scott@notabs.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16387 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The main changes includes:
1. Enabling SHA384 and SHA512 digest algorithm; (Sha512.c)
2. RFC 3161 timestamp signature verification support; (CryptTs.c)
3. Fixed one ASN.1 length encoding issue in Authenticode verification routine. (CryptAuthenticode.c)
4. Add the corresponding test cases in Cryptest utility (SHA384 & SHA512 & Timestamp verification)
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>
Reviewed-by: Ting Ye <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16339 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
SIXTY_FOUR_BIT when building OpenSSL.
Contributed-under: TianoCore Contribution Agreement 1.0
Reviewed-By: Olivier Martin <olivier.martin@arm.com>
Reviewed-by: Andrew Fish <afish@apple.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16165 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
| |
Module UNI and Package UNI files are not DOS format. Convert them to DOS format.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gao, Liming <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16051 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2. Add MODULE_UNI_FILE file that contains the localized Abstract and Description of a module.
a. Addresses an information gap between INF files and the UEFI Distribution Packaging Specification XML schema
b. There will be an associated update to UPT in BaseTools to consume MODULE_UNI_FILE and associated UNI file during UDP creation that performs the INF -> XML conversion.
c. There will be an associated update to UPT in BaseTools to produce MODULE_UNI_FILE and associated UNI file during UDP installation that performs the XML -> INF conversion.
3. Add Module Extra UNI file that provides the localized Name of a module.
a. [UserExtensions.TianoCore."ExtraFiles"] provides an easy method for a module to specify extra files not listed in [Sources] or [Binaries] sections to be added to a UDP without having to list the files in the UPT package information data file.
b. There will be an associated update to UPT in BaseTools to package up files listed in [UserExtensions.TianoCore."ExtraFiles"] during UDP creation.
c. UNI file contains localized name of a module to go along with the localized Abstract and Description from the MODULE_UNI_FILE.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dong, Guo <guo.dong@intel.com>
Reviewed-by: Gao, Liming <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15955 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
| |
1. Usage information in INF file comment blocks are either incomplete or incorrect.
This includes usage information for Protocols/PPIs/GUIDs/PCDs/HOBs/Events/BootModes.
The syntax for usage information in comment blocks is defined in the EDK II Module Information (INF) Specification
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dong, Guo <guo.dong@intel.com>
Reviewed-by: Gao, Liming <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15954 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
| |
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Reviewed-By: Olivier Martin <olivier.martin@arm.com>
Reviewed-By: Long, Qin <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15913 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
| |
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Reviewed-By: Olivier Martin <olivier.martin@arm.com>
Reviewed-By: Long, Qin <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15912 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update RVCT compile options for the CryptoPkg to compile.
Add support for stack protector with BaseStackCheckLib to link.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Reviewed-By: Olivier Martin <olivier.martin@arm.com>
Reviewed-By: Long, Qin <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15911 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch is to catch the latest OpenSSL release.
NOTE: The content of EDKII_openssl-0.9.8zb.patch is same with the old EDKII_openssl-0.9.8za.patch, and the extra changes
are only name / directory modifications.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long, Qin <qin.long@intel.com>
Reviewed-by: Ye, Ting <ting.ye@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15802 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
| |
Contributed-under: TianoCore Contribution Agreement 1.0
Signed off by: Long Qin <qin.long@intel.com>
Reviewed by: Eric Dong <eric.dong@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15768 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The changes are:
1. Add RVCT ARM build target
2. Add suppression of warnings to get openssl building (1295,550,1293,111,68,177,223,144,513,188)
3. Remove architectures that RVCT cannot build for (IA32, X64, and IPF)
4. Add the -DOPENSSL_NO_MD2 flag to prevent link errors from MD2 references; the comments in the .inf assumes that this flag exists but it wasn’t actually set
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eugene Cohen <eugene@hp.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15767 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
| |
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long, Qin <qin.long@intel.com>
Reviewed-by: Ye, Ting <ting.ye@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15662 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Main changes include:
1. Update the patch file for 0.9.8za;
2. Update the install scripts to align the path for 0.9.8za;
3. OpensslLib.inf : Update the OPENSSL_PATH for 0.9.8za; enable more OPENSLL FLAGS to disable those un-used algorithms for better build performance and size;
4. Update the HOWTO file to align new OpenSSL version.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long, Qin <qin.long@intel.com>
Reviewed-by: Ye, Ting <ting.ye@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong, Guo <guo.dong@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15638 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
| |
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Andrew Fish <afish@apple.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15560 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
| |
algorithm registration to make sure the underlying algorithm is available for the default OpenSSL software PRNG implementation.
Signed-off-by: Long, Qin <qin.long@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14860 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
| |
Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14528 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
while MonthNo is the month of the year, so tm_mon should be MonthNo-1.
Similarly, tm_mday is the day of the month, and DayNo is the number
of days since the first day of the month. Assigning DayNo+1 to
tm_mday to fit the definition.
This commit also corrected miscalculated MonthNo and DayNo for the
first day of the month. (Thanks to Laszlo Ersek!)
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14481 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
not enough entropy for random generation, the function always returns TRUE. This commit checks the status of pseudorandom number generator to match the comment.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14392 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
| |
deprecated, use RSA_sign(), RSA_verify() instead.
Signed-off-by: Long Qin < qin.long@intel.com >
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14309 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
| |
2. Replace d2i_X509_bio with d2i_X509.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ling Qin <qin.long@intel.com>
Reviewed-by: Ouyang Qian <qian.ouyang@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14026 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
| |
Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13958 6f19259b-4bc3-4df7-8a09-765794883524
|
