decoding.

qlong Thu, 04 Jun 2015 18:10:59 -0700

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long Qin <qin.l...@intel.com>
Signed-off-by: qlong <qin.l...@intel.com>
---
 CryptoPkg/Include/OpenSslSupport.h                    |  8 +++++++-
 CryptoPkg/Include/memory.h                            | 16 ++++++++++++++++
 CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c |  6 ++++--
 CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c    | 10 +++++-----
 CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c  |  9 +++++----
 CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c           | 10 +++++++---
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c         |  6 ++++--
 7 files changed, 48 insertions(+), 17 deletions(-)
 create mode 100644 CryptoPkg/Include/memory.h


diff --git a/CryptoPkg/Include/OpenSslSupport.h 
b/CryptoPkg/Include/OpenSslSupport.h
index ed889e9..b5a8b58 100644
--- a/CryptoPkg/Include/OpenSslSupport.h
+++ b/CryptoPkg/Include/OpenSslSupport.h
@@ -1,7 +1,7 @@
 /** @file
   Root include file to support building OpenSSL Crypto Library.
 
-Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -109,6 +109,11 @@ struct tm {
   char  *tm_zone;   /* timezone abbreviation */
 };
 
+struct timeval {
+  long tv_sec;      /* time value, in seconds */
+  long tv_usec;     /* time value, in microseconds */
+} timeval;
+
 struct dirent {
   UINT32  d_fileno;         /* file number of entry */
   UINT16  d_reclen;         /* length of this record */
@@ -240,5 +245,6 @@ extern FILE  *stdout;
 #define assert(expression)
 #define localtime(timer)                  NULL
 #define gmtime_r(timer,result)            (result = NULL)
+#define atoi(nptr)                        AsciiStrDecimalToUintn(nptr)
 
 #endif
diff --git a/CryptoPkg/Include/memory.h b/CryptoPkg/Include/memory.h
new file mode 100644
index 0000000..092b3cd
--- /dev/null
+++ b/CryptoPkg/Include/memory.h
@@ -0,0 +1,16 @@
+/** @file
+  Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD 
License
+which accompanies this distribution.  The full text of the license may be 
found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
index 4ce2b06..9ace5e6 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
@@ -9,7 +9,7 @@
   AuthenticodeVerify() will get PE/COFF Authenticode and will do basic check 
for
   data structure.
 
-Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -72,6 +72,7 @@ AuthenticodeVerify (
 {
   BOOLEAN      Status;
   PKCS7        *Pkcs7;
+  UINT8        *Temp;
   CONST UINT8  *OrigAuthData;
   UINT8        *SpcIndirectDataContent;
   UINT8        Asn1Byte;
@@ -96,7 +97,8 @@ AuthenticodeVerify (
   //
   // Retrieve & Parse PKCS#7 Data (DER encoding) from Authenticode Signature
   //
-  Pkcs7 = d2i_PKCS7 (NULL, &AuthData, (int)DataSize);
+  Temp  = (UINT8 *)AuthData;
+  Pkcs7 = d2i_PKCS7 (NULL, &Temp, (int)DataSize);
   if (Pkcs7 == NULL) {
     goto _Exit;
   }
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c
index 63fe78f..704eb4e 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c
@@ -1,7 +1,7 @@
 /** @file
   PKCS#7 SignedData Sign Wrapper Implementation over OpenSSL.
 
-Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -116,9 +116,9 @@ Pkcs7Sign (
   if (Key == NULL) {
     goto _Exit;
   }
-  Key->save_type = EVP_PKEY_RSA;
-  Key->type      = EVP_PKEY_type (EVP_PKEY_RSA);
-  Key->pkey.rsa  = (RSA *) RsaContext;
+  if (EVP_PKEY_assign_RSA (Key, (RSA *) RsaContext) == 0) {
+    goto _Exit;
+  }
 
   //
   // Convert the data to be signed to BIO format. 
@@ -175,7 +175,7 @@ Pkcs7Sign (
   }
 
   CopyMem (*SignedData, P7Data + 19, *SignedDataSize);
-  
+
   OPENSSL_free (P7Data);
 
   Status = TRUE;
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
index a9665d5..06e4bb2 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
@@ -10,7 +10,7 @@
   WrapPkcs7Data(), Pkcs7GetSigners(), Pkcs7Verify() will get UEFI Authenticated
   Variable and will do basic check for data structure.
 
-Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -273,7 +273,7 @@ X509PopCertificate (
     goto _Exit;
   }
 
-  Length = ((BUF_MEM *) CertBio->ptr)->length;
+  Length = (INT32)(((BUF_MEM *) CertBio->ptr)->length);
   if (Length <= 0) {
     goto _Exit;
   }
@@ -618,7 +618,8 @@ Pkcs7Verify (
   //
   // Read DER-encoded root certificate and Construct X509 Certificate
   //
-  Cert = d2i_X509 (NULL, &TrustedCert, (long) CertLength);
+  Temp = (UINT8 *)TrustedCert;
+  Cert = d2i_X509 (NULL, &Temp, (long) CertLength);
   if (Cert == NULL) {
     goto _Exit;
   }
@@ -679,4 +680,4 @@ _Exit:
   }
 
   return Status;
-}
\ No newline at end of file
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c
index e4b5a84..7456755 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c
@@ -5,7 +5,7 @@
   the lifetime of the signature when a signing certificate expires or is later
   revoked.
 
-Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2014 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -441,6 +441,7 @@ TimestampTokenVerify (
   CONST UINT8  *TokenTemp;
   PKCS7        *Pkcs7;
   X509         *Cert;
+  UINT8        *CertTemp;
   X509_STORE   *CertStore;
   BIO          *OutBio;
   UINT8        *TstData;
@@ -490,7 +491,8 @@ TimestampTokenVerify (
   //
   // Read the trusted TSA certificate (DER-encoded), and Construct X509 
Certificate.
   //
-  Cert = d2i_X509 (NULL, &TsaCert, (long) CertSize);
+  CertTemp = (UINT8 *)TsaCert;
+  Cert = d2i_X509 (NULL, &CertTemp, (long) CertSize);
   if (Cert == NULL) {
     goto _Exit;
   }
@@ -605,6 +607,7 @@ ImageTimestampVerify (
 {
   BOOLEAN                      Status;
   PKCS7                        *Pkcs7;
+  UINT8                        *Temp;
   STACK_OF(PKCS7_SIGNER_INFO)  *SignerInfos;
   PKCS7_SIGNER_INFO            *SignInfo;
   UINTN                        Index;
@@ -644,7 +647,8 @@ ImageTimestampVerify (
   //
   // Decode ASN.1-encoded Authenticode data into PKCS7 structure.
   //
-  Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **) &AuthData, (int) DataSize);
+  Temp  = (UINT8 *)AuthData;
+  Pkcs7 = d2i_PKCS7 (NULL, (const unsigned char **) &Temp, (int) DataSize);
   if (Pkcs7 == NULL) {
     goto _Exit;
   }
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 29efc42..66f79da 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -1,7 +1,7 @@
 /** @file
   X.509 Certificate Handler Wrapper Implementation over OpenSSL.
 
-Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -39,6 +39,7 @@ X509ConstructCertificate (
   )
 {
   X509     *X509Cert;
+  UINT8    *Temp;
 
   //
   // Check input parameters.
@@ -50,7 +51,8 @@ X509ConstructCertificate (
   //
   // Read DER-encoded X509 Certificate and Construct X509 object.
   //
-  X509Cert = d2i_X509 (NULL, &Cert, (long) CertSize);
+  Temp     = (UINT8 *)Cert;
+  X509Cert = d2i_X509 (NULL, &Temp, (long) CertSize);
   if (X509Cert == NULL) {
     return FALSE;
   }
-- 
1.9.5.msysgit.1


------------------------------------------------------------------------------
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel

[edk2] [patch 3/3] [CryptoPkg] Updates some support header files and wrapper files to support openssl-1.0.2a build, and correct some openssl API usages when handling ASN.1 en/decoding.

Reply via email to