Re: [edk2] [PATCH] Maintainers.txt: Change package maintainer and reviewer of CryptoPkg.

2018-12-13 Thread Long, Qin 
Confirmed by Long, Qin mailto:qin.l...@intel.com>>

(And sorry for this rule breaking caused by me. I didn't notice this updates.)

Best Regards & Thanks,
LONG, Qin

From: Gao, Liming
Sent: Thursday, December 13, 2018 9:15 PM
To: Laszlo Ersek ; Ye, Ting ; Long, Qin 

Cc: edk2-devel@lists.01.org
Subject: RE: [edk2] [PATCH] Maintainers.txt: Change package maintainer and 
reviewer of CryptoPkg.

Laszlo:
  Yes. Long, Qin should send this patch. Because Long, Qin changes to another 
work group for a while, he doesn't work on edk2 project. Ting directly sends 
the patch to remove his name. I just include Long, Qin, and let him confirm 
this change.

Thanks
Liming
> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Laszlo 
> Ersek
> Sent: Thursday, December 13, 2018 6:38 PM
> To: Ye, Ting mailto:ting...@intel.com>>
> Cc: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Subject: Re: [edk2] [PATCH] Maintainers.txt: Change package maintainer and 
> reviewer of CryptoPkg.
>
> Hi Ting,
>
> On 12/13/18 08:41, tye1 wrote:
> > Cc: Gang Wei mailto:gang@intel.com>>
> > Cc: Jian Wang mailto:jian.j.w...@intel.com>>
> >
> > Contributed-under: TianoCore Contribution Agreement 1.1
> > Signed-off-by: Ting Ye mailto:ting...@intel.com>>
> > ---
> >  Maintainers.txt | 3 ++-
> >  1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/Maintainers.txt b/Maintainers.txt
> > index 001d8ba010..d5cb305da9 100644
> > --- a/Maintainers.txt
> > +++ b/Maintainers.txt
> > @@ -102,8 +102,9 @@ S: Maintained
> >
> >  CryptoPkg
> >  W: https://github.com/tianocore/tianocore.github.io/wiki/CryptoPkg
> > -M: Qin Long mailto:qin.l...@intel.com>>
> >  M: Ting Ye mailto:ting...@intel.com>>
> > +R: Gang Wei mailto:gang@intel.com>>
> > +R: Jian Wang mailto:jian.j.w...@intel.com>>
> >
> >  DynamicTablesPkg
> >  W: https://github.com/tianocore/tianocore.github.io/wiki/DynamicTablesPkg
> >
>
> This patch does not conform to the rule that we added lately; please see
> commit 9ebef6c0a7d3 ("Maintainers.txt: Add the rule to hand over the
> package maintain role", 2018-11-29).
>
> In other words, the patch should be sent out by Qin Long. Even though
> you co-maintain CryptoPkg with Qin Long, you shouldn't be able to
> deprive Qin Long from the role.
>
> Thanks,
> Laszlo
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH v2] CryptoPkg/BaseCryptLib: Fix potential integer overflow issue.

2018-10-25 Thread Long Qin 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1275

The LookupFreeMemRegion() in RuntimeMemAllocate.c is used to look-up
free memory region for runtime resource allocation, which was designed
to support runtime authenticated variable service.
The ReqPages in this function is the required pages to be allocated,
which depends on the malloc() call in internal OpenSSL routines. The
direct offset subtractions on ReqPages may bring possible integer
overflow issue.

This patch is to add the extra parameter checks to remove this possible
overflow risk.

Cc: Ye Ting 
Cc: Laszlo Ersek 
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Long Qin 
---
 .../Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c| 14 +-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c 
b/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c
index 463f2bf855..92bb9ddccd 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c
@@ -2,7 +2,7 @@
   Light-weight Memory Management Routines for OpenSSL-based Crypto
   Library at Runtime Phase.
 
-Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -141,6 +141,12 @@ LookupFreeMemRegion (
 
   StartPageIndex = RT_SIZE_TO_PAGES (mRTPageTable->LastEmptyPageOffset);
   ReqPages   = RT_SIZE_TO_PAGES (AllocationSize);
+  if (ReqPages > mRTPageTable->PageCount) {
+//
+// No enough region for object allocation.
+//
+return (UINTN)(-1);
+  }
 
   //
   // Look up the free memory region with in current memory map table.
@@ -176,6 +182,12 @@ LookupFreeMemRegion (
   // Look up the free memory region from the beginning of the memory table
   // until the StartCursorOffset
   //
+  if (ReqPages > StartPageIndex) {
+//
+// No enough region for object allocation.
+//
+return (UINTN)(-1);
+  }
   for (Index = 0; Index < (StartPageIndex - ReqPages); ) {
 //
 // Check Consecutive ReqPages Pages.
-- 
2.16.1.windows.2

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] CryptoPkg/BaseCryptLib: Fix potential integer overflow issue.

2018-10-25 Thread Long, Qin 
Thanks, Laszlo.

From: Laszlo Ersek [mailto:ler...@redhat.com]
Sent: Thursday, October 25, 2018 12:59 AM
To: Long, Qin ; edk2-devel@lists.01.org
Cc: Ye, Ting 
Subject: Re: [edk2] [PATCH] CryptoPkg/BaseCryptLib: Fix potential integer 
overflow issue.

On 10/24/18 15:22, Long Qin wrote:
> The LookupFreeMemRegion() in RuntimeMemAllocate.c is used to look-up
> free memory region for runtime resource allocation, which was designed
> to support runtime authenticated variable service.
> The direct offset subtractions in this function may bring possible
> integer overflow issue.
>
> This patch is to add the extra parameter checks to remove this possible
> overflow risk.
>
> Cc: Ye Ting mailto:ting...@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Long Qin mailto:qin.l...@intel.com>>
> ---
>  .../Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c| 14 
> +-
>  1 file changed, 13 insertions(+), 1 deletion(-)
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c 
> b/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c
> index 463f2bf855..92bb9ddccd 100644
> --- a/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c
> +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c
> @@ -2,7 +2,7 @@
>Light-weight Memory Management Routines for OpenSSL-based Crypto
>Library at Runtime Phase.
>
> -Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.
> +Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
>  This program and the accompanying materials
>  are licensed and made available under the terms and conditions of the BSD 
> License
>  which accompanies this distribution.  The full text of the license may be 
> found at
> @@ -141,6 +141,12 @@ LookupFreeMemRegion (
>
>StartPageIndex = RT_SIZE_TO_PAGES (mRTPageTable->LastEmptyPageOffset);
>ReqPages   = RT_SIZE_TO_PAGES (AllocationSize);
> +  if (ReqPages > mRTPageTable->PageCount) {
> +//
> +// No enough region for object allocation.
> +//
> +return (UINTN)(-1);
> +  }
>
>//
>// Look up the free memory region with in current memory map table.
> @@ -176,6 +182,12 @@ LookupFreeMemRegion (
>// Look up the free memory region from the beginning of the memory table
>// until the StartCursorOffset
>//
> +  if (ReqPages > StartPageIndex) {
> +//
> +// No enough region for object allocation.
> +//
> +return (UINTN)(-1);
> +  }
>for (Index = 0; Index < (StartPageIndex - ReqPages); ) {
>  //
>  // Check Consecutive ReqPages Pages.
>

As far as I can see, "RuntimeCryptLib.inf" (where this file is used) is
only linked into runtime DXE modules -- not SMM modules. That means this
issue is not a security bug, because runtime DXE modules can be
overwritten by the OS anyway. (They reside in normal RAM.) Can you
please confirm?

[qlong] Yes, this library instance is only linked into runtime DXE driver, not 
SMM.
It was designed to provide the runtime authentication / verification support
(for variable service) in early implementation (non-SMM variable driver).
But the memory used in runtime dxe modules will not overwritten since
It was marked as “EfiRuntimeServicesData”. The RuntimeCryptLib applied
one light-weight memory management routines to meet the internal memory
allocation / free usage when openssl handle PKCS7 verification.
The possible integer overflow issue was found from code review. Yes, I think
it’s low risk since most runtime variable service was updated to use smm 
solution.

Nonetheless, it would be nice to explain in the commit message, what
exactly "ReqPages" depends on.
[qlong] ReqPages is one variable to describe the required pages for memory 
allocation
(from the malloc() call in OpenSSL codes when handling pkcs7 verification).
It’s hard to state the specific dependency (which include the PKCS7 data and 
some
openssl internal data structure).

If needed, please file a BZ as well. (I'm not saying it's required, but
you might want to consider it, and reference it in the commit message.)

[qlong] Sure. It make sense.
 And create one: https://bugzilla.tianocore.org/show_bug.cgi?id=1275

Thanks
Laszlo
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] CryptoPkg/BaseCryptLib: Fix potential integer overflow issue.

2018-10-24 Thread Long Qin 
The LookupFreeMemRegion() in RuntimeMemAllocate.c is used to look-up
free memory region for runtime resource allocation, which was designed
to support runtime authenticated variable service.
The direct offset subtractions in this function may bring possible
integer overflow issue.

This patch is to add the extra parameter checks to remove this possible
overflow risk.

Cc: Ye Ting 
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Long Qin 
---
 .../Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c| 14 +-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c 
b/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c
index 463f2bf855..92bb9ddccd 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c
@@ -2,7 +2,7 @@
   Light-weight Memory Management Routines for OpenSSL-based Crypto
   Library at Runtime Phase.
 
-Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -141,6 +141,12 @@ LookupFreeMemRegion (
 
   StartPageIndex = RT_SIZE_TO_PAGES (mRTPageTable->LastEmptyPageOffset);
   ReqPages   = RT_SIZE_TO_PAGES (AllocationSize);
+  if (ReqPages > mRTPageTable->PageCount) {
+//
+// No enough region for object allocation.
+//
+return (UINTN)(-1);
+  }
 
   //
   // Look up the free memory region with in current memory map table.
@@ -176,6 +182,12 @@ LookupFreeMemRegion (
   // Look up the free memory region from the beginning of the memory table
   // until the StartCursorOffset
   //
+  if (ReqPages > StartPageIndex) {
+//
+// No enough region for object allocation.
+//
+return (UINTN)(-1);
+  }
   for (Index = 0; Index < (StartPageIndex - ReqPages); ) {
 //
 // Check Consecutive ReqPages Pages.
-- 
2.16.1.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [staging/MicroPythonTestFramework]: MicroPython Test Framework for UEFI

2018-10-21 Thread Long, Qin 
Hi, Leif,

Yes, we missed clear descriptions about these two external projects in 
staging/MicroPythonTestFramework. Sorry about that.

The MicroPython and Oniguruma projects were used as git submodule in this 
project. So you can use “git submodule” to know the specific commit information:
$ git submodule
-d4e4bd2a8163f355fa8a3884077eaec7adc75ff7 CryptoPkg/Library/OpensslLib/openssl
-421b84af9968e582f324899934f52b3df60381ee MicroPythonPkg/MicroPython
   --> MicroPython-v1.9.4
-dba71710cd657ebd886ab2b712931542507fadb8 MicroPythonPkg/Oniguruma  
 --> Oniguruma-v6.8.2

And use update command to init and sync-up all submodules:
$ git submodule update --init --recursive

(Will update the README for more clear information later . Thanks)


Best Regards & Thanks,
LONG, Qin


From: Leif Lindholm [mailto:leif.lindh...@linaro.org]
Sent: Saturday, October 20, 2018 6:10 PM
To: Long, Qin 
Cc: Richardson, Brian ; edk2-devel@lists.01.org
Subject: Re: [edk2] [staging/MicroPythonTestFramework]: MicroPython Test 
Framework for UEFI

Thanks Brian,

Long, could you please
1) Send me the commit hashes of micropython and oniguruma that you
   have tested with the overrides?
2) Add a top-level Readme.md to the MicroPythonTestFramework branch,
   mentioning yourself as maintainer and the commit hashes of any
   external projects used?

Best Regards,

Leif

On Fri, Oct 19, 2018 at 06:18:35AM +, Richardson, Brian wrote:
> Leif:
>
> Thank you for your feedback. Long Qin is a good starting contact for 
> MicroPython issues.
>
> There are readme files for the sub-components, but I agree that the missing 
> top-level readme file is an issue.
> https://github.com/tianocore/edk2-staging/tree/MicroPythonTestFramework/MpyTestFrameworkPkg
> https://github.com/tianocore/edk2-staging/tree/MicroPythonTestFramework/MicroPythonPkg
>
> Thanks … br
> ---
> Brian Richardson, Firmware Ecosystem Development, Intel Software
> brian.richard...@intel.com<mailto:brian.richard...@intel.com<mailto:brian.richard...@intel.com%3cmailto:brian.richard...@intel.com>>
>  -- @intel_brian (Twitter & WeChat)
> https://software.intel.com/en-us/meet-the-developers/evangelists/team/brian-richardson
>
> From: Leif Lindholm 
> mailto:leif.lindh...@linaro.org>>
> Sent: Friday, October 19, 2018 12:34 AM
> To: Richardson, Brian 
> mailto:brian.richard...@intel.com>>
> Cc: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Subject: Re: [edk2] [staging/MicroPythonTestFramework]: MicroPython Test 
> Framework for UEFI
>
> Hi Brian,
>
> I've started having a look at this, and have a few comments:
> - There is no Readme.md at the top level, as set out in 
> https://github.com/tianocore/edk2-staging/blob/about/README
>   Mainly, this means I don't know who I should cc on any comments I have.
> - There have been substantial changes to oniguruma, and the module no longer 
> builds. Can we have exact commit hashes for the two external projects added 
> to the toplevel Readme.md?
> - At least Uefi/modets.c and Uefi/modos.c contain Ia32/X64-specific bits. 
> Could these bits be put in architecture-specific subdirectories?
>
> Regards,
>
> Leif
>
> On 10 August 2018 at 03:44, Richardson, Brian 
> mailto:brian.richard...@intel.com<mailto:brian.richard...@intel.com%3cmailto:brian.richard...@intel.com>>>
>  wrote:
> The "MicroPython Test Framework for UEFI" project has been added to 
> edk2-staging for community feedback.
> https://github.com/tianocore/edk2-staging/tree/MicroPythonTestFramework
>
> This includes a port of MicroPython to UEFI and a test execution environment 
> that can run from the UEFI Shell.
> https://github.com/tianocore/edk2-staging/tree/MicroPythonTestFramework/MicroPythonPkg
> https://github.com/tianocore/edk2-staging/tree/MicroPythonTestFramework/MpyTestFrameworkPkg
>
> Additional Info:
> https://github.com/tianocore/tianocore.github.io/wiki/MicroPython-Test-Framework-for-UEFI
>
> Thanks ... br
> ---
> Brian Richardson, Senior Technical Marketing Engineer, Intel Software
> brian.richard...@intel.com<mailto:brian.richard...@intel.com><mailto:brian.richard...@intel.com<mailto:brian.richard...@intel.com<mailto:brian.richard...@intel.com%3cmailto:brian.richard...@intel.com%3e%3cmailto:brian.richard...@intel.com%3cmailto:brian.richard...@intel.com>>>
>  -- @intel_brian (Twitter & WeChat)
> https://software.intel.com/en-us/meet-the-developers/evangelists/team/brian-richardson
>
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org%3cmailto:edk2-devel@lists.01.org>>
> https://lists.01.org/mailman/listinfo/edk2-devel
>
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [staging/MicroPythonTestFramework][PATCH] MpyTestFrameworkPkg: use minified jquery source

2018-09-04 Thread Long, Qin 
Reviewed-by: Long Qin 


Best Regards & Thanks,
LONG, Qin

> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> Stephano Cetola
> Sent: Tuesday, September 4, 2018 10:51 AM
> To: edk2-devel@lists.01.org
> Cc: Long, Qin 
> Subject: [edk2] [staging/MicroPythonTestFramework][PATCH]
> MpyTestFrameworkPkg: use minified jquery source
> 
> We should be using the compressed "minified" jquery source file rather than 
> the
> uncompressed version, as it will reduce the page load times.
> 
> This updates the relevant FreeMaker templates, the readme, and the setup 
> script.
> It also corrects a small mistake in the error text of the setup script.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1.
> Signed-off-by: Stephano Cetola 
> ---
>  MpyTestFrameworkPkg/README.md   | 2 +-
>  .../ReportGenerator/src/main/resources/templates/index.ftl  | 2 +-
>  .../src/main/resources/templates/iteration.ftl  | 4 ++--
>  .../src/main/resources/templates/recurrentSequence.ftl  | 2 +-
>  MpyTestFrameworkPkg/setup.py| 6 +++---
>  5 files changed, 8 insertions(+), 8 deletions(-)
> 
> diff --git a/MpyTestFrameworkPkg/README.md
> b/MpyTestFrameworkPkg/README.md index bd1579dcd3..9bcd22d843 100644
> --- a/MpyTestFrameworkPkg/README.md
> +++ b/MpyTestFrameworkPkg/README.md
> @@ -13,7 +13,7 @@ This test framework is dependent on the MicroPython
> Interpreter for UEFI: [Micro
>   * Install [Python27](https://www.python.org/).
>   * Install Maven, using the official site tutorial: [Installing Apache
> Maven](https://maven.apache.org/install.html). JDK 1.8 is preferred.
>   * Download `Chart.bundle.min.js` from the [ChartJS official
> site](https://github.com/chartjs/Chart.js/releases) and copy it to
> `MpyTestFrameworkPkg\Report\resources\js`
> - * Download `jquery-3.3.1.js` from the [JQuery official
> site](https://jquery.com/download/) and copy it to
> `MpyTestFrameworkPkg\Report\resources\js`
> + * Download `jquery-3.3.1.min.js` from the [JQuery official
> + site](https://jquery.com/download/) and copy it to
> + `MpyTestFrameworkPkg\Report\resources\js`
> 
>  ### Configuration
> 
> diff --git
> a/MpyTestFrameworkPkg/Tools/ReportGenerator/src/main/resources/templat
> es/index.ftl
> b/MpyTestFrameworkPkg/Tools/ReportGenerator/src/main/resources/templat
> es/index.ftl
> index ed611f3805..d58c002baf 100644
> ---
> a/MpyTestFrameworkPkg/Tools/ReportGenerator/src/main/resources/templat
> es/index.ftl
> +++
> b/MpyTestFrameworkPkg/Tools/ReportGenerator/src/main/resources/templ
> +++ ates/index.ftl
> @@ -3,7 +3,7 @@
>ETS Report
>
>
> -  
> +  
>  
> 
>  
> diff --git
> a/MpyTestFrameworkPkg/Tools/ReportGenerator/src/main/resources/templat
> es/iteration.ftl
> b/MpyTestFrameworkPkg/Tools/ReportGenerator/src/main/resources/templat
> es/iteration.ftl
> index 82b681c8a4..e3f2490215 100644
> ---
> a/MpyTestFrameworkPkg/Tools/ReportGenerator/src/main/resources/templat
> es/iteration.ftl
> +++
> b/MpyTestFrameworkPkg/Tools/ReportGenerator/src/main/resources/templ
> +++ ates/iteration.ftl
> @@ -3,7 +3,7 @@
>ETS Report
>
>
> -  
> +  
>  
>  
> 
> @@ -170,4 +170,4 @@
>
> 
>  
> -
> \ No newline at end of file
> +
> diff --git
> a/MpyTestFrameworkPkg/Tools/ReportGenerator/src/main/resources/templat
> es/recurrentSequence.ftl
> b/MpyTestFrameworkPkg/Tools/ReportGenerator/src/main/resources/templat
> es/recurrentSequence.ftl
> index d3c263cf91..1d09752095 100644
> ---
> a/MpyTestFrameworkPkg/Tools/ReportGenerator/src/main/resources/templat
> es/recurrentSequence.ftl
> +++
> b/MpyTestFrameworkPkg/Tools/ReportGenerator/src/main/resources/templ
> +++ ates/recurrentSequence.ftl
> @@ -3,7 +3,7 @@
>ETS Report
>
>
> -  
> +  
>  
> 
>  
> diff --git a/MpyTestFrameworkPkg/setup.py b/MpyTestFrameworkPkg/setup.py
> index 993a4cc598..4eaf43bfed 100644
> --- a/MpyTestFrameworkPkg/setup.py
> +++ b/MpyTestFrameworkPkg/setup.py
> @@ -31,8 +31,8 @@ def check_environment():
>  error_p('Please download Chart.bundle.min.js to
> MpyTestFrameworkPkg/Report/resources/js folder')
>  return False
> 
> -if not os.path.exists(origin + '/Report' + '/resources' + '/js' + 
> '/jquery-3.3.1.js'):
> -error_p('Please download jquery-3.3.1.jsChart.bundle.min.js to
> MpyTestFrameworkPkg/Report/resources/js folder')
> +if not os.path.exists(origin + '/Report' + '/resources' + '/js' + 
> '/jquery-
> 3.3.1.min.js'):
> +error_p('Please download jquery-3.3.1.min.js
>

Re: [edk2] [Patch] SecurityPkg: HashLib: Update HashLib file GUID

2018-08-09 Thread Long, Qin 
Chao, Please change the lowercase letters in the new GUID to uppercase letters 
when committing this.

Reviewed-by: Long Qin 


Best Regards & Thanks,
LONG, Qin

> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang,
> Chao B
> Sent: Wednesday, August 8, 2018 11:06 PM
> To: edk2-devel@lists.01.org
> Cc: Long, Qin 
> Subject: [edk2] [Patch] SecurityPkg: HashLib: Update HashLib file GUID
> 
> 2 file GUIDs conflict with existing SHA256 Lib. Update them.
> 
> Cc: Long Qin 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Zhang, Chao B 
> ---
>  SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf | 2 +-
> SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git
> a/SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
> b/SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
> index 76677794fa..cf12587354 100644
> --- a/SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
> +++ b/SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.in
> +++ f
> @@ -15,11 +15,11 @@
> 
>  [Defines]
>INF_VERSION= 0x00010005
>BASE_NAME  = HashInstanceLibSha384
>MODULE_UNI_FILE= HashInstanceLibSha384.uni
> -  FILE_GUID  = 5810798A-ED30-4080-8DD7-B9667A748C02
> +  FILE_GUID  = 74223710-17A9-478f-9B24-E354496B968B
>MODULE_TYPE= BASE
>VERSION_STRING = 1.0
>LIBRARY_CLASS  = NULL
>CONSTRUCTOR= HashInstanceLibSha384Constructor
> 
> diff --git
> a/SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
> b/SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
> index 94929a8736..917c23f3d5 100644
> --- a/SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
> +++ b/SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.in
> +++ f
> @@ -15,11 +15,11 @@
> 
>  [Defines]
>INF_VERSION= 0x00010005
>BASE_NAME  = HashInstanceLibSha512
>MODULE_UNI_FILE= HashInstanceLibSha512.uni
> -  FILE_GUID  = 5810798A-ED30-4080-8DD7-B9667A748C02
> +  FILE_GUID  = 959C3685-AC3F-4f3e-AC5B-7E2A64BADD36
>MODULE_TYPE= BASE
>VERSION_STRING = 1.0
>LIBRARY_CLASS  = NULL
>CONSTRUCTOR= HashInstanceLibSha512Constructor
> 
> --
> 2.16.2.windows.1
> 
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch] SecurityPkg: HashLib: Add SHA384, SHA512 HashLib

2018-07-27 Thread Long, Qin 
Reviewed-by: Long Qin 


Best Regards & Thanks,
LONG, Qin

> -Original Message-
> From: Zhang, Chao B
> Sent: Friday, July 27, 2018 11:21 AM
> To: edk2-devel@lists.01.org
> Cc: Long, Qin ; Zhang, Chao B
> 
> Subject: [Patch] SecurityPkg: HashLib: Add SHA384, SHA512 HashLib
> 
> Add SHA384, 512 Hash lib support. Now only CryptoPkg support PEI/DXE
> version.
> 
> Cc: Long Qin 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Chao Zhang 
> Signed-off-by: Zhang, Chao B 
> ---
>  SecurityPkg/Include/Library/HashLib.h  |   2 +-
>  .../HashInstanceLibSha384/HashInstanceLibSha384.c  | 155
> +
>  .../HashInstanceLibSha384.inf  |  45 ++
>  .../HashInstanceLibSha384.uni  |  21 +++
>  .../HashInstanceLibSha512/HashInstanceLibSha512.c  | 154
> 
>  .../HashInstanceLibSha512.inf  |  45 ++
>  .../HashInstanceLibSha512.uni  |  21 +++
>  SecurityPkg/SecurityPkg.dsc|   6 +
>  8 files changed, 448 insertions(+), 1 deletion(-)  create mode 100644
> SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.c
>  create mode 100644
> SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
>  create mode 100644
> SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.uni
>  create mode 100644
> SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.c
>  create mode 100644
> SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
>  create mode 100644
> SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.uni
> 
> diff --git a/SecurityPkg/Include/Library/HashLib.h
> b/SecurityPkg/Include/Library/HashLib.h
> index 8be8b9c59c..2b886a1b05 100644
> --- a/SecurityPkg/Include/Library/HashLib.h
> +++ b/SecurityPkg/Include/Library/HashLib.h
> @@ -17,11 +17,11 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF
> ANY KIND, EITHER EXPRESS OR IMPLIED.
>  #ifndef _HASH_LIB_H_
>  #define _HASH_LIB_H_
> 
>  #include 
>  #include 
> -
> +#include 
>  typedef UINTN  HASH_HANDLE;
> 
>  /**
>Start hash sequence.
> 
> diff --git
> a/SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.c
> b/SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.c
> new file mode 100644
> index 00..54bc687425
> --- /dev/null
> +++ b/SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.c
> @@ -0,0 +1,155 @@
> +/** @file
> +  This library is BaseCrypto SHA384 hash instance.
> +  It can be registered to BaseCrypto router, to serve as hash engine.
> +
> +Copyright (c) 2018, Intel Corporation. All rights reserved.  This
> +program and the accompanying materials are licensed and made available
> +under the terms and conditions of the BSD License which accompanies
> +this distribution.  The full text of the license may be found at
> +http://opensource.org/licenses/bsd-license.php
> +
> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
> BASIS,
> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
> EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include 
> +
> +#include 
> +#include 
> +#include 
> +#include 
> +#include  #include 
> +
> +/**
> +  The function set SHA384 to digest list.
> +
> +  @param DigestList   digest list
> +  @param Sha384Digest SHA384 digest
> +**/
> +VOID
> +Tpm2SetSha384ToDigestList (
> +  IN TPML_DIGEST_VALUES *DigestList,
> +  IN UINT8  *Sha384Digest
> +  )
> +{
> +  DigestList->count = 1;
> +  DigestList->digests[0].hashAlg = TPM_ALG_SHA384;
> +  CopyMem (
> +DigestList->digests[0].digest.sha384,
> +Sha384Digest,
> +SHA384_DIGEST_SIZE
> +);
> +}
> +
> +/**
> +  Start hash sequence.
> +
> +  @param HashHandle Hash handle.
> +
> +  @retval EFI_SUCCESS  Hash sequence start and HandleHandle
> returned.
> +  @retval EFI_OUT_OF_RESOURCES No enough resource to start hash.
> +**/
> +EFI_STATUS
> +EFIAPI
> +Sha384HashInit (
> +  OUT HASH_HANDLE*HashHandle
> +  )
> +{
> +  VOID *Sha384Ctx;
> +  UINTNCtxSize;
> +
> +  CtxSize = Sha384GetContextSize ();
> +  Sha384Ctx = AllocatePool (CtxSize);
> +  ASSERT (Sha384Ctx != NULL);
> +
> +  Sha384Init (Sha384Ctx);
> +
> +  *HashHandle = (HASH_HANDLE)Sha384Ctx;
> +
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Update hash sequence data.
> +
> +  @param HashHandleHash handle.
> +  @param DataToHashData to be hashed.
> +  @param DataToHashLen Data size.
> +
> +  @retval EFI_SUCCESS Hash sequence

Re: [edk2] [Patch] SecurityPkg: TcgSmm: Handle invalid parameter in MOR SMI handler

2018-07-20 Thread Long, Qin 
Reviewed-by: Long Qin 


Best Regards & Thanks,
LONG, Qin

> -Original Message-
> From: Zhang, Chao B
> Sent: Thursday, July 19, 2018 6:00 PM
> To: edk2-devel@lists.01.org
> Cc: Long, Qin ; Yao, Jiewen ;
> Zhang, Chao B 
> Subject: [Patch] SecurityPkg: TcgSmm: Handle invalid parameter in MOR SMI
> handler
> 
> Add more logic to filter invalid function parameter in MOR Control SMI handler
> 
> Cc: Long Qin 
> Cc: Yao Jiewen 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Chao Zhang 
> Signed-off-by: Zhang, Chao B 
> ---
>  SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c | 4 
>  SecurityPkg/Tcg/TcgSmm/TcgSmm.c   | 4 
>  2 files changed, 8 insertions(+)
> 
> diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
> b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
> index 21b1014a3b..4a1a293bfc 100644
> --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
> +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
> @@ -151,10 +151,14 @@ MemoryClearCallback (
> 
>  if (MOR_CLEAR_MEMORY_VALUE (MorControl) == 0x0) {
>return EFI_SUCCESS;
>  }
>  MorControl &= ~MOR_CLEAR_MEMORY_BIT_MASK;
> +  } else {
> +mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;
> +DEBUG ((EFI_D_ERROR, "[TPM] MOR Parameter error! Parameter = %x\n",
> mTcgNvs->MemoryClear.Parameter));
> +return EFI_SUCCESS;
>}
> 
>DataSize = sizeof (UINT8);
>Status = mSmmVariable->SmmSetVariable (
> MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
> diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.c
> b/SecurityPkg/Tcg/TcgSmm/TcgSmm.c index 0b8a002a4d..d3ddae6886 100644
> --- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.c
> +++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.c
> @@ -269,10 +269,14 @@ MemoryClearCallback (
> 
>  if (MOR_CLEAR_MEMORY_VALUE (MorControl) == 0x0) {
>return EFI_SUCCESS;
>  }
>  MorControl &= ~MOR_CLEAR_MEMORY_BIT_MASK;
> +  } else {
> +mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;
> +DEBUG ((EFI_D_ERROR, "[TPM] MOR Parameter error! Parameter = %x\n",
> mTcgNvs->MemoryClear.Parameter));
> +return EFI_SUCCESS;
>}
> 
>DataSize = sizeof (UINT8);
>Status = mSmmVariable->SmmSetVariable (
> MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
> --
> 2.16.2.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch] SecurityPkg:Tcg: Fix comment typos

2018-07-16 Thread Long, Qin 
Reviewed-by: Long Qin 

(BTW: Please remove the extra "Signed-off-by" signature)


Best Regards & Thanks,
LONG, Qin

> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> Zhang, Chao B
> Sent: Monday, July 16, 2018 3:21 PM
> To: edk2-devel@lists.01.org
> Cc: Long Qin ; Yao, Jiewen ;
> Zhang, Chao B 
> Subject: [edk2] [Patch] SecurityPkg:Tcg: Fix comment typos
> 
> "Triggle" is a typo. Fix it with "Trigger"
> 
> Cc: Long Qin 
> Cc: Jiewen Yao 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Chao Zhang 
> Signed-off-by: Zhang, Chao B 
> ---
>  SecurityPkg/Tcg/Tcg2Smm/Tpm.asl | 16 
> SecurityPkg/Tcg/TcgSmm/Tpm.asl  | 16 
>  2 files changed, 16 insertions(+), 16 deletions(-)
> 
> diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
> b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl index 50dea0ab9a..471b6b1fa1 100644
> --- a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
> +++ b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
> @@ -257,16 +257,16 @@ DefinitionBlock (
>// Bit4 -- DisableAutoDetect. 0 -- Firmware MAY autodetect.
>//
>If (LNot (And (MORD, 0x10)))
>{
>  //
> -// Triggle the SMI through ACPI _PTS method.
> +// Trigger the SMI through ACPI _PTS method.
>  //
>  Store (0x02, MCIP)
> 
>  //
> -// Triggle the SMI interrupt
> +// Trigger the SMI interrupt
>  //
>  Store (MCIN, IOB2)
>}
>  }
>  Return (0)
> @@ -363,11 +363,11 @@ DefinitionBlock (
>  Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
>  Store (0, PPRM)
>  Store (0x02, PPIP)
> 
>  //
> -// Triggle the SMI interrupt
> +// Trigger the SMI interrupt
>  //
>  Store (PPIN, IOB2)
>  Return (FRET)
> 
> 
> @@ -394,11 +394,11 @@ DefinitionBlock (
>  // e) Return TPM Operation Response to OS Environment
>  //
>  Store (0x05, PPIP)
> 
>  //
> -// Triggle the SMI interrupt
> +// Trigger the SMI interrupt
>  //
>  Store (PPIN, IOB2)
> 
>  Store (LPPR, Index (TPM3, 0x01))
>  Store (PPRP, Index (TPM3, 0x02)) @@ -426,11 +426,11 @@
> DefinitionBlock (
>  If (LEqual (PPRQ, 23)) {
>Store (DerefOf (Index (Arg2, 0x01)), PPRM)
>  }
> 
>  //
> -// Triggle the SMI interrupt
> +// Trigger the SMI interrupt
>  //
>  Store (PPIN, IOB2)
>  Return (FRET)
>}
>Case (8)
> @@ -440,11 +440,11 @@ DefinitionBlock (
>  //
>  Store (8, PPIP)
>  Store (DerefOf (Index (Arg2, 0x00)), UCRQ)
> 
>  //
> -// Triggle the SMI interrupt
> +// Trigger the SMI interrupt
>  //
>  Store (PPIN, IOB2)
> 
>  Return (FRET)
>}
> @@ -474,16 +474,16 @@ DefinitionBlock (
>  // Save the Operation Value of the Request to MORD (reserved
> memory)
>  //
>  Store (DerefOf (Index (Arg2, 0x00)), MORD)
> 
>  //
> -// Triggle the SMI through ACPI _DSM method.
> +// Trigger the SMI through ACPI _DSM method.
>  //
>  Store (0x01, MCIP)
> 
>  //
> -// Triggle the SMI interrupt
> +// Trigger the SMI interrupt
>  //
>  Store (MCIN, IOB2)
>  Return (MRET)
>}
>Default {BreakPoint}
> diff --git a/SecurityPkg/Tcg/TcgSmm/Tpm.asl
> b/SecurityPkg/Tcg/TcgSmm/Tpm.asl index 12f24f3996..2114283b45 100644
> --- a/SecurityPkg/Tcg/TcgSmm/Tpm.asl
> +++ b/SecurityPkg/Tcg/TcgSmm/Tpm.asl
> @@ -93,16 +93,16 @@ DefinitionBlock (
>// Bit4 -- DisableAutoDetect. 0 -- Firmware MAY autodetect.
>//
>If (LNot (And (MORD, 0x10)))
>{
>  //
> -// Triggle the SMI through ACPI _PTS method.
> +// Trigger the SMI through ACPI _PTS method.
>  //
>  Store (0x02, MCIP)
> 
>  //
> -// Triggle the SMI interrupt
> +// Trigger the SMI interrupt
>  //
>  Store (MCIN, IOB2)
>}
>  }
>  Ret

Re: [edk2] [Patch 0/2] Add CRB IdleByPass Support

2018-06-26 Thread Long, Qin 
Series Reviewed-by: Long Qin 


Best Regards & Thanks,
LONG, Qin

> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> Zhang, Chao B
> Sent: Monday, June 25, 2018 12:44 PM
> To: edk2-devel@lists.01.org
> Subject: [edk2] [Patch 0/2] Add CRB IdleByPass Support
> 
> Add CRB IdleByPass Support
> 
> Zhang, Chao B (2):
>   Add CapCRBIdleBypass definition to interface ID register. It complies
> with existing register
>   SecurityPkg: Tpm2DeviceLib: Enable CapCRBIdleBypass support
> 
>  MdePkg/Include/IndustryStandard/TpmPtp.h   |  5 +-
>  .../Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c  | 19 +
>  .../Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf|  1 +
>  .../Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c| 19 +
>  .../Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf  |  3 +-
>  SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c| 98
> +++---
>  SecurityPkg/SecurityPkg.dec| 10 +++
>  SecurityPkg/SecurityPkg.uni| 10 ++-
>  8 files changed, 149 insertions(+), 16 deletions(-)
> 
> --
> 2.16.2.windows.1
> 
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch V2] SecurityPkg: Cache TPM interface type info

2018-06-21 Thread Long, Qin 
Reviewed-by: Long Qin 

Please correct the typos:
+  @retval EFI_SUCCESS   DTPM2.0 instance is registered, or system dose not 
surpport registr DTPM2.0 instance

   ^
^   ^
+  #  Accodingt to TCG PTP spec 1.3, there are 3 types defined in 
TPM2_PTP_INTERFACE_TYPE.
 ^

Best Regards & Thanks,
LONG, Qin

> -Original Message-
> From: Zhang, Chao B
> Sent: Friday, June 22, 2018 9:37 AM
> To: edk2-devel@lists.01.org
> Cc: Long, Qin ; Yao, Jiewen 
> Subject: [Patch V2] SecurityPkg: Cache TPM interface type info
> 
> Cache TPM interface type info to avoid excessive interface ID register read
> 
> Cc: Long Qin 
> Cc: Yao Jiewen 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Zhang, Chao B 
> ---
>  SecurityPkg/Include/Library/Tpm2DeviceLib.h| 12 +++-
>  .../Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c  | 38 +++-
>  .../Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf|  8 ++-
>  .../Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c| 27 -
>  .../Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf  |  6 +-
>  SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c| 47 +++
>  SecurityPkg/SecurityPkg.dec| 12 +++-
>  SecurityPkg/SecurityPkg.uni| 10 +++-
>  SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf   |  3 +-
>  SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c| 68 
> ++
>  SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c  | 60 ++-
>  SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h  |  1 +
>  SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf|  1 +
>  13 files changed, 148 insertions(+), 145 deletions(-)
> 
> diff --git a/SecurityPkg/Include/Library/Tpm2DeviceLib.h
> b/SecurityPkg/Include/Library/Tpm2DeviceLib.h
> index 67f158ef03..f072a24925 100644
> --- a/SecurityPkg/Include/Library/Tpm2DeviceLib.h
> +++ b/SecurityPkg/Include/Library/Tpm2DeviceLib.h
> @@ -1,9 +1,9 @@
>  /** @file
>This library abstract how to access TPM2 hardware device.
> 
> -Copyright (c) 2013, Intel Corporation. All rights reserved. 
> +Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. 
>  This program and the accompanying materials  are licensed and made
> available under the terms and conditions of the BSD License  which
> accompanies this distribution.  The full text of the license may be found at
> http://opensource.org/licenses/bsd-license.php
> 
> @@ -15,10 +15,20 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF
> ANY KIND, EITHER EXPRESS OR IMPLIED.
>  #ifndef _TPM2_DEVICE_LIB_H_
>  #define _TPM2_DEVICE_LIB_H_
> 
>  #include 
> 
> +//
> +// Used in PcdActiveTpmInterfaceType to identify TPM interface type //
> +typedef enum {
> +  Tpm2PtpInterfaceTis,
> +  Tpm2PtpInterfaceFifo,
> +  Tpm2PtpInterfaceCrb,
> +  Tpm2PtpInterfaceMax,
> +} TPM2_PTP_INTERFACE_TYPE;
> +
>  /**
>This service enables the sending of commands to the TPM2.
> 
>@param[in]  InputParameterBlockSize  Size of the TPM2 input parameter
> block.
>@param[in]  InputParameterBlock  Pointer to the TPM2 input
> parameter block.
> diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c
> b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c
> index 0b1723e4a1..3feb64df7e 100644
> --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c
> +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c
> @@ -1,10 +1,10 @@
>  /** @file
>This library is TPM2 DTPM device lib.
>Choosing this library means platform uses and only uses DTPM device as
> TPM2 engine.
> 
> -Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. 
> +Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. 
>  This program and the accompanying materials  are licensed and made
> available under the terms and conditions of the BSD License  which
> accompanies this distribution.  The full text of the license may be found at
> http://opensource.org/licenses/bsd-license.php
> 
> @@ -15,10 +15,23 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF
> ANY KIND, EITHER EXPRESS OR IMPLIED.
> 
>  #include 
>  #include 
>  #include 
>  #include 
> +#include 
> +
> +/**
> +  Return PTP interface type.
> +
> +  @param[in] RegisterPointer to PTP register.
> +
> +  @return PTP interface type.
> +**/
> +TPM2_PTP_INTERFACE_TYPE
> +Tpm2GetPtpInterface (
> +  IN VOID *Register
> +  );
> 
>  /**
>This service enables the sending of commands to the TPM2.
> 
&

Re: [edk2] [PATCH 08/37] CryptoPkg: Removing ipf which is no longer supported from edk2.

2018-06-13 Thread Long, Qin 
Hi, Chenchen,

Please do more clean-ups on CryptoPkg for IPF removal: 
1. Remove whole "CryptRuntimeDxe" folder which was also designed for 
IPF before;
2. Remove " CryptoPkg/CryptRuntimeDxe/CryptRuntimeDxe.inf" from 
CryptoPkg.dsc;
3. Remove whole "Include/Protocol" folder;
4. Remove "[Protocols]" section from CryptoPkg.dec;
5. Remove whole "Library/BaseCryptLibRuntimeCryptProtocol" folder;


Best Regards & Thanks,
LONG, Qin

> -Original Message-
> From: Chen, Chen A
> Sent: Wednesday, June 13, 2018 11:44 AM
> To: edk2-devel@lists.01.org
> Cc: Chen, Chen A ; Long, Qin ;
> Ye, Ting ; Kinney, Michael D
> 
> Subject: [PATCH 08/37] CryptoPkg: Removing ipf which is no longer
> supported from edk2.
> 
> Removing rules for Ipf sources file:
> * Remove the source file which path with "ipf" and also listed in
>   [Sources.IPF] section of INF file.
> * Remove the source file which listed in [Components.IPF] section
>   of DSC file and not listed in any other [Components] section.
> * Remove the embedded Ipf code for MDE_CPU_IPF.
> 
> Removing rules for Inf file:
> * Remove IPF from VALID_ARCHITECTURES comments.
> * Remove DXE_SAL_DRIVER from LIBRARY_CLASS in [Defines] section.
> * Remove the INF which only listed in [Components.IPF] section in DSC.
> * Remove statements from [BuildOptions] that provide IPF specific flags.
> * Remove any IPF sepcific sections.
> 
> Removing rules for Dec file:
> * Remove [Includes.IPF] section from Dec.
> 
> Removing rules for Dsc file:
> * Remove IPF from SUPPORTED_ARCHITECTURES in [Defines] section of DSC.
> * Remove any IPF specific sections.
> * Remove statements from [BuildOptions] that provide IPF specific flags.
> 
> Cc: Qin Long 
> Cc: Ting Ye 
> Cc: Michael D Kinney 
> Signed-off-by: chenc2 
> Contributed-under: TianoCore Contribution Agreement 1.1
> ---
>  CryptoPkg/CryptRuntimeDxe/CryptRuntimeDxe.inf  |   4 +-
>  CryptoPkg/CryptoPkg.dsc|   5 +-
>  CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf|   5 +-
>  CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf |   5 +-
>  CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf |   3 -
>  .../BaseCryptLibRuntimeCryptProtocol.inf   |  76 
>  .../Cipher/CryptAesNull.c  | 165 
>  .../Cipher/CryptArc4Null.c | 130 ---
>  .../Cipher/CryptTdesNull.c | 166 
>  .../Hash/CryptMd4Null.c| 124 --
>  .../Hash/CryptMd5Null.c| 125 --
>  .../Hash/CryptSha1Null.c   | 125 --
>  .../Hmac/CryptHmacMd5Null.c| 127 ---
>  .../Hmac/CryptHmacSha1Null.c   | 127 ---
>  .../InternalCryptLib.h |  23 --
>  .../Pem/CryptPemNull.c |  44 ---
>  .../Pk/CryptAuthenticodeNull.c |  51 ---
>  .../Pk/CryptDhNull.c   | 156 
>  .../Pk/CryptPkcs7SignNull.c|  59 ---
>  .../Pk/CryptPkcs7VerifyNull.c  | 163 
>  .../Pk/CryptRsaExtNull.c   | 125 --
>  .../Pk/CryptX509Null.c | 238 
>  .../Rand/CryptRandNull.c   |  63 
>  .../RuntimeDxeIpfCryptLib.c| 419 
> -
>  CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf|  13 +-
>  CryptoPkg/Library/OpensslLib/OpensslLib.inf|   5 +-
>  CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf  |   5 +-
>  CryptoPkg/Library/TlsLib/TlsLib.inf|   2 +-
>  28 files changed, 9 insertions(+), 2544 deletions(-)
>  delete mode 100644
> CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/BaseCryptLibRuntime
> CryptProtocol.inf
>  delete mode 100644
> CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/Cipher/CryptAesNull.
> c
>  delete mode 100644
> CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/Cipher/CryptArc4Null
> .c
>  delete mode 100644
> CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/Cipher/CryptTdesNull
> .c
>  delete mode 100644
> CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/Hash/CryptMd4Null.c
>  delete mode 100644
> CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/Hash/CryptMd5Null.c
>  delete mode 100644
> CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/Hash/CryptSha1Null.c
>  delete mode 100644
> CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/Hmac/CryptHmacMd
> 5Null.c
>  delete mode 100644
> CryptoPkg/Library/BaseCryptLibRuntimeCryptProtoco

Re: [edk2] [Patch] CryptoPkg PeiCryptLib: Enable SHA384/512 support

2018-06-07 Thread Long, Qin 
Hi, Chao,

The update from NULL to real wrapper looks good to me.
Please also update the "Note" part in this INF's comment before your commit, 
since SHA384/512 was noted as "not supported" before. 

Reviewed-by: Long Qin 


Best Regards & Thanks,
LONG, Qin

> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang,
> Chao B
> Sent: Thursday, June 7, 2018 10:30 PM
> To: edk2-devel@lists.01.org
> Cc: Zhang, Chao B ; Long, Qin 
> Subject: [edk2] [Patch] CryptoPkg PeiCryptLib: Enable SHA384/512 support
> 
> Enable SHA384/512 support in PEI phase.
> 
> Cc: Long Qin 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Chao Zhang 
> Signed-off-by: Zhang, Chao B 
> ---
>  CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> index f1f709ef6d..e08627be24 100644
> --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> @@ -11,11 +11,11 @@
>  #  functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, 
> X.509
> #  certificate handler functions, authenticode signature verification 
> functions,  #
> PEM handler functions, and pseudorandom number generator functions are not
> #  supported in this instance.
>  #
> -#  Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.
> +#  Copyright (c) 2010 - 2018, Intel Corporation. All rights
> +reserved.
>  #  This program and the accompanying materials  #  are licensed and made
> available under the terms and conditions of the BSD License  #  which
> accompanies this distribution.  The full text of the license may be found at  
> #
> http://opensource.org/licenses/bsd-license.php
>  #
> @@ -42,11 +42,11 @@
>  [Sources]
>Hash/CryptMd4Null.c
>Hash/CryptMd5.c
>Hash/CryptSha1.c
>Hash/CryptSha256.c
> -  Hash/CryptSha512Null.c
> +  Hash/CryptSha512.c
>Hmac/CryptHmacMd5Null.c
>Hmac/CryptHmacSha1Null.c
>Hmac/CryptHmacSha256Null.c
>Cipher/CryptAesNull.c
>Cipher/CryptTdesNull.c
> --
> 2.16.2.windows.1
> 
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch] SecurityPkg/Tcg2Smm: Correct function parameter attribute

2018-05-28 Thread Long, Qin 
Reviewed-by: Long Qin 


Best Regards & Thanks,
LONG, Qin

> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> Zhang, Chao B
> Sent: Monday, May 28, 2018 10:10 PM
> To: edk2-devel@lists.01.org
> Cc: Yao, Jiewen ; Long, Qin 
> Subject: [edk2] [Patch] SecurityPkg/Tcg2Smm: Correct function parameter
> attribute
> 
> Correct UpdatePossibleResource parameter attribute to align to comment
> 
> Change-Id: Id8f8be975f0e8666573decc3fbaaf326b7767ba8
> Contributed-under: TianoCore Contribution Agreement 1.1
> Cc: Long Qin 
> Cc: Yao Jiewen 
> Reviewed-by: Chao Zhang 
> Signed-off-by: Zhang, Chao B 
> ---
>  SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c | 8 
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
> b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
> index 3e0a68999a..f0c92462cf 100644
> --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
> +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
> @@ -315,14 +315,14 @@ UpdatePPVersion (
>@return  patch status.
> 
>  **/
>  EFI_STATUS
>  UpdatePossibleResource (
> -  IN  EFI_ACPI_DESCRIPTION_HEADER*Table,
> -  IN  UINT32 *IrqBuffer,
> -  IN  UINT32 IrqBuffserSize,
> -  OUT BOOLEAN*IsShortFormPkgLength
> +  IN OUT  EFI_ACPI_DESCRIPTION_HEADER*Table,
> +  IN  UINT32 *IrqBuffer,
> +  IN  UINT32 IrqBuffserSize,
> +  OUT BOOLEAN*IsShortFormPkgLength
>)
>  {
>UINT8   *DataPtr;
>UINT8   *DataEndPtr;
>UINT32  NewPkgLength;
> --
> 2.16.2.windows.1
> 
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] CryptoPkg: Remove deprecated function usage in X509GetCommonName()

2018-05-24 Thread Long Qin 
BZ#: https://bugzilla.tianocore.org/show_bug.cgi?id=923

X509_NAME_get_text_by_NID() used in X509GetCommonName() implementation
is one legacy function which have various limitations. The returned
data may be not usable  when the target cert contains multicharacter
string type like a BMPString or a UTF8String.
This patch replaced the legacy function usage with more general
X509_NAME_get_index_by_NID() / X509_NAME_get_entry() APIs for X509
CommonName retrieving.

Tests: Validated the commonName retrieving with test certificates
   containing PrintableString or BMPString data.

Cc: Ye Ting <ting...@intel.com>
Cc: Michael Turner <michael.tur...@microsoft.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long Qin <qin.l...@intel.com>
---
 CryptoPkg/Include/Library/BaseCryptLib.h  |  4 +-
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 53 ++-
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c |  4 +-
 3 files changed, 47 insertions(+), 14 deletions(-)

diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h 
b/CryptoPkg/Include/Library/BaseCryptLib.h
index 027ea09feb..dc6aaf0635 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -4,7 +4,7 @@
   primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI security
   functionality enabling.
 
-Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -2177,7 +2177,7 @@ X509GetSubjectName (
   @param[in]  Cert Pointer to the DER-encoded X509 certificate.
   @param[in]  CertSize Size of the X509 certificate in bytes.
   @param[out] CommonName   Buffer to contain the retrieved certificate 
common
-   name string. At most CommonNameSize bytes 
will be
+   name string (UTF8). At most CommonNameSize 
bytes will be
written and the string will be null 
terminated. May be
NULL in order to determine the size buffer 
needed.
   @param[in,out]  CommonNameSize   The size in bytes of the CommonName buffer 
on input,
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 56e66308ae..c137df357f 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -1,7 +1,7 @@
 /** @file
   X.509 Certificate Handler Wrapper Implementation over OpenSSL.
 
-Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -303,7 +303,7 @@ _Exit:
   @param[in]  Cert Pointer to the DER-encoded X509 certificate.
   @param[in]  CertSize Size of the X509 certificate in bytes.
   @param[out] CommonName   Buffer to contain the retrieved certificate 
common
-   name string. At most CommonNameSize bytes 
will be
+   name string (UTF8). At most CommonNameSize 
bytes will be
written and the string will be null 
terminated. May be
NULL in order to determine the size buffer 
needed.
   @param[in,out]  CommonNameSize   The size in bytes of the CommonName buffer 
on input,
@@ -332,13 +332,18 @@ X509GetCommonName (
   IN OUT  UINTN*CommonNameSize
   )
 {
-  RETURN_STATUS  ReturnStatus;
-  BOOLEANStatus;
-  X509   *X509Cert;
-  X509_NAME  *X509Name;
-  INTN   Length;
+  RETURN_STATUSReturnStatus;
+  BOOLEAN  Status;
+  X509 *X509Cert;
+  X509_NAME*X509Name;
+  INT32Index;
+  INTN Length;
+  X509_NAME_ENTRY  *Entry;
+  ASN1_STRING  *EntryData;
+  UINT8*UTF8Name;
 
   ReturnStatus = RETURN_INVALID_PARAMETER;
+  UTF8Name = NULL;
 
   //
   // Check input parameters.
@@ -378,8 +383,8 @@ X509GetCommonName (
   //
   // Retrieve the CommonName information from X.509 Subject
   //
-  Length = (INTN) X509_NAME_get_text_by_NID (X509Name, NID_commonName, 
CommonName, (int)(*CommonNameSize));
-  if (Length < 0) {
+  Index = X509_NAME_get_index_by_NID (X509Name, NID_commonName, -1);
+  if (Index < 0) {
 //
 // No CommonName entry exists in X509_NAME object
 //
@@ -388,10 +393,35 @@ X509GetCommonName (
 goto _Exit;
   }
 
-  *CommonN

Re: [edk2] [Patch] SecurityPkg:Tcg2Smm: Update TcgNvs info after memory is allocated

2018-05-21 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

> -Original Message-
> From: Zhang, Chao B
> Sent: Sunday, May 20, 2018 10:42 PM
> To: edk2-devel@lists.01.org
> Cc: Yao, Jiewen <jiewen@intel.com>; Long, Qin <qin.l...@intel.com>
> Subject: [Patch] SecurityPkg:Tcg2Smm: Update TcgNvs info after memory is
> allocated
> 
> Update package format info in _PRS to TcgNvs after memory is allocated.
> 
> Change-Id: Icfadb350e60d3ed2df332e92c257ce13309c0018
> Contributed-under: TianoCore Contribution Agreement 1.1
> Cc: Yao Jiewen <jiewen@intel.com>
> Cc: Long Qin <qin.l...@intel.com>
> Signed-off-by: Zhang, Chao B <chao.b.zh...@intel.com>
> ---
>  SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c | 19 ---
>  1 file changed, 12 insertions(+), 7 deletions(-)
> 
> diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
> b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
> index c3cee834ae..3e0a68999a 100644
> --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
> +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
> @@ -308,19 +308,21 @@ UpdatePPVersion (
>interrupt buffer size. BufferSize, PkgLength and interrupt descirptor in 
> ByteList
> need to be patched
> 
>@param[in, out] TableThe TPM item in ACPI table.
>@param[in]  IrqBufferInput new IRQ buffer.
>@param[in]  IrqBuffserSize   Input new IRQ buffer size.
> +  @param[out] IsShortFormPkgLength   If _PRS returns Short length
> Package(ACPI spec 20.2.4).
> 
>@return  patch status.
> 
>  **/
>  EFI_STATUS
>  UpdatePossibleResource (
> -  EFI_ACPI_DESCRIPTION_HEADER*Table,
> -  UINT32 *IrqBuffer,
> -  UINT32 IrqBuffserSize
> +  IN  EFI_ACPI_DESCRIPTION_HEADER*Table,
> +  IN  UINT32 *IrqBuffer,
> +  IN  UINT32 IrqBuffserSize,
> +  OUT BOOLEAN*IsShortFormPkgLength
>)
>  {
>UINT8   *DataPtr;
>UINT8   *DataEndPtr;
>UINT32  NewPkgLength;
> @@ -429,11 +431,11 @@ UpdatePossibleResource (
>*(DataPtr + 2) = (UINT8)(IrqBuffserSize + 19);
> 
>//
>// Notify _PRS to report short formed ResourceTemplate
>//
> -  mTcgNvs->IsShortFormPkgLength = TRUE;
> +  *IsShortFormPkgLength = TRUE;
> 
>break;
>  }
>}
> 
> @@ -501,11 +503,11 @@ UpdatePossibleResource (
>  *(DataPtr + 2 + ((*DataPtr & (BIT7|BIT6)) >> 6)) = 
> (UINT8)(IrqBuffserSize +
> 19);
> 
>  //
>  // Notify _PRS to report long formed ResourceTemplate
>  //
> -mTcgNvs->IsShortFormPkgLength = FALSE;
> +*IsShortFormPkgLength = FALSE;
>  break;
>}
>  }
>}
> 
> @@ -670,10 +672,13 @@ PublishAcpiTable (
>UINTN  TableKey;
>EFI_ACPI_DESCRIPTION_HEADER*Table;
>UINTN  TableSize;
>UINT32 *PossibleIrqNumBuf;
>UINT32 PossibleIrqNumBufSize;
> +  BOOLEANIsShortFormPkgLength;
> +
> +  IsShortFormPkgLength = FALSE;
> 
>Status = GetSectionFromFv (
>   ,
>   EFI_SECTION_RAW,
>   0,
> @@ -708,11 +713,11 @@ PublishAcpiTable (
>  //
>  PossibleIrqNumBuf = (UINT32 *)PcdGetPtr(PcdTpm2PossibleIrqNumBuf);
>  PossibleIrqNumBufSize = (UINT32)PcdGetSize(PcdTpm2PossibleIrqNumBuf);
> 
>  if (PossibleIrqNumBufSize <= MAX_PRS_INT_BUF_SIZE &&
> (PossibleIrqNumBufSize % sizeof(UINT32)) == 0) {
> -  Status = UpdatePossibleResource(Table, PossibleIrqNumBuf,
> PossibleIrqNumBufSize);
> +  Status = UpdatePossibleResource(Table, PossibleIrqNumBuf,
> PossibleIrqNumBufSize, );
>DEBUG ((
>  DEBUG_INFO,
>  "UpdatePossibleResource status - %x. TPM2 service may not ready in
> OS.\n",
>  Status
>  ));
> @@ -741,11 +746,11 @@ PublishAcpiTable (
>ASSERT (Table->OemTableId == SIGNATURE_64 ('T', 'p', 'm', '2', 'T', 'a', 
> 'b', 'l'));
>CopyMem (Table->OemId, PcdGetPtr (PcdAcpiDefaultOemId), sizeof (Table-
> >OemId) );
>mTcgNvs = AssignOpRegion (Table, SIGNATURE_32 ('T', 'N', 'V', 'S'), 
> (UINT16)
> sizeof (TCG_NVS));
>ASSERT (mTcgNvs != NULL);
>mTcgNvs->TpmIrqNum= PcdGet32(PcdTpm2CurrentIrqNum);
> -  mTcgNvs->IsShortFormPkgLength = FALSE;
> +  mTcgNvs->IsShortFormPkgLength = IsShortFormPkgLength;
> 
>//
>// Publish the TPM ACPI table. Table is re-checksumed.
>//
>Status = gBS->LocateProtocol (, NULL, (VOID **)
> );
> --
> 2.16.2.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] SecurityPkg: fix sha256 signature check

2018-05-11 Thread Long, Qin 

> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> Laszlo Ersek
> Sent: Thursday, May 10, 2018 8:36 PM
> To: James Bottomley <james.bottom...@hansenpartnership.com>; edk2-
> de...@lists.01.org
> Cc: Zhang Lubo <lubo.zh...@intel.com>
> Subject: Re: [edk2] [PATCH] SecurityPkg: fix sha256 signature check
> 
> On 05/10/18 00:09, James Bottomley wrote:
> > commit c035e37335ae43229d7e68de74a65f2c01ebc0af
> > Author: Zhang Lubo <lubo.zh...@intel.com>
> > Date:   Thu Jan 5 14:58:05 2017 +0800
> >
> > SecurityPkg: enhance secure boot Config Dxe & Time Based AuthVariable.
> >
> > Added a check for sha256 being the ownly allowed signature hash.
> > Unfortuantely this commit assumed the form of the signature data was a
> > raw SignedData sequence.  Most tools actually generate a ContentInfo
> > sequence instead which contains a header identifying the content as
> > pkcs7-SignedData.  Fix this check to allow either format to work.
> >
> > This fix is needed at least for efitools because we generate signed
> > variable updates with the ContentInfo header.
> >
> > Signed-off-by: James Bottomley
> <james.bottom...@hansenpartnership.com>
> > ---
> >  CryptoPkg/Library/OpensslLib/openssl  |  2 +-
> >  SecurityPkg/Library/AuthVariableLib/AuthService.c | 11 ++-
> >  2 files changed, 11 insertions(+), 2 deletions(-)
> >
> > diff --git a/CryptoPkg/Library/OpensslLib/openssl
> > b/CryptoPkg/Library/OpensslLib/openssl
> > index b2758a2292..d4e4bd2a81 16
> > --- a/CryptoPkg/Library/OpensslLib/openssl
> > +++ b/CryptoPkg/Library/OpensslLib/openssl
> > @@ -1 +1 @@
> > -Subproject commit b2758a2292aceda93e9f44c219b94fe21bb9a650
> > +Subproject commit d4e4bd2a8163f355fa8a3884077eaec7adc75ff7
> 
> This hunk should not be necessary; please see edk2 commit b85b20fba42e
> ("CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0h", 2018-04-15).
> 
> (I'll let the SecurityPkg maintainers review the rest.)
> 
> Thanks,
> Laszlo

[Long, Qin] I think so. 
OpenSSL submodule was already upgraded to 1.1.0h (d4e4bd2a8...)

> 
> > diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c
> > b/SecurityPkg/Library/AuthVariableLib/AuthService.c
> > index 213a524f27..855ea3350a 100644
> > --- a/SecurityPkg/Library/AuthVariableLib/AuthService.c
> > +++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c
> > @@ -1908,10 +1908,19 @@ VerifyTimeBasedPayload (
> >//in VARIABLE_AUTHENTICATION_2 descriptor.
> >//This field has the fixed offset (+13) and be calculated based on 
> > two
> bytes of length encoding.
> >//
> > +  // However the data may also begin
> > +  //   ContentInfo ::= SEQUENCE {
> > +  //  contentType ContentType,
> > +  //  content
> > +  //[0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
> > +  //
> > +  // In which case the fixed offset is +32  //
> >if ((Attributes &
> EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
> >  if (SigDataSize >= (13 + sizeof (mSha256OidValue))) {
> >if (((*(SigData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) ||
> > -   (CompareMem (SigData + 13, , sizeof
> (mSha256OidValue)) != 0)) {
> > + (CompareMem (SigData + 13, , sizeof
> (mSha256OidValue)) != 0 &&
> > +  CompareMem (SigData + 32, , sizeof
> > +(mSha256OidValue)) != 0)) {
> >return EFI_SECURITY_VIOLATION;
> >  }
> >  }
> >
[Long, Qin]  This part looks good to me. 
I prefer to add this to make both formats (with or without contentType) 
to work.

> 
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] CryptoPkg/CrtLibSupport: add secure_getenv() stub function

2018-05-08 Thread Long, Qin 
It's OK for me to add this NULL wrapper. 

Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Laszlo Ersek [mailto:ler...@redhat.com] 
Sent: Tuesday, May 8, 2018 4:21 AM
To: edk2-devel-01 <edk2-devel@lists.01.org>
Cc: Long, Qin <qin.l...@intel.com>; Ye, Ting <ting...@intel.com>
Subject: [PATCH] CryptoPkg/CrtLibSupport: add secure_getenv() stub function

The Fedora distro ships a modified OpenSSL 1.1.0 package stream. One of their 
patches calls the secure_getenv() C library function. We already have a stub 
for getenv(); it applies trivially to secure_getenv() as well.
Add the secure_getenv() stub so that edk2 can be built with Fedora's OpenSSL 
1.1.0 sources.

Cc: Qin Long <qin.l...@intel.com>
Cc: Ting Ye <ting...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <ler...@redhat.com>
---

Notes:
Repo:   https://github.com/lersek/edk2.git
Branch: secure_getenv

 CryptoPkg/Library/Include/CrtLibSupport.h   |  1 +
 CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c | 13 +
 2 files changed, 14 insertions(+)

diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h 
b/CryptoPkg/Library/Include/CrtLibSupport.h
index 7f1ec1230206..feaf58b0c79a 100644
--- a/CryptoPkg/Library/Include/CrtLibSupport.h
+++ b/CryptoPkg/Library/Include/CrtLibSupport.h
@@ -163,6 +163,7 @@ gid_t  getgid  (void);
 gid_t  getegid (void);
 void   qsort   (void *, size_t, size_t, int (*)(const void *, 
const void *));
 char   *getenv (const char *);
+char   *secure_getenv (const char *);
 #if defined(__GNUC__) && (__GNUC__ >= 2)
 void   abort   (void) __attribute__((__noreturn__));
 #else
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c 
b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
index 20c96563d270..9510a4a383e6 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
@@ -361,6 +361,19 @@ char *getenv (const char *varname)
   return NULL;
 }
 
+/* Get a value from the current environment */ char *secure_getenv 
+(const char *varname) {
+  //
+  // Null secure_getenv() function implementation to satisfy the 
+linker, since
+  // there is no direct functionality logic dependency in present UEFI cases.
+  //
+  // From the secure_getenv() manual: 'just like getenv() except that 
+it
+  // returns NULL in cases where "secure execution" is required'.
+  //
+  return NULL;
+}
+
 //
 // -- Stream I/O Routines --
 //
--
2.14.1.3.gb7cf6e02401b

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch] NetworkPkg/NetworkPkg.dsc: Add the instance of library class [SafeIntLib].

2018-05-04 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Jiaxin Wu
Sent: Friday, May 4, 2018 11:53 AM
To: edk2-devel@lists.01.org
Cc: Ye, Ting <ting...@intel.com>; Bi, Dandan <dandan...@intel.com>; Fu, Siyuan 
<siyuan...@intel.com>; Wu, Jiaxin <jiaxin...@intel.com>; Long, Qin 
<qin.l...@intel.com>
Subject: [edk2] [Patch] NetworkPkg/NetworkPkg.dsc: Add the instance of library 
class [SafeIntLib].

This patch is to add the instance of library class [SafeIntLib] to fix the 
NetworkPkg build error, which is caused by the commit of 2167c7f7 that the 
TlsLib will always consume SafeIntLib.

Cc: Ye Ting <ting...@intel.com>
Cc: Fu Siyuan <siyuan...@intel.com>
Cc: Long Qin <qin.l...@intel.com>
Cc: Bi Dandan <dandan...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin...@intel.com>
---
 NetworkPkg/NetworkPkg.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/NetworkPkg/NetworkPkg.dsc b/NetworkPkg/NetworkPkg.dsc index 
471361ce86..dcca5f9fba 100644
--- a/NetworkPkg/NetworkPkg.dsc
+++ b/NetworkPkg/NetworkPkg.dsc
@@ -43,10 +43,11 @@
   TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplate.inf
   
PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
   
PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
   DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf
   
DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf
+  SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
 
   DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf
   NetLib|MdeModulePkg/Library/DxeNetLib/DxeNetLib.inf
   IpIoLib|MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.inf
   UdpIoLib|MdeModulePkg/Library/DxeUdpIoLib/DxeUdpIoLib.inf
--
2.16.2.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] Set "db" variable in secure boot setup mode still requires generating PKCS#7?

2018-05-02 Thread Long, Qin 
Hi, David,

Yes, in Setup / Custom mode, no need to generate the AuthData for verification. 
It's good enough to create the AUTH_2 descriptor / headers without CertData as 
the parameter for SetVariable() call.

Do you mean this code snippet can succeed to enroll KEK, but fail to enroll DB 
data?
The data initialization from code snippet looks good. What's the returned 
errcode value? (And one reminder is that KEK and DB are binding with different 
vendor GUID: gEfiGlobalVariableGuid, and gEfiImageSecurityDatabaseGuid).


Best Regards & Thanks,
LONG, Qin

From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of David F.
Sent: Thursday, May 3, 2018 12:26 AM
To: Laszlo Ersek <ler...@redhat.com>
Cc: edk2 developers list <edk2-devel@lists.01.org>
Subject: Re: [edk2] Set "db" variable in secure boot setup mode still requires 
generating PKCS#7?

This Intel mobo didn't like?  This is the code snippet that builds it:

// calc size of header (with no certdata) and crt file data to add
size_t authhdrsize;
size_t siglisthdrsize;

if (applyrawdata) {
  authhdrsize=0;
  siglisthdrsize=0;
}
else {
  authhdrsize=offsetof(EFI_VARIABLE_AUTHENTICATION_2,
AuthInfo)+offsetof(WIN_CERTIFICATE_UEFI_GUID, CertData);
  siglisthdrsize=sizeof(EFI_SIGNATURE_LIST)+offsetof(EFI_SIGNATURE_DATA,
SignatureData);
}
size_t tempbufsize=ffinfo.FileSize+authhdrsize+siglisthdrsize;

BYTE *tempbuf;
if ((tempbuf=new BYTE [tempbufsize])!=NULL) {
  // variable to determine where to read file
  BYTE *certdata=tempbuf;
  // determine if need to prefix .crt for kek/db entries
  if (!applyrawdata) {
// zero header part of buffer so all are init to zero
memset(tempbuf, 0, authhdrsize+siglisthdrsize);
//
// setup EFI_VARIABLE_AUTHENTICATION_2  header
//
EFI_VARIABLE_AUTHENTICATION_2
*efivarauth2=(EFI_VARIABLE_AUTHENTICATION_2 *) tempbuf;
// setup time
TimeTToUEFITimeGMT(time(NULL), >TimeStamp);
efivarauth2->TimeStamp.Nanosecond=0;
// setup authinfo (without any CertData)
efivarauth2->AuthInfo.Hdr.dwLength=offsetof(WIN_CERTIFICATE_UEFI_GUID,
CertData);
efivarauth2->AuthInfo.Hdr.wRevision=0x200;
efivarauth2->AuthInfo.Hdr.wCertificateType=WIN_CERT_TYPE_EFI_GUID;
efivarauth2->AuthInfo.CertType=gEfiCertPkcs7Guid;
//
// setup EFI_SIGNATURE_LIST
//
EFI_SIGNATURE_LIST *efisiglist=(EFI_SIGNATURE_LIST *)
(tempbuf+authhdrsize);
efisiglist->SignatureType=gEfiCertX509Guid;

efisiglist->SignatureListSize=(uint32_t)(ffinfo.FileSize+siglisthdrsize);
efisiglist->SignatureHeaderSize=0;
efisiglist->SignatureSize=ffinfo.FileSize+offsetof(EFI_SIGNATURE_DATA,
SignatureData);
//
// setup EFI_SIGNATURE_DATA  (no owner)
//
EFI_SIGNATURE_DATA *efisigdata=(EFI_SIGNATURE_DATA *)
((BYTE*)efisiglist+sizeof(EFI_SIGNATURE_LIST)+efisiglist->SignatureHeaderSize);
certdata=efisigdata->SignatureData;
  }
  // Read file to buffer
  if ((errcode=FSOpenReadCloseFile(openpath, certdata, 0, ffinfo.FileSize,
NULL, filesys))==ERROR_NONE) {
// have the data, now write it to the correct variable
uint32_t varattr=EFI_VARIABLE_NON_VOLATILE|
 EFI_VARIABLE_BOOTSERVICE_ACCESS|
 EFI_VARIABLE_RUNTIME_ACCESS|
 EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
if (!rparam) {
  varattr|=EFI_VARIABLE_APPEND_WRITE;
}

// update variable
errcode=UEFISetVariable(varname, guidstr, tempbuf, tempbufsize,
varattr);
  }
  // clean up
  delete[] tempbuf;
}


On Wed, May 2, 2018 at 3:21 AM, Laszlo Ersek 
<ler...@redhat.com<mailto:ler...@redhat.com>> wrote:

> On 05/01/18 23:13, David F. wrote:
> > Hi,
> >
> > Had a fairly simple task of wanting to install the latest MS .crt
> > files for KEK, and their two files for the "db" (the Windows CA and
> > UEFI CA) in a system placed in setup/custom mode.  However, even
> > though it seemed to take the KEK, it never took the "db", always had a
> > problem on a DH77KC mobo (dumped data headers looked as expected). Now
> > when I constructed it, I thought I could leave out any PKCS#7 data
> > (set the expected CertType but in the Hdr dwLength only included
> > CertType and not any CertData),
>
> Right, I've stumbled upon that too. According to the UEFI spec, dwLength
> should include CertData too, but edk2 does *not* accept that. This can
> be seen e.g. in
> "SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/
> SecureBootConfigImpl.c",
> function CreateTimeBasedPayload():
>
> >   //
> >   // In Setup mode or Custom mode, the variable does not need to be
> signed but the
> >   // parameters to the SetVariable() call still need to be prepared as
> authenticated
> >   // variable. So we create EFI_VARIABLE_AUTHENTICATED_2 descriptor
> without certifica

Re: [edk2] [PATCH] CryptoPkg/OpensslLib: remove OpenSSL version number from OpenSSL-HOWTO.txt

2018-04-25 Thread Long, Qin 
Yes, this was not refreshed at last upgrade. And I agree it's better to remove 
this statement.

Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Laszlo Ersek [mailto:ler...@redhat.com] 
Sent: Thursday, April 26, 2018 1:58 AM
To: edk2-devel-01 <edk2-devel@lists.01.org>
Cc: Long, Qin <qin.l...@intel.com>; Ye, Ting <ting...@intel.com>
Subject: [PATCH] CryptoPkg/OpensslLib: remove OpenSSL version number from 
OpenSSL-HOWTO.txt

Remove any concrete OpenSSL version numbers from "OpenSSL-HOWTO.txt". That 
information is out of date and there's no reason for us to refresh it:

We now track stable OpenSSL releases via a git submodule. CryptoPkg maintainers 
push such submodule updates to edk2 that identify the correct stable releases 
of OpenSSL. "OpenSSL-HOWTO.txt" already provides instructions to users for 
updating their local submodules.

Cc: Qin Long <qin.l...@intel.com>
Cc: Ting Ye <ting...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <ler...@redhat.com>
---
 CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt | 1 -
 1 file changed, 1 deletion(-)

diff --git a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt 
b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
index 36f8e711dda3..db45eb88d17a 100644
--- a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
+++ b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
@@ -18,7 +18,6 @@ on the cryptography.
  OpenSSL-Version  
=
   EDKII supports building with the latest release of OpenSSL.
-  The latest official release is OpenSSL-1.1.0g (Released at 2017-Nov-02).
   NOTE: Only latest release version was fully validated.
 And no guarantees on build & functionality if using other versions.
 
--
2.14.1.3.gb7cf6e02401b

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH v2 2/2] CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0h

2018-04-15 Thread Long, Qin 
Thanks, Laszlo!
Pushed these two fixes with updates by the commits:
a701ea0fe1d5178eb4fd2659d83461751cb9e7c9
b85b20fba42e25ff658ed1a470250d530c189027


Best Regards & Thanks,
LONG, Qin

From: Laszlo Ersek [mailto:ler...@redhat.com]
Sent: Saturday, April 14, 2018 4:08 AM
To: Long, Qin <qin.l...@intel.com>; Ye, Ting <ting...@intel.com>
Cc: edk2-devel@lists.01.org
Subject: Re: [edk2] [PATCH v2 2/2] CryptoPkg/OpensslLib: Update OpenSSL version 
to 1.1.0h

On 04/12/18 05:08, Long Qin wrote:
> (https://bugzilla.tianocore.org/show_bug.cgi?id=927)
>
> (V2 Update:
> Removing the wrong "--remote" option from git submodule update
> command in this commit message. Thanks Leszlo's clarification
> to correct this)

(1) "Laszlo", not "Leszlo" :)

Apology!. ☺


>
> Update OpenSSL version to 1.1.0h release (27-Mar-2018) to include the
> fix for CVE-2018-0739 issue (Handling of crafted recursive ASN.1
> structures can cause a stack overflow and resulting denial of service,
> Refer to https://www.openssl.org/news/secadv/20180327.txt for more
> information).
>
> Please note "git pull" will not update the submodule repository.
> use the following commend to make your existing submodule track this
> update:
>$ git submodule update -–recursive

(2) OK, so this is a tricky one. The "--recursive" option starts with
two hyphen characters (ASCII 0x2D). However, the string above starts
with a hyphen (ASCII 0x2D) and then a unicode EN DASH codepoint
(U+2013). Please replace it with a normal hyphen.

More below:

>
> Cc: Laszlo Ersek <ler...@redhat.com<mailto:ler...@redhat.com>>
> Cc: Ye Ting <ting...@intel.com<mailto:ting...@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Long Qin <qin.l...@intel.com<mailto:qin.l...@intel.com>>
> ---
>  CryptoPkg/Library/OpensslLib/openssl | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/CryptoPkg/Library/OpensslLib/openssl 
> b/CryptoPkg/Library/OpensslLib/openssl
> index b2758a2292..d4e4bd2a81 16
> --- a/CryptoPkg/Library/OpensslLib/openssl
> +++ b/CryptoPkg/Library/OpensslLib/openssl
> @@ -1 +1 @@
> -Subproject commit b2758a2292aceda93e9f44c219b94fe21bb9a650
> +Subproject commit d4e4bd2a8163f355fa8a3884077eaec7adc75ff7
>

With the commit msg updates:

Reviewed-by: Laszlo Ersek <ler...@redhat.com<mailto:ler...@redhat.com>>

I also tested this patch, with an off-disk Secure Boot, and an HTTPS
boot. Both worked fine.

Tested-by: Laszlo Ersek <ler...@redhat.com<mailto:ler...@redhat.com>>

Thanks!
Laszlo
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH v2 1/2] CryptoPkg/OpensslLib: Fix the documentation about submodule update

2018-04-12 Thread Long, Qin 

Ah, "it's wrong here" means "the existence of "--remote" in original suggested 
command is wrong". 
"It's important" looks also make sense to address the "update" goal.  I can 
update that, if old message will cause confusion.


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Laszlo Ersek [mailto:ler...@redhat.com] 
Sent: Thursday, April 12, 2018 5:56 PM
To: Long, Qin <qin.l...@intel.com>; Ye, Ting <ting...@intel.com>
Cc: edk2-devel@lists.01.org
Subject: Re: [PATCH v2 1/2] CryptoPkg/OpensslLib: Fix the documentation about 
submodule update

Hello Qin,

On 04/12/18 05:08, Long Qin wrote:
> This patch is to drop "--remote" option from the original suggested 
> submodule update command ("$ git submodule update --recursive
> --remote") in HOWTO document.
> 
> "--remote" option will integrate changes from the upstream subproject 
> with the submodules's "current HEAD", instead of using the edk2 
> superproject's "recorded SHA-1". It is wrong here for the edk2

The commit message makes sense, and the patch is good, but I think there's a 
significant typo in the commit message.

Namely, the word "wrong" is wrong :) Instead, it should be "important".

Or else, "it is the goal for the edk2 consumes to ...".

Do you agree?

(I'll come to the second patch sometime later.)

Thanks!
Laszlo

> consumers to updating the working tree of the submodules to match the 
> commit / release tag that the superproject expects.
> 
> Removing "--remote" option to fix the documentation issue here.
> 
> Cc: Laszlo Ersek <ler...@redhat.com>
> Cc: Ye Ting <ting...@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Long Qin <qin.l...@intel.com>
> ---
>  CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt 
> b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
> index ac63d4c077..36f8e711dd 100644
> --- a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
> +++ b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
> @@ -40,7 +40,7 @@ or
>And use the following combined commands to pull the remote 
> submodule updates  (e.g. Updating the new supported OpenSSL release tag):
>   $ git pull --recurse-submodules && \
> -   git submodule update --recursive --remote
> +   git submodule update --recursive
>  
>  =
>About process_files.pl
> 

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH v2 0/9] {Ovmf, Mde, Network, Crypto}Pkg: fixes+features for setting HTTPS cipher suites

2018-04-12 Thread Long, Qin 
Hi, Laszlo,

The updated patch series looks good to me.

Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Laszlo Ersek [mailto:ler...@redhat.com] 
Sent: Wednesday, April 11, 2018 6:43 PM
To: edk2-devel@lists.01.org
Cc: Ard Biesheuvel <ard.biesheu...@linaro.org>; Gary Ching-Pang Lin 
<g...@suse.com>; Wu, Jiaxin <jiaxin...@intel.com>; Justen, Jordan L 
<jordan.l.jus...@intel.com>; Gao, Liming <liming@intel.com>; Kinney, 
Michael D <michael.d.kin...@intel.com>; Long, Qin <qin.l...@intel.com>; Fu, 
Siyuan <siyuan...@intel.com>; Ye, Ting <ting...@intel.com>
Subject: [PATCH v2 0/9] {Ovmf,Mde,Network,Crypto}Pkg: fixes+features for 
setting HTTPS cipher suites

Repo:   https://github.com/lersek/edk2.git
Branch: tls_ciphers_v2

This is version 2 of the series posted earlier at

  20180403145149.8925-1-lersek@redhat.com">http://mid.mail-archive.com/20180403145149.8925-1-lersek@redhat.com
  https://lists.01.org/pipermail/edk2-devel/2018-April/023402.html

Changes are noted per patch. One important change cannot be highlighted that 
way however, because it involves the dropping of the following two patches from 
v1:

  [edk2] [PATCH 08/13] CryptoPkg/TlsLib: add the "TlsMappingTable.sh"
   POSIX shell script

  [edk2] [PATCH 09/13] CryptoPkg/TlsLib: extend "TlsCipherMappingTable"

I retested HTTPS boot with this series; it succeeded. The TLS cipher suite 
preference list came from the system-wide configuration on my
RHEL-7 laptop; basically the binary CipherId array from the command "openssl 
ciphers -V". The relevant lines from the OVMF log were:

> TlsAuthConfigDxe:SetCipherSuites: stored list of cipher suites (190 
> byte(s)) [...]
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC030
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC02C
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC028
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC024
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC014
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC00A
> TlsDxe:TlsSetCipherList: skipping CipherId=0x00A5
> TlsDxe:TlsSetCipherList: skipping CipherId=0x00A3
> TlsDxe:TlsSetCipherList: skipping CipherId=0x00A1
> TlsDxe:TlsSetCipherList: skipping CipherId=0x009F
> TlsDxe:TlsSetCipherList: skipping CipherId=0x006A
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0038
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0088
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0087
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0086
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0085
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC032
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC02E
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC02A
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC026
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC00F
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC005
> TlsDxe:TlsSetCipherList: skipping CipherId=0x009D
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0084
> TlsDxe:TlsSetCipherList: skipping CipherId=0x008D
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC02F
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC02B
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC027
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC023
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC013
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC009
> TlsDxe:TlsSetCipherList: skipping CipherId=0x00A4
> TlsDxe:TlsSetCipherList: skipping CipherId=0x00A2
> TlsDxe:TlsSetCipherList: skipping CipherId=0x00A0
> TlsDxe:TlsSetCipherList: skipping CipherId=0x009E
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0040
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0032
> TlsDxe:TlsSetCipherList: skipping CipherId=0x009A
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0099
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0098
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0097
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0045
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0044
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0043
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0042
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC031
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC02D
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC029
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC025
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC00E
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC004
> TlsDxe:TlsSetCipherList: skipping CipherId=0x009C
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0096
> TlsDxe:TlsSetCipherList: skipping CipherId=0x0041
> TlsDxe:TlsSetCipherList: skipping CipherId=0x008C
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC012
> TlsDxe:TlsSetCipherList: skipping CipherId=0xC008
> TlsDxe:TlsS

Re: [edk2] [PATCH] CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0h

2018-04-11 Thread Long, Qin 
Hi, Laszlo,

You are right. "--remote" is really incorrect here.
And thanks you so much to point out this. 


Best Regards & Thanks,
LONG, Qin

-Original Message-----
From: Long, Qin 
Sent: Wednesday, April 11, 2018 4:39 PM
To: 'Laszlo Ersek' <ler...@redhat.com>; Ye, Ting <ting...@intel.com>
Cc: edk2-devel@lists.01.org
Subject: RE: [edk2] [PATCH] CryptoPkg/OpensslLib: Update OpenSSL version to 
1.1.0h

Thank you so much about this clarification, Laszlo.
The submodule maintenance (commands for update / sync) looks a little  confused 
to me. 

Let me check more locally before the V2.


Best Regards & Thanks,
LONG, Qin


-Original Message-
From: Laszlo Ersek [mailto:ler...@redhat.com]
Sent: Wednesday, April 11, 2018 4:34 PM
To: Long, Qin <qin.l...@intel.com>; Ye, Ting <ting...@intel.com>
Cc: edk2-devel@lists.01.org
Subject: Re: [edk2] [PATCH] CryptoPkg/OpensslLib: Update OpenSSL version to 
1.1.0h

Hello Qin,

On 04/11/18 10:11, Long Qin wrote:
> (https://bugzilla.tianocore.org/show_bug.cgi?id=927)
> 
> Update OpenSSL version to 1.1.0h release (27-Mar-2018) to include the 
> fix for CVE-2018-0739 issue (Handling of crafted recursive ASN.1 
> structures can cause a stack overflow and resulting denial of service, 
> Refer to https://www.openssl.org/news/secadv/20180327.txt for more 
> information).

Thank you for addressing this BZ so quickly. However, I have a comment on the 
commit message:

> 
> Please note "git pull" will not update the submodule repository.
> use the following commend to make your existing submodule track this
> update:
>$ git submodule update -–recursive --remote

The "--remote" option is wrong here. The git-submodule documentation says,

   --remote
   This option is only valid for the update command. Instead
   of using the superproject's recorded SHA-1 to update the
   submodule, use the status of the submodule's
   remote-tracking branch. [...]

   [...]

   Use this option to integrate changes from the upstream
   subproject with your submodule's current HEAD. [...]

That is exactly what normal edk2 consumers should *not* do -- because they do 
not want to update their openssl submodule to the latest upstream OpenSSL 
release; instead they want to update their openssl submodule to the commit hash 
that you are recording in this patch.

... In fact I've now found the same issue in our documentation, 
"CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt". It also recommends "--remote".

I suggest the following: please post two patches.

* The first patch should fix the documentation. The "--remote" option should be 
moved from the "user" section to the "maintainer" section -- that is, drop the 
"--remote" option from its current place, and explain it separately, similarly 
to "process_files.pl" (which is also only for maintainers).

The "--remote" option is correct for *you*, the CryptoPkg maintainer, because 
you are pulling the new OpenSSL release into edk2, for the rest of the edk2 
users. But those users only want to consume the OpenSSL commit hash that you 
record for them, not the OpenSSL master branch.

* The second patch should be this patch, but the commit message should not 
contain the "--remote" option.

One more comment below:

> 
> Cc: Ye Ting <ting...@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Long Qin <qin.l...@intel.com>
> ---
>  CryptoPkg/Library/OpensslLib/openssl | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/CryptoPkg/Library/OpensslLib/openssl
> b/CryptoPkg/Library/OpensslLib/openssl
> index b2758a2292..d4e4bd2a81 16
> --- a/CryptoPkg/Library/OpensslLib/openssl
> +++ b/CryptoPkg/Library/OpensslLib/openssl
> @@ -1 +1 @@
> -Subproject commit b2758a2292aceda93e9f44c219b94fe21bb9a650
> +Subproject commit d4e4bd2a8163f355fa8a3884077eaec7adc75ff7
> 

I agree that this commit corresponds to the "OpenSSL_1_1_0h" tag, in the 
upstream OpenSSL release.


Once you post v2, I'll make an effort to review and test it reasonably quickly. 
(I have a Secure Boot test from hard disk, and an HTTPS boot test, in mind.)

Thanks!
Laszlo
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH v2 2/2] CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0h

2018-04-11 Thread Long Qin 
(https://bugzilla.tianocore.org/show_bug.cgi?id=927)

(V2 Update:
Removing the wrong "--remote" option from git submodule update
command in this commit message. Thanks Leszlo's clarification
to correct this)

Update OpenSSL version to 1.1.0h release (27-Mar-2018) to include the
fix for CVE-2018-0739 issue (Handling of crafted recursive ASN.1
structures can cause a stack overflow and resulting denial of service,
Refer to https://www.openssl.org/news/secadv/20180327.txt for more
information).

Please note "git pull" will not update the submodule repository.
use the following commend to make your existing submodule track this
update:
   $ git submodule update -–recursive

Cc: Laszlo Ersek <ler...@redhat.com>
Cc: Ye Ting <ting...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long Qin <qin.l...@intel.com>
---
 CryptoPkg/Library/OpensslLib/openssl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CryptoPkg/Library/OpensslLib/openssl 
b/CryptoPkg/Library/OpensslLib/openssl
index b2758a2292..d4e4bd2a81 16
--- a/CryptoPkg/Library/OpensslLib/openssl
+++ b/CryptoPkg/Library/OpensslLib/openssl
@@ -1 +1 @@
-Subproject commit b2758a2292aceda93e9f44c219b94fe21bb9a650
+Subproject commit d4e4bd2a8163f355fa8a3884077eaec7adc75ff7
-- 
2.16.1.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH v2 1/2] CryptoPkg/OpensslLib: Fix the documentation about submodule update

2018-04-11 Thread Long Qin 
This patch is to drop "--remote" option from the original suggested
submodule update command ("$ git submodule update --recursive
--remote") in HOWTO document.

"--remote" option will integrate changes from the upstream subproject
with the submodules's "current HEAD", instead of using the edk2
superproject's "recorded SHA-1". It is wrong here for the edk2
consumers to updating the working tree of the submodules to match the
commit / release tag that the superproject expects.

Removing "--remote" option to fix the documentation issue here.

Cc: Laszlo Ersek <ler...@redhat.com>
Cc: Ye Ting <ting...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long Qin <qin.l...@intel.com>
---
 CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt 
b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
index ac63d4c077..36f8e711dd 100644
--- a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
+++ b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
@@ -40,7 +40,7 @@ or
   And use the following combined commands to pull the remote submodule updates
 (e.g. Updating the new supported OpenSSL release tag):
  $ git pull --recurse-submodules && \
-   git submodule update --recursive --remote
+   git submodule update --recursive
 
 =
   About process_files.pl
-- 
2.16.1.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH v2 0/2] Update OpenSSL version to 1.1.0h

2018-04-11 Thread Long Qin 
Updating the supported OpenSSL version to 1.1.0h release.
Additional patch is to address / fix one HOWTO documentation issue
about submodule update command which used the wrong "--remote" option.
(Thanks Laszlo's catch).

Long Qin (2):
  CryptoPkg/OpensslLib: Fix the documentation about submodule update
  CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0h

 CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt | 2 +-
 CryptoPkg/Library/OpensslLib/openssl   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

-- 
2.16.1.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0h

2018-04-11 Thread Long, Qin 
Thank you so much about this clarification, Laszlo.
The submodule maintenance (commands for update / sync) looks a little  confused 
to me. 

Let me check more locally before the V2.


Best Regards & Thanks,
LONG, Qin


-Original Message-
From: Laszlo Ersek [mailto:ler...@redhat.com] 
Sent: Wednesday, April 11, 2018 4:34 PM
To: Long, Qin <qin.l...@intel.com>; Ye, Ting <ting...@intel.com>
Cc: edk2-devel@lists.01.org
Subject: Re: [edk2] [PATCH] CryptoPkg/OpensslLib: Update OpenSSL version to 
1.1.0h

Hello Qin,

On 04/11/18 10:11, Long Qin wrote:
> (https://bugzilla.tianocore.org/show_bug.cgi?id=927)
> 
> Update OpenSSL version to 1.1.0h release (27-Mar-2018) to include the 
> fix for CVE-2018-0739 issue (Handling of crafted recursive ASN.1 
> structures can cause a stack overflow and resulting denial of service, 
> Refer to https://www.openssl.org/news/secadv/20180327.txt for more 
> information).

Thank you for addressing this BZ so quickly. However, I have a comment on the 
commit message:

> 
> Please note "git pull" will not update the submodule repository.
> use the following commend to make your existing submodule track this
> update:
>$ git submodule update -–recursive --remote

The "--remote" option is wrong here. The git-submodule documentation says,

   --remote
   This option is only valid for the update command. Instead
   of using the superproject's recorded SHA-1 to update the
   submodule, use the status of the submodule's
   remote-tracking branch. [...]

   [...]

   Use this option to integrate changes from the upstream
   subproject with your submodule's current HEAD. [...]

That is exactly what normal edk2 consumers should *not* do -- because they do 
not want to update their openssl submodule to the latest upstream OpenSSL 
release; instead they want to update their openssl submodule to the commit hash 
that you are recording in this patch.

... In fact I've now found the same issue in our documentation, 
"CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt". It also recommends "--remote".

I suggest the following: please post two patches.

* The first patch should fix the documentation. The "--remote" option should be 
moved from the "user" section to the "maintainer" section -- that is, drop the 
"--remote" option from its current place, and explain it separately, similarly 
to "process_files.pl" (which is also only for maintainers).

The "--remote" option is correct for *you*, the CryptoPkg maintainer, because 
you are pulling the new OpenSSL release into edk2, for the rest of the edk2 
users. But those users only want to consume the OpenSSL commit hash that you 
record for them, not the OpenSSL master branch.

* The second patch should be this patch, but the commit message should not 
contain the "--remote" option.

One more comment below:

> 
> Cc: Ye Ting <ting...@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Long Qin <qin.l...@intel.com>
> ---
>  CryptoPkg/Library/OpensslLib/openssl | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/CryptoPkg/Library/OpensslLib/openssl 
> b/CryptoPkg/Library/OpensslLib/openssl
> index b2758a2292..d4e4bd2a81 16
> --- a/CryptoPkg/Library/OpensslLib/openssl
> +++ b/CryptoPkg/Library/OpensslLib/openssl
> @@ -1 +1 @@
> -Subproject commit b2758a2292aceda93e9f44c219b94fe21bb9a650
> +Subproject commit d4e4bd2a8163f355fa8a3884077eaec7adc75ff7
> 

I agree that this commit corresponds to the "OpenSSL_1_1_0h" tag, in the 
upstream OpenSSL release.


Once you post v2, I'll make an effort to review and test it reasonably quickly. 
(I have a Secure Boot test from hard disk, and an HTTPS boot test, in mind.)

Thanks!
Laszlo
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0h

2018-04-11 Thread Long Qin 
(https://bugzilla.tianocore.org/show_bug.cgi?id=927)

Update OpenSSL version to 1.1.0h release (27-Mar-2018) to include the
fix for CVE-2018-0739 issue (Handling of crafted recursive ASN.1
structures can cause a stack overflow and resulting denial of service,
Refer to https://www.openssl.org/news/secadv/20180327.txt for more
information).

Please note "git pull" will not update the submodule repository.
use the following commend to make your existing submodule track this
update:
   $ git submodule update -–recursive --remote

Cc: Ye Ting <ting...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long Qin <qin.l...@intel.com>
---
 CryptoPkg/Library/OpensslLib/openssl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CryptoPkg/Library/OpensslLib/openssl 
b/CryptoPkg/Library/OpensslLib/openssl
index b2758a2292..d4e4bd2a81 16
--- a/CryptoPkg/Library/OpensslLib/openssl
+++ b/CryptoPkg/Library/OpensslLib/openssl
@@ -1 +1 @@
-Subproject commit b2758a2292aceda93e9f44c219b94fe21bb9a650
+Subproject commit d4e4bd2a8163f355fa8a3884077eaec7adc75ff7
-- 
2.16.1.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH 00/13] {Ovmf, Mde, Network, Crypto}Pkg: fixes+features for setting HTTPS cipher suites

2018-04-10 Thread Long, Qin 
Hi, Laszlo,

I prefer to open a separate BZ for this TlsCipherMappingTable update.
Current list was produced by some rough collections from Jiaxin and me, which 
meet the basic cipher requirement for TLS(v1.0/1.1/1.2) to set up one 
successful connection.

Will re-sorted this table based on IANA & IETF-RFCs & EDKII-openssl build 
options.


Best Regards & Thanks,
LONG, Qin

From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Laszlo 
Ersek
Sent: Tuesday, April 10, 2018 5:48 PM
To: Wu, Jiaxin <jiaxin...@intel.com>; edk2-devel-01 <edk2-devel@lists.01.org>
Cc: Ard Biesheuvel <ard.biesheu...@linaro.org>; Ye, Ting <ting...@intel.com>; 
Justen, Jordan L <jordan.l.jus...@intel.com>; Gao, Liming 
<liming@intel.com>; Gary Ching-Pang Lin <g...@suse.com>; Long, Qin 
<qin.l...@intel.com>; Kinney, Michael D <michael.d.kin...@intel.com>; Fu, 
Siyuan <siyuan...@intel.com>
Subject: Re: [edk2] [PATCH 00/13] {Ovmf, Mde, Network, Crypto}Pkg: 
fixes+features for setting HTTPS cipher suites

On 04/10/18 06:09, Wu, Jiaxin wrote:
> Hi Laszlo
>
> Appreciate your contribution. I have reviewed the series patches you attached 
> here. First, I assume you have verified the patches on OVMF and the 
> functionality works well,

That's right; I tested cipher suite negotiation failures and successes.

For example, I configured apache to "Disable All SSL and TLS Protocols
Except TLS 1 and Up"
<https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/ch-web_servers#s2-apache-mod_ssl-enabling>,
and then I verified that HTTPS boot would succeed vs. fail dependent on
whether I passed strong ciphers too, or only weak ones, to OVMF.

> then, below are my comments:
>
> 1. The patches for OvmfPkg/NetworkPkg (0001-0004) are good to me.

Thanks. For patch #2, "MdePkg/Include/Protocol/Tls.h: pack structures
from the TLS RFC", we exchanged some points with Liming earlier:

4A89E2EF3DFEDB4C8BFDE51014F606A14E1F1B10@SHSMSX104.ccr.corp.intel.com">http://mid.mail-archive.com/4A89E2EF3DFEDB4C8BFDE51014F606A14E1F1B10@SHSMSX104.ccr.corp.intel.com

(Please see also my response to that.)

I see that both you and Siyuan are OK with patch #2, i.e. with the
separate #pragma directives. I'd also like Liming to confirm that he
accepts the patch as-is.

>
> 2. For CryptoPkg, the major viewpoint is also related to the 
> TlsCipherMappingTable. For this table, only include the supported 
> ciphersuites looks more reasonable.

OK.

I think this means that I should preserve patches #5 through #7, and
drop patches #8 ('CryptoPkg/TlsLib: add the "TlsMappingTable.sh" POSIX
shell script') and #9 ('CryptoPkg/TlsLib: extend "TlsCipherMappingTable"').

Is that correct?

> After talked with Qin, I know the unsupported cipher suites won't be 
> rejected/filtrated by the OpenSSL cipher list setting, if so, the cipher 
> suite list that passed from the client to the server in the ClientHello 
> message might also include such unsupported cipher suites. In such a case, 
> the failure will happen once the server select the unsupported cipher suite. 
> From the handshake process view, it's unreasonable since the client sent the 
> desired cipher suites, then the server selected one of them but still met the 
> error.

Oh! You are totally right. I apologize for missing this -- I didn't
realize this from Qin's comments on TianoCore #915.

In other words, it is actually *important* that "TlsCipherMappingTable"
match the cipher suites that we build into edk2. I understand now. Thanks!

> Anyway, filtrating the unsupported cipher suites as early as possible is a 
> wise choice. So, TlsCipherMappingTable should only include the supported 
> cipher suites by reference the security requirement of CryptoPkg.

Yes.

>
> 3. For patch 0006, it's good to me to optimize the searching algorithm since 
> the table is larger than before.
>
> 4. Can we combined some patches together to make the things simple? e.g. 
> Patches 0005/0007/0010/0011/0012/0013. Those patches are the same purpose to 
> fix the issues in 0013.

I'm not against squashing these patches together, but separating patch
#6 (the binary search) out of the middle is not possible without a
rewrite of that patch, because it has context dependencies on patch #5.

Do you want me to do that? I.e., first implement the binary search for
TlsGetCipherString() -- without changing the interface --, and *then*
switch it over to TlsGetCipherMapping(), as part of the large squashed
patch?

>
> 5. For patch 0008, I think it's unnecessary to provide such script. I prefer 
> to maintain the TlsCipherMappingTable more statical since it's the internal 
> mapping table. How about we keep it as internal assistant tool?

Sure, given that TlsCipherMa

Re: [edk2] [PATCH 00/13] {Ovmf, Mde, Network, Crypto}Pkg: fixes+features for setting HTTPS cipher suites

2018-04-10 Thread Long, Qin 
Thanks, Laszlo.
In fact, these implementation optimizations are good to me.  ☺


On 04/10/18 12:02, Laszlo Ersek wrote:
> On 04/10/18 09:40, Long, Qin wrote:

>> #0005, #0006, #0007, #0012, #0013:
>> These implementation looks good to me.
>> But some of updates were based on the assumption of #0008-0009. I 
>> have no strong opinion
>> if some original light implementation are good enough currently.

I'd like to comment on this in more detail (namely that "some original
light implementation are good enough currently"):

- I now agree that "TlsCipherMappingTable" should match the ciphers
built into OpensslLib exactly. However, that makes it only more
important that we *not* return EFI_UNSUPPORTED immediately when we find
a cipher suite in the platform's preference list that we don't support.
Instead, we should filter the platform's list down to what we do support.

[qlong] Yes, I agree it’s better to filter out any unavailable items.

- The stack allocation with 500 bytes for CipherString is questionable
practice, in my opinion, given that we add a variable list of cipher
suite names. It's just not deterministic. It can produce confusing
results that don't match the caller's (the platform's) intent, and it
will only become worse when you extend "TlsCipherMappingTable" to the
full cipher list that we build into OpensslLib *right now*. (And that's
not considering any future cipher enablements.)

[qlong] Yes, the original fixed buffer is limited to the future extension.
It’s good to me to have more flexible implementation.

- "@STRENGTH" must be dropped. I have no doubt about that. :)

[qlong] I agree. “@STRENGTH” will cause to re-order the preferred cipher lists.
  I prefer to keep the configuration-defined order.

So, I'd like to keep patch #13 as-is, perhaps squahed together with
patch #12 if you all prefer that.

[qlong] Sure. It’s OK for me.


Thanks!
Laszlo
___
edk2-devel mailing list
edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH 00/13] {Ovmf, Mde, Network, Crypto}Pkg: fixes+features for setting HTTPS cipher suites

2018-04-10 Thread Long, Qin 
Hi, Laszlo,

Some comments / discussions were added in 
https://bugzilla.tianocore.org/show_bug.cgi?id=915
with comment 09 & 11.
Back to the patch review. Some comments were appended:

#0001, #0003, #0004,#0010,#0011:
Looks good to me.
#0002 - I personally think in general we should reduce using "#pragma pack", 
except that these
data really have serialization requirement (e.g. variable) to match 
extra data layout.
Here we just use these structures for setting / getting data, instead 
of direct data
transport. I am thinking if it's better to update the implementation 
part.
But too many sizeof() were used, and Ovmf part may also need to store 
preferred
CipherList data. So it's still good to me to pack something.
#0008, #0009:
  - As the BZ comments. The TlsCipherMappingTable extension and generation 
with script looks
incorrect. This table should include all available / supported ciphers, 
which was actually
platform / configuration dependent.
I prefer to maintain one static / limited table for edk2 tls 
implementation. Any new cipher
requirement can be evaluated & enabled, and then added into this table.
#0005, #0006, #0007, #0012, #0013:
These implementation looks good to me.
But some of updates were based on the assumption of #0008-0009. I have 
no strong opinion
if some original light implementation are good enough currently.


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Wu, Jiaxin 
Sent: Tuesday, April 10, 2018 12:09 PM
To: Laszlo Ersek <ler...@redhat.com>; edk2-devel-01 <edk2-devel@lists.01.org>
Cc: Ard Biesheuvel <ard.biesheu...@linaro.org>; Gary Ching-Pang Lin 
<g...@suse.com>; Justen, Jordan L <jordan.l.jus...@intel.com>; Gao, Liming 
<liming@intel.com>; Kinney, Michael D <michael.d.kin...@intel.com>; Long, 
Qin <qin.l...@intel.com>; Fu, Siyuan <siyuan...@intel.com>; Ye, Ting 
<ting...@intel.com>
Subject: RE: [PATCH 00/13] {Ovmf,Mde,Network,Crypto}Pkg: fixes+features for 
setting HTTPS cipher suites

Hi Laszlo 

Appreciate your contribution. I have reviewed the series patches you attached 
here. First, I assume you have verified the patches on OVMF and the 
functionality works well, then, below are my comments:  

1. The patches for OvmfPkg/NetworkPkg (0001-0004) are good to me.

2. For CryptoPkg, the major viewpoint is also related to the 
TlsCipherMappingTable. For this table, only include the supported ciphersuites 
looks more reasonable. After talked with Qin, I know the unsupported cipher 
suites won't be rejected/filtrated by the OpenSSL cipher list setting, if so, 
the cipher suite list that passed from the client to the server in the 
ClientHello message might also include such unsupported cipher suites. In such 
a case, the failure will happen once the server select the unsupported cipher 
suite. From the handshake process view, it's unreasonable since the client sent 
the desired cipher suites, then the server selected one of them but still met 
the error. Anyway, filtrating the unsupported cipher suites as early as 
possible is a wise choice. So, TlsCipherMappingTable should only include the 
supported cipher suites by reference the security requirement of CryptoPkg. 

3. For patch 0006, it's good to me to optimize the searching algorithm since 
the table is larger than before.

4. Can we combined some patches together to make the things simple? e.g. 
Patches 0005/0007/0010/0011/0012/0013. Those patches are the same purpose to 
fix the issues in 0013.

5. For patch 0008, I think it's unnecessary to provide such script. I prefer to 
maintain the TlsCipherMappingTable more statical since it's the internal 
mapping table. How about we keep it as internal assistant tool?

6. For patch 0009 to extend the TlsCipherMappingTable, I think Qin can help us 
to provide the supported cipher suites by reference the security requirement of 
CryptoPkg.

Thanks,
Jiaxin




> -Original Message-
> From: Laszlo Ersek [mailto:ler...@redhat.com]
> Sent: Tuesday, April 3, 2018 10:52 PM
> To: edk2-devel-01 <edk2-devel@lists.01.org>
> Cc: Ard Biesheuvel <ard.biesheu...@linaro.org>; Gary Ching-Pang Lin 
> <g...@suse.com>; Wu, Jiaxin <jiaxin...@intel.com>; Justen, Jordan L 
> <jordan.l.jus...@intel.com>; Gao, Liming <liming@intel.com>; 
> Kinney, Michael D <michael.d.kin...@intel.com>; Long, Qin 
> <qin.l...@intel.com>; Fu, Siyuan <siyuan...@intel.com>; Ye, Ting 
> <ting...@intel.com>
> Subject: [PATCH 00/13] {Ovmf,Mde,Network,Crypto}Pkg: fixes+features 
> for setting HTTPS cipher suites
> 
> Repo:   https://github.com/lersek/edk2.git
> Branch: tls_ciphers
> 
> Earlier I posted two patch sets for better platform control of the CA 
> certificates used in HT

Re: [edk2] [Patch] BaseTools: Update Rsa2048Sha256Sign to use openssl dgst option

2018-03-27 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>

Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Gao, Liming 
Sent: Tuesday, March 27, 2018 8:59 PM
To: edk2-devel@lists.01.org
Cc: Zhu, Yonghong <yonghong@intel.com>; Long, Qin <qin.l...@intel.com>
Subject: [Patch] BaseTools: Update Rsa2048Sha256Sign to use openssl dgst option

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming@intel.com>
Cc: Yonghong Zhu <yonghong@intel.com>
Cc: Qin Long <qin.l...@intel.com>
---
 BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py 
b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
index 4188f8e..d36a14f 100644
--- a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
+++ b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
@@ -4,7 +4,7 @@
 #   {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 
0xbf}}
 # This tool has been tested with OpenSSL 1.0.1e 11 Feb 2013  # -# Copyright 
(c) 2013 - 2017, Intel Corporation. All rights reserved.
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights 
+reserved.
 # This program and the accompanying materials  # are licensed and made 
available under the terms and conditions of the BSD License  # which 
accompanies this distribution.  The full text of the license may be found at @@ 
-176,7 +176,7 @@ if __name__ == '__main__':
 # 
 # Sign the input file using the specified private key and capture 
signature from STDOUT
 #
-Process = subprocess.Popen('%s sha1 -sha256 -sign "%s"' % (OpenSslCommand, 
args.PrivateKeyFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, 
stderr=subprocess.PIPE, shell=True)
+Process = subprocess.Popen('%s dgst -sha256 -sign "%s"' % 
+ (OpenSslCommand, args.PrivateKeyFileName), stdin=subprocess.PIPE, 
+ stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
 Signature = Process.communicate(input=FullInputFileBuffer)[0]
 if Process.returncode <> 0:
   sys.exit(Process.returncode)
@@ -225,7 +225,7 @@ if __name__ == '__main__':
 #
 # Verify signature
 #
-Process = subprocess.Popen('%s sha1 -sha256 -prverify "%s" -signature %s' 
% (OpenSslCommand, args.PrivateKeyFileName, args.OutputFileName), 
stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, 
shell=True)
+Process = subprocess.Popen('%s dgst -sha256 -prverify "%s" 
+ -signature %s' % (OpenSslCommand, args.PrivateKeyFileName, 
+ args.OutputFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, 
+ stderr=subprocess.PIPE, shell=True)
 Process.communicate(input=FullInputFileBuffer)
 if Process.returncode <> 0:
   print 'ERROR: Verification failed'
--
2.8.0.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl standard options

2018-03-27 Thread Long, Qin 
This ("sha1 -sha256") looks a little odd. 
Could we try "openssl dgst -sha256 "?


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhu, 
Yonghong
Sent: Tuesday, March 27, 2018 3:56 PM
To: Gao, Liming <liming@intel.com>; edk2-devel@lists.01.org
Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Liao, Jui-pengX 
<jui-pengx.l...@intel.com>
Subject: Re: [edk2] [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use 
openssl standard options

Reviewed-by: Yonghong Zhu <yonghong@intel.com> 

Best Regards,
Zhu Yonghong


-Original Message-
From: Gao, Liming 
Sent: Tuesday, March 27, 2018 1:48 PM
To: edk2-devel@lists.01.org
Cc: Liao, Jui-pengX <jui-pengx.l...@intel.com>; Kinney, Michael D 
<michael.d.kin...@intel.com>; Zhu, Yonghong <yonghong@intel.com>
Subject: [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl standard 
options

sha256 is not the standard option. It should be replaced by sha -sha256.
Otherwise, it doesn't work in MAC OS.

In V2, update the option to sha1 -sha256.
In late openssl version >= 1.1, there is no sha option, but has sha1,sha256.
In previous openssl version < 1.1, there is no sha256, but has sha,sha1.
To work with all openssl version, use sha1 -sha256 for it.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liao Jui-peng <jui-pengx.l...@intel.com>
Signed-off-by: Liming Gao <liming@intel.com>
Cc: Michael Kinney <michael.d.kin...@intel.com>
Cc: Yonghong Zhu <yonghong@intel.com>
---
 BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py 
b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
index 1ae6ebb..4188f8e 100644
--- a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
+++ b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
@@ -176,7 +176,7 @@ if __name__ == '__main__':
 # 
 # Sign the input file using the specified private key and capture 
signature from STDOUT
 #
-Process = subprocess.Popen('%s sha256 -sign "%s"' % (OpenSslCommand, 
args.PrivateKeyFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, 
stderr=subprocess.PIPE, shell=True)
+Process = subprocess.Popen('%s sha1 -sha256 -sign "%s"' % (OpenSslCommand, 
args.PrivateKeyFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, 
stderr=subprocess.PIPE, shell=True)
 Signature = Process.communicate(input=FullInputFileBuffer)[0]
 if Process.returncode <> 0:
   sys.exit(Process.returncode)
@@ -225,7 +225,7 @@ if __name__ == '__main__':
 #
 # Verify signature
 #
-Process = subprocess.Popen('%s sha256 -prverify "%s" -signature %s' % 
(OpenSslCommand, args.PrivateKeyFileName, args.OutputFileName), 
stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, 
shell=True)
+Process = subprocess.Popen('%s sha1 -sha256 -prverify "%s" -signature %s' 
% (OpenSslCommand, args.PrivateKeyFileName, args.OutputFileName), 
stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, 
shell=True)
 Process.communicate(input=FullInputFileBuffer)
 if Process.returncode <> 0:
   print 'ERROR: Verification failed'
-- 
2.8.0.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch] SecurityPkg Tpm12CommandLib: Fix TPM12 GetCapability response error

2018-03-20 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>

Best Regards & Thanks,
LONG, Qin

-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang, 
Chao B
Sent: Tuesday, March 20, 2018 11:12 PM
To: edk2-devel@lists.01.org
Cc: Yao, Jiewen <jiewen@intel.com>; Zhang, Chao B <chao.b.zh...@intel.com>; 
Long, Qin <qin.l...@intel.com>
Subject: [edk2] [Patch] SecurityPkg Tpm12CommandLib: Fix TPM12 GetCapability 
response error

TPM12 command lib doesn't convert Response Size before using. Add logic to fix 
the issue.

Cc: Long Qin <qin.l...@intel.com>
Cc: Yao Jiewen <jiewen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
Signed-off-by: Zhang, Chao B <chao.b.zh...@intel.com>
---
 SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c 
b/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c
index c6eb9e1050..29d7a13edb 100644
--- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c
+++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c
@@ -1,9 +1,9 @@
 /** @file
   Implement TPM1.2 Get Capabilities related commands.
 
-Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved. 
+Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved. 
 This program and the accompanying materials  are licensed and made available 
under the terms and conditions of the BSD License  which accompanies this 
distribution.  The full text of the license may be found at  
http://opensource.org/licenses/bsd-license.php
 
@@ -83,11 +83,11 @@ Tpm12GetCapabilityFlagPermanent (
 DEBUG ((DEBUG_ERROR, "Tpm12GetCapabilityFlagPermanent: Response Code 
error! 0x%08x\r\n", SwapBytes32 (Response.Hdr.returnCode)));
 return EFI_DEVICE_ERROR;
   }
 
   ZeroMem (TpmPermanentFlags, sizeof (*TpmPermanentFlags));
-  CopyMem (TpmPermanentFlags, , MIN (sizeof 
(*TpmPermanentFlags), Response.ResponseSize));
+  CopyMem (TpmPermanentFlags, , MIN (sizeof 
+ (*TpmPermanentFlags), SwapBytes32(Response.ResponseSize)));
 
   return Status;
 }
 
 /**
@@ -129,9 +129,9 @@ Tpm12GetCapabilityFlagVolatile (
 DEBUG ((DEBUG_ERROR, "Tpm12GetCapabilityFlagVolatile: Response Code error! 
0x%08x\r\n", SwapBytes32 (Response.Hdr.returnCode)));
 return EFI_DEVICE_ERROR;
   }
 
   ZeroMem (VolatileFlags, sizeof (*VolatileFlags));
-  CopyMem (VolatileFlags, , MIN (sizeof (*VolatileFlags), 
Response.ResponseSize));
+  CopyMem (VolatileFlags, , MIN (sizeof 
+ (*VolatileFlags), SwapBytes32(Response.ResponseSize)));
 
   return Status;
 }
--
2.16.2.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch] SecurityPkg Tpm2CommandLib: Fix TPM2.0 response memory overflow

2018-03-20 Thread Long, Qin 
Hi, Chao,

One minor suggestion to add the comment to explain the following value "8": the 
number of digests in list is not greater than 8 per TPML_DIGEST definition. 
+  if (PcrValues->count > 8) {
+return EFI_DEVICE_ERROR;
+  }

Other looks good to me. 

Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Zhang, Chao B 
Sent: Tuesday, March 20, 2018 4:36 PM
To: edk2-devel@lists.01.org
Cc: Long, Qin <qin.l...@intel.com>; Yao, Jiewen <jiewen@intel.com>; Zhang, 
Chao B <chao.b.zh...@intel.com>
Subject: [Patch] SecurityPkg Tpm2CommandLib: Fix TPM2.0 response memory overflow

TPM2.0 command lib always assumes TPM device and transmission channel can 
respond correctly. But it is not true when communication channel is exploited 
and wrong data is spoofed. Add more logic to prohibit memory overflow attack.

Cc: Long Qin <qin.l...@intel.com>
Cc: Yao Jiewen <jiewen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
Signed-off-by: Zhang, Chao B <chao.b.zh...@intel.com>
---
 .../Library/Tpm2CommandLib/Tpm2Capability.c| 21 ++-
 .../Tpm2CommandLib/Tpm2EnhancedAuthorization.c | 16 ++-
 SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c | 19 ++---  
SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c | 14 --
 SecurityPkg/Library/Tpm2CommandLib/Tpm2Object.c| 31 +-
 SecurityPkg/Library/Tpm2CommandLib/Tpm2Sequences.c | 10 ++-
 SecurityPkg/Library/Tpm2CommandLib/Tpm2Session.c   |  6 -
 7 files changed, 107 insertions(+), 10 deletions(-)

diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c 
b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c
index 79e80fb7a9..42afe107a6 100644
--- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c
+++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c
@@ -1,9 +1,9 @@
 /** @file
   Implement TPM2 Capability related command.
 
-Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. 
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. 
 This program and the accompanying materials  are licensed and made available 
under the terms and conditions of the BSD License  which accompanies this 
distribution.  The full text of the license may be found at  
http://opensource.org/licenses/bsd-license.php
 
@@ -110,10 +110,18 @@ Tpm2GetCapability (
 
   if (RecvBufferSize <= sizeof (TPM2_RESPONSE_HEADER) + sizeof (UINT8)) {
 return EFI_DEVICE_ERROR;
   }
 
+  //
+  // Fail if command failed
+  //
+  if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
+DEBUG ((EFI_D_ERROR, "Tpm2GetCapability: Response Code error! 0x%08x\r\n", 
SwapBytes32(RecvBuffer.Header.responseCode)));
+return EFI_DEVICE_ERROR;
+  }
+
   //
   // Return the response
   //
   *MoreData = RecvBuffer.MoreData;
   //
@@ -327,10 +335,14 @@ Tpm2GetCapabilitySupportedAlg (
   }
   
   CopyMem (AlgList, , sizeof (TPML_ALG_PROPERTY));
 
   AlgList->count = SwapBytes32 (AlgList->count);
+  if (AlgList->count > MAX_CAP_ALGS) {
+return EFI_DEVICE_ERROR;
+  }
+
   for (Index = 0; Index < AlgList->count; Index++) {
 AlgList->algProperties[Index].alg = SwapBytes16 
(AlgList->algProperties[Index].alg);
 WriteUnaligned32 ((UINT32 *)>algProperties[Index].algProperties, 
SwapBytes32 (ReadUnaligned32 ((UINT32 
*)>algProperties[Index].algProperties)));
   }
 
@@ -474,13 +486,20 @@ Tpm2GetCapabilityPcrs (
   if (EFI_ERROR (Status)) {
 return Status;
   }
 
   Pcrs->count = SwapBytes32 (TpmCap.data.assignedPCR.count);
+  if (Pcrs->count > HASH_COUNT) {
+return EFI_DEVICE_ERROR;
+  }
+
   for (Index = 0; Index < Pcrs->count; Index++) {
 Pcrs->pcrSelections[Index].hash = SwapBytes16 
(TpmCap.data.assignedPCR.pcrSelections[Index].hash);
 Pcrs->pcrSelections[Index].sizeofSelect = 
TpmCap.data.assignedPCR.pcrSelections[Index].sizeofSelect;
+if (Pcrs->pcrSelections[Index].sizeofSelect > PCR_SELECT_MAX) {
+  return EFI_DEVICE_ERROR;
+}
 CopyMem (Pcrs->pcrSelections[Index].pcrSelect, 
TpmCap.data.assignedPCR.pcrSelections[Index].pcrSelect, 
Pcrs->pcrSelections[Index].sizeofSelect);
   }
 
   return EFI_SUCCESS;
 }
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c 
b/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c
index 6f6b3693f8..3e42875b83 100644
--- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c
+++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c
@@ -1,9 +1,9 @@
 /** @file
   Implement TPM2 EnhancedAuthorization related command.
 
-Copyright (c) 2014 - 2016, Intel Corporation. All rights reserved. 
+Copyright (c) 2014 - 2018, Intel Corporation. All rights reserved. 
 This program and the accompanying mat

Re: [edk2] Why does EDK2 disable time checks on certificates?

2018-02-05 Thread Long, Qin 
The OS can update the certificates by correct SetVariable() call with 
authenticated payload (following UEFI secure boot / authenticated variable 
definitions. Refer to the section 8.2  "Variable Services" and chapter 31 
"Secure Boot and Driver Signing" for more details). 
I am not sure if current OS will enforce any periodical update. Currently, UEFI 
is just distributing the revocation list file to address possible security 
risks (http://www.uefi.org/revocationlistfile). 


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Bryan 
Rosario
Sent: Tuesday, February 6, 2018 10:17 AM
To: Zhang, Chao B <chao.b.zh...@intel.com>
Cc: edk2-devel@lists.01.org; Alain Gefflaut <alain...@google.com>; Long, Qin 
<qin.l...@intel.com>
Subject: Re: [edk2] Why does EDK2 disable time checks on certificates?

Thanks for the info.

Another question: if I enable time checks in my local copy of EDK2 (or if there 
is another UEFI implementation with time checks enabled), do operating systems 
generally update their certificates periodically to avoid them expiring?
In particular, I'm wondering about bootloaders that are signed for secure boot. 
I've seen expiration times on the attached certificates and I'm wondering if 
the bootloader will be periodically updated, or if operating systems will just 
expect that the firmware doesn't actually enforce the expiration time.

On Mon, Feb 5, 2018 at 5:45 PM, Zhang, Chao B <chao.b.zh...@intel.com>
wrote:

> Bryan:
>You can reference EFI_CERT_X509_SHA256,  EFI_CERT_X509_SHA384,
> EFI_CERT_X509_SHA512 data structure definition in UEFI spec.
>   Now they are only supported in DBX.  Revocation time here is defined 
> by user instead of directly from Validity of X059 Certificate in order 
> to address the issue mentioned below.
>
>
> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of 
> Long, Qin
> Sent: Tuesday, February 6, 2018 8:55 AM
> To: Bryan Rosario <b...@google.com>; edk2-devel@lists.01.org
> Subject: Re: [edk2] Why does EDK2 disable time checks on certificates?
>
> It's EDK2-only.
> The current pre-boot environment have no trusted timer synchronization 
> service. And it's very likely the system time is not the real-time 
> (esp under dev environment). So the certificate time expiration 
> checking was bypassed to avoid any boot break.
>
> Against the corresponding certificate revocation case, the UEFI 
> introduced the DBX database (forbidden list) to address this.
>
>
> Best Regards & Thanks,
> LONG, Qin
>
> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of 
> Bryan Rosario
> Sent: Tuesday, February 6, 2018 5:52 AM
> To: edk2-devel@lists.01.org
> Subject: [edk2] Why does EDK2 disable time checks on certificates?
>
> See here ("Currently certificate time expiration checking is ignored."):
> https://github.com/tianocore/tianocore.github.io/wiki/How-
> to-Enable-Security
> .
>
> Is this behavior part of the UEFI specification or is it EDK2-only? 
> And what's the reasoning for it?
>
> Thanks,
> Bryan
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
>
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] SecurityPkg: Support PP version lower than 1.3

2018-02-05 Thread Long, Qin 
Could you update the AsciiStrLen usage with safe version, or direct "sizeof()"? 
Others looks good to me.

Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Zhang, Chao B 
Sent: Monday, February 5, 2018 10:32 AM
To: edk2-devel@lists.01.org
Cc: Long, Qin <qin.l...@intel.com>; Yao, Jiewen <jiewen@intel.com>; Zhang, 
Chao B <chao.b.zh...@intel.com>
Subject: [PATCH] SecurityPkg: Support PP version lower than 1.3

TCG PP 1.2 & PP 1.3 spec defined different Opcodes.
Update code to support both.

Cc: Long Qin <qin.l...@intel.com>
Cc: Yao Jiewen <jiewen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
 .../SmmTcg2PhysicalPresenceLib.c   | 31 +-
 .../SmmTcg2PhysicalPresenceLib.inf |  7 +++--
 2 files changed, 30 insertions(+), 8 deletions(-)

diff --git 
a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c 
b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c
index 6061453..ffade10 100644
--- 
a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c
+++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPres
+++ enceLib.c
@@ -10,7 +10,7 @@
   Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction() and 
Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction()
   will receive untrusted input and do validation.
 
-Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
 This program and the accompanying materials  are licensed and made available 
under the terms and conditions of the BSD License  which accompanies this 
distribution.  The full text of the license may be found at @@ -27,12 +27,16 @@ 
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 
 #include 
 
+#include 
 #include 
 #include 
 #include 
 #include 
 
+#define PP_INF_VERSION_1_2"1.2"
+
 EFI_SMM_VARIABLE_PROTOCOL  *mTcg2PpSmmVariable;
+BOOLEANmIsTcg2PPVerLowerThan_1_3 = FALSE;
 
 /**
   The handler for TPM physical presence function:
@@ -337,11 +341,22 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction (
   break;
 
 default:
-  if (OperationRequest < TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) 
{
-//
-// TCG PP spec defined operations that are reserved or un-implemented
-//
-return TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
+  if (mIsTcg2PPVerLowerThan_1_3 == FALSE) {
+if (OperationRequest < 
TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
+  //
+  // TCG2 PP1.3 spec defined operations that are reserved or 
un-implemented
+  //
+  return TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
+}
+  } else {
+   //
+   // TCG PP lower than 1.3. (1.0, 1.1, 1.2)
+   //
+   if (OperationRequest <= TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) {
+ RequestConfirmed = TRUE;
+   } else if (OperationRequest < 
TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
+ return TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
+   }
   }
   break;
   }
@@ -377,6 +392,10 @@ Tcg2PhysicalPresenceLibConstructor (  {
   EFI_STATUS  Status;
 
+  if (AsciiStrnCmp(PP_INF_VERSION_1_2, (CHAR8 
*)PcdGetPtr(PcdTcgPhysicalPresenceInterfaceVer), 
AsciiStrLen(PP_INF_VERSION_1_2)) <=0) {
+mIsTcg2PPVerLowerThan_1_3 = TRUE;
+  }
+
   //
   // Locate SmmVariableProtocol.
   //
diff --git 
a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf 
b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf
index 5fa84b1..8367097 100644
--- 
a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf
+++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPres
+++ enceLib.inf
@@ -7,7 +7,7 @@
 #  This driver will have external input - variable.
 #  This external input must be validated carefully to avoid security issue.
 #
-# Copyright (c) 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2015 - 2018, Intel Corporation. All rights 
+reserved.
 # This program and the accompanying materials  # are licensed and made 
available under the terms and conditions of the BSD License  # which 
accompanies this distribution. The full text of the license may be found at @@ 
-52,6 +52,9 @@
   ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence"
   ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresenceFlags"
   gEfiTcg2PhysicalPresenceGuid
-  
+
+[Pcd]
+  gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer  ## 
+CONSUMES
+
 [Depex]
   gEfiSmmVariableProtocolGuid
\ No newline at end of file
--
1.9.5.msysgit.1

_

Re: [edk2] Why does EDK2 disable time checks on certificates?

2018-02-05 Thread Long, Qin 
It's EDK2-only. 
The current pre-boot environment have no trusted timer synchronization service. 
And it's very likely the system time is not the real-time (esp under dev 
environment). So the certificate time expiration checking was bypassed to avoid 
any boot break. 

Against the corresponding certificate revocation case, the UEFI introduced the 
DBX database (forbidden list) to address this. 


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Bryan 
Rosario
Sent: Tuesday, February 6, 2018 5:52 AM
To: edk2-devel@lists.01.org
Subject: [edk2] Why does EDK2 disable time checks on certificates?

See here ("Currently certificate time expiration checking is ignored."):
https://github.com/tianocore/tianocore.github.io/wiki/How-to-Enable-Security
.

Is this behavior part of the UEFI specification or is it EDK2-only? And what's 
the reasoning for it?

Thanks,
Bryan
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] SecurityPkg: Disable TPM interrupt in DEC

2018-01-29 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Zhang, Chao B 
Sent: Tuesday, January 30, 2018 9:17 AM
To: edk2-devel@lists.01.org
Cc: Yao, Jiewen <jiewen@intel.com>; Long, Qin <qin.l...@intel.com>; Zhang, 
Chao B <chao.b.zh...@intel.com>
Subject: [PATCH] SecurityPkg: Disable TPM interrupt in DEC

Disable TPM interrupt support in DEC

Cc: Yao Jiewen <jiewen@intel.com>
Cc: Long Qin <qin.l...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
 SecurityPkg/SecurityPkg.dec | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 
d2741f6..983fb0e 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -453,12 +453,12 @@
   ## Indicate current TPM2 Interrupt Number reported by _CRS control 
method.
   # TPM2 Interrupt feature is disabled If the pcd is set to 0.
   # @Prompt Current TPM2 Interrupt Number
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2CurrentIrqNum|0x0C|UINT32|0x0001001C
+  
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2CurrentIrqNum|0x00|UINT32|0x00010
+ 01C
 
   ## Indicate platform possible TPM2 Interrupt Number reported by _PRS control 
method.
   # Possible TPM2 Interrupt Number Buffer will not be reported if TPM2 
Interrupt feature is disabled.
   # @Prompt Possible TPM2 Interrupt Number buffer
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2PossibleIrqNumBuf|{0x0C, 0x00, 0x00, 
0x00}|VOID*|0x0001001D
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2PossibleIrqNumBuf|{0x00, 0x00, 
+ 0x00, 0x00}|VOID*|0x0001001D
 
 [PcdsDynamic, PcdsDynamicEx]
 
--
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] SecurityPkg: Update package version to 0.98

2018-01-22 Thread Long, Qin 
Reviewed-by: Qin Long <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Zhang, Chao B 
Sent: Monday, January 22, 2018 10:11 PM
To: edk2-devel@lists.01.org
Cc: Long, Qin <qin.l...@intel.com>; Zhang, Chao B <chao.b.zh...@intel.com>
Subject: [PATCH] SecurityPkg: Update package version to 0.98

Update package version of SecurityPkg to 0.98.

Cc: Qin Long <qin.l...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
 SecurityPkg/SecurityPkg.dec | 4 ++--
 SecurityPkg/SecurityPkg.dsc | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 
50dbe95..ededb51 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -5,7 +5,7 @@
 #  It also provides the definitions(including PPIs/PROTOCOLs/GUIDs and library 
classes)  #  and libraries instances, which are used for those features.
 #
-# Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2018, Intel Corporation. All rights 
+reserved.
 # (C) Copyright 2015 Hewlett Packard Enterprise Development LP   # 
Copyright (c) 2017, Microsoft Corporation.  All rights reserved.   # This 
program and the accompanying materials are licensed and made available under @@ 
-23,7 +23,7 @@
   PACKAGE_NAME   = SecurityPkg
   PACKAGE_UNI_FILE   = SecurityPkg.uni
   PACKAGE_GUID   = 4EFC4F66-6219-4427-B780-FB99F470767F
-  PACKAGE_VERSION= 0.97
+  PACKAGE_VERSION= 0.98
 
 [Includes]
   Include
diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index 
9ce2953..43ac0b1 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -1,7 +1,7 @@
 ## @file
 #  Security Module Package for All Architectures.
 #
-# Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2018, Intel Corporation. All rights 
+reserved.
 # (C) Copyright 2015 Hewlett Packard Enterprise Development LP  # This 
program and the accompanying materials  # are licensed and made available under 
the terms and conditions of the BSD License @@ -16,7 +16,7 @@  [Defines]
   PLATFORM_NAME  = SecurityPkg
   PLATFORM_GUID  = B2C4614D-AE76-47ba-B876-5988BFED064F
-  PLATFORM_VERSION   = 0.97
+  PLATFORM_VERSION   = 0.98
   DSC_SPECIFICATION  = 0x00010005
   OUTPUT_DIRECTORY   = Build/SecurityPkg
   SUPPORTED_ARCHITECTURES= IA32|IPF|X64|EBC|ARM|AARCH64
--
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] CryptoPkg: Update package version to 0.98

2018-01-21 Thread Long Qin 
Update package version of CryptoPkg to 0.98.

Cc: Ting Ye 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long 
---
 CryptoPkg/CryptoPkg.dec | 4 ++--
 CryptoPkg/CryptoPkg.dsc | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec
index afeb723211..7593ee3c69 100644
--- a/CryptoPkg/CryptoPkg.dec
+++ b/CryptoPkg/CryptoPkg.dec
@@ -4,7 +4,7 @@
 #  This Package provides cryptographic-related libraries for UEFI security 
modules.
 #  It also provides a test application to test libraries.
 #
-#  Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.
+#  Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
 #  which accompanies this distribution.  The full text of the license may be 
found at
@@ -20,7 +20,7 @@
   PACKAGE_NAME   = CryptoPkg
   PACKAGE_UNI_FILE   = CryptoPkg.uni
   PACKAGE_GUID   = 36470E80-36F2-4ba0-8CC8-937C7D9FF888
-  PACKAGE_VERSION= 0.97
+  PACKAGE_VERSION= 0.98
 
 [Includes]
   Include
diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc
index 461f0deeb3..b49e587ba1 100644
--- a/CryptoPkg/CryptoPkg.dsc
+++ b/CryptoPkg/CryptoPkg.dsc
@@ -1,7 +1,7 @@
 ## @file
 #  Cryptographic Library Package for UEFI Security Implementation.
 #
-#  Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.
+#  Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
 #  which accompanies this distribution.  The full text of the license may be 
found at
@@ -20,7 +20,7 @@
 [Defines]
   PLATFORM_NAME  = CryptoPkg
   PLATFORM_GUID  = E1063286-6C8C-4c25-AEF0-67A9A5B6E6B6
-  PLATFORM_VERSION   = 0.97
+  PLATFORM_VERSION   = 0.98
   DSC_SPECIFICATION  = 0x00010005
   OUTPUT_DIRECTORY   = Build/CryptoPkg
   SUPPORTED_ARCHITECTURES= IA32|X64|IPF|ARM|AARCH64
-- 
2.15.1.windows.2

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] CryptoPkg/BaseCryptLib: Add error handling for time() wrapper

2018-01-18 Thread Long, Qin 
Yes, and the function comment were already there.


-Original Message-
From: Ni, Ruiyu 
Sent: Friday, January 19, 2018 3:16 PM
To: Zeng, Star <star.z...@intel.com>; Long, Qin <qin.l...@intel.com>; 
edk2-devel@lists.01.org
Cc: Ye, Ting <ting...@intel.com>; Zeng, Star <star.z...@intel.com>
Subject: RE: [PATCH] CryptoPkg/BaseCryptLib: Add error handling for time() 
wrapper

Qin,
How about add more comments to say the tick is calculated from 1970 first 
second?

Thanks/Ray

> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of 
> Zeng, Star
> Sent: Friday, January 19, 2018 3:14 PM
> To: Long, Qin <qin.l...@intel.com>; edk2-devel@lists.01.org
> Cc: Ye, Ting <ting...@intel.com>; Zeng, Star <star.z...@intel.com>
> Subject: Re: [edk2] [PATCH] CryptoPkg/BaseCryptLib: Add error handling 
> for
> time() wrapper
> 
> Ok, got it.
> 
> Reviewed-by: Star Zeng <star.z...@intel.com>
> 
> Thanks,
> Star
> -Original Message-
> From: Long, Qin
> Sent: Friday, January 19, 2018 3:12 PM
> To: Zeng, Star <star.z...@intel.com>; edk2-devel@lists.01.org
> Cc: Ye, Ting <ting...@intel.com>
> Subject: RE: [PATCH] CryptoPkg/BaseCryptLib: Add error handling for 
> time() wrapper
> 
> It's legal to continue the calculation about the seconds elapsed since
> 1970.01.01 00:00:00.
> 
> 
> -Original Message-
> From: Zeng, Star
> Sent: Friday, January 19, 2018 3:10 PM
> To: Long, Qin <qin.l...@intel.com>; edk2-devel@lists.01.org
> Cc: Ye, Ting <ting...@intel.com>; Zeng, Star <star.z...@intel.com>
> Subject: RE: [PATCH] CryptoPkg/BaseCryptLib: Add error handling for 
> time() wrapper
> 
> What will happen if Time.Year == 1970? :)
> 
> Thanks,
> Star
> -Original Message-
> From: Long, Qin
> Sent: Friday, January 19, 2018 3:05 PM
> To: edk2-devel@lists.01.org
> Cc: Zeng, Star <star.z...@intel.com>; Ye, Ting <ting...@intel.com>; 
> Long, Qin <qin.l...@intel.com>
> Subject: [PATCH] CryptoPkg/BaseCryptLib: Add error handling for time() 
> wrapper
> 
> In time() wrapper implementation, the gRT->GetTime() call may be not 
> available. This patch adds the extra error handling to avoid the 
> potential dead loop.
> 
> Cc: Star Zeng <star.z...@intel.com>
> Cc: Ting Ye <ting...@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Qin Long <qin.l...@intel.com>
> ---
>  CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c | 12 
> 
>  1 file changed, 8 insertions(+), 4 deletions(-)
> 
> diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
> b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
> index 581b8fb028..95e0419640 100644
> --- a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
> +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
> @@ -72,14 +72,18 @@ UINTN CumulativeDays[2][14] = {  //  )  time_t 
> time (time_t *timer)  {
> -  EFI_TIME  Time;
> -  time_tCalTime;
> -  UINTN Year;
> +  EFI_STATUS  Status;
> +  EFI_TIMETime;
> +  time_t  CalTime;
> +  UINTN   Year;
> 
>//
>// Get the current time and date information
>//
> -  gRT->GetTime (, NULL);
> +  Status = gRT->GetTime (, NULL);  if (EFI_ERROR (Status) || 
> + (Time.Year < 1970)) {
> +return 0;
> +  }
> 
>//
>// Years Handling
> --
> 2.15.1.windows.2
> 
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] CryptoPkg/BaseCryptLib: Add error handling for time() wrapper

2018-01-18 Thread Long, Qin 
It's legal to continue the calculation about the seconds elapsed since 
1970.01.01 00:00:00.


-Original Message-
From: Zeng, Star 
Sent: Friday, January 19, 2018 3:10 PM
To: Long, Qin <qin.l...@intel.com>; edk2-devel@lists.01.org
Cc: Ye, Ting <ting...@intel.com>; Zeng, Star <star.z...@intel.com>
Subject: RE: [PATCH] CryptoPkg/BaseCryptLib: Add error handling for time() 
wrapper

What will happen if Time.Year == 1970? :)

Thanks,
Star
-Original Message-----
From: Long, Qin
Sent: Friday, January 19, 2018 3:05 PM
To: edk2-devel@lists.01.org
Cc: Zeng, Star <star.z...@intel.com>; Ye, Ting <ting...@intel.com>; Long, Qin 
<qin.l...@intel.com>
Subject: [PATCH] CryptoPkg/BaseCryptLib: Add error handling for time() wrapper

In time() wrapper implementation, the gRT->GetTime() call may be not available. 
This patch adds the extra error handling to avoid the potential dead loop.

Cc: Star Zeng <star.z...@intel.com>
Cc: Ting Ye <ting...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.l...@intel.com>
---
 CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c | 12 
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c 
b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
index 581b8fb028..95e0419640 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
@@ -72,14 +72,18 @@ UINTN CumulativeDays[2][14] = {  //  )  time_t time (time_t 
*timer)  {
-  EFI_TIME  Time;
-  time_tCalTime;
-  UINTN Year;
+  EFI_STATUS  Status;
+  EFI_TIMETime;
+  time_t  CalTime;
+  UINTN   Year;
 
   //
   // Get the current time and date information
   //
-  gRT->GetTime (, NULL);
+  Status = gRT->GetTime (, NULL);
+  if (EFI_ERROR (Status) || (Time.Year < 1970)) {
+return 0;
+  }
 
   //
   // Years Handling
--
2.15.1.windows.2

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] CryptoPkg/BaseCryptLib: Add error handling for time() wrapper

2018-01-18 Thread Long Qin 
In time() wrapper implementation, the gRT->GetTime() call may be not
available. This patch adds the extra error handling to avoid the
potential dead loop.

Cc: Star Zeng 
Cc: Ting Ye 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long 
---
 CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c | 12 
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c 
b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
index 581b8fb028..95e0419640 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
@@ -72,14 +72,18 @@ UINTN CumulativeDays[2][14] = {
 //  )
 time_t time (time_t *timer)
 {
-  EFI_TIME  Time;
-  time_tCalTime;
-  UINTN Year;
+  EFI_STATUS  Status;
+  EFI_TIMETime;
+  time_t  CalTime;
+  UINTN   Year;
 
   //
   // Get the current time and date information
   //
-  gRT->GetTime (, NULL);
+  Status = gRT->GetTime (, NULL);
+  if (EFI_ERROR (Status) || (Time.Year < 1970)) {
+return 0;
+  }
 
   //
   // Years Handling
-- 
2.15.1.windows.2

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] CryptoPkg/OpensslLib: ignore uninitialized warning

2018-01-16 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Heyi Guo [mailto:heyi@linaro.org] 
Sent: Tuesday, January 16, 2018 4:02 PM
To: edk2-devel@lists.01.org
Cc: Heyi Guo <heyi@linaro.org>; Long, Qin <qin.l...@intel.com>; Ye, Ting 
<ting...@intel.com>; Ard Biesheuvel <ard.biesheu...@linaro.org>
Subject: [PATCH] CryptoPkg/OpensslLib: ignore uninitialized warning

We also got maybe-uninitialized warning when building OpensslLib.inf with GCC48 
for ARM and AARCH64, so add -Wno-error=maybe-uninitialized build option just as 
other platforms.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Heyi Guo <heyi@linaro.org>
Cc: Qin Long <qin.l...@intel.com>
Cc: Ting Ye <ting...@intel.com>
Cc: Ard Biesheuvel <ard.biesheu...@linaro.org>
---
 CryptoPkg/Library/OpensslLib/OpensslLib.inf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf 
b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index 10021f8..55a6fa3 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -559,8 +559,8 @@
   GCC:*_*_IA32_CC_FLAGS= -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized
   GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-error=format -Wno-format -DNO_MSABI_VA_FUNCS
   GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-format
-  GCC:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS)
-  GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-format
+  GCC:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized
+  GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS) 
+ -Wno-error=maybe-uninitialized -Wno-format
 
   # suppress the following warnings in openssl so we don't break the build 
with warnings-as-errors:
   # 1295: Deprecated declaration  - give arg types
--
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] CryptoPkg: Adding OpenSSL as one submodule of EDKII repo

2018-01-15 Thread Long Qin 
A submodule allows to keep another Git repository in a subdirectory
of main repository. The submodule repository has its own history, which
does not interfere with the history of the current repository. This can
be used to have external dependencies such as third party libraries.

After the extra patch for EDKII-OpenSSL build was removed, OpenSSL can
be one typical submodule use case in EDKII project. This patch adds the
openssl git repository into EDKII project as one submodule.

One .gitmodules file will be generated with the submodule info:
[submodule "CryptoPkg/Library/OpensslLib/openssl"]
path = CryptoPkg/Library/OpensslLib/openssl
url = https://github.com/openssl/openssl

The user can use the following command to clone both main EDKII repo and
openssl submodule:
   1) Add the "--recursive" flag to their git clone command:
  $ git clone --recursive https://github.com/tianocore/edk2
or 2) Manually initialize and the submodules after the clone operation:
  $ git clone https://github.com/tianocore/edk2
  $ git submodule update -–init -–recursive

For Pull operations, "git pull" will not update the submodule repository.
So the following combined commands can be used to pull the remote submodule
updates (e.g. Updating to new supported OpenSSL release)
  $ git pull –-recurse-submodules && \
git submodule update -–recursive --remote

Cc: Ye Ting 
Cc: Liming Gao 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long 
---
 .gitmodules|  3 +++
 CryptoPkg/.gitignore   |  1 -
 CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt | 29 +-
 CryptoPkg/Library/OpensslLib/openssl   |  1 +
 4 files changed, 19 insertions(+), 15 deletions(-)
 create mode 100644 .gitmodules
 delete mode 100644 CryptoPkg/.gitignore
 create mode 16 CryptoPkg/Library/OpensslLib/openssl

diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 00..e4ae0c1c16
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "CryptoPkg/Library/OpensslLib/openssl"]
+   path = CryptoPkg/Library/OpensslLib/openssl
+   url = https://github.com/openssl/openssl
diff --git a/CryptoPkg/.gitignore b/CryptoPkg/.gitignore
deleted file mode 100644
index 731c275ae1..00
--- a/CryptoPkg/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-Library/OpensslLib/openssl*/
diff --git a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt 
b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
index d152138129..ac63d4c077 100644
--- a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
+++ b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
@@ -25,21 +25,22 @@ on the cryptography.
 =
   HOW to Install OpenSSL for UEFI Building
 =
-1. Clone the latest official OpenSSL release into the directory
- CryptoPkg/Library/OpensslLib/openssl/
+  OpenSSL repository was added as one submodule of EDKII project.
 
-   Use OpenSSL-1.1.0g release as one example:
- (OpenSSL_1_1_0g below is the tag name for the OpenSSL-1.1.0g release)
- > cd CryptoPkg/Library/OpensslLib
- > git clone -b OpenSSL_1_1_0g https://github.com/openssl/openssl openssl
- or
- > git clone https://github.com/openssl/openssl openssl
- > git checkout OpenSSL_1_1_0g
-Or
-2. Download the latest OpenSSL release package from the official website:
- https://www.openssl.org/source/
-   and unpack the OpenSSL source into:
- CryptoPkg/Library/OpensslLib/openssl/
+  The user can use the following commands to clone both main EDKII repo and
+openssl submodule:
+  1) Add the "--recursive" flag to the git clone command:
+ $ git clone --recursive https://github.com/tianocore/edk2
+or
+  2) Manually initialize and update the submodules after the clone operation
+ on main project:
+ $ git clone https://github.com/tianocore/edk2
+ $ git submodule update --init --recursive
+
+  And use the following combined commands to pull the remote submodule updates
+(e.g. Updating the new supported OpenSSL release tag):
+ $ git pull --recurse-submodules && \
+   git submodule update --recursive --remote
 
 =
   About process_files.pl
diff --git a/CryptoPkg/Library/OpensslLib/openssl 
b/CryptoPkg/Library/OpensslLib/openssl
new file mode 16
index 00..b2758a2292
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl
@@ -0,0 +1 @@
+Subproject commit b2758a2292aceda93e9f44c219b94fe21bb9a650
-- 
2.15.1.windows.2

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] SecurityPkg/PhysicalPresenceLib: Reject illegal PCR bank allocation

2018-01-14 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang, 
Chao B
Sent: Monday, January 15, 2018 3:29 PM
To: edk2-devel@lists.01.org
Cc: Yao, Jiewen <jiewen@intel.com>; Zhang, Chao B <chao.b.zh...@intel.com>; 
Long, Qin <qin.l...@intel.com>
Subject: [edk2] [PATCH] SecurityPkg/PhysicalPresenceLib: Reject illegal PCR 
bank allocation

According to TCG PP1.3 spec, error PCR bank allocation input should be rejected 
by Physical Presence. Firmware has to ensure that at least one PCR banks is 
active.

Cc: Long Qin <qin.l...@intel.com>
Cc: Yao Jiewen <jiewen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
 .../DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c  | 12 
 1 file changed, 12 insertions(+)

diff --git 
a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c 
b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c
index 5bf95a1..5ece8e5 100644
--- 
a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c
+++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPres
+++ enceLib.c
@@ -186,6 +186,18 @@ Tcg2ExecutePhysicalPresence (
 case TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS:
   Status = Tpm2GetCapabilitySupportedAndActivePcrs 
(, );
   ASSERT_EFI_ERROR (Status);
+
+  //
+  // PP spec requirements:
+  //Firmware should check that all requested (set) hashing algorithms 
are supported with respective PCR banks.
+  //Firmware has to ensure that at least one PCR banks is active.
+  // If not, an error is returned and no action is taken.
+  //
+  if (CommandParameter == 0 || (CommandParameter & 
(~TpmHashAlgorithmBitmap)) != 0) {
+DEBUG((DEBUG_ERROR, "PCR banks %x to allocate are not supported by 
TPM. Skip operation\n", CommandParameter));
+return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
+  }
+
   Status = Tpm2PcrAllocateBanks (PlatformAuth, TpmHashAlgorithmBitmap, 
CommandParameter);
   if (EFI_ERROR (Status)) {
 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
--
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] CrptoPkg/BaseCryptLib: Fix type mismatch when calling OpenSSL function

2018-01-14 Thread Long, Qin 
Chao,

Could you leverage the EFI type instead of C type here for consistence? 
We can use "INT32" type for Asn1Tag and ObjClass, and one "UINTN" Length should 
be OK with one extra zeroing here.


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Zhang, Chao B 
Sent: Monday, January 15, 2018 10:00 AM
To: edk2-devel@lists.01.org
Cc: Long, Qin <qin.l...@intel.com>; Chen, Chen A <chen.a.c...@intel.com>; 
Zhang, Chao B <chao.b.zh...@intel.com>
Subject: [PATCH] CrptoPkg/BaseCryptLib: Fix type mismatch when calling OpenSSL 
function

Type definition in UEFI & OpeenSSL is different. Sometime it could cause write 
overflow. Should use same data type when accessing the same region

Cc: Long Qin <qin.l...@intel.com>
Cc: Chen Chen <chen.a.c...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index bf7c4cc..a3c9d12 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -644,9 +644,9 @@ X509GetTBSCert (
   )
 {
   CONST UINT8  *Temp;
-  INTN Asn1Tag;
-  INTN ObjClass;
-  UINTNLength;
+  int  Asn1Tag;
+  int  ObjClass;
+  long Length;
 
   //
   // Check input parameters.
--
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] CryptoPkg/OpensslLib: Suppress format warning with extra flag.

2018-01-11 Thread Long Qin 
Under a certain [outdated] GCC482 compiler, the new-added "-Wno-format"
flag will not take effect, and break the x86_64 build.
This is one known issue in some Ubuntu/GCC-4.8.2 environment, which will
overwrite "-Wno-format" with some default setting.  see more information
and discussion from:
  https://gcc.gnu.org/ml/gcc-help/2014-03/msg3.html
  https://wiki.ubuntu.com/ToolChain/CompilerFlags
This patch adds one extra "-Wno-error=format" for gcc x86_64 builds to
suppress this warning.

Cc: Ard Biesheuvel <ard.biesheu...@linaro.org>
Cc: Liming Gao <liming@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Long Qin <qin.l...@intel.com>
---
 CryptoPkg/Library/OpensslLib/OpensslLib.inf   | 2 +-
 CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf 
b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index f3eb19afd3..10021f8503 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -557,7 +557,7 @@
   #   types appropriate to the format string specified.
   #
   GCC:*_*_IA32_CC_FLAGS= -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized
-  GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-format -DNO_MSABI_VA_FUNCS
+  GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-error=format -Wno-format -DNO_MSABI_VA_FUNCS
   GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-format
   GCC:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS)
   GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-format
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf 
b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
index 88134b5b5f..ff598e7d43 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
@@ -518,7 +518,7 @@
   #   types appropriate to the format string specified.
   #
   GCC:*_*_IA32_CC_FLAGS= -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized
-  GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-format -DNO_MSABI_VA_FUNCS
+  GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-error=format -Wno-format -DNO_MSABI_VA_FUNCS
   GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-format
   GCC:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS)
   GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-format
-- 
2.15.1.windows.2

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] CryptoPkg/OpensslLib AARCH64: disable rather than demote format warning

2017-12-27 Thread Long, Qin 
This makes sense to me. 
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org] 
Sent: Wednesday, December 27, 2017 5:27 PM
To: edk2-devel@lists.01.org; Long, Qin <qin.l...@intel.com>; Ye, Ting 
<ting...@intel.com>
Cc: Ard Biesheuvel <ard.biesheu...@linaro.org>
Subject: [PATCH] CryptoPkg/OpensslLib AARCH64: disable rather than demote 
format warning

We recently added -Wno-error=format to the OpenSslLib build script to work 
around an issue in the upstream OpenSSL code. This does not inhibit the 
warning, but prevents it from breaking the build by not treating it as a fatal 
error.

Unfortunately, this interacts poorly with the -Wno-unused-const-variable option 
that we added to GCC49 and later. Those versions of GCC ignore -Wno- 
options that they don't understand, unless warnings are emitted for another 
reason, in which case the warning is emitted after all, and in our case, this 
breaks the build when the non-fatal format warning is emitted.

CryptoPkg/Library/OpensslLib/openssl/crypto/asn1/x_int64.c: In function 
'uint64_print':
CryptoPkg/Library/OpensslLib/openssl/crypto/asn1/x_int64.c:105:32: warning: 
format '%ld' expects argument of type 'long int', but argument 3 has type 
'int64_t {aka long long int}' [-Wformat=]
 return BIO_printf(out, "%"BIO_PRI64"d\n", **(int64_t **)pval);
^
CryptoPkg/Library/OpensslLib/openssl/crypto/asn1/x_int64.c:106:28: warning: 
format '%lu' expects argument of type 'long unsigned int', but argument 3 has 
type 'uint64_t {aka long long unsigned int}' [-Wformat=]
 return BIO_printf(out, "%"BIO_PRI64"u\n", **(uint64_t **)pval);
^
CryptoPkg/Library/OpensslLib/openssl/crypto/asn1/x_int64.c: At top level:
cc1: error: unrecognized command line option '-Wno-unused-const-variable' 
[-Werror]
cc1: all warnings being treated as errors

So replace -Wno-error=format with -Wno-format to suppress the warning entirely.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheu...@linaro.org>
---
 CryptoPkg/Library/OpensslLib/OpensslLib.inf   | 6 +++---
 CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf 
b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index 602953eefff7..f3eb19afd34e 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -557,10 +557,10 @@ [BuildOptions]
   #   types appropriate to the format string specified.
   #
   GCC:*_*_IA32_CC_FLAGS= -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized
-  GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-error=format -DNO_MSABI_VA_FUNCS
-  GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-error=format
+  GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-format -DNO_MSABI_VA_FUNCS
+  GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-format
   GCC:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS)
-  GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-error=format
+  GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-format
 
   # suppress the following warnings in openssl so we don't break the build 
with warnings-as-errors:
   # 1295: Deprecated declaration  - give arg types diff --git 
a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf 
b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
index f697243f9787..88134b5b5ff3 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
@@ -518,10 +518,10 @@ [BuildOptions]
   #   types appropriate to the format string specified.
   #
   GCC:*_*_IA32_CC_FLAGS= -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized
-  GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-error=format -DNO_MSABI_VA_FUNCS
-  GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-error=format
+  GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-format -DNO_MSABI_VA_FUNCS
+  GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-format
   GCC:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS)
-  GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-error=format
+  GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-format
 
   # suppress the following warnings in openssl so we don't break the build 
with warnings-as-errors:
   # 1295: Deprecated declaration  - give arg types
--
2.11.

Re: [edk2] [PATCH] CryptoPkg/OpensslLib AARCH64: suppress format string warning

2017-12-27 Thread Long, Qin 
Thanks, Ard.
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Ard 
Biesheuvel
Sent: Wednesday, December 27, 2017 4:05 PM
To: edk2-devel@lists.01.org; Long, Qin <qin.l...@intel.com>; Ye, Ting 
<ting...@intel.com>
Cc: Ard Biesheuvel <ard.biesheu...@linaro.org>
Subject: [edk2] [PATCH] CryptoPkg/OpensslLib AARCH64: suppress format string 
warning

On GCC Build: openssl-1.1.0g introduced one additional build warning:
 ...\openssl\crypto\asn1\x_int64.c:105:32: error: format '%ld' expects
 argument of type 'long int', but argument 3 has type 'int64_t
 {aka long long int}' [-Werror=format=]  return BIO_printf(out, 
"%"BIO_PRI64"d\n", **(int64_t **)pval);
 ^
Add "-Wno-error=format" to GCC build flags to suppress this warning, since we 
have no real printf usage in BaseCryptLib, and BIO_printf() was already wrapped 
as a dummy implementation in CryptoPkg.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheu...@linaro.org>
---
 CryptoPkg/Library/OpensslLib/OpensslLib.inf   | 2 +-
 CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf 
b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index 5302ad7fb5ef..602953eefff7 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -560,7 +560,7 @@ [BuildOptions]
   GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-error=format -DNO_MSABI_VA_FUNCS
   GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-error=format
   GCC:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS)
-  GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS)
+  GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-error=format
 
   # suppress the following warnings in openssl so we don't break the build 
with warnings-as-errors:
   # 1295: Deprecated declaration  - give arg types diff --git 
a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf 
b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
index 0c7f9e9e66f4..f697243f9787 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
@@ -521,7 +521,7 @@ [BuildOptions]
   GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-error=format -DNO_MSABI_VA_FUNCS
   GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) 
-Wno-error=maybe-uninitialized -Wno-error=format
   GCC:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS)
-  GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS)
+  GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-error=format
 
   # suppress the following warnings in openssl so we don't break the build 
with warnings-as-errors:
   # 1295: Deprecated declaration  - give arg types
--
2.11.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0g

2017-12-26 Thread Long, Qin 
Hi, Ard,

Could you kindly help to produce one extra patch to fix and validate this ARM & 
AARCH64 build?  Thanks.


Best Regards & Thanks,
LONG, Qin

From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org]
Sent: Wednesday, December 27, 2017 3:25 AM
To: Ye, Ting <ting...@intel.com>
Cc: Long, Qin <qin.l...@intel.com>; edk2-devel@lists.01.org
Subject: Re: [edk2] [PATCH] CryptoPkg/OpensslLib: Update OpenSSL version to 
1.1.0g

On 25 December 2017 at 07:14, Ye, Ting 
<ting...@intel.com<mailto:ting...@intel.com>> wrote:
> Reviewed-by: Ye Ting <ting...@intel.com<mailto:ting...@intel.com>>
>
>
> -Original Message-
> From: Long, Qin
> Sent: Friday, December 22, 2017 2:28 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Ye, Ting <ting...@intel.com<mailto:ting...@intel.com>>
> Subject: [PATCH] CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0g
>
> Update the supported OpenSSL version to the latest 1.1.0g (02-Nov-2017).
> The changes includes:
>  - Re-generate the OpensslLib[crypto].inf using process_files.pl script
>to reflect the openssl source changes.
>  - Update OpenSSL-HOWTO.txt
>  - On Visual Studio Build: adding "/wd4819" to disable one addition build
>warning issue, which was already fixed in OpenSSL-HEAD
>https://github.com/openssl/openssl/pull/4691.
>  - On GCC Build: openssl-1.1.0g introduced one additional build warning:
> ...\openssl\crypto\asn1\x_int64.c:105:32: error: format '%ld' expects
> argument of type 'long int', but argument 3 has type 'int64_t
> {aka long long int}' [-Werror=format=]
> return BIO_printf(out, "%"BIO_PRI64"d\n", **(int64_t **)pval);
> ^
> Adding "-Wno-error=format" to GCC build flag to suppress this warning,
> since we have no real printf usage in BaseCryptLib, and BIO_printf()
> was already wrappered as the dummy implementation in CryptoPkg.
>

This patch does not add this flag to GCC for ARM or AARCH64, so the
build is now broken.

Please fix.

> Cc: Ye Ting <ting...@intel.com<mailto:ting...@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Long Qin <qin.l...@intel.com<mailto:qin.l...@intel.com>>
> ---
>  CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt| 10 +-
>  CryptoPkg/Library/OpensslLib/OpensslLib.inf   | 14 +-
>  CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 14 +-
>  CryptoPkg/Library/OpensslLib/buildinf.h   |  2 +-
>  4 files changed, 24 insertions(+), 16 deletions(-)
>
> diff --git a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt 
> b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
> index e8b0bab010..d152138129 100644
> --- a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
> +++ b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
> @@ -18,7 +18,7 @@ on the cryptography.
>   OpenSSL-Version  
> =
>EDKII supports building with the latest release of OpenSSL.
> -  The latest official release is OpenSSL-1.1.0e (Released at 2017-Feb-16).
> +  The latest official release is OpenSSL-1.1.0g (Released at 2017-Nov-02).
>NOTE: Only latest release version was fully validated.
>  And no guarantees on build & functionality if using other versions.
>
> @@ -28,13 +28,13 @@ on the cryptography.
>  1. Clone the latest official OpenSSL release into the directory
>   CryptoPkg/Library/OpensslLib/openssl/
>
> -   Use OpenSSL-1.1.0e release as one example:
> - (OpenSSL_1_1_0e below is the tag name for the OpenSSL-1.1.0e release)
> +   Use OpenSSL-1.1.0g release as one example:
> + (OpenSSL_1_1_0g below is the tag name for the OpenSSL-1.1.0g
> + release)
>   > cd CryptoPkg/Library/OpensslLib
> - > git clone -b OpenSSL_1_1_0e https://github.com/openssl/openssl openssl
> + > git clone -b OpenSSL_1_1_0g https://github.com/openssl/openssl
> + openssl
>   or
>   > git clone https://github.com/openssl/openssl openssl
> - > git checkout OpenSSL_1_1_0e
> + > git checkout OpenSSL_1_1_0g
>  Or
>  2. Download the latest OpenSSL release package from the official website:
>   https://www.openssl.org/source/
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf 
> b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> index 1d15da6660..5302ad7fb5 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> @@ -95,6 +95,7 @@
>$(OPENSSL_PATH)/crypto/asn1/x_algor.c
>$(OPENSSL_PATH)/crypto/asn1/x_bignu

[edk2] [PATCH] SecurityPkg: Remove RngTest Application from SecurityPkg

2017-12-21 Thread Long Qin 
BZ#: https://bugzilla.tianocore.org/show_bug.cgi?id=820
Remove the RngTest application from SecurityPkg, which was only for
unit test.

Cc: Chao Zhang <chao.b.zh...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long Qin <qin.l...@intel.com>
---
 SecurityPkg/Application/RngTest/RngTest.c| 234 ---
 SecurityPkg/Application/RngTest/RngTest.inf  |  57 --
 SecurityPkg/Application/RngTest/RngTest.uni  |  23 ---
 SecurityPkg/Application/RngTest/RngTestExtra.uni |  18 --
 SecurityPkg/SecurityPkg.dsc  |   5 -
 5 files changed, 337 deletions(-)
 delete mode 100644 SecurityPkg/Application/RngTest/RngTest.c
 delete mode 100644 SecurityPkg/Application/RngTest/RngTest.inf
 delete mode 100644 SecurityPkg/Application/RngTest/RngTest.uni
 delete mode 100644 SecurityPkg/Application/RngTest/RngTestExtra.uni

diff --git a/SecurityPkg/Application/RngTest/RngTest.c 
b/SecurityPkg/Application/RngTest/RngTest.c
deleted file mode 100644
index f501f806e9..00
--- a/SecurityPkg/Application/RngTest/RngTest.c
+++ /dev/null
@@ -1,234 +0,0 @@
-/** @file
-  UEFI RNG (Random Number Generator) Protocol test application.
-
-Copyright (c) 2013, Intel Corporation. All rights reserved.
-This program and the accompanying materials 
-are licensed and made available under the terms and conditions of the BSD 
License 
-which accompanies this distribution.  The full text of the license may be 
found at 
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-/**
-  The user Entry Point for Application. The user code starts with this function
-  as the real entry point for the application.
-
-  @param[in] ImageHandleThe firmware allocated handle for the EFI image.  
-  @param[in] SystemTableA pointer to the EFI System Table.
-  
-  @retval EFI_SUCCESS   The entry point is executed successfully.
-  @retval other Some error occurs when executing this entry point.
-
-**/
-EFI_STATUS
-EFIAPI
-UefiMain (
-  IN EFI_HANDLEImageHandle,
-  IN EFI_SYSTEM_TABLE  *SystemTable
-  )
-{
-  EFI_STATUS Status;
-  EFI_RNG_PROTOCOL   *Rng;
-  UINTN  RngAlgListSize;
-  EFI_RNG_ALGORITHM  RngAlgList[10];
-  EFI_RNG_ALGORITHM  *PtrRngAlg;
-  UINTN  RngAlgCount;
-  UINT8  *Rand;
-  UINTN  RandSize;
-  UINTN  Index;
-  UINTN  Index2;
-
-  Status= EFI_SUCCESS;
-  PtrRngAlg = NULL;
-  Rand  = NULL;
-
-  Print (L"UEFI RNG Protocol Testing :\n");
-  Print (L"\n");
-
-  //-
-  // Basic UEFI RNG Protocol Test
-  //-
-  Print (L" -- Locate UEFI RNG Protocol : ");
-  Status = gBS->LocateProtocol (, NULL, (VOID **));
-  if (EFI_ERROR (Status)) {
-Print (L"[Fail - Status = %r]\n", Status);
-goto Exit;
-  } else {
-Print (L"[Pass]\n");
-  }
-
-  //-
-  // Rng->GetInfo() interface test.
-  //-
-  
-  Print (L" -- Call RNG->GetInfo() interface : ");
-  RngAlgListSize = 0;
-  Status = Rng->GetInfo (Rng, , NULL);
-  if (Status != EFI_BUFFER_TOO_SMALL) {
-Print (L"[Fail - Status = %r]\n", Status);
-  }
-  //
-  // Print out the supported RNG algorithm GUIDs
-  //
-  RngAlgCount = RngAlgListSize / sizeof (EFI_RNG_ALGORITHM);
-  Print (L"\n >> Supported RNG Algorithm (Count = %d) : ", RngAlgCount);
-  Status = Rng->GetInfo (Rng, , RngAlgList);
-  for (Index = 0; Index < RngAlgCount; Index++) {
-PtrRngAlg = (EFI_RNG_ALGORITHM *)([Index]);
-Print (L"\n  %d) ", Index);
-Print (L"%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", 
PtrRngAlg->Data1,
- PtrRngAlg->Data2, PtrRngAlg->Data3, PtrRngAlg->Data4[0], 
PtrRngAlg->Data4[1],
- PtrRngAlg->Data4[2], PtrRngAlg->Data4[3], PtrRngAlg->Data4[4],
- PtrRngAlg->Data4[5], PtrRngAlg->Data4[6], PtrRngAlg->Data4[7]);   
 
-  }
-
-  //-
-  // Rng->GetRNG() interface test.
-  //-
-  Print (L"\n -- Call RNG->GetRNG() interface : ");
-
-  //
-  // Allocate one buffer to store random data.
-  //
-  RandSize = 32;
-  Rand = AllocatePool (RandSize);
-  if (Rand == NULL) {
-goto Exit;
-  }
-  
-  //
-  // RNG with default algorithm
-  //
-  Print (L"\n >> RNG with default algorithm : ");
-  Status = Rng->GetRNG (Rng, NULL, RandSize, Rand);

[edk2] [PATCH] CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0g

2017-12-21 Thread Long Qin 
Update the supported OpenSSL version to the latest 1.1.0g (02-Nov-2017).
The changes includes:
 - Re-generate the OpensslLib[crypto].inf using process_files.pl script
   to reflect the openssl source changes.
 - Update OpenSSL-HOWTO.txt
 - On Visual Studio Build: adding "/wd4819" to disable one addition build
   warning issue, which was already fixed in OpenSSL-HEAD
   https://github.com/openssl/openssl/pull/4691.
 - On GCC Build: openssl-1.1.0g introduced one additional build warning:
...\openssl\crypto\asn1\x_int64.c:105:32: error: format '%ld' expects
argument of type 'long int', but argument 3 has type 'int64_t
{aka long long int}' [-Werror=format=]
return BIO_printf(out, "%"BIO_PRI64"d\n", **(int64_t **)pval);
^
Adding "-Wno-error=format" to GCC build flag to suppress this warning,
since we have no real printf usage in BaseCryptLib, and BIO_printf()
was already wrappered as the dummy implementation in CryptoPkg.

Cc: Ye Ting <ting...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Long Qin <qin.l...@intel.com>
---
 CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt| 10 +-
 CryptoPkg/Library/OpensslLib/OpensslLib.inf   | 14 +-
 CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 14 +-
 CryptoPkg/Library/OpensslLib/buildinf.h   |  2 +-
 4 files changed, 24 insertions(+), 16 deletions(-)

diff --git a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt 
b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
index e8b0bab010..d152138129 100644
--- a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
+++ b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
@@ -18,7 +18,7 @@ on the cryptography.
  OpenSSL-Version
 =
   EDKII supports building with the latest release of OpenSSL.
-  The latest official release is OpenSSL-1.1.0e (Released at 2017-Feb-16).
+  The latest official release is OpenSSL-1.1.0g (Released at 2017-Nov-02).
   NOTE: Only latest release version was fully validated.
 And no guarantees on build & functionality if using other versions.
 
@@ -28,13 +28,13 @@ on the cryptography.
 1. Clone the latest official OpenSSL release into the directory
  CryptoPkg/Library/OpensslLib/openssl/
 
-   Use OpenSSL-1.1.0e release as one example:
- (OpenSSL_1_1_0e below is the tag name for the OpenSSL-1.1.0e release)
+   Use OpenSSL-1.1.0g release as one example:
+ (OpenSSL_1_1_0g below is the tag name for the OpenSSL-1.1.0g release)
  > cd CryptoPkg/Library/OpensslLib
- > git clone -b OpenSSL_1_1_0e https://github.com/openssl/openssl openssl
+ > git clone -b OpenSSL_1_1_0g https://github.com/openssl/openssl openssl
  or
  > git clone https://github.com/openssl/openssl openssl
- > git checkout OpenSSL_1_1_0e
+ > git checkout OpenSSL_1_1_0g
 Or
 2. Download the latest OpenSSL release package from the official website:
  https://www.openssl.org/source/
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf 
b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index 1d15da6660..5302ad7fb5 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -95,6 +95,7 @@
   $(OPENSSL_PATH)/crypto/asn1/x_algor.c
   $(OPENSSL_PATH)/crypto/asn1/x_bignum.c
   $(OPENSSL_PATH)/crypto/asn1/x_info.c
+  $(OPENSSL_PATH)/crypto/asn1/x_int64.c
   $(OPENSSL_PATH)/crypto/asn1/x_long.c
   $(OPENSSL_PATH)/crypto/asn1/x_pkey.c
   $(OPENSSL_PATH)/crypto/asn1/x_sig.c
@@ -539,10 +540,11 @@
   #   C4389: 'operator' : signed/unsigned mismatch ()
   #   C4702: unreachable code
   #   C4706: assignment within conditional expression
+  #   C4819: The file contains a character that cannot be represented in the 
current code page
   #
-  MSFT:*_*_IA32_CC_FLAGS   = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) 
/wd4090 /wd4244 /wd4245 /wd4267 /wd4389 /wd4702 /wd4706
-  MSFT:*_*_X64_CC_FLAGS= -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) 
/wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706
-  MSFT:*_*_IPF_CC_FLAGS= -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) 
/wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706
+  MSFT:*_*_IA32_CC_FLAGS   = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) 
/wd4090 /wd4244 /wd4245 /wd4267 /wd4389 /wd4702 /wd4706 /wd4819
+  MSFT:*_*_X64_CC_FLAGS= -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) 
/wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 /wd4819
+  MSFT:*_*_IPF_CC_FLAGS= -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) 
/wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 /wd4819
 
   INTEL:*_*_IA32_CC_FLAGS  = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC 
$(OPENSSL_FLAGS) /w
   INTEL:*_*_X64_CC_FLAGS   = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC 
$(OPENSSL_FLAGS

Re: [edk2] [Patch] CryptoPkg/TlsLib: Add some parameter check and clarification.

2017-12-21 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Wu, Jiaxin 
Sent: Thursday, December 21, 2017 1:17 PM
To: edk2-devel@lists.01.org
Cc: Ye, Ting <ting...@intel.com>; Long, Qin <qin.l...@intel.com>; Fu, Siyuan 
<siyuan...@intel.com>; Wu, Jiaxin <jiaxin...@intel.com>
Subject: [Patch] CryptoPkg/TlsLib: Add some parameter check and clarification.

Cc: Ye Ting <ting...@intel.com>
Cc: Long Qin <qin.l...@intel.com>
Cc: Fu Siyuan <siyuan...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin...@intel.com>
---
 CryptoPkg/Include/Library/TlsLib.h   | 6 ++
 CryptoPkg/Library/TlsLib/TlsConfig.c | 8 +++-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/CryptoPkg/Include/Library/TlsLib.h 
b/CryptoPkg/Include/Library/TlsLib.h
index b69d513..e19a38a 100644
--- a/CryptoPkg/Include/Library/TlsLib.h
+++ b/CryptoPkg/Include/Library/TlsLib.h
@@ -521,10 +521,12 @@ TlsSetCertRevocationList (
   Gets the protocol version used by the specified TLS connection.
 
   This function returns the protocol version used by the specified TLS
   connection.
 
+  If Tls is NULL, then ASSERT().
+
   @param[in]  TlsPointer to the TLS object.
 
   @return  The protocol version of the specified TLS connection.
 
 **/
@@ -538,10 +540,12 @@ TlsGetVersion (
   Gets the connection end of the specified TLS connection.
 
   This function returns the connection end (as client or as server) used by
   the specified TLS connection.
 
+  If Tls is NULL, then ASSERT().
+
   @param[in]  TlsPointer to the TLS object.
 
   @return  The connection end used by the specified TLS connection.
 
 **/
@@ -599,10 +603,12 @@ TlsGetCurrentCompressionId (
   Gets the verification mode currently set in the TLS connection.
 
   This function returns the peer verification mode currently set in the
   specified TLS connection.
 
+  If Tls is NULL, then ASSERT().
+
   @param[in]  TlsPointer to the TLS object.
 
   @return  The verification mode set in the specified TLS connection.
 
 **/
diff --git a/CryptoPkg/Library/TlsLib/TlsConfig.c 
b/CryptoPkg/Library/TlsLib/TlsConfig.c
index 4c88229..2ffe58a 100644
--- a/CryptoPkg/Library/TlsLib/TlsConfig.c
+++ b/CryptoPkg/Library/TlsLib/TlsConfig.c
@@ -640,10 +640,12 @@ TlsSetCertRevocationList (
   Gets the protocol version used by the specified TLS connection.
 
   This function returns the protocol version used by the specified TLS
   connection.
 
+  If Tls is NULL, then ASSERT().
+
   @param[in]  TlsPointer to the TLS object.
 
   @return  The protocol version of the specified TLS connection.
 
 **/
@@ -666,10 +668,12 @@ TlsGetVersion (
   Gets the connection end of the specified TLS connection.
 
   This function returns the connection end (as client or as server) used by
   the specified TLS connection.
 
+  If Tls is NULL, then ASSERT().
+
   @param[in]  TlsPointer to the TLS object.
 
   @return  The connection end used by the specified TLS connection.
 
 **/
@@ -759,10 +763,12 @@ TlsGetCurrentCompressionId (
   Gets the verification mode currently set in the TLS connection.
 
   This function returns the peer verification mode currently set in the
   specified TLS connection.
 
+  If Tls is NULL, then ASSERT().
+
   @param[in]  TlsPointer to the TLS object.
 
   @return  The verification mode set in the specified TLS connection.
 
 **/
@@ -982,11 +988,11 @@ TlsGetHostPublicCert (
   TLS_CONNECTION  *TlsConn;
 
   Cert= NULL;
   TlsConn = (TLS_CONNECTION *) Tls;
 
-  if (TlsConn == NULL || TlsConn->Ssl == NULL || DataSize == NULL) {
+  if (TlsConn == NULL || TlsConn->Ssl == NULL || DataSize == NULL || 
(*DataSize != 0 && Data == NULL)) {
 return EFI_INVALID_PARAMETER;
   }
 
   Cert = SSL_get_certificate(TlsConn->Ssl);
   if (Cert == NULL) {
-- 
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] SecurityPkg:Tcg2Smm: Update Interrupt resource name

2017-12-12 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>



Best Regards & Thanks,
LONG, Qin

-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang, 
Chao B
Sent: Tuesday, December 12, 2017 3:41 PM
To: edk2-devel@lists.01.org
Cc: Yao, Jiewen <jiewen@intel.com>; Zhang, Chao B <chao.b.zh...@intel.com>; 
Long, Qin <qin.l...@intel.com>
Subject: [edk2] [PATCH] SecurityPkg:Tcg2Smm: Update Interrupt resource name

Update TPM interrupt resource descriptor name for better compatibility to old 
ASL compiler.

Cc: Long Qin <qin.l...@intel.com>
Cc: Jiewen Yao <jiewen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
 SecurityPkg/Tcg/Tcg2Smm/Tpm.asl | 14 +++---
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl 
index 76a8a13..f528305 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
@@ -97,7 +97,7 @@ DefinitionBlock (
 
   Name(RESO, ResourceTemplate () {
 Memory32Fixed (ReadWrite, 0xfed4, 0x5000, REGS)
-Interrupt(ResourceConsumer, Level, ActiveLow, Shared, , , IRQ) {12}
+Interrupt(ResourceConsumer, Level, ActiveLow, Shared, , , INTR) 
+ {12}
   })
 
   //
@@ -120,16 +120,16 @@ DefinitionBlock (
 // Use the field name to identify the offsets in the argument
 // buffer and RESO buffer.
 //
-CreateDWordField(Arg0, ^IRQ._INT, IRQ0)
-CreateDWordField(RESO, ^IRQ._INT, LIRQ)
+CreateDWordField(Arg0, ^INTR._INT, IRQ0)
+CreateDWordField(RESO, ^INTR._INT, LIRQ)
 Store(IRQ0, LIRQ)
 
-CreateBitField(Arg0, ^IRQ._HE, ITRG)
-CreateBitField(RESO, ^IRQ._HE, LTRG)
+CreateBitField(Arg0, ^INTR._HE, ITRG)
+CreateBitField(RESO, ^INTR._HE, LTRG)
 Store(ITRG, LTRG)
 
-CreateBitField(Arg0, ^IRQ._LL, ILVL)
-CreateBitField(RESO, ^IRQ._LL, LLVL)
+CreateBitField(Arg0, ^INTR._LL, ILVL)
+CreateBitField(RESO, ^INTR._LL, LLVL)
 Store(ILVL, LLVL)
 
 //
--
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] Timebased Auth Variable driver should ensure AuthAlgorithm is SHA256 before further verification

2017-12-11 Thread Long, Qin 
Hi, Wim Vervoorn,

Yes, the logic here is a little tricky. We wouldn't like to introduce the full 
ASN.1 parse interfaces to handle the encoding data check. So as the comments 
states, the digestAlgorithms field usually has the fixed offset (based on two 
bytes of length encoding) in one PKCS#7 signedData structure. So the new codes 
(added by that commit) used this assumption to check the Sha256 OID directly. 
  //
  // SignedData.digestAlgorithms shall contain the digest algorithm used when 
preparing the
  // signature. Only a digest algorithm of SHA-256 is accepted.
  //
  //According to PKCS#7 Definition:
  //SignedData ::= SEQUENCE {
  //version Version,
  //digestAlgorithms DigestAlgorithmIdentifiers,
  //contentInfo ContentInfo,
  // }
  //The DigestAlgorithmIdentifiers can be used to determine the hash 
algorithm 
  //in VARIABLE_AUTHENTICATION_2 descriptor.
  //This field has the fixed offset (+13) and be calculated based on two 
bytes of length encoding.
  //
  ..

One typical ASN.1 structure of PKCS7 Signature is
  ContentInfo {
 contentType = 1.2.840.113549.1.7.2   //(signedData)
 content {
   SignedData {
 version = 1
 ...
   }
 }
  }
But please note, the PKCS#7 signedData definition for Authenticated Variable in 
UEFI spec didn't include the contentType fields. So if you used some 
third-party tool (e.g. OpenSSL) to generate the signedData, you need to 
strip-off some bytes. 

See more discussion & clarifications from 
https://bugzilla.tianocore.org/show_bug.cgi?id=586
And share us the binary data for more analysis if you still have verification 
issues. 


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Wim 
Vervoorn
Sent: Monday, December 11, 2017 6:40 PM
To: edk2-devel@lists.01.org
Subject: [edk2] Timebased Auth Variable driver should ensure AuthAlgorithm is 
SHA256 before further verification

Hello,

We ran into issues with the Timebased Authenticated variable handling.

In commit: c035e37335ae43229d7e68de74a65f2c01ebc0af

This was added. This assumed the very first tag will be the Sha256 Oid. We have 
noticed situations where this is the case.

The question is if the check below represents the specification and the tools 
generating the databuffer should be changed. Or if this check is not correct. 
It seems to me that the data should be parsed to check for the correct OID and 
not assume this is the first one

  if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
if (SigDataSize >= (13 + sizeof (mSha256OidValue))) {
  if (((*(SigData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) || 
   (CompareMem (SigData + 13, , sizeof 
(mSha256OidValue)) != 0)) {
  return EFI_SECURITY_VIOLATION;
}
}
  }



Modified: SecurityPkg/Library/AuthVariableLib/AuthService.c
Modified: SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h


Best Regards,
Wim Vervoorn

Eltan B.V.
Ambachtstraat 23
5481 SM Schijndel
The Netherlands

T : +31-(0)73-594 46 64
E : wvervo...@eltan.com
W : http://www.eltan.com


"THIS MESSAGE CONTAINS CONFIDENTIAL INFORMATION. UNLESS YOU ARE THE INTENDED 
RECIPIENT OF THIS MESSAGE, ANY USE OF THIS MESSAGE IS STRICTLY PROHIBITED. IF 
YOU HAVE RECEIVED THIS MESSAGE IN ERROR, PLEASE IMMEDIATELY NOTIFY THE SENDER 
BY TELEPHONE +31-(0)73-5944664 OR REPLY EMAIL, AND IMMEDIATELY DELETE THIS 
MESSAGE AND ALL COPIES." 



___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] SecurityPkg:Tcg2Smm: Add MSFT copyright

2017-12-10 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Zhang, Chao B 
Sent: Monday, December 11, 2017 9:34 AM
To: edk2-devel@lists.01.org
Cc: Long, Qin <qin.l...@intel.com>; Yao, Jiewen <jiewen@intel.com>; Zhang, 
Chao B <chao.b.zh...@intel.com>
Subject: [PATCH] SecurityPkg:Tcg2Smm: Add MSFT copyright

Add MSFT copyright for TPM SIRQ feature.

Cc: Long Qin <qin.l...@intel.com>
Cc: Jiewen Yao <jiewen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
 SecurityPkg/Tcg/Tcg2Smm/Tpm.asl | 1 +
 1 file changed, 1 insertion(+)

diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl 
index 68b5073..76a8a13 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
@@ -4,6 +4,7 @@
 
 Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.  
(c)Copyright 2016 HP Development Company, L.P.
+Copyright (c) 2017, Microsoft Corporation.  All rights reserved. 
 This program and the accompanying materials  are licensed and made available 
under the terms and conditions of the BSD License  which accompanies this 
distribution.  The full text of the license may be found at
--
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] CryptoPkg/IntrinsicLib: Fix the warning on memset

2017-11-22 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>

(Thanks, Gary. 
I cannot recall why we used "char" instead of "int" here. Obviously, the 
prototype of CRT memset should use "int").


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Gary Lin [mailto:g...@suse.com] 
Sent: Wednesday, November 22, 2017 12:44 PM
To: edk2-devel@lists.01.org
Cc: Long, Qin <qin.l...@intel.com>; Ye, Ting <ting...@intel.com>
Subject: [PATCH] CryptoPkg/IntrinsicLib: Fix the warning on memset

Gcc issued the warning when compiling CryptoPkg:

CryptoPkg/Library/Include/CrtLibSupport.h:135:17: warning: type of 'memset' 
does not match original declaration [-Wlto-type-mismatch]
 void   *memset (void *, int, size_t);
 ^
CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c:27:8: note: type mismatch in 
parameter 2  void * memset (void *dest, char ch, size_t count)
^

This commit changes the type of ch from char to int to match the declaration.

Cc: Qin Long <qin.l...@intel.com>
Cc: Ting Ye <ting...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Gary Lin <g...@suse.com>
---
 CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c 
b/CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c
index bf485d680d..e095f9aa0d 100644
--- a/CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c
+++ b/CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c
@@ -24,7 +24,7 @@ typedef UINTN  size_t;  int _fltused = 1;
 
 /* Sets buffers to a specified character */ -void * memset (void *dest, char 
ch, size_t count)
+void * memset (void *dest, int ch, size_t count)
 {
   //
   // NOTE: Here we use one base implementation for memset, instead of the 
direct @@ -42,7 +42,7 @@ void * memset (void *dest, char ch, size_t count)
 
   Pointer = (UINT8 *)dest;
   while (count-- != 0) {
-*(Pointer++) = ch;
+*(Pointer++) = (UINT8)ch;
   }
   
   return dest;
--
2.15.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch] CryptoPkg/TlsLib: Change the return type of TlsInitialize().

2017-11-20 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Wu, Jiaxin 
Sent: Friday, November 17, 2017 11:57 AM
To: edk2-devel@lists.01.org
Cc: Ye, Ting <ting...@intel.com>; Long, Qin <qin.l...@intel.com>; Fu, Siyuan 
<siyuan...@intel.com>; Wu, Jiaxin <jiaxin...@intel.com>
Subject: [Patch] CryptoPkg/TlsLib: Change the return type of TlsInitialize().

Currently, in TlsInitialize(), neither the return status of OPENSSL_init_ssl(0, 
or 1) nor the return code of RandomSeed (TRUE or FALSE) is not checked. Also 
VOID is used as the return type of TlsInitialize(), which can't be used to 
capture the returned value for the error handling.

>From Long Qin (CryptoPkg owner):
The early version of OPENSSL_init_ssl() use the "VOID" as the return value, 
which was updated to "int" later because the function changes can fail.

So, this patch is to change the return type of TlsInitialize() to follow up the 
OPENSSL_init_ssl() update.

Cc: Ye Ting <ting...@intel.com>
Cc: Long Qin <qin.l...@intel.com>
Cc: Fu Siyuan <siyuan...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin...@intel.com>
---
 CryptoPkg/Include/Library/TlsLib.h |  7 +--  
CryptoPkg/Library/TlsLib/TlsInit.c | 20 ++--
 2 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/CryptoPkg/Include/Library/TlsLib.h 
b/CryptoPkg/Include/Library/TlsLib.h
index fa6cb99..b69d513 100644
--- a/CryptoPkg/Include/Library/TlsLib.h
+++ b/CryptoPkg/Include/Library/TlsLib.h
@@ -1,9 +1,9 @@
 /** @file
   Defines TLS Library APIs.
 
-Copyright (c) 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
 This program and the accompanying materials  are licensed and made available 
under the terms and conditions of the BSD License  which accompanies this 
distribution.  The full text of the license may be found at  
http://opensource.org/licenses/bsd-license.php
 
@@ -20,12 +20,15 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER 
EXPRESS OR IMPLIED.
 
   This function registers ciphers and digests used directly and indirectly
   by SSL/TLS, and initializes the readable error messages.
   This function must be called before any other action takes places.
 
+  @retval TRUE   The OpenSSL library has been initialized.
+  @retval FALSE  Failed to initialize the OpenSSL library.
+
 **/
-VOID
+BOOLEAN
 EFIAPI
 TlsInitialize (
   VOID
   );
 
diff --git a/CryptoPkg/Library/TlsLib/TlsInit.c 
b/CryptoPkg/Library/TlsLib/TlsInit.c
index e524647..a530ff7 100644
--- a/CryptoPkg/Library/TlsLib/TlsInit.c
+++ b/CryptoPkg/Library/TlsLib/TlsInit.c
@@ -20,30 +20,38 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER 
EXPRESS OR IMPLIED.
 
   This function registers ciphers and digests used directly and indirectly
   by SSL/TLS, and initializes the readable error messages.
   This function must be called before any other action takes places.
 
+  @retval TRUE   The OpenSSL library has been initialized.
+  @retval FALSE  Failed to initialize the OpenSSL library.
+
 **/
-VOID
+BOOLEAN
 EFIAPI
 TlsInitialize (
   VOID
   )
 {
+  INTNRet;
+
   //
   // Performs initialization of crypto and ssl library, and loads required
   // algorithms.
   //
-  OPENSSL_init_ssl (
-OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS,
-NULL
-);
+  Ret = OPENSSL_init_ssl (
+  OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS,
+  NULL
+  );
+  if (Ret != 1) {
+return FALSE;
+  }
 
   //
   // Initialize the pseudorandom number generator.
   //
-  RandomSeed (NULL, 0);
+  return RandomSeed (NULL, 0);
 }
 
 /**
   Free an allocated SSL_CTX object.
 
--
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH 1/2] CryptoPkg/BaseCryptLib: Add C-structure to matching certificate stack

2017-11-06 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>

One minor comment: please leave one space before the structure name:
+} EFI_CERT_DATA;
and
+} EFI_CERT_STACK;


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Chen, Chen A 
Sent: Tuesday, November 7, 2017 9:05 AM
To: edk2-devel@lists.01.org
Cc: Chen, Chen A <chen.a.c...@intel.com>; Long, Qin <qin.l...@intel.com>; 
Zhang, Chao B <chao.b.zh...@intel.com>
Subject: [PATCH 1/2] CryptoPkg/BaseCryptLib: Add C-structure to matching 
certificate stack

The parameter CertStack of Pkcs7GetSigners will return all embedded X.509 
certificate in one given PKCS7 signature. The format is:
//
// UINT8  CertNumber;
// UINT32 Cert1Length;
// UINT8  Cert1[];
// UINT32 Cert2Length;
// UINT8  Cert2[];
// ...
// UINT32 CertnLength;
// UINT8  Certn[];
//
Add EFI_CERT_STACK and EFI_CERT_DATA structure, these two C-structure are used 
for parsing CertStack more clearly.

Cc: Long Qin <qin.l...@intel.com>
Cc: Zhang Chao <chao.b.zh...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: chenc2 <chen.a.c...@intel.com>
---
 CryptoPkg/Include/Library/BaseCryptLib.h   | 33 ++
 .../Library/BaseCryptLib/Pk/CryptPkcs7Verify.c |  3 ++
 .../Library/BaseCryptLib/Pk/CryptPkcs7VerifyNull.c |  3 ++
 3 files changed, 39 insertions(+)

diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h 
b/CryptoPkg/Include/Library/BaseCryptLib.h
index e2b6a95666..3fd9a3c911 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -2377,6 +2377,36 @@ Pkcs5HashPassword (
   );
 
 /**
+  The 3rd parameter of Pkcs7GetSigners will return all embedded
+  X.509 certificate in one given PKCS7 signature. The format is:
+  //
+  // UINT8  CertNumber;
+  // UINT32 Cert1Length;
+  // UINT8  Cert1[];
+  // UINT32 Cert2Length;
+  // UINT8  Cert2[];
+  // ...
+  // UINT32 CertnLength;
+  // UINT8  Certn[];
+  //
+
+  The two following C-structure are used for parsing CertStack more clearly.
+**/
+#pragma pack(1)
+
+typedef struct {
+  UINT32CertDataLength;   // The length in bytes of X.509 certificate.
+  UINT8 CertDataBuffer[0];// The X.509 certificate content (DER).
+}EFI_CERT_DATA;
+
+typedef struct {
+  UINT8 CertNumber;   // Number of X.509 certificate.
+  //EFI_CERT_DATA   CertArray[];  // An array of X.509 certificate.
+}EFI_CERT_STACK;
+
+#pragma pack()
+
+/**
   Get the signer's certificates from PKCS#7 signed data as described in "PKCS 
#7:
   Cryptographic Message Syntax Standard". The input signed data could be 
wrapped
   in a ContentInfo structure.
@@ -2390,6 +2420,7 @@ Pkcs5HashPassword (
   @param[out] CertStackPointer to Signer's certificates retrieved from 
P7Data.
It's caller's responsibility to free the buffer with
Pkcs7FreeSigners().
+   This data structure is EFI_CERT_STACK type.
   @param[out] StackLength  Length of signer's certificates in bytes.
   @param[out] TrustedCert  Pointer to a trusted certificate from Signer's 
certificates.
It's caller's responsibility to free the buffer 
with @@ -2437,9 +2468,11 @@ Pkcs7FreeSigners (
   @param[out] SignerChainCerts  Pointer to the certificates list chained to 
signer's
 certificate. It's caller's responsibility to 
free the buffer
 with Pkcs7FreeSigners().
+This data structure is EFI_CERT_STACK type.
   @param[out] ChainLength   Length of the chained certificates list buffer 
in bytes.
   @param[out] UnchainCerts  Pointer to the unchained certificates lists. 
It's caller's
 responsibility to free the buffer with 
Pkcs7FreeSigners().
+This data structure is EFI_CERT_STACK type.
   @param[out] UnchainLength Length of the unchained certificates list 
buffer in bytes.
 
   @retval  TRUE The operation is finished successfully.
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
index 296df028b1..fe8e5950f9 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
@@ -242,6 +242,7 @@ _Exit:
   @param[out] CertStackPointer to Signer's certificates retrieved from 
P7Data.
It's caller's responsibility to free the buffer with
Pkcs7FreeSigners().
+   This data structure is EFI_CERT_STACK type.
   @param[out] StackLength  Length of signer's certificates in bytes.
   @param[out] TrustedCert  Pointer to a trusted certificate from Signer's 
certificates.
It's caller's responsibility to free the buffer 
with @@ -442,9 +443,11 @@ Pkc

Re: [edk2] [PATCH 2/2] SecurityPkg/AuthVariableLib: Use EFI_CERT_DATA to parse certificate

2017-11-06 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of chenc2
Sent: Tuesday, November 7, 2017 9:05 AM
To: edk2-devel@lists.01.org
Cc: Zhang, Chao B <chao.b.zh...@intel.com>; Long, Qin <qin.l...@intel.com>
Subject: [edk2] [PATCH 2/2] SecurityPkg/AuthVariableLib: Use EFI_CERT_DATA to 
parse certificate

The function Pkcs7GetSigners return certificate stack as binary buffer.
Use EFI_CERT_DATA to parsing certificate stack more clearly, and access 
certificate by the field of EFI_CERT_DATA structure.

Cc: Long Qin <qin.l...@intel.com>
Cc: Zhang Chao <chao.b.zh...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: chenc2 <chen.a.c...@intel.com>
---
 SecurityPkg/Library/AuthVariableLib/AuthService.c | 12 
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c 
b/SecurityPkg/Library/AuthVariableLib/AuthService.c
index 6cbeb98535..213a524f27 100644
--- a/SecurityPkg/Library/AuthVariableLib/AuthService.c
+++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c
@@ -1828,6 +1828,7 @@ VerifyTimeBasedPayload (
   UINT8*CertsInCertDb;
   UINT32   CertsSizeinDb;
   UINT8Sha256Digest[SHA256_DIGEST_SIZE];
+  EFI_CERT_DATA*CertDataPtr;
 
   //
   // 1. TopLevelCert is the top-level issuer certificate in signature Signer 
Cert Chain @@ -1841,6 +1842,7 @@ VerifyTimeBasedPayload (
   SignerCerts= NULL;
   TopLevelCert   = NULL;
   CertsInCertDb  = NULL;
+  CertDataPtr= NULL;
 
   //
   // When the attribute EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS is 
@@ -2098,9 +2100,10 @@ VerifyTimeBasedPayload (
 //
 // Check hash of signer cert CommonName + Top-level issuer 
tbsCertificate against data in CertDb
 //
+CertDataPtr = (EFI_CERT_DATA *)(SignerCerts + 1);
 Status = CalculatePrivAuthVarSignChainSHA256Digest(
-   SignerCerts + sizeof(UINT8) + sizeof(UINT32),
-   ReadUnaligned32 ((UINT32 *)(SignerCerts + sizeof(UINT8))),
+   CertDataPtr->CertDataBuffer,
+   ReadUnaligned32 ((UINT32 
+ *)&(CertDataPtr->CertDataLength)),
TopLevelCert,
TopLevelCertSize,
Sha256Digest
@@ -2135,12 +2138,13 @@ VerifyTimeBasedPayload (
   //
   // When adding a new common authenticated variable, always save Hash of 
cn of signer cert + tbsCertificate of Top-level issuer
   //
+  CertDataPtr = (EFI_CERT_DATA *)(SignerCerts + 1);
   Status = InsertCertsToDb (
  VariableName,
  VendorGuid,
  Attributes,
- SignerCerts + sizeof(UINT8) + sizeof(UINT32),
- ReadUnaligned32 ((UINT32 *)(SignerCerts + sizeof(UINT8))),
+ CertDataPtr->CertDataBuffer,
+ ReadUnaligned32 ((UINT32 
+ *)&(CertDataPtr->CertDataLength)),
  TopLevelCert,
  TopLevelCertSize
  );
--
2.13.2.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH 3/3] MdeModulePkg: Deprecate EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS

2017-11-01 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


-Original Message-
From: Zhang, Chao B 
Sent: Tuesday, October 31, 2017 2:35 PM
To: edk2-devel@lists.01.org
Cc: Long, Qin <qin.l...@intel.com>; Zeng, Star <star.z...@intel.com>; Zhang, 
Chao B <chao.b.zh...@intel.com>
Subject: [PATCH 3/3] MdeModulePkg: Deprecate 
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS

Mark EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS as deprecated.
1. Make SetVariable/QueryVariableInfo return EFI_UNSUPPORTED with this
   attribute
2. No change to GetVariable/GetNextVariableName Also update several function 
descriptors accordingly

Cc: Long Qin <qin.l...@intel.com>
Cc: Star Zeng <star.z...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
 MdeModulePkg/Include/Guid/VariableFormat.h |  9 +++--
 MdeModulePkg/Include/Library/AuthVariableLib.h |  7 +++
 MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.c |  7 +++
 MdeModulePkg/Library/UefiBootManagerLib/BmMisc.c   |  8 +++-
 MdeModulePkg/Library/UefiBootManagerLib/InternalBm.h   |  8 +++-
 MdeModulePkg/Universal/BdsDxe/Bds.h| 10 --
 MdeModulePkg/Universal/BdsDxe/BdsEntry.c   |  8 +++-
 MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c |  4 ++--
 MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c  |  5 -
 MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h  |  1 -
 10 files changed, 32 insertions(+), 35 deletions(-)

diff --git a/MdeModulePkg/Include/Guid/VariableFormat.h 
b/MdeModulePkg/Include/Guid/VariableFormat.h
index ce71aab..b0c2616 100644
--- a/MdeModulePkg/Include/Guid/VariableFormat.h
+++ b/MdeModulePkg/Include/Guid/VariableFormat.h
@@ -2,7 +2,7 @@
   The variable data structures are related to EDK II-specific implementation 
of UEFI variables.
   VariableFormat.h defines variable data headers and variable storage region 
headers.
 
-Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.
 This program and the accompanying materials are licensed and made available 
under  the terms and conditions of the BSD License that accompanies this 
distribution.
 The full text of the license may be found at @@ -115,11 +115,16 @@ typedef 
struct {  ///
 #define VARIABLE_ATTRIBUTE_NV_BS(EFI_VARIABLE_NON_VOLATILE | 
EFI_VARIABLE_BOOTSERVICE_ACCESS)
 #define VARIABLE_ATTRIBUTE_BS_RT(EFI_VARIABLE_BOOTSERVICE_ACCESS | 
EFI_VARIABLE_RUNTIME_ACCESS)
-#define VARIABLE_ATTRIBUTE_AT_AW
(EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | 
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS)
 #define VARIABLE_ATTRIBUTE_BS_RT_AT (VARIABLE_ATTRIBUTE_BS_RT | 
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)
 #define VARIABLE_ATTRIBUTE_NV_BS_RT (VARIABLE_ATTRIBUTE_BS_RT | 
EFI_VARIABLE_NON_VOLATILE)
 #define VARIABLE_ATTRIBUTE_NV_BS_RT_HR  (VARIABLE_ATTRIBUTE_NV_BS_RT | 
EFI_VARIABLE_HARDWARE_ERROR_RECORD)
 #define VARIABLE_ATTRIBUTE_NV_BS_RT_AT  (VARIABLE_ATTRIBUTE_NV_BS_RT | 
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)
+#define VARIABLE_ATTRIBUTE_AT   
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
+#define VARIABLE_ATTRIBUTE_NV_BS_RT_HR_AT(VARIABLE_ATTRIBUTE_NV_BS_RT_HR | 
VARIABLE_ATTRIBUTE_AT)
+///
+/// EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is deprecated and should be 
+considered as reserved ///
+#define VARIABLE_ATTRIBUTE_AT_AW
(EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | 
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS)
 #define VARIABLE_ATTRIBUTE_NV_BS_RT_AW  (VARIABLE_ATTRIBUTE_NV_BS_RT | 
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS)
 #define VARIABLE_ATTRIBUTE_NV_BS_RT_HR_AT_AW
(VARIABLE_ATTRIBUTE_NV_BS_RT_HR | VARIABLE_ATTRIBUTE_AT_AW)
 
diff --git a/MdeModulePkg/Include/Library/AuthVariableLib.h 
b/MdeModulePkg/Include/Library/AuthVariableLib.h
index 0731b8d..bdf5963 100644
--- a/MdeModulePkg/Include/Library/AuthVariableLib.h
+++ b/MdeModulePkg/Include/Library/AuthVariableLib.h
@@ -1,7 +1,7 @@
 /** @file
   Provides services to initialize and process authenticated variables.
 
-Copyright (c) 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
 This program and the accompanying materials are licensed and made available 
under  the terms and conditions of the BSD License that accompanies this 
distribution.
 The full text of the license may be found at @@ -228,7 +228,7 @@ 
AuthVariableLibInitialize (
   );
 
 /**
-  Process variable with 
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS/EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
 set.
+  Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
 
   @param[in] VariableName   Name of the variable.
   @param[in] VendorGuid

Re: [edk2] [PATCH 1/3] SecurityPkg: Remove Counter Based AuthVariable support

2017-11-01 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang, 
Chao B
Sent: Tuesday, October 31, 2017 2:35 PM
To: edk2-devel@lists.01.org
Cc: Zhang, Chao B <chao.b.zh...@intel.com>; Zeng, Star <star.z...@intel.com>; 
Long, Qin <qin.l...@intel.com>
Subject: [edk2] [PATCH 1/3] SecurityPkg: Remove Counter Based AuthVariable 
support

Remove counter based auth variable support. also modify several function 
descriptors to accommodate the change

Cc: Long Qin <qin.l...@intel.com>
Cc: Star Zeng <star.z...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
 SecurityPkg/Library/AuthVariableLib/AuthService.c  | 501 + 
 .../Library/AuthVariableLib/AuthServiceInternal.h  |  67 +--
 .../Library/AuthVariableLib/AuthVariableLib.c  |  89 +---
 .../MemoryOverwriteRequestControlLock/TcgMorLock.c |   2 +-
 .../MemoryOverwriteRequestControlLock/TcgMorLock.h |   4 +-
 .../TcgMorLockSmm.c|   2 +-
 6 files changed, 37 insertions(+), 628 deletions(-)

diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c 
b/SecurityPkg/Library/AuthVariableLib/AuthService.c
index 7188ff6..aafc057 100644
--- a/SecurityPkg/Library/AuthVariableLib/AuthService.c
+++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c
@@ -144,50 +144,6 @@ AuthServiceInternalUpdateVariable (
   @param[in] Data   Data pointer.
   @param[in] DataSize   Size of Data.
   @param[in] Attributes Attribute value of the variable.
-  @param[in] KeyIndex   Index of associated public key.
-  @param[in] MonotonicCount Value of associated monotonic count.
-
-  @retval EFI_SUCCESS   The update operation is success.
-  @retval EFI_INVALID_PARAMETER Invalid parameter.
-  @retval EFI_WRITE_PROTECTED   Variable is write-protected.
-  @retval EFI_OUT_OF_RESOURCES  There is not enough resource.
-
-**/
-EFI_STATUS
-AuthServiceInternalUpdateVariableWithMonotonicCount (
-  IN CHAR16 *VariableName,
-  IN EFI_GUID   *VendorGuid,
-  IN VOID   *Data,
-  IN UINTN  DataSize,
-  IN UINT32 Attributes,
-  IN UINT32 KeyIndex,
-  IN UINT64 MonotonicCount
-  )
-{
-  AUTH_VARIABLE_INFOAuthVariableInfo;
-
-  ZeroMem (, sizeof (AuthVariableInfo));
-  AuthVariableInfo.VariableName = VariableName;
-  AuthVariableInfo.VendorGuid = VendorGuid;
-  AuthVariableInfo.Data = Data;
-  AuthVariableInfo.DataSize = DataSize;
-  AuthVariableInfo.Attributes = Attributes;
-  AuthVariableInfo.PubKeyIndex = KeyIndex;
-  AuthVariableInfo.MonotonicCount = MonotonicCount;
-
-  return mAuthVarLibContextIn->UpdateVariable (
-   
-   );
-}
-
-/**
-  Update the variable region with Variable information.
-
-  @param[in] VariableName   Name of variable.
-  @param[in] VendorGuid Guid of variable.
-  @param[in] Data   Data pointer.
-  @param[in] DataSize   Size of Data.
-  @param[in] Attributes Attribute value of the variable.
   @param[in] TimeStamp  Value of associated TimeStamp.
 
   @retval EFI_SUCCESS   The update operation is success.
@@ -300,306 +256,6 @@ InCustomMode (
 }
 
 /**
-  Get available public key index.
-
-  @param[in] PubKey Pointer to Public Key data.
-
-  @return Public key index, 0 if no any public key index available.
-
-**/
-UINT32
-GetAvailableKeyIndex (
-  IN  UINT8 *PubKey
-  )
-{
-  EFI_STATUSStatus;
-  UINT8 *Data;
-  UINTN DataSize;
-  UINT8 *Ptr;
-  UINT32Index;
-  BOOLEAN   IsFound;
-  EFI_GUID  VendorGuid;
-  CHAR16Name[1];
-  AUTH_VARIABLE_INFOAuthVariableInfo;
-  UINT32KeyIndex;
-
-  Status = AuthServiceInternalFindVariable (
- AUTHVAR_KEYDB_NAME,
- ,
- (VOID **) ,
- 
- );
-  if (EFI_ERROR (Status)) {
-DEBUG ((EFI_D_ERROR, "Get public key database variable failure, Status = 
%r\n", Status));
-return 0;
-  }
-
-  if (mPubKeyNumber == mMaxKeyNumber) {
-Name[0] = 0;
-AuthVariableInfo.VariableName = Name;
-ZeroMem (, sizeof (VendorGuid));
-AuthVariableInfo.VendorGuid = 
-mPubKeyNumber = 0;
-//
-// Collect valid key data.
-//
-do {
-  Status = mAuthVarLibContextIn->FindNextVariable 
(AuthVariableInfo.VariableName, AuthVariableInfo.VendorGuid, );
-  if (!EFI_ERROR (Status)) {
-if (AuthVariableInfo.PubKeyIndex != 0) {
-  for (Ptr = Data; Ptr < (Data + DataSize); Ptr += sizeof 
(AUTHVAR_KEY_DB_DATA)) {
-if (ReadUnaligned32 (&(((AUTHVAR

Re: [edk2] [PATCH 2/3] MdePkg: Deprecate EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS

2017-11-01 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang, 
Chao B
Sent: Tuesday, October 31, 2017 2:35 PM
To: edk2-devel@lists.01.org
Cc: Zhang, Chao B <chao.b.zh...@intel.com>; Zeng, Star <star.z...@intel.com>; 
Long, Qin <qin.l...@intel.com>
Subject: [edk2] [PATCH 2/3] MdePkg: Deprecate 
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS

Mark EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS as deprecated. Also update some 
function descriptors accordingly.

Cc: Long Qin <qin.l...@intel.com>
Cc: Star Zeng <star.z...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
 MdePkg/Include/Uefi/UefiMultiPhase.h   | 8 +---
 MdePkg/Include/Uefi/UefiSpec.h | 8 +++-
 MdePkg/Library/UefiRuntimeLib/RuntimeLib.c | 4 ++--
 3 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/MdePkg/Include/Uefi/UefiMultiPhase.h 
b/MdePkg/Include/Uefi/UefiMultiPhase.h
index 9f1ef3e..0dcbb1b 100644
--- a/MdePkg/Include/Uefi/UefiMultiPhase.h
+++ b/MdePkg/Include/Uefi/UefiMultiPhase.h
@@ -1,7 +1,7 @@
 /** @file
   This includes some definitions introduced in UEFI that will be used in both 
PEI and DXE phases.
 
-Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.
 This program and the accompanying materials are licensed and made available 
under  the terms and conditions of the BSD License that accompanies this 
distribution.
 The full text of the license may be found at @@ -169,10 +169,12 @@ typedef 
struct {  ///  /// Attributes of Authenticated Variable  ///
-#define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS  0x0010
 #define EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS   0x0020
 #define EFI_VARIABLE_APPEND_WRITE0x0040
-
+///
+/// NOTE: EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is deprecated and should be 
considered reserved.
+///
+#define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS  0x0010
 
 ///
 /// AuthInfo is a WIN_CERTIFICATE using the wCertificateType diff --git 
a/MdePkg/Include/Uefi/UefiSpec.h b/MdePkg/Include/Uefi/UefiSpec.h index 
d394127..92575ae 100644
--- a/MdePkg/Include/Uefi/UefiSpec.h
+++ b/MdePkg/Include/Uefi/UefiSpec.h
@@ -701,8 +701,7 @@ EFI_STATUS
  then EFI_INVALID_PARAMETER is returned.
   @param[in]  VendorGuid A unique identifier for the vendor.
   @param[in]  Attributes Attributes bitmask to set for the variable.
-  @param[in]  DataSize   The size in bytes of the Data buffer. Unless 
the EFI_VARIABLE_APPEND_WRITE, 
- EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS, or 
+  @param[in]  DataSize   The size in bytes of the Data buffer. Unless 
the EFI_VARIABLE_APPEND_WRITE or
  
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute is set, a size of 
zero 
  causes the variable to be deleted. When the 
EFI_VARIABLE_APPEND_WRITE attribute is 
  set, then a SetVariable() call with a 
DataSize of zero will not cause any change to @@ -721,9 +720,8 @@ EFI_STATUS
   @retval EFI_DEVICE_ERROR   The variable could not be retrieved due to a 
hardware error.
   @retval EFI_WRITE_PROTECTEDThe variable in question is read-only.
   @retval EFI_WRITE_PROTECTEDThe variable in question cannot be deleted.
-  @retval EFI_SECURITY_VIOLATION The variable could not be written due to 
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 
- or 
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS being set, but the AuthInfo 
- does NOT pass the validation check carried 
out by the firmware.
+  @retval EFI_SECURITY_VIOLATION The variable could not be written due to 
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS being set,
+ but the AuthInfo does NOT pass the validation 
check carried out by the firmware.
   
   @retval EFI_NOT_FOUND  The variable trying to be updated or deleted 
was not found.
 
diff --git a/MdePkg/Library/UefiRuntimeLib/RuntimeLib.c 
b/MdePkg/Library/UefiRuntimeLib/RuntimeLib.c
index 63ae976..ba8b862 100644
--- a/MdePkg/Library/UefiRuntimeLib/RuntimeLib.c
+++ b/MdePkg/Library/UefiRuntimeLib/RuntimeLib.c
@@ -6,7 +6,7 @@
   OS virtual address space. All pointer values are different for a virtual 
   mapping than from the normal physical mapping at boot services time.
 
-Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.
 This program and the accompanying materials  are licensed and made available 
under the terms and conditions of the BSD License  which accompanies this 
distribution.

[edk2] [PATCH v2 1/2] CryptoPkg/BaseCryptLib: Fix buffer overflow issue in realloc wrapper

2017-11-01 Thread Long Qin 
There is one long-standing problem in CRT realloc wrapper, which will
cause the obvious buffer overflow issue when re-allocating one bigger
memory block:
void *realloc (void *ptr, size_t size)
{
  //
  // BUG: hardcode OldSize == size! We have no any knowledge about
  // memory size of original pointer ptr.
  //
  return ReallocatePool ((UINTN) size, (UINTN) size, ptr);
}
This patch introduces one extra header to record the memory buffer size
information when allocating memory block from malloc routine, and re-wrap
the realloc() and free() routines to remove this BUG.

Cc: Laszlo Ersek 
Cc: Ting Ye 
Cc: Jian J Wang 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long 
---
 .../BaseCryptLib/SysCall/BaseMemAllocation.c   | 83 --
 1 file changed, 76 insertions(+), 7 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c 
b/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
index f390e0d449..19c071e2bf 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
@@ -16,6 +16,18 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER 
EXPRESS OR IMPLIED.
 #include 
 #include 
 
+//
+// Extra header to record the memory buffer size from malloc routine.
+//
+#define CRYPTMEM_HEAD_SIGNATURESIGNATURE_32('c','m','h','d')
+typedef struct {
+  UINT32Signature;
+  UINT32Reserved;
+  UINTN Size;
+} CRYPTMEM_HEAD;
+
+#define CRYPTMEM_OVERHEAD  sizeof(CRYPTMEM_HEAD)
+
 //
 // -- Memory-Allocation Routines --
 //
@@ -23,27 +35,84 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER 
EXPRESS OR IMPLIED.
 /* Allocates memory blocks */
 void *malloc (size_t size)
 {
-  return AllocatePool ((UINTN) size);
+  CRYPTMEM_HEAD  *PoolHdr;
+  UINTN  NewSize;
+  VOID   *Data;
+
+  //
+  // Adjust the size by the buffer header overhead
+  //
+  NewSize = (UINTN)(size) + CRYPTMEM_OVERHEAD;
+
+  Data  = AllocatePool (NewSize);
+  if (Data != NULL) {
+PoolHdr = (CRYPTMEM_HEAD *)Data;
+//
+// Record the memory brief information
+//
+PoolHdr->Signature = CRYPTMEM_HEAD_SIGNATURE;
+PoolHdr->Size  = size;
+
+return (VOID *)(PoolHdr + 1);
+  } else {
+//
+// The buffer allocation failed.
+//
+return NULL;
+  }
 }
 
 /* Reallocate memory blocks */
 void *realloc (void *ptr, size_t size)
 {
-  //
-  // BUG: hardcode OldSize == size! We have no any knowledge about
-  // memory size of original pointer ptr.
-  //
-  return ReallocatePool ((UINTN) size, (UINTN) size, ptr);
+  CRYPTMEM_HEAD  *OldPoolHdr;
+  CRYPTMEM_HEAD  *NewPoolHdr;
+  UINTN  OldSize;
+  UINTN  NewSize;
+  VOID   *Data;
+
+  NewSize = (UINTN)size + CRYPTMEM_OVERHEAD;
+  Data = AllocatePool (NewSize);
+  if (Data != NULL) {
+NewPoolHdr = (CRYPTMEM_HEAD *)Data;
+NewPoolHdr->Signature = CRYPTMEM_HEAD_SIGNATURE;
+NewPoolHdr->Size  = size;
+if (ptr != NULL) {
+  //
+  // Retrieve the original size from the buffer header.
+  //
+  OldPoolHdr = (CRYPTMEM_HEAD *)ptr - 1;
+  ASSERT (OldPoolHdr->Signature == CRYPTMEM_HEAD_SIGNATURE);
+  OldSize = OldPoolHdr->Size;
+
+  //
+  // Duplicate the buffer content.
+  //
+  CopyMem ((VOID *)(NewPoolHdr + 1), ptr, MIN (OldSize, size));
+  FreePool ((VOID *)OldPoolHdr);
+}
+
+return (VOID *)(NewPoolHdr + 1);
+  } else {
+//
+// The buffer allocation failed.
+//
+return NULL;
+  }
 }
 
 /* De-allocates or frees a memory block */
 void free (void *ptr)
 {
+  CRYPTMEM_HEAD  *PoolHdr;
+
   //
   // In Standard C, free() handles a null pointer argument transparently. This
   // is not true of FreePool() below, so protect it.
   //
   if (ptr != NULL) {
-FreePool (ptr);
+PoolHdr = (CRYPTMEM_HEAD *)ptr - 1;
+ASSERT (PoolHdr->Signature == CRYPTMEM_HEAD_SIGNATURE);
+FreePool (PoolHdr);
   }
 }
-- 
2.14.1.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH v2 2/2] CryptoPkg/BaseCryptLib: Fix mismatched memory allocation/free

2017-11-01 Thread Long Qin 
The malloc/free (instead of AllocatePool/FreePool) were used directly
in some wrapper implementations, which was designed to leverage the
light-weight memory management routines at Runtime phase.
The malloc/free and AllocatePool/FreePool usages are required to be
matched, after extra memory size info header was introduced in malloc
wrapper.

This patch corrects two memory allocation cases, which requires the
caller to free the buffer with FreePool() outside the function call.

And some comments were also added to clarify the correct memory
release functions if it's the caller's responsibility to free the
memory buffer.

Cc: Laszlo Ersek 
Cc: Ting Ye 
Cc: Jian J Wang 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long 
---
 CryptoPkg/Include/Library/BaseCryptLib.h | 16 ++--
 CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c   |  5 +++--
 CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7SignNull.c   |  3 ++-
 CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c | 15 +--
 CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyNull.c | 13 -
 5 files changed, 32 insertions(+), 20 deletions(-)

diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h 
b/CryptoPkg/Include/Library/BaseCryptLib.h
index 5f67ecb709..e2b6a95666 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -2388,10 +2388,12 @@ Pkcs5HashPassword (
   @param[in]  P7Data   Pointer to the PKCS#7 message to verify.
   @param[in]  P7Length Length of the PKCS#7 message in bytes.
   @param[out] CertStackPointer to Signer's certificates retrieved from 
P7Data.
-   It's caller's responsibility to free the buffer.
+   It's caller's responsibility to free the buffer with
+   Pkcs7FreeSigners().
   @param[out] StackLength  Length of signer's certificates in bytes.
   @param[out] TrustedCert  Pointer to a trusted certificate from Signer's 
certificates.
-   It's caller's responsibility to free the buffer.
+   It's caller's responsibility to free the buffer with
+   Pkcs7FreeSigners().
   @param[out] CertLength   Length of the trusted certificate in bytes.
 
   @retval  TRUEThe operation is finished successfully.
@@ -2433,10 +2435,11 @@ Pkcs7FreeSigners (
   @param[in]  P7DataPointer to the PKCS#7 message.
   @param[in]  P7Length  Length of the PKCS#7 message in bytes.
   @param[out] SignerChainCerts  Pointer to the certificates list chained to 
signer's
-certificate. It's caller's responsibility to 
free the buffer.
+certificate. It's caller's responsibility to 
free the buffer
+with Pkcs7FreeSigners().
   @param[out] ChainLength   Length of the chained certificates list buffer 
in bytes.
   @param[out] UnchainCerts  Pointer to the unchained certificates lists. 
It's caller's
-responsibility to free the buffer.
+responsibility to free the buffer with 
Pkcs7FreeSigners().
   @param[out] UnchainLength Length of the unchained certificates list 
buffer in bytes.
 
   @retval  TRUE The operation is finished successfully.
@@ -2472,7 +2475,8 @@ Pkcs7GetCertificatesList (
   @param[in]  OtherCerts   Pointer to an optional additional set of 
certificates to
include in the PKCS#7 signedData (e.g. any 
intermediate
CAs in the chain).
-  @param[out] SignedData   Pointer to output PKCS#7 signedData.
+  @param[out] SignedData   Pointer to output PKCS#7 signedData. It's 
caller's
+   responsibility to free the buffer with 
FreePool().
   @param[out] SignedDataSize   Size of SignedData in bytes.
 
   @retval TRUE PKCS#7 data signing succeeded.
@@ -2540,7 +2544,7 @@ Pkcs7Verify (
   @param[in]   P7Data   Pointer to the PKCS#7 signed data to process.
   @param[in]   P7Length Length of the PKCS#7 signed data in bytes.
   @param[out]  Content  Pointer to the extracted content from the PKCS#7 
signedData.
-It's caller's responsibility to free the buffer.
+It's caller's responsibility to free the buffer 
with FreePool().
   @param[out]  ContentSize  The size of the extracted content in bytes.
 
   @retval TRUE  The P7Data was correctly formatted for processing.
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c
index d3b1a907aa..0f61d4b4ad 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c
+++

[edk2] [PATCH v2 0/2] CryptoPkg/BaseCryptLib: Correct CRT realloc Wrapper

2017-11-01 Thread Long Qin 
V2 Update: Add NULL check for memory allocation failure.

There is one long-standing problem in current CRT realloc wrapper
implementation, which will cause the obvious buffer overflow issue
when re-allocating memory block.
One BZ report: https://bugzilla.tianocore.org/show_bug.cgi?id=605

This patch series is to fix this buffer overflow issue by introducing
one extra header to record the memory buffer size information.
And extra comments were also added to clarify the memory release routines
if the caller is required to free the memory block outside the function.

Long Qin (2):
  CryptoPkg/BaseCryptLib: Fix buffer overflow issue in realloc wrapper
  CryptoPkg/BaseCryptLib: Fix mismatched memory allocation/free

 CryptoPkg/Include/Library/BaseCryptLib.h   | 16 +++--
 CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c |  5 +-
 .../Library/BaseCryptLib/Pk/CryptPkcs7SignNull.c   |  3 +-
 .../Library/BaseCryptLib/Pk/CryptPkcs7Verify.c | 15 ++--
 .../Library/BaseCryptLib/Pk/CryptPkcs7VerifyNull.c | 13 ++--
 .../BaseCryptLib/SysCall/BaseMemAllocation.c   | 83 --
 6 files changed, 108 insertions(+), 27 deletions(-)

-- 
2.14.1.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH 1/2] CryptoPkg/BaseCryptLib: Fix buffer overflow issue in realloc wrapper

2017-11-01 Thread Long, Qin 
Thanks, Jian. It's great to pass the validation. 
And exactly, the null data checking was missed. I will re-produce the V2 patch. 


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Wang, Jian J 
Sent: Wednesday, November 1, 2017 3:28 PM
To: Long, Qin <qin.l...@intel.com>; edk2-devel@lists.01.org
Cc: Ye, Ting <ting...@intel.com>; ler...@redhat.com
Subject: RE: [PATCH 1/2] CryptoPkg/BaseCryptLib: Fix buffer overflow issue in 
realloc wrapper

Hi Qin,

Thanks for fixing this issue. Please find my comments below.

Besides that, the patch has been passed the boot validation.

Validated-by: Jian J Wang <jian.j.w...@intel.com>

Thanks,
Jian

> -Original Message-
> From: Long, Qin
> Sent: Tuesday, October 31, 2017 4:39 PM
> To: edk2-devel@lists.01.org
> Cc: Ye, Ting <ting...@intel.com>; ler...@redhat.com; Wang, Jian J 
> <jian.j.w...@intel.com>; Long, Qin <qin.l...@intel.com>
> Subject: [PATCH 1/2] CryptoPkg/BaseCryptLib: Fix buffer overflow issue 
> in realloc wrapper
> 
> There is one long-standing problem in CRT realloc wrapper, which will 
> cause the obvious buffer overflow issue when re-allocating one bigger 
> memory block:
> void *realloc (void *ptr, size_t size)
> {
>   //
>   // BUG: hardcode OldSize == size! We have no any knowledge about
>   // memory size of original pointer ptr.
>   //
>   return ReallocatePool ((UINTN) size, (UINTN) size, ptr);
> }
> This patch introduces one extra header to record the memory buffer 
> size information when allocating memory block from malloc routine, and 
> re-wrap the realloc() and free() routines to remove this BUG.
> 
> Cc: Laszlo Ersek <ler...@redhat.com>
> Cc: Ting Ye <ting...@intel.com>
> Cc: Jian J Wang <jian.j.w...@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Qin Long <qin.l...@intel.com>
> ---
>  .../BaseCryptLib/SysCall/BaseMemAllocation.c   | 72 +++-
> --
>  1 file changed, 65 insertions(+), 7 deletions(-)
> 
> diff --git 
> a/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
> b/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
> index f390e0d449..ed37a0ff39 100644
> --- a/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
> +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
> @@ -16,6 +16,18 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, 
> EITHER EXPRESS OR IMPLIED.
>  #include 
>  #include 
> 
> +//
> +// Extra header to record the memory buffer size from malloc routine.
> +//
> +#define CRYPTMEM_HEAD_SIGNATURESIGNATURE_32('c','m','h','d')
> +typedef struct {
> +  UINT32Signature;
> +  UINT32Reserved;
> +  UINTN Size;
> +} CRYPTMEM_HEAD;
> +
> +#define CRYPTMEM_OVERHEAD  sizeof(CRYPTMEM_HEAD)

Any consideration of the "Reserved" field, Padding? Alignment? Future 
extendibility?
[Long, Qin] There is no special consideration on this field. 
Just keep this style as other POOL_HEAD usage, and may be for possible 
future extension. 

> +
>  //
>  // -- Memory-Allocation Routines --
>  //
> @@ -23,27 +35,73 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, 
> EITHER EXPRESS OR IMPLIED.
>  /* Allocates memory blocks */
>  void *malloc (size_t size)
>  {
> -  return AllocatePool ((UINTN) size);
> +  CRYPTMEM_HEAD  *PoolHdr;
> +  UINTN  NewSize;
> +  VOID   *Data;
> +
> +  //
> +  // Adjust the size by the buffer header overhead  //  NewSize = 
> + (UINTN)(size) + CRYPTMEM_OVERHEAD;
> +
> +  Data  = AllocatePool (NewSize);
> +  if (Data != NULL) {
> +PoolHdr = (CRYPTMEM_HEAD *)Data;
> +//
> +// Record the memory brief information
> +//
> +PoolHdr->Signature = CRYPTMEM_HEAD_SIGNATURE;
> +PoolHdr->Size  = size;
> +  }
> +  return (VOID *)(PoolHdr + 1);
>  }
> 

Although it's very rare, the logic of code above doesn't consider case of Data 
== NULL.
And above code might not pass GCC build because there's a chance that PoolHdr 
is not initialized.

 [Long, Qin] Agree.


>  /* Reallocate memory blocks */
>  void *realloc (void *ptr, size_t size)  {
> -  //
> -  // BUG: hardcode OldSize == size! We have no any knowledge about
> -  // memory size of original pointer ptr.
> -  //
> -  return ReallocatePool ((UINTN) size, (UINTN) size, ptr);
> +  CRYPTMEM_HEAD  *OldPoolHdr;
> +  CRYPTMEM_HEAD  *NewPoolHdr;
> +  UINTN  OldSize;
> +  UINTN  NewSize;
> +  VOID   *Data;
> +
> +  NewSize = (UINTN)size + CRYPTMEM_OVERHEAD;  Data = AllocatePool 
> + (NewSize);  if (Data != NULL) {
> +NewPoolHdr = (CRYPTMEM_HEAD *)Data;
> +

[edk2] [PATCH 0/2] CryptoPkg/BaseCryptLib: Correct CRT realloc Wrapper

2017-10-31 Thread Long Qin 
There is one long-standing problem in current CRT realloc wrapper
implementation, which will cause the obvious buffer overflow issue
when re-allocating memory block.
One BZ report: https://bugzilla.tianocore.org/show_bug.cgi?id=605

This patch series is to fix this buffer overflow issue by introducing
one extra header to record the memory buffer size information.
And extra comments were also added to clarify the memory release routines
if the caller is required to free the memory block outside the function.

Long Qin (2):
  CryptoPkg/BaseCryptLib: Fix buffer overflow issue in realloc wrapper
  CryptoPkg/BaseCryptLib: Fix mismatched memory allocation/free

 CryptoPkg/Include/Library/BaseCryptLib.h   | 16 +++--
 CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c |  5 +-
 .../Library/BaseCryptLib/Pk/CryptPkcs7SignNull.c   |  3 +-
 .../Library/BaseCryptLib/Pk/CryptPkcs7Verify.c | 15 +++--
 .../Library/BaseCryptLib/Pk/CryptPkcs7VerifyNull.c | 13 ++--
 .../BaseCryptLib/SysCall/BaseMemAllocation.c   | 72 +++---
 6 files changed, 97 insertions(+), 27 deletions(-)

-- 
2.14.1.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 1/2] CryptoPkg/BaseCryptLib: Fix buffer overflow issue in realloc wrapper

2017-10-31 Thread Long Qin 
There is one long-standing problem in CRT realloc wrapper, which will
cause the obvious buffer overflow issue when re-allocating one bigger
memory block:
void *realloc (void *ptr, size_t size)
{
  //
  // BUG: hardcode OldSize == size! We have no any knowledge about
  // memory size of original pointer ptr.
  //
  return ReallocatePool ((UINTN) size, (UINTN) size, ptr);
}
This patch introduces one extra header to record the memory buffer size
information when allocating memory block from malloc routine, and re-wrap
the realloc() and free() routines to remove this BUG.

Cc: Laszlo Ersek 
Cc: Ting Ye 
Cc: Jian J Wang 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long 
---
 .../BaseCryptLib/SysCall/BaseMemAllocation.c   | 72 +++---
 1 file changed, 65 insertions(+), 7 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c 
b/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
index f390e0d449..ed37a0ff39 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
@@ -16,6 +16,18 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER 
EXPRESS OR IMPLIED.
 #include 
 #include 
 
+//
+// Extra header to record the memory buffer size from malloc routine.
+//
+#define CRYPTMEM_HEAD_SIGNATURESIGNATURE_32('c','m','h','d')
+typedef struct {
+  UINT32Signature;
+  UINT32Reserved;
+  UINTN Size;
+} CRYPTMEM_HEAD;
+
+#define CRYPTMEM_OVERHEAD  sizeof(CRYPTMEM_HEAD)
+
 //
 // -- Memory-Allocation Routines --
 //
@@ -23,27 +35,73 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER 
EXPRESS OR IMPLIED.
 /* Allocates memory blocks */
 void *malloc (size_t size)
 {
-  return AllocatePool ((UINTN) size);
+  CRYPTMEM_HEAD  *PoolHdr;
+  UINTN  NewSize;
+  VOID   *Data;
+
+  //
+  // Adjust the size by the buffer header overhead
+  //
+  NewSize = (UINTN)(size) + CRYPTMEM_OVERHEAD;
+
+  Data  = AllocatePool (NewSize);
+  if (Data != NULL) {
+PoolHdr = (CRYPTMEM_HEAD *)Data;
+//
+// Record the memory brief information
+//
+PoolHdr->Signature = CRYPTMEM_HEAD_SIGNATURE;
+PoolHdr->Size  = size;
+  }
+  return (VOID *)(PoolHdr + 1);
 }
 
 /* Reallocate memory blocks */
 void *realloc (void *ptr, size_t size)
 {
-  //
-  // BUG: hardcode OldSize == size! We have no any knowledge about
-  // memory size of original pointer ptr.
-  //
-  return ReallocatePool ((UINTN) size, (UINTN) size, ptr);
+  CRYPTMEM_HEAD  *OldPoolHdr;
+  CRYPTMEM_HEAD  *NewPoolHdr;
+  UINTN  OldSize;
+  UINTN  NewSize;
+  VOID   *Data;
+
+  NewSize = (UINTN)size + CRYPTMEM_OVERHEAD;
+  Data = AllocatePool (NewSize);
+  if (Data != NULL) {
+NewPoolHdr = (CRYPTMEM_HEAD *)Data;
+NewPoolHdr->Signature = CRYPTMEM_HEAD_SIGNATURE;
+NewPoolHdr->Size  = size;
+if (ptr != NULL) {
+  //
+  // Retrieve the original size from the buffer header.
+  //
+  OldPoolHdr = (CRYPTMEM_HEAD *)ptr - 1;
+  ASSERT (OldPoolHdr->Signature == CRYPTMEM_HEAD_SIGNATURE);
+  OldSize = OldPoolHdr->Size;
+
+  //
+  // Duplicate the buffer content.
+  //
+  CopyMem ((VOID *)(NewPoolHdr + 1), ptr, MIN (OldSize, size));
+  FreePool ((VOID *)OldPoolHdr);
+}
+  }
+
+  return (VOID *)(NewPoolHdr + 1);
 }
 
 /* De-allocates or frees a memory block */
 void free (void *ptr)
 {
+  CRYPTMEM_HEAD  *PoolHdr;
+
   //
   // In Standard C, free() handles a null pointer argument transparently. This
   // is not true of FreePool() below, so protect it.
   //
   if (ptr != NULL) {
-FreePool (ptr);
+PoolHdr = (CRYPTMEM_HEAD *)ptr - 1;
+ASSERT (PoolHdr->Signature == CRYPTMEM_HEAD_SIGNATURE);
+FreePool (PoolHdr);
   }
 }
-- 
2.14.1.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH v1 1/1] CryptoPkg/BaseCryptLib: remove some duplicate initializations.

2017-10-24 Thread Long, Qin 
The patch was already push @b5a985ca9237b551618cd97b1b71af2fff55e209
I forgot to inform that. Thanks, Laszlo.


Best Regards & Thanks,
LONG, Qin


-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Laszlo 
Ersek
Sent: Tuesday, October 24, 2017 3:51 PM
To: Long, Qin <qin.l...@intel.com>; Peter Jones <pjo...@redhat.com>
Cc: Ye, Ting <ting...@intel.com>; edk2-devel@lists.01.org
Subject: Re: [edk2] [PATCH v1 1/1] CryptoPkg/BaseCryptLib: remove some 
duplicate initializations.

Qin,

On 10/23/17 05:02, Long, Qin wrote:
> This looks good to me.
> Reviewed-by: Long Qin qin.l...@intel.com<mailto:qin.l...@intel.com>

Do you want me to push the patch, or do you prefer to push it yourself?

Thanks!
Laszlo

> From: Peter Jones [mailto:pjo...@redhat.com]
> Sent: Saturday, October 21, 2017 2:22 AM
> To: Laszlo Ersek <ler...@redhat.com>
> Cc: edk2-devel@lists.01.org; Shi, Steven <steven@intel.com>; Long, 
> Qin <qin.l...@intel.com>; Ye, Ting <ting...@intel.com>
> Subject: Re: [edk2] [PATCH v1 1/1] CryptoPkg/BaseCryptLib: remove some 
> duplicate initializations.
> 
>> Assuming the maintainers are fine with the patch as well, I suggest 
>> that they please replace the word "initializations" with 
>> "assignments" in the subject, to be pedantic on the C-lang level.
> 
> Well, that's why I said "initializations" instead of "initializers", 
> but if it's more clear to you, I'm fine with your way.
> 
>> (Side note: I would even move OldSize to a lot tighter scope:
>>
>>> diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c 
>>> b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
>>> index d564591cb7f9..31a9ecd59ff6 100644
>>> --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
>>> +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
>>> @@ -477,7 +477,6 @@ Pkcs7GetCertificatesList (
>>>UINT8*CertBuf;
>>>UINT8*OldBuf;
>>>UINTNBufferSize;
>>> -  UINTNOldSize;
>>>UINT8*SingleCert;
>>>UINTNCertSize;
>>>
>>> @@ -612,10 +611,11 @@ Pkcs7GetCertificatesList (
>>>
>>>if (CtxChain != NULL) {
>>>  BufferSize = sizeof (UINT8);
>>> -OldSize= BufferSize;
>>>  CertBuf= NULL;
>>>
>>>  for (Index = 0; ; Index++) {
>>> +  UINTN OldSize;
>>> +
>>>Status = X509PopCertificate (CtxChain, , );
>>>if (!Status) {
>>>  break;
>>> @@ -656,10 +656,11 @@ Pkcs7GetCertificatesList (
>>>
>>>if (CtxUntrusted != NULL) {
>>>  BufferSize = sizeof (UINT8);
>>> -OldSize= BufferSize;
>>>  CertBuf= NULL;
>>>
>>>  for (Index = 0; ; Index++) {
>>> +  UINTN OldSize;
>>> +
>>>Status = X509PopCertificate (CtxUntrusted, , );
>>>if (!Status) {
>>>  break;
>>
>> However, many edk2 maintainers don't like tight scoping like this.)
> 
> I had considered this and guessed it was probably against the coding 
> style or it would have been done this way already.  IMO it's better in every 
> way.
> 
> --
>   Peter
> 

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH v1 1/1] CryptoPkg/BaseCryptLib: remove some duplicate initializations.

2017-10-22 Thread Long, Qin 
This looks good to me.
Reviewed-by: Long Qin qin.l...@intel.com<mailto:qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

From: Peter Jones [mailto:pjo...@redhat.com]
Sent: Saturday, October 21, 2017 2:22 AM
To: Laszlo Ersek <ler...@redhat.com>
Cc: edk2-devel@lists.01.org; Shi, Steven <steven....@intel.com>; Long, Qin 
<qin.l...@intel.com>; Ye, Ting <ting...@intel.com>
Subject: Re: [edk2] [PATCH v1 1/1] CryptoPkg/BaseCryptLib: remove some 
duplicate initializations.

> Assuming the maintainers are fine with the patch as well, I suggest that
> they please replace the word "initializations" with "assignments" in the
> subject, to be pedantic on the C-lang level.

Well, that's why I said "initializations" instead of "initializers", but if
it's more clear to you, I'm fine with your way.

> (Side note: I would even move OldSize to a lot tighter scope:
>
> > diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c 
> > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
> > index d564591cb7f9..31a9ecd59ff6 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
> > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
> > @@ -477,7 +477,6 @@ Pkcs7GetCertificatesList (
> >UINT8*CertBuf;
> >UINT8*OldBuf;
> >UINTNBufferSize;
> > -  UINTNOldSize;
> >UINT8*SingleCert;
> >UINTNCertSize;
> >
> > @@ -612,10 +611,11 @@ Pkcs7GetCertificatesList (
> >
> >if (CtxChain != NULL) {
> >  BufferSize = sizeof (UINT8);
> > -OldSize= BufferSize;
> >  CertBuf= NULL;
> >
> >  for (Index = 0; ; Index++) {
> > +  UINTN OldSize;
> > +
> >Status = X509PopCertificate (CtxChain, , );
> >if (!Status) {
> >  break;
> > @@ -656,10 +656,11 @@ Pkcs7GetCertificatesList (
> >
> >if (CtxUntrusted != NULL) {
> >  BufferSize = sizeof (UINT8);
> > -OldSize= BufferSize;
> >  CertBuf= NULL;
> >
> >  for (Index = 0; ; Index++) {
> > +  UINTN OldSize;
> > +
> >Status = X509PopCertificate (CtxUntrusted, , );
> >if (!Status) {
> >  break;
>
> However, many edk2 maintainers don't like tight scoping like this.)

I had considered this and guessed it was probably against the coding style or
it would have been done this way already.  IMO it's better in every way.

--
  Peter
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch] NetworkPkg/TlsAuthConfigDxe: Remove the extra FreePool

2017-10-19 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Wu, Jiaxin 
Sent: Thursday, October 19, 2017 1:58 PM
To: edk2-devel@lists.01.org
Cc: Long, Qin <qin.l...@intel.com>; Ye, Ting <ting...@intel.com>; Fu, Siyuan 
<siyuan...@intel.com>; Wu, Jiaxin <jiaxin...@intel.com>
Subject: [Patch] NetworkPkg/TlsAuthConfigDxe: Remove the extra FreePool

Cc: Long Qin <qin.l...@intel.com>
Cc: Ye Ting <ting...@intel.com>
Cc: Fu Siyuan <siyuan...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin...@intel.com>
---
 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c 
b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c
index 351656f..403afbb 100644
--- a/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c
+++ b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c
@@ -1,9 +1,9 @@
 /** @file
   The DriverEntryPoint for TlsAuthConfigDxe driver.
 
-  Copyright (c) 2016, Intel Corporation. All rights reserved.
+  Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
   which accompanies this distribution.  The full text of the license may be 
found at
   http://opensource.org/licenses/bsd-license.php.
@@ -126,10 +126,9 @@ TlsAuthConfigDxeDriverEntryPoint (
 
   return EFI_SUCCESS;
 
 ON_ERROR:
   TlsAuthConfigFormUnload (PrivateData);
-  FreePool (PrivateData);
-
+  
   return Status;
 }
 
-- 
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] SecurityPkg:AuthVariableLib:Fix GCC build error

2017-10-17 Thread Long, Qin 
Agree. It's better to use CHAR8 directly.


From: Gary Lin [mailto:g...@suse.com]
Sent: Tuesday, October 17, 2017 10:10 AM
To: Zhang, Chao B <chao.b.zh...@intel.com>
Cc: edk2-devel@lists.01.org; Long, Qin <qin.l...@intel.com>
Subject: Re: [edk2] [PATCH] SecurityPkg:AuthVariableLib:Fix GCC build error

On Mon, Oct 16, 2017 at 10:08:29PM +0800, Zhang, Chao B wrote:
> Fix GCC build error
>
> Cc: Long Qin <qin.l...@intel.com<mailto:qin.l...@intel.com>>
> Cc: Gary Lin <g...@suse.com<mailto:g...@suse.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Chao Zhang 
> <chao.b.zh...@intel.com<mailto:chao.b.zh...@intel.com>>
> ---
>  SecurityPkg/Library/AuthVariableLib/AuthService.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c 
> b/SecurityPkg/Library/AuthVariableLib/AuthService.c
> index 7188ff6..1e7872a 100644
> --- a/SecurityPkg/Library/AuthVariableLib/AuthService.c
> +++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c
> @@ -1564,7 +1564,7 @@ CalculatePrivAuthVarSignChainSHA256Digest(
>//
>// Get SignerCert CommonName
>//
> -  Status = X509GetCommonName(SignerCert, SignerCertSize, CertCommonName, 
> );
> +  Status = X509GetCommonName(SignerCert, SignerCertSize, (CHAR8 
> *)CertCommonName, );
Hi Chao Zhang,

Although casting also silences the warning, why not declare
CertCommonName as CHAR8 directly? The only signedness check happens
in X509GetCommonName(). Sha256Update() requests "VOID *" so the
signedness doesn't matter. Besides, AsciiStrLen() also requests
CHAR8, so declaring CertCommonName as CHAR8 can remove the casting
altogether. What do you think?

Gary Lin

>if (EFI_ERROR(Status)) {
>  DEBUG((DEBUG_INFO, "%a Get SignerCert CommonName failed with status 
> %x\n", __FUNCTION__, Status));
>  return EFI_ABORTED;
> --
> 1.9.5.msysgit.1
>
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> https://lists.01.org/mailman/listinfo/edk2-devel
>
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] SecurityPkg/Pkcs7Verify: Add the comments to address security problem

2017-10-16 Thread Long, Qin 
Thanks, Chao.
The suggested change looks too neutral against this problem. I still prefer to 
keep the original language, which was also cited from the description of this 
spec ECR document. 


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Zhang, Chao B 
Sent: Monday, October 16, 2017 10:24 PM
To: Long, Qin <qin.l...@intel.com>; james.bottom...@hansenpartnership.com
Cc: edk2-devel@lists.01.org
Subject: RE: [PATCH] SecurityPkg/Pkcs7Verify: Add the comments to address 
security problem

Qin:
The bellowing checking log is a little confusing to me. 
   The specific problem is that if the supplied hash is a different 
algorithm from the blacklist hash, the hash will be approved even if it should 
have been denied.
 How about changing it to 
The backlist hash check may result in false negative given hashes from 
other different algorithms.
  
 Others are good to me. 
 Reviewed-by : Chao Zhang <chao.b.zh...@intel.com>

-Original Message-----
From: Long, Qin 
Sent: Thursday, October 12, 2017 9:18 AM
To: Zhang, Chao B <chao.b.zh...@intel.com>; 
james.bottom...@hansenpartnership.com
Cc: edk2-devel@lists.01.org; Long, Qin <qin.l...@intel.com>
Subject: [PATCH] SecurityPkg/Pkcs7Verify: Add the comments to address security 
problem

Add the comments to address security problems in the Pkcs7Verify Protocol per 
UEFI 2.7 updates.

The Pkcs7Verifier function VerifySignature() has problematic use cases where it 
might be used to unwittingly bypass security checks.  The specific problem is 
that if the supplied hash is a different algorithm from the blacklist hash, the 
hash will be approved even if it should have been denied. The added comments 
place a strong warning about the problem.
It is possible to use the protocol reliably, either by agreeing a hash to use 
for all time (like sha256) or by looping over all supported hashes when using 
the protocol.

Cc: Chao Zhang <chao.b.zh...@intel.com>
Cc: James Bottomley <james.bottom...@hansenpartnership.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.l...@intel.com>
---
 MdePkg/Include/Protocol/Pkcs7Verify.h   | 10 +-
 SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c |  8 
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/MdePkg/Include/Protocol/Pkcs7Verify.h 
b/MdePkg/Include/Protocol/Pkcs7Verify.h
index ca5ec75910..eaeda48300 100644
--- a/MdePkg/Include/Protocol/Pkcs7Verify.h
+++ b/MdePkg/Include/Protocol/Pkcs7Verify.h
@@ -6,7 +6,7 @@
   PKCS#7 is a general-purpose cryptographic standard (defined by RFC2315,
   available at http://tools.ietf.org/html/rfc2315).
 
-Copyright (c) 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
 This program and the accompanying materials are licensed and made available 
under  the terms and conditions of the BSD License that accompanies this 
distribution.
 The full text of the license may be found at @@ -140,6 +140,14 @@ EFI_STATUS
   verifies the signature of the content is valid and signing certificate was 
not revoked
   and is contained within a list of trusted signers.
 
+  Note: because this function uses hashes and the specification contains a 
variety of
+hash choices, you should be aware that the check against the RevokedDb 
list
+will improperly succeed if the signature is revoked using a different 
hash
+algorithm.  For this reason, you should either cycle through all UEFI 
supported
+hashes to see if one is forbidden, or rely on a single hash choice 
only if the
+UEFI signature authority only signs and revokes with a single hash (at 
time
+of writing, this hash choice is SHA256).
+
   @param[in] This Pointer to EFI_PKCS7_VERIFY_PROTOCOL 
instance.
   @param[in] SignaturePoints to buffer containing ASN.1 
DER-encoded PKCS
   detached signature.
diff --git a/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c 
b/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c
index 0da549a6bd..ac83e6d5c2 100644
--- a/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c
+++ b/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c
@@ -1321,6 +1321,14 @@ _Exit:
   verifies the signature of the content is valid and signing certificate was 
not revoked
   and is contained within a list of trusted signers.
 
+  Note: because this function uses hashes and the specification contains a 
variety of
+hash choices, you should be aware that the check against the RevokedDb 
list
+will improperly succeed if the signature is revoked using a different 
hash
+algorithm.  For this reason, you should either cycle through all UEFI 
supported
+hashes to see if one is forbidden, or rely on a single hash choice 
only if the
+UEFI signature autho

Re: [edk2] [PATCH V2] SecurityPkg\Tcg2Pei: FV measure performance enhancement

2017-10-13 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Zhang, Chao B 
Sent: Friday, October 13, 2017 3:26 PM
To: edk2-devel@lists.01.org
Cc: Long, Qin <qin.l...@intel.com>; Yao, Jiewen <jiewen@intel.com>; 
sean.bro...@microsoft.com; Zhang, Chao B <chao.b.zh...@intel.com>
Subject: [PATCH V2] SecurityPkg\Tcg2Pei: FV measure performance enhancement

1. Leverage Pre-Hashed FV PPI to reduce duplicated hash 2. Only measure BFV at 
the beginning. Other FVs are measured in FVinfo callback with nested
   FV check. https://bugzilla.tianocore.org/show_bug.cgi?id=662

Cc: Long Qin <qin.l...@intel.com>
Cc: Yao Jiewen <jiewen@intel.com>
Cc: Sean Brogan <sean.bro...@microsoft.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
 .../Include/Ppi/FirmwareVolumeInfoPrehashedFV.h|  70 ++
 SecurityPkg/SecurityPkg.dec|   7 +-
 SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c  | 245 +++--
 SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf|   2 +
 4 files changed, 250 insertions(+), 74 deletions(-)  create mode 100644 
SecurityPkg/Include/Ppi/FirmwareVolumeInfoPrehashedFV.h

diff --git a/SecurityPkg/Include/Ppi/FirmwareVolumeInfoPrehashedFV.h 
b/SecurityPkg/Include/Ppi/FirmwareVolumeInfoPrehashedFV.h
new file mode 100644
index 000..2273357
--- /dev/null
+++ b/SecurityPkg/Include/Ppi/FirmwareVolumeInfoPrehashedFV.h
@@ -0,0 +1,70 @@
+/** @file
+PPI to describe all hash digests for a given FV
+
+Copyright (c) 2017, Intel Corporation. All rights reserved. This 
+program and the accompanying materials are licensed and made available 
+under the terms and conditions of the BSD License which accompanies 
+this distribution.  The full text of the license may be found at 
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+/**
+PPI to describe all hash digests for a given FV
+
+Copyright (c) 2017, Microsoft Corporation
+
+All rights reserved.
+Redistribution and use in source and binary forms, with or without 
+modification, are permitted provided that the following conditions are met:
+1. Redistributions of source code must retain the above copyright 
+notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright 
+notice, this list of conditions and the following disclaimer in the 
+documentation  and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS 
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 
+TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 
PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR 
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
+STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 
+IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY 
OF SUCH DAMAGE.
+
+**/
+
+#ifndef __PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_H__
+#define __PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_H__
+
+#define EDKII_PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_PPI_GUID \  { 
+0x3ce1e631, 0x7008, 0x477c, { 0xad, 0xa7, 0x5d, 0xcf, 0xc7, 0xc1, 0x49, 
+0x4b } }
+
+//
+// HashAlgoId is TPM_ALG_ID in Tpm20.h
+//
+typedef struct _HASH_INFO {
+  UINT16 HashAlgoId;
+  UINT16 HashSize;
+  //UINT8Hash[];
+} HASH_INFO;
+
+//
+// This PPI indicates a FV is already hashed, platform should ensure 1:1 
mapping between pre-hashed PPI and FV.
+// The Count field in PPI is followed by Count number of FV hash info entries, 
which can be extended to PCR and logged to TCG event log directly by TCG 
modules.
+//
+typedef struct {
+  UINT32 FvBase;
+  UINT32 FvLength;
+  UINT32 Count;
+  //HASH_INFOHashInfo[];
+} EDKII_PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_PPI;
+
+extern EFI_GUID gEdkiiPeiFirmwareVolumeInfoPrehashedFvPpiGuid;
+
+#endif
+
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 
7a900dc..45d95c5 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -7,6 +7,7 @@
 #
 # Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.  # 
(C) Copyright 2015 Hew

Re: [edk2] [PATCH] SecurityPkg:AuthVariableLib:Implement ECR1707 for Private Auth Variable

2017-10-13 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Zhang, Chao B 
Sent: Thursday, October 12, 2017 5:14 PM
To: edk2-devel@lists.01.org
Cc: Long, Qin <qin.l...@intel.com>; Chen, Chen A <chen.a.c...@intel.com>; 
Zhang, Chao B <chao.b.zh...@intel.com>
Subject: [PATCH] SecurityPkg:AuthVariableLib:Implement ECR1707 for Private Auth 
Variable

ECR1707 for UEFI2.7 clarified certificate management rule for private 
time-based AuthVariable.Trusted cert rule changed from whole signer's 
certificate stack to top-level issuer cert tbscertificate + SignerCert CN for 
better management compatibility.
Hash is used to reduce storage overhead.

Cc: Long Qin <qin.l...@intel.com>
Cc: Chen Chen <chen.a.c...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
 SecurityPkg/Library/AuthVariableLib/AuthService.c | 208 ++
 1 file changed, 171 insertions(+), 37 deletions(-)

diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c 
b/SecurityPkg/Library/AuthVariableLib/AuthService.c
index a37ec0b..7188ff6 100644
--- a/SecurityPkg/Library/AuthVariableLib/AuthService.c
+++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c
@@ -1530,6 +1530,85 @@ AuthServiceInternalCompareTimeStamp (  }
 
 /**
+  Calculate SHA256 digest of SignerCert CommonName + ToplevelCert 
+ tbsCertificate  SignerCert and ToplevelCert are inside the signer certificate 
chain.
+
+  @param[in]  SignerCert  A pointer to SignerCert data.
+  @param[in]  SignerCertSize  Length of SignerCert data.
+  @param[in]  TopLevelCertA pointer to TopLevelCert data.
+  @param[in]  TopLevelCertSizeLength of TopLevelCert data.
+  @param[out] Sha256Digest   Sha256 digest calculated.
+
+  @return EFI_ABORTED  Digest process failed.
+  @return EFI_SUCCESS  SHA256 Digest is succesfully calculated.
+
+**/
+EFI_STATUS
+CalculatePrivAuthVarSignChainSHA256Digest(
+  IN UINT8*SignerCert,
+  IN UINTNSignerCertSize,
+  IN UINT8*TopLevelCert,
+  IN UINTNTopLevelCertSize,
+  OUTUINT8*Sha256Digest
+  )
+{
+  UINT8   *TbsCert;
+  UINTN   TbsCertSize;
+  UINT8   CertCommonName[128];
+  UINTN   CertCommonNameSize;
+  BOOLEAN CryptoStatus;
+  EFI_STATUS  Status;
+
+  CertCommonNameSize = sizeof(CertCommonName);
+
+  //
+  // Get SignerCert CommonName
+  //
+  Status = X509GetCommonName(SignerCert, SignerCertSize, 
+ CertCommonName, );  if (EFI_ERROR(Status)) {
+DEBUG((DEBUG_INFO, "%a Get SignerCert CommonName failed with status %x\n", 
__FUNCTION__, Status));
+return EFI_ABORTED;
+  }
+
+  //
+  // Get TopLevelCert tbsCertificate
+  //
+  if (!X509GetTBSCert(TopLevelCert, TopLevelCertSize, , )) 
{
+DEBUG((DEBUG_INFO, "%a Get Top-level Cert tbsCertificate failed!\n", 
__FUNCTION__));
+return EFI_ABORTED;
+  }
+
+  //
+  // Digest SignerCert CN + TopLevelCert tbsCertificate  //  ZeroMem 
+ (Sha256Digest, SHA256_DIGEST_SIZE);  CryptoStatus = Sha256Init 
+ (mHashCtx);  if (!CryptoStatus) {
+return EFI_ABORTED;
+  }
+
+  //
+  // '\0' is forced in CertCommonName. No overflow issue  //  
+ CryptoStatus = Sha256Update (mHashCtx, CertCommonName, 
+ AsciiStrLen((CHAR8 *)CertCommonName));  if (!CryptoStatus) {
+return EFI_ABORTED;
+  }
+
+  CryptoStatus = Sha256Update (mHashCtx, TbsCert, TbsCertSize);  if 
+ (!CryptoStatus) {
+return EFI_ABORTED;
+  }
+
+  CryptoStatus  = Sha256Final (mHashCtx, Sha256Digest);  if 
+ (!CryptoStatus) {
+return EFI_ABORTED;
+  }
+
+  return EFI_SUCCESS;
+}
+
+/**
   Find matching signer's certificates for common authenticated variable
   by corresponding VariableName and VendorGuid from "certdb" or "certdbv".
 
@@ -1872,13 +1951,16 @@ DeleteCertsFromDb (
 /**
   Insert signer's certificates for common authenticated variable with 
VariableName
   and VendorGuid in AUTH_CERT_DB_DATA to "certdb" or "certdbv" according to
-  time based authenticated variable attributes.
+  time based authenticated variable attributes. CertData is the SHA256 
+ digest of  SignerCert CommonName + TopLevelCert tbsCertificate.
 
-  @param[in]  VariableName   Name of authenticated Variable.
-  @param[in]  VendorGuid Vendor GUID of authenticated Variable.
-  @param[in]  Attributes Attributes of authenticated variable.
-  @param[in]  CertData   Pointer to signer's certificates.
-  @param[in]  CertDataSize   Length of CertData in bytes.
+  @param[in]  VariableName  Name of authenticated Variable.
+  @param[in]  VendorGuidVendor GUID of authenticated Variable.
+  @param[in]  AttributesAttributes of authenticated variable.
+  @param[in]  SignerCertSigner certificate

[edk2] [PATCH] SecurityPkg/Pkcs7Verify: Add the comments to address security problem

2017-10-11 Thread Long Qin 
Add the comments to address security problems in the Pkcs7Verify Protocol
per UEFI 2.7 updates.

The Pkcs7Verifier function VerifySignature() has problematic use cases
where it might be used to unwittingly bypass security checks.  The specific
problem is that if the supplied hash is a different algorithm from the
blacklist hash, the hash will be approved even if it should have been
denied. The added comments place a strong warning about the problem.
It is possible to use the protocol reliably, either by agreeing a hash to
use for all time (like sha256) or by looping over all supported hashes when
using the protocol.

Cc: Chao Zhang 
Cc: James Bottomley 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long 
---
 MdePkg/Include/Protocol/Pkcs7Verify.h   | 10 +-
 SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c |  8 
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/MdePkg/Include/Protocol/Pkcs7Verify.h 
b/MdePkg/Include/Protocol/Pkcs7Verify.h
index ca5ec75910..eaeda48300 100644
--- a/MdePkg/Include/Protocol/Pkcs7Verify.h
+++ b/MdePkg/Include/Protocol/Pkcs7Verify.h
@@ -6,7 +6,7 @@
   PKCS#7 is a general-purpose cryptographic standard (defined by RFC2315,
   available at http://tools.ietf.org/html/rfc2315).
 
-Copyright (c) 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
 This program and the accompanying materials are licensed and made available 
under
 the terms and conditions of the BSD License that accompanies this distribution.
 The full text of the license may be found at
@@ -140,6 +140,14 @@ EFI_STATUS
   verifies the signature of the content is valid and signing certificate was 
not revoked
   and is contained within a list of trusted signers.
 
+  Note: because this function uses hashes and the specification contains a 
variety of
+hash choices, you should be aware that the check against the RevokedDb 
list
+will improperly succeed if the signature is revoked using a different 
hash
+algorithm.  For this reason, you should either cycle through all UEFI 
supported
+hashes to see if one is forbidden, or rely on a single hash choice 
only if the
+UEFI signature authority only signs and revokes with a single hash (at 
time
+of writing, this hash choice is SHA256).
+
   @param[in] This Pointer to EFI_PKCS7_VERIFY_PROTOCOL 
instance.
   @param[in] SignaturePoints to buffer containing ASN.1 
DER-encoded PKCS
   detached signature.
diff --git a/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c 
b/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c
index 0da549a6bd..ac83e6d5c2 100644
--- a/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c
+++ b/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c
@@ -1321,6 +1321,14 @@ _Exit:
   verifies the signature of the content is valid and signing certificate was 
not revoked
   and is contained within a list of trusted signers.
 
+  Note: because this function uses hashes and the specification contains a 
variety of
+hash choices, you should be aware that the check against the RevokedDb 
list
+will improperly succeed if the signature is revoked using a different 
hash
+algorithm.  For this reason, you should either cycle through all UEFI 
supported
+hashes to see if one is forbidden, or rely on a single hash choice 
only if the
+UEFI signature authority only signs and revokes with a single hash (at 
time
+of writing, this hash choice is SHA256).
+
   @param[in] This Pointer to EFI_PKCS7_VERIFY_PROTOCOL 
instance.
   @param[in] SignaturePoints to buffer containing ASN.1 
DER-encoded PKCS
   detached signature.
-- 
2.14.1.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] SecurityPkg\Tcg2Pei: FV measure performance enhancement

2017-10-10 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Zhang, Chao B 
Sent: Monday, October 9, 2017 4:50 PM
To: edk2-devel@lists.01.org
Cc: Long, Qin <qin.l...@intel.com>; Yao, Jiewen <jiewen@intel.com>; 
sean.bro...@microsoft.com; Zhang, Chao B <chao.b.zh...@intel.com>
Subject: [PATCH] SecurityPkg\Tcg2Pei: FV measure performance enhancement

1. Leverage Pre-Hashed FV PPI to reduce duplicated hash 2. Only measure BFV at 
the beginning. Other FVs are measured in FVinfo callback with nested
   FV check. https://bugzilla.tianocore.org/show_bug.cgi?id=662

Cc: Long Qin <qin.l...@intel.com>
Cc: Yao Jiewen <jiewen@intel.com>
Cc: Sean Brogan <sean.bro...@microsoft.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
 .../Include/Ppi/FirmwareVolumeInfoPrehashedFV.h|  70 ++
 SecurityPkg/SecurityPkg.dec|   7 +-
 SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c  | 245 +++--
 SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf|   2 +
 4 files changed, 250 insertions(+), 74 deletions(-)  create mode 100644 
SecurityPkg/Include/Ppi/FirmwareVolumeInfoPrehashedFV.h

diff --git a/SecurityPkg/Include/Ppi/FirmwareVolumeInfoPrehashedFV.h 
b/SecurityPkg/Include/Ppi/FirmwareVolumeInfoPrehashedFV.h
new file mode 100644
index 000..2273357
--- /dev/null
+++ b/SecurityPkg/Include/Ppi/FirmwareVolumeInfoPrehashedFV.h
@@ -0,0 +1,70 @@
+/** @file
+PPI to describe all hash digests for a given FV
+
+Copyright (c) 2017, Intel Corporation. All rights reserved. This 
+program and the accompanying materials are licensed and made available 
+under the terms and conditions of the BSD License which accompanies 
+this distribution.  The full text of the license may be found at 
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+/**
+PPI to describe all hash digests for a given FV
+
+Copyright (c) 2017, Microsoft Corporation
+
+All rights reserved.
+Redistribution and use in source and binary forms, with or without 
+modification, are permitted provided that the following conditions are met:
+1. Redistributions of source code must retain the above copyright 
+notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright 
+notice, this list of conditions and the following disclaimer in the 
+documentation  and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS 
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 
+TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 
PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR 
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
+STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 
+IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY 
OF SUCH DAMAGE.
+
+**/
+
+#ifndef __PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_H__
+#define __PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_H__
+
+#define EDKII_PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_PPI_GUID \  { 
+0x3ce1e631, 0x7008, 0x477c, { 0xad, 0xa7, 0x5d, 0xcf, 0xc7, 0xc1, 0x49, 
+0x4b } }
+
+//
+// HashAlgoId is TPM_ALG_ID in Tpm20.h
+//
+typedef struct _HASH_INFO {
+  UINT16 HashAlgoId;
+  UINT16 HashSize;
+  //UINT8Hash[];
+} HASH_INFO;
+
+//
+// This PPI indicates a FV is already hashed, platform should ensure 1:1 
mapping between pre-hashed PPI and FV.
+// The Count field in PPI is followed by Count number of FV hash info entries, 
which can be extended to PCR and logged to TCG event log directly by TCG 
modules.
+//
+typedef struct {
+  UINT32 FvBase;
+  UINT32 FvLength;
+  UINT32 Count;
+  //HASH_INFOHashInfo[];
+} EDKII_PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_PPI;
+
+extern EFI_GUID gEdkiiPeiFirmwareVolumeInfoPrehashedFvPpiGuid;
+
+#endif
+
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 
7a900dc..45d95c5 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -7,6 +7,7 @@
 #
 # Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.  # 
(C) Copyright 2015 Hew

Re: [edk2] [PATCH v2 1/2] SecurityPkg: make PcdOptionRomImageVerificationPolicy dynamic

2017-10-10 Thread Long, Qin 
The patch looks good to me.

Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

From: Yao, Jiewen
Sent: Tuesday, October 10, 2017 9:47 PM
To: Laszlo Ersek <ler...@redhat.com>; Long, Qin <qin.l...@intel.com>
Cc: Brijesh Singh <brijesh.si...@amd.com>; edk2-devel@lists.01.org; Justen, 
Jordan L <jordan.l.jus...@intel.com>; Tom Lendacky <thomas.lenda...@amd.com>; 
Zhang, Chao B <chao.b.zh...@intel.com>
Subject: RE: [edk2] [PATCH v2 1/2] SecurityPkg: make 
PcdOptionRomImageVerificationPolicy dynamic

I am OK on this patch.

Reviewed-by: jiewen@intel.com<mailto:jiewen@intel.com>

BTW: Do you also need update PcdRemovableMediaImageVerificationPolicy and 
PcdFixedMediaImageVerificationPolicy?


Thank you
Yao Jiewen


From: Laszlo Ersek [mailto:ler...@redhat.com]
Sent: Tuesday, October 10, 2017 7:28 PM
To: Long, Qin <qin.l...@intel.com<mailto:qin.l...@intel.com>>; Yao, Jiewen 
<jiewen@intel.com<mailto:jiewen@intel.com>>
Cc: Brijesh Singh <brijesh.si...@amd.com<mailto:brijesh.si...@amd.com>>; 
edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>; Justen, Jordan L 
<jordan.l.jus...@intel.com<mailto:jordan.l.jus...@intel.com>>; Tom Lendacky 
<thomas.lenda...@amd.com<mailto:thomas.lenda...@amd.com>>; Zhang, Chao B 
<chao.b.zh...@intel.com<mailto:chao.b.zh...@intel.com>>
Subject: Re: [edk2] [PATCH v2 1/2] SecurityPkg: make 
PcdOptionRomImageVerificationPolicy dynamic

Jiewen, Qin,

can you guys perhaps help with reviewing this patch? (The second patch
in the series is for OvmfPkg, and it depends on this one.)

Thanks!
Laszlo

On 10/05/17 22:16, Brijesh Singh wrote:
> By default the image verification policy for option ROM images is 0x4
> (DENY_EXECUTE_ON_SECURITY_VIOLATION) but the following OvmfPkg commit:
>
> 1fea9ddb4e3f OvmfPkg: execute option ROM images regardless of Secure Boot
>
> set it to 0x0 (ALWAYS_EXECUTE). This is fine because typically option
> ROMs comes from host-side and most of the time cloud provider (i.e
> hypervisor) have full access over a guest anyway. But when secure boot
> is enabled, we would like to deny the execution of option ROM when
> SEV is active. Having dynamic Pcd will give us flexibility to set the
> security policy at the runtime.
>
> Fixes: https://bugzilla.tianocore.org/show_bug.cgi?id=728
> Cc: Chao Zhang <chao.b.zh...@intel.com<mailto:chao.b.zh...@intel.com>>
> Cc: Jordan Justen 
> <jordan.l.jus...@intel.com<mailto:jordan.l.jus...@intel.com>>
> Cc: Laszlo Ersek <ler...@redhat.com<mailto:ler...@redhat.com>>
> Cc: Tom Lendacky <thomas.lenda...@amd.com<mailto:thomas.lenda...@amd.com>>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Brijesh Singh 
> <brijesh.si...@amd.com<mailto:brijesh.si...@amd.com>>
> ---
>
> Changes since v1:
>  * Add Contributed-under tag
>
>  SecurityPkg/SecurityPkg.dec | 24 ++--
>  1 file changed, 12 insertions(+), 12 deletions(-)
>
> diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
> index 01bff01ed50a..4e32d172d7d9 100644
> --- a/SecurityPkg/SecurityPkg.dec
> +++ b/SecurityPkg/SecurityPkg.dec
> @@ -230,18 +230,6 @@ [Ppis]
>  #
>
>  [PcdsFixedAtBuild, PcdsPatchableInModule]
> -  ## Image verification policy for OptionRom. Only following values are 
> valid:
> -  #  NOTE: Do NOT use 0x5 and 0x2 since it violates the UEFI specification 
> and has been removed.
> -  #  0x  Always trust the image.
> -  #  0x0001  Never trust the image.
> -  #  0x0002  Allow execution when there is security violation.
> -  #  0x0003  Defer execution when there is security violation.
> -  #  0x0004  Deny execution when there is security violation.
> -  #  0x0005  Query user when there is security violation.
> -  # @Prompt Set policy for the image from OptionRom.
> -  # @ValidRange 0x8001 | 0x - 0x0005
> -  
> gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04|UINT32|0x0001
> -
>## Image verification policy for removable media which includes CD-ROM, 
> Floppy, USB and network.
>#  Only following values are valid:
>#  NOTE: Do NOT use 0x5 and 0x2 since it violates the UEFI specification 
> and has been removed.
> @@ -304,6 +292,18 @@ [PcdsFixedAtBuild, PcdsPatchableInModule]
>
> gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice|0x010D|UINT32|0x0007
>
>  [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
> +  ## Image verification policy for OptionRom. Only following values are 
> valid:
> +  #  NOTE: Do NOT use 0x5 and 0x2 since it violates the UEFI

Re: [edk2] [PATCH v3] CryptoPkg: Add new API to retrieve commonName of X.509 certificate

2017-09-28 Thread Long, Qin 
Yes, they are legacy version with old style alignment.
It's first try to address this return status change in this new API.  We may 
update some APIs depending on requirement and impacts evaluations later. 


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Zhang, Chao B 
Sent: Thursday, September 28, 2017 2:03 PM
To: Long, Qin <qin.l...@intel.com>; ler...@redhat.com; Ye, Ting 
<ting...@intel.com>
Cc: edk2-devel@lists.01.org
Subject: RE: [PATCH v3] CryptoPkg: Add new API to retrieve commonName of X.509 
certificate

Qin:  
   What about other X509 related interface, such as X509GetTBSCert, 
X509GetSubjectName. They all return TRUE/FALSE.
   It looks inconsistent between these interfaces


-Original Message-----
From: Long, Qin
Sent: Thursday, September 21, 2017 10:48 AM
To: ler...@redhat.com; Ye, Ting <ting...@intel.com>; Zhang, Chao B 
<chao.b.zh...@intel.com>
Cc: edk2-devel@lists.01.org
Subject: [PATCH v3] CryptoPkg: Add new API to retrieve commonName of X.509 
certificate

v3: Add extra CommonNameSize check since OpenSSL didn't check this
input parameter. (One openssl issue was filed to address this risk:
https://github.com/openssl/openssl/issues/4392)
v2: Update function interface to return RETURN_STATUS to represent
different error cases.

Add one new API (X509GetCommonName()) to retrieve the subject commonName string 
from one X.509 certificate.

Cc: Laszlo Ersek <ler...@redhat.com>
Cc: Ting Ye <ting...@intel.com>
Cc: Chao Zhang <chao.b.zh...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.l...@intel.com>
---
 CryptoPkg/Application/Cryptest/RsaVerify2.c|  32 --
 CryptoPkg/Include/Library/BaseCryptLib.h   |  35 +++
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c  | 109 +
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c  |  32 ++
 .../Pk/CryptX509Null.c |  34 ++-
 5 files changed, 234 insertions(+), 8 deletions(-)

diff --git a/CryptoPkg/Application/Cryptest/RsaVerify2.c 
b/CryptoPkg/Application/Cryptest/RsaVerify2.c
index 98b5aad900..9db43d6eef 100644
--- a/CryptoPkg/Application/Cryptest/RsaVerify2.c
+++ b/CryptoPkg/Application/Cryptest/RsaVerify2.c
@@ -204,13 +204,17 @@ ValidateCryptRsa2 (
   VOID
   )
 {
-  BOOLEAN  Status;
-  VOID *RsaPrivKey;
-  VOID *RsaPubKey;
-  UINT8*Signature;
-  UINTNSigSize;
-  UINT8*Subject;
-  UINTNSubjectSize;
+  BOOLEANStatus;
+  VOID   *RsaPrivKey;
+  VOID   *RsaPubKey;
+  UINT8  *Signature;
+  UINTN  SigSize;
+  UINT8  *Subject;
+  UINTN  SubjectSize;
+  RETURN_STATUS  ReturnStatus;
+  CHAR8  CommonName[64];
+  CHAR16 CommonNameUnicode[64];
+  UINTN  CommonNameSize;
 
   Print (L"\nUEFI-OpenSSL RSA Key Retrieving Testing: ");
 
@@ -286,6 +290,20 @@ ValidateCryptRsa2 (
 Print (L"[Pass]");
   }
 
+  //
+  // Get CommonName from X509 Certificate Subject  //  CommonNameSize = 
+ 64;  ZeroMem (CommonName, CommonNameSize);  ReturnStatus = 
+ X509GetCommonName (TestCert, sizeof (TestCert), CommonName, 
+ );  if (RETURN_ERROR (ReturnStatus)) {
+Print (L"\n  - Retrieving Common Name - [Fail]");
+return EFI_ABORTED;
+  } else {
+AsciiStrToUnicodeStrS (CommonName, CommonNameUnicode, CommonNameSize);
+Print (L"\n  - Retrieving Common Name = \"%s\" (Size = %d)", 
+ CommonNameUnicode, CommonNameSize);  }
+
   //
   // X509 Certificate Verification.
   //
diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h 
b/CryptoPkg/Include/Library/BaseCryptLib.h
index 9c5ffcd9cf..2366a0218d 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -2171,6 +2171,41 @@ X509GetSubjectName (
   IN OUT  UINTN*SubjectSize
   );
 
+/**
+  Retrieve the common name (CN) string from one X.509 certificate.
+
+  @param[in]  Cert Pointer to the DER-encoded X509 certificate.
+  @param[in]  CertSize Size of the X509 certificate in bytes.
+  @param[out] CommonName   Buffer to contain the retrieved certificate 
common
+   name string. At most CommonNameSize bytes 
will be
+   written and the string will be null 
terminated. May be
+   NULL in order to determine the size buffer 
needed.
+  @param[in,out]  CommonNameSize   The size in bytes of the CommonName buffer 
on input,
+   and the size of buffer returned CommonName 
on output.
+   If CommonName is NULL then the amount of 
space needed
+   in buffer (including the final null) is 
returned.
+
+  @retval RETURN_SUCCESS   The certificate CommonName retrieved 
successfully.
+  @retval R

Re: [edk2] [PATCH v2] CryptoPkg: Add new API to retrieve commonName of X.509 certificate

2017-09-20 Thread Long, Qin 


From: Laszlo Ersek [mailto:ler...@redhat.com]
Sent: Thursday, September 21, 2017 12:38 AM
To: Long, Qin <qin.l...@intel.com>; Ye, Ting <ting...@intel.com>; Zhang, Chao B 
<chao.b.zh...@intel.com>
Cc: edk2-devel@lists.01.org
Subject: Re: [PATCH v2] CryptoPkg: Add new API to retrieve commonName of X.509 
certificate

Hello Qin,

On 09/20/17 18:05, Qin Long wrote:
> v2: Update function interface to return RETURN_STATUS to represent
> different error cases.
>
> Add one new API (X509GetCommonName()) to retrieve the subject commonName
> string from one X.509 certificate.
>
> Cc: Laszlo Ersek <ler...@redhat.com<mailto:ler...@redhat.com>>
> Cc: Ting Ye <ting...@intel.com<mailto:ting...@intel.com>>
> Cc: Chao Zhang <chao.b.zh...@intel.com<mailto:chao.b.zh...@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Qin Long <qin.l...@intel.com<mailto:qin.l...@intel.com>>
> ---
>  CryptoPkg/Application/Cryptest/RsaVerify2.c|  32 +--
>  CryptoPkg/Include/Library/BaseCryptLib.h   |  34 +++
>  CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c  | 106 
> +
>  CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c  |  32 +++
>  .../Pk/CryptX509Null.c |  34 ++-
>  5 files changed, 230 insertions(+), 8 deletions(-)
>
> diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h 
> b/CryptoPkg/Include/Library/BaseCryptLib.h
> index 9c5ffcd9cf..48e9531758 100644
> --- a/CryptoPkg/Include/Library/BaseCryptLib.h
> +++ b/CryptoPkg/Include/Library/BaseCryptLib.h
> @@ -2171,6 +2171,40 @@ X509GetSubjectName (
>IN OUT  UINTN*SubjectSize
>);
>
> +/**
> +  Retrieve the common name (CN) string from one X.509 certificate.
> +
> +  @param[in]  Cert Pointer to the DER-encoded X509 
> certificate.
> +  @param[in]  CertSize Size of the X509 certificate in bytes.
> +  @param[out] CommonName   Buffer to contain the retrieved 
> certificate common
> +   name string. At most CommonNameSize bytes 
> will be
> +   written and the string will be null 
> terminated. May be
> +   NULL in order to determine the size 
> buffer needed.
> +  @param[in,out]  CommonNameSize   The size in bytes of the CommonName 
> buffer on input,
> +   and the size of buffer returned 
> CommonName on output.
> +   If CommonName is NULL then the amount of 
> space needed
> +   in buffer (including the final null) is 
> returned.
> +
> +  @retval RETURN_SUCCESS   The certificate CommonName retrieved 
> successfully.
> +  @retval RETURN_INVALID_PARAMETER If Cert is NULL.
> +   If CommonNameSize is NULL.
> +   If Certificate is invalid.
> +  @retval RETURN_NOT_FOUND If no CommonName entry exists.
> +  @retval RETURN_BUFFER_TOO_SMALL  If the CommonName is NULL. The required 
> buffer size
> +   (including the final null) is returned in 
> the
> +   CommonNameSize parameter.
> +  @retval RETURN_UNSUPPORTED   The operation is not supported.
> +
> +**/
> +RETURN_STATUS
> +EFIAPI
> +X509GetCommonName (
> +  IN  CONST UINT8  *Cert,
> +  IN  UINTNCertSize,
> +  OUT CHAR8*CommonName,
> +  IN OUT  UINTN*CommonNameSize
> +  );
> +
>  /**
>Verify one X509 certificate was issued by the trusted CA.
>

I think the RETURN_BUFFER_TOO_SMALL description is incorrect -- it
shouldn't only cover the (CommonName == NULL) case, but any other case
when *CommonNameSize is not large enough, for formatting the full CN,
plus the terminating '\0'.

Relatedly, the output value of *CommonNameSize should always be the
number of bytes required to format the NUL-terminated common name,
regardless if there is enough room or not. The return status will tell
the caller:
- if the return status is BUFFER_TOO_SMALL, then a larger buffer is
needed -- how large is explained by *CommonNameSize
- if the return status is SUCCESS, then the buffer was large enough, and
*CommonNameSize bytes have been used from it.

[qlong] good catch.
The current implementation is based on OpenSSL X509_NAME_get_text_by_OBJ
API, and we can only get the real written data size or required size (by passing
NULL CommonName) with this interface.
I didn’t want to introduce additional handling (e.g. extra ASN1_STRING parsing) 
in
this API. For fixed CommonNameSize buffer, it’s acceptable to receive the 
truncated
string (e

Re: [edk2] [PATCH] CryptoPkg: Add new API to retrieve commonName of X.509 certificate

2017-09-20 Thread Long, Qin 
Laszlo.

It's one good feedback.

This is one historical design issue. We choose to use simple BOOLEAN as the 
return value, because OpenSSL has complicated return data (reason) with extra 
api (e.g. ERR_get_error()...). It's hard to map these error messages directly, 
then we just used one simplest way before, and always kept this kind of API 
style in late updates.

I also think the return value (true/false) in current BaseCryptLib is really 
ambiguous to tell any more useful information. RETURN_xxx is more valuable in 
this new-added case. I would like to update the patch per your suggestion.

Thanks for raising this.

Best Regards & Thanks,
LONG, Qin

From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Laszlo 
Ersek
Sent: Wednesday, September 20, 2017 8:09 PM
To: Long, Qin <qin.l...@intel.com>; Ye, Ting <ting...@intel.com>; Zhang, Chao B 
<chao.b.zh...@intel.com>
Cc: edk2-devel@lists.01.org
Subject: Re: [edk2] [PATCH] CryptoPkg: Add new API to retrieve commonName of 
X.509 certificate

Hello Qin,

On 09/19/17 05:38, Long Qin wrote:
> Add one new API (X509GetCommonName()) to retrieve the subject commonName
> string from one X.509 certificate.
>
> Cc: Ting Ye <ting...@intel.com<mailto:ting...@intel.com>>
> Cc: Chao Zhang <chao.b.zh...@intel.com<mailto:chao.b.zh...@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Qin Long <qin.l...@intel.com<mailto:qin.l...@intel.com>>
> ---
>  CryptoPkg/Application/Cryptest/RsaVerify2.c| 17 
>  CryptoPkg/Include/Library/BaseCryptLib.h   | 32 
>  CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c  | 93 
> ++
>  CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c  | 32 
>  .../Pk/CryptX509Null.c | 34 +++-
>  5 files changed, 207 insertions(+), 1 deletion(-)

> diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h 
> b/CryptoPkg/Include/Library/BaseCryptLib.h
> index 9c5ffcd9cf..d861be6725 100644
> --- a/CryptoPkg/Include/Library/BaseCryptLib.h
> +++ b/CryptoPkg/Include/Library/BaseCryptLib.h
> @@ -2171,6 +2171,38 @@ X509GetSubjectName (
>IN OUT  UINTN*SubjectSize
>);
>
> +/**
> +  Retrieve the common name (CN) string from one X.509 certificate.
> +
> +  If Cert or CommonNameSize is NULL, then return FALSE.
> +  If this interface is not supported, then return FALSE.
> +
> +  @param[in]  CertPointer to the DER-encoded X509 
> certificate.
> +  @param[in]  CertSizeSize of the X509 certificate in bytes.
> +  @param[out] CommonName  Buffer to contain the retrieved 
> certificate common
> +  name string. At most CommonNameSize bytes 
> will be
> +  written and the string will be null 
> terminated. May be
> +  NULL in order to determine the size buffer 
> needed.
> +  @param[in,out]  CommonNameSize  The size in bytes of the CommonName buffer 
> on input,
> +  and the size of buffer returned CommonName 
> on output.
> +  if CommonName is NULL then the amount of 
> space needed
> +  in buffer (including the final null) is 
> returned.
> +
> +  @retval  TRUE   The certificate CommonName retrieved successfully.
> +  @retval  FALSE  Invalid certificate, or CommonNameSize is NULL,
> +  or no CommonName entry exists.
> +  @retval  FALSE  This interface is not supported.
> +
> +**/
> +BOOLEAN
> +EFIAPI
> +X509GetCommonName (
> +  IN  CONST UINT8  *Cert,
> +  IN  UINTNCertSize,
> +  OUT CHAR8*CommonName,
> +  IN OUT  UINTN*CommonNameSize
> +  );
> +
>  /**
>Verify one X509 certificate was issued by the trusted CA.
>

I hope my questions / suggestions aren't unwelcome (or misguided) --
have you considered returning RETURN_STATUS from this function?

Currently FALSE is returned for several error cases, but we have good
RETURN_xxx macros for telling them apart:

- RETURN_BUFFER_TOO_SMALL: "The buffer was not large enough to hold the
requested data. The required buffer size is returned in the appropriate
parameter when this error occurs."

- RETURN_UNSUPPORTED: "The operation is not supported."

- RETURN_NOT_FOUND: "The item was not found." -- this can be used for
"no CommonName entry exists".

- RETURN_INVALID_PARAMETER: "The parameter was incorrect." -- this can
be used for "CommonNameSize is NULL", and likely for "Invalid
certificate" as well.

If you don't want to update the interface, I'm OK with that of course; I
just figur

Re: [edk2] [PATCH] CryptoPkg: Add new API to retrieve commonName of X.509 certificate

2017-09-20 Thread Long, Qin 
Thanks, Chao.
Cryptest just simply use the hard-coded test vectors for API usage 
demonstration. So 64 is big enough for the given test X.509 data.


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Zhang, Chao B 
Sent: Wednesday, September 20, 2017 2:57 PM
To: Long, Qin <qin.l...@intel.com>; Ye, Ting <ting...@intel.com>
Cc: edk2-devel@lists.01.org
Subject: RE: [PATCH] CryptoPkg: Add new API to retrieve commonName of X.509 
certificate

Qin:
   For cryptest, do we need to support 64 maximum CN name and NULL? That makes 
buffer size 65 instead of 64.
Others are good to me.
 


-Original Message-----
From: Long, Qin
Sent: Tuesday, September 19, 2017 11:39 AM
To: Ye, Ting <ting...@intel.com>; Zhang, Chao B <chao.b.zh...@intel.com>
Cc: edk2-devel@lists.01.org; Long, Qin <qin.l...@intel.com>
Subject: [PATCH] CryptoPkg: Add new API to retrieve commonName of X.509 
certificate

Add one new API (X509GetCommonName()) to retrieve the subject commonName string 
from one X.509 certificate.

Cc: Ting Ye <ting...@intel.com>
Cc: Chao Zhang <chao.b.zh...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.l...@intel.com>
---
 CryptoPkg/Application/Cryptest/RsaVerify2.c| 17 
 CryptoPkg/Include/Library/BaseCryptLib.h   | 32 
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c  | 93 ++
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c  | 32 
 .../Pk/CryptX509Null.c | 34 +++-
 5 files changed, 207 insertions(+), 1 deletion(-)

diff --git a/CryptoPkg/Application/Cryptest/RsaVerify2.c 
b/CryptoPkg/Application/Cryptest/RsaVerify2.c
index 98b5aad900..f9b70d5794 100644
--- a/CryptoPkg/Application/Cryptest/RsaVerify2.c
+++ b/CryptoPkg/Application/Cryptest/RsaVerify2.c
@@ -211,6 +211,9 @@ ValidateCryptRsa2 (
   UINTNSigSize;
   UINT8*Subject;
   UINTNSubjectSize;
+  CHAR8CommonName[64];
+  CHAR16   CommonNameUnicode[64];
+  UINTNCommonNameSize;
 
   Print (L"\nUEFI-OpenSSL RSA Key Retrieving Testing: ");
 
@@ -286,6 +289,20 @@ ValidateCryptRsa2 (
 Print (L"[Pass]");
   }
 
+  //
+  // Get CommonName from X509 Certificate Subject  //  CommonNameSize = 
+ 64;  ZeroMem (CommonName, CommonNameSize);  Status = X509GetCommonName 
+ (TestCert, sizeof (TestCert), CommonName, );  if
+ (!Status) {
+Print (L"\n  - Retrieving Common Name - [Fail]");
+return EFI_ABORTED;
+  } else {
+AsciiStrToUnicodeStrS (CommonName, CommonNameUnicode, CommonNameSize);
+Print (L"\n  - Retrieving Common Name = \"%s\" (Size = %d)", 
+ CommonNameUnicode, CommonNameSize);  }
+
   //
   // X509 Certificate Verification.
   //
diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h 
b/CryptoPkg/Include/Library/BaseCryptLib.h
index 9c5ffcd9cf..d861be6725 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -2171,6 +2171,38 @@ X509GetSubjectName (
   IN OUT  UINTN*SubjectSize
   );
 
+/**
+  Retrieve the common name (CN) string from one X.509 certificate.
+
+  If Cert or CommonNameSize is NULL, then return FALSE.
+  If this interface is not supported, then return FALSE.
+
+  @param[in]  CertPointer to the DER-encoded X509 certificate.
+  @param[in]  CertSizeSize of the X509 certificate in bytes.
+  @param[out] CommonName  Buffer to contain the retrieved certificate 
common
+  name string. At most CommonNameSize bytes 
will be
+  written and the string will be null 
terminated. May be
+  NULL in order to determine the size buffer 
needed.
+  @param[in,out]  CommonNameSize  The size in bytes of the CommonName buffer 
on input,
+  and the size of buffer returned CommonName 
on output.
+  if CommonName is NULL then the amount of 
space needed
+  in buffer (including the final null) is 
returned.
+
+  @retval  TRUE   The certificate CommonName retrieved successfully.
+  @retval  FALSE  Invalid certificate, or CommonNameSize is NULL,
+  or no CommonName entry exists.
+  @retval  FALSE  This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+X509GetCommonName (
+  IN  CONST UINT8  *Cert,
+  IN  UINTNCertSize,
+  OUT CHAR8*CommonName,
+  IN OUT  UINTN*CommonNameSize
+  );
+
 /**
   Verify one X509 certificate was issued by the trusted CA.
 
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 7d275977c5..e45c214bd1 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -297,6 +297,99 @@ _Exit:
   return Status;
 }
 
+/**
+  R

[edk2] [PATCH] CryptoPkg: Add new API to retrieve commonName of X.509 certificate

2017-09-18 Thread Long Qin 
Add one new API (X509GetCommonName()) to retrieve the subject commonName
string from one X.509 certificate.

Cc: Ting Ye 
Cc: Chao Zhang 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long 
---
 CryptoPkg/Application/Cryptest/RsaVerify2.c| 17 
 CryptoPkg/Include/Library/BaseCryptLib.h   | 32 
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c  | 93 ++
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c  | 32 
 .../Pk/CryptX509Null.c | 34 +++-
 5 files changed, 207 insertions(+), 1 deletion(-)

diff --git a/CryptoPkg/Application/Cryptest/RsaVerify2.c 
b/CryptoPkg/Application/Cryptest/RsaVerify2.c
index 98b5aad900..f9b70d5794 100644
--- a/CryptoPkg/Application/Cryptest/RsaVerify2.c
+++ b/CryptoPkg/Application/Cryptest/RsaVerify2.c
@@ -211,6 +211,9 @@ ValidateCryptRsa2 (
   UINTNSigSize;
   UINT8*Subject;
   UINTNSubjectSize;
+  CHAR8CommonName[64];
+  CHAR16   CommonNameUnicode[64];
+  UINTNCommonNameSize;
 
   Print (L"\nUEFI-OpenSSL RSA Key Retrieving Testing: ");
 
@@ -286,6 +289,20 @@ ValidateCryptRsa2 (
 Print (L"[Pass]");
   }
 
+  //
+  // Get CommonName from X509 Certificate Subject
+  //
+  CommonNameSize = 64;
+  ZeroMem (CommonName, CommonNameSize);
+  Status = X509GetCommonName (TestCert, sizeof (TestCert), CommonName, 
);
+  if (!Status) {
+Print (L"\n  - Retrieving Common Name - [Fail]");
+return EFI_ABORTED;
+  } else {
+AsciiStrToUnicodeStrS (CommonName, CommonNameUnicode, CommonNameSize);
+Print (L"\n  - Retrieving Common Name = \"%s\" (Size = %d)", 
CommonNameUnicode, CommonNameSize);
+  }
+
   //
   // X509 Certificate Verification.
   //
diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h 
b/CryptoPkg/Include/Library/BaseCryptLib.h
index 9c5ffcd9cf..d861be6725 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -2171,6 +2171,38 @@ X509GetSubjectName (
   IN OUT  UINTN*SubjectSize
   );
 
+/**
+  Retrieve the common name (CN) string from one X.509 certificate.
+
+  If Cert or CommonNameSize is NULL, then return FALSE.
+  If this interface is not supported, then return FALSE.
+
+  @param[in]  CertPointer to the DER-encoded X509 certificate.
+  @param[in]  CertSizeSize of the X509 certificate in bytes.
+  @param[out] CommonName  Buffer to contain the retrieved certificate 
common
+  name string. At most CommonNameSize bytes 
will be
+  written and the string will be null 
terminated. May be
+  NULL in order to determine the size buffer 
needed.
+  @param[in,out]  CommonNameSize  The size in bytes of the CommonName buffer 
on input,
+  and the size of buffer returned CommonName 
on output.
+  if CommonName is NULL then the amount of 
space needed
+  in buffer (including the final null) is 
returned.
+
+  @retval  TRUE   The certificate CommonName retrieved successfully.
+  @retval  FALSE  Invalid certificate, or CommonNameSize is NULL,
+  or no CommonName entry exists.
+  @retval  FALSE  This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+X509GetCommonName (
+  IN  CONST UINT8  *Cert,
+  IN  UINTNCertSize,
+  OUT CHAR8*CommonName,
+  IN OUT  UINTN*CommonNameSize
+  );
+
 /**
   Verify one X509 certificate was issued by the trusted CA.
 
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 7d275977c5..e45c214bd1 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -297,6 +297,99 @@ _Exit:
   return Status;
 }
 
+/**
+  Retrieve the common name (CN) string from one X.509 certificate.
+
+  If Cert or CommonNameSize is NULL, then return FALSE.
+  If this interface is not supported, then return FALSE.
+
+  @param[in]  CertPointer to the DER-encoded X509 certificate.
+  @param[in]  CertSizeSize of the X509 certificate in bytes.
+  @param[out] CommonName  Buffer to contain the retrieved certificate 
common
+  name string. At most CommonNameSize bytes 
will be
+  written and the string will be null 
terminated. May be
+  NULL in order to determine the size buffer 
needed.
+  @param[in,out]  CommonNameSize  The size in bytes of the CommonName buffer 
on input,
+  and the size of buffer returned CommonName 
on output.
+  if CommonName is NULL then the amount of 
space needed
+  in buffer (including the

[edk2] [PATCH] SecurityPkg: Add ARM/AARCH64 arch to enable RngTest module build.

2017-08-29 Thread Long Qin 
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=680

Adding ARM and AARCH64 to SUPPORTED_ARCHITECTURES in SecurityPkg.dsc
to enable RngTest module build, since this is one platform-independent
application.

Cc: Chao Zhang 
Cc: Laszlo Ersek 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long 
---
 SecurityPkg/Application/RngTest/RngTest.inf | 2 +-
 SecurityPkg/SecurityPkg.dsc | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/SecurityPkg/Application/RngTest/RngTest.inf 
b/SecurityPkg/Application/RngTest/RngTest.inf
index 334cff45b0..55510f709a 100644
--- a/SecurityPkg/Application/RngTest/RngTest.inf
+++ b/SecurityPkg/Application/RngTest/RngTest.inf
@@ -27,7 +27,7 @@
 #
 # The following information is for reference only and not required by the 
build tools.
 #
-#  VALID_ARCHITECTURES   = IA32 X64
+#  VALID_ARCHITECTURES   = IA32 X64 ARM AARCH64
 #
 
 [Sources]
diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index 8b9240374c..bb7147ec75 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -19,7 +19,7 @@
   PLATFORM_VERSION   = 0.97
   DSC_SPECIFICATION  = 0x00010005
   OUTPUT_DIRECTORY   = Build/SecurityPkg
-  SUPPORTED_ARCHITECTURES= IA32|IPF|X64|EBC
+  SUPPORTED_ARCHITECTURES= IA32|IPF|X64|EBC|ARM|AARCH64
   BUILD_TARGETS  = DEBUG|RELEASE|NOOPT
   SKUID_IDENTIFIER   = DEFAULT
 
-- 
2.14.1.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch 1/2] CryptoPkg/TlsLib: Remove the redundant free of BIO objects

2017-07-31 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Jiaxin Wu
Sent: Monday, July 31, 2017 1:41 PM
To: edk2-devel@lists.01.org
Cc: Ye, Ting <ting...@intel.com>; Wu, Jiaxin <jiaxin...@intel.com>; Long, Qin 
<qin.l...@intel.com>
Subject: [edk2] [Patch 1/2] CryptoPkg/TlsLib: Remove the redundant free of BIO 
objects

TLS BIO objects (InBio/OutBio) will be freed by SSL_free() function.
So, the following free operation (BIO_free) in TlsFree is redundant.
It can be removed directly.

Cc: Ye Ting <ting...@intel.com>
Cc: Long Qin <qin.l...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin...@intel.com>
---
 CryptoPkg/Library/TlsLib/TlsInit.c | 10 +-
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/CryptoPkg/Library/TlsLib/TlsInit.c 
b/CryptoPkg/Library/TlsLib/TlsInit.c
index e2c9744..e524647 100644
--- a/CryptoPkg/Library/TlsLib/TlsInit.c
+++ b/CryptoPkg/Library/TlsLib/TlsInit.c
@@ -128,24 +128,16 @@ TlsFree (
   if (TlsConn == NULL) {
 return;
   }
 
   //
-  // Free the internal TLS and BIO objects.
+  // Free the internal TLS and related BIO objects.
   //
   if (TlsConn->Ssl != NULL) {
 SSL_free (TlsConn->Ssl);
   }
 
-  if (TlsConn->InBio != NULL) {
-BIO_free (TlsConn->InBio);
-  }
-
-  if (TlsConn->OutBio != NULL) {
-BIO_free (TlsConn->OutBio);
-  }
-
   OPENSSL_free (Tls);
 }
 
 /**
   Create a new TLS object for a connection.
-- 
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] Adding OpenSSL as the submodule of EDKII project...

2017-07-22 Thread Long, Qin 
Sean,

Thank you for the comments.
And for the submodule maintenance, do you have any BKMs (e.g. alias setting, 
any scripts for synchronous clone/pull...) for sharing? 


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Sean Brogan [mailto:sean.bro...@microsoft.com] 
Sent: Saturday, July 22, 2017 12:52 AM
To: Long, Qin <qin.l...@intel.com>; edk2-devel@lists.01.org
Subject: RE: Adding OpenSSL as the submodule of EDKII project...

Long,Qin

I think this is a great idea and great step forward for making edk2 more 
consumable.  We already do this for our internal clones of edk2 and would like 
to see more work like this done to make edk2 consumable in a sustainable and 
easy way.  For example we also use submodules within our clone of edk2 for 
win32 basetools bin and nasm.  We then use submodules exclusively to manage 
consuming edk2 into our project repos.  This gives us great flexibility and 
agility to manage, update, and sustain our code trees.  TianoCore should think 
of itself not as the final repo but as an ingredient in a larger repository for 
building and shipping UEFI based products.   In that end I would like to see 
EDK2 break into smaller repositories (but I'll save that for another day).  

Thanks
Sean


-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Long, Qin
Sent: Thursday, July 20, 2017 12:18 AM
To: edk2-devel@lists.01.org
Cc: Long, Qin <qin.l...@intel.com>
Subject: [edk2] Adding OpenSSL as the submodule of EDKII project...

Hi,

The Git submodule allows us to keep another Git repository in a subdirectory of 
main project. The Submodule repository has its own history, which does not 
interfere with the history of the current repository. This can be used to have 
external dependencies such as third party libraries.

After the extra patch for EDKII-OpenSSL build was removed, OpenSSL can be one 
typical use case of Git Submodule in EDKII project. The Git parent (EDKII) will 
keep track of the release version / tag IDs of Submodules when the module owner 
commit. That will also help to ensure that when we check out the EDKII project 
then the openssl Submodule will also contain its right tags.

One forked EDK2 repository with OpenSSL submodule support was available at 
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fqloong%2Fedk2=02%7C01%7Csean.brogan%40microsoft.com%7C25cfc5e585ab4364560708d4cf3f860c%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636361319131460644=JlxveSrNDXpxECNOAS7zxfDkOvz%2FX5rc9RE%2FA9XYroA%3D=0
 for testing.

For EDKII developers, the possible impacts will include (comparing to the 
original openssl source download / unpacking mechanism):

-  Cloning EDKII project with Submodules
The user can use the following commands to clone both main EDKII repo and 
openssl submodule:
1) Add the "--recursive" flag to their git clone command:
  $ git clone --recursive 
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fqloong%2Fedk2=02%7C01%7Csean.brogan%40microsoft.com%7C25cfc5e585ab4364560708d4cf3f860c%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636361319131460644=JlxveSrNDXpxECNOAS7zxfDkOvz%2FX5rc9RE%2FA9XYroA%3D=0
or
2) Manually initialize and update the submodules after the clone operation on 
main project:
  $ git clone 
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fqloong%2Fedk2=02%7C01%7Csean.brogan%40microsoft.com%7C25cfc5e585ab4364560708d4cf3f860c%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636361319131460644=JlxveSrNDXpxECNOAS7zxfDkOvz%2FX5rc9RE%2FA9XYroA%3D=0
  $ git submodule update -init -recursive


-  Pulling in Upstream Changes
For Pull operations, one single "git pull" will not update the submodule 
repository. So the following combined commands can be used to pull the remote 
submodule updates (e.g. updating to new supported OpenSSL release tag) $ git 
pull -recurse-submodules && git submodule update -recursive -remote

(For any third-party GUI tools (e.g. TortoiseGit), there are also no direct 
support to sync-up the primary and submodule repo. We need to use extra 
"Pull..." and "Submodule Update..." to handle this case.)

Let me know your comments & suggestions on this possible submodule updates 
(advantage or disadvantage of this change? Any impacts? ...). Thanks.


Best Regards & Thanks,
LONG, Qin
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.01.org%2Fmailman%2Flistinfo%2Fedk2-devel=02%7C01%7Csean.brogan%40microsoft.com%7C25cfc5e585ab4364560708d4cf3f860c%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636361319131460644=SU3grvQcPSSDREJnEvg%2F6m55JCXJV01jAoSZi2nwcZA%3D=0
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] Adding OpenSSL as the submodule of EDKII project...

2017-07-20 Thread Long, Qin 
Hi,

The Git submodule allows us to keep another Git repository in a subdirectory of 
main project. The Submodule repository has its own history, which does not 
interfere with the history of the current repository. This can be used to have 
external dependencies such as third party libraries.

After the extra patch for EDKII-OpenSSL build was removed, OpenSSL can be one 
typical use case of Git Submodule in EDKII project. The Git parent (EDKII) will 
keep track of the release version / tag IDs of Submodules when the module owner 
commit. That will also help to ensure that when we check out the EDKII project 
then the openssl Submodule will also contain its right tags.

One forked EDK2 repository with OpenSSL submodule support was available at 
https://github.com/qloong/edk2 for testing.

For EDKII developers, the possible impacts will include (comparing to the 
original openssl source download / unpacking mechanism):

-  Cloning EDKII project with Submodules
The user can use the following commands to clone both main EDKII repo and 
openssl submodule:
1) Add the "--recursive" flag to their git clone command:
  $ git clone --recursive https://github.com/qloong/edk2
or
2) Manually initialize and update the submodules after the clone operation on 
main project:
  $ git clone https://github.com/qloong/edk2
  $ git submodule update -init -recursive


-  Pulling in Upstream Changes
For Pull operations, one single "git pull" will not update the submodule 
repository. So the following combined commands can be used to pull the remote 
submodule
updates (e.g. updating to new supported OpenSSL release tag)
$ git pull -recurse-submodules && git submodule update -recursive -remote

(For any third-party GUI tools (e.g. TortoiseGit), there are also no direct 
support to sync-up the primary and submodule repo. We need to use extra 
"Pull..." and "Submodule Update..." to handle this case.)

Let me know your comments & suggestions on this possible submodule updates 
(advantage or disadvantage of this change? Any impacts? ...). Thanks.


Best Regards & Thanks,
LONG, Qin
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] CryptoPkg/OpensslLib AARCH64: clear XIP CC flags

2017-07-15 Thread Long, Qin 
Reviewed-by: Long Qin <qin.l...@intel.com>


Best Regards & Thanks,
LONG, Qin

-Original Message-
From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org] 
Sent: Saturday, July 15, 2017 1:19 AM
To: edk2-devel@lists.01.org; Long, Qin <qin.l...@intel.com>
Cc: Ye, Ting <ting...@intel.com>; leif.lindh...@linaro.org; ler...@redhat.com; 
Ard Biesheuvel <ard.biesheu...@linaro.org>
Subject: [PATCH] CryptoPkg/OpensslLib AARCH64: clear XIP CC flags

Commit 0df6c8c157af ("BaseTools/tools_def AARCH64: avoid SIMD registers in XIP 
code") updated the compiler flags used by AARCH64 when building modules 
(including BASE libraries) that may execute before the MMU is enabled.

This broke the build for OpensslLib/OpensslLibCrypto because the SIMD register 
file is shared with the FPU, and since OpenSSL contains some references to 
float/double types (which are mostly unused for UEFI btw), disabling floating 
point prevents the compiler from building OpenSSL at all.

When introducing the support for XIP CC flags, we were aware that this would 
affect BASE libraries as well, but were not expecting this to have any 
performance impact. However, in the case of software crypto, it makes sense not 
to needlessly inhibit the compiler's ability to generate fast code, and even if 
OpenssLib is a BASE library, it is guaranteed not to run with the MMU off, so 
we can create a local exception, and clear its XIP CC flags for AARCH64.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheu...@linaro.org>
---
Note that this un-breaks the currently broken AARCH64 build for platforms that 
have secure boot enabled

 CryptoPkg/Library/OpensslLib/OpensslLib.inf   | 11 +++
 CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 11 +++
 2 files changed, 22 insertions(+)

diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf 
b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index cbabb34bdd7c..1d15da6660b2 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -580,3 +580,14 @@ [BuildOptions]
   RVCT:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS) 
--library_interface=aeabi_clib99 
--diag_suppress=1296,1295,550,1293,111,68,177,223,144,513,188,128,546,1,3017 
-JCryptoPkg/Include
   XCODE:*_*_IA32_CC_FLAGS   = -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -w
   XCODE:*_*_X64_CC_FLAGS= -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -w
+
+  #
+  # AARCH64 uses strict alignment and avoids SIMD registers for code 
+ that may execute  # with the MMU off. This involves SEC, PEI_CORE and 
+ PEIM modules as well as BASE  # libraries, given that they may be included 
into such modules.
+  # This library, even though of the BASE type, is never used in such 
+ cases, and  # avoiding the SIMD register file (which is shared with 
+ the FPU) prevents the  # compiler from successfully building some of 
+ the OpenSSL source files that  # use floating point types, so clear the flags 
here.
+  #
+  GCC:*_*_AARCH64_CC_XIPFLAGS ==
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf 
b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
index 026b551bcafa..6fc8884da492 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
@@ -541,3 +541,14 @@ [BuildOptions]
   RVCT:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS) 
--library_interface=aeabi_clib99 
--diag_suppress=1296,1295,550,1293,111,68,177,223,144,513,188,128,546,1,3017 
-JCryptoPkg/Include
   XCODE:*_*_IA32_CC_FLAGS   = -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -w
   XCODE:*_*_X64_CC_FLAGS= -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -w
+
+  #
+  # AARCH64 uses strict alignment and avoids SIMD registers for code 
+ that may execute  # with the MMU off. This involves SEC, PEI_CORE and 
+ PEIM modules as well as BASE  # libraries, given that they may be included 
into such modules.
+  # This library, even though of the BASE type, is never used in such 
+ cases, and  # avoiding the SIMD register file (which is shared with 
+ the FPU) prevents the  # compiler from successfully building some of 
+ the OpenSSL source files that  # use floating point types, so clear the flags 
here.
+  #
+  GCC:*_*_AARCH64_CC_XIPFLAGS ==
--
2.9.3

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] CryptoPkg/BaseCryptLib: Add NULL pointer checks in DH and P7Verify

2017-05-19 Thread Long Qin 
Add more NULL pointer checks before using them in DhGenerateKey and
Pkcs7GetCertificatesList functions to eliminate possible dereferenced
pointer issue.

Cc: Ting Ye 
Cc: Hao Wu 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long 
---
 CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c  |  4 +++-
 CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c | 10 +++---
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c
index f44684f907..391efd5c14 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c
@@ -232,7 +232,9 @@ DhGenerateKey (
   return FALSE;
 }
 
-BN_bn2bin (DhPubKey, PublicKey);
+if (PublicKey != NULL) {
+  BN_bn2bin (DhPubKey, PublicKey);
+}
 *PublicKeySize = Size;
   }
 
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
index 45d5df5e11..d564591cb7 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
@@ -558,7 +558,9 @@ Pkcs7GetCertificatesList (
 }
   }
   CtxUntrusted = X509_STORE_CTX_get0_untrusted (CertCtx);
-  (VOID)sk_X509_delete_ptr (CtxUntrusted, Signer);
+  if (CtxUntrusted != NULL) {
+(VOID)sk_X509_delete_ptr (CtxUntrusted, Signer);
+  }
 
   //
   // Build certificates stack chained from Signer's certificate.
@@ -711,8 +713,10 @@ _Error:
   }
   sk_X509_free (Signers);
 
-  X509_STORE_CTX_cleanup (CertCtx);
-  X509_STORE_CTX_free (CertCtx);
+  if (CertCtx != NULL) {
+X509_STORE_CTX_cleanup (CertCtx);
+X509_STORE_CTX_free (CertCtx);
+  }
 
   if (SingleCert != NULL) {
 free (SingleCert);
-- 
2.12.2.windows.2

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] SecurityPkg: Add TCG Spec info to TCG related modules

2017-05-11 Thread Long, Qin 
Reviewed-by: Qin Long <qin.l...@intel.com>


> -Original Message-
> From: Zhang, Chao B
> Sent: Thursday, May 11, 2017 1:15 PM
> To: edk2-devel@lists.01.org
> Cc: Long, Qin; Yao, Jiewen; Zhang, Chao B
> Subject: [PATCH] SecurityPkg: Add TCG Spec info to TCG related modules
> 
> Add TCG Spec compliance info to TCG related module INFs.
> 
> Cc: Qin Long <qin.l...@intel.com>
> Cc: Yao Jiewen <jiewen@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
> ---
>  .../Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf  | 5
> -
>  SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf  | 8
> ++--
>  SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf  | 7 +++
>  SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf  | 7 ++-
>  SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf  | 9 
> -
>  5 files changed, 31 insertions(+), 5 deletions(-)
> 
> diff --git
> a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.i
> nf
> b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.i
> nf
> index a11988e..939f6fb 100644
> ---
> a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.i
> nf
> +++
> b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.i
> n
> +++ f
> @@ -1,6 +1,9 @@
>  ## @file
>  #  Provides security service for TPM 2.0 measured boot  #
> +#  Spec Compliance Info:
> +#"TCG PC Client Platform Firmware Profile Specification for TPM Family
> 2.0 Level 00 Revision 00.21"
> +#
>  #  This library instance hooks LoadImage() API to measure every image that
> #  is not measured in PEI phase. And, it will also measure GPT partition.
>  #
> @@ -9,7 +12,7 @@
>  #  This external input must be validated carefully to avoid security issues
> such  #  as buffer overflow or integer overflow.
>  #
> -# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.
> +# Copyright (c) 2013 - 2017, Intel Corporation. All rights
> +reserved.
>  # This program and the accompanying materials  # are licensed and made
> available under the terms and conditions of the BSD License  # which
> accompanies this distribution. The full text of the license may be found at 
> diff
> --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
> b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
> index 976972d..3e619b9 100644
> --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
> +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
> @@ -1,12 +1,16 @@
>  ## @file
>  #  Provides TPM 2.0 TIS/PTP functions for DTPM -#
> +#
> +#  Spec Compliance Info:
> +#"TCG PC Client Platform TPM Profile(PTP) Specification Family 2.0 Level
> 00 Revision 00.43"
> +#"TCG PC Client Specific TPM Interface Specification(TIS) Version 1.3"
> +#
>  #  This library implements TIS (TPM Interface Specification) and  #  PTP
> (Platform TPM Profile) functions which is  #  used for every TPM 2.0
> command. Choosing this library means platform uses and  #  only uses TPM
> 2.0 DTPM device.
>  #
> -# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.
> +# Copyright (c) 2013 - 2017, Intel Corporation. All rights
> +reserved.
>  # This program and the accompanying materials  # are licensed and made
> available under the terms and conditions of the BSD License  # which
> accompanies this distribution. The full text of the license may be found at 
> diff
> --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
> b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
> index 8efc4e3..85415e8 100644
> --- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
> +++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
> @@ -1,5 +1,12 @@
>  ## @file
>  #  Produces Tcg2 protocol and measure boot environment
> +#
> +#  Spec Compliance Info:
> +#"TCG PC Client Platform Firmware Profile Specification for TPM Family
> 2.0 Level 00 Revision 00.21"
> +#  along with
> +#"Errata for PC Client Specific Platform Firmware Profile Specification
> Version 1.0 Revision 0.21"
> +#"TCG EFI Protocol Specification" "Family 2.0" "Level 00 Revision 00.13"
> +#
>  #  This module will produce Tcg2 protocol and measure boot environment.
>  #
>  #  Caution: This module requires additional review when modified.
> diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
> b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
> index 3477d82..1b79ee4 100644
> --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
> +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
> @@ -1,9 +1,14 @@

[edk2] [PATCH] CryptoPkg: Update package version to 0.97

2017-05-04 Thread Long Qin 
Update package version of CryptoPkg to 0.97.

Cc: Ting Ye 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long 
---
 CryptoPkg/CryptoPkg.dec | 2 +-
 CryptoPkg/CryptoPkg.dsc | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec
index b2fae6142a..afeb723211 100644
--- a/CryptoPkg/CryptoPkg.dec
+++ b/CryptoPkg/CryptoPkg.dec
@@ -20,7 +20,7 @@
   PACKAGE_NAME   = CryptoPkg
   PACKAGE_UNI_FILE   = CryptoPkg.uni
   PACKAGE_GUID   = 36470E80-36F2-4ba0-8CC8-937C7D9FF888
-  PACKAGE_VERSION= 0.96
+  PACKAGE_VERSION= 0.97
 
 [Includes]
   Include
diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc
index 468e60b5b1..07ff42c5b7 100644
--- a/CryptoPkg/CryptoPkg.dsc
+++ b/CryptoPkg/CryptoPkg.dsc
@@ -1,7 +1,7 @@
 ## @file
 #  Cryptographic Library Package for UEFI Security Implementation.
 #
-#  Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
+#  Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
 #  which accompanies this distribution.  The full text of the license may be 
found at
@@ -20,7 +20,7 @@
 [Defines]
   PLATFORM_NAME  = CryptoPkg
   PLATFORM_GUID  = E1063286-6C8C-4c25-AEF0-67A9A5B6E6B6
-  PLATFORM_VERSION   = 0.96
+  PLATFORM_VERSION   = 0.97
   DSC_SPECIFICATION  = 0x00010005
   OUTPUT_DIRECTORY   = Build/CryptoPkg
   SUPPORTED_ARCHITECTURES= IA32|X64|IPF|ARM|AARCH64
-- 
2.12.2.windows.2

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [Patch] CryptoPkg: Correct some minor issues in function comments

2017-04-14 Thread Long Qin 
Correct some minor comment issues in BaseCryptLib.h and
CryptPkcs7Verify.c, including:
  - missed "out" in parameter property for ARC4 interfaces;
  - Wrong Comment tail in Pkcs7GetAttachedContent function

Cc: Ting Ye <ting...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.l...@intel.com>
Signed-off-by: Long Qin <qin.l...@intel.com>
---
 CryptoPkg/Include/Library/BaseCryptLib.h | 18 +-
 CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c |  2 +-
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h 
b/CryptoPkg/Include/Library/BaseCryptLib.h
index 9f0f202668..9c5ffcd9cf 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -1790,10 +1790,10 @@ Arc4Init (
   If Output is NULL, then return FALSE.
   If this interface is not supported, then return FALSE.
 
-  @param[in]   Arc4Context  Pointer to the ARC4 context.
-  @param[in]   InputPointer to the buffer containing the data to be 
encrypted.
-  @param[in]   InputSizeSize of the Input buffer in bytes.
-  @param[out]  Output   Pointer to a buffer that receives the ARC4 
encryption output.
+  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
+  @param[in]   InputPointer to the buffer containing the data to 
be encrypted.
+  @param[in]   InputSizeSize of the Input buffer in bytes.
+  @param[out]  Output   Pointer to a buffer that receives the ARC4 
encryption output.
 
   @retval TRUE   ARC4 encryption succeeded.
   @retval FALSE  ARC4 encryption failed.
@@ -1822,10 +1822,10 @@ Arc4Encrypt (
   If Output is NULL, then return FALSE.
   If this interface is not supported, then return FALSE.
 
-  @param[in]   Arc4Context  Pointer to the ARC4 context.
-  @param[in]   InputPointer to the buffer containing the data to be 
decrypted.
-  @param[in]   InputSizeSize of the Input buffer in bytes.
-  @param[out]  Output   Pointer to a buffer that receives the ARC4 
decryption output.
+  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
+  @param[in]   InputPointer to the buffer containing the data to 
be decrypted.
+  @param[in]   InputSizeSize of the Input buffer in bytes.
+  @param[out]  Output   Pointer to a buffer that receives the ARC4 
decryption output.
 
   @retval TRUE   ARC4 decryption succeeded.
   @retval FALSE  ARC4 decryption failed.
@@ -2511,7 +2511,7 @@ Pkcs7Verify (
   @retval TRUE  The P7Data was correctly formatted for processing.
   @retval FALSE The P7Data was not correctly formatted for 
processing.
 
-*/
+**/
 BOOLEAN
 EFIAPI
 Pkcs7GetAttachedContent (
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
index bf24e92127..45d5df5e11 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
@@ -925,7 +925,7 @@ _Exit:
   @retval TRUE  The P7Data was correctly formatted for processing.
   @retval FALSE The P7Data was not correctly formatted for 
processing.
 
-*/
+**/
 BOOLEAN
 EFIAPI
 Pkcs7GetAttachedContent (
-- 
2.12.2.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] CryptoPkg compiles error: BIO_printf() andBIO_snprintf() redefined.

2017-04-13 Thread Long, Qin 
In general, the user needn’t to run “process_files.pl” to re-generate the INF 
file, if you are using the latest release (e.g. current 1.1.0e stated in the 
OpenSSL-HOWTO).
You can re-produce your INF file if any customization requirement (new OpenSSL 
version, new config flags, …).

Theprocss_files.pl was originally created in UNIX-like style (“#!/usr/bin/perl 
–w”).
So no more validations on those third-party Perl utility (ActivePerl, 
Strawberry, etc). Of cause, I can take a look at those Perl environments later.


Best Regards & Thanks,
LONG, Qin

From: winddy [mailto:winddy_zh...@foxmail.com]
Sent: Thursday, April 13, 2017 2:06 PM
To: Long, Qin <qin.l...@intel.com>; edk2-devel <edk2-devel@lists.01.org>
Subject: RE: [edk2] CryptoPkg compiles error: BIO_printf() andBIO_snprintf() 
redefined.

 Hi Qin,
So currently  our CryptoPkg init does not support third party perl tool 
such as  ActivePerl ?
Thanks.

--
BR
winddy_zhang



-- Original ------
From:  "Long, Qin";<qin.l...@intel.com<mailto:qin.l...@intel.com>>;
Date:  Thu, Apr 13, 2017 01:08 PM
To:  "winddy"<winddy_zh...@foxmail.com<mailto:winddy_zh...@foxmail.com>>; 
"edk2-devel"<edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>>;
Subject:  RE: [edk2] CryptoPkg compiles error: BIO_printf() andBIO_snprintf() 
redefined.



> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> winddy
> Sent: Thursday, April 13, 2017 10:39 AM
> To: edk2-devel <edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>>
> Subject: [edk2] CryptoPkg compiles error: BIO_printf() and BIO_snprintf()
> redefined.
>
> Hi experts,
>  Now I compile CryptoPkg in lastest UDK, I find there is a build error:
>
>  BaseCryptLib.lib(CrtWrapper.obj) : error LNK2005: BIO_snprintf already
> defined i n OpensslLib.lib(b_print.obj)
> BaseCryptLib.lib(CrtWrapper.obj) : error LNK2005: BIO_printf already defined
> in
> OpensslLib.lib(b_print.obj)
> d:\project\udkapp\udkapp\Build\WinddyPkg\RELEASE_DDK7600\X64\Windd
> yPkg\Dxe\Crypt
> Dxe\CryptDxe\DEBUG\CryptDxe.dll : fatal error LNK1169: one or more
> multiply defi ned symbols found

Please check your OpensslLib.inf, the b_print.c should not be there.
And the process_file.pl should filter this file into the final file list in INF.

>
>  Both c file "CryptoPkg\Library\BaseCryptLib\SysCall\CrtWrapper.c" and c
> file "CryptoPkg\Library\OpensslLib\openssl\crypto\bio\b_print.c" defined
> function BIO_printf(), BIO_snprintf().
>
>  I just remove the dummy functions in  CrtWrapper.c, the build process is
> successful.
>  Is that right?
>
>  BTW, I think someone maybe does not know how to run perl script for
> openssl library init,  so I write down my trying steps under windows 7 64 bit
> for your reference:
>  1. download and install ActivePerl-5.24.1.2402-MSWin32-x64-401627.exe
> 2. cmdline run "ppm install dmake"
> 3. download openssl-1.1.0e.tar.gz and unpack it to
> CryptoPkg/Library/OpensslLib/openssl.
> 4. rename "openssl\Configure" to "openssl\Configure.pl"
> 5. modify file process_files.pl line 49:  "./Configure" -> "Configure.pl"
> 6. under cmdline, cd to "CryptoPkg\Library\OpensslLib" and run
> "process_files.pl"

Use "Perl process_files.pl" is fine enough.
If you are using Windows and installed Git-Windows, just run "perl 
process_files.pl"
In your Git Bash (Perl should be included in your MINGW environment).

>
>  Thank you.
>
>
>
>   --
>   BR
>  winddy_zhang
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] CryptoPkg compiles error: BIO_printf() and BIO_snprintf() redefined.

2017-04-12 Thread Long, Qin 


> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> winddy
> Sent: Thursday, April 13, 2017 10:39 AM
> To: edk2-devel 
> Subject: [edk2] CryptoPkg compiles error: BIO_printf() and BIO_snprintf()
> redefined.
> 
> Hi experts,
>  Now I compile CryptoPkg in lastest UDK, I find there is a build error:
> 
>  BaseCryptLib.lib(CrtWrapper.obj) : error LNK2005: BIO_snprintf already
> defined i n OpensslLib.lib(b_print.obj)
> BaseCryptLib.lib(CrtWrapper.obj) : error LNK2005: BIO_printf already defined
> in
> OpensslLib.lib(b_print.obj)
> d:\project\udkapp\udkapp\Build\WinddyPkg\RELEASE_DDK7600\X64\Windd
> yPkg\Dxe\Crypt
> Dxe\CryptDxe\DEBUG\CryptDxe.dll : fatal error LNK1169: one or more
> multiply defi ned symbols found

Please check your OpensslLib.inf, the b_print.c should not be there.
And the process_file.pl should filter this file into the final file list in INF.

> 
>  Both c file "CryptoPkg\Library\BaseCryptLib\SysCall\CrtWrapper.c" and c
> file "CryptoPkg\Library\OpensslLib\openssl\crypto\bio\b_print.c" defined
> function BIO_printf(), BIO_snprintf().
> 
>  I just remove the dummy functions in  CrtWrapper.c, the build process is
> successful.
>  Is that right?
> 
>  BTW, I think someone maybe does not know how to run perl script for
> openssl library init,  so I write down my trying steps under windows 7 64 bit
> for your reference:
>  1. download and install ActivePerl-5.24.1.2402-MSWin32-x64-401627.exe
> 2. cmdline run "ppm install dmake"
> 3. download openssl-1.1.0e.tar.gz and unpack it to
> CryptoPkg/Library/OpensslLib/openssl.
> 4. rename "openssl\Configure" to "openssl\Configure.pl"
> 5. modify file process_files.pl line 49:  "./Configure" -> "Configure.pl"
> 6. under cmdline, cd to "CryptoPkg\Library\OpensslLib" and run
> "process_files.pl"

Use "Perl process_files.pl" is fine enough.
If you are using Windows and installed Git-Windows, just run "perl 
process_files.pl"
In your Git Bash (Perl should be included in your MINGW environment).

> 
>  Thank you.
> 
> 
> 
>   --
>   BR
>  winddy_zhang
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

  1   2   3   >