232d61ad7e
- Update to 14 - Adjust make commands in spec - Drop upstreamed fixes - Add patches to avoid build failure - Update SUSE/openSUSE specific patches OBS-URL: https://build.opensuse.org/request/show/561561 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=135
224 lines
6.7 KiB
Diff
224 lines
6.7 KiB
Diff
From 063d4aa37d271ce5c30a9c7a1746af421d40ca17 Mon Sep 17 00:00:00 2001
|
|
From: Gary Lin <glin@suse.com>
|
|
Date: Thu, 4 Jan 2018 14:54:34 +0800
|
|
Subject: [PATCH] Cryptlib: replace CryptPem with CryptPemNull
|
|
|
|
We don't need the functions in CryptPem.c.
|
|
|
|
Signed-off-by: Gary Lin <glin@suse.com>
|
|
---
|
|
Cryptlib/Makefile | 2 +-
|
|
Cryptlib/Pem/CryptPem.c | 135 --------------------------------------------
|
|
Cryptlib/Pem/CryptPemNull.c | 44 +++++++++++++++
|
|
3 files changed, 45 insertions(+), 136 deletions(-)
|
|
delete mode 100644 Cryptlib/Pem/CryptPem.c
|
|
create mode 100644 Cryptlib/Pem/CryptPemNull.c
|
|
|
|
diff --git a/Cryptlib/Makefile b/Cryptlib/Makefile
|
|
index bf9d0dc..a025ac5 100644
|
|
--- a/Cryptlib/Makefile
|
|
+++ b/Cryptlib/Makefile
|
|
@@ -40,7 +40,7 @@ OBJS = Hash/CryptMd4Null.o \
|
|
Pk/CryptTs.o \
|
|
Pk/CryptX509.o \
|
|
Pk/CryptAuthenticode.o \
|
|
- Pem/CryptPem.o \
|
|
+ Pem/CryptPemNull.o \
|
|
SysCall/CrtWrapper.o \
|
|
SysCall/TimerWrapper.o \
|
|
SysCall/BaseMemAllocation.o \
|
|
diff --git a/Cryptlib/Pem/CryptPem.c b/Cryptlib/Pem/CryptPem.c
|
|
deleted file mode 100644
|
|
index 51e648b..0000000
|
|
--- a/Cryptlib/Pem/CryptPem.c
|
|
+++ /dev/null
|
|
@@ -1,135 +0,0 @@
|
|
-/** @file
|
|
- PEM (Privacy Enhanced Mail) Format Handler Wrapper Implementation over OpenSSL.
|
|
-
|
|
-Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR>
|
|
-This program and the accompanying materials
|
|
-are licensed and made available under the terms and conditions of the BSD License
|
|
-which accompanies this distribution. The full text of the license may be found at
|
|
-http://opensource.org/licenses/bsd-license.php
|
|
-
|
|
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
|
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
|
-
|
|
-**/
|
|
-
|
|
-#include "InternalCryptLib.h"
|
|
-#include <openssl/pem.h>
|
|
-
|
|
-/**
|
|
- Callback function for password phrase conversion used for retrieving the encrypted PEM.
|
|
-
|
|
- @param[out] Buf Pointer to the buffer to write the passphrase to.
|
|
- @param[in] Size Maximum length of the passphrase (i.e. the size of Buf).
|
|
- @param[in] Flag A flag which is set to 0 when reading and 1 when writing.
|
|
- @param[in] Key Key data to be passed to the callback routine.
|
|
-
|
|
- @retval The number of characters in the passphrase or 0 if an error occurred.
|
|
-
|
|
-**/
|
|
-INTN
|
|
-PasswordCallback (
|
|
- OUT CHAR8 *Buf,
|
|
- IN INTN Size,
|
|
- IN INTN Flag,
|
|
- IN VOID *Key
|
|
- )
|
|
-{
|
|
- INTN KeyLength;
|
|
-
|
|
- ZeroMem ((VOID *) Buf, (UINTN) Size);
|
|
- if (Key != NULL) {
|
|
- //
|
|
- // Duplicate key phrase directly.
|
|
- //
|
|
- KeyLength = (INTN) AsciiStrLen ((CHAR8 *)Key);
|
|
- KeyLength = (KeyLength > Size ) ? Size : KeyLength;
|
|
- CopyMem (Buf, Key, (UINTN) KeyLength);
|
|
- return KeyLength;
|
|
- } else {
|
|
- return 0;
|
|
- }
|
|
-}
|
|
-
|
|
-/**
|
|
- Retrieve the RSA Private Key from the password-protected PEM key data.
|
|
-
|
|
- @param[in] PemData Pointer to the PEM-encoded key data to be retrieved.
|
|
- @param[in] PemSize Size of the PEM key data in bytes.
|
|
- @param[in] Password NULL-terminated passphrase used for encrypted PEM key data.
|
|
- @param[out] RsaContext Pointer to new-generated RSA context which contain the retrieved
|
|
- RSA private key component. Use RsaFree() function to free the
|
|
- resource.
|
|
-
|
|
- If PemData is NULL, then return FALSE.
|
|
- If RsaContext is NULL, then return FALSE.
|
|
-
|
|
- @retval TRUE RSA Private Key was retrieved successfully.
|
|
- @retval FALSE Invalid PEM key data or incorrect password.
|
|
-
|
|
-**/
|
|
-BOOLEAN
|
|
-EFIAPI
|
|
-RsaGetPrivateKeyFromPem (
|
|
- IN CONST UINT8 *PemData,
|
|
- IN UINTN PemSize,
|
|
- IN CONST CHAR8 *Password,
|
|
- OUT VOID **RsaContext
|
|
- )
|
|
-{
|
|
- BOOLEAN Status;
|
|
- BIO *PemBio;
|
|
-
|
|
- //
|
|
- // Check input parameters.
|
|
- //
|
|
- if (PemData == NULL || RsaContext == NULL || PemSize > INT_MAX) {
|
|
- return FALSE;
|
|
- }
|
|
-
|
|
- //
|
|
- // Add possible block-cipher descriptor for PEM data decryption.
|
|
- // NOTE: Only support most popular ciphers (3DES, AES) for the encrypted PEM.
|
|
- //
|
|
- if (EVP_add_cipher (EVP_des_ede3_cbc ()) == 0) {
|
|
- return FALSE;
|
|
- }
|
|
- if (EVP_add_cipher (EVP_aes_128_cbc ()) == 0) {
|
|
- return FALSE;
|
|
- }
|
|
- if (EVP_add_cipher (EVP_aes_192_cbc ()) == 0) {
|
|
- return FALSE;
|
|
- }
|
|
- if (EVP_add_cipher (EVP_aes_256_cbc ()) == 0) {
|
|
- return FALSE;
|
|
- }
|
|
-
|
|
- Status = FALSE;
|
|
-
|
|
- //
|
|
- // Read encrypted PEM Data.
|
|
- //
|
|
- PemBio = BIO_new (BIO_s_mem ());
|
|
- if (PemBio == NULL) {
|
|
- goto _Exit;
|
|
- }
|
|
-
|
|
- if (BIO_write (PemBio, PemData, (int) PemSize) <= 0) {
|
|
- goto _Exit;
|
|
- }
|
|
-
|
|
- //
|
|
- // Retrieve RSA Private Key from encrypted PEM data.
|
|
- //
|
|
- *RsaContext = PEM_read_bio_RSAPrivateKey (PemBio, NULL, (pem_password_cb *) &PasswordCallback, (void *) Password);
|
|
- if (*RsaContext != NULL) {
|
|
- Status = TRUE;
|
|
- }
|
|
-
|
|
-_Exit:
|
|
- //
|
|
- // Release Resources.
|
|
- //
|
|
- BIO_free (PemBio);
|
|
-
|
|
- return Status;
|
|
-}
|
|
diff --git a/Cryptlib/Pem/CryptPemNull.c b/Cryptlib/Pem/CryptPemNull.c
|
|
new file mode 100644
|
|
index 0000000..8c9e4f0
|
|
--- /dev/null
|
|
+++ b/Cryptlib/Pem/CryptPemNull.c
|
|
@@ -0,0 +1,44 @@
|
|
+/** @file
|
|
+ PEM (Privacy Enhanced Mail) Format Handler Wrapper Implementation which does
|
|
+ not provide real capabilities.
|
|
+
|
|
+Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
|
|
+This program and the accompanying materials
|
|
+are licensed and made available under the terms and conditions of the BSD License
|
|
+which accompanies this distribution. The full text of the license may be found at
|
|
+http://opensource.org/licenses/bsd-license.php
|
|
+
|
|
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
|
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
|
+
|
|
+**/
|
|
+
|
|
+#include "InternalCryptLib.h"
|
|
+
|
|
+/**
|
|
+ Retrieve the RSA Private Key from the password-protected PEM key data.
|
|
+
|
|
+ Return FALSE to indicate this interface is not supported.
|
|
+
|
|
+ @param[in] PemData Pointer to the PEM-encoded key data to be retrieved.
|
|
+ @param[in] PemSize Size of the PEM key data in bytes.
|
|
+ @param[in] Password NULL-terminated passphrase used for encrypted PEM key data.
|
|
+ @param[out] RsaContext Pointer to new-generated RSA context which contain the retrieved
|
|
+ RSA private key component. Use RsaFree() function to free the
|
|
+ resource.
|
|
+
|
|
+ @retval FALSE This interface is not supported.
|
|
+
|
|
+**/
|
|
+BOOLEAN
|
|
+EFIAPI
|
|
+RsaGetPrivateKeyFromPem (
|
|
+ IN CONST UINT8 *PemData,
|
|
+ IN UINTN PemSize,
|
|
+ IN CONST CHAR8 *Password,
|
|
+ OUT VOID **RsaContext
|
|
+ )
|
|
+{
|
|
+ ASSERT (FALSE);
|
|
+ return FALSE;
|
|
+}
|
|
--
|
|
2.15.1
|
|
|