]>
Commit | Line | Data |
---|---|---|
97f98500 HT |
1 | --- crypto/bio/bss_file.c Thu Jan 15 17:14:12 1970\r |
2 | +++ crypto/bio/bss_file.c Thu Jan 15 17:14:12 1970\r | |
3 | @@ -421,6 +421,23 @@\r | |
4 | return(ret);\r | |
5 | }\r | |
6 | \r | |
7 | +#else\r | |
8 | +\r | |
9 | +BIO_METHOD *BIO_s_file(void)\r | |
10 | + {\r | |
11 | + return NULL;\r | |
12 | + }\r | |
13 | +\r | |
14 | +BIO *BIO_new_file(const char *filename, const char *mode)\r | |
15 | + {\r | |
16 | + return NULL;\r | |
17 | + }\r | |
18 | +\r | |
19 | +BIO *BIO_new_fp(FILE *stream, int close_flag)\r | |
20 | + {\r | |
21 | + return NULL;\r | |
22 | + }\r | |
23 | +\r | |
24 | #endif /* OPENSSL_NO_STDIO */\r | |
25 | \r | |
26 | #endif /* HEADER_BSS_FILE_C */\r | |
4d6afad3 | 27 | --- crypto/err/err.c\r |
28 | +++ crypto/err/err.c\r | |
29 | @@ -313,7 +313,12 @@\r | |
30 | es->err_data_flags[i]=flags;\r | |
31 | }\r | |
32 | \r | |
33 | +/* Add EFIAPI for UEFI version. */\r | |
34 | +#if defined(OPENSSL_SYS_UEFI)\r | |
35 | +void EFIAPI ERR_add_error_data(int num, ...)\r | |
36 | +#else\r | |
37 | void ERR_add_error_data(int num, ...)\r | |
38 | +#endif\r | |
39 | {\r | |
40 | va_list args;\r | |
41 | int i,n,s;\r | |
42 | --- crypto/err/err.h\r | |
43 | +++ crypto/err/err.h\r | |
44 | @@ -286,8 +286,14 @@\r | |
45 | #endif\r | |
46 | #ifndef OPENSSL_NO_BIO\r | |
47 | void ERR_print_errors(BIO *bp);\r | |
48 | +\r | |
49 | +/* Add EFIAPI for UEFI version. */\r | |
50 | +#if defined(OPENSSL_SYS_UEFI)\r | |
51 | +void EFIAPI ERR_add_error_data(int num, ...);\r | |
52 | +#else\r | |
53 | void ERR_add_error_data(int num, ...);\r | |
54 | #endif\r | |
55 | +#endif\r | |
56 | void ERR_load_strings(int lib,ERR_STRING_DATA str[]);\r | |
57 | void ERR_unload_strings(int lib,ERR_STRING_DATA str[]);\r | |
58 | void ERR_load_ERR_strings(void);\r | |
59 | --- crypto/opensslconf.h\r | |
60 | +++ crypto/opensslconf.h\r | |
61 | @@ -162,6 +162,9 @@\r | |
62 | /* The prime number generation stuff may not work when\r | |
63 | * EIGHT_BIT but I don't care since I've only used this mode\r | |
64 | * for debuging the bignum libraries */\r | |
65 | +\r | |
66 | +/* Bypass following definition for UEFI version. */\r | |
67 | +#if !defined(OPENSSL_SYS_UEFI)\r | |
68 | #undef SIXTY_FOUR_BIT_LONG\r | |
69 | #undef SIXTY_FOUR_BIT\r | |
70 | #define THIRTY_TWO_BIT\r | |
71 | @@ -169,6 +172,8 @@\r | |
72 | #undef EIGHT_BIT\r | |
73 | #endif\r | |
74 | \r | |
75 | +#endif\r | |
76 | +\r | |
77 | #if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)\r | |
78 | #define CONFIG_HEADER_RC4_LOCL_H\r | |
79 | /* if this is defined data[i] is used instead of *data, this is a %20\r | |
a2d111ed | 80 | --- crypto/pkcs7/pk7_smime.c 2009-03-15 21:36:02.000000000 +0800\r |
81 | +++ crypto/pkcs7/pk7_smime.c 2011-09-13 14:11:36.019454700 +0800\r | |
82 | @@ -88,7 +88,10 @@\r | |
83 | if (!PKCS7_content_new(p7, NID_pkcs7_data))\r | |
84 | goto err;\r | |
85 | \r | |
86 | - if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) {\r | |
87 | + /* \r | |
88 | + NOTE: Update to SHA-256 digest algorithm for UEFI version.\r | |
89 | + */\r | |
90 | + if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha256()))) {\r | |
91 | PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);\r | |
92 | goto err;\r | |
93 | }\r | |
97f98500 HT |
94 | --- crypto/rand/rand_egd.c Thu Jan 15 17:14:12 1970\r |
95 | +++ crypto/rand/rand_egd.c Thu Jan 15 17:14:12 1970\r | |
96 | @@ -95,7 +95,7 @@\r | |
97 | * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.\r | |
98 | */\r | |
99 | \r | |
100 | -#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS)\r | |
101 | +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI)\r | |
102 | int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)\r | |
103 | {\r | |
104 | return(-1);\r | |
105 | --- crypto/rand/rand_unix.c Thu Jan 15 17:14:12 1970\r | |
106 | +++ crypto/rand/rand_unix.c Thu Jan 15 17:14:12 1970\r | |
107 | @@ -116,7 +116,7 @@\r | |
108 | #include <openssl/rand.h>\r | |
109 | #include "rand_lcl.h"\r | |
110 | \r | |
111 | -#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))\r | |
112 | +#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_UEFI))\r | |
113 | \r | |
114 | #include <sys/types.h>\r | |
115 | #include <sys/time.h>\r | |
116 | @@ -322,7 +322,7 @@\r | |
117 | #endif /* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */\r | |
118 | \r | |
119 | \r | |
120 | -#if defined(OPENSSL_SYS_VXWORKS)\r | |
121 | +#if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)\r | |
122 | int RAND_poll(void)\r | |
123 | {\r | |
124 | return 0;\r | |
125 | --- crypto/x509/x509_vfy.c Thu Jan 15 17:14:12 1970\r | |
126 | +++ crypto/x509/x509_vfy.c Thu Jan 15 17:14:12 1970\r | |
127 | @@ -391,7 +391,12 @@\r | |
128 | \r | |
129 | static int check_chain_extensions(X509_STORE_CTX *ctx)\r | |
130 | {\r | |
131 | -#ifdef OPENSSL_NO_CHAIN_VERIFY\r | |
132 | +//#ifdef OPENSSL_NO_CHAIN_VERIFY\r | |
133 | +#if defined(OPENSSL_NO_CHAIN_VERIFY) || defined(OPENSSL_SYS_UEFI)\r | |
134 | + /* \r | |
135 | + NOTE: Bypass KU Flags Checking for UEFI version. There are incorrect KU flag setting\r | |
136 | + in Authenticode Signing Certificates. \r | |
137 | + */\r | |
138 | return 1;\r | |
139 | #else\r | |
140 | int i, ok=0, must_be_ca, plen = 0;\r | |
141 | @@ -904,6 +909,10 @@\r | |
142 | \r | |
143 | static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)\r | |
144 | {\r | |
145 | +#if defined(OPENSSL_SYS_UEFI)\r | |
146 | + /* Bypass Certificate Time Checking for UEFI version. */\r | |
147 | + return 1;\r | |
148 | +#else\r | |
149 | time_t *ptime;\r | |
150 | int i;\r | |
151 | \r | |
152 | @@ -947,6 +956,7 @@\r | |
153 | }\r | |
154 | \r | |
155 | return 1;\r | |
156 | +#endif \r | |
157 | }\r | |
158 | \r | |
159 | static int internal_verify(X509_STORE_CTX *ctx)\r |