* Update BaseCryptLib internal worker functions to be 'STATIC'
* Update BaseCryptLib internal working functions to not use EFIAPI
* Add GLOBAL_REMOVE_IF_UNREFERENCED to BaseCryptLib global variables
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
"ExceptionList": [\r
"8001", "IsLeap",\r
"8001", "OBJ_get0_data",\r
"ExceptionList": [\r
"8001", "IsLeap",\r
"8001", "OBJ_get0_data",\r
+ "8001", "OBJ_length",\r
+ "5005", "X509PopCertificate"\r
],\r
## Both file path and directory path are accepted.\r
"IgnoreFiles": [\r
],\r
## Both file path and directory path are accepted.\r
"IgnoreFiles": [\r
If the allocations fails, HmacMdNew() returns NULL.\r
\r
**/\r
If the allocations fails, HmacMdNew() returns NULL.\r
\r
**/\r
VOID *\r
HmacMdNew (\r
VOID\r
VOID *\r
HmacMdNew (\r
VOID\r
@param[in] HmacMdCtx Pointer to the HMAC_CTX context to be released.\r
\r
**/\r
@param[in] HmacMdCtx Pointer to the HMAC_CTX context to be released.\r
\r
**/\r
VOID\r
HmacMdFree (\r
IN VOID *HmacMdCtx\r
VOID\r
HmacMdFree (\r
IN VOID *HmacMdCtx\r
@retval FALSE The Key is set unsuccessfully.\r
\r
**/\r
@retval FALSE The Key is set unsuccessfully.\r
\r
**/\r
BOOLEAN\r
HmacMdSetKey (\r
IN CONST EVP_MD *Md,\r
BOOLEAN\r
HmacMdSetKey (\r
IN CONST EVP_MD *Md,\r
@retval FALSE HMAC-MD context copy failed.\r
\r
**/\r
@retval FALSE HMAC-MD context copy failed.\r
\r
**/\r
BOOLEAN\r
HmacMdDuplicate (\r
IN CONST VOID *HmacMdContext,\r
BOOLEAN\r
HmacMdDuplicate (\r
IN CONST VOID *HmacMdContext,\r
@retval FALSE HMAC-MD data digest failed.\r
\r
**/\r
@retval FALSE HMAC-MD data digest failed.\r
\r
**/\r
BOOLEAN\r
HmacMdUpdate (\r
IN OUT VOID *HmacMdContext,\r
BOOLEAN\r
HmacMdUpdate (\r
IN OUT VOID *HmacMdContext,\r
@retval FALSE HMAC-MD digest computation failed.\r
\r
**/\r
@retval FALSE HMAC-MD digest computation failed.\r
\r
**/\r
BOOLEAN\r
HmacMdFinal (\r
IN OUT VOID *HmacMdContext,\r
BOOLEAN\r
HmacMdFinal (\r
IN OUT VOID *HmacMdContext,\r
@retval FALSE This interface is not supported.\r
\r
**/\r
@retval FALSE This interface is not supported.\r
\r
**/\r
BOOLEAN\r
HmacMdAll (\r
IN CONST EVP_MD *Md,\r
BOOLEAN\r
HmacMdAll (\r
IN CONST EVP_MD *Md,\r
-#include <Library/BaseCryptLib.h>\r
+#include "InternalCryptLib.h"\r
#include <openssl/evp.h>\r
#include <openssl/kdf.h>\r
\r
#include <openssl/evp.h>\r
#include <openssl/kdf.h>\r
\r
@retval FALSE Hkdf generation failed.\r
\r
**/\r
@retval FALSE Hkdf generation failed.\r
\r
**/\r
BOOLEAN\r
HkdfMdExtractAndExpand (\r
IN CONST EVP_MD *Md,\r
BOOLEAN\r
HkdfMdExtractAndExpand (\r
IN CONST EVP_MD *Md,\r
@retval false Hkdf generation failed.\r
\r
**/\r
@retval false Hkdf generation failed.\r
\r
**/\r
BOOLEAN\r
HkdfMdExtract (\r
IN CONST EVP_MD *Md,\r
BOOLEAN\r
HkdfMdExtract (\r
IN CONST EVP_MD *Md,\r
@retval FALSE Hkdf generation failed.\r
\r
**/\r
@retval FALSE Hkdf generation failed.\r
\r
**/\r
BOOLEAN\r
HkdfMdExpand (\r
IN CONST EVP_MD *Md,\r
BOOLEAN\r
HkdfMdExpand (\r
IN CONST EVP_MD *Md,\r
//\r
// OID ASN.1 Value for SPC_INDIRECT_DATA_OBJID\r
//\r
//\r
// OID ASN.1 Value for SPC_INDIRECT_DATA_OBJID\r
//\r
-UINT8 mSpcIndirectOidValue[] = {\r
+GLOBAL_REMOVE_IF_UNREFERENCED const UINT8 mSpcIndirectOidValue[] = {\r
0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x04\r
};\r
\r
0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x04\r
};\r
\r
#include <openssl/x509v3.h>\r
#include <openssl/pkcs7.h>\r
\r
#include <openssl/x509v3.h>\r
#include <openssl/pkcs7.h>\r
\r
-UINT8 mOidValue[9] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02 };\r
+GLOBAL_REMOVE_IF_UNREFERENCED const UINT8 mOidValue[9] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02 };\r
\r
/**\r
Check input P7Data is a wrapped ContentInfo structure or not. If not construct\r
\r
/**\r
Check input P7Data is a wrapped ContentInfo structure or not. If not construct\r
@retval FALSE The pop operation failed.\r
\r
**/\r
@retval FALSE The pop operation failed.\r
\r
**/\r
BOOLEAN\r
X509PopCertificate (\r
IN VOID *X509Stack,\r
BOOLEAN\r
X509PopCertificate (\r
IN VOID *X509Stack,\r
@retval EFI_NOT_FOUND The number of signers found was not 1.\r
\r
**/\r
@retval EFI_NOT_FOUND The number of signers found was not 1.\r
\r
**/\r
EFI_STATUS\r
GetSignerCertificate (\r
IN CONST PKCS7 *CertChain,\r
EFI_STATUS\r
GetSignerCertificate (\r
IN CONST PKCS7 *CertChain,\r
@retval EFI_NOT_FOUND One or more EKU's were not found in the signature.\r
\r
**/\r
@retval EFI_NOT_FOUND One or more EKU's were not found in the signature.\r
\r
**/\r
EFI_STATUS\r
IsEkuInCertificate (\r
IN CONST X509 *Cert,\r
EFI_STATUS\r
IsEkuInCertificate (\r
IN CONST X509 *Cert,\r
@retval EFI_INVALID_PARAMETER A parameter was invalid.\r
@retval EFI_NOT_FOUND One or more EKU's were not found in the signature.\r
**/\r
@retval EFI_INVALID_PARAMETER A parameter was invalid.\r
@retval EFI_NOT_FOUND One or more EKU's were not found in the signature.\r
**/\r
EFI_STATUS\r
CheckEKUs (\r
IN CONST X509 *SignerCert,\r
EFI_STATUS\r
CheckEKUs (\r
IN CONST X509 *SignerCert,\r
//\r
// OID ASN.1 Value for SPC_RFC3161_OBJID ("1.3.6.1.4.1.311.3.3.1")\r
//\r
//\r
// OID ASN.1 Value for SPC_RFC3161_OBJID ("1.3.6.1.4.1.311.3.3.1")\r
//\r
-UINT8 mSpcRFC3161OidValue[] = {\r
+GLOBAL_REMOVE_IF_UNREFERENCED const UINT8 mSpcRFC3161OidValue[] = {\r
0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x03, 0x03, 0x01\r
};\r
\r
0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x03, 0x03, 0x01\r
};\r
\r
//\r
// ASN.1 Functions for TS_MESSAGE_IMPRINT\r
//\r
//\r
// ASN.1 Functions for TS_MESSAGE_IMPRINT\r
//\r
-DECLARE_ASN1_FUNCTIONS (TS_MESSAGE_IMPRINT)\r
-ASN1_SEQUENCE (TS_MESSAGE_IMPRINT) = {\r
+GLOBAL_REMOVE_IF_UNREFERENCED\r
+DECLARE_ASN1_FUNCTIONS (\r
+ TS_MESSAGE_IMPRINT\r
+ )\r
+ASN1_SEQUENCE (TS_MESSAGE_IMPRINT) =\r
+{\r
ASN1_SIMPLE (TS_MESSAGE_IMPRINT, HashAlgorithm, X509_ALGOR),\r
ASN1_SIMPLE (TS_MESSAGE_IMPRINT, HashedMessage, ASN1_OCTET_STRING)\r
ASN1_SIMPLE (TS_MESSAGE_IMPRINT, HashAlgorithm, X509_ALGOR),\r
ASN1_SIMPLE (TS_MESSAGE_IMPRINT, HashedMessage, ASN1_OCTET_STRING)\r
-} ASN1_SEQUENCE_END (TS_MESSAGE_IMPRINT)\r
+}\r
+\r
+ASN1_SEQUENCE_END (TS_MESSAGE_IMPRINT)\r
IMPLEMENT_ASN1_FUNCTIONS (TS_MESSAGE_IMPRINT)\r
\r
///\r
IMPLEMENT_ASN1_FUNCTIONS (TS_MESSAGE_IMPRINT)\r
\r
///\r
//\r
// ASN.1 Functions for TS_ACCURACY\r
//\r
//\r
// ASN.1 Functions for TS_ACCURACY\r
//\r
-DECLARE_ASN1_FUNCTIONS (TS_ACCURACY)\r
-ASN1_SEQUENCE (TS_ACCURACY) = {\r
+GLOBAL_REMOVE_IF_UNREFERENCED\r
+DECLARE_ASN1_FUNCTIONS (\r
+ TS_ACCURACY\r
+ )\r
+ASN1_SEQUENCE (TS_ACCURACY) =\r
+{\r
ASN1_OPT (TS_ACCURACY, Seconds, ASN1_INTEGER),\r
ASN1_IMP_OPT (TS_ACCURACY, Millis, ASN1_INTEGER, 0),\r
ASN1_IMP_OPT (TS_ACCURACY, Micros, ASN1_INTEGER, 1)\r
ASN1_OPT (TS_ACCURACY, Seconds, ASN1_INTEGER),\r
ASN1_IMP_OPT (TS_ACCURACY, Millis, ASN1_INTEGER, 0),\r
ASN1_IMP_OPT (TS_ACCURACY, Micros, ASN1_INTEGER, 1)\r
-} ASN1_SEQUENCE_END (TS_ACCURACY)\r
+}\r
+\r
+ASN1_SEQUENCE_END (TS_ACCURACY)\r
IMPLEMENT_ASN1_FUNCTIONS (TS_ACCURACY)\r
\r
///\r
IMPLEMENT_ASN1_FUNCTIONS (TS_ACCURACY)\r
\r
///\r
//\r
// ASN.1 Functions for TS_TST_INFO\r
//\r
//\r
// ASN.1 Functions for TS_TST_INFO\r
//\r
-DECLARE_ASN1_FUNCTIONS (TS_TST_INFO)\r
-ASN1_SEQUENCE (TS_TST_INFO) = {\r
+GLOBAL_REMOVE_IF_UNREFERENCED\r
+DECLARE_ASN1_FUNCTIONS (\r
+ TS_TST_INFO\r
+ )\r
+ASN1_SEQUENCE (TS_TST_INFO) =\r
+{\r
ASN1_SIMPLE (TS_TST_INFO, Version, ASN1_INTEGER),\r
ASN1_SIMPLE (TS_TST_INFO, Policy, ASN1_OBJECT),\r
ASN1_SIMPLE (TS_TST_INFO, MessageImprint, TS_MESSAGE_IMPRINT),\r
ASN1_SIMPLE (TS_TST_INFO, Version, ASN1_INTEGER),\r
ASN1_SIMPLE (TS_TST_INFO, Policy, ASN1_OBJECT),\r
ASN1_SIMPLE (TS_TST_INFO, MessageImprint, TS_MESSAGE_IMPRINT),\r
ASN1_OPT (TS_TST_INFO, Nonce, ASN1_INTEGER),\r
ASN1_EXP_OPT (TS_TST_INFO, Tsa, GENERAL_NAME, 0),\r
ASN1_IMP_SEQUENCE_OF_OPT (TS_TST_INFO, Extensions, X509_EXTENSION, 1)\r
ASN1_OPT (TS_TST_INFO, Nonce, ASN1_INTEGER),\r
ASN1_EXP_OPT (TS_TST_INFO, Tsa, GENERAL_NAME, 0),\r
ASN1_IMP_SEQUENCE_OF_OPT (TS_TST_INFO, Extensions, X509_EXTENSION, 1)\r
-} ASN1_SEQUENCE_END (TS_TST_INFO)\r
+}\r
+\r
+ASN1_SEQUENCE_END (TS_TST_INFO)\r
IMPLEMENT_ASN1_FUNCTIONS (TS_TST_INFO)\r
\r
/**\r
IMPLEMENT_ASN1_FUNCTIONS (TS_TST_INFO)\r
\r
/**\r
@retval FALSE Invalid parameters.\r
\r
**/\r
@retval FALSE Invalid parameters.\r
\r
**/\r
ConvertAsn1TimeToEfiTime (\r
IN ASN1_TIME *Asn1Time,\r
OUT EFI_TIME *EfiTime\r
ConvertAsn1TimeToEfiTime (\r
IN ASN1_TIME *Asn1Time,\r
OUT EFI_TIME *EfiTime\r
@retval FALSE Invalid TimeStamp Token Information.\r
\r
**/\r
@retval FALSE Invalid TimeStamp Token Information.\r
\r
**/\r
CheckTSTInfo (\r
IN CONST TS_TST_INFO *TstInfo,\r
IN CONST UINT8 *TimestampedData,\r
CheckTSTInfo (\r
IN CONST TS_TST_INFO *TstInfo,\r
IN CONST UINT8 *TimestampedData,\r
@retval FALSE Invalid timestamp token.\r
\r
**/\r
@retval FALSE Invalid timestamp token.\r
\r
**/\r
TimestampTokenVerify (\r
IN CONST UINT8 *TSToken,\r
IN UINTN TokenSize,\r
TimestampTokenVerify (\r
IN CONST UINT8 *TSToken,\r
IN UINTN TokenSize,\r