]>
Commit | Line | Data |
---|---|---|
97f98500 HT |
1 | --- crypto/bio/bss_file.c Thu Jan 15 17:14:12 1970\r |
2 | +++ crypto/bio/bss_file.c Thu Jan 15 17:14:12 1970\r | |
3 | @@ -421,6 +421,23 @@\r | |
4 | return(ret);\r | |
5 | }\r | |
6 | \r | |
7 | +#else\r | |
8 | +\r | |
9 | +BIO_METHOD *BIO_s_file(void)\r | |
10 | + {\r | |
11 | + return NULL;\r | |
12 | + }\r | |
13 | +\r | |
14 | +BIO *BIO_new_file(const char *filename, const char *mode)\r | |
15 | + {\r | |
16 | + return NULL;\r | |
17 | + }\r | |
18 | +\r | |
19 | +BIO *BIO_new_fp(FILE *stream, int close_flag)\r | |
20 | + {\r | |
21 | + return NULL;\r | |
22 | + }\r | |
23 | +\r | |
24 | #endif /* OPENSSL_NO_STDIO */\r | |
25 | \r | |
26 | #endif /* HEADER_BSS_FILE_C */\r | |
a2d111ed | 27 | --- crypto/pkcs7/pk7_smime.c 2009-03-15 21:36:02.000000000 +0800\r |
28 | +++ crypto/pkcs7/pk7_smime.c 2011-09-13 14:11:36.019454700 +0800\r | |
29 | @@ -88,7 +88,10 @@\r | |
30 | if (!PKCS7_content_new(p7, NID_pkcs7_data))\r | |
31 | goto err;\r | |
32 | \r | |
33 | - if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) {\r | |
34 | + /* \r | |
35 | + NOTE: Update to SHA-256 digest algorithm for UEFI version.\r | |
36 | + */\r | |
37 | + if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha256()))) {\r | |
38 | PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);\r | |
39 | goto err;\r | |
40 | }\r | |
97f98500 HT |
41 | --- crypto/rand/rand_egd.c Thu Jan 15 17:14:12 1970\r |
42 | +++ crypto/rand/rand_egd.c Thu Jan 15 17:14:12 1970\r | |
43 | @@ -95,7 +95,7 @@\r | |
44 | * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.\r | |
45 | */\r | |
46 | \r | |
47 | -#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS)\r | |
48 | +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI)\r | |
49 | int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)\r | |
50 | {\r | |
51 | return(-1);\r | |
52 | --- crypto/rand/rand_unix.c Thu Jan 15 17:14:12 1970\r | |
53 | +++ crypto/rand/rand_unix.c Thu Jan 15 17:14:12 1970\r | |
54 | @@ -116,7 +116,7 @@\r | |
55 | #include <openssl/rand.h>\r | |
56 | #include "rand_lcl.h"\r | |
57 | \r | |
58 | -#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))\r | |
59 | +#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_UEFI))\r | |
60 | \r | |
61 | #include <sys/types.h>\r | |
62 | #include <sys/time.h>\r | |
63 | @@ -322,7 +322,7 @@\r | |
64 | #endif /* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */\r | |
65 | \r | |
66 | \r | |
67 | -#if defined(OPENSSL_SYS_VXWORKS)\r | |
68 | +#if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)\r | |
69 | int RAND_poll(void)\r | |
70 | {\r | |
71 | return 0;\r | |
72 | --- crypto/x509/x509_vfy.c Thu Jan 15 17:14:12 1970\r | |
73 | +++ crypto/x509/x509_vfy.c Thu Jan 15 17:14:12 1970\r | |
74 | @@ -391,7 +391,12 @@\r | |
75 | \r | |
76 | static int check_chain_extensions(X509_STORE_CTX *ctx)\r | |
77 | {\r | |
78 | -#ifdef OPENSSL_NO_CHAIN_VERIFY\r | |
79 | +//#ifdef OPENSSL_NO_CHAIN_VERIFY\r | |
80 | +#if defined(OPENSSL_NO_CHAIN_VERIFY) || defined(OPENSSL_SYS_UEFI)\r | |
81 | + /* \r | |
82 | + NOTE: Bypass KU Flags Checking for UEFI version. There are incorrect KU flag setting\r | |
83 | + in Authenticode Signing Certificates. \r | |
84 | + */\r | |
85 | return 1;\r | |
86 | #else\r | |
87 | int i, ok=0, must_be_ca, plen = 0;\r | |
88 | @@ -904,6 +909,10 @@\r | |
89 | \r | |
90 | static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)\r | |
91 | {\r | |
92 | +#if defined(OPENSSL_SYS_UEFI)\r | |
93 | + /* Bypass Certificate Time Checking for UEFI version. */\r | |
94 | + return 1;\r | |
95 | +#else\r | |
96 | time_t *ptime;\r | |
97 | int i;\r | |
98 | \r | |
99 | @@ -947,6 +956,7 @@\r | |
100 | }\r | |
101 | \r | |
102 | return 1;\r | |
103 | +#endif \r | |
104 | }\r | |
105 | \r | |
106 | static int internal_verify(X509_STORE_CTX *ctx)\r |