From a2d111ed2563fb02fdd9a4cc08047ef4d1c58b35 Mon Sep 17 00:00:00 2001
From: tye1 <tye1@6f19259b-4bc3-4df7-8a09-765794883524>
Date: Wed, 14 Sep 2011 11:12:08 +0000
Subject: [PATCH] Replace SHA1 with SHA256 digest algorithm.

Signed-off-by: tye
Reviewed-by: hhuan13
Reviewed-by: qlong



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12350 6f19259b-4bc3-4df7-8a09-765794883524
---
 .../Library/OpensslLib/EDKII_openssl-0.9.8l.patch  | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8l.patch b/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8l.patch
index 2ff6ee0f8c..231ec6e23a 100644
--- a/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8l.patch
+++ b/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8l.patch
@@ -24,6 +24,20 @@
  #endif /* OPENSSL_NO_STDIO */
  
  #endif /* HEADER_BSS_FILE_C */
+--- crypto/pkcs7/pk7_smime.c	2009-03-15 21:36:02.000000000 +0800
++++ crypto/pkcs7/pk7_smime.c	2011-09-13 14:11:36.019454700 +0800
+@@ -88,7 +88,10 @@
+ 	if (!PKCS7_content_new(p7, NID_pkcs7_data))
+ 		goto err;
+ 
+-	if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) {
++  /* 
++    NOTE: Update to SHA-256 digest algorithm for UEFI version.
++  */
++	if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha256()))) {
+ 		PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
+ 		goto err;
+ 	}
 --- crypto/rand/rand_egd.c	Thu Jan 15 17:14:12 1970
 +++ crypto/rand/rand_egd.c	Thu Jan 15 17:14:12 1970
 @@ -95,7 +95,7 @@
-- 
2.39.2