diff --git a/0001-CryptoPkg-OpensslLib-Modify-process_files.pl-for-Ope.patch b/0001-CryptoPkg-OpensslLib-Modify-process_files.pl-for-Ope.patch new file mode 100644 index 0000000000000000000000000000000000000000..9e46e174116fb3dac9ff026076a7bf46f7baec86 --- /dev/null +++ b/0001-CryptoPkg-OpensslLib-Modify-process_files.pl-for-Ope.patch @@ -0,0 +1,55 @@ +From 87c0bd44a43769905f3bb9bea4c8af307c58a79b Mon Sep 17 00:00:00 2001 +From: Xiang Zheng +Date: Fri, 17 Apr 2020 15:05:54 +0800 +Subject: [PATCH 1/2] CryptoPkg/OpensslLib: Modify process_files.pl for OpenSSL + 1.1.1f + +Before upgrading the version of OpenSSL to 1.1.1f, we need to update +process_files.pl so that we can auto-generate the correct files. + +This patch may confict with the opensource codes in the future, than +let it go with opensouce. + +Change-Id: Id17969bab444bad8cdd139258ef53d5eed91ff88 +Signed-off-by: Xiang Zheng +--- + .../Library/Include/{internal => crypto}/dso_conf.h | 0 + CryptoPkg/Library/OpensslLib/process_files.pl | 10 +++++----- + 2 files changed, 5 insertions(+), 5 deletions(-) + rename CryptoPkg/Library/Include/{internal => crypto}/dso_conf.h (100%) + +diff --git a/CryptoPkg/Library/Include/internal/dso_conf.h b/CryptoPkg/Library/Include/crypto/dso_conf.h +similarity index 100% +rename from CryptoPkg/Library/Include/internal/dso_conf.h +rename to CryptoPkg/Library/Include/crypto/dso_conf.h +diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl b/CryptoPkg/Library/OpensslLib/process_files.pl +index bbcfa0d0..a99ad866 100755 +--- a/CryptoPkg/Library/OpensslLib/process_files.pl ++++ b/CryptoPkg/Library/OpensslLib/process_files.pl +@@ -109,8 +109,8 @@ BEGIN { + # Generate dso_conf.h per config data + system( + "perl -I. -Mconfigdata util/dofile.pl " . +- "crypto/include/internal/dso_conf.h.in " . +- "> include/internal/dso_conf.h" ++ "include/crypto/dso_conf.h.in " . ++ "> include/crypto/dso_conf.h" + ) == 0 || + die "Failed to generate dso_conf.h!\n"; + +@@ -264,9 +264,9 @@ copy($OPENSSL_PATH . "/include/openssl/opensslconf.h", + $OPENSSL_PATH . "/../../Include/openssl/") || + die "Cannot copy opensslconf.h!"; + print "Done!"; +-print "\n--> Duplicating dso_conf.h into Include/internal ... "; +-copy($OPENSSL_PATH . "/include/internal/dso_conf.h", +- $OPENSSL_PATH . "/../../Include/internal/") || ++print "\n--> Duplicating dso_conf.h into Include/crypto ... "; ++copy($OPENSSL_PATH . "/include/crypto/dso_conf.h", ++ $OPENSSL_PATH . "/../../Include/crypto/") || + die "Cannot copy dso_conf.h!"; + print "Done!\n"; + +-- +2.19.1 + diff --git a/0001-CryptoPkg-OpensslLib-Update-process_files.pl-to-gene.patch b/0001-CryptoPkg-OpensslLib-Update-process_files.pl-to-gene.patch deleted file mode 100644 index 6b7ae06f7e868909894b9f026da7eb87694262af..0000000000000000000000000000000000000000 --- a/0001-CryptoPkg-OpensslLib-Update-process_files.pl-to-gene.patch +++ /dev/null @@ -1,643 +0,0 @@ -From 27d0e759917b62f02965817dafdbeb08012ffd8a Mon Sep 17 00:00:00 2001 -From: Shenglei Zhang -Date: Tue, 29 Oct 2019 15:43:11 +0000 -Subject: [PATCH 1/4] CryptoPkg/OpensslLib: Update process_files.pl to generate - .h files - -There are missing headers added into INF files at 8906f076de35b222a.. -They are now manually added but not auto-generated. So we update the -perl script to enable this feature. -Meanwhile, update the order of the .h files in INF files, which are -auto-generated now. -https://bugzilla.tianocore.org/show_bug.cgi?id=2085 - -Cc: Jian J Wang -Cc: Xiaoyu Lu -Signed-off-by: Shenglei Zhang -Reviewed-by: Jian J Wang -Reviewed-by: Xiaoyu Lu ---- - CryptoPkg/Library/OpensslLib/OpensslLib.inf | 103 +++++++++--------- - .../Library/OpensslLib/OpensslLibCrypto.inf | 96 ++++++++-------- - CryptoPkg/Library/OpensslLib/process_files.pl | 28 +++++ - 3 files changed, 129 insertions(+), 98 deletions(-) - -diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf -index 7432321fd4..dd873a0dcd 100644 ---- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf -+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf -@@ -34,9 +34,7 @@ - $(OPENSSL_PATH)/crypto/aes/aes_misc.c - $(OPENSSL_PATH)/crypto/aes/aes_ofb.c - $(OPENSSL_PATH)/crypto/aes/aes_wrap.c -- $(OPENSSL_PATH)/crypto/aes/aes_locl.h - $(OPENSSL_PATH)/crypto/aria/aria.c -- $(OPENSSL_PATH)/crypto/arm_arch.h - $(OPENSSL_PATH)/crypto/asn1/a_bitstr.c - $(OPENSSL_PATH)/crypto/asn1/a_d2i_fp.c - $(OPENSSL_PATH)/crypto/asn1/a_digest.c -@@ -101,21 +99,12 @@ - $(OPENSSL_PATH)/crypto/asn1/x_sig.c - $(OPENSSL_PATH)/crypto/asn1/x_spki.c - $(OPENSSL_PATH)/crypto/asn1/x_val.c -- $(OPENSSL_PATH)/crypto/asn1/standard_methods.h -- $(OPENSSL_PATH)/crypto/asn1/charmap.h -- $(OPENSSL_PATH)/crypto/asn1/tbl_standard.h -- $(OPENSSL_PATH)/crypto/asn1/asn1_item_list.h -- $(OPENSSL_PATH)/crypto/asn1/asn1_locl.h - $(OPENSSL_PATH)/crypto/async/arch/async_null.c - $(OPENSSL_PATH)/crypto/async/arch/async_posix.c - $(OPENSSL_PATH)/crypto/async/arch/async_win.c - $(OPENSSL_PATH)/crypto/async/async.c - $(OPENSSL_PATH)/crypto/async/async_err.c - $(OPENSSL_PATH)/crypto/async/async_wait.c -- $(OPENSSL_PATH)/crypto/async/arch/async_win.h -- $(OPENSSL_PATH)/crypto/async/async_locl.h -- $(OPENSSL_PATH)/crypto/async/arch/async_posix.h -- $(OPENSSL_PATH)/crypto/async/arch/async_null.h - $(OPENSSL_PATH)/crypto/bio/b_addr.c - $(OPENSSL_PATH)/crypto/bio/b_dump.c - $(OPENSSL_PATH)/crypto/bio/b_sock.c -@@ -138,7 +127,6 @@ - $(OPENSSL_PATH)/crypto/bio/bss_mem.c - $(OPENSSL_PATH)/crypto/bio/bss_null.c - $(OPENSSL_PATH)/crypto/bio/bss_sock.c -- $(OPENSSL_PATH)/crypto/bio/bio_lcl.h - $(OPENSSL_PATH)/crypto/bn/bn_add.c - $(OPENSSL_PATH)/crypto/bn/bn_asm.c - $(OPENSSL_PATH)/crypto/bn/bn_blind.c -@@ -170,9 +158,6 @@ - $(OPENSSL_PATH)/crypto/bn/bn_srp.c - $(OPENSSL_PATH)/crypto/bn/bn_word.c - $(OPENSSL_PATH)/crypto/bn/bn_x931p.c -- $(OPENSSL_PATH)/crypto/bn/rsaz_exp.h -- $(OPENSSL_PATH)/crypto/bn/bn_prime.h -- $(OPENSSL_PATH)/crypto/bn/bn_lcl.h - $(OPENSSL_PATH)/crypto/buffer/buf_err.c - $(OPENSSL_PATH)/crypto/buffer/buffer.c - $(OPENSSL_PATH)/crypto/cmac/cm_ameth.c -@@ -181,7 +166,6 @@ - $(OPENSSL_PATH)/crypto/comp/c_zlib.c - $(OPENSSL_PATH)/crypto/comp/comp_err.c - $(OPENSSL_PATH)/crypto/comp/comp_lib.c -- $(OPENSSL_PATH)/crypto/comp/comp_lcl.h - $(OPENSSL_PATH)/crypto/conf/conf_api.c - $(OPENSSL_PATH)/crypto/conf/conf_def.c - $(OPENSSL_PATH)/crypto/conf/conf_err.c -@@ -190,8 +174,6 @@ - $(OPENSSL_PATH)/crypto/conf/conf_mod.c - $(OPENSSL_PATH)/crypto/conf/conf_sap.c - $(OPENSSL_PATH)/crypto/conf/conf_ssl.c -- $(OPENSSL_PATH)/crypto/conf/conf_lcl.h -- $(OPENSSL_PATH)/crypto/conf/conf_def.h - $(OPENSSL_PATH)/crypto/cpt_err.c - $(OPENSSL_PATH)/crypto/cryptlib.c - $(OPENSSL_PATH)/crypto/ctype.c -@@ -215,8 +197,6 @@ - $(OPENSSL_PATH)/crypto/des/set_key.c - $(OPENSSL_PATH)/crypto/des/str2key.c - $(OPENSSL_PATH)/crypto/des/xcbc_enc.c -- $(OPENSSL_PATH)/crypto/des/spr.h -- $(OPENSSL_PATH)/crypto/des/des_locl.h - $(OPENSSL_PATH)/crypto/dh/dh_ameth.c - $(OPENSSL_PATH)/crypto/dh/dh_asn1.c - $(OPENSSL_PATH)/crypto/dh/dh_check.c -@@ -231,7 +211,6 @@ - $(OPENSSL_PATH)/crypto/dh/dh_prn.c - $(OPENSSL_PATH)/crypto/dh/dh_rfc5114.c - $(OPENSSL_PATH)/crypto/dh/dh_rfc7919.c -- $(OPENSSL_PATH)/crypto/dh/dh_locl.h - $(OPENSSL_PATH)/crypto/dso/dso_dl.c - $(OPENSSL_PATH)/crypto/dso/dso_dlfcn.c - $(OPENSSL_PATH)/crypto/dso/dso_err.c -@@ -239,7 +218,6 @@ - $(OPENSSL_PATH)/crypto/dso/dso_openssl.c - $(OPENSSL_PATH)/crypto/dso/dso_vms.c - $(OPENSSL_PATH)/crypto/dso/dso_win32.c -- $(OPENSSL_PATH)/crypto/dso/dso_locl.h - $(OPENSSL_PATH)/crypto/ebcdic.c - $(OPENSSL_PATH)/crypto/err/err.c - $(OPENSSL_PATH)/crypto/err/err_prn.c -@@ -304,13 +282,11 @@ - $(OPENSSL_PATH)/crypto/evp/pmeth_fn.c - $(OPENSSL_PATH)/crypto/evp/pmeth_gn.c - $(OPENSSL_PATH)/crypto/evp/pmeth_lib.c -- $(OPENSSL_PATH)/crypto/evp/evp_locl.h - $(OPENSSL_PATH)/crypto/ex_data.c - $(OPENSSL_PATH)/crypto/getenv.c - $(OPENSSL_PATH)/crypto/hmac/hm_ameth.c - $(OPENSSL_PATH)/crypto/hmac/hm_pmeth.c - $(OPENSSL_PATH)/crypto/hmac/hmac.c -- $(OPENSSL_PATH)/crypto/hmac/hmac_lcl.h - $(OPENSSL_PATH)/crypto/init.c - $(OPENSSL_PATH)/crypto/kdf/hkdf.c - $(OPENSSL_PATH)/crypto/kdf/kdf_err.c -@@ -318,13 +294,10 @@ - $(OPENSSL_PATH)/crypto/kdf/tls1_prf.c - $(OPENSSL_PATH)/crypto/lhash/lh_stats.c - $(OPENSSL_PATH)/crypto/lhash/lhash.c -- $(OPENSSL_PATH)/crypto/lhash/lhash_lcl.h - $(OPENSSL_PATH)/crypto/md4/md4_dgst.c - $(OPENSSL_PATH)/crypto/md4/md4_one.c -- $(OPENSSL_PATH)/crypto/md4/md4_locl.h - $(OPENSSL_PATH)/crypto/md5/md5_dgst.c - $(OPENSSL_PATH)/crypto/md5/md5_one.c -- $(OPENSSL_PATH)/crypto/md5/md5_locl.h - $(OPENSSL_PATH)/crypto/mem.c - $(OPENSSL_PATH)/crypto/mem_clr.c - $(OPENSSL_PATH)/crypto/mem_dbg.c -@@ -339,7 +312,6 @@ - $(OPENSSL_PATH)/crypto/modes/ofb128.c - $(OPENSSL_PATH)/crypto/modes/wrap128.c - $(OPENSSL_PATH)/crypto/modes/xts128.c -- $(OPENSSL_PATH)/crypto/modes/modes_lcl.h - $(OPENSSL_PATH)/crypto/o_dir.c - $(OPENSSL_PATH)/crypto/o_fips.c - $(OPENSSL_PATH)/crypto/o_fopen.c -@@ -351,9 +323,6 @@ - $(OPENSSL_PATH)/crypto/objects/obj_err.c - $(OPENSSL_PATH)/crypto/objects/obj_lib.c - $(OPENSSL_PATH)/crypto/objects/obj_xref.c -- $(OPENSSL_PATH)/crypto/objects/obj_dat.h -- $(OPENSSL_PATH)/crypto/objects/obj_xref.h -- $(OPENSSL_PATH)/crypto/objects/obj_lcl.h - $(OPENSSL_PATH)/crypto/ocsp/ocsp_asn.c - $(OPENSSL_PATH)/crypto/ocsp/ocsp_cl.c - $(OPENSSL_PATH)/crypto/ocsp/ocsp_err.c -@@ -364,7 +333,6 @@ - $(OPENSSL_PATH)/crypto/ocsp/ocsp_srv.c - $(OPENSSL_PATH)/crypto/ocsp/ocsp_vfy.c - $(OPENSSL_PATH)/crypto/ocsp/v3_ocsp.c -- $(OPENSSL_PATH)/crypto/ocsp/ocsp_lcl.h - $(OPENSSL_PATH)/crypto/pem/pem_all.c - $(OPENSSL_PATH)/crypto/pem/pem_err.c - $(OPENSSL_PATH)/crypto/pem/pem_info.c -@@ -392,7 +360,6 @@ - $(OPENSSL_PATH)/crypto/pkcs12/p12_sbag.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_utl.c - $(OPENSSL_PATH)/crypto/pkcs12/pk12err.c -- $(OPENSSL_PATH)/crypto/pkcs12/p12_lcl.h - $(OPENSSL_PATH)/crypto/pkcs7/bio_pk7.c - $(OPENSSL_PATH)/crypto/pkcs7/pk7_asn1.c - $(OPENSSL_PATH)/crypto/pkcs7/pk7_attr.c -@@ -401,7 +368,6 @@ - $(OPENSSL_PATH)/crypto/pkcs7/pk7_mime.c - $(OPENSSL_PATH)/crypto/pkcs7/pk7_smime.c - $(OPENSSL_PATH)/crypto/pkcs7/pkcs7err.c -- $(OPENSSL_PATH)/crypto/ppc_arch.h - $(OPENSSL_PATH)/crypto/rand/drbg_ctr.c - $(OPENSSL_PATH)/crypto/rand/drbg_lib.c - $(OPENSSL_PATH)/crypto/rand/rand_egd.c -@@ -410,10 +376,8 @@ - $(OPENSSL_PATH)/crypto/rand/rand_unix.c - $(OPENSSL_PATH)/crypto/rand/rand_vms.c - $(OPENSSL_PATH)/crypto/rand/rand_win.c -- $(OPENSSL_PATH)/crypto/rand/rand_lcl.h - $(OPENSSL_PATH)/crypto/rc4/rc4_enc.c - $(OPENSSL_PATH)/crypto/rc4/rc4_skey.c -- $(OPENSSL_PATH)/crypto/rc4/rc4_locl.h - $(OPENSSL_PATH)/crypto/rsa/rsa_ameth.c - $(OPENSSL_PATH)/crypto/rsa/rsa_asn1.c - $(OPENSSL_PATH)/crypto/rsa/rsa_chk.c -@@ -436,24 +400,18 @@ - $(OPENSSL_PATH)/crypto/rsa/rsa_ssl.c - $(OPENSSL_PATH)/crypto/rsa/rsa_x931.c - $(OPENSSL_PATH)/crypto/rsa/rsa_x931g.c -- $(OPENSSL_PATH)/crypto/rsa/rsa_locl.h -- $(OPENSSL_PATH)/crypto/s390x_arch.h - $(OPENSSL_PATH)/crypto/sha/keccak1600.c - $(OPENSSL_PATH)/crypto/sha/sha1_one.c - $(OPENSSL_PATH)/crypto/sha/sha1dgst.c - $(OPENSSL_PATH)/crypto/sha/sha256.c - $(OPENSSL_PATH)/crypto/sha/sha512.c -- $(OPENSSL_PATH)/crypto/sha/sha_locl.h - $(OPENSSL_PATH)/crypto/siphash/siphash.c - $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c - $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c -- $(OPENSSL_PATH)/crypto/siphash/siphash_local.h - $(OPENSSL_PATH)/crypto/sm3/m_sm3.c - $(OPENSSL_PATH)/crypto/sm3/sm3.c -- $(OPENSSL_PATH)/crypto/sm3/sm3_locl.h - $(OPENSSL_PATH)/crypto/sm4/sm4.c - $(OPENSSL_PATH)/crypto/stack/stack.c -- $(OPENSSL_PATH)/crypto/sparc_arch.h - $(OPENSSL_PATH)/crypto/threads_none.c - $(OPENSSL_PATH)/crypto/threads_pthread.c - $(OPENSSL_PATH)/crypto/threads_win.c -@@ -463,8 +421,6 @@ - $(OPENSSL_PATH)/crypto/ui/ui_null.c - $(OPENSSL_PATH)/crypto/ui/ui_openssl.c - $(OPENSSL_PATH)/crypto/ui/ui_util.c -- $(OPENSSL_PATH)/crypto/ui/ui_locl.h -- $(OPENSSL_PATH)/crypto/vms_rms.h - $(OPENSSL_PATH)/crypto/uid.c - $(OPENSSL_PATH)/crypto/x509/by_dir.c - $(OPENSSL_PATH)/crypto/x509/by_file.c -@@ -502,7 +458,6 @@ - $(OPENSSL_PATH)/crypto/x509/x_req.c - $(OPENSSL_PATH)/crypto/x509/x_x509.c - $(OPENSSL_PATH)/crypto/x509/x_x509a.c -- $(OPENSSL_PATH)/crypto/x509/x509_lcl.h - $(OPENSSL_PATH)/crypto/x509v3/pcy_cache.c - $(OPENSSL_PATH)/crypto/x509v3/pcy_data.c - $(OPENSSL_PATH)/crypto/x509v3/pcy_lib.c -@@ -540,11 +495,57 @@ - $(OPENSSL_PATH)/crypto/x509v3/v3_tlsf.c - $(OPENSSL_PATH)/crypto/x509v3/v3_utl.c - $(OPENSSL_PATH)/crypto/x509v3/v3err.c -+ $(OPENSSL_PATH)/crypto/hmac/hmac_lcl.h -+ $(OPENSSL_PATH)/crypto/dh/dh_locl.h -+ $(OPENSSL_PATH)/crypto/bio/bio_lcl.h -+ $(OPENSSL_PATH)/crypto/conf/conf_def.h -+ $(OPENSSL_PATH)/crypto/conf/conf_lcl.h -+ $(OPENSSL_PATH)/crypto/lhash/lhash_lcl.h -+ $(OPENSSL_PATH)/crypto/sha/sha_locl.h -+ $(OPENSSL_PATH)/crypto/md5/md5_locl.h -+ $(OPENSSL_PATH)/crypto/store/store_locl.h -+ $(OPENSSL_PATH)/crypto/dso/dso_locl.h -+ $(OPENSSL_PATH)/crypto/pkcs12/p12_lcl.h -+ $(OPENSSL_PATH)/crypto/arm_arch.h -+ $(OPENSSL_PATH)/crypto/mips_arch.h -+ $(OPENSSL_PATH)/crypto/ppc_arch.h -+ $(OPENSSL_PATH)/crypto/s390x_arch.h -+ $(OPENSSL_PATH)/crypto/sparc_arch.h -+ $(OPENSSL_PATH)/crypto/vms_rms.h -+ $(OPENSSL_PATH)/crypto/bn/bn_lcl.h -+ $(OPENSSL_PATH)/crypto/bn/bn_prime.h -+ $(OPENSSL_PATH)/crypto/bn/rsaz_exp.h -+ $(OPENSSL_PATH)/crypto/ui/ui_locl.h -+ $(OPENSSL_PATH)/crypto/md4/md4_locl.h -+ $(OPENSSL_PATH)/crypto/rc4/rc4_locl.h -+ $(OPENSSL_PATH)/crypto/asn1/asn1_item_list.h -+ $(OPENSSL_PATH)/crypto/asn1/asn1_locl.h -+ $(OPENSSL_PATH)/crypto/asn1/charmap.h -+ $(OPENSSL_PATH)/crypto/asn1/standard_methods.h -+ $(OPENSSL_PATH)/crypto/asn1/tbl_standard.h -+ $(OPENSSL_PATH)/crypto/evp/evp_locl.h -+ $(OPENSSL_PATH)/crypto/rand/rand_lcl.h -+ $(OPENSSL_PATH)/crypto/ocsp/ocsp_lcl.h -+ $(OPENSSL_PATH)/crypto/modes/modes_lcl.h -+ $(OPENSSL_PATH)/crypto/comp/comp_lcl.h -+ $(OPENSSL_PATH)/crypto/rsa/rsa_locl.h -+ $(OPENSSL_PATH)/crypto/x509/x509_lcl.h -+ $(OPENSSL_PATH)/crypto/async/arch/async_null.h -+ $(OPENSSL_PATH)/crypto/async/arch/async_posix.h -+ $(OPENSSL_PATH)/crypto/async/arch/async_win.h -+ $(OPENSSL_PATH)/crypto/sm3/sm3_locl.h -+ $(OPENSSL_PATH)/crypto/des/des_locl.h -+ $(OPENSSL_PATH)/crypto/des/spr.h -+ $(OPENSSL_PATH)/crypto/siphash/siphash_local.h -+ $(OPENSSL_PATH)/crypto/aes/aes_locl.h -+ $(OPENSSL_PATH)/crypto/async/async_locl.h -+ $(OPENSSL_PATH)/crypto/x509v3/ext_dat.h - $(OPENSSL_PATH)/crypto/x509v3/pcy_int.h -- $(OPENSSL_PATH)/crypto/x509v3/v3_admis.h - $(OPENSSL_PATH)/crypto/x509v3/standard_exts.h -- $(OPENSSL_PATH)/crypto/x509v3/ext_dat.h -- $(OPENSSL_PATH)/ms/uplink.h -+ $(OPENSSL_PATH)/crypto/x509v3/v3_admis.h -+ $(OPENSSL_PATH)/crypto/objects/obj_dat.h -+ $(OPENSSL_PATH)/crypto/objects/obj_lcl.h -+ $(OPENSSL_PATH)/crypto/objects/obj_xref.h - $(OPENSSL_PATH)/ssl/bio_ssl.c - $(OPENSSL_PATH)/ssl/d1_lib.c - $(OPENSSL_PATH)/ssl/d1_msg.c -@@ -589,13 +590,13 @@ - $(OPENSSL_PATH)/ssl/t1_trce.c - $(OPENSSL_PATH)/ssl/tls13_enc.c - $(OPENSSL_PATH)/ssl/tls_srp.c -- $(OPENSSL_PATH)/ssl/record/record_locl.h - $(OPENSSL_PATH)/ssl/statem/statem.h - $(OPENSSL_PATH)/ssl/statem/statem_locl.h -+ $(OPENSSL_PATH)/ssl/packet_locl.h -+ $(OPENSSL_PATH)/ssl/ssl_cert_table.h - $(OPENSSL_PATH)/ssl/ssl_locl.h - $(OPENSSL_PATH)/ssl/record/record.h -- $(OPENSSL_PATH)/ssl/ssl_cert_table.h -- $(OPENSSL_PATH)/ssl/packet_locl.h -+ $(OPENSSL_PATH)/ssl/record/record_locl.h - # Autogenerated files list ends here - - ossl_store.c -diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -index 8134b45eda..a1bb560255 100644 ---- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf -@@ -33,9 +33,7 @@ - $(OPENSSL_PATH)/crypto/aes/aes_misc.c - $(OPENSSL_PATH)/crypto/aes/aes_ofb.c - $(OPENSSL_PATH)/crypto/aes/aes_wrap.c -- $(OPENSSL_PATH)/crypto/aes/aes_locl.h - $(OPENSSL_PATH)/crypto/aria/aria.c -- $(OPENSSL_PATH)/crypto/arm_arch.h - $(OPENSSL_PATH)/crypto/asn1/a_bitstr.c - $(OPENSSL_PATH)/crypto/asn1/a_d2i_fp.c - $(OPENSSL_PATH)/crypto/asn1/a_digest.c -@@ -100,21 +98,12 @@ - $(OPENSSL_PATH)/crypto/asn1/x_sig.c - $(OPENSSL_PATH)/crypto/asn1/x_spki.c - $(OPENSSL_PATH)/crypto/asn1/x_val.c -- $(OPENSSL_PATH)/crypto/asn1/standard_methods.h -- $(OPENSSL_PATH)/crypto/asn1/charmap.h -- $(OPENSSL_PATH)/crypto/asn1/tbl_standard.h -- $(OPENSSL_PATH)/crypto/asn1/asn1_item_list.h -- $(OPENSSL_PATH)/crypto/asn1/asn1_locl.h - $(OPENSSL_PATH)/crypto/async/arch/async_null.c - $(OPENSSL_PATH)/crypto/async/arch/async_posix.c - $(OPENSSL_PATH)/crypto/async/arch/async_win.c -- $(OPENSSL_PATH)/crypto/async/arch/async_posix.h -- $(OPENSSL_PATH)/crypto/async/arch/async_null.h -- $(OPENSSL_PATH)/crypto/async/arch/async_win.h - $(OPENSSL_PATH)/crypto/async/async.c - $(OPENSSL_PATH)/crypto/async/async_err.c - $(OPENSSL_PATH)/crypto/async/async_wait.c -- $(OPENSSL_PATH)/crypto/async/async_locl.h - $(OPENSSL_PATH)/crypto/bio/b_addr.c - $(OPENSSL_PATH)/crypto/bio/b_dump.c - $(OPENSSL_PATH)/crypto/bio/b_sock.c -@@ -137,7 +126,6 @@ - $(OPENSSL_PATH)/crypto/bio/bss_mem.c - $(OPENSSL_PATH)/crypto/bio/bss_null.c - $(OPENSSL_PATH)/crypto/bio/bss_sock.c -- $(OPENSSL_PATH)/crypto/bio/bio_lcl.h - $(OPENSSL_PATH)/crypto/bn/bn_add.c - $(OPENSSL_PATH)/crypto/bn/bn_asm.c - $(OPENSSL_PATH)/crypto/bn/bn_blind.c -@@ -169,9 +157,6 @@ - $(OPENSSL_PATH)/crypto/bn/bn_srp.c - $(OPENSSL_PATH)/crypto/bn/bn_word.c - $(OPENSSL_PATH)/crypto/bn/bn_x931p.c -- $(OPENSSL_PATH)/crypto/bn/rsaz_exp.h -- $(OPENSSL_PATH)/crypto/bn/bn_prime.h -- $(OPENSSL_PATH)/crypto/bn/bn_lcl.h - $(OPENSSL_PATH)/crypto/buffer/buf_err.c - $(OPENSSL_PATH)/crypto/buffer/buffer.c - $(OPENSSL_PATH)/crypto/cmac/cm_ameth.c -@@ -180,7 +165,6 @@ - $(OPENSSL_PATH)/crypto/comp/c_zlib.c - $(OPENSSL_PATH)/crypto/comp/comp_err.c - $(OPENSSL_PATH)/crypto/comp/comp_lib.c -- $(OPENSSL_PATH)/crypto/comp/comp_lcl.h - $(OPENSSL_PATH)/crypto/conf/conf_api.c - $(OPENSSL_PATH)/crypto/conf/conf_def.c - $(OPENSSL_PATH)/crypto/conf/conf_err.c -@@ -189,8 +173,6 @@ - $(OPENSSL_PATH)/crypto/conf/conf_mod.c - $(OPENSSL_PATH)/crypto/conf/conf_sap.c - $(OPENSSL_PATH)/crypto/conf/conf_ssl.c -- $(OPENSSL_PATH)/crypto/conf/conf_lcl.h -- $(OPENSSL_PATH)/crypto/conf/conf_def.h - $(OPENSSL_PATH)/crypto/cpt_err.c - $(OPENSSL_PATH)/crypto/cryptlib.c - $(OPENSSL_PATH)/crypto/ctype.c -@@ -214,8 +196,6 @@ - $(OPENSSL_PATH)/crypto/des/set_key.c - $(OPENSSL_PATH)/crypto/des/str2key.c - $(OPENSSL_PATH)/crypto/des/xcbc_enc.c -- $(OPENSSL_PATH)/crypto/des/spr.h -- $(OPENSSL_PATH)/crypto/des/des_locl.h - $(OPENSSL_PATH)/crypto/dh/dh_ameth.c - $(OPENSSL_PATH)/crypto/dh/dh_asn1.c - $(OPENSSL_PATH)/crypto/dh/dh_check.c -@@ -230,7 +210,6 @@ - $(OPENSSL_PATH)/crypto/dh/dh_prn.c - $(OPENSSL_PATH)/crypto/dh/dh_rfc5114.c - $(OPENSSL_PATH)/crypto/dh/dh_rfc7919.c -- $(OPENSSL_PATH)/crypto/dh/dh_locl.h - $(OPENSSL_PATH)/crypto/dso/dso_dl.c - $(OPENSSL_PATH)/crypto/dso/dso_dlfcn.c - $(OPENSSL_PATH)/crypto/dso/dso_err.c -@@ -238,7 +217,6 @@ - $(OPENSSL_PATH)/crypto/dso/dso_openssl.c - $(OPENSSL_PATH)/crypto/dso/dso_vms.c - $(OPENSSL_PATH)/crypto/dso/dso_win32.c -- $(OPENSSL_PATH)/crypto/dso/dso_locl.h - $(OPENSSL_PATH)/crypto/ebcdic.c - $(OPENSSL_PATH)/crypto/err/err.c - $(OPENSSL_PATH)/crypto/err/err_prn.c -@@ -280,7 +258,6 @@ - $(OPENSSL_PATH)/crypto/evp/evp_pkey.c - $(OPENSSL_PATH)/crypto/evp/m_md2.c - $(OPENSSL_PATH)/crypto/evp/m_md4.c -- $(OPENSSL_PATH)/crypto/md4/md4_locl.h - $(OPENSSL_PATH)/crypto/evp/m_md5.c - $(OPENSSL_PATH)/crypto/evp/m_md5_sha1.c - $(OPENSSL_PATH)/crypto/evp/m_mdc2.c -@@ -304,13 +281,11 @@ - $(OPENSSL_PATH)/crypto/evp/pmeth_fn.c - $(OPENSSL_PATH)/crypto/evp/pmeth_gn.c - $(OPENSSL_PATH)/crypto/evp/pmeth_lib.c -- $(OPENSSL_PATH)/crypto/evp/evp_locl.h - $(OPENSSL_PATH)/crypto/ex_data.c - $(OPENSSL_PATH)/crypto/getenv.c - $(OPENSSL_PATH)/crypto/hmac/hm_ameth.c - $(OPENSSL_PATH)/crypto/hmac/hm_pmeth.c - $(OPENSSL_PATH)/crypto/hmac/hmac.c -- $(OPENSSL_PATH)/crypto/hmac/hmac_lcl.h - $(OPENSSL_PATH)/crypto/init.c - $(OPENSSL_PATH)/crypto/kdf/hkdf.c - $(OPENSSL_PATH)/crypto/kdf/kdf_err.c -@@ -318,12 +293,10 @@ - $(OPENSSL_PATH)/crypto/kdf/tls1_prf.c - $(OPENSSL_PATH)/crypto/lhash/lh_stats.c - $(OPENSSL_PATH)/crypto/lhash/lhash.c -- $(OPENSSL_PATH)/crypto/lhash/lhash_lcl.h - $(OPENSSL_PATH)/crypto/md4/md4_dgst.c - $(OPENSSL_PATH)/crypto/md4/md4_one.c - $(OPENSSL_PATH)/crypto/md5/md5_dgst.c - $(OPENSSL_PATH)/crypto/md5/md5_one.c -- $(OPENSSL_PATH)/crypto/md5/md5_locl.h - $(OPENSSL_PATH)/crypto/mem.c - $(OPENSSL_PATH)/crypto/mem_clr.c - $(OPENSSL_PATH)/crypto/mem_dbg.c -@@ -338,7 +311,6 @@ - $(OPENSSL_PATH)/crypto/modes/ofb128.c - $(OPENSSL_PATH)/crypto/modes/wrap128.c - $(OPENSSL_PATH)/crypto/modes/xts128.c -- $(OPENSSL_PATH)/crypto/modes/modes_lcl.h - $(OPENSSL_PATH)/crypto/o_dir.c - $(OPENSSL_PATH)/crypto/o_fips.c - $(OPENSSL_PATH)/crypto/o_fopen.c -@@ -350,9 +322,6 @@ - $(OPENSSL_PATH)/crypto/objects/obj_err.c - $(OPENSSL_PATH)/crypto/objects/obj_lib.c - $(OPENSSL_PATH)/crypto/objects/obj_xref.c -- $(OPENSSL_PATH)/crypto/objects/obj_dat.h -- $(OPENSSL_PATH)/crypto/objects/obj_xref.h -- $(OPENSSL_PATH)/crypto/objects/obj_lcl.h - $(OPENSSL_PATH)/crypto/ocsp/ocsp_asn.c - $(OPENSSL_PATH)/crypto/ocsp/ocsp_cl.c - $(OPENSSL_PATH)/crypto/ocsp/ocsp_err.c -@@ -363,7 +332,6 @@ - $(OPENSSL_PATH)/crypto/ocsp/ocsp_srv.c - $(OPENSSL_PATH)/crypto/ocsp/ocsp_vfy.c - $(OPENSSL_PATH)/crypto/ocsp/v3_ocsp.c -- $(OPENSSL_PATH)/crypto/ocsp/ocsp_lcl.h - $(OPENSSL_PATH)/crypto/pem/pem_all.c - $(OPENSSL_PATH)/crypto/pem/pem_err.c - $(OPENSSL_PATH)/crypto/pem/pem_info.c -@@ -399,8 +367,6 @@ - $(OPENSSL_PATH)/crypto/pkcs7/pk7_mime.c - $(OPENSSL_PATH)/crypto/pkcs7/pk7_smime.c - $(OPENSSL_PATH)/crypto/pkcs7/pkcs7err.c -- $(OPENSSL_PATH)/crypto/pkcs12/p12_lcl.h -- $(OPENSSL_PATH)/crypto/ppc_arch.h - $(OPENSSL_PATH)/crypto/rand/drbg_ctr.c - $(OPENSSL_PATH)/crypto/rand/drbg_lib.c - $(OPENSSL_PATH)/crypto/rand/rand_egd.c -@@ -409,10 +375,8 @@ - $(OPENSSL_PATH)/crypto/rand/rand_unix.c - $(OPENSSL_PATH)/crypto/rand/rand_vms.c - $(OPENSSL_PATH)/crypto/rand/rand_win.c -- $(OPENSSL_PATH)/crypto/rand/rand_lcl.h - $(OPENSSL_PATH)/crypto/rc4/rc4_enc.c - $(OPENSSL_PATH)/crypto/rc4/rc4_skey.c -- $(OPENSSL_PATH)/crypto/rc4/rc4_locl.h - $(OPENSSL_PATH)/crypto/rsa/rsa_ameth.c - $(OPENSSL_PATH)/crypto/rsa/rsa_asn1.c - $(OPENSSL_PATH)/crypto/rsa/rsa_chk.c -@@ -435,24 +399,18 @@ - $(OPENSSL_PATH)/crypto/rsa/rsa_ssl.c - $(OPENSSL_PATH)/crypto/rsa/rsa_x931.c - $(OPENSSL_PATH)/crypto/rsa/rsa_x931g.c -- $(OPENSSL_PATH)/crypto/rsa/rsa_locl.h - $(OPENSSL_PATH)/crypto/sha/keccak1600.c - $(OPENSSL_PATH)/crypto/sha/sha1_one.c - $(OPENSSL_PATH)/crypto/sha/sha1dgst.c - $(OPENSSL_PATH)/crypto/sha/sha256.c - $(OPENSSL_PATH)/crypto/sha/sha512.c -- $(OPENSSL_PATH)/crypto/sha/sha_locl.h - $(OPENSSL_PATH)/crypto/siphash/siphash.c - $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c - $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c -- $(OPENSSL_PATH)/crypto/siphash/siphash_local.h - $(OPENSSL_PATH)/crypto/sm3/m_sm3.c - $(OPENSSL_PATH)/crypto/sm3/sm3.c -- $(OPENSSL_PATH)/crypto/sm3/sm3_locl.h - $(OPENSSL_PATH)/crypto/sm4/sm4.c - $(OPENSSL_PATH)/crypto/stack/stack.c -- $(OPENSSL_PATH)/crypto/s390x_arch.h -- $(OPENSSL_PATH)/crypto/sparc_arch.h - $(OPENSSL_PATH)/crypto/threads_none.c - $(OPENSSL_PATH)/crypto/threads_pthread.c - $(OPENSSL_PATH)/crypto/threads_win.c -@@ -462,9 +420,7 @@ - $(OPENSSL_PATH)/crypto/ui/ui_null.c - $(OPENSSL_PATH)/crypto/ui/ui_openssl.c - $(OPENSSL_PATH)/crypto/ui/ui_util.c -- $(OPENSSL_PATH)/crypto/ui/ui_locl.h - $(OPENSSL_PATH)/crypto/uid.c -- $(OPENSSL_PATH)/crypto/vms_rms.h - $(OPENSSL_PATH)/crypto/x509/by_dir.c - $(OPENSSL_PATH)/crypto/x509/by_file.c - $(OPENSSL_PATH)/crypto/x509/t_crl.c -@@ -501,7 +457,6 @@ - $(OPENSSL_PATH)/crypto/x509/x_req.c - $(OPENSSL_PATH)/crypto/x509/x_x509.c - $(OPENSSL_PATH)/crypto/x509/x_x509a.c -- $(OPENSSL_PATH)/crypto/x509/x509_lcl.h - $(OPENSSL_PATH)/crypto/x509v3/pcy_cache.c - $(OPENSSL_PATH)/crypto/x509v3/pcy_data.c - $(OPENSSL_PATH)/crypto/x509v3/pcy_lib.c -@@ -539,10 +494,57 @@ - $(OPENSSL_PATH)/crypto/x509v3/v3_tlsf.c - $(OPENSSL_PATH)/crypto/x509v3/v3_utl.c - $(OPENSSL_PATH)/crypto/x509v3/v3err.c -+ $(OPENSSL_PATH)/crypto/hmac/hmac_lcl.h -+ $(OPENSSL_PATH)/crypto/dh/dh_locl.h -+ $(OPENSSL_PATH)/crypto/bio/bio_lcl.h -+ $(OPENSSL_PATH)/crypto/conf/conf_def.h -+ $(OPENSSL_PATH)/crypto/conf/conf_lcl.h -+ $(OPENSSL_PATH)/crypto/lhash/lhash_lcl.h -+ $(OPENSSL_PATH)/crypto/sha/sha_locl.h -+ $(OPENSSL_PATH)/crypto/md5/md5_locl.h -+ $(OPENSSL_PATH)/crypto/store/store_locl.h -+ $(OPENSSL_PATH)/crypto/dso/dso_locl.h -+ $(OPENSSL_PATH)/crypto/pkcs12/p12_lcl.h -+ $(OPENSSL_PATH)/crypto/arm_arch.h -+ $(OPENSSL_PATH)/crypto/mips_arch.h -+ $(OPENSSL_PATH)/crypto/ppc_arch.h -+ $(OPENSSL_PATH)/crypto/s390x_arch.h -+ $(OPENSSL_PATH)/crypto/sparc_arch.h -+ $(OPENSSL_PATH)/crypto/vms_rms.h -+ $(OPENSSL_PATH)/crypto/bn/bn_lcl.h -+ $(OPENSSL_PATH)/crypto/bn/bn_prime.h -+ $(OPENSSL_PATH)/crypto/bn/rsaz_exp.h -+ $(OPENSSL_PATH)/crypto/ui/ui_locl.h -+ $(OPENSSL_PATH)/crypto/md4/md4_locl.h -+ $(OPENSSL_PATH)/crypto/rc4/rc4_locl.h -+ $(OPENSSL_PATH)/crypto/asn1/asn1_item_list.h -+ $(OPENSSL_PATH)/crypto/asn1/asn1_locl.h -+ $(OPENSSL_PATH)/crypto/asn1/charmap.h -+ $(OPENSSL_PATH)/crypto/asn1/standard_methods.h -+ $(OPENSSL_PATH)/crypto/asn1/tbl_standard.h -+ $(OPENSSL_PATH)/crypto/evp/evp_locl.h -+ $(OPENSSL_PATH)/crypto/rand/rand_lcl.h -+ $(OPENSSL_PATH)/crypto/ocsp/ocsp_lcl.h -+ $(OPENSSL_PATH)/crypto/modes/modes_lcl.h -+ $(OPENSSL_PATH)/crypto/comp/comp_lcl.h -+ $(OPENSSL_PATH)/crypto/rsa/rsa_locl.h -+ $(OPENSSL_PATH)/crypto/x509/x509_lcl.h -+ $(OPENSSL_PATH)/crypto/async/arch/async_null.h -+ $(OPENSSL_PATH)/crypto/async/arch/async_posix.h -+ $(OPENSSL_PATH)/crypto/async/arch/async_win.h -+ $(OPENSSL_PATH)/crypto/sm3/sm3_locl.h -+ $(OPENSSL_PATH)/crypto/des/des_locl.h -+ $(OPENSSL_PATH)/crypto/des/spr.h -+ $(OPENSSL_PATH)/crypto/siphash/siphash_local.h -+ $(OPENSSL_PATH)/crypto/aes/aes_locl.h -+ $(OPENSSL_PATH)/crypto/async/async_locl.h -+ $(OPENSSL_PATH)/crypto/x509v3/ext_dat.h - $(OPENSSL_PATH)/crypto/x509v3/pcy_int.h -- $(OPENSSL_PATH)/crypto/x509v3/v3_admis.h - $(OPENSSL_PATH)/crypto/x509v3/standard_exts.h -- $(OPENSSL_PATH)/crypto/x509v3/ext_dat.h -+ $(OPENSSL_PATH)/crypto/x509v3/v3_admis.h -+ $(OPENSSL_PATH)/crypto/objects/obj_dat.h -+ $(OPENSSL_PATH)/crypto/objects/obj_lcl.h -+ $(OPENSSL_PATH)/crypto/objects/obj_xref.h - # Autogenerated files list ends here - buildinf.h - rand_pool_noise.h -diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl b/CryptoPkg/Library/OpensslLib/process_files.pl -index e13c0acb4d..4fe54cd808 100755 ---- a/CryptoPkg/Library/OpensslLib/process_files.pl -+++ b/CryptoPkg/Library/OpensslLib/process_files.pl -@@ -144,6 +144,34 @@ foreach my $product ((@{$unified_info{libraries}}, - } - } - -+ -+# -+# Update the perl script to generate the missing header files -+# -+my @dir_list = (); -+for (keys %{$unified_info{dirinfo}}){ -+ push @dir_list,$_; -+} -+ -+my $dir = getcwd(); -+my @files = (); -+my @headers = (); -+chdir ("openssl"); -+foreach(@dir_list){ -+ @files = glob($_."/*.h"); -+ push @headers, @files; -+} -+chdir ($dir); -+ -+foreach (@headers){ -+ if(/ssl/){ -+ push @sslfilelist, ' $(OPENSSL_PATH)/' . $_ . "\r\n"; -+ next; -+ } -+ push @cryptofilelist, ' $(OPENSSL_PATH)/' . $_ . "\r\n"; -+} -+ -+ - # - # Update OpensslLib.inf with autogenerated file list - # --- -2.19.1 - diff --git a/0002-CryptoPkg-Upgrade-OpenSSL-to-1.1.1d.patch b/0002-CryptoPkg-Upgrade-OpenSSL-to-1.1.1d.patch deleted file mode 100644 index 3619b3f7cb85747bc17cc1d0c016bb2b106e5707..0000000000000000000000000000000000000000 --- a/0002-CryptoPkg-Upgrade-OpenSSL-to-1.1.1d.patch +++ /dev/null @@ -1,149 +0,0 @@ -From 69cdca469d5c071ca99f0ab45b7b06192095b652 Mon Sep 17 00:00:00 2001 -From: Shenglei Zhang -Date: Mon, 21 Oct 2019 15:53:42 +0800 -Subject: [PATCH 2/4] CryptoPkg: Upgrade OpenSSL to 1.1.1d - -Upgrade openssl from 1.1.1b to 1.1.1d. -Something needs to be noticed is that, there is a bug existing in the -released 1_1_1d version(894da2fb7ed5d314ee5c2fc9fd2d9b8b74111596), -which causes build failure. So we switch the code base to a usable -version, which is 2 commits later than the stable tag. -Now we use the version c3656cc594daac8167721dde7220f0e59ae146fc. -This log is to fix the build failure. -https://bugzilla.tianocore.org/show_bug.cgi?id=2226 - -Besides, the absense of "DSO_NONE" in dso_conf.h causes build failure -in OvmfPkg. So update process_files.pl to generate information from -"crypto/include/internal/dso_conf.h.in". - -shm.h and utsname.h are added to avoid GCC build failure. - -Cc: Jian J Wang -Cc: Xiaoyu Lu -Cc: Liming Gao -Signed-off-by: Shenglei Zhang -Reviewed-by: Jian J Wang -Reviewed-by: Laszlo Ersek -Tested-by: Laszlo Ersek ---- - .gitmodules | 3 --- - CryptoPkg/Library/Include/internal/dso_conf.h | 16 ++++++++++++++++ - CryptoPkg/Library/Include/sys/shm.h | 9 +++++++++ - CryptoPkg/Library/Include/sys/utsname.h | 9 +++++++++ - CryptoPkg/Library/OpensslLib/process_files.pl | 17 +++++++++++++++-- - 5 files changed, 49 insertions(+), 5 deletions(-) - create mode 100644 CryptoPkg/Library/Include/sys/shm.h - create mode 100644 CryptoPkg/Library/Include/sys/utsname.h - -diff --git a/.gitmodules b/.gitmodules -index 508f0c1828..6deabd1f16 100644 ---- a/.gitmodules -+++ b/.gitmodules -@@ -1,6 +1,3 @@ --[submodule "CryptoPkg/Library/OpensslLib/openssl"] -- path = CryptoPkg/Library/OpensslLib/openssl -- url = https://github.com/openssl/openssl - [submodule "SoftFloat"] - path = ArmPkg/Library/ArmSoftFloatLib/berkeley-softfloat-3 - url = https://github.com/ucb-bar/berkeley-softfloat-3.git -diff --git a/CryptoPkg/Library/Include/internal/dso_conf.h b/CryptoPkg/Library/Include/internal/dso_conf.h -index e69de29bb2..43c891588b 100644 ---- a/CryptoPkg/Library/Include/internal/dso_conf.h -+++ b/CryptoPkg/Library/Include/internal/dso_conf.h -@@ -0,0 +1,16 @@ -+/* WARNING: do not edit! */ -+/* Generated from crypto/include/internal/dso_conf.h.in */ -+/* -+ * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. -+ * -+ * Licensed under the OpenSSL license (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#ifndef HEADER_DSO_CONF_H -+# define HEADER_DSO_CONF_H -+# define DSO_NONE -+# define DSO_EXTENSION ".so" -+#endif -diff --git a/CryptoPkg/Library/Include/sys/shm.h b/CryptoPkg/Library/Include/sys/shm.h -new file mode 100644 -index 0000000000..dc0b8e81c8 ---- /dev/null -+++ b/CryptoPkg/Library/Include/sys/shm.h -@@ -0,0 +1,9 @@ -+/** @file -+ Include file to support building the third-party cryptographic library. -+ -+Copyright (c) 2019, Intel Corporation. All rights reserved.
-+SPDX-License-Identifier: BSD-2-Clause-Patent -+ -+**/ -+ -+#include -diff --git a/CryptoPkg/Library/Include/sys/utsname.h b/CryptoPkg/Library/Include/sys/utsname.h -new file mode 100644 -index 0000000000..dc0b8e81c8 ---- /dev/null -+++ b/CryptoPkg/Library/Include/sys/utsname.h -@@ -0,0 +1,9 @@ -+/** @file -+ Include file to support building the third-party cryptographic library. -+ -+Copyright (c) 2019, Intel Corporation. All rights reserved.
-+SPDX-License-Identifier: BSD-2-Clause-Patent -+ -+**/ -+ -+#include -diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl b/CryptoPkg/Library/OpensslLib/process_files.pl -index 4fe54cd808..bbcfa0d0e7 100755 ---- a/CryptoPkg/Library/OpensslLib/process_files.pl -+++ b/CryptoPkg/Library/OpensslLib/process_files.pl -@@ -2,7 +2,7 @@ - # - # This script runs the OpenSSL Configure script, then processes the - # resulting file list into our local OpensslLib[Crypto].inf and also --# takes a copy of opensslconf.h. -+# takes copies of opensslconf.h and dso_conf.h. - # - # This only needs to be done once by a developer when updating to a - # new version of OpenSSL (or changing options, etc.). Normal users -@@ -106,6 +106,14 @@ BEGIN { - ) == 0 || - die "Failed to generate opensslconf.h!\n"; - -+ # Generate dso_conf.h per config data -+ system( -+ "perl -I. -Mconfigdata util/dofile.pl " . -+ "crypto/include/internal/dso_conf.h.in " . -+ "> include/internal/dso_conf.h" -+ ) == 0 || -+ die "Failed to generate dso_conf.h!\n"; -+ - chdir($basedir) || - die "Cannot change to base directory \"" . $basedir . "\""; - -@@ -249,12 +257,17 @@ rename( $new_inf_file, $inf_file ) || - print "Done!"; - - # --# Copy opensslconf.h generated from OpenSSL Configuration -+# Copy opensslconf.h and dso_conf.h generated from OpenSSL Configuration - # - print "\n--> Duplicating opensslconf.h into Include/openssl ... "; - copy($OPENSSL_PATH . "/include/openssl/opensslconf.h", - $OPENSSL_PATH . "/../../Include/openssl/") || - die "Cannot copy opensslconf.h!"; -+print "Done!"; -+print "\n--> Duplicating dso_conf.h into Include/internal ... "; -+copy($OPENSSL_PATH . "/include/internal/dso_conf.h", -+ $OPENSSL_PATH . "/../../Include/internal/") || -+ die "Cannot copy dso_conf.h!"; - print "Done!\n"; - - print "\nProcessing Files Done!\n"; --- -2.19.1 - diff --git a/0002-CryptoPkg-Upgrade-OpenSSL-to-1.1.1f.patch b/0002-CryptoPkg-Upgrade-OpenSSL-to-1.1.1f.patch new file mode 100644 index 0000000000000000000000000000000000000000..b022c171028de0cc3a112ac28e32355226b3e54c --- /dev/null +++ b/0002-CryptoPkg-Upgrade-OpenSSL-to-1.1.1f.patch @@ -0,0 +1,337 @@ +From 55d39c51a03048f4bb1218fc70a9ed445e2b75f6 Mon Sep 17 00:00:00 2001 +From: Xiang Zheng +Date: Mon, 20 Apr 2020 17:40:25 +0800 +Subject: [PATCH 2/2] CryptoPkg: Upgrade OpenSSL to 1.1.1f + +Upgrade OpenSLL to 1.1.1f + +Signed-off-by: Xiang Zheng +--- + CryptoPkg/CryptoPkg.dec | 1 - + .../Library/BaseCryptLib/Hash/CryptSm3.c | 2 +- + .../BaseCryptLib/Pk/CryptPkcs7VerifyEku.c | 4 +- + CryptoPkg/Library/Include/crypto/dso_conf.h | 6 +- + .../Library/Include/openssl/opensslconf.h | 3 - + CryptoPkg/Library/OpensslLib/OpensslLib.inf | 88 +++++++++---------- + .../Library/OpensslLib/OpensslLibCrypto.inf | 78 ++++++++-------- + CryptoPkg/Library/OpensslLib/rand_pool.c | 2 +- + 8 files changed, 90 insertions(+), 94 deletions(-) + +diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec +index 4d1a1368..5888941b 100644 +--- a/CryptoPkg/CryptoPkg.dec ++++ b/CryptoPkg/CryptoPkg.dec +@@ -23,7 +23,6 @@ + Private + Library/Include + Library/OpensslLib/openssl/include +- Library/OpensslLib/openssl/crypto/include + + [LibraryClasses] + ## @libraryclass Provides basic library functions for cryptographic primitives. +diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c +index eacf4826..235331c2 100644 +--- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c ++++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c +@@ -7,7 +7,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent + **/ + + #include "InternalCryptLib.h" +-#include "internal/sm3.h" ++#include "crypto/sm3.h" + + /** + Retrieves the size, in bytes, of the context buffer required for SM3 hash operations. +diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c +index 229c244b..c9fdb65b 100644 +--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c ++++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c +@@ -15,13 +15,13 @@ + #include + #include + #include +-#include ++#include + #include + #include + #include + #include + #include +-#include ++#include + + /** + This function will return the leaf signer certificate in a chain. This is +diff --git a/CryptoPkg/Library/Include/crypto/dso_conf.h b/CryptoPkg/Library/Include/crypto/dso_conf.h +index 43c89158..abbbf62c 100644 +--- a/CryptoPkg/Library/Include/crypto/dso_conf.h ++++ b/CryptoPkg/Library/Include/crypto/dso_conf.h +@@ -1,5 +1,5 @@ + /* WARNING: do not edit! */ +-/* Generated from crypto/include/internal/dso_conf.h.in */ ++/* Generated from include/crypto/dso_conf.h.in */ + /* + * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. + * +@@ -9,8 +9,8 @@ + * https://www.openssl.org/source/license.html + */ + +-#ifndef HEADER_DSO_CONF_H +-# define HEADER_DSO_CONF_H ++#ifndef OSSL_CRYPTO_DSO_CONF_H ++# define OSSL_CRYPTO_DSO_CONF_H + # define DSO_NONE + # define DSO_EXTENSION ".so" + #endif +diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h b/CryptoPkg/Library/Include/openssl/opensslconf.h +index 2b4d538e..a27aa658 100644 +--- a/CryptoPkg/Library/Include/openssl/opensslconf.h ++++ b/CryptoPkg/Library/Include/openssl/opensslconf.h +@@ -241,9 +241,6 @@ extern "C" { + #ifndef OPENSSL_NO_DYNAMIC_ENGINE + # define OPENSSL_NO_DYNAMIC_ENGINE + #endif +-#ifndef OPENSSL_NO_AFALGENG +-# define OPENSSL_NO_AFALGENG +-#endif + + + /* +diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf +index 3fa52f55..a010e6bc 100644 +--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf ++++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf +@@ -494,57 +494,57 @@ + $(OPENSSL_PATH)/crypto/x509v3/v3_tlsf.c + $(OPENSSL_PATH)/crypto/x509v3/v3_utl.c + $(OPENSSL_PATH)/crypto/x509v3/v3err.c +- $(OPENSSL_PATH)/crypto/hmac/hmac_lcl.h +- $(OPENSSL_PATH)/crypto/dh/dh_locl.h +- $(OPENSSL_PATH)/crypto/bio/bio_lcl.h +- $(OPENSSL_PATH)/crypto/conf/conf_def.h +- $(OPENSSL_PATH)/crypto/conf/conf_lcl.h +- $(OPENSSL_PATH)/crypto/lhash/lhash_lcl.h +- $(OPENSSL_PATH)/crypto/sha/sha_locl.h +- $(OPENSSL_PATH)/crypto/md5/md5_locl.h +- $(OPENSSL_PATH)/crypto/store/store_locl.h +- $(OPENSSL_PATH)/crypto/dso/dso_locl.h +- $(OPENSSL_PATH)/crypto/pkcs12/p12_lcl.h ++ $(OPENSSL_PATH)/crypto/dso/dso_local.h ++ $(OPENSSL_PATH)/crypto/dh/dh_local.h ++ $(OPENSSL_PATH)/crypto/rc4/rc4_local.h ++ $(OPENSSL_PATH)/crypto/ui/ui_local.h ++ $(OPENSSL_PATH)/crypto/async/async_local.h ++ $(OPENSSL_PATH)/crypto/modes/modes_local.h ++ $(OPENSSL_PATH)/crypto/asn1/asn1_item_list.h ++ $(OPENSSL_PATH)/crypto/asn1/asn1_local.h ++ $(OPENSSL_PATH)/crypto/asn1/charmap.h ++ $(OPENSSL_PATH)/crypto/asn1/standard_methods.h ++ $(OPENSSL_PATH)/crypto/asn1/tbl_standard.h ++ $(OPENSSL_PATH)/crypto/md4/md4_local.h ++ $(OPENSSL_PATH)/crypto/rand/rand_local.h ++ $(OPENSSL_PATH)/crypto/pkcs12/p12_local.h ++ $(OPENSSL_PATH)/crypto/lhash/lhash_local.h ++ $(OPENSSL_PATH)/crypto/evp/evp_local.h ++ $(OPENSSL_PATH)/crypto/rsa/rsa_local.h ++ $(OPENSSL_PATH)/crypto/bn/bn_local.h ++ $(OPENSSL_PATH)/crypto/bn/bn_prime.h ++ $(OPENSSL_PATH)/crypto/bn/rsaz_exp.h ++ $(OPENSSL_PATH)/crypto/des/des_local.h ++ $(OPENSSL_PATH)/crypto/des/spr.h + $(OPENSSL_PATH)/crypto/arm_arch.h + $(OPENSSL_PATH)/crypto/mips_arch.h + $(OPENSSL_PATH)/crypto/ppc_arch.h + $(OPENSSL_PATH)/crypto/s390x_arch.h + $(OPENSSL_PATH)/crypto/sparc_arch.h + $(OPENSSL_PATH)/crypto/vms_rms.h +- $(OPENSSL_PATH)/crypto/bn/bn_lcl.h +- $(OPENSSL_PATH)/crypto/bn/bn_prime.h +- $(OPENSSL_PATH)/crypto/bn/rsaz_exp.h +- $(OPENSSL_PATH)/crypto/ui/ui_locl.h +- $(OPENSSL_PATH)/crypto/md4/md4_locl.h +- $(OPENSSL_PATH)/crypto/rc4/rc4_locl.h +- $(OPENSSL_PATH)/crypto/asn1/asn1_item_list.h +- $(OPENSSL_PATH)/crypto/asn1/asn1_locl.h +- $(OPENSSL_PATH)/crypto/asn1/charmap.h +- $(OPENSSL_PATH)/crypto/asn1/standard_methods.h +- $(OPENSSL_PATH)/crypto/asn1/tbl_standard.h +- $(OPENSSL_PATH)/crypto/evp/evp_locl.h +- $(OPENSSL_PATH)/crypto/rand/rand_lcl.h +- $(OPENSSL_PATH)/crypto/ocsp/ocsp_lcl.h +- $(OPENSSL_PATH)/crypto/modes/modes_lcl.h +- $(OPENSSL_PATH)/crypto/comp/comp_lcl.h +- $(OPENSSL_PATH)/crypto/rsa/rsa_locl.h +- $(OPENSSL_PATH)/crypto/x509/x509_lcl.h ++ $(OPENSSL_PATH)/crypto/ocsp/ocsp_local.h ++ $(OPENSSL_PATH)/crypto/md5/md5_local.h ++ $(OPENSSL_PATH)/crypto/aes/aes_local.h ++ $(OPENSSL_PATH)/crypto/store/store_local.h ++ $(OPENSSL_PATH)/crypto/objects/obj_dat.h ++ $(OPENSSL_PATH)/crypto/objects/obj_local.h ++ $(OPENSSL_PATH)/crypto/objects/obj_xref.h ++ $(OPENSSL_PATH)/crypto/hmac/hmac_local.h + $(OPENSSL_PATH)/crypto/async/arch/async_null.h + $(OPENSSL_PATH)/crypto/async/arch/async_posix.h + $(OPENSSL_PATH)/crypto/async/arch/async_win.h +- $(OPENSSL_PATH)/crypto/sm3/sm3_locl.h +- $(OPENSSL_PATH)/crypto/des/des_locl.h +- $(OPENSSL_PATH)/crypto/des/spr.h +- $(OPENSSL_PATH)/crypto/siphash/siphash_local.h +- $(OPENSSL_PATH)/crypto/aes/aes_locl.h +- $(OPENSSL_PATH)/crypto/async/async_locl.h + $(OPENSSL_PATH)/crypto/x509v3/ext_dat.h +- $(OPENSSL_PATH)/crypto/x509v3/pcy_int.h ++ $(OPENSSL_PATH)/crypto/x509v3/pcy_local.h + $(OPENSSL_PATH)/crypto/x509v3/standard_exts.h + $(OPENSSL_PATH)/crypto/x509v3/v3_admis.h +- $(OPENSSL_PATH)/crypto/objects/obj_dat.h +- $(OPENSSL_PATH)/crypto/objects/obj_lcl.h +- $(OPENSSL_PATH)/crypto/objects/obj_xref.h ++ $(OPENSSL_PATH)/crypto/conf/conf_def.h ++ $(OPENSSL_PATH)/crypto/conf/conf_local.h ++ $(OPENSSL_PATH)/crypto/comp/comp_local.h ++ $(OPENSSL_PATH)/crypto/sha/sha_local.h ++ $(OPENSSL_PATH)/crypto/x509/x509_local.h ++ $(OPENSSL_PATH)/crypto/sm3/sm3_local.h ++ $(OPENSSL_PATH)/crypto/bio/bio_local.h ++ $(OPENSSL_PATH)/crypto/siphash/siphash_local.h + $(OPENSSL_PATH)/ssl/bio_ssl.c + $(OPENSSL_PATH)/ssl/d1_lib.c + $(OPENSSL_PATH)/ssl/d1_msg.c +@@ -589,13 +589,13 @@ + $(OPENSSL_PATH)/ssl/t1_trce.c + $(OPENSSL_PATH)/ssl/tls13_enc.c + $(OPENSSL_PATH)/ssl/tls_srp.c +- $(OPENSSL_PATH)/ssl/statem/statem.h +- $(OPENSSL_PATH)/ssl/statem/statem_locl.h +- $(OPENSSL_PATH)/ssl/packet_locl.h ++ $(OPENSSL_PATH)/ssl/packet_local.h + $(OPENSSL_PATH)/ssl/ssl_cert_table.h +- $(OPENSSL_PATH)/ssl/ssl_locl.h ++ $(OPENSSL_PATH)/ssl/ssl_local.h ++ $(OPENSSL_PATH)/ssl/statem/statem.h ++ $(OPENSSL_PATH)/ssl/statem/statem_local.h + $(OPENSSL_PATH)/ssl/record/record.h +- $(OPENSSL_PATH)/ssl/record/record_locl.h ++ $(OPENSSL_PATH)/ssl/record/record_local.h + # Autogenerated files list ends here + buildinf.h + rand_pool_noise.h +diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +index f1f9fbb9..de8a9ef2 100644 +--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf ++++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +@@ -494,57 +494,57 @@ + $(OPENSSL_PATH)/crypto/x509v3/v3_tlsf.c + $(OPENSSL_PATH)/crypto/x509v3/v3_utl.c + $(OPENSSL_PATH)/crypto/x509v3/v3err.c +- $(OPENSSL_PATH)/crypto/hmac/hmac_lcl.h +- $(OPENSSL_PATH)/crypto/dh/dh_locl.h +- $(OPENSSL_PATH)/crypto/bio/bio_lcl.h +- $(OPENSSL_PATH)/crypto/conf/conf_def.h +- $(OPENSSL_PATH)/crypto/conf/conf_lcl.h +- $(OPENSSL_PATH)/crypto/lhash/lhash_lcl.h +- $(OPENSSL_PATH)/crypto/sha/sha_locl.h +- $(OPENSSL_PATH)/crypto/md5/md5_locl.h +- $(OPENSSL_PATH)/crypto/store/store_locl.h +- $(OPENSSL_PATH)/crypto/dso/dso_locl.h +- $(OPENSSL_PATH)/crypto/pkcs12/p12_lcl.h ++ $(OPENSSL_PATH)/crypto/dso/dso_local.h ++ $(OPENSSL_PATH)/crypto/dh/dh_local.h ++ $(OPENSSL_PATH)/crypto/rc4/rc4_local.h ++ $(OPENSSL_PATH)/crypto/ui/ui_local.h ++ $(OPENSSL_PATH)/crypto/async/async_local.h ++ $(OPENSSL_PATH)/crypto/modes/modes_local.h ++ $(OPENSSL_PATH)/crypto/asn1/asn1_item_list.h ++ $(OPENSSL_PATH)/crypto/asn1/asn1_local.h ++ $(OPENSSL_PATH)/crypto/asn1/charmap.h ++ $(OPENSSL_PATH)/crypto/asn1/standard_methods.h ++ $(OPENSSL_PATH)/crypto/asn1/tbl_standard.h ++ $(OPENSSL_PATH)/crypto/md4/md4_local.h ++ $(OPENSSL_PATH)/crypto/rand/rand_local.h ++ $(OPENSSL_PATH)/crypto/pkcs12/p12_local.h ++ $(OPENSSL_PATH)/crypto/lhash/lhash_local.h ++ $(OPENSSL_PATH)/crypto/evp/evp_local.h ++ $(OPENSSL_PATH)/crypto/rsa/rsa_local.h ++ $(OPENSSL_PATH)/crypto/bn/bn_local.h ++ $(OPENSSL_PATH)/crypto/bn/bn_prime.h ++ $(OPENSSL_PATH)/crypto/bn/rsaz_exp.h ++ $(OPENSSL_PATH)/crypto/des/des_local.h ++ $(OPENSSL_PATH)/crypto/des/spr.h + $(OPENSSL_PATH)/crypto/arm_arch.h + $(OPENSSL_PATH)/crypto/mips_arch.h + $(OPENSSL_PATH)/crypto/ppc_arch.h + $(OPENSSL_PATH)/crypto/s390x_arch.h + $(OPENSSL_PATH)/crypto/sparc_arch.h + $(OPENSSL_PATH)/crypto/vms_rms.h +- $(OPENSSL_PATH)/crypto/bn/bn_lcl.h +- $(OPENSSL_PATH)/crypto/bn/bn_prime.h +- $(OPENSSL_PATH)/crypto/bn/rsaz_exp.h +- $(OPENSSL_PATH)/crypto/ui/ui_locl.h +- $(OPENSSL_PATH)/crypto/md4/md4_locl.h +- $(OPENSSL_PATH)/crypto/rc4/rc4_locl.h +- $(OPENSSL_PATH)/crypto/asn1/asn1_item_list.h +- $(OPENSSL_PATH)/crypto/asn1/asn1_locl.h +- $(OPENSSL_PATH)/crypto/asn1/charmap.h +- $(OPENSSL_PATH)/crypto/asn1/standard_methods.h +- $(OPENSSL_PATH)/crypto/asn1/tbl_standard.h +- $(OPENSSL_PATH)/crypto/evp/evp_locl.h +- $(OPENSSL_PATH)/crypto/rand/rand_lcl.h +- $(OPENSSL_PATH)/crypto/ocsp/ocsp_lcl.h +- $(OPENSSL_PATH)/crypto/modes/modes_lcl.h +- $(OPENSSL_PATH)/crypto/comp/comp_lcl.h +- $(OPENSSL_PATH)/crypto/rsa/rsa_locl.h +- $(OPENSSL_PATH)/crypto/x509/x509_lcl.h ++ $(OPENSSL_PATH)/crypto/ocsp/ocsp_local.h ++ $(OPENSSL_PATH)/crypto/md5/md5_local.h ++ $(OPENSSL_PATH)/crypto/aes/aes_local.h ++ $(OPENSSL_PATH)/crypto/store/store_local.h ++ $(OPENSSL_PATH)/crypto/objects/obj_dat.h ++ $(OPENSSL_PATH)/crypto/objects/obj_local.h ++ $(OPENSSL_PATH)/crypto/objects/obj_xref.h ++ $(OPENSSL_PATH)/crypto/hmac/hmac_local.h + $(OPENSSL_PATH)/crypto/async/arch/async_null.h + $(OPENSSL_PATH)/crypto/async/arch/async_posix.h + $(OPENSSL_PATH)/crypto/async/arch/async_win.h +- $(OPENSSL_PATH)/crypto/sm3/sm3_locl.h +- $(OPENSSL_PATH)/crypto/des/des_locl.h +- $(OPENSSL_PATH)/crypto/des/spr.h +- $(OPENSSL_PATH)/crypto/siphash/siphash_local.h +- $(OPENSSL_PATH)/crypto/aes/aes_locl.h +- $(OPENSSL_PATH)/crypto/async/async_locl.h + $(OPENSSL_PATH)/crypto/x509v3/ext_dat.h +- $(OPENSSL_PATH)/crypto/x509v3/pcy_int.h ++ $(OPENSSL_PATH)/crypto/x509v3/pcy_local.h + $(OPENSSL_PATH)/crypto/x509v3/standard_exts.h + $(OPENSSL_PATH)/crypto/x509v3/v3_admis.h +- $(OPENSSL_PATH)/crypto/objects/obj_dat.h +- $(OPENSSL_PATH)/crypto/objects/obj_lcl.h +- $(OPENSSL_PATH)/crypto/objects/obj_xref.h ++ $(OPENSSL_PATH)/crypto/conf/conf_def.h ++ $(OPENSSL_PATH)/crypto/conf/conf_local.h ++ $(OPENSSL_PATH)/crypto/comp/comp_local.h ++ $(OPENSSL_PATH)/crypto/sha/sha_local.h ++ $(OPENSSL_PATH)/crypto/x509/x509_local.h ++ $(OPENSSL_PATH)/crypto/sm3/sm3_local.h ++ $(OPENSSL_PATH)/crypto/bio/bio_local.h ++ $(OPENSSL_PATH)/crypto/siphash/siphash_local.h + # Autogenerated files list ends here + buildinf.h + rand_pool_noise.h +diff --git a/CryptoPkg/Library/OpensslLib/rand_pool.c b/CryptoPkg/Library/OpensslLib/rand_pool.c +index 9f3983f7..9e0179b0 100644 +--- a/CryptoPkg/Library/OpensslLib/rand_pool.c ++++ b/CryptoPkg/Library/OpensslLib/rand_pool.c +@@ -7,7 +7,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent + + **/ + +-#include "internal/rand_int.h" ++#include "crypto/rand.h" + #include + + #include +-- +2.19.1 + diff --git a/0003-CryptoPkg-OpensslLib-improve-INF-file-consistency.patch b/0003-CryptoPkg-OpensslLib-improve-INF-file-consistency.patch deleted file mode 100644 index 2aa11309a700419aeff0e3200d723fb70a52972a..0000000000000000000000000000000000000000 --- a/0003-CryptoPkg-OpensslLib-improve-INF-file-consistency.patch +++ /dev/null @@ -1,61 +0,0 @@ -From bb9add51feac285a940882b3ea73723ecc77802e Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Thu, 21 Nov 2019 08:46:10 +0100 -Subject: [PATCH 3/4] CryptoPkg/OpensslLib: improve INF file consistency - -When diffing "OpensslLib.inf" against "OpensslLibCrypto.inf", the *only* -differences should be: - -- BASE_NAME, MODULE_UNI_FILE, and FILE_GUID are expected to differ, in - [Defines]; - -- "OpensslLib.inf" is expected to list "$(OPENSSL_PATH)/ssl/..." source - files in the auto-generated part of the [Sources] section. - -Commit 8906f076de35 ("CryptoPkg/OpensslLib: Add missing header files in -INF file", 2019-08-16) broke that invariant, by adding "buildinf.h" and -"rand_pool_noise.h" in different order to both INF files. - -Fix that order in "OpensslLib.inf" now. (Note that this does not -re-establish full consistency between both INF files -- it just highlights -another problem, which we'll fix in the next patch.) - -Cc: Jian J Wang -Cc: Leif Lindholm -Cc: Shenglei Zhang -Cc: Xiaoyu Lu -Fixes: 8906f076de35b222a7d62bcf6ed1a4a2498a5791 -Signed-off-by: Laszlo Ersek -Reviewed-by: Jian J Wang -Reviewed-by: Philippe Mathieu-Daude -Reviewed-by: Leif Lindholm ---- - CryptoPkg/Library/OpensslLib/OpensslLib.inf | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf -index dd873a0dcd..f832b53ff5 100644 ---- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf -+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf -@@ -22,8 +22,6 @@ - # - - [Sources] -- buildinf.h -- rand_pool_noise.h - $(OPENSSL_PATH)/e_os.h - # Autogenerated files list starts here - $(OPENSSL_PATH)/crypto/aes/aes_cbc.c -@@ -598,7 +596,8 @@ - $(OPENSSL_PATH)/ssl/record/record.h - $(OPENSSL_PATH)/ssl/record/record_locl.h - # Autogenerated files list ends here -- -+ buildinf.h -+ rand_pool_noise.h - ossl_store.c - rand_pool.c - --- -2.19.1 - diff --git a/0004-CryptoPkg-OpensslLib.inf-list-OpenSSL-local-header-m.patch b/0004-CryptoPkg-OpensslLib.inf-list-OpenSSL-local-header-m.patch deleted file mode 100644 index 43fa59b94a622b38b94ca0e0c9b264fc1bb59828..0000000000000000000000000000000000000000 --- a/0004-CryptoPkg-OpensslLib.inf-list-OpenSSL-local-header-m.patch +++ /dev/null @@ -1,49 +0,0 @@ -From e00127a37348e5808d84ce7281bff6ca4db74907 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Thu, 21 Nov 2019 09:01:10 +0100 -Subject: [PATCH 4/4] CryptoPkg/OpensslLib.inf: list OpenSSL local header - "ms/uplink.h" - -Commit 8906f076de35 ("CryptoPkg/OpensslLib: Add missing header files in -INF file", 2019-08-16) incorrectly placed "ms/uplink.h" in the -auto-generated part of [Sources], in "OpensslLib.inf". - -("ms/uplink.h" was added in the right spot in "OpensslLibCrypto.inf".) - -Subsequently, when commit 9f4fbd56d430 ("CryptoPkg/OpensslLib: Update -process_files.pl to generate .h files", 2019-10-30) re-generated that part -of "OpensslLib.inf", the "ms/uplink.h" file reference was lost. This -triggers a warning from the "build" utility now. - -Name the header file in the right spot in [Sources]. - -This change makes "OpensslLib.inf" consistent with "OpensslLibCrypto.inf". - -Cc: Jian J Wang -Cc: Leif Lindholm -Cc: Shenglei Zhang -Cc: Xiaoyu Lu -Fixes: 8906f076de35b222a7d62bcf6ed1a4a2498a5791 -Signed-off-by: Laszlo Ersek -Reviewed-by: Jian J Wang -Reviewed-by: Philippe Mathieu-Daude -Reviewed-by: Leif Lindholm ---- - CryptoPkg/Library/OpensslLib/OpensslLib.inf | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf -index f832b53ff5..1743213caa 100644 ---- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf -+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf -@@ -23,6 +23,7 @@ - - [Sources] - $(OPENSSL_PATH)/e_os.h -+ $(OPENSSL_PATH)/ms/uplink.h - # Autogenerated files list starts here - $(OPENSSL_PATH)/crypto/aes/aes_cbc.c - $(OPENSSL_PATH)/crypto/aes/aes_cfb.c --- -2.19.1 - diff --git a/0005-crypto-threads_none.c-fix-syntax-error-in-openssl_ge.patch b/0005-crypto-threads_none.c-fix-syntax-error-in-openssl_ge.patch deleted file mode 100644 index 211cedae34707eb86c35ced796d2710ddb379ad9..0000000000000000000000000000000000000000 --- a/0005-crypto-threads_none.c-fix-syntax-error-in-openssl_ge.patch +++ /dev/null @@ -1,30 +0,0 @@ -From c3656cc594daac8167721dde7220f0e59ae146fc Mon Sep 17 00:00:00 2001 -From: "Dr. Matthias St. Pierre" -Date: Wed, 11 Sep 2019 10:25:43 +0200 -Subject: [PATCH] crypto/threads_none.c: fix syntax error in - openssl_get_fork_id() - -Fixes #9858 - -Reviewed-by: Matt Caswell -(Merged from https://github.com/openssl/openssl/pull/9860) ---- - crypto/threads_none.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/CryptoPkg/Library/OpensslLib/openssl/crypto/threads_none.c b/CryptoPkg/Library/OpensslLib/openssl/crypto/threads_none.c -index aabf0e0dc0..aaaaae872a 100644 ---- a/CryptoPkg/Library/OpensslLib/openssl/crypto/threads_none.c -+++ b/CryptoPkg/Library/OpensslLib/openssl/crypto/threads_none.c -@@ -143,7 +143,7 @@ int openssl_get_fork_id(void) - # if defined(OPENSSL_SYS_UNIX) - return getpid(); - # else -- return return 0; -+ return 0; - # endif - } - #endif --- -2.19.1 - diff --git a/CVE-2019-1551.patch b/CVE-2019-1551.patch deleted file mode 100644 index 320fd437faddac16738bd87abdb05e95eab60be5..0000000000000000000000000000000000000000 --- a/CVE-2019-1551.patch +++ /dev/null @@ -1,757 +0,0 @@ -From 419102400a2811582a7a3d4a4e317d72e5ce0a8f Mon Sep 17 00:00:00 2001 -From: Andy Polyakov -Date: Wed, 4 Dec 2019 12:48:21 +0100 -Subject: [PATCH] Fix an overflow bug in rsaz_512_sqr - -There is an overflow bug in the x64_64 Montgomery squaring procedure used in -exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis -suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a -result of this defect would be very difficult to perform and are not believed -likely. Attacks against DH512 are considered just feasible. However, for an -attack the target would have to re-use the DH512 private key, which is not -recommended anyway. Also applications directly using the low level API -BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. - -CVE-2019-1551 - -Reviewed-by: Paul Dale -Reviewed-by: Bernd Edlinger -(Merged from https://github.com/openssl/openssl/pull/10575) ---- - crypto/bn/asm/rsaz-x86_64.pl | 381 ++++++++++++++++++++++--------------------- - 1 file changed, 197 insertions(+), 184 deletions(-) - -diff --git a/crypto/bn/asm/rsaz-x86_64.pl b/crypto/bn/asm/rsaz-x86_64.pl -index b1797b6..7534d5c 100755 ---- a/crypto/bn/asm/rsaz-x86_64.pl -+++ b/crypto/bn/asm/rsaz-x86_64.pl -@@ -116,7 +116,7 @@ rsaz_512_sqr: # 25-29% faster than rsaz_512_mul - subq \$128+24, %rsp - .cfi_adjust_cfa_offset 128+24 - .Lsqr_body: -- movq $mod, %rbp # common argument -+ movq $mod, %xmm1 # common off-load - movq ($inp), %rdx - movq 8($inp), %rax - movq $n0, 128(%rsp) -@@ -134,7 +134,8 @@ $code.=<<___; - .Loop_sqr: - movl $times,128+8(%rsp) - #first iteration -- movq %rdx, %rbx -+ movq %rdx, %rbx # 0($inp) -+ mov %rax, %rbp # 8($inp) - mulq %rdx - movq %rax, %r8 - movq 16($inp), %rax -@@ -173,31 +174,29 @@ $code.=<<___; - mulq %rbx - addq %rax, %r14 - movq %rbx, %rax -- movq %rdx, %r15 -- adcq \$0, %r15 -+ adcq \$0, %rdx - -- addq %r8, %r8 #shlq \$1, %r8 -- movq %r9, %rcx -- adcq %r9, %r9 #shld \$1, %r8, %r9 -+ xorq %rcx,%rcx # rcx:r8 = r8 << 1 -+ addq %r8, %r8 -+ movq %rdx, %r15 -+ adcq \$0, %rcx - - mulq %rax -- movq %rax, (%rsp) -- addq %rdx, %r8 -- adcq \$0, %r9 -+ addq %r8, %rdx -+ adcq \$0, %rcx - -- movq %r8, 8(%rsp) -- shrq \$63, %rcx -+ movq %rax, (%rsp) -+ movq %rdx, 8(%rsp) - - #second iteration -- movq 8($inp), %r8 - movq 16($inp), %rax -- mulq %r8 -+ mulq %rbp - addq %rax, %r10 - movq 24($inp), %rax - movq %rdx, %rbx - adcq \$0, %rbx - -- mulq %r8 -+ mulq %rbp - addq %rax, %r11 - movq 32($inp), %rax - adcq \$0, %rdx -@@ -205,7 +204,7 @@ $code.=<<___; - movq %rdx, %rbx - adcq \$0, %rbx - -- mulq %r8 -+ mulq %rbp - addq %rax, %r12 - movq 40($inp), %rax - adcq \$0, %rdx -@@ -213,7 +212,7 @@ $code.=<<___; - movq %rdx, %rbx - adcq \$0, %rbx - -- mulq %r8 -+ mulq %rbp - addq %rax, %r13 - movq 48($inp), %rax - adcq \$0, %rdx -@@ -221,7 +220,7 @@ $code.=<<___; - movq %rdx, %rbx - adcq \$0, %rbx - -- mulq %r8 -+ mulq %rbp - addq %rax, %r14 - movq 56($inp), %rax - adcq \$0, %rdx -@@ -229,39 +228,39 @@ $code.=<<___; - movq %rdx, %rbx - adcq \$0, %rbx - -- mulq %r8 -+ mulq %rbp - addq %rax, %r15 -- movq %r8, %rax -+ movq %rbp, %rax - adcq \$0, %rdx - addq %rbx, %r15 -- movq %rdx, %r8 -- movq %r10, %rdx -- adcq \$0, %r8 -+ adcq \$0, %rdx - -- add %rdx, %rdx -- lea (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10 -- movq %r11, %rbx -- adcq %r11, %r11 #shld \$1, %r10, %r11 -+ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1 -+ addq %r9, %r9 -+ movq %rdx, %r8 -+ adcq %r10, %r10 -+ adcq \$0, %rbx - - mulq %rax -+ addq %rcx, %rax -+ movq 16($inp), %rbp -+ adcq \$0, %rdx - addq %rax, %r9 -+ movq 24($inp), %rax - adcq %rdx, %r10 -- adcq \$0, %r11 -+ adcq \$0, %rbx - - movq %r9, 16(%rsp) - movq %r10, 24(%rsp) -- shrq \$63, %rbx - - #third iteration -- movq 16($inp), %r9 -- movq 24($inp), %rax -- mulq %r9 -+ mulq %rbp - addq %rax, %r12 - movq 32($inp), %rax - movq %rdx, %rcx - adcq \$0, %rcx - -- mulq %r9 -+ mulq %rbp - addq %rax, %r13 - movq 40($inp), %rax - adcq \$0, %rdx -@@ -269,7 +268,7 @@ $code.=<<___; - movq %rdx, %rcx - adcq \$0, %rcx - -- mulq %r9 -+ mulq %rbp - addq %rax, %r14 - movq 48($inp), %rax - adcq \$0, %rdx -@@ -277,9 +276,7 @@ $code.=<<___; - movq %rdx, %rcx - adcq \$0, %rcx - -- mulq %r9 -- movq %r12, %r10 -- lea (%rbx,%r12,2), %r12 #shld \$1, %rbx, %r12 -+ mulq %rbp - addq %rax, %r15 - movq 56($inp), %rax - adcq \$0, %rdx -@@ -287,36 +284,40 @@ $code.=<<___; - movq %rdx, %rcx - adcq \$0, %rcx - -- mulq %r9 -- shrq \$63, %r10 -+ mulq %rbp - addq %rax, %r8 -- movq %r9, %rax -+ movq %rbp, %rax - adcq \$0, %rdx - addq %rcx, %r8 -- movq %rdx, %r9 -- adcq \$0, %r9 -+ adcq \$0, %rdx - -- movq %r13, %rcx -- leaq (%r10,%r13,2), %r13 #shld \$1, %r12, %r13 -+ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1 -+ addq %r11, %r11 -+ movq %rdx, %r9 -+ adcq %r12, %r12 -+ adcq \$0, %rcx - - mulq %rax -+ addq %rbx, %rax -+ movq 24($inp), %r10 -+ adcq \$0, %rdx - addq %rax, %r11 -+ movq 32($inp), %rax - adcq %rdx, %r12 -- adcq \$0, %r13 -+ adcq \$0, %rcx - - movq %r11, 32(%rsp) - movq %r12, 40(%rsp) -- shrq \$63, %rcx - - #fourth iteration -- movq 24($inp), %r10 -- movq 32($inp), %rax -+ mov %rax, %r11 # 32($inp) - mulq %r10 - addq %rax, %r14 - movq 40($inp), %rax - movq %rdx, %rbx - adcq \$0, %rbx - -+ mov %rax, %r12 # 40($inp) - mulq %r10 - addq %rax, %r15 - movq 48($inp), %rax -@@ -325,9 +326,8 @@ $code.=<<___; - movq %rdx, %rbx - adcq \$0, %rbx - -+ mov %rax, %rbp # 48($inp) - mulq %r10 -- movq %r14, %r12 -- leaq (%rcx,%r14,2), %r14 #shld \$1, %rcx, %r14 - addq %rax, %r8 - movq 56($inp), %rax - adcq \$0, %rdx -@@ -336,32 +336,33 @@ $code.=<<___; - adcq \$0, %rbx - - mulq %r10 -- shrq \$63, %r12 - addq %rax, %r9 - movq %r10, %rax - adcq \$0, %rdx - addq %rbx, %r9 -- movq %rdx, %r10 -- adcq \$0, %r10 -+ adcq \$0, %rdx - -- movq %r15, %rbx -- leaq (%r12,%r15,2),%r15 #shld \$1, %r14, %r15 -+ xorq %rbx, %rbx # rbx:r13:r14 = r13:r14 << 1 -+ addq %r13, %r13 -+ movq %rdx, %r10 -+ adcq %r14, %r14 -+ adcq \$0, %rbx - - mulq %rax -+ addq %rcx, %rax -+ adcq \$0, %rdx - addq %rax, %r13 -+ movq %r12, %rax # 40($inp) - adcq %rdx, %r14 -- adcq \$0, %r15 -+ adcq \$0, %rbx - - movq %r13, 48(%rsp) - movq %r14, 56(%rsp) -- shrq \$63, %rbx - - #fifth iteration -- movq 32($inp), %r11 -- movq 40($inp), %rax - mulq %r11 - addq %rax, %r8 -- movq 48($inp), %rax -+ movq %rbp, %rax # 48($inp) - movq %rdx, %rcx - adcq \$0, %rcx - -@@ -369,97 +370,99 @@ $code.=<<___; - addq %rax, %r9 - movq 56($inp), %rax - adcq \$0, %rdx -- movq %r8, %r12 -- leaq (%rbx,%r8,2), %r8 #shld \$1, %rbx, %r8 - addq %rcx, %r9 - movq %rdx, %rcx - adcq \$0, %rcx - -+ mov %rax, %r14 # 56($inp) - mulq %r11 -- shrq \$63, %r12 - addq %rax, %r10 - movq %r11, %rax - adcq \$0, %rdx - addq %rcx, %r10 -- movq %rdx, %r11 -- adcq \$0, %r11 -+ adcq \$0, %rdx - -- movq %r9, %rcx -- leaq (%r12,%r9,2), %r9 #shld \$1, %r8, %r9 -+ xorq %rcx, %rcx # rcx:r8:r15 = r8:r15 << 1 -+ addq %r15, %r15 -+ movq %rdx, %r11 -+ adcq %r8, %r8 -+ adcq \$0, %rcx - - mulq %rax -+ addq %rbx, %rax -+ adcq \$0, %rdx - addq %rax, %r15 -+ movq %rbp, %rax # 48($inp) - adcq %rdx, %r8 -- adcq \$0, %r9 -+ adcq \$0, %rcx - - movq %r15, 64(%rsp) - movq %r8, 72(%rsp) -- shrq \$63, %rcx - - #sixth iteration -- movq 40($inp), %r12 -- movq 48($inp), %rax - mulq %r12 - addq %rax, %r10 -- movq 56($inp), %rax -+ movq %r14, %rax # 56($inp) - movq %rdx, %rbx - adcq \$0, %rbx - - mulq %r12 - addq %rax, %r11 - movq %r12, %rax -- movq %r10, %r15 -- leaq (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10 - adcq \$0, %rdx -- shrq \$63, %r15 - addq %rbx, %r11 -- movq %rdx, %r12 -- adcq \$0, %r12 -+ adcq \$0, %rdx - -- movq %r11, %rbx -- leaq (%r15,%r11,2), %r11 #shld \$1, %r10, %r11 -+ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1 -+ addq %r9, %r9 -+ movq %rdx, %r12 -+ adcq %r10, %r10 -+ adcq \$0, %rbx - - mulq %rax -+ addq %rcx, %rax -+ adcq \$0, %rdx - addq %rax, %r9 -+ movq %r14, %rax # 56($inp) - adcq %rdx, %r10 -- adcq \$0, %r11 -+ adcq \$0, %rbx - - movq %r9, 80(%rsp) - movq %r10, 88(%rsp) - - #seventh iteration -- movq 48($inp), %r13 -- movq 56($inp), %rax -- mulq %r13 -+ mulq %rbp - addq %rax, %r12 -- movq %r13, %rax -- movq %rdx, %r13 -- adcq \$0, %r13 -+ movq %rbp, %rax -+ adcq \$0, %rdx - -- xorq %r14, %r14 -- shlq \$1, %rbx -- adcq %r12, %r12 #shld \$1, %rbx, %r12 -- adcq %r13, %r13 #shld \$1, %r12, %r13 -- adcq %r14, %r14 #shld \$1, %r13, %r14 -+ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1 -+ addq %r11, %r11 -+ movq %rdx, %r13 -+ adcq %r12, %r12 -+ adcq \$0, %rcx - - mulq %rax -+ addq %rbx, %rax -+ adcq \$0, %rdx - addq %rax, %r11 -+ movq %r14, %rax # 56($inp) - adcq %rdx, %r12 -- adcq \$0, %r13 -+ adcq \$0, %rcx - - movq %r11, 96(%rsp) - movq %r12, 104(%rsp) - - #eighth iteration -- movq 56($inp), %rax -+ xorq %rbx, %rbx # rbx:r13 = r13 << 1 -+ addq %r13, %r13 -+ adcq \$0, %rbx -+ - mulq %rax -- addq %rax, %r13 -+ addq %rcx, %rax - adcq \$0, %rdx -- -- addq %rdx, %r14 -- -- movq %r13, 112(%rsp) -- movq %r14, 120(%rsp) -+ addq %r13, %rax -+ adcq %rbx, %rdx - - movq (%rsp), %r8 - movq 8(%rsp), %r9 -@@ -469,6 +472,10 @@ $code.=<<___; - movq 40(%rsp), %r13 - movq 48(%rsp), %r14 - movq 56(%rsp), %r15 -+ movq %xmm1, %rbp -+ -+ movq %rax, 112(%rsp) -+ movq %rdx, 120(%rsp) - - call __rsaz_512_reduce - -@@ -500,9 +507,9 @@ $code.=<<___; - .Loop_sqrx: - movl $times,128+8(%rsp) - movq $out, %xmm0 # off-load -- movq %rbp, %xmm1 # off-load - #first iteration - mulx %rax, %r8, %r9 -+ mov %rax, %rbx - - mulx 16($inp), %rcx, %r10 - xor %rbp, %rbp # cf=0, of=0 -@@ -510,40 +517,39 @@ $code.=<<___; - mulx 24($inp), %rax, %r11 - adcx %rcx, %r9 - -- mulx 32($inp), %rcx, %r12 -+ .byte 0xc4,0x62,0xf3,0xf6,0xa6,0x20,0x00,0x00,0x00 # mulx 32($inp), %rcx, %r12 - adcx %rax, %r10 - -- mulx 40($inp), %rax, %r13 -+ .byte 0xc4,0x62,0xfb,0xf6,0xae,0x28,0x00,0x00,0x00 # mulx 40($inp), %rax, %r13 - adcx %rcx, %r11 - -- .byte 0xc4,0x62,0xf3,0xf6,0xb6,0x30,0x00,0x00,0x00 # mulx 48($inp), %rcx, %r14 -+ mulx 48($inp), %rcx, %r14 - adcx %rax, %r12 - adcx %rcx, %r13 - -- .byte 0xc4,0x62,0xfb,0xf6,0xbe,0x38,0x00,0x00,0x00 # mulx 56($inp), %rax, %r15 -+ mulx 56($inp), %rax, %r15 - adcx %rax, %r14 - adcx %rbp, %r15 # %rbp is 0 - -- mov %r9, %rcx -- shld \$1, %r8, %r9 -- shl \$1, %r8 -- -- xor %ebp, %ebp -- mulx %rdx, %rax, %rdx -- adcx %rdx, %r8 -- mov 8($inp), %rdx -- adcx %rbp, %r9 -+ mulx %rdx, %rax, $out -+ mov %rbx, %rdx # 8($inp) -+ xor %rcx, %rcx -+ adox %r8, %r8 -+ adcx $out, %r8 -+ adox %rbp, %rcx -+ adcx %rbp, %rcx - - mov %rax, (%rsp) - mov %r8, 8(%rsp) - - #second iteration -- mulx 16($inp), %rax, %rbx -+ .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x10,0x00,0x00,0x00 # mulx 16($inp), %rax, %rbx - adox %rax, %r10 - adcx %rbx, %r11 - -- .byte 0xc4,0x62,0xc3,0xf6,0x86,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r8 -+ mulx 24($inp), $out, %r8 - adox $out, %r11 -+ .byte 0x66 - adcx %r8, %r12 - - mulx 32($inp), %rax, %rbx -@@ -561,24 +567,25 @@ $code.=<<___; - .byte 0xc4,0x62,0xc3,0xf6,0x86,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r8 - adox $out, %r15 - adcx %rbp, %r8 -+ mulx %rdx, %rax, $out - adox %rbp, %r8 -+ .byte 0x48,0x8b,0x96,0x10,0x00,0x00,0x00 # mov 16($inp), %rdx - -- mov %r11, %rbx -- shld \$1, %r10, %r11 -- shld \$1, %rcx, %r10 -- -- xor %ebp,%ebp -- mulx %rdx, %rax, %rcx -- mov 16($inp), %rdx -+ xor %rbx, %rbx -+ adcx %rcx, %rax -+ adox %r9, %r9 -+ adcx %rbp, $out -+ adox %r10, %r10 - adcx %rax, %r9 -- adcx %rcx, %r10 -- adcx %rbp, %r11 -+ adox %rbp, %rbx -+ adcx $out, %r10 -+ adcx %rbp, %rbx - - mov %r9, 16(%rsp) - .byte 0x4c,0x89,0x94,0x24,0x18,0x00,0x00,0x00 # mov %r10, 24(%rsp) - - #third iteration -- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r9 -+ mulx 24($inp), $out, %r9 - adox $out, %r12 - adcx %r9, %r13 - -@@ -586,7 +593,7 @@ $code.=<<___; - adox %rax, %r13 - adcx %rcx, %r14 - -- mulx 40($inp), $out, %r9 -+ .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r9 - adox $out, %r14 - adcx %r9, %r15 - -@@ -594,27 +601,28 @@ $code.=<<___; - adox %rax, %r15 - adcx %rcx, %r8 - -- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r9 -+ mulx 56($inp), $out, %r9 - adox $out, %r8 - adcx %rbp, %r9 -+ mulx %rdx, %rax, $out - adox %rbp, %r9 -+ mov 24($inp), %rdx - -- mov %r13, %rcx -- shld \$1, %r12, %r13 -- shld \$1, %rbx, %r12 -- -- xor %ebp, %ebp -- mulx %rdx, %rax, %rdx -+ xor %rcx, %rcx -+ adcx %rbx, %rax -+ adox %r11, %r11 -+ adcx %rbp, $out -+ adox %r12, %r12 - adcx %rax, %r11 -- adcx %rdx, %r12 -- mov 24($inp), %rdx -- adcx %rbp, %r13 -+ adox %rbp, %rcx -+ adcx $out, %r12 -+ adcx %rbp, %rcx - - mov %r11, 32(%rsp) -- .byte 0x4c,0x89,0xa4,0x24,0x28,0x00,0x00,0x00 # mov %r12, 40(%rsp) -+ mov %r12, 40(%rsp) - - #fourth iteration -- .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x20,0x00,0x00,0x00 # mulx 32($inp), %rax, %rbx -+ mulx 32($inp), %rax, %rbx - adox %rax, %r14 - adcx %rbx, %r15 - -@@ -629,25 +637,25 @@ $code.=<<___; - mulx 56($inp), $out, %r10 - adox $out, %r9 - adcx %rbp, %r10 -+ mulx %rdx, %rax, $out - adox %rbp, %r10 -+ mov 32($inp), %rdx - -- .byte 0x66 -- mov %r15, %rbx -- shld \$1, %r14, %r15 -- shld \$1, %rcx, %r14 -- -- xor %ebp, %ebp -- mulx %rdx, %rax, %rdx -+ xor %rbx, %rbx -+ adcx %rcx, %rax -+ adox %r13, %r13 -+ adcx %rbp, $out -+ adox %r14, %r14 - adcx %rax, %r13 -- adcx %rdx, %r14 -- mov 32($inp), %rdx -- adcx %rbp, %r15 -+ adox %rbp, %rbx -+ adcx $out, %r14 -+ adcx %rbp, %rbx - - mov %r13, 48(%rsp) - mov %r14, 56(%rsp) - - #fifth iteration -- .byte 0xc4,0x62,0xc3,0xf6,0x9e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r11 -+ mulx 40($inp), $out, %r11 - adox $out, %r8 - adcx %r11, %r9 - -@@ -658,18 +666,19 @@ $code.=<<___; - mulx 56($inp), $out, %r11 - adox $out, %r10 - adcx %rbp, %r11 -+ mulx %rdx, %rax, $out -+ mov 40($inp), %rdx - adox %rbp, %r11 - -- mov %r9, %rcx -- shld \$1, %r8, %r9 -- shld \$1, %rbx, %r8 -- -- xor %ebp, %ebp -- mulx %rdx, %rax, %rdx -+ xor %rcx, %rcx -+ adcx %rbx, %rax -+ adox %r15, %r15 -+ adcx %rbp, $out -+ adox %r8, %r8 - adcx %rax, %r15 -- adcx %rdx, %r8 -- mov 40($inp), %rdx -- adcx %rbp, %r9 -+ adox %rbp, %rcx -+ adcx $out, %r8 -+ adcx %rbp, %rcx - - mov %r15, 64(%rsp) - mov %r8, 72(%rsp) -@@ -682,18 +691,19 @@ $code.=<<___; - .byte 0xc4,0x62,0xc3,0xf6,0xa6,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r12 - adox $out, %r11 - adcx %rbp, %r12 -+ mulx %rdx, %rax, $out - adox %rbp, %r12 -+ mov 48($inp), %rdx - -- mov %r11, %rbx -- shld \$1, %r10, %r11 -- shld \$1, %rcx, %r10 -- -- xor %ebp, %ebp -- mulx %rdx, %rax, %rdx -+ xor %rbx, %rbx -+ adcx %rcx, %rax -+ adox %r9, %r9 -+ adcx %rbp, $out -+ adox %r10, %r10 - adcx %rax, %r9 -- adcx %rdx, %r10 -- mov 48($inp), %rdx -- adcx %rbp, %r11 -+ adcx $out, %r10 -+ adox %rbp, %rbx -+ adcx %rbp, %rbx - - mov %r9, 80(%rsp) - mov %r10, 88(%rsp) -@@ -703,31 +713,31 @@ $code.=<<___; - adox %rax, %r12 - adox %rbp, %r13 - -- xor %r14, %r14 -- shld \$1, %r13, %r14 -- shld \$1, %r12, %r13 -- shld \$1, %rbx, %r12 -- -- xor %ebp, %ebp -- mulx %rdx, %rax, %rdx -- adcx %rax, %r11 -- adcx %rdx, %r12 -+ mulx %rdx, %rax, $out -+ xor %rcx, %rcx - mov 56($inp), %rdx -- adcx %rbp, %r13 -+ adcx %rbx, %rax -+ adox %r11, %r11 -+ adcx %rbp, $out -+ adox %r12, %r12 -+ adcx %rax, %r11 -+ adox %rbp, %rcx -+ adcx $out, %r12 -+ adcx %rbp, %rcx - - .byte 0x4c,0x89,0x9c,0x24,0x60,0x00,0x00,0x00 # mov %r11, 96(%rsp) - .byte 0x4c,0x89,0xa4,0x24,0x68,0x00,0x00,0x00 # mov %r12, 104(%rsp) - - #eighth iteration - mulx %rdx, %rax, %rdx -- adox %rax, %r13 -- adox %rbp, %rdx -+ xor %rbx, %rbx -+ adcx %rcx, %rax -+ adox %r13, %r13 -+ adcx %rbp, %rdx -+ adox %rbp, %rbx -+ adcx %r13, %rax -+ adcx %rdx, %rbx - -- .byte 0x66 -- add %rdx, %r14 -- -- movq %r13, 112(%rsp) -- movq %r14, 120(%rsp) - movq %xmm0, $out - movq %xmm1, %rbp - -@@ -741,6 +751,9 @@ $code.=<<___; - movq 48(%rsp), %r14 - movq 56(%rsp), %r15 - -+ movq %rax, 112(%rsp) -+ movq %rbx, 120(%rsp) -+ - call __rsaz_512_reducex - - addq 64(%rsp), %r8 --- -1.7.12.4 - diff --git a/edk2-edk2-stable201908.tar.gz b/edk2-stable202002.tar.gz similarity index 61% rename from edk2-edk2-stable201908.tar.gz rename to edk2-stable202002.tar.gz index e4b70da1dbda2679c41bb614a1f484fbb9066964..fd9db10fc1b4a05e53edad1323cc3002dfb0b840 100644 Binary files a/edk2-edk2-stable201908.tar.gz and b/edk2-stable202002.tar.gz differ diff --git a/edk2.spec b/edk2.spec index edcd1ca60695f460d498c79b06430412ba97064f..2653536433f2792f8014c5e0888224766384045b 100644 --- a/edk2.spec +++ b/edk2.spec @@ -1,26 +1,19 @@ -%global stable_date 201908 +%global stable_date 202002 %global release_tag edk2-stable%{stable_date} -%global openssl_version 1.1.1d +%global openssl_version 1.1.1f %global _python_bytecompile_extra 0 Name: edk2 Version: %{stable_date} -Release: 9 +Release: 1 Summary: EFI Development Kit II License: BSD-2-Clause-Patent URL: https://github.com/tianocore/edk2 -Source0: edk2-%{release_tag}.tar.gz +Source0: %{release_tag}.tar.gz Source1: openssl-%{openssl_version}.tar.gz -# openssl patches -Source2: CVE-2019-1551.patch -Source3: use-the-correct-maximum-indent.patch -Patch1: 0001-CryptoPkg-OpensslLib-Update-process_files.pl-to-gene.patch -Patch2: 0002-CryptoPkg-Upgrade-OpenSSL-to-1.1.1d.patch -Patch3: 0003-CryptoPkg-OpensslLib-improve-INF-file-consistency.patch -Patch4: 0004-CryptoPkg-OpensslLib.inf-list-OpenSSL-local-header-m.patch -# This patch is an openssl upstream patch to fix build error -Patch5: 0005-crypto-threads_none.c-fix-syntax-error-in-openssl_ge.patch +Patch0001: 0001-CryptoPkg-OpensslLib-Modify-process_files.pl-for-Ope.patch +Patch0002: 0002-CryptoPkg-Upgrade-OpenSSL-to-1.1.1f.patch BuildRequires: acpica-tools gcc gcc-c++ libuuid-devel python3 bc nasm python2 @@ -72,8 +65,6 @@ EFI Development Kit II Open Virtual Machine Firmware (ia32) %prep %setup -n edk2-%{release_tag} tar -xf %{SOURCE1} -C CryptoPkg/Library/OpensslLib/openssl --strip-components=1 -patch -p1 < %{SOURCE2} -d CryptoPkg/Library/OpensslLib/openssl -patch -p1 < %{SOURCE3} -d CryptoPkg/Library/OpensslLib/openssl %autopatch -p1 %build @@ -217,6 +208,9 @@ chmod +x %{buildroot}%{_bindir}/Rsa2048Sha256GenerateKeys %endif %changelog +* Thu May 7 2020 openEuler Buildteam - 202002-1 +- Update edk2 to stable202002 and OpenSSL to 1.1.1f + * Thu Mar 19 2020 openEuler Buildteam - 201908-9 - fix an overflow bug in rsaz_512_sqr - use the correct maximum indent diff --git a/openssl-1.1.1d.tar.gz b/openssl-1.1.1f.tar.gz similarity index 51% rename from openssl-1.1.1d.tar.gz rename to openssl-1.1.1f.tar.gz index 216017a51bdb35aecaf6f72f192420a3bbe5a0cc..4bcec00f31b93c7bb0371a57a37153e51e58e713 100644 Binary files a/openssl-1.1.1d.tar.gz and b/openssl-1.1.1f.tar.gz differ diff --git a/use-the-correct-maximum-indent.patch b/use-the-correct-maximum-indent.patch deleted file mode 100644 index e0439b04d9134d2da80a578e0ddc4d5b5598e51c..0000000000000000000000000000000000000000 --- a/use-the-correct-maximum-indent.patch +++ /dev/null @@ -1,32 +0,0 @@ -From a6105ef40d65b35818f2b8ae8ca9e57ca6956d1d Mon Sep 17 00:00:00 2001 -From: Kurt Roeckx -Date: Fri, 20 Sep 2019 20:26:42 +0200 -Subject: [PATCH] Use the correct maximum indent - -Found by OSS-Fuzz - -Reviewed-by: Richard Levitte -Reviewed-by: Paul Dale - -GH: #9959 ---- - crypto/bio/b_dump.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/crypto/bio/b_dump.c b/crypto/bio/b_dump.c -index e4ad3615f4..018c4acb27 100644 ---- a/crypto/bio/b_dump.c -+++ b/crypto/bio/b_dump.c -@@ -37,8 +37,8 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u), - - if (indent < 0) - indent = 0; -- else if (indent > 128) -- indent = 128; -+ else if (indent > 64) -+ indent = 64; - - dump_width = DUMP_WIDTH_LESS_INDENT(indent); - rows = len / dump_width; --- -1.8.3.1