Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
53 commits
Select commit Hold shift + click to select a range
cbe6eee
Cryptlib/OpenSSL: update to openssl 3.5.0
nfrayer Apr 24, 2026
4e08197
openssl: Use -Wno-error=stringop-overflow
vathpela Apr 24, 2026
8cbd54b
Cryptlib: remove md5 initialization
vathpela Apr 24, 2026
4bcc43e
Cryptlib: make gettimeofday() a stmt-expr
vathpela Apr 27, 2026
e6c7f18
Add implementations and tests for more string functions.
vathpela Apr 27, 2026
5b8bc19
Cryptlib: build with GNU_EFI_USE_MS_ABI everywhere.
vathpela Apr 27, 2026
ac8a774
openssl: cms: Get a default hash for hash-less signing schemes
stefanberger Apr 30, 2026
70f78a3
openssl: cms: Enable signing with hashless signing for no-attributes …
stefanberger Apr 30, 2026
7923448
openssl: cms: Enable signature verification for no-attribute case (ha…
stefanberger Apr 30, 2026
ef42c69
openssl: Implement EVP_SIGNATURE_hash_message_update() and use it
stefanberger Apr 30, 2026
bfdace6
openssl: OpenSSL: remove key encoder implementations from provider di…
nfrayer May 29, 2026
06d34e6
verify: fix a minor debug display issue
vathpela Jun 10, 2026
2dd8159
MokManager: Don't accept MD5-crypt password hashes
vathpela Apr 23, 2026
2e2297b
Cryptlib/OpenSSL/Makefile: sort our object lists
vathpela Jun 2, 2026
182e442
Cryptlib/OpenSSL/Makefile: remove duplicated objects
vathpela Jun 2, 2026
f85cfa8
openssl: remove the confusing extra copy of defltprov.c
vathpela Jun 3, 2026
959e10d
openssl: remove noec configuration
vathpela Jun 2, 2026
b6f572b
openssl: make: remove lots of objects we're not actually using
vathpela Jun 11, 2026
c838c24
openssl: introduce OPENSSL_NO_MACS and remove all MAC providers
vathpela Jun 11, 2026
41eba99
openssl: enable OpenSSL error strings
vathpela Jun 11, 2026
f3d596d
openssl: introduce OPENSSL_NO_PEM
vathpela Jun 11, 2026
5414c72
openssl: introduce OPENSSL_NO_PBE
vathpela Jun 11, 2026
5116ed3
openssl: introduce OPENSSL_NO_COMP
vathpela Jun 11, 2026
51e1146
openssl: introduce OPENSSL_NO_DH
vathpela Jun 11, 2026
84764cc
openssl: enable OPENSSL_NO_RC4
vathpela Jun 11, 2026
b4608bd
openssl: enable OPENSSL_NO_OCSP
vathpela Jun 2, 2026
87df0c7
openssl: introduce OPENSSL_NO_AES
vathpela Jun 10, 2026
3723c42
openssl: introduce OPENSSL_NO_CIPHERS
vathpela Jun 11, 2026
2932c13
openssl: fix OPENSSL_NO_TRACE and remove trace.o
vathpela Jun 2, 2026
626a145
openssl: enable OPENSSL_NO_CMAC
vathpela Jun 2, 2026
329c4ad
openssl: introduce OPENSSL_NO_KDFS
vathpela Jun 2, 2026
371fa0e
openssl: introduce OPENSSL_NO_KEYEXCH
vathpela Jun 3, 2026
02c6b89
openssl: introduce OPENSSL_NO_LEGACY_MAC
vathpela Jun 11, 2026
3badbf6
openssl: introduce OPENSSL_NO_WEAK_SHA
vathpela Jun 11, 2026
f6cb336
openssl: introduce OPENSSL_NO_TRUNCATED_SHA
vathpela Jun 10, 2026
7533d3e
openssl: fix OPENSSL_NO_MD5 and use it
vathpela Jun 11, 2026
e85a6a3
openssl: enable OPENSSL_NO_ECX
vathpela Jun 3, 2026
27d3de2
openssl: introduce OPENSSL_NO_WEAK_EC
vathpela Jun 3, 2026
d31bc76
openssl: introduce OPENSSL_NO_SHA3
vathpela Jun 11, 2026
d45d627
openssl: introduce OPENSSL_NO_DRBG
vathpela Jun 10, 2026
6179b01
openssl: introduce OPENSSL_NO_TEST_RNG
vathpela Jun 10, 2026
ffb60c4
openssl: halfass implement OPENSSL_NO_WEAK_ML_DSA
vathpela Jun 10, 2026
d416895
openssl: enable OPENSSL_NO_ML_KEM
vathpela Jun 11, 2026
a4e253d
openssl: introduce OPENSSL_NO_RSA_ASYM_CIPHER
vathpela Jun 10, 2026
014d8e0
openssl: introduce OPENSSL_NO_ASYM_KEM and turn most of KEM off.
vathpela Jun 10, 2026
2878ddc
openssl: introduce OPENSSL_NO_SKEYMGMT
vathpela Jun 10, 2026
827cb3b
openssl: introduce OPENSSL_NO_EC_NISTP521
vathpela Jun 11, 2026
dddf269
make: make openssl directories a little easier to work with
vathpela Jul 3, 2026
7ae70f7
openssl: make subdir building work again
vathpela Jul 3, 2026
4a97759
system: Make __pause build on arm
vathpela Jul 3, 2026
edbbfcc
openssl: ignore some build warnings on aarch64
vathpela Jul 3, 2026
ff0ee97
openssl: fix type confusion in ecp_ppc.c
vathpela Jul 3, 2026
3f4f4a4
openssl: build less EC stuff on ia32 and arm.
vathpela Jul 3, 2026
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
67 changes: 67 additions & 0 deletions Cryptlib/Base.h
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@

#pragma once

//
// Status codes common to all execution phases
//
typedef UINTN RETURN_STATUS;

//
// The Microsoft* C compiler can removed references to unreferenced data items
// if the /OPT:REF linker option is used. We defined a macro as this is a
// a non standard extension
//
#if defined (_MSC_VER) && _MSC_VER < 1800 && !defined (MDE_CPU_EBC)
///
/// Remove global variable from the linked image if there are no references to
/// it after all compiler and linker optimizations have been performed.
///
///
#define GLOBAL_REMOVE_IF_UNREFERENCED __declspec(selectany)
#else
///
/// Remove the global variable from the linked image if there are no references
/// to it after all compiler and linker optimizations have been performed.
///
///
#define GLOBAL_REMOVE_IF_UNREFERENCED
#endif

/**
Returns a 16-bit signature built from 2 ASCII characters.

This macro returns a 16-bit value built from the two ASCII characters specified
by A and B.

@param A The first ASCII character.
@param B The second ASCII character.

@return A 16-bit value built from the two ASCII characters specified by A and B.

**/
#ifdef SIGNATURE_16
#undef SIGNATURE_16
#endif
#define SIGNATURE_16(A, B) ((A) | (B << 8))

/**
Returns a 32-bit signature built from 4 ASCII characters.

This macro returns a 32-bit value built from the four ASCII characters specified
by A, B, C, and D.

@param A The first ASCII character.
@param B The second ASCII character.
@param C The third ASCII character.
@param D The fourth ASCII character.

@return A 32-bit value built from the two ASCII characters specified by A, B,
C and D.

**/
#ifdef SIGNATURE_32
#undef SIGNATURE_32
#endif
#define SIGNATURE_32(A, B, C, D) (SIGNATURE_16 (A, B) | (SIGNATURE_16 (C, D) << 16))

#define MIN(a, b) ({(a) < (b) ? (a) : (b);})
66 changes: 4 additions & 62 deletions Cryptlib/Cipher/CryptAesNull.c
Original file line number Diff line number Diff line change
@@ -1,14 +1,8 @@
/** @file
AES Wrapper Implementation which does not provide real capabilities.

Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
AES Wrapper Implementation which does not provide real capabilities.

THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/

Expand Down Expand Up @@ -56,58 +50,6 @@ AesInit (
return FALSE;
}

/**
Performs AES encryption on a data buffer of the specified size in ECB mode.

Return FALSE to indicate this interface is not supported.

@param[in] AesContext Pointer to the AES context.
@param[in] Input Pointer to the buffer containing the data to be encrypted.
@param[in] InputSize Size of the Input buffer in bytes.
@param[out] Output Pointer to a buffer that receives the AES encryption output.

@retval FALSE This interface is not supported.

**/
BOOLEAN
EFIAPI
AesEcbEncrypt (
IN VOID *AesContext,
IN CONST UINT8 *Input,
IN UINTN InputSize,
OUT UINT8 *Output
)
{
ASSERT (FALSE);
return FALSE;
}

/**
Performs AES decryption on a data buffer of the specified size in ECB mode.

Return FALSE to indicate this interface is not supported.

@param[in] AesContext Pointer to the AES context.
@param[in] Input Pointer to the buffer containing the data to be decrypted.
@param[in] InputSize Size of the Input buffer in bytes.
@param[out] Output Pointer to a buffer that receives the AES decryption output.

@retval FALSE This interface is not supported.

**/
BOOLEAN
EFIAPI
AesEcbDecrypt (
IN VOID *AesContext,
IN CONST UINT8 *Input,
IN UINTN InputSize,
OUT UINT8 *Output
)
{
ASSERT (FALSE);
return FALSE;
}

/**
Performs AES encryption on a data buffer of the specified size in CBC mode.

Expand Down Expand Up @@ -159,7 +101,7 @@ AesCbcDecrypt (
IN CONST UINT8 *Ivec,
OUT UINT8 *Output
)
{
{
ASSERT (FALSE);
return FALSE;
}
57 changes: 0 additions & 57 deletions Cryptlib/Cryptlib.diff

This file was deleted.

31 changes: 14 additions & 17 deletions Cryptlib/Hash/CryptMd5.c
Original file line number Diff line number Diff line change
Expand Up @@ -2,19 +2,14 @@
MD5 Digest Wrapper Implementation over OpenSSL.

Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php

THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
SPDX-License-Identifier: BSD-2-Clause-Patent

**/

#include "InternalCryptLib.h"
#include <openssl/md5.h>

#ifdef ENABLE_MD5_DEPRECATED_INTERFACES

/**
Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
Expand All @@ -31,10 +26,9 @@ Md5GetContextSize (
//
// Retrieves the OpenSSL MD5 Context Size
//
return (UINTN) (sizeof (MD5_CTX));
return (UINTN)(sizeof (MD5_CTX));
}


/**
Initializes user-supplied memory pointed by Md5Context as MD5 hash context for
subsequent use.
Expand Down Expand Up @@ -63,7 +57,7 @@ Md5Init (
//
// OpenSSL MD5 Context Initialization
//
return (BOOLEAN) (MD5_Init ((MD5_CTX *) Md5Context));
return (BOOLEAN)(MD5_Init ((MD5_CTX *)Md5Context));
}

/**
Expand All @@ -89,11 +83,11 @@ Md5Duplicate (
//
// Check input parameters.
//
if (Md5Context == NULL || NewMd5Context == NULL) {
if ((Md5Context == NULL) || (NewMd5Context == NULL)) {
return FALSE;
}

CopyMem (NewMd5Context, (void *)Md5Context, sizeof (MD5_CTX));
CopyMem (NewMd5Context, Md5Context, sizeof (MD5_CTX));

return TRUE;
}
Expand Down Expand Up @@ -134,14 +128,14 @@ Md5Update (
//
// Check invalid parameters, in case that only DataLength was checked in OpenSSL
//
if (Data == NULL && (DataSize != 0)) {
if ((Data == NULL) && (DataSize != 0)) {
return FALSE;
}

//
// OpenSSL MD5 Hash Update
//
return (BOOLEAN) (MD5_Update ((MD5_CTX *) Md5Context, Data, DataSize));
return (BOOLEAN)(MD5_Update ((MD5_CTX *)Md5Context, Data, DataSize));
}

/**
Expand Down Expand Up @@ -174,14 +168,14 @@ Md5Final (
//
// Check input parameters.
//
if (Md5Context == NULL || HashValue == NULL) {
if ((Md5Context == NULL) || (HashValue == NULL)) {
return FALSE;
}

//
// OpenSSL MD5 Hash Finalization
//
return (BOOLEAN) (MD5_Final (HashValue, (MD5_CTX *) Md5Context));
return (BOOLEAN)(MD5_Final (HashValue, (MD5_CTX *)Md5Context));
}

/**
Expand Down Expand Up @@ -216,7 +210,8 @@ Md5HashAll (
if (HashValue == NULL) {
return FALSE;
}
if (Data == NULL && (DataSize != 0)) {

if ((Data == NULL) && (DataSize != 0)) {
return FALSE;
}

Expand All @@ -229,3 +224,5 @@ Md5HashAll (
return TRUE;
}
}

#endif
Loading
Loading