[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Wed Sep 9 03:18:46 UTC 2015 

The branch master has been updated
       via  4d60c7e10f1d7ebe34842f96e13b64db7fc2dc1b (commit)
      from  ff2f6bb0845ef859954f7c36b2b302c60088c4c7 (commit)


- Log -----------------------------------------------------------------
commit 4d60c7e10f1d7ebe34842f96e13b64db7fc2dc1b
Author: David Woodhouse <David.Woodhouse at intel.com>
Date:   Tue Sep 8 22:51:17 2015 -0400

    RT3969: Add OPENSSL_SYS_UEFI
    
    This provides support for building in the EDK II reference implementation
    of UEFI. Most UEFI firmware in existence uses OpenSSL for implementing
    the core cryptographic functionality needed for Secure Boot.
    
    This has always previously been handled with external patches to OpenSSL
    but we are now making a concerted effort to eliminate those.
    
    In this mode, we don't actually use the OpenSSL makefiles; we process
    the MINFO file generated by 'make files' and incorporate it into the
    EDK2 build system.
    
    Since EDK II builds for various targets with varying word size and we
    need to have a single prepackaged configuration, we deliberately don't
    hard-code the setting of SIXTY_FOUR_BIT vs. THIRTY_TWO_BIT in
    opensslconf.h. We bypass that for OPENSSL_SYS_UEFI and allow EDK II
    itself to set those, depending on the architecture.
    
    For x86_64, EDK II sets SIXTY_FOUR_BIT and thus uses 'long long' for the
    64-bit type, even when building with GCC where 'long' is also 64-bit. We
    do this because the Microsoft toolchain has 32-bit 'long'.
    
    Signed-off-by: Rich Salz <rsalz at akamai.com>
    Reviewed-by: Tim Hudson <tjh at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 Configurations/10-main.conf |  7 +++++++
 crypto/opensslconf.h.in     |  2 +-
 crypto/rand/rand_egd.c      |  2 +-
 e_os.h                      |  2 +-
 include/openssl/e_os2.h     | 17 ++++++++++++++++-
 5 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
index 15af87e..3230d86 100644
--- a/Configurations/10-main.conf
+++ b/Configurations/10-main.conf
@@ -1207,6 +1207,13 @@
         shared_extension => ".dll.a",
     },
 
+#### UEFI
+    "UEFI" => {
+        cc               => "cc",
+        cflags           => "-DL_ENDIAN -O",
+        sys_id           => "UEFI",
+    },
+
 #### UWIN
     "UWIN" => {
         cc               => "cc",
diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in
index 4429c91..c37dbba 100644
--- a/crypto/opensslconf.h.in
+++ b/crypto/opensslconf.h.in
@@ -73,7 +73,7 @@
 #endif
 #endif
 
-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) && !defined(OPENSSL_SYS_UEFI)
 #define CONFIG_HEADER_BN_H
 #undef BN_LLONG
 
diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c
index 44ed4bb..d062dd6 100644
--- a/crypto/rand/rand_egd.c
+++ b/crypto/rand/rand_egd.c
@@ -95,7 +95,7 @@
  *   RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
  */
 
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS)
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI)
 int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
 {
     return (-1);
diff --git a/e_os.h b/e_os.h
index 4c1b4aa..b3a3338 100644
--- a/e_os.h
+++ b/e_os.h
@@ -112,7 +112,7 @@ extern "C" {
 #  define MSDOS
 # endif
 
-# if defined(MSDOS) && !defined(GETPID_IS_MEANINGLESS)
+# if (defined(MSDOS) || defined(OPENSSL_SYS_UEFI)) && !defined(GETPID_IS_MEANINGLESS)
 #  define GETPID_IS_MEANINGLESS
 # endif
 
diff --git a/include/openssl/e_os2.h b/include/openssl/e_os2.h
index 9f7dcf1..6ef1f39 100644
--- a/include/openssl/e_os2.h
+++ b/include/openssl/e_os2.h
@@ -90,7 +90,13 @@ extern "C" {
  * For 32 bit environment, there seems to be the CygWin environment and then
  * all the others that try to do the same thing Microsoft does...
  */
-# if defined(OPENSSL_SYS_UWIN)
+/*
+ * UEFI lives here because it might be built with a Microsoft toolchain and
+ * we need to avoid the false positive match on Windows.
+ */
+# if defined(OPENSSL_SYS_UEFI)
+#  undef OPENSSL_SYS_UNIX
+# elif defined(OPENSSL_SYS_UWIN)
 #  undef OPENSSL_SYS_UNIX
 #  define OPENSSL_SYS_WIN32_UWIN
 # else
@@ -277,6 +283,15 @@ extern "C" {
 /* Standard integer types */
 # if defined(__osf__) || defined(__sgi) || defined(__hpux) || defined(OPENSSL_SYS_VMS)
 #  include <inttypes.h>
+# elif defined(OPENSSL_SYS_UEFI)
+typedef INT8 int8_t;
+typedef UINT8 uint8_t;
+typedef INT16 int16_t;
+typedef UINT16 uint16_t;
+typedef INT32 int32_t;
+typedef UINT32 uint32_t;
+typedef INT64 int64_t;
+typedef UINT64 uint64_t;
 # elif defined(_MSC_VER) && _MSC_VER<=1500
 /*
  * minimally required typdefs for systems not supporting inttypes.h or

More information about the openssl-commits mailing list