Fix PeiCryptLib build issue.

Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13670 6f19259b-4bc3-4df7-8a09-765794883524

4 files changed, 86 insertions, 105 deletions

diff --git a/CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h b/CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h
index 5587652714..35a8eb1cbc 100644
--- a/CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h
+++ b/CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h
@@ -30,25 +30,5 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #define OPENSSL_SYSNAME_UWIN

 #endif

 

-/**

-  Pop single certificate from STACK_OF(X509).

-

-  If X509Stack, Cert, or CertSize is NULL, then return FALSE.

-

-  @param[in]  X509Stack       Pointer to a X509 stack object.

-  @param[out] Cert            Pointer to a X509 certificate.

-  @param[out] CertSize        Length of output X509 certificate in bytes.

-                                 

-  @retval     TRUE            The X509 stack pop succeeded.

-  @retval     FALSE           The pop operation failed.

-

-**/

-BOOLEAN

-X509PopCertificate (

-  IN  VOID  *X509Stack,

-  OUT UINT8 **Cert,

-  OUT UINTN *CertSize

-  );

-

 #endif

 

diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
index fae54e650e..97965b4e9c 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
@@ -61,6 +61,7 @@
   Rand/CryptRandNull.c

 

   SysCall/CrtWrapper.c

+  SysCall/ConstantTimeClock.c

   SysCall/BaseMemAllocation.c

 

 

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
index 2e72f892cb..ac481f7e68 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
@@ -219,6 +219,91 @@ WrapPkcs7Data (
 }

 

 /**

+  Pop single certificate from STACK_OF(X509).

+

+  If X509Stack, Cert, or CertSize is NULL, then return FALSE.

+

+  @param[in]  X509Stack       Pointer to a X509 stack object.

+  @param[out] Cert            Pointer to a X509 certificate.

+  @param[out] CertSize        Length of output X509 certificate in bytes.

+                                 

+  @retval     TRUE            The X509 stack pop succeeded.

+  @retval     FALSE           The pop operation failed.

+

+**/

+BOOLEAN

+X509PopCertificate (

+  IN  VOID  *X509Stack,

+  OUT UINT8 **Cert,

+  OUT UINTN *CertSize

+  )

+{

+  BIO             *CertBio;

+  X509            *X509Cert;

+  STACK_OF(X509)  *CertStack;

+  BOOLEAN         Status;

+  int             Result;

+  int             Length;

+  VOID            *Buffer;

+

+  Status = FALSE;

+

+  if ((X509Stack == NULL) || (Cert == NULL) || (CertSize == NULL)) {

+    return Status;

+  }

+

+  CertStack = (STACK_OF(X509) *) X509Stack;

+

+  X509Cert = sk_X509_pop (CertStack);

+

+  if (X509Cert == NULL) {

+    return Status;

+  }

+

+  Buffer = NULL;

+

+  CertBio = BIO_new (BIO_s_mem ());

+  if (CertBio == NULL) {

+    return Status;

+  }

+

+  Result = i2d_X509_bio (CertBio, X509Cert);

+  if (Result == 0) {

+    goto _Exit;

+  }

+

+  Length = ((BUF_MEM *) CertBio->ptr)->length;

+  if (Length <= 0) {

+    goto _Exit;

+  }

+

+  Buffer = malloc (Length);

+  if (Buffer == NULL) {

+    goto _Exit;

+  }

+

+  Result = BIO_read (CertBio, Buffer, Length);

+  if (Result != Length) {

+    goto _Exit;

+  }

+

+  *Cert     = Buffer;

+  *CertSize = Length;

+

+  Status = TRUE;

+

+_Exit:

+

+  BIO_free (CertBio);

+

+  if (!Status && (Buffer != NULL)) {

+    free (Buffer);

+  }

+

+  return Status;

+}

+

+/**

   Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7:

   Cryptographic Message Syntax Standard". The input signed data could be wrapped

   in a ContentInfo structure.

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index f0a5d0ac7f..5959dfe7d9 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -225,91 +225,6 @@ X509StackFree (
 }

 

 /**

-  Pop single certificate from STACK_OF(X509).

-

-  If X509Stack, Cert, or CertSize is NULL, then return FALSE.

-

-  @param[in]  X509Stack       Pointer to a X509 stack object.

-  @param[out] Cert            Pointer to a X509 certificate.

-  @param[out] CertSize        Length of output X509 certificate in bytes.

-                                 

-  @retval     TRUE            The X509 stack pop succeeded.

-  @retval     FALSE           The pop operation failed.

-

-**/

-BOOLEAN

-X509PopCertificate (

-  IN  VOID  *X509Stack,

-  OUT UINT8 **Cert,

-  OUT UINTN *CertSize

-  )

-{

-  BIO             *CertBio;

-  X509            *X509Cert;

-  STACK_OF(X509)  *CertStack;

-  BOOLEAN         Status;

-  int             Result;

-  int             Length;

-  VOID            *Buffer;

-

-  Status = FALSE;

-

-  if ((X509Stack == NULL) || (Cert == NULL) || (CertSize == NULL)) {

-    return Status;

-  }

-

-  CertStack = (STACK_OF(X509) *) X509Stack;

-

-  X509Cert = sk_X509_pop (CertStack);

-

-  if (X509Cert == NULL) {

-    return Status;

-  }

-

-  Buffer = NULL;

-

-  CertBio = BIO_new (BIO_s_mem ());

-  if (CertBio == NULL) {

-    return Status;

-  }

-

-  Result = i2d_X509_bio (CertBio, X509Cert);

-  if (Result == 0) {

-    goto _Exit;

-  }

-

-  Length = ((BUF_MEM *) CertBio->ptr)->length;

-  if (Length <= 0) {

-    goto _Exit;

-  }

-

-  Buffer = malloc (Length);

-  if (Buffer == NULL) {

-    goto _Exit;

-  }

-

-  Result = BIO_read (CertBio, Buffer, Length);

-  if (Result != Length) {

-    goto _Exit;

-  }

-

-  *Cert     = Buffer;

-  *CertSize = Length;

-

-  Status = TRUE;

-

-_Exit:

-

-  BIO_free (CertBio);

-

-  if (!Status && (Buffer != NULL)) {

-    free (Buffer);

-  }

-

-  return Status;

-}

-

-/**

   Retrieve the subject bytes from one X.509 certificate.

 

   @param[in]      Cert         Pointer to the DER-encoded X509 certificate.