summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CryptoPkg/Application/Cryptest/AuthenticodeVerify.c658
-rw-r--r--CryptoPkg/Application/Cryptest/Cryptest.c372
-rw-r--r--CryptoPkg/Application/Cryptest/Cryptest.inf47
-rw-r--r--CryptoPkg/CryptRuntimeDxe/CryptRuntime.c248
-rw-r--r--CryptoPkg/CryptRuntimeDxe/CryptRuntime.h186
-rw-r--r--CryptoPkg/CryptRuntimeDxe/CryptRuntimeDxe.inf49
-rw-r--r--CryptoPkg/CryptoPkg.dec39
-rw-r--r--CryptoPkg/CryptoPkg.dsc123
-rw-r--r--CryptoPkg/Include/Library/BaseCryptLib.h425
-rw-r--r--CryptoPkg/Include/OpenSslSupport.h238
-rw-r--r--CryptoPkg/Include/Protocol/RuntimeCrypt.h204
-rw-r--r--CryptoPkg/Include/arpa/inet.h16
-rw-r--r--CryptoPkg/Include/assert.h16
-rw-r--r--CryptoPkg/Include/ctype.h16
-rw-r--r--CryptoPkg/Include/dirent.h16
-rw-r--r--CryptoPkg/Include/errno.h16
-rw-r--r--CryptoPkg/Include/limits.h16
-rw-r--r--CryptoPkg/Include/malloc.h16
-rw-r--r--CryptoPkg/Include/math.h16
-rw-r--r--CryptoPkg/Include/netdb.h16
-rw-r--r--CryptoPkg/Include/netinet/in.h16
-rw-r--r--CryptoPkg/Include/openssl/README1
-rw-r--r--CryptoPkg/Include/sgtty.h16
-rw-r--r--CryptoPkg/Include/signal.h16
-rw-r--r--CryptoPkg/Include/stdarg.h16
-rw-r--r--CryptoPkg/Include/stddef.h15
-rw-r--r--CryptoPkg/Include/stdio.h16
-rw-r--r--CryptoPkg/Include/stdlib.h16
-rw-r--r--CryptoPkg/Include/string.h16
-rw-r--r--CryptoPkg/Include/strings.h15
-rw-r--r--CryptoPkg/Include/sys/ioctl.h16
-rw-r--r--CryptoPkg/Include/sys/param.h16
-rw-r--r--CryptoPkg/Include/sys/socket.h16
-rw-r--r--CryptoPkg/Include/sys/stat.h16
-rw-r--r--CryptoPkg/Include/sys/time.h16
-rw-r--r--CryptoPkg/Include/sys/times.h16
-rw-r--r--CryptoPkg/Include/sys/types.h16
-rw-r--r--CryptoPkg/Include/sys/un.h16
-rw-r--r--CryptoPkg/Include/syslog.h15
-rw-r--r--CryptoPkg/Include/time.h15
-rw-r--r--CryptoPkg/Include/unistd.h15
-rw-r--r--CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf79
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c145
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c145
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Hash/CryptSha256.c145
-rw-r--r--CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf77
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c160
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Pk/CryptRsa.c277
-rw-r--r--CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf81
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c42
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c281
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/HelperWrapper.c54
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/Alloca.S59
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathDivU64x64.S83
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathDivU64x64.c88
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathLShiftS64.S62
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathLShiftS64.c54
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathMultS64x64.S77
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathMultS64x64.c79
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathRShiftU64.S66
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathRShiftU64.c57
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathReminderU64x64.S89
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathReminderU64x64.c93
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c438
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c102
-rw-r--r--CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/BaseCryptLibRuntimeCryptProtocol.inf49
-rw-r--r--CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/RuntimeDxeIpfCryptLib.c390
-rw-r--r--CryptoPkg/Library/IntrinsicLib/CopyMem.c23
-rw-r--r--CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf56
-rw-r--r--CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c27
-rw-r--r--CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8l.patch92
-rw-r--r--CryptoPkg/Library/OpensslLib/Install.cmd71
-rw-r--r--CryptoPkg/Library/OpensslLib/Install.sh73
-rw-r--r--CryptoPkg/Library/OpensslLib/OpensslLib.inf579
-rw-r--r--CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt61
-rw-r--r--CryptoPkg/Library/OpensslLib/buildinf.h2
76 files changed, 7305 insertions, 0 deletions
diff --git a/CryptoPkg/Application/Cryptest/AuthenticodeVerify.c b/CryptoPkg/Application/Cryptest/AuthenticodeVerify.c
new file mode 100644
index 0000000000..72c4092f82
--- /dev/null
+++ b/CryptoPkg/Application/Cryptest/AuthenticodeVerify.c
@@ -0,0 +1,658 @@
+/** @file
+ Sample Implementation for Microsoft Authenticode Verification.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/MemoryAllocationLib.h>
+
+#include <Library/BaseCryptLib.h>
+
+//
+// DER encoding of SpcIndirectDataContent (Authenticode-specific Structure)
+// Last 20 bytes data should be the SHA-1 digest value of PE/COFF image
+//
+GLOBAL_REMOVE_IF_UNREFERENCED UINT8 SpcIndirectDataContentwithSha1[] = {
+ 0x30, 0x33, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0F, 0x30, 0x25,
+ 0x03, 0x01, 0x00, 0xA0, 0x20, 0xA2, 0x1E, 0x80, 0x1C, 0x00, 0x3C, 0x00, 0x3C, 0x00, 0x3C, 0x00,
+ 0x4F, 0x00, 0x62, 0x00, 0x73, 0x00, 0x6F, 0x00, 0x6C, 0x00, 0x65, 0x00, 0x74, 0x00, 0x65, 0x00,
+ 0x3E, 0x00, 0x3E, 0x00, 0x3E, 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A,
+ 0x05, 0x00, 0x04, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ };
+
+//
+// DER encoding of SpcIndirectDataContent (Authenticode-specific Structure)
+// Last 16 bytes data should be the MD5 digest value of PE/COFF image
+// NOTE: Authenticode also support MD5 digest. Disable MD5 support here since MD5
+// has been marked as "Deprecated, do not use".
+//
+#if 0
+GLOBAL_REMOVE_IF_UNREFERENCED UINT8 SpcIndirectDataContentwithMd5[] = {
+ 0x30, 0x33, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0F, 0x30, 0x25,
+ 0x03, 0x01, 0x00, 0xA0, 0x20, 0xA2, 0x1E, 0x80, 0x1C, 0x00, 0x3C, 0x00, 0x3C, 0x00, 0x3C, 0x00,
+ 0x4F, 0x00, 0x62, 0x00, 0x73, 0x00, 0x6F, 0x00, 0x6C, 0x00, 0x65, 0x00, 0x74, 0x00, 0x65, 0x00,
+ 0x3E, 0x00, 0x3E, 0x00, 0x3E, 0x30, 0x20, 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7,
+ 0x0D, 0x02, 0x05, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00
+ };
+#endif
+
+//
+// Sample PE/COFF Image Hash Value.
+// This value should be calculated following MSFT's Authenticode Specification
+//
+GLOBAL_REMOVE_IF_UNREFERENCED UINT8 PeHash[] = {
+ 0x44, 0xFD, 0x4F, 0xA9, 0x17, 0xEE, 0xAC, 0xCF, 0x1F, 0x0B, 0xE3, 0xA1, 0x4D, 0x5B, 0xA6, 0x61,
+ 0x82, 0x97, 0xC4, 0xB6
+ };
+
+//
+// Sample Authenticode Data (from MSFT Win7 BootLoader: bootmgfw.efi)
+// This data should be retrieved from signed PE/COFF image according to SECURITY
+// directory in PE/COFF Header
+//
+GLOBAL_REMOVE_IF_UNREFERENCED UINT8 Authenticode[] = {
+ 0x30, 0x82, 0x1C, 0x43, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02, 0xA0,
+ 0x82, 0x1C, 0x34, 0x30, 0x82, 0x1C, 0x30, 0x02, 0x01, 0x01, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x05,
+ 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x30, 0x68, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01,
+ 0x82, 0x37, 0x02, 0x01, 0x04, 0xA0, 0x5A, 0x30, 0x58, 0x30, 0x33, 0x06, 0x0A, 0x2B, 0x06, 0x01,
+ 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0F, 0x30, 0x25, 0x03, 0x01, 0x00, 0xA0, 0x20, 0xA2, 0x1E,
+ 0x80, 0x1C, 0x00, 0x3C, 0x00, 0x3C, 0x00, 0x3C, 0x00, 0x4F, 0x00, 0x62, 0x00, 0x73, 0x00, 0x6F,
+ 0x00, 0x6C, 0x00, 0x65, 0x00, 0x74, 0x00, 0x65, 0x00, 0x3E, 0x00, 0x3E, 0x00, 0x3E, 0x30, 0x21,
+ 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14, 0x44, 0xFD, 0x4F,
+ 0xA9, 0x17, 0xEE, 0xAC, 0xCF, 0x1F, 0x0B, 0xE3, 0xA1, 0x4D, 0x5B, 0xA6, 0x61, 0x82, 0x97, 0xC4,
+ 0xB6, 0xA0, 0x82, 0x17, 0x18, 0x30, 0x82, 0x04, 0xCA, 0x30, 0x82, 0x03, 0xB2, 0xA0, 0x03, 0x02,
+ 0x01, 0x02, 0x02, 0x0A, 0x61, 0x03, 0xDC, 0xF6, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0C, 0x30, 0x0D,
+ 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x77, 0x31,
+ 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11,
+ 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F,
+ 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x52, 0x65, 0x64, 0x6D,
+ 0x6F, 0x6E, 0x64, 0x31, 0x1E, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x15, 0x4D, 0x69,
+ 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x6F, 0x72, 0x61, 0x74,
+ 0x69, 0x6F, 0x6E, 0x31, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x4D, 0x69,
+ 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x54, 0x69, 0x6D, 0x65, 0x2D, 0x53, 0x74, 0x61,
+ 0x6D, 0x70, 0x20, 0x50, 0x43, 0x41, 0x30, 0x1E, 0x17, 0x0D, 0x30, 0x38, 0x30, 0x37, 0x32, 0x35,
+ 0x31, 0x39, 0x31, 0x32, 0x35, 0x30, 0x5A, 0x17, 0x0D, 0x31, 0x31, 0x30, 0x37, 0x32, 0x35, 0x31,
+ 0x39, 0x32, 0x32, 0x35, 0x30, 0x5A, 0x30, 0x81, 0xB3, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
+ 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13,
+ 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06,
+ 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x52, 0x65, 0x64, 0x6D, 0x6F, 0x6E, 0x64, 0x31, 0x1E, 0x30,
+ 0x1C, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x15, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66,
+ 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x6F, 0x72, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x0D, 0x30,
+ 0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x04, 0x4D, 0x4F, 0x50, 0x52, 0x31, 0x27, 0x30, 0x25,
+ 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x1E, 0x6E, 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x44,
+ 0x53, 0x45, 0x20, 0x45, 0x53, 0x4E, 0x3A, 0x31, 0x35, 0x39, 0x43, 0x2D, 0x41, 0x33, 0x46, 0x37,
+ 0x2D, 0x32, 0x35, 0x37, 0x30, 0x31, 0x25, 0x30, 0x23, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x1C,
+ 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x54, 0x69, 0x6D, 0x65, 0x2D, 0x53,
+ 0x74, 0x61, 0x6D, 0x70, 0x20, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x30, 0x82, 0x01, 0x22,
+ 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03,
+ 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0, 0xED, 0x81,
+ 0x14, 0xA1, 0x5E, 0x77, 0xC0, 0x5B, 0xF4, 0x76, 0x89, 0x62, 0xFA, 0xAD, 0x7C, 0x68, 0x14, 0xB4,
+ 0xF7, 0xBD, 0x35, 0xD8, 0x13, 0x79, 0x5A, 0x17, 0xCA, 0xD9, 0x6C, 0x51, 0x45, 0x62, 0x26, 0x7A,
+ 0x2F, 0x1F, 0xD8, 0xEA, 0xC1, 0x6E, 0x01, 0x17, 0xF9, 0xC3, 0xA6, 0x1F, 0x67, 0xDB, 0x51, 0xB0,
+ 0x2C, 0xDE, 0x8A, 0x17, 0xED, 0xFF, 0x20, 0xAD, 0x34, 0xEA, 0x98, 0xFB, 0xA5, 0xD6, 0x2A, 0xD2,
+ 0xF1, 0x44, 0x27, 0x07, 0x5A, 0x2D, 0x3A, 0x93, 0xFF, 0x56, 0x53, 0xB0, 0xC8, 0xF5, 0xF3, 0x03,
+ 0xF2, 0x49, 0xCC, 0x16, 0xD0, 0xF5, 0x00, 0x4C, 0x58, 0xF8, 0x9B, 0xF5, 0x07, 0x25, 0xB1, 0x66,
+ 0x17, 0xC0, 0xBD, 0xC8, 0xD2, 0x52, 0x85, 0x8D, 0xC2, 0x2B, 0x38, 0xB2, 0xC3, 0x36, 0xBE, 0xF9,
+ 0x87, 0xDA, 0xF4, 0x8E, 0x5D, 0x43, 0xD7, 0x06, 0xBF, 0x99, 0x05, 0x9F, 0xA4, 0xCE, 0xFE, 0xAB,
+ 0x8D, 0x61, 0x63, 0xE7, 0x39, 0xC5, 0xF3, 0x18, 0xF6, 0xD8, 0xFC, 0x31, 0x36, 0x69, 0x72, 0x5A,
+ 0xA2, 0x1A, 0x4C, 0x3E, 0xEA, 0x87, 0x25, 0x42, 0x9D, 0xD1, 0x3E, 0xF1, 0x97, 0xD2, 0x18, 0x32,
+ 0x93, 0x70, 0x55, 0x53, 0x81, 0x1E, 0xE3, 0x3B, 0x0D, 0xE8, 0xBE, 0x82, 0x78, 0x6D, 0xE6, 0xFA,
+ 0xCD, 0x98, 0xA4, 0x6F, 0xDB, 0xEE, 0x66, 0xF4, 0x95, 0xC8, 0xCD, 0x35, 0xC9, 0x9E, 0xBB, 0x36,
+ 0x0D, 0x83, 0x96, 0x94, 0x26, 0xA7, 0x90, 0xE0, 0xA9, 0x34, 0x3B, 0xD5, 0xC0, 0x9E, 0x3E, 0xF0,
+ 0xD4, 0x47, 0x8D, 0x86, 0x0C, 0x82, 0xA4, 0x58, 0x30, 0x3A, 0x1C, 0x76, 0xE3, 0xAD, 0x95, 0x66,
+ 0xB4, 0xB7, 0xFD, 0x09, 0x8A, 0x05, 0x60, 0x0F, 0xA3, 0x0F, 0xE2, 0x93, 0x96, 0x58, 0x22, 0x9C,
+ 0x9D, 0x2B, 0xDB, 0xA2, 0x94, 0x18, 0x90, 0x95, 0x02, 0xBD, 0x06, 0x40, 0x95, 0x02, 0x03, 0x01,
+ 0x00, 0x01, 0xA3, 0x82, 0x01, 0x19, 0x30, 0x82, 0x01, 0x15, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D,
+ 0x0E, 0x04, 0x16, 0x04, 0x14, 0xD2, 0xED, 0x0D, 0x1E, 0x24, 0xBB, 0x37, 0xA9, 0xD8, 0x20, 0x6A,
+ 0x4D, 0x1D, 0xD2, 0x16, 0xD5, 0x2E, 0xBE, 0x9E, 0xEB, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23,
+ 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x23, 0x34, 0xF8, 0xD9, 0x52, 0x46, 0x70, 0x0A, 0xED, 0x40,
+ 0xFB, 0x76, 0xFB, 0xB3, 0x2B, 0xB0, 0xC3, 0x35, 0xB3, 0x0F, 0x30, 0x54, 0x06, 0x03, 0x55, 0x1D,
+ 0x1F, 0x04, 0x4D, 0x30, 0x4B, 0x30, 0x49, 0xA0, 0x47, 0xA0, 0x45, 0x86, 0x43, 0x68, 0x74, 0x74,
+ 0x70, 0x3A, 0x2F, 0x2F, 0x63, 0x72, 0x6C, 0x2E, 0x6D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66,
+ 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x70, 0x6B, 0x69, 0x2F, 0x63, 0x72, 0x6C, 0x2F, 0x70, 0x72,
+ 0x6F, 0x64, 0x75, 0x63, 0x74, 0x73, 0x2F, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74,
+ 0x54, 0x69, 0x6D, 0x65, 0x53, 0x74, 0x61, 0x6D, 0x70, 0x50, 0x43, 0x41, 0x2E, 0x63, 0x72, 0x6C,
+ 0x30, 0x58, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x4C, 0x30, 0x4A,
+ 0x30, 0x48, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x02, 0x86, 0x3C, 0x68, 0x74,
+ 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x77, 0x77, 0x77, 0x2E, 0x6D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F,
+ 0x66, 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x70, 0x6B, 0x69, 0x2F, 0x63, 0x65, 0x72, 0x74, 0x73,
+ 0x2F, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x54, 0x69, 0x6D, 0x65, 0x53, 0x74,
+ 0x61, 0x6D, 0x70, 0x50, 0x43, 0x41, 0x2E, 0x63, 0x72, 0x74, 0x30, 0x13, 0x06, 0x03, 0x55, 0x1D,
+ 0x25, 0x04, 0x0C, 0x30, 0x0A, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x08, 0x30,
+ 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x06, 0xC0, 0x30,
+ 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82,
+ 0x01, 0x01, 0x00, 0x9C, 0x0A, 0x55, 0xC8, 0xCC, 0x44, 0x13, 0x34, 0x0C, 0xD8, 0x63, 0x27, 0x76,
+ 0x7D, 0x3E, 0xFA, 0x38, 0x32, 0x83, 0x53, 0x9D, 0xF2, 0x08, 0xF9, 0x32, 0xF5, 0xC5, 0x6E, 0x70,
+ 0xA1, 0xC9, 0xB1, 0x63, 0x6B, 0x19, 0x9D, 0x09, 0x67, 0xD9, 0x9D, 0xEB, 0x8A, 0x6A, 0xDB, 0x60,
+ 0x66, 0xE9, 0xE9, 0x52, 0x26, 0xF3, 0x3B, 0xC6, 0x6A, 0xD3, 0xC2, 0x52, 0xBE, 0xA8, 0xB9, 0xEB,
+ 0x6A, 0xAA, 0x78, 0x8C, 0xC9, 0x16, 0x7D, 0x90, 0x95, 0xA0, 0xCC, 0x21, 0xB3, 0x9E, 0x81, 0xBD,
+ 0xCD, 0xC1, 0x8B, 0x29, 0xBD, 0x62, 0x25, 0xEF, 0x09, 0x57, 0xE7, 0x86, 0x4E, 0x2A, 0xEC, 0x80,
+ 0xCA, 0xBB, 0xFC, 0x21, 0x16, 0xC4, 0x3F, 0x4E, 0x52, 0x19, 0xE6, 0x0E, 0xB1, 0xD8, 0xC1, 0xC2,
+ 0x79, 0x90, 0x64, 0xB4, 0x50, 0x73, 0x10, 0x35, 0x5E, 0x5D, 0x11, 0xC1, 0xB8, 0xBA, 0xAA, 0xCF,
+ 0x52, 0xF6, 0x80, 0x91, 0x00, 0xE6, 0xEF, 0x51, 0x43, 0x46, 0xE9, 0xD0, 0xE8, 0x94, 0xF6, 0x2C,
+ 0x24, 0x0D, 0x8A, 0xC6, 0xB2, 0x31, 0x8A, 0xA3, 0x7E, 0x36, 0x6C, 0xA4, 0x05, 0x4C, 0x67, 0x07,
+ 0x2A, 0xBB, 0xBB, 0x10, 0xA5, 0xA5, 0x30, 0x1A, 0x72, 0xD0, 0x06, 0x20, 0x3B, 0x24, 0x93, 0x5B,
+ 0x15, 0xD9, 0x39, 0x93, 0xD3, 0x73, 0x2D, 0x1A, 0xC4, 0xD4, 0x6C, 0x1E, 0xA1, 0x08, 0xEC, 0xF6,
+ 0x31, 0xB8, 0x6B, 0x4B, 0xEC, 0xEE, 0x5C, 0x33, 0x02, 0x14, 0x32, 0x8C, 0x7C, 0x11, 0x20, 0x2F,
+ 0x20, 0x03, 0x7F, 0xF9, 0x0C, 0x9D, 0xB8, 0xD3, 0x9E, 0x5F, 0xD6, 0x08, 0xFC, 0x81, 0xA0, 0x99,
+ 0xB8, 0xBB, 0x55, 0x6E, 0xCD, 0x42, 0x4B, 0x3A, 0x4D, 0x8C, 0x14, 0x2B, 0xCA, 0xC8, 0x12, 0xD3,
+ 0x62, 0x6E, 0xEA, 0x0D, 0x0A, 0x9D, 0x09, 0xA3, 0x66, 0xD9, 0x79, 0x4F, 0x8E, 0x1A, 0xA2, 0xFF,
+ 0xCC, 0x98, 0x04, 0x30, 0x82, 0x05, 0x96, 0x30, 0x82, 0x04, 0x7E, 0xA0, 0x03, 0x02, 0x01, 0x02,
+ 0x02, 0x0A, 0x61, 0x01, 0xC6, 0xC1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 0x30, 0x0D, 0x06, 0x09,
+ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x81, 0x81, 0x31, 0x0B,
+ 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06,
+ 0x03, 0x55, 0x04, 0x08, 0x13, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E,
+ 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x52, 0x65, 0x64, 0x6D, 0x6F,
+ 0x6E, 0x64, 0x31, 0x1E, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x15, 0x4D, 0x69, 0x63,
+ 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x6F, 0x72, 0x61, 0x74, 0x69,
+ 0x6F, 0x6E, 0x31, 0x2B, 0x30, 0x29, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x22, 0x4D, 0x69, 0x63,
+ 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x57, 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x73, 0x20, 0x56,
+ 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x50, 0x43, 0x41, 0x30,
+ 0x1E, 0x17, 0x0D, 0x30, 0x38, 0x31, 0x30, 0x32, 0x32, 0x32, 0x30, 0x33, 0x39, 0x32, 0x32, 0x5A,
+ 0x17, 0x0D, 0x31, 0x30, 0x30, 0x31, 0x32, 0x32, 0x32, 0x30, 0x34, 0x39, 0x32, 0x32, 0x5A, 0x30,
+ 0x7F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13,
+ 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67,
+ 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x52, 0x65,
+ 0x64, 0x6D, 0x6F, 0x6E, 0x64, 0x31, 0x1E, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x15,
+ 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x6F, 0x72,
+ 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x04,
+ 0x4D, 0x4F, 0x50, 0x52, 0x31, 0x1A, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x11, 0x4D,
+ 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x57, 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x73,
+ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
+ 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01,
+ 0x00, 0xDC, 0x3A, 0xD3, 0x44, 0xF4, 0x6E, 0x20, 0x9F, 0xDD, 0xA4, 0x0E, 0x82, 0x4E, 0xC7, 0x86,
+ 0x5E, 0x63, 0xCC, 0xCA, 0xE5, 0x42, 0x53, 0x4B, 0x85, 0xFA, 0x5D, 0x71, 0x6C, 0xCF, 0x76, 0x0C,
+ 0x18, 0x8B, 0xA6, 0x0D, 0xF5, 0x4A, 0xF7, 0xFE, 0x17, 0xF2, 0x90, 0xCC, 0x62, 0xC7, 0x24, 0xAD,
+ 0x9B, 0x9A, 0xE1, 0x45, 0x3B, 0x61, 0xD8, 0x0D, 0x05, 0x69, 0xC7, 0xCD, 0x88, 0x2A, 0xB8, 0xB9,
+ 0x18, 0x1E, 0x60, 0x10, 0x5F, 0x88, 0xC6, 0xD2, 0x82, 0x4E, 0x6D, 0x49, 0xC5, 0xBE, 0x5C, 0x12,
+ 0x86, 0x48, 0x85, 0x89, 0x91, 0x81, 0xCD, 0x1B, 0xAD, 0x1F, 0xB7, 0x2D, 0x67, 0x79, 0xF1, 0x7B,
+ 0x9F, 0x25, 0x87, 0x14, 0x76, 0x5F, 0xE3, 0x0E, 0x64, 0xA1, 0x72, 0x61, 0x25, 0xE5, 0x75, 0x69,
+ 0xC5, 0x14, 0xF1, 0x5F, 0x07, 0x56, 0xA4, 0x0D, 0x70, 0x06, 0x23, 0xA7, 0x6C, 0xDD, 0x82, 0xAE,
+ 0xD9, 0x9B, 0x47, 0xA4, 0xA5, 0x6C, 0x08, 0xB0, 0x58, 0xF1, 0x53, 0x6A, 0x4F, 0xDA, 0x85, 0x61,
+ 0xCB, 0x02, 0x7B, 0x49, 0xAF, 0x1F, 0xBB, 0xE0, 0xD7, 0xB9, 0x5E, 0xDB, 0x73, 0x89, 0x76, 0xC1,
+ 0x3A, 0xBB, 0x0D, 0xF5, 0x97, 0xF0, 0x88, 0x5D, 0x69, 0x77, 0x80, 0xCF, 0xF1, 0x7E, 0x03, 0x9F,
+ 0x73, 0x6D, 0xDE, 0x05, 0xB8, 0x2F, 0x77, 0xB5, 0x54, 0x55, 0x45, 0xD0, 0xD2, 0x38, 0xBD, 0x96,
+ 0xE3, 0xF7, 0xEA, 0x40, 0xE5, 0xAC, 0x19, 0xFC, 0x71, 0xCB, 0x28, 0x27, 0xAA, 0x71, 0xA1, 0x72,
+ 0xB5, 0x12, 0x27, 0xC1, 0x51, 0xF6, 0x36, 0xC5, 0xC0, 0xC7, 0x7B, 0x3A, 0x3A, 0x93, 0x37, 0x04,
+ 0xCC, 0xEE, 0x0B, 0x69, 0x78, 0x64, 0x75, 0x41, 0xB6, 0x78, 0x22, 0x0F, 0x77, 0x84, 0xF7, 0x4B,
+ 0x8D, 0x46, 0x65, 0x92, 0x5B, 0x4D, 0x56, 0x6B, 0x75, 0x04, 0x46, 0x3F, 0x0B, 0x1B, 0xB4, 0x19,
+ 0xBF, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x02, 0x0F, 0x30, 0x82, 0x02, 0x0B, 0x30, 0x1F,
+ 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x18, 0x30, 0x16, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05,
+ 0x07, 0x03, 0x03, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x0A, 0x03, 0x06, 0x30,
+ 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xA1, 0xE6, 0xC3, 0x65, 0xD0, 0xE6,
+ 0xE8, 0x28, 0x62, 0xC2, 0xF3, 0xC2, 0x23, 0xA6, 0x1C, 0x49, 0x82, 0x0B, 0xD5, 0x53, 0x30, 0x0E,
+ 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80, 0x30, 0x1F,
+ 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x90, 0x8B, 0x11,
+ 0xA5, 0x70, 0xED, 0xE0, 0xF9, 0xA9, 0xC0, 0xAC, 0x08, 0xC7, 0xB5, 0xF4, 0x82, 0xB1, 0x3C, 0xC5,
+ 0x4A, 0x30, 0x7B, 0x06, 0x03, 0x55, 0x1D, 0x1F, 0x04, 0x74, 0x30, 0x72, 0x30, 0x70, 0xA0, 0x6E,
+ 0xA0, 0x6C, 0x86, 0x34, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x63, 0x72, 0x6C, 0x2E, 0x6D,
+ 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x70, 0x6B, 0x69,
+ 0x2F, 0x63, 0x72, 0x6C, 0x2F, 0x70, 0x72, 0x6F, 0x64, 0x75, 0x63, 0x74, 0x73, 0x2F, 0x57, 0x69,
+ 0x6E, 0x50, 0x43, 0x41, 0x2E, 0x63, 0x72, 0x6C, 0x86, 0x34, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F,
+ 0x2F, 0x77, 0x77, 0x77, 0x2E, 0x6D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x2E, 0x63,
+ 0x6F, 0x6D, 0x2F, 0x70, 0x6B, 0x69, 0x2F, 0x63, 0x72, 0x6C, 0x2F, 0x70, 0x72, 0x6F, 0x64, 0x75,
+ 0x63, 0x74, 0x73, 0x2F, 0x57, 0x69, 0x6E, 0x50, 0x43, 0x41, 0x2E, 0x63, 0x72, 0x6C, 0x30, 0x52,
+ 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x46, 0x30, 0x44, 0x30, 0x42,
+ 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x02, 0x86, 0x36, 0x68, 0x74, 0x74, 0x70,
+ 0x3A, 0x2F, 0x2F, 0x77, 0x77, 0x77, 0x2E, 0x6D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74,
+ 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x70, 0x6B, 0x69, 0x2F, 0x63, 0x65, 0x72, 0x74, 0x73, 0x2F, 0x4D,
+ 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x57, 0x69, 0x6E, 0x50, 0x43, 0x41, 0x2E, 0x63,
+ 0x72, 0x74, 0x30, 0x81, 0xC6, 0x06, 0x03, 0x55, 0x1D, 0x20, 0x04, 0x81, 0xBE, 0x30, 0x81, 0xBB,
+ 0x30, 0x81, 0xB8, 0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x15, 0x2F, 0x30, 0x81,
+ 0xAA, 0x30, 0x40, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x01, 0x16, 0x34, 0x68,
+ 0x74, 0x74, 0x70, 0x73, 0x3A, 0x2F, 0x2F, 0x77, 0x77, 0x77, 0x2E, 0x6D, 0x69, 0x63, 0x72, 0x6F,
+ 0x73, 0x6F, 0x66, 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x70, 0x6B, 0x69, 0x2F, 0x73, 0x73, 0x6C,
+ 0x2F, 0x63, 0x70, 0x73, 0x2F, 0x57, 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x73, 0x50, 0x43, 0x41, 0x2E,
+ 0x68, 0x74, 0x6D, 0x30, 0x66, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x02, 0x30,
+ 0x5A, 0x1E, 0x58, 0x00, 0x43, 0x00, 0x6F, 0x00, 0x70, 0x00, 0x79, 0x00, 0x72, 0x00, 0x69, 0x00,
+ 0x67, 0x00, 0x68, 0x00, 0x74, 0x00, 0x20, 0x00, 0xA9, 0x00, 0x20, 0x00, 0x31, 0x00, 0x39, 0x00,
+ 0x39, 0x00, 0x39, 0x00, 0x2D, 0x00, 0x32, 0x00, 0x30, 0x00, 0x30, 0x00, 0x35, 0x00, 0x20, 0x00,
+ 0x4D, 0x00, 0x69, 0x00, 0x63, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x73, 0x00, 0x6F, 0x00, 0x66, 0x00,
+ 0x74, 0x00, 0x20, 0x00, 0x43, 0x00, 0x6F, 0x00, 0x72, 0x00, 0x70, 0x00, 0x6F, 0x00, 0x72, 0x00,
+ 0x61, 0x00, 0x74, 0x00, 0x69, 0x00, 0x6F, 0x00, 0x6E, 0x00, 0x2E, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+ 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x73,
+ 0x5F, 0xCA, 0x80, 0x1C, 0x60, 0x46, 0x6F, 0xB9, 0x34, 0x9D, 0x88, 0xE3, 0xBE, 0x22, 0x8C, 0xFA,
+ 0xE6, 0x58, 0x9A, 0xAB, 0x7B, 0x1A, 0x97, 0xFD, 0xED, 0x2E, 0x39, 0xCC, 0x59, 0x5B, 0x1D, 0x7A,
+ 0x06, 0x8A, 0xBB, 0x43, 0x93, 0x7B, 0x1E, 0xA1, 0x88, 0x53, 0xDF, 0x44, 0xF8, 0x53, 0xA9, 0xEA,
+ 0xF6, 0x67, 0x1B, 0x3A, 0x78, 0x84, 0x11, 0x6A, 0x6F, 0x29, 0x47, 0x90, 0x0A, 0x0C, 0x7B, 0x22,
+ 0x77, 0x4E, 0x6F, 0xB8, 0x64, 0x29, 0xDF, 0x06, 0xC7, 0xC8, 0x73, 0x84, 0xD6, 0x66, 0xA0, 0xCA,
+ 0xD9, 0x5A, 0x26, 0x82, 0x57, 0xF9, 0xE3, 0x4F, 0x39, 0xAF, 0x2E, 0x8E, 0xB1, 0x06, 0x5B, 0x72,
+ 0xF2, 0x37, 0x32, 0xAE, 0x4E, 0xCE, 0x3C, 0x7D, 0xB0, 0x12, 0x2B, 0x9E, 0xA5, 0x75, 0xE3, 0x43,
+ 0xA6, 0x12, 0x8B, 0x06, 0x14, 0x98, 0x77, 0xE3, 0x58, 0x32, 0x25, 0x60, 0x07, 0x8C, 0x59, 0x71,
+ 0xA7, 0x71, 0x41, 0xB3, 0x06, 0x8D, 0x5C, 0xEF, 0x9C, 0x7F, 0x5A, 0x22, 0x6D, 0xB7, 0xD3, 0xD9,
+ 0xF5, 0xA6, 0x1B, 0x52, 0xDE, 0xF5, 0x7E, 0x76, 0x7C, 0xFE, 0xF4, 0xC8, 0x23, 0x1A, 0x4B, 0x25,
+ 0xEB, 0xE4, 0xEE, 0xAF, 0x10, 0x0B, 0x55, 0xC3, 0xD8, 0xC1, 0x17, 0x85, 0x61, 0x6F, 0xD3, 0x3F,
+ 0xB6, 0xE9, 0xEC, 0x84, 0xA5, 0xEE, 0x6D, 0xB2, 0xFF, 0xE8, 0x6C, 0x95, 0xAB, 0x2B, 0x5E, 0xC8,
+ 0x85, 0xC3, 0x11, 0x60, 0xAC, 0xFA, 0x02, 0x05, 0xF1, 0x7B, 0xDA, 0xC3, 0x69, 0x49, 0x96, 0xA5,
+ 0x70, 0xF9, 0x65, 0x66, 0x46, 0x10, 0x8D, 0x34, 0xE9, 0x21, 0x94, 0x3C, 0x0F, 0x71, 0x4A, 0x1C,
+ 0xEA, 0x1F, 0xF7, 0x23, 0xA6, 0x87, 0x60, 0x34, 0xE9, 0x14, 0xE1, 0xDE, 0x03, 0x59, 0xB4, 0x02,
+ 0x1D, 0x3A, 0xAF, 0xE3, 0x55, 0x05, 0xF5, 0xED, 0xC1, 0xF4, 0xE4, 0x5D, 0x0E, 0xD3, 0x97, 0x30,
+ 0x82, 0x06, 0x07, 0x30, 0x82, 0x03, 0xEF, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x0A, 0x61, 0x16,
+ 0x68, 0x34, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1C, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
+ 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x5F, 0x31, 0x13, 0x30, 0x11, 0x06, 0x0A, 0x09,
+ 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19, 0x16, 0x03, 0x63, 0x6F, 0x6D, 0x31, 0x19,
+ 0x30, 0x17, 0x06, 0x0A, 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19, 0x16, 0x09,
+ 0x6D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x31, 0x2D, 0x30, 0x2B, 0x06, 0x03, 0x55,
+ 0x04, 0x03, 0x13, 0x24, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x52, 0x6F,
+ 0x6F, 0x74, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x41,
+ 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x30, 0x1E, 0x17, 0x0D, 0x30, 0x37, 0x30, 0x34,
+ 0x30, 0x33, 0x31, 0x32, 0x35, 0x33, 0x30, 0x39, 0x5A, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x34, 0x30,
+ 0x33, 0x31, 0x33, 0x30, 0x33, 0x30, 0x39, 0x5A, 0x30, 0x77, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03,
+ 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08,
+ 0x13, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E,
+ 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x52, 0x65, 0x64, 0x6D, 0x6F, 0x6E, 0x64, 0x31, 0x1E,
+ 0x30, 0x1C, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x15, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F,
+ 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x6F, 0x72, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x21,
+ 0x30, 0x1F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F,
+ 0x66, 0x74, 0x20, 0x54, 0x69, 0x6D, 0x65, 0x2D, 0x53, 0x74, 0x61, 0x6D, 0x70, 0x20, 0x50, 0x43,
+ 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
+ 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01,
+ 0x01, 0x00, 0x9F, 0xA1, 0x6C, 0xB1, 0xDF, 0xDB, 0x48, 0x92, 0x2A, 0x7C, 0x6B, 0x2E, 0x19, 0xE1,
+ 0xBD, 0xE2, 0xE3, 0xC5, 0x99, 0x51, 0x23, 0x50, 0xAD, 0xCE, 0xDD, 0x18, 0x4E, 0x24, 0x0F, 0xEE,
+ 0xD1, 0xA7, 0xD1, 0x4C, 0xAD, 0x74, 0x30, 0x20, 0x11, 0xEB, 0x07, 0xD5, 0x54, 0x95, 0x15, 0x49,
+ 0x94, 0x1B, 0x42, 0x92, 0xAE, 0x98, 0x5C, 0x30, 0x26, 0xDA, 0x00, 0x6B, 0xE8, 0x7B, 0xBD, 0xEC,
+ 0x89, 0x07, 0x0F, 0xF7, 0x0E, 0x04, 0x98, 0xF0, 0x89, 0xCC, 0x1F, 0xCB, 0x33, 0x24, 0x87, 0x9D,
+ 0xF2, 0xF4, 0x67, 0x1C, 0x2C, 0xFC, 0x7B, 0xE7, 0x88, 0x1D, 0xEA, 0xE7, 0x4E, 0xA3, 0xA1, 0xC1,
+ 0x23, 0x53, 0xCA, 0x8D, 0xFA, 0x45, 0xCF, 0x09, 0xD0, 0x5E, 0xAF, 0xD0, 0xB0, 0x42, 0x04, 0xA2,
+ 0xF9, 0xA6, 0x6C, 0x93, 0x67, 0xD7, 0x28, 0xDC, 0x46, 0x53, 0xB0, 0x86, 0xD0, 0xE5, 0x28, 0x46,
+ 0x2E, 0x27, 0xAC, 0x86, 0x4F, 0x55, 0x52, 0x0C, 0xE4, 0x03, 0x2C, 0xFB, 0x6A, 0x90, 0x90, 0x30,
+ 0x6E, 0x87, 0xF3, 0x59, 0x30, 0x9D, 0xFA, 0x7E, 0xD6, 0x97, 0xB3, 0xE8, 0x21, 0x97, 0x7E, 0xF8,
+ 0xD2, 0x13, 0xF3, 0x08, 0xB7, 0x53, 0x6D, 0x52, 0xB4, 0x45, 0x90, 0x9F, 0x48, 0x00, 0x4A, 0x47,
+ 0x66, 0x11, 0x27, 0x29, 0x66, 0xA8, 0x97, 0xE4, 0xD3, 0x06, 0x81, 0x4A, 0xA2, 0xF9, 0x84, 0xA7,
+ 0x11, 0x47, 0x14, 0x09, 0x82, 0x9F, 0x84, 0xED, 0x55, 0x78, 0xFE, 0x01, 0x9A, 0x1D, 0x50, 0x08,
+ 0x85, 0x00, 0x10, 0x30, 0x46, 0xED, 0xB7, 0xDE, 0x23, 0x46, 0xBB, 0xC4, 0x2D, 0x54, 0x9F, 0xAF,
+ 0x1E, 0x78, 0x41, 0x31, 0x77, 0xCC, 0x9B, 0xDF, 0x3B, 0x83, 0x93, 0xA1, 0x61, 0x02, 0xB5, 0x1D,
+ 0x0D, 0xB1, 0xFC, 0xF7, 0x9B, 0xB2, 0x01, 0xCE, 0x22, 0x4B, 0x54, 0xFF, 0xF9, 0x05, 0xC3, 0xC2,
+ 0x20, 0x0B, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0xAB, 0x30, 0x82, 0x01, 0xA7, 0x30,
+ 0x0F, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF,
+ 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x23, 0x34, 0xF8, 0xD9, 0x52,
+ 0x46, 0x70, 0x0A, 0xED, 0x40, 0xFB, 0x76, 0xFB, 0xB3, 0x2B, 0xB0, 0xC3, 0x35, 0xB3, 0x0F, 0x30,
+ 0x0B, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x10, 0x06, 0x09,
+ 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x15, 0x01, 0x04, 0x03, 0x02, 0x01, 0x00, 0x30, 0x81,
+ 0x98, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0x90, 0x30, 0x81, 0x8D, 0x80, 0x14, 0x0E, 0xAC,
+ 0x82, 0x60, 0x40, 0x56, 0x27, 0x97, 0xE5, 0x25, 0x13, 0xFC, 0x2A, 0xE1, 0x0A, 0x53, 0x95, 0x59,
+ 0xE4, 0xA4, 0xA1, 0x63, 0xA4, 0x61, 0x30, 0x5F, 0x31, 0x13, 0x30, 0x11, 0x06, 0x0A, 0x09, 0x92,
+ 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19, 0x16, 0x03, 0x63, 0x6F, 0x6D, 0x31, 0x19, 0x30,
+ 0x17, 0x06, 0x0A, 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19, 0x16, 0x09, 0x6D,
+ 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x31, 0x2D, 0x30, 0x2B, 0x06, 0x03, 0x55, 0x04,
+ 0x03, 0x13, 0x24, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x52, 0x6F, 0x6F,
+ 0x74, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x41, 0x75,
+ 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x82, 0x10, 0x79, 0xAD, 0x16, 0xA1, 0x4A, 0xA0, 0xA5,
+ 0xAD, 0x4C, 0x73, 0x58, 0xF4, 0x07, 0x13, 0x2E, 0x65, 0x30, 0x50, 0x06, 0x03, 0x55, 0x1D, 0x1F,
+ 0x04, 0x49, 0x30, 0x47, 0x30, 0x45, 0xA0, 0x43, 0xA0, 0x41, 0x86, 0x3F, 0x68, 0x74, 0x74, 0x70,
+ 0x3A, 0x2F, 0x2F, 0x63, 0x72, 0x6C, 0x2E, 0x6D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74,
+ 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x70, 0x6B, 0x69, 0x2F, 0x63, 0x72, 0x6C, 0x2F, 0x70, 0x72, 0x6F,
+ 0x64, 0x75, 0x63, 0x74, 0x73, 0x2F, 0x6D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x72,
+ 0x6F, 0x6F, 0x74, 0x63, 0x65, 0x72, 0x74, 0x2E, 0x63, 0x72, 0x6C, 0x30, 0x54, 0x06, 0x08, 0x2B,
+ 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x48, 0x30, 0x46, 0x30, 0x44, 0x06, 0x08, 0x2B,
+ 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x02, 0x86, 0x38, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F,
+ 0x77, 0x77, 0x77, 0x2E, 0x6D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x2E, 0x63, 0x6F,
+ 0x6D, 0x2F, 0x70, 0x6B, 0x69, 0x2F, 0x63, 0x65, 0x72, 0x74, 0x73, 0x2F, 0x4D, 0x69, 0x63, 0x72,
+ 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x52, 0x6F, 0x6F, 0x74, 0x43, 0x65, 0x72, 0x74, 0x2E, 0x63, 0x72,
+ 0x74, 0x30, 0x13, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x0C, 0x30, 0x0A, 0x06, 0x08, 0x2B, 0x06,
+ 0x01, 0x05, 0x05, 0x07, 0x03, 0x08, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x02, 0x01, 0x00, 0x10, 0x97, 0x8A, 0xC3, 0x5C, 0x03,
+ 0x44, 0x36, 0xDD, 0xE9, 0xB4, 0xAD, 0x77, 0xDB, 0xCE, 0x79, 0x51, 0x4D, 0x01, 0xB1, 0x2E, 0x74,
+ 0x71, 0x5B, 0x6D, 0x0C, 0x13, 0xAB, 0xCE, 0xBE, 0x7B, 0x8F, 0xB8, 0x2E, 0xD4, 0x12, 0xA2, 0x8C,
+ 0x6D, 0x62, 0xB8, 0x57, 0x02, 0xCB, 0x4E, 0x20, 0x13, 0x50, 0x99, 0xDD, 0x7A, 0x40, 0xE2, 0x57,
+ 0xBB, 0xAF, 0x58, 0x9A, 0x1C, 0xE1, 0x1D, 0x01, 0x86, 0xAC, 0xBB, 0x78, 0xF2, 0x8B, 0xD0, 0xEC,
+ 0x3B, 0x01, 0xEE, 0xE2, 0xBE, 0x8F, 0x0A, 0x05, 0xC8, 0x8D, 0x48, 0xE2, 0xF0, 0x53, 0x15, 0xDD,
+ 0x4F, 0xAB, 0x92, 0xE4, 0xE7, 0x8D, 0x6A, 0xD5, 0x80, 0xC1, 0xE6, 0x94, 0xF2, 0x06, 0x2F, 0x85,
+ 0x03, 0xE9, 0x91, 0x2A, 0x24, 0x22, 0x70, 0xFB, 0xF6, 0xFC, 0xE4, 0x78, 0x99, 0x2E, 0x0D, 0xF7,
+ 0x07, 0xE2, 0x70, 0xBC, 0x18, 0x4E, 0x9D, 0x8E, 0x6B, 0x0A, 0x72, 0x95, 0xB8, 0xA1, 0x39, 0x9C,
+ 0x67, 0x2D, 0xC5, 0x51, 0x0E, 0xEA, 0x62, 0x5C, 0x3F, 0x16, 0x98, 0x8B, 0x20, 0x3F, 0xE2, 0x07,
+ 0x1A, 0x32, 0xF9, 0xCC, 0x31, 0x4A, 0x76, 0x31, 0x3D, 0x2B, 0x72, 0x0B, 0xC8, 0xEA, 0x70, 0x3D,
+ 0xFF, 0x85, 0x0A, 0x13, 0xDF, 0xC2, 0x0A, 0x61, 0x8E, 0xF0, 0xD7, 0xB8, 0x17, 0xEB, 0x4E, 0x8B,
+ 0x7F, 0xC5, 0x35, 0x2B, 0x5E, 0xA3, 0xBF, 0xEB, 0xBC, 0x7D, 0x0B, 0x42, 0x7B, 0xD4, 0x53, 0x72,
+ 0x21, 0xEE, 0x30, 0xCA, 0xBB, 0x78, 0x65, 0x5C, 0x5B, 0x01, 0x17, 0x0A, 0x14, 0x0E, 0xD2, 0xDA,
+ 0x14, 0x98, 0xF5, 0x3C, 0xB9, 0x66, 0x58, 0xB3, 0x2D, 0x2F, 0xE7, 0xF9, 0x85, 0x86, 0xCC, 0x51,
+ 0x56, 0xE8, 0x9D, 0x70, 0x94, 0x6C, 0xAC, 0x39, 0x4C, 0xD4, 0xF6, 0x79, 0xBF, 0xAA, 0x18, 0x7A,
+ 0x62, 0x29, 0xEF, 0xA2, 0x9B, 0x29, 0x34, 0x06, 0x77, 0x1A, 0x62, 0xC9, 0x3D, 0x1E, 0x6D, 0x1F,
+ 0x82, 0xF0, 0x0B, 0xC7, 0x2C, 0xBB, 0xCF, 0x43, 0xB3, 0xE5, 0xF9, 0xEC, 0x7D, 0xB5, 0xE3, 0xA4,
+ 0xA8, 0x74, 0x35, 0xB8, 0x4E, 0xC5, 0x71, 0x23, 0x12, 0x26, 0x76, 0x0B, 0x3C, 0x52, 0x8C, 0x71,
+ 0x5A, 0x46, 0x43, 0x14, 0xBC, 0xB3, 0xB3, 0xB0, 0x4D, 0x67, 0xC8, 0x9F, 0x42, 0xFF, 0x80, 0x79,
+ 0x21, 0x80, 0x9E, 0x15, 0x30, 0x66, 0xE8, 0x42, 0x12, 0x5E, 0x1A, 0xC8, 0x9E, 0x22, 0x21, 0xD0,
+ 0x43, 0xE9, 0x2B, 0xE9, 0xBB, 0xF4, 0x48, 0xCC, 0x2C, 0xD4, 0xD8, 0x32, 0x80, 0x4C, 0x26, 0x2A,
+ 0x48, 0x24, 0x5F, 0x5A, 0xEA, 0x56, 0xEF, 0xA6, 0xDE, 0x99, 0x9D, 0xCA, 0x3A, 0x6F, 0xBD, 0x81,
+ 0x27, 0x74, 0x06, 0x11, 0xEE, 0x76, 0x21, 0xBF, 0x9B, 0x82, 0xC1, 0x27, 0x54, 0xB6, 0xB1, 0x6A,
+ 0x3D, 0x89, 0xA1, 0x76, 0x61, 0xB4, 0x6E, 0xA1, 0x13, 0xA6, 0xBF, 0xAA, 0x47, 0xF0, 0x12, 0x6F,
+ 0xFD, 0x8A, 0x32, 0x6C, 0xB2, 0xFE, 0xDF, 0x51, 0xC8, 0x8C, 0x23, 0xC9, 0x66, 0xBD, 0x9D, 0x1D,
+ 0x87, 0x12, 0x64, 0x02, 0x3D, 0x2D, 0xAF, 0x59, 0x8F, 0xB8, 0xE4, 0x21, 0xE5, 0xB5, 0xB0, 0xCA,
+ 0x63, 0xB4, 0x78, 0x54, 0x05, 0xD4, 0x41, 0x2E, 0x50, 0xAC, 0x94, 0xB0, 0xA5, 0x78, 0xAB, 0xB3,
+ 0xA0, 0x96, 0x75, 0x1A, 0xD9, 0x92, 0x87, 0x13, 0x75, 0x22, 0x2F, 0x32, 0xA8, 0x08, 0x6E, 0xA0,
+ 0x5B, 0x8C, 0x25, 0xBF, 0xA0, 0xEF, 0x84, 0xCA, 0x21, 0xD6, 0xEB, 0x1E, 0x4F, 0xC9, 0x9A, 0xEE,
+ 0x49, 0xE0, 0xF7, 0x01, 0x65, 0x6F, 0x89, 0x0B, 0x7D, 0xC8, 0x69, 0xC8, 0xE6, 0x6E, 0xEA, 0xA7,
+ 0x97, 0xCE, 0x31, 0x29, 0xFF, 0x0E, 0xC5, 0x5B, 0x5C, 0xD8, 0x4D, 0x1B, 0xA1, 0xD8, 0xFA, 0x2F,
+ 0x9E, 0x3F, 0x2E, 0x55, 0x16, 0x6B, 0xC9, 0x13, 0xA3, 0xFD, 0x30, 0x82, 0x06, 0xA1, 0x30, 0x82,
+ 0x04, 0x89, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x0A, 0x61, 0x07, 0x02, 0xDC, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x0B, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05,
+ 0x05, 0x00, 0x30, 0x5F, 0x31, 0x13, 0x30, 0x11, 0x06, 0x0A, 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2,
+ 0x2C, 0x64, 0x01, 0x19, 0x16, 0x03, 0x63, 0x6F, 0x6D, 0x31, 0x19, 0x30, 0x17, 0x06, 0x0A, 0x09,
+ 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19, 0x16, 0x09, 0x6D, 0x69, 0x63, 0x72, 0x6F,
+ 0x73, 0x6F, 0x66, 0x74, 0x31, 0x2D, 0x30, 0x2B, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x24, 0x4D,
+ 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x65,
+ 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72,
+ 0x69, 0x74, 0x79, 0x30, 0x1E, 0x17, 0x0D, 0x30, 0x35, 0x30, 0x39, 0x31, 0x35, 0x32, 0x31, 0x35,
+ 0x35, 0x34, 0x31, 0x5A, 0x17, 0x0D, 0x31, 0x36, 0x30, 0x33, 0x31, 0x35, 0x32, 0x32, 0x30, 0x35,
+ 0x34, 0x31, 0x5A, 0x30, 0x81, 0x81, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
+ 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x0A, 0x57, 0x61,
+ 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04,
+ 0x07, 0x13, 0x07, 0x52, 0x65, 0x64, 0x6D, 0x6F, 0x6E, 0x64, 0x31, 0x1E, 0x30, 0x1C, 0x06, 0x03,
+ 0x55, 0x04, 0x0A, 0x13, 0x15, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43,
+ 0x6F, 0x72, 0x70, 0x6F, 0x72, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x2B, 0x30, 0x29, 0x06, 0x03,
+ 0x55, 0x04, 0x03, 0x13, 0x22, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x57,
+ 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x73, 0x20, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
+ 0x69, 0x6F, 0x6E, 0x20, 0x50, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+ 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30,
+ 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC5, 0xAC, 0x93, 0x4E, 0xE6, 0x4A, 0x11, 0x9E,
+ 0x37, 0xD0, 0x35, 0xD2, 0xB0, 0x06, 0x5C, 0x83, 0x14, 0xA5, 0x61, 0x92, 0xFC, 0xFE, 0xB3, 0x89,
+ 0xC1, 0xE6, 0xCD, 0xC8, 0x1F, 0x31, 0x84, 0x09, 0x91, 0x34, 0x46, 0x92, 0x2C, 0xB8, 0xEE, 0x2C,
+ 0xC5, 0x20, 0x73, 0xC4, 0xE8, 0x1A, 0xD8, 0x8D, 0xCE, 0x7A, 0x68, 0xB5, 0x66, 0x78, 0x8B, 0xE5,
+ 0x60, 0x15, 0xA2, 0xF6, 0x29, 0x5A, 0x1D, 0x5E, 0x5D, 0xFC, 0x62, 0xD3, 0xC1, 0x5C, 0x29, 0x89,
+ 0xFB, 0x33, 0xF8, 0x16, 0x95, 0x36, 0xDD, 0xB1, 0x46, 0x74, 0x69, 0x72, 0x53, 0xD5, 0xAA, 0xE8,
+ 0x8A, 0x99, 0x1A, 0xD8, 0xF7, 0x67, 0x09, 0xD9, 0x09, 0x20, 0x22, 0x38, 0x7A, 0xD6, 0x03, 0x23,
+ 0xD7, 0x89, 0x9F, 0x1C, 0x01, 0xB7, 0x51, 0xDF, 0x98, 0x66, 0x2A, 0x02, 0x8B, 0x06, 0xEC, 0xE4,
+ 0x29, 0xEF, 0x5B, 0x42, 0x17, 0x15, 0x97, 0x51, 0x8D, 0x7D, 0x25, 0x0A, 0xAF, 0x25, 0xE8, 0xDE,
+ 0xDC, 0x9B, 0x67, 0x16, 0x0A, 0x56, 0x73, 0x9D, 0xB3, 0x1D, 0x85, 0x83, 0x0B, 0x7E, 0x33, 0x2B,
+ 0x62, 0x33, 0xCE, 0x1C, 0x20, 0x81, 0x4B, 0x5E, 0xD3, 0xC6, 0x49, 0xB8, 0xF6, 0x2E, 0xD3, 0x4E,
+ 0xB0, 0x71, 0x44, 0x46, 0x64, 0x3E, 0xDE, 0x43, 0x66, 0x04, 0xB9, 0xCC, 0x83, 0x48, 0x3A, 0xC5,
+ 0x36, 0x7A, 0x04, 0x48, 0x0B, 0x89, 0x02, 0x3D, 0x63, 0xA2, 0x01, 0x76, 0x29, 0x97, 0x75, 0xE9,
+ 0x01, 0xE6, 0x00, 0x97, 0x09, 0x92, 0xF8, 0xE2, 0x27, 0xF0, 0x29, 0x67, 0x43, 0x77, 0xC3, 0x50,
+ 0x96, 0x53, 0x31, 0xE1, 0xB6, 0x71, 0x8B, 0xEC, 0x77, 0xC7, 0x7C, 0x31, 0x48, 0xD5, 0xB8, 0x25,
+ 0x22, 0x8C, 0x00, 0xF7, 0x28, 0x38, 0x7A, 0xBD, 0x7C, 0xC7, 0x3F, 0xCD, 0x40, 0x26, 0x77, 0xDD,
+ 0x00, 0x00, 0x11, 0x9A, 0x95, 0xBE, 0x1F, 0xDB, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x02,
+ 0x3A, 0x30, 0x82, 0x02, 0x36, 0x30, 0x10, 0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37,
+ 0x15, 0x01, 0x04, 0x03, 0x02, 0x01, 0x00, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16,
+ 0x04, 0x14, 0x90, 0x8B, 0x11, 0xA5, 0x70, 0xED, 0xE0, 0xF9, 0xA9, 0xC0, 0xAC, 0x08, 0xC7, 0xB5,
+ 0xF4, 0x82, 0xB1, 0x3C, 0xC5, 0x4A, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x04, 0x04, 0x03,
+ 0x02, 0x01, 0xC6, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30,
+ 0x03, 0x01, 0x01, 0xFF, 0x30, 0x81, 0x98, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0x90, 0x30,
+ 0x81, 0x8D, 0x80, 0x14, 0x0E, 0xAC, 0x82, 0x60, 0x40, 0x56, 0x27, 0x97, 0xE5, 0x25, 0x13, 0xFC,
+ 0x2A, 0xE1, 0x0A, 0x53, 0x95, 0x59, 0xE4, 0xA4, 0xA1, 0x63, 0xA4, 0x61, 0x30, 0x5F, 0x31, 0x13,
+ 0x30, 0x11, 0x06, 0x0A, 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19, 0x16, 0x03,
+ 0x63, 0x6F, 0x6D, 0x31, 0x19, 0x30, 0x17, 0x06, 0x0A, 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C,
+ 0x64, 0x01, 0x19, 0x16, 0x09, 0x6D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x31, 0x2D,
+ 0x30, 0x2B, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x24, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F,
+ 0x66, 0x74, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63,
+ 0x61, 0x74, 0x65, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x82, 0x10, 0x79,
+ 0xAD, 0x16, 0xA1, 0x4A, 0xA0, 0xA5, 0xAD, 0x4C, 0x73, 0x58, 0xF4, 0x07, 0x13, 0x2E, 0x65, 0x30,
+ 0x50, 0x06, 0x03, 0x55, 0x1D, 0x1F, 0x04, 0x49, 0x30, 0x47, 0x30, 0x45, 0xA0, 0x43, 0xA0, 0x41,
+ 0x86, 0x3F, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x63, 0x72, 0x6C, 0x2E, 0x6D, 0x69, 0x63,
+ 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x70, 0x6B, 0x69, 0x2F, 0x63,
+ 0x72, 0x6C, 0x2F, 0x70, 0x72, 0x6F, 0x64, 0x75, 0x63, 0x74, 0x73, 0x2F, 0x6D, 0x69, 0x63, 0x72,
+ 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x72, 0x6F, 0x6F, 0x74, 0x63, 0x65, 0x72, 0x74, 0x2E, 0x63, 0x72,
+ 0x6C, 0x30, 0x54, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x48, 0x30,
+ 0x46, 0x30, 0x44, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x02, 0x86, 0x38, 0x68,
+ 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x77, 0x77, 0x77, 0x2E, 0x6D, 0x69, 0x63, 0x72, 0x6F, 0x73,
+ 0x6F, 0x66, 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x70, 0x6B, 0x69, 0x2F, 0x63, 0x65, 0x72, 0x74,
+ 0x73, 0x2F, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x52, 0x6F, 0x6F, 0x74, 0x43,
+ 0x65, 0x72, 0x74, 0x2E, 0x63, 0x72, 0x74, 0x30, 0x81, 0x80, 0x06, 0x03, 0x55, 0x1D, 0x20, 0x04,
+ 0x79, 0x30, 0x77, 0x30, 0x75, 0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x15, 0x2F,
+ 0x30, 0x68, 0x30, 0x66, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x02, 0x30, 0x5A,
+ 0x1E, 0x58, 0x00, 0x43, 0x00, 0x6F, 0x00, 0x70, 0x00, 0x79, 0x00, 0x72, 0x00, 0x69, 0x00, 0x67,
+ 0x00, 0x68, 0x00, 0x74, 0x00, 0x20, 0x00, 0xA9, 0x00, 0x20, 0x00, 0x31, 0x00, 0x39, 0x00, 0x39,
+ 0x00, 0x39, 0x00, 0x2D, 0x00, 0x32, 0x00, 0x30, 0x00, 0x30, 0x00, 0x35, 0x00, 0x20, 0x00, 0x4D,
+ 0x00, 0x69, 0x00, 0x63, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x73, 0x00, 0x6F, 0x00, 0x66, 0x00, 0x74,
+ 0x00, 0x20, 0x00, 0x43, 0x00, 0x6F, 0x00, 0x72, 0x00, 0x70, 0x00, 0x6F, 0x00, 0x72, 0x00, 0x61,
+ 0x00, 0x74, 0x00, 0x69, 0x00, 0x6F, 0x00, 0x6E, 0x00, 0x2E, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D,
+ 0x25, 0x04, 0x18, 0x30, 0x16, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x03, 0x06,
+ 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x0A, 0x03, 0x06, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+ 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x02, 0x01, 0x00, 0x25,
+ 0x31, 0xA1, 0x58, 0xEA, 0x52, 0xE5, 0xE1, 0x17, 0x0C, 0xE6, 0xF1, 0x3F, 0x78, 0xA3, 0x3F, 0x72,
+ 0xAF, 0xA7, 0x57, 0x10, 0x53, 0x89, 0x10, 0x5E, 0x32, 0x9C, 0xB6, 0x70, 0xC3, 0x15, 0x2B, 0x4D,
+ 0x15, 0x30, 0x34, 0xE8, 0xC0, 0x6A, 0xE4, 0x1C, 0xD3, 0x2E, 0x20, 0x65, 0x48, 0xD7, 0x1B, 0x98,
+ 0x62, 0x21, 0xBA, 0x45, 0x9F, 0x4A, 0xEC, 0xDB, 0x2F, 0x09, 0x19, 0x51, 0xE5, 0xED, 0x32, 0x19,
+ 0x51, 0x2F, 0xE1, 0xDD, 0xFB, 0xC6, 0x52, 0xFD, 0xEB, 0xC6, 0x82, 0x25, 0x42, 0x03, 0x09, 0xA6,
+ 0x38, 0xB6, 0x36, 0x1F, 0xCC, 0xC9, 0x80, 0xBB, 0x5A, 0x69, 0x18, 0x31, 0xC3, 0xB3, 0xA0, 0xB3,
+ 0x67, 0x47, 0xBE, 0x9D, 0xC7, 0xE2, 0x3F, 0x96, 0xB3, 0x88, 0xF8, 0x19, 0xBE, 0x39, 0xB9, 0xE9,
+ 0x95, 0xCE, 0xFC, 0x7C, 0xAF, 0xA8, 0xCD, 0xD0, 0x41, 0x90, 0xE0, 0xD5, 0xB3, 0x1C, 0x2F, 0x68,
+ 0xBB, 0xDB, 0x0F, 0x6C, 0x6A, 0xDD, 0xF2, 0xAF, 0xDE, 0xF2, 0xB5, 0xDE, 0x0D, 0xB6, 0xA6, 0x5A,
+ 0xF0, 0x86, 0x0A, 0xB9, 0x6D, 0x99, 0x4B, 0x3F, 0x7B, 0x2D, 0x01, 0x84, 0x6C, 0x8F, 0x87, 0xDC,
+ 0x7F, 0x8F, 0xAB, 0x14, 0x88, 0xD0, 0x06, 0x91, 0x34, 0xBE, 0x1B, 0x82, 0x22, 0xA4, 0xBC, 0x55,
+ 0x8A, 0xAD, 0x9B, 0xFC, 0x73, 0x14, 0x10, 0xC4, 0xC9, 0x19, 0x1E, 0x07, 0x7D, 0x9B, 0x0E, 0xC0,
+ 0x95, 0x26, 0x5D, 0xC6, 0x1F, 0xAC, 0xB4, 0xF2, 0x7E, 0xBA, 0x25, 0x70, 0x4A, 0x7B, 0xD7, 0x8E,
+ 0xD1, 0x9D, 0xA0, 0x13, 0x49, 0x7A, 0xB0, 0x02, 0x52, 0x52, 0x24, 0xF4, 0xAF, 0xDD, 0x40, 0x2D,
+ 0xE5, 0x3E, 0x32, 0x58, 0xB3, 0x4A, 0x6A, 0xDD, 0x11, 0x59, 0xAA, 0x2D, 0xBC, 0xA4, 0xA0, 0x73,
+ 0x38, 0xF9, 0x40, 0x77, 0x6B, 0x34, 0x19, 0x57, 0xCD, 0x38, 0x68, 0x27, 0x82, 0xF8, 0xD1, 0x6F,
+ 0xEB, 0x23, 0xC0, 0x3F, 0x52, 0xF3, 0x4E, 0xD5, 0x02, 0x3E, 0x6A, 0x9A, 0x2B, 0xC1, 0xF5, 0x31,
+ 0x71, 0xDB, 0x41, 0x4D, 0x3B, 0xDE, 0xEF, 0xAD, 0xAF, 0x1F, 0x88, 0x65, 0x43, 0x1B, 0x51, 0xB7,
+ 0x9A, 0x75, 0xCA, 0x8E, 0x69, 0x49, 0x10, 0x8F, 0x78, 0x8A, 0x74, 0x45, 0xB9, 0x09, 0x8E, 0x73,
+ 0x77, 0x07, 0x32, 0x4A, 0x4B, 0xD7, 0x68, 0x2B, 0x98, 0xC5, 0xBA, 0x54, 0xEA, 0x3F, 0xCB, 0xA2,
+ 0x00, 0x8C, 0xBB, 0xD8, 0x10, 0x58, 0xF2, 0xDB, 0xDC, 0x9B, 0xCD, 0xD8, 0xEA, 0x48, 0x43, 0xE2,
+ 0x4A, 0x7E, 0x65, 0xB2, 0xDC, 0xF5, 0x2D, 0x4E, 0x25, 0x67, 0xA8, 0xE0, 0xB5, 0xBA, 0xA7, 0xDD,
+ 0x7E, 0x5E, 0xC1, 0x4C, 0x02, 0x74, 0xC9, 0xB3, 0x6E, 0xE3, 0xF8, 0xF0, 0x0B, 0xED, 0xFC, 0xB9,
+ 0x29, 0xC5, 0x5B, 0xC9, 0x36, 0x51, 0x90, 0xDB, 0x78, 0x7D, 0xB9, 0x32, 0x0F, 0x5E, 0x76, 0xD2,
+ 0x15, 0x5C, 0x3B, 0x37, 0x21, 0xC6, 0xDB, 0xC9, 0x19, 0x6E, 0xED, 0x74, 0x2A, 0x5C, 0x2C, 0x0B,
+ 0x51, 0x49, 0x45, 0x53, 0xB0, 0xB2, 0xB3, 0x23, 0xD4, 0xA1, 0xB0, 0x5F, 0x0D, 0x19, 0xCD, 0x14,
+ 0xA7, 0xE3, 0x3C, 0x9B, 0x97, 0x72, 0x94, 0x14, 0xDF, 0xFF, 0xC1, 0x90, 0x1B, 0xA5, 0xDF, 0xF5,
+ 0xA9, 0xF3, 0x1B, 0x17, 0xDA, 0xB5, 0xFC, 0x44, 0xE0, 0xE8, 0xE2, 0x3C, 0xA2, 0x7A, 0xBB, 0xBB,
+ 0x65, 0xE6, 0x4D, 0xB1, 0xB5, 0x15, 0xA1, 0xD9, 0x67, 0x3B, 0xB0, 0x0C, 0x7D, 0x3B, 0xE9, 0xEE,
+ 0x51, 0x2A, 0x47, 0xF5, 0x15, 0x0F, 0x8C, 0xAD, 0x5D, 0x2E, 0x35, 0xDF, 0xF4, 0xA4, 0x2E, 0xF6,
+ 0x13, 0x37, 0x5A, 0x2B, 0xE8, 0x55, 0x9A, 0x49, 0x2C, 0x97, 0xCE, 0x9D, 0x01, 0x9E, 0x97, 0x46,
+ 0x5C, 0xD9, 0x2D, 0xBC, 0x24, 0x5A, 0x95, 0x59, 0x6F, 0x4D, 0xCA, 0x9D, 0xD6, 0x57, 0x26, 0x31,
+ 0x82, 0x04, 0x96, 0x30, 0x82, 0x04, 0x92, 0x02, 0x01, 0x01, 0x30, 0x81, 0x90, 0x30, 0x81, 0x81,
+ 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30,
+ 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74,
+ 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x52, 0x65, 0x64,
+ 0x6D, 0x6F, 0x6E, 0x64, 0x31, 0x1E, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x15, 0x4D,
+ 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x6F, 0x72, 0x61,
+ 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x2B, 0x30, 0x29, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x22, 0x4D,
+ 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x57, 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x73,
+ 0x20, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x50, 0x43,
+ 0x41, 0x02, 0x0A, 0x61, 0x01, 0xC6, 0xC1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 0x30, 0x09, 0x06,
+ 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0xA0, 0x81, 0xBA, 0x30, 0x19, 0x06, 0x09, 0x2A,
+ 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x03, 0x31, 0x0C, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04,
+ 0x01, 0x82, 0x37, 0x02, 0x01, 0x04, 0x30, 0x1C, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82,
+ 0x37, 0x02, 0x01, 0x0B, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82,
+ 0x37, 0x02, 0x01, 0x15, 0x30, 0x23, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09,
+ 0x04, 0x31, 0x16, 0x04, 0x14, 0xC5, 0xC5, 0xC1, 0xC3, 0x46, 0xC4, 0x12, 0xB9, 0x38, 0xED, 0xE5,
+ 0x7E, 0x66, 0x78, 0x4E, 0x8F, 0x55, 0x10, 0x7D, 0xAC, 0x30, 0x5A, 0x06, 0x0A, 0x2B, 0x06, 0x01,
+ 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0C, 0x31, 0x4C, 0x30, 0x4A, 0xA0, 0x24, 0x80, 0x22, 0x00,
+ 0x4D, 0x00, 0x69, 0x00, 0x63, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x73, 0x00, 0x6F, 0x00, 0x66, 0x00,
+ 0x74, 0x00, 0x20, 0x00, 0x57, 0x00, 0x69, 0x00, 0x6E, 0x00, 0x64, 0x00, 0x6F, 0x00, 0x77, 0x00,
+ 0x73, 0xA1, 0x22, 0x80, 0x20, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x77, 0x77, 0x77, 0x2E,
+ 0x6D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x77, 0x69,
+ 0x6E, 0x64, 0x6F, 0x77, 0x73, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
+ 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x01, 0x00, 0xC0, 0x53, 0x19, 0xE7, 0x27, 0xE6, 0xD6, 0xD7,
+ 0xA8, 0xAE, 0xA0, 0xE6, 0x4C, 0xEF, 0x9A, 0xBC, 0x1D, 0x19, 0xD4, 0xC5, 0x7F, 0x7C, 0x71, 0xFF,
+ 0x14, 0x7C, 0xAD, 0x7A, 0x8F, 0x2D, 0x0F, 0x40, 0x38, 0x9B, 0x83, 0x09, 0xEE, 0xF5, 0x34, 0x92,
+ 0xB4, 0x85, 0x34, 0x7C, 0xBA, 0x9B, 0x58, 0x5D, 0xA6, 0x15, 0xDE, 0x99, 0xBF, 0x25, 0x89, 0xDB,
+ 0xC0, 0x3A, 0x98, 0x21, 0x1C, 0x25, 0x09, 0xBD, 0x41, 0xAA, 0x0F, 0x90, 0x6C, 0x62, 0xE9, 0xBD,
+ 0x1D, 0xDD, 0x7C, 0xA4, 0x1F, 0x19, 0x3F, 0xC8, 0x11, 0xF5, 0x1C, 0x9E, 0xEA, 0x2E, 0x1A, 0xCE,
+ 0x5A, 0x61, 0x8A, 0x77, 0xFA, 0x65, 0x1F, 0x03, 0xB4, 0x45, 0x02, 0x0F, 0xB4, 0x0E, 0xB9, 0x44,
+ 0xF6, 0x75, 0xF6, 0x67, 0x91, 0xAD, 0xFA, 0xF9, 0xC3, 0xFA, 0x63, 0x91, 0x58, 0xFE, 0x40, 0xDF,
+ 0x92, 0x6B, 0x59, 0x42, 0x44, 0x66, 0xD2, 0x88, 0x49, 0x59, 0x29, 0x1D, 0x6A, 0xF9, 0x93, 0x9B,
+ 0xD5, 0x38, 0x84, 0x96, 0xD7, 0xAF, 0xBA, 0xEC, 0x29, 0x8D, 0x06, 0x8C, 0x8B, 0xF4, 0xA1, 0x56,
+ 0x0F, 0x78, 0x3F, 0x35, 0xCB, 0x12, 0x8A, 0x85, 0xD5, 0x7C, 0xFC, 0x63, 0xDD, 0x72, 0xA1, 0x13,
+ 0xD3, 0x25, 0x4A, 0x59, 0x21, 0xD0, 0xC6, 0x47, 0x9F, 0x22, 0xF7, 0xF8, 0x32, 0xA2, 0x05, 0x2B,
+ 0x53, 0xC5, 0x96, 0x98, 0x0D, 0x39, 0x02, 0xAD, 0x85, 0xF7, 0x18, 0x73, 0x34, 0x12, 0x7F, 0x5A,
+ 0xCB, 0xE1, 0xA2, 0xFB, 0x4E, 0x25, 0x81, 0xF0, 0x9F, 0x7A, 0x79, 0xDB, 0x4F, 0x4B, 0x66, 0x44,
+ 0x30, 0x8E, 0x0D, 0x57, 0x23, 0xD3, 0x7F, 0x60, 0x87, 0xDE, 0xD0, 0x4C, 0x90, 0x90, 0x84, 0x64,
+ 0x70, 0xE8, 0x15, 0x65, 0xCA, 0x18, 0xF8, 0x9A, 0xB6, 0x0C, 0x24, 0xF5, 0xDF, 0xC3, 0x47, 0xE2,
+ 0x7C, 0xAD, 0x91, 0x70, 0x6D, 0xF8, 0x43, 0xE9, 0xA1, 0x82, 0x02, 0x1D, 0x30, 0x82, 0x02, 0x19,
+ 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x06, 0x31, 0x82, 0x02, 0x0A, 0x30,
+ 0x82, 0x02, 0x06, 0x02, 0x01, 0x01, 0x30, 0x81, 0x85, 0x30, 0x77, 0x31, 0x0B, 0x30, 0x09, 0x06,
+ 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04,
+ 0x08, 0x13, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30,
+ 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x52, 0x65, 0x64, 0x6D, 0x6F, 0x6E, 0x64, 0x31,
+ 0x1E, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x15, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73,
+ 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x6F, 0x72, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31,
+ 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73,
+ 0x6F, 0x66, 0x74, 0x20, 0x54, 0x69, 0x6D, 0x65, 0x2D, 0x53, 0x74, 0x61, 0x6D, 0x70, 0x20, 0x50,
+ 0x43, 0x41, 0x02, 0x0A, 0x61, 0x03, 0xDC, 0xF6, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0C, 0x30, 0x07,
+ 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0xA0, 0x5D, 0x30, 0x18, 0x06, 0x09, 0x2A, 0x86, 0x48,
+ 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x03, 0x31, 0x0B, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x07, 0x01, 0x30, 0x1C, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x05,
+ 0x31, 0x0F, 0x17, 0x0D, 0x30, 0x39, 0x30, 0x34, 0x32, 0x32, 0x30, 0x35, 0x35, 0x34, 0x33, 0x34,
+ 0x5A, 0x30, 0x23, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x04, 0x31, 0x16,
+ 0x04, 0x14, 0x74, 0xD7, 0x54, 0xA0, 0xC0, 0x9E, 0x62, 0xF0, 0xDD, 0x92, 0xDC, 0xD6, 0x96, 0x34,
+ 0xA1, 0x0B, 0xF0, 0xD5, 0xB5, 0x3A, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x01, 0x05, 0x05, 0x00, 0x04, 0x82, 0x01, 0x00, 0x8D, 0x16, 0xB5, 0xC8, 0x3D, 0xBC, 0x8A,
+ 0xB5, 0xC3, 0x23, 0xF3, 0x33, 0xB0, 0xFA, 0x75, 0xAD, 0xAC, 0x53, 0x0D, 0x5C, 0xF4, 0xD9, 0xBE,
+ 0x63, 0xEB, 0x0D, 0x6F, 0x69, 0x63, 0x91, 0xF8, 0x8E, 0x67, 0x03, 0xE1, 0xC6, 0x2E, 0xCD, 0x9C,
+ 0xEB, 0xDD, 0x9C, 0xCA, 0x65, 0x4A, 0xBB, 0xF2, 0xF4, 0x1C, 0x85, 0x44, 0xD6, 0x58, 0x70, 0x2E,
+ 0x3B, 0xFE, 0x97, 0xD0, 0xEC, 0x72, 0x77, 0x20, 0xA8, 0x20, 0xAC, 0xF0, 0xED, 0x86, 0xC4, 0xFF,
+ 0x3A, 0x3D, 0x40, 0xD9, 0xF6, 0xD5, 0x99, 0xBE, 0xCC, 0xD2, 0xD8, 0xBA, 0x71, 0x51, 0x60, 0xAA,
+ 0x72, 0x36, 0x13, 0x8B, 0x0A, 0xA9, 0xD6, 0xF5, 0x36, 0xE0, 0x44, 0x6B, 0xC1, 0x44, 0x42, 0x43,
+ 0x56, 0x1A, 0xD6, 0xF1, 0x5A, 0x98, 0xCC, 0xBA, 0xA9, 0x4C, 0xCF, 0xC9, 0x86, 0xC3, 0x5B, 0x1C,
+ 0xDF, 0x75, 0x22, 0x54, 0x6A, 0xF0, 0x18, 0x34, 0x0B, 0x29, 0xB0, 0x26, 0x07, 0x59, 0xB6, 0x52,
+ 0x7B, 0x69, 0x74, 0x11, 0x1B, 0xB8, 0x29, 0x19, 0x36, 0x0E, 0xB7, 0x65, 0xCB, 0x87, 0x09, 0x9E,
+ 0x03, 0x28, 0x6C, 0xDB, 0xA7, 0xFB, 0xDF, 0xC7, 0xF7, 0xCE, 0x0D, 0xC2, 0xBA, 0xEA, 0x3C, 0xE8,
+ 0x43, 0x1E, 0x7F, 0xF2, 0x64, 0xDA, 0x87, 0x89, 0xC0, 0xCD, 0x67, 0xE4, 0x84, 0x9B, 0xA7, 0x77,
+ 0xFA, 0x6C, 0x69, 0x19, 0x5B, 0xD1, 0xF7, 0xD9, 0x07, 0x91, 0x50, 0xDD, 0x98, 0x26, 0x10, 0xE3,
+ 0x2E, 0x39, 0x62, 0xF0, 0x56, 0xE9, 0xD9, 0x5C, 0x85, 0x67, 0x9B, 0x2F, 0xDE, 0xD1, 0x00, 0x45,
+ 0x0E, 0x99, 0x1F, 0xDF, 0x7E, 0xC9, 0x10, 0x56, 0xC7, 0x00, 0x6D, 0x5F, 0x23, 0x57, 0x12, 0x84,
+ 0xCD, 0xAC, 0x82, 0xAE, 0x39, 0x52, 0xA5, 0x19, 0x23, 0xA3, 0x6B, 0xE7, 0x49, 0x8F, 0x86, 0x74,
+ 0x46, 0x41, 0x2A, 0x0F, 0x3D, 0x29, 0xB7, 0xAE, 0x8C, 0x00
+ };
+
+//
+// Sample MSFT's root certificate for code signing.
+// A trusted certificate with self-signing, will be used to construct the certificate chains for
+// authority checking.
+//
+GLOBAL_REMOVE_IF_UNREFERENCED UINT8 MsftRootCert[] = {
+ 0x30, 0x82, 0x05, 0x99, 0x30, 0x82, 0x03, 0x81, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0x79,
+ 0xAD, 0x16, 0xA1, 0x4A, 0xA0, 0xA5, 0xAD, 0x4C, 0x73, 0x58, 0xF4, 0x07, 0x13, 0x2E, 0x65, 0x30,
+ 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x5F,
+ 0x31, 0x13, 0x30, 0x11, 0x06, 0x0A, 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19,
+ 0x16, 0x03, 0x63, 0x6F, 0x6D, 0x31, 0x19, 0x30, 0x17, 0x06, 0x0A, 0x09, 0x92, 0x26, 0x89, 0x93,
+ 0xF2, 0x2C, 0x64, 0x01, 0x19, 0x16, 0x09, 0x6D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74,
+ 0x31, 0x2D, 0x30, 0x2B, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x24, 0x4D, 0x69, 0x63, 0x72, 0x6F,
+ 0x73, 0x6F, 0x66, 0x74, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66,
+ 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x30,
+ 0x1E, 0x17, 0x0D, 0x30, 0x31, 0x30, 0x35, 0x30, 0x39, 0x32, 0x33, 0x31, 0x39, 0x32, 0x32, 0x5A,
+ 0x17, 0x0D, 0x32, 0x31, 0x30, 0x35, 0x30, 0x39, 0x32, 0x33, 0x32, 0x38, 0x31, 0x33, 0x5A, 0x30,
+ 0x5F, 0x31, 0x13, 0x30, 0x11, 0x06, 0x0A, 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01,
+ 0x19, 0x16, 0x03, 0x63, 0x6F, 0x6D, 0x31, 0x19, 0x30, 0x17, 0x06, 0x0A, 0x09, 0x92, 0x26, 0x89,
+ 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19, 0x16, 0x09, 0x6D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66,
+ 0x74, 0x31, 0x2D, 0x30, 0x2B, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x24, 0x4D, 0x69, 0x63, 0x72,
+ 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69,
+ 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79,
+ 0x30, 0x82, 0x02, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
+ 0x01, 0x05, 0x00, 0x03, 0x82, 0x02, 0x0F, 0x00, 0x30, 0x82, 0x02, 0x0A, 0x02, 0x82, 0x02, 0x01,
+ 0x00, 0xF3, 0x5D, 0xFA, 0x80, 0x67, 0xD4, 0x5A, 0xA7, 0xA9, 0x0C, 0x2C, 0x90, 0x20, 0xD0, 0x35,
+ 0x08, 0x3C, 0x75, 0x84, 0xCD, 0xB7, 0x07, 0x89, 0x9C, 0x89, 0xDA, 0xDE, 0xCE, 0xC3, 0x60, 0xFA,
+ 0x91, 0x68, 0x5A, 0x9E, 0x94, 0x71, 0x29, 0x18, 0x76, 0x7C, 0xC2, 0xE0, 0xC8, 0x25, 0x76, 0x94,
+ 0x0E, 0x58, 0xFA, 0x04, 0x34, 0x36, 0xE6, 0xDF, 0xAF, 0xF7, 0x80, 0xBA, 0xE9, 0x58, 0x0B, 0x2B,
+ 0x93, 0xE5, 0x9D, 0x05, 0xE3, 0x77, 0x22, 0x91, 0xF7, 0x34, 0x64, 0x3C, 0x22, 0x91, 0x1D, 0x5E,
+ 0xE1, 0x09, 0x90, 0xBC, 0x14, 0xFE, 0xFC, 0x75, 0x58, 0x19, 0xE1, 0x79, 0xB7, 0x07, 0x92, 0xA3,
+ 0xAE, 0x88, 0x59, 0x08, 0xD8, 0x9F, 0x07, 0xCA, 0x03, 0x58, 0xFC, 0x68, 0x29, 0x6D, 0x32, 0xD7,
+ 0xD2, 0xA8, 0xCB, 0x4B, 0xFC, 0xE1, 0x0B, 0x48, 0x32, 0x4F, 0xE6, 0xEB, 0xB8, 0xAD, 0x4F, 0xE4,
+ 0x5C, 0x6F, 0x13, 0x94, 0x99, 0xDB, 0x95, 0xD5, 0x75, 0xDB, 0xA8, 0x1A, 0xB7, 0x94, 0x91, 0xB4,
+ 0x77, 0x5B, 0xF5, 0x48, 0x0C, 0x8F, 0x6A, 0x79, 0x7D, 0x14, 0x70, 0x04, 0x7D, 0x6D, 0xAF, 0x90,
+ 0xF5, 0xDA, 0x70, 0xD8, 0x47, 0xB7, 0xBF, 0x9B, 0x2F, 0x6C, 0xE7, 0x05, 0xB7, 0xE1, 0x11, 0x60,
+ 0xAC, 0x79, 0x91, 0x14, 0x7C, 0xC5, 0xD6, 0xA6, 0xE4, 0xE1, 0x7E, 0xD5, 0xC3, 0x7E, 0xE5, 0x92,
+ 0xD2, 0x3C, 0x00, 0xB5, 0x36, 0x82, 0xDE, 0x79, 0xE1, 0x6D, 0xF3, 0xB5, 0x6E, 0xF8, 0x9F, 0x33,
+ 0xC9, 0xCB, 0x52, 0x7D, 0x73, 0x98, 0x36, 0xDB, 0x8B, 0xA1, 0x6B, 0xA2, 0x95, 0x97, 0x9B, 0xA3,
+ 0xDE, 0xC2, 0x4D, 0x26, 0xFF, 0x06, 0x96, 0x67, 0x25, 0x06, 0xC8, 0xE7, 0xAC, 0xE4, 0xEE, 0x12,
+ 0x33, 0x95, 0x31, 0x99, 0xC8, 0x35, 0x08, 0x4E, 0x34, 0xCA, 0x79, 0x53, 0xD5, 0xB5, 0xBE, 0x63,
+ 0x32, 0x59, 0x40, 0x36, 0xC0, 0xA5, 0x4E, 0x04, 0x4D, 0x3D, 0xDB, 0x5B, 0x07, 0x33, 0xE4, 0x58,
+ 0xBF, 0xEF, 0x3F, 0x53, 0x64, 0xD8, 0x42, 0x59, 0x35, 0x57, 0xFD, 0x0F, 0x45, 0x7C, 0x24, 0x04,
+ 0x4D, 0x9E, 0xD6, 0x38, 0x74, 0x11, 0x97, 0x22, 0x90, 0xCE, 0x68, 0x44, 0x74, 0x92, 0x6F, 0xD5,
+ 0x4B, 0x6F, 0xB0, 0x86, 0xE3, 0xC7, 0x36, 0x42, 0xA0, 0xD0, 0xFC, 0xC1, 0xC0, 0x5A, 0xF9, 0xA3,
+ 0x61, 0xB9, 0x30, 0x47, 0x71, 0x96, 0x0A, 0x16, 0xB0, 0x91, 0xC0, 0x42, 0x95, 0xEF, 0x10, 0x7F,
+ 0x28, 0x6A, 0xE3, 0x2A, 0x1F, 0xB1, 0xE4, 0xCD, 0x03, 0x3F, 0x77, 0x71, 0x04, 0xC7, 0x20, 0xFC,
+ 0x49, 0x0F, 0x1D, 0x45, 0x88, 0xA4, 0xD7, 0xCB, 0x7E, 0x88, 0xAD, 0x8E, 0x2D, 0xEC, 0x45, 0xDB,
+ 0xC4, 0x51, 0x04, 0xC9, 0x2A, 0xFC, 0xEC, 0x86, 0x9E, 0x9A, 0x11, 0x97, 0x5B, 0xDE, 0xCE, 0x53,
+ 0x88, 0xE6, 0xE2, 0xB7, 0xFD, 0xAC, 0x95, 0xC2, 0x28, 0x40, 0xDB, 0xEF, 0x04, 0x90, 0xDF, 0x81,
+ 0x33, 0x39, 0xD9, 0xB2, 0x45, 0xA5, 0x23, 0x87, 0x06, 0xA5, 0x55, 0x89, 0x31, 0xBB, 0x06, 0x2D,
+ 0x60, 0x0E, 0x41, 0x18, 0x7D, 0x1F, 0x2E, 0xB5, 0x97, 0xCB, 0x11, 0xEB, 0x15, 0xD5, 0x24, 0xA5,
+ 0x94, 0xEF, 0x15, 0x14, 0x89, 0xFD, 0x4B, 0x73, 0xFA, 0x32, 0x5B, 0xFC, 0xD1, 0x33, 0x00, 0xF9,
+ 0x59, 0x62, 0x70, 0x07, 0x32, 0xEA, 0x2E, 0xAB, 0x40, 0x2D, 0x7B, 0xCA, 0xDD, 0x21, 0x67, 0x1B,
+ 0x30, 0x99, 0x8F, 0x16, 0xAA, 0x23, 0xA8, 0x41, 0xD1, 0xB0, 0x6E, 0x11, 0x9B, 0x36, 0xC4, 0xDE,
+ 0x40, 0x74, 0x9C, 0xE1, 0x58, 0x65, 0xC1, 0x60, 0x1E, 0x7A, 0x5B, 0x38, 0xC8, 0x8F, 0xBB, 0x04,
+ 0x26, 0x7C, 0xD4, 0x16, 0x40, 0xE5, 0xB6, 0x6B, 0x6C, 0xAA, 0x86, 0xFD, 0x00, 0xBF, 0xCE, 0xC1,
+ 0x35, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x51, 0x30, 0x4F, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x1D,
+ 0x0F, 0x04, 0x04, 0x03, 0x02, 0x01, 0xC6, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x01, 0x01,
+ 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04,
+ 0x16, 0x04, 0x14, 0x0E, 0xAC, 0x82, 0x60, 0x40, 0x56, 0x27, 0x97, 0xE5, 0x25, 0x13, 0xFC, 0x2A,
+ 0xE1, 0x0A, 0x53, 0x95, 0x59, 0xE4, 0xA4, 0x30, 0x10, 0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01,
+ 0x82, 0x37, 0x15, 0x01, 0x04, 0x03, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48,
+ 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x02, 0x01, 0x00, 0xC5, 0x11, 0x4D,
+ 0x03, 0x3A, 0x60, 0xDD, 0x5D, 0x52, 0x11, 0x77, 0x8F, 0xB2, 0xBB, 0x36, 0xC8, 0xB2, 0x05, 0xBF,
+ 0xB4, 0xB7, 0xA8, 0xD8, 0x20, 0x9D, 0x5C, 0x13, 0x03, 0xB6, 0x1C, 0x22, 0xFA, 0x06, 0x13, 0x35,
+ 0xB6, 0xC8, 0x63, 0xD4, 0x9A, 0x47, 0x6F, 0x26, 0x57, 0xD2, 0x55, 0xF1, 0x04, 0xB1, 0x26, 0x5F,
+ 0xD6, 0xA9, 0x50, 0x68, 0xA0, 0xBC, 0xD2, 0xB8, 0x6E, 0xCC, 0xC3, 0xE9, 0xAC, 0xDF, 0x19, 0xCD,
+ 0x78, 0xAC, 0x59, 0x74, 0xAC, 0x66, 0x34, 0x36, 0xC4, 0x1B, 0x3E, 0x6C, 0x38, 0x4C, 0x33, 0x0E,
+ 0x30, 0x12, 0x0D, 0xA3, 0x26, 0xFE, 0x51, 0x53, 0x00, 0xFF, 0xAF, 0x5A, 0x4E, 0x84, 0x0D, 0x0F,
+ 0x1F, 0xE4, 0x6D, 0x05, 0x2E, 0x4E, 0x85, 0x4B, 0x8D, 0x6C, 0x33, 0x6F, 0x54, 0xD2, 0x64, 0xAB,
+ 0xBF, 0x50, 0xAF, 0x7D, 0x7A, 0x39, 0xA0, 0x37, 0xED, 0x63, 0x03, 0x0F, 0xFC, 0x13, 0x06, 0xCE,
+ 0x16, 0x36, 0xD4, 0x54, 0x3B, 0x95, 0x1B, 0x51, 0x62, 0x3A, 0xE5, 0x4D, 0x17, 0xD4, 0x05, 0x39,
+ 0x92, 0x9A, 0x27, 0xA8, 0x5B, 0xAA, 0xBD, 0xEC, 0xBB, 0xBE, 0xE3, 0x20, 0x89, 0x60, 0x71, 0x6C,
+ 0x56, 0xB3, 0xA5, 0x13, 0xD0, 0x6D, 0x0E, 0x23, 0x7E, 0x95, 0x03, 0xED, 0x68, 0x3D, 0xF2, 0xD8,
+ 0x63, 0xB8, 0x6B, 0x4D, 0xB6, 0xE8, 0x30, 0xB5, 0xE1, 0xCA, 0x94, 0x4B, 0xF7, 0xA2, 0xAA, 0x5D,
+ 0x99, 0x30, 0xB2, 0x3D, 0xA7, 0xC2, 0x51, 0x6C, 0x28, 0x20, 0x01, 0x24, 0x27, 0x2B, 0x4B, 0x00,
+ 0xB7, 0x9D, 0x11, 0x6B, 0x70, 0xBE, 0xB2, 0x10, 0x82, 0xBC, 0x0C, 0x9B, 0x68, 0xD0, 0x8D, 0x3B,
+ 0x24, 0x87, 0xAA, 0x99, 0x28, 0x72, 0x9D, 0x33, 0x5F, 0x59, 0x90, 0xBD, 0xF5, 0xDE, 0x93, 0x9E,
+ 0x3A, 0x62, 0x5A, 0x34, 0x39, 0xE2, 0x88, 0x55, 0x1D, 0xB9, 0x06, 0xB0, 0xC1, 0x89, 0x6B, 0x2D,
+ 0xD7, 0x69, 0xC3, 0x19, 0x12, 0x36, 0x84, 0xD0, 0xC9, 0xA0, 0xDA, 0xFF, 0x2F, 0x69, 0x78, 0xB2,
+ 0xE5, 0x7A, 0xDA, 0xEB, 0xD7, 0x0C, 0xC0, 0xF7, 0xBD, 0x63, 0x17, 0xB8, 0x39, 0x13, 0x38, 0xA2,
+ 0x36, 0x5B, 0x7B, 0xF2, 0x85, 0x56, 0x6A, 0x1D, 0x64, 0x62, 0xC1, 0x38, 0xE2, 0xAA, 0xBF, 0x51,
+ 0x66, 0xA2, 0x94, 0xF5, 0x12, 0x9C, 0x66, 0x22, 0x10, 0x6B, 0xF2, 0xB7, 0x30, 0x92, 0x2D, 0xF2,
+ 0x29, 0xF0, 0x3D, 0x3B, 0x14, 0x43, 0x68, 0xA2, 0xF1, 0x9C, 0x29, 0x37, 0xCB, 0xCE, 0x38, 0x20,
+ 0x25, 0x6D, 0x7C, 0x67, 0xF3, 0x7E, 0x24, 0x12, 0x24, 0x03, 0x08, 0x81, 0x47, 0xEC, 0xA5, 0x9E,
+ 0x97, 0xF5, 0x18, 0xD7, 0xCF, 0xBB, 0xD5, 0xEF, 0x76, 0x96, 0xEF, 0xFD, 0xCE, 0xDB, 0x56, 0x9D,
+ 0x95, 0xA0, 0x42, 0xF9, 0x97, 0x58, 0xE1, 0xD7, 0x31, 0x22, 0xD3, 0x5F, 0x59, 0xE6, 0x3E, 0x6E,
+ 0x22, 0x00, 0xEA, 0x43, 0x84, 0xB6, 0x25, 0xDB, 0xD9, 0xF3, 0x08, 0x56, 0x68, 0xC0, 0x64, 0x6B,
+ 0x1D, 0x7C, 0xEC, 0xB6, 0x93, 0xA2, 0x62, 0x57, 0x6E, 0x2E, 0xD8, 0xE7, 0x58, 0x8F, 0xC4, 0x31,
+ 0x49, 0x26, 0xDD, 0xDE, 0x29, 0x35, 0x87, 0xF5, 0x30, 0x71, 0x70, 0x5B, 0x14, 0x3C, 0x69, 0xBD,
+ 0x89, 0x12, 0x7D, 0xEB, 0x2E, 0xA3, 0xFE, 0xD8, 0x7F, 0x9E, 0x82, 0x5A, 0x52, 0x0A, 0x2B, 0xC1,
+ 0x43, 0x2B, 0xD9, 0x30, 0x88, 0x9F, 0xC8, 0x10, 0xFB, 0x89, 0x8D, 0xE6, 0xA1, 0x85, 0x75, 0x33,
+ 0x7E, 0x6C, 0x9E, 0xDB, 0x73, 0x13, 0x64, 0x62, 0x69, 0xA5, 0x2F, 0x7D, 0xCA, 0x96, 0x6D, 0x9F,
+ 0xF8, 0x04, 0x4D, 0x30, 0x92, 0x3D, 0x6E, 0x21, 0x14, 0x21, 0xC9, 0x3D, 0xE0, 0xC3, 0xFD, 0x8A,
+ 0x6B, 0x9D, 0x4A, 0xFD, 0xD1, 0xA1, 0x9D, 0x99, 0x43, 0x77, 0x3F, 0xB0, 0xDA
+};
+
+
+/**
+ Validate MSFT Authenticode using PKCS#7 Verification Interfaces.
+
+ @return EFI_SUCCESS Validation succeeds.
+
+**/
+BOOLEAN
+AuthenticodeVerify (
+ VOID
+ )
+{
+ UINT8 *SpcIndirectDataContent;
+ UINTN Size;
+ BOOLEAN Status;
+
+ //
+ // Construct SpcIndirectDataContent with the SHA-1 digest calculated from PE/COFF image
+ //
+ Size = sizeof (SpcIndirectDataContentwithSha1);
+ SpcIndirectDataContent = (UINT8 *)AllocatePool (Size);
+ CopyMem (SpcIndirectDataContent, SpcIndirectDataContentwithSha1, Size);
+ CopyMem (SpcIndirectDataContent + Size - SHA1_DIGEST_SIZE, PeHash, SHA1_DIGEST_SIZE);
+
+ //
+ // Verify Authenticode struct. SpcIndirectDataContent will be regarded as opaque data for
+ // PKCS#7 signed data verification.
+ //
+ Status = Pkcs7Verify (
+ Authenticode,
+ sizeof (Authenticode),
+ MsftRootCert,
+ sizeof (MsftRootCert),
+ SpcIndirectDataContent,
+ Size
+ );
+ FreePool (SpcIndirectDataContent);
+
+ return Status;
+}
diff --git a/CryptoPkg/Application/Cryptest/Cryptest.c b/CryptoPkg/Application/Cryptest/Cryptest.c
new file mode 100644
index 0000000000..6afe299d1e
--- /dev/null
+++ b/CryptoPkg/Application/Cryptest/Cryptest.c
@@ -0,0 +1,372 @@
+/** @file
+ Application for Cryptographic Primitives Validation.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Uefi.h>
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/UefiLib.h>
+#include <Library/UefiApplicationEntryPoint.h>
+#include <Library/DebugLib.h>
+
+#include <Library/BaseCryptLib.h>
+
+//
+// Max Known Digest Size is SHA512 Output (64 bytes) by far
+//
+#define MAX_DIGEST_SIZE 64
+
+//
+// Message string for digest validation
+//
+GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8 *HashData = "abc";
+
+//
+// Result for MD5("abc"). (From "A.5 Test suite" of IETF RFC1321)
+//
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Md5Digest[MD5_DIGEST_SIZE] = {
+ 0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0, 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72
+ };
+
+//
+// Result for SHA-1("abc"). (From "A.1 SHA-1 Example" of NIST FIPS 180-2)
+//
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Sha1Digest[SHA1_DIGEST_SIZE] = {
+ 0xa9, 0x99, 0x3e, 0x36, 0x47, 0x06, 0x81, 0x6a, 0xba, 0x3e, 0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c,
+ 0x9c, 0xd0, 0xd8, 0x9d
+ };
+
+//
+// Result for SHA-256("abc"). (From "B.1 SHA-256 Example" of NIST FIPS 180-2)
+//
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Sha256Digest[SHA256_DIGEST_SIZE] = {
+ 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
+ 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
+ };
+
+//
+// RSA PKCS#1 Validation Data from OpenSSL "Fips_rsa_selftest.c"
+//
+
+// Public Modulus of RSA Key
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaN[] = {
+ 0xBB, 0xF8, 0x2F, 0x09, 0x06, 0x82, 0xCE, 0x9C, 0x23, 0x38, 0xAC, 0x2B, 0x9D, 0xA8, 0x71, 0xF7,
+ 0x36, 0x8D, 0x07, 0xEE, 0xD4, 0x10, 0x43, 0xA4, 0x40, 0xD6, 0xB6, 0xF0, 0x74, 0x54, 0xF5, 0x1F,
+ 0xB8, 0xDF, 0xBA, 0xAF, 0x03, 0x5C, 0x02, 0xAB, 0x61, 0xEA, 0x48, 0xCE, 0xEB, 0x6F, 0xCD, 0x48,
+ 0x76, 0xED, 0x52, 0x0D, 0x60, 0xE1, 0xEC, 0x46, 0x19, 0x71, 0x9D, 0x8A, 0x5B, 0x8B, 0x80, 0x7F,
+ 0xAF, 0xB8, 0xE0, 0xA3, 0xDF, 0xC7, 0x37, 0x72, 0x3E, 0xE6, 0xB4, 0xB7, 0xD9, 0x3A, 0x25, 0x84,
+ 0xEE, 0x6A, 0x64, 0x9D, 0x06, 0x09, 0x53, 0x74, 0x88, 0x34, 0xB2, 0x45, 0x45, 0x98, 0x39, 0x4E,
+ 0xE0, 0xAA, 0xB1, 0x2D, 0x7B, 0x61, 0xA5, 0x1F, 0x52, 0x7A, 0x9A, 0x41, 0xF6, 0xC1, 0x68, 0x7F,
+ 0xE2, 0x53, 0x72, 0x98, 0xCA, 0x2A, 0x8F, 0x59, 0x46, 0xF8, 0xE5, 0xFD, 0x09, 0x1D, 0xBD, 0xCB
+ };
+
+// Public Exponent of RSA Key
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaE[] = { 0x11 };
+
+// Known Answer Test (KAT) Data for RSA PKCS#1 Signing
+GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8 RsaSignData[] = "OpenSSL FIPS 140-2 Public Key RSA KAT";
+
+// Known Signature for the above message, under SHA-1 Digest
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaPkcs1Signature[] = {
+ 0x71, 0xEE, 0x1A, 0xC0, 0xFE, 0x01, 0x93, 0x54, 0x79, 0x5C, 0xF2, 0x4C, 0x4A, 0xFD, 0x1A, 0x05,
+ 0x8F, 0x64, 0xB1, 0x6D, 0x61, 0x33, 0x8D, 0x9B, 0xE7, 0xFD, 0x60, 0xA3, 0x83, 0xB5, 0xA3, 0x51,
+ 0x55, 0x77, 0x90, 0xCF, 0xDC, 0x22, 0x37, 0x8E, 0xD0, 0xE1, 0xAE, 0x09, 0xE3, 0x3D, 0x1E, 0xF8,
+ 0x80, 0xD1, 0x8B, 0xC2, 0xEC, 0x0A, 0xD7, 0x6B, 0x88, 0x8B, 0x8B, 0xA1, 0x20, 0x22, 0xBE, 0x59,
+ 0x5B, 0xE0, 0x23, 0x24, 0xA1, 0x49, 0x30, 0xBA, 0xA9, 0x9E, 0xE8, 0xB1, 0x8A, 0x62, 0x16, 0xBF,
+ 0x4E, 0xCA, 0x2E, 0x4E, 0xBC, 0x29, 0xA8, 0x67, 0x13, 0xB7, 0x9F, 0x1D, 0x04, 0x44, 0xE5, 0x5F,
+ 0x35, 0x07, 0x11, 0xBC, 0xED, 0x19, 0x37, 0x21, 0xCF, 0x23, 0x48, 0x1F, 0x72, 0x05, 0xDE, 0xE6,
+ 0xE8, 0x7F, 0x33, 0x8A, 0x76, 0x4B, 0x2F, 0x95, 0xDF, 0xF1, 0x5F, 0x84, 0x80, 0xD9, 0x46, 0xB4
+ };
+
+/**
+ Validate MSFT Authenticode using PKCS#7 Verification Interfaces.
+
+ @return EFI_SUCCESS Validation succeeds.
+
+**/
+BOOLEAN
+AuthenticodeVerify (
+ VOID
+ );
+
+/**
+ Validate UEFI-OpenSSL Digest Interfaces.
+
+ @return EFI_SUCCESS Validation succeeded.
+
+**/
+EFI_STATUS
+ValidateCryptDigest (
+ VOID
+ )
+{
+ UINTN CtxSize;
+ VOID *HashCtx;
+ UINTN DataSize;
+ UINT8 Digest[MAX_DIGEST_SIZE];
+ UINTN Index;
+ BOOLEAN Status;
+
+ Print (L" UEFI-OpenSSL Hash Engine Testing (Hashing(\"abc\")): ");
+ DataSize = AsciiStrLen (HashData);
+
+ //
+ // MD5 Digest Validation
+ //
+ ZeroMem (Digest, MAX_DIGEST_SIZE);
+ CtxSize = Md5GetContextSize ();
+ HashCtx = AllocatePool (CtxSize);
+ Status = Md5Init (HashCtx);
+ Status = Md5Update (HashCtx, HashData, DataSize);
+ Status = Md5Final (HashCtx, Digest);
+ FreePool (HashCtx);
+ Print (L"\n - MD5 Digest: \n = 0x");
+ for (Index = 0; Index < MD5_DIGEST_SIZE; Index++) {
+ Print (L"%02x", Digest[Index]);
+ }
+ if (CompareMem (Digest, Md5Digest, MD5_DIGEST_SIZE) == 0) {
+ Print (L" [Pass]");
+ } else {
+ Print (L" [Failed]");
+ }
+
+ //
+ // SHA-1 Digest Validation
+ //
+ ZeroMem (Digest, MAX_DIGEST_SIZE);
+ CtxSize = Sha1GetContextSize ();
+ HashCtx = AllocatePool (CtxSize);
+ Status = Sha1Init (HashCtx);
+ Status = Sha1Update (HashCtx, HashData, DataSize);
+ Status = Sha1Final (HashCtx, Digest);
+ FreePool (HashCtx);
+ Print (L"\n - SHA-1 Digest: \n = 0x");
+ for (Index = 0; Index < SHA1_DIGEST_SIZE; Index++) {
+ Print (L"%02x", Digest[Index]);
+ }
+ if (CompareMem (Digest, Sha1Digest, SHA1_DIGEST_SIZE) == 0) {
+ Print (L" [Pass]");
+ } else {
+ Print (L" [Failed]");
+ }
+
+ //
+ // SHA256 Digest Validation
+ //
+ ZeroMem (Digest, MAX_DIGEST_SIZE);
+ CtxSize = Sha256GetContextSize ();
+ HashCtx = AllocatePool (CtxSize);
+ Status = Sha256Init (HashCtx);
+ Status = Sha256Update (HashCtx, HashData, DataSize);
+ Status = Sha256Final (HashCtx, Digest);
+ FreePool (HashCtx);
+ Print (L"\n - SHA-256 Digest: \n = 0x");
+ for (Index = 0; Index < SHA256_DIGEST_SIZE; Index++) {
+ Print (L"%02x", Digest[Index]);
+ }
+ if (CompareMem (Digest, Sha256Digest, SHA256_DIGEST_SIZE) == 0) {
+ Print (L" [Pass]");
+ } else {
+ Print (L" [Failed]");
+ }
+
+ Print (L"\n");
+
+ return EFI_SUCCESS;
+}
+
+
+/**
+ Validate UEFI-OpenSSL Message Authentication Codes Interfaces.
+
+ @return EFI_SUCCESS Validation succeeded.
+
+**/
+EFI_STATUS
+ValidateCryptHmac (
+ VOID
+ )
+{
+ Print (L"\n UEFI-OpenSSL HMAC Engine Testing: ");
+ Print (L"\n ==> No HMAC Support in Base Crypto Library!\n");
+
+ return EFI_SUCCESS;
+}
+
+
+/**
+ Validate UEFI-OpenSSL Block Ciphers (Symmetric Crypto) Interfaces.
+
+ @return EFI_SUCCESS Validation succeeded.
+
+**/
+EFI_STATUS
+ValidateCryptBlockCipher (
+ VOID
+ )
+{
+ Print (L"\n UEFI-OpenSSL Block Cipher Engine Testing: ");
+ Print (L"\n ==> No Block Cipher Support in Base Crypto Library!\n");
+
+ return EFI_SUCCESS;
+}
+
+
+/**
+ Validate UEFI-OpenSSL RSA Interfaces.
+
+ @return EFI_SUCCESS Validation succeeded.
+
+**/
+EFI_STATUS
+ValidateCryptRsa (
+ VOID
+ )
+{
+ VOID *Rsa;
+ UINT8 mHash[SHA1_DIGEST_SIZE];
+ UINTN HashSize;
+ UINTN CtxSize;
+ VOID *Sha1Ctx;
+ UINT8 *Signature;
+ UINTN SigSize;
+ BOOLEAN Status;
+
+ Print (L"\n UEFI-OpenSSL RSA Engine Testing: ");
+
+ //
+ // Generate & Initialize RSA Context
+ //
+ Rsa = RsaNew ();
+ Print (L"\n - Generate RSA Context .............. ");
+ if (Rsa != NULL) {
+ Print (L"[Pass]");
+ } else {
+ Print (L"[Failed]");
+ }
+
+ //
+ // Set RSA Key Components
+ // NOTE: Only N and E are needed to be set as RSA public key for signature verification
+ //
+ Print (L"\n - Set RSA Key Components ............ ");
+ Status = RsaSetKey (Rsa, RsaKeyN, RsaN, sizeof (RsaN));
+ Status = RsaSetKey (Rsa, RsaKeyE, RsaE, sizeof (RsaE));
+ if (Status) {
+ Print (L"[Pass]");
+ } else {
+ Print (L"[Failed]");
+ }
+
+ //
+ // SHA-1 Digest Message for PKCS#1 Signature
+ //
+ Print (L"\n - Hash Original Message ............. ");
+ HashSize = SHA1_DIGEST_SIZE;
+ ZeroMem (mHash, HashSize);
+ CtxSize = Sha1GetContextSize ();
+ Sha1Ctx = AllocatePool (CtxSize);
+ Status = Sha1Init (Sha1Ctx);
+ Status = Sha1Update (Sha1Ctx, RsaSignData, AsciiStrLen (RsaSignData));
+ Status = Sha1Final (Sha1Ctx, mHash);
+ FreePool (Sha1Ctx);
+ if (Status) {
+ Print (L"[Pass]");
+ } else {
+ Print (L"[Failed]");
+ }
+
+ //
+ // Verify RSA PKCS#1-encoded Signature
+ //
+ Print (L"\n - PKCS#1 Signature Verification ..... ");
+ SigSize = sizeof (RsaPkcs1Signature);
+ Signature = (UINT8 *)AllocatePool (SigSize);
+ CopyMem (Signature, RsaPkcs1Signature, SigSize);
+ Status = RsaPkcs1Verify (Rsa, mHash, HashSize, Signature, SigSize);
+ if (Status) {
+ Print (L"[Pass]");
+ } else {
+ Print (L"[Failed]");
+ }
+
+ //
+ // Release Resources
+ //
+ RsaFree (Rsa);
+ Print (L"\n - Release RSA Context ............... [Pass]");
+
+ Print (L"\n");
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Validate UEFI-OpenSSL PKCS#7 Verification Interfaces.
+
+ @return EFI_SUCCESS Validation succeeded.
+
+**/
+EFI_STATUS
+ValidateAuthenticode (
+ VOID
+ )
+{
+ Print (L"\n UEFI-OpenSSL PKCS#7-Signed-Data Testing: ");
+
+ Print (L"\n - Authenticode (PKCS#7 Signed Data) Verification ... ");
+
+ if (AuthenticodeVerify ()) {
+ Print (L"[Pass]");
+ } else {
+ Print (L"[Failed]");
+ }
+
+ Print (L"\n");
+
+ return EFI_SUCCESS;
+}
+
+
+/**
+ Entry Point of Cryptographic Validation Utility.
+
+ @param ImageHandle The image handle of the UEFI Application.
+ @param SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS The entry point is executed successfully.
+ @retval other Some error occurs when executing this entry point.
+
+**/
+EFI_STATUS
+EFIAPI
+CryptestMain (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+
+ Print (L"\nUEFI-OpenSSL Wrapper Cryptosystem Testing: \n");
+ Print (L"-------------------------------------------- \n");
+
+ Status = EFI_SUCCESS;
+ Status = ValidateCryptDigest ();
+ Status = ValidateCryptHmac ();
+ Status = ValidateCryptBlockCipher ();
+ Status = ValidateCryptRsa ();
+ Status = ValidateAuthenticode ();
+
+ return Status;
+}
diff --git a/CryptoPkg/Application/Cryptest/Cryptest.inf b/CryptoPkg/Application/Cryptest/Cryptest.inf
new file mode 100644
index 0000000000..85172944a8
--- /dev/null
+++ b/CryptoPkg/Application/Cryptest/Cryptest.inf
@@ -0,0 +1,47 @@
+## @file
+# UEFI Application for the Validation of cryptography library
+# (based on OpenSSL 0.9.8l).
+# This is a shell application that will test the crypto library.
+#
+# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = Cryptest
+ FILE_GUID = fb925ac7-192a-9567-8586-7c6f5f710607
+ MODULE_TYPE = UEFI_APPLICATION
+ VERSION_STRING = 1.0
+ ENTRY_POINT = CryptestMain
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF
+#
+
+[Sources]
+ Cryptest.c
+ AuthenticodeVerify.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+ UefiApplicationEntryPoint
+ UefiLib
+ BaseLib
+ UefiBootServicesTableLib
+ BaseMemoryLib
+ DebugLib
+ MemoryAllocationLib
+ BaseCryptLib
diff --git a/CryptoPkg/CryptRuntimeDxe/CryptRuntime.c b/CryptoPkg/CryptRuntimeDxe/CryptRuntime.c
new file mode 100644
index 0000000000..ff20da49e9
--- /dev/null
+++ b/CryptoPkg/CryptRuntimeDxe/CryptRuntime.c
@@ -0,0 +1,248 @@
+/** @file
+ Runtime Cryptographic Driver Implementation, which produce one crypto
+ protocol.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "CryptRuntime.h"
+
+//
+// The handle onto which the Runtime Crypt Protocol instance is installed
+//
+EFI_HANDLE mRuntimeCryptHandle = NULL;
+
+//
+// The Runtime Crypt Protocol instance produced by this driver
+//
+EFI_RUNTIME_CRYPT_PROTOCOL mRuntimeCryptProtocol = {
+ RuntimeCryptSha256GetContextSize,
+ RuntimeCryptSha256Init,
+ RuntimeCryptSha256Update,
+ RuntimeCryptSha256Final,
+ RuntimeCryptRsaNew,
+ RuntimeCryptRsaFree,
+ RuntimeCryptRsaSetKey,
+ RuntimeCryptRsaPkcs1Verify
+};
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-256 operations.
+
+ @return The size, in bytes, of the context buffer required for SHA-256 operations.
+
+**/
+UINTN
+EFIAPI
+RuntimeCryptSha256GetContextSize (
+ VOID
+ )
+{
+ return Sha256GetContextSize ();
+}
+
+/**
+ Initializes user-supplied memory pointed by Sha256Context as SHA-256 hash context for
+ subsequent use.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 Context being initialized.
+
+ @retval TRUE SHA-256 context initialization succeeded.
+ @retval FALSE SHA-256 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptSha256Init (
+ IN OUT VOID *Sha256Context
+ )
+{
+ return Sha256Init (Sha256Context);
+}
+
+/**
+ Performs SHA-256 digest on a data buffer of the specified length. This function can
+ be called multiple times to compute the digest of long or discontinuous data streams.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to the SHA-256 context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataLength Length of Data buffer in bytes.
+
+ @retval TRUE SHA-256 data digest succeeded.
+ @retval FALSE Invalid SHA-256 context. After Sha256Final function has been called, the
+ SHA-256 context cannot be reused.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptSha256Update (
+ IN OUT VOID *Sha256Context,
+ IN CONST VOID *Data,
+ IN UINTN DataLength
+ )
+{
+ return Sha256Update (Sha256Context, Data, DataLength);
+}
+
+/**
+ Completes SHA-256 hash computation and retrieves the digest value into the specified
+ memory. After this function has been called, the SHA-256 context cannot be used again.
+
+ If Sha256Context is NULL, then ASSERT().
+ If HashValue is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 context
+ @param[out] HashValue Pointer to a buffer that receives the SHA-256 digest
+ value (32 bytes).
+
+ @retval TRUE SHA-256 digest computation succeeded.
+ @retval FALSE SHA-256 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptSha256Final (
+ IN OUT VOID *Sha256Context,
+ OUT UINT8 *HashValue
+ )
+{
+ return Sha256Final (Sha256Context, HashValue);
+}
+
+/**
+ Allocates and Initializes one RSA Context for subsequent use.
+
+ @return Pointer to the RSA Context that has been initialized.
+ If the allocations fails, RsaNew() returns NULL.
+
+**/
+VOID *
+EFIAPI
+RuntimeCryptRsaNew (
+ VOID
+ )
+{
+ return RsaNew ();
+}
+
+/**
+ Release the specified RSA Context.
+
+ @param[in] RsaContext Pointer to the RSA context to be released.
+
+**/
+VOID
+EFIAPI
+RuntimeCryptRsaFree (
+ IN VOID *RsaContext
+ )
+{
+ RsaFree (RsaContext);
+}
+
+/**
+ Sets the tag-designated RSA key component into the established RSA context from
+ the user-specified nonnegative integer (octet string format represented in RSA
+ PKCS#1).
+
+ If RsaContext is NULL, then ASSERT().
+
+ @param[in, out] RsaContext Pointer to RSA context being set.
+ @param[in] KeyTag Tag of RSA key component being set.
+ @param[in] BigNumber Pointer to octet integer buffer.
+ @param[in] BnLength Length of big number buffer in bytes.
+
+ @return TRUE RSA key component was set successfully.
+ @return FALSE Invalid RSA key component tag.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptRsaSetKey (
+ IN OUT VOID *RsaContext,
+ IN RSA_KEY_TAG KeyTag,
+ IN CONST UINT8 *BigNumber,
+ IN UINTN BnLength
+ )
+{
+ return RsaSetKey (RsaContext, KeyTag, BigNumber, BnLength);
+}
+
+/**
+ Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in
+ RSA PKCS#1.
+
+ If RsaContext is NULL, then ASSERT().
+ If MessageHash is NULL, then ASSERT().
+ If Signature is NULL, then ASSERT().
+ If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, then ASSERT().
+
+ @param[in] RsaContext Pointer to RSA context for signature verification.
+ @param[in] MessageHash Pointer to octet message hash to be checked.
+ @param[in] HashLength Length of the message hash in bytes.
+ @param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verified.
+ @param[in] SigLength Length of signature in bytes.
+
+ @return TRUE Valid signature encoded in PKCS1-v1_5.
+ @return FALSE Invalid signature or invalid RSA context.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptRsaPkcs1Verify (
+ IN VOID *RsaContext,
+ IN CONST UINT8 *MessageHash,
+ IN UINTN HashLength,
+ IN UINT8 *Signature,
+ IN UINTN SigLength
+ )
+{
+ return RsaPkcs1Verify (RsaContext, MessageHash, HashLength, Signature, SigLength);
+}
+
+/**
+ Entry Point for Runtime Cryptographic Driver.
+
+ This function installs Runtime Crypt Protocol.
+
+ @param ImageHandle Image handle of this driver.
+ @param SystemTable a Pointer to the EFI System Table.
+
+ @retval EFI_SUCEESS Runtime Crypt Protocol is successfully installed
+ @return Others Some error occurs when installing Runtime Crypt Protocol.
+
+**/
+EFI_STATUS
+EFIAPI
+CryptRuntimeDriverInitialize (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+
+ //
+ // Install the Runtime Crypt Protocol onto a new handle
+ //
+ Status = gBS->InstallMultipleProtocolInterfaces (
+ &mRuntimeCryptHandle,
+ &gEfiRuntimeCryptProtocolGuid,
+ &mRuntimeCryptProtocol,
+ NULL
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ return Status;
+}
diff --git a/CryptoPkg/CryptRuntimeDxe/CryptRuntime.h b/CryptoPkg/CryptRuntimeDxe/CryptRuntime.h
new file mode 100644
index 0000000000..312d7b49e1
--- /dev/null
+++ b/CryptoPkg/CryptRuntimeDxe/CryptRuntime.h
@@ -0,0 +1,186 @@
+/** @file
+ Header file of Runtime Cryptographic Driver.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef _CRYPT_RUNTIME_H_
+#define _CRYPT_RUNTIME_H_
+
+#include <Uefi.h>
+
+#include <Protocol/RuntimeCrypt.h>
+
+#include <Library/DebugLib.h>
+#include <Library/UefiDriverEntryPoint.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/BaseCryptLib.h>
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-256 operations.
+
+ @return The size, in bytes, of the context buffer required for SHA-256 operations.
+
+**/
+UINTN
+EFIAPI
+RuntimeCryptSha256GetContextSize (
+ VOID
+ );
+
+
+/**
+ Initializes user-supplied memory pointed by Sha256Context as SHA-256 hash context for
+ subsequent use.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 Context being initialized.
+
+ @retval TRUE SHA-256 context initialization succeeded.
+ @retval FALSE SHA-256 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptSha256Init (
+ IN OUT VOID *Sha256Context
+ );
+
+
+/**
+ Performs SHA-256 digest on a data buffer of the specified length. This function can
+ be called multiple times to compute the digest of long or discontinuous data streams.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to the SHA-256 context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataLength Length of Data buffer in bytes.
+
+ @retval TRUE SHA-256 data digest succeeded.
+ @retval FALSE Invalid SHA-256 context. After Sha256Final function has been called, the
+ SHA-256 context cannot be reused.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptSha256Update (
+ IN OUT VOID *Sha256Context,
+ IN CONST VOID *Data,
+ IN UINTN DataLength
+ );
+
+
+/**
+ Completes SHA-256 hash computation and retrieves the digest value into the specified
+ memory. After this function has been called, the SHA-256 context cannot be used again.
+
+ If Sha256Context is NULL, then ASSERT().
+ If HashValue is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 context
+ @param[out] HashValue Pointer to a buffer that receives the SHA-256 digest
+ value (32 bytes).
+
+ @retval TRUE SHA-256 digest computation succeeded.
+ @retval FALSE SHA-256 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptSha256Final (
+ IN OUT VOID *Sha256Context,
+ OUT UINT8 *HashValue
+ );
+
+/**
+ Allocates and Initializes one RSA Context for subsequent use.
+
+ @return Pointer to the RSA Context that has been initialized.
+ If the allocations fails, RsaNew() returns NULL.
+
+**/
+VOID *
+EFIAPI
+RuntimeCryptRsaNew (
+ VOID
+ );
+
+
+/**
+ Release the specified RSA Context.
+
+ @param[in] RsaContext Pointer to the RSA context to be released.
+
+**/
+VOID
+EFIAPI
+RuntimeCryptRsaFree (
+ IN VOID *RsaContext
+ );
+
+/**
+ Sets the tag-designated RSA key component into the established RSA context from
+ the user-specified nonnegative integer (octet string format represented in RSA
+ PKCS#1).
+
+ If RsaContext is NULL, then ASSERT().
+
+ @param[in, out] RsaContext Pointer to RSA context being set.
+ @param[in] KeyTag Tag of RSA key component being set.
+ @param[in] BigNumber Pointer to octet integer buffer.
+ @param[in] BnLength Length of big number buffer in bytes.
+
+ @return TRUE RSA key component was set successfully.
+ @return FALSE Invalid RSA key component tag.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptRsaSetKey (
+ IN OUT VOID *RsaContext,
+ IN RSA_KEY_TAG KeyTag,
+ IN CONST UINT8 *BigNumber,
+ IN UINTN BnLength
+ );
+
+
+/**
+ Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in
+ RSA PKCS#1.
+
+ If RsaContext is NULL, then ASSERT().
+ If MessageHash is NULL, then ASSERT().
+ If Signature is NULL, then ASSERT().
+ If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, then ASSERT().
+
+ @param[in] RsaContext Pointer to RSA context for signature verification.
+ @param[in] MessageHash Pointer to octet message hash to be checked.
+ @param[in] HashLength Length of the message hash in bytes.
+ @param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verified.
+ @param[in] SigLength Length of signature in bytes.
+
+ @return TRUE Valid signature encoded in PKCS1-v1_5.
+ @return FALSE Invalid signature or invalid RSA context.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptRsaPkcs1Verify (
+ IN VOID *RsaContext,
+ IN CONST UINT8 *MessageHash,
+ IN UINTN HashLength,
+ IN UINT8 *Signature,
+ IN UINTN SigLength
+ );
+
+#endif
diff --git a/CryptoPkg/CryptRuntimeDxe/CryptRuntimeDxe.inf b/CryptoPkg/CryptRuntimeDxe/CryptRuntimeDxe.inf
new file mode 100644
index 0000000000..7625c40050
--- /dev/null
+++ b/CryptoPkg/CryptRuntimeDxe/CryptRuntimeDxe.inf
@@ -0,0 +1,49 @@
+## @file
+# Component description file for Cryptographic Runtime Driver.
+#
+# Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = CryptRuntimeDxe
+ FILE_GUID = 858031F3-96A2-406E-ABCC-ED264A3A31D6
+ MODULE_TYPE = DXE_RUNTIME_DRIVER
+ VERSION_STRING = 1.0
+
+ ENTRY_POINT = CryptRuntimeDriverInitialize
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF
+#
+
+[Sources]
+ CryptRuntime.h
+ CryptRuntime.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+ UefiDriverEntryPoint
+ UefiBootServicesTableLib
+ DebugLib
+ UefiRuntimeLib
+ BaseCryptLib
+
+[Protocols]
+ gEfiRuntimeCryptProtocolGuid ## PRODUCES
+
+[Depex]
+ TRUE
diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec
new file mode 100644
index 0000000000..d1adfd8281
--- /dev/null
+++ b/CryptoPkg/CryptoPkg.dec
@@ -0,0 +1,39 @@
+## @file
+# Package for cryptography modules.
+#
+# This Package provides cryptographic-related libraries for UEFI
+# security modules.
+#
+# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+################################################################################
+#
+# Defines Section - statements that will be processed to create a Makefile.
+#
+################################################################################
+[Defines]
+ DEC_SPECIFICATION = 0x00010005
+ PACKAGE_NAME = CryptoPkg
+ PACKAGE_GUID = 36470E80-36F2-4ba0-8CC8-937C7D9FF888
+ PACKAGE_VERSION = 0.91
+
+[Includes]
+ Include
+
+[LibraryClasses]
+ ## @libraryclass Provides basic library functions for cryptographic primitives.
+ ##
+ BaseCryptLib|Include/Library/BaseCryptLib.h
+
+[Protocols]
+ ## Include/Protocol/RuntimeCrypt.h
+ gEfiRuntimeCryptProtocolGuid = { 0xe1475e0c, 0x1746, 0x4802, {0x86, 0x2e, 0x1, 0x1c, 0x2c, 0x2d, 0x9d, 0x86 }}
diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc
new file mode 100644
index 0000000000..c5a7d4a549
--- /dev/null
+++ b/CryptoPkg/CryptoPkg.dsc
@@ -0,0 +1,123 @@
+## @file
+# Cryptographic Library Package for UEFI Security Implementation.
+#
+# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+################################################################################
+#
+# Defines Section - statements that will be processed to create a Makefile.
+#
+################################################################################
+[Defines]
+ PLATFORM_NAME = CryptoPkg
+ PLATFORM_GUID = E1063286-6C8C-4c25-AEF0-67A9A5B6E6B6
+ PLATFORM_VERSION = 0.91
+ DSC_SPECIFICATION = 0x00010005
+ OUTPUT_DIRECTORY = Build/CryptoPkg
+ SUPPORTED_ARCHITECTURES = IA32|X64|IPF|EBC
+ BUILD_TARGETS = DEBUG|RELEASE
+ SKUID_IDENTIFIER = DEFAULT
+
+################################################################################
+#
+# Library Class section - list of all Library Classes needed by this Platform.
+#
+################################################################################
+[LibraryClasses]
+ BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
+ BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
+ MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
+ DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf
+ PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
+ UefiLib|MdePkg/Library/UefiLib/UefiLib.inf
+ DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
+ UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf
+ UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf
+ UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf
+ UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf
+ UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf
+
+ IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+ OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+
+[LibraryClasses.common.PEIM]
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+
+[LibraryClasses.common.DXE_DRIVER]
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+
+[LibraryClasses.common.DXE_RUNTIME_DRIVER]
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+
+[LibraryClasses.common.DXE_SAL_DRIVER]
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/BaseCryptLibRuntimeCryptProtocol.inf
+
+[LibraryClasses.common.UEFI_DRIVER]
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+
+[LibraryClasses.common.UEFI_APPLICATION]
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+
+################################################################################
+#
+# Pcd Section - list of all EDK II PCD Entries defined by this Platform
+#
+################################################################################
+[PcdsFeatureFlag]
+ gEfiMdePkgTokenSpaceGuid.PcdComponentNameDisable|FALSE
+ gEfiMdePkgTokenSpaceGuid.PcdDriverDiagnosticsDisable|FALSE
+ gEfiMdePkgTokenSpaceGuid.PcdComponentName2Disable|TRUE
+ gEfiMdePkgTokenSpaceGuid.PcdDriverDiagnostics2Disable|TRUE
+
+[PcdsFixedAtBuild]
+ gEfiMdePkgTokenSpaceGuid.PcdMaximumUnicodeStringLength|1000000
+ gEfiMdePkgTokenSpaceGuid.PcdMaximumAsciiStringLength|1000000
+ gEfiMdePkgTokenSpaceGuid.PcdMaximumLinkedListLength|1000000
+
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x0f
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000000
+ gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x06
+ gEfiMdePkgTokenSpaceGuid.PcdDebugClearMemoryValue|0xAF
+ gEfiMdePkgTokenSpaceGuid.PcdPerformanceLibraryPropertyMask|0
+ gEfiMdePkgTokenSpaceGuid.PcdPostCodePropertyMask|0
+ gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|320
+
+###################################################################################################
+#
+# Components Section - list of the modules and components that will be processed by compilation
+# tools and the EDK II tools to generate PE32/PE32+/Coff image files.
+#
+# Note: The EDK II DSC file is not used to specify how compiled binary images get placed
+# into firmware volume images. This section is just a list of modules to compile from
+# source into UEFI-compliant binaries.
+# It is the FDF file that contains information on combining binary files into firmware
+# volume images, whose concept is beyond UEFI and is described in PI specification.
+# Binary modules do not need to be listed in this section, as they should be
+# specified in the FDF file. For example: Shell binary (Shell_Full.efi), FAT binary (Fat.efi),
+# Logo (Logo.bmp), and etc.
+# There may also be modules listed in this section that are not required in the FDF file,
+# When a module listed here is excluded from FDF file, then UEFI-compliant binary will be
+# generated for it, but the binary will not be put into any firmware volume.
+#
+###################################################################################################
+[Components]
+ CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+ CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+ CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+
+ CryptoPkg/Application/Cryptest/Cryptest.inf
+
+ CryptoPkg/CryptRuntimeDxe/CryptRuntimeDxe.inf
+
+[Components.IPF]
+ CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/BaseCryptLibRuntimeCryptProtocol.inf
diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h
new file mode 100644
index 0000000000..556026e1be
--- /dev/null
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -0,0 +1,425 @@
+/** @file
+ Defines base cryptographic library APIs.
+ The Base Cryptographic Library provides implementations of basic cryptography
+ primitives (MD5, SHA-1, SHA-256, RSA, etc) for UEFI security functionality enabling.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef __BASE_CRYPT_LIB_H__
+#define __BASE_CRYPT_LIB_H__
+
+///
+/// MD5 digest size in bytes
+///
+#define MD5_DIGEST_SIZE 16
+
+///
+/// SHA-1 digest size in bytes.
+///
+#define SHA1_DIGEST_SIZE 20
+
+///
+/// SHA-256 digest size in bytes
+///
+#define SHA256_DIGEST_SIZE 32
+
+///
+/// RSA Key Tags Definition used in RsaSetKey() function for key component identification.
+///
+typedef enum {
+ RsaKeyN, ///< RSA public Modulus (N)
+ RsaKeyE, ///< RSA Public exponent (e)
+ RsaKeyD, ///< RSA Private exponent (d)
+ RsaKeyP, ///< RSA secret prime factor of Modulus (p)
+ RsaKeyQ, ///< RSA secret prime factor of Modules (q)
+ RsaKeyDp, ///< p's CRT exponent (== d mod (p - 1))
+ RsaKeyDq, ///< q's CRT exponent (== d mod (q - 1))
+ RsaKeyQInv ///< The CRT coefficient (== 1/q mod p)
+} RSA_KEY_TAG;
+
+//=====================================================================================
+// One-Way Cryptographic Hash Primitives
+//=====================================================================================
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
+
+ @return The size, in bytes, of the context buffer required for MD5 hash operations.
+
+**/
+UINTN
+EFIAPI
+Md5GetContextSize (
+ VOID
+ );
+
+
+/**
+ Initializes user-supplied memory pointed by Md5Context as MD5 hash context for
+ subsequent use.
+
+ If Md5Context is NULL, then ASSERT().
+
+ @param[in, out] Md5Context Pointer to MD5 Context being initialized.
+
+ @retval TRUE MD5 context initialization succeeded.
+ @retval FALSE MD5 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+Md5Init (
+ IN OUT VOID *Md5Context
+ );
+
+
+/**
+ Performs MD5 digest on a data buffer of the specified length. This function can
+ be called multiple times to compute the digest of long or discontinuous data streams.
+
+ If Md5Context is NULL, then ASSERT().
+
+ @param[in, out] Md5Context Pointer to the MD5 context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataLength Length of Data buffer in bytes.
+
+ @retval TRUE MD5 data digest succeeded.
+ @retval FALSE Invalid MD5 context. After Md5Final function has been called, the
+ MD5 context cannot be reused.
+
+**/
+BOOLEAN
+EFIAPI
+Md5Update (
+ IN OUT VOID *Md5Context,
+ IN CONST VOID *Data,
+ IN UINTN DataLength
+ );
+
+
+/**
+ Completes MD5 hash computation and retrieves the digest value into the specified
+ memory. After this function has been called, the MD5 context cannot be used again.
+
+ If Md5Context is NULL, then ASSERT().
+ If HashValue is NULL, then ASSERT().
+
+ @param[in, out] Md5Context Pointer to the MD5 context
+ @param[out] HashValue Pointer to a buffer that receives the MD5 digest
+ value (16 bytes).
+
+ @retval TRUE MD5 digest computation succeeded.
+ @retval FALSE MD5 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+Md5Final (
+ IN OUT VOID *Md5Context,
+ OUT UINT8 *HashValue
+ );
+
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
+
+ @return The size, in bytes, of the context buffer required for SHA-1 hash operations.
+
+**/
+UINTN
+EFIAPI
+Sha1GetContextSize (
+ VOID
+ );
+
+
+/**
+ Initializes user-supplied memory pointed by Sha1Context as the SHA-1 hash context for
+ subsequent use.
+
+ If Sha1Context is NULL, then ASSERT().
+
+ @param[in, out] Sha1Context Pointer to the SHA-1 Context being initialized.
+
+ @retval TRUE SHA-1 initialization succeeded.
+ @retval FALSE SHA-1 initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha1Init (
+ IN OUT VOID *Sha1Context
+ );
+
+
+/**
+ Performs SHA-1 digest on a data buffer of the specified length. This function can
+ be called multiple times to compute the digest of long or discontinuous data streams.
+
+ If Sha1Context is NULL, then ASSERT().
+
+ @param[in, out] Sha1Context Pointer to the SHA-1 context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataLength Length of Data buffer in bytes.
+
+ @retval TRUE SHA-1 data digest succeeded.
+ @retval FALSE Invalid SHA-1 context. After Sha1Final function has been called, the
+ SHA-1 context cannot be reused.
+
+**/
+BOOLEAN
+EFIAPI
+Sha1Update (
+ IN OUT VOID *Sha1Context,
+ IN CONST VOID *Data,
+ IN UINTN DataLength
+ );
+
+
+/**
+ Completes SHA-1 hash computation and retrieves the digest value into the specified
+ memory. After this function has been called, the SHA-1 context cannot be used again.
+
+ If Sha1Context is NULL, then ASSERT().
+ If HashValue is NULL, then ASSERT().
+
+ @param[in, out] Sha1Context Pointer to the SHA-1 context
+ @param[out] HashValue Pointer to a buffer that receives the SHA-1 digest
+ value (20 bytes).
+
+ @retval TRUE SHA-1 digest computation succeeded.
+ @retval FALSE SHA-1 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha1Final (
+ IN OUT VOID *Sha1Context,
+ OUT UINT8 *HashValue
+ );
+
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-256 operations.
+
+ @return The size, in bytes, of the context buffer required for SHA-256 operations.
+
+**/
+UINTN
+EFIAPI
+Sha256GetContextSize (
+ VOID
+ );
+
+
+/**
+ Initializes user-supplied memory pointed by Sha256Context as SHA-256 hash context for
+ subsequent use.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 Context being initialized.
+
+ @retval TRUE SHA-256 context initialization succeeded.
+ @retval FALSE SHA-256 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha256Init (
+ IN OUT VOID *Sha256Context
+ );
+
+
+/**
+ Performs SHA-256 digest on a data buffer of the specified length. This function can
+ be called multiple times to compute the digest of long or discontinuous data streams.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to the SHA-256 context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataLength Length of Data buffer in bytes.
+
+ @retval TRUE SHA-256 data digest succeeded.
+ @retval FALSE Invalid SHA-256 context. After Sha256Final function has been called, the
+ SHA-256 context cannot be reused.
+
+**/
+BOOLEAN
+EFIAPI
+Sha256Update (
+ IN OUT VOID *Sha256Context,
+ IN CONST VOID *Data,
+ IN UINTN DataLength
+ );
+
+
+/**
+ Completes SHA-256 hash computation and retrieves the digest value into the specified
+ memory. After this function has been called, the SHA-256 context cannot be used again.
+
+ If Sha256Context is NULL, then ASSERT().
+ If HashValue is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 context
+ @param[out] HashValue Pointer to a buffer that receives the SHA-256 digest
+ value (32 bytes).
+
+ @retval TRUE SHA-256 digest computation succeeded.
+ @retval FALSE SHA-256 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha256Final (
+ IN OUT VOID *Sha256Context,
+ OUT UINT8 *HashValue
+ );
+
+
+//=====================================================================================
+// MAC (Message Authentication Code) Primitive
+//=====================================================================================
+
+///
+/// No MAC supports for minimum scope required by UEFI
+///
+
+
+//=====================================================================================
+// Symmetric Cryptography Primitive
+//=====================================================================================
+
+///
+/// No symmetric cryptographic supports for minimum scope required by UEFI
+///
+
+
+//=====================================================================================
+// Asymmetric Cryptography Primitive
+//=====================================================================================
+
+/**
+ Allocates and Initializes one RSA Context for subsequent use.
+
+ @return Pointer to the RSA Context that has been initialized.
+ If the allocations fails, RsaNew() returns NULL.
+
+**/
+VOID *
+EFIAPI
+RsaNew (
+ VOID
+ );
+
+
+/**
+ Release the specified RSA Context.
+
+ @param[in] RsaContext Pointer to the RSA context to be released.
+
+**/
+VOID
+EFIAPI
+RsaFree (
+ IN VOID *RsaContext
+ );
+
+
+/**
+ Sets the tag-designated RSA key component into the established RSA context from
+ the user-specified nonnegative integer (octet string format represented in RSA
+ PKCS#1).
+
+ If RsaContext is NULL, then ASSERT().
+
+ @param[in, out] RsaContext Pointer to RSA context being set.
+ @param[in] KeyTag Tag of RSA key component being set.
+ @param[in] BigNumber Pointer to octet integer buffer.
+ @param[in] BnLength Length of big number buffer in bytes.
+
+ @return TRUE RSA key component was set successfully.
+ @return FALSE Invalid RSA key component tag.
+
+**/
+BOOLEAN
+EFIAPI
+RsaSetKey (
+ IN OUT VOID *RsaContext,
+ IN RSA_KEY_TAG KeyTag,
+ IN CONST UINT8 *BigNumber,
+ IN UINTN BnLength
+ );
+
+
+/**
+ Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in
+ RSA PKCS#1.
+
+ If RsaContext is NULL, then ASSERT().
+ If MessageHash is NULL, then ASSERT().
+ If Signature is NULL, then ASSERT().
+ If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, then ASSERT().
+
+ @param[in] RsaContext Pointer to RSA context for signature verification.
+ @param[in] MessageHash Pointer to octet message hash to be checked.
+ @param[in] HashLength Length of the message hash in bytes.
+ @param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verified.
+ @param[in] SigLength Length of signature in bytes.
+
+ @return TRUE Valid signature encoded in PKCS1-v1_5.
+ @return FALSE Invalid signature or invalid RSA context.
+
+**/
+BOOLEAN
+EFIAPI
+RsaPkcs1Verify (
+ IN VOID *RsaContext,
+ IN CONST UINT8 *MessageHash,
+ IN UINTN HashLength,
+ IN UINT8 *Signature,
+ IN UINTN SigLength
+ );
+
+
+/**
+ Verifies the validility of a PKCS#7 signed data as described in "PKCS #7: Cryptographic
+ Message Syntax Standard".
+
+ If P7Data is NULL, then ASSERT().
+
+ @param[in] P7Data Pointer to the PKCS#7 message to verify.
+ @param[in] P7Length Length of the PKCS#7 message in bytes.
+ @param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which
+ is used for certificate chain verification.
+ @param[in] CertLength Length of the trusted certificate in bytes.
+ @param[in] InData Pointer to the content to be verified.
+ @param[in] DataLength Length of InData in bytes.
+
+ @return TRUE The specified PKCS#7 signed data is valid.
+ @return FALSE Invalid PKCS#7 signed data.
+
+**/
+BOOLEAN
+EFIAPI
+Pkcs7Verify (
+ IN CONST UINT8 *P7Data,
+ IN UINTN P7Length,
+ IN CONST UINT8 *TrustedCert,
+ IN UINTN CertLength,
+ IN CONST UINT8 *InData,
+ IN UINTN DataLength
+ );
+
+
+#endif // __BASE_CRYPT_LIB_H__
diff --git a/CryptoPkg/Include/OpenSslSupport.h b/CryptoPkg/Include/OpenSslSupport.h
new file mode 100644
index 0000000000..1c51cdb302
--- /dev/null
+++ b/CryptoPkg/Include/OpenSslSupport.h
@@ -0,0 +1,238 @@
+/** @file
+ Root include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef __OPEN_SSL_SUPPORT_H__
+#define __OPEN_SSL_SUPPORT_H__
+
+#include <Base.h>
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/DebugLib.h>
+
+//
+// File operations are not required for building Open SSL,
+// so FILE is mapped to VOID * to pass build
+//
+typedef VOID *FILE;
+
+//
+// Map all va_xxxx elements to VA_xxx defined in MdePkg/Include/Base.h
+//
+#define va_list VA_LIST
+#define va_arg VA_ARG
+#define va_start VA_START
+#define va_end VA_END
+
+//
+// #defines from EFI Application Toolkit required to buiild Open SSL
+//
+#define ENOMEM 12 /* Cannot allocate memory */
+#define EINVAL 22 /* Invalid argument */
+#define BUFSIZ 1024 /* size of buffer used by setbuf */
+#define INT_MAX 2147483647 /* max value for an int */
+#define INT_MIN (-2147483647-1) /* min value for an int */
+#define LONG_MAX 2147483647L /* max value for a long */
+#define LONG_MIN (-2147483647-1) /* min value for a long */
+#define ULONG_MAX 0xffffffff /* max value for an unsigned long */
+#define LOG_DAEMON (3<<3) /* system daemons */
+#define LOG_EMERG 0 /* system is unusable */
+#define LOG_ALERT 1 /* action must be taken immediately */
+#define LOG_CRIT 2 /* critical conditions */
+#define LOG_ERR 3 /* error conditions */
+#define LOG_WARNING 4 /* warning conditions */
+#define LOG_NOTICE 5 /* normal but significant condition */
+#define LOG_INFO 6 /* informational */
+#define LOG_DEBUG 7 /* debug-level messages */
+#define LOG_PID 0x01 /* log the pid with each message */
+#define LOG_CONS 0x02 /* log on the console if errors in sending */
+
+//
+// Macros from EFI Application Toolkit required to buiild Open SSL
+//
+/* The offsetof() macro calculates the offset of a structure member
+ in its structure. Unfortunately this cannot be written down
+ portably, hence it is provided by a Standard C header file.
+ For pre-Standard C compilers, here is a version that usually works
+ (but watch out!): */
+#define offsetof(type, member) ( (int) & ((type*)0) -> member )
+
+//
+// Basic types from EFI Application Toolkit required to buiild Open SSL
+//
+typedef UINTN size_t;
+typedef INTN ssize_t;
+typedef INT64 off_t;
+typedef UINT16 mode_t;
+typedef long time_t;
+typedef unsigned long clock_t;
+typedef UINT32 uid_t;
+typedef UINT32 gid_t;
+typedef UINT32 ino_t;
+typedef UINT32 dev_t;
+typedef UINT16 nlink_t;
+typedef int pid_t;
+typedef void *DIR;
+typedef void __sighandler_t (int);
+
+//
+// Structures from EFI Application Toolkit required to buiild Open SSL
+//
+struct tm {
+ int tm_sec; /* seconds after the minute [0-60] */
+ int tm_min; /* minutes after the hour [0-59] */
+ int tm_hour; /* hours since midnight [0-23] */
+ int tm_mday; /* day of the month [1-31] */
+ int tm_mon; /* months since January [0-11] */
+ int tm_year; /* years since 1900 */
+ int tm_wday; /* days since Sunday [0-6] */
+ int tm_yday; /* days since January 1 [0-365] */
+ int tm_isdst; /* Daylight Savings Time flag */
+ long tm_gmtoff; /* offset from CUT in seconds */
+ char *tm_zone; /* timezone abbreviation */
+};
+
+struct dirent {
+ UINT32 d_fileno; /* file number of entry */
+ UINT16 d_reclen; /* length of this record */
+ UINT8 d_type; /* file type, see below */
+ UINT8 d_namlen; /* length of string in d_name */
+ char d_name[255 + 1]; /* name must be no longer than this */
+};
+
+struct stat {
+ dev_t st_dev; /* inode's device */
+ ino_t st_ino; /* inode's number */
+ mode_t st_mode; /* inode protection mode */
+ nlink_t st_nlink; /* number of hard links */
+ uid_t st_uid; /* user ID of the file's owner */
+ gid_t st_gid; /* group ID of the file's group */
+ dev_t st_rdev; /* device type */
+ time_t st_atime; /* time of last access */
+ long st_atimensec; /* nsec of last access */
+ time_t st_mtime; /* time of last data modification */
+ long st_mtimensec; /* nsec of last data modification */
+ time_t st_ctime; /* time of last file status change */
+ long st_ctimensec; /* nsec of last file status change */
+ off_t st_size; /* file size, in bytes */
+ INT64 st_blocks; /* blocks allocated for file */
+ UINT32 st_blksize; /* optimal blocksize for I/O */
+ UINT32 st_flags; /* user defined flags for file */
+ UINT32 st_gen; /* file generation number */
+ INT32 st_lspare;
+ INT64 st_qspare[2];
+};
+
+//
+// Externs from EFI Application Toolkit required to buiild Open SSL
+//
+extern int errno;
+
+//
+// Function prototypes from EFI Application Toolkit required to buiild Open SSL
+//
+void *malloc (size_t);
+void *realloc (void *, size_t);
+void free (void *);
+int isdigit (int);
+int isspace (int);
+int tolower (int);
+int isupper (int);
+int isxdigit (int);
+int isalnum (int);
+void *memcpy (void *, const void *, size_t);
+void *memset (void *, int, size_t);
+void *memchr (const void *, int, size_t);
+int memcmp (const void *, const void *, size_t);
+void *memmove (void *, const void *, size_t);
+int strcmp (const char *, const char *);
+int strncmp (const char *, const char *, size_t);
+char *strcpy (char *, const char *);
+char *strncpy (char *, const char *, size_t);
+size_t strlen (const char *);
+char *strcat (char *, const char *);
+char *strchr (const char *, int);
+int strcasecmp (const char *, const char *);
+int strncasecmp (const char *, const char *, size_t);
+char *strncpy (char *, const char *, size_t);
+int strncmp (const char *, const char *, size_t);
+char *strrchr (const char *, int);
+unsigned long strtoul (const char *, char **, int);
+long strtol (const char *, char **, int);
+int printf (const char *, ...);
+int sscanf (const char *, const char *, ...);
+int open (const char *, int, ...);
+int chmod (const char *, mode_t);
+int stat (const char *, struct stat *);
+off_t lseek (int, off_t, int);
+ssize_t read (int, void *, size_t);
+ssize_t write (int, const void *, size_t);
+int close (int);
+FILE *fopen (const char *, const char *);
+size_t fread (void *, size_t, size_t, FILE *);
+size_t fwrite (const void *, size_t, size_t, FILE *);
+char *fgets (char *, int, FILE *);
+int fputs (const char *, FILE *);
+int fprintf (FILE *, const char *, ...);
+int vfprintf (FILE *, const char *, VA_LIST);
+int fflush (FILE *);
+int fclose (FILE *);
+DIR *opendir (const char *);
+struct dirent *readdir (DIR *);
+int closedir (DIR *);
+void openlog (const char *, int, int);
+void closelog (void);
+void syslog (int, const char *, ...);
+time_t time (time_t *);
+struct tm *localtime (const time_t *);
+struct tm *gmtime (const time_t *);
+struct tm *gmtime_r (const time_t *, struct tm *);
+uid_t getuid (void);
+uid_t geteuid (void);
+gid_t getgid (void);
+gid_t getegid (void);
+void qsort (void *, size_t, size_t, int (*)(const void *, const void *));
+char *getenv (const char *);
+void exit (int);
+void abort (void);
+__sighandler_t *signal (int, __sighandler_t *);
+
+//
+// Global variables from EFI Application Toolkit required to buiild Open SSL
+//
+FILE *stderr;
+FILE *stdin;
+FILE *stdout;
+
+//
+// Macros that directly map functions to BaseLib, BaseMemoryLib, and DebugLib functions
+//
+#define memcpy(dest,source,count) CopyMem(dest,source,(UINTN)(count))
+#define memset(dest,ch,count) SetMem(dest,(UINTN)(count),(UINT8)(ch))
+#define memchr(buf,ch,count) ScanMem8(buf,(UINTN)(count),(UINT8)ch)
+#define memcmp(buf1,buf2,count) (int)(CompareMem(buf1,buf2,(UINTN)(count)))
+#define strcmp AsciiStrCmp
+#define strncmp(string1,string2,count) (int)(AsciiStrnCmp(string1,string2,(UINTN)(count)))
+#define strcpy(strDest,strSource) AsciiStrCpy(strDest,strSource)
+#define strncpy(strDest,strSource,count) AsciiStrnCpy(strDest,strSource,(UINTN)count)
+#define strlen(str) (size_t)(AsciiStrLen(str))
+#define strcat(strDest,strSource) AsciiStrCat(strDest,strSource)
+#define strchr(str,ch) ScanMem8((VOID *)(str),AsciiStrSize(str),(UINT8)ch)
+#define abort() ASSERT (FALSE)
+#define assert(expression)
+#define localtime(timer) NULL
+#define gmtime(timer) NULL
+#define gmtime_r(timer,result) (result = NULL)
+
+#endif
diff --git a/CryptoPkg/Include/Protocol/RuntimeCrypt.h b/CryptoPkg/Include/Protocol/RuntimeCrypt.h
new file mode 100644
index 0000000000..bb97d9102e
--- /dev/null
+++ b/CryptoPkg/Include/Protocol/RuntimeCrypt.h
@@ -0,0 +1,204 @@
+/** @file
+ The runtime cryptographic protocol.
+ Only limited crypto primitives (SHA-256 and RSA) are provided for runtime
+ authenticated variable service.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef __EFI_RUNTIME_CRYPT_PROTOCOL_H__
+#define __EFI_RUNTIME_CRYPT_PROTOCOL_H__
+
+#include <Library/BaseCryptLib.h>
+
+///
+/// Runtime Cryptographic Protocol GUID.
+///
+#define EFI_RUNTIME_CRYPT_PROTOCOL_GUID \
+ { \
+ 0xe1475e0c, 0x1746, 0x4802, { 0x86, 0x2e, 0x1, 0x1c, 0x2c, 0x2d, 0x9d, 0x86 } \
+ }
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-256 operations.
+
+ @return The size, in bytes, of the context buffer required for SHA-256 operations.
+
+**/
+typedef
+UINTN
+(EFIAPI *EFI_RUNTIME_CRYPT_SHA256_GET_CONTEXT_SIZE) (
+ VOID
+ );
+
+
+/**
+ Initializes user-supplied memory pointed by Sha256Context as SHA-256 hash context for
+ subsequent use.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 Context being initialized.
+
+ @retval TRUE SHA-256 context initialization succeeded.
+ @retval FALSE SHA-256 context initialization failed.
+
+**/
+typedef
+BOOLEAN
+(EFIAPI *EFI_RUNTIME_CRYPT_SHA256_INIT) (
+ IN OUT VOID *Sha256Context
+ );
+
+
+/**
+ Performs SHA-256 digest on a data buffer of the specified length. This function can
+ be called multiple times to compute the digest of long or discontinuous data streams.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to the SHA-256 context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataLength Length of Data buffer in bytes.
+
+ @retval TRUE SHA-256 data digest succeeded.
+ @retval FALSE Invalid SHA-256 context. After Sha256Final function has been called, the
+ SHA-256 context cannot be reused.
+
+**/
+typedef
+BOOLEAN
+(EFIAPI *EFI_RUNTIME_CRYPT_SHA256_UPDATE) (
+ IN OUT VOID *Sha256Context,
+ IN CONST VOID *Data,
+ IN UINTN DataLength
+ );
+
+
+/**
+ Completes SHA-256 hash computation and retrieves the digest value into the specified
+ memory. After this function has been called, the SHA-256 context cannot be used again.
+
+ If Sha256Context is NULL, then ASSERT().
+ If HashValue is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 context
+ @param[out] HashValue Pointer to a buffer that receives the SHA-256 digest
+ value (32 bytes).
+
+ @retval TRUE SHA-256 digest computation succeeded.
+ @retval FALSE SHA-256 digest computation failed.
+
+**/
+typedef
+BOOLEAN
+(EFIAPI *EFI_RUNTIME_CRYPT_SHA256_FINAL) (
+ IN OUT VOID *Sha256Context,
+ OUT UINT8 *HashValue
+ );
+
+
+/**
+ Allocates and Initializes one RSA Context for subsequent use.
+
+ @return Pointer to the RSA Context that has been initialized.
+ If the allocations fails, RsaNew() returns NULL.
+
+**/
+typedef
+VOID *
+(EFIAPI *EFI_RUNTIME_CRYPT_RSA_NEW) (
+ VOID
+ );
+
+/**
+ Release the specified RSA Context.
+
+ @param[in] RsaContext Pointer to the RSA context to be released.
+
+**/
+typedef
+VOID
+(EFIAPI *EFI_RUNTIME_CRYPT_RSA_FREE) (
+ IN VOID *RsaContext
+ );
+
+/**
+ Sets the tag-designated RSA key component into the established RSA context from
+ the user-specified nonnegative integer (octet string format represented in RSA
+ PKCS#1).
+
+ If RsaContext is NULL, then ASSERT().
+
+ @param[in, out] RsaContext Pointer to RSA context being set.
+ @param[in] KeyTag Tag of RSA key component being set.
+ @param[in] BigNumber Pointer to octet integer buffer.
+ @param[in] BnLength Length of big number buffer in bytes.
+
+ @return TRUE RSA key component was set successfully.
+ @return FALSE Invalid RSA key component tag.
+
+**/
+typedef
+BOOLEAN
+(EFIAPI *EFI_RUNTIME_CRYPT_RSA_SET_KEY) (
+ IN OUT VOID *RsaContext,
+ IN RSA_KEY_TAG KeyTag,
+ IN CONST UINT8 *BigNumber,
+ IN UINTN BnLength
+ );
+
+/**
+ Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in
+ RSA PKCS#1.
+
+ If RsaContext is NULL, then ASSERT().
+ If MessageHash is NULL, then ASSERT().
+ If Signature is NULL, then ASSERT().
+ If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, then ASSERT().
+
+ @param[in] RsaContext Pointer to RSA context for signature verification.
+ @param[in] MessageHash Pointer to octet message hash to be checked.
+ @param[in] HashLength Length of the message hash in bytes.
+ @param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verified.
+ @param[in] SigLength Length of signature in bytes.
+
+ @return TRUE Valid signature encoded in PKCS1-v1_5.
+ @return FALSE Invalid signature or invalid RSA context.
+
+**/
+typedef
+BOOLEAN
+(EFIAPI *EFI_RUNTIME_CRYPT_RSA_PKCS1_VERIFY) (
+ IN VOID *RsaContext,
+ IN CONST UINT8 *MessageHash,
+ IN UINTN HashLength,
+ IN UINT8 *Signature,
+ IN UINTN SigLength
+ );
+
+///
+/// Runtime Cryptographic Protocol Structure.
+///
+typedef struct {
+ EFI_RUNTIME_CRYPT_SHA256_GET_CONTEXT_SIZE Sha256GetContextSize;
+ EFI_RUNTIME_CRYPT_SHA256_INIT Sha256Init;
+ EFI_RUNTIME_CRYPT_SHA256_UPDATE Sha256Update;
+ EFI_RUNTIME_CRYPT_SHA256_FINAL Sha256Final;
+ EFI_RUNTIME_CRYPT_RSA_NEW RsaNew;
+ EFI_RUNTIME_CRYPT_RSA_FREE RsaFree;
+ EFI_RUNTIME_CRYPT_RSA_SET_KEY RsaSetKey;
+ EFI_RUNTIME_CRYPT_RSA_PKCS1_VERIFY RsaPkcs1Verify;
+} EFI_RUNTIME_CRYPT_PROTOCOL;
+
+extern EFI_GUID gEfiRuntimeCryptProtocolGuid;
+
+#endif
diff --git a/CryptoPkg/Include/arpa/inet.h b/CryptoPkg/Include/arpa/inet.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/arpa/inet.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/assert.h b/CryptoPkg/Include/assert.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/assert.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/ctype.h b/CryptoPkg/Include/ctype.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/ctype.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/dirent.h b/CryptoPkg/Include/dirent.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/dirent.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/errno.h b/CryptoPkg/Include/errno.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/errno.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/limits.h b/CryptoPkg/Include/limits.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/limits.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/malloc.h b/CryptoPkg/Include/malloc.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/malloc.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/math.h b/CryptoPkg/Include/math.h
new file mode 100644
index 0000000000..a21f5543cd
--- /dev/null
+++ b/CryptoPkg/Include/math.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OPEN SSL
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/netdb.h b/CryptoPkg/Include/netdb.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/netdb.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/netinet/in.h b/CryptoPkg/Include/netinet/in.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/netinet/in.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/openssl/README b/CryptoPkg/Include/openssl/README
new file mode 100644
index 0000000000..15940109a9
--- /dev/null
+++ b/CryptoPkg/Include/openssl/README
@@ -0,0 +1 @@
+This directory contains all the public include files from the OpenSSL project.
diff --git a/CryptoPkg/Include/sgtty.h b/CryptoPkg/Include/sgtty.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/sgtty.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/signal.h b/CryptoPkg/Include/signal.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/signal.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/stdarg.h b/CryptoPkg/Include/stdarg.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/stdarg.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/stddef.h b/CryptoPkg/Include/stddef.h
new file mode 100644
index 0000000000..8dfc36ffb0
--- /dev/null
+++ b/CryptoPkg/Include/stddef.h
@@ -0,0 +1,15 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
diff --git a/CryptoPkg/Include/stdio.h b/CryptoPkg/Include/stdio.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/stdio.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/stdlib.h b/CryptoPkg/Include/stdlib.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/stdlib.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/string.h b/CryptoPkg/Include/string.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/string.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/strings.h b/CryptoPkg/Include/strings.h
new file mode 100644
index 0000000000..8dfc36ffb0
--- /dev/null
+++ b/CryptoPkg/Include/strings.h
@@ -0,0 +1,15 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
diff --git a/CryptoPkg/Include/sys/ioctl.h b/CryptoPkg/Include/sys/ioctl.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/sys/ioctl.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/sys/param.h b/CryptoPkg/Include/sys/param.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/sys/param.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/sys/socket.h b/CryptoPkg/Include/sys/socket.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/sys/socket.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/sys/stat.h b/CryptoPkg/Include/sys/stat.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/sys/stat.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/sys/time.h b/CryptoPkg/Include/sys/time.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/sys/time.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/sys/times.h b/CryptoPkg/Include/sys/times.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/sys/times.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/sys/types.h b/CryptoPkg/Include/sys/types.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/sys/types.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/sys/un.h b/CryptoPkg/Include/sys/un.h
new file mode 100644
index 0000000000..ee07f6bcb5
--- /dev/null
+++ b/CryptoPkg/Include/sys/un.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
diff --git a/CryptoPkg/Include/syslog.h b/CryptoPkg/Include/syslog.h
new file mode 100644
index 0000000000..8dfc36ffb0
--- /dev/null
+++ b/CryptoPkg/Include/syslog.h
@@ -0,0 +1,15 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
diff --git a/CryptoPkg/Include/time.h b/CryptoPkg/Include/time.h
new file mode 100644
index 0000000000..8dfc36ffb0
--- /dev/null
+++ b/CryptoPkg/Include/time.h
@@ -0,0 +1,15 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
diff --git a/CryptoPkg/Include/unistd.h b/CryptoPkg/Include/unistd.h
new file mode 100644
index 0000000000..8dfc36ffb0
--- /dev/null
+++ b/CryptoPkg/Include/unistd.h
@@ -0,0 +1,15 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
new file mode 100644
index 0000000000..5395da06a7
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -0,0 +1,79 @@
+## @file
+# Cryptographic Library Instance for DXE_DRIVER.
+#
+# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = BaseCryptLib
+ FILE_GUID = be3bb803-91b6-4da0-bd91-a8b21c18ca5d
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = BaseCryptLib
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF
+#
+
+[Sources]
+ Hash/CryptMd5.c
+ Hash/CryptSha1.c
+ Hash/CryptSha256.c
+ Pk/CryptRsa.c
+ Pk/CryptPkcs7.c
+
+ SysCall/CrtWrapper.c
+ SysCall/TimerWrapper.c
+ SysCall/BaseMemAllocation.c
+
+[Sources.Ia32]
+ SysCall/HelperWrapper.c
+
+ SysCall/Ia32/MathMultS64x64.c | MSFT
+ SysCall/Ia32/MathDivU64x64.c | MSFT
+ SysCall/Ia32/MathReminderU64x64.c | MSFT
+ SysCall/Ia32/MathLShiftS64.c | MSFT
+ SysCall/Ia32/MathRShiftU64.c | MSFT
+
+ SysCall/Ia32/MathMultS64x64.c | INTEL
+ SysCall/Ia32/MathDivU64x64.c | INTEL
+ SysCall/Ia32/MathReminderU64x64.c | INTEL
+ SysCall/Ia32/MathLShiftS64.c | INTEL
+ SysCall/Ia32/MathRShiftU64.c | INTEL
+
+ SysCall/Ia32/MathMultS64x64.S | GCC
+ SysCall/Ia32/MathDivU64x64.S | GCC
+ SysCall/Ia32/MathReminderU64x64.S | GCC
+ SysCall/Ia32/MathLShiftS64.S | GCC
+ SysCall/Ia32/MathRShiftU64.S | GCC
+
+ SysCall/Ia32/Alloca.S | GCC
+
+[Packages]
+ MdePkg/MdePkg.dec
+ CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ BaseMemoryLib
+ MemoryAllocationLib
+ DebugLib
+ OpensslLib
+ IntrinsicLib
+
+#
+# Remove these [BuildOptions] after this library is cleaned up
+#
+[BuildOptions]
+ GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))" "-D__declspec(t)=__attribute__((t))"
diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c
new file mode 100644
index 0000000000..99471a0176
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c
@@ -0,0 +1,145 @@
+/** @file
+ MD5 Digest Wrapper Implementation over OpenSSL.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+
+#include <Library/BaseCryptLib.h>
+#include <openssl/md5.h>
+
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
+
+ @return The size, in bytes, of the context buffer required for MD5 hash operations.
+
+**/
+UINTN
+EFIAPI
+Md5GetContextSize (
+ VOID
+ )
+{
+ //
+ // Retrieves the OpenSSL MD5 Context Size
+ //
+ return (UINTN)(sizeof (MD5_CTX));
+}
+
+
+/**
+ Initializes user-supplied memory pointed by Md5Context as MD5 hash context for
+ subsequent use.
+
+ If Md5Context is NULL, then ASSERT().
+
+ @param[in, out] Md5Context Pointer to MD5 Context being initialized.
+
+ @retval TRUE MD5 context initialization succeeded.
+ @retval FALSE MD5 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+Md5Init (
+ IN OUT VOID *Md5Context
+ )
+{
+ //
+ // ASSERT if Md5Context is NULL.
+ //
+ ASSERT (Md5Context != NULL);
+
+ //
+ // OpenSSL MD5 Context Initialization
+ //
+ return (BOOLEAN) (MD5_Init ((MD5_CTX *)Md5Context));
+}
+
+
+/**
+ Performs MD5 digest on a data buffer of the specified length. This function can
+ be called multiple times to compute the digest of long or discontinuous data streams.
+
+ If Md5Context is NULL, then ASSERT().
+
+ @param[in, out] Md5Context Pointer to the MD5 context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataLength Length of Data buffer in bytes.
+
+ @retval TRUE MD5 data digest succeeded.
+ @retval FALSE Invalid MD5 context. After Md5Final function has been called, the
+ MD5 context cannot be reused.
+
+**/
+BOOLEAN
+EFIAPI
+Md5Update (
+ IN OUT VOID *Md5Context,
+ IN CONST VOID *Data,
+ IN UINTN DataLength
+ )
+{
+ //
+ // ASSERT if Md5Context is NULL
+ //
+ ASSERT (Md5Context != NULL);
+
+ //
+ // ASSERT if invalid parameters, in case that only DataLength was checked in OpenSSL
+ //
+ if (Data == NULL) {
+ ASSERT (DataLength == 0);
+ }
+
+ //
+ // OpenSSL MD5 Hash Update
+ //
+ return (BOOLEAN) (MD5_Update ((MD5_CTX *)Md5Context, Data, DataLength));
+}
+
+
+/**
+ Completes MD5 hash computation and retrieves the digest value into the specified
+ memory. After this function has been called, the MD5 context cannot be used again.
+
+ If Md5Context is NULL, then ASSERT().
+ If HashValue is NULL, then ASSERT().
+
+ @param[in, out] Md5Context Pointer to the MD5 context
+ @param[out] HashValue Pointer to a buffer that receives the MD5 digest
+ value (16 bytes).
+
+ @retval TRUE MD5 digest computation succeeded.
+ @retval FALSE MD5 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+Md5Final (
+ IN OUT VOID *Md5Context,
+ OUT UINT8 *HashValue
+ )
+{
+ //
+ // ASSERT if Md5Context is NULL or HashValue is NULL
+ //
+ ASSERT (Md5Context != NULL);
+ ASSERT (HashValue != NULL);
+
+ //
+ // OpenSSL MD5 Hash Finalization
+ //
+ return (BOOLEAN) (MD5_Final (HashValue, (MD5_CTX *)Md5Context));
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c
new file mode 100644
index 0000000000..d774059300
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c
@@ -0,0 +1,145 @@
+/** @file
+ SHA-1 Digest Wrapper Implementation over OpenSSL.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+
+#include <Library/BaseCryptLib.h>
+#include <openssl/sha.h>
+
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
+
+ @return The size, in bytes, of the context buffer required for SHA-1 hash operations.
+
+**/
+UINTN
+EFIAPI
+Sha1GetContextSize (
+ VOID
+ )
+{
+ //
+ // Retrieves OpenSSL SHA Context Size
+ //
+ return (UINTN)(sizeof (SHA_CTX));
+}
+
+
+/**
+ Initializes user-supplied memory pointed by Sha1Context as the SHA-1 hash context for
+ subsequent use.
+
+ If Sha1Context is NULL, then ASSERT().
+
+ @param[in, out] Sha1Context Pointer to the SHA-1 Context being initialized.
+
+ @retval TRUE SHA-1 initialization succeeded.
+ @retval FALSE SHA-1 initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha1Init (
+ IN OUT VOID *Sha1Context
+ )
+{
+ //
+ // ASSERT if Sha1Context is NULL
+ //
+ ASSERT (Sha1Context != NULL);
+
+ //
+ // OpenSSL SHA-1 Context Initialization
+ //
+ return (BOOLEAN) (SHA1_Init ((SHA_CTX *)Sha1Context));
+}
+
+
+/**
+ Performs SHA-1 digest on a data buffer of the specified length. This function can
+ be called multiple times to compute the digest of long or discontinuous data streams.
+
+ If Sha1Context is NULL, then ASSERT().
+
+ @param[in, out] Sha1Context Pointer to the SHA-1 context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataLength Length of Data buffer in bytes.
+
+ @retval TRUE SHA-1 data digest succeeded.
+ @retval FALSE Invalid SHA-1 context. After Sha1Final function has been called, the
+ SHA-1 context cannot be reused.
+
+**/
+BOOLEAN
+EFIAPI
+Sha1Update (
+ IN OUT VOID *Sha1Context,
+ IN CONST VOID *Data,
+ IN UINTN DataLength
+ )
+{
+ //
+ // ASSERT if Sha1Context is NULL
+ //
+ ASSERT (Sha1Context != NULL);
+
+ //
+ // ASSERT if invalid parameters, in case that only DataLength was checked in OpenSSL
+ //
+ if (Data == NULL) {
+ ASSERT (DataLength == 0);
+ }
+
+ //
+ // OpenSSL SHA-1 Hash Update
+ //
+ return (BOOLEAN) (SHA1_Update ((SHA_CTX *)Sha1Context, Data, DataLength));
+}
+
+
+/**
+ Completes SHA-1 hash computation and retrieves the digest value into the specified
+ memory. After this function has been called, the SHA-1 context cannot be used again.
+
+ If Sha1Context is NULL, then ASSERT().
+ If HashValue is NULL, then ASSERT().
+
+ @param[in, out] Sha1Context Pointer to the SHA-1 context
+ @param[out] HashValue Pointer to a buffer that receives the SHA-1 digest
+ value (20 bytes).
+
+ @retval TRUE SHA-1 digest computation succeeded.
+ @retval FALSE SHA-1 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha1Final (
+ IN OUT VOID *Sha1Context,
+ OUT UINT8 *HashValue
+ )
+{
+ //
+ // ASSERT if Sha1Context is NULL or HashValue is NULL
+ //
+ ASSERT (Sha1Context != NULL);
+ ASSERT (HashValue != NULL);
+
+ //
+ // OpenSSL SHA-1 Hash Finalization
+ //
+ return (BOOLEAN) (SHA1_Final (HashValue, (SHA_CTX *)Sha1Context));
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha256.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha256.c
new file mode 100644
index 0000000000..9b566a4c59
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha256.c
@@ -0,0 +1,145 @@
+/** @file
+ SHA-256 Digest Wrapper Implementation over OpenSSL.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+
+#include <Library/BaseCryptLib.h>
+#include <openssl/sha.h>
+
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-256 operations.
+
+ @return The size, in bytes, of the context buffer required for SHA-256 operations.
+
+**/
+UINTN
+EFIAPI
+Sha256GetContextSize (
+ VOID
+ )
+{
+ //
+ // Retrieves OpenSSL SHA-256 Context Size
+ //
+ return (UINTN)(sizeof (SHA256_CTX));
+}
+
+
+/**
+ Initializes user-supplied memory pointed by Sha256Context as SHA-256 hash context for
+ subsequent use.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 Context being initialized.
+
+ @retval TRUE SHA-256 context initialization succeeded.
+ @retval FALSE SHA-256 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha256Init (
+ IN OUT VOID *Sha256Context
+ )
+{
+ //
+ // ASSERT if Sha256Context is NULL
+ //
+ ASSERT (Sha256Context != NULL);
+
+ //
+ // OpenSSL SHA-256 Context Initialization
+ //
+ return (BOOLEAN) (SHA256_Init ((SHA256_CTX *)Sha256Context));
+}
+
+
+/**
+ Performs SHA-256 digest on a data buffer of the specified length. This function can
+ be called multiple times to compute the digest of long or discontinuous data streams.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to the SHA-256 context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataLength Length of Data buffer in bytes.
+
+ @retval TRUE SHA-256 data digest succeeded.
+ @retval FALSE Invalid SHA-256 context. After Sha256Final function has been called, the
+ SHA-256 context cannot be reused.
+
+**/
+BOOLEAN
+EFIAPI
+Sha256Update (
+ IN OUT VOID *Sha256Context,
+ IN CONST VOID *Data,
+ IN UINTN DataLength
+ )
+{
+ //
+ // ASSERT if Sha256Context is NULL
+ //
+ ASSERT (Sha256Context != NULL);
+
+ //
+ // ASSERT if invalid parameters, in case that only DataLength was checked in OpenSSL
+ //
+ if (Data == NULL) {
+ ASSERT (DataLength == 0);
+ }
+
+ //
+ // OpenSSL SHA-256 Hash Update
+ //
+ return (BOOLEAN) (SHA256_Update ((SHA256_CTX *)Sha256Context, Data, DataLength));
+}
+
+
+/**
+ Completes SHA-256 hash computation and retrieves the digest value into the specified
+ memory. After this function has been called, the SHA-256 context cannot be used again.
+
+ If Sha256Context is NULL, then ASSERT().
+ If HashValue is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 context
+ @param[out] HashValue Pointer to a buffer that receives the SHA-256 digest
+ value (32 bytes).
+
+ @retval TRUE SHA-256 digest computation succeeded.
+ @retval FALSE SHA-256 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha256Final (
+ IN OUT VOID *Sha256Context,
+ OUT UINT8 *HashValue
+ )
+{
+ //
+ // ASSERT if Sha256Context is NULL or HashValue is NULL
+ //
+ ASSERT (Sha256Context != NULL);
+ ASSERT (HashValue != NULL);
+
+ //
+ // OpenSSL SHA-256 Hash Finalization
+ //
+ return (BOOLEAN) (SHA256_Final (HashValue, (SHA256_CTX *)Sha256Context));
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
new file mode 100644
index 0000000000..30061a68ff
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
@@ -0,0 +1,77 @@
+## @file
+# Cryptographic Library Instance for PEIM.
+#
+# Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = PeiCryptLib
+ FILE_GUID = 9a2a4375-194c-4e97-9f67-547ec98d96ca
+ MODULE_TYPE = PEIM
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = BaseCryptLib|PEIM PEI_CORE SEC
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64
+#
+
+[Sources]
+ Hash/CryptMd5.c
+ Hash/CryptSha1.c
+ Hash/CryptSha256.c
+ Pk/CryptRsa.c
+
+ SysCall/CrtWrapper.c
+ SysCall/HelperWrapper.c
+ SysCall/BaseMemAllocation.c
+
+[Sources.Ia32]
+ SysCall/Ia32/MathMultS64x64.c | MSFT
+ SysCall/Ia32/MathDivU64x64.c | MSFT
+ SysCall/Ia32/MathReminderU64x64.c | MSFT
+ SysCall/Ia32/MathLShiftS64.c | MSFT
+ SysCall/Ia32/MathRShiftU64.c | MSFT
+
+ SysCall/Ia32/MathMultS64x64.c | INTEL
+ SysCall/Ia32/MathDivU64x64.c | INTEL
+ SysCall/Ia32/MathReminderU64x64.c | INTEL
+ SysCall/Ia32/MathLShiftS64.c | INTEL
+ SysCall/Ia32/MathRShiftU64.c | INTEL
+
+ SysCall/Ia32/MathMultS64x64.S | GCC
+ SysCall/Ia32/MathDivU64x64.S | GCC
+ SysCall/Ia32/MathReminderU64x64.S | GCC
+ SysCall/Ia32/MathLShiftS64.S | GCC
+ SysCall/Ia32/MathRShiftU64.S | GCC
+
+ SysCall/Ia32/Alloca.S | GCC
+
+[Packages]
+ MdePkg/MdePkg.dec
+ CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ BaseMemoryLib
+ MemoryAllocationLib
+ DebugLib
+ OpensslLib
+ IntrinsicLib
+
+#
+# Remove these [BuildOptions] after this library is cleaned up
+#
+[BuildOptions]
+ GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))" "-D__declspec(t)=__attribute__((t))"
+
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c
new file mode 100644
index 0000000000..d0a6ea544a
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c
@@ -0,0 +1,160 @@
+/** @file
+ PKCS#7 SignedData Verification Wrapper Implementation over OpenSSL.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+
+#include <Library/BaseCryptLib.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/pkcs7.h>
+
+
+/**
+ Verifies the validility of a PKCS#7 signed data as described in "PKCS #7: Cryptographic
+ Message Syntax Standard".
+
+ If P7Data is NULL, then ASSERT().
+
+ @param[in] P7Data Pointer to the PKCS#7 message to verify.
+ @param[in] P7Length Length of the PKCS#7 message in bytes.
+ @param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which
+ is used for certificate chain verification.
+ @param[in] CertLength Length of the trusted certificate in bytes.
+ @param[in] InData Pointer to the content to be verified.
+ @param[in] DataLength Length of InData in bytes.
+
+ @return TRUE The specified PKCS#7 signed data is valid.
+ @return FALSE Invalid PKCS#7 signed data.
+
+**/
+BOOLEAN
+EFIAPI
+Pkcs7Verify (
+ IN CONST UINT8 *P7Data,
+ IN UINTN P7Length,
+ IN CONST UINT8 *TrustedCert,
+ IN UINTN CertLength,
+ IN CONST UINT8 *InData,
+ IN UINTN DataLength
+ )
+{
+ PKCS7 *Pkcs7;
+ UINT8 *Content;
+ BIO *CertBio;
+ BIO *DataBio;
+ BOOLEAN Status;
+ X509 *Cert;
+ X509_STORE *CertStore;
+
+ //
+ // ASSERT if P7Data is NULL
+ //
+ ASSERT (P7Data != NULL);
+
+ Status = FALSE;
+ Pkcs7 = NULL;
+ CertBio = NULL;
+ DataBio = NULL;
+ Cert = NULL;
+ CertStore = NULL;
+
+ //
+ // Register & Initialize necessary digest algorithms for PKCS#7 Handling
+ //
+ EVP_add_digest (EVP_md5());
+ EVP_add_digest (EVP_sha1());
+ EVP_add_digest (EVP_sha256());
+
+ //
+ // Retrieve PKCS#7 Data (DER encoding)
+ //
+ Pkcs7 = d2i_PKCS7 (NULL, &P7Data, (int)P7Length);
+ if (Pkcs7 == NULL) {
+ goto _Exit;
+ }
+
+ //
+ // Check if it's PKCS#7 Signed Data (for Authenticode Scenario)
+ //
+ if (!PKCS7_type_is_signed (Pkcs7)) {
+ goto _Exit;
+ }
+
+ //
+ // Check PKCS#7 embedded signed content with InData.
+ //
+ if (InData != NULL) {
+ //
+ // NOTE: PKCS7_dataDecode() didn't work for Authenticode-format signed data due to
+ // some authenticode-specific structure. Use opaque ASN.1 string to retrieve
+ // PKCS#7 ContentInfo here.
+ //
+ Content = (UINT8 *)(Pkcs7->d.sign->contents->d.other->value.asn1_string->data);
+
+ // Ignore two bytes for DER encoding of ASN.1 "SEQUENCE"
+ if (CompareMem (Content + 2, InData, DataLength) != 0) {
+ goto _Exit;
+ }
+ }
+
+ //
+ // Read DER-encoded root certificate and Construct X509 Certificate
+ //
+ CertBio = BIO_new (BIO_s_mem ());
+ BIO_write (CertBio, TrustedCert, (int)CertLength);
+ if (CertBio == NULL) {
+ goto _Exit;
+ }
+ Cert = d2i_X509_bio (CertBio, NULL);
+ if (Cert == NULL) {
+ goto _Exit;
+ }
+
+ //
+ // Setup X509 Store for trusted certificate
+ //
+ CertStore = X509_STORE_new ();
+ if (CertStore == NULL) {
+ goto _Exit;
+ }
+ if (!(X509_STORE_add_cert (CertStore, Cert))) {
+ goto _Exit;
+ }
+
+ //
+ // For generic PKCS#7 handling, InData may be NULL if the content is present
+ // in PKCS#7 structure. So ignore NULL checking here.
+ //
+ DataBio = BIO_new (BIO_s_mem ());
+ BIO_write (DataBio, InData, (int)DataLength);
+
+ //
+ // Verifies the PKCS#7 signedData structure
+ //
+ Status = (BOOLEAN) PKCS7_verify (Pkcs7, NULL, CertStore, DataBio, NULL, 0);
+
+_Exit:
+ //
+ // Release Resources
+ //
+ BIO_free (DataBio);
+ BIO_free (CertBio);
+ X509_free (Cert);
+ X509_STORE_free (CertStore);
+ PKCS7_free (Pkcs7);
+
+ return Status;
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsa.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsa.c
new file mode 100644
index 0000000000..763213ab6b
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsa.c
@@ -0,0 +1,277 @@
+/** @file
+ RSA Asymmetric Cipher Wrapper Implementation over OpenSSL.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+
+#include <Library/BaseCryptLib.h>
+#include <openssl/rsa.h>
+
+
+/**
+ Allocates and Initializes one RSA Context for subsequent use.
+
+ @return Pointer to the RSA Context that has been initialized.
+ If the allocations fails, RsaNew() returns NULL.
+
+**/
+VOID *
+EFIAPI
+RsaNew (
+ VOID
+ )
+{
+ //
+ // Allocates & Initializes RSA Context by OpenSSL RSA_new()
+ //
+ return (VOID *)RSA_new ();
+}
+
+
+/**
+ Release the specified RSA Context.
+
+ @param[in] RsaContext Pointer to the RSA context to be released.
+
+**/
+VOID
+EFIAPI
+RsaFree (
+ IN VOID *RsaContext
+ )
+{
+ //
+ // Free OpenSSL RSA Context
+ //
+ RSA_free ((RSA *)RsaContext);
+}
+
+
+/**
+ Sets the tag-designated RSA key component into the established RSA context from
+ the user-specified nonnegative integer (octet string format represented in RSA
+ PKCS#1).
+
+ If RsaContext is NULL, then ASSERT().
+
+ @param[in, out] RsaContext Pointer to RSA context being set.
+ @param[in] KeyTag Tag of RSA key component being set.
+ @param[in] BigNumber Pointer to octet integer buffer.
+ @param[in] BnLength Length of big number buffer in bytes.
+
+ @return TRUE RSA key component was set successfully.
+ @return FALSE Invalid RSA key component tag.
+
+**/
+BOOLEAN
+EFIAPI
+RsaSetKey (
+ IN OUT VOID *RsaContext,
+ IN RSA_KEY_TAG KeyTag,
+ IN CONST UINT8 *BigNumber,
+ IN UINTN BnLength
+ )
+{
+ RSA *RsaKey;
+
+ //
+ // ASSERT if RsaContext is NULL
+ //
+ ASSERT (RsaContext != NULL);
+
+
+ RsaKey = (RSA *)RsaContext;
+ //
+ // Set RSA Key Components by converting octet string to OpenSSL BN representation.
+ // NOTE: For RSA public key (used in signature verification), only public components
+ // (N, e) are needed.
+ //
+ switch (KeyTag) {
+
+ //
+ // RSA Public Modulus (N)
+ //
+ case RsaKeyN:
+ if (RsaKey->n != NULL) {
+ BN_free (RsaKey->n);
+ }
+ RsaKey->n = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->n);
+ break;
+
+ //
+ // RSA Public Exponent (e)
+ //
+ case RsaKeyE:
+ if (RsaKey->e != NULL) {
+ BN_free (RsaKey->e);
+ }
+ RsaKey->e = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->e);
+ break;
+
+ //
+ // RSA Private Exponent (d)
+ //
+ case RsaKeyD:
+ if (RsaKey->d != NULL) {
+ BN_free (RsaKey->d);
+ }
+ RsaKey->d = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->d);
+ break;
+
+ //
+ // RSA Secret Prime Factor of Modulus (p)
+ //
+ case RsaKeyP:
+ if (RsaKey->p != NULL) {
+ BN_free (RsaKey->p);
+ }
+ RsaKey->p = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->p);
+ break;
+
+ //
+ // RSA Secret Prime Factor of Modules (q)
+ //
+ case RsaKeyQ:
+ if (RsaKey->q != NULL) {
+ BN_free (RsaKey->q);
+ }
+ RsaKey->q = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->q);
+ break;
+
+ //
+ // p's CRT Exponent (== d mod (p - 1))
+ //
+ case RsaKeyDp:
+ if (RsaKey->dmp1 != NULL) {
+ BN_free (RsaKey->dmp1);
+ }
+ RsaKey->dmp1 = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->dmp1);
+ break;
+
+ //
+ // q's CRT Exponent (== d mod (q - 1))
+ //
+ case RsaKeyDq:
+ if (RsaKey->dmq1 != NULL) {
+ BN_free (RsaKey->dmq1);
+ }
+ RsaKey->dmq1 = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->dmq1);
+ break;
+
+ //
+ // The CRT Coefficient (== 1/q mod p)
+ //
+ case RsaKeyQInv:
+ if (RsaKey->iqmp != NULL) {
+ BN_free (RsaKey->iqmp);
+ }
+ RsaKey->iqmp = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->iqmp);
+ break;
+
+ default:
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+
+/**
+ Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in
+ RSA PKCS#1.
+
+ If RsaContext is NULL, then ASSERT().
+ If MessageHash is NULL, then ASSERT().
+ If Signature is NULL, then ASSERT().
+ If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, then ASSERT().
+
+ @param[in] RsaContext Pointer to RSA context for signature verification.
+ @param[in] MessageHash Pointer to octet message hash to be checked.
+ @param[in] HashLength Length of the message hash in bytes.
+ @param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verified.
+ @param[in] SigLength Length of signature in bytes.
+
+ @return TRUE Valid signature encoded in PKCS1-v1_5.
+ @return FALSE Invalid signature or invalid RSA context.
+
+**/
+BOOLEAN
+EFIAPI
+RsaPkcs1Verify (
+ IN VOID *RsaContext,
+ IN CONST UINT8 *MessageHash,
+ IN UINTN HashLength,
+ IN UINT8 *Signature,
+ IN UINTN SigLength
+ )
+{
+ INTN Length;
+
+ //
+ // ASSERT if RsaContext, MessageHash or Signature is NULL
+ //
+ ASSERT (RsaContext != NULL);
+ ASSERT (MessageHash != NULL);
+ ASSERT (Signature != NULL);
+
+ //
+ // ASSERT if unsupported hash length:
+ // Only MD5, SHA-1 or SHA-256 digest size is supported
+ //
+ ASSERT ((HashLength == MD5_DIGEST_SIZE) || (HashLength == SHA1_DIGEST_SIZE) ||
+ (HashLength == SHA256_DIGEST_SIZE));
+
+ //
+ // RSA PKCS#1 Signature Decoding using OpenSSL RSA Decryption with Public Key
+ //
+ Length = RSA_public_decrypt (
+ (int)SigLength,
+ Signature,
+ Signature,
+ RsaContext,
+ RSA_PKCS1_PADDING
+ );
+
+ //
+ // Invalid RSA Key or PKCS#1 Padding Checking Failed (if Length < 0)
+ // NOTE: Length should be the addition of HashLength and some DER value.
+ // Ignore more strict length checking here.
+ //
+ if (Length < (INTN) HashLength) {
+ return FALSE;
+ }
+
+ //
+ // Validate the MessageHash and Decoded Signature
+ // NOTE: The decoded Signature should be the DER encoding of the DigestInfo value
+ // DigestInfo ::= SEQUENCE {
+ // digestAlgorithm AlgorithmIdentifier
+ // digest OCTET STRING
+ // }
+ // Then Memory Comparing should skip the DER value of the underlying SEQUENCE
+ // type and AlgorithmIdentifier.
+ //
+ if (CompareMem (MessageHash, Signature + Length - HashLength, HashLength) == 0) {
+ //
+ // Valid RSA PKCS#1 Signature
+ //
+ return TRUE;
+ } else {
+ //
+ // Failed to verification
+ //
+ return FALSE;
+ }
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
new file mode 100644
index 0000000000..d31095be20
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
@@ -0,0 +1,81 @@
+## @file
+# Cryptographic Library Instance for DXE_RUNTIME_DRIVER
+#
+# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = RuntimeCryptLib
+ FILE_GUID = 78189cc0-727d-46a4-84ea-f7dd860de64a
+ MODULE_TYPE = DXE_RUNTIME_DRIVER
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = BaseCryptLib
+ CONSTRUCTOR = RuntimeCryptLibConstructor
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF
+#
+
+[Sources]
+ Hash/CryptMd5.c
+ Hash/CryptSha1.c
+ Hash/CryptSha256.c
+ Pk/CryptRsa.c
+
+ SysCall/CrtWrapper.c
+ SysCall/TimerWrapper.c
+ SysCall/HelperWrapper.c
+ SysCall/RuntimeMemAllocation.c
+
+[Sources.Ia32]
+ SysCall/Ia32/MathMultS64x64.c | MSFT
+ SysCall/Ia32/MathDivU64x64.c | MSFT
+ SysCall/Ia32/MathReminderU64x64.c | MSFT
+ SysCall/Ia32/MathLShiftS64.c | MSFT
+ SysCall/Ia32/MathRShiftU64.c | MSFT
+
+ SysCall/Ia32/MathMultS64x64.c | INTEL
+ SysCall/Ia32/MathDivU64x64.c | INTEL
+ SysCall/Ia32/MathReminderU64x64.c | INTEL
+ SysCall/Ia32/MathLShiftS64.c | INTEL
+ SysCall/Ia32/MathRShiftU64.c | INTEL
+
+ SysCall/Ia32/MathMultS64x64.S | GCC
+ SysCall/Ia32/MathDivU64x64.S | GCC
+ SysCall/Ia32/MathReminderU64x64.S | GCC
+ SysCall/Ia32/MathLShiftS64.S | GCC
+ SysCall/Ia32/MathRShiftU64.S | GCC
+
+ SysCall/Ia32/Alloca.S | GCC
+
+[Packages]
+ MdePkg/MdePkg.dec
+ CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ BaseMemoryLib
+ MemoryAllocationLib
+ UefiBootServicesTableLib
+ UefiRuntimeServicesTableLib
+ DebugLib
+ OpensslLib
+ IntrinsicLib
+
+#
+# Remove these [BuildOptions] after this library is cleaned up
+#
+[BuildOptions]
+ GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))" "-D__declspec(t)=__attribute__((t))"
+
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c b/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
new file mode 100644
index 0000000000..68bc25aba6
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
@@ -0,0 +1,42 @@
+/** @file
+ Base Memory Allocation Routines Wrapper for Crypto library over OpenSSL
+ during PEI & DXE phases.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
+//
+// -- Memory-Allocation Routines --
+//
+
+/* Allocates memory blocks */
+void *malloc (size_t size)
+{
+ return AllocatePool ((UINTN)size);
+}
+
+/* Reallocate memory blocks */
+void *realloc (void *ptr, size_t size)
+{
+ //
+ // BUG: hardcode OldSize == size! We have no any knowledge about
+ // memory size of original pointer ptr.
+ //
+ return ReallocatePool ((UINTN)size, (UINTN)size, ptr);
+}
+
+/* De-allocates or frees a memory block */
+void free (void *ptr)
+{
+ FreePool (ptr);
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
new file mode 100644
index 0000000000..4bef42ee7a
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
@@ -0,0 +1,281 @@
+/** @file
+ C Run-Time Libraries (CRT) Wrapper Implementation for OpenSSL-based
+ Cryptographic Library.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
+typedef
+INTN
+(*SORT_COMPARE)(
+ IN VOID *Buffer1,
+ IN VOID *Buffer2
+ );
+
+//
+// Duplicated from EDKII BaseSortLib for qsort() wrapper
+//
+STATIC
+VOID
+QuickSortWorker (
+ IN OUT VOID *BufferToSort,
+ IN CONST UINTN Count,
+ IN CONST UINTN ElementSize,
+ IN SORT_COMPARE CompareFunction,
+ IN VOID *Buffer
+ )
+{
+ VOID *Pivot;
+ UINTN LoopCount;
+ UINTN NextSwapLocation;
+
+ ASSERT(BufferToSort != NULL);
+ ASSERT(CompareFunction != NULL);
+ ASSERT(Buffer != NULL);
+
+ if (Count < 2 || ElementSize < 1) {
+ return;
+ }
+
+ NextSwapLocation = 0;
+
+ //
+ // Pick a pivot (we choose last element)
+ //
+ Pivot = ((UINT8 *)BufferToSort + ((Count - 1) * ElementSize));
+
+ //
+ // Now get the pivot such that all on "left" are below it
+ // and everything "right" are above it
+ //
+ for (LoopCount = 0; LoopCount < Count - 1; LoopCount++)
+ {
+ //
+ // If the element is less than the pivot
+ //
+ if (CompareFunction ((VOID *)((UINT8 *)BufferToSort + ((LoopCount) * ElementSize)), Pivot) <= 0) {
+ //
+ // Swap
+ //
+ CopyMem (Buffer, (UINT8 *)BufferToSort + (NextSwapLocation * ElementSize), ElementSize);
+ CopyMem ((UINT8 *)BufferToSort + (NextSwapLocation * ElementSize), (UINT8 *)BufferToSort + ((LoopCount) * ElementSize), ElementSize);
+ CopyMem ((UINT8 *)BufferToSort + ((LoopCount) * ElementSize), Buffer, ElementSize);
+
+ //
+ // Increment NextSwapLocation
+ //
+ NextSwapLocation++;
+ }
+ }
+ //
+ // Swap pivot to it's final position (NextSwapLocaiton)
+ //
+ CopyMem (Buffer, Pivot, ElementSize);
+ CopyMem (Pivot, (UINT8 *)BufferToSort + (NextSwapLocation * ElementSize), ElementSize);
+ CopyMem ((UINT8 *)BufferToSort + (NextSwapLocation * ElementSize), Buffer, ElementSize);
+
+ //
+ // Now recurse on 2 paritial lists. Neither of these will have the 'pivot' element.
+ // IE list is sorted left half, pivot element, sorted right half...
+ //
+ QuickSortWorker (
+ BufferToSort,
+ NextSwapLocation,
+ ElementSize,
+ CompareFunction,
+ Buffer
+ );
+
+ QuickSortWorker (
+ (UINT8 *)BufferToSort + (NextSwapLocation + 1) * ElementSize,
+ Count - NextSwapLocation - 1,
+ ElementSize,
+ CompareFunction,
+ Buffer
+ );
+
+ return;
+}
+
+//---------------------------------------------------------
+// Standard C Run-time Library Interface Wrapper
+//---------------------------------------------------------
+
+//
+// -- String Manipulation Routines --
+//
+
+/* Scan a string for the last occurrence of a character */
+char *strrchr (const char *str, int c)
+{
+ char * save;
+
+ for (save = NULL; ; ++str) {
+ if (*str == c) {
+ save = (char *)str;
+ }
+ if (*str == 0) {
+ return (save);
+ }
+ }
+}
+
+/* Read formatted data from a string */
+int sscanf (const char *buffer, const char *format, ...)
+{
+ //
+ // Null sscanf() function implementation to satisfy the linker, since
+ // no direct functionality logic dependency in present UEFI cases.
+ //
+ return 0;
+}
+
+//
+// -- Character Classification Routines --
+//
+
+/* Determines if a particular character is a decimal-digit character */
+int isdigit (int c)
+{
+ //
+ // <digit> ::= [0-9]
+ //
+ return (('0' <= (c)) && ((c) <= '9'));
+}
+
+/* Determine if an integer represents character that is a hex digit */
+int isxdigit (int c)
+{
+ //
+ // <hexdigit> ::= [0-9] | [a-f] | [A-F]
+ //
+ return ((('0' <= (c)) && ((c) <= '9')) ||
+ (('a' <= (c)) && ((c) <= 'f')) ||
+ (('A' <= (c)) && ((c) <= 'F')));
+}
+
+/* Determines if a particular character represents a space character */
+int isspace (int c)
+{
+ //
+ // <space> ::= [ ]
+ //
+ return ((c) == ' ');
+}
+
+/* Determine if a particular character is an alphanumeric character */
+int isalnum (int c)
+{
+ //
+ // <alnum> ::= [0-9] | [a-z] | [A-Z]
+ //
+ return ((('0' <= (c)) && ((c) <= '9')) ||
+ (('a' <= (c)) && ((c) <= 'z')) ||
+ (('A' <= (c)) && ((c) <= 'Z')));
+}
+
+/* Determines if a particular character is in upper case */
+int isupper (int c)
+{
+ //
+ // <uppercase letter> := [A-Z]
+ //
+ return (('A' <= (c)) && ((c) <= 'Z'));
+}
+
+//
+// -- Data Conversion Routines --
+//
+
+/* Convert strings to a long-integer value */
+long strtol (const char *nptr, char **endptr, int base)
+{
+ //
+ // Null strtol() function implementation to satisfy the linker, since there is
+ // no direct functionality logic dependency in present UEFI cases.
+ //
+ return 0;
+}
+
+/* Convert strings to an unsigned long-integer value */
+unsigned long strtoul (const char *nptr, char **endptr, int base)
+{
+ //
+ // Null strtoul() function implementation to satisfy the linker, since there is
+ // no direct functionality logic dependency in present UEFI cases.
+ //
+ return 0;
+}
+
+/* Convert character to lowercase */
+int tolower (int c)
+{
+ if (('A' <= (c)) && ((c) <= 'Z')) {
+ return (c - ('A' - 'a'));
+ }
+ return (c);
+}
+
+//
+// -- Searching and Sorting Routines --
+//
+
+/* Performs a quick sort */
+void qsort (void *base, size_t num, size_t width, int (*compare)(const void *, const void *))
+{
+ VOID *Buffer;
+
+ ASSERT (base != NULL);
+ ASSERT (compare != NULL);
+
+ Buffer = AllocatePool (width);
+ ASSERT (Buffer != NULL);
+
+ //
+ // Re-use PerformQuickSort() function Implementation in EDKII BaseSortLib.
+ //
+ QuickSortWorker (base, (UINTN)num, (UINTN)width, (SORT_COMPARE)compare, Buffer);
+
+ FreePool (Buffer);
+ return;
+}
+
+//
+// -- Process and Environment Control Routines --
+//
+
+/* Get a value from the current environment */
+char *getenv (const char *varname)
+{
+ //
+ // Null getenv() function implementation to satisfy the linker, since there is
+ // no direct functionality logic dependency in present UEFI cases.
+ //
+ return NULL;
+}
+
+//
+// -- Stream I/O Routines --
+//
+
+/* Write formatted output using a pointer to a list of arguments */
+int vfprintf (FILE *stream, const char *format, VA_LIST arg)
+{
+ return 0;
+}
+
+/* Write data to a stream */
+size_t fwrite (const void *buffer, size_t size, size_t count, FILE *stream)
+{
+ return 0;
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/HelperWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/HelperWrapper.c
new file mode 100644
index 0000000000..bf4399ca08
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/HelperWrapper.c
@@ -0,0 +1,54 @@
+/** @file
+ Wrapper Implementation of Helper Routines produced by the C Compiler
+ for the OpenSSL-based Cryptographic Library.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
+//---------------------------------------------------------
+// Helper Routines Wrapper
+//---------------------------------------------------------
+
+/* Divides a 64-bit signed value with a 64-bit signed value and returns
+ a 64-bit signed quotient and reminder */
+void _aulldvrm ()
+{
+ //
+ // Null _aulldvrm() Math function implementation to satisfy the linker, since
+ // there is no direct functionality logic dependency in present UEFI cases.
+ //
+ return;
+}
+
+
+/* Converts a scalar double-precision floating point value to a 32-bit integer */
+long _ftol2_sse (double dblSource)
+{
+ //
+ // OpenSSL uses this function due to using floating-point inside it.
+ // It is only present in 32-bit versions of the compiler.
+ // Null _ftol2_sse() function implementation to satisfy the linker, since
+ // there is no direct functionality logic dependency in present UEFI cases.
+ //
+ return 0;
+}
+
+/* Converts a scalar double-precision floating point value to a 32-bit integer */
+long _ftol2 (double dblSource)
+{
+ //
+ // Null _ftol2() function implementation to satisfy the linker, since
+ // there is no direct functionality logic dependency in present UEFI cases.
+ //
+ return 0;
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/Alloca.S b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/Alloca.S
new file mode 100644
index 0000000000..8496833ac8
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/Alloca.S
@@ -0,0 +1,59 @@
+#------------------------------------------------------------------------------
+#
+# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php.
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+# Module Name:
+#
+# Alloca.S
+#
+# Abstract:
+#
+# Implementation for allocation of automatically reclaimed memory, which is
+# used to allocate space off the runtime stack.
+# (NOTE: There is a assumption in this code that the page size equal to 4K)
+#
+#------------------------------------------------------------------------------
+
+
+ .686:
+ .code:
+
+ASM_GLOBAL ASM_PFX(_alloca)
+
+#------------------------------------------------------------------------------
+#
+# void __cdecl _alloca (unsigned size)
+#
+#------------------------------------------------------------------------------
+ASM_PFX(_alloca):
+
+ pushl %ecx
+ cmpl $0x1000, %eax
+ leal 8(%esp), %ecx
+ jb LastPage
+
+ProbePages:
+ subl $0x1000, %ecx
+ subl $0x1000, %eax
+ testl %eax, 0(%ecx)
+ cmpl $0x1000, %eax
+ jae ProbePages
+
+LastPage:
+ subl %eax, %ecx
+ movl %esp, %eax
+ testl %eax, 0(%ecx)
+
+ movl %ecx, %esp
+ movl 0(%eax), %ecx
+ movl 4(%eax), %eax
+ pushl %eax
+
+ ret
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathDivU64x64.S b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathDivU64x64.S
new file mode 100644
index 0000000000..f46d5b84f4
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathDivU64x64.S
@@ -0,0 +1,83 @@
+#------------------------------------------------------------------------------
+#
+# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php.
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+# Module Name:
+#
+# MathDivU64x64.S
+#
+# Abstract:
+#
+# 64-bit Math Worker Function.
+# Divides a 64-bit unsigned value with a 64-bit unsigned value and returns
+# a 64-bit unsigned result.
+#
+#------------------------------------------------------------------------------
+
+ .686:
+ .code:
+
+ASM_GLOBAL ASM_PFX(__udivdi3), ASM_PFX(DivU64x64Remainder)
+
+#------------------------------------------------------------------------------
+#
+# void __cdecl __udivdi3 (void)
+#
+#------------------------------------------------------------------------------
+ASM_PFX(__udivdi3):
+ # Original local stack when calling __udivdi3
+ # -----------------
+ # | |
+ # |---------------|
+ # | |
+ # |-- Divisor --|
+ # | |
+ # |---------------|
+ # | |
+ # |-- Dividend --|
+ # | |
+ # |---------------|
+ # | ReturnAddr** |
+ # ESP---->|---------------|
+ #
+
+ #
+ # Set up the local stack for NULL Reminder pointer
+ #
+ xorl %eax, %eax
+ push %eax
+
+ #
+ # Set up the local stack for Divisor parameter
+ #
+ movl 20(%esp), %eax
+ push %eax
+ movl 20(%esp), %eax
+ push %eax
+
+ #
+ # Set up the local stack for Dividend parameter
+ #
+ movl 20(%esp), %eax
+ push %eax
+ movl 20(%esp), %eax
+ push %eax
+
+ #
+ # Call native DivU64x64Remainder of BaseLib
+ #
+ jmp ASM_PFX(DivU64x64Remainder)
+
+ #
+ # Adjust stack
+ #
+ addl $20, %esp
+
+ ret $16
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathDivU64x64.c b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathDivU64x64.c
new file mode 100644
index 0000000000..4011653ae5
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathDivU64x64.c
@@ -0,0 +1,88 @@
+/** @file
+ 64-bit Math Worker Function.
+ The 32-bit versions of C compiler generate calls to library routines
+ to handle 64-bit math. These functions use non-standard calling conventions.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/BaseLib.h>
+
+
+/*
+ * Divides a 64-bit unsigned value with a 64-bit unsigned value and returns
+ * a 64-bit unsigned result.
+ */
+__declspec(naked) void __cdecl _aulldiv (void)
+{
+ //
+ // Wrapper Implementation over EDKII DivU64x64Reminder() routine
+ // UINT64
+ // EFIAPI
+ // DivU64x64Remainder (
+ // IN UINT64 Dividend,
+ // IN UINT64 Divisor,
+ // OUT UINT64 *Remainder OPTIONAL
+ // )
+ //
+ _asm {
+
+ ; Original local stack when calling _aulldiv
+ ; -----------------
+ ; | |
+ ; |---------------|
+ ; | |
+ ; |-- Divisor --|
+ ; | |
+ ; |---------------|
+ ; | |
+ ; |-- Dividend --|
+ ; | |
+ ; |---------------|
+ ; | ReturnAddr** |
+ ; ESP---->|---------------|
+ ;
+
+ ;
+ ; Set up the local stack for NULL Reminder pointer
+ ;
+ xor eax, eax
+ push eax
+
+ ;
+ ; Set up the local stack for Divisor parameter
+ ;
+ mov eax, [esp + 20]
+ push eax
+ mov eax, [esp + 20]
+ push eax
+
+ ;
+ ; Set up the local stack for Dividend parameter
+ ;
+ mov eax, [esp + 20]
+ push eax
+ mov eax, [esp + 20]
+ push eax
+
+ ;
+ ; Call native DivU64x64Remainder of BaseLib
+ ;
+ call DivU64x64Remainder
+
+ ;
+ ; Adjust stack
+ ;
+ add esp, 20
+
+ ret 16
+ }
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathLShiftS64.S b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathLShiftS64.S
new file mode 100644
index 0000000000..e89f553a08
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathLShiftS64.S
@@ -0,0 +1,62 @@
+#------------------------------------------------------------------------------
+#
+# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php.
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+# Module Name:
+#
+# MathLShiftS64.S
+#
+# Abstract:
+#
+# 64-bit Math Worker Function.
+# Shifts a 64-bit signed value left by a certain number of bits.
+#
+#------------------------------------------------------------------------------
+
+ .686:
+ .code:
+
+ASM_GLOBAL ASM_PFX(__ashldi3)
+
+#------------------------------------------------------------------------------
+#
+# void __cdecl __ashldi3 (void)
+#
+#------------------------------------------------------------------------------
+ASM_PFX(__ashldi3):
+ #
+ # Handle shifting of 64 or more bits (return 0)
+ #
+ cmpb $64, %cl
+ jae ReturnZero
+
+ #
+ # Handle shifting of between 0 and 31 bits
+ #
+ cmpb $32, %cl
+ jae More32
+ shld %cl, %eax, %edx
+ shl %cl, %eax
+ ret
+
+ #
+ # Handle shifting of between 32 and 63 bits
+ #
+More32:
+ movl %eax, %edx
+ xor %eax, %eax
+ and $31, %cl
+ shl %cl, %edx
+ ret
+
+ReturnZero:
+ xor %eax, %eax
+ xor %edx, %edx
+ ret
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathLShiftS64.c b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathLShiftS64.c
new file mode 100644
index 0000000000..2ea628a007
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathLShiftS64.c
@@ -0,0 +1,54 @@
+/** @file
+ 64-bit Math Worker Function.
+ The 32-bit versions of C compiler generate calls to library routines
+ to handle 64-bit math. These functions use non-standard calling conventions.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+
+/*
+ * Shifts a 64-bit signed value left by a particular number of bits.
+ */
+__declspec(naked) void __cdecl _allshl (void)
+{
+ _asm {
+ ;
+ ; Handle shifting of 64 or more bits (return 0)
+ ;
+ cmp cl, 64
+ jae short ReturnZero
+
+ ;
+ ; Handle shifting of between 0 and 31 bits
+ ;
+ cmp cl, 32
+ jae short More32
+ shld edx, eax, cl
+ shl eax, cl
+ ret
+
+ ;
+ ; Handle shifting of between 32 and 63 bits
+ ;
+More32:
+ mov edx, eax
+ xor eax, eax
+ and cl, 31
+ shl edx, cl
+ ret
+
+ReturnZero:
+ xor eax,eax
+ xor edx,edx
+ ret
+ }
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathMultS64x64.S b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathMultS64x64.S
new file mode 100644
index 0000000000..8a5f330e45
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathMultS64x64.S
@@ -0,0 +1,77 @@
+#------------------------------------------------------------------------------
+#
+# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php.
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+# Module Name:
+#
+# MathMultS64x64.S
+#
+# Abstract:
+#
+# 64-bit Math Worker Function.
+# Multiplies a 64-bit signed or unsigned value by a 64-bit signed or unsigned value
+# and returns a 64-bit result
+#
+#------------------------------------------------------------------------------
+
+ .686:
+ .code:
+
+ASM_GLOBAL ASM_PFX(_mulll), ASM_PFX(MultS64x64)
+
+#------------------------------------------------------------------------------
+#
+# void __cdecl __mulll (void)
+#
+#------------------------------------------------------------------------------
+ASM_PFX(__mulll):
+ # Original local stack when calling __mulll
+ # -----------------
+ # | |
+ # |---------------|
+ # | |
+ # |--Multiplier --|
+ # | |
+ # |---------------|
+ # | |
+ # |--Multiplicand-|
+ # | |
+ # |---------------|
+ # | ReturnAddr** |
+ # ESP---->|---------------|
+ #
+
+ #
+ # Set up the local stack for Multiplicand parameter
+ #
+ movl 16(%esp), %eax
+ push %eax
+ movl 16(%esp), %eax
+ push %eax
+
+ #
+ # Set up the local stack for Multiplier parameter
+ #
+ movl 16(%esp), %eax
+ push %eax
+ movl 16(%esp), %eax
+ push %eax
+
+ #
+ # Call native MulS64x64 of BaseLib
+ #
+ jmp ASM_PFX(MultS64x64)
+
+ #
+ # Adjust stack
+ #
+ add $16, %esp
+
+ ret $16
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathMultS64x64.c b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathMultS64x64.c
new file mode 100644
index 0000000000..17a20bf629
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathMultS64x64.c
@@ -0,0 +1,79 @@
+/** @file
+ 64-bit Math Worker Function.
+ The 32-bit versions of C compiler generate calls to library routines
+ to handle 64-bit math. These functions use non-standard calling conventions.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/BaseLib.h>
+
+/*
+ * Multiplies a 64-bit signed or unsigned value by a 64-bit signed or unsigned value
+ * and returns a 64-bit result.
+ */
+__declspec(naked) void __cdecl _allmul (void)
+{
+ //
+ // Wrapper Implementation over EDKII MultS64x64() routine
+ // INT64
+ // EFIAPI
+ // MultS64x64 (
+ // IN INT64 Multiplicand,
+ // IN INT64 Multiplier
+ // )
+ //
+ _asm {
+ ; Original local stack when calling _allmul
+ ; -----------------
+ ; | |
+ ; |---------------|
+ ; | |
+ ; |--Multiplier --|
+ ; | |
+ ; |---------------|
+ ; | |
+ ; |--Multiplicand-|
+ ; | |
+ ; |---------------|
+ ; | ReturnAddr** |
+ ; ESP---->|---------------|
+ ;
+
+ ;
+ ; Set up the local stack for Multiplicand parameter
+ ;
+ mov eax, [esp + 16]
+ push eax
+ mov eax, [esp + 16]
+ push eax
+
+ ;
+ ; Set up the local stack for Multiplier parameter
+ ;
+ mov eax, [esp + 16]
+ push eax
+ mov eax, [esp + 16]
+ push eax
+
+ ;
+ ; Call native MulS64x64 of BaseLib
+ ;
+ call MultS64x64
+
+ ;
+ ; Adjust stack
+ ;
+ add esp, 16
+
+ ret 16
+ }
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathRShiftU64.S b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathRShiftU64.S
new file mode 100644
index 0000000000..3a8a132564
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathRShiftU64.S
@@ -0,0 +1,66 @@
+#------------------------------------------------------------------------------
+#
+# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php.
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+# Module Name:
+#
+# MathRShiftU64.S
+#
+# Abstract:
+#
+# 64-bit Math Worker Function.
+# Shifts a 64-bit unsigned value right by a certain number of bits.
+#
+#------------------------------------------------------------------------------
+
+
+ .686:
+ .code:
+
+ASM_GLOBAL ASM_PFX(__ashrdi3)
+
+#------------------------------------------------------------------------------
+#
+# void __cdecl __ashrdi3 (void)
+#
+#------------------------------------------------------------------------------
+ASM_PFX(__ashrdi3):
+ #
+ # Checking: Only handle 64bit shifting or more
+ #
+ cmpb $64, %cl
+ jae _Exit
+
+ #
+ # Handle shifting between 0 and 31 bits
+ #
+ cmpb $32, %cl
+ jae More32
+ shrd %cl, %edx, %eax
+ shr %cl, %edx
+ ret
+
+ #
+ # Handle shifting of 32-63 bits
+ #
+More32:
+ movl %edx, %eax
+ xor %edx, %edx
+ and $32, %cl
+ shr %cl, %eax
+ ret
+
+ #
+ # Invalid number (less then 32bits), return 0
+ #
+_Exit:
+ xor %eax, %eax
+ xor %edx, %edx
+ ret
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathRShiftU64.c b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathRShiftU64.c
new file mode 100644
index 0000000000..b7224d6455
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathRShiftU64.c
@@ -0,0 +1,57 @@
+/** @file
+ 64-bit Math Worker Function.
+ The 32-bit versions of C compiler generate calls to library routines
+ to handle 64-bit math. These functions use non-standard calling conventions.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+
+/*
+ * Shifts a 64-bit unsigned value right by a certain number of bits.
+ */
+__declspec(naked) void __cdecl _aullshr (void)
+{
+ _asm {
+ ;
+ ; Checking: Only handle 64bit shifting or more
+ ;
+ cmp cl, 64
+ jae _Exit
+
+ ;
+ ; Handle shifting between 0 and 31 bits
+ ;
+ cmp cl, 32
+ jae More32
+ shrd eax, edx, cl
+ shr edx, cl
+ ret
+
+ ;
+ ; Handle shifting of 32-63 bits
+ ;
+More32:
+ mov eax, edx
+ xor edx, edx
+ and cl, 31
+ shr eax, cl
+ ret
+
+ ;
+ ; Invalid number (less then 32bits), return 0
+ ;
+_Exit:
+ xor eax, eax
+ xor edx, edx
+ ret
+ }
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathReminderU64x64.S b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathReminderU64x64.S
new file mode 100644
index 0000000000..7c1f971644
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathReminderU64x64.S
@@ -0,0 +1,89 @@
+#------------------------------------------------------------------------------
+#
+# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php.
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+# Module Name:
+#
+# MathReminderU64x64.S
+#
+# Abstract:
+#
+# 64-bit Math Worker Function.
+# Divides a 64-bit unsigned value by another 64-bit unsigned value and returns
+# the 64-bit unsigned remainder
+#
+#------------------------------------------------------------------------------
+
+ .686:
+ .code:
+
+ASM_GLOBAL ASM_PFX(__umoddi3), ASM_PFX(DivU64x64Remainder)
+
+#------------------------------------------------------------------------------
+#
+# void __cdecl __umoddi3 (void)
+#
+#------------------------------------------------------------------------------
+ASM_PFX(__umoddi3):
+ # Original local stack when calling __umoddi3
+ # -----------------
+ # | |
+ # |---------------|
+ # | |
+ # |-- Divisor --|
+ # | |
+ # |---------------|
+ # | |
+ # |-- Dividend --|
+ # | |
+ # |---------------|
+ # | ReturnAddr** |
+ # ESP---->|---------------|
+ #
+
+ #
+ # Set up the local stack for Reminder pointer
+ #
+ sub $8, %esp
+ push %esp
+
+ #
+ # Set up the local stack for Divisor parameter
+ #
+ movl 28(%esp), %eax
+ push %eax
+ movl 28(%esp), %eax
+ push %eax
+
+ #
+ # Set up the local stack for Dividend parameter
+ #
+ movl 28(%esp), %eax
+ push %eax
+ movl 28(%esp), %eax
+ push %eax
+
+ #
+ # Call native DivU64x64Remainder of BaseLib
+ #
+ jmp ASM_PFX(DivU64x64Remainder)
+
+ #
+ # Put the Reminder in EDX:EAX as return value
+ #
+ movl 20(%esp), %eax
+ movl 24(%esp), %edx
+
+ #
+ # Adjust stack
+ #
+ add $28, %esp
+
+ ret $16
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathReminderU64x64.c b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathReminderU64x64.c
new file mode 100644
index 0000000000..be70770ebb
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/MathReminderU64x64.c
@@ -0,0 +1,93 @@
+/** @file
+ 64-bit Math Worker Function.
+ The 32-bit versions of C compiler generate calls to library routines
+ to handle 64-bit math. These functions use non-standard calling conventions.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/BaseLib.h>
+
+
+/*
+ * Divides a 64-bit unsigned value by another 64-bit unsigned value and returns
+ * the 64-bit unsigned remainder.
+ */
+__declspec(naked) void __cdecl _aullrem(void)
+{
+ //
+ // Wrapper Implementation over EDKII DivU64x64Remainder() routine
+ // UINT64
+ // EFIAPI
+ // DivU64x64Remainder (
+ // IN UINT64 Dividend,
+ // IN UINT64 Divisor,
+ // OUT UINT64 *Remainder OPTIONAL
+ // )
+ //
+ _asm {
+ ; Original local stack when calling _aullrem
+ ; -----------------
+ ; | |
+ ; |---------------|
+ ; | |
+ ; |-- Divisor --|
+ ; | |
+ ; |---------------|
+ ; | |
+ ; |-- Dividend --|
+ ; | |
+ ; |---------------|
+ ; | ReturnAddr** |
+ ; ESP---->|---------------|
+ ;
+
+ ;
+ ; Set up the local stack for Reminder pointer
+ ;
+ sub esp, 8
+ push esp
+
+ ;
+ ; Set up the local stack for Divisor parameter
+ ;
+ mov eax, [esp + 28]
+ push eax
+ mov eax, [esp + 28]
+ push eax
+
+ ;
+ ; Set up the local stack for Dividend parameter
+ ;
+ mov eax, [esp + 28]
+ push eax
+ mov eax, [esp + 28]
+ push eax
+
+ ;
+ ; Call native DivU64x64Remainder of BaseLib
+ ;
+ call DivU64x64Remainder
+
+ ;
+ ; Put the Reminder in EDX:EAX as return value
+ ;
+ mov eax, [esp + 20]
+ mov edx, [esp + 24]
+
+ ;
+ ; Adjust stack
+ ;
+ add esp, 28
+
+ ret 16
+ }
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c b/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c
new file mode 100644
index 0000000000..f615ae8f90
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c
@@ -0,0 +1,438 @@
+/** @file
+ Light-weight Memory Management Routines for OpenSSL-based Crypto
+ Library at Runtime Phase.
+
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiRuntimeLib.h>
+#include <Guid/EventGroup.h>
+
+//----------------------------------------------------------------
+// Initial version. Needs further optimizations.
+//----------------------------------------------------------------
+
+//
+// Definitions for Runtime Memory Operations
+//
+#define RT_PAGE_SIZE 0x200
+#define RT_PAGE_MASK 0x1FF
+#define RT_PAGE_SHIFT 9
+
+#define RT_SIZE_TO_PAGES(a) (((a) >> RT_PAGE_SHIFT) + (((a) & RT_PAGE_MASK) ? 1 : 0))
+#define RT_PAGES_TO_SIZE(a) ((a) << RT_PAGE_SHIFT)
+
+//
+// Page Flag Definitions
+//
+#define RT_PAGE_FREE 0x00000000
+#define RT_PAGE_USED 0x00000001
+
+#define MIN_REQUIRED_BLOCKS 24
+
+//
+// Memory Page Table
+//
+typedef struct {
+ UINTN StartPageOffset; // Offset of the starting page allocated.
+ // Only available for USED pages.
+ UINT32 PageFlag; // Page Attributes.
+} RT_MEMORY_PAGE_ENTRY;
+
+typedef struct {
+ UINTN PageCount;
+ UINTN LastEmptyPageOffset;
+ UINT8 *DataAreaBase; // Pointer to data Area.
+ RT_MEMORY_PAGE_ENTRY Pages[1]; // Page Table Entries.
+} RT_MEMORY_PAGE_TABLE;
+
+//
+// Global Page Table for Runtime Cryptographic Provider.
+//
+RT_MEMORY_PAGE_TABLE *mRTPageTable = NULL;
+
+//
+// Event for Runtime Address Conversion.
+//
+EFI_EVENT mVirtualAddressChangeEvent;
+
+
+/**
+ Initializes pre-allocated memory pointed by ScratchBuffer for subsequent
+ runtime use.
+
+ @param[in, out] ScratchBuffer Pointer to user-supplied memory buffer.
+ @param[in] ScratchBufferSize Size of supplied buffer in bytes.
+
+ @retval EFI_SUCCESS Successful initialization.
+
+**/
+EFI_STATUS
+InitializeScratchMemory (
+ IN OUT UINT8 *ScratchBuffer,
+ IN UINTN ScratchBufferSize
+ )
+{
+ UINTN Index;
+ UINTN MemorySize;
+
+ //
+ // Parameters Checking
+ //
+ if (ScratchBuffer == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ if (ScratchBufferSize < MIN_REQUIRED_BLOCKS * 1024) {
+ return EFI_BUFFER_TOO_SMALL;
+ }
+
+ mRTPageTable = (RT_MEMORY_PAGE_TABLE *)ScratchBuffer;
+
+ //
+ // Initialize Internal Page Table for Memory Management
+ //
+ SetMem (mRTPageTable, ScratchBufferSize, 0xFF);
+ MemorySize = ScratchBufferSize - sizeof (RT_MEMORY_PAGE_TABLE) + sizeof (RT_MEMORY_PAGE_ENTRY);
+
+ mRTPageTable->PageCount = MemorySize / (RT_PAGE_SIZE + sizeof (RT_MEMORY_PAGE_ENTRY));
+ mRTPageTable->LastEmptyPageOffset = 0x0;
+
+ for (Index = 0; Index < mRTPageTable->PageCount; Index++) {
+ mRTPageTable->Pages[Index].PageFlag = RT_PAGE_FREE;
+ mRTPageTable->Pages[Index].StartPageOffset = 0;
+ }
+
+ mRTPageTable->DataAreaBase = ScratchBuffer + sizeof (RT_MEMORY_PAGE_TABLE) +
+ (mRTPageTable->PageCount - 1) * sizeof (RT_MEMORY_PAGE_ENTRY);
+
+ return EFI_SUCCESS;
+}
+
+
+/**
+ Look-up Free memory Region for object allocation.
+
+ @param[in] AllocationSize Bytes to be allocated.
+
+ @return Return available page offset for object allocation.
+
+**/
+UINTN
+LookupFreeMemRegion (
+ IN UINTN AllocationSize
+ )
+{
+ UINTN StartPageIndex;
+ UINTN Index;
+ UINTN SubIndex;
+ UINTN ReqPages;
+
+ StartPageIndex = RT_SIZE_TO_PAGES (mRTPageTable->LastEmptyPageOffset);
+ ReqPages = RT_SIZE_TO_PAGES (AllocationSize);
+
+ //
+ // Look up the free memory region with in current memory map table.
+ //
+ for (Index = StartPageIndex; Index <= (mRTPageTable->PageCount - ReqPages); ) {
+ //
+ // Check consecutive ReqPages pages.
+ //
+ for (SubIndex = 0; SubIndex < ReqPages; SubIndex++) {
+ if ((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0) {
+ break;
+ }
+ }
+
+ if (SubIndex == ReqPages) {
+ //
+ // Succeed! Return the Starting Offset.
+ //
+ return RT_PAGES_TO_SIZE (Index);
+ }
+
+ //
+ // Failed! Skip current free memory pages and adjacent Used pages
+ //
+ while ((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0) {
+ SubIndex++;
+ }
+
+ Index += SubIndex;
+ }
+
+ //
+ // Look up the free memory region from the beginning of the memory table
+ // until the StartCursorOffset
+ //
+ for (Index = 0; Index < (StartPageIndex - ReqPages); ) {
+ //
+ // Check Consecutive ReqPages Pages.
+ //
+ for (SubIndex = 0; SubIndex < ReqPages; SubIndex++) {
+ if ((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0) {
+ break;
+ }
+ }
+
+ if (SubIndex == ReqPages) {
+ //
+ // Succeed! Return the Starting Offset.
+ //
+ return RT_PAGES_TO_SIZE (Index);
+ }
+
+ //
+ // Failed! Skip current adjacent Used pages
+ //
+ while ((SubIndex < (StartPageIndex - ReqPages)) &&
+ ((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0)) {
+ SubIndex++;
+ }
+
+ Index += SubIndex;
+ }
+
+ //
+ // No availabe region for object allocation!
+ //
+ return (UINTN)(-1);
+}
+
+
+/**
+ Allocates a buffer at runtime phase.
+
+ @param[in] AllocationSize Bytes to be allocated.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+RuntimeAllocateMem (
+ IN UINTN AllocationSize
+ )
+{
+ UINT8 *AllocPtr;
+ UINTN ReqPages;
+ UINTN Index;
+ UINTN StartPage;
+ UINTN AllocOffset;
+
+ AllocPtr = NULL;
+ ReqPages = 0;
+
+ //
+ // Look for available consecutive memory region starting from LastEmptyPageOffset.
+ // If no proper memory region found, look up from the beginning.
+ // If still not found, return NULL to indicate failed allocation.
+ //
+ AllocOffset = LookupFreeMemRegion (AllocationSize);
+ if (AllocOffset == (UINTN)(-1)) {
+ return NULL;
+ }
+
+ //
+ // Allocates consecutive memory pages with length of Size. Update the page
+ // table status. Returns the starting address.
+ //
+ ReqPages = RT_SIZE_TO_PAGES (AllocationSize);
+ AllocPtr = mRTPageTable->DataAreaBase + AllocOffset;
+ StartPage = RT_SIZE_TO_PAGES (AllocOffset);
+ Index = 0;
+ while (Index < ReqPages) {
+ mRTPageTable->Pages[StartPage + Index].PageFlag |= RT_PAGE_USED;
+ mRTPageTable->Pages[StartPage + Index].StartPageOffset = AllocOffset;
+
+ Index++;
+ }
+
+ mRTPageTable->LastEmptyPageOffset = AllocOffset + RT_PAGES_TO_SIZE (ReqPages);
+
+ ZeroMem (AllocPtr, AllocationSize);
+
+ //
+ // Returns a void pointer to the allocated space
+ //
+ return AllocPtr;
+}
+
+
+/**
+ Frees a buffer that was previously allocated at runtime phase.
+
+ @param[in] Buffer Pointer to the buffer to free.
+
+**/
+VOID
+RuntimeFreeMem (
+ IN VOID *Buffer
+ )
+{
+ UINTN StartOffset;
+ UINTN StartPageIndex;
+
+ StartOffset = (UINTN) ((UINT8 *)Buffer - mRTPageTable->DataAreaBase);
+ StartPageIndex = RT_SIZE_TO_PAGES (mRTPageTable->Pages[RT_SIZE_TO_PAGES(StartOffset)].StartPageOffset);
+
+ while (StartPageIndex < mRTPageTable->PageCount) {
+ if (((mRTPageTable->Pages[StartPageIndex].PageFlag & RT_PAGE_USED) != 0) &&
+ (mRTPageTable->Pages[StartPageIndex].StartPageOffset == StartOffset)) {
+ //
+ // Free this page
+ //
+ mRTPageTable->Pages[StartPageIndex].PageFlag &= ~RT_PAGE_USED;
+ mRTPageTable->Pages[StartPageIndex].PageFlag |= RT_PAGE_FREE;
+ mRTPageTable->Pages[StartPageIndex].StartPageOffset = 0;
+
+ StartPageIndex++;
+ } else {
+ break;
+ }
+ }
+
+ return;
+}
+
+
+/**
+ Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE.
+
+ This is a notification function registered on EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE
+ event. It converts a pointer to a new virtual address.
+
+ @param[in] Event The event whose notification function is being invoked.
+ @param[in] Context The pointer to the notification function's context.
+
+**/
+VOID
+EFIAPI
+RuntimeCryptLibAddressChangeEvent (
+ IN EFI_EVENT Event,
+ IN VOID *Context
+ )
+{
+ //
+ // Converts a pointer for runtime memory management to a new virtual address.
+ //
+ EfiConvertPointer (0x0, (VOID **) &mRTPageTable->DataAreaBase);
+ EfiConvertPointer (0x0, (VOID **) &mRTPageTable);
+}
+
+
+/**
+ Constructor routine for runtime crypt library instance.
+
+ The constructor function pre-allocates space for runtime cryptographic operation.
+
+ @param ImageHandle The firmware allocated handle for the EFI image.
+ @param SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS The construction succeeded.
+ @retval EFI_OUT_OF_RESOURCE Failed to allocate memory.
+
+**/
+EFI_STATUS
+EFIAPI
+RuntimeCryptLibConstructor (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+ VOID *Buffer;
+
+ //
+ // Pre-allocates runtime space for possible cryptographic operations
+ //
+ Buffer = AllocateRuntimePool (MIN_REQUIRED_BLOCKS * 1024);
+ Status = InitializeScratchMemory (Buffer, MIN_REQUIRED_BLOCKS * 1024);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ //
+ // Create address change event
+ //
+ Status = gBS->CreateEventEx (
+ EVT_NOTIFY_SIGNAL,
+ TPL_NOTIFY,
+ RuntimeCryptLibAddressChangeEvent,
+ NULL,
+ &gEfiEventVirtualAddressChangeGuid,
+ &mVirtualAddressChangeEvent
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ return Status;
+}
+
+
+//
+// -- Memory-Allocation Routines Wrapper for UEFI-OpenSSL Library --
+//
+
+/* Allocates memory blocks */
+void *malloc (size_t size)
+{
+ return RuntimeAllocateMem ((UINTN)size);
+}
+
+/* Reallocate memory blocks */
+void *realloc (void *ptr, size_t size)
+{
+ VOID *NewPtr;
+ UINTN StartOffset;
+ UINTN StartPageIndex;
+ UINTN PageCount;
+
+ //
+ // Get Original Size of ptr
+ //
+ StartOffset = (UINTN) ((UINT8 *)ptr - mRTPageTable->DataAreaBase);
+ StartPageIndex = RT_SIZE_TO_PAGES (mRTPageTable->Pages[RT_SIZE_TO_PAGES (StartOffset)].StartPageOffset);
+ PageCount = 0;
+ while (StartPageIndex < mRTPageTable->PageCount) {
+ if (((mRTPageTable->Pages[StartPageIndex].PageFlag & RT_PAGE_USED) != 0) &&
+ (mRTPageTable->Pages[StartPageIndex].StartPageOffset == StartOffset)) {
+ StartPageIndex++;
+ PageCount++;
+ } else {
+ break;
+ }
+ }
+
+ if (size <= RT_PAGES_TO_SIZE (PageCount)) {
+ //
+ // Return the original pointer, if Caller try to reduce region size;
+ //
+ return ptr;
+ }
+
+ NewPtr = RuntimeAllocateMem ((UINTN) size);
+ if (NewPtr == NULL) {
+ return NULL;
+ }
+
+ CopyMem (NewPtr, ptr, RT_PAGES_TO_SIZE (PageCount));
+
+ RuntimeFreeMem (ptr);
+
+ return NewPtr;
+}
+
+/* Deallocates or frees a memory block */
+void free (void *ptr)
+{
+ RuntimeFreeMem (ptr);
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
new file mode 100644
index 0000000000..20928e1595
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
@@ -0,0 +1,102 @@
+/** @file
+ C Run-Time Libraries (CRT) Time Management Routines Wrapper Implementation
+ for OpenSSL-based Cryptographic Library (used in DXE & RUNTIME).
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Uefi.h>
+#include <OpenSslSupport.h>
+#include <Library/UefiRuntimeServicesTableLib.h>
+
+//
+// -- Time Management Routines --
+//
+
+#define IsLeap(y) (((y) % 4) == 0 && (((y) % 100) != 0 || ((y) % 400) == 0))
+#define SECSPERHOUR (60 * 60)
+#define SECSPERDAY (24 * SECSPERHOUR)
+
+//
+// The arrays give the cumulative number of days up to the first of the
+// month number used as the index (1 -> 12) for regular and leap years.
+// The value at index 13 is for the whole year.
+//
+UINTN CumulativeDays[2][14] = {
+ {
+ 0,
+ 0,
+ 31,
+ 31 + 28,
+ 31 + 28 + 31,
+ 31 + 28 + 31 + 30,
+ 31 + 28 + 31 + 30 + 31,
+ 31 + 28 + 31 + 30 + 31 + 30,
+ 31 + 28 + 31 + 30 + 31 + 30 + 31,
+ 31 + 28 + 31 + 30 + 31 + 30 + 31 + 31,
+ 31 + 28 + 31 + 30 + 31 + 30 + 31 + 31 + 30,
+ 31 + 28 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31,
+ 31 + 28 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31 + 30,
+ 31 + 28 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31 + 30 + 31
+ },
+ {
+ 0,
+ 0,
+ 31,
+ 31 + 29,
+ 31 + 29 + 31,
+ 31 + 29 + 31 + 30,
+ 31 + 29 + 31 + 30 + 31,
+ 31 + 29 + 31 + 30 + 31 + 30,
+ 31 + 29 + 31 + 30 + 31 + 30 + 31,
+ 31 + 29 + 31 + 30 + 31 + 30 + 31 + 31,
+ 31 + 29 + 31 + 30 + 31 + 30 + 31 + 31 + 30,
+ 31 + 29 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31,
+ 31 + 29 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31 + 30,
+ 31 + 29 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31 + 30 + 31
+ }
+};
+
+/* Get the system time as seconds elapsed since midnight, January 1, 1970. */
+//INTN time(
+// INTN *timer
+// )
+time_t time (time_t *timer)
+{
+ EFI_TIME Time;
+ UINTN Year;
+
+ //
+ // Get the current time and date information
+ //
+ gRT->GetTime (&Time, NULL);
+
+ //
+ // Years Handling
+ // UTime should now be set to 00:00:00 on Jan 1 of the current year.
+ //
+ for (Year = 1970, *timer = 0; Year != Time.Year; Year++) {
+ *timer = *timer + (time_t)(CumulativeDays[IsLeap(Year)][13] * SECSPERDAY);
+ }
+
+ //
+ // Add in number of seconds for current Month, Day, Hour, Minute, Seconds, and TimeZone adjustment
+ //
+ *timer = *timer +
+ (time_t)((Time.TimeZone != EFI_UNSPECIFIED_TIMEZONE) ? (Time.TimeZone * 60) : 0) +
+ (time_t)(CumulativeDays[IsLeap(Time.Year)][Time.Month] * SECSPERDAY) +
+ (time_t)(((Time.Day > 0) ? Time.Day - 1 : 0) * SECSPERDAY) +
+ (time_t)(Time.Hour * SECSPERHOUR) +
+ (time_t)(Time.Minute * 60) +
+ (time_t)Time.Second;
+
+ return *timer;
+}
diff --git a/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/BaseCryptLibRuntimeCryptProtocol.inf b/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/BaseCryptLibRuntimeCryptProtocol.inf
new file mode 100644
index 0000000000..0f1b0eb093
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/BaseCryptLibRuntimeCryptProtocol.inf
@@ -0,0 +1,49 @@
+## @file
+# Cryptographic Library Instance based on Runtime Crypt Protocol.
+# This instance will be only used by the Authenticated Variable driver for IPF.
+#
+# Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = BaseCryptLibRuntimeCryptProtocol
+ FILE_GUID = BBB31581-855A-44D7-A550-8A585D9B2DE9
+ MODULE_TYPE = DXE_RUNTIME_DRIVER
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = BaseCryptLib|DXE_RUNTIME_DRIVER DXE_SAL_DRIVER
+ CONSTRUCTOR = RuntimeDxeIpfCryptLibConstructor
+ DESTRUCTOR = RuntimeDxeIpfCryptLibDestructor
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IPF
+#
+
+[Sources]
+ RuntimeDxeIpfCryptLib.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ DebugLib
+
+[Guids]
+ gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
+
+[Protocols]
+ gEfiRuntimeCryptProtocolGuid ## CONSUMES
+
+[Depex]
+ gEfiRuntimeCryptProtocolGuid
diff --git a/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/RuntimeDxeIpfCryptLib.c b/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/RuntimeDxeIpfCryptLib.c
new file mode 100644
index 0000000000..7f893b91df
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/RuntimeDxeIpfCryptLib.c
@@ -0,0 +1,390 @@
+/** @file
+ Implementation of The runtime cryptographic library instance (for IPF).
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Uefi.h>
+
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiRuntimeLib.h>
+
+#include <Protocol/RuntimeCrypt.h>
+
+#include <Guid/EventGroup.h>
+
+EFI_RUNTIME_CRYPT_PROTOCOL *mCryptProtocol = NULL;
+EFI_EVENT mIpfCryptLibVirtualNotifyEvent;
+
+/**
+ Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE, which converts
+ pointer to new virtual address.
+
+ @param Event Event whose notification function is being invoked.
+ @param Context Pointer to the notification function's context
+
+**/
+VOID
+EFIAPI
+IpfCryptLibAddressChangeEvent (
+ IN EFI_EVENT Event,
+ IN VOID *Context
+ )
+{
+ //
+ // Convert Address of Runtime Crypto Protocol.
+ //
+ EfiConvertPointer (0x0, (VOID **) &mCryptProtocol);
+}
+
+/**
+ Constructor of IPF Crypto Library Instance.
+ This function locates the Runtime Crypt Protocol and register notification
+ function for EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
+
+ @param ImageHandle The firmware allocated handle for the EFI image.
+ @param SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS.
+
+**/
+EFI_STATUS
+EFIAPI
+RuntimeDxeIpfCryptLibConstructor (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+
+ //
+ // Locate Runtime Crypt Protocol Instance
+ //
+ Status = gBS->LocateProtocol (
+ &gEfiRuntimeCryptProtocolGuid,
+ NULL,
+ (VOID**) &mCryptProtocol
+ );
+ ASSERT_EFI_ERROR (Status);
+ ASSERT (mCryptProtocol != NULL);
+
+ //
+ // Register SetVirtualAddressMap () notify function
+ //
+ Status = gBS->CreateEventEx (
+ EVT_NOTIFY_SIGNAL,
+ TPL_NOTIFY,
+ IpfCryptLibAddressChangeEvent,
+ NULL,
+ &gEfiEventVirtualAddressChangeGuid,
+ &mIpfCryptLibVirtualNotifyEvent
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ return Status;
+}
+
+/**
+ Destructor of IPF Crypto Library Instance.
+
+ @param ImageHandle The firmware allocated handle for the EFI image.
+ @param SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS The destructor completed successfully.
+ @retval Other value The destructor did not complete successfully.
+
+**/
+EFI_STATUS
+EFIAPI
+RuntimeDxeIpfCryptLibDestructor (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+
+ //
+ // Close the Set Virtual Address Map event
+ //
+ Status = gBS->CloseEvent (mIpfCryptLibVirtualNotifyEvent);
+ ASSERT_EFI_ERROR (Status);
+
+ return Status;
+}
+
+/**
+ Check whether crypto service provided by Runtime Crypt protocol is ready to use.
+
+ Crypto service is available if the call is in physical mode prior to
+ SetVirtualAddressMap() or virtual mode after SetVirtualAddressMap(). If either
+ of these two conditions are met, this routine will return TRUE; if neither of
+ these conditions are met, this routine will return FALSE.
+
+ @retval TRUE The Crypto service is ready to use.
+ @retval FALSE The Crypto service is not available.
+
+**/
+BOOLEAN
+EFIAPI
+InternalIsCryptServiveAvailable (
+ VOID
+ )
+{
+ INT64 CpuMode;
+ BOOLEAN GoneVirtual;
+
+ CpuMode = AsmCpuVirtual();
+ if (CpuMode < 0) {
+ //
+ // CPU is in mixed mode, return failing the operation gracefully.
+ //
+ return FALSE;
+ }
+
+ GoneVirtual = EfiGoneVirtual();
+
+ if ((CpuMode > 0) && !GoneVirtual) {
+ //
+ // CPU is in virtual mode, but SetVirtualAddressMap() has not been called,
+ // so return failing the operation gracefully.
+ //
+ return FALSE;
+ }
+
+ if ((CpuMode == 0) && GoneVirtual) {
+ //
+ // CPU is in physical mode, but SetVirtualAddressMap() has been called,
+ // so return failing the operation gracefully.
+ //
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-256 operations.
+
+ @return The size, in bytes, of the context buffer required for SHA-256 operations.
+
+**/
+UINTN
+EFIAPI
+Sha256GetContextSize (
+ VOID
+ )
+{
+ if (!InternalIsCryptServiveAvailable ()) {
+ return 0;
+ }
+
+ return mCryptProtocol->Sha256GetContextSize ();
+}
+
+/**
+ Initializes user-supplied memory pointed by Sha256Context as SHA-256 hash context for
+ subsequent use.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 Context being initialized.
+
+ @retval TRUE SHA-256 context initialization succeeded.
+ @retval FALSE SHA-256 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha256Init (
+ IN OUT VOID *Sha256Context
+ )
+{
+ if (!InternalIsCryptServiveAvailable ()) {
+ return FALSE;
+ }
+
+ return mCryptProtocol->Sha256Init (Sha256Context);
+}
+
+
+/**
+ Performs SHA-256 digest on a data buffer of the specified length. This function can
+ be called multiple times to compute the digest of long or discontinuous data streams.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to the SHA-256 context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataLength Length of Data buffer in bytes.
+
+ @retval TRUE SHA-256 data digest succeeded.
+ @retval FALSE Invalid SHA-256 context. After Sha256Final function has been called, the
+ SHA-256 context cannot be reused.
+
+**/
+BOOLEAN
+EFIAPI
+Sha256Update (
+ IN OUT VOID *Sha256Context,
+ IN CONST VOID *Data,
+ IN UINTN DataLength
+ )
+{
+ if (!InternalIsCryptServiveAvailable ()) {
+ return FALSE;
+ }
+
+ return mCryptProtocol->Sha256Update (Sha256Context, Data, DataLength);
+}
+
+/**
+ Completes SHA-256 hash computation and retrieves the digest value into the specified
+ memory. After this function has been called, the SHA-256 context cannot be used again.
+
+ If Sha256Context is NULL, then ASSERT().
+ If HashValue is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 context
+ @param[out] HashValue Pointer to a buffer that receives the SHA-256 digest
+ value (32 bytes).
+
+ @retval TRUE SHA-256 digest computation succeeded.
+ @retval FALSE SHA-256 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha256Final (
+ IN OUT VOID *Sha256Context,
+ OUT UINT8 *HashValue
+ )
+{
+ if (!InternalIsCryptServiveAvailable ()) {
+ return FALSE;
+ }
+
+ return mCryptProtocol->Sha256Final (Sha256Context, HashValue);
+}
+
+/**
+ Allocates and Initializes one RSA Context for subsequent use.
+
+ @return Pointer to the RSA Context that has been initialized.
+ If the allocations fails, RsaNew() returns NULL.
+
+**/
+VOID *
+EFIAPI
+RsaNew (
+ VOID
+ )
+{
+ if (!InternalIsCryptServiveAvailable ()) {
+ return FALSE;
+ }
+
+ return mCryptProtocol->RsaNew ();
+}
+
+/**
+ Release the specified RSA Context.
+
+ @param[in] RsaContext Pointer to the RSA context to be released.
+
+**/
+VOID
+EFIAPI
+RsaFree (
+ IN VOID *RsaContext
+ )
+{
+ if (!InternalIsCryptServiveAvailable ()) {
+ return;
+ }
+
+ mCryptProtocol->RsaFree (RsaContext);
+}
+
+/**
+ Sets the tag-designated RSA key component into the established RSA context from
+ the user-specified nonnegative integer (octet string format represented in RSA
+ PKCS#1).
+
+ If RsaContext is NULL, then ASSERT().
+
+ @param[in, out] RsaContext Pointer to RSA context being set.
+ @param[in] KeyTag Tag of RSA key component being set.
+ @param[in] BigNumber Pointer to octet integer buffer.
+ @param[in] BnLength Length of big number buffer in bytes.
+
+ @return TRUE RSA key component was set successfully.
+ @return FALSE Invalid RSA key component tag.
+
+**/
+BOOLEAN
+EFIAPI
+RsaSetKey (
+ IN OUT VOID *RsaContext,
+ IN RSA_KEY_TAG KeyTag,
+ IN CONST UINT8 *BigNumber,
+ IN UINTN BnLength
+ )
+{
+ if (!InternalIsCryptServiveAvailable ()) {
+ return FALSE;
+ }
+
+ return mCryptProtocol->RsaSetKey (RsaContext, KeyTag, BigNumber, BnLength);
+}
+
+/**
+ Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in
+ RSA PKCS#1.
+
+ If RsaContext is NULL, then ASSERT().
+ If MessageHash is NULL, then ASSERT().
+ If Signature is NULL, then ASSERT().
+ If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, then ASSERT().
+
+ @param[in] RsaContext Pointer to RSA context for signature verification.
+ @param[in] MessageHash Pointer to octet message hash to be checked.
+ @param[in] HashLength Length of the message hash in bytes.
+ @param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verified.
+ @param[in] SigLength Length of signature in bytes.
+
+ @return TRUE Valid signature encoded in PKCS1-v1_5.
+ @return FALSE Invalid signature or invalid RSA context.
+
+**/
+BOOLEAN
+EFIAPI
+RsaPkcs1Verify (
+ IN VOID *RsaContext,
+ IN CONST UINT8 *MessageHash,
+ IN UINTN HashLength,
+ IN UINT8 *Signature,
+ IN UINTN SigLength
+ )
+{
+ if (!InternalIsCryptServiveAvailable ()) {
+ return FALSE;
+ }
+
+ return mCryptProtocol->RsaPkcs1Verify (
+ RsaContext,
+ MessageHash,
+ HashLength,
+ Signature,
+ SigLength
+ );
+}
diff --git a/CryptoPkg/Library/IntrinsicLib/CopyMem.c b/CryptoPkg/Library/IntrinsicLib/CopyMem.c
new file mode 100644
index 0000000000..6cc52b22e1
--- /dev/null
+++ b/CryptoPkg/Library/IntrinsicLib/CopyMem.c
@@ -0,0 +1,23 @@
+/** @file
+ Intrinsic Memory Routines Wrapper Implementation for OpenSSL-based
+ Cryptographic Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Base.h>
+#include <Library/BaseMemoryLib.h>
+
+/* Copies bytes between buffers */
+void * memcpy (void *dest, const void *src, unsigned int count)
+{
+ return CopyMem (dest, src, (UINTN)count);
+}
diff --git a/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf b/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
new file mode 100644
index 0000000000..e830c6afac
--- /dev/null
+++ b/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
@@ -0,0 +1,56 @@
+## @file
+# Intrinsic Routines Wrapper Library Instance.
+#
+# Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = BaseIntrinsicLib
+ FILE_GUID = 63850097-3E97-4c4f-A52D-C811A0106105
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = IntrinsicLib
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF
+#
+
+[Sources]
+ MemoryIntrinsics.c
+
+[Sources.IA32]
+ CopyMem.c
+
+[Sources.X64]
+ CopyMem.c
+
+[Sources.IPF]
+ CopyMem.c | MSFT
+ CopyMem.c | INTEL
+#
+# In tools_def.txt, GCC rename symbol name memcpy to be CopyMem for IPF,
+# i.e. "DEFINE GCC_IPF_SYMRENAME_FLAGS = --redefine-sym memcpy=CopyMem",
+# so there will be no source file CopyMem.c for GCC compiler family.
+#
+
+[Packages]
+ MdePkg/MdePkg.dec
+
+[LibraryClasses]
+ BaseMemoryLib
+
+[BuildOptions]
+ MSFT:*_*_*_CC_FLAGS = /GL- /Oi-
+ INTEL:*_*_*_CC_FLAGS = /Oi-
+ GCC:*_*_*_CC_FLAGS = -fno-builtin
diff --git a/CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c b/CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c
new file mode 100644
index 0000000000..48e0c52c36
--- /dev/null
+++ b/CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c
@@ -0,0 +1,27 @@
+/** @file
+ Intrinsic Memory Routines Wrapper Implementation for OpenSSL-based
+ Cryptographic Library.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Base.h>
+#include <Library/BaseMemoryLib.h>
+
+/* OpenSSL will use floating point support, and C compiler produces the _fltused
+ symbol by default. Simply define this symbol here to satisfy the linker. */
+int _fltused = 1;
+
+/* Sets buffers to a specified character */
+void * memset (void *dest, char ch, unsigned int count)
+{
+ return SetMem (dest, (UINTN)count, (UINT8)ch);
+}
diff --git a/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8l.patch b/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8l.patch
new file mode 100644
index 0000000000..2ff6ee0f8c
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8l.patch
@@ -0,0 +1,92 @@
+--- crypto/bio/bss_file.c Thu Jan 15 17:14:12 1970
++++ crypto/bio/bss_file.c Thu Jan 15 17:14:12 1970
+@@ -421,6 +421,23 @@
+ return(ret);
+ }
+
++#else
++
++BIO_METHOD *BIO_s_file(void)
++ {
++ return NULL;
++ }
++
++BIO *BIO_new_file(const char *filename, const char *mode)
++ {
++ return NULL;
++ }
++
++BIO *BIO_new_fp(FILE *stream, int close_flag)
++ {
++ return NULL;
++ }
++
+ #endif /* OPENSSL_NO_STDIO */
+
+ #endif /* HEADER_BSS_FILE_C */
+--- crypto/rand/rand_egd.c Thu Jan 15 17:14:12 1970
++++ crypto/rand/rand_egd.c Thu Jan 15 17:14:12 1970
+@@ -95,7 +95,7 @@
+ * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
+ */
+
+-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS)
++#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI)
+ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
+ {
+ return(-1);
+--- crypto/rand/rand_unix.c Thu Jan 15 17:14:12 1970
++++ crypto/rand/rand_unix.c Thu Jan 15 17:14:12 1970
+@@ -116,7 +116,7 @@
+ #include <openssl/rand.h>
+ #include "rand_lcl.h"
+
+-#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))
++#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_UEFI))
+
+ #include <sys/types.h>
+ #include <sys/time.h>
+@@ -322,7 +322,7 @@
+ #endif /* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */
+
+
+-#if defined(OPENSSL_SYS_VXWORKS)
++#if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)
+ int RAND_poll(void)
+ {
+ return 0;
+--- crypto/x509/x509_vfy.c Thu Jan 15 17:14:12 1970
++++ crypto/x509/x509_vfy.c Thu Jan 15 17:14:12 1970
+@@ -391,7 +391,12 @@
+
+ static int check_chain_extensions(X509_STORE_CTX *ctx)
+ {
+-#ifdef OPENSSL_NO_CHAIN_VERIFY
++//#ifdef OPENSSL_NO_CHAIN_VERIFY
++#if defined(OPENSSL_NO_CHAIN_VERIFY) || defined(OPENSSL_SYS_UEFI)
++ /*
++ NOTE: Bypass KU Flags Checking for UEFI version. There are incorrect KU flag setting
++ in Authenticode Signing Certificates.
++ */
+ return 1;
+ #else
+ int i, ok=0, must_be_ca, plen = 0;
+@@ -904,6 +909,10 @@
+
+ static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)
+ {
++#if defined(OPENSSL_SYS_UEFI)
++ /* Bypass Certificate Time Checking for UEFI version. */
++ return 1;
++#else
+ time_t *ptime;
+ int i;
+
+@@ -947,6 +956,7 @@
+ }
+
+ return 1;
++#endif
+ }
+
+ static int internal_verify(X509_STORE_CTX *ctx)
diff --git a/CryptoPkg/Library/OpensslLib/Install.cmd b/CryptoPkg/Library/OpensslLib/Install.cmd
new file mode 100644
index 0000000000..8dd91c0ab1
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/Install.cmd
@@ -0,0 +1,71 @@
+cd openssl-0.9.8l
+copy e_os2.h ..\..\..\Include\openssl
+copy crypto\crypto.h ..\..\..\Include\openssl
+copy crypto\tmdiff.h ..\..\..\Include\openssl
+copy crypto\opensslv.h ..\..\..\Include\openssl
+copy crypto\opensslconf.h ..\..\..\Include\openssl
+copy crypto\ebcdic.h ..\..\..\Include\openssl
+copy crypto\symhacks.h ..\..\..\Include\openssl
+copy crypto\ossl_typ.h ..\..\..\Include\openssl
+copy crypto\md2\md2.h ..\..\..\Include\openssl
+copy crypto\md4\md4.h ..\..\..\Include\openssl
+copy crypto\md5\md5.h ..\..\..\Include\openssl
+copy crypto\sha\sha.h ..\..\..\Include\openssl
+copy crypto\hmac\hmac.h ..\..\..\Include\openssl
+copy crypto\ripemd\ripemd.h ..\..\..\Include\openssl
+copy crypto\des\des.h ..\..\..\Include\openssl
+copy crypto\des\des_old.h ..\..\..\Include\openssl
+copy crypto\rc2\rc2.h ..\..\..\Include\openssl
+copy crypto\rc4\rc4.h ..\..\..\Include\openssl
+copy crypto\idea\idea.h ..\..\..\Include\openssl
+copy crypto\bf\blowfish.h ..\..\..\Include\openssl
+copy crypto\cast\cast.h ..\..\..\Include\openssl
+copy crypto\aes\aes.h ..\..\..\Include\openssl
+copy crypto\bn\bn.h ..\..\..\Include\openssl
+copy crypto\rsa\rsa.h ..\..\..\Include\openssl
+copy crypto\dsa\dsa.h ..\..\..\Include\openssl
+copy crypto\dso\dso.h ..\..\..\Include\openssl
+copy crypto\dh\dh.h ..\..\..\Include\openssl
+copy crypto\ec\ec.h ..\..\..\Include\openssl
+copy crypto\ecdh\ecdh.h ..\..\..\Include\openssl
+copy crypto\ecdsa\ecdsa.h ..\..\..\Include\openssl
+copy crypto\buffer\buffer.h ..\..\..\Include\openssl
+copy crypto\bio\bio.h ..\..\..\Include\openssl
+copy crypto\stack\stack.h ..\..\..\Include\openssl
+copy crypto\stack\safestack.h ..\..\..\Include\openssl
+copy crypto\lhash\lhash.h ..\..\..\Include\openssl
+copy crypto\rand\rand.h ..\..\..\Include\openssl
+copy crypto\err\err.h ..\..\..\Include\openssl
+copy crypto\objects\objects.h ..\..\..\Include\openssl
+copy crypto\objects\obj_mac.h ..\..\..\Include\openssl
+copy crypto\evp\evp.h ..\..\..\Include\openssl
+copy crypto\asn1\asn1.h ..\..\..\Include\openssl
+copy crypto\asn1\asn1_mac.h ..\..\..\Include\openssl
+copy crypto\asn1\asn1t.h ..\..\..\Include\openssl
+copy crypto\pem\pem.h ..\..\..\Include\openssl
+copy crypto\pem\pem2.h ..\..\..\Include\openssl
+copy crypto\x509\x509.h ..\..\..\Include\openssl
+copy crypto\x509\x509_vfy.h ..\..\..\Include\openssl
+copy crypto\x509v3\x509v3.h ..\..\..\Include\openssl
+copy crypto\conf\conf.h ..\..\..\Include\openssl
+copy crypto\conf\conf_api.h ..\..\..\Include\openssl
+copy crypto\txt_db\txt_db.h ..\..\..\Include\openssl
+copy crypto\pkcs7\pkcs7.h ..\..\..\Include\openssl
+copy crypto\pkcs12\pkcs12.h ..\..\..\Include\openssl
+copy crypto\comp\comp.h ..\..\..\Include\openssl
+copy crypto\engine\engine.h ..\..\..\Include\openssl
+copy crypto\ocsp\ocsp.h ..\..\..\Include\openssl
+copy crypto\ui\ui.h ..\..\..\Include\openssl
+copy crypto\ui\ui_compat.h ..\..\..\Include\openssl
+copy crypto\krb5\krb5_asn.h ..\..\..\Include\openssl
+copy crypto\store\store.h ..\..\..\Include\openssl
+copy crypto\pqueue\pqueue.h ..\..\..\Include\openssl
+copy crypto\pqueue\pq_compat.h ..\..\..\Include\openssl
+copy ssl\ssl.h ..\..\..\Include\openssl
+copy ssl\ssl2.h ..\..\..\Include\openssl
+copy ssl\ssl3.h ..\..\..\Include\openssl
+copy ssl\ssl23.h ..\..\..\Include\openssl
+copy ssl\tls1.h ..\..\..\Include\openssl
+copy ssl\dtls1.h ..\..\..\Include\openssl
+copy ssl\kssl.h ..\..\..\Include\openssl
+cd .. \ No newline at end of file
diff --git a/CryptoPkg/Library/OpensslLib/Install.sh b/CryptoPkg/Library/OpensslLib/Install.sh
new file mode 100644
index 0000000000..43b6cb4946
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/Install.sh
@@ -0,0 +1,73 @@
+#!/bin/sh
+
+cd openssl-0.9.8l
+cp e_os2.h ../../../Include/openssl
+cp crypto/crypto.h ../../../Include/openssl
+cp crypto/tmdiff.h ../../../Include/openssl
+cp crypto/opensslv.h ../../../Include/openssl
+cp crypto/opensslconf.h ../../../Include/openssl
+cp crypto/ebcdic.h ../../../Include/openssl
+cp crypto/symhacks.h ../../../Include/openssl
+cp crypto/ossl_typ.h ../../../Include/openssl
+cp crypto/md2/md2.h ../../../Include/openssl
+cp crypto/md4/md4.h ../../../Include/openssl
+cp crypto/md5/md5.h ../../../Include/openssl
+cp crypto/sha/sha.h ../../../Include/openssl
+cp crypto/hmac/hmac.h ../../../Include/openssl
+cp crypto/ripemd/ripemd.h ../../../Include/openssl
+cp crypto/des/des.h ../../../Include/openssl
+cp crypto/des/des_old.h ../../../Include/openssl
+cp crypto/rc2/rc2.h ../../../Include/openssl
+cp crypto/rc4/rc4.h ../../../Include/openssl
+cp crypto/idea/idea.h ../../../Include/openssl
+cp crypto/bf/blowfish.h ../../../Include/openssl
+cp crypto/cast/cast.h ../../../Include/openssl
+cp crypto/aes/aes.h ../../../Include/openssl
+cp crypto/bn/bn.h ../../../Include/openssl
+cp crypto/rsa/rsa.h ../../../Include/openssl
+cp crypto/dsa/dsa.h ../../../Include/openssl
+cp crypto/dso/dso.h ../../../Include/openssl
+cp crypto/dh/dh.h ../../../Include/openssl
+cp crypto/ec/ec.h ../../../Include/openssl
+cp crypto/ecdh/ecdh.h ../../../Include/openssl
+cp crypto/ecdsa/ecdsa.h ../../../Include/openssl
+cp crypto/buffer/buffer.h ../../../Include/openssl
+cp crypto/bio/bio.h ../../../Include/openssl
+cp crypto/stack/stack.h ../../../Include/openssl
+cp crypto/stack/safestack.h ../../../Include/openssl
+cp crypto/lhash/lhash.h ../../../Include/openssl
+cp crypto/rand/rand.h ../../../Include/openssl
+cp crypto/err/err.h ../../../Include/openssl
+cp crypto/objects/objects.h ../../../Include/openssl
+cp crypto/objects/obj_mac.h ../../../Include/openssl
+cp crypto/evp/evp.h ../../../Include/openssl
+cp crypto/asn1/asn1.h ../../../Include/openssl
+cp crypto/asn1/asn1_mac.h ../../../Include/openssl
+cp crypto/asn1/asn1t.h ../../../Include/openssl
+cp crypto/pem/pem.h ../../../Include/openssl
+cp crypto/pem/pem2.h ../../../Include/openssl
+cp crypto/x509/x509.h ../../../Include/openssl
+cp crypto/x509/x509_vfy.h ../../../Include/openssl
+cp crypto/x509v3/x509v3.h ../../../Include/openssl
+cp crypto/conf/conf.h ../../../Include/openssl
+cp crypto/conf/conf_api.h ../../../Include/openssl
+cp crypto/txt_db/txt_db.h ../../../Include/openssl
+cp crypto/pkcs7/pkcs7.h ../../../Include/openssl
+cp crypto/pkcs12/pkcs12.h ../../../Include/openssl
+cp crypto/comp/comp.h ../../../Include/openssl
+cp crypto/engine/engine.h ../../../Include/openssl
+cp crypto/ocsp/ocsp.h ../../../Include/openssl
+cp crypto/ui/ui.h ../../../Include/openssl
+cp crypto/ui/ui_compat.h ../../../Include/openssl
+cp crypto/krb5/krb5_asn.h ../../../Include/openssl
+cp crypto/store/store.h ../../../Include/openssl
+cp crypto/pqueue/pqueue.h ../../../Include/openssl
+cp crypto/pqueue/pq_compat.h ../../../Include/openssl
+cp ssl/ssl.h ../../../Include/openssl
+cp ssl/ssl2.h ../../../Include/openssl
+cp ssl/ssl3.h ../../../Include/openssl
+cp ssl/ssl23.h ../../../Include/openssl
+cp ssl/tls1.h ../../../Include/openssl
+cp ssl/dtls1.h ../../../Include/openssl
+cp ssl/kssl.h ../../../Include/openssl
+cd ..
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
new file mode 100644
index 0000000000..1e1a840bd1
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -0,0 +1,579 @@
+## @file
+# OpenSSL Library implementation.
+#
+# Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = OpensslLib
+ FILE_GUID = C873A7D0-9824-409f-9B42-2C158B992E69
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = OpensslLib
+ OPENSSL_PATH = openssl-0.9.8l
+ OPENSSL_FLAGS = -DOPENSSL_SYSNAME_UWIN -DOPENSSL_SYS_UEFI -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_SEED -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SOCK -DOPENSSL_NO_CMS -DOPENSSL_NO_JPAKE -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_ERR -DOPENSSL_NO_KRB5 -DOPENSSL_NO_DYNAMIC_ENGINE -DGETPID_IS_MEANINGLESS -DOPENSSL_NO_STDIO -DOPENSSL_NO_FP_API -DOPENSSL_NO_DGRAM -DOPENSSL_NO_ASM
+
+#
+# OPENSSL_FLAGS is set to define the following flags to be compatible with
+# EDK II build system and UEFI executiuon environment
+#
+# OPENSSL_SYSNAME_UWIN
+# OPENSSL_SYS_UEFI
+# L_ENDIAN
+# _CRT_SECURE_NO_DEPRECATE
+# _CRT_NONSTDC_NO_DEPRECATE
+# OPENSSL_NO_CAMELLIA
+# OPENSSL_NO_SEED
+# OPENSSL_NO_RC5
+# OPENSSL_NO_MDC2
+# OPENSSL_NO_SOCK
+# OPENSSL_NO_CMS
+# OPENSSL_NO_JPAKE
+# OPENSSL_NO_CAPIENG
+# OPENSSL_NO_ERR
+# OPENSSL_NO_KRB5
+# OPENSSL_NO_DYNAMIC_ENGINE
+# GETPID_IS_MEANINGLESS
+# OPENSSL_NO_STDIO
+# OPENSSL_NO_FP_API
+# OPENSSL_NO_DGRAM
+# OPENSSL_NO_ASM
+#
+
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF
+#
+
+[Sources]
+ $(OPENSSL_PATH)/e_os.h
+ $(OPENSSL_PATH)/crypto/cryptlib.c
+ $(OPENSSL_PATH)/crypto/dyn_lck.c
+ $(OPENSSL_PATH)/crypto/mem.c
+ $(OPENSSL_PATH)/crypto/mem_clr.c
+ $(OPENSSL_PATH)/crypto/mem_dbg.c
+ $(OPENSSL_PATH)/crypto/cversion.c
+ $(OPENSSL_PATH)/crypto/ex_data.c
+
+ #
+ # Not required for UEFI.
+ #
+ # $(OPENSSL_PATH)/crypto/tmdiff.c
+
+ $(OPENSSL_PATH)/crypto/cpt_err.c
+ $(OPENSSL_PATH)/crypto/ebcdic.c
+ $(OPENSSL_PATH)/crypto/uid.c
+ $(OPENSSL_PATH)/crypto/o_time.c
+ $(OPENSSL_PATH)/crypto/o_str.c
+ $(OPENSSL_PATH)/crypto/o_dir.c
+ $(OPENSSL_PATH)/crypto/o_init.c
+ $(OPENSSL_PATH)/crypto/fips_err.c
+ $(OPENSSL_PATH)/crypto/md2/md2_dgst.c
+ $(OPENSSL_PATH)/crypto/md2/md2_one.c
+ $(OPENSSL_PATH)/crypto/md4/md4_dgst.c
+ $(OPENSSL_PATH)/crypto/md4/md4_one.c
+ $(OPENSSL_PATH)/crypto/md5/md5_dgst.c
+ $(OPENSSL_PATH)/crypto/md5/md5_one.c
+ $(OPENSSL_PATH)/crypto/sha/sha_dgst.c
+ $(OPENSSL_PATH)/crypto/sha/sha1dgst.c
+ $(OPENSSL_PATH)/crypto/sha/sha_one.c
+ $(OPENSSL_PATH)/crypto/sha/sha1_one.c
+ $(OPENSSL_PATH)/crypto/sha/sha256.c
+ $(OPENSSL_PATH)/crypto/sha/sha512.c
+ $(OPENSSL_PATH)/crypto/hmac/hmac.c
+ $(OPENSSL_PATH)/crypto/ripemd/rmd_dgst.c
+ $(OPENSSL_PATH)/crypto/ripemd/rmd_one.c
+ $(OPENSSL_PATH)/crypto/des/des_lib.c
+ $(OPENSSL_PATH)/crypto/des/set_key.c
+ $(OPENSSL_PATH)/crypto/des/ecb_enc.c
+ $(OPENSSL_PATH)/crypto/des/cbc_enc.c
+ $(OPENSSL_PATH)/crypto/des/ecb3_enc.c
+ $(OPENSSL_PATH)/crypto/des/cfb64enc.c
+ $(OPENSSL_PATH)/crypto/des/cfb64ede.c
+ $(OPENSSL_PATH)/crypto/des/cfb_enc.c
+ $(OPENSSL_PATH)/crypto/des/ofb64ede.c
+ $(OPENSSL_PATH)/crypto/des/enc_read.c
+ $(OPENSSL_PATH)/crypto/des/enc_writ.c
+ $(OPENSSL_PATH)/crypto/des/ofb64enc.c
+ $(OPENSSL_PATH)/crypto/des/ofb_enc.c
+ $(OPENSSL_PATH)/crypto/des/str2key.c
+ $(OPENSSL_PATH)/crypto/des/pcbc_enc.c
+ $(OPENSSL_PATH)/crypto/des/qud_cksm.c
+ $(OPENSSL_PATH)/crypto/des/rand_key.c
+ $(OPENSSL_PATH)/crypto/des/des_enc.c
+ $(OPENSSL_PATH)/crypto/des/fcrypt_b.c
+ $(OPENSSL_PATH)/crypto/des/fcrypt.c
+ $(OPENSSL_PATH)/crypto/des/xcbc_enc.c
+ $(OPENSSL_PATH)/crypto/des/rpc_enc.c
+ $(OPENSSL_PATH)/crypto/des/cbc_cksm.c
+ $(OPENSSL_PATH)/crypto/des/ede_cbcm_enc.c
+ $(OPENSSL_PATH)/crypto/des/des_old.c
+ $(OPENSSL_PATH)/crypto/des/des_old2.c
+ $(OPENSSL_PATH)/crypto/des/read2pwd.c
+ $(OPENSSL_PATH)/crypto/rc2/rc2_ecb.c
+ $(OPENSSL_PATH)/crypto/rc2/rc2_skey.c
+ $(OPENSSL_PATH)/crypto/rc2/rc2_cbc.c
+ $(OPENSSL_PATH)/crypto/rc2/rc2cfb64.c
+ $(OPENSSL_PATH)/crypto/rc2/rc2ofb64.c
+ $(OPENSSL_PATH)/crypto/rc4/rc4_enc.c
+ $(OPENSSL_PATH)/crypto/rc4/rc4_skey.c
+ $(OPENSSL_PATH)/crypto/rc4/rc4_fblk.c
+ $(OPENSSL_PATH)/crypto/idea/i_cbc.c
+ $(OPENSSL_PATH)/crypto/idea/i_cfb64.c
+ $(OPENSSL_PATH)/crypto/idea/i_ofb64.c
+ $(OPENSSL_PATH)/crypto/idea/i_ecb.c
+ $(OPENSSL_PATH)/crypto/idea/i_skey.c
+ $(OPENSSL_PATH)/crypto/bf/bf_skey.c
+ $(OPENSSL_PATH)/crypto/bf/bf_ecb.c
+ $(OPENSSL_PATH)/crypto/bf/bf_enc.c
+ $(OPENSSL_PATH)/crypto/bf/bf_cfb64.c
+ $(OPENSSL_PATH)/crypto/bf/bf_ofb64.c
+ $(OPENSSL_PATH)/crypto/cast/c_skey.c
+ $(OPENSSL_PATH)/crypto/cast/c_ecb.c
+ $(OPENSSL_PATH)/crypto/cast/c_enc.c
+ $(OPENSSL_PATH)/crypto/cast/c_cfb64.c
+ $(OPENSSL_PATH)/crypto/cast/c_ofb64.c
+ $(OPENSSL_PATH)/crypto/aes/aes_misc.c
+ $(OPENSSL_PATH)/crypto/aes/aes_ecb.c
+ $(OPENSSL_PATH)/crypto/aes/aes_cfb.c
+ $(OPENSSL_PATH)/crypto/aes/aes_ofb.c
+ $(OPENSSL_PATH)/crypto/aes/aes_ctr.c
+ $(OPENSSL_PATH)/crypto/aes/aes_ige.c
+ $(OPENSSL_PATH)/crypto/aes/aes_wrap.c
+ $(OPENSSL_PATH)/crypto/aes/aes_core.c
+ $(OPENSSL_PATH)/crypto/aes/aes_cbc.c
+ $(OPENSSL_PATH)/crypto/bn/bn_add.c
+ $(OPENSSL_PATH)/crypto/bn/bn_div.c
+ $(OPENSSL_PATH)/crypto/bn/bn_exp.c
+ $(OPENSSL_PATH)/crypto/bn/bn_lib.c
+ $(OPENSSL_PATH)/crypto/bn/bn_ctx.c
+ $(OPENSSL_PATH)/crypto/bn/bn_mul.c
+ $(OPENSSL_PATH)/crypto/bn/bn_mod.c
+ $(OPENSSL_PATH)/crypto/bn/bn_print.c
+ $(OPENSSL_PATH)/crypto/bn/bn_rand.c
+ $(OPENSSL_PATH)/crypto/bn/bn_shift.c
+ $(OPENSSL_PATH)/crypto/bn/bn_word.c
+ $(OPENSSL_PATH)/crypto/bn/bn_blind.c
+ $(OPENSSL_PATH)/crypto/bn/bn_kron.c
+ $(OPENSSL_PATH)/crypto/bn/bn_sqrt.c
+ $(OPENSSL_PATH)/crypto/bn/bn_gcd.c
+ $(OPENSSL_PATH)/crypto/bn/bn_prime.c
+ $(OPENSSL_PATH)/crypto/bn/bn_err.c
+ $(OPENSSL_PATH)/crypto/bn/bn_sqr.c
+ $(OPENSSL_PATH)/crypto/bn/bn_asm.c
+ $(OPENSSL_PATH)/crypto/bn/bn_recp.c
+ $(OPENSSL_PATH)/crypto/bn/bn_mont.c
+ $(OPENSSL_PATH)/crypto/bn/bn_mpi.c
+ $(OPENSSL_PATH)/crypto/bn/bn_exp2.c
+ $(OPENSSL_PATH)/crypto/bn/bn_gf2m.c
+ $(OPENSSL_PATH)/crypto/bn/bn_nist.c
+ $(OPENSSL_PATH)/crypto/bn/bn_depr.c
+ $(OPENSSL_PATH)/crypto/bn/bn_x931p.c
+ $(OPENSSL_PATH)/crypto/bn/bn_const.c
+ $(OPENSSL_PATH)/crypto/bn/bn_opt.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_eay.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_gen.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_lib.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_sign.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_saos.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_err.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_pk1.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_ssl.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_none.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_oaep.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_chk.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_null.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_pss.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_x931.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_x931g.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_asn1.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_depr.c
+ $(OPENSSL_PATH)/crypto/rsa/rsa_eng.c
+ $(OPENSSL_PATH)/crypto/dsa/dsa_gen.c
+ $(OPENSSL_PATH)/crypto/dsa/dsa_key.c
+ $(OPENSSL_PATH)/crypto/dsa/dsa_lib.c
+ $(OPENSSL_PATH)/crypto/dsa/dsa_asn1.c
+ $(OPENSSL_PATH)/crypto/dsa/dsa_vrf.c
+ $(OPENSSL_PATH)/crypto/dsa/dsa_sign.c
+ $(OPENSSL_PATH)/crypto/dsa/dsa_err.c
+ $(OPENSSL_PATH)/crypto/dsa/dsa_ossl.c
+ $(OPENSSL_PATH)/crypto/dsa/dsa_depr.c
+ $(OPENSSL_PATH)/crypto/dsa/dsa_utl.c
+ $(OPENSSL_PATH)/crypto/dso/dso_dl.c
+ $(OPENSSL_PATH)/crypto/dso/dso_dlfcn.c
+ $(OPENSSL_PATH)/crypto/dso/dso_err.c
+ $(OPENSSL_PATH)/crypto/dso/dso_lib.c
+ $(OPENSSL_PATH)/crypto/dso/dso_null.c
+ $(OPENSSL_PATH)/crypto/dso/dso_openssl.c
+ $(OPENSSL_PATH)/crypto/dso/dso_win32.c
+ $(OPENSSL_PATH)/crypto/dso/dso_vms.c
+ $(OPENSSL_PATH)/crypto/dh/dh_asn1.c
+ $(OPENSSL_PATH)/crypto/dh/dh_gen.c
+ $(OPENSSL_PATH)/crypto/dh/dh_key.c
+ $(OPENSSL_PATH)/crypto/dh/dh_lib.c
+ $(OPENSSL_PATH)/crypto/dh/dh_check.c
+ $(OPENSSL_PATH)/crypto/dh/dh_err.c
+ $(OPENSSL_PATH)/crypto/dh/dh_depr.c
+ $(OPENSSL_PATH)/crypto/ec/ec_lib.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
+ $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
+ $(OPENSSL_PATH)/crypto/ec/ec_mult.c
+ $(OPENSSL_PATH)/crypto/ec/ec_err.c
+ $(OPENSSL_PATH)/crypto/ec/ec_curve.c
+ $(OPENSSL_PATH)/crypto/ec/ec_check.c
+ $(OPENSSL_PATH)/crypto/ec/ec_print.c
+ $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
+ $(OPENSSL_PATH)/crypto/ec/ec_key.c
+ $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
+ $(OPENSSL_PATH)/crypto/ec/ec2_mult.c
+ $(OPENSSL_PATH)/crypto/ecdh/ech_lib.c
+ $(OPENSSL_PATH)/crypto/ecdh/ech_ossl.c
+ $(OPENSSL_PATH)/crypto/ecdh/ech_key.c
+ $(OPENSSL_PATH)/crypto/ecdh/ech_err.c
+ $(OPENSSL_PATH)/crypto/ecdsa/ecs_lib.c
+ $(OPENSSL_PATH)/crypto/ecdsa/ecs_asn1.c
+ $(OPENSSL_PATH)/crypto/ecdsa/ecs_ossl.c
+ $(OPENSSL_PATH)/crypto/ecdsa/ecs_sign.c
+ $(OPENSSL_PATH)/crypto/ecdsa/ecs_vrf.c
+ $(OPENSSL_PATH)/crypto/ecdsa/ecs_err.c
+ $(OPENSSL_PATH)/crypto/buffer/buffer.c
+ $(OPENSSL_PATH)/crypto/buffer/buf_str.c
+ $(OPENSSL_PATH)/crypto/buffer/buf_err.c
+ $(OPENSSL_PATH)/crypto/bio/bio_lib.c
+ $(OPENSSL_PATH)/crypto/bio/bio_cb.c
+ $(OPENSSL_PATH)/crypto/bio/bio_err.c
+ $(OPENSSL_PATH)/crypto/bio/bss_mem.c
+ $(OPENSSL_PATH)/crypto/bio/bss_null.c
+ $(OPENSSL_PATH)/crypto/bio/bss_fd.c
+ $(OPENSSL_PATH)/crypto/bio/bss_file.c
+ $(OPENSSL_PATH)/crypto/bio/bf_null.c
+ $(OPENSSL_PATH)/crypto/bio/bf_buff.c
+ $(OPENSSL_PATH)/crypto/bio/b_print.c
+ $(OPENSSL_PATH)/crypto/bio/b_dump.c
+ $(OPENSSL_PATH)/crypto/bio/bf_nbio.c
+ $(OPENSSL_PATH)/crypto/bio/bss_log.c
+ $(OPENSSL_PATH)/crypto/bio/bss_bio.c
+ $(OPENSSL_PATH)/crypto/bio/bss_dgram.c
+ $(OPENSSL_PATH)/crypto/stack/stack.c
+ $(OPENSSL_PATH)/crypto/lhash/lhash.c
+ $(OPENSSL_PATH)/crypto/lhash/lh_stats.c
+ $(OPENSSL_PATH)/crypto/rand/md_rand.c
+ $(OPENSSL_PATH)/crypto/rand/randfile.c
+ $(OPENSSL_PATH)/crypto/rand/rand_lib.c
+ $(OPENSSL_PATH)/crypto/rand/rand_eng.c
+ $(OPENSSL_PATH)/crypto/rand/rand_err.c
+ $(OPENSSL_PATH)/crypto/rand/rand_egd.c
+ $(OPENSSL_PATH)/crypto/rand/rand_win.c
+ $(OPENSSL_PATH)/crypto/rand/rand_unix.c
+ $(OPENSSL_PATH)/crypto/rand/rand_os2.c
+ $(OPENSSL_PATH)/crypto/rand/rand_nw.c
+ $(OPENSSL_PATH)/crypto/err/err.c
+ $(OPENSSL_PATH)/crypto/err/err_def.c
+ $(OPENSSL_PATH)/crypto/err/err_all.c
+ $(OPENSSL_PATH)/crypto/err/err_prn.c
+ $(OPENSSL_PATH)/crypto/err/err_str.c
+ $(OPENSSL_PATH)/crypto/err/err_bio.c
+ $(OPENSSL_PATH)/crypto/objects/o_names.c
+ $(OPENSSL_PATH)/crypto/objects/obj_dat.c
+ $(OPENSSL_PATH)/crypto/objects/obj_lib.c
+ $(OPENSSL_PATH)/crypto/objects/obj_err.c
+ $(OPENSSL_PATH)/crypto/evp/encode.c
+ $(OPENSSL_PATH)/crypto/evp/digest.c
+ $(OPENSSL_PATH)/crypto/evp/dig_eng.c
+ $(OPENSSL_PATH)/crypto/evp/evp_enc.c
+ $(OPENSSL_PATH)/crypto/evp/evp_key.c
+ $(OPENSSL_PATH)/crypto/evp/evp_acnf.c
+ $(OPENSSL_PATH)/crypto/evp/evp_cnf.c
+ $(OPENSSL_PATH)/crypto/evp/e_des.c
+ $(OPENSSL_PATH)/crypto/evp/e_bf.c
+ $(OPENSSL_PATH)/crypto/evp/e_idea.c
+ $(OPENSSL_PATH)/crypto/evp/e_des3.c
+ $(OPENSSL_PATH)/crypto/evp/e_rc4.c
+ $(OPENSSL_PATH)/crypto/evp/e_aes.c
+ $(OPENSSL_PATH)/crypto/evp/names.c
+ $(OPENSSL_PATH)/crypto/evp/e_xcbc_d.c
+ $(OPENSSL_PATH)/crypto/evp/e_rc2.c
+ $(OPENSSL_PATH)/crypto/evp/e_cast.c
+ $(OPENSSL_PATH)/crypto/evp/e_rc5.c
+ $(OPENSSL_PATH)/crypto/evp/enc_min.c
+ $(OPENSSL_PATH)/crypto/evp/m_null.c
+ $(OPENSSL_PATH)/crypto/evp/m_md2.c
+ $(OPENSSL_PATH)/crypto/evp/m_md4.c
+ $(OPENSSL_PATH)/crypto/evp/m_md5.c
+ $(OPENSSL_PATH)/crypto/evp/m_sha.c
+ $(OPENSSL_PATH)/crypto/evp/m_sha1.c
+ $(OPENSSL_PATH)/crypto/evp/m_dss.c
+ $(OPENSSL_PATH)/crypto/evp/m_dss1.c
+ $(OPENSSL_PATH)/crypto/evp/m_ripemd.c
+ $(OPENSSL_PATH)/crypto/evp/m_ecdsa.c
+ $(OPENSSL_PATH)/crypto/evp/p_open.c
+ $(OPENSSL_PATH)/crypto/evp/p_seal.c
+ $(OPENSSL_PATH)/crypto/evp/p_sign.c
+ $(OPENSSL_PATH)/crypto/evp/p_verify.c
+ $(OPENSSL_PATH)/crypto/evp/p_lib.c
+ $(OPENSSL_PATH)/crypto/evp/p_enc.c
+ $(OPENSSL_PATH)/crypto/evp/p_dec.c
+ $(OPENSSL_PATH)/crypto/evp/bio_md.c
+ $(OPENSSL_PATH)/crypto/evp/bio_b64.c
+ $(OPENSSL_PATH)/crypto/evp/bio_enc.c
+ $(OPENSSL_PATH)/crypto/evp/evp_err.c
+ $(OPENSSL_PATH)/crypto/evp/e_null.c
+ $(OPENSSL_PATH)/crypto/evp/c_all.c
+ $(OPENSSL_PATH)/crypto/evp/c_allc.c
+ $(OPENSSL_PATH)/crypto/evp/c_alld.c
+ $(OPENSSL_PATH)/crypto/evp/evp_lib.c
+ $(OPENSSL_PATH)/crypto/evp/bio_ok.c
+ $(OPENSSL_PATH)/crypto/evp/evp_pkey.c
+ $(OPENSSL_PATH)/crypto/evp/evp_pbe.c
+ $(OPENSSL_PATH)/crypto/evp/p5_crpt.c
+ $(OPENSSL_PATH)/crypto/evp/p5_crpt2.c
+ $(OPENSSL_PATH)/crypto/evp/e_old.c
+ $(OPENSSL_PATH)/crypto/asn1/a_object.c
+ $(OPENSSL_PATH)/crypto/asn1/a_bitstr.c
+ $(OPENSSL_PATH)/crypto/asn1/a_utctm.c
+ $(OPENSSL_PATH)/crypto/asn1/a_gentm.c
+ $(OPENSSL_PATH)/crypto/asn1/a_time.c
+ $(OPENSSL_PATH)/crypto/asn1/a_int.c
+ $(OPENSSL_PATH)/crypto/asn1/a_octet.c
+ $(OPENSSL_PATH)/crypto/asn1/a_print.c
+ $(OPENSSL_PATH)/crypto/asn1/a_type.c
+ $(OPENSSL_PATH)/crypto/asn1/a_set.c
+ $(OPENSSL_PATH)/crypto/asn1/a_dup.c
+ $(OPENSSL_PATH)/crypto/asn1/a_d2i_fp.c
+ $(OPENSSL_PATH)/crypto/asn1/a_i2d_fp.c
+ $(OPENSSL_PATH)/crypto/asn1/a_enum.c
+ $(OPENSSL_PATH)/crypto/asn1/a_utf8.c
+ $(OPENSSL_PATH)/crypto/asn1/a_sign.c
+ $(OPENSSL_PATH)/crypto/asn1/a_digest.c
+ $(OPENSSL_PATH)/crypto/asn1/a_verify.c
+ $(OPENSSL_PATH)/crypto/asn1/a_mbstr.c
+ $(OPENSSL_PATH)/crypto/asn1/a_strex.c
+ $(OPENSSL_PATH)/crypto/asn1/x_algor.c
+ $(OPENSSL_PATH)/crypto/asn1/x_val.c
+ $(OPENSSL_PATH)/crypto/asn1/x_pubkey.c
+ $(OPENSSL_PATH)/crypto/asn1/x_sig.c
+ $(OPENSSL_PATH)/crypto/asn1/x_req.c
+ $(OPENSSL_PATH)/crypto/asn1/x_attrib.c
+ $(OPENSSL_PATH)/crypto/asn1/x_bignum.c
+ $(OPENSSL_PATH)/crypto/asn1/x_long.c
+ $(OPENSSL_PATH)/crypto/asn1/x_name.c
+ $(OPENSSL_PATH)/crypto/asn1/x_x509.c
+ $(OPENSSL_PATH)/crypto/asn1/x_x509a.c
+ $(OPENSSL_PATH)/crypto/asn1/x_crl.c
+ $(OPENSSL_PATH)/crypto/asn1/x_info.c
+ $(OPENSSL_PATH)/crypto/asn1/x_spki.c
+ $(OPENSSL_PATH)/crypto/asn1/nsseq.c
+ $(OPENSSL_PATH)/crypto/asn1/d2i_pu.c
+ $(OPENSSL_PATH)/crypto/asn1/d2i_pr.c
+ $(OPENSSL_PATH)/crypto/asn1/i2d_pu.c
+ $(OPENSSL_PATH)/crypto/asn1/i2d_pr.c
+ $(OPENSSL_PATH)/crypto/asn1/t_req.c
+ $(OPENSSL_PATH)/crypto/asn1/t_x509.c
+ $(OPENSSL_PATH)/crypto/asn1/t_x509a.c
+ $(OPENSSL_PATH)/crypto/asn1/t_crl.c
+ $(OPENSSL_PATH)/crypto/asn1/t_pkey.c
+ $(OPENSSL_PATH)/crypto/asn1/t_spki.c
+ $(OPENSSL_PATH)/crypto/asn1/t_bitst.c
+ $(OPENSSL_PATH)/crypto/asn1/tasn_new.c
+ $(OPENSSL_PATH)/crypto/asn1/tasn_fre.c
+ $(OPENSSL_PATH)/crypto/asn1/tasn_enc.c
+ $(OPENSSL_PATH)/crypto/asn1/tasn_dec.c
+ $(OPENSSL_PATH)/crypto/asn1/tasn_utl.c
+ $(OPENSSL_PATH)/crypto/asn1/tasn_typ.c
+ $(OPENSSL_PATH)/crypto/asn1/f_int.c
+ $(OPENSSL_PATH)/crypto/asn1/f_string.c
+ $(OPENSSL_PATH)/crypto/asn1/n_pkey.c
+ $(OPENSSL_PATH)/crypto/asn1/f_enum.c
+ $(OPENSSL_PATH)/crypto/asn1/a_hdr.c
+ $(OPENSSL_PATH)/crypto/asn1/x_pkey.c
+ $(OPENSSL_PATH)/crypto/asn1/a_bool.c
+ $(OPENSSL_PATH)/crypto/asn1/x_exten.c
+ $(OPENSSL_PATH)/crypto/asn1/asn_mime.c
+ $(OPENSSL_PATH)/crypto/asn1/asn1_gen.c
+ $(OPENSSL_PATH)/crypto/asn1/asn1_par.c
+ $(OPENSSL_PATH)/crypto/asn1/asn1_lib.c
+ $(OPENSSL_PATH)/crypto/asn1/asn1_err.c
+ $(OPENSSL_PATH)/crypto/asn1/a_meth.c
+ $(OPENSSL_PATH)/crypto/asn1/a_bytes.c
+ $(OPENSSL_PATH)/crypto/asn1/a_strnid.c
+ $(OPENSSL_PATH)/crypto/asn1/evp_asn1.c
+ $(OPENSSL_PATH)/crypto/asn1/asn_pack.c
+ $(OPENSSL_PATH)/crypto/asn1/p5_pbe.c
+ $(OPENSSL_PATH)/crypto/asn1/p5_pbev2.c
+ $(OPENSSL_PATH)/crypto/asn1/p8_pkey.c
+ $(OPENSSL_PATH)/crypto/asn1/asn_moid.c
+ $(OPENSSL_PATH)/crypto/pem/pem_sign.c
+ $(OPENSSL_PATH)/crypto/pem/pem_seal.c
+ $(OPENSSL_PATH)/crypto/pem/pem_info.c
+ $(OPENSSL_PATH)/crypto/pem/pem_lib.c
+ $(OPENSSL_PATH)/crypto/pem/pem_all.c
+ $(OPENSSL_PATH)/crypto/pem/pem_err.c
+ $(OPENSSL_PATH)/crypto/pem/pem_x509.c
+ $(OPENSSL_PATH)/crypto/pem/pem_xaux.c
+ $(OPENSSL_PATH)/crypto/pem/pem_oth.c
+ $(OPENSSL_PATH)/crypto/pem/pem_pk8.c
+ $(OPENSSL_PATH)/crypto/pem/pem_pkey.c
+ $(OPENSSL_PATH)/crypto/x509/x509_def.c
+ $(OPENSSL_PATH)/crypto/x509/x509_d2.c
+ $(OPENSSL_PATH)/crypto/x509/x509_r2x.c
+ $(OPENSSL_PATH)/crypto/x509/x509_cmp.c
+ $(OPENSSL_PATH)/crypto/x509/x509_obj.c
+ $(OPENSSL_PATH)/crypto/x509/x509_req.c
+ $(OPENSSL_PATH)/crypto/x509/x509spki.c
+ $(OPENSSL_PATH)/crypto/x509/x509_vfy.c
+ $(OPENSSL_PATH)/crypto/x509/x509_set.c
+ $(OPENSSL_PATH)/crypto/x509/x509cset.c
+ $(OPENSSL_PATH)/crypto/x509/x509rset.c
+ $(OPENSSL_PATH)/crypto/x509/x509_err.c
+ $(OPENSSL_PATH)/crypto/x509/x509name.c
+ $(OPENSSL_PATH)/crypto/x509/x509_v3.c
+ $(OPENSSL_PATH)/crypto/x509/x509_ext.c
+ $(OPENSSL_PATH)/crypto/x509/x509_att.c
+ $(OPENSSL_PATH)/crypto/x509/x509type.c
+ $(OPENSSL_PATH)/crypto/x509/x509_lu.c
+ $(OPENSSL_PATH)/crypto/x509/x_all.c
+ $(OPENSSL_PATH)/crypto/x509/x509_txt.c
+ $(OPENSSL_PATH)/crypto/x509/x509_trs.c
+ $(OPENSSL_PATH)/crypto/x509/by_file.c
+ $(OPENSSL_PATH)/crypto/x509/by_dir.c
+ $(OPENSSL_PATH)/crypto/x509/x509_vpm.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_bcons.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_bitst.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_conf.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_extku.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_ia5.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_lib.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_prn.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_utl.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3err.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_genn.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_alt.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_skey.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_akey.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_pku.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_int.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_enum.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_sxnet.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_cpols.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_crld.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_purp.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_info.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_ocsp.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_akeya.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_pmaps.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_pcons.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_ncons.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_pcia.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_pci.c
+ $(OPENSSL_PATH)/crypto/x509v3/pcy_cache.c
+ $(OPENSSL_PATH)/crypto/x509v3/pcy_node.c
+ $(OPENSSL_PATH)/crypto/x509v3/pcy_data.c
+ $(OPENSSL_PATH)/crypto/x509v3/pcy_map.c
+ $(OPENSSL_PATH)/crypto/x509v3/pcy_tree.c
+ $(OPENSSL_PATH)/crypto/x509v3/pcy_lib.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_asid.c
+ $(OPENSSL_PATH)/crypto/x509v3/v3_addr.c
+ $(OPENSSL_PATH)/crypto/conf/conf_err.c
+ $(OPENSSL_PATH)/crypto/conf/conf_lib.c
+ $(OPENSSL_PATH)/crypto/conf/conf_api.c
+ $(OPENSSL_PATH)/crypto/conf/conf_def.c
+ $(OPENSSL_PATH)/crypto/conf/conf_mod.c
+ $(OPENSSL_PATH)/crypto/conf/conf_mall.c
+ $(OPENSSL_PATH)/crypto/conf/conf_sap.c
+ $(OPENSSL_PATH)/crypto/txt_db/txt_db.c
+ $(OPENSSL_PATH)/crypto/pkcs7/pk7_asn1.c
+ $(OPENSSL_PATH)/crypto/pkcs7/pk7_lib.c
+ $(OPENSSL_PATH)/crypto/pkcs7/pkcs7err.c
+ $(OPENSSL_PATH)/crypto/pkcs7/pk7_doit.c
+ $(OPENSSL_PATH)/crypto/pkcs7/pk7_smime.c
+ $(OPENSSL_PATH)/crypto/pkcs7/pk7_attr.c
+ $(OPENSSL_PATH)/crypto/pkcs7/pk7_mime.c
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_add.c
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_asn.c
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_attr.c
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_crpt.c
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_crt.c
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_decr.c
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_init.c
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_key.c
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_kiss.c
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_mutl.c
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_utl.c
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_npas.c
+ $(OPENSSL_PATH)/crypto/pkcs12/pk12err.c
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_p8d.c
+ $(OPENSSL_PATH)/crypto/pkcs12/p12_p8e.c
+ $(OPENSSL_PATH)/crypto/comp/comp_lib.c
+ $(OPENSSL_PATH)/crypto/comp/comp_err.c
+ $(OPENSSL_PATH)/crypto/comp/c_rle.c
+ $(OPENSSL_PATH)/crypto/comp/c_zlib.c
+ $(OPENSSL_PATH)/crypto/engine/eng_err.c
+ $(OPENSSL_PATH)/crypto/engine/eng_lib.c
+ $(OPENSSL_PATH)/crypto/engine/eng_list.c
+ $(OPENSSL_PATH)/crypto/engine/eng_init.c
+ $(OPENSSL_PATH)/crypto/engine/eng_ctrl.c
+ $(OPENSSL_PATH)/crypto/engine/eng_table.c
+ $(OPENSSL_PATH)/crypto/engine/eng_pkey.c
+ $(OPENSSL_PATH)/crypto/engine/eng_fat.c
+ $(OPENSSL_PATH)/crypto/engine/eng_all.c
+ $(OPENSSL_PATH)/crypto/engine/tb_rsa.c
+ $(OPENSSL_PATH)/crypto/engine/tb_dsa.c
+ $(OPENSSL_PATH)/crypto/engine/tb_ecdsa.c
+ $(OPENSSL_PATH)/crypto/engine/tb_dh.c
+ $(OPENSSL_PATH)/crypto/engine/tb_ecdh.c
+ $(OPENSSL_PATH)/crypto/engine/tb_rand.c
+ $(OPENSSL_PATH)/crypto/engine/tb_store.c
+ $(OPENSSL_PATH)/crypto/engine/tb_cipher.c
+ $(OPENSSL_PATH)/crypto/engine/tb_digest.c
+ $(OPENSSL_PATH)/crypto/engine/eng_openssl.c
+ $(OPENSSL_PATH)/crypto/engine/eng_cnf.c
+ $(OPENSSL_PATH)/crypto/engine/eng_dyn.c
+ $(OPENSSL_PATH)/crypto/engine/eng_cryptodev.c
+ $(OPENSSL_PATH)/crypto/engine/eng_padlock.c
+ $(OPENSSL_PATH)/crypto/ocsp/ocsp_asn.c
+ $(OPENSSL_PATH)/crypto/ocsp/ocsp_ext.c
+ $(OPENSSL_PATH)/crypto/ocsp/ocsp_ht.c
+ $(OPENSSL_PATH)/crypto/ocsp/ocsp_lib.c
+ $(OPENSSL_PATH)/crypto/ocsp/ocsp_cl.c
+ $(OPENSSL_PATH)/crypto/ocsp/ocsp_srv.c
+ $(OPENSSL_PATH)/crypto/ocsp/ocsp_prn.c
+ $(OPENSSL_PATH)/crypto/ocsp/ocsp_vfy.c
+ $(OPENSSL_PATH)/crypto/ocsp/ocsp_err.c
+ $(OPENSSL_PATH)/crypto/ui/ui_err.c
+ $(OPENSSL_PATH)/crypto/ui/ui_lib.c
+
+ #
+ # Not required when OPENSSL_NO_STDIO is set, which is is for UEFI.
+ #
+ # $(OPENSSL_PATH)/crypto/ui/ui_openssl.c
+
+ $(OPENSSL_PATH)/crypto/ui/ui_util.c
+ $(OPENSSL_PATH)/crypto/ui/ui_compat.c
+ $(OPENSSL_PATH)/crypto/krb5/krb5_asn.c
+ $(OPENSSL_PATH)/crypto/store/str_err.c
+ $(OPENSSL_PATH)/crypto/store/str_lib.c
+ $(OPENSSL_PATH)/crypto/store/str_meth.c
+ $(OPENSSL_PATH)/crypto/store/str_mem.c
+ $(OPENSSL_PATH)/crypto/pqueue/pqueue.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+ DebugLib
+
+[BuildOptions]
+ MSFT:*_*_*_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /WX- /GL-
+ INTEL:*_*_*_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) /WX-
+ GCC:*_*_*_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -w
diff --git a/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt b/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt
new file mode 100644
index 0000000000..c35f88d55e
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt
@@ -0,0 +1,61 @@
+
+================================================================================
+ Introduction
+================================================================================
+ OpenSSL is a well-known open source implementation of SSL and TLS protocols.
+The core library implements the basic cryptographic functions and provides various
+utility functions. The OpenSSL library is widely used in variety of security
+products development as base crypto provider. (See http://www.openssl.org for more
+information for OpenSSL).
+ UEFI (Unified Extensible Firmware Interface) is a specification detailing the
+interfaces between OS and platform firmware. Several security features were
+introduced (e.g. Authenticated Variable Service, Driver Signing, etc) from UEFI
+2.2 (http://www.uefi.org). These security features highly depends on the
+cryptography. This patch will enable openssl building under UEFI environment.
+
+
+================================================================================
+ OpenSSL-Version
+================================================================================
+ Current supported OpenSSL version for UEFI Crypto Library is 0.9.8l.
+ http://www.openssl.org/source/openssl-0.9.8l.tar.gz
+
+
+================================================================================
+ HOW to Install Openssl for UEFI Building
+================================================================================
+1. Download OpenSSL 0.9.8l from official website:
+ http://www.openssl.org/source/openssl-0.9.8l.tar.gz
+
+ NOTE: Some web browsers may rename the downloaded TAR file to openssl-0.9.8l.tar.tar.
+ When you do the download, rename the "openssl-0.9.8l.tar.tar" to
+ "openssl-0.9.8l.tar.gz" or rename the local downloaded file with ".tar.tar"
+ extension to ".tar.gz".
+
+2. Extract TAR into CryptoPkg/Library/OpenSslLib/openssl-0.9.8l
+
+ NOTE: If you use WinZip to unpack the openssl source in Windows, please
+ uncheck the WinZip smart CR/LF conversion option (WINZIP: Options -->
+ Configuration --> Miscellaneous --> "TAR file smart CR/LF conversion").
+
+3. Apply this patch: EDKII_openssl-0.9.8l.patch, and make installation
+
+ For Windows Environment:
+ ------------------------
+ 1) Make sure the patch utility has been installed in your machine.
+ Install Cygwin or get the patch utility binary from
+ http://gnuwin32.sourceforge.net/packages/patch.htm
+ 2) cd $(WORKSPACE)\CryptoPkg\Library\OpensslLib\openssl-0.9.8l
+ 3) patch -p0 -i ..\EDKII_openssl-0.9.8l.patch
+ 4) cd ..
+ 5) install.cmd
+
+ For Linux* Environment:
+ -----------------------
+ 1) Make sure the patch utility has been installed in your machine.
+ Patch utility is available from http://directory.fsf.org/project/patch/
+ 2) cd $(WORKSPACE)/CryptoPkg/Library/OpensslLib/openssl-0.9.8l
+ 3) patch -p0 -i ../EDKII_openssl-0.9.8l.patch
+ 4) cd ..
+ 5) ./install.sh
+
diff --git a/CryptoPkg/Library/OpensslLib/buildinf.h b/CryptoPkg/Library/OpensslLib/buildinf.h
new file mode 100644
index 0000000000..673bf787c1
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/buildinf.h
@@ -0,0 +1,2 @@
+#define PLATFORM "UEFI"
+#define DATE "Mon Mar 8 14:17:05 PDT 2010"