Overview

File shim-remove-cryptpem.patch of Package shim.12900

From 063d4aa37d271ce5c30a9c7a1746af421d40ca17 Mon Sep 17 00:00:00 2001
From: Gary Lin <glin@suse.com>
Date: Thu, 4 Jan 2018 14:54:34 +0800
Subject: [PATCH] Cryptlib: replace CryptPem with CryptPemNull

We don't need the functions in CryptPem.c.

Signed-off-by: Gary Lin <glin@suse.com>
---
 Cryptlib/Makefile           |   2 +-
 Cryptlib/Pem/CryptPem.c     | 135 --------------------------------------------
 Cryptlib/Pem/CryptPemNull.c |  44 +++++++++++++++
 3 files changed, 45 insertions(+), 136 deletions(-)
 delete mode 100644 Cryptlib/Pem/CryptPem.c
 create mode 100644 Cryptlib/Pem/CryptPemNull.c

diff --git a/Cryptlib/Makefile b/Cryptlib/Makefile
index bf9d0dc..a025ac5 100644
--- a/Cryptlib/Makefile
+++ b/Cryptlib/Makefile
@@ -40,7 +40,7 @@ OBJS		=   Hash/CryptMd4Null.o \
 		    Pk/CryptTs.o \
 		    Pk/CryptX509.o \
 		    Pk/CryptAuthenticode.o \
-		    Pem/CryptPem.o \
+		    Pem/CryptPemNull.o \
 		    SysCall/CrtWrapper.o \
 		    SysCall/TimerWrapper.o \
 		    SysCall/BaseMemAllocation.o \
diff --git a/Cryptlib/Pem/CryptPem.c b/Cryptlib/Pem/CryptPem.c
deleted file mode 100644
index 51e648b..0000000
--- a/Cryptlib/Pem/CryptPem.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/** @file
-  PEM (Privacy Enhanced Mail) Format Handler Wrapper Implementation over OpenSSL.
-
-Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution.  The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "InternalCryptLib.h"
-#include <openssl/pem.h>
-
-/**
-  Callback function for password phrase conversion used for retrieving the encrypted PEM.
-
-  @param[out]  Buf      Pointer to the buffer to write the passphrase to.
-  @param[in]   Size     Maximum length of the passphrase (i.e. the size of Buf).
-  @param[in]   Flag     A flag which is set to 0 when reading and 1 when writing.
-  @param[in]   Key      Key data to be passed to the callback routine.
-
-  @retval  The number of characters in the passphrase or 0 if an error occurred.
-
-**/
-INTN
-PasswordCallback (
-  OUT  CHAR8  *Buf, 
-  IN   INTN   Size, 
-  IN   INTN   Flag, 
-  IN   VOID   *Key
-  )
-{
-  INTN  KeyLength;
-
-  ZeroMem ((VOID *) Buf, (UINTN) Size);
-  if (Key != NULL) {
-    //
-    // Duplicate key phrase directly.
-    //
-    KeyLength = (INTN) AsciiStrLen ((CHAR8 *)Key);
-    KeyLength = (KeyLength > Size ) ? Size : KeyLength;
-    CopyMem (Buf, Key, (UINTN) KeyLength);
-    return KeyLength;
-  } else {
-    return 0;
-  }
-}
-
-/**
-  Retrieve the RSA Private Key from the password-protected PEM key data.
-
-  @param[in]  PemData      Pointer to the PEM-encoded key data to be retrieved.
-  @param[in]  PemSize      Size of the PEM key data in bytes.
-  @param[in]  Password     NULL-terminated passphrase used for encrypted PEM key data.
-  @param[out] RsaContext   Pointer to new-generated RSA context which contain the retrieved
-                           RSA private key component. Use RsaFree() function to free the
-                           resource.
-
-  If PemData is NULL, then return FALSE.
-  If RsaContext is NULL, then return FALSE.
-
-  @retval  TRUE   RSA Private Key was retrieved successfully.
-  @retval  FALSE  Invalid PEM key data or incorrect password.
-
-**/
-BOOLEAN
-EFIAPI
-RsaGetPrivateKeyFromPem (
-  IN   CONST UINT8  *PemData,
-  IN   UINTN        PemSize,
-  IN   CONST CHAR8  *Password,
-  OUT  VOID         **RsaContext
-  )
-{
-  BOOLEAN  Status;
-  BIO      *PemBio;
-
-  //
-  // Check input parameters.
-  //
-  if (PemData == NULL || RsaContext == NULL || PemSize > INT_MAX) {
-    return FALSE;
-  }
-
-  //
-  // Add possible block-cipher descriptor for PEM data decryption.
-  // NOTE: Only support most popular ciphers (3DES, AES) for the encrypted PEM.
-  //
-  if (EVP_add_cipher (EVP_des_ede3_cbc ()) == 0) {
-    return FALSE;
-  }
-  if (EVP_add_cipher (EVP_aes_128_cbc ()) == 0) {
-    return FALSE;
-  }
-  if (EVP_add_cipher (EVP_aes_192_cbc ()) == 0) {
-    return FALSE;
-  }
-  if (EVP_add_cipher (EVP_aes_256_cbc ()) == 0) {
-    return FALSE;
-  }
-
-  Status = FALSE;
-
-  //
-  // Read encrypted PEM Data.
-  //
-  PemBio = BIO_new (BIO_s_mem ());
-  if (PemBio == NULL) {
-    goto _Exit;
-  }
-
-  if (BIO_write (PemBio, PemData, (int) PemSize) <= 0) {
-    goto _Exit;
-  }
-
-  //
-  // Retrieve RSA Private Key from encrypted PEM data.
-  //
-  *RsaContext = PEM_read_bio_RSAPrivateKey (PemBio, NULL, (pem_password_cb *) &PasswordCallback, (void *) Password);
-  if (*RsaContext != NULL) {
-    Status = TRUE;
-  }
-
-_Exit:
-  //
-  // Release Resources.
-  //
-  BIO_free (PemBio);
-
-  return Status;
-}
diff --git a/Cryptlib/Pem/CryptPemNull.c b/Cryptlib/Pem/CryptPemNull.c
new file mode 100644
index 0000000..8c9e4f0
--- /dev/null
+++ b/Cryptlib/Pem/CryptPemNull.c
@@ -0,0 +1,44 @@
+/** @file
+  PEM (Privacy Enhanced Mail) Format Handler Wrapper Implementation which does
+  not provide real capabilities.
+
+Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "InternalCryptLib.h"
+
+/**
+  Retrieve the RSA Private Key from the password-protected PEM key data.
+
+  Return FALSE to indicate this interface is not supported.
+
+  @param[in]  PemData      Pointer to the PEM-encoded key data to be retrieved.
+  @param[in]  PemSize      Size of the PEM key data in bytes.
+  @param[in]  Password     NULL-terminated passphrase used for encrypted PEM key data.
+  @param[out] RsaContext   Pointer to new-generated RSA context which contain the retrieved
+                           RSA private key component. Use RsaFree() function to free the
+                           resource.
+
+  @retval FALSE  This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+RsaGetPrivateKeyFromPem (
+  IN   CONST UINT8  *PemData,
+  IN   UINTN        PemSize,
+  IN   CONST CHAR8  *Password,
+  OUT  VOID         **RsaContext
+  )
+{
+  ASSERT (FALSE);
+  return FALSE;
+}
-- 
2.15.1
openSUSE Build Service is sponsored by
Places