diff options
| author | David Woodhouse <David.Woodhouse@intel.com> | 2015-09-08 22:51:17 -0400 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2015-09-08 23:14:36 -0400 |
| commit | 4d60c7e10f1d7ebe34842f96e13b64db7fc2dc1b (patch) | |
| tree | 88d2f0e1465209b53585aa58f9d65e4f082435d6 | |
| parent | ff2f6bb0845ef859954f7c36b2b302c60088c4c7 (diff) | |
RT3969: Add OPENSSL_SYS_UEFI
This provides support for building in the EDK II reference implementation
of UEFI. Most UEFI firmware in existence uses OpenSSL for implementing
the core cryptographic functionality needed for Secure Boot.
This has always previously been handled with external patches to OpenSSL
but we are now making a concerted effort to eliminate those.
In this mode, we don't actually use the OpenSSL makefiles; we process
the MINFO file generated by 'make files' and incorporate it into the
EDK2 build system.
Since EDK II builds for various targets with varying word size and we
need to have a single prepackaged configuration, we deliberately don't
hard-code the setting of SIXTY_FOUR_BIT vs. THIRTY_TWO_BIT in
opensslconf.h. We bypass that for OPENSSL_SYS_UEFI and allow EDK II
itself to set those, depending on the architecture.
For x86_64, EDK II sets SIXTY_FOUR_BIT and thus uses 'long long' for the
64-bit type, even when building with GCC where 'long' is also 64-bit. We
do this because the Microsoft toolchain has 32-bit 'long'.
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
| -rw-r--r-- | Configurations/10-main.conf | 7 | ||||
| -rw-r--r-- | crypto/opensslconf.h.in | 2 | ||||
| -rw-r--r-- | crypto/rand/rand_egd.c | 2 | ||||
| -rw-r--r-- | e_os.h | 2 | ||||
| -rw-r--r-- | include/openssl/e_os2.h | 17 |
5 files changed, 26 insertions, 4 deletions
diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf index 15af87ea1a..3230d86040 100644 --- a/Configurations/10-main.conf +++ b/Configurations/10-main.conf @@ -1207,6 +1207,13 @@ shared_extension => ".dll.a", }, +#### UEFI + "UEFI" => { + cc => "cc", + cflags => "-DL_ENDIAN -O", + sys_id => "UEFI", + }, + #### UWIN "UWIN" => { cc => "cc", diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in index 4429c911af..c37dbbacb4 100644 --- a/crypto/opensslconf.h.in +++ b/crypto/opensslconf.h.in @@ -73,7 +73,7 @@ #endif #endif -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) +#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) && !defined(OPENSSL_SYS_UEFI) #define CONFIG_HEADER_BN_H #undef BN_LLONG diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c index 44ed4bb47c..d062dd6cd4 100644 --- a/crypto/rand/rand_egd.c +++ b/crypto/rand/rand_egd.c @@ -95,7 +95,7 @@ * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. */ -#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI) int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) { return (-1); @@ -112,7 +112,7 @@ extern "C" { # define MSDOS # endif -# if defined(MSDOS) && !defined(GETPID_IS_MEANINGLESS) +# if (defined(MSDOS) || defined(OPENSSL_SYS_UEFI)) && !defined(GETPID_IS_MEANINGLESS) # define GETPID_IS_MEANINGLESS # endif diff --git a/include/openssl/e_os2.h b/include/openssl/e_os2.h index 9f7dcf1619..6ef1f396d6 100644 --- a/include/openssl/e_os2.h +++ b/include/openssl/e_os2.h @@ -90,7 +90,13 @@ extern "C" { * For 32 bit environment, there seems to be the CygWin environment and then * all the others that try to do the same thing Microsoft does... */ -# if defined(OPENSSL_SYS_UWIN) +/* + * UEFI lives here because it might be built with a Microsoft toolchain and + * we need to avoid the false positive match on Windows. + */ +# if defined(OPENSSL_SYS_UEFI) +# undef OPENSSL_SYS_UNIX +# elif defined(OPENSSL_SYS_UWIN) # undef OPENSSL_SYS_UNIX # define OPENSSL_SYS_WIN32_UWIN # else @@ -277,6 +283,15 @@ extern "C" { /* Standard integer types */ # if defined(__osf__) || defined(__sgi) || defined(__hpux) || defined(OPENSSL_SYS_VMS) # include <inttypes.h> +# elif defined(OPENSSL_SYS_UEFI) +typedef INT8 int8_t; +typedef UINT8 uint8_t; +typedef INT16 int16_t; +typedef UINT16 uint16_t; +typedef INT32 int32_t; +typedef UINT32 uint32_t; +typedef INT64 int64_t; +typedef UINT64 uint64_t; # elif defined(_MSC_VER) && _MSC_VER<=1500 /* * minimally required typdefs for systems not supporting inttypes.h or |