From 70d49e332d0196a15f19cbc7c603b01057e3e901 Mon Sep 17 00:00:00 2001 From: Gary Lin Date: Mon, 10 Apr 2017 16:55:17 +0800 Subject: [PATCH] Cryptlib: Remove MD4 MD4 is known to be insecure and shim never uses it. Signed-off-by: Gary Lin --- Cryptlib/Include/openssl/opensslconf.h | 3 + Cryptlib/OpenSSL/Makefile | 2 - Cryptlib/OpenSSL/crypto/md4/md4_dgst.c | 199 ------------------------- Cryptlib/OpenSSL/crypto/md4/md4_locl.h | 113 -------------- Cryptlib/OpenSSL/crypto/md4/md4_one.c | 96 ------------ Cryptlib/OpenSSL/update.sh | 3 - Cryptlib/opensslconf-diff.patch | 14 ++ Cryptlib/update.sh | 1 + 8 files changed, 18 insertions(+), 413 deletions(-) delete mode 100644 Cryptlib/OpenSSL/crypto/md4/md4_dgst.c delete mode 100644 Cryptlib/OpenSSL/crypto/md4/md4_locl.h delete mode 100644 Cryptlib/OpenSSL/crypto/md4/md4_one.c create mode 100644 Cryptlib/opensslconf-diff.patch diff --git a/Cryptlib/Include/openssl/opensslconf.h b/Cryptlib/Include/openssl/opensslconf.h index 52c83b7..46c4e13 100644 --- a/Cryptlib/Include/openssl/opensslconf.h +++ b/Cryptlib/Include/openssl/opensslconf.h @@ -86,6 +86,9 @@ extern "C" { #ifndef OPENSSL_NO_MD2 # define OPENSSL_NO_MD2 #endif +#ifndef OPENSSL_NO_MD4 +# define OPENSSL_NO_MD4 +#endif #ifndef OPENSSL_NO_MDC2 # define OPENSSL_NO_MDC2 #endif diff --git a/Cryptlib/OpenSSL/Makefile b/Cryptlib/OpenSSL/Makefile index ff1d764..8e5b8ed 100644 --- a/Cryptlib/OpenSSL/Makefile +++ b/Cryptlib/OpenSSL/Makefile @@ -41,8 +41,6 @@ OBJS = crypto/cryptlib.o \ crypto/o_fips.o \ crypto/o_init.o \ crypto/fips_ers.o \ - crypto/md4/md4_dgst.o \ - crypto/md4/md4_one.o \ crypto/md5/md5_dgst.o \ crypto/md5/md5_one.o \ crypto/sha/sha_dgst.o \ diff --git a/Cryptlib/OpenSSL/crypto/md4/md4_dgst.c b/Cryptlib/OpenSSL/crypto/md4/md4_dgst.c deleted file mode 100644 index 614fca0..0000000 --- a/Cryptlib/OpenSSL/crypto/md4/md4_dgst.c +++ /dev/null @@ -1,199 +0,0 @@ -/* crypto/md4/md4_dgst.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include "md4_locl.h" - -const char MD4_version[] = "MD4" OPENSSL_VERSION_PTEXT; - -/* - * Implemented from RFC1186 The MD4 Message-Digest Algorithm - */ - -#define INIT_DATA_A (unsigned long)0x67452301L -#define INIT_DATA_B (unsigned long)0xefcdab89L -#define INIT_DATA_C (unsigned long)0x98badcfeL -#define INIT_DATA_D (unsigned long)0x10325476L - -fips_md_init(MD4) -{ - memset(c, 0, sizeof(*c)); - c->A = INIT_DATA_A; - c->B = INIT_DATA_B; - c->C = INIT_DATA_C; - c->D = INIT_DATA_D; - return 1; -} - -#ifndef md4_block_data_order -# ifdef X -# undef X -# endif -void md4_block_data_order(MD4_CTX *c, const void *data_, size_t num) -{ - const unsigned char *data = data_; - register unsigned MD32_REG_T A, B, C, D, l; -# ifndef MD32_XARRAY - /* See comment in crypto/sha/sha_locl.h for details. */ - unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, - XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15; -# define X(i) XX##i -# else - MD4_LONG XX[MD4_LBLOCK]; -# define X(i) XX[i] -# endif - - A = c->A; - B = c->B; - C = c->C; - D = c->D; - - for (; num--;) { - (void)HOST_c2l(data, l); - X(0) = l; - (void)HOST_c2l(data, l); - X(1) = l; - /* Round 0 */ - R0(A, B, C, D, X(0), 3, 0); - (void)HOST_c2l(data, l); - X(2) = l; - R0(D, A, B, C, X(1), 7, 0); - (void)HOST_c2l(data, l); - X(3) = l; - R0(C, D, A, B, X(2), 11, 0); - (void)HOST_c2l(data, l); - X(4) = l; - R0(B, C, D, A, X(3), 19, 0); - (void)HOST_c2l(data, l); - X(5) = l; - R0(A, B, C, D, X(4), 3, 0); - (void)HOST_c2l(data, l); - X(6) = l; - R0(D, A, B, C, X(5), 7, 0); - (void)HOST_c2l(data, l); - X(7) = l; - R0(C, D, A, B, X(6), 11, 0); - (void)HOST_c2l(data, l); - X(8) = l; - R0(B, C, D, A, X(7), 19, 0); - (void)HOST_c2l(data, l); - X(9) = l; - R0(A, B, C, D, X(8), 3, 0); - (void)HOST_c2l(data, l); - X(10) = l; - R0(D, A, B, C, X(9), 7, 0); - (void)HOST_c2l(data, l); - X(11) = l; - R0(C, D, A, B, X(10), 11, 0); - (void)HOST_c2l(data, l); - X(12) = l; - R0(B, C, D, A, X(11), 19, 0); - (void)HOST_c2l(data, l); - X(13) = l; - R0(A, B, C, D, X(12), 3, 0); - (void)HOST_c2l(data, l); - X(14) = l; - R0(D, A, B, C, X(13), 7, 0); - (void)HOST_c2l(data, l); - X(15) = l; - R0(C, D, A, B, X(14), 11, 0); - R0(B, C, D, A, X(15), 19, 0); - /* Round 1 */ - R1(A, B, C, D, X(0), 3, 0x5A827999L); - R1(D, A, B, C, X(4), 5, 0x5A827999L); - R1(C, D, A, B, X(8), 9, 0x5A827999L); - R1(B, C, D, A, X(12), 13, 0x5A827999L); - R1(A, B, C, D, X(1), 3, 0x5A827999L); - R1(D, A, B, C, X(5), 5, 0x5A827999L); - R1(C, D, A, B, X(9), 9, 0x5A827999L); - R1(B, C, D, A, X(13), 13, 0x5A827999L); - R1(A, B, C, D, X(2), 3, 0x5A827999L); - R1(D, A, B, C, X(6), 5, 0x5A827999L); - R1(C, D, A, B, X(10), 9, 0x5A827999L); - R1(B, C, D, A, X(14), 13, 0x5A827999L); - R1(A, B, C, D, X(3), 3, 0x5A827999L); - R1(D, A, B, C, X(7), 5, 0x5A827999L); - R1(C, D, A, B, X(11), 9, 0x5A827999L); - R1(B, C, D, A, X(15), 13, 0x5A827999L); - /* Round 2 */ - R2(A, B, C, D, X(0), 3, 0x6ED9EBA1L); - R2(D, A, B, C, X(8), 9, 0x6ED9EBA1L); - R2(C, D, A, B, X(4), 11, 0x6ED9EBA1L); - R2(B, C, D, A, X(12), 15, 0x6ED9EBA1L); - R2(A, B, C, D, X(2), 3, 0x6ED9EBA1L); - R2(D, A, B, C, X(10), 9, 0x6ED9EBA1L); - R2(C, D, A, B, X(6), 11, 0x6ED9EBA1L); - R2(B, C, D, A, X(14), 15, 0x6ED9EBA1L); - R2(A, B, C, D, X(1), 3, 0x6ED9EBA1L); - R2(D, A, B, C, X(9), 9, 0x6ED9EBA1L); - R2(C, D, A, B, X(5), 11, 0x6ED9EBA1L); - R2(B, C, D, A, X(13), 15, 0x6ED9EBA1L); - R2(A, B, C, D, X(3), 3, 0x6ED9EBA1L); - R2(D, A, B, C, X(11), 9, 0x6ED9EBA1L); - R2(C, D, A, B, X(7), 11, 0x6ED9EBA1L); - R2(B, C, D, A, X(15), 15, 0x6ED9EBA1L); - - A = c->A += A; - B = c->B += B; - C = c->C += C; - D = c->D += D; - } -} -#endif diff --git a/Cryptlib/OpenSSL/crypto/md4/md4_locl.h b/Cryptlib/OpenSSL/crypto/md4/md4_locl.h deleted file mode 100644 index dc86a86..0000000 --- a/Cryptlib/OpenSSL/crypto/md4/md4_locl.h +++ /dev/null @@ -1,113 +0,0 @@ -/* crypto/md4/md4_locl.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#ifndef MD4_LONG_LOG2 -# define MD4_LONG_LOG2 2 /* default to 32 bits */ -#endif - -void md4_block_data_order(MD4_CTX *c, const void *p, size_t num); - -#define DATA_ORDER_IS_LITTLE_ENDIAN - -#define HASH_LONG MD4_LONG -#define HASH_CTX MD4_CTX -#define HASH_CBLOCK MD4_CBLOCK -#define HASH_UPDATE MD4_Update -#define HASH_TRANSFORM MD4_Transform -#define HASH_FINAL MD4_Final -#define HASH_MAKE_STRING(c,s) do { \ - unsigned long ll; \ - ll=(c)->A; (void)HOST_l2c(ll,(s)); \ - ll=(c)->B; (void)HOST_l2c(ll,(s)); \ - ll=(c)->C; (void)HOST_l2c(ll,(s)); \ - ll=(c)->D; (void)HOST_l2c(ll,(s)); \ - } while (0) -#define HASH_BLOCK_DATA_ORDER md4_block_data_order - -#include "md32_common.h" - -/*- -#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) -#define G(x,y,z) (((x) & (y)) | ((x) & ((z))) | ((y) & ((z)))) -*/ - -/* - * As pointed out by Wei Dai , the above can be simplified - * to the code below. Wei attributes these optimizations to Peter Gutmann's - * SHS code, and he attributes it to Rich Schroeppel. - */ -#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d)) -#define G(b,c,d) (((b) & (c)) | ((b) & (d)) | ((c) & (d))) -#define H(b,c,d) ((b) ^ (c) ^ (d)) - -#define R0(a,b,c,d,k,s,t) { \ - a+=((k)+(t)+F((b),(c),(d))); \ - a=ROTATE(a,s); }; - -#define R1(a,b,c,d,k,s,t) { \ - a+=((k)+(t)+G((b),(c),(d))); \ - a=ROTATE(a,s); };\ - -#define R2(a,b,c,d,k,s,t) { \ - a+=((k)+(t)+H((b),(c),(d))); \ - a=ROTATE(a,s); }; diff --git a/Cryptlib/OpenSSL/crypto/md4/md4_one.c b/Cryptlib/OpenSSL/crypto/md4/md4_one.c deleted file mode 100644 index 32ebd5f..0000000 --- a/Cryptlib/OpenSSL/crypto/md4/md4_one.c +++ /dev/null @@ -1,96 +0,0 @@ -/* crypto/md4/md4_one.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#ifdef CHARSET_EBCDIC -# include -#endif - -unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md) -{ - MD4_CTX c; - static unsigned char m[MD4_DIGEST_LENGTH]; - - if (md == NULL) - md = m; - if (!MD4_Init(&c)) - return NULL; -#ifndef CHARSET_EBCDIC - MD4_Update(&c, d, n); -#else - { - char temp[1024]; - unsigned long chunk; - - while (n > 0) { - chunk = (n > sizeof(temp)) ? sizeof(temp) : n; - ebcdic2ascii(temp, d, chunk); - MD4_Update(&c, temp, chunk); - n -= chunk; - d += chunk; - } - } -#endif - MD4_Final(md, &c); - OPENSSL_cleanse(&c, sizeof(c)); /* security consideration */ - return (md); -} diff --git a/Cryptlib/OpenSSL/update.sh b/Cryptlib/OpenSSL/update.sh index 8e1cc0a..11c9e07 100755 --- a/Cryptlib/OpenSSL/update.sh +++ b/Cryptlib/OpenSSL/update.sh @@ -25,9 +25,6 @@ install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-$version/crypto/o_fips.c cr install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-$version/crypto/o_init.c crypto/o_init.c install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-$version/crypto/fips_ers.c crypto/fips_ers.c install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-$version/crypto/LPdir_nyi.c crypto/LPdir_nyi.c -install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-$version/crypto/md4/md4_locl.h crypto/md4/md4_locl.h -install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-$version/crypto/md4/md4_dgst.c crypto/md4/md4_dgst.c -install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-$version/crypto/md4/md4_one.c crypto/md4/md4_one.c install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-$version/crypto/md5/md5_locl.h crypto/md5/md5_locl.h install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-$version/crypto/md5/md5_dgst.c crypto/md5/md5_dgst.c install -D $DIR/CryptoPkg/Library/OpensslLib/openssl-$version/crypto/md5/md5_one.c crypto/md5/md5_one.c diff --git a/Cryptlib/opensslconf-diff.patch b/Cryptlib/opensslconf-diff.patch new file mode 100644 index 0000000..76caa2c --- /dev/null +++ b/Cryptlib/opensslconf-diff.patch @@ -0,0 +1,14 @@ +diff --git a/Cryptlib/Include/openssl/opensslconf.h b/Cryptlib/Include/openssl/opensslconf.h +index 1917d7a..68a2603 100644 +--- a/Cryptlib/Include/openssl/opensslconf.h ++++ b/Cryptlib/Include/openssl/opensslconf.h +@@ -59,6 +59,9 @@ extern "C" { + #ifndef OPENSSL_NO_MD2 + # define OPENSSL_NO_MD2 + #endif ++#ifndef OPENSSL_NO_MD4 ++# define OPENSSL_NO_MD4 ++#endif + #ifndef OPENSSL_NO_MDC2 + # define OPENSSL_NO_MDC2 + #endif diff --git a/Cryptlib/update.sh b/Cryptlib/update.sh index 255e175..31a082d 100755 --- a/Cryptlib/update.sh +++ b/Cryptlib/update.sh @@ -32,3 +32,4 @@ cp $DIR/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c SysCall/BaseM cp $DIR/CryptoPkg/Library/OpensslLib/openssl-${OPENSSL_VERSION}/include/openssl/* Include/openssl/ patch -p2