2) Fixed QHexView misalignment in Windows and macOS.
3) Added some more analysis to raw files and sections: raw files can (or can not) contain sections, raw sections can contain NVAR storage or PE/TE.
4) Improved CPU base address detection and propagation.
5) Improved FIT recognition.
7) ME region not displayed if it is in unknown format, fixed this because we still want to operate with it.
8) Small changes to Flash Descriptor parsing to get more cases for valid "Intel image". To get rid of cases when "Intel image" is already in tree but with parse error because of which "UEFI image" appears.
9) Added parsing of individual UEFI-files (these can be trimmed from UEFI-volume), displaying it as "UEFI volume part".
10) Added possibility to view/save contents of elements "Free volume space", "Free space" and such, because these can be non-empty.
11) Added info about blocks number and block size (with preliminary and stupid validity check) to volume info.
12) Added storage in settings of the following paths: open image file, save image file, open GUIDs file.
13) Added last opened files list.
14) Added permanent opened file name string to the end of the status bar.
15) Added opened file changes tracking: if the file was modified in other program while it is opened in UEFITool, there are 3 ways to act: a) ignore changes (but mark file path displayed in the status bar with italic font); b) ask user to reopen or ignore (if ignore, mark as in a); c) auto reopen changed file in UEFITool. If changes were in some way ignored, file path displayed in the right of the status bar will be marked with italic font and then become clickable: on click request to reopen appears again.
16) Switched to offset/size instead of byte array storing in each tree item.
17) For clarity - added icons to key tree items (compressed and with contents, contents now must be in root item only).
18) For usability - added expanding tree on open image (to depth level 1) and by menu command (expand all).
The header size needs to be probably added here, maybe it was forgotten ?
This is needed in order to get the proper base address of a CPD_EXT_IFWI_PARTITION_MANIFEST structure in the image for example in that specific case.
If I don't do this, it points to a meaningless address.
Let me know if there can be any issues with this.
As the first step towards automated parsing, this change set replaces outdated BootGuard-related parsers with shiny new KaitaiStruct-based ones.
It also does the following:
- improves Intel FIT definitions by using the relevant specification
- adds sha1, sha384, sha512 and sm3 digest implementations
- updates LZMA SDK to v22.01
- moves GUIDs out of include files to prevent multiple instantiations
- enforces C++11
- adds Kaitai-based parsers for Intel FIT, BootGuard v1 and BootGuard v2 structures
- makes many small refactorings here, there and everywhere
