From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 540AB940FDE for ; Thu, 3 Aug 2023 04:39:09 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=vrFAnTKpXaoXwMFLItlYtjvvo8v8lQ2NVr8nhtaM8UI=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1691037548; v=1; b=P1NYcyvuvdMcR68mxQJ7fn8WHCFUhoYNeMs80fNVEtnIiGXbMl7mfFFHykA+DK9NRO7GmCLU eZlx6jdN/CSKA81ht1a8T9PBp0oZVI3BH0azzWTlAsdfK19oIrslrtov+jWykRU15ZAZCmJN/L+ gVo00OOKZYSJTNIqSGodrNiY= X-Received: by 127.0.0.2 with SMTP id paKQYY7687511xCR61WUGo32; Wed, 02 Aug 2023 21:39:08 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.43]) by mx.groups.io with SMTP id smtpd.web10.7306.1691037531078533765 for ; Wed, 02 Aug 2023 21:39:07 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10790"; a="456141226" X-IronPort-AV: E=Sophos;i="6.01,251,1684825200"; d="scan'208";a="456141226" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Aug 2023 21:39:07 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10790"; a="794848095" X-IronPort-AV: E=Sophos;i="6.01,251,1684825200"; d="scan'208";a="794848095" X-Received: from liyi4-desktop.ccr.corp.intel.com ([10.239.153.10]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Aug 2023 21:39:05 -0700 From: "Li, Yi" To: devel@edk2.groups.io Cc: Yi Li , Jiewen Yao , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH V2 25/29] CryptoPkg: add more dummy implement of openssl for size optimization Date: Thu, 3 Aug 2023 12:37:43 +0800 Message-Id: <655bf9266eb11fbdad0b4a261373accf195d619f.1691031203.git.yi1.li@intel.com> In-Reply-To: References: MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,yi1.li@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: lyJ2zDoTdtLMa6J9LnsVpGZOx7686176AA= Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=P1NYcyvu; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Add dummy implement of Encoder, Pkcs12 and sslserver. OpenSSL libraries which don't need these features can include these files to reduce the size of output. Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Xiaoyu Lu Cc: Guomin Jiang --- CryptoPkg/Library/OpensslLib/OpensslLib.inf | 4 + .../Library/OpensslLib/OpensslLibAccel.inf | 4 + .../Library/OpensslLib/OpensslLibCrypto.inf | 2 + .../Library/OpensslLib/OpensslLibFull.inf | 4 + .../OpensslLib/OpensslLibFullAccel.inf | 4 + .../OpensslLib/OpensslStub/EncoderNull.c | 364 ++++++++++++ .../OpensslLib/OpensslStub/Pkcs12Null.c | 146 +++++ .../OpensslLib/OpensslStub/SslExtServNull.c | 517 ++++++++++++++++++ .../OpensslLib/OpensslStub/SslStatServNull.c | 306 +++++++++++ 9 files changed, 1351 insertions(+) create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/EncoderNull.c create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/Pkcs12Null.c create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/SslExtServNull.c create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/SslStatServNull.c diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf index 856cbdd859..3fbebde0e5 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf @@ -40,6 +40,10 @@ # OpensslStub/SslNull.c OpensslStub/EcSm2Null.c OpensslStub/uefiprov.c + OpensslStub/EncoderNull.c + OpensslStub/SslStatServNull.c + OpensslStub/SslExtServNull.c + OpensslStub/Pkcs12Null.c [Packages] MdePkg/MdePkg.dec diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf index 5e8bface2e..1b1f021ca0 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf @@ -42,6 +42,10 @@ # OpensslStub/SslNull.c OpensslStub/EcSm2Null.c OpensslStub/uefiprov.c + OpensslStub/EncoderNull.c + OpensslStub/SslStatServNull.c + OpensslStub/SslExtServNull.c + OpensslStub/Pkcs12Null.c [Sources.IA32] # Autogenerated files list starts here diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf index e17f813f22..1916c230bb 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf @@ -41,6 +41,8 @@ OpensslStub/SslNull.c OpensslStub/EcSm2Null.c OpensslStub/uefiprov.c + OpensslStub/EncoderNull.c + OpensslStub/Pkcs12Null.c [Packages] MdePkg/MdePkg.dec diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf b/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf index b049bd4067..0bb7a52f57 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf @@ -45,6 +45,10 @@ # OpensslStub/SslNull.c # OpensslStub/EcSm2Null.c OpensslStub/uefiprov.c + OpensslStub/EncoderNull.c + OpensslStub/SslStatServNull.c + OpensslStub/SslExtServNull.c + OpensslStub/Pkcs12Null.c [Packages] MdePkg/MdePkg.dec diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf index 56962afffc..de67660000 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf @@ -47,6 +47,10 @@ # OpensslStub/SslNull.c # OpensslStub/EcSm2Null.c OpensslStub/uefiprov.c + OpensslStub/EncoderNull.c + OpensslStub/SslStatServNull.c + OpensslStub/SslExtServNull.c + OpensslStub/Pkcs12Null.c [Sources.IA32] # Autogenerated files list starts here diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/EncoderNull.c b/CryptoPkg/Library/OpensslLib/OpensslStub/EncoderNull.c new file mode 100644 index 0000000000..f3106cf8ab --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/OpensslStub/EncoderNull.c @@ -0,0 +1,364 @@ +/** @file + Null implementation of ENCODER functions called by BaseCryptLib. + + Copyright (c) 2022, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +OSSL_ENCODER * +OSSL_ENCODER_fetch ( + OSSL_LIB_CTX *libctx, + const char *name, + const char *properties + ) +{ + return NULL; +} + +int +OSSL_ENCODER_up_ref ( + OSSL_ENCODER *encoder + ) +{ + return 0; +} + +void +OSSL_ENCODER_free ( + OSSL_ENCODER *encoder + ) +{ +} + +const OSSL_PROVIDER * +OSSL_ENCODER_get0_provider ( + const OSSL_ENCODER *encoder + ) +{ + return NULL; +} + +const char * +OSSL_ENCODER_get0_properties ( + const OSSL_ENCODER *encoder + ) +{ + return NULL; +} + +const char * +OSSL_ENCODER_get0_name ( + const OSSL_ENCODER *kdf + ) +{ + return NULL; +} + +const char * +OSSL_ENCODER_get0_description ( + const OSSL_ENCODER *kdf + ) +{ + return NULL; +} + +int +OSSL_ENCODER_is_a ( + const OSSL_ENCODER *encoder, + const char *name + ) +{ + return 0; +} + +void +OSSL_ENCODER_do_all_provided ( + OSSL_LIB_CTX *libctx, + void ( *fn )(OSSL_ENCODER *encoder, void *arg), + void *arg + ) +{ +} + +int +OSSL_ENCODER_names_do_all ( + const OSSL_ENCODER *encoder, + void ( *fn )(const char *name, void *data), + void *data + ) +{ + return 0; +} + +const OSSL_PARAM * +OSSL_ENCODER_gettable_params ( + OSSL_ENCODER *encoder + ) +{ + return NULL; +} + +int +OSSL_ENCODER_get_params ( + OSSL_ENCODER *encoder, + OSSL_PARAM params[] + ) +{ + return 0; +} + +const OSSL_PARAM * +OSSL_ENCODER_settable_ctx_params ( + OSSL_ENCODER *encoder + ) +{ + return NULL; +} + +OSSL_ENCODER_CTX * +OSSL_ENCODER_CTX_new ( + void + ) +{ + return NULL; +} + +int +OSSL_ENCODER_CTX_set_params ( + OSSL_ENCODER_CTX *ctx, + const OSSL_PARAM params[] + ) +{ + return 0; +} + +void +OSSL_ENCODER_CTX_free ( + OSSL_ENCODER_CTX *ctx + ) +{ +} + +/* Utilities that help set specific parameters */ +int +OSSL_ENCODER_CTX_set_passphrase ( + OSSL_ENCODER_CTX *ctx, + const unsigned char *kstr, + size_t klen + ) +{ + return 0; +} + +int +OSSL_ENCODER_CTX_set_pem_password_cb ( + OSSL_ENCODER_CTX *ctx, + pem_password_cb *cb, + void *cbarg + ) +{ + return 0; +} + +int +OSSL_ENCODER_CTX_set_passphrase_cb ( + OSSL_ENCODER_CTX *ctx, + OSSL_PASSPHRASE_CALLBACK *cb, + void *cbarg + ) +{ + return 0; +} + +int +OSSL_ENCODER_CTX_set_passphrase_ui ( + OSSL_ENCODER_CTX *ctx, + const UI_METHOD *ui_method, + void *ui_data + ) +{ + return 0; +} + +int +OSSL_ENCODER_CTX_set_cipher ( + OSSL_ENCODER_CTX *ctx, + const char *cipher_name, + const char *propquery + ) +{ + return 0; +} + +int +OSSL_ENCODER_CTX_set_selection ( + OSSL_ENCODER_CTX *ctx, + int selection + ) +{ + return 0; +} + +int +OSSL_ENCODER_CTX_set_output_type ( + OSSL_ENCODER_CTX *ctx, + const char *output_type + ) +{ + return 0; +} + +int +OSSL_ENCODER_CTX_set_output_structure ( + OSSL_ENCODER_CTX *ctx, + const char *output_structure + ) +{ + return 0; +} + +/* Utilities to add encoders */ +int +OSSL_ENCODER_CTX_add_encoder ( + OSSL_ENCODER_CTX *ctx, + OSSL_ENCODER *encoder + ) +{ + return 0; +} + +int +OSSL_ENCODER_CTX_add_extra ( + OSSL_ENCODER_CTX *ctx, + OSSL_LIB_CTX *libctx, + const char *propq + ) +{ + return 0; +} + +int +OSSL_ENCODER_CTX_get_num_encoders ( + OSSL_ENCODER_CTX *ctx + ) +{ + return 0; +} + +OSSL_ENCODER * +OSSL_ENCODER_INSTANCE_get_encoder ( + OSSL_ENCODER_INSTANCE *encoder_inst + ) +{ + return NULL; +} + +void * +OSSL_ENCODER_INSTANCE_get_encoder_ctx ( + OSSL_ENCODER_INSTANCE *encoder_inst + ) +{ + return NULL; +} + +const char * +OSSL_ENCODER_INSTANCE_get_output_type ( + OSSL_ENCODER_INSTANCE *encoder_inst + ) +{ + return NULL; +} + +const char * +OSSL_ENCODER_INSTANCE_get_output_structure ( + OSSL_ENCODER_INSTANCE *encoder_inst + ) +{ + return NULL; +} + +int +OSSL_ENCODER_CTX_set_construct ( + OSSL_ENCODER_CTX *ctx, + OSSL_ENCODER_CONSTRUCT *construct + ) +{ + return 0; +} + +int +OSSL_ENCODER_CTX_set_construct_data ( + OSSL_ENCODER_CTX *ctx, + void *construct_data + ) +{ + return 0; +} + +int +OSSL_ENCODER_CTX_set_cleanup ( + OSSL_ENCODER_CTX *ctx, + OSSL_ENCODER_CLEANUP *cleanup + ) +{ + return 0; +} + +/* Utilities to output the object to encode */ +int +OSSL_ENCODER_to_bio ( + OSSL_ENCODER_CTX *ctx, + BIO *out + ) +{ + return 0; +} + +#ifndef OPENSSL_NO_STDIO +int +OSSL_ENCODER_to_fp ( + OSSL_ENCODER_CTX *ctx, + FILE *fp + ); + +#endif +int +OSSL_ENCODER_to_data ( + OSSL_ENCODER_CTX *ctx, + unsigned char **pdata, + size_t *pdata_len + ) +{ + return 0; +} + +OSSL_ENCODER_CTX * +OSSL_ENCODER_CTX_new_for_pkey ( + const EVP_PKEY *pkey, + int selection, + const char *output_type, + const char *output_struct, + const char *propquery + ) +{ + return NULL; +} + +int +ossl_encoder_store_remove_all_provided ( + const OSSL_PROVIDER *prov + ) +{ + return -1; +} + +int +ossl_encoder_store_cache_flush ( + OSSL_LIB_CTX *libctx + ) +{ + return -1; +} diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/Pkcs12Null.c b/CryptoPkg/Library/OpensslLib/OpensslStub/Pkcs12Null.c new file mode 100644 index 0000000000..0fb49496d3 --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/OpensslStub/Pkcs12Null.c @@ -0,0 +1,146 @@ +/** @file + Null implementation of PKCS12 and PKCS8 functions called by BaseCryptLib. + + Copyright (c) 2022, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +int +PKCS12_PBE_keyivgen_ex ( + EVP_CIPHER_CTX *ctx, + const char *pass, + int passlen, + ASN1_TYPE *param, + const EVP_CIPHER *cipher, + const EVP_MD *md, + int en_de, + OSSL_LIB_CTX *libctx, + const char *propq + ) +{ + return -1; +} + +int +PKCS12_PBE_keyivgen ( + EVP_CIPHER_CTX *ctx, + const char *pass, + int passlen, + ASN1_TYPE *param, + const EVP_CIPHER *cipher, + const EVP_MD *md, + int en_de + ) +{ + return -1; +} + +X509_SIG * +PKCS8_encrypt ( + int pbe_nid, + const EVP_CIPHER *cipher, + const char *pass, + int passlen, + unsigned char *salt, + int saltlen, + int iter, + PKCS8_PRIV_KEY_INFO *p8inf + ) +{ + return NULL; +} + +PKCS8_PRIV_KEY_INFO * +PKCS8_decrypt ( + const X509_SIG *p8, + const char *pass, + int passlen + ) +{ + return NULL; +} + +unsigned char * +PKCS12_pbe_crypt_ex ( + const X509_ALGOR *algor, + const char *pass, + int passlen, + const unsigned char *in, + int inlen, + unsigned char **data, + int *datalen, + int en_de, + OSSL_LIB_CTX *libctx, + const char *propq + ) +{ + return NULL; +} + +X509_SIG * +PKCS8_encrypt_ex ( + int pbe_nid, + const EVP_CIPHER *cipher, + const char *pass, + int passlen, + unsigned char *salt, + int saltlen, + int iter, + PKCS8_PRIV_KEY_INFO *p8inf, + OSSL_LIB_CTX *libctx, + const char *propq + ) +{ + return NULL; +} + +const ASN1_ITEM * +PKCS12_it ( + void + ) +{ + return NULL; +} + +const ASN1_ITEM * +PKCS12_MAC_DATA_it ( + void + ) +{ + return NULL; +} + +const ASN1_ITEM * +PKCS12_SAFEBAG_it ( + void + ) +{ + return NULL; +} + +const ASN1_ITEM * +PKCS12_BAGS_it ( + void + ) +{ + return NULL; +} + +const ASN1_ITEM * +PKCS12_AUTHSAFES_it ( + void + ) +{ + return NULL; +} + +const ASN1_ITEM * +PKCS12_SAFEBAGS_it ( + void + ) +{ + return NULL; +} diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/SslExtServNull.c b/CryptoPkg/Library/OpensslLib/OpensslStub/SslExtServNull.c new file mode 100644 index 0000000000..e3b3aa26ec --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/OpensslStub/SslExtServNull.c @@ -0,0 +1,517 @@ +/** @file + Null implementation of SslExtServ functions called by TlsLib. + + Copyright (c) 2023, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include "../ssl_local.h" +#include "statem_local.h" +#include "internal/cryptlib.h" + +int +tls_parse_ctos_renegotiate ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return -1; +} + +int +tls_parse_ctos_server_name ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +int +tls_parse_ctos_maxfragmentlen ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +#ifndef OPENSSL_NO_SRP +int +tls_parse_ctos_srp ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +#endif + +int +tls_parse_ctos_ec_pt_formats ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +int +tls_parse_ctos_session_ticket ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +int +tls_parse_ctos_sig_algs_cert ( + SSL *s, + PACKET *pkt, + ossl_unused unsigned int context, + ossl_unused X509 *x, + ossl_unused size_t chainidx + ) +{ + return 0; +} + +int +tls_parse_ctos_sig_algs ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +#ifndef OPENSSL_NO_OCSP +int +tls_parse_ctos_status_request ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +#endif + +#ifndef OPENSSL_NO_NEXTPROTONEG +int +tls_parse_ctos_npn ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +#endif + +/* + * Save the ALPN extension in a ClientHello.|pkt| holds the contents of the ALPN + * extension, not including type and length. Returns: 1 on success, 0 on error. + */ +int +tls_parse_ctos_alpn ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +#ifndef OPENSSL_NO_SRTP +int +tls_parse_ctos_use_srtp ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +#endif + +int +tls_parse_ctos_etm ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +/* + * Process a psk_kex_modes extension received in the ClientHello. |pkt| contains + * the raw PACKET data for the extension. Returns 1 on success or 0 on failure. + */ +int +tls_parse_ctos_psk_kex_modes ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +/* + * Process a key_share extension received in the ClientHello. |pkt| contains + * the raw PACKET data for the extension. Returns 1 on success or 0 on failure. + */ +int +tls_parse_ctos_key_share ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +int +tls_parse_ctos_cookie ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +int +tls_parse_ctos_supported_groups ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +int +tls_parse_ctos_ems ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +int +tls_parse_ctos_early_data ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +int +tls_parse_ctos_psk ( + SSL *s, + PACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return 0; +} + +int +tls_parse_ctos_post_handshake_auth ( + SSL *s, + PACKET *pkt, + ossl_unused unsigned int context, + ossl_unused X509 *x, + ossl_unused size_t chainidx + ) +{ + return 0; +} + +/* + * Add the server's renegotiation binding + */ +EXT_RETURN +tls_construct_stoc_renegotiate ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +EXT_RETURN +tls_construct_stoc_server_name ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +/* Add/include the server's max fragment len extension into ServerHello */ +EXT_RETURN +tls_construct_stoc_maxfragmentlen ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +EXT_RETURN +tls_construct_stoc_ec_pt_formats ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +EXT_RETURN +tls_construct_stoc_supported_groups ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +EXT_RETURN +tls_construct_stoc_session_ticket ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +#ifndef OPENSSL_NO_OCSP +EXT_RETURN +tls_construct_stoc_status_request ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +#endif + +#ifndef OPENSSL_NO_NEXTPROTONEG +EXT_RETURN +tls_construct_stoc_next_proto_neg ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +#endif + +EXT_RETURN +tls_construct_stoc_alpn ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +#ifndef OPENSSL_NO_SRTP +EXT_RETURN +tls_construct_stoc_use_srtp ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +#endif + +EXT_RETURN +tls_construct_stoc_etm ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +EXT_RETURN +tls_construct_stoc_ems ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +EXT_RETURN +tls_construct_stoc_supported_versions ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +EXT_RETURN +tls_construct_stoc_key_share ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +EXT_RETURN +tls_construct_stoc_cookie ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +EXT_RETURN +tls_construct_stoc_cryptopro_bug ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +EXT_RETURN +tls_construct_stoc_early_data ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} + +EXT_RETURN +tls_construct_stoc_psk ( + SSL *s, + WPACKET *pkt, + unsigned int context, + X509 *x, + size_t chainidx + ) +{ + return EXT_RETURN_FAIL; +} diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/SslStatServNull.c b/CryptoPkg/Library/OpensslLib/OpensslStub/SslStatServNull.c new file mode 100644 index 0000000000..878f9e1a0b --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/OpensslStub/SslStatServNull.c @@ -0,0 +1,306 @@ +/** @file + Null implementation of SslStatServ functions called by TlsLib. + + Copyright (c) 2023, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "../ssl_local.h" +#include "statem_local.h" +#include "internal/constant_time.h" +#include "internal/cryptlib.h" +#include +#include + +int +ossl_statem_server_read_transition ( + SSL *s, + int mt + ) +{ + return 0; +} + +/* + * Should we send a CertificateRequest message? + * + * Valid return values are: + * 1: Yes + * 0: No + */ +int +send_certificate_request ( + SSL *s + ) +{ + return 0; +} + +/* + * ossl_statem_server_write_transition() works out what handshake state to move + * to next when the server is writing messages to be sent to the client. + */ +WRITE_TRAN +ossl_statem_server_write_transition ( + SSL *s + ) +{ + return WRITE_TRAN_ERROR; +} + +WORK_STATE +ossl_statem_server_pre_work ( + SSL *s, + WORK_STATE wst + ) +{ + return WORK_ERROR; +} + +/* + * Perform any work that needs to be done after sending a message from the + * server to the client. + */ +WORK_STATE +ossl_statem_server_post_work ( + SSL *s, + WORK_STATE wst + ) +{ + return WORK_ERROR; +} + +/* + * Get the message construction function and message type for sending from the + * server + * + * Valid return values are: + * 1: Success + * 0: Error + */ +int +ossl_statem_server_construct_message ( + SSL *s, + WPACKET *pkt, + confunc_f *confunc, + int *mt + ) +{ + return 0; +} + +/* + * Returns the maximum allowed length for the current message that we are + * reading. Excludes the message header. + */ +size_t +ossl_statem_server_max_message_size ( + SSL *s + ) +{ + return 0; +} + +/* + * Process a message that the server has received from the client. + */ +MSG_PROCESS_RETURN +ossl_statem_server_process_message ( + SSL *s, + PACKET *pkt + ) +{ + return MSG_PROCESS_ERROR; +} + +/* + * Perform any further processing required following the receipt of a message + * from the client + */ +WORK_STATE +ossl_statem_server_post_process_message ( + SSL *s, + WORK_STATE wst + ) +{ + return WORK_ERROR; +} + +int +dtls_raw_hello_verify_request ( + WPACKET *pkt, + unsigned char *cookie, + size_t cookie_len + ) +{ + return 0; +} + +int +dtls_construct_hello_verify_request ( + SSL *s, + WPACKET *pkt + ) +{ + return 0; +} + +MSG_PROCESS_RETURN +tls_process_client_hello ( + SSL *s, + PACKET *pkt + ) +{ + return MSG_PROCESS_ERROR; +} + +/* + * Call the alpn_select callback if needed. Upon success, returns 1. + * Upon failure, returns 0. + */ +int +tls_handle_alpn ( + SSL *s + ) +{ + return 0; +} + +WORK_STATE +tls_post_process_client_hello ( + SSL *s, + WORK_STATE wst + ) +{ + return WORK_ERROR; +} + +int +tls_construct_server_hello ( + SSL *s, + WPACKET *pkt + ) +{ + return 0; +} + +int +tls_construct_server_done ( + SSL *s, + WPACKET *pkt + ) +{ + return 0; +} + +int +tls_construct_server_key_exchange ( + SSL *s, + WPACKET *pkt + ) +{ + return 0; +} + +int +tls_construct_certificate_request ( + SSL *s, + WPACKET *pkt + ) +{ + return 0; +} + +MSG_PROCESS_RETURN +tls_process_client_key_exchange ( + SSL *s, + PACKET *pkt + ) +{ + return MSG_PROCESS_ERROR; +} + +WORK_STATE +tls_post_process_client_key_exchange ( + SSL *s, + WORK_STATE wst + ) +{ + return WORK_ERROR; +} + +MSG_PROCESS_RETURN +tls_process_client_certificate ( + SSL *s, + PACKET *pkt + ) +{ + return MSG_PROCESS_ERROR; +} + +int +tls_construct_server_certificate ( + SSL *s, + WPACKET *pkt + ) +{ + return 0; +} + +int +tls_construct_new_session_ticket ( + SSL *s, + WPACKET *pkt + ) +{ + return 0; +} + +/* + * In TLSv1.3 this is called from the extensions code, otherwise it is used to + * create a separate message. Returns 1 on success or 0 on failure. + */ +int +tls_construct_cert_status_body ( + SSL *s, + WPACKET *pkt + ) +{ + return 0; +} + +int +tls_construct_cert_status ( + SSL *s, + WPACKET *pkt + ) +{ + return 0; +} + +#ifndef OPENSSL_NO_NEXTPROTONEG + +/* + * tls_process_next_proto reads a Next Protocol Negotiation handshake message. + * It sets the next_proto member in s if found + */ +MSG_PROCESS_RETURN +tls_process_next_proto ( + SSL *s, + PACKET *pkt + ) +{ + return MSG_PROCESS_ERROR; +} + +#endif + +MSG_PROCESS_RETURN +tls_process_end_of_early_data ( + SSL *s, + PACKET *pkt + ) +{ + return MSG_PROCESS_ERROR; +} -- 2.31.1.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#107506): https://edk2.groups.io/g/devel/message/107506 Mute This Topic: https://groups.io/mt/100520610/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-