From: "Li, Yi" <yi1.li@intel.com>
To: devel@edk2.groups.io
Cc: Yi Li <yi1.li@intel.com>, Jiewen Yao <jiewen.yao@intel.com>,
Xiaoyu Lu <xiaoyu1.lu@intel.com>,
Guomin Jiang <guomin.jiang@intel.com>
Subject: [edk2-devel] [PATCH 25/29] CryptoPkg: add more dummy implement of openssl for size optimization
Date: Fri, 28 Jul 2023 14:40:11 +0800 [thread overview]
Message-ID: <86693edea445c85591d826e9924a9275da0b65a1.1690444292.git.yi1.li@intel.com> (raw)
In-Reply-To: <cover.1690444292.git.yi1.li@intel.com>
Add dummy implement of Encoder, Pkcs12 and sslserver.
OpenSSL libraries which don't need these features can include
these files to reduce the size of output.
Signed-off-by: Yi Li <yi1.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
---
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 4 +
.../Library/OpensslLib/OpensslLibAccel.inf | 4 +
.../Library/OpensslLib/OpensslLibCrypto.inf | 2 +
.../Library/OpensslLib/OpensslLibFull.inf | 4 +
.../OpensslLib/OpensslLibFullAccel.inf | 4 +
.../OpensslLib/OpensslStub/EncoderNull.c | 364 ++++++++++++
.../OpensslLib/OpensslStub/Pkcs12Null.c | 146 +++++
.../OpensslLib/OpensslStub/SslExtServNull.c | 517 ++++++++++++++++++
.../OpensslLib/OpensslStub/SslStatServNull.c | 306 +++++++++++
9 files changed, 1351 insertions(+)
create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/EncoderNull.c
create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/Pkcs12Null.c
create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/SslExtServNull.c
create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/SslStatServNull.c
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index 856cbdd859..3fbebde0e5 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -40,6 +40,10 @@
# OpensslStub/SslNull.c
OpensslStub/EcSm2Null.c
OpensslStub/uefiprov.c
+ OpensslStub/EncoderNull.c
+ OpensslStub/SslStatServNull.c
+ OpensslStub/SslExtServNull.c
+ OpensslStub/Pkcs12Null.c
[Packages]
MdePkg/MdePkg.dec
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf
index 5e8bface2e..1b1f021ca0 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf
@@ -42,6 +42,10 @@
# OpensslStub/SslNull.c
OpensslStub/EcSm2Null.c
OpensslStub/uefiprov.c
+ OpensslStub/EncoderNull.c
+ OpensslStub/SslStatServNull.c
+ OpensslStub/SslExtServNull.c
+ OpensslStub/Pkcs12Null.c
[Sources.IA32]
# Autogenerated files list starts here
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
index e17f813f22..1916c230bb 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
@@ -41,6 +41,8 @@
OpensslStub/SslNull.c
OpensslStub/EcSm2Null.c
OpensslStub/uefiprov.c
+ OpensslStub/EncoderNull.c
+ OpensslStub/Pkcs12Null.c
[Packages]
MdePkg/MdePkg.dec
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf b/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf
index b049bd4067..0bb7a52f57 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf
@@ -45,6 +45,10 @@
# OpensslStub/SslNull.c
# OpensslStub/EcSm2Null.c
OpensslStub/uefiprov.c
+ OpensslStub/EncoderNull.c
+ OpensslStub/SslStatServNull.c
+ OpensslStub/SslExtServNull.c
+ OpensslStub/Pkcs12Null.c
[Packages]
MdePkg/MdePkg.dec
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf
index 56962afffc..de67660000 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf
@@ -47,6 +47,10 @@
# OpensslStub/SslNull.c
# OpensslStub/EcSm2Null.c
OpensslStub/uefiprov.c
+ OpensslStub/EncoderNull.c
+ OpensslStub/SslStatServNull.c
+ OpensslStub/SslExtServNull.c
+ OpensslStub/Pkcs12Null.c
[Sources.IA32]
# Autogenerated files list starts here
diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/EncoderNull.c b/CryptoPkg/Library/OpensslLib/OpensslStub/EncoderNull.c
new file mode 100644
index 0000000000..f3106cf8ab
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/OpensslStub/EncoderNull.c
@@ -0,0 +1,364 @@
+/** @file
+ Null implementation of ENCODER functions called by BaseCryptLib.
+
+ Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <openssl/encoder.h>
+
+OSSL_ENCODER *
+OSSL_ENCODER_fetch (
+ OSSL_LIB_CTX *libctx,
+ const char *name,
+ const char *properties
+ )
+{
+ return NULL;
+}
+
+int
+OSSL_ENCODER_up_ref (
+ OSSL_ENCODER *encoder
+ )
+{
+ return 0;
+}
+
+void
+OSSL_ENCODER_free (
+ OSSL_ENCODER *encoder
+ )
+{
+}
+
+const OSSL_PROVIDER *
+OSSL_ENCODER_get0_provider (
+ const OSSL_ENCODER *encoder
+ )
+{
+ return NULL;
+}
+
+const char *
+OSSL_ENCODER_get0_properties (
+ const OSSL_ENCODER *encoder
+ )
+{
+ return NULL;
+}
+
+const char *
+OSSL_ENCODER_get0_name (
+ const OSSL_ENCODER *kdf
+ )
+{
+ return NULL;
+}
+
+const char *
+OSSL_ENCODER_get0_description (
+ const OSSL_ENCODER *kdf
+ )
+{
+ return NULL;
+}
+
+int
+OSSL_ENCODER_is_a (
+ const OSSL_ENCODER *encoder,
+ const char *name
+ )
+{
+ return 0;
+}
+
+void
+OSSL_ENCODER_do_all_provided (
+ OSSL_LIB_CTX *libctx,
+ void ( *fn )(OSSL_ENCODER *encoder, void *arg),
+ void *arg
+ )
+{
+}
+
+int
+OSSL_ENCODER_names_do_all (
+ const OSSL_ENCODER *encoder,
+ void ( *fn )(const char *name, void *data),
+ void *data
+ )
+{
+ return 0;
+}
+
+const OSSL_PARAM *
+OSSL_ENCODER_gettable_params (
+ OSSL_ENCODER *encoder
+ )
+{
+ return NULL;
+}
+
+int
+OSSL_ENCODER_get_params (
+ OSSL_ENCODER *encoder,
+ OSSL_PARAM params[]
+ )
+{
+ return 0;
+}
+
+const OSSL_PARAM *
+OSSL_ENCODER_settable_ctx_params (
+ OSSL_ENCODER *encoder
+ )
+{
+ return NULL;
+}
+
+OSSL_ENCODER_CTX *
+OSSL_ENCODER_CTX_new (
+ void
+ )
+{
+ return NULL;
+}
+
+int
+OSSL_ENCODER_CTX_set_params (
+ OSSL_ENCODER_CTX *ctx,
+ const OSSL_PARAM params[]
+ )
+{
+ return 0;
+}
+
+void
+OSSL_ENCODER_CTX_free (
+ OSSL_ENCODER_CTX *ctx
+ )
+{
+}
+
+/* Utilities that help set specific parameters */
+int
+OSSL_ENCODER_CTX_set_passphrase (
+ OSSL_ENCODER_CTX *ctx,
+ const unsigned char *kstr,
+ size_t klen
+ )
+{
+ return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_pem_password_cb (
+ OSSL_ENCODER_CTX *ctx,
+ pem_password_cb *cb,
+ void *cbarg
+ )
+{
+ return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_passphrase_cb (
+ OSSL_ENCODER_CTX *ctx,
+ OSSL_PASSPHRASE_CALLBACK *cb,
+ void *cbarg
+ )
+{
+ return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_passphrase_ui (
+ OSSL_ENCODER_CTX *ctx,
+ const UI_METHOD *ui_method,
+ void *ui_data
+ )
+{
+ return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_cipher (
+ OSSL_ENCODER_CTX *ctx,
+ const char *cipher_name,
+ const char *propquery
+ )
+{
+ return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_selection (
+ OSSL_ENCODER_CTX *ctx,
+ int selection
+ )
+{
+ return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_output_type (
+ OSSL_ENCODER_CTX *ctx,
+ const char *output_type
+ )
+{
+ return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_output_structure (
+ OSSL_ENCODER_CTX *ctx,
+ const char *output_structure
+ )
+{
+ return 0;
+}
+
+/* Utilities to add encoders */
+int
+OSSL_ENCODER_CTX_add_encoder (
+ OSSL_ENCODER_CTX *ctx,
+ OSSL_ENCODER *encoder
+ )
+{
+ return 0;
+}
+
+int
+OSSL_ENCODER_CTX_add_extra (
+ OSSL_ENCODER_CTX *ctx,
+ OSSL_LIB_CTX *libctx,
+ const char *propq
+ )
+{
+ return 0;
+}
+
+int
+OSSL_ENCODER_CTX_get_num_encoders (
+ OSSL_ENCODER_CTX *ctx
+ )
+{
+ return 0;
+}
+
+OSSL_ENCODER *
+OSSL_ENCODER_INSTANCE_get_encoder (
+ OSSL_ENCODER_INSTANCE *encoder_inst
+ )
+{
+ return NULL;
+}
+
+void *
+OSSL_ENCODER_INSTANCE_get_encoder_ctx (
+ OSSL_ENCODER_INSTANCE *encoder_inst
+ )
+{
+ return NULL;
+}
+
+const char *
+OSSL_ENCODER_INSTANCE_get_output_type (
+ OSSL_ENCODER_INSTANCE *encoder_inst
+ )
+{
+ return NULL;
+}
+
+const char *
+OSSL_ENCODER_INSTANCE_get_output_structure (
+ OSSL_ENCODER_INSTANCE *encoder_inst
+ )
+{
+ return NULL;
+}
+
+int
+OSSL_ENCODER_CTX_set_construct (
+ OSSL_ENCODER_CTX *ctx,
+ OSSL_ENCODER_CONSTRUCT *construct
+ )
+{
+ return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_construct_data (
+ OSSL_ENCODER_CTX *ctx,
+ void *construct_data
+ )
+{
+ return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_cleanup (
+ OSSL_ENCODER_CTX *ctx,
+ OSSL_ENCODER_CLEANUP *cleanup
+ )
+{
+ return 0;
+}
+
+/* Utilities to output the object to encode */
+int
+OSSL_ENCODER_to_bio (
+ OSSL_ENCODER_CTX *ctx,
+ BIO *out
+ )
+{
+ return 0;
+}
+
+#ifndef OPENSSL_NO_STDIO
+int
+OSSL_ENCODER_to_fp (
+ OSSL_ENCODER_CTX *ctx,
+ FILE *fp
+ );
+
+#endif
+int
+OSSL_ENCODER_to_data (
+ OSSL_ENCODER_CTX *ctx,
+ unsigned char **pdata,
+ size_t *pdata_len
+ )
+{
+ return 0;
+}
+
+OSSL_ENCODER_CTX *
+OSSL_ENCODER_CTX_new_for_pkey (
+ const EVP_PKEY *pkey,
+ int selection,
+ const char *output_type,
+ const char *output_struct,
+ const char *propquery
+ )
+{
+ return NULL;
+}
+
+int
+ossl_encoder_store_remove_all_provided (
+ const OSSL_PROVIDER *prov
+ )
+{
+ return -1;
+}
+
+int
+ossl_encoder_store_cache_flush (
+ OSSL_LIB_CTX *libctx
+ )
+{
+ return -1;
+}
diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/Pkcs12Null.c b/CryptoPkg/Library/OpensslLib/OpensslStub/Pkcs12Null.c
new file mode 100644
index 0000000000..0fb49496d3
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/OpensslStub/Pkcs12Null.c
@@ -0,0 +1,146 @@
+/** @file
+ Null implementation of PKCS12 and PKCS8 functions called by BaseCryptLib.
+
+ Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <openssl/pkcs12.h>
+
+int
+PKCS12_PBE_keyivgen_ex (
+ EVP_CIPHER_CTX *ctx,
+ const char *pass,
+ int passlen,
+ ASN1_TYPE *param,
+ const EVP_CIPHER *cipher,
+ const EVP_MD *md,
+ int en_de,
+ OSSL_LIB_CTX *libctx,
+ const char *propq
+ )
+{
+ return -1;
+}
+
+int
+PKCS12_PBE_keyivgen (
+ EVP_CIPHER_CTX *ctx,
+ const char *pass,
+ int passlen,
+ ASN1_TYPE *param,
+ const EVP_CIPHER *cipher,
+ const EVP_MD *md,
+ int en_de
+ )
+{
+ return -1;
+}
+
+X509_SIG *
+PKCS8_encrypt (
+ int pbe_nid,
+ const EVP_CIPHER *cipher,
+ const char *pass,
+ int passlen,
+ unsigned char *salt,
+ int saltlen,
+ int iter,
+ PKCS8_PRIV_KEY_INFO *p8inf
+ )
+{
+ return NULL;
+}
+
+PKCS8_PRIV_KEY_INFO *
+PKCS8_decrypt (
+ const X509_SIG *p8,
+ const char *pass,
+ int passlen
+ )
+{
+ return NULL;
+}
+
+unsigned char *
+PKCS12_pbe_crypt_ex (
+ const X509_ALGOR *algor,
+ const char *pass,
+ int passlen,
+ const unsigned char *in,
+ int inlen,
+ unsigned char **data,
+ int *datalen,
+ int en_de,
+ OSSL_LIB_CTX *libctx,
+ const char *propq
+ )
+{
+ return NULL;
+}
+
+X509_SIG *
+PKCS8_encrypt_ex (
+ int pbe_nid,
+ const EVP_CIPHER *cipher,
+ const char *pass,
+ int passlen,
+ unsigned char *salt,
+ int saltlen,
+ int iter,
+ PKCS8_PRIV_KEY_INFO *p8inf,
+ OSSL_LIB_CTX *libctx,
+ const char *propq
+ )
+{
+ return NULL;
+}
+
+const ASN1_ITEM *
+PKCS12_it (
+ void
+ )
+{
+ return NULL;
+}
+
+const ASN1_ITEM *
+PKCS12_MAC_DATA_it (
+ void
+ )
+{
+ return NULL;
+}
+
+const ASN1_ITEM *
+PKCS12_SAFEBAG_it (
+ void
+ )
+{
+ return NULL;
+}
+
+const ASN1_ITEM *
+PKCS12_BAGS_it (
+ void
+ )
+{
+ return NULL;
+}
+
+const ASN1_ITEM *
+PKCS12_AUTHSAFES_it (
+ void
+ )
+{
+ return NULL;
+}
+
+const ASN1_ITEM *
+PKCS12_SAFEBAGS_it (
+ void
+ )
+{
+ return NULL;
+}
diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/SslExtServNull.c b/CryptoPkg/Library/OpensslLib/OpensslStub/SslExtServNull.c
new file mode 100644
index 0000000000..e3b3aa26ec
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/OpensslStub/SslExtServNull.c
@@ -0,0 +1,517 @@
+/** @file
+ Null implementation of SslExtServ functions called by TlsLib.
+
+ Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <openssl/ocsp.h>
+#include "../ssl_local.h"
+#include "statem_local.h"
+#include "internal/cryptlib.h"
+
+int
+tls_parse_ctos_renegotiate (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return -1;
+}
+
+int
+tls_parse_ctos_server_name (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+int
+tls_parse_ctos_maxfragmentlen (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+#ifndef OPENSSL_NO_SRP
+int
+tls_parse_ctos_srp (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+#endif
+
+int
+tls_parse_ctos_ec_pt_formats (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+int
+tls_parse_ctos_session_ticket (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+int
+tls_parse_ctos_sig_algs_cert (
+ SSL *s,
+ PACKET *pkt,
+ ossl_unused unsigned int context,
+ ossl_unused X509 *x,
+ ossl_unused size_t chainidx
+ )
+{
+ return 0;
+}
+
+int
+tls_parse_ctos_sig_algs (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+#ifndef OPENSSL_NO_OCSP
+int
+tls_parse_ctos_status_request (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+#endif
+
+#ifndef OPENSSL_NO_NEXTPROTONEG
+int
+tls_parse_ctos_npn (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+#endif
+
+/*
+ * Save the ALPN extension in a ClientHello.|pkt| holds the contents of the ALPN
+ * extension, not including type and length. Returns: 1 on success, 0 on error.
+ */
+int
+tls_parse_ctos_alpn (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+#ifndef OPENSSL_NO_SRTP
+int
+tls_parse_ctos_use_srtp (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+#endif
+
+int
+tls_parse_ctos_etm (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+/*
+ * Process a psk_kex_modes extension received in the ClientHello. |pkt| contains
+ * the raw PACKET data for the extension. Returns 1 on success or 0 on failure.
+ */
+int
+tls_parse_ctos_psk_kex_modes (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+/*
+ * Process a key_share extension received in the ClientHello. |pkt| contains
+ * the raw PACKET data for the extension. Returns 1 on success or 0 on failure.
+ */
+int
+tls_parse_ctos_key_share (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+int
+tls_parse_ctos_cookie (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+int
+tls_parse_ctos_supported_groups (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+int
+tls_parse_ctos_ems (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+int
+tls_parse_ctos_early_data (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+int
+tls_parse_ctos_psk (
+ SSL *s,
+ PACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return 0;
+}
+
+int
+tls_parse_ctos_post_handshake_auth (
+ SSL *s,
+ PACKET *pkt,
+ ossl_unused unsigned int context,
+ ossl_unused X509 *x,
+ ossl_unused size_t chainidx
+ )
+{
+ return 0;
+}
+
+/*
+ * Add the server's renegotiation binding
+ */
+EXT_RETURN
+tls_construct_stoc_renegotiate (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_server_name (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+/* Add/include the server's max fragment len extension into ServerHello */
+EXT_RETURN
+tls_construct_stoc_maxfragmentlen (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_ec_pt_formats (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_supported_groups (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_session_ticket (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+#ifndef OPENSSL_NO_OCSP
+EXT_RETURN
+tls_construct_stoc_status_request (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+#endif
+
+#ifndef OPENSSL_NO_NEXTPROTONEG
+EXT_RETURN
+tls_construct_stoc_next_proto_neg (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+#endif
+
+EXT_RETURN
+tls_construct_stoc_alpn (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+#ifndef OPENSSL_NO_SRTP
+EXT_RETURN
+tls_construct_stoc_use_srtp (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+#endif
+
+EXT_RETURN
+tls_construct_stoc_etm (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_ems (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_supported_versions (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_key_share (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_cookie (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_cryptopro_bug (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_early_data (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_psk (
+ SSL *s,
+ WPACKET *pkt,
+ unsigned int context,
+ X509 *x,
+ size_t chainidx
+ )
+{
+ return EXT_RETURN_FAIL;
+}
diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/SslStatServNull.c b/CryptoPkg/Library/OpensslLib/OpensslStub/SslStatServNull.c
new file mode 100644
index 0000000000..878f9e1a0b
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/OpensslStub/SslStatServNull.c
@@ -0,0 +1,306 @@
+/** @file
+ Null implementation of SslStatServ functions called by TlsLib.
+
+ Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "../ssl_local.h"
+#include "statem_local.h"
+#include "internal/constant_time.h"
+#include "internal/cryptlib.h"
+#include <openssl/core_names.h>
+#include <openssl/asn1t.h>
+
+int
+ossl_statem_server_read_transition (
+ SSL *s,
+ int mt
+ )
+{
+ return 0;
+}
+
+/*
+ * Should we send a CertificateRequest message?
+ *
+ * Valid return values are:
+ * 1: Yes
+ * 0: No
+ */
+int
+send_certificate_request (
+ SSL *s
+ )
+{
+ return 0;
+}
+
+/*
+ * ossl_statem_server_write_transition() works out what handshake state to move
+ * to next when the server is writing messages to be sent to the client.
+ */
+WRITE_TRAN
+ossl_statem_server_write_transition (
+ SSL *s
+ )
+{
+ return WRITE_TRAN_ERROR;
+}
+
+WORK_STATE
+ossl_statem_server_pre_work (
+ SSL *s,
+ WORK_STATE wst
+ )
+{
+ return WORK_ERROR;
+}
+
+/*
+ * Perform any work that needs to be done after sending a message from the
+ * server to the client.
+ */
+WORK_STATE
+ossl_statem_server_post_work (
+ SSL *s,
+ WORK_STATE wst
+ )
+{
+ return WORK_ERROR;
+}
+
+/*
+ * Get the message construction function and message type for sending from the
+ * server
+ *
+ * Valid return values are:
+ * 1: Success
+ * 0: Error
+ */
+int
+ossl_statem_server_construct_message (
+ SSL *s,
+ WPACKET *pkt,
+ confunc_f *confunc,
+ int *mt
+ )
+{
+ return 0;
+}
+
+/*
+ * Returns the maximum allowed length for the current message that we are
+ * reading. Excludes the message header.
+ */
+size_t
+ossl_statem_server_max_message_size (
+ SSL *s
+ )
+{
+ return 0;
+}
+
+/*
+ * Process a message that the server has received from the client.
+ */
+MSG_PROCESS_RETURN
+ossl_statem_server_process_message (
+ SSL *s,
+ PACKET *pkt
+ )
+{
+ return MSG_PROCESS_ERROR;
+}
+
+/*
+ * Perform any further processing required following the receipt of a message
+ * from the client
+ */
+WORK_STATE
+ossl_statem_server_post_process_message (
+ SSL *s,
+ WORK_STATE wst
+ )
+{
+ return WORK_ERROR;
+}
+
+int
+dtls_raw_hello_verify_request (
+ WPACKET *pkt,
+ unsigned char *cookie,
+ size_t cookie_len
+ )
+{
+ return 0;
+}
+
+int
+dtls_construct_hello_verify_request (
+ SSL *s,
+ WPACKET *pkt
+ )
+{
+ return 0;
+}
+
+MSG_PROCESS_RETURN
+tls_process_client_hello (
+ SSL *s,
+ PACKET *pkt
+ )
+{
+ return MSG_PROCESS_ERROR;
+}
+
+/*
+ * Call the alpn_select callback if needed. Upon success, returns 1.
+ * Upon failure, returns 0.
+ */
+int
+tls_handle_alpn (
+ SSL *s
+ )
+{
+ return 0;
+}
+
+WORK_STATE
+tls_post_process_client_hello (
+ SSL *s,
+ WORK_STATE wst
+ )
+{
+ return WORK_ERROR;
+}
+
+int
+tls_construct_server_hello (
+ SSL *s,
+ WPACKET *pkt
+ )
+{
+ return 0;
+}
+
+int
+tls_construct_server_done (
+ SSL *s,
+ WPACKET *pkt
+ )
+{
+ return 0;
+}
+
+int
+tls_construct_server_key_exchange (
+ SSL *s,
+ WPACKET *pkt
+ )
+{
+ return 0;
+}
+
+int
+tls_construct_certificate_request (
+ SSL *s,
+ WPACKET *pkt
+ )
+{
+ return 0;
+}
+
+MSG_PROCESS_RETURN
+tls_process_client_key_exchange (
+ SSL *s,
+ PACKET *pkt
+ )
+{
+ return MSG_PROCESS_ERROR;
+}
+
+WORK_STATE
+tls_post_process_client_key_exchange (
+ SSL *s,
+ WORK_STATE wst
+ )
+{
+ return WORK_ERROR;
+}
+
+MSG_PROCESS_RETURN
+tls_process_client_certificate (
+ SSL *s,
+ PACKET *pkt
+ )
+{
+ return MSG_PROCESS_ERROR;
+}
+
+int
+tls_construct_server_certificate (
+ SSL *s,
+ WPACKET *pkt
+ )
+{
+ return 0;
+}
+
+int
+tls_construct_new_session_ticket (
+ SSL *s,
+ WPACKET *pkt
+ )
+{
+ return 0;
+}
+
+/*
+ * In TLSv1.3 this is called from the extensions code, otherwise it is used to
+ * create a separate message. Returns 1 on success or 0 on failure.
+ */
+int
+tls_construct_cert_status_body (
+ SSL *s,
+ WPACKET *pkt
+ )
+{
+ return 0;
+}
+
+int
+tls_construct_cert_status (
+ SSL *s,
+ WPACKET *pkt
+ )
+{
+ return 0;
+}
+
+#ifndef OPENSSL_NO_NEXTPROTONEG
+
+/*
+ * tls_process_next_proto reads a Next Protocol Negotiation handshake message.
+ * It sets the next_proto member in s if found
+ */
+MSG_PROCESS_RETURN
+tls_process_next_proto (
+ SSL *s,
+ PACKET *pkt
+ )
+{
+ return MSG_PROCESS_ERROR;
+}
+
+#endif
+
+MSG_PROCESS_RETURN
+tls_process_end_of_early_data (
+ SSL *s,
+ PACKET *pkt
+ )
+{
+ return MSG_PROCESS_ERROR;
+}
--
2.31.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107363): https://edk2.groups.io/g/devel/message/107363
Mute This Topic: https://groups.io/mt/100406070/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2023-07-28 6:42 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-28 6:39 [edk2-devel] [PATCH 00/29] CryptoPkg: Update OpenSSL submodule to 3.0.9 Li, Yi
2023-07-28 6:39 ` [edk2-devel] [PATCH 01/29] CryptoPkg/openssl: update submodule to openssl-3.0.9 Li, Yi
2023-07-28 6:39 ` [edk2-devel] [PATCH 02/29] CryptoPkg/openssl: cleanup all openssl1.1.1 generated files and code Li, Yi
2023-07-28 6:39 ` [edk2-devel] [PATCH 03/29] CryptoPkg/openssl: update Openssl*.inf files for openssl 3.0 Li, Yi
2023-07-28 6:39 ` [edk2-devel] [PATCH 04/29] CryptoPkg/openssl: add openssl3 configure scripts Li, Yi
2023-07-28 6:39 ` [edk2-devel] [PATCH 05/29] CryptoPkg/openssl: UefiAsm.conf update for openssl 3.0 Li, Yi
2023-07-28 6:39 ` [edk2-devel] [PATCH 06/29] CryptoPkg/BaseCryptLib: no openssl deprecation warnings please Li, Yi
2023-07-28 6:39 ` [edk2-devel] [PATCH 07/29] CryptoPkg/BaseCryptLib: adapt CryptSm3.c to openssl 3.0 changes Li, Yi
2023-07-28 6:39 ` [edk2-devel] [PATCH 08/29] CryptoPkg/BaseCryptLib: drop BIO_* dummy functions Li, Yi
2023-07-28 6:39 ` [edk2-devel] [PATCH 09/29] CryptoPkg/TlsLib: ERR_GET_FUNC is gone Li, Yi
2023-07-28 6:39 ` [edk2-devel] [PATCH 10/29] CryptoPkg/openssl: adapt rand_pool.c to openssl 3.0 changes Li, Yi
2023-07-28 6:39 ` [edk2-devel] [PATCH 11/29] CryptoPkg/openssl: move compiler_flags to buildinf.c Li, Yi
2023-07-28 6:39 ` [edk2-devel] [PATCH 12/29] CryptoPkg/openssl: store dummy update for openssl 3.0 Li, Yi
2023-07-28 6:39 ` [edk2-devel] [PATCH 13/29] CryptoPkg/openssl: adapt EcSm2Null.c " Li, Yi
2023-07-28 6:40 ` [edk2-devel] [PATCH 14/29] CryptoPkg: Move all UEFI implement of openssl to OpensslStub Li, Yi
2023-07-28 6:40 ` [edk2-devel] [PATCH 15/29] CryptoPkg: use UEFI provider as default Li, Yi
2023-07-28 6:40 ` [edk2-devel] [PATCH 16/29] CryptoPkg: adapt 3.0 change in SslNull.c Li, Yi
2023-07-28 6:40 ` [edk2-devel] [PATCH 17/29] CryptoPkg: Add instrinsics to support building openssl3 on IA32 windows Li, Yi
2023-07-28 6:40 ` [edk2-devel] [PATCH 18/29] CryptoPkg: disable C4133 warning in openssl libraries Li, Yi
2023-07-28 6:40 ` [edk2-devel] [PATCH 19/29] CryptoPkg/TlsLib: use unsigned long for ErrorCode Li, Yi
2023-07-28 6:40 ` [edk2-devel] [PATCH 20/29] CryptoPkg: Align with 4096 when build with OpensslFullAccel Li, Yi
2023-07-28 6:40 ` [edk2-devel] [PATCH 21/29] CryptoPkg: Enable memcpy sys call in RISCV64 build Li, Yi
2023-07-28 6:40 ` [edk2-devel] [PATCH 22/29] CryptoPkg: add missing gcc instructions Li, Yi
2023-07-28 6:40 ` [edk2-devel] [PATCH 23/29] CryptoPkg: add define of maximum unsigned size_t Li, Yi
2023-07-28 6:40 ` [edk2-devel] [PATCH 24/29] CryptoPkg: add implemention of _ftol2_sse() to avoid build error Li, Yi
2023-07-28 6:40 ` Li, Yi [this message]
2023-07-28 6:40 ` [edk2-devel] [PATCH 26/29] CryptoPkg: run configure.py to update all generated files Li, Yi
2023-07-28 6:40 ` [edk2-devel] [PATCH 27/29] CryptoPkg: remove strcmp to syscall Li, Yi
2023-07-28 6:40 ` [edk2-devel] [PATCH 28/29] CryptoPkg/openssl: update CI config for openssl 3.0 Li, Yi
2023-07-28 6:40 ` [edk2-devel] [PATCH 29/29] CryptoPkg: remove BN and EC accel for size optimization Li, Yi
2023-08-02 10:06 ` 回复: [edk2-devel] [PATCH 00/29] CryptoPkg: Update OpenSSL submodule to 3.0.9 gaoliming via groups.io
2023-08-02 16:41 ` Michael D Kinney
2023-08-02 18:46 ` Leif Lindholm
2023-08-04 9:44 ` 回复: " gaoliming via groups.io
2023-08-04 20:54 ` Brian J. Johnson
2023-08-04 22:55 ` Michael Kubacki
2023-08-08 23:59 ` Yao, Jiewen
2023-08-09 0:45 ` Kenneth Lautner via groups.io
2023-08-09 7:43 ` Yao, Jiewen
2023-08-03 5:16 ` Li, Yi
2023-08-03 7:57 ` Yao, Jiewen
2023-08-03 9:20 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=86693edea445c85591d826e9924a9275da0b65a1.1690444292.git.yi1.li@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox