public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: "Li, Yi" <yi1.li@intel.com>
To: devel@edk2.groups.io
Cc: Yi Li <yi1.li@intel.com>, Jiewen Yao <jiewen.yao@intel.com>,
	Xiaoyu Lu <xiaoyu1.lu@intel.com>,
	Guomin Jiang <guomin.jiang@intel.com>
Subject: [edk2-devel] [PATCH 25/29] CryptoPkg: add more dummy implement of openssl for size optimization
Date: Fri, 28 Jul 2023 14:40:11 +0800	[thread overview]
Message-ID: <86693edea445c85591d826e9924a9275da0b65a1.1690444292.git.yi1.li@intel.com> (raw)
In-Reply-To: <cover.1690444292.git.yi1.li@intel.com>

Add dummy implement of Encoder, Pkcs12 and sslserver.
OpenSSL libraries which don't need these features can include
these files to reduce the size of output.

Signed-off-by: Yi Li <yi1.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
---
 CryptoPkg/Library/OpensslLib/OpensslLib.inf   |   4 +
 .../Library/OpensslLib/OpensslLibAccel.inf    |   4 +
 .../Library/OpensslLib/OpensslLibCrypto.inf   |   2 +
 .../Library/OpensslLib/OpensslLibFull.inf     |   4 +
 .../OpensslLib/OpensslLibFullAccel.inf        |   4 +
 .../OpensslLib/OpensslStub/EncoderNull.c      | 364 ++++++++++++
 .../OpensslLib/OpensslStub/Pkcs12Null.c       | 146 +++++
 .../OpensslLib/OpensslStub/SslExtServNull.c   | 517 ++++++++++++++++++
 .../OpensslLib/OpensslStub/SslStatServNull.c  | 306 +++++++++++
 9 files changed, 1351 insertions(+)
 create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/EncoderNull.c
 create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/Pkcs12Null.c
 create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/SslExtServNull.c
 create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/SslStatServNull.c

diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index 856cbdd859..3fbebde0e5 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -40,6 +40,10 @@
 #  OpensslStub/SslNull.c
   OpensslStub/EcSm2Null.c
   OpensslStub/uefiprov.c
+  OpensslStub/EncoderNull.c
+  OpensslStub/SslStatServNull.c
+  OpensslStub/SslExtServNull.c
+  OpensslStub/Pkcs12Null.c
 
 [Packages]
   MdePkg/MdePkg.dec
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf
index 5e8bface2e..1b1f021ca0 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf
@@ -42,6 +42,10 @@
 #  OpensslStub/SslNull.c
   OpensslStub/EcSm2Null.c
   OpensslStub/uefiprov.c
+  OpensslStub/EncoderNull.c
+  OpensslStub/SslStatServNull.c
+  OpensslStub/SslExtServNull.c
+  OpensslStub/Pkcs12Null.c
 
 [Sources.IA32]
 # Autogenerated files list starts here
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
index e17f813f22..1916c230bb 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
@@ -41,6 +41,8 @@
   OpensslStub/SslNull.c
   OpensslStub/EcSm2Null.c
   OpensslStub/uefiprov.c
+  OpensslStub/EncoderNull.c
+  OpensslStub/Pkcs12Null.c
 
 [Packages]
   MdePkg/MdePkg.dec
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf b/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf
index b049bd4067..0bb7a52f57 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf
@@ -45,6 +45,10 @@
 #  OpensslStub/SslNull.c
 #  OpensslStub/EcSm2Null.c
   OpensslStub/uefiprov.c
+  OpensslStub/EncoderNull.c
+  OpensslStub/SslStatServNull.c
+  OpensslStub/SslExtServNull.c
+  OpensslStub/Pkcs12Null.c
 
 [Packages]
   MdePkg/MdePkg.dec
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf
index 56962afffc..de67660000 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf
@@ -47,6 +47,10 @@
 #  OpensslStub/SslNull.c
 #  OpensslStub/EcSm2Null.c
   OpensslStub/uefiprov.c
+  OpensslStub/EncoderNull.c
+  OpensslStub/SslStatServNull.c
+  OpensslStub/SslExtServNull.c
+  OpensslStub/Pkcs12Null.c
 
 [Sources.IA32]
 # Autogenerated files list starts here
diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/EncoderNull.c b/CryptoPkg/Library/OpensslLib/OpensslStub/EncoderNull.c
new file mode 100644
index 0000000000..f3106cf8ab
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/OpensslStub/EncoderNull.c
@@ -0,0 +1,364 @@
+/** @file
+  Null implementation of ENCODER functions called by BaseCryptLib.
+
+  Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <openssl/encoder.h>
+
+OSSL_ENCODER *
+OSSL_ENCODER_fetch (
+  OSSL_LIB_CTX  *libctx,
+  const char    *name,
+  const char    *properties
+  )
+{
+  return NULL;
+}
+
+int
+OSSL_ENCODER_up_ref (
+  OSSL_ENCODER  *encoder
+  )
+{
+  return 0;
+}
+
+void
+OSSL_ENCODER_free (
+  OSSL_ENCODER  *encoder
+  )
+{
+}
+
+const OSSL_PROVIDER *
+OSSL_ENCODER_get0_provider (
+  const OSSL_ENCODER  *encoder
+  )
+{
+  return NULL;
+}
+
+const char *
+OSSL_ENCODER_get0_properties (
+  const OSSL_ENCODER  *encoder
+  )
+{
+  return NULL;
+}
+
+const char *
+OSSL_ENCODER_get0_name (
+  const OSSL_ENCODER  *kdf
+  )
+{
+  return NULL;
+}
+
+const char *
+OSSL_ENCODER_get0_description (
+  const OSSL_ENCODER  *kdf
+  )
+{
+  return NULL;
+}
+
+int
+OSSL_ENCODER_is_a (
+  const OSSL_ENCODER  *encoder,
+  const char          *name
+  )
+{
+  return 0;
+}
+
+void
+OSSL_ENCODER_do_all_provided (
+  OSSL_LIB_CTX *libctx,
+  void ( *fn )(OSSL_ENCODER *encoder, void *arg),
+  void *arg
+  )
+{
+}
+
+int
+OSSL_ENCODER_names_do_all (
+  const OSSL_ENCODER *encoder,
+  void ( *fn )(const char *name, void *data),
+  void *data
+  )
+{
+  return 0;
+}
+
+const OSSL_PARAM *
+OSSL_ENCODER_gettable_params (
+  OSSL_ENCODER  *encoder
+  )
+{
+  return NULL;
+}
+
+int
+OSSL_ENCODER_get_params (
+  OSSL_ENCODER  *encoder,
+  OSSL_PARAM    params[]
+  )
+{
+  return 0;
+}
+
+const OSSL_PARAM *
+OSSL_ENCODER_settable_ctx_params (
+  OSSL_ENCODER  *encoder
+  )
+{
+  return NULL;
+}
+
+OSSL_ENCODER_CTX *
+OSSL_ENCODER_CTX_new (
+  void
+  )
+{
+  return NULL;
+}
+
+int
+OSSL_ENCODER_CTX_set_params (
+  OSSL_ENCODER_CTX  *ctx,
+  const OSSL_PARAM  params[]
+  )
+{
+  return 0;
+}
+
+void
+OSSL_ENCODER_CTX_free (
+  OSSL_ENCODER_CTX  *ctx
+  )
+{
+}
+
+/* Utilities that help set specific parameters */
+int
+OSSL_ENCODER_CTX_set_passphrase (
+  OSSL_ENCODER_CTX     *ctx,
+  const unsigned char  *kstr,
+  size_t               klen
+  )
+{
+  return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_pem_password_cb (
+  OSSL_ENCODER_CTX  *ctx,
+  pem_password_cb   *cb,
+  void              *cbarg
+  )
+{
+  return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_passphrase_cb (
+  OSSL_ENCODER_CTX          *ctx,
+  OSSL_PASSPHRASE_CALLBACK  *cb,
+  void                      *cbarg
+  )
+{
+  return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_passphrase_ui (
+  OSSL_ENCODER_CTX  *ctx,
+  const UI_METHOD   *ui_method,
+  void              *ui_data
+  )
+{
+  return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_cipher (
+  OSSL_ENCODER_CTX  *ctx,
+  const char        *cipher_name,
+  const char        *propquery
+  )
+{
+  return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_selection (
+  OSSL_ENCODER_CTX  *ctx,
+  int               selection
+  )
+{
+  return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_output_type (
+  OSSL_ENCODER_CTX  *ctx,
+  const char        *output_type
+  )
+{
+  return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_output_structure (
+  OSSL_ENCODER_CTX  *ctx,
+  const char        *output_structure
+  )
+{
+  return 0;
+}
+
+/* Utilities to add encoders */
+int
+OSSL_ENCODER_CTX_add_encoder (
+  OSSL_ENCODER_CTX  *ctx,
+  OSSL_ENCODER      *encoder
+  )
+{
+  return 0;
+}
+
+int
+OSSL_ENCODER_CTX_add_extra (
+  OSSL_ENCODER_CTX  *ctx,
+  OSSL_LIB_CTX      *libctx,
+  const char        *propq
+  )
+{
+  return 0;
+}
+
+int
+OSSL_ENCODER_CTX_get_num_encoders (
+  OSSL_ENCODER_CTX  *ctx
+  )
+{
+  return 0;
+}
+
+OSSL_ENCODER *
+OSSL_ENCODER_INSTANCE_get_encoder (
+  OSSL_ENCODER_INSTANCE  *encoder_inst
+  )
+{
+  return NULL;
+}
+
+void *
+OSSL_ENCODER_INSTANCE_get_encoder_ctx (
+  OSSL_ENCODER_INSTANCE  *encoder_inst
+  )
+{
+  return NULL;
+}
+
+const char *
+OSSL_ENCODER_INSTANCE_get_output_type (
+  OSSL_ENCODER_INSTANCE  *encoder_inst
+  )
+{
+  return NULL;
+}
+
+const char *
+OSSL_ENCODER_INSTANCE_get_output_structure (
+  OSSL_ENCODER_INSTANCE  *encoder_inst
+  )
+{
+  return NULL;
+}
+
+int
+OSSL_ENCODER_CTX_set_construct (
+  OSSL_ENCODER_CTX        *ctx,
+  OSSL_ENCODER_CONSTRUCT  *construct
+  )
+{
+  return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_construct_data (
+  OSSL_ENCODER_CTX  *ctx,
+  void              *construct_data
+  )
+{
+  return 0;
+}
+
+int
+OSSL_ENCODER_CTX_set_cleanup (
+  OSSL_ENCODER_CTX      *ctx,
+  OSSL_ENCODER_CLEANUP  *cleanup
+  )
+{
+  return 0;
+}
+
+/* Utilities to output the object to encode */
+int
+OSSL_ENCODER_to_bio (
+  OSSL_ENCODER_CTX  *ctx,
+  BIO               *out
+  )
+{
+  return 0;
+}
+
+#ifndef OPENSSL_NO_STDIO
+int
+OSSL_ENCODER_to_fp (
+  OSSL_ENCODER_CTX  *ctx,
+  FILE              *fp
+  );
+
+#endif
+int
+OSSL_ENCODER_to_data (
+  OSSL_ENCODER_CTX  *ctx,
+  unsigned char     **pdata,
+  size_t            *pdata_len
+  )
+{
+  return 0;
+}
+
+OSSL_ENCODER_CTX *
+OSSL_ENCODER_CTX_new_for_pkey (
+  const EVP_PKEY  *pkey,
+  int             selection,
+  const char      *output_type,
+  const char      *output_struct,
+  const char      *propquery
+  )
+{
+  return NULL;
+}
+
+int
+ossl_encoder_store_remove_all_provided (
+  const OSSL_PROVIDER  *prov
+  )
+{
+  return -1;
+}
+
+int
+ossl_encoder_store_cache_flush (
+  OSSL_LIB_CTX  *libctx
+  )
+{
+  return -1;
+}
diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/Pkcs12Null.c b/CryptoPkg/Library/OpensslLib/OpensslStub/Pkcs12Null.c
new file mode 100644
index 0000000000..0fb49496d3
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/OpensslStub/Pkcs12Null.c
@@ -0,0 +1,146 @@
+/** @file
+  Null implementation of PKCS12 and PKCS8 functions called by BaseCryptLib.
+
+  Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <openssl/pkcs12.h>
+
+int
+PKCS12_PBE_keyivgen_ex (
+  EVP_CIPHER_CTX    *ctx,
+  const char        *pass,
+  int               passlen,
+  ASN1_TYPE         *param,
+  const EVP_CIPHER  *cipher,
+  const EVP_MD      *md,
+  int               en_de,
+  OSSL_LIB_CTX      *libctx,
+  const char        *propq
+  )
+{
+  return -1;
+}
+
+int
+PKCS12_PBE_keyivgen (
+  EVP_CIPHER_CTX    *ctx,
+  const char        *pass,
+  int               passlen,
+  ASN1_TYPE         *param,
+  const EVP_CIPHER  *cipher,
+  const EVP_MD      *md,
+  int               en_de
+  )
+{
+  return -1;
+}
+
+X509_SIG *
+PKCS8_encrypt (
+  int                  pbe_nid,
+  const EVP_CIPHER     *cipher,
+  const char           *pass,
+  int                  passlen,
+  unsigned char        *salt,
+  int                  saltlen,
+  int                  iter,
+  PKCS8_PRIV_KEY_INFO  *p8inf
+  )
+{
+  return NULL;
+}
+
+PKCS8_PRIV_KEY_INFO *
+PKCS8_decrypt (
+  const X509_SIG  *p8,
+  const char      *pass,
+  int             passlen
+  )
+{
+  return NULL;
+}
+
+unsigned char *
+PKCS12_pbe_crypt_ex (
+  const X509_ALGOR     *algor,
+  const char           *pass,
+  int                  passlen,
+  const unsigned char  *in,
+  int                  inlen,
+  unsigned char        **data,
+  int                  *datalen,
+  int                  en_de,
+  OSSL_LIB_CTX         *libctx,
+  const char           *propq
+  )
+{
+  return NULL;
+}
+
+X509_SIG *
+PKCS8_encrypt_ex (
+  int                  pbe_nid,
+  const EVP_CIPHER     *cipher,
+  const char           *pass,
+  int                  passlen,
+  unsigned char        *salt,
+  int                  saltlen,
+  int                  iter,
+  PKCS8_PRIV_KEY_INFO  *p8inf,
+  OSSL_LIB_CTX         *libctx,
+  const char           *propq
+  )
+{
+  return NULL;
+}
+
+const ASN1_ITEM *
+PKCS12_it (
+  void
+  )
+{
+  return NULL;
+}
+
+const ASN1_ITEM *
+PKCS12_MAC_DATA_it (
+  void
+  )
+{
+  return NULL;
+}
+
+const ASN1_ITEM *
+PKCS12_SAFEBAG_it (
+  void
+  )
+{
+  return NULL;
+}
+
+const ASN1_ITEM *
+PKCS12_BAGS_it (
+  void
+  )
+{
+  return NULL;
+}
+
+const ASN1_ITEM *
+PKCS12_AUTHSAFES_it (
+  void
+  )
+{
+  return NULL;
+}
+
+const ASN1_ITEM *
+PKCS12_SAFEBAGS_it (
+  void
+  )
+{
+  return NULL;
+}
diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/SslExtServNull.c b/CryptoPkg/Library/OpensslLib/OpensslStub/SslExtServNull.c
new file mode 100644
index 0000000000..e3b3aa26ec
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/OpensslStub/SslExtServNull.c
@@ -0,0 +1,517 @@
+/** @file
+  Null implementation of SslExtServ functions called by TlsLib.
+
+  Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <openssl/ocsp.h>
+#include "../ssl_local.h"
+#include "statem_local.h"
+#include "internal/cryptlib.h"
+
+int
+tls_parse_ctos_renegotiate (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return -1;
+}
+
+int
+tls_parse_ctos_server_name (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+int
+tls_parse_ctos_maxfragmentlen (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+#ifndef OPENSSL_NO_SRP
+int
+tls_parse_ctos_srp (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+#endif
+
+int
+tls_parse_ctos_ec_pt_formats (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+int
+tls_parse_ctos_session_ticket (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+int
+tls_parse_ctos_sig_algs_cert (
+  SSL                       *s,
+  PACKET                    *pkt,
+  ossl_unused unsigned int  context,
+  ossl_unused X509          *x,
+  ossl_unused size_t        chainidx
+  )
+{
+  return 0;
+}
+
+int
+tls_parse_ctos_sig_algs (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+#ifndef OPENSSL_NO_OCSP
+int
+tls_parse_ctos_status_request (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+#endif
+
+#ifndef OPENSSL_NO_NEXTPROTONEG
+int
+tls_parse_ctos_npn (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+#endif
+
+/*
+ * Save the ALPN extension in a ClientHello.|pkt| holds the contents of the ALPN
+ * extension, not including type and length. Returns: 1 on success, 0 on error.
+ */
+int
+tls_parse_ctos_alpn (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+#ifndef OPENSSL_NO_SRTP
+int
+tls_parse_ctos_use_srtp (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+#endif
+
+int
+tls_parse_ctos_etm (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+/*
+ * Process a psk_kex_modes extension received in the ClientHello. |pkt| contains
+ * the raw PACKET data for the extension. Returns 1 on success or 0 on failure.
+ */
+int
+tls_parse_ctos_psk_kex_modes (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+/*
+ * Process a key_share extension received in the ClientHello. |pkt| contains
+ * the raw PACKET data for the extension. Returns 1 on success or 0 on failure.
+ */
+int
+tls_parse_ctos_key_share (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+int
+tls_parse_ctos_cookie (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+int
+tls_parse_ctos_supported_groups (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+int
+tls_parse_ctos_ems (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+int
+tls_parse_ctos_early_data (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+int
+tls_parse_ctos_psk (
+  SSL           *s,
+  PACKET        *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return 0;
+}
+
+int
+tls_parse_ctos_post_handshake_auth (
+  SSL                       *s,
+  PACKET                    *pkt,
+  ossl_unused unsigned int  context,
+  ossl_unused X509          *x,
+  ossl_unused size_t        chainidx
+  )
+{
+  return 0;
+}
+
+/*
+ * Add the server's renegotiation binding
+ */
+EXT_RETURN
+tls_construct_stoc_renegotiate (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_server_name (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+/* Add/include the server's max fragment len extension into ServerHello */
+EXT_RETURN
+tls_construct_stoc_maxfragmentlen (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_ec_pt_formats (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_supported_groups (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_session_ticket (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+#ifndef OPENSSL_NO_OCSP
+EXT_RETURN
+tls_construct_stoc_status_request (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+#endif
+
+#ifndef OPENSSL_NO_NEXTPROTONEG
+EXT_RETURN
+tls_construct_stoc_next_proto_neg (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+#endif
+
+EXT_RETURN
+tls_construct_stoc_alpn (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+#ifndef OPENSSL_NO_SRTP
+EXT_RETURN
+tls_construct_stoc_use_srtp (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+#endif
+
+EXT_RETURN
+tls_construct_stoc_etm (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_ems (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_supported_versions (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_key_share (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_cookie (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_cryptopro_bug (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_early_data (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
+
+EXT_RETURN
+tls_construct_stoc_psk (
+  SSL           *s,
+  WPACKET       *pkt,
+  unsigned int  context,
+  X509          *x,
+  size_t        chainidx
+  )
+{
+  return EXT_RETURN_FAIL;
+}
diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/SslStatServNull.c b/CryptoPkg/Library/OpensslLib/OpensslStub/SslStatServNull.c
new file mode 100644
index 0000000000..878f9e1a0b
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/OpensslStub/SslStatServNull.c
@@ -0,0 +1,306 @@
+/** @file
+  Null implementation of SslStatServ functions called by TlsLib.
+
+  Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "../ssl_local.h"
+#include "statem_local.h"
+#include "internal/constant_time.h"
+#include "internal/cryptlib.h"
+#include <openssl/core_names.h>
+#include <openssl/asn1t.h>
+
+int
+ossl_statem_server_read_transition (
+  SSL  *s,
+  int  mt
+  )
+{
+  return 0;
+}
+
+/*
+ * Should we send a CertificateRequest message?
+ *
+ * Valid return values are:
+ *   1: Yes
+ *   0: No
+ */
+int
+send_certificate_request (
+  SSL  *s
+  )
+{
+  return 0;
+}
+
+/*
+ * ossl_statem_server_write_transition() works out what handshake state to move
+ * to next when the server is writing messages to be sent to the client.
+ */
+WRITE_TRAN
+ossl_statem_server_write_transition (
+  SSL  *s
+  )
+{
+  return WRITE_TRAN_ERROR;
+}
+
+WORK_STATE
+ossl_statem_server_pre_work (
+  SSL         *s,
+  WORK_STATE  wst
+  )
+{
+  return WORK_ERROR;
+}
+
+/*
+ * Perform any work that needs to be done after sending a message from the
+ * server to the client.
+ */
+WORK_STATE
+ossl_statem_server_post_work (
+  SSL         *s,
+  WORK_STATE  wst
+  )
+{
+  return WORK_ERROR;
+}
+
+/*
+ * Get the message construction function and message type for sending from the
+ * server
+ *
+ * Valid return values are:
+ *   1: Success
+ *   0: Error
+ */
+int
+ossl_statem_server_construct_message (
+  SSL        *s,
+  WPACKET    *pkt,
+  confunc_f  *confunc,
+  int        *mt
+  )
+{
+  return 0;
+}
+
+/*
+ * Returns the maximum allowed length for the current message that we are
+ * reading. Excludes the message header.
+ */
+size_t
+ossl_statem_server_max_message_size (
+  SSL  *s
+  )
+{
+  return 0;
+}
+
+/*
+ * Process a message that the server has received from the client.
+ */
+MSG_PROCESS_RETURN
+ossl_statem_server_process_message (
+  SSL     *s,
+  PACKET  *pkt
+  )
+{
+  return MSG_PROCESS_ERROR;
+}
+
+/*
+ * Perform any further processing required following the receipt of a message
+ * from the client
+ */
+WORK_STATE
+ossl_statem_server_post_process_message (
+  SSL         *s,
+  WORK_STATE  wst
+  )
+{
+  return WORK_ERROR;
+}
+
+int
+dtls_raw_hello_verify_request (
+  WPACKET        *pkt,
+  unsigned char  *cookie,
+  size_t         cookie_len
+  )
+{
+  return 0;
+}
+
+int
+dtls_construct_hello_verify_request (
+  SSL      *s,
+  WPACKET  *pkt
+  )
+{
+  return 0;
+}
+
+MSG_PROCESS_RETURN
+tls_process_client_hello (
+  SSL     *s,
+  PACKET  *pkt
+  )
+{
+  return MSG_PROCESS_ERROR;
+}
+
+/*
+ * Call the alpn_select callback if needed. Upon success, returns 1.
+ * Upon failure, returns 0.
+ */
+int
+tls_handle_alpn (
+  SSL  *s
+  )
+{
+  return 0;
+}
+
+WORK_STATE
+tls_post_process_client_hello (
+  SSL         *s,
+  WORK_STATE  wst
+  )
+{
+  return WORK_ERROR;
+}
+
+int
+tls_construct_server_hello (
+  SSL      *s,
+  WPACKET  *pkt
+  )
+{
+  return 0;
+}
+
+int
+tls_construct_server_done (
+  SSL      *s,
+  WPACKET  *pkt
+  )
+{
+  return 0;
+}
+
+int
+tls_construct_server_key_exchange (
+  SSL      *s,
+  WPACKET  *pkt
+  )
+{
+  return 0;
+}
+
+int
+tls_construct_certificate_request (
+  SSL      *s,
+  WPACKET  *pkt
+  )
+{
+  return 0;
+}
+
+MSG_PROCESS_RETURN
+tls_process_client_key_exchange (
+  SSL     *s,
+  PACKET  *pkt
+  )
+{
+  return MSG_PROCESS_ERROR;
+}
+
+WORK_STATE
+tls_post_process_client_key_exchange (
+  SSL         *s,
+  WORK_STATE  wst
+  )
+{
+  return WORK_ERROR;
+}
+
+MSG_PROCESS_RETURN
+tls_process_client_certificate (
+  SSL     *s,
+  PACKET  *pkt
+  )
+{
+  return MSG_PROCESS_ERROR;
+}
+
+int
+tls_construct_server_certificate (
+  SSL      *s,
+  WPACKET  *pkt
+  )
+{
+  return 0;
+}
+
+int
+tls_construct_new_session_ticket (
+  SSL      *s,
+  WPACKET  *pkt
+  )
+{
+  return 0;
+}
+
+/*
+ * In TLSv1.3 this is called from the extensions code, otherwise it is used to
+ * create a separate message. Returns 1 on success or 0 on failure.
+ */
+int
+tls_construct_cert_status_body (
+  SSL      *s,
+  WPACKET  *pkt
+  )
+{
+  return 0;
+}
+
+int
+tls_construct_cert_status (
+  SSL      *s,
+  WPACKET  *pkt
+  )
+{
+  return 0;
+}
+
+#ifndef OPENSSL_NO_NEXTPROTONEG
+
+/*
+ * tls_process_next_proto reads a Next Protocol Negotiation handshake message.
+ * It sets the next_proto member in s if found
+ */
+MSG_PROCESS_RETURN
+tls_process_next_proto (
+  SSL     *s,
+  PACKET  *pkt
+  )
+{
+  return MSG_PROCESS_ERROR;
+}
+
+#endif
+
+MSG_PROCESS_RETURN
+tls_process_end_of_early_data (
+  SSL     *s,
+  PACKET  *pkt
+  )
+{
+  return MSG_PROCESS_ERROR;
+}
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107363): https://edk2.groups.io/g/devel/message/107363
Mute This Topic: https://groups.io/mt/100406070/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



  parent reply	other threads:[~2023-07-28  6:42 UTC|newest]

Thread overview: 42+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-07-28  6:39 [edk2-devel] [PATCH 00/29] CryptoPkg: Update OpenSSL submodule to 3.0.9 Li, Yi
2023-07-28  6:39 ` [edk2-devel] [PATCH 01/29] CryptoPkg/openssl: update submodule to openssl-3.0.9 Li, Yi
2023-07-28  6:39 ` [edk2-devel] [PATCH 02/29] CryptoPkg/openssl: cleanup all openssl1.1.1 generated files and code Li, Yi
2023-07-28  6:39 ` [edk2-devel] [PATCH 03/29] CryptoPkg/openssl: update Openssl*.inf files for openssl 3.0 Li, Yi
2023-07-28  6:39 ` [edk2-devel] [PATCH 04/29] CryptoPkg/openssl: add openssl3 configure scripts Li, Yi
2023-07-28  6:39 ` [edk2-devel] [PATCH 05/29] CryptoPkg/openssl: UefiAsm.conf update for openssl 3.0 Li, Yi
2023-07-28  6:39 ` [edk2-devel] [PATCH 06/29] CryptoPkg/BaseCryptLib: no openssl deprecation warnings please Li, Yi
2023-07-28  6:39 ` [edk2-devel] [PATCH 07/29] CryptoPkg/BaseCryptLib: adapt CryptSm3.c to openssl 3.0 changes Li, Yi
2023-07-28  6:39 ` [edk2-devel] [PATCH 08/29] CryptoPkg/BaseCryptLib: drop BIO_* dummy functions Li, Yi
2023-07-28  6:39 ` [edk2-devel] [PATCH 09/29] CryptoPkg/TlsLib: ERR_GET_FUNC is gone Li, Yi
2023-07-28  6:39 ` [edk2-devel] [PATCH 10/29] CryptoPkg/openssl: adapt rand_pool.c to openssl 3.0 changes Li, Yi
2023-07-28  6:39 ` [edk2-devel] [PATCH 11/29] CryptoPkg/openssl: move compiler_flags to buildinf.c Li, Yi
2023-07-28  6:39 ` [edk2-devel] [PATCH 12/29] CryptoPkg/openssl: store dummy update for openssl 3.0 Li, Yi
2023-07-28  6:39 ` [edk2-devel] [PATCH 13/29] CryptoPkg/openssl: adapt EcSm2Null.c " Li, Yi
2023-07-28  6:40 ` [edk2-devel] [PATCH 14/29] CryptoPkg: Move all UEFI implement of openssl to OpensslStub Li, Yi
2023-07-28  6:40 ` [edk2-devel] [PATCH 15/29] CryptoPkg: use UEFI provider as default Li, Yi
2023-07-28  6:40 ` [edk2-devel] [PATCH 16/29] CryptoPkg: adapt 3.0 change in SslNull.c Li, Yi
2023-07-28  6:40 ` [edk2-devel] [PATCH 17/29] CryptoPkg: Add instrinsics to support building openssl3 on IA32 windows Li, Yi
2023-07-28  6:40 ` [edk2-devel] [PATCH 18/29] CryptoPkg: disable C4133 warning in openssl libraries Li, Yi
2023-07-28  6:40 ` [edk2-devel] [PATCH 19/29] CryptoPkg/TlsLib: use unsigned long for ErrorCode Li, Yi
2023-07-28  6:40 ` [edk2-devel] [PATCH 20/29] CryptoPkg: Align with 4096 when build with OpensslFullAccel Li, Yi
2023-07-28  6:40 ` [edk2-devel] [PATCH 21/29] CryptoPkg: Enable memcpy sys call in RISCV64 build Li, Yi
2023-07-28  6:40 ` [edk2-devel] [PATCH 22/29] CryptoPkg: add missing gcc instructions Li, Yi
2023-07-28  6:40 ` [edk2-devel] [PATCH 23/29] CryptoPkg: add define of maximum unsigned size_t Li, Yi
2023-07-28  6:40 ` [edk2-devel] [PATCH 24/29] CryptoPkg: add implemention of _ftol2_sse() to avoid build error Li, Yi
2023-07-28  6:40 ` Li, Yi [this message]
2023-07-28  6:40 ` [edk2-devel] [PATCH 26/29] CryptoPkg: run configure.py to update all generated files Li, Yi
2023-07-28  6:40 ` [edk2-devel] [PATCH 27/29] CryptoPkg: remove strcmp to syscall Li, Yi
2023-07-28  6:40 ` [edk2-devel] [PATCH 28/29] CryptoPkg/openssl: update CI config for openssl 3.0 Li, Yi
2023-07-28  6:40 ` [edk2-devel] [PATCH 29/29] CryptoPkg: remove BN and EC accel for size optimization Li, Yi
2023-08-02 10:06 ` 回复: [edk2-devel] [PATCH 00/29] CryptoPkg: Update OpenSSL submodule to 3.0.9 gaoliming via groups.io
2023-08-02 16:41   ` Michael D Kinney
2023-08-02 18:46     ` Leif Lindholm
2023-08-04  9:44       ` 回复: " gaoliming via groups.io
2023-08-04 20:54         ` Brian J. Johnson
2023-08-04 22:55           ` Michael Kubacki
2023-08-08 23:59             ` Yao, Jiewen
2023-08-09  0:45               ` Kenneth Lautner via groups.io
2023-08-09  7:43                 ` Yao, Jiewen
2023-08-03  5:16   ` Li, Yi
2023-08-03  7:57     ` Yao, Jiewen
2023-08-03  9:20       ` Ard Biesheuvel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=86693edea445c85591d826e9924a9275da0b65a1.1690444292.git.yi1.li@intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox