From 1a89c690a1df8a22bd2157be72d438b741c96854 Mon Sep 17 00:00:00 2001 From: Ard Biesheuvel Date: Fri, 13 Sep 2024 13:00:19 +0200 Subject: CryptoPkg/OpensslLib: Create SM3-only version of the library Create a special OpensslLib implementation that only exposes the SM3 routines that MbedTlsLib borrows from OpensslLib, to avoid having to pull in other parts of OpenSSL that are not needed (e.g., via the library constructor) Signed-off-by: Ard Biesheuvel --- CryptoPkg/CryptoPkg.dsc | 1 + CryptoPkg/Library/OpensslLib/OpensslLibSm3.inf | 30 ++++++++++++++++++++++ .../OpensslLib/OpensslStub/OpensslCleanse.c | 20 +++++++++++++++ 3 files changed, 51 insertions(+) create mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibSm3.inf create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/OpensslCleanse.c diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index f23fb6f945..d4400696b8 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -372,6 +372,7 @@ CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf CryptoPkg/Library/OpensslLib/OpensslLib.inf CryptoPkg/Library/OpensslLib/OpensslLibFull.inf + CryptoPkg/Library/OpensslLib/OpensslLibSm3.inf CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.inf CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.inf diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibSm3.inf b/CryptoPkg/Library/OpensslLib/OpensslLibSm3.inf new file mode 100644 index 0000000000..9e36490db7 --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/OpensslLibSm3.inf @@ -0,0 +1,30 @@ +## @file +# Minimal OpensslLib implementation that only provides SM3 and nothing else. +# Needed by MbedTlsLib. +# +# Copyright (c) 2024, Google LLC. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION = 1.30 + BASE_NAME = OpensslLibSm3 + FILE_GUID = 96469bab-9c3f-4a60-a583-71a8bda64ec9 + MODULE_TYPE = BASE + VERSION_STRING = 1.0 + LIBRARY_CLASS = OpensslLib + + DEFINE OPENSSL_PATH = openssl + +[Sources] + $(OPENSSL_PATH)/crypto/sm3/sm3.c + OpensslStub/OpensslCleanse.c + +[Packages] + MdePkg/MdePkg.dec + CryptoPkg/CryptoPkg.dec + +[LibraryClasses] + BaseMemoryLib diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/OpensslCleanse.c b/CryptoPkg/Library/OpensslLib/OpensslStub/OpensslCleanse.c new file mode 100644 index 0000000000..21c939992d --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/OpensslStub/OpensslCleanse.c @@ -0,0 +1,20 @@ +/** @file + Minimal implementation of OPENSSL_cleanse for OpensslLibSm3.inf. + + Copyright (c) 2024, Google LLC. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include + +VOID +OPENSSL_cleanse ( + VOID *Buffer, + UINTN Size + ) +{ + ZeroMem (Buffer, Size); +} -- cgit v1.2.3