From 9b9b331e0f69fbb06be7e74cbd1687d85597b0db Mon Sep 17 00:00:00 2001 From: Yi Li Date: Thu, 3 Aug 2023 12:37:32 +0800 Subject: CryptoPkg: Move all UEFI implement of openssl to OpensslStub Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Xiaoyu Lu Cc: Guomin Jiang Reviewed-by: Jiewen Yao Acked-by: Ard Biesheuvel Tested-by: Ard Biesheuvel Tested-by: Brian J. Johnson Tested-by: Kenneth Lautner --- CryptoPkg/Library/OpensslLib/EcSm2Null.c | 384 ------------------- CryptoPkg/Library/OpensslLib/OpensslLib.inf | 8 +- CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf | 8 +- CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 8 +- CryptoPkg/Library/OpensslLib/OpensslLibFull.inf | 8 +- .../Library/OpensslLib/OpensslLibFullAccel.inf | 8 +- .../Library/OpensslLib/OpensslStub/EcSm2Null.c | 384 +++++++++++++++++++ CryptoPkg/Library/OpensslLib/OpensslStub/SslNull.c | 405 +++++++++++++++++++++ .../Library/OpensslLib/OpensslStub/ossl_store.c | 175 +++++++++ .../Library/OpensslLib/OpensslStub/rand_pool.c | 171 +++++++++ CryptoPkg/Library/OpensslLib/SslNull.c | 405 --------------------- CryptoPkg/Library/OpensslLib/ossl_store.c | 175 --------- CryptoPkg/Library/OpensslLib/rand_pool.c | 171 --------- 13 files changed, 1155 insertions(+), 1155 deletions(-) delete mode 100644 CryptoPkg/Library/OpensslLib/EcSm2Null.c create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/EcSm2Null.c create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/SslNull.c create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/ossl_store.c create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/rand_pool.c delete mode 100644 CryptoPkg/Library/OpensslLib/SslNull.c delete mode 100644 CryptoPkg/Library/OpensslLib/ossl_store.c delete mode 100644 CryptoPkg/Library/OpensslLib/rand_pool.c (limited to 'CryptoPkg/Library') diff --git a/CryptoPkg/Library/OpensslLib/EcSm2Null.c b/CryptoPkg/Library/OpensslLib/EcSm2Null.c deleted file mode 100644 index b72a749189..0000000000 --- a/CryptoPkg/Library/OpensslLib/EcSm2Null.c +++ /dev/null @@ -1,384 +0,0 @@ -/** @file - Null implementation of EC and SM2 functions called by BaseCryptLib. - - Copyright (c) 2022, Intel Corporation. All rights reserved.
- SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include -#include - -#undef EDK2_OPENSSL_NOEC - -#include -#include -#include -#include -#include - -void -EC_GROUP_free ( - EC_GROUP *group - ) -{ - ASSERT (FALSE); -} - -int -EC_GROUP_get_order ( - const EC_GROUP *group, - BIGNUM *order, - BN_CTX *ctx - ) -{ - ASSERT (FALSE); - return 0; -} - -int -EC_GROUP_get_curve_name ( - const EC_GROUP *group - ) -{ - ASSERT (FALSE); - return 0; -} - -int -EC_GROUP_get_curve ( - const EC_GROUP *group, - BIGNUM *p, - BIGNUM *a, - BIGNUM *b, - BN_CTX *ctx - ) -{ - ASSERT (FALSE); - return 0; -} - -int -EC_GROUP_get_degree ( - const EC_GROUP *group - ) -{ - ASSERT (FALSE); - return 0; -} - -EC_GROUP * -EC_GROUP_new_by_curve_name ( - int nid - ) -{ - ASSERT (FALSE); - return NULL; -} - -EC_POINT * -EC_POINT_new ( - const EC_GROUP *group - ) -{ - ASSERT (FALSE); - return NULL; -} - -void -EC_POINT_free ( - EC_POINT *point - ) -{ - ASSERT (FALSE); -} - -void -EC_POINT_clear_free ( - EC_POINT *point - ) -{ - ASSERT (FALSE); -} - -int -EC_POINT_set_affine_coordinates ( - const EC_GROUP *group, - EC_POINT *p, - const BIGNUM *x, - const BIGNUM *y, - BN_CTX *ctx - ) -{ - ASSERT (FALSE); - return 0; -} - -int -EC_POINT_get_affine_coordinates ( - const EC_GROUP *group, - const EC_POINT *p, - BIGNUM *x, - BIGNUM *y, - BN_CTX *ctx - ) -{ - ASSERT (FALSE); - return 0; -} - -int -EC_POINT_set_compressed_coordinates ( - const EC_GROUP *group, - EC_POINT *p, - const BIGNUM *x, - int y_bit, - BN_CTX *ctx - ) -{ - ASSERT (FALSE); - return 0; -} - -int -EC_POINT_add ( - const EC_GROUP *group, - EC_POINT *r, - const EC_POINT *a, - const EC_POINT *b, - BN_CTX *ctx - ) -{ - ASSERT (FALSE); - return 0; -} - -int -EC_POINT_invert ( - const EC_GROUP *group, - EC_POINT *a, - BN_CTX *ctx - ) -{ - ASSERT (FALSE); - return 0; -} - -int -EC_POINT_is_at_infinity ( - const EC_GROUP *group, - const EC_POINT *p - ) -{ - ASSERT (FALSE); - return 0; -} - -int -EC_POINT_is_on_curve ( - const EC_GROUP *group, - const EC_POINT *point, - BN_CTX *ctx - ) -{ - ASSERT (FALSE); - return -1; -} - -int -EC_POINT_cmp ( - const EC_GROUP *group, - const EC_POINT *a, - const EC_POINT *b, - BN_CTX *ctx - ) -{ - ASSERT (FALSE); - return -1; -} - -int -EC_POINT_mul ( - const EC_GROUP *group, - EC_POINT *r, - const BIGNUM *n, - const EC_POINT *q, - const BIGNUM *m, - BN_CTX *ctx - ) -{ - ASSERT (FALSE); - return -0; -} - -EC_KEY * -EC_KEY_new_by_curve_name ( - int nid - ) -{ - ASSERT (FALSE); - return NULL; -} - -void -EC_KEY_free ( - EC_KEY *key - ) -{ - ASSERT (FALSE); -} - -EC_KEY * -EC_KEY_dup ( - const EC_KEY *src - ) -{ - ASSERT (FALSE); - return NULL; -} - -const EC_GROUP * -EC_KEY_get0_group ( - const EC_KEY *key - ) -{ - ASSERT (FALSE); - return NULL; -} - -const EC_POINT * -EC_KEY_get0_public_key ( - const EC_KEY *key - ) -{ - ASSERT (FALSE); - return NULL; -} - -int -EC_KEY_set_public_key ( - EC_KEY *key, - const EC_POINT *pub - ) -{ - ASSERT (FALSE); - return 0; -} - -int -EC_KEY_generate_key ( - EC_KEY *key - ) -{ - ASSERT (FALSE); - return 0; -} - -int -EC_KEY_check_key ( - const EC_KEY *key - ) -{ - ASSERT (FALSE); - return 0; -} - -int -ECDH_compute_key ( - void *out, - size_t outlen, - const EC_POINT *pub_key, - const EC_KEY *ecdh, - void *(*KDF)( - const void *in, - size_t inlen, - void *out, - size_t *outlen - ) - ) -{ - ASSERT (FALSE); - return 0; -} - -const struct ec_key_st * -EVP_PKEY_get0_EC_KEY ( - const EVP_PKEY *pkey - ) -{ - ASSERT (FALSE); - return NULL; -} - -EC_KEY * -PEM_read_bio_ECPrivateKey ( - BIO *bp, - EC_KEY **key, - pem_password_cb *cb, - void *u - ) -{ - ASSERT (FALSE); - return NULL; -} - -ECDSA_SIG * -ECDSA_SIG_new ( - void - ) -{ - ASSERT (FALSE); - return NULL; -} - -void -ECDSA_SIG_free ( - ECDSA_SIG *sig - ) -{ - ASSERT (FALSE); -} - -void -ECDSA_SIG_get0 ( - const ECDSA_SIG *sig, - const BIGNUM **pr, - const BIGNUM **ps - ) -{ - ASSERT (FALSE); -} - -int -ECDSA_SIG_set0 ( - ECDSA_SIG *sig, - BIGNUM *r, - BIGNUM *s - ) -{ - return 0; - ASSERT (FALSE); -} - -ECDSA_SIG * -ECDSA_do_sign ( - const unsigned char *dgst, - int dgst_len, - EC_KEY *eckey - ) -{ - ASSERT (FALSE); - return NULL; -} - -int -ECDSA_do_verify ( - const unsigned char *dgst, - int dgst_len, - const ECDSA_SIG *sig, - EC_KEY *eckey - ) -{ - ASSERT (FALSE); - return -1; -} diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf index d43806708a..c6f72193e7 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf @@ -35,10 +35,10 @@ # Autogenerated files list ends here buildinf.h buildinf.c - ossl_store.c - rand_pool.c -# SslNull.c - EcSm2Null.c + OpensslStub/ossl_store.c + OpensslStub/rand_pool.c +# OpensslStub/SslNull.c + OpensslStub/EcSm2Null.c [Packages] MdePkg/MdePkg.dec diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf index 54cf01279c..98fcad47dc 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf @@ -37,10 +37,10 @@ # Autogenerated files list ends here buildinf.h buildinf.c - ossl_store.c - rand_pool.c -# SslNull.c - EcSm2Null.c + OpensslStub/ossl_store.c + OpensslStub/rand_pool.c +# OpensslStub/SslNull.c + OpensslStub/EcSm2Null.c [Sources.IA32] # Autogenerated files list starts here diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf index 3037eba9d3..861f42c3d8 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf @@ -36,10 +36,10 @@ # Autogenerated files list ends here buildinf.h buildinf.c - ossl_store.c - rand_pool.c - SslNull.c - EcSm2Null.c + OpensslStub/ossl_store.c + OpensslStub/rand_pool.c + OpensslStub/SslNull.c + OpensslStub/EcSm2Null.c [Packages] MdePkg/MdePkg.dec diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf b/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf index f9c00605f2..7815b5fea1 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf @@ -40,10 +40,10 @@ # Autogenerated files list ends here buildinf.h buildinf.c - ossl_store.c - rand_pool.c -# SslNull.c -# EcSm2Null.c + OpensslStub/ossl_store.c + OpensslStub/rand_pool.c +# OpensslStub/SslNull.c +# OpensslStub/EcSm2Null.c [Packages] MdePkg/MdePkg.dec diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf index 7ba262cb01..0a13bd04bf 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf @@ -42,10 +42,10 @@ # Autogenerated files list ends here buildinf.h buildinf.c - ossl_store.c - rand_pool.c -# SslNull.c -# EcSm2Null.c + OpensslStub/ossl_store.c + OpensslStub/rand_pool.c +# OpensslStub/SslNull.c +# OpensslStub/EcSm2Null.c [Sources.IA32] # Autogenerated files list starts here diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/EcSm2Null.c b/CryptoPkg/Library/OpensslLib/OpensslStub/EcSm2Null.c new file mode 100644 index 0000000000..b72a749189 --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/OpensslStub/EcSm2Null.c @@ -0,0 +1,384 @@ +/** @file + Null implementation of EC and SM2 functions called by BaseCryptLib. + + Copyright (c) 2022, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include + +#undef EDK2_OPENSSL_NOEC + +#include +#include +#include +#include +#include + +void +EC_GROUP_free ( + EC_GROUP *group + ) +{ + ASSERT (FALSE); +} + +int +EC_GROUP_get_order ( + const EC_GROUP *group, + BIGNUM *order, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_GROUP_get_curve_name ( + const EC_GROUP *group + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_GROUP_get_curve ( + const EC_GROUP *group, + BIGNUM *p, + BIGNUM *a, + BIGNUM *b, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_GROUP_get_degree ( + const EC_GROUP *group + ) +{ + ASSERT (FALSE); + return 0; +} + +EC_GROUP * +EC_GROUP_new_by_curve_name ( + int nid + ) +{ + ASSERT (FALSE); + return NULL; +} + +EC_POINT * +EC_POINT_new ( + const EC_GROUP *group + ) +{ + ASSERT (FALSE); + return NULL; +} + +void +EC_POINT_free ( + EC_POINT *point + ) +{ + ASSERT (FALSE); +} + +void +EC_POINT_clear_free ( + EC_POINT *point + ) +{ + ASSERT (FALSE); +} + +int +EC_POINT_set_affine_coordinates ( + const EC_GROUP *group, + EC_POINT *p, + const BIGNUM *x, + const BIGNUM *y, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_POINT_get_affine_coordinates ( + const EC_GROUP *group, + const EC_POINT *p, + BIGNUM *x, + BIGNUM *y, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_POINT_set_compressed_coordinates ( + const EC_GROUP *group, + EC_POINT *p, + const BIGNUM *x, + int y_bit, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_POINT_add ( + const EC_GROUP *group, + EC_POINT *r, + const EC_POINT *a, + const EC_POINT *b, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_POINT_invert ( + const EC_GROUP *group, + EC_POINT *a, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_POINT_is_at_infinity ( + const EC_GROUP *group, + const EC_POINT *p + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_POINT_is_on_curve ( + const EC_GROUP *group, + const EC_POINT *point, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return -1; +} + +int +EC_POINT_cmp ( + const EC_GROUP *group, + const EC_POINT *a, + const EC_POINT *b, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return -1; +} + +int +EC_POINT_mul ( + const EC_GROUP *group, + EC_POINT *r, + const BIGNUM *n, + const EC_POINT *q, + const BIGNUM *m, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return -0; +} + +EC_KEY * +EC_KEY_new_by_curve_name ( + int nid + ) +{ + ASSERT (FALSE); + return NULL; +} + +void +EC_KEY_free ( + EC_KEY *key + ) +{ + ASSERT (FALSE); +} + +EC_KEY * +EC_KEY_dup ( + const EC_KEY *src + ) +{ + ASSERT (FALSE); + return NULL; +} + +const EC_GROUP * +EC_KEY_get0_group ( + const EC_KEY *key + ) +{ + ASSERT (FALSE); + return NULL; +} + +const EC_POINT * +EC_KEY_get0_public_key ( + const EC_KEY *key + ) +{ + ASSERT (FALSE); + return NULL; +} + +int +EC_KEY_set_public_key ( + EC_KEY *key, + const EC_POINT *pub + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_KEY_generate_key ( + EC_KEY *key + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_KEY_check_key ( + const EC_KEY *key + ) +{ + ASSERT (FALSE); + return 0; +} + +int +ECDH_compute_key ( + void *out, + size_t outlen, + const EC_POINT *pub_key, + const EC_KEY *ecdh, + void *(*KDF)( + const void *in, + size_t inlen, + void *out, + size_t *outlen + ) + ) +{ + ASSERT (FALSE); + return 0; +} + +const struct ec_key_st * +EVP_PKEY_get0_EC_KEY ( + const EVP_PKEY *pkey + ) +{ + ASSERT (FALSE); + return NULL; +} + +EC_KEY * +PEM_read_bio_ECPrivateKey ( + BIO *bp, + EC_KEY **key, + pem_password_cb *cb, + void *u + ) +{ + ASSERT (FALSE); + return NULL; +} + +ECDSA_SIG * +ECDSA_SIG_new ( + void + ) +{ + ASSERT (FALSE); + return NULL; +} + +void +ECDSA_SIG_free ( + ECDSA_SIG *sig + ) +{ + ASSERT (FALSE); +} + +void +ECDSA_SIG_get0 ( + const ECDSA_SIG *sig, + const BIGNUM **pr, + const BIGNUM **ps + ) +{ + ASSERT (FALSE); +} + +int +ECDSA_SIG_set0 ( + ECDSA_SIG *sig, + BIGNUM *r, + BIGNUM *s + ) +{ + return 0; + ASSERT (FALSE); +} + +ECDSA_SIG * +ECDSA_do_sign ( + const unsigned char *dgst, + int dgst_len, + EC_KEY *eckey + ) +{ + ASSERT (FALSE); + return NULL; +} + +int +ECDSA_do_verify ( + const unsigned char *dgst, + int dgst_len, + const ECDSA_SIG *sig, + EC_KEY *eckey + ) +{ + ASSERT (FALSE); + return -1; +} diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/SslNull.c b/CryptoPkg/Library/OpensslLib/OpensslStub/SslNull.c new file mode 100644 index 0000000000..49f1405bc0 --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/OpensslStub/SslNull.c @@ -0,0 +1,405 @@ +/** @file + Null implementation of SSL functions called by BaseCryptLib. + + Copyright (c) 2022, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include + +int +OPENSSL_init_ssl ( + uint64_t opts, + const OPENSSL_INIT_SETTINGS *settings + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur uint32_t +SSL_CIPHER_get_id ( + const SSL_CIPHER *c + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_COMP_add_compression_method ( + int id, + COMP_METHOD *cm + ) +{ + ASSERT (FALSE); + return 0; +} + +long +SSL_CTX_ctrl ( + SSL_CTX *ctx, + int cmd, + long larg, + void *parg + ) +{ + ASSERT (FALSE); + return 0; +} + +void +SSL_CTX_free ( + SSL_CTX *x + ) +{ + ASSERT (FALSE); + return; +} + +__owur X509_STORE * +SSL_CTX_get_cert_store ( + const SSL_CTX *x + ) +{ + ASSERT (FALSE); + return NULL; +} + +__owur SSL_CTX * +SSL_CTX_new ( + const SSL_METHOD *meth + ) +{ + ASSERT (FALSE); + return NULL; +} + +unsigned long +SSL_CTX_set_options ( + SSL_CTX *ctx, + unsigned long op + ) +{ + ASSERT (FALSE); + return 0; +} + +const unsigned char * +SSL_SESSION_get_id ( + const SSL_SESSION *s, + unsigned int *len + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur size_t +SSL_SESSION_get_master_key ( + const SSL_SESSION *sess, + unsigned char *out, + size_t outlen + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_SESSION_set1_id ( + SSL_SESSION *s, + const unsigned char *sid, + unsigned int sid_len + ) +{ + ASSERT (FALSE); + return 0; +} + +long +SSL_ctrl ( + SSL *ssl, + int cmd, + long larg, + void *parg + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_do_handshake ( + SSL *s + ) +{ + ASSERT (FALSE); + return 0; +} + +void +SSL_free ( + SSL *ssl + ) +{ + ASSERT (FALSE); + return; +} + +__owur X509 * +SSL_get_certificate ( + const SSL *ssl + ) +{ + ASSERT (FALSE); + return NULL; +} + +__owur size_t +SSL_get_client_random ( + const SSL *ssl, + unsigned char *out, + size_t outlen + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur const SSL_CIPHER * +SSL_get_current_cipher ( + const SSL *s + ) +{ + ASSERT (FALSE); + return NULL; +} + +__owur int +SSL_get_error ( + const SSL *s, + int ret_code + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur size_t +SSL_get_server_random ( + const SSL *ssl, + unsigned char *out, + size_t outlen + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur SSL_SESSION * +SSL_get_session ( + const SSL *ssl + ) +{ + ASSERT (FALSE); + return NULL; +} + +__owur SSL_CTX * +SSL_get_SSL_CTX ( + const SSL *ssl + ) +{ + ASSERT (FALSE); + return NULL; +} + +__owur OSSL_HANDSHAKE_STATE +SSL_get_state ( + const SSL *ssl + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_get_verify_mode ( + const SSL *s + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur X509_VERIFY_PARAM * +SSL_get0_param ( + SSL *ssl + ) +{ + ASSERT (FALSE); + return NULL; +} + +int +SSL_is_init_finished ( + const SSL *s + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_is_server ( + const SSL *s + ) +{ + ASSERT (FALSE); + return 0; +} + +SSL * +SSL_new ( + SSL_CTX *ctx + ) +{ + ASSERT (FALSE); + return NULL; +} + +__owur int +SSL_read ( + SSL *ssl, + void *buf, + int num + ) +{ + ASSERT (FALSE); + return 0; +} + +void +SSL_set_bio ( + SSL *s, + BIO *rbio, + BIO *wbio + ) +{ + ASSERT (FALSE); + return; +} + +__owur int +SSL_set_cipher_list ( + SSL *s, + const char *str + ) +{ + ASSERT (FALSE); + return 0; +} + +void +SSL_set_connect_state ( + SSL *s + ) +{ + ASSERT (FALSE); + return; +} + +void +SSL_set_hostflags ( + SSL *s, + unsigned int flags + ) +{ + ASSERT (FALSE); + return; +} + +void +SSL_set_info_callback ( + SSL *ssl, + void ( *cb )(const SSL *ssl, int type, int val) + ) +{ + ASSERT (FALSE); + return; +} + +void +SSL_set_security_level ( + SSL *s, + int level + ) +{ + ASSERT (FALSE); + return; +} + +void +SSL_set_verify ( + SSL *s, + int mode, + SSL_verify_cb callback + ) +{ + ASSERT (FALSE); + return; +} + +int +SSL_shutdown ( + SSL *s + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_use_certificate ( + SSL *ssl, + X509 *x + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_version ( + const SSL *ssl + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_write ( + SSL *ssl, + const void *buf, + int num + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur const SSL_METHOD * +TLS_client_method ( + void + ) +{ + ASSERT (FALSE); + return NULL; +} diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/ossl_store.c b/CryptoPkg/Library/OpensslLib/OpensslStub/ossl_store.c new file mode 100644 index 0000000000..f1e1b8b60f --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/OpensslStub/ossl_store.c @@ -0,0 +1,175 @@ +/** @file + Dummy implement ossl_store(Store retrieval functions) for UEFI. + +Copyright (c) 2019, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include + +/* + * This function is cleanup ossl store. + * + * Dummy Implement for UEFI + */ +void +ossl_store_cleanup_int ( + void + ) +{ +} + +int +ossl_store_loader_store_cache_flush ( + OSSL_LIB_CTX *libctx + ) +{ + return 1; +} + +int +ossl_store_loader_store_remove_all_provided ( + OSSL_PROVIDER *prov + ) +{ + return 1; +} + +static void * +file_open ( + void *provctx, + const char *uri + ) +{ + return NULL; +} + +const OSSL_DISPATCH ossl_file_store_functions[] = { + { OSSL_FUNC_STORE_OPEN, (void (*)(void)) file_open }, + { 0, NULL }, +}; + +OSSL_STORE_CTX * +OSSL_STORE_open ( + const char *uri, + const UI_METHOD *ui_method, + void *ui_data, + OSSL_STORE_post_process_info_fn post_process, + void *post_process_data + ) +{ + return NULL; +} + +OSSL_STORE_CTX * +OSSL_STORE_open_ex ( + const char *uri, + OSSL_LIB_CTX *libctx, + const char *propq, + const UI_METHOD *ui_method, + void *ui_data, + const OSSL_PARAM params[], + OSSL_STORE_post_process_info_fn post_process, + void *post_process_data + ) +{ + return NULL; +} + +int +OSSL_STORE_INFO_get_type ( + const OSSL_STORE_INFO *info + ) +{ + return 0; +} + +int +OSSL_STORE_find ( + OSSL_STORE_CTX *ctx, + const OSSL_STORE_SEARCH *search + ) +{ + return 0; +} + +OSSL_STORE_INFO * +OSSL_STORE_load ( + OSSL_STORE_CTX *ctx + ) +{ + return NULL; +} + +const char * +OSSL_STORE_INFO_get0_NAME ( + const OSSL_STORE_INFO *info + ) +{ + return NULL; +} + +X509 * +OSSL_STORE_INFO_get0_CERT ( + const OSSL_STORE_INFO *info + ) +{ + return NULL; +} + +X509_CRL * +OSSL_STORE_INFO_get0_CRL ( + const OSSL_STORE_INFO *info + ) +{ + return NULL; +} + +int +OSSL_STORE_eof ( + OSSL_STORE_CTX *ctx + ) +{ + return 0; +} + +int +OSSL_STORE_error ( + OSSL_STORE_CTX *ctx + ) +{ + return 0; +} + +int +OSSL_STORE_close ( + OSSL_STORE_CTX *ctx + ) +{ + return 0; +} + +void +OSSL_STORE_INFO_free ( + OSSL_STORE_INFO *info + ) +{ +} + +OSSL_STORE_SEARCH * +OSSL_STORE_SEARCH_by_name ( + X509_NAME *name + ) +{ + return NULL; +} + +void +OSSL_STORE_SEARCH_free ( + OSSL_STORE_SEARCH *search + ) +{ +} diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/rand_pool.c b/CryptoPkg/Library/OpensslLib/OpensslStub/rand_pool.c new file mode 100644 index 0000000000..03047b233e --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/OpensslStub/rand_pool.c @@ -0,0 +1,171 @@ +/** @file + OpenSSL_1_1_1b doesn't implement rand_pool_* functions for UEFI. + The file implement these functions. + + Copyright (c) 2019, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "crypto/rand.h" +#include + +#include +#include + +/** + Calls RandomNumber64 to fill + a buffer of arbitrary size with random bytes. + This is a shim layer to RngLib. + + @param[in] Length Size of the buffer, in bytes, to fill with. + @param[out] RandBuffer Pointer to the buffer to store the random result. + + @retval TRUE Random bytes generation succeeded. + @retval FALSE Failed to request random bytes. + +**/ +STATIC +BOOLEAN +EFIAPI +RandGetBytes ( + IN UINTN Length, + OUT UINT8 *RandBuffer + ) +{ + BOOLEAN Ret; + UINT64 TempRand; + + Ret = FALSE; + + if (RandBuffer == NULL) { + DEBUG ((DEBUG_ERROR, "[OPENSSL_RAND_POOL] NULL RandBuffer. No random numbers are generated and your system is not secure\n")); + ASSERT (RandBuffer != NULL); // Since we can't generate random numbers, we should assert. Otherwise we will just blow up later. + return Ret; + } + + while (Length > 0) { + // Use RngLib to get random number + Ret = GetRandomNumber64 (&TempRand); + + if (!Ret) { + return Ret; + } + + if (Length >= sizeof (TempRand)) { + *((UINT64 *)RandBuffer) = TempRand; + RandBuffer += sizeof (UINT64); + Length -= sizeof (TempRand); + } else { + CopyMem (RandBuffer, &TempRand, Length); + Length = 0; + } + } + + return Ret; +} + +/* + * Add random bytes to the pool to acquire requested amount of entropy + * + * This function is platform specific and tries to acquire the requested + * amount of entropy by polling platform specific entropy sources. + * + * This is OpenSSL required interface. + */ +size_t +ossl_pool_acquire_entropy ( + RAND_POOL *pool + ) +{ + BOOLEAN Ret; + size_t Bytes_needed; + unsigned char *Buffer; + + Bytes_needed = ossl_rand_pool_bytes_needed (pool, 1 /*entropy_factor*/); + if (Bytes_needed > 0) { + Buffer = ossl_rand_pool_add_begin (pool, Bytes_needed); + + if (Buffer != NULL) { + Ret = RandGetBytes (Bytes_needed, Buffer); + if (FALSE == Ret) { + ossl_rand_pool_add_end (pool, 0, 0); + } else { + ossl_rand_pool_add_end (pool, Bytes_needed, 8 * Bytes_needed); + } + } + } + + return ossl_rand_pool_entropy_available (pool); +} + +/* + * Implementation for UEFI + * + * This is OpenSSL required interface. + */ +int +ossl_pool_add_nonce_data ( + RAND_POOL *pool + ) +{ + UINT8 data[16]; + + RandGetBytes (sizeof (data), data); + + return ossl_rand_pool_add (pool, (unsigned char *)&data, sizeof (data), 0); +} + +/* + * Implementation for UEFI + * + * This is OpenSSL required interface. + */ +int +rand_pool_add_additional_data ( + RAND_POOL *pool + ) +{ + UINT8 data[16]; + + RandGetBytes (sizeof (data), data); + + return ossl_rand_pool_add (pool, (unsigned char *)&data, sizeof (data), 0); +} + +/* + * Dummy Implementation for UEFI + * + * This is OpenSSL required interface. + */ +int +ossl_rand_pool_init ( + VOID + ) +{ + return 1; +} + +/* + * Dummy Implementation for UEFI + * + * This is OpenSSL required interface. + */ +VOID +ossl_rand_pool_cleanup ( + VOID + ) +{ +} + +/* + * Dummy Implementation for UEFI + * + * This is OpenSSL required interface. + */ +VOID +ossl_rand_pool_keep_random_devices_open ( + int keep + ) +{ +} diff --git a/CryptoPkg/Library/OpensslLib/SslNull.c b/CryptoPkg/Library/OpensslLib/SslNull.c deleted file mode 100644 index 49f1405bc0..0000000000 --- a/CryptoPkg/Library/OpensslLib/SslNull.c +++ /dev/null @@ -1,405 +0,0 @@ -/** @file - Null implementation of SSL functions called by BaseCryptLib. - - Copyright (c) 2022, Intel Corporation. All rights reserved.
- SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include -#include -#include -#include -#include - -int -OPENSSL_init_ssl ( - uint64_t opts, - const OPENSSL_INIT_SETTINGS *settings - ) -{ - ASSERT (FALSE); - return 0; -} - -__owur uint32_t -SSL_CIPHER_get_id ( - const SSL_CIPHER *c - ) -{ - ASSERT (FALSE); - return 0; -} - -__owur int -SSL_COMP_add_compression_method ( - int id, - COMP_METHOD *cm - ) -{ - ASSERT (FALSE); - return 0; -} - -long -SSL_CTX_ctrl ( - SSL_CTX *ctx, - int cmd, - long larg, - void *parg - ) -{ - ASSERT (FALSE); - return 0; -} - -void -SSL_CTX_free ( - SSL_CTX *x - ) -{ - ASSERT (FALSE); - return; -} - -__owur X509_STORE * -SSL_CTX_get_cert_store ( - const SSL_CTX *x - ) -{ - ASSERT (FALSE); - return NULL; -} - -__owur SSL_CTX * -SSL_CTX_new ( - const SSL_METHOD *meth - ) -{ - ASSERT (FALSE); - return NULL; -} - -unsigned long -SSL_CTX_set_options ( - SSL_CTX *ctx, - unsigned long op - ) -{ - ASSERT (FALSE); - return 0; -} - -const unsigned char * -SSL_SESSION_get_id ( - const SSL_SESSION *s, - unsigned int *len - ) -{ - ASSERT (FALSE); - return 0; -} - -__owur size_t -SSL_SESSION_get_master_key ( - const SSL_SESSION *sess, - unsigned char *out, - size_t outlen - ) -{ - ASSERT (FALSE); - return 0; -} - -__owur int -SSL_SESSION_set1_id ( - SSL_SESSION *s, - const unsigned char *sid, - unsigned int sid_len - ) -{ - ASSERT (FALSE); - return 0; -} - -long -SSL_ctrl ( - SSL *ssl, - int cmd, - long larg, - void *parg - ) -{ - ASSERT (FALSE); - return 0; -} - -__owur int -SSL_do_handshake ( - SSL *s - ) -{ - ASSERT (FALSE); - return 0; -} - -void -SSL_free ( - SSL *ssl - ) -{ - ASSERT (FALSE); - return; -} - -__owur X509 * -SSL_get_certificate ( - const SSL *ssl - ) -{ - ASSERT (FALSE); - return NULL; -} - -__owur size_t -SSL_get_client_random ( - const SSL *ssl, - unsigned char *out, - size_t outlen - ) -{ - ASSERT (FALSE); - return 0; -} - -__owur const SSL_CIPHER * -SSL_get_current_cipher ( - const SSL *s - ) -{ - ASSERT (FALSE); - return NULL; -} - -__owur int -SSL_get_error ( - const SSL *s, - int ret_code - ) -{ - ASSERT (FALSE); - return 0; -} - -__owur size_t -SSL_get_server_random ( - const SSL *ssl, - unsigned char *out, - size_t outlen - ) -{ - ASSERT (FALSE); - return 0; -} - -__owur SSL_SESSION * -SSL_get_session ( - const SSL *ssl - ) -{ - ASSERT (FALSE); - return NULL; -} - -__owur SSL_CTX * -SSL_get_SSL_CTX ( - const SSL *ssl - ) -{ - ASSERT (FALSE); - return NULL; -} - -__owur OSSL_HANDSHAKE_STATE -SSL_get_state ( - const SSL *ssl - ) -{ - ASSERT (FALSE); - return 0; -} - -__owur int -SSL_get_verify_mode ( - const SSL *s - ) -{ - ASSERT (FALSE); - return 0; -} - -__owur X509_VERIFY_PARAM * -SSL_get0_param ( - SSL *ssl - ) -{ - ASSERT (FALSE); - return NULL; -} - -int -SSL_is_init_finished ( - const SSL *s - ) -{ - ASSERT (FALSE); - return 0; -} - -__owur int -SSL_is_server ( - const SSL *s - ) -{ - ASSERT (FALSE); - return 0; -} - -SSL * -SSL_new ( - SSL_CTX *ctx - ) -{ - ASSERT (FALSE); - return NULL; -} - -__owur int -SSL_read ( - SSL *ssl, - void *buf, - int num - ) -{ - ASSERT (FALSE); - return 0; -} - -void -SSL_set_bio ( - SSL *s, - BIO *rbio, - BIO *wbio - ) -{ - ASSERT (FALSE); - return; -} - -__owur int -SSL_set_cipher_list ( - SSL *s, - const char *str - ) -{ - ASSERT (FALSE); - return 0; -} - -void -SSL_set_connect_state ( - SSL *s - ) -{ - ASSERT (FALSE); - return; -} - -void -SSL_set_hostflags ( - SSL *s, - unsigned int flags - ) -{ - ASSERT (FALSE); - return; -} - -void -SSL_set_info_callback ( - SSL *ssl, - void ( *cb )(const SSL *ssl, int type, int val) - ) -{ - ASSERT (FALSE); - return; -} - -void -SSL_set_security_level ( - SSL *s, - int level - ) -{ - ASSERT (FALSE); - return; -} - -void -SSL_set_verify ( - SSL *s, - int mode, - SSL_verify_cb callback - ) -{ - ASSERT (FALSE); - return; -} - -int -SSL_shutdown ( - SSL *s - ) -{ - ASSERT (FALSE); - return 0; -} - -__owur int -SSL_use_certificate ( - SSL *ssl, - X509 *x - ) -{ - ASSERT (FALSE); - return 0; -} - -__owur int -SSL_version ( - const SSL *ssl - ) -{ - ASSERT (FALSE); - return 0; -} - -__owur int -SSL_write ( - SSL *ssl, - const void *buf, - int num - ) -{ - ASSERT (FALSE); - return 0; -} - -__owur const SSL_METHOD * -TLS_client_method ( - void - ) -{ - ASSERT (FALSE); - return NULL; -} diff --git a/CryptoPkg/Library/OpensslLib/ossl_store.c b/CryptoPkg/Library/OpensslLib/ossl_store.c deleted file mode 100644 index f1e1b8b60f..0000000000 --- a/CryptoPkg/Library/OpensslLib/ossl_store.c +++ /dev/null @@ -1,175 +0,0 @@ -/** @file - Dummy implement ossl_store(Store retrieval functions) for UEFI. - -Copyright (c) 2019, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include -#include -#include - -/* - * This function is cleanup ossl store. - * - * Dummy Implement for UEFI - */ -void -ossl_store_cleanup_int ( - void - ) -{ -} - -int -ossl_store_loader_store_cache_flush ( - OSSL_LIB_CTX *libctx - ) -{ - return 1; -} - -int -ossl_store_loader_store_remove_all_provided ( - OSSL_PROVIDER *prov - ) -{ - return 1; -} - -static void * -file_open ( - void *provctx, - const char *uri - ) -{ - return NULL; -} - -const OSSL_DISPATCH ossl_file_store_functions[] = { - { OSSL_FUNC_STORE_OPEN, (void (*)(void)) file_open }, - { 0, NULL }, -}; - -OSSL_STORE_CTX * -OSSL_STORE_open ( - const char *uri, - const UI_METHOD *ui_method, - void *ui_data, - OSSL_STORE_post_process_info_fn post_process, - void *post_process_data - ) -{ - return NULL; -} - -OSSL_STORE_CTX * -OSSL_STORE_open_ex ( - const char *uri, - OSSL_LIB_CTX *libctx, - const char *propq, - const UI_METHOD *ui_method, - void *ui_data, - const OSSL_PARAM params[], - OSSL_STORE_post_process_info_fn post_process, - void *post_process_data - ) -{ - return NULL; -} - -int -OSSL_STORE_INFO_get_type ( - const OSSL_STORE_INFO *info - ) -{ - return 0; -} - -int -OSSL_STORE_find ( - OSSL_STORE_CTX *ctx, - const OSSL_STORE_SEARCH *search - ) -{ - return 0; -} - -OSSL_STORE_INFO * -OSSL_STORE_load ( - OSSL_STORE_CTX *ctx - ) -{ - return NULL; -} - -const char * -OSSL_STORE_INFO_get0_NAME ( - const OSSL_STORE_INFO *info - ) -{ - return NULL; -} - -X509 * -OSSL_STORE_INFO_get0_CERT ( - const OSSL_STORE_INFO *info - ) -{ - return NULL; -} - -X509_CRL * -OSSL_STORE_INFO_get0_CRL ( - const OSSL_STORE_INFO *info - ) -{ - return NULL; -} - -int -OSSL_STORE_eof ( - OSSL_STORE_CTX *ctx - ) -{ - return 0; -} - -int -OSSL_STORE_error ( - OSSL_STORE_CTX *ctx - ) -{ - return 0; -} - -int -OSSL_STORE_close ( - OSSL_STORE_CTX *ctx - ) -{ - return 0; -} - -void -OSSL_STORE_INFO_free ( - OSSL_STORE_INFO *info - ) -{ -} - -OSSL_STORE_SEARCH * -OSSL_STORE_SEARCH_by_name ( - X509_NAME *name - ) -{ - return NULL; -} - -void -OSSL_STORE_SEARCH_free ( - OSSL_STORE_SEARCH *search - ) -{ -} diff --git a/CryptoPkg/Library/OpensslLib/rand_pool.c b/CryptoPkg/Library/OpensslLib/rand_pool.c deleted file mode 100644 index 03047b233e..0000000000 --- a/CryptoPkg/Library/OpensslLib/rand_pool.c +++ /dev/null @@ -1,171 +0,0 @@ -/** @file - OpenSSL_1_1_1b doesn't implement rand_pool_* functions for UEFI. - The file implement these functions. - - Copyright (c) 2019, Intel Corporation. All rights reserved.
- SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include "crypto/rand.h" -#include - -#include -#include - -/** - Calls RandomNumber64 to fill - a buffer of arbitrary size with random bytes. - This is a shim layer to RngLib. - - @param[in] Length Size of the buffer, in bytes, to fill with. - @param[out] RandBuffer Pointer to the buffer to store the random result. - - @retval TRUE Random bytes generation succeeded. - @retval FALSE Failed to request random bytes. - -**/ -STATIC -BOOLEAN -EFIAPI -RandGetBytes ( - IN UINTN Length, - OUT UINT8 *RandBuffer - ) -{ - BOOLEAN Ret; - UINT64 TempRand; - - Ret = FALSE; - - if (RandBuffer == NULL) { - DEBUG ((DEBUG_ERROR, "[OPENSSL_RAND_POOL] NULL RandBuffer. No random numbers are generated and your system is not secure\n")); - ASSERT (RandBuffer != NULL); // Since we can't generate random numbers, we should assert. Otherwise we will just blow up later. - return Ret; - } - - while (Length > 0) { - // Use RngLib to get random number - Ret = GetRandomNumber64 (&TempRand); - - if (!Ret) { - return Ret; - } - - if (Length >= sizeof (TempRand)) { - *((UINT64 *)RandBuffer) = TempRand; - RandBuffer += sizeof (UINT64); - Length -= sizeof (TempRand); - } else { - CopyMem (RandBuffer, &TempRand, Length); - Length = 0; - } - } - - return Ret; -} - -/* - * Add random bytes to the pool to acquire requested amount of entropy - * - * This function is platform specific and tries to acquire the requested - * amount of entropy by polling platform specific entropy sources. - * - * This is OpenSSL required interface. - */ -size_t -ossl_pool_acquire_entropy ( - RAND_POOL *pool - ) -{ - BOOLEAN Ret; - size_t Bytes_needed; - unsigned char *Buffer; - - Bytes_needed = ossl_rand_pool_bytes_needed (pool, 1 /*entropy_factor*/); - if (Bytes_needed > 0) { - Buffer = ossl_rand_pool_add_begin (pool, Bytes_needed); - - if (Buffer != NULL) { - Ret = RandGetBytes (Bytes_needed, Buffer); - if (FALSE == Ret) { - ossl_rand_pool_add_end (pool, 0, 0); - } else { - ossl_rand_pool_add_end (pool, Bytes_needed, 8 * Bytes_needed); - } - } - } - - return ossl_rand_pool_entropy_available (pool); -} - -/* - * Implementation for UEFI - * - * This is OpenSSL required interface. - */ -int -ossl_pool_add_nonce_data ( - RAND_POOL *pool - ) -{ - UINT8 data[16]; - - RandGetBytes (sizeof (data), data); - - return ossl_rand_pool_add (pool, (unsigned char *)&data, sizeof (data), 0); -} - -/* - * Implementation for UEFI - * - * This is OpenSSL required interface. - */ -int -rand_pool_add_additional_data ( - RAND_POOL *pool - ) -{ - UINT8 data[16]; - - RandGetBytes (sizeof (data), data); - - return ossl_rand_pool_add (pool, (unsigned char *)&data, sizeof (data), 0); -} - -/* - * Dummy Implementation for UEFI - * - * This is OpenSSL required interface. - */ -int -ossl_rand_pool_init ( - VOID - ) -{ - return 1; -} - -/* - * Dummy Implementation for UEFI - * - * This is OpenSSL required interface. - */ -VOID -ossl_rand_pool_cleanup ( - VOID - ) -{ -} - -/* - * Dummy Implementation for UEFI - * - * This is OpenSSL required interface. - */ -VOID -ossl_rand_pool_keep_random_devices_open ( - int keep - ) -{ -} -- cgit v1.2.3