X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=CryptoPkg%2FLibrary%2FOpensslLib%2FOpensslLibCrypto.inf;h=0ec372454119eee4a8943fd0e71ff74b9112b161;hp=63b4a8f3d83df51b7ea3016f47b92026422dcae1;hb=HEAD;hpb=a332ffb6efb57c338087551325cc4fffb0c81210
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
index 63b4a8f3d8..c4eaea888c 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
@@ -1,8 +1,10 @@
## @file
-# This module provides OpenSSL Library implementation.
+# This module provides OpenSSL Library implementation with ECC and TLS
+# features removed and features have performance optimizations enabled.
#
# Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.
# (C) Copyright 2020 Hewlett Packard Enterprise Development LP
+# Copyright (c) 2022, Loongson Technology Corporation Limited. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -15,14 +17,18 @@
MODULE_TYPE = BASE
VERSION_STRING = 1.0
LIBRARY_CLASS = OpensslLib
+ CONSTRUCTOR = OpensslLibConstructor
+
DEFINE OPENSSL_PATH = openssl
- DEFINE OPENSSL_FLAGS = -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_ASM
+ DEFINE OPENSSL_FLAGS = -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_EC -DOPENSSL_NO_ECDH -DOPENSSL_NO_ECDSA -DOPENSSL_NO_TLS1_3 -DOPENSSL_NO_SM2 -DOPENSSL_NO_ASM
+ DEFINE OPENSSL_FLAGS_CONFIG =
#
# VALID_ARCHITECTURES = IA32 X64 ARM AARCH64
#
[Sources]
+ OpensslLibConstructor.c
$(OPENSSL_PATH)/e_os.h
$(OPENSSL_PATH)/ms/uplink.h
# Autogenerated files list starts here
@@ -199,43 +205,6 @@
$(OPENSSL_PATH)/crypto/dso/dso_vms.c
$(OPENSSL_PATH)/crypto/dso/dso_win32.c
$(OPENSSL_PATH)/crypto/ebcdic.c
- $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
$(OPENSSL_PATH)/crypto/err/err.c
$(OPENSSL_PATH)/crypto/err/err_prn.c
$(OPENSSL_PATH)/crypto/evp/bio_b64.c
@@ -421,10 +390,6 @@
$(OPENSSL_PATH)/crypto/siphash/siphash.c
$(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c
$(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c
- $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/sm2/sm2_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
$(OPENSSL_PATH)/crypto/sm3/m_sm3.c
$(OPENSSL_PATH)/crypto/sm3/sm3.c
$(OPENSSL_PATH)/crypto/sm4/sm4.c
@@ -537,15 +502,6 @@
$(OPENSSL_PATH)/crypto/conf/conf_local.h
$(OPENSSL_PATH)/crypto/dh/dh_local.h
$(OPENSSL_PATH)/crypto/dso/dso_local.h
- $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
$(OPENSSL_PATH)/crypto/evp/evp_local.h
$(OPENSSL_PATH)/crypto/hmac/hmac_local.h
$(OPENSSL_PATH)/crypto/lhash/lhash_local.h
@@ -572,6 +528,8 @@
buildinf.h
ossl_store.c
rand_pool.c
+ SslNull.c
+ EcSm2Null.c
[Packages]
MdePkg/MdePkg.dec
@@ -581,20 +539,17 @@
BaseLib
DebugLib
RngLib
- PrintLib
[LibraryClasses.ARM]
ArmSoftFloatLib
-[FixedPcd]
- gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled ## CONSUMES
-
[BuildOptions]
#
# Disables the following Visual Studio compiler warnings brought by openssl source,
# so we do not break the build with /WX option:
# C4090: 'function' : different 'const' qualifiers
# C4132: 'object' : const object should be initialized (tls13_enc.c)
+ # C4210: nonstandard extension used: function given file scope
# C4244: conversion from type1 to type2, possible loss of data
# C4245: conversion from type1 to type2, signed/unsigned mismatch
# C4267: conversion from size_t to type, possible loss of data
@@ -606,11 +561,19 @@
# C4706: assignment within conditional expression
# C4819: The file contains a character that cannot be represented in the current code page
#
- MSFT:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4132 /wd4244 /wd4245 /wd4267 /wd4310 /wd4389 /wd4700 /wd4702 /wd4706 /wd4819
- MSFT:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4132 /wd4244 /wd4245 /wd4267 /wd4306 /wd4310 /wd4700 /wd4389 /wd4702 /wd4706 /wd4819
+ MSFT:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) /wd4090 /wd4132 /wd4210 /wd4244 /wd4245 /wd4267 /wd4310 /wd4389 /wd4700 /wd4702 /wd4706 /wd4819
+ MSFT:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) /wd4090 /wd4132 /wd4210 /wd4244 /wd4245 /wd4267 /wd4306 /wd4310 /wd4700 /wd4389 /wd4702 /wd4706 /wd4819
+
+ #
+ # Disable following Visual Studio 2015 compiler warnings brought by openssl source,
+ # so we do not break the build with /WX option:
+ # C4718: recursive call has no side effects, deleting
+ #
+ MSFT:*_VS2015x86_IA32_CC_FLAGS = /wd4718
+ MSFT:*_VS2015x86_X64_CC_FLAGS = /wd4718
- INTEL:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) /w
- INTEL:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) /w
+ INTEL:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) /w
+ INTEL:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) /w
#
# Suppress the following build warnings in openssl so we don't break the build with -Werror
@@ -619,11 +582,12 @@
# types appropriate to the format string specified.
# -Werror=unused-but-set-variable: Warn whenever a local variable is assigned to, but otherwise unused (aside from its declaration).
#
- GCC:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-error=unused-but-set-variable
- GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-error=format -Wno-format -Wno-error=unused-but-set-variable -DNO_MSABI_VA_FUNCS
+ GCC:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) -Wno-error=maybe-uninitialized -Wno-error=unused-but-set-variable
+ GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) -Wno-error=maybe-uninitialized -Wno-error=format -Wno-format -Wno-error=unused-but-set-variable -DNO_MSABI_VA_FUNCS
GCC:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-error=unused-but-set-variable
- GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-format -Wno-error=unused-but-set-variable
+ GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-format -Wno-error=unused-but-set-variable -Wno-error=format
GCC:*_*_RISCV64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-format -Wno-error=unused-but-set-variable
+ GCC:*_*_LOONGARCH64_CC_FLAGS = $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-format -Wno-error=unused-but-set-variable
GCC:*_CLANG35_*_CC_FLAGS = -std=c99 -Wno-error=uninitialized
GCC:*_CLANG38_*_CC_FLAGS = -std=c99 -Wno-error=uninitialized
GCC:*_CLANGPDB_*_CC_FLAGS = -std=c99 -Wno-error=uninitialized -Wno-error=incompatible-pointer-types -Wno-error=pointer-sign -Wno-error=implicit-function-declaration -Wno-error=ignored-pragma-optimize
@@ -647,9 +611,8 @@
# 1: ignore "#1-D: last line of file ends without a newline"
# 3017: may be used before being set (NOTE: This was fixed in OpenSSL 1.1 HEAD with
# commit d9b8b89bec4480de3a10bdaf9425db371c19145b, and can be dropped then.)
- RVCT:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS) --library_interface=aeabi_clib99 --diag_suppress=1296,1295,550,1293,111,68,177,223,144,513,188,128,546,1,3017 -JCryptoPkg/Include
- XCODE:*_*_IA32_CC_FLAGS = -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -w -std=c99 -Wno-error=uninitialized
- XCODE:*_*_X64_CC_FLAGS = -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -w -std=c99 -Wno-error=uninitialized
+ XCODE:*_*_IA32_CC_FLAGS = -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) -w -std=c99 -Wno-error=uninitialized
+ XCODE:*_*_X64_CC_FLAGS = -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) -w -std=c99 -Wno-error=uninitialized
#
# AARCH64 uses strict alignment and avoids SIMD registers for code that may execute