CryptoPkg/OpensslLib: Create SM3-only version of the library

Create a special OpensslLib implementation that only exposes the SM3
routines that MbedTlsLib borrows from OpensslLib, to avoid having to
pull in other parts of OpenSSL that are not needed (e.g., via the
library constructor)

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>

CryptoPkg/CryptoPkg.dsc

@@ -372,6 +372,7 @@
   CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
   CryptoPkg/Library/OpensslLib/OpensslLib.inf
   CryptoPkg/Library/OpensslLib/OpensslLibFull.inf
+  CryptoPkg/Library/OpensslLib/OpensslLibSm3.inf
   CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
   CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.inf
   CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.inf

CryptoPkg/Library/OpensslLib/OpensslLibSm3.inf

@@ -0,0 +1,30 @@
+## @file
+#  Minimal OpensslLib implementation that only provides SM3 and nothing else.
+#  Needed by MbedTlsLib.
+#
+#  Copyright (c) 2024, Google LLC. All rights reserved.<BR>
+#
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION                    = 1.30
+  BASE_NAME                      = OpensslLibSm3
+  FILE_GUID                      = 96469bab-9c3f-4a60-a583-71a8bda64ec9
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = OpensslLib
+
+  DEFINE OPENSSL_PATH            = openssl
+
+[Sources]
+  $(OPENSSL_PATH)/crypto/sm3/sm3.c
+  OpensslStub/OpensslCleanse.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+  BaseMemoryLib

CryptoPkg/Library/OpensslLib/OpensslStub/OpensslCleanse.c

@@ -0,0 +1,20 @@
+/** @file
+  Minimal implementation of OPENSSL_cleanse for OpensslLibSm3.inf.
+
+  Copyright (c) 2024, Google LLC. All rights reserved.<BR>
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Base.h>
+#include <Library/BaseMemoryLib.h>
+
+VOID
+OPENSSL_cleanse (
+  VOID   *Buffer,
+  UINTN  Size
+  )
+{
+  ZeroMem (Buffer, Size);
+}