external/boringssl: Sync to 689019fe40d5ad94df46ffeebcd794ff359a7074.
This includes the following changes:
https://boringssl.googlesource.com/boringssl/+log/67e64342c1aa0b31b0b5c11e5ee21c481ce530e8..689019fe40d5ad94df46ffeebcd794ff359a7074
Test: BoringSSL CTS Presubmits
Change-Id: Ib675c5478b0e45270e31248d1dadc5f4841da990
diff --git a/BORINGSSL_REVISION b/BORINGSSL_REVISION
index faafb6f..6defbc4 100644
--- a/BORINGSSL_REVISION
+++ b/BORINGSSL_REVISION
@@ -1 +1 @@
-67e64342c1aa0b31b0b5c11e5ee21c481ce530e8
+689019fe40d5ad94df46ffeebcd794ff359a7074
diff --git a/ios-aarch64/crypto/chacha/chacha-armv8.S b/ios-aarch64/crypto/chacha/chacha-armv8.S
index 195e8f0..1cb00b7 100644
--- a/ios-aarch64/crypto/chacha/chacha-armv8.S
+++ b/ios-aarch64/crypto/chacha/chacha-armv8.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
.text
@@ -1967,3 +1977,4 @@
ldp x29,x30,[sp],#96
ret
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-aarch64/crypto/fipsmodule/aesv8-armx64.S b/ios-aarch64/crypto/fipsmodule/aesv8-armx64.S
index 787cce2..fe4742f 100644
--- a/ios-aarch64/crypto/fipsmodule/aesv8-armx64.S
+++ b/ios-aarch64/crypto/fipsmodule/aesv8-armx64.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
#if __ARM_MAX_ARCH__>=7
@@ -751,3 +761,4 @@
ret
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-aarch64/crypto/fipsmodule/armv8-mont.S b/ios-aarch64/crypto/fipsmodule/armv8-mont.S
index 5626574..d228592 100644
--- a/ios-aarch64/crypto/fipsmodule/armv8-mont.S
+++ b/ios-aarch64/crypto/fipsmodule/armv8-mont.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.globl _bn_mul_mont
@@ -1403,3 +1413,4 @@
.byte 77,111,110,116,103,111,109,101,114,121,32,77,117,108,116,105,112,108,105,99,97,116,105,111,110,32,102,111,114,32,65,82,77,118,56,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
.align 2
.align 4
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-aarch64/crypto/fipsmodule/ghashv8-armx64.S b/ios-aarch64/crypto/fipsmodule/ghashv8-armx64.S
index c38134f..79a1df5 100644
--- a/ios-aarch64/crypto/fipsmodule/ghashv8-armx64.S
+++ b/ios-aarch64/crypto/fipsmodule/ghashv8-armx64.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
.text
@@ -229,3 +239,4 @@
.byte 71,72,65,83,72,32,102,111,114,32,65,82,77,118,56,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
.align 2
.align 2
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-aarch64/crypto/fipsmodule/sha1-armv8.S b/ios-aarch64/crypto/fipsmodule/sha1-armv8.S
index de9cdf8..61a5a80 100644
--- a/ios-aarch64/crypto/fipsmodule/sha1-armv8.S
+++ b/ios-aarch64/crypto/fipsmodule/sha1-armv8.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
.text
@@ -1220,3 +1230,4 @@
.align 2
.align 2
.comm _OPENSSL_armcap_P,4,4
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-aarch64/crypto/fipsmodule/sha256-armv8.S b/ios-aarch64/crypto/fipsmodule/sha256-armv8.S
index 43811dd..08c8ea2 100644
--- a/ios-aarch64/crypto/fipsmodule/sha256-armv8.S
+++ b/ios-aarch64/crypto/fipsmodule/sha256-armv8.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
// Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
//
// Licensed under the OpenSSL license (the "License"). You may not use
@@ -1199,3 +1209,4 @@
#ifndef __KERNEL__
.comm _OPENSSL_armcap_P,4,4
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-aarch64/crypto/fipsmodule/sha512-armv8.S b/ios-aarch64/crypto/fipsmodule/sha512-armv8.S
index 41159c3..0343672 100644
--- a/ios-aarch64/crypto/fipsmodule/sha512-armv8.S
+++ b/ios-aarch64/crypto/fipsmodule/sha512-armv8.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
// Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
//
// Licensed under the OpenSSL license (the "License"). You may not use
@@ -1071,3 +1081,4 @@
#ifndef __KERNEL__
.comm _OPENSSL_armcap_P,4,4
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-arm/crypto/chacha/chacha-armv4.S b/ios-arm/crypto/chacha/chacha-armv4.S
index 2ec7129..9f86ad5 100644
--- a/ios-arm/crypto/chacha/chacha-armv4.S
+++ b/ios-arm/crypto/chacha/chacha-armv4.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
@ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
@@ -1481,3 +1491,4 @@
.indirect_symbol _OPENSSL_armcap_P
.long 0
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-arm/crypto/fipsmodule/aes-armv4.S b/ios-arm/crypto/fipsmodule/aes-armv4.S
index b20b4b7..6543d8c 100644
--- a/ios-arm/crypto/fipsmodule/aes-armv4.S
+++ b/ios-arm/crypto/fipsmodule/aes-armv4.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
@ Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
@
@ Licensed under the OpenSSL license (the "License"). You may not use
@@ -1216,3 +1226,4 @@
.byte 65,69,83,32,102,111,114,32,65,82,77,118,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
.align 2
.align 2
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-arm/crypto/fipsmodule/aesv8-armx32.S b/ios-arm/crypto/fipsmodule/aesv8-armx32.S
index d44c88c..aafcea1 100644
--- a/ios-arm/crypto/fipsmodule/aesv8-armx32.S
+++ b/ios-arm/crypto/fipsmodule/aesv8-armx32.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
#if __ARM_MAX_ARCH__>=7
@@ -771,3 +781,4 @@
ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,pc}
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-arm/crypto/fipsmodule/armv4-mont.S b/ios-arm/crypto/fipsmodule/armv4-mont.S
index f1de893..7a502f0 100644
--- a/ios-arm/crypto/fipsmodule/armv4-mont.S
+++ b/ios-arm/crypto/fipsmodule/armv4-mont.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
@ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
@@ -965,3 +975,4 @@
.long 0
.private_extern _OPENSSL_armcap_P
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-arm/crypto/fipsmodule/bsaes-armv7.S b/ios-arm/crypto/fipsmodule/bsaes-armv7.S
index 6a0d4d3..beb294c 100644
--- a/ios-arm/crypto/fipsmodule/bsaes-armv7.S
+++ b/ios-arm/crypto/fipsmodule/bsaes-armv7.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
@ Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
@
@ Licensed under the OpenSSL license (the "License"). You may not use
@@ -2573,3 +2583,4 @@
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-arm/crypto/fipsmodule/ghash-armv4.S b/ios-arm/crypto/fipsmodule/ghash-armv4.S
index ace157f..efb018c 100644
--- a/ios-arm/crypto/fipsmodule/ghash-armv4.S
+++ b/ios-arm/crypto/fipsmodule/ghash-armv4.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
@ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
@@ -586,3 +596,4 @@
.byte 71,72,65,83,72,32,102,111,114,32,65,82,77,118,52,47,78,69,79,78,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
.align 2
.align 2
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-arm/crypto/fipsmodule/ghashv8-armx32.S b/ios-arm/crypto/fipsmodule/ghashv8-armx32.S
index cbe8eb8..946293a 100644
--- a/ios-arm/crypto/fipsmodule/ghashv8-armx32.S
+++ b/ios-arm/crypto/fipsmodule/ghashv8-armx32.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
.text
@@ -239,3 +249,4 @@
.byte 71,72,65,83,72,32,102,111,114,32,65,82,77,118,56,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
.align 2
.align 2
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-arm/crypto/fipsmodule/sha1-armv4-large.S b/ios-arm/crypto/fipsmodule/sha1-armv4-large.S
index f97072c..8b1790a 100644
--- a/ios-arm/crypto/fipsmodule/sha1-armv4-large.S
+++ b/ios-arm/crypto/fipsmodule/sha1-armv4-large.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
.text
@@ -1501,3 +1511,4 @@
.long 0
.private_extern _OPENSSL_armcap_P
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-arm/crypto/fipsmodule/sha256-armv4.S b/ios-arm/crypto/fipsmodule/sha256-armv4.S
index 7be4b6e..a101952 100644
--- a/ios-arm/crypto/fipsmodule/sha256-armv4.S
+++ b/ios-arm/crypto/fipsmodule/sha256-armv4.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
@ Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
@
@ Licensed under the OpenSSL license (the "License"). You may not use
@@ -2829,3 +2839,4 @@
.long 0
.private_extern _OPENSSL_armcap_P
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/ios-arm/crypto/fipsmodule/sha512-armv4.S b/ios-arm/crypto/fipsmodule/sha512-armv4.S
index 68aa98d..ddaa1a0 100644
--- a/ios-arm/crypto/fipsmodule/sha512-armv4.S
+++ b/ios-arm/crypto/fipsmodule/sha512-armv4.S
@@ -1,3 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
@ Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
@
@ Licensed under the OpenSSL license (the "License"). You may not use
@@ -1882,3 +1892,4 @@
.long 0
.private_extern _OPENSSL_armcap_P
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-aarch64/crypto/chacha/chacha-armv8.S b/linux-aarch64/crypto/chacha/chacha-armv8.S
index 6ff6bff..1832a30 100644
--- a/linux-aarch64/crypto/chacha/chacha-armv8.S
+++ b/linux-aarch64/crypto/chacha/chacha-armv8.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__aarch64__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
.text
@@ -1969,3 +1979,4 @@
ret
.size ChaCha20_512_neon,.-ChaCha20_512_neon
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-aarch64/crypto/fipsmodule/aesv8-armx64.S b/linux-aarch64/crypto/fipsmodule/aesv8-armx64.S
index 0903773..0e5526f 100644
--- a/linux-aarch64/crypto/fipsmodule/aesv8-armx64.S
+++ b/linux-aarch64/crypto/fipsmodule/aesv8-armx64.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__aarch64__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
#if __ARM_MAX_ARCH__>=7
@@ -753,3 +763,4 @@
.size aes_hw_ctr32_encrypt_blocks,.-aes_hw_ctr32_encrypt_blocks
#endif
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-aarch64/crypto/fipsmodule/armv8-mont.S b/linux-aarch64/crypto/fipsmodule/armv8-mont.S
index 74702db..c65dd18 100644
--- a/linux-aarch64/crypto/fipsmodule/armv8-mont.S
+++ b/linux-aarch64/crypto/fipsmodule/armv8-mont.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__aarch64__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.globl bn_mul_mont
@@ -1405,3 +1415,4 @@
.align 2
.align 4
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-aarch64/crypto/fipsmodule/ghashv8-armx64.S b/linux-aarch64/crypto/fipsmodule/ghashv8-armx64.S
index fd0d153..f3ae6c7 100644
--- a/linux-aarch64/crypto/fipsmodule/ghashv8-armx64.S
+++ b/linux-aarch64/crypto/fipsmodule/ghashv8-armx64.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__aarch64__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
.text
@@ -231,3 +241,4 @@
.align 2
.align 2
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-aarch64/crypto/fipsmodule/sha1-armv8.S b/linux-aarch64/crypto/fipsmodule/sha1-armv8.S
index ff361f4..5cd02b7 100644
--- a/linux-aarch64/crypto/fipsmodule/sha1-armv8.S
+++ b/linux-aarch64/crypto/fipsmodule/sha1-armv8.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__aarch64__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
.text
@@ -1222,3 +1232,4 @@
.align 2
.comm OPENSSL_armcap_P,4,4
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-aarch64/crypto/fipsmodule/sha256-armv8.S b/linux-aarch64/crypto/fipsmodule/sha256-armv8.S
index 19db339..aefcc88 100644
--- a/linux-aarch64/crypto/fipsmodule/sha256-armv8.S
+++ b/linux-aarch64/crypto/fipsmodule/sha256-armv8.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__aarch64__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
// Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
//
// Licensed under the OpenSSL license (the "License"). You may not use
@@ -1201,3 +1211,4 @@
.comm OPENSSL_armcap_P,4,4
#endif
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-aarch64/crypto/fipsmodule/sha512-armv8.S b/linux-aarch64/crypto/fipsmodule/sha512-armv8.S
index bb052b7..18f909a 100644
--- a/linux-aarch64/crypto/fipsmodule/sha512-armv8.S
+++ b/linux-aarch64/crypto/fipsmodule/sha512-armv8.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__aarch64__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
// Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
//
// Licensed under the OpenSSL license (the "License"). You may not use
@@ -1073,3 +1083,4 @@
.comm OPENSSL_armcap_P,4,4
#endif
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-arm/crypto/chacha/chacha-armv4.S b/linux-arm/crypto/chacha/chacha-armv4.S
index bb48d17..489021c 100644
--- a/linux-arm/crypto/chacha/chacha-armv4.S
+++ b/linux-arm/crypto/chacha/chacha-armv4.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__arm__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
@ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
@@ -1475,3 +1485,4 @@
.comm OPENSSL_armcap_P,4,4
#endif
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-arm/crypto/fipsmodule/aes-armv4.S b/linux-arm/crypto/fipsmodule/aes-armv4.S
index 83dc7c3..cdd91ae 100644
--- a/linux-arm/crypto/fipsmodule/aes-armv4.S
+++ b/linux-arm/crypto/fipsmodule/aes-armv4.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__arm__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
@ Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
@
@ Licensed under the OpenSSL license (the "License"). You may not use
@@ -1204,3 +1214,4 @@
.align 2
.align 2
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-arm/crypto/fipsmodule/aesv8-armx32.S b/linux-arm/crypto/fipsmodule/aesv8-armx32.S
index 7c7ef19..bdda4c3 100644
--- a/linux-arm/crypto/fipsmodule/aesv8-armx32.S
+++ b/linux-arm/crypto/fipsmodule/aesv8-armx32.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__arm__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
#if __ARM_MAX_ARCH__>=7
@@ -761,3 +771,4 @@
.size aes_hw_ctr32_encrypt_blocks,.-aes_hw_ctr32_encrypt_blocks
#endif
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-arm/crypto/fipsmodule/armv4-mont.S b/linux-arm/crypto/fipsmodule/armv4-mont.S
index d5685f8..6a01ae0 100644
--- a/linux-arm/crypto/fipsmodule/armv4-mont.S
+++ b/linux-arm/crypto/fipsmodule/armv4-mont.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__arm__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
@ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
@@ -959,3 +969,4 @@
.hidden OPENSSL_armcap_P
#endif
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-arm/crypto/fipsmodule/bsaes-armv7.S b/linux-arm/crypto/fipsmodule/bsaes-armv7.S
index a0b1e82..4b53131 100644
--- a/linux-arm/crypto/fipsmodule/bsaes-armv7.S
+++ b/linux-arm/crypto/fipsmodule/bsaes-armv7.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__arm__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
@ Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
@
@ Licensed under the OpenSSL license (the "License"). You may not use
@@ -2561,3 +2571,4 @@
.size bsaes_xts_decrypt,.-bsaes_xts_decrypt
#endif
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-arm/crypto/fipsmodule/ghash-armv4.S b/linux-arm/crypto/fipsmodule/ghash-armv4.S
index 2ead979..99b2bc3 100644
--- a/linux-arm/crypto/fipsmodule/ghash-armv4.S
+++ b/linux-arm/crypto/fipsmodule/ghash-armv4.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__arm__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
@ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
@@ -576,3 +586,4 @@
.align 2
.align 2
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-arm/crypto/fipsmodule/ghashv8-armx32.S b/linux-arm/crypto/fipsmodule/ghashv8-armx32.S
index 94377c5..10a9b4d 100644
--- a/linux-arm/crypto/fipsmodule/ghashv8-armx32.S
+++ b/linux-arm/crypto/fipsmodule/ghashv8-armx32.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__arm__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
.text
@@ -235,3 +245,4 @@
.align 2
.align 2
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-arm/crypto/fipsmodule/sha1-armv4-large.S b/linux-arm/crypto/fipsmodule/sha1-armv4-large.S
index a5d88f7..e168d68 100644
--- a/linux-arm/crypto/fipsmodule/sha1-armv4-large.S
+++ b/linux-arm/crypto/fipsmodule/sha1-armv4-large.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__arm__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
#include <openssl/arm_arch.h>
.text
@@ -1493,3 +1503,4 @@
.hidden OPENSSL_armcap_P
#endif
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-arm/crypto/fipsmodule/sha256-armv4.S b/linux-arm/crypto/fipsmodule/sha256-armv4.S
index 3479a75..e5092df 100644
--- a/linux-arm/crypto/fipsmodule/sha256-armv4.S
+++ b/linux-arm/crypto/fipsmodule/sha256-armv4.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__arm__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
@ Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
@
@ Licensed under the OpenSSL license (the "License"). You may not use
@@ -2821,3 +2831,4 @@
.hidden OPENSSL_armcap_P
#endif
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-arm/crypto/fipsmodule/sha512-armv4.S b/linux-arm/crypto/fipsmodule/sha512-armv4.S
index f02c0ff..5f1b67e 100644
--- a/linux-arm/crypto/fipsmodule/sha512-armv4.S
+++ b/linux-arm/crypto/fipsmodule/sha512-armv4.S
@@ -1,4 +1,14 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
#if defined(__arm__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
@ Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
@
@ Licensed under the OpenSSL license (the "License"). You may not use
@@ -1876,3 +1886,4 @@
.hidden OPENSSL_armcap_P
#endif
#endif
+#endif // !OPENSSL_NO_ASM
diff --git a/linux-ppc64le/crypto/fipsmodule/aesp8-ppc.S b/linux-ppc64le/crypto/fipsmodule/aesp8-ppc.S
index a2ad2d1..89c5926 100644
--- a/linux-ppc64le/crypto/fipsmodule/aesp8-ppc.S
+++ b/linux-ppc64le/crypto/fipsmodule/aesp8-ppc.S
@@ -1,3 +1,10 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)"
+#define OPENSSL_NO_ASM"
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM) && defined(__powerpc64__)
.machine "any"
.abiversion 2
@@ -3656,3 +3663,4 @@
blr
.long 0
.byte 0,12,0x14,0,0,0,0,0
+#endif // !OPENSSL_NO_ASM && __powerpc64__
diff --git a/linux-ppc64le/crypto/fipsmodule/ghashp8-ppc.S b/linux-ppc64le/crypto/fipsmodule/ghashp8-ppc.S
index 0b7a2d0..f6ac424 100644
--- a/linux-ppc64le/crypto/fipsmodule/ghashp8-ppc.S
+++ b/linux-ppc64le/crypto/fipsmodule/ghashp8-ppc.S
@@ -1,3 +1,10 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)"
+#define OPENSSL_NO_ASM"
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM) && defined(__powerpc64__)
.machine "any"
.abiversion 2
@@ -573,3 +580,4 @@
.byte 71,72,65,83,72,32,102,111,114,32,80,111,119,101,114,73,83,65,32,50,46,48,55,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
.align 2
.align 2
+#endif // !OPENSSL_NO_ASM && __powerpc64__
diff --git a/linux-x86_64/crypto/chacha/chacha-x86_64.S b/linux-x86_64/crypto/chacha/chacha-x86_64.S
index 62dc779..c202957 100644
--- a/linux-x86_64/crypto/chacha/chacha-x86_64.S
+++ b/linux-x86_64/crypto/chacha/chacha-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.extern OPENSSL_ia32cap_P
diff --git a/linux-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.S b/linux-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.S
index 42e25f4..0d5b7ec 100644
--- a/linux-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.S
+++ b/linux-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.data
.align 16
diff --git a/linux-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.S b/linux-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.S
index a6f5e07..a466f13 100644
--- a/linux-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.S
+++ b/linux-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.extern OPENSSL_ia32cap_P
.hidden OPENSSL_ia32cap_P
diff --git a/linux-x86_64/crypto/fipsmodule/aes-x86_64.S b/linux-x86_64/crypto/fipsmodule/aes-x86_64.S
index 65bcbf4..43b4e7d 100644
--- a/linux-x86_64/crypto/fipsmodule/aes-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/aes-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.type _x86_64_AES_encrypt,@function
.align 16
diff --git a/linux-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.S b/linux-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.S
index e7b4c48..1b7ef99 100644
--- a/linux-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.type _aesni_ctr32_ghash_6x,@function
diff --git a/linux-x86_64/crypto/fipsmodule/aesni-x86_64.S b/linux-x86_64/crypto/fipsmodule/aesni-x86_64.S
index fabf92b..44d5156 100644
--- a/linux-x86_64/crypto/fipsmodule/aesni-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/aesni-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.extern OPENSSL_ia32cap_P
.hidden OPENSSL_ia32cap_P
diff --git a/linux-x86_64/crypto/fipsmodule/bsaes-x86_64.S b/linux-x86_64/crypto/fipsmodule/bsaes-x86_64.S
index eb5c8cb..bc69c5d 100644
--- a/linux-x86_64/crypto/fipsmodule/bsaes-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/bsaes-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.extern aes_nohw_encrypt
diff --git a/linux-x86_64/crypto/fipsmodule/ghash-x86_64.S b/linux-x86_64/crypto/fipsmodule/ghash-x86_64.S
index 574d55a..00804c2 100644
--- a/linux-x86_64/crypto/fipsmodule/ghash-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/ghash-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.extern OPENSSL_ia32cap_P
.hidden OPENSSL_ia32cap_P
diff --git a/linux-x86_64/crypto/fipsmodule/md5-x86_64.S b/linux-x86_64/crypto/fipsmodule/md5-x86_64.S
index 8af6504..0713f96 100644
--- a/linux-x86_64/crypto/fipsmodule/md5-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/md5-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.align 16
diff --git a/linux-x86_64/crypto/fipsmodule/p256-x86_64-asm.S b/linux-x86_64/crypto/fipsmodule/p256-x86_64-asm.S
index 46a9483..267e436 100644
--- a/linux-x86_64/crypto/fipsmodule/p256-x86_64-asm.S
+++ b/linux-x86_64/crypto/fipsmodule/p256-x86_64-asm.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.extern OPENSSL_ia32cap_P
.hidden OPENSSL_ia32cap_P
diff --git a/linux-x86_64/crypto/fipsmodule/rdrand-x86_64.S b/linux-x86_64/crypto/fipsmodule/rdrand-x86_64.S
index 86fa94c..dc0d43c 100644
--- a/linux-x86_64/crypto/fipsmodule/rdrand-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/rdrand-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
diff --git a/linux-x86_64/crypto/fipsmodule/rsaz-avx2.S b/linux-x86_64/crypto/fipsmodule/rsaz-avx2.S
index e6db7f6..8dd5137 100644
--- a/linux-x86_64/crypto/fipsmodule/rsaz-avx2.S
+++ b/linux-x86_64/crypto/fipsmodule/rsaz-avx2.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.globl rsaz_1024_sqr_avx2
diff --git a/linux-x86_64/crypto/fipsmodule/sha1-x86_64.S b/linux-x86_64/crypto/fipsmodule/sha1-x86_64.S
index 186ac61..d9629ea 100644
--- a/linux-x86_64/crypto/fipsmodule/sha1-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/sha1-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.extern OPENSSL_ia32cap_P
.hidden OPENSSL_ia32cap_P
diff --git a/linux-x86_64/crypto/fipsmodule/sha256-x86_64.S b/linux-x86_64/crypto/fipsmodule/sha256-x86_64.S
index 175f218..c08afe8 100644
--- a/linux-x86_64/crypto/fipsmodule/sha256-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/sha256-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.extern OPENSSL_ia32cap_P
diff --git a/linux-x86_64/crypto/fipsmodule/sha512-x86_64.S b/linux-x86_64/crypto/fipsmodule/sha512-x86_64.S
index be198bc..e2551fc 100644
--- a/linux-x86_64/crypto/fipsmodule/sha512-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/sha512-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.extern OPENSSL_ia32cap_P
diff --git a/linux-x86_64/crypto/fipsmodule/vpaes-x86_64.S b/linux-x86_64/crypto/fipsmodule/vpaes-x86_64.S
index f3a089d..91b7aae 100644
--- a/linux-x86_64/crypto/fipsmodule/vpaes-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/vpaes-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
diff --git a/linux-x86_64/crypto/fipsmodule/x86_64-mont.S b/linux-x86_64/crypto/fipsmodule/x86_64-mont.S
index 3d867cd..7bcfbe9 100644
--- a/linux-x86_64/crypto/fipsmodule/x86_64-mont.S
+++ b/linux-x86_64/crypto/fipsmodule/x86_64-mont.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.extern OPENSSL_ia32cap_P
diff --git a/linux-x86_64/crypto/fipsmodule/x86_64-mont5.S b/linux-x86_64/crypto/fipsmodule/x86_64-mont5.S
index bc4e274..d98a045 100644
--- a/linux-x86_64/crypto/fipsmodule/x86_64-mont5.S
+++ b/linux-x86_64/crypto/fipsmodule/x86_64-mont5.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.extern OPENSSL_ia32cap_P
diff --git a/mac-x86_64/crypto/chacha/chacha-x86_64.S b/mac-x86_64/crypto/chacha/chacha-x86_64.S
index 30edc7b..7b428ec 100644
--- a/mac-x86_64/crypto/chacha/chacha-x86_64.S
+++ b/mac-x86_64/crypto/chacha/chacha-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
diff --git a/mac-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.S b/mac-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.S
index c8a5262..0b51d06 100644
--- a/mac-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.S
+++ b/mac-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.data
.p2align 4
diff --git a/mac-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.S b/mac-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.S
index c90447a..d2a1ed2 100644
--- a/mac-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.S
+++ b/mac-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
diff --git a/mac-x86_64/crypto/fipsmodule/aes-x86_64.S b/mac-x86_64/crypto/fipsmodule/aes-x86_64.S
index efe34c9..6e3b750 100644
--- a/mac-x86_64/crypto/fipsmodule/aes-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/aes-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.p2align 4
diff --git a/mac-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.S b/mac-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.S
index 2513904..816ea86 100644
--- a/mac-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
diff --git a/mac-x86_64/crypto/fipsmodule/aesni-x86_64.S b/mac-x86_64/crypto/fipsmodule/aesni-x86_64.S
index 3fa8cf8..b9788be 100644
--- a/mac-x86_64/crypto/fipsmodule/aesni-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/aesni-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.globl _aes_hw_encrypt
diff --git a/mac-x86_64/crypto/fipsmodule/bsaes-x86_64.S b/mac-x86_64/crypto/fipsmodule/bsaes-x86_64.S
index 9a4068a..f144752 100644
--- a/mac-x86_64/crypto/fipsmodule/bsaes-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/bsaes-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
diff --git a/mac-x86_64/crypto/fipsmodule/ghash-x86_64.S b/mac-x86_64/crypto/fipsmodule/ghash-x86_64.S
index bbb33c2..835abc4 100644
--- a/mac-x86_64/crypto/fipsmodule/ghash-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/ghash-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
diff --git a/mac-x86_64/crypto/fipsmodule/md5-x86_64.S b/mac-x86_64/crypto/fipsmodule/md5-x86_64.S
index 776c116..829cc00 100644
--- a/mac-x86_64/crypto/fipsmodule/md5-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/md5-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.p2align 4
diff --git a/mac-x86_64/crypto/fipsmodule/p256-x86_64-asm.S b/mac-x86_64/crypto/fipsmodule/p256-x86_64-asm.S
index 1365893..03890a9 100644
--- a/mac-x86_64/crypto/fipsmodule/p256-x86_64-asm.S
+++ b/mac-x86_64/crypto/fipsmodule/p256-x86_64-asm.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
diff --git a/mac-x86_64/crypto/fipsmodule/rdrand-x86_64.S b/mac-x86_64/crypto/fipsmodule/rdrand-x86_64.S
index 0ac2238..f9dfcbf 100644
--- a/mac-x86_64/crypto/fipsmodule/rdrand-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/rdrand-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
diff --git a/mac-x86_64/crypto/fipsmodule/rsaz-avx2.S b/mac-x86_64/crypto/fipsmodule/rsaz-avx2.S
index c82c9d6..d31293f 100644
--- a/mac-x86_64/crypto/fipsmodule/rsaz-avx2.S
+++ b/mac-x86_64/crypto/fipsmodule/rsaz-avx2.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
.globl _rsaz_1024_sqr_avx2
diff --git a/mac-x86_64/crypto/fipsmodule/sha1-x86_64.S b/mac-x86_64/crypto/fipsmodule/sha1-x86_64.S
index b398f23..59423b2 100644
--- a/mac-x86_64/crypto/fipsmodule/sha1-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/sha1-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
diff --git a/mac-x86_64/crypto/fipsmodule/sha256-x86_64.S b/mac-x86_64/crypto/fipsmodule/sha256-x86_64.S
index 591f76c..ea50ea8 100644
--- a/mac-x86_64/crypto/fipsmodule/sha256-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/sha256-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
diff --git a/mac-x86_64/crypto/fipsmodule/sha512-x86_64.S b/mac-x86_64/crypto/fipsmodule/sha512-x86_64.S
index 258f974..68c30f3 100644
--- a/mac-x86_64/crypto/fipsmodule/sha512-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/sha512-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
diff --git a/mac-x86_64/crypto/fipsmodule/vpaes-x86_64.S b/mac-x86_64/crypto/fipsmodule/vpaes-x86_64.S
index 867df68..e582f15 100644
--- a/mac-x86_64/crypto/fipsmodule/vpaes-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/vpaes-x86_64.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
diff --git a/mac-x86_64/crypto/fipsmodule/x86_64-mont.S b/mac-x86_64/crypto/fipsmodule/x86_64-mont.S
index 8bf6d55..6d0ea6d 100644
--- a/mac-x86_64/crypto/fipsmodule/x86_64-mont.S
+++ b/mac-x86_64/crypto/fipsmodule/x86_64-mont.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
diff --git a/mac-x86_64/crypto/fipsmodule/x86_64-mont5.S b/mac-x86_64/crypto/fipsmodule/x86_64-mont5.S
index c8c888d..0db3c3c 100644
--- a/mac-x86_64/crypto/fipsmodule/x86_64-mont5.S
+++ b/mac-x86_64/crypto/fipsmodule/x86_64-mont5.S
@@ -1,4 +1,13 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
.text
diff --git a/sources.bp b/sources.bp
index f1cfffe..ee44f4e 100644
--- a/sources.bp
+++ b/sources.bp
@@ -397,6 +397,7 @@
"src/crypto/cmac/cmac_test.cc",
"src/crypto/compiler_test.cc",
"src/crypto/constant_time_test.cc",
+ "src/crypto/cpu-arm-linux_test.cc",
"src/crypto/curve25519/ed25519_test.cc",
"src/crypto/curve25519/spake25519_test.cc",
"src/crypto/curve25519/x25519_test.cc",
@@ -426,6 +427,7 @@
"src/crypto/pkcs8/pkcs8_test.cc",
"src/crypto/poly1305/poly1305_test.cc",
"src/crypto/pool/pool_test.cc",
+ "src/crypto/rand_extra/rand_test.cc",
"src/crypto/refcount_test.cc",
"src/crypto/rsa_extra/rsa_test.cc",
"src/crypto/self_test.cc",
diff --git a/src/API-CONVENTIONS.md b/src/API-CONVENTIONS.md
index 7b33797..e322249 100644
--- a/src/API-CONVENTIONS.md
+++ b/src/API-CONVENTIONS.md
@@ -98,7 +98,10 @@
`openssl/base.h`. Code that needs access to the free functions, such as code
which destroys a `bssl::UniquePtr`, must include the corresponding module's
header. (This matches `std::unique_ptr`'s relationship with forward
-declarations.)
+declarations.) Note, despite the name, `bssl::UniquePtr` is also used with
+reference-counted types. It owns a single reference to the object. To take an
+additional reference, use the `bssl::UpRef` function, which will return a
+separate `bssl::UniquePtr`.
### Stack-allocated types
@@ -175,6 +178,67 @@
used freely without special cleanup conventions.
+### Ownership and lifetime
+
+When working with allocated objects, it is important to think about *ownership*
+of each object, or what code is responsible for releasing it. This matches the
+corresponding notion in higher-level languages like C++ and Rust.
+
+Ownership applies to both uniquely-owned types and reference-counted types. For
+the latter, ownership means the code is responsible for releasing one
+reference. Note a *reference* in BoringSSL refers to an increment (and eventual
+decrement) of an object's reference count, not `T&` in C++. Thus, to "take a
+reference" means to increment the reference count and take ownership of
+decrementing it.
+
+As BoringSSL's APIs are primarily in C, ownership and lifetime obligations are
+not rigorously annotated in the type signatures or checked at compile-time.
+Instead, they are described in
+[API documentation](https://commondatastorage.googleapis.com/chromium-boringssl-docs/headers.html).
+This section describes some conventions.
+
+Unless otherwise documented, functions do not take ownership of pointer
+arguments. The pointer typically must remain valid for the duration of the
+function call. The function may internally copy information from the argument or
+take a reference, but the caller is free to release its copy or reference at any
+point after the call completes.
+
+A function may instead be documented to *take* or *transfer* ownership of a
+pointer. The caller must own the object before the function call and, after
+transfer, no longer owns it. As a corollary, the caller may no longer reference
+the object without a separate guarantee on the lifetime. The function may even
+release the object before returning. Callers that wish to independently retain a
+transfered object must therefore take a reference or make a copy before
+transferring. Callers should also take note of whether the function is
+documented to transfer pointers unconditionally or only on success. Unlike C++
+and Rust, functions in BoringSSL typically only transfer on success.
+
+Likewise, output pointers may be owning or non-owning. Unless otherwise
+documented, functions output non-owning pointers. The caller is not responsible
+for releasing the output pointer, but it must not use the pointer beyond its
+lifetime. The pointer may be released when the parent object is released or even
+sooner on state change in the parent object.
+
+If documented to output a *newly-allocated* object or a *reference* or *copy* of
+one, the caller is responsible for releasing the object when it is done.
+
+By convention, functions named `get0` return non-owning pointers. Functions
+named `new` or `get1` return owning pointers. Functions named `set0` take
+ownership of arguments. Functions named `set1` do not. They typically take a
+reference or make a copy internally. These names originally referred to the
+effect on a reference count, but the convention applies equally to
+non-reference-counted types.
+
+API documentation may also describe more complex obligations. For instance, an
+object may borrow a pointer for longer than the duration of a single function
+call, in which case the caller must ensure the lifetime extends accordingly.
+
+Memory errors are one of the most common and dangerous bugs in C and C++, so
+callers are encouraged to make use of tools such as
+[AddressSanitizer](https://clang.llvm.org/docs/AddressSanitizer.html) and
+higher-level languages.
+
+
## Thread safety
BoringSSL is internally aware of the platform threading library and calls into
diff --git a/src/BUILDING.md b/src/BUILDING.md
index 19dbe01..9bf9cb2 100644
--- a/src/BUILDING.md
+++ b/src/BUILDING.md
@@ -110,6 +110,28 @@
Passing multiple architectures for a multiple-architecture build is not
supported.
+### Building with Prefixed Symbols
+
+BoringSSL's build system has experimental support for adding a custom prefix to
+all symbols. This can be useful when linking multiple versions of BoringSSL in
+the same project to avoid symbol conflicts.
+
+In order to build with prefixed symbols, the `BORINGSSL_PREFIX` CMake variable
+should specify the prefix to add to all symbols, and the
+`BORINGSSL_PREFIX_SYMBOLS` CMake variable should specify the path to a file
+which contains a list of symbols which should be prefixed (one per line;
+comments are supported with `#`). In other words, `cmake ..
+-DBORINGSSL_PREFIX=MY_CUSTOM_PREFIX
+-DBORINGSSL_PREFIX_SYMBOLS=/path/to/symbols.txt` will configure the build to add
+the prefix `MY_CUSTOM_PREFIX` to all of the symbols listed in
+`/path/to/symbols.txt`.
+
+It is currently the caller's responsibility to create and maintain the list of
+symbols to be prefixed.
+
+This mechanism is under development and may change over time. Please contact the
+BoringSSL maintainers if making use of it.
+
## Known Limitations on Windows
* Versions of CMake since 3.0.2 have a bug in its Ninja generator that causes
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index b9e0101..c614a65 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -20,6 +20,11 @@
enable_language(C)
enable_language(CXX)
+# This is a dummy target which all other targets depend on (manually - see other
+# CMakeLists.txt files). This gives us a hook to add any targets which need to
+# run before all other targets.
+add_custom_target(global_target)
+
if(ANDROID)
# Android-NDK CMake files reconfigure the path and so Go and Perl won't be
# found. However, ninja will still find them in $PATH if we just name them.
@@ -41,10 +46,37 @@
if(USE_CUSTOM_LIBCXX)
set(BORINGSSL_ALLOW_CXX_RUNTIME 1)
endif()
+
if(BORINGSSL_ALLOW_CXX_RUNTIME)
add_definitions(-DBORINGSSL_ALLOW_CXX_RUNTIME)
endif()
+if(BORINGSSL_PREFIX AND BORINGSSL_PREFIX_SYMBOLS)
+ add_definitions(-DBORINGSSL_PREFIX=${BORINGSSL_PREFIX})
+
+ # Use "symbol_prefix_include" to store generated header files
+ include_directories(${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include)
+ add_custom_command(
+ OUTPUT symbol_prefix_include/boringssl_prefix_symbols.h
+ symbol_prefix_include/boringssl_prefix_symbols_asm.h
+ symbol_prefix_include/boringssl_prefix_symbols_nasm.inc
+ COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include
+ COMMAND ${GO_EXECUTABLE} run ${CMAKE_CURRENT_SOURCE_DIR}/util/make_prefix_headers.go -out ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include ${BORINGSSL_PREFIX_SYMBOLS}
+ DEPENDS util/make_prefix_headers.go
+ ${CMAKE_BINARY_DIR}/${BORINGSSL_PREFIX_SYMBOLS})
+
+ # add_dependencies needs a target, not a file, so we add an intermediate
+ # target.
+ add_custom_target(
+ boringssl_prefix_symbols
+ DEPENDS symbol_prefix_include/boringssl_prefix_symbols.h
+ symbol_prefix_include/boringssl_prefix_symbols_asm.h
+ symbol_prefix_include/boringssl_prefix_symbols_nasm.inc)
+ add_dependencies(global_target boringssl_prefix_symbols)
+elseif(BORINGSSL_PREFIX OR BORINGSSL_PREFIX_SYMBOLS)
+ message(FATAL_ERROR "Must specify both or neither of BORINGSSL_PREFIX and BORINGSSL_PREFIX_SYMBOLS")
+endif()
+
if(CMAKE_CXX_COMPILER_ID MATCHES "Clang")
set(CLANG 1)
endif()
@@ -242,7 +274,7 @@
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer")
- set(OPENSSL_NO_ASM "1")
+ set(CMAKE_ASM_FLAGS "${CMAKE_ASM_FLAGS} -fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer")
endif()
if(ASAN)
@@ -252,7 +284,6 @@
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address -fsanitize-address-use-after-scope -fno-omit-frame-pointer")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address -fsanitize-address-use-after-scope -fno-omit-frame-pointer")
- set(OPENSSL_NO_ASM "1")
endif()
if(CFI)
@@ -442,7 +473,6 @@
add_library(crypto_test_data OBJECT crypto_test_data.cc)
add_subdirectory(crypto)
-add_subdirectory(third_party/fiat)
add_subdirectory(ssl)
add_subdirectory(ssl/test)
add_subdirectory(fipstools)
diff --git a/src/crypto/CMakeLists.txt b/src/crypto/CMakeLists.txt
index 2684750..78b835c 100644
--- a/src/crypto/CMakeLists.txt
+++ b/src/crypto/CMakeLists.txt
@@ -62,8 +62,14 @@
endif()
function(perlasm dest src)
+ get_filename_component(dir ${dest} DIRECTORY)
+ if ("${dir}" STREQUAL "")
+ set(dir ".")
+ endif()
+
add_custom_command(
OUTPUT ${dest}
+ COMMAND ${CMAKE_COMMAND} -E make_directory ${dir}
COMMAND ${PERL_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/${src} ${PERLASM_STYLE} ${PERLASM_FLAGS} ${ARGN} ${dest}
DEPENDS
${src}
@@ -78,78 +84,8 @@
)
endfunction()
-# Level 0.1 - depends on nothing outside this set.
-add_subdirectory(stack)
-add_subdirectory(lhash)
-add_subdirectory(err)
-add_subdirectory(buf)
-add_subdirectory(base64)
-add_subdirectory(bytestring)
-add_subdirectory(pool)
-
-# Level 0.2 - depends on nothing but itself
-add_subdirectory(rc4)
-add_subdirectory(conf)
-add_subdirectory(chacha)
-add_subdirectory(poly1305)
-add_subdirectory(curve25519)
-
-# Level 1, depends only on 0.*
-add_subdirectory(digest_extra)
-add_subdirectory(cipher_extra)
-add_subdirectory(rand_extra)
-add_subdirectory(bio)
-add_subdirectory(bn_extra)
-add_subdirectory(obj)
-add_subdirectory(asn1)
-
-# Level 2
-add_subdirectory(engine)
-add_subdirectory(dh)
-add_subdirectory(dsa)
-add_subdirectory(rsa_extra)
-add_subdirectory(ec_extra)
-add_subdirectory(ecdh_extra)
-add_subdirectory(ecdsa_extra)
-
-# Level 3
-add_subdirectory(cmac)
-add_subdirectory(evp)
-add_subdirectory(hkdf)
-add_subdirectory(pem)
-add_subdirectory(x509)
-add_subdirectory(x509v3)
-
-# Level 4
-add_subdirectory(pkcs7)
-add_subdirectory(pkcs8)
-
-# Test support code
-add_subdirectory(test)
-
add_subdirectory(fipsmodule)
-
-add_library(
- crypto_base
-
- OBJECT
-
- cpu-aarch64-fuchsia.c
- cpu-aarch64-linux.c
- cpu-arm.c
- cpu-arm-linux.c
- cpu-intel.c
- cpu-ppc64le.c
- crypto.c
- ex_data.c
- mem.c
- refcount_c11.c
- refcount_lock.c
- thread.c
- thread_none.c
- thread_pthread.c
- thread_win.c
-)
+add_subdirectory(test)
if(FIPS_DELOCATE)
SET_SOURCE_FILES_PROPERTIES(fipsmodule/bcm.o PROPERTIES EXTERNAL_OBJECT true)
@@ -162,50 +98,311 @@
)
endif()
+if(${ARCH} STREQUAL "arm")
+ set(
+ CRYPTO_ARCH_SOURCES
+
+ chacha/chacha-armv4.${ASM_EXT}
+ curve25519/asm/x25519-asm-arm.S
+ poly1305/poly1305_arm_asm.S
+ )
+endif()
+
+if(${ARCH} STREQUAL "aarch64")
+ set(
+ CRYPTO_ARCH_SOURCES
+
+ chacha/chacha-armv8.${ASM_EXT}
+ )
+endif()
+
+if(${ARCH} STREQUAL "x86")
+ set(
+ CRYPTO_ARCH_SOURCES
+
+ chacha/chacha-x86.${ASM_EXT}
+ )
+endif()
+
+if(${ARCH} STREQUAL "x86_64")
+ set(
+ CRYPTO_ARCH_SOURCES
+
+ chacha/chacha-x86_64.${ASM_EXT}
+ cipher_extra/aes128gcmsiv-x86_64.${ASM_EXT}
+ cipher_extra/chacha20_poly1305_x86_64.${ASM_EXT}
+ )
+endif()
+
+perlasm(chacha/chacha-armv4.${ASM_EXT} chacha/asm/chacha-armv4.pl)
+perlasm(chacha/chacha-armv8.${ASM_EXT} chacha/asm/chacha-armv8.pl)
+perlasm(chacha/chacha-x86.${ASM_EXT} chacha/asm/chacha-x86.pl)
+perlasm(chacha/chacha-x86_64.${ASM_EXT} chacha/asm/chacha-x86_64.pl)
+perlasm(cipher_extra/aes128gcmsiv-x86_64.${ASM_EXT} cipher_extra/asm/aes128gcmsiv-x86_64.pl)
+perlasm(cipher_extra/chacha20_poly1305_x86_64.${ASM_EXT} cipher_extra/asm/chacha20_poly1305_x86_64.pl)
+
+add_custom_command(
+ OUTPUT err_data.c
+ COMMAND ${GO_EXECUTABLE} run err_data_generate.go > ${CMAKE_CURRENT_BINARY_DIR}/err_data.c
+ DEPENDS
+ err/err_data_generate.go
+ err/asn1.errordata
+ err/bio.errordata
+ err/bn.errordata
+ err/cipher.errordata
+ err/conf.errordata
+ err/dh.errordata
+ err/digest.errordata
+ err/dsa.errordata
+ err/ecdh.errordata
+ err/ecdsa.errordata
+ err/ec.errordata
+ err/engine.errordata
+ err/evp.errordata
+ err/hkdf.errordata
+ err/obj.errordata
+ err/pem.errordata
+ err/pkcs7.errordata
+ err/pkcs8.errordata
+ err/rsa.errordata
+ err/ssl.errordata
+ err/x509.errordata
+ err/x509v3.errordata
+ WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/err
+)
+
add_library(
crypto
- $<TARGET_OBJECTS:crypto_base>
- $<TARGET_OBJECTS:stack>
- $<TARGET_OBJECTS:lhash>
- $<TARGET_OBJECTS:err>
- $<TARGET_OBJECTS:base64>
- $<TARGET_OBJECTS:bytestring>
- $<TARGET_OBJECTS:pool>
- $<TARGET_OBJECTS:fipsmodule>
- $<TARGET_OBJECTS:digest_extra>
- $<TARGET_OBJECTS:cipher_extra>
- $<TARGET_OBJECTS:rc4>
- $<TARGET_OBJECTS:conf>
- $<TARGET_OBJECTS:chacha>
- $<TARGET_OBJECTS:poly1305>
- $<TARGET_OBJECTS:curve25519>
- $<TARGET_OBJECTS:fiat>
- $<TARGET_OBJECTS:buf>
- $<TARGET_OBJECTS:bn_extra>
- $<TARGET_OBJECTS:bio>
- $<TARGET_OBJECTS:rand_extra>
- $<TARGET_OBJECTS:obj>
- $<TARGET_OBJECTS:asn1>
- $<TARGET_OBJECTS:engine>
- $<TARGET_OBJECTS:dh>
- $<TARGET_OBJECTS:dsa>
- $<TARGET_OBJECTS:rsa_extra>
- $<TARGET_OBJECTS:ec_extra>
- $<TARGET_OBJECTS:ecdh_extra>
- $<TARGET_OBJECTS:ecdsa_extra>
- $<TARGET_OBJECTS:cmac>
- $<TARGET_OBJECTS:evp>
- $<TARGET_OBJECTS:hkdf>
- $<TARGET_OBJECTS:pem>
- $<TARGET_OBJECTS:x509>
- $<TARGET_OBJECTS:x509v3>
- $<TARGET_OBJECTS:pkcs7>
- $<TARGET_OBJECTS:pkcs8_lib>
+ asn1/a_bitstr.c
+ asn1/a_bool.c
+ asn1/a_d2i_fp.c
+ asn1/a_dup.c
+ asn1/a_enum.c
+ asn1/a_gentm.c
+ asn1/a_i2d_fp.c
+ asn1/a_int.c
+ asn1/a_mbstr.c
+ asn1/a_object.c
+ asn1/a_octet.c
+ asn1/a_print.c
+ asn1/a_strnid.c
+ asn1/a_time.c
+ asn1/a_type.c
+ asn1/a_utctm.c
+ asn1/a_utf8.c
+ asn1/asn1_lib.c
+ asn1/asn1_par.c
+ asn1/asn_pack.c
+ asn1/f_enum.c
+ asn1/f_int.c
+ asn1/f_string.c
+ asn1/tasn_dec.c
+ asn1/tasn_enc.c
+ asn1/tasn_fre.c
+ asn1/tasn_new.c
+ asn1/tasn_typ.c
+ asn1/tasn_utl.c
+ asn1/time_support.c
+ base64/base64.c
+ bio/bio.c
+ bio/bio_mem.c
+ bio/connect.c
+ bio/fd.c
+ bio/file.c
+ bio/hexdump.c
+ bio/pair.c
+ bio/printf.c
+ bio/socket.c
+ bio/socket_helper.c
+ bn_extra/bn_asn1.c
+ bn_extra/convert.c
+ buf/buf.c
+ bytestring/asn1_compat.c
+ bytestring/ber.c
+ bytestring/cbb.c
+ bytestring/cbs.c
+ bytestring/unicode.c
+ chacha/chacha.c
+ cipher_extra/cipher_extra.c
+ cipher_extra/derive_key.c
+ cipher_extra/e_aesccm.c
+ cipher_extra/e_aesctrhmac.c
+ cipher_extra/e_aesgcmsiv.c
+ cipher_extra/e_chacha20poly1305.c
+ cipher_extra/e_null.c
+ cipher_extra/e_rc2.c
+ cipher_extra/e_rc4.c
+ cipher_extra/e_tls.c
+ cipher_extra/tls_cbc.c
+ cmac/cmac.c
+ conf/conf.c
+ cpu-aarch64-fuchsia.c
+ cpu-aarch64-linux.c
+ cpu-arm-linux.c
+ cpu-arm.c
+ cpu-intel.c
+ cpu-ppc64le.c
+ crypto.c
+ curve25519/spake25519.c
+ dh/dh.c
+ dh/params.c
+ dh/check.c
+ dh/dh_asn1.c
+ digest_extra/digest_extra.c
+ dsa/dsa.c
+ dsa/dsa_asn1.c
+ ecdh_extra/ecdh_extra.c
+ ecdsa_extra/ecdsa_asn1.c
+ ec_extra/ec_asn1.c
+ err/err.c
+ err_data.c
+ engine/engine.c
+ evp/digestsign.c
+ evp/evp.c
+ evp/evp_asn1.c
+ evp/evp_ctx.c
+ evp/p_dsa_asn1.c
+ evp/p_ec.c
+ evp/p_ec_asn1.c
+ evp/p_ed25519.c
+ evp/p_ed25519_asn1.c
+ evp/p_rsa.c
+ evp/p_rsa_asn1.c
+ evp/pbkdf.c
+ evp/print.c
+ evp/scrypt.c
+ evp/sign.c
+ ex_data.c
+ hkdf/hkdf.c
+ lhash/lhash.c
+ mem.c
+ obj/obj.c
+ obj/obj_xref.c
+ pem/pem_all.c
+ pem/pem_info.c
+ pem/pem_lib.c
+ pem/pem_oth.c
+ pem/pem_pk8.c
+ pem/pem_pkey.c
+ pem/pem_x509.c
+ pem/pem_xaux.c
+ pkcs7/pkcs7.c
+ pkcs7/pkcs7_x509.c
+ pkcs8/pkcs8.c
+ pkcs8/pkcs8_x509.c
+ pkcs8/p5_pbev2.c
+ poly1305/poly1305.c
+ poly1305/poly1305_arm.c
+ poly1305/poly1305_vec.c
+ pool/pool.c
+ rand_extra/deterministic.c
+ rand_extra/forkunsafe.c
+ rand_extra/fuchsia.c
+ rand_extra/rand_extra.c
+ rand_extra/windows.c
+ rc4/rc4.c
+ refcount_c11.c
+ refcount_lock.c
+ rsa_extra/rsa_asn1.c
+ rsa_extra/rsa_print.c
+ stack/stack.c
+ thread.c
+ thread_none.c
+ thread_pthread.c
+ thread_win.c
+ x509/a_digest.c
+ x509/a_sign.c
+ x509/a_strex.c
+ x509/a_verify.c
+ x509/algorithm.c
+ x509/asn1_gen.c
+ x509/by_dir.c
+ x509/by_file.c
+ x509/i2d_pr.c
+ x509/rsa_pss.c
+ x509/t_crl.c
+ x509/t_req.c
+ x509/t_x509.c
+ x509/t_x509a.c
+ x509/x509.c
+ x509/x509_att.c
+ x509/x509_cmp.c
+ x509/x509_d2.c
+ x509/x509_def.c
+ x509/x509_ext.c
+ x509/x509_lu.c
+ x509/x509_obj.c
+ x509/x509_r2x.c
+ x509/x509_req.c
+ x509/x509_set.c
+ x509/x509_trs.c
+ x509/x509_txt.c
+ x509/x509_v3.c
+ x509/x509_vfy.c
+ x509/x509_vpm.c
+ x509/x509cset.c
+ x509/x509name.c
+ x509/x509rset.c
+ x509/x509spki.c
+ x509/x_algor.c
+ x509/x_all.c
+ x509/x_attrib.c
+ x509/x_crl.c
+ x509/x_exten.c
+ x509/x_info.c
+ x509/x_name.c
+ x509/x_pkey.c
+ x509/x_pubkey.c
+ x509/x_req.c
+ x509/x_sig.c
+ x509/x_spki.c
+ x509/x_val.c
+ x509/x_x509.c
+ x509/x_x509a.c
+ x509v3/pcy_cache.c
+ x509v3/pcy_data.c
+ x509v3/pcy_lib.c
+ x509v3/pcy_map.c
+ x509v3/pcy_node.c
+ x509v3/pcy_tree.c
+ x509v3/v3_akey.c
+ x509v3/v3_akeya.c
+ x509v3/v3_alt.c
+ x509v3/v3_bcons.c
+ x509v3/v3_bitst.c
+ x509v3/v3_conf.c
+ x509v3/v3_cpols.c
+ x509v3/v3_crld.c
+ x509v3/v3_enum.c
+ x509v3/v3_extku.c
+ x509v3/v3_genn.c
+ x509v3/v3_ia5.c
+ x509v3/v3_info.c
+ x509v3/v3_int.c
+ x509v3/v3_lib.c
+ x509v3/v3_ncons.c
+ x509v3/v3_ocsp.c
+ x509v3/v3_pci.c
+ x509v3/v3_pcia.c
+ x509v3/v3_pcons.c
+ x509v3/v3_pku.c
+ x509v3/v3_pmaps.c
+ x509v3/v3_prn.c
+ x509v3/v3_purp.c
+ x509v3/v3_skey.c
+ x509v3/v3_sxnet.c
+ x509v3/v3_utl.c
+ ../third_party/fiat/curve25519.c
+ $<TARGET_OBJECTS:fipsmodule>
+
+ ${CRYPTO_ARCH_SOURCES}
${CRYPTO_FIPS_OBJECTS}
)
+add_dependencies(crypto global_target)
+
if(FIPS_DELOCATE)
add_dependencies(crypto bcm_o_target)
endif()
@@ -222,7 +419,6 @@
target_link_libraries(crypto libcxx)
endif()
-# TODO(davidben): Convert the remaining tests to GTest.
add_executable(
crypto_test
@@ -237,6 +433,7 @@
cmac/cmac_test.cc
compiler_test.cc
constant_time_test.cc
+ cpu-arm-linux_test.cc
curve25519/ed25519_test.cc
curve25519/spake25519_test.cc
curve25519/x25519_test.cc
@@ -266,6 +463,7 @@
pkcs8/pkcs12_test.cc
poly1305/poly1305_test.cc
pool/pool_test.cc
+ rand_extra/rand_test.cc
refcount_test.cc
rsa_extra/rsa_test.cc
self_test.cc
@@ -281,6 +479,8 @@
$<TARGET_OBJECTS:test_support>
)
+add_dependencies(crypto_test global_target)
+
target_link_libraries(crypto_test crypto boringssl_gtest)
if(WIN32)
target_link_libraries(crypto_test ws2_32)
diff --git a/src/crypto/asn1/CMakeLists.txt b/src/crypto/asn1/CMakeLists.txt
deleted file mode 100644
index de5d280..0000000
--- a/src/crypto/asn1/CMakeLists.txt
+++ /dev/null
@@ -1,38 +0,0 @@
-include_directories(../../include)
-
-add_library(
- asn1
-
- OBJECT
-
- a_bitstr.c
- a_bool.c
- a_d2i_fp.c
- a_dup.c
- a_enum.c
- a_gentm.c
- a_i2d_fp.c
- a_int.c
- a_mbstr.c
- a_object.c
- a_octet.c
- a_print.c
- a_strnid.c
- a_time.c
- a_type.c
- a_utctm.c
- a_utf8.c
- asn1_lib.c
- asn1_par.c
- asn_pack.c
- f_enum.c
- f_int.c
- f_string.c
- tasn_dec.c
- tasn_enc.c
- tasn_fre.c
- tasn_new.c
- tasn_typ.c
- tasn_utl.c
- time_support.c
-)
diff --git a/src/crypto/base64/CMakeLists.txt b/src/crypto/base64/CMakeLists.txt
deleted file mode 100644
index 18cf9fe..0000000
--- a/src/crypto/base64/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- base64
-
- OBJECT
-
- base64.c
-)
diff --git a/src/crypto/bio/CMakeLists.txt b/src/crypto/bio/CMakeLists.txt
deleted file mode 100644
index fccb152..0000000
--- a/src/crypto/bio/CMakeLists.txt
+++ /dev/null
@@ -1,18 +0,0 @@
-include_directories(../../include)
-
-add_library(
- bio
-
- OBJECT
-
- bio.c
- bio_mem.c
- connect.c
- fd.c
- file.c
- hexdump.c
- pair.c
- printf.c
- socket.c
- socket_helper.c
-)
diff --git a/src/crypto/bn_extra/CMakeLists.txt b/src/crypto/bn_extra/CMakeLists.txt
deleted file mode 100644
index 994b365..0000000
--- a/src/crypto/bn_extra/CMakeLists.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-include_directories(../../include)
-
-add_library(
- bn_extra
-
- OBJECT
-
- bn_asn1.c
- convert.c
-)
diff --git a/src/crypto/buf/CMakeLists.txt b/src/crypto/buf/CMakeLists.txt
deleted file mode 100644
index 63f1025..0000000
--- a/src/crypto/buf/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- buf
-
- OBJECT
-
- buf.c
-)
diff --git a/src/crypto/bytestring/CMakeLists.txt b/src/crypto/bytestring/CMakeLists.txt
deleted file mode 100644
index 2bb4c15..0000000
--- a/src/crypto/bytestring/CMakeLists.txt
+++ /dev/null
@@ -1,13 +0,0 @@
-include_directories(../../include)
-
-add_library(
- bytestring
-
- OBJECT
-
- asn1_compat.c
- ber.c
- cbs.c
- cbb.c
- unicode.c
-)
diff --git a/src/crypto/chacha/CMakeLists.txt b/src/crypto/chacha/CMakeLists.txt
deleted file mode 100644
index bf4920c..0000000
--- a/src/crypto/chacha/CMakeLists.txt
+++ /dev/null
@@ -1,48 +0,0 @@
-include_directories(../../include)
-
-if(${ARCH} STREQUAL "arm")
- set(
- CHACHA_ARCH_SOURCES
-
- chacha-armv4.${ASM_EXT}
- )
-endif()
-
-if(${ARCH} STREQUAL "aarch64")
- set(
- CHACHA_ARCH_SOURCES
-
- chacha-armv8.${ASM_EXT}
- )
-endif()
-
-if(${ARCH} STREQUAL "x86")
- set(
- CHACHA_ARCH_SOURCES
-
- chacha-x86.${ASM_EXT}
- )
-endif()
-
-if(${ARCH} STREQUAL "x86_64")
- set(
- CHACHA_ARCH_SOURCES
-
- chacha-x86_64.${ASM_EXT}
- )
-endif()
-
-add_library(
- chacha
-
- OBJECT
-
- chacha.c
-
- ${CHACHA_ARCH_SOURCES}
-)
-
-perlasm(chacha-armv4.${ASM_EXT} asm/chacha-armv4.pl)
-perlasm(chacha-armv8.${ASM_EXT} asm/chacha-armv8.pl)
-perlasm(chacha-x86.${ASM_EXT} asm/chacha-x86.pl)
-perlasm(chacha-x86_64.${ASM_EXT} asm/chacha-x86_64.pl)
diff --git a/src/crypto/cipher_extra/CMakeLists.txt b/src/crypto/cipher_extra/CMakeLists.txt
deleted file mode 100644
index 2c55bd6..0000000
--- a/src/crypto/cipher_extra/CMakeLists.txt
+++ /dev/null
@@ -1,35 +0,0 @@
-include_directories(../../include)
-
-if(${ARCH} STREQUAL "x86_64")
- set(
- CIPHER_ARCH_SOURCES
-
- aes128gcmsiv-x86_64.${ASM_EXT}
- chacha20_poly1305_x86_64.${ASM_EXT}
- )
-endif()
-
-add_library(
- cipher_extra
-
- OBJECT
-
- cipher_extra.c
- derive_key.c
-
- e_null.c
- e_rc2.c
- e_rc4.c
- e_aesgcmsiv.c
- e_aesctrhmac.c
- e_aesccm.c
- e_chacha20poly1305.c
-
- tls_cbc.c
- e_tls.c
-
- ${CIPHER_ARCH_SOURCES}
-)
-
-perlasm(aes128gcmsiv-x86_64.${ASM_EXT} asm/aes128gcmsiv-x86_64.pl)
-perlasm(chacha20_poly1305_x86_64.${ASM_EXT} asm/chacha20_poly1305_x86_64.pl)
diff --git a/src/crypto/cmac/CMakeLists.txt b/src/crypto/cmac/CMakeLists.txt
deleted file mode 100644
index 4429903..0000000
--- a/src/crypto/cmac/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- cmac
-
- OBJECT
-
- cmac.c
-)
diff --git a/src/crypto/conf/CMakeLists.txt b/src/crypto/conf/CMakeLists.txt
deleted file mode 100644
index 0a3c795..0000000
--- a/src/crypto/conf/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- conf
-
- OBJECT
-
- conf.c
-)
diff --git a/src/crypto/cpu-arm-linux.c b/src/crypto/cpu-arm-linux.c
index 839b632..91078bd 100644
--- a/src/crypto/cpu-arm-linux.c
+++ b/src/crypto/cpu-arm-linux.c
@@ -14,33 +14,171 @@
#include <openssl/cpu.h>
-#if defined(OPENSSL_ARM) && !defined(OPENSSL_STATIC_ARMCAP)
+#include "cpu-arm-linux.h"
+#include "internal.h"
+#if defined(OPENSSL_ARM) && !defined(OPENSSL_STATIC_ARMCAP)
#include <errno.h>
#include <fcntl.h>
-#include <string.h>
#include <sys/types.h>
#include <unistd.h>
#include <openssl/arm_arch.h>
#include <openssl/buf.h>
#include <openssl/mem.h>
+#endif
-#include "internal.h"
+// The following functions are only used in ARM, but they are defined on all
+// platforms for testing and fuzzing purposes.
+
+static int STRING_PIECE_equals(const STRING_PIECE *a, const char *b) {
+ size_t b_len = strlen(b);
+ return a->len == b_len && OPENSSL_memcmp(a->data, b, b_len) == 0;
+}
+
+// STRING_PIECE_split finds the first occurence of |sep| in |in| and, if found,
+// sets |*out_left| and |*out_right| to |in| split before and after it. It
+// returns one if |sep| was found and zero otherwise.
+static int STRING_PIECE_split(STRING_PIECE *out_left, STRING_PIECE *out_right,
+ const STRING_PIECE *in, char sep) {
+ const char *p = OPENSSL_memchr(in->data, sep, in->len);
+ if (p == NULL) {
+ return 0;
+ }
+ // |out_left| or |out_right| may alias |in|, so make a copy.
+ STRING_PIECE in_copy = *in;
+ out_left->data = in_copy.data;
+ out_left->len = p - in_copy.data;
+ out_right->data = in_copy.data + out_left->len + 1;
+ out_right->len = in_copy.len - out_left->len - 1;
+ return 1;
+}
+
+// STRING_PIECE_get_delimited reads a |sep|-delimited entry from |s|, writing it
+// to |out| and updating |s| to point beyond it. It returns one on success and
+// zero if |s| is empty. If |s| is has no copies of |sep| and is non-empty, it
+// reads the entire string to |out|.
+static int STRING_PIECE_get_delimited(STRING_PIECE *s, STRING_PIECE *out, char sep) {
+ if (s->len == 0) {
+ return 0;
+ }
+ if (!STRING_PIECE_split(out, s, s, sep)) {
+ // |s| had no instances of |sep|. Return the entire string.
+ *out = *s;
+ s->data += s->len;
+ s->len = 0;
+ }
+ return 1;
+}
+
+// STRING_PIECE_trim removes leading and trailing whitespace from |s|.
+static void STRING_PIECE_trim(STRING_PIECE *s) {
+ while (s->len != 0 && (s->data[0] == ' ' || s->data[0] == '\t')) {
+ s->data++;
+ s->len--;
+ }
+ while (s->len != 0 &&
+ (s->data[s->len - 1] == ' ' || s->data[s->len - 1] == '\t')) {
+ s->len--;
+ }
+}
+
+// extract_cpuinfo_field extracts a /proc/cpuinfo field named |field| from
+// |in|. If found, it sets |*out| to the value and returns one. Otherwise, it
+// returns zero.
+static int extract_cpuinfo_field(STRING_PIECE *out, const STRING_PIECE *in,
+ const char *field) {
+ // Process |in| one line at a time.
+ STRING_PIECE remaining = *in, line;
+ while (STRING_PIECE_get_delimited(&remaining, &line, '\n')) {
+ STRING_PIECE key, value;
+ if (!STRING_PIECE_split(&key, &value, &line, ':')) {
+ continue;
+ }
+ STRING_PIECE_trim(&key);
+ if (STRING_PIECE_equals(&key, field)) {
+ STRING_PIECE_trim(&value);
+ *out = value;
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
+static int cpuinfo_field_equals(const STRING_PIECE *cpuinfo, const char *field,
+ const char *value) {
+ STRING_PIECE extracted;
+ return extract_cpuinfo_field(&extracted, cpuinfo, field) &&
+ STRING_PIECE_equals(&extracted, value);
+}
+
+// has_list_item treats |list| as a space-separated list of items and returns
+// one if |item| is contained in |list| and zero otherwise.
+static int has_list_item(const STRING_PIECE *list, const char *item) {
+ STRING_PIECE remaining = *list, feature;
+ while (STRING_PIECE_get_delimited(&remaining, &feature, ' ')) {
+ if (STRING_PIECE_equals(&feature, item)) {
+ return 1;
+ }
+ }
+ return 0;
+}
+
+unsigned long crypto_get_arm_hwcap_from_cpuinfo(const STRING_PIECE *cpuinfo) {
+ if (cpuinfo_field_equals(cpuinfo, "CPU architecture", "8")) {
+ // This is a 32-bit ARM binary running on a 64-bit kernel. NEON is always
+ // available on ARMv8. Linux omits required features, so reading the
+ // "Features" line does not work. (For simplicity, use strict equality. We
+ // assume everything running on future ARM architectures will have a
+ // working |getauxval|.)
+ return HWCAP_NEON;
+ }
+
+ STRING_PIECE features;
+ if (extract_cpuinfo_field(&features, cpuinfo, "Features") &&
+ has_list_item(&features, "neon")) {
+ return HWCAP_NEON;
+ }
+ return 0;
+}
+
+unsigned long crypto_get_arm_hwcap2_from_cpuinfo(const STRING_PIECE *cpuinfo) {
+ STRING_PIECE features;
+ if (!extract_cpuinfo_field(&features, cpuinfo, "Features")) {
+ return 0;
+ }
+
+ unsigned long ret = 0;
+ if (has_list_item(&features, "aes")) {
+ ret |= HWCAP2_AES;
+ }
+ if (has_list_item(&features, "pmull")) {
+ ret |= HWCAP2_PMULL;
+ }
+ if (has_list_item(&features, "sha1")) {
+ ret |= HWCAP2_SHA1;
+ }
+ if (has_list_item(&features, "sha2")) {
+ ret |= HWCAP2_SHA2;
+ }
+ return ret;
+}
+
+int crypto_cpuinfo_has_broken_neon(const STRING_PIECE *cpuinfo) {
+ return cpuinfo_field_equals(cpuinfo, "CPU implementer", "0x51") &&
+ cpuinfo_field_equals(cpuinfo, "CPU architecture", "7") &&
+ cpuinfo_field_equals(cpuinfo, "CPU variant", "0x1") &&
+ cpuinfo_field_equals(cpuinfo, "CPU part", "0x04d") &&
+ cpuinfo_field_equals(cpuinfo, "CPU revision", "0");
+}
+
+#if defined(OPENSSL_ARM) && !defined(OPENSSL_STATIC_ARMCAP)
#define AT_HWCAP 16
#define AT_HWCAP2 26
-#define HWCAP_NEON (1 << 12)
-
-// See /usr/include/asm/hwcap.h on an ARM installation for the source of
-// these values.
-#define HWCAP2_AES (1 << 0)
-#define HWCAP2_PMULL (1 << 1)
-#define HWCAP2_SHA1 (1 << 2)
-#define HWCAP2_SHA2 (1 << 3)
-
// |getauxval| is not available on Android until API level 20. Link it as a weak
// symbol and use other methods as fallback.
unsigned long getauxval(unsigned long type) __attribute__((weak));
@@ -154,138 +292,6 @@
return 0;
}
-typedef struct {
- const char *data;
- size_t len;
-} STRING_PIECE;
-
-static int STRING_PIECE_equals(const STRING_PIECE *a, const char *b) {
- size_t b_len = strlen(b);
- return a->len == b_len && OPENSSL_memcmp(a->data, b, b_len) == 0;
-}
-
-// STRING_PIECE_split finds the first occurence of |sep| in |in| and, if found,
-// sets |*out_left| and |*out_right| to |in| split before and after it. It
-// returns one if |sep| was found and zero otherwise.
-static int STRING_PIECE_split(STRING_PIECE *out_left, STRING_PIECE *out_right,
- const STRING_PIECE *in, char sep) {
- const char *p = OPENSSL_memchr(in->data, sep, in->len);
- if (p == NULL) {
- return 0;
- }
- // |out_left| or |out_right| may alias |in|, so make a copy.
- STRING_PIECE in_copy = *in;
- out_left->data = in_copy.data;
- out_left->len = p - in_copy.data;
- out_right->data = in_copy.data + out_left->len + 1;
- out_right->len = in_copy.len - out_left->len - 1;
- return 1;
-}
-
-// STRING_PIECE_trim removes leading and trailing whitespace from |s|.
-static void STRING_PIECE_trim(STRING_PIECE *s) {
- while (s->len != 0 && (s->data[0] == ' ' || s->data[0] == '\t')) {
- s->data++;
- s->len--;
- }
- while (s->len != 0 &&
- (s->data[s->len - 1] == ' ' || s->data[s->len - 1] == '\t')) {
- s->len--;
- }
-}
-
-// extract_cpuinfo_field extracts a /proc/cpuinfo field named |field| from
-// |in|. If found, it sets |*out| to the value and returns one. Otherwise, it
-// returns zero.
-static int extract_cpuinfo_field(STRING_PIECE *out, const STRING_PIECE *in,
- const char *field) {
- // Process |in| one line at a time.
- STRING_PIECE remaining = *in, line;
- while (STRING_PIECE_split(&line, &remaining, &remaining, '\n')) {
- STRING_PIECE key, value;
- if (!STRING_PIECE_split(&key, &value, &line, ':')) {
- continue;
- }
- STRING_PIECE_trim(&key);
- if (STRING_PIECE_equals(&key, field)) {
- STRING_PIECE_trim(&value);
- *out = value;
- return 1;
- }
- }
-
- return 0;
-}
-
-static int cpuinfo_field_equals(const STRING_PIECE *cpuinfo, const char *field,
- const char *value) {
- STRING_PIECE extracted;
- return extract_cpuinfo_field(&extracted, cpuinfo, field) &&
- STRING_PIECE_equals(&extracted, value);
-}
-
-// has_list_item treats |list| as a space-separated list of items and returns
-// one if |item| is contained in |list| and zero otherwise.
-static int has_list_item(const STRING_PIECE *list, const char *item) {
- STRING_PIECE remaining = *list, feature;
- while (STRING_PIECE_split(&feature, &remaining, &remaining, ' ')) {
- if (STRING_PIECE_equals(&feature, item)) {
- return 1;
- }
- }
- return 0;
-}
-
-static unsigned long get_hwcap_cpuinfo(const STRING_PIECE *cpuinfo) {
- if (cpuinfo_field_equals(cpuinfo, "CPU architecture", "8")) {
- // This is a 32-bit ARM binary running on a 64-bit kernel. NEON is always
- // available on ARMv8. Linux omits required features, so reading the
- // "Features" line does not work. (For simplicity, use strict equality. We
- // assume everything running on future ARM architectures will have a
- // working |getauxval|.)
- return HWCAP_NEON;
- }
-
- STRING_PIECE features;
- if (extract_cpuinfo_field(&features, cpuinfo, "Features") &&
- has_list_item(&features, "neon")) {
- return HWCAP_NEON;
- }
- return 0;
-}
-
-static unsigned long get_hwcap2_cpuinfo(const STRING_PIECE *cpuinfo) {
- STRING_PIECE features;
- if (!extract_cpuinfo_field(&features, cpuinfo, "Features")) {
- return 0;
- }
-
- unsigned long ret = 0;
- if (has_list_item(&features, "aes")) {
- ret |= HWCAP2_AES;
- }
- if (has_list_item(&features, "pmull")) {
- ret |= HWCAP2_PMULL;
- }
- if (has_list_item(&features, "sha1")) {
- ret |= HWCAP2_SHA1;
- }
- if (has_list_item(&features, "sha2")) {
- ret |= HWCAP2_SHA2;
- }
- return ret;
-}
-
-// has_broken_neon returns one if |in| matches a CPU known to have a broken
-// NEON unit. See https://crbug.com/341598.
-static int has_broken_neon(const STRING_PIECE *cpuinfo) {
- return cpuinfo_field_equals(cpuinfo, "CPU implementer", "0x51") &&
- cpuinfo_field_equals(cpuinfo, "CPU architecture", "7") &&
- cpuinfo_field_equals(cpuinfo, "CPU variant", "0x1") &&
- cpuinfo_field_equals(cpuinfo, "CPU part", "0x04d") &&
- cpuinfo_field_equals(cpuinfo, "CPU revision", "0");
-}
-
extern uint32_t OPENSSL_armcap_P;
static int g_has_broken_neon, g_needs_hwcap2_workaround;
@@ -315,11 +321,11 @@
hwcap = getauxval_proc(AT_HWCAP);
}
if (hwcap == 0) {
- hwcap = get_hwcap_cpuinfo(&cpuinfo);
+ hwcap = crypto_get_arm_hwcap_from_cpuinfo(&cpuinfo);
}
// Clear NEON support if known broken.
- g_has_broken_neon = has_broken_neon(&cpuinfo);
+ g_has_broken_neon = crypto_cpuinfo_has_broken_neon(&cpuinfo);
if (g_has_broken_neon) {
hwcap &= ~HWCAP_NEON;
}
@@ -335,7 +341,7 @@
hwcap2 = getauxval(AT_HWCAP2);
}
if (hwcap2 == 0) {
- hwcap2 = get_hwcap2_cpuinfo(&cpuinfo);
+ hwcap2 = crypto_get_arm_hwcap2_from_cpuinfo(&cpuinfo);
g_needs_hwcap2_workaround = hwcap2 != 0;
}
diff --git a/src/crypto/cpu-arm-linux.h b/src/crypto/cpu-arm-linux.h
new file mode 100644
index 0000000..eabf4ea
--- /dev/null
+++ b/src/crypto/cpu-arm-linux.h
@@ -0,0 +1,59 @@
+/* Copyright (c) 2018, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#ifndef OPENSSL_HEADER_CRYPTO_CPU_ARM_LINUX_H
+#define OPENSSL_HEADER_CRYPTO_CPU_ARM_LINUX_H
+
+#include <openssl/base.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+
+// The following symbols are defined on all platforms and exported for testing
+// and fuzzing purposes. They are not exported from the shared library so the
+// static linker will drop them outside of tests.
+
+#define HWCAP_NEON (1 << 12)
+
+// See /usr/include/asm/hwcap.h on an ARM installation for the source of
+// these values.
+#define HWCAP2_AES (1 << 0)
+#define HWCAP2_PMULL (1 << 1)
+#define HWCAP2_SHA1 (1 << 2)
+#define HWCAP2_SHA2 (1 << 3)
+
+typedef struct {
+ const char *data;
+ size_t len;
+} STRING_PIECE;
+
+// crypto_get_arm_hwcap_from_cpuinfo returns an equivalent ARM |AT_HWCAP| value
+// from |cpuinfo|.
+unsigned long crypto_get_arm_hwcap_from_cpuinfo(const STRING_PIECE *cpuinfo);
+
+// crypto_get_arm_hwcap2_from_cpuinfo returns an equivalent ARM |AT_HWCAP2|
+// value from |cpuinfo|.
+unsigned long crypto_get_arm_hwcap2_from_cpuinfo(const STRING_PIECE *cpuinfo);
+
+// crypto_cpuinfo_has_broken_neon returns one if |cpuinfo| matches a CPU known
+// to have broken NEON unit and zero otherwise. See https://crbug.com/341598.
+int crypto_cpuinfo_has_broken_neon(const STRING_PIECE *cpuinfo);
+
+#if defined(__cplusplus)
+} // extern C
+#endif
+
+#endif // OPENSSL_HEADER_CRYPTO_CPU_ARM_LINUX_H
diff --git a/src/crypto/cpu-arm-linux_test.cc b/src/crypto/cpu-arm-linux_test.cc
new file mode 100644
index 0000000..3ca6e57
--- /dev/null
+++ b/src/crypto/cpu-arm-linux_test.cc
@@ -0,0 +1,236 @@
+/* Copyright (c) 2018, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#include "cpu-arm-linux.h"
+
+#include <string.h>
+
+#include <gtest/gtest.h>
+
+
+#if !defined(BORINGSSL_SHARED_LIBRARY)
+
+TEST(ARMLinuxTest, CPUInfo) {
+ struct CPUInfoTest {
+ const char *cpuinfo;
+ unsigned long hwcap;
+ unsigned long hwcap2;
+ bool broken_neon;
+ } kTests[] = {
+ // https://crbug.com/341598#c33
+ {
+ "Processor: ARMv7 Processory rev 0 (v71)\n"
+ "processor: 0\n"
+ "BogoMIPS: 13.50\n"
+ "\n"
+ "Processor: 1\n"
+ "BogoMIPS: 13.50\n"
+ "\n"
+ "Features: swp half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 "
+ "idiva idivt\n"
+ "CPU implementer : 0x51\n"
+ "CPU architecture: 7\n"
+ "CPU variant: 0x1\n"
+ "CPU part: 0x04d\n"
+ "CPU revision: 0\n"
+ "\n"
+ "Hardware: SAMSUNG M2\n"
+ "Revision: 0010\n"
+ "Serial: 00001e030000354e\n",
+ HWCAP_NEON,
+ 0,
+ true,
+ },
+ // https://crbug.com/341598#c39
+ {
+ "Processor : ARMv7 Processor rev 0 (v7l)\n"
+ "processor : 0\n"
+ "BogoMIPS : 13.53\n"
+ "\n"
+ "Features : swp half thumb fastmult vfp edsp neon vfpv3 tls "
+ "vfpv4\n"
+ "CPU implementer : 0x51\n"
+ "CPU architecture: 7\n"
+ "CPU variant : 0x1\n"
+ "CPU part : 0x04d\n"
+ "CPU revision : 0\n"
+ "\n"
+ "Hardware : SAMSUNG M2_ATT\n"
+ "Revision : 0010\n"
+ "Serial : 0000df0c00004d4c\n",
+ HWCAP_NEON,
+ 0,
+ true,
+ },
+ // Nexus 4 from https://crbug.com/341598#c43
+ {
+ "Processor : ARMv7 Processor rev 2 (v7l)\n"
+ "processor : 0\n"
+ "BogoMIPS : 13.53\n"
+ "\n"
+ "processor : 1\n"
+ "BogoMIPS : 13.53\n"
+ "\n"
+ "processor : 2\n"
+ "BogoMIPS : 13.53\n"
+ "\n"
+ "processor : 3\n"
+ "BogoMIPS : 13.53\n"
+ "\n"
+ "Features : swp half thumb fastmult vfp edsp neon vfpv3 tls "
+ "vfpv4 \n"
+ "CPU implementer : 0x51\n"
+ "CPU architecture: 7\n"
+ "CPU variant : 0x0\n"
+ "CPU part : 0x06f\n"
+ "CPU revision : 2\n"
+ "\n"
+ "Hardware : QCT APQ8064 MAKO\n"
+ "Revision : 000b\n"
+ "Serial : 0000000000000000\n",
+ HWCAP_NEON,
+ 0,
+ false,
+ },
+ // Razr M from https://crbug.com/341598#c43
+ {
+ "Processor : ARMv7 Processor rev 4 (v7l)\n"
+ "processor : 0\n"
+ "BogoMIPS : 13.53\n"
+ "\n"
+ "Features : swp half thumb fastmult vfp edsp neon vfpv3 tls "
+ "vfpv4\n"
+ "CPU implementer : 0x51\n"
+ "CPU architecture: 7\n"
+ "CPU variant : 0x1\n"
+ "CPU part : 0x04d\n"
+ "CPU revision : 4\n"
+ "\n"
+ "Hardware : msm8960dt\n"
+ "Revision : 82a0\n"
+ "Serial : 0001000201fe37a5\n",
+ HWCAP_NEON,
+ 0,
+ false,
+ },
+ // Pixel 2 (truncated slightly)
+ {
+ "Processor : AArch64 Processor rev 1 (aarch64)\n"
+ "processor : 0\n"
+ "BogoMIPS : 38.00\n"
+ "Features : fp asimd evtstrm aes pmull sha1 sha2 crc32\n"
+ "CPU implementer : 0x51\n"
+ "CPU architecture: 8\n"
+ "CPU variant : 0xa\n"
+ "CPU part : 0x801\n"
+ "CPU revision : 4\n"
+ "\n"
+ "processor : 1\n"
+ "BogoMIPS : 38.00\n"
+ "Features : fp asimd evtstrm aes pmull sha1 sha2 crc32\n"
+ "CPU implementer : 0x51\n"
+ "CPU architecture: 8\n"
+ "CPU variant : 0xa\n"
+ "CPU part : 0x801\n"
+ "CPU revision : 4\n"
+ "\n"
+ "processor : 2\n"
+ "BogoMIPS : 38.00\n"
+ "Features : fp asimd evtstrm aes pmull sha1 sha2 crc32\n"
+ "CPU implementer : 0x51\n"
+ "CPU architecture: 8\n"
+ "CPU variant : 0xa\n"
+ "CPU part : 0x801\n"
+ "CPU revision : 4\n"
+ "\n"
+ "processor : 3\n"
+ "BogoMIPS : 38.00\n"
+ "Features : fp asimd evtstrm aes pmull sha1 sha2 crc32\n"
+ "CPU implementer : 0x51\n"
+ "CPU architecture: 8\n"
+ "CPU variant : 0xa\n"
+ "CPU part : 0x801\n"
+ "CPU revision : 4\n"
+ // (Extra processors omitted.)
+ "\n"
+ "Hardware : Qualcomm Technologies, Inc MSM8998\n",
+ HWCAP_NEON, // CPU architecture 8 implies NEON.
+ HWCAP2_AES | HWCAP2_PMULL | HWCAP2_SHA1 | HWCAP2_SHA2,
+ false,
+ },
+ // Nexus 4 from
+ // Garbage should be tolerated.
+ {
+ "Blah blah blah this is definitely an ARM CPU",
+ 0,
+ 0,
+ false,
+ },
+ // A hypothetical ARMv8 CPU without crc32 (and thus no trailing space
+ // after the last crypto entry).
+ {
+ "Features : aes pmull sha1 sha2\n"
+ "CPU architecture: 8\n",
+ HWCAP_NEON,
+ HWCAP2_AES | HWCAP2_PMULL | HWCAP2_SHA1 | HWCAP2_SHA2,
+ false,
+ },
+ // Various combinations of ARMv8 flags.
+ {
+ "Features : aes sha1 sha2\n"
+ "CPU architecture: 8\n",
+ HWCAP_NEON,
+ HWCAP2_AES | HWCAP2_SHA1 | HWCAP2_SHA2,
+ false,
+ },
+ {
+ "Features : pmull sha2\n"
+ "CPU architecture: 8\n",
+ HWCAP_NEON,
+ HWCAP2_PMULL | HWCAP2_SHA2,
+ false,
+ },
+ {
+ "Features : aes aes aes not_aes aes aes \n"
+ "CPU architecture: 8\n",
+ HWCAP_NEON,
+ HWCAP2_AES,
+ false,
+ },
+ {
+ "Features : \n"
+ "CPU architecture: 8\n",
+ HWCAP_NEON,
+ 0,
+ false,
+ },
+ {
+ "Features : nothing\n"
+ "CPU architecture: 8\n",
+ HWCAP_NEON,
+ 0,
+ false,
+ },
+ };
+
+ for (const auto &t : kTests) {
+ SCOPED_TRACE(t.cpuinfo);
+ STRING_PIECE sp = {t.cpuinfo, strlen(t.cpuinfo)};
+ EXPECT_EQ(t.hwcap, crypto_get_arm_hwcap_from_cpuinfo(&sp));
+ EXPECT_EQ(t.hwcap2, crypto_get_arm_hwcap2_from_cpuinfo(&sp));
+ EXPECT_EQ(t.broken_neon ? 1 : 0, crypto_cpuinfo_has_broken_neon(&sp));
+ }
+}
+
+#endif // !BORINGSSL_SHARED_LIBRARY
diff --git a/src/crypto/crypto.c b/src/crypto/crypto.c
index 93e2f82..783d7d9 100644
--- a/src/crypto/crypto.c
+++ b/src/crypto/crypto.c
@@ -19,19 +19,6 @@
#include "internal.h"
-#if defined(OPENSSL_MSAN) && !defined(OPENSSL_NO_ASM)
-// MSan works by instrumenting memory accesses in the compiler. Accesses from
-// uninstrumented code, such as assembly, are invisible to it. MSan will
-// incorrectly report reads from assembly-initialized memory as uninitialized.
-// If building BoringSSL with MSan, exclude assembly files from the build and
-// define OPENSSL_NO_ASM.
-//
-// This is checked here rather than in a header because the consumer might not
-// define OPENSSL_NO_ASM. It is only necessary for BoringSSL source files to be
-// built with it.
-#error "BoringSSL must be built with assembly disabled to use MSan."
-#endif
-
#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_STATIC_ARMCAP) && \
(defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || \
defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) || \
diff --git a/src/crypto/curve25519/CMakeLists.txt b/src/crypto/curve25519/CMakeLists.txt
deleted file mode 100644
index 0f28218..0000000
--- a/src/crypto/curve25519/CMakeLists.txt
+++ /dev/null
@@ -1,19 +0,0 @@
-include_directories(../../include)
-
-if(${ARCH} STREQUAL "arm")
- set(
- CURVE25519_ARCH_SOURCES
-
- asm/x25519-asm-arm.S
- )
-endif()
-
-add_library(
- curve25519
-
- OBJECT
-
- spake25519.c
-
- ${CURVE25519_ARCH_SOURCES}
-)
diff --git a/src/crypto/curve25519/asm/x25519-asm-arm.S b/src/crypto/curve25519/asm/x25519-asm-arm.S
index 38ec03b..905af07 100644
--- a/src/crypto/curve25519/asm/x25519-asm-arm.S
+++ b/src/crypto/curve25519/asm/x25519-asm-arm.S
@@ -17,8 +17,18 @@
* domain licensed but the standard ISC license is included above to keep
* licensing simple. */
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if !defined(OPENSSL_NO_ASM) && defined(__arm__) && !defined(__APPLE__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
+
.fpu neon
.text
.align 4
diff --git a/src/crypto/dh/CMakeLists.txt b/src/crypto/dh/CMakeLists.txt
deleted file mode 100644
index 83ae6d4..0000000
--- a/src/crypto/dh/CMakeLists.txt
+++ /dev/null
@@ -1,12 +0,0 @@
-include_directories(../../include)
-
-add_library(
- dh
-
- OBJECT
-
- dh.c
- params.c
- check.c
- dh_asn1.c
-)
diff --git a/src/crypto/digest_extra/CMakeLists.txt b/src/crypto/digest_extra/CMakeLists.txt
deleted file mode 100644
index 2efb832..0000000
--- a/src/crypto/digest_extra/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- digest_extra
-
- OBJECT
-
- digest_extra.c
-)
diff --git a/src/crypto/dsa/CMakeLists.txt b/src/crypto/dsa/CMakeLists.txt
deleted file mode 100644
index d3c12f5..0000000
--- a/src/crypto/dsa/CMakeLists.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-include_directories(../../include)
-
-add_library(
- dsa
-
- OBJECT
-
- dsa.c
- dsa_asn1.c
-)
diff --git a/src/crypto/ec_extra/CMakeLists.txt b/src/crypto/ec_extra/CMakeLists.txt
deleted file mode 100644
index 2312b19..0000000
--- a/src/crypto/ec_extra/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- ec_extra
-
- OBJECT
-
- ec_asn1.c
-)
diff --git a/src/crypto/ecdh_extra/CMakeLists.txt b/src/crypto/ecdh_extra/CMakeLists.txt
deleted file mode 100644
index 40a53c1..0000000
--- a/src/crypto/ecdh_extra/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- ecdh_extra
-
- OBJECT
-
- ecdh_extra.c
-)
diff --git a/src/crypto/ecdsa_extra/CMakeLists.txt b/src/crypto/ecdsa_extra/CMakeLists.txt
deleted file mode 100644
index a908580..0000000
--- a/src/crypto/ecdsa_extra/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- ecdsa_extra
-
- OBJECT
-
- ecdsa_asn1.c
-)
diff --git a/src/crypto/engine/CMakeLists.txt b/src/crypto/engine/CMakeLists.txt
deleted file mode 100644
index 5667f02..0000000
--- a/src/crypto/engine/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- engine
-
- OBJECT
-
- engine.c
-)
diff --git a/src/crypto/err/CMakeLists.txt b/src/crypto/err/CMakeLists.txt
deleted file mode 100644
index 91c6f6e..0000000
--- a/src/crypto/err/CMakeLists.txt
+++ /dev/null
@@ -1,40 +0,0 @@
-include_directories(../../include)
-
-add_custom_command(
- OUTPUT err_data.c
- COMMAND ${GO_EXECUTABLE} run err_data_generate.go > ${CMAKE_CURRENT_BINARY_DIR}/err_data.c
- DEPENDS
- err_data_generate.go
- asn1.errordata
- bio.errordata
- bn.errordata
- cipher.errordata
- conf.errordata
- dh.errordata
- digest.errordata
- dsa.errordata
- ecdh.errordata
- ecdsa.errordata
- ec.errordata
- engine.errordata
- evp.errordata
- hkdf.errordata
- obj.errordata
- pem.errordata
- pkcs7.errordata
- pkcs8.errordata
- rsa.errordata
- ssl.errordata
- x509.errordata
- x509v3.errordata
- WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
-)
-
-add_library(
- err
-
- OBJECT
-
- err.c
- err_data.c
-)
diff --git a/src/crypto/err/internal.h b/src/crypto/err/internal.h
index 3f2397c..179f756 100644
--- a/src/crypto/err/internal.h
+++ b/src/crypto/err/internal.h
@@ -46,11 +46,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(ERR_SAVE_STATE, ERR_SAVE_STATE_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/src/crypto/evp/CMakeLists.txt b/src/crypto/evp/CMakeLists.txt
deleted file mode 100644
index 4b1fe5e..0000000
--- a/src/crypto/evp/CMakeLists.txt
+++ /dev/null
@@ -1,23 +0,0 @@
-include_directories(../../include)
-
-add_library(
- evp
-
- OBJECT
-
- digestsign.c
- evp.c
- evp_asn1.c
- evp_ctx.c
- p_dsa_asn1.c
- p_ec.c
- p_ec_asn1.c
- p_ed25519.c
- p_ed25519_asn1.c
- p_rsa.c
- p_rsa_asn1.c
- pbkdf.c
- print.c
- scrypt.c
- sign.c
-)
diff --git a/src/crypto/fipsmodule/CMakeLists.txt b/src/crypto/fipsmodule/CMakeLists.txt
index babda94..1242aa2 100644
--- a/src/crypto/fipsmodule/CMakeLists.txt
+++ b/src/crypto/fipsmodule/CMakeLists.txt
@@ -136,6 +136,8 @@
bcm.c
)
+ add_dependencies(bcm_c_generated_asm global_target)
+
set_target_properties(bcm_c_generated_asm PROPERTIES COMPILE_OPTIONS "-S")
set_target_properties(bcm_c_generated_asm PROPERTIES POSITION_INDEPENDENT_CODE ON)
@@ -164,6 +166,8 @@
bcm-delocated.S
)
+ add_dependencies(bcm_hashunset global_target)
+
set_target_properties(bcm_hashunset PROPERTIES POSITION_INDEPENDENT_CODE ON)
set_target_properties(bcm_hashunset PROPERTIES LINKER_LANGUAGE C)
@@ -187,6 +191,8 @@
is_fips.c
)
+ add_dependencies(fipsmodule global_target)
+
set_target_properties(fipsmodule PROPERTIES LINKER_LANGUAGE C)
else()
add_library(
@@ -199,4 +205,6 @@
${BCM_ASM_SOURCES}
)
+
+ add_dependencies(fipsmodule global_target)
endif()
diff --git a/src/crypto/fipsmodule/bn/bn_test.cc b/src/crypto/fipsmodule/bn/bn_test.cc
index a932306..29b4456 100644
--- a/src/crypto/fipsmodule/bn/bn_test.cc
+++ b/src/crypto/fipsmodule/bn/bn_test.cc
@@ -1592,21 +1592,6 @@
ASSERT_TRUE(BN_mod_exp_mont_consttime(r.get(), zero.get(), zero.get(),
BN_value_one(), ctx(), nullptr));
EXPECT_TRUE(BN_is_zero(r.get()));
-
- // Historically, OpenSSL's modular exponentiation functions tolerated negative
- // moduli by ignoring the sign bit. This logic should do the same.
- ASSERT_TRUE(BN_mod_exp(r.get(), a.get(), zero.get(), minus_one.get(), ctx()));
- EXPECT_TRUE(BN_is_zero(r.get()));
- ASSERT_TRUE(BN_mod_exp_mont_word(r.get(), 0, zero.get(), minus_one.get(),
- ctx(), nullptr));
- EXPECT_TRUE(BN_is_zero(r.get()));
- ASSERT_TRUE(BN_mod_exp_mont(r.get(), zero.get(), zero.get(), minus_one.get(),
- ctx(), nullptr));
- EXPECT_TRUE(BN_is_zero(r.get()));
-
- ASSERT_TRUE(BN_mod_exp_mont_consttime(r.get(), zero.get(), zero.get(),
- minus_one.get(), ctx(), nullptr));
- EXPECT_TRUE(BN_is_zero(r.get()));
}
TEST_F(BNTest, SmallPrime) {
diff --git a/src/crypto/fipsmodule/bn/exponentiation.c b/src/crypto/fipsmodule/bn/exponentiation.c
index 7035ea7..41b2057 100644
--- a/src/crypto/fipsmodule/bn/exponentiation.c
+++ b/src/crypto/fipsmodule/bn/exponentiation.c
@@ -446,21 +446,18 @@
static int mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx) {
- int i, j, bits, ret = 0, wstart, window;
+ int i, j, ret = 0, wstart, window;
int start = 1;
BIGNUM *aa;
// Table of variables obtained from 'ctx'
BIGNUM *val[TABLE_SIZE];
BN_RECP_CTX recp;
- bits = BN_num_bits(p);
+ // This function is only called on even moduli.
+ assert(!BN_is_odd(m));
+ int bits = BN_num_bits(p);
if (bits == 0) {
- // x**0 mod 1 is still zero.
- if (BN_abs_is_word(m, 1)) {
- BN_zero(r);
- return 1;
- }
return BN_one(r);
}
@@ -586,6 +583,10 @@
int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
BN_CTX *ctx) {
+ if (m->neg) {
+ OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER);
+ return 0;
+ }
if (a->neg || BN_ucmp(a, m) >= 0) {
if (!BN_nnmod(r, a, m, ctx)) {
return 0;
@@ -606,6 +607,10 @@
OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS);
return 0;
}
+ if (m->neg) {
+ OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER);
+ return 0;
+ }
if (a->neg || BN_ucmp(a, m) >= 0) {
OPENSSL_PUT_ERROR(BN, BN_R_INPUT_NOT_REDUCED);
return 0;
@@ -970,6 +975,10 @@
OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS);
return 0;
}
+ if (m->neg) {
+ OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER);
+ return 0;
+ }
if (a->neg || BN_ucmp(a, m) >= 0) {
OPENSSL_PUT_ERROR(BN, BN_R_INPUT_NOT_REDUCED);
return 0;
diff --git a/src/crypto/fipsmodule/bn/mul.c b/src/crypto/fipsmodule/bn/mul.c
index bd9393e..a1582a2 100644
--- a/src/crypto/fipsmodule/bn/mul.c
+++ b/src/crypto/fipsmodule/bn/mul.c
@@ -559,7 +559,7 @@
BN_CTX_start(ctx);
if (r == a || r == b) {
rr = BN_CTX_get(ctx);
- if (r == NULL) {
+ if (rr == NULL) {
goto err;
}
} else {
diff --git a/src/crypto/fipsmodule/md5/md5.c b/src/crypto/fipsmodule/md5/md5.c
index 32429da..370b42a 100644
--- a/src/crypto/fipsmodule/md5/md5.c
+++ b/src/crypto/fipsmodule/md5/md5.c
@@ -85,11 +85,14 @@
(defined(OPENSSL_X86_64) || defined(OPENSSL_X86))
#define MD5_ASM
#define md5_block_data_order md5_block_asm_data_order
+extern void md5_block_data_order(uint32_t *state, const uint8_t *data,
+ size_t num);
+#else
+static void md5_block_data_order(uint32_t *state, const uint8_t *data,
+ size_t num);
#endif
-void md5_block_data_order(uint32_t *state, const uint8_t *data, size_t num);
-
#define DATA_ORDER_IS_LITTLE_ENDIAN
#define HASH_CTX MD5_CTX
@@ -151,11 +154,12 @@
(a) += (b); \
} while (0)
-#ifndef md5_block_data_order
+#ifndef MD5_ASM
#ifdef X
#undef X
#endif
-void md5_block_data_order(uint32_t *state, const uint8_t *data, size_t num) {
+static void md5_block_data_order(uint32_t *state, const uint8_t *data,
+ size_t num) {
uint32_t A, B, C, D, l;
uint32_t XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, XX8, XX9, XX10, XX11, XX12,
XX13, XX14, XX15;
diff --git a/src/crypto/hkdf/CMakeLists.txt b/src/crypto/hkdf/CMakeLists.txt
deleted file mode 100644
index 43309eb..0000000
--- a/src/crypto/hkdf/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- hkdf
-
- OBJECT
-
- hkdf.c
-)
diff --git a/src/crypto/internal.h b/src/crypto/internal.h
index c4e2e51..0e8ae3a 100644
--- a/src/crypto/internal.h
+++ b/src/crypto/internal.h
@@ -488,7 +488,7 @@
#if defined(__cplusplus)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
namespace internal {
@@ -516,7 +516,7 @@
using MutexReadLock =
internal::MutexLockBase<CRYPTO_MUTEX_lock_read, CRYPTO_MUTEX_unlock_read>;
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern "C++"
#endif // defined(__cplusplus)
diff --git a/src/crypto/lhash/CMakeLists.txt b/src/crypto/lhash/CMakeLists.txt
deleted file mode 100644
index 7a5f161..0000000
--- a/src/crypto/lhash/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- lhash
-
- OBJECT
-
- lhash.c
-)
diff --git a/src/crypto/obj/CMakeLists.txt b/src/crypto/obj/CMakeLists.txt
deleted file mode 100644
index b8a4ef3..0000000
--- a/src/crypto/obj/CMakeLists.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-include_directories(../../include)
-
-add_library(
- obj
-
- OBJECT
-
- obj.c
- obj_xref.c
-)
diff --git a/src/crypto/pem/CMakeLists.txt b/src/crypto/pem/CMakeLists.txt
deleted file mode 100644
index 30dd7c9..0000000
--- a/src/crypto/pem/CMakeLists.txt
+++ /dev/null
@@ -1,16 +0,0 @@
-include_directories(../../include)
-
-add_library(
- pem
-
- OBJECT
-
- pem_all.c
- pem_info.c
- pem_lib.c
- pem_oth.c
- pem_pk8.c
- pem_pkey.c
- pem_x509.c
- pem_xaux.c
-)
diff --git a/src/crypto/perlasm/arm-xlate.pl b/src/crypto/perlasm/arm-xlate.pl
index 8e3e954..29e086d 100755
--- a/src/crypto/perlasm/arm-xlate.pl
+++ b/src/crypto/perlasm/arm-xlate.pl
@@ -130,9 +130,23 @@
return $line;
}
+print <<___;
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM)
+___
+
print "#if defined(__arm__)\n" if ($flavour eq "linux32");
print "#if defined(__aarch64__)\n" if ($flavour eq "linux64");
+print "#if defined(BORINGSSL_PREFIX)\n";
+print "#include <boringssl_prefix_symbols_asm.h>\n";
+print "#endif\n";
+
while(my $line=<>) {
if ($line =~ m/^\s*(#|@|\/\/)/) { print $line; next; }
@@ -180,5 +194,6 @@
}
print "#endif\n" if ($flavour eq "linux32" || $flavour eq "linux64");
+print "#endif // !OPENSSL_NO_ASM\n";
close STDOUT;
diff --git a/src/crypto/perlasm/ppc-xlate.pl b/src/crypto/perlasm/ppc-xlate.pl
index de796d7..05595f2 100644
--- a/src/crypto/perlasm/ppc-xlate.pl
+++ b/src/crypto/perlasm/ppc-xlate.pl
@@ -255,6 +255,16 @@
" .long ".sprintf "0x%X",(31<<26)|($rt<<21)|($l<<16)|(755<<1);
};
+print <<___;
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)"
+#define OPENSSL_NO_ASM"
+#endif
+#endif
+
+#if !defined(OPENSSL_NO_ASM) && defined(__powerpc64__)
+___
+
while($line=<>) {
$line =~ s|[#!;].*$||; # get rid of asm-style comments...
@@ -296,4 +306,6 @@
print "\n";
}
+print "#endif // !OPENSSL_NO_ASM && __powerpc64__\n";
+
close STDOUT;
diff --git a/src/crypto/perlasm/x86_64-xlate.pl b/src/crypto/perlasm/x86_64-xlate.pl
index e2ea0d2..3ec9b6c 100755
--- a/src/crypto/perlasm/x86_64-xlate.pl
+++ b/src/crypto/perlasm/x86_64-xlate.pl
@@ -1129,13 +1129,31 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
___
} elsif ($masm) {
print <<___;
OPTION DOTNAME
___
}
-print STDOUT "#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)\n" if ($gas);
+
+if ($gas) {
+ print <<___;
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
+#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
+___
+}
while(defined(my $line=<>)) {
diff --git a/src/crypto/pkcs7/CMakeLists.txt b/src/crypto/pkcs7/CMakeLists.txt
deleted file mode 100644
index 65c6566..0000000
--- a/src/crypto/pkcs7/CMakeLists.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-include_directories(../../include)
-
-add_library(
- pkcs7
-
- OBJECT
-
- pkcs7.c
- pkcs7_x509.c
-)
diff --git a/src/crypto/pkcs8/CMakeLists.txt b/src/crypto/pkcs8/CMakeLists.txt
deleted file mode 100644
index 417dce3..0000000
--- a/src/crypto/pkcs8/CMakeLists.txt
+++ /dev/null
@@ -1,11 +0,0 @@
-include_directories(../../include)
-
-add_library(
- pkcs8_lib
-
- OBJECT
-
- pkcs8.c
- pkcs8_x509.c
- p5_pbev2.c
-)
diff --git a/src/crypto/poly1305/CMakeLists.txt b/src/crypto/poly1305/CMakeLists.txt
deleted file mode 100644
index 5dc1b19..0000000
--- a/src/crypto/poly1305/CMakeLists.txt
+++ /dev/null
@@ -1,21 +0,0 @@
-include_directories(../../include)
-
-if(${ARCH} STREQUAL "arm")
- set(
- POLY1305_ARCH_SOURCES
-
- poly1305_arm_asm.S
- )
-endif()
-
-add_library(
- poly1305
-
- OBJECT
-
- poly1305.c
- poly1305_arm.c
- poly1305_vec.c
-
- ${POLY1305_ARCH_SOURCES}
-)
diff --git a/src/crypto/poly1305/poly1305_arm_asm.S b/src/crypto/poly1305/poly1305_arm_asm.S
index b75c8c4..04f7c4c 100644
--- a/src/crypto/poly1305/poly1305_arm_asm.S
+++ b/src/crypto/poly1305/poly1305_arm_asm.S
@@ -1,5 +1,15 @@
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
#if defined(__arm__) && !defined(OPENSSL_NO_ASM) && !defined(__APPLE__)
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
+
# This implementation was taken from the public domain, neon2 version in
# SUPERCOP by D. J. Bernstein and Peter Schwabe.
diff --git a/src/crypto/pool/CMakeLists.txt b/src/crypto/pool/CMakeLists.txt
deleted file mode 100644
index 6f2c784..0000000
--- a/src/crypto/pool/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- pool
-
- OBJECT
-
- pool.c
-)
diff --git a/src/crypto/rand_extra/CMakeLists.txt b/src/crypto/rand_extra/CMakeLists.txt
deleted file mode 100644
index cdd7aa8..0000000
--- a/src/crypto/rand_extra/CMakeLists.txt
+++ /dev/null
@@ -1,13 +0,0 @@
-include_directories(../../include)
-
-add_library(
- rand_extra
-
- OBJECT
-
- deterministic.c
- forkunsafe.c
- fuchsia.c
- rand_extra.c
- windows.c
-)
diff --git a/src/crypto/rand_extra/rand_test.cc b/src/crypto/rand_extra/rand_test.cc
new file mode 100644
index 0000000..bd2eb18
--- /dev/null
+++ b/src/crypto/rand_extra/rand_test.cc
@@ -0,0 +1,184 @@
+/* Copyright (c) 2018, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#include <openssl/rand.h>
+
+#include <gtest/gtest.h>
+
+#include <openssl/span.h>
+
+#include "../test/test_util.h"
+
+#if !defined(OPENSSL_NO_THREADS)
+#include <array>
+#include <thread>
+#include <vector>
+#endif
+
+#if !defined(OPENSSL_WINDOWS)
+#include <errno.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <unistd.h>
+#endif
+
+
+// These tests are, strictly speaking, flaky, but we use large enough buffers
+// that the probability of failing when we should pass is negligible.
+
+TEST(RandTest, NotObviouslyBroken) {
+ static const uint8_t kZeros[256] = {0};
+
+ uint8_t buf1[256], buf2[256];
+ RAND_bytes(buf1, sizeof(buf1));
+ RAND_bytes(buf2, sizeof(buf2));
+
+ EXPECT_NE(Bytes(buf1), Bytes(buf2));
+ EXPECT_NE(Bytes(buf1), Bytes(kZeros));
+ EXPECT_NE(Bytes(buf2), Bytes(kZeros));
+}
+
+#if !defined(OPENSSL_WINDOWS) && !defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE)
+static bool ForkAndRand(bssl::Span<uint8_t> out) {
+ int pipefds[2];
+ if (pipe(pipefds) < 0) {
+ perror("pipe");
+ return false;
+ }
+
+ // This is a multi-threaded process, but GTest does not run tests concurrently
+ // and there currently are no threads, so this should be safe.
+ pid_t child = fork();
+ if (child < 0) {
+ perror("fork");
+ close(pipefds[0]);
+ close(pipefds[1]);
+ return false;
+ }
+
+ if (child == 0) {
+ // This is the child. Generate entropy and write it to the parent.
+ close(pipefds[0]);
+ RAND_bytes(out.data(), out.size());
+ while (!out.empty()) {
+ ssize_t ret = write(pipefds[1], out.data(), out.size());
+ if (ret < 0) {
+ if (errno == EINTR) {
+ continue;
+ }
+ perror("write");
+ _exit(1);
+ }
+ out = out.subspan(static_cast<size_t>(ret));
+ }
+ _exit(0);
+ }
+
+ // This is the parent. Read the entropy from the child.
+ close(pipefds[1]);
+ while (!out.empty()) {
+ ssize_t ret = read(pipefds[0], out.data(), out.size());
+ if (ret <= 0) {
+ if (ret == 0) {
+ fprintf(stderr, "Unexpected EOF from child.\n");
+ } else {
+ if (errno == EINTR) {
+ continue;
+ }
+ perror("read");
+ }
+ close(pipefds[0]);
+ return false;
+ }
+ out = out.subspan(static_cast<size_t>(ret));
+ }
+ close(pipefds[0]);
+
+ // Wait for the child to exit.
+ int status;
+ if (waitpid(child, &status, 0) < 0) {
+ perror("waitpid");
+ return false;
+ }
+ if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
+ fprintf(stderr, "Child did not exit cleanly.\n");
+ return false;
+ }
+
+ return true;
+}
+
+TEST(RandTest, Fork) {
+ static const uint8_t kZeros[16] = {0};
+
+ // Draw a little entropy to initialize any internal PRNG buffering.
+ uint8_t byte;
+ RAND_bytes(&byte, 1);
+
+ // Draw entropy in two child processes and the parent process. This test
+ // intentionally uses smaller buffers than the others, to minimize the chance
+ // of sneaking by with a large enough buffer that we've since reseeded from
+ // the OS.
+ uint8_t buf1[16], buf2[16], buf3[16];
+ ASSERT_TRUE(ForkAndRand(buf1));
+ ASSERT_TRUE(ForkAndRand(buf2));
+ RAND_bytes(buf3, sizeof(buf3));
+
+ // All should be different.
+ EXPECT_NE(Bytes(buf1), Bytes(buf2));
+ EXPECT_NE(Bytes(buf2), Bytes(buf3));
+ EXPECT_NE(Bytes(buf1), Bytes(buf3));
+ EXPECT_NE(Bytes(buf1), Bytes(kZeros));
+ EXPECT_NE(Bytes(buf2), Bytes(kZeros));
+ EXPECT_NE(Bytes(buf3), Bytes(kZeros));
+}
+#endif // !OPENSSL_WINDOWS && !BORINGSSL_UNSAFE_DETERMINISTIC_MODE
+
+#if !defined(OPENSSL_NO_THREADS)
+static void RunConcurrentRands(size_t num_threads) {
+ static const uint8_t kZeros[256] = {0};
+
+ std::vector<std::array<uint8_t, 256>> bufs(num_threads);
+ std::vector<std::thread> threads(num_threads);
+
+ for (size_t i = 0; i < num_threads; i++) {
+ threads[i] =
+ std::thread([i, &bufs] { RAND_bytes(bufs[i].data(), bufs[i].size()); });
+ }
+ for (size_t i = 0; i < num_threads; i++) {
+ threads[i].join();
+ }
+
+ for (size_t i = 0; i < num_threads; i++) {
+ EXPECT_NE(Bytes(bufs[i]), Bytes(kZeros));
+ for (size_t j = i + 1; j < num_threads; j++) {
+ EXPECT_NE(Bytes(bufs[i]), Bytes(bufs[j]));
+ }
+ }
+}
+
+// Test that threads may concurrently draw entropy without tripping TSan.
+TEST(RandTest, Threads) {
+ constexpr size_t kFewerThreads = 10;
+ constexpr size_t kMoreThreads = 20;
+
+ // Draw entropy in parallel.
+ RunConcurrentRands(kFewerThreads);
+ // Draw entropy in parallel with higher concurrency than the previous maximum.
+ RunConcurrentRands(kMoreThreads);
+ // Draw entropy in parallel with lower concurrency than the previous maximum.
+ RunConcurrentRands(kFewerThreads);
+}
+#endif
diff --git a/src/crypto/rc4/CMakeLists.txt b/src/crypto/rc4/CMakeLists.txt
deleted file mode 100644
index a008fe5..0000000
--- a/src/crypto/rc4/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- rc4
-
- OBJECT
-
- rc4.c
-)
diff --git a/src/crypto/rsa_extra/CMakeLists.txt b/src/crypto/rsa_extra/CMakeLists.txt
deleted file mode 100644
index b705f16..0000000
--- a/src/crypto/rsa_extra/CMakeLists.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-include_directories(../../include)
-
-add_library(
- rsa_extra
-
- OBJECT
-
- rsa_asn1.c
- rsa_print.c
-)
diff --git a/src/crypto/stack/CMakeLists.txt b/src/crypto/stack/CMakeLists.txt
deleted file mode 100644
index dcd8ef4..0000000
--- a/src/crypto/stack/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- stack
-
- OBJECT
-
- stack.c
-)
diff --git a/src/crypto/test/CMakeLists.txt b/src/crypto/test/CMakeLists.txt
index 90707dd..3e02c3c 100644
--- a/src/crypto/test/CMakeLists.txt
+++ b/src/crypto/test/CMakeLists.txt
@@ -9,6 +9,8 @@
wycheproof_util.cc
)
+add_dependencies(test_support global_target)
+
add_library(
boringssl_gtest_main
@@ -16,3 +18,5 @@
gtest_main.cc
)
+
+add_dependencies(boringssl_gtest_main global_target)
diff --git a/src/crypto/test/gtest_main.cc b/src/crypto/test/gtest_main.cc
index 4071040..5dc8b23 100644
--- a/src/crypto/test/gtest_main.cc
+++ b/src/crypto/test/gtest_main.cc
@@ -12,13 +12,26 @@
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+#include <string.h>
+
#include <gtest/gtest.h>
+#include <openssl/rand.h>
+
#include "gtest_main.h"
int main(int argc, char **argv) {
testing::InitGoogleTest(&argc, argv);
bssl::SetupGoogleTest();
+
+#if !defined(OPENSSL_WINDOWS)
+ for (int i = 1; i < argc; i++) {
+ if (strcmp(argv[i], "--fork_unsafe_buffering") == 0) {
+ RAND_enable_fork_unsafe_buffering(-1);
+ }
+ }
+#endif
+
return RUN_ALL_TESTS();
}
diff --git a/src/crypto/test/gtest_main.h b/src/crypto/test/gtest_main.h
index d21af10..20ccf21 100644
--- a/src/crypto/test/gtest_main.h
+++ b/src/crypto/test/gtest_main.h
@@ -27,10 +27,12 @@
OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <winsock2.h>
OPENSSL_MSVC_PRAGMA(warning(pop))
+#else
+#include <signal.h>
#endif
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
class ErrorTestEventListener : public testing::EmptyTestEventListener {
public:
@@ -67,13 +69,17 @@
fprintf(stderr, "Didn't get expected version: %x\n", wsa_data.wVersion);
exit(1);
}
+#else
+ // Some tests create pipes. We check return values, so avoid being killed by
+ // |SIGPIPE|.
+ signal(SIGPIPE, SIG_IGN);
#endif
testing::UnitTest::GetInstance()->listeners().Append(
new ErrorTestEventListener);
}
-} // namespace bssl
+BSSL_NAMESPACE_END
#endif // OPENSSL_HEADER_CRYPTO_TEST_GTEST_MAIN_H
diff --git a/src/crypto/x509/CMakeLists.txt b/src/crypto/x509/CMakeLists.txt
deleted file mode 100644
index 74001e7..0000000
--- a/src/crypto/x509/CMakeLists.txt
+++ /dev/null
@@ -1,57 +0,0 @@
-include_directories(../../include)
-
-add_library(
- x509
-
- OBJECT
-
- a_digest.c
- a_sign.c
- a_strex.c
- a_verify.c
- algorithm.c
- asn1_gen.c
- by_dir.c
- by_file.c
- i2d_pr.c
- rsa_pss.c
- t_crl.c
- t_req.c
- t_x509.c
- t_x509a.c
- x509.c
- x509_att.c
- x509_cmp.c
- x509_d2.c
- x509_def.c
- x509_ext.c
- x509_lu.c
- x509_obj.c
- x509_r2x.c
- x509_req.c
- x509_set.c
- x509_trs.c
- x509_txt.c
- x509_v3.c
- x509_vfy.c
- x509_vpm.c
- x509cset.c
- x509name.c
- x509rset.c
- x509spki.c
- x_algor.c
- x_all.c
- x_attrib.c
- x_crl.c
- x_exten.c
- x_info.c
- x_name.c
- x_pkey.c
- x_pubkey.c
- x_req.c
- x_sig.c
- x_spki.c
- x_val.c
- x_x509.c
- x_x509a.c
-)
diff --git a/src/crypto/x509v3/CMakeLists.txt b/src/crypto/x509v3/CMakeLists.txt
deleted file mode 100644
index 6119639..0000000
--- a/src/crypto/x509v3/CMakeLists.txt
+++ /dev/null
@@ -1,45 +0,0 @@
-include_directories(../../include)
-
-add_library(
- x509v3
-
- OBJECT
-
- # v3_addr.c - disabled by upstream by default.
- # v3_asid.c - disabled by upstream by default.
- # v3_ocsp.c - missing OCSP for now.
-
- pcy_cache.c
- pcy_data.c
- pcy_lib.c
- pcy_map.c
- pcy_node.c
- pcy_tree.c
- v3_akey.c
- v3_akeya.c
- v3_alt.c
- v3_bcons.c
- v3_bitst.c
- v3_conf.c
- v3_cpols.c
- v3_crld.c
- v3_enum.c
- v3_extku.c
- v3_genn.c
- v3_ia5.c
- v3_info.c
- v3_int.c
- v3_lib.c
- v3_ncons.c
- v3_ocsp.c
- v3_pci.c
- v3_pcia.c
- v3_pcons.c
- v3_pku.c
- v3_pmaps.c
- v3_prn.c
- v3_purp.c
- v3_skey.c
- v3_sxnet.c
- v3_utl.c
-)
diff --git a/src/decrepit/CMakeLists.txt b/src/decrepit/CMakeLists.txt
index bebc624..1cb5e11 100644
--- a/src/decrepit/CMakeLists.txt
+++ b/src/decrepit/CMakeLists.txt
@@ -1,41 +1,29 @@
include_directories(../include)
-add_subdirectory(bio)
-add_subdirectory(blowfish)
-add_subdirectory(cast)
-add_subdirectory(cfb)
-add_subdirectory(des)
-add_subdirectory(dh)
-add_subdirectory(dsa)
-add_subdirectory(evp)
-add_subdirectory(obj)
-add_subdirectory(rc4)
-add_subdirectory(ripemd)
-add_subdirectory(rsa)
-add_subdirectory(ssl)
-add_subdirectory(x509)
-add_subdirectory(xts)
-
add_library(
decrepit
- $<TARGET_OBJECTS:bio_decrepit>
- $<TARGET_OBJECTS:blowfish>
- $<TARGET_OBJECTS:cast>
- $<TARGET_OBJECTS:cfb>
- $<TARGET_OBJECTS:des_decrepit>
- $<TARGET_OBJECTS:dh_decrepit>
- $<TARGET_OBJECTS:dsa_decrepit>
- $<TARGET_OBJECTS:evp_decrepit>
- $<TARGET_OBJECTS:obj_decrepit>
- $<TARGET_OBJECTS:rc4_decrepit>
- $<TARGET_OBJECTS:ripemd_decrepit>
- $<TARGET_OBJECTS:rsa_decrepit>
- $<TARGET_OBJECTS:ssl_decrepit>
- $<TARGET_OBJECTS:x509_decrepit>
- $<TARGET_OBJECTS:xts>
+ bio/base64_bio.c
+ blowfish/blowfish.c
+ cast/cast.c
+ cast/cast_tables.c
+ cfb/cfb.c
+ des/cfb64ede.c
+ dh/dh_decrepit.c
+ dsa/dsa_decrepit.c
+ evp/dss1.c
+ evp/evp_do_all.c
+ obj/obj_decrepit.c
+ rc4/rc4_decrepit.c
+ ripemd/ripemd.c
+ rsa/rsa_decrepit.c
+ ssl/ssl_decrepit.c
+ x509/x509_decrepit.c
+ xts/xts.c
)
+add_dependencies(decrepit global_target)
+
target_link_libraries(decrepit crypto ssl)
add_executable(
@@ -48,6 +36,8 @@
$<TARGET_OBJECTS:test_support>
)
+add_dependencies(decrepit_test global_target)
+
target_link_libraries(decrepit_test crypto decrepit boringssl_gtest)
if(WIN32)
target_link_libraries(decrepit_test ws2_32)
diff --git a/src/decrepit/bio/CMakeLists.txt b/src/decrepit/bio/CMakeLists.txt
deleted file mode 100644
index 95d9231..0000000
--- a/src/decrepit/bio/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- bio_decrepit
-
- OBJECT
-
- base64_bio.c
-)
diff --git a/src/decrepit/blowfish/CMakeLists.txt b/src/decrepit/blowfish/CMakeLists.txt
deleted file mode 100644
index 29729c4..0000000
--- a/src/decrepit/blowfish/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- blowfish
-
- OBJECT
-
- blowfish.c
-)
diff --git a/src/decrepit/cast/CMakeLists.txt b/src/decrepit/cast/CMakeLists.txt
deleted file mode 100644
index 2830381..0000000
--- a/src/decrepit/cast/CMakeLists.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-include_directories(../../include)
-
-add_library(
- cast
-
- OBJECT
-
- cast.c
- cast_tables.c
-)
diff --git a/src/decrepit/cfb/CMakeLists.txt b/src/decrepit/cfb/CMakeLists.txt
deleted file mode 100644
index 63a0ca5..0000000
--- a/src/decrepit/cfb/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- cfb
-
- OBJECT
-
- cfb.c
-)
diff --git a/src/decrepit/des/CMakeLists.txt b/src/decrepit/des/CMakeLists.txt
deleted file mode 100644
index 0ee5c2e..0000000
--- a/src/decrepit/des/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- des_decrepit
-
- OBJECT
-
- cfb64ede.c
-)
diff --git a/src/decrepit/dh/CMakeLists.txt b/src/decrepit/dh/CMakeLists.txt
deleted file mode 100644
index fb862b5..0000000
--- a/src/decrepit/dh/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- dh_decrepit
-
- OBJECT
-
- dh_decrepit.c
-)
diff --git a/src/decrepit/dsa/CMakeLists.txt b/src/decrepit/dsa/CMakeLists.txt
deleted file mode 100644
index cc64b60..0000000
--- a/src/decrepit/dsa/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- dsa_decrepit
-
- OBJECT
-
- dsa_decrepit.c
-)
diff --git a/src/decrepit/evp/CMakeLists.txt b/src/decrepit/evp/CMakeLists.txt
deleted file mode 100644
index e631a9a..0000000
--- a/src/decrepit/evp/CMakeLists.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-include_directories(../../include)
-
-add_library(
- evp_decrepit
-
- OBJECT
-
- dss1.c
- evp_do_all.c
-)
diff --git a/src/decrepit/obj/CMakeLists.txt b/src/decrepit/obj/CMakeLists.txt
deleted file mode 100644
index caaecd3..0000000
--- a/src/decrepit/obj/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- obj_decrepit
-
- OBJECT
-
- obj_decrepit.c
-)
diff --git a/src/decrepit/rc4/CMakeLists.txt b/src/decrepit/rc4/CMakeLists.txt
deleted file mode 100644
index 459b24e..0000000
--- a/src/decrepit/rc4/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- rc4_decrepit
-
- OBJECT
-
- rc4_decrepit.c
-)
diff --git a/src/decrepit/ripemd/CMakeLists.txt b/src/decrepit/ripemd/CMakeLists.txt
deleted file mode 100644
index d3dd284..0000000
--- a/src/decrepit/ripemd/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- ripemd_decrepit
-
- OBJECT
-
- ripemd.c
-)
diff --git a/src/decrepit/rsa/CMakeLists.txt b/src/decrepit/rsa/CMakeLists.txt
deleted file mode 100644
index 66d836b..0000000
--- a/src/decrepit/rsa/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- rsa_decrepit
-
- OBJECT
-
- rsa_decrepit.c
-)
diff --git a/src/decrepit/ssl/CMakeLists.txt b/src/decrepit/ssl/CMakeLists.txt
deleted file mode 100644
index fba0234..0000000
--- a/src/decrepit/ssl/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- ssl_decrepit
-
- OBJECT
-
- ssl_decrepit.c
-)
diff --git a/src/decrepit/x509/CMakeLists.txt b/src/decrepit/x509/CMakeLists.txt
deleted file mode 100644
index 930912d..0000000
--- a/src/decrepit/x509/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- x509_decrepit
-
- OBJECT
-
- x509_decrepit.c
-)
diff --git a/src/decrepit/xts/CMakeLists.txt b/src/decrepit/xts/CMakeLists.txt
deleted file mode 100644
index 7dccde0..0000000
--- a/src/decrepit/xts/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- xts
-
- OBJECT
-
- xts.c
-)
diff --git a/src/fipstools/CMakeLists.txt b/src/fipstools/CMakeLists.txt
index f0f7b2c..779fcd1 100644
--- a/src/fipstools/CMakeLists.txt
+++ b/src/fipstools/CMakeLists.txt
@@ -29,6 +29,8 @@
$<TARGET_OBJECTS:test_support>
)
+ add_dependencies(cavp global_target)
+
add_executable(
test_fips
@@ -36,6 +38,8 @@
$<TARGET_OBJECTS:test_support>
)
+ add_dependencies(test_fips global_target)
+
target_link_libraries(cavp crypto)
target_link_libraries(test_fips crypto)
endif()
diff --git a/src/include/openssl/aead.h b/src/include/openssl/aead.h
index af31554..f19344e 100644
--- a/src/include/openssl/aead.h
+++ b/src/include/openssl/aead.h
@@ -425,7 +425,7 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
using ScopedEVP_AEAD_CTX =
internal::StackAllocated<EVP_AEAD_CTX, void, EVP_AEAD_CTX_zero,
@@ -433,7 +433,7 @@
BORINGSSL_MAKE_DELETER(EVP_AEAD_CTX, EVP_AEAD_CTX_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/src/include/openssl/asn1.h b/src/include/openssl/asn1.h
index f7b6b86..46e5f53 100644
--- a/src/include/openssl/asn1.h
+++ b/src/include/openssl/asn1.h
@@ -875,13 +875,13 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(ASN1_OBJECT, ASN1_OBJECT_free)
BORINGSSL_MAKE_DELETER(ASN1_STRING, ASN1_STRING_free)
BORINGSSL_MAKE_DELETER(ASN1_TYPE, ASN1_TYPE_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} /* extern C++ */
diff --git a/src/include/openssl/base.h b/src/include/openssl/base.h
index aa1be1f..d134993 100644
--- a/src/include/openssl/base.h
+++ b/src/include/openssl/base.h
@@ -71,6 +71,10 @@
#include <openssl/is_boringssl.h>
#include <openssl/opensslconf.h>
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols.h>
+#endif
+
#if defined(__cplusplus)
extern "C" {
#endif
@@ -227,9 +231,17 @@
#endif
#if __has_feature(memory_sanitizer)
#define OPENSSL_MSAN
+#define OPENSSL_ASM_INCOMPATIBLE
#endif
#endif
+#if defined(OPENSSL_ASM_INCOMPATIBLE)
+#undef OPENSSL_ASM_INCOMPATIBLE
+#if !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif // OPENSSL_ASM_INCOMPATIBLE
+
// CRYPTO_THREADID is a dummy value.
typedef int CRYPTO_THREADID;
@@ -358,6 +370,18 @@
#define BORINGSSL_NO_CXX
#endif
+#if defined(BORINGSSL_PREFIX)
+#define BSSL_NAMESPACE_BEGIN \
+ namespace bssl { \
+ inline namespace BORINGSSL_PREFIX {
+#define BSSL_NAMESPACE_END \
+ } \
+ }
+#else
+#define BSSL_NAMESPACE_BEGIN namespace bssl {
+#define BSSL_NAMESPACE_END }
+#endif
+
// MSVC doesn't set __cplusplus to 201103 to indicate C++11 support (see
// https://connect.microsoft.com/VisualStudio/feedback/details/763051/a-value-of-predefined-macro-cplusplus-is-still-199711l)
// so MSVC is just assumed to support C++11.
@@ -366,6 +390,7 @@
#endif
#if !defined(BORINGSSL_NO_CXX)
+
extern "C++" {
#include <memory>
@@ -387,7 +412,7 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
namespace internal {
@@ -464,7 +489,7 @@
return UpRef(ptr.get()); \
}
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/base64.h b/src/include/openssl/base64.h
index ef76088..c88546d 100644
--- a/src/include/openssl/base64.h
+++ b/src/include/openssl/base64.h
@@ -67,7 +67,10 @@
// base64 functions.
//
// For historical reasons, these functions have the EVP_ prefix but just do
-// base64 encoding and decoding.
+// base64 encoding and decoding. Note that BoringSSL is a cryptography library,
+// so these functions are implemented with side channel protections, at a
+// performance cost. For other base64 uses, use a general-purpose base64
+// implementation.
// Encoding
diff --git a/src/include/openssl/bio.h b/src/include/openssl/bio.h
index adb641b..70c2fbf 100644
--- a/src/include/openssl/bio.h
+++ b/src/include/openssl/bio.h
@@ -677,26 +677,49 @@
OPENSSL_EXPORT int BIO_get_init(BIO *bio);
// These are values of the |cmd| argument to |BIO_ctrl|.
-#define BIO_CTRL_RESET 1 // opt - rewind/zero etc
-#define BIO_CTRL_EOF 2 // opt - are we at the eof
-#define BIO_CTRL_INFO 3 // opt - extra tit-bits
-#define BIO_CTRL_SET 4 // man - set the 'IO' type
-#define BIO_CTRL_GET 5 // man - get the 'IO' type
-#define BIO_CTRL_PUSH 6
-#define BIO_CTRL_POP 7
-#define BIO_CTRL_GET_CLOSE 8 // man - set the 'close' on free
-#define BIO_CTRL_SET_CLOSE 9 // man - set the 'close' on free
-#define BIO_CTRL_PENDING 10 // opt - is their more data buffered
-#define BIO_CTRL_FLUSH 11 // opt - 'flush' buffered output
-#define BIO_CTRL_WPENDING 13 // opt - number of bytes still to write
-// callback is int cb(BIO *bio,state,ret);
-#define BIO_CTRL_SET_CALLBACK 14 // opt - set callback function
-#define BIO_CTRL_GET_CALLBACK 15 // opt - set callback function
-#define BIO_CTRL_SET_FILENAME 30 // BIO_s_file special
-// BIO_CTRL_DUP is never used, but exists to allow code to compile more
-// easily.
-#define BIO_CTRL_DUP 12
+// BIO_CTRL_RESET implements |BIO_reset|. The arguments are unused.
+#define BIO_CTRL_RESET 1
+
+// BIO_CTRL_EOF implements |BIO_eof|. The arguments are unused.
+#define BIO_CTRL_EOF 2
+
+// BIO_CTRL_INFO is a legacy command that returns information specific to the
+// type of |BIO|. It is not safe to call generically and should not be
+// implemented in new |BIO| types.
+#define BIO_CTRL_INFO 3
+
+// BIO_CTRL_GET_CLOSE returns the close flag set by |BIO_CTRL_SET_CLOSE|. The
+// arguments are unused.
+#define BIO_CTRL_GET_CLOSE 8
+
+// BIO_CTRL_SET_CLOSE implements |BIO_set_close|. The |larg| argument is the
+// close flag.
+#define BIO_CTRL_SET_CLOSE 9
+
+// BIO_CTRL_PENDING implements |BIO_pending|. The arguments are unused.
+#define BIO_CTRL_PENDING 10
+
+// BIO_CTRL_FLUSH implements |BIO_flush|. The arguments are unused.
+#define BIO_CTRL_FLUSH 11
+
+// BIO_CTRL_WPENDING implements |BIO_wpending|. The arguments are unused.
+#define BIO_CTRL_WPENDING 13
+
+// BIO_CTRL_SET_CALLBACK sets an informational callback of type
+// int cb(BIO *bio, int state, int ret)
+#define BIO_CTRL_SET_CALLBACK 14
+
+// BIO_CTRL_GET_CALLBACK returns the callback set by |BIO_CTRL_SET_CALLBACK|.
+#define BIO_CTRL_GET_CALLBACK 15
+
+// The following are never used, but are defined to aid porting existing code.
+#define BIO_CTRL_SET 4
+#define BIO_CTRL_GET 5
+#define BIO_CTRL_PUSH 6
+#define BIO_CTRL_POP 7
+#define BIO_CTRL_DUP 12
+#define BIO_CTRL_SET_FILENAME 30
// Deprecated functions.
@@ -706,6 +729,8 @@
// |BIO_flush| when done writing, to signal that no more data are to be
// encoded. The flag |BIO_FLAGS_BASE64_NO_NL| may be set to encode all the data
// on one line.
+//
+// Use |EVP_EncodeBlock| and |EVP_DecodeBase64| instead.
OPENSSL_EXPORT const BIO_METHOD *BIO_f_base64(void);
OPENSSL_EXPORT void BIO_set_retry_special(BIO *bio);
@@ -733,8 +758,8 @@
#define BIO_FLAGS_RWS (BIO_FLAGS_READ | BIO_FLAGS_WRITE | BIO_FLAGS_IO_SPECIAL)
#define BIO_FLAGS_SHOULD_RETRY 0x08
#define BIO_FLAGS_BASE64_NO_NL 0x100
-// This is used with memory BIOs: it means we shouldn't free up or change the
-// data in any way.
+// BIO_FLAGS_MEM_RDONLY is used with memory BIOs. It means we shouldn't free up
+// or change the data in any way.
#define BIO_FLAGS_MEM_RDONLY 0x200
// These are the 'types' of BIOs
@@ -762,7 +787,7 @@
#define BIO_TYPE_ASN1 (22 | 0x0200) // filter
#define BIO_TYPE_COMP (23 | 0x0200) // filter
-// |BIO_TYPE_DESCRIPTOR| denotes that the |BIO| responds to the |BIO_C_SET_FD|
+// BIO_TYPE_DESCRIPTOR denotes that the |BIO| responds to the |BIO_C_SET_FD|
// (|BIO_set_fd|) and |BIO_C_GET_FD| (|BIO_get_fd|) control hooks.
#define BIO_TYPE_DESCRIPTOR 0x0100 // socket, fd, connect or accept
#define BIO_TYPE_FILTER 0x0200
@@ -809,61 +834,61 @@
size_t num_read, num_write;
};
-#define BIO_C_SET_CONNECT 100
-#define BIO_C_DO_STATE_MACHINE 101
-#define BIO_C_SET_NBIO 102
-#define BIO_C_SET_PROXY_PARAM 103
-#define BIO_C_SET_FD 104
-#define BIO_C_GET_FD 105
-#define BIO_C_SET_FILE_PTR 106
-#define BIO_C_GET_FILE_PTR 107
-#define BIO_C_SET_FILENAME 108
-#define BIO_C_SET_SSL 109
-#define BIO_C_GET_SSL 110
-#define BIO_C_SET_MD 111
-#define BIO_C_GET_MD 112
-#define BIO_C_GET_CIPHER_STATUS 113
-#define BIO_C_SET_BUF_MEM 114
-#define BIO_C_GET_BUF_MEM_PTR 115
-#define BIO_C_GET_BUFF_NUM_LINES 116
-#define BIO_C_SET_BUFF_SIZE 117
-#define BIO_C_SET_ACCEPT 118
-#define BIO_C_SSL_MODE 119
-#define BIO_C_GET_MD_CTX 120
-#define BIO_C_GET_PROXY_PARAM 121
-#define BIO_C_SET_BUFF_READ_DATA 122 // data to read first
-#define BIO_C_GET_ACCEPT 124
-#define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
-#define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
-#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
-#define BIO_C_FILE_SEEK 128
-#define BIO_C_GET_CIPHER_CTX 129
-#define BIO_C_SET_BUF_MEM_EOF_RETURN 130 //return end of input value
-#define BIO_C_SET_BIND_MODE 131
-#define BIO_C_GET_BIND_MODE 132
-#define BIO_C_FILE_TELL 133
-#define BIO_C_GET_SOCKS 134
-#define BIO_C_SET_SOCKS 135
+#define BIO_C_SET_CONNECT 100
+#define BIO_C_DO_STATE_MACHINE 101
+#define BIO_C_SET_NBIO 102
+#define BIO_C_SET_PROXY_PARAM 103
+#define BIO_C_SET_FD 104
+#define BIO_C_GET_FD 105
+#define BIO_C_SET_FILE_PTR 106
+#define BIO_C_GET_FILE_PTR 107
+#define BIO_C_SET_FILENAME 108
+#define BIO_C_SET_SSL 109
+#define BIO_C_GET_SSL 110
+#define BIO_C_SET_MD 111
+#define BIO_C_GET_MD 112
+#define BIO_C_GET_CIPHER_STATUS 113
+#define BIO_C_SET_BUF_MEM 114
+#define BIO_C_GET_BUF_MEM_PTR 115
+#define BIO_C_GET_BUFF_NUM_LINES 116
+#define BIO_C_SET_BUFF_SIZE 117
+#define BIO_C_SET_ACCEPT 118
+#define BIO_C_SSL_MODE 119
+#define BIO_C_GET_MD_CTX 120
+#define BIO_C_GET_PROXY_PARAM 121
+#define BIO_C_SET_BUFF_READ_DATA 122 // data to read first
+#define BIO_C_GET_ACCEPT 124
+#define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
+#define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
+#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
+#define BIO_C_FILE_SEEK 128
+#define BIO_C_GET_CIPHER_CTX 129
+#define BIO_C_SET_BUF_MEM_EOF_RETURN 130 // return end of input value
+#define BIO_C_SET_BIND_MODE 131
+#define BIO_C_GET_BIND_MODE 132
+#define BIO_C_FILE_TELL 133
+#define BIO_C_GET_SOCKS 134
+#define BIO_C_SET_SOCKS 135
-#define BIO_C_SET_WRITE_BUF_SIZE 136 // for BIO_s_bio
-#define BIO_C_GET_WRITE_BUF_SIZE 137
-#define BIO_C_GET_WRITE_GUARANTEE 140
-#define BIO_C_GET_READ_REQUEST 141
-#define BIO_C_SHUTDOWN_WR 142
-#define BIO_C_NREAD0 143
-#define BIO_C_NREAD 144
-#define BIO_C_NWRITE0 145
-#define BIO_C_NWRITE 146
-#define BIO_C_RESET_READ_REQUEST 147
-#define BIO_C_SET_MD_CTX 148
+#define BIO_C_SET_WRITE_BUF_SIZE 136 // for BIO_s_bio
+#define BIO_C_GET_WRITE_BUF_SIZE 137
+#define BIO_C_GET_WRITE_GUARANTEE 140
+#define BIO_C_GET_READ_REQUEST 141
+#define BIO_C_SHUTDOWN_WR 142
+#define BIO_C_NREAD0 143
+#define BIO_C_NREAD 144
+#define BIO_C_NWRITE0 145
+#define BIO_C_NWRITE 146
+#define BIO_C_RESET_READ_REQUEST 147
+#define BIO_C_SET_MD_CTX 148
-#define BIO_C_SET_PREFIX 149
-#define BIO_C_GET_PREFIX 150
-#define BIO_C_SET_SUFFIX 151
-#define BIO_C_GET_SUFFIX 152
+#define BIO_C_SET_PREFIX 149
+#define BIO_C_GET_PREFIX 150
+#define BIO_C_SET_SUFFIX 151
+#define BIO_C_GET_SUFFIX 152
-#define BIO_C_SET_EX_ARG 153
-#define BIO_C_GET_EX_ARG 154
+#define BIO_C_SET_EX_ARG 153
+#define BIO_C_GET_EX_ARG 154
#if defined(__cplusplus)
@@ -871,12 +896,12 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(BIO, BIO_free)
BORINGSSL_MAKE_UP_REF(BIO, BIO_up_ref)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/bn.h b/src/include/openssl/bn.h
index e8cc70a..251c717 100644
--- a/src/include/openssl/bn.h
+++ b/src/include/openssl/bn.h
@@ -630,9 +630,12 @@
// BN_pseudo_rand_range is an alias for BN_rand_range.
OPENSSL_EXPORT int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
-// BN_GENCB holds a callback function that is used by generation functions that
-// can take a very long time to complete. Use |BN_GENCB_set| to initialise a
-// |BN_GENCB| structure.
+#define BN_GENCB_GENERATED 0
+#define BN_GENCB_PRIME_TEST 1
+
+// bn_gencb_st, or |BN_GENCB|, holds a callback function that is used by
+// generation functions that can take a very long time to complete. Use
+// |BN_GENCB_set| to initialise a |BN_GENCB| structure.
//
// The callback receives the address of that |BN_GENCB| structure as its last
// argument and the user is free to put an arbitrary pointer in |arg|. The other
@@ -648,9 +651,6 @@
//
// When other code needs to call a BN generation function it will often take a
// BN_GENCB argument and may call the function with other argument values.
-#define BN_GENCB_GENERATED 0
-#define BN_GENCB_PRIME_TEST 1
-
struct bn_gencb_st {
void *arg; // callback-specific data
int (*callback)(int event, int n, struct bn_gencb_st *);
@@ -987,7 +987,7 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(BIGNUM, BN_free)
BORINGSSL_MAKE_DELETER(BN_CTX, BN_CTX_free)
@@ -1005,7 +1005,7 @@
BN_CTXScope &operator=(BN_CTXScope &) = delete;
};
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/src/include/openssl/buf.h b/src/include/openssl/buf.h
index 3f961b8..10a555f 100644
--- a/src/include/openssl/buf.h
+++ b/src/include/openssl/buf.h
@@ -124,11 +124,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(BUF_MEM, BUF_MEM_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/bytestring.h b/src/include/openssl/bytestring.h
index 3057604..1400f2e 100644
--- a/src/include/openssl/bytestring.h
+++ b/src/include/openssl/bytestring.h
@@ -491,11 +491,11 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
using ScopedCBB = internal::StackAllocated<CBB, void, CBB_zero, CBB_cleanup>;
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/src/include/openssl/cipher.h b/src/include/openssl/cipher.h
index 727d7a7..5963413 100644
--- a/src/include/openssl/cipher.h
+++ b/src/include/openssl/cipher.h
@@ -438,7 +438,7 @@
// EVP_CIPH_NO_PADDING disables padding in block ciphers.
#define EVP_CIPH_NO_PADDING 0x800
-// EVP_CIPHER_CTX_ctrl commands.
+// The following are |EVP_CIPHER_CTX_ctrl| commands.
#define EVP_CTRL_INIT 0x0
#define EVP_CTRL_SET_KEY_LENGTH 0x1
#define EVP_CTRL_GET_RC2_KEY_BITS 0x2
@@ -454,15 +454,12 @@
#define EVP_CTRL_AEAD_SET_IV_FIXED 0x12
#define EVP_CTRL_GCM_IV_GEN 0x13
#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
-// Set the GCM invocation field, decrypt only
+// EVP_CTRL_GCM_SET_IV_INV sets the GCM invocation field, decrypt only
#define EVP_CTRL_GCM_SET_IV_INV 0x18
-// GCM TLS constants
-// Length of fixed part of IV derived from PRF
+// The following constants are unused.
#define EVP_GCM_TLS_FIXED_IV_LEN 4
-// Length of explicit part of IV part of TLS records
#define EVP_GCM_TLS_EXPLICIT_IV_LEN 8
-// Length of tag for TLS
#define EVP_GCM_TLS_TAG_LEN 16
// The following are legacy aliases for AEAD |EVP_CIPHER_CTX_ctrl| values.
@@ -574,7 +571,7 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(EVP_CIPHER_CTX, EVP_CIPHER_CTX_free)
@@ -582,7 +579,7 @@
internal::StackAllocated<EVP_CIPHER_CTX, int, EVP_CIPHER_CTX_init,
EVP_CIPHER_CTX_cleanup>;
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/src/include/openssl/cmac.h b/src/include/openssl/cmac.h
index 5e9f3d0..3e8cf92 100644
--- a/src/include/openssl/cmac.h
+++ b/src/include/openssl/cmac.h
@@ -78,11 +78,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(CMAC_CTX, CMAC_CTX_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/conf.h b/src/include/openssl/conf.h
index 4ffce37..07e34ee 100644
--- a/src/include/openssl/conf.h
+++ b/src/include/openssl/conf.h
@@ -162,11 +162,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(CONF, NCONF_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/curve25519.h b/src/include/openssl/curve25519.h
index 332215b..a455389 100644
--- a/src/include/openssl/curve25519.h
+++ b/src/include/openssl/curve25519.h
@@ -188,11 +188,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(SPAKE2_CTX, SPAKE2_CTX_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/dh.h b/src/include/openssl/dh.h
index ae24c25..7188790 100644
--- a/src/include/openssl/dh.h
+++ b/src/include/openssl/dh.h
@@ -278,11 +278,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(DH, DH_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/digest.h b/src/include/openssl/digest.h
index 4a2b710..1a1ca29 100644
--- a/src/include/openssl/digest.h
+++ b/src/include/openssl/digest.h
@@ -295,7 +295,7 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(EVP_MD_CTX, EVP_MD_CTX_free)
@@ -303,7 +303,7 @@
internal::StackAllocated<EVP_MD_CTX, int, EVP_MD_CTX_init,
EVP_MD_CTX_cleanup>;
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/src/include/openssl/dsa.h b/src/include/openssl/dsa.h
index a5fa767..70cde7b 100644
--- a/src/include/openssl/dsa.h
+++ b/src/include/openssl/dsa.h
@@ -417,12 +417,12 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(DSA, DSA_free)
BORINGSSL_MAKE_DELETER(DSA_SIG, DSA_SIG_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/ec.h b/src/include/openssl/ec.h
index dbb72ab..41a9c34 100644
--- a/src/include/openssl/ec.h
+++ b/src/include/openssl/ec.h
@@ -357,12 +357,12 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(EC_POINT, EC_POINT_free)
BORINGSSL_MAKE_DELETER(EC_GROUP, EC_GROUP_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/ec_key.h b/src/include/openssl/ec_key.h
index 6944049..7e9e4e8 100644
--- a/src/include/openssl/ec_key.h
+++ b/src/include/openssl/ec_key.h
@@ -336,11 +336,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(EC_KEY, EC_KEY_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/ecdsa.h b/src/include/openssl/ecdsa.h
index ff326ab..d4d353e 100644
--- a/src/include/openssl/ecdsa.h
+++ b/src/include/openssl/ecdsa.h
@@ -179,11 +179,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(ECDSA_SIG, ECDSA_SIG_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/engine.h b/src/include/openssl/engine.h
index 595e53c..9d45952 100644
--- a/src/include/openssl/engine.h
+++ b/src/include/openssl/engine.h
@@ -94,11 +94,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(ENGINE, ENGINE_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/evp.h b/src/include/openssl/evp.h
index 9b00a07..1d7192d 100644
--- a/src/include/openssl/evp.h
+++ b/src/include/openssl/evp.h
@@ -839,8 +839,12 @@
// constants to 'ctrl' functions. To avoid breaking #ifdefs in consumers, this
// section defines a number of legacy macros.
+// |BORINGSSL_PREFIX| already makes each of these symbols into macros, so there
+// is no need to define conflicting macros.
+#if !defined(BORINGSSL_PREFIX)
#define EVP_PKEY_CTX_set_rsa_oaep_md EVP_PKEY_CTX_set_rsa_oaep_md
#define EVP_PKEY_CTX_set0_rsa_oaep_label EVP_PKEY_CTX_set0_rsa_oaep_label
+#endif
// Private structures.
@@ -870,13 +874,13 @@
} // extern C
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(EVP_PKEY, EVP_PKEY_free)
BORINGSSL_MAKE_UP_REF(EVP_PKEY, EVP_PKEY_up_ref)
BORINGSSL_MAKE_DELETER(EVP_PKEY_CTX, EVP_PKEY_CTX_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/hmac.h b/src/include/openssl/hmac.h
index 977dea6..b5d1e42 100644
--- a/src/include/openssl/hmac.h
+++ b/src/include/openssl/hmac.h
@@ -169,14 +169,14 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(HMAC_CTX, HMAC_CTX_free)
using ScopedHMAC_CTX =
internal::StackAllocated<HMAC_CTX, void, HMAC_CTX_init, HMAC_CTX_cleanup>;
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/src/include/openssl/mem.h b/src/include/openssl/mem.h
index 7d7087e..9f9c00d 100644
--- a/src/include/openssl/mem.h
+++ b/src/include/openssl/mem.h
@@ -142,12 +142,12 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(char, OPENSSL_free)
BORINGSSL_MAKE_DELETER(uint8_t, OPENSSL_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/pkcs7.h b/src/include/openssl/pkcs7.h
index 52b649c..cb6155f 100644
--- a/src/include/openssl/pkcs7.h
+++ b/src/include/openssl/pkcs7.h
@@ -199,11 +199,11 @@
} // extern C
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(PKCS7, PKCS7_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
#endif
diff --git a/src/include/openssl/pkcs8.h b/src/include/openssl/pkcs8.h
index 9a66dd0..ee48f19 100644
--- a/src/include/openssl/pkcs8.h
+++ b/src/include/openssl/pkcs8.h
@@ -215,12 +215,12 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(PKCS12, PKCS12_free)
BORINGSSL_MAKE_DELETER(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/pool.h b/src/include/openssl/pool.h
index 1259f4a..0e4bdd5 100644
--- a/src/include/openssl/pool.h
+++ b/src/include/openssl/pool.h
@@ -87,13 +87,13 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(CRYPTO_BUFFER_POOL, CRYPTO_BUFFER_POOL_free)
BORINGSSL_MAKE_DELETER(CRYPTO_BUFFER, CRYPTO_BUFFER_free)
BORINGSSL_MAKE_UP_REF(CRYPTO_BUFFER, CRYPTO_BUFFER_up_ref)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/rsa.h b/src/include/openssl/rsa.h
index 98bb31c..8098c48 100644
--- a/src/include/openssl/rsa.h
+++ b/src/include/openssl/rsa.h
@@ -175,11 +175,19 @@
// These functions are considered non-mutating for thread-safety purposes and
// may be used concurrently.
-// Padding types for encryption.
+// RSA_PKCS1_PADDING denotes PKCS#1 v1.5 padding. When used with encryption,
+// this is RSAES-PKCS1-v1_5. When used with signing, this is RSASSA-PKCS1-v1_5.
#define RSA_PKCS1_PADDING 1
+
+// RSA_NO_PADDING denotes a raw RSA operation.
#define RSA_NO_PADDING 3
+
+// RSA_PKCS1_OAEP_PADDING denotes the RSAES-OAEP encryption scheme.
#define RSA_PKCS1_OAEP_PADDING 4
-// RSA_PKCS1_PSS_PADDING can only be used via the EVP interface.
+
+// RSA_PKCS1_PSS_PADDING denotes the RSASSA-PSS signature scheme. This value may
+// not be passed into |RSA_sign_raw|, only |EVP_PKEY_CTX_set_rsa_padding|. See
+// also |RSA_sign_pss_mgf1| and |RSA_verify_pss_mgf1|.
#define RSA_PKCS1_PSS_PADDING 6
// RSA_encrypt encrypts |in_len| bytes from |in| to the public key from |rsa|
@@ -285,7 +293,8 @@
//
// The |padding| argument must be one of the |RSA_*_PADDING| values. If in
// doubt, |RSA_PKCS1_PADDING| is the most common but |RSA_PKCS1_PSS_PADDING|
-// (via the |EVP_PKEY| interface) is preferred for new protocols.
+// (via |RSA_sign_pss_mgf1| or the |EVP_PKEY| interface) is preferred for new
+// protocols.
OPENSSL_EXPORT int RSA_sign_raw(RSA *rsa, size_t *out_len, uint8_t *out,
size_t max_out, const uint8_t *in,
size_t in_len, int padding);
@@ -330,7 +339,8 @@
//
// The |padding| argument must be one of the |RSA_*_PADDING| values. If in
// doubt, |RSA_PKCS1_PADDING| is the most common but |RSA_PKCS1_PSS_PADDING|
-// (via the |EVP_PKEY| interface) is preferred for new protocols.
+// (via |RSA_verify_pss_mgf1| or the |EVP_PKEY| interface) is preferred for new
+// protocols.
OPENSSL_EXPORT int RSA_verify_raw(RSA *rsa, size_t *out_len, uint8_t *out,
size_t max_out, const uint8_t *in,
size_t in_len, int padding);
@@ -713,11 +723,11 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(RSA, RSA_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/span.h b/src/include/openssl/span.h
index 5ed96b7..298a722 100644
--- a/src/include/openssl/span.h
+++ b/src/include/openssl/span.h
@@ -25,7 +25,7 @@
#include <cstdlib>
#include <type_traits>
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
template <typename T>
class Span;
@@ -190,7 +190,7 @@
return MakeConstSpan(c.data(), c.size());
}
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/ssl.h b/src/include/openssl/ssl.h
index daa58b0..0d5a444 100644
--- a/src/include/openssl/ssl.h
+++ b/src/include/openssl/ssl.h
@@ -4314,6 +4314,7 @@
//
// These defines exist for node.js, with the hope that we can eliminate the
// need for them over time.
+
#define SSLerr(function, reason) \
ERR_put_error(ERR_LIB_SSL, 0, reason, __FILE__, __LINE__)
@@ -4382,6 +4383,10 @@
#define SSL_CTRL_SET_TMP_RSA doesnt_exist
#define SSL_CTRL_SET_TMP_RSA_CB doesnt_exist
+// |BORINGSSL_PREFIX| already makes each of these symbols into macros, so there
+// is no need to define conflicting macros.
+#if !defined(BORINGSSL_PREFIX)
+
#define DTLSv1_get_timeout DTLSv1_get_timeout
#define DTLSv1_handle_timeout DTLSv1_handle_timeout
#define SSL_CTX_add0_chain_cert SSL_CTX_add0_chain_cert
@@ -4451,6 +4456,8 @@
#define SSL_set_tmp_rsa SSL_set_tmp_rsa
#define SSL_total_renegotiations SSL_total_renegotiations
+#endif // !defined(BORINGSSL_PREFIX)
+
#if defined(__cplusplus)
} // extern C
@@ -4459,7 +4466,7 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(SSL, SSL_free)
BORINGSSL_MAKE_DELETER(SSL_CTX, SSL_CTX_free)
@@ -4571,7 +4578,7 @@
OPENSSL_EXPORT bool SSL_serialize_handback(const SSL *ssl, CBB *out);
OPENSSL_EXPORT bool SSL_apply_handback(SSL *ssl, Span<const uint8_t> handback);
-} // namespace bssl
+BSSL_NAMESPACE_END
} // extern C++
diff --git a/src/include/openssl/stack.h b/src/include/openssl/stack.h
index a1cca59..15b6adf 100644
--- a/src/include/openssl/stack.h
+++ b/src/include/openssl/stack.h
@@ -219,17 +219,17 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
namespace internal {
template <typename T>
struct StackTraits {};
}
-}
+BSSL_NAMESPACE_END
}
#define BORINGSSL_DEFINE_STACK_TRAITS(name, type, is_const) \
extern "C++" { \
- namespace bssl { \
+ BSSL_NAMESPACE_BEGIN \
namespace internal { \
template <> \
struct StackTraits<STACK_OF(name)> { \
@@ -238,7 +238,7 @@
static constexpr bool kIsConst = is_const; \
}; \
} \
- } \
+ BSSL_NAMESPACE_END \
}
#else
@@ -393,7 +393,7 @@
#include <type_traits>
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
namespace internal {
@@ -474,7 +474,7 @@
return true;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
// Define begin() and end() for stack types so C++ range for loops work.
template <typename Stack>
diff --git a/src/include/openssl/x509.h b/src/include/openssl/x509.h
index eeab5ec..72f7314 100644
--- a/src/include/openssl/x509.h
+++ b/src/include/openssl/x509.h
@@ -1129,7 +1129,7 @@
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(NETSCAPE_SPKI, NETSCAPE_SPKI_free)
BORINGSSL_MAKE_DELETER(RSA_PSS_PARAMS, RSA_PSS_PARAMS_free)
@@ -1158,7 +1158,7 @@
internal::StackAllocated<X509_STORE_CTX, void, X509_STORE_CTX_zero,
X509_STORE_CTX_cleanup>;
-} // namespace bssl
+BSSL_NAMESPACE_END
} /* extern C++ */
#endif /* !BORINGSSL_NO_CXX */
diff --git a/src/include/openssl/x509v3.h b/src/include/openssl/x509v3.h
index 1af439d..53e20a0 100644
--- a/src/include/openssl/x509v3.h
+++ b/src/include/openssl/x509v3.h
@@ -751,7 +751,7 @@
extern "C++" {
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
BORINGSSL_MAKE_DELETER(ACCESS_DESCRIPTION, ACCESS_DESCRIPTION_free)
BORINGSSL_MAKE_DELETER(AUTHORITY_KEYID, AUTHORITY_KEYID_free)
@@ -760,7 +760,7 @@
BORINGSSL_MAKE_DELETER(GENERAL_NAME, GENERAL_NAME_free)
BORINGSSL_MAKE_DELETER(POLICYINFO, POLICYINFO_free)
-} // namespace bssl
+BSSL_NAMESPACE_END
} /* extern C++ */
#endif
diff --git a/src/ssl/CMakeLists.txt b/src/ssl/CMakeLists.txt
index 6881089..d6c1294 100644
--- a/src/ssl/CMakeLists.txt
+++ b/src/ssl/CMakeLists.txt
@@ -41,6 +41,8 @@
tls13_server.cc
)
+add_dependencies(ssl global_target)
+
target_link_libraries(ssl crypto)
add_executable(
@@ -53,6 +55,8 @@
$<TARGET_OBJECTS:test_support>
)
+add_dependencies(ssl_test global_target)
+
target_link_libraries(ssl_test ssl crypto boringssl_gtest)
if(WIN32)
target_link_libraries(ssl_test ws2_32)
diff --git a/src/ssl/d1_both.cc b/src/ssl/d1_both.cc
index f22a498..3f7739e 100644
--- a/src/ssl/d1_both.cc
+++ b/src/ssl/d1_both.cc
@@ -127,7 +127,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// TODO(davidben): 28 comes from the size of IP + UDP header. Is this reasonable
// for these values? Notably, why is kMinMTU a function of the transport
@@ -848,4 +848,4 @@
return kMinMTU;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/d1_lib.cc b/src/ssl/d1_lib.cc
index d73e538..0e0b211 100644
--- a/src/ssl/d1_lib.cc
+++ b/src/ssl/d1_lib.cc
@@ -68,7 +68,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// DTLS1_MTU_TIMEOUTS is the maximum number of timeouts to expire
// before starting to decrease the MTU.
@@ -187,7 +187,7 @@
return true;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/src/ssl/d1_pkt.cc b/src/ssl/d1_pkt.cc
index a694c5f..be595b0 100644
--- a/src/ssl/d1_pkt.cc
+++ b/src/ssl/d1_pkt.cc
@@ -126,7 +126,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
ssl_open_record_t dtls1_open_app_data(SSL *ssl, Span<uint8_t> *out,
size_t *out_consumed, uint8_t *out_alert,
@@ -271,4 +271,4 @@
return 1;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/dtls_record.cc b/src/ssl/dtls_record.cc
index d348601..992fb52 100644
--- a/src/ssl/dtls_record.cc
+++ b/src/ssl/dtls_record.cc
@@ -121,7 +121,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// to_u64_be treats |in| as a 8-byte big-endian integer and returns the value as
// a |uint64_t|.
@@ -137,13 +137,13 @@
// dtls1_bitmap_should_discard returns one if |seq_num| has been seen in
// |bitmap| or is stale. Otherwise it returns zero.
-static int dtls1_bitmap_should_discard(DTLS1_BITMAP *bitmap,
- const uint8_t seq_num[8]) {
+static bool dtls1_bitmap_should_discard(DTLS1_BITMAP *bitmap,
+ const uint8_t seq_num[8]) {
const unsigned kWindowSize = sizeof(bitmap->map) * 8;
uint64_t seq_num_u = to_u64_be(seq_num);
if (seq_num_u > bitmap->max_seq_num) {
- return 0;
+ return false;
}
uint64_t idx = bitmap->max_seq_num - seq_num_u;
return idx >= kWindowSize || (bitmap->map & (((uint64_t)1) << idx));
@@ -291,14 +291,14 @@
get_write_aead(ssl, use_epoch)->ExplicitNonceLen();
}
-int dtls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,
- uint8_t type, const uint8_t *in, size_t in_len,
- enum dtls1_use_epoch_t use_epoch) {
+bool dtls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,
+ uint8_t type, const uint8_t *in, size_t in_len,
+ enum dtls1_use_epoch_t use_epoch) {
const size_t prefix = dtls_seal_prefix_len(ssl, use_epoch);
if (buffers_alias(in, in_len, out, max_out) &&
(max_out < prefix || out + prefix != in)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_OUTPUT_ALIASES_INPUT);
- return 0;
+ return false;
}
// Determine the parameters for the current epoch.
@@ -314,7 +314,7 @@
if (max_out < DTLS1_RT_HEADER_LENGTH) {
OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL);
- return 0;
+ return false;
}
out[0] = type;
@@ -330,7 +330,7 @@
size_t ciphertext_len;
if (!aead->CiphertextLen(&ciphertext_len, in_len, 0)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_RECORD_TOO_LARGE);
- return 0;
+ return false;
}
out[11] = ciphertext_len >> 8;
out[12] = ciphertext_len & 0xff;
@@ -341,13 +341,13 @@
max_out - DTLS1_RT_HEADER_LENGTH, type, record_version,
&out[3] /* seq */, header, in, in_len) ||
!ssl_record_sequence_update(&seq[2], 6)) {
- return 0;
+ return false;
}
assert(ciphertext_len == len_copy);
*out_len = DTLS1_RT_HEADER_LENGTH + ciphertext_len;
ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_HEADER, header);
- return 1;
+ return true;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/handoff.cc b/src/ssl/handoff.cc
index 68cac5b..a47b7c1 100644
--- a/src/ssl/handoff.cc
+++ b/src/ssl/handoff.cc
@@ -19,7 +19,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
constexpr int kHandoffVersion = 0;
constexpr int kHandbackVersion = 0;
@@ -359,4 +359,4 @@
return CBS_len(&seq) == 0;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/handshake.cc b/src/ssl/handshake.cc
index 8e5c62c..963038f 100644
--- a/src/ssl/handshake.cc
+++ b/src/ssl/handshake.cc
@@ -122,7 +122,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
SSL_HANDSHAKE::SSL_HANDSHAKE(SSL *ssl_arg)
: ssl(ssl_arg),
@@ -667,4 +667,4 @@
}
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/handshake_client.cc b/src/ssl/handshake_client.cc
index 9f9e483..ae96bcf 100644
--- a/src/ssl/handshake_client.cc
+++ b/src/ssl/handshake_client.cc
@@ -166,12 +166,13 @@
#include <openssl/md5.h>
#include <openssl/mem.h>
#include <openssl/rand.h>
+#include <openssl/sha.h>
#include "../crypto/internal.h"
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
enum ssl_client_hs_state_t {
state_start_connect = 0,
@@ -212,20 +213,20 @@
}
}
-static int ssl_write_client_cipher_list(SSL_HANDSHAKE *hs, CBB *out) {
+static bool ssl_write_client_cipher_list(SSL_HANDSHAKE *hs, CBB *out) {
SSL *const ssl = hs->ssl;
uint32_t mask_a, mask_k;
ssl_get_client_disabled(hs, &mask_a, &mask_k);
CBB child;
if (!CBB_add_u16_length_prefixed(out, &child)) {
- return 0;
+ return false;
}
// Add a fake cipher suite. See draft-davidben-tls-grease-01.
if (ssl->ctx->grease_enabled &&
!CBB_add_u16(&child, ssl_get_grease_value(hs, ssl_grease_cipher))) {
- return 0;
+ return false;
}
// Add TLS 1.3 ciphers. Order ChaCha20-Poly1305 relative to AES-GCM based on
@@ -233,20 +234,20 @@
if (hs->max_version >= TLS1_3_VERSION) {
if (!EVP_has_aes_hardware() &&
!CBB_add_u16(&child, TLS1_CK_CHACHA20_POLY1305_SHA256 & 0xffff)) {
- return 0;
+ return false;
}
if (!CBB_add_u16(&child, TLS1_CK_AES_128_GCM_SHA256 & 0xffff) ||
!CBB_add_u16(&child, TLS1_CK_AES_256_GCM_SHA384 & 0xffff)) {
- return 0;
+ return false;
}
if (EVP_has_aes_hardware() &&
!CBB_add_u16(&child, TLS1_CK_CHACHA20_POLY1305_SHA256 & 0xffff)) {
- return 0;
+ return false;
}
}
if (hs->min_version < TLS1_3_VERSION) {
- int any_enabled = 0;
+ bool any_enabled = false;
for (const SSL_CIPHER *cipher : SSL_get_ciphers(ssl)) {
// Skip disabled ciphers
if ((cipher->algorithm_mkey & mask_k) ||
@@ -257,53 +258,53 @@
SSL_CIPHER_get_max_version(cipher) < hs->min_version) {
continue;
}
- any_enabled = 1;
+ any_enabled = true;
if (!CBB_add_u16(&child, ssl_cipher_get_value(cipher))) {
- return 0;
+ return false;
}
}
// If all ciphers were disabled, return the error to the caller.
if (!any_enabled && hs->max_version < TLS1_3_VERSION) {
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CIPHERS_AVAILABLE);
- return 0;
+ return false;
}
}
if (ssl->mode & SSL_MODE_SEND_FALLBACK_SCSV) {
if (!CBB_add_u16(&child, SSL3_CK_FALLBACK_SCSV & 0xffff)) {
- return 0;
+ return false;
}
}
return CBB_flush(out);
}
-int ssl_write_client_hello(SSL_HANDSHAKE *hs) {
+bool ssl_write_client_hello(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
ScopedCBB cbb;
CBB body;
if (!ssl->method->init_message(ssl, cbb.get(), &body, SSL3_MT_CLIENT_HELLO)) {
- return 0;
+ return false;
}
CBB child;
if (!CBB_add_u16(&body, hs->client_version) ||
!CBB_add_bytes(&body, ssl->s3->client_random, SSL3_RANDOM_SIZE) ||
!CBB_add_u8_length_prefixed(&body, &child)) {
- return 0;
+ return false;
}
// Do not send a session ID on renegotiation.
if (!ssl->s3->initial_handshake_complete &&
!CBB_add_bytes(&child, hs->session_id, hs->session_id_len)) {
- return 0;
+ return false;
}
if (SSL_is_dtls(ssl)) {
if (!CBB_add_u8_length_prefixed(&body, &child) ||
!CBB_add_bytes(&child, ssl->d1->cookie, ssl->d1->cookie_len)) {
- return 0;
+ return false;
}
}
@@ -313,19 +314,19 @@
!CBB_add_u8(&body, 1 /* one compression method */) ||
!CBB_add_u8(&body, 0 /* null compression */) ||
!ssl_add_clienthello_tlsext(hs, &body, header_len + CBB_len(&body))) {
- return 0;
+ return false;
}
Array<uint8_t> msg;
if (!ssl->method->finish_message(ssl, cbb.get(), &msg)) {
- return 0;
+ return false;
}
// Now that the length prefixes have been computed, fill in the placeholder
// PSK binder.
if (hs->needs_psk_binder &&
!tls13_write_psk_binder(hs, msg.data(), msg.size())) {
- return 0;
+ return false;
}
return ssl->method->add_message(ssl, std::move(msg));
@@ -607,7 +608,7 @@
}
}
- if (!ssl->s3->initial_handshake_complete && ssl->session != NULL &&
+ if (!ssl->s3->initial_handshake_complete && ssl->session != nullptr &&
ssl->session->session_id_length != 0 &&
CBS_mem_equal(&session_id, ssl->session->session_id,
ssl->session->session_id_length)) {
@@ -1606,14 +1607,11 @@
}
session->ticket_lifetime_hint = ticket_lifetime_hint;
- // Generate a session ID for this session based on the session ticket. We use
- // the session ID mechanism for detecting ticket resumption. This also fits in
- // with assumptions elsewhere in OpenSSL.
- if (!EVP_Digest(CBS_data(&ticket), CBS_len(&ticket),
- session->session_id, &session->session_id_length,
- EVP_sha256(), NULL)) {
- return ssl_hs_error;
- }
+ // Generate a session ID for this session. Some callers expect all sessions to
+ // have a session ID. Additionally, it acts as the session ID to signal
+ // resumption.
+ SHA256(CBS_data(&ticket), CBS_len(&ticket), session->session_id);
+ session->session_id_length = SHA256_DIGEST_LENGTH;
if (renewed_session) {
session->not_resumable = false;
@@ -1822,4 +1820,4 @@
return "TLS client unknown";
}
-}
+BSSL_NAMESPACE_END
diff --git a/src/ssl/handshake_server.cc b/src/ssl/handshake_server.cc
index f0ed0d8..c546088 100644
--- a/src/ssl/handshake_server.cc
+++ b/src/ssl/handshake_server.cc
@@ -170,7 +170,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
bool ssl_client_cipher_list_contains_cipher(
const SSL_CLIENT_HELLO *client_hello, uint16_t id) {
@@ -1626,4 +1626,4 @@
return "TLS server unknown";
}
-}
+BSSL_NAMESPACE_END
diff --git a/src/ssl/internal.h b/src/ssl/internal.h
index 087f5fb..7ba23ef 100644
--- a/src/ssl/internal.h
+++ b/src/ssl/internal.h
@@ -173,7 +173,7 @@
#endif
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
struct SSL_CONFIG;
struct SSL_HANDSHAKE;
@@ -414,7 +414,7 @@
// Cipher suites.
-} // namespace bssl
+BSSL_NAMESPACE_END
struct ssl_cipher_st {
// name is the OpenSSL name for the cipher.
@@ -432,7 +432,7 @@
uint32_t algorithm_prf;
};
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// Bits for |algorithm_mkey| (key exchange algorithm).
#define SSL_kRSA 0x00000001u
@@ -522,7 +522,7 @@
bool ssl_cipher_get_evp_aead(const EVP_AEAD **out_aead,
size_t *out_mac_secret_len,
size_t *out_fixed_iv_len, const SSL_CIPHER *cipher,
- uint16_t version, int is_dtls);
+ uint16_t version, bool is_dtls);
// ssl_get_handshake_digest returns the |EVP_MD| corresponding to |version| and
// |cipher|.
@@ -659,7 +659,7 @@
// resulting object, depending on |direction|. |version| is the normalized
// protocol version, so DTLS 1.0 is represented as 0x0301, not 0xffef.
static UniquePtr<SSLAEADContext> Create(enum evp_aead_direction_t direction,
- uint16_t version, int is_dtls,
+ uint16_t version, bool is_dtls,
const SSL_CIPHER *cipher,
Span<const uint8_t> enc_key,
Span<const uint8_t> mac_key,
@@ -797,8 +797,8 @@
// Record layer.
// ssl_record_sequence_update increments the sequence number in |seq|. It
-// returns one on success and zero on wraparound.
-int ssl_record_sequence_update(uint8_t *seq, size_t seq_len);
+// returns true on success and false on wraparound.
+bool ssl_record_sequence_update(uint8_t *seq, size_t seq_len);
// ssl_record_prefix_len returns the length of the prefix before the ciphertext
// of a record for |ssl|.
@@ -863,9 +863,9 @@
size_t ssl_seal_align_prefix_len(const SSL *ssl);
// tls_seal_record seals a new record of type |type| and body |in| and writes it
-// to |out|. At most |max_out| bytes will be written. It returns one on success
-// and zero on error. If enabled, |tls_seal_record| implements TLS 1.0 CBC 1/n-1
-// record splitting and may write two records concatenated.
+// to |out|. At most |max_out| bytes will be written. It returns true on success
+// and false on error. If enabled, |tls_seal_record| implements TLS 1.0 CBC
+// 1/n-1 record splitting and may write two records concatenated.
//
// For a large record, the bulk of the ciphertext will begin
// |ssl_seal_align_prefix_len| bytes into out. Aligning |out| appropriately may
@@ -873,8 +873,8 @@
// bytes to |out|.
//
// |in| and |out| may not alias.
-int tls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,
- uint8_t type, const uint8_t *in, size_t in_len);
+bool tls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,
+ uint8_t type, const uint8_t *in, size_t in_len);
enum dtls1_use_epoch_t {
dtls1_use_previous_epoch,
@@ -893,9 +893,9 @@
// which epoch's cipher state to use. Unlike |tls_seal_record|, |in| and |out|
// may alias but, if they do, |in| must be exactly |dtls_seal_prefix_len| bytes
// ahead of |out|.
-int dtls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,
- uint8_t type, const uint8_t *in, size_t in_len,
- enum dtls1_use_epoch_t use_epoch);
+bool dtls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,
+ uint8_t type, const uint8_t *in, size_t in_len,
+ enum dtls1_use_epoch_t use_epoch);
// ssl_process_alert processes |in| as an alert and updates |ssl|'s shutdown
// state. It returns one of |ssl_open_record_discard|, |ssl_open_record_error|,
@@ -907,9 +907,8 @@
// Private key operations.
-// ssl_has_private_key returns one if |cfg| has a private key configured and
-// zero otherwise.
-int ssl_has_private_key(const SSL_CONFIG *cfg);
+// ssl_has_private_key returns whether |cfg| has a private key configured.
+bool ssl_has_private_key(const SSL_CONFIG *cfg);
// ssl_private_key_* perform the corresponding operation on
// |SSL_PRIVATE_KEY_METHOD|. If there is a custom private key configured, they
@@ -990,14 +989,14 @@
};
// ssl_nid_to_group_id looks up the group corresponding to |nid|. On success, it
-// sets |*out_group_id| to the group ID and returns one. Otherwise, it returns
-// zero.
-int ssl_nid_to_group_id(uint16_t *out_group_id, int nid);
+// sets |*out_group_id| to the group ID and returns true. Otherwise, it returns
+// false.
+bool ssl_nid_to_group_id(uint16_t *out_group_id, int nid);
-// ssl_name_to_group_id looks up the group corresponding to the |name| string
-// of length |len|. On success, it sets |*out_group_id| to the group ID and
-// returns one. Otherwise, it returns zero.
-int ssl_name_to_group_id(uint16_t *out_group_id, const char *name, size_t len);
+// ssl_name_to_group_id looks up the group corresponding to the |name| string of
+// length |len|. On success, it sets |*out_group_id| to the group ID and returns
+// true. Otherwise, it returns false.
+bool ssl_name_to_group_id(uint16_t *out_group_id, const char *name, size_t len);
// Handshake messages.
@@ -1146,9 +1145,9 @@
// Certificate functions.
-// ssl_has_certificate returns one if a certificate and private key are
-// configured and zero otherwise.
-int ssl_has_certificate(const SSL_CONFIG *cfg);
+// ssl_has_certificate returns whether a certificate and private key are
+// configured.
+bool ssl_has_certificate(const SSL_CONFIG *cfg);
// ssl_parse_cert_chain parses a certificate list from |cbs| in the format used
// by a TLS Certificate message. On success, it advances |cbs| and returns
@@ -1169,14 +1168,14 @@
// ssl_add_cert_chain adds |hs->ssl|'s certificate chain to |cbb| in the format
// used by a TLS Certificate message. If there is no certificate chain, it emits
-// an empty certificate list. It returns one on success and zero on error.
-int ssl_add_cert_chain(SSL_HANDSHAKE *hs, CBB *cbb);
+// an empty certificate list. It returns true on success and false on error.
+bool ssl_add_cert_chain(SSL_HANDSHAKE *hs, CBB *cbb);
// ssl_cert_check_digital_signature_key_usage parses the DER-encoded, X.509
-// certificate in |in| and returns one if doesn't specify a key usage or, if it
-// does, if it includes digitalSignature. Otherwise it pushes to the error
-// queue and returns zero.
-int ssl_cert_check_digital_signature_key_usage(const CBS *in);
+// certificate in |in| and returns true if doesn't specify a key usage or, if it
+// does, if it includes digitalSignature. Otherwise it pushes to the error queue
+// and returns false.
+bool ssl_cert_check_digital_signature_key_usage(const CBS *in);
// ssl_cert_parse_pubkey extracts the public key from the DER-encoded, X.509
// certificate in |in|. It returns an allocated |EVP_PKEY| or else returns
@@ -1195,80 +1194,80 @@
bool ssl_has_client_CAs(const SSL_CONFIG *cfg);
// ssl_add_client_CA_list adds the configured CA list to |cbb| in the format
-// used by a TLS CertificateRequest message. It returns one on success and zero
-// on error.
-int ssl_add_client_CA_list(SSL_HANDSHAKE *hs, CBB *cbb);
+// used by a TLS CertificateRequest message. It returns true on success and
+// false on error.
+bool ssl_add_client_CA_list(SSL_HANDSHAKE *hs, CBB *cbb);
// ssl_check_leaf_certificate returns one if |pkey| and |leaf| are suitable as
// a server's leaf certificate for |hs|. Otherwise, it returns zero and pushes
// an error on the error queue.
-int ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey,
+bool ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey,
const CRYPTO_BUFFER *leaf);
// ssl_on_certificate_selected is called once the certificate has been selected.
// It finalizes the certificate and initializes |hs->local_pubkey|. It returns
-// one on success and zero on error.
-int ssl_on_certificate_selected(SSL_HANDSHAKE *hs);
+// true on success and false on error.
+bool ssl_on_certificate_selected(SSL_HANDSHAKE *hs);
// TLS 1.3 key derivation.
// tls13_init_key_schedule initializes the handshake hash and key derivation
// state, and incorporates the PSK. The cipher suite and PRF hash must have been
-// selected at this point. It returns one on success and zero on error.
-int tls13_init_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk,
- size_t psk_len);
+// selected at this point. It returns true on success and false on error.
+bool tls13_init_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk,
+ size_t psk_len);
// tls13_init_early_key_schedule initializes the handshake hash and key
// derivation state from the resumption secret and incorporates the PSK to
// derive the early secrets. It returns one on success and zero on error.
-int tls13_init_early_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk,
- size_t psk_len);
+bool tls13_init_early_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk,
+ size_t psk_len);
// tls13_advance_key_schedule incorporates |in| into the key schedule with
-// HKDF-Extract. It returns one on success and zero on error.
-int tls13_advance_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *in,
+// HKDF-Extract. It returns true on success and false on error.
+bool tls13_advance_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *in,
size_t len);
// tls13_set_traffic_key sets the read or write traffic keys to
-// |traffic_secret|. It returns one on success and zero on error.
-int tls13_set_traffic_key(SSL *ssl, enum evp_aead_direction_t direction,
- const uint8_t *traffic_secret,
- size_t traffic_secret_len);
+// |traffic_secret|. It returns true on success and false on error.
+bool tls13_set_traffic_key(SSL *ssl, enum evp_aead_direction_t direction,
+ const uint8_t *traffic_secret,
+ size_t traffic_secret_len);
-// tls13_derive_early_secrets derives the early traffic secret. It returns one
-// on success and zero on error.
-int tls13_derive_early_secrets(SSL_HANDSHAKE *hs);
+// tls13_derive_early_secrets derives the early traffic secret. It returns true
+// on success and false on error.
+bool tls13_derive_early_secrets(SSL_HANDSHAKE *hs);
// tls13_derive_handshake_secrets derives the handshake traffic secret. It
-// returns one on success and zero on error.
-int tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs);
+// returns true on success and false on error.
+bool tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs);
// tls13_rotate_traffic_key derives the next read or write traffic secret. It
-// returns one on success and zero on error.
-int tls13_rotate_traffic_key(SSL *ssl, enum evp_aead_direction_t direction);
+// returns true on success and false on error.
+bool tls13_rotate_traffic_key(SSL *ssl, enum evp_aead_direction_t direction);
// tls13_derive_application_secrets derives the initial application data traffic
// and exporter secrets based on the handshake transcripts and |master_secret|.
-// It returns one on success and zero on error.
-int tls13_derive_application_secrets(SSL_HANDSHAKE *hs);
+// It returns true on success and false on error.
+bool tls13_derive_application_secrets(SSL_HANDSHAKE *hs);
// tls13_derive_resumption_secret derives the |resumption_secret|.
-int tls13_derive_resumption_secret(SSL_HANDSHAKE *hs);
+bool tls13_derive_resumption_secret(SSL_HANDSHAKE *hs);
// tls13_export_keying_material provides an exporter interface to use the
// |exporter_secret|.
-int tls13_export_keying_material(SSL *ssl, Span<uint8_t> out,
- Span<const uint8_t> secret,
- Span<const char> label,
- Span<const uint8_t> context);
+bool tls13_export_keying_material(SSL *ssl, Span<uint8_t> out,
+ Span<const uint8_t> secret,
+ Span<const char> label,
+ Span<const uint8_t> context);
// tls13_finished_mac calculates the MAC of the handshake transcript to verify
// the integrity of the Finished message, and stores the result in |out| and
-// length in |out_len|. |is_server| is 1 if this is for the Server Finished and
-// 0 for the Client Finished.
-int tls13_finished_mac(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len,
- int is_server);
+// length in |out_len|. |is_server| is true if this is for the Server Finished
+// and false for the Client Finished.
+bool tls13_finished_mac(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len,
+ bool is_server);
// tls13_derive_session_psk calculates the PSK for this session based on the
// resumption master secret and |nonce|. It returns true on success, and false
@@ -1276,15 +1275,15 @@
bool tls13_derive_session_psk(SSL_SESSION *session, Span<const uint8_t> nonce);
// tls13_write_psk_binder calculates the PSK binder value and replaces the last
-// bytes of |msg| with the resulting value. It returns 1 on success, and 0 on
-// failure.
-int tls13_write_psk_binder(SSL_HANDSHAKE *hs, uint8_t *msg, size_t len);
+// bytes of |msg| with the resulting value. It returns true on success, and
+// false on failure.
+bool tls13_write_psk_binder(SSL_HANDSHAKE *hs, uint8_t *msg, size_t len);
-// tls13_verify_psk_binder verifies that the handshake transcript, truncated
-// up to the binders has a valid signature using the value of |session|'s
-// resumption secret. It returns 1 on success, and 0 on failure.
-int tls13_verify_psk_binder(SSL_HANDSHAKE *hs, SSL_SESSION *session,
- const SSLMessage &msg, CBS *binders);
+// tls13_verify_psk_binder verifies that the handshake transcript, truncated up
+// to the binders has a valid signature using the value of |session|'s
+// resumption secret. It returns true on success, and false on failure.
+bool tls13_verify_psk_binder(SSL_HANDSHAKE *hs, SSL_SESSION *session,
+ const SSLMessage &msg, CBS *binders);
// Handshake functions.
@@ -1616,29 +1615,29 @@
const char *tls13_client_handshake_state(SSL_HANDSHAKE *hs);
const char *tls13_server_handshake_state(SSL_HANDSHAKE *hs);
-// tls13_post_handshake processes a post-handshake message. It returns one on
-// success and zero on failure.
-int tls13_post_handshake(SSL *ssl, const SSLMessage &msg);
+// tls13_post_handshake processes a post-handshake message. It returns true on
+// success and false on failure.
+bool tls13_post_handshake(SSL *ssl, const SSLMessage &msg);
-int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
- int allow_anonymous);
-int tls13_process_certificate_verify(SSL_HANDSHAKE *hs, const SSLMessage &msg);
+bool tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
+ bool allow_anonymous);
+bool tls13_process_certificate_verify(SSL_HANDSHAKE *hs, const SSLMessage &msg);
// tls13_process_finished processes |msg| as a Finished message from the
-// peer. If |use_saved_value| is one, the verify_data is compared against
+// peer. If |use_saved_value| is true, the verify_data is compared against
// |hs->expected_client_finished| rather than computed fresh.
-int tls13_process_finished(SSL_HANDSHAKE *hs, const SSLMessage &msg,
- int use_saved_value);
+bool tls13_process_finished(SSL_HANDSHAKE *hs, const SSLMessage &msg,
+ bool use_saved_value);
-int tls13_add_certificate(SSL_HANDSHAKE *hs);
+bool tls13_add_certificate(SSL_HANDSHAKE *hs);
// tls13_add_certificate_verify adds a TLS 1.3 CertificateVerify message to the
// handshake. If it returns |ssl_private_key_retry|, it should be called again
// to retry when the signing operation is completed.
enum ssl_private_key_result_t tls13_add_certificate_verify(SSL_HANDSHAKE *hs);
-int tls13_add_finished(SSL_HANDSHAKE *hs);
-int tls13_process_new_session_ticket(SSL *ssl, const SSLMessage &msg);
+bool tls13_add_finished(SSL_HANDSHAKE *hs);
+bool tls13_process_new_session_ticket(SSL *ssl, const SSLMessage &msg);
bool ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs,
Array<uint8_t> *out_secret,
@@ -1660,7 +1659,7 @@
// returns whether it's valid.
bool ssl_is_sct_list_valid(const CBS *contents);
-int ssl_write_client_hello(SSL_HANDSHAKE *hs);
+bool ssl_write_client_hello(SSL_HANDSHAKE *hs);
enum ssl_cert_verify_context_t {
ssl_cert_verify_server,
@@ -2015,13 +2014,13 @@
uint16_t alg_id = 0;
};
-} // namespace bssl
+BSSL_NAMESPACE_END
DECLARE_LHASH_OF(SSL_SESSION)
DEFINE_NAMED_STACK_OF(CertCompressionAlg, bssl::CertCompressionAlg);
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// An ssl_shutdown_t describes the shutdown state of one end of the connection,
// whether it is alive or has been shutdown via close_notify or fatal alert.
@@ -2476,14 +2475,14 @@
UniquePtr<CERT> ssl_cert_dup(CERT *cert);
void ssl_cert_clear_certs(CERT *cert);
-int ssl_set_cert(CERT *cert, UniquePtr<CRYPTO_BUFFER> buffer);
-int ssl_is_key_type_supported(int key_type);
-// ssl_compare_public_and_private_key returns one if |pubkey| is the public
-// counterpart to |privkey|. Otherwise it returns zero and pushes a helpful
+bool ssl_set_cert(CERT *cert, UniquePtr<CRYPTO_BUFFER> buffer);
+bool ssl_is_key_type_supported(int key_type);
+// ssl_compare_public_and_private_key returns true if |pubkey| is the public
+// counterpart to |privkey|. Otherwise it returns false and pushes a helpful
// message on the error queue.
-int ssl_compare_public_and_private_key(const EVP_PKEY *pubkey,
+bool ssl_compare_public_and_private_key(const EVP_PKEY *pubkey,
const EVP_PKEY *privkey);
-int ssl_cert_check_private_key(const CERT *cert, const EVP_PKEY *privkey);
+bool ssl_cert_check_private_key(const CERT *cert, const EVP_PKEY *privkey);
int ssl_get_new_session(SSL_HANDSHAKE *hs, int is_server);
int ssl_encrypt_ticket(SSL_HANDSHAKE *hs, CBB *out, const SSL_SESSION *session);
int ssl_ctx_rotate_ticket_encryption_key(SSL_CTX *ctx);
@@ -2749,7 +2748,7 @@
// current state of the error queue.
void ssl_set_read_error(SSL *ssl);
-} // namespace bssl
+BSSL_NAMESPACE_END
// Opaque C types.
diff --git a/src/ssl/s3_both.cc b/src/ssl/s3_both.cc
index 98896a3..c1d4b65 100644
--- a/src/ssl/s3_both.cc
+++ b/src/ssl/s3_both.cc
@@ -130,7 +130,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
static bool add_record_to_flight(SSL *ssl, uint8_t type,
Span<const uint8_t> in) {
@@ -636,4 +636,4 @@
}
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/s3_lib.cc b/src/ssl/s3_lib.cc
index 0b24f94..0e0770c 100644
--- a/src/ssl/s3_lib.cc
+++ b/src/ssl/s3_lib.cc
@@ -162,7 +162,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
SSL3_STATE::SSL3_STATE()
: skip_early_data(false),
@@ -215,4 +215,4 @@
ssl->s3 = NULL;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/s3_pkt.cc b/src/ssl/s3_pkt.cc
index 50e709b..1ccbf9f 100644
--- a/src/ssl/s3_pkt.cc
+++ b/src/ssl/s3_pkt.cc
@@ -122,7 +122,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
static int do_ssl3_write(SSL *ssl, int type, const uint8_t *in, unsigned len);
@@ -425,4 +425,4 @@
return 1;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/span_test.cc b/src/ssl/span_test.cc
index 0aa7f3d..7db3d70 100644
--- a/src/ssl/span_test.cc
+++ b/src/ssl/span_test.cc
@@ -19,7 +19,7 @@
#include <openssl/ssl.h>
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
namespace {
static void TestCtor(Span<int> s, const int *ptr, size_t size) {
@@ -87,4 +87,4 @@
}
} // namespace
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/ssl_aead_ctx.cc b/src/ssl/ssl_aead_ctx.cc
index 322b1b5..335f6f4 100644
--- a/src/ssl/ssl_aead_ctx.cc
+++ b/src/ssl/ssl_aead_ctx.cc
@@ -31,7 +31,7 @@
#define FUZZER_MODE false
#endif
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
SSLAEADContext::SSLAEADContext(uint16_t version_arg, bool is_dtls_arg,
const SSL_CIPHER *cipher_arg)
@@ -55,7 +55,7 @@
}
UniquePtr<SSLAEADContext> SSLAEADContext::Create(
- enum evp_aead_direction_t direction, uint16_t version, int is_dtls,
+ enum evp_aead_direction_t direction, uint16_t version, bool is_dtls,
const SSL_CIPHER *cipher, Span<const uint8_t> enc_key,
Span<const uint8_t> mac_key, Span<const uint8_t> fixed_iv) {
const EVP_AEAD *aead;
@@ -433,4 +433,4 @@
EVP_AEAD_CTX_get_iv(ctx_.get(), out_iv, out_iv_len);
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/ssl_asn1.cc b/src/ssl/ssl_asn1.cc
index 5dfacb2..caccef4 100644
--- a/src/ssl/ssl_asn1.cc
+++ b/src/ssl/ssl_asn1.cc
@@ -104,7 +104,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// An SSL_SESSION is serialized as the following ASN.1 structure:
//
@@ -751,7 +751,7 @@
return SSL_SESSION_to_bytes_full(in, cbb, 0);
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/src/ssl/ssl_buffer.cc b/src/ssl/ssl_buffer.cc
index 72647a4..b94f081 100644
--- a/src/ssl/ssl_buffer.cc
+++ b/src/ssl/ssl_buffer.cc
@@ -27,7 +27,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// BIO uses int instead of size_t. No lengths will exceed uint16_t, so this will
// not overflow.
@@ -284,4 +284,4 @@
}
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/ssl_cert.cc b/src/ssl/ssl_cert.cc
index 4842974..37d6501 100644
--- a/src/ssl/ssl_cert.cc
+++ b/src/ssl/ssl_cert.cc
@@ -133,7 +133,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
CERT::CERT(const SSL_X509_METHOD *x509_method_arg)
: x509_method(x509_method_arg) {}
@@ -289,10 +289,10 @@
return 1;
}
-int ssl_set_cert(CERT *cert, UniquePtr<CRYPTO_BUFFER> buffer) {
+bool ssl_set_cert(CERT *cert, UniquePtr<CRYPTO_BUFFER> buffer) {
switch (check_leaf_cert_and_privkey(buffer.get(), cert->privatekey.get())) {
case leaf_cert_and_privkey_error:
- return 0;
+ return false;
case leaf_cert_and_privkey_mismatch:
// don't fail for a cert/key mismatch, just free current private key
// (when switching to a different cert & key, first this function should
@@ -308,23 +308,23 @@
if (cert->chain != nullptr) {
CRYPTO_BUFFER_free(sk_CRYPTO_BUFFER_value(cert->chain.get(), 0));
sk_CRYPTO_BUFFER_set(cert->chain.get(), 0, buffer.release());
- return 1;
+ return true;
}
cert->chain.reset(sk_CRYPTO_BUFFER_new_null());
if (cert->chain == nullptr) {
- return 0;
+ return false;
}
if (!PushToStack(cert->chain.get(), std::move(buffer))) {
cert->chain.reset();
- return 0;
+ return false;
}
- return 1;
+ return true;
}
-int ssl_has_certificate(const SSL_CONFIG *cfg) {
+bool ssl_has_certificate(const SSL_CONFIG *cfg) {
return cfg->cert->chain != nullptr &&
sk_CRYPTO_BUFFER_value(cfg->cert->chain.get(), 0) != nullptr &&
ssl_has_private_key(cfg);
@@ -394,7 +394,7 @@
return true;
}
-int ssl_add_cert_chain(SSL_HANDSHAKE *hs, CBB *cbb) {
+bool ssl_add_cert_chain(SSL_HANDSHAKE *hs, CBB *cbb) {
if (!ssl_has_certificate(hs->config)) {
return CBB_add_u24(cbb, 0);
}
@@ -402,7 +402,7 @@
CBB certs;
if (!CBB_add_u24_length_prefixed(cbb, &certs)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
STACK_OF(CRYPTO_BUFFER) *chain = hs->config->cert->chain.get();
@@ -414,7 +414,7 @@
CRYPTO_BUFFER_len(buffer)) ||
!CBB_flush(&certs)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
}
@@ -424,7 +424,7 @@
// ssl_cert_skip_to_spki parses a DER-encoded, X.509 certificate from |in| and
// positions |*out_tbs_cert| to cover the TBSCertificate, starting at the
// subjectPublicKeyInfo.
-static int ssl_cert_skip_to_spki(const CBS *in, CBS *out_tbs_cert) {
+static bool ssl_cert_skip_to_spki(const CBS *in, CBS *out_tbs_cert) {
/* From RFC 5280, section 4.1
* Certificate ::= SEQUENCE {
* tbsCertificate TBSCertificate,
@@ -460,10 +460,10 @@
!CBS_get_asn1(out_tbs_cert, NULL, CBS_ASN1_SEQUENCE) ||
// subject
!CBS_get_asn1(out_tbs_cert, NULL, CBS_ASN1_SEQUENCE)) {
- return 0;
+ return false;
}
- return 1;
+ return true;
}
UniquePtr<EVP_PKEY> ssl_cert_parse_pubkey(const CBS *in) {
@@ -476,47 +476,42 @@
return UniquePtr<EVP_PKEY>(EVP_parse_public_key(&tbs_cert));
}
-int ssl_compare_public_and_private_key(const EVP_PKEY *pubkey,
- const EVP_PKEY *privkey) {
+bool ssl_compare_public_and_private_key(const EVP_PKEY *pubkey,
+ const EVP_PKEY *privkey) {
if (EVP_PKEY_is_opaque(privkey)) {
// We cannot check an opaque private key and have to trust that it
// matches.
- return 1;
+ return true;
}
- int ret = 0;
-
switch (EVP_PKEY_cmp(pubkey, privkey)) {
case 1:
- ret = 1;
- break;
+ return true;
case 0:
OPENSSL_PUT_ERROR(X509, X509_R_KEY_VALUES_MISMATCH);
- break;
+ return false;
case -1:
OPENSSL_PUT_ERROR(X509, X509_R_KEY_TYPE_MISMATCH);
- break;
+ return false;
case -2:
OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE);
- break;
- default:
- assert(0);
- break;
+ return false;
}
- return ret;
+ assert(0);
+ return false;
}
-int ssl_cert_check_private_key(const CERT *cert, const EVP_PKEY *privkey) {
+bool ssl_cert_check_private_key(const CERT *cert, const EVP_PKEY *privkey) {
if (privkey == nullptr) {
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
- return 0;
+ return false;
}
if (cert->chain == nullptr ||
sk_CRYPTO_BUFFER_value(cert->chain.get(), 0) == nullptr) {
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_ASSIGNED);
- return 0;
+ return false;
}
CBS cert_cbs;
@@ -525,13 +520,13 @@
UniquePtr<EVP_PKEY> pubkey = ssl_cert_parse_pubkey(&cert_cbs);
if (!pubkey) {
OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE);
- return 0;
+ return false;
}
return ssl_compare_public_and_private_key(pubkey.get(), privkey);
}
-int ssl_cert_check_digital_signature_key_usage(const CBS *in) {
+bool ssl_cert_check_digital_signature_key_usage(const CBS *in) {
CBS buf = *in;
CBS tbs_cert, outer_extensions;
@@ -551,17 +546,17 @@
&tbs_cert, &outer_extensions, &has_extensions,
CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 3)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT);
- return 0;
+ return false;
}
if (!has_extensions) {
- return 1;
+ return true;
}
CBS extensions;
if (!CBS_get_asn1(&outer_extensions, &extensions, CBS_ASN1_SEQUENCE)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT);
- return 0;
+ return false;
}
while (CBS_len(&extensions) > 0) {
@@ -573,7 +568,7 @@
!CBS_get_asn1(&extension, &contents, CBS_ASN1_OCTETSTRING) ||
CBS_len(&extension) != 0) {
OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT);
- return 0;
+ return false;
}
static const uint8_t kKeyUsageOID[3] = {0x55, 0x1d, 0x0f};
@@ -587,26 +582,26 @@
if (!CBS_get_asn1(&contents, &bit_string, CBS_ASN1_BITSTRING) ||
CBS_len(&contents) != 0) {
OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT);
- return 0;
+ return false;
}
// This is the KeyUsage extension. See
// https://tools.ietf.org/html/rfc5280#section-4.2.1.3
if (!CBS_is_valid_asn1_bitstring(&bit_string)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT);
- return 0;
+ return false;
}
if (!CBS_asn1_bitstring_has_bit(&bit_string, 0)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
// No KeyUsage extension found.
- return 1;
+ return true;
}
UniquePtr<STACK_OF(CRYPTO_BUFFER)> ssl_parse_client_CA_list(SSL *ssl,
@@ -666,10 +661,10 @@
return sk_CRYPTO_BUFFER_num(names) > 0;
}
-int ssl_add_client_CA_list(SSL_HANDSHAKE *hs, CBB *cbb) {
+bool ssl_add_client_CA_list(SSL_HANDSHAKE *hs, CBB *cbb) {
CBB child, name_cbb;
if (!CBB_add_u16_length_prefixed(cbb, &child)) {
- return 0;
+ return false;
}
const STACK_OF(CRYPTO_BUFFER) *names = hs->config->client_CA.get();
@@ -684,21 +679,21 @@
if (!CBB_add_u16_length_prefixed(&child, &name_cbb) ||
!CBB_add_bytes(&name_cbb, CRYPTO_BUFFER_data(name),
CRYPTO_BUFFER_len(name))) {
- return 0;
+ return false;
}
}
return CBB_flush(cbb);
}
-int ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey,
- const CRYPTO_BUFFER *leaf) {
+bool ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey,
+ const CRYPTO_BUFFER *leaf) {
assert(ssl_protocol_version(hs->ssl) < TLS1_3_VERSION);
// Check the certificate's type matches the cipher.
if (!(hs->new_cipher->algorithm_auth & ssl_cipher_auth_mask_for_key(pkey))) {
OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CERTIFICATE_TYPE);
- return 0;
+ return false;
}
// Check key usages for all key types but RSA. This is needed to distinguish
@@ -711,7 +706,7 @@
CBS leaf_cbs;
CBS_init(&leaf_cbs, CRYPTO_BUFFER_data(leaf), CRYPTO_BUFFER_len(leaf));
if (!ssl_cert_check_digital_signature_key_usage(&leaf_cbs)) {
- return 0;
+ return false;
}
}
@@ -724,22 +719,22 @@
!tls1_check_group_id(hs, group_id) ||
EC_KEY_get_conv_form(ec_key) != POINT_CONVERSION_UNCOMPRESSED) {
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_ECC_CERT);
- return 0;
+ return false;
}
}
- return 1;
+ return true;
}
-int ssl_on_certificate_selected(SSL_HANDSHAKE *hs) {
+bool ssl_on_certificate_selected(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
if (!ssl_has_certificate(hs->config)) {
// Nothing to do.
- return 1;
+ return true;
}
if (!ssl->ctx->x509_method->ssl_auto_chain_if_needed(hs)) {
- return 0;
+ return false;
}
CBS leaf;
@@ -750,7 +745,7 @@
return hs->local_pubkey != NULL;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/src/ssl/ssl_cipher.cc b/src/ssl/ssl_cipher.cc
index 5899500..0ed91d6 100644
--- a/src/ssl/ssl_cipher.cc
+++ b/src/ssl/ssl_cipher.cc
@@ -154,7 +154,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// kCiphers is an array of all supported ciphers, sorted by id.
static constexpr SSL_CIPHER kCiphers[] = {
@@ -559,13 +559,13 @@
bool ssl_cipher_get_evp_aead(const EVP_AEAD **out_aead,
size_t *out_mac_secret_len,
size_t *out_fixed_iv_len, const SSL_CIPHER *cipher,
- uint16_t version, int is_dtls) {
+ uint16_t version, bool is_dtls) {
*out_aead = NULL;
*out_mac_secret_len = 0;
*out_fixed_iv_len = 0;
- const int is_tls12 = version == TLS1_2_VERSION && !is_dtls;
- const int is_tls13 = version == TLS1_3_VERSION && !is_dtls;
+ const bool is_tls12 = version == TLS1_2_VERSION && !is_dtls;
+ const bool is_tls13 = version == TLS1_3_VERSION && !is_dtls;
if (cipher->algorithm_mac == SSL_AEAD) {
if (cipher->algorithm_enc == SSL_AES128GCM) {
@@ -649,7 +649,7 @@
}
}
-static bool is_cipher_list_separator(char c, int is_strict) {
+static bool is_cipher_list_separator(char c, bool is_strict) {
if (c == ':') {
return true;
}
@@ -1306,7 +1306,7 @@
return ret;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/src/ssl/ssl_key_share.cc b/src/ssl/ssl_key_share.cc
index c7f6f88..8466eab 100644
--- a/src/ssl/ssl_key_share.cc
+++ b/src/ssl/ssl_key_share.cc
@@ -31,7 +31,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
namespace {
@@ -266,33 +266,33 @@
Finish(out_secret, out_alert, peer_key);
}
-int ssl_nid_to_group_id(uint16_t *out_group_id, int nid) {
+bool ssl_nid_to_group_id(uint16_t *out_group_id, int nid) {
for (const auto &group : kNamedGroups) {
if (group.nid == nid) {
*out_group_id = group.group_id;
- return 1;
+ return true;
}
}
- return 0;
+ return false;
}
-int ssl_name_to_group_id(uint16_t *out_group_id, const char *name, size_t len) {
+bool ssl_name_to_group_id(uint16_t *out_group_id, const char *name, size_t len) {
for (const auto &group : kNamedGroups) {
if (len == strlen(group.name) &&
!strncmp(group.name, name, len)) {
*out_group_id = group.group_id;
- return 1;
+ return true;
}
if (len == strlen(group.alias) &&
!strncmp(group.alias, name, len)) {
*out_group_id = group.group_id;
- return 1;
+ return true;
}
}
- return 0;
+ return false;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/src/ssl/ssl_lib.cc b/src/ssl/ssl_lib.cc
index 120c276..13b9cac 100644
--- a/src/ssl/ssl_lib.cc
+++ b/src/ssl/ssl_lib.cc
@@ -162,7 +162,7 @@
#endif
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// |SSL_R_UNKNOWN_PROTOCOL| is no longer emitted, but continue to define it
// to avoid downstream churn.
@@ -506,7 +506,7 @@
ssl->config->handoff = on;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/src/ssl/ssl_privkey.cc b/src/ssl/ssl_privkey.cc
index fecac39..e716c9a 100644
--- a/src/ssl/ssl_privkey.cc
+++ b/src/ssl/ssl_privkey.cc
@@ -69,28 +69,28 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
-int ssl_is_key_type_supported(int key_type) {
+bool ssl_is_key_type_supported(int key_type) {
return key_type == EVP_PKEY_RSA || key_type == EVP_PKEY_EC ||
key_type == EVP_PKEY_ED25519;
}
-static int ssl_set_pkey(CERT *cert, EVP_PKEY *pkey) {
+static bool ssl_set_pkey(CERT *cert, EVP_PKEY *pkey) {
if (!ssl_is_key_type_supported(pkey->type)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
- return 0;
+ return false;
}
if (cert->chain != nullptr &&
sk_CRYPTO_BUFFER_value(cert->chain.get(), 0) != nullptr &&
// Sanity-check that the private key and the certificate match.
!ssl_cert_check_private_key(cert, pkey)) {
- return 0;
+ return false;
}
cert->privatekey = UpRef(pkey);
- return 1;
+ return true;
}
typedef struct {
@@ -98,29 +98,30 @@
int pkey_type;
int curve;
const EVP_MD *(*digest_func)(void);
- char is_rsa_pss;
+ bool is_rsa_pss;
} SSL_SIGNATURE_ALGORITHM;
static const SSL_SIGNATURE_ALGORITHM kSignatureAlgorithms[] = {
- {SSL_SIGN_RSA_PKCS1_MD5_SHA1, EVP_PKEY_RSA, NID_undef, &EVP_md5_sha1, 0},
- {SSL_SIGN_RSA_PKCS1_SHA1, EVP_PKEY_RSA, NID_undef, &EVP_sha1, 0},
- {SSL_SIGN_RSA_PKCS1_SHA256, EVP_PKEY_RSA, NID_undef, &EVP_sha256, 0},
- {SSL_SIGN_RSA_PKCS1_SHA384, EVP_PKEY_RSA, NID_undef, &EVP_sha384, 0},
- {SSL_SIGN_RSA_PKCS1_SHA512, EVP_PKEY_RSA, NID_undef, &EVP_sha512, 0},
+ {SSL_SIGN_RSA_PKCS1_MD5_SHA1, EVP_PKEY_RSA, NID_undef, &EVP_md5_sha1,
+ false},
+ {SSL_SIGN_RSA_PKCS1_SHA1, EVP_PKEY_RSA, NID_undef, &EVP_sha1, false},
+ {SSL_SIGN_RSA_PKCS1_SHA256, EVP_PKEY_RSA, NID_undef, &EVP_sha256, false},
+ {SSL_SIGN_RSA_PKCS1_SHA384, EVP_PKEY_RSA, NID_undef, &EVP_sha384, false},
+ {SSL_SIGN_RSA_PKCS1_SHA512, EVP_PKEY_RSA, NID_undef, &EVP_sha512, false},
- {SSL_SIGN_RSA_PSS_RSAE_SHA256, EVP_PKEY_RSA, NID_undef, &EVP_sha256, 1},
- {SSL_SIGN_RSA_PSS_RSAE_SHA384, EVP_PKEY_RSA, NID_undef, &EVP_sha384, 1},
- {SSL_SIGN_RSA_PSS_RSAE_SHA512, EVP_PKEY_RSA, NID_undef, &EVP_sha512, 1},
+ {SSL_SIGN_RSA_PSS_RSAE_SHA256, EVP_PKEY_RSA, NID_undef, &EVP_sha256, true},
+ {SSL_SIGN_RSA_PSS_RSAE_SHA384, EVP_PKEY_RSA, NID_undef, &EVP_sha384, true},
+ {SSL_SIGN_RSA_PSS_RSAE_SHA512, EVP_PKEY_RSA, NID_undef, &EVP_sha512, true},
- {SSL_SIGN_ECDSA_SHA1, EVP_PKEY_EC, NID_undef, &EVP_sha1, 0},
+ {SSL_SIGN_ECDSA_SHA1, EVP_PKEY_EC, NID_undef, &EVP_sha1, false},
{SSL_SIGN_ECDSA_SECP256R1_SHA256, EVP_PKEY_EC, NID_X9_62_prime256v1,
- &EVP_sha256, 0},
+ &EVP_sha256, false},
{SSL_SIGN_ECDSA_SECP384R1_SHA384, EVP_PKEY_EC, NID_secp384r1, &EVP_sha384,
- 0},
+ false},
{SSL_SIGN_ECDSA_SECP521R1_SHA512, EVP_PKEY_EC, NID_secp521r1, &EVP_sha512,
- 0},
+ false},
- {SSL_SIGN_ED25519, EVP_PKEY_ED25519, NID_undef, NULL, 0},
+ {SSL_SIGN_ED25519, EVP_PKEY_ED25519, NID_undef, nullptr, false},
};
static const SSL_SIGNATURE_ALGORITHM *get_signature_algorithm(uint16_t sigalg) {
@@ -132,22 +133,22 @@
return NULL;
}
-int ssl_has_private_key(const SSL_CONFIG *cfg) {
+bool ssl_has_private_key(const SSL_CONFIG *cfg) {
return cfg->cert->privatekey != nullptr || cfg->cert->key_method != nullptr;
}
-static int pkey_supports_algorithm(const SSL *ssl, EVP_PKEY *pkey,
- uint16_t sigalg) {
+static bool pkey_supports_algorithm(const SSL *ssl, EVP_PKEY *pkey,
+ uint16_t sigalg) {
const SSL_SIGNATURE_ALGORITHM *alg = get_signature_algorithm(sigalg);
if (alg == NULL ||
EVP_PKEY_id(pkey) != alg->pkey_type) {
- return 0;
+ return false;
}
if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
// RSA keys may only be used with RSA-PSS.
if (alg->pkey_type == EVP_PKEY_RSA && !alg->is_rsa_pss) {
- return 0;
+ return false;
}
// EC keys have a curve requirement.
@@ -155,18 +156,18 @@
(alg->curve == NID_undef ||
EC_GROUP_get_curve_name(
EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(pkey))) != alg->curve)) {
- return 0;
+ return false;
}
}
- return 1;
+ return true;
}
-static int setup_ctx(SSL *ssl, EVP_MD_CTX *ctx, EVP_PKEY *pkey, uint16_t sigalg,
- int is_verify) {
+static bool setup_ctx(SSL *ssl, EVP_MD_CTX *ctx, EVP_PKEY *pkey,
+ uint16_t sigalg, bool is_verify) {
if (!pkey_supports_algorithm(ssl, pkey, sigalg)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_SIGNATURE_TYPE);
- return 0;
+ return false;
}
const SSL_SIGNATURE_ALGORITHM *alg = get_signature_algorithm(sigalg);
@@ -174,20 +175,20 @@
EVP_PKEY_CTX *pctx;
if (is_verify) {
if (!EVP_DigestVerifyInit(ctx, &pctx, digest, NULL, pkey)) {
- return 0;
+ return false;
}
} else if (!EVP_DigestSignInit(ctx, &pctx, digest, NULL, pkey)) {
- return 0;
+ return false;
}
if (alg->is_rsa_pss) {
if (!EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) ||
!EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1 /* salt len = hash len */)) {
- return 0;
+ return false;
}
}
- return 1;
+ return true;
}
enum ssl_private_key_result_t ssl_private_key_sign(
@@ -212,7 +213,7 @@
*out_len = max_out;
ScopedEVP_MD_CTX ctx;
if (!setup_ctx(ssl, ctx.get(), hs->config->cert->privatekey.get(), sigalg,
- 0 /* sign */) ||
+ false /* sign */) ||
!EVP_DigestSign(ctx.get(), out, out_len, in.data(), in.size())) {
return ssl_private_key_failure;
}
@@ -223,7 +224,7 @@
uint16_t sigalg, EVP_PKEY *pkey,
Span<const uint8_t> in) {
ScopedEVP_MD_CTX ctx;
- return setup_ctx(ssl, ctx.get(), pkey, sigalg, 1 /* verify */) &&
+ return setup_ctx(ssl, ctx.get(), pkey, sigalg, true /* verify */) &&
EVP_DigestVerify(ctx.get(), signature.data(), signature.size(),
in.data(), in.size());
}
@@ -287,7 +288,7 @@
return true;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/src/ssl/ssl_session.cc b/src/ssl/ssl_session.cc
index 1b0b68a..927dd1b 100644
--- a/src/ssl/ssl_session.cc
+++ b/src/ssl/ssl_session.cc
@@ -151,7 +151,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// The address of this is a magic value, a pointer to which is returned by
// SSL_magic_pending_session_ptr(). It allows a session callback to indicate
@@ -838,7 +838,7 @@
}
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/src/ssl/ssl_test.cc b/src/ssl/ssl_test.cc
index 74c4e9e..894bb14 100644
--- a/src/ssl/ssl_test.cc
+++ b/src/ssl/ssl_test.cc
@@ -53,7 +53,7 @@
#endif
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
namespace {
@@ -1966,18 +1966,18 @@
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0e, 0xc0, 0x09,
0xc0, 0x13, 0xc0, 0x0a, 0xc0, 0x14, 0x00, 0x2f, 0x00, 0x35, 0x00, 0x0a,
- 0x01, 0x00, 0x00, 0x1f, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x17, 0x00,
- 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
- 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18}},
+ 0x01, 0x00, 0x00, 0x1f, 0x00, 0x17, 0x00, 0x00, 0xff, 0x01, 0x00, 0x01,
+ 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00,
+ 0x18, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, 0x00, 0x00}},
{TLS1_1_VERSION,
{0x16, 0x03, 0x01, 0x00, 0x5a, 0x01, 0x00, 0x00, 0x56, 0x03, 0x02, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0e, 0xc0, 0x09,
0xc0, 0x13, 0xc0, 0x0a, 0xc0, 0x14, 0x00, 0x2f, 0x00, 0x35, 0x00, 0x0a,
- 0x01, 0x00, 0x00, 0x1f, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x17, 0x00,
- 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
- 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18}},
+ 0x01, 0x00, 0x00, 0x1f, 0x00, 0x17, 0x00, 0x00, 0xff, 0x01, 0x00, 0x01,
+ 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00,
+ 0x18, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, 0x00, 0x00}},
{TLS1_2_VERSION,
{0x16, 0x03, 0x01, 0x00, 0x82, 0x01, 0x00, 0x00, 0x7e, 0x03, 0x03, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -1985,12 +1985,12 @@
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1e, 0xcc, 0xa9,
0xcc, 0xa8, 0xc0, 0x2b, 0xc0, 0x2f, 0xc0, 0x2c, 0xc0, 0x30, 0xc0, 0x09,
0xc0, 0x13, 0xc0, 0x0a, 0xc0, 0x14, 0x00, 0x9c, 0x00, 0x9d, 0x00, 0x2f,
- 0x00, 0x35, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x37, 0xff, 0x01, 0x00, 0x01,
- 0x00, 0x00, 0x17, 0x00, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00,
- 0x14, 0x00, 0x12, 0x04, 0x03, 0x08, 0x04, 0x04, 0x01, 0x05, 0x03, 0x08,
- 0x05, 0x05, 0x01, 0x08, 0x06, 0x06, 0x01, 0x02, 0x01, 0x00, 0x0b, 0x00,
- 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00,
- 0x17, 0x00, 0x18}},
+ 0x00, 0x35, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x37, 0x00, 0x17, 0x00, 0x00,
+ 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00,
+ 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
+ 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x14, 0x00, 0x12, 0x04, 0x03, 0x08,
+ 0x04, 0x04, 0x01, 0x05, 0x03, 0x08, 0x05, 0x05, 0x01, 0x08, 0x06, 0x06,
+ 0x01, 0x02, 0x01}},
// TODO(davidben): Add a change detector for TLS 1.3 once the spec and our
// implementation has settled enough that it won't change.
};
@@ -2033,7 +2033,7 @@
}
}
if (i + 12 >= client_hello.size()) {
- printf("}}");
+ printf("}},");
}
printf("\n");
}
@@ -4281,6 +4281,21 @@
server_ctx_.get()));
}
+// Test that ticket-based sessions on the client get fake session IDs.
+TEST_P(SSLVersionTest, FakeIDsForTickets) {
+ SSL_CTX_set_session_cache_mode(client_ctx_.get(), SSL_SESS_CACHE_BOTH);
+ SSL_CTX_set_session_cache_mode(server_ctx_.get(), SSL_SESS_CACHE_BOTH);
+
+ bssl::UniquePtr<SSL_SESSION> session =
+ CreateClientSession(client_ctx_.get(), server_ctx_.get());
+ ASSERT_TRUE(session);
+
+ EXPECT_TRUE(SSL_SESSION_has_ticket(session.get()));
+ unsigned session_id_length;
+ SSL_SESSION_get_id(session.get(), &session_id_length);
+ EXPECT_NE(session_id_length, 0u);
+}
+
// These tests test multi-threaded behavior. They are intended to run with
// ThreadSanitizer.
#if !defined(OPENSSL_NO_THREADS)
@@ -4428,4 +4443,4 @@
}
} // namespace
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/ssl_transcript.cc b/src/ssl/ssl_transcript.cc
index 24b86bf..8bb513d 100644
--- a/src/ssl/ssl_transcript.cc
+++ b/src/ssl/ssl_transcript.cc
@@ -141,7 +141,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
SSLTranscript::SSLTranscript() {}
@@ -261,4 +261,4 @@
return true;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/ssl_versions.cc b/src/ssl/ssl_versions.cc
index 212c3ac..911fb7e 100644
--- a/src/ssl/ssl_versions.cc
+++ b/src/ssl/ssl_versions.cc
@@ -23,7 +23,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
bool ssl_protocol_version_from_wire(uint16_t *out, uint16_t version) {
switch (version) {
@@ -360,7 +360,7 @@
return version == TLS1_3_DRAFT28_VERSION || version == TLS1_3_VERSION;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/src/ssl/ssl_x509.cc b/src/ssl/ssl_x509.cc
index ef09589..9fa800f 100644
--- a/src/ssl/ssl_x509.cc
+++ b/src/ssl/ssl_x509.cc
@@ -155,7 +155,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// check_ssl_x509_method asserts that |ssl| has the X509-based method
// installed. Calling an X509-based method on an |ssl| with a different method
@@ -506,7 +506,7 @@
ssl_crypto_x509_ssl_ctx_flush_cached_client_CA,
};
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/src/ssl/t1_enc.cc b/src/ssl/t1_enc.cc
index 93170b9..c6b2844 100644
--- a/src/ssl/t1_enc.cc
+++ b/src/ssl/t1_enc.cc
@@ -153,7 +153,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
bool tls1_prf(const EVP_MD *digest, Span<uint8_t> out,
Span<const uint8_t> secret, Span<const char> label,
@@ -277,7 +277,7 @@
return SSL3_MASTER_SECRET_SIZE;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/src/ssl/t1_lib.cc b/src/ssl/t1_lib.cc
index 32ea2d4..678e4a3 100644
--- a/src/ssl/t1_lib.cc
+++ b/src/ssl/t1_lib.cc
@@ -129,7 +129,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
static bool ssl_check_clienthello_tlsext(SSL_HANDSHAKE *hs);
@@ -2775,14 +2775,6 @@
// kExtensions contains all the supported extensions.
static const struct tls_extension kExtensions[] = {
{
- TLSEXT_TYPE_renegotiate,
- NULL,
- ext_ri_add_clienthello,
- ext_ri_parse_serverhello,
- ext_ri_parse_clienthello,
- ext_ri_add_serverhello,
- },
- {
TLSEXT_TYPE_server_name,
NULL,
ext_sni_add_clienthello,
@@ -2799,6 +2791,30 @@
ext_ems_add_serverhello,
},
{
+ TLSEXT_TYPE_renegotiate,
+ NULL,
+ ext_ri_add_clienthello,
+ ext_ri_parse_serverhello,
+ ext_ri_parse_clienthello,
+ ext_ri_add_serverhello,
+ },
+ {
+ TLSEXT_TYPE_supported_groups,
+ NULL,
+ ext_supported_groups_add_clienthello,
+ ext_supported_groups_parse_serverhello,
+ ext_supported_groups_parse_clienthello,
+ dont_add_serverhello,
+ },
+ {
+ TLSEXT_TYPE_ec_point_formats,
+ NULL,
+ ext_ec_point_add_clienthello,
+ ext_ec_point_parse_serverhello,
+ ext_ec_point_parse_clienthello,
+ ext_ec_point_add_serverhello,
+ },
+ {
TLSEXT_TYPE_session_ticket,
NULL,
ext_ticket_add_clienthello,
@@ -2808,6 +2824,23 @@
ext_ticket_add_serverhello,
},
{
+ TLSEXT_TYPE_application_layer_protocol_negotiation,
+ NULL,
+ ext_alpn_add_clienthello,
+ ext_alpn_parse_serverhello,
+ // ALPN is negotiated late in |ssl_negotiate_alpn|.
+ ignore_parse_clienthello,
+ ext_alpn_add_serverhello,
+ },
+ {
+ TLSEXT_TYPE_status_request,
+ NULL,
+ ext_ocsp_add_clienthello,
+ ext_ocsp_parse_serverhello,
+ ext_ocsp_parse_clienthello,
+ ext_ocsp_add_serverhello,
+ },
+ {
TLSEXT_TYPE_signature_algorithms,
NULL,
ext_sigalgs_add_clienthello,
@@ -2824,14 +2857,6 @@
dont_add_serverhello,
},
{
- TLSEXT_TYPE_status_request,
- NULL,
- ext_ocsp_add_clienthello,
- ext_ocsp_parse_serverhello,
- ext_ocsp_parse_clienthello,
- ext_ocsp_add_serverhello,
- },
- {
TLSEXT_TYPE_next_proto_neg,
NULL,
ext_npn_add_clienthello,
@@ -2848,15 +2873,6 @@
ext_sct_add_serverhello,
},
{
- TLSEXT_TYPE_application_layer_protocol_negotiation,
- NULL,
- ext_alpn_add_clienthello,
- ext_alpn_parse_serverhello,
- // ALPN is negotiated late in |ssl_negotiate_alpn|.
- ignore_parse_clienthello,
- ext_alpn_add_serverhello,
- },
- {
TLSEXT_TYPE_channel_id,
ext_channel_id_init,
ext_channel_id_add_clienthello,
@@ -2873,14 +2889,6 @@
ext_srtp_add_serverhello,
},
{
- TLSEXT_TYPE_ec_point_formats,
- NULL,
- ext_ec_point_add_clienthello,
- ext_ec_point_parse_serverhello,
- ext_ec_point_parse_clienthello,
- ext_ec_point_add_serverhello,
- },
- {
TLSEXT_TYPE_key_share,
NULL,
ext_key_share_add_clienthello,
@@ -2929,14 +2937,6 @@
ext_quic_transport_params_add_serverhello,
},
{
- TLSEXT_TYPE_supported_groups,
- NULL,
- ext_supported_groups_add_clienthello,
- ext_supported_groups_parse_serverhello,
- ext_supported_groups_parse_clienthello,
- dont_add_serverhello,
- },
- {
TLSEXT_TYPE_token_binding,
NULL,
ext_token_binding_add_clienthello,
@@ -3836,7 +3836,7 @@
return true;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/src/ssl/test/CMakeLists.txt b/src/ssl/test/CMakeLists.txt
index 425b43b..d86464c 100644
--- a/src/ssl/test/CMakeLists.txt
+++ b/src/ssl/test/CMakeLists.txt
@@ -14,6 +14,8 @@
$<TARGET_OBJECTS:test_support>
)
+add_dependencies(bssl_shim global_target)
+
target_link_libraries(bssl_shim ssl crypto)
if(UNIX AND NOT APPLE AND NOT ANDROID)
@@ -31,6 +33,8 @@
$<TARGET_OBJECTS:test_support>
)
+ add_dependencies(handshaker global_target)
+
target_link_libraries(handshaker ssl crypto)
else()
# Declare a dummy target for run_tests to depend on.
diff --git a/src/ssl/test/runner/runner.go b/src/ssl/test/runner/runner.go
index 6bbaecf..4bcf603 100644
--- a/src/ssl/test/runner/runner.go
+++ b/src/ssl/test/runner/runner.go
@@ -7625,17 +7625,6 @@
},
})
} else {
- error := ":OLD_SESSION_VERSION_NOT_RETURNED:"
- // Clients offering TLS 1.3 will send a fake session ID
- // unrelated to the session being offer. This session ID is
- // invalid for the server to echo, so the handshake fails at
- // a different point. It's not syntactically possible for a
- // server to convince our client that it's accepted a TLS
- // 1.3 session at an older version.
- if resumeVers.version < VersionTLS13 && sessionVers.version >= VersionTLS13 {
- error = ":SERVER_ECHOED_INVALID_SESSION_ID:"
- }
-
testCases = append(testCases, testCase{
protocol: protocol,
name: "Resume-Client-Mismatch" + suffix,
@@ -7654,7 +7643,7 @@
},
expectedResumeVersion: resumeVers.version,
shouldFail: true,
- expectedError: error,
+ expectedError: ":OLD_SESSION_VERSION_NOT_RETURNED:",
flags: []string{
"-on-initial-tls13-variant", strconv.Itoa(sessionVers.tls13Variant),
"-on-resume-tls13-variant", strconv.Itoa(resumeVers.tls13Variant),
diff --git a/src/ssl/tls13_both.cc b/src/ssl/tls13_both.cc
index a1793da..a02d35d 100644
--- a/src/ssl/tls13_both.cc
+++ b/src/ssl/tls13_both.cc
@@ -30,7 +30,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// kMaxKeyUpdates is the number of consecutive KeyUpdates that will be
// processed. Without this limit an attacker could force unbounded processing
@@ -101,8 +101,8 @@
return true;
}
-int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
- int allow_anonymous) {
+bool tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
+ bool allow_anonymous) {
SSL *const ssl = hs->ssl;
CBS body = msg.body;
bssl::UniquePtr<CRYPTO_BUFFER> decompressed;
@@ -118,7 +118,7 @@
CBS_len(&body) != 0) {
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
- return 0;
+ return false;
}
if (uncompressed_len > ssl->max_cert_list) {
@@ -126,7 +126,7 @@
OPENSSL_PUT_ERROR(SSL, SSL_R_UNCOMPRESSED_CERT_TOO_LARGE);
ERR_add_error_dataf("requested=%u",
static_cast<unsigned>(uncompressed_len));
- return 0;
+ return false;
}
ssl_cert_decompression_func_t decompress = nullptr;
@@ -141,7 +141,7 @@
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERT_COMPRESSION_ALG);
ERR_add_error_dataf("alg=%d", static_cast<int>(alg_id));
- return 0;
+ return false;
}
CRYPTO_BUFFER *decompressed_ptr = nullptr;
@@ -150,7 +150,7 @@
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_CERT_DECOMPRESSION_FAILED);
ERR_add_error_dataf("alg=%d", static_cast<int>(alg_id));
- return 0;
+ return false;
}
decompressed.reset(decompressed_ptr);
@@ -161,7 +161,7 @@
"alg=%d got=%u expected=%u", static_cast<int>(alg_id),
static_cast<unsigned>(CRYPTO_BUFFER_len(decompressed_ptr)),
static_cast<unsigned>(uncompressed_len));
- return 0;
+ return false;
}
CBS_init(&body, CRYPTO_BUFFER_data(decompressed_ptr),
@@ -177,14 +177,14 @@
CBS_len(&body) != 0) {
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
- return 0;
+ return false;
}
UniquePtr<STACK_OF(CRYPTO_BUFFER)> certs(sk_CRYPTO_BUFFER_new_null());
if (!certs) {
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
- return 0;
+ return false;
}
const bool retain_sha256 =
@@ -197,7 +197,7 @@
CBS_len(&certificate) == 0) {
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_CERT_LENGTH_MISMATCH);
- return 0;
+ return false;
}
if (sk_CRYPTO_BUFFER_num(certs.get()) == 0) {
@@ -205,13 +205,13 @@
if (!pkey) {
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
- return 0;
+ return false;
}
// TLS 1.3 always uses certificate keys for signing thus the correct
// keyUsage is enforced.
if (!ssl_cert_check_digital_signature_key_usage(&certificate)) {
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
- return 0;
+ return false;
}
if (retain_sha256) {
@@ -227,7 +227,7 @@
!PushToStack(certs.get(), std::move(buf))) {
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
- return 0;
+ return false;
}
// Parse out the extensions.
@@ -243,7 +243,7 @@
OPENSSL_ARRAY_SIZE(ext_types),
0 /* reject unknown */)) {
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
- return 0;
+ return false;
}
// All Certificate extensions are parsed, but only the leaf extensions are
@@ -252,7 +252,7 @@
if (ssl->server || !hs->config->ocsp_stapling_enabled) {
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNSUPPORTED_EXTENSION);
- return 0;
+ return false;
}
uint8_t status_type;
@@ -263,7 +263,7 @@
CBS_len(&ocsp_response) == 0 ||
CBS_len(&status_request) != 0) {
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- return 0;
+ return false;
}
if (sk_CRYPTO_BUFFER_num(certs.get()) == 1) {
@@ -271,7 +271,7 @@
CRYPTO_BUFFER_new_from_CBS(&ocsp_response, ssl->ctx->pool));
if (hs->new_session->ocsp_response == nullptr) {
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
- return 0;
+ return false;
}
}
}
@@ -280,13 +280,13 @@
if (ssl->server || !hs->config->signed_cert_timestamps_enabled) {
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNSUPPORTED_EXTENSION);
- return 0;
+ return false;
}
if (!ssl_is_sct_list_valid(&sct)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_PARSING_EXTENSION);
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- return 0;
+ return false;
}
if (sk_CRYPTO_BUFFER_num(certs.get()) == 1) {
@@ -294,7 +294,7 @@
CRYPTO_BUFFER_new_from_CBS(&sct, ssl->ctx->pool));
if (hs->new_session->signed_cert_timestamp_list == nullptr) {
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
- return 0;
+ return false;
}
}
}
@@ -312,14 +312,14 @@
if (!ssl->ctx->x509_method->session_cache_objects(hs->new_session.get())) {
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- return 0;
+ return false;
}
if (sk_CRYPTO_BUFFER_num(hs->new_session->certs.get()) == 0) {
if (!allow_anonymous) {
OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_CERTIFICATE_REQUIRED);
- return 0;
+ return false;
}
// OpenSSL returns X509_V_OK when no certificates are requested. This is
@@ -327,18 +327,18 @@
hs->new_session->verify_result = X509_V_OK;
// No certificate, so nothing more to do.
- return 1;
+ return true;
}
hs->new_session->peer_sha256_valid = retain_sha256;
- return 1;
+ return true;
}
-int tls13_process_certificate_verify(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
+bool tls13_process_certificate_verify(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
SSL *const ssl = hs->ssl;
if (hs->peer_pubkey == NULL) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
CBS body = msg.body, signature;
@@ -348,13 +348,13 @@
CBS_len(&body) != 0) {
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- return 0;
+ return false;
}
uint8_t alert = SSL_AD_DECODE_ERROR;
if (!tls12_check_peer_sigalg(ssl, &alert, signature_algorithm)) {
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
- return 0;
+ return false;
}
hs->new_session->peer_signature_algorithm = signature_algorithm;
@@ -363,7 +363,7 @@
hs, &input,
ssl->server ? ssl_cert_verify_client : ssl_cert_verify_server)) {
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
- return 0;
+ return false;
}
bool sig_ok = ssl_public_key_verify(ssl, signature, signature_algorithm,
@@ -375,14 +375,14 @@
if (!sig_ok) {
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SIGNATURE);
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
-int tls13_process_finished(SSL_HANDSHAKE *hs, const SSLMessage &msg,
- int use_saved_value) {
+bool tls13_process_finished(SSL_HANDSHAKE *hs, const SSLMessage &msg,
+ bool use_saved_value) {
SSL *const ssl = hs->ssl;
uint8_t verify_data_buf[EVP_MAX_MD_SIZE];
const uint8_t *verify_data;
@@ -394,25 +394,25 @@
} else {
if (!tls13_finished_mac(hs, verify_data_buf, &verify_data_len,
!ssl->server)) {
- return 0;
+ return false;
}
verify_data = verify_data_buf;
}
- int finished_ok = CBS_mem_equal(&msg.body, verify_data, verify_data_len);
+ bool finished_ok = CBS_mem_equal(&msg.body, verify_data, verify_data_len);
#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
- finished_ok = 1;
+ finished_ok = true;
#endif
if (!finished_ok) {
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
-int tls13_add_certificate(SSL_HANDSHAKE *hs) {
+bool tls13_add_certificate(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
CERT *const cert = hs->config->cert.get();
@@ -435,7 +435,7 @@
!CBB_add_u8(body, 0) ||
!CBB_add_u24_length_prefixed(body, &certificate_list)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
if (!ssl_has_certificate(hs->config)) {
@@ -449,7 +449,7 @@
CRYPTO_BUFFER_len(leaf_buf)) ||
!CBB_add_u16_length_prefixed(&certificate_list, &extensions)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
if (hs->scts_requested && cert->signed_cert_timestamp_list != nullptr) {
@@ -462,7 +462,7 @@
CRYPTO_BUFFER_len(cert->signed_cert_timestamp_list.get())) ||
!CBB_flush(&extensions)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
}
@@ -477,7 +477,7 @@
CRYPTO_BUFFER_len(cert->ocsp_response.get())) ||
!CBB_flush(&extensions)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
}
@@ -489,7 +489,7 @@
CRYPTO_BUFFER_len(cert_buf)) ||
!CBB_add_u16(&certificate_list, 0 /* no extensions */)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
}
@@ -500,7 +500,7 @@
Array<uint8_t> msg;
if (!CBBFinishArray(cbb.get(), &msg)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
const CertCompressionAlg *alg = nullptr;
@@ -513,7 +513,7 @@
if (alg == nullptr || alg->compress == nullptr) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
CBB compressed;
@@ -526,10 +526,10 @@
!alg->compress(ssl, &compressed, msg.data(), msg.size()) ||
!ssl_add_message_cbb(ssl, cbb.get())) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
enum ssl_private_key_result_t tls13_add_certificate_verify(SSL_HANDSHAKE *hs) {
@@ -582,7 +582,7 @@
return ssl_private_key_success;
}
-int tls13_add_finished(SSL_HANDSHAKE *hs) {
+bool tls13_add_finished(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
size_t verify_data_len;
uint8_t verify_data[EVP_MAX_MD_SIZE];
@@ -590,7 +590,7 @@
if (!tls13_finished_mac(hs, verify_data, &verify_data_len, ssl->server)) {
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED);
- return 0;
+ return false;
}
ScopedCBB cbb;
@@ -598,13 +598,13 @@
if (!ssl->method->init_message(ssl, cbb.get(), &body, SSL3_MT_FINISHED) ||
!CBB_add_bytes(&body, verify_data, verify_data_len) ||
!ssl_add_message_cbb(ssl, cbb.get())) {
- return 0;
+ return false;
}
- return 1;
+ return true;
}
-static int tls13_receive_key_update(SSL *ssl, const SSLMessage &msg) {
+static bool tls13_receive_key_update(SSL *ssl, const SSLMessage &msg) {
CBS body = msg.body;
uint8_t key_update_request;
if (!CBS_get_u8(&body, &key_update_request) ||
@@ -613,11 +613,11 @@
key_update_request != SSL_KEY_UPDATE_REQUESTED)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- return 0;
+ return false;
}
if (!tls13_rotate_traffic_key(ssl, evp_aead_open)) {
- return 0;
+ return false;
}
// Acknowledge the KeyUpdate
@@ -630,7 +630,7 @@
!CBB_add_u8(&body_cbb, SSL_KEY_UPDATE_NOT_REQUESTED) ||
!ssl_add_message_cbb(ssl, cbb.get()) ||
!tls13_rotate_traffic_key(ssl, evp_aead_seal)) {
- return 0;
+ return false;
}
// Suppress KeyUpdate acknowledgments until this change is written to the
@@ -639,16 +639,16 @@
ssl->s3->key_update_pending = true;
}
- return 1;
+ return true;
}
-int tls13_post_handshake(SSL *ssl, const SSLMessage &msg) {
+bool tls13_post_handshake(SSL *ssl, const SSLMessage &msg) {
if (msg.type == SSL3_MT_KEY_UPDATE) {
ssl->s3->key_update_count++;
if (ssl->s3->key_update_count > kMaxKeyUpdates) {
OPENSSL_PUT_ERROR(SSL, SSL_R_TOO_MANY_KEY_UPDATES);
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
- return 0;
+ return false;
}
return tls13_receive_key_update(ssl, msg);
@@ -662,7 +662,7 @@
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
- return 0;
+ return false;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/tls13_client.cc b/src/ssl/tls13_client.cc
index cf20403..26f5fb9 100644
--- a/src/ssl/tls13_client.cc
+++ b/src/ssl/tls13_client.cc
@@ -24,13 +24,14 @@
#include <openssl/digest.h>
#include <openssl/err.h>
#include <openssl/mem.h>
+#include <openssl/sha.h>
#include <openssl/stack.h>
#include "../crypto/internal.h"
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
enum client_hs_state_t {
state_read_hello_retry_request = 0,
@@ -552,7 +553,7 @@
return ssl_hs_error;
}
- if (!tls13_process_certificate(hs, msg, 0 /* certificate required */) ||
+ if (!tls13_process_certificate(hs, msg, false /* certificate required */) ||
!ssl_hash_message(hs, msg)) {
return ssl_hs_error;
}
@@ -612,7 +613,7 @@
return ssl_hs_read_message;
}
if (!ssl_check_message_type(ssl, msg, SSL3_MT_FINISHED) ||
- !tls13_process_finished(hs, msg, 0 /* don't use saved value */) ||
+ !tls13_process_finished(hs, msg, false /* don't use saved value */) ||
!ssl_hash_message(hs, msg) ||
// Update the secret to the master secret and derive traffic keys.
!tls13_advance_key_schedule(hs, kZeroes, hs->hash_len) ||
@@ -846,18 +847,18 @@
return "TLS 1.3 client unknown";
}
-int tls13_process_new_session_ticket(SSL *ssl, const SSLMessage &msg) {
+bool tls13_process_new_session_ticket(SSL *ssl, const SSLMessage &msg) {
if (ssl->s3->write_shutdown != ssl_shutdown_none) {
// Ignore tickets on shutdown. Callers tend to indiscriminately call
// |SSL_shutdown| before destroying an |SSL|, at which point calling the new
// session callback may be confusing.
- return 1;
+ return true;
}
UniquePtr<SSL_SESSION> session = SSL_SESSION_dup(
ssl->s3->established_session.get(), SSL_SESSION_INCLUDE_NONAUTH);
if (!session) {
- return 0;
+ return false;
}
ssl_session_rebase_time(ssl, session.get());
@@ -873,7 +874,7 @@
CBS_len(&body) != 0) {
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
- return 0;
+ return false;
}
// Cap the renewable lifetime by the server advertised value. This avoids
@@ -883,7 +884,7 @@
}
if (!tls13_derive_session_psk(session.get(), ticket_nonce)) {
- return 0;
+ return false;
}
// Parse out the extensions.
@@ -898,7 +899,7 @@
OPENSSL_ARRAY_SIZE(ext_types),
1 /* ignore unknown */)) {
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
- return 0;
+ return false;
}
if (have_early_data_info && ssl->enable_early_data) {
@@ -906,10 +907,15 @@
CBS_len(&early_data_info) != 0) {
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
- return 0;
+ return false;
}
}
+ // Generate a session ID for this session. Some callers expect all sessions to
+ // have a session ID.
+ SHA256(CBS_data(&ticket), CBS_len(&ticket), session->session_id);
+ session->session_id_length = SHA256_DIGEST_LENGTH;
+
session->ticket_age_add_valid = true;
session->not_resumable = false;
@@ -920,7 +926,7 @@
session.release();
}
- return 1;
+ return true;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/tls13_enc.cc b/src/ssl/tls13_enc.cc
index 84bc5d2..5e1f19a 100644
--- a/src/ssl/tls13_enc.cc
+++ b/src/ssl/tls13_enc.cc
@@ -30,12 +30,12 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
-static int init_key_schedule(SSL_HANDSHAKE *hs, uint16_t version,
+static bool init_key_schedule(SSL_HANDSHAKE *hs, uint16_t version,
const SSL_CIPHER *cipher) {
if (!hs->transcript.InitHash(version, cipher)) {
- return 0;
+ return false;
}
hs->hash_len = hs->transcript.DigestLen();
@@ -43,13 +43,13 @@
// Initialize the secret to the zero key.
OPENSSL_memset(hs->secret, 0, hs->hash_len);
- return 1;
+ return true;
}
-int tls13_init_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk,
- size_t psk_len) {
+bool tls13_init_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk,
+ size_t psk_len) {
if (!init_key_schedule(hs, ssl_protocol_version(hs->ssl), hs->new_cipher)) {
- return 0;
+ return false;
}
hs->transcript.FreeBuffer();
@@ -57,8 +57,8 @@
psk_len, hs->secret, hs->hash_len);
}
-int tls13_init_early_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk,
- size_t psk_len) {
+bool tls13_init_early_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk,
+ size_t psk_len) {
SSL *const ssl = hs->ssl;
return init_key_schedule(hs, ssl_session_protocol_version(ssl->session.get()),
ssl->session->cipher) &&
@@ -66,10 +66,11 @@
psk_len, hs->secret, hs->hash_len);
}
-static int hkdf_expand_label(uint8_t *out, const EVP_MD *digest,
- const uint8_t *secret, size_t secret_len,
- const char *label, size_t label_len,
- const uint8_t *hash, size_t hash_len, size_t len) {
+static bool hkdf_expand_label(uint8_t *out, const EVP_MD *digest,
+ const uint8_t *secret, size_t secret_len,
+ const char *label, size_t label_len,
+ const uint8_t *hash, size_t hash_len,
+ size_t len) {
static const char kTLS13LabelVersion[] = "tls13 ";
ScopedCBB cbb;
@@ -85,7 +86,7 @@
!CBB_add_u8_length_prefixed(cbb.get(), &child) ||
!CBB_add_bytes(&child, hash, hash_len) ||
!CBBFinishArray(cbb.get(), &hkdf_label)) {
- return 0;
+ return false;
}
return HKDF_expand(out, len, digest, secret, secret_len, hkdf_label.data(),
@@ -94,20 +95,20 @@
static const char kTLS13LabelDerived[] = "derived";
-int tls13_advance_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *in,
- size_t len) {
+bool tls13_advance_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *in,
+ size_t len) {
uint8_t derive_context[EVP_MAX_MD_SIZE];
unsigned derive_context_len;
if (!EVP_Digest(nullptr, 0, derive_context, &derive_context_len,
hs->transcript.Digest(), nullptr)) {
- return 0;
+ return false;
}
if (!hkdf_expand_label(hs->secret, hs->transcript.Digest(), hs->secret,
hs->hash_len, kTLS13LabelDerived,
strlen(kTLS13LabelDerived), derive_context,
derive_context_len, hs->hash_len)) {
- return 0;
+ return false;
}
return HKDF_extract(hs->secret, &hs->hash_len, hs->transcript.Digest(), in,
@@ -116,13 +117,13 @@
// derive_secret derives a secret of length |len| and writes the result in |out|
// with the given label and the current base secret and most recently-saved
-// handshake context. It returns one on success and zero on error.
-static int derive_secret(SSL_HANDSHAKE *hs, uint8_t *out, size_t len,
- const char *label, size_t label_len) {
+// handshake context. It returns true on success and false on error.
+static bool derive_secret(SSL_HANDSHAKE *hs, uint8_t *out, size_t len,
+ const char *label, size_t label_len) {
uint8_t context_hash[EVP_MAX_MD_SIZE];
size_t context_hash_len;
if (!hs->transcript.GetHash(context_hash, &context_hash_len)) {
- return 0;
+ return false;
}
return hkdf_expand_label(out, hs->transcript.Digest(), hs->secret,
@@ -130,15 +131,15 @@
context_hash_len, len);
}
-int tls13_set_traffic_key(SSL *ssl, enum evp_aead_direction_t direction,
- const uint8_t *traffic_secret,
- size_t traffic_secret_len) {
+bool tls13_set_traffic_key(SSL *ssl, enum evp_aead_direction_t direction,
+ const uint8_t *traffic_secret,
+ size_t traffic_secret_len) {
const SSL_SESSION *session = SSL_get_session(ssl);
uint16_t version = ssl_session_protocol_version(session);
if (traffic_secret_len > 0xff) {
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
- return 0;
+ return false;
}
// Look up cipher suite properties.
@@ -146,7 +147,7 @@
size_t discard;
if (!ssl_cipher_get_evp_aead(&aead, &discard, &discard, session->cipher,
version, SSL_is_dtls(ssl))) {
- return 0;
+ return false;
}
const EVP_MD *digest = ssl_session_get_digest(session);
@@ -156,7 +157,7 @@
uint8_t key[EVP_AEAD_MAX_KEY_LENGTH];
if (!hkdf_expand_label(key, digest, traffic_secret, traffic_secret_len, "key",
3, NULL, 0, key_len)) {
- return 0;
+ return false;
}
// Derive the IV.
@@ -164,7 +165,7 @@
uint8_t iv[EVP_AEAD_MAX_NONCE_LENGTH];
if (!hkdf_expand_label(iv, digest, traffic_secret, traffic_secret_len, "iv",
2, NULL, 0, iv_len)) {
- return 0;
+ return false;
}
UniquePtr<SSLAEADContext> traffic_aead =
@@ -172,16 +173,16 @@
session->cipher, MakeConstSpan(key, key_len),
Span<const uint8_t>(), MakeConstSpan(iv, iv_len));
if (!traffic_aead) {
- return 0;
+ return false;
}
if (direction == evp_aead_open) {
if (!ssl->method->set_read_state(ssl, std::move(traffic_aead))) {
- return 0;
+ return false;
}
} else {
if (!ssl->method->set_write_state(ssl, std::move(traffic_aead))) {
- return 0;
+ return false;
}
}
@@ -196,7 +197,7 @@
ssl->s3->write_traffic_secret_len = traffic_secret_len;
}
- return 1;
+ return true;
}
@@ -209,7 +210,7 @@
static const char kTLS13LabelClientApplicationTraffic[] = "c ap traffic";
static const char kTLS13LabelServerApplicationTraffic[] = "s ap traffic";
-int tls13_derive_early_secrets(SSL_HANDSHAKE *hs) {
+bool tls13_derive_early_secrets(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
if (!derive_secret(hs, hs->early_traffic_secret, hs->hash_len,
kTLS13LabelClientEarlyTraffic,
@@ -219,13 +220,13 @@
!derive_secret(hs, ssl->s3->early_exporter_secret, hs->hash_len,
kTLS13LabelEarlyExporter,
strlen(kTLS13LabelEarlyExporter))) {
- return 0;
+ return false;
}
ssl->s3->early_exporter_secret_len = hs->hash_len;
- return 1;
+ return true;
}
-int tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs) {
+bool tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
return derive_secret(hs, hs->client_handshake_secret, hs->hash_len,
kTLS13LabelClientHandshakeTraffic,
@@ -239,7 +240,7 @@
hs->server_handshake_secret, hs->hash_len);
}
-int tls13_derive_application_secrets(SSL_HANDSHAKE *hs) {
+bool tls13_derive_application_secrets(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
ssl->s3->exporter_secret_len = hs->hash_len;
return derive_secret(hs, hs->client_traffic_secret_0, hs->hash_len,
@@ -260,7 +261,7 @@
static const char kTLS13LabelApplicationTraffic[] = "traffic upd";
-int tls13_rotate_traffic_key(SSL *ssl, enum evp_aead_direction_t direction) {
+bool tls13_rotate_traffic_key(SSL *ssl, enum evp_aead_direction_t direction) {
uint8_t *secret;
size_t secret_len;
if (direction == evp_aead_open) {
@@ -275,7 +276,7 @@
if (!hkdf_expand_label(
secret, digest, secret, secret_len, kTLS13LabelApplicationTraffic,
strlen(kTLS13LabelApplicationTraffic), NULL, 0, secret_len)) {
- return 0;
+ return false;
}
return tls13_set_traffic_key(ssl, direction, secret, secret_len);
@@ -283,10 +284,10 @@
static const char kTLS13LabelResumption[] = "res master";
-int tls13_derive_resumption_secret(SSL_HANDSHAKE *hs) {
+bool tls13_derive_resumption_secret(SSL_HANDSHAKE *hs) {
if (hs->hash_len > SSL_MAX_MASTER_KEY_LENGTH) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
hs->new_session->master_key_length = hs->hash_len;
return derive_secret(hs, hs->new_session->master_key,
@@ -298,23 +299,23 @@
// tls13_verify_data sets |out| to be the HMAC of |context| using a derived
// Finished key for both Finished messages and the PSK binder.
-static int tls13_verify_data(const EVP_MD *digest, uint16_t version,
- uint8_t *out, size_t *out_len,
- const uint8_t *secret, size_t hash_len,
- uint8_t *context, size_t context_len) {
+static bool tls13_verify_data(const EVP_MD *digest, uint16_t version,
+ uint8_t *out, size_t *out_len,
+ const uint8_t *secret, size_t hash_len,
+ uint8_t *context, size_t context_len) {
uint8_t key[EVP_MAX_MD_SIZE];
unsigned len;
if (!hkdf_expand_label(key, digest, secret, hash_len, kTLS13LabelFinished,
strlen(kTLS13LabelFinished), NULL, 0, hash_len) ||
HMAC(digest, key, hash_len, context, context_len, out, &len) == NULL) {
- return 0;
+ return false;
}
*out_len = len;
- return 1;
+ return true;
}
-int tls13_finished_mac(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len,
- int is_server) {
+bool tls13_finished_mac(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len,
+ bool is_server) {
const uint8_t *traffic_secret;
if (is_server) {
traffic_secret = hs->server_handshake_secret;
@@ -345,14 +346,14 @@
static const char kTLS13LabelExportKeying[] = "exporter";
-int tls13_export_keying_material(SSL *ssl, Span<uint8_t> out,
- Span<const uint8_t> secret,
- Span<const char> label,
- Span<const uint8_t> context) {
+bool tls13_export_keying_material(SSL *ssl, Span<uint8_t> out,
+ Span<const uint8_t> secret,
+ Span<const char> label,
+ Span<const uint8_t> context) {
if (secret.empty()) {
assert(0);
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
const EVP_MD *digest = ssl_session_get_digest(SSL_get_session(ssl));
@@ -378,21 +379,21 @@
static const char kTLS13LabelPSKBinder[] = "res binder";
-static int tls13_psk_binder(uint8_t *out, uint16_t version,
- const EVP_MD *digest, uint8_t *psk, size_t psk_len,
- uint8_t *context, size_t context_len,
- size_t hash_len) {
+static bool tls13_psk_binder(uint8_t *out, uint16_t version,
+ const EVP_MD *digest, uint8_t *psk, size_t psk_len,
+ uint8_t *context, size_t context_len,
+ size_t hash_len) {
uint8_t binder_context[EVP_MAX_MD_SIZE];
unsigned binder_context_len;
if (!EVP_Digest(NULL, 0, binder_context, &binder_context_len, digest, NULL)) {
- return 0;
+ return false;
}
uint8_t early_secret[EVP_MAX_MD_SIZE] = {0};
size_t early_secret_len;
if (!HKDF_extract(early_secret, &early_secret_len, digest, psk, hash_len,
NULL, 0)) {
- return 0;
+ return false;
}
uint8_t binder_key[EVP_MAX_MD_SIZE] = {0};
@@ -402,20 +403,20 @@
binder_context, binder_context_len, hash_len) ||
!tls13_verify_data(digest, version, out, &len, binder_key, hash_len,
context, context_len)) {
- return 0;
+ return false;
}
- return 1;
+ return true;
}
-int tls13_write_psk_binder(SSL_HANDSHAKE *hs, uint8_t *msg, size_t len) {
+bool tls13_write_psk_binder(SSL_HANDSHAKE *hs, uint8_t *msg, size_t len) {
SSL *const ssl = hs->ssl;
const EVP_MD *digest = ssl_session_get_digest(ssl->session.get());
size_t hash_len = EVP_MD_size(digest);
if (len < hash_len + 3) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
ScopedEVP_MD_CTX ctx;
@@ -427,7 +428,7 @@
hs->transcript.buffer().size()) ||
!EVP_DigestUpdate(ctx.get(), msg, len - hash_len - 3) ||
!EVP_DigestFinal_ex(ctx.get(), context, &context_len)) {
- return 0;
+ return false;
}
uint8_t verify_data[EVP_MAX_MD_SIZE] = {0};
@@ -435,21 +436,21 @@
ssl->session->master_key,
ssl->session->master_key_length, context, context_len,
hash_len)) {
- return 0;
+ return false;
}
OPENSSL_memcpy(msg + len - hash_len, verify_data, hash_len);
- return 1;
+ return true;
}
-int tls13_verify_psk_binder(SSL_HANDSHAKE *hs, SSL_SESSION *session,
- const SSLMessage &msg, CBS *binders) {
+bool tls13_verify_psk_binder(SSL_HANDSHAKE *hs, SSL_SESSION *session,
+ const SSLMessage &msg, CBS *binders) {
size_t hash_len = hs->transcript.DigestLen();
// The message must be large enough to exclude the binders.
if (CBS_len(&msg.raw) < CBS_len(binders) + 2) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
// Hash a ClientHello prefix up to the binders. This includes the header. For
@@ -459,7 +460,7 @@
unsigned context_len;
if (!EVP_Digest(CBS_data(&msg.raw), CBS_len(&msg.raw) - CBS_len(binders) - 2,
context, &context_len, hs->transcript.Digest(), NULL)) {
- return 0;
+ return false;
}
uint8_t verify_data[EVP_MAX_MD_SIZE] = {0};
@@ -470,21 +471,21 @@
// We only consider the first PSK, so compare against the first binder.
!CBS_get_u8_length_prefixed(binders, &binder)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
+ return false;
}
- int binder_ok =
+ bool binder_ok =
CBS_len(&binder) == hash_len &&
CRYPTO_memcmp(CBS_data(&binder), verify_data, hash_len) == 0;
#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
- binder_ok = 1;
+ binder_ok = true;
#endif
if (!binder_ok) {
OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/tls13_server.cc b/src/ssl/tls13_server.cc
index aba7fc0..0d82d68 100644
--- a/src/ssl/tls13_server.cc
+++ b/src/ssl/tls13_server.cc
@@ -36,7 +36,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
enum server_hs_state_t {
state_select_parameters = 0,
@@ -716,7 +716,7 @@
size_t finished_len;
if (!tls13_finished_mac(hs, hs->expected_client_finished, &finished_len,
- 0 /* client */)) {
+ false /* client */)) {
return ssl_hs_error;
}
@@ -807,7 +807,7 @@
return ssl_hs_ok;
}
- const int allow_anonymous =
+ const bool allow_anonymous =
(hs->config->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) == 0;
SSLMessage msg;
if (!ssl->method->get_message(ssl, &msg)) {
@@ -1028,4 +1028,4 @@
return "TLS 1.3 server unknown";
}
-} // namespace bssl
+BSSL_NAMESPACE_END
diff --git a/src/ssl/tls_method.cc b/src/ssl/tls_method.cc
index 2af5171..116f027 100644
--- a/src/ssl/tls_method.cc
+++ b/src/ssl/tls_method.cc
@@ -65,7 +65,7 @@
#include "internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
static void ssl3_on_handshake_complete(SSL *ssl) {
// The handshake should have released its final message.
@@ -182,7 +182,7 @@
ssl_noop_x509_ssl_ctx_flush_cached_client_CA,
};
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/src/ssl/tls_record.cc b/src/ssl/tls_record.cc
index a2e4a20..c1f9e7f 100644
--- a/src/ssl/tls_record.cc
+++ b/src/ssl/tls_record.cc
@@ -119,7 +119,7 @@
#include "../crypto/internal.h"
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
// kMaxEmptyRecords is the number of consecutive, empty records that will be
// processed. Without this limit an attacker could send empty records at a
@@ -140,26 +140,26 @@
// ssl_needs_record_splitting returns one if |ssl|'s current outgoing cipher
// state needs record-splitting and zero otherwise.
-static int ssl_needs_record_splitting(const SSL *ssl) {
+static bool ssl_needs_record_splitting(const SSL *ssl) {
#if !defined(BORINGSSL_UNSAFE_FUZZER_MODE)
return !ssl->s3->aead_write_ctx->is_null_cipher() &&
ssl->s3->aead_write_ctx->ProtocolVersion() < TLS1_1_VERSION &&
(ssl->mode & SSL_MODE_CBC_RECORD_SPLITTING) != 0 &&
SSL_CIPHER_is_block_cipher(ssl->s3->aead_write_ctx->cipher());
#else
- return 0;
+ return false;
#endif
}
-int ssl_record_sequence_update(uint8_t *seq, size_t seq_len) {
+bool ssl_record_sequence_update(uint8_t *seq, size_t seq_len) {
for (size_t i = seq_len - 1; i < seq_len; i--) {
++seq[i];
if (seq[i] != 0) {
- return 1;
+ return true;
}
}
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
- return 0;
+ return false;
}
size_t ssl_record_prefix_len(const SSL *ssl) {
@@ -373,9 +373,9 @@
return ssl_open_record_success;
}
-static int do_seal_record(SSL *ssl, uint8_t *out_prefix, uint8_t *out,
- uint8_t *out_suffix, uint8_t type, const uint8_t *in,
- const size_t in_len) {
+static bool do_seal_record(SSL *ssl, uint8_t *out_prefix, uint8_t *out,
+ uint8_t *out_suffix, uint8_t type, const uint8_t *in,
+ const size_t in_len) {
SSLAEADContext *aead = ssl->s3->aead_write_ctx.get();
uint8_t *extra_in = NULL;
size_t extra_in_len = 0;
@@ -390,7 +390,7 @@
if (!aead->SuffixLen(&suffix_len, in_len, extra_in_len) ||
!aead->CiphertextLen(&ciphertext_len, in_len, extra_in_len)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_RECORD_TOO_LARGE);
- return 0;
+ return false;
}
assert(in == out || !buffers_alias(in, in_len, out, in_len));
@@ -415,11 +415,11 @@
out_prefix[0], record_version, ssl->s3->write_sequence,
header, in, in_len, extra_in, extra_in_len) ||
!ssl_record_sequence_update(ssl->s3->write_sequence, 8)) {
- return 0;
+ return false;
}
ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_HEADER, header);
- return 1;
+ return true;
}
static size_t tls_seal_scatter_prefix_len(const SSL *ssl, uint8_t type,
@@ -464,7 +464,7 @@
// returns one on success and zero on error. If enabled,
// |tls_seal_scatter_record| implements TLS 1.0 CBC 1/n-1 record splitting and
// may write two records concatenated.
-static int tls_seal_scatter_record(SSL *ssl, uint8_t *out_prefix, uint8_t *out,
+static bool tls_seal_scatter_record(SSL *ssl, uint8_t *out_prefix, uint8_t *out,
uint8_t *out_suffix, uint8_t type,
const uint8_t *in, size_t in_len) {
if (type == SSL3_RT_APPLICATION_DATA && in_len > 1 &&
@@ -478,13 +478,13 @@
if (!do_seal_record(ssl, out_prefix, split_body, split_suffix, type, in,
1)) {
- return 0;
+ return false;
}
size_t split_record_suffix_len;
if (!ssl->s3->aead_write_ctx->SuffixLen(&split_record_suffix_len, 1, 0)) {
assert(false);
- return 0;
+ return false;
}
const size_t split_record_len = prefix_len + 1 + split_record_suffix_len;
assert(SSL3_RT_HEADER_LENGTH + ssl_cipher_get_record_split_len(
@@ -496,24 +496,25 @@
uint8_t tmp_prefix[SSL3_RT_HEADER_LENGTH];
if (!do_seal_record(ssl, tmp_prefix, out + 1, out_suffix, type, in + 1,
in_len - 1)) {
- return 0;
+ return false;
}
assert(tls_seal_scatter_prefix_len(ssl, type, in_len) ==
split_record_len + SSL3_RT_HEADER_LENGTH - 1);
OPENSSL_memcpy(out_prefix + split_record_len, tmp_prefix,
SSL3_RT_HEADER_LENGTH - 1);
OPENSSL_memcpy(out, tmp_prefix + SSL3_RT_HEADER_LENGTH - 1, 1);
- return 1;
+ return true;
}
return do_seal_record(ssl, out_prefix, out, out_suffix, type, in, in_len);
}
-int tls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out_len,
- uint8_t type, const uint8_t *in, size_t in_len) {
+bool tls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len,
+ size_t max_out_len, uint8_t type, const uint8_t *in,
+ size_t in_len) {
if (buffers_alias(in, in_len, out, max_out_len)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_OUTPUT_ALIASES_INPUT);
- return 0;
+ return false;
}
const size_t prefix_len = tls_seal_scatter_prefix_len(ssl, type, in_len);
@@ -524,22 +525,22 @@
if (in_len + prefix_len < in_len ||
prefix_len + in_len + suffix_len < prefix_len + in_len) {
OPENSSL_PUT_ERROR(SSL, SSL_R_RECORD_TOO_LARGE);
- return 0;
+ return false;
}
if (max_out_len < in_len + prefix_len + suffix_len) {
OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL);
- return 0;
+ return false;
}
uint8_t *prefix = out;
uint8_t *body = out + prefix_len;
uint8_t *suffix = body + in_len;
if (!tls_seal_scatter_record(ssl, prefix, body, suffix, type, in, in_len)) {
- return 0;
+ return false;
}
*out_len = prefix_len + in_len + suffix_len;
- return 1;
+ return true;
}
enum ssl_open_record_t ssl_process_alert(SSL *ssl, uint8_t *out_alert,
@@ -674,7 +675,7 @@
in.data(), in.size());
}
-} // namespace bssl
+BSSL_NAMESPACE_END
using namespace bssl;
diff --git a/src/third_party/fiat/CMakeLists.txt b/src/third_party/fiat/CMakeLists.txt
deleted file mode 100644
index fcc77d5..0000000
--- a/src/third_party/fiat/CMakeLists.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
- fiat
-
- OBJECT
-
- curve25519.c
-)
diff --git a/src/tool/CMakeLists.txt b/src/tool/CMakeLists.txt
index 87efb09..7f34017 100644
--- a/src/tool/CMakeLists.txt
+++ b/src/tool/CMakeLists.txt
@@ -20,6 +20,8 @@
transport_common.cc
)
+add_dependencies(bssl global_target)
+
if(APPLE OR WIN32 OR ANDROID)
target_link_libraries(bssl ssl crypto)
else()
diff --git a/src/util/all_tests.json b/src/util/all_tests.json
index 01d6fd0..7152ec1 100644
--- a/src/util/all_tests.json
+++ b/src/util/all_tests.json
@@ -1,5 +1,6 @@
[
["crypto/crypto_test"],
+ ["crypto/crypto_test", "--fork_unsafe_buffering", "--gtest_filter=RandTest.*:-RandTest.Fork"],
["decrepit/decrepit_test"],
["ssl/ssl_test"]
]
diff --git a/src/util/doc.go b/src/util/doc.go
index 040ac79..ab21547 100644
--- a/src/util/doc.go
+++ b/src/util/doc.go
@@ -82,6 +82,19 @@
return strings.HasPrefix(line, commentStart) || strings.HasPrefix(line, lineComment)
}
+func commentSubject(line string) string {
+ if strings.HasPrefix(line, "A ") {
+ line = line[len("A "):]
+ } else if strings.HasPrefix(line, "An ") {
+ line = line[len("An "):]
+ }
+ idx := strings.IndexAny(line, " ,")
+ if idx < 0 {
+ return line
+ }
+ return line[:idx]
+}
+
func extractComment(lines []string, lineNo int) (comment []string, rest []string, restLineNo int, err error) {
if len(lines) == 0 {
return nil, lines, lineNo, nil
@@ -426,17 +439,22 @@
// As a matter of style, comments should start
// with the name of the thing that they are
// commenting on. We make an exception here for
- // #defines (because we often have blocks of
- // them) and collective comments, which are
- // detected by starting with “The” or “These”.
+ // collective comments, which are detected by
+ // starting with “The” or “These”.
if len(comment) > 0 &&
- !strings.HasPrefix(comment[0], name) &&
- !strings.HasPrefix(comment[0], "A "+name) &&
- !strings.HasPrefix(comment[0], "An "+name) &&
- !strings.HasPrefix(decl, "#define ") &&
+ len(name) > 0 &&
!strings.HasPrefix(comment[0], "The ") &&
!strings.HasPrefix(comment[0], "These ") {
- return nil, fmt.Errorf("Comment for %q doesn't seem to match line %s:%d\n", name, path, declLineNo)
+ subject := commentSubject(comment[0])
+ ok := subject == name
+ if l := len(subject); l > 0 && subject[l-1] == '*' {
+ // Groups of names, notably #defines, are often
+ // denoted with a wildcard.
+ ok = strings.HasPrefix(name, subject[:l-1])
+ }
+ if !ok {
+ return nil, fmt.Errorf("Comment for %q doesn't seem to match line %s:%d\n", name, path, declLineNo)
+ }
}
anchor := sanitizeAnchor(name)
// TODO(davidben): Enforce uniqueness. This is
diff --git a/src/util/make_prefix_headers.go b/src/util/make_prefix_headers.go
new file mode 100644
index 0000000..a5e5441
--- /dev/null
+++ b/src/util/make_prefix_headers.go
@@ -0,0 +1,216 @@
+// Copyright (c) 2018, Google Inc.
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+// This program takes a file containing newline-separated symbols, and generates
+// boringssl_prefix_symbols.h, boringssl_prefix_symbols_asm.h, and
+// boringssl_prefix_symbols_nasm.inc. These header files can be used to build
+// BoringSSL with a prefix for all symbols in order to avoid symbol name
+// conflicts when linking a project with multiple copies of BoringSSL; see
+// BUILDING.md for more details.
+
+// TODO(joshlf): For platforms which support it, use '#pragma redefine_extname'
+// instead of a custom macro. This avoids the need for a custom macro, but also
+// ensures that our renaming won't conflict with symbols defined and used by our
+// consumers (the "HMAC" problem). An example of this approach can be seen in
+// IllumOS' fork of OpenSSL:
+// https://github.com/joyent/illumos-extra/blob/master/openssl1x/sunw_prefix.h
+
+package main
+
+import (
+ "bufio"
+ "flag"
+ "fmt"
+ "os"
+ "path/filepath"
+ "strings"
+)
+
+var out = flag.String("out", ".", "Path to a directory where the outputs will be written")
+
+// Read newline-separated symbols from a file, ignoring any comments started
+// with '#'.
+func readSymbols(path string) ([]string, error) {
+ f, err := os.Open(path)
+ if err != nil {
+ return nil, err
+ }
+ defer f.Close()
+ scanner := bufio.NewScanner(f)
+ var ret []string
+ for scanner.Scan() {
+ line := scanner.Text()
+ if idx := strings.IndexByte(line, '#'); idx >= 0 {
+ line = line[:idx]
+ }
+ line = strings.TrimSpace(line)
+ if len(line) == 0 {
+ continue
+ }
+ ret = append(ret, line)
+ }
+ if err := scanner.Err(); err != nil {
+ return nil, err
+ }
+ return ret, nil
+}
+
+func writeCHeader(symbols []string, path string) error {
+ f, err := os.Create(path)
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ if _, err := f.WriteString(`// Copyright (c) 2018, Google Inc.
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+// BORINGSSL_ADD_PREFIX pastes two identifiers into one. It performs one
+// iteration of macro expansion on its arguments before pasting.
+#define BORINGSSL_ADD_PREFIX(a, b) BORINGSSL_ADD_PREFIX_INNER(a, b)
+#define BORINGSSL_ADD_PREFIX_INNER(a, b) a ## _ ## b
+
+`); err != nil {
+ return err
+ }
+
+ for _, symbol := range symbols {
+ if _, err := fmt.Fprintf(f, "#define %s BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, %s)\n", symbol, symbol); err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+func writeASMHeader(symbols []string, path string) error {
+ f, err := os.Create(path)
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ if _, err := f.WriteString(`// Copyright (c) 2018, Google Inc.
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+#if !defined(__APPLE__)
+#include <boringssl_prefix_symbols.h>
+#else
+// On iOS and macOS, we need to treat assembly symbols differently from other
+// symbols. The linker expects symbols to be prefixed with an underscore.
+// Perlasm thus generates symbol with this underscore applied. Our macros must,
+// in turn, incorporate it.
+#define BORINGSSL_ADD_PREFIX_MAC_ASM(a, b) BORINGSSL_ADD_PREFIX_INNER_MAC_ASM(a, b)
+#define BORINGSSL_ADD_PREFIX_INNER_MAC_ASM(a, b) _ ## a ## _ ## b
+
+`); err != nil {
+ return err
+ }
+
+ for _, symbol := range symbols {
+ if _, err := fmt.Fprintf(f, "#define _%s BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, %s)\n", symbol, symbol); err != nil {
+ return err
+ }
+ }
+
+ _, err = fmt.Fprintf(f, "#endif\n")
+ return nil
+}
+
+func writeNASMHeader(symbols []string, path string) error {
+ f, err := os.Create(path)
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ // NASM uses a different syntax from the C preprocessor.
+ if _, err := f.WriteString(`; Copyright (c) 2018, Google Inc.
+;
+; Permission to use, copy, modify, and/or distribute this software for any
+; purpose with or without fee is hereby granted, provided that the above
+; copyright notice and this permission notice appear in all copies.
+;
+; THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+; WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+; MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+; SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+; WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+; OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+; CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+`); err != nil {
+ return err
+ }
+
+ for _, symbol := range symbols {
+ if _, err := fmt.Fprintf(f, "%%define %s BORINGSSL_PREFIX %%+ %s\n", symbol, symbol); err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+func main() {
+ flag.Parse()
+ if flag.NArg() != 1 {
+ fmt.Fprintf(os.Stderr, "Usage: %s [-out OUT] SYMBOLS\n", os.Args[0])
+ os.Exit(1)
+ }
+
+ symbols, err := readSymbols(flag.Arg(0))
+ if err != nil {
+ fmt.Fprintf(os.Stderr, "Error reading symbols: %s\n", err)
+ os.Exit(1)
+ }
+
+ if err := writeCHeader(symbols, filepath.Join(*out, "boringssl_prefix_symbols.h")); err != nil {
+ fmt.Fprintf(os.Stderr, "Error writing boringssl_prefix_symbols.h: %s\n", err)
+ os.Exit(1)
+ }
+
+ if err := writeASMHeader(symbols, filepath.Join(*out, "boringssl_prefix_symbols_asm.h")); err != nil {
+ fmt.Fprintf(os.Stderr, "Error writing boringssl_prefix_symbols_asm.h: %s\n", err)
+ os.Exit(1)
+ }
+
+ if err := writeNASMHeader(symbols, filepath.Join(*out, "boringssl_prefix_symbols_nasm.inc")); err != nil {
+ fmt.Fprintf(os.Stderr, "Error writing boringssl_prefix_symbols_nasm.inc: %s\n", err)
+ os.Exit(1)
+ }
+
+}
diff --git a/win-x86_64/crypto/chacha/chacha-x86_64.asm b/win-x86_64/crypto/chacha/chacha-x86_64.asm
index cb36246..712c344 100644
--- a/win-x86_64/crypto/chacha/chacha-x86_64.asm
+++ b/win-x86_64/crypto/chacha/chacha-x86_64.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64
diff --git a/win-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.asm b/win-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.asm
index 56dc206..7698cc5 100644
--- a/win-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.asm
+++ b/win-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .data data align=8
diff --git a/win-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.asm b/win-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.asm
index ab8cf92..a62a346 100644
--- a/win-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.asm
+++ b/win-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
global dummy_chacha20_poly1305_asm
dummy_chacha20_poly1305_asm:
diff --git a/win-x86_64/crypto/fipsmodule/aes-x86_64.asm b/win-x86_64/crypto/fipsmodule/aes-x86_64.asm
index 6133a94..7edf417 100644
--- a/win-x86_64/crypto/fipsmodule/aes-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/aes-x86_64.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64
diff --git a/win-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.asm b/win-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.asm
index 63bcd48..cfdbe7c 100644
--- a/win-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64
diff --git a/win-x86_64/crypto/fipsmodule/aesni-x86_64.asm b/win-x86_64/crypto/fipsmodule/aesni-x86_64.asm
index 4abe3a2..e9af4df 100644
--- a/win-x86_64/crypto/fipsmodule/aesni-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/aesni-x86_64.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64
EXTERN OPENSSL_ia32cap_P
diff --git a/win-x86_64/crypto/fipsmodule/bsaes-x86_64.asm b/win-x86_64/crypto/fipsmodule/bsaes-x86_64.asm
index afd0dcd..57e3156 100644
--- a/win-x86_64/crypto/fipsmodule/bsaes-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/bsaes-x86_64.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64
diff --git a/win-x86_64/crypto/fipsmodule/ghash-x86_64.asm b/win-x86_64/crypto/fipsmodule/ghash-x86_64.asm
index 5b2d178..230f42c 100644
--- a/win-x86_64/crypto/fipsmodule/ghash-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/ghash-x86_64.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64
EXTERN OPENSSL_ia32cap_P
diff --git a/win-x86_64/crypto/fipsmodule/md5-x86_64.asm b/win-x86_64/crypto/fipsmodule/md5-x86_64.asm
index 0e9d2c6..2c799de 100644
--- a/win-x86_64/crypto/fipsmodule/md5-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/md5-x86_64.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64
ALIGN 16
diff --git a/win-x86_64/crypto/fipsmodule/p256-x86_64-asm.asm b/win-x86_64/crypto/fipsmodule/p256-x86_64-asm.asm
index 8027c04..ad578b9 100644
--- a/win-x86_64/crypto/fipsmodule/p256-x86_64-asm.asm
+++ b/win-x86_64/crypto/fipsmodule/p256-x86_64-asm.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64
EXTERN OPENSSL_ia32cap_P
diff --git a/win-x86_64/crypto/fipsmodule/rdrand-x86_64.asm b/win-x86_64/crypto/fipsmodule/rdrand-x86_64.asm
index 5b08e22..db379dd 100644
--- a/win-x86_64/crypto/fipsmodule/rdrand-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/rdrand-x86_64.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64
diff --git a/win-x86_64/crypto/fipsmodule/rsaz-avx2.asm b/win-x86_64/crypto/fipsmodule/rsaz-avx2.asm
index 0c6f6e1..155c5e4 100644
--- a/win-x86_64/crypto/fipsmodule/rsaz-avx2.asm
+++ b/win-x86_64/crypto/fipsmodule/rsaz-avx2.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64
diff --git a/win-x86_64/crypto/fipsmodule/sha1-x86_64.asm b/win-x86_64/crypto/fipsmodule/sha1-x86_64.asm
index 229faab..cec6e2b 100644
--- a/win-x86_64/crypto/fipsmodule/sha1-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/sha1-x86_64.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64
EXTERN OPENSSL_ia32cap_P
diff --git a/win-x86_64/crypto/fipsmodule/sha256-x86_64.asm b/win-x86_64/crypto/fipsmodule/sha256-x86_64.asm
index b78ff9f..5c78767 100644
--- a/win-x86_64/crypto/fipsmodule/sha256-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/sha256-x86_64.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64
diff --git a/win-x86_64/crypto/fipsmodule/sha512-x86_64.asm b/win-x86_64/crypto/fipsmodule/sha512-x86_64.asm
index 2c45730..6447391 100644
--- a/win-x86_64/crypto/fipsmodule/sha512-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/sha512-x86_64.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64
diff --git a/win-x86_64/crypto/fipsmodule/vpaes-x86_64.asm b/win-x86_64/crypto/fipsmodule/vpaes-x86_64.asm
index 3edde9f..015c0b2 100644
--- a/win-x86_64/crypto/fipsmodule/vpaes-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/vpaes-x86_64.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64
diff --git a/win-x86_64/crypto/fipsmodule/x86_64-mont.asm b/win-x86_64/crypto/fipsmodule/x86_64-mont.asm
index 5385e26..d28d117 100644
--- a/win-x86_64/crypto/fipsmodule/x86_64-mont.asm
+++ b/win-x86_64/crypto/fipsmodule/x86_64-mont.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64
diff --git a/win-x86_64/crypto/fipsmodule/x86_64-mont5.asm b/win-x86_64/crypto/fipsmodule/x86_64-mont5.asm
index 4902a75..8cbce47 100644
--- a/win-x86_64/crypto/fipsmodule/x86_64-mont5.asm
+++ b/win-x86_64/crypto/fipsmodule/x86_64-mont5.asm
@@ -2,6 +2,10 @@
%define XMMWORD
%define YMMWORD
%define ZMMWORD
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
section .text code align=64