Revert "Revert "external/boringssl: sync with upstream.""
This reverts commit a04d78d392463df4e69a64360c952ffa5abd22f7.
Underlying issue was fixed.
Change-Id: I49685b653d16e728eb38e79e02b2c33ddeefed88
diff --git a/src/crypto/cipher/e_aes.c b/src/crypto/cipher/e_aes.c
index 41d0aec..e8905f6 100644
--- a/src/crypto/cipher/e_aes.c
+++ b/src/crypto/cipher/e_aes.c
@@ -64,7 +64,7 @@
#include "../modes/internal.h"
#if defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)
-#include "../arm_arch.h"
+#include <openssl/arm_arch.h>
#endif
@@ -98,8 +98,6 @@
#if !defined(OPENSSL_NO_ASM) && \
(defined(OPENSSL_X86_64) || defined(OPENSSL_X86))
#define VPAES
-extern unsigned int OPENSSL_ia32cap_P[];
-
static char vpaes_capable(void) {
return (OPENSSL_ia32cap_P[1] & (1 << (41 - 32))) != 0;
}
@@ -113,7 +111,6 @@
#elif !defined(OPENSSL_NO_ASM) && \
(defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64))
-#include "../arm_arch.h"
#if defined(OPENSSL_ARM) && __ARM_MAX_ARCH__ >= 7
#define BSAES
@@ -338,7 +335,7 @@
}
if (ret < 0) {
- OPENSSL_PUT_ERROR(CIPHER, aes_init_key, CIPHER_R_AES_KEY_SETUP_FAILED);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED);
return 0;
}
@@ -711,7 +708,7 @@
} else {
if (!ctx->encrypt) {
if (gctx->taglen < 0 ||
- !CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf, gctx->taglen) != 0) {
+ !CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf, gctx->taglen)) {
return -1;
}
gctx->iv_set = 0;
@@ -853,7 +850,7 @@
}
if (ret < 0) {
- OPENSSL_PUT_ERROR(CIPHER, aesni_init_key, CIPHER_R_AES_KEY_SETUP_FAILED);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED);
return 0;
}
@@ -1066,7 +1063,7 @@
const size_t key_bits = key_len * 8;
if (key_bits != 128 && key_bits != 256) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_init, CIPHER_R_BAD_KEY_LENGTH);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH);
return 0; /* EVP_AEAD_CTX_init should catch this. */
}
@@ -1075,7 +1072,7 @@
}
if (tag_len > EVP_AEAD_AES_GCM_TAG_LEN) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_init, CIPHER_R_TAG_TOO_LARGE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TAG_TOO_LARGE);
return 0;
}
@@ -1108,12 +1105,12 @@
GCM128_CONTEXT gcm;
if (in_len + gcm_ctx->tag_len < in_len) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_seal, CIPHER_R_TOO_LARGE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE);
return 0;
}
if (max_out_len < in_len + gcm_ctx->tag_len) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_seal, CIPHER_R_BUFFER_TOO_SMALL);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL);
return 0;
}
@@ -1152,14 +1149,14 @@
GCM128_CONTEXT gcm;
if (in_len < gcm_ctx->tag_len) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_open, CIPHER_R_BAD_DECRYPT);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
return 0;
}
plaintext_len = in_len - gcm_ctx->tag_len;
if (max_out_len < plaintext_len) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_open, CIPHER_R_BUFFER_TOO_SMALL);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL);
return 0;
}
@@ -1185,7 +1182,7 @@
CRYPTO_gcm128_tag(&gcm, tag, gcm_ctx->tag_len);
if (CRYPTO_memcmp(tag, in + plaintext_len, gcm_ctx->tag_len) != 0) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_open, CIPHER_R_BAD_DECRYPT);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
return 0;
}
@@ -1239,7 +1236,7 @@
const size_t key_bits = key_len * 8;
if (key_bits != 128 && key_bits != 256) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_init, CIPHER_R_BAD_KEY_LENGTH);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH);
return 0; /* EVP_AEAD_CTX_init should catch this. */
}
@@ -1248,14 +1245,13 @@
}
if (tag_len != 8) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_init,
- CIPHER_R_UNSUPPORTED_TAG_SIZE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_TAG_SIZE);
return 0;
}
kw_ctx = OPENSSL_malloc(sizeof(struct aead_aes_key_wrap_ctx));
if (kw_ctx == NULL) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_init, ERR_R_MALLOC_FAILURE);
+ OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE);
return 0;
}
@@ -1293,8 +1289,7 @@
uint8_t A[AES_BLOCK_SIZE];
if (ad_len != 0) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal,
- CIPHER_R_UNSUPPORTED_AD_SIZE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_AD_SIZE);
return 0;
}
@@ -1304,14 +1299,12 @@
}
if (nonce_len != 8) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal,
- CIPHER_R_UNSUPPORTED_NONCE_SIZE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE);
return 0;
}
if (in_len % 8 != 0) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal,
- CIPHER_R_UNSUPPORTED_INPUT_SIZE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_INPUT_SIZE);
return 0;
}
@@ -1320,32 +1313,29 @@
* conservatively cap it to 2^32-16 to stop 32-bit platforms complaining that
* a comparison is always true. */
if (in_len > 0xfffffff0) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, CIPHER_R_TOO_LARGE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE);
return 0;
}
n = in_len / 8;
if (n < 2) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal,
- CIPHER_R_UNSUPPORTED_INPUT_SIZE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_INPUT_SIZE);
return 0;
}
if (in_len + 8 < in_len) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, CIPHER_R_TOO_LARGE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE);
return 0;
}
if (max_out_len < in_len + 8) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal,
- CIPHER_R_BUFFER_TOO_SMALL);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL);
return 0;
}
if (AES_set_encrypt_key(kw_ctx->key, kw_ctx->key_bits, &ks.ks) < 0) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal,
- CIPHER_R_AES_KEY_SETUP_FAILED);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED);
return 0;
}
@@ -1388,8 +1378,7 @@
uint8_t A[AES_BLOCK_SIZE];
if (ad_len != 0) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open,
- CIPHER_R_UNSUPPORTED_AD_SIZE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_AD_SIZE);
return 0;
}
@@ -1399,14 +1388,12 @@
}
if (nonce_len != 8) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open,
- CIPHER_R_UNSUPPORTED_NONCE_SIZE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE);
return 0;
}
if (in_len % 8 != 0) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open,
- CIPHER_R_UNSUPPORTED_INPUT_SIZE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_INPUT_SIZE);
return 0;
}
@@ -1415,26 +1402,24 @@
* conservatively cap it to 2^32-8 to stop 32-bit platforms complaining that
* a comparison is always true. */
if (in_len > 0xfffffff8) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, CIPHER_R_TOO_LARGE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE);
return 0;
}
if (in_len < 24) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, CIPHER_R_BAD_DECRYPT);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
return 0;
}
n = (in_len / 8) - 1;
if (max_out_len < in_len - 8) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open,
- CIPHER_R_BUFFER_TOO_SMALL);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL);
return 0;
}
if (AES_set_decrypt_key(kw_ctx->key, kw_ctx->key_bits, &ks.ks) < 0) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open,
- CIPHER_R_AES_KEY_SETUP_FAILED);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED);
return 0;
}
@@ -1457,7 +1442,7 @@
}
if (CRYPTO_memcmp(A, nonce, 8) != 0) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, CIPHER_R_BAD_DECRYPT);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
return 0;
}
@@ -1541,15 +1526,13 @@
static const size_t hmac_key_len = 32;
if (key_len < hmac_key_len) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init,
- CIPHER_R_BAD_KEY_LENGTH);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH);
return 0; /* EVP_AEAD_CTX_init should catch this. */
}
const size_t aes_key_len = key_len - hmac_key_len;
if (aes_key_len != 16 && aes_key_len != 32) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init,
- CIPHER_R_BAD_KEY_LENGTH);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH);
return 0; /* EVP_AEAD_CTX_init should catch this. */
}
@@ -1558,15 +1541,13 @@
}
if (tag_len > EVP_AEAD_AES_CTR_HMAC_SHA256_TAG_LEN) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init,
- CIPHER_R_TAG_TOO_LARGE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TAG_TOO_LARGE);
return 0;
}
aes_ctx = OPENSSL_malloc(sizeof(struct aead_aes_ctr_hmac_sha256_ctx));
if (aes_ctx == NULL) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init,
- ERR_R_MALLOC_FAILURE);
+ OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE);
return 0;
}
@@ -1666,20 +1647,17 @@
if (in_len + aes_ctx->tag_len < in_len ||
/* This input is so large it would overflow the 32-bit block counter. */
in_len_64 >= (OPENSSL_U64(1) << 32) * AES_BLOCK_SIZE) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_seal,
- CIPHER_R_TOO_LARGE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE);
return 0;
}
if (max_out_len < in_len + aes_ctx->tag_len) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_seal,
- CIPHER_R_BUFFER_TOO_SMALL);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL);
return 0;
}
if (nonce_len != EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_seal,
- CIPHER_R_UNSUPPORTED_NONCE_SIZE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE);
return 0;
}
@@ -1703,22 +1681,19 @@
size_t plaintext_len;
if (in_len < aes_ctx->tag_len) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open,
- CIPHER_R_BAD_DECRYPT);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
return 0;
}
plaintext_len = in_len - aes_ctx->tag_len;
if (max_out_len < plaintext_len) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open,
- CIPHER_R_BUFFER_TOO_SMALL);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL);
return 0;
}
if (nonce_len != EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open,
- CIPHER_R_UNSUPPORTED_NONCE_SIZE);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE);
return 0;
}
@@ -1727,8 +1702,7 @@
&aes_ctx->outer_init_state, ad, ad_len, nonce, in,
plaintext_len);
if (CRYPTO_memcmp(hmac_result, in + plaintext_len, aes_ctx->tag_len) != 0) {
- OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open,
- CIPHER_R_BAD_DECRYPT);
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
return 0;
}