Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge BoringSSL through 4c8bcf0da2951cacd8ed8eaa7fd2df4b22fca23b #1658

Merged
merged 62 commits into from
Sep 28, 2023
Merged

Merge BoringSSL through 4c8bcf0da2951cacd8ed8eaa7fd2df4b22fca23b #1658

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
62 commits
Select commit Hold shift + click to select a range
89de6e1
Move RSA (en|de)cryption out of the FIPS module.
agl Mar 31, 2023
c5f762d
Add Trust Token version using standardized hash2curve.
dvorak42 Mar 20, 2023
9423510
Fix up do_ext_i2d's error-handling
davidben Apr 12, 2023
8cacbd9
Add functions to allow the mocking of AES hw support for testing.
Apr 5, 2023
abfd5eb
Restore some default cases in tasn_dec.c and tasn_enc.c
davidben Apr 12, 2023
8abd1b5
Remove support for "old-style" X509V3_EXT_METHODs.
davidben Apr 12, 2023
5fb362c
Remove X509V3_EXT_add_list and X509V3_EXT_cleanup
davidben Apr 13, 2023
298e6c2
expose a reset API on hmac which resets the current instance back to …
Apr 4, 2023
4ae4fb7
Drop CECPQ2 support.
agl Apr 11, 2023
d3acd45
Move HKDF into the FIPS module.
agl Apr 12, 2023
480344d
Move TLS 1.3 KDF functions into the FIPS module.
agl Apr 13, 2023
404d98b
Include bindgen generated file via a build time env var, this plays n…
Apr 14, 2023
fa7afff
add extra lints to align with Chromium rust toolchain
Apr 14, 2023
cee2dbb
Default SSL_set_enforce_rsa_key_usage to enabled.
davidben Apr 14, 2023
6e1e367
Switch to new ACVP test for TLS 1.2 KDF.
agl Apr 15, 2023
c466222
Skip some BIO_gets tests if tmpfile fails on Android
davidben Apr 17, 2023
a4593ce
break-tests.sh: break run-time tests and use two test_fips binaries.
Aug 4, 2022
6776d5c
Update test_fips.c with new functions added to FIPS module.
agl Apr 17, 2023
32b5130
Widen ASN1_mbstring_copy and ASN1_mbstring_ncopy to ossl_ssize_t
davidben Mar 25, 2023
aa31748
Generate 64-bit Curve25519 and P256 code for MSVC
andres-erbsen Feb 27, 2023
d9f209b
Document a pile of X509 print functions
davidben Apr 19, 2023
787713b
Organize X509_ATTRIBUTE functions into sections.
davidben Apr 19, 2023
437ef4d
Remove the X509at_* functions
davidben Apr 19, 2023
58a4094
Move the X509 time functions under "Convenience functions"
davidben Apr 19, 2023
3e91d37
Clarify in ssl.h documentation not to use the verify callback
davidben Apr 19, 2023
e2d1401
Remove --size_t-is-usize from bindgen call
davidben Apr 19, 2023
26ead95
Trim some unused XN_FLAG_* values
davidben Apr 19, 2023
1a5570b
Update docs to recommend a much more convenient CMake invocation
davidben Apr 19, 2023
a38d600
Fix allowlist regex in bindgen invocation
davidben Apr 19, 2023
bcecc7d
Replace sort.Sort with sort.Slice
davidben Apr 18, 2023
d5ac273
Spell includes in wrapper.h like the rest of the project
davidben Apr 20, 2023
ac6d558
Add mechanism for deprecated declarations.
Mar 28, 2023
b0b1f9d
Only rerun bindgen when its dependencies change
davidben Apr 19, 2023
de2d610
Remove TLS_RSA_WITH_NULL_SHA
davidben Apr 21, 2023
edf7662
Allow passing extra flags to BoGo shim
rolandshoemaker Apr 25, 2023
5748eb8
Move convert_wycheproof into its own package
davidben Apr 24, 2023
ece1f86
Re-add go:build ignore lines
davidben Apr 24, 2023
4b6d950
Align TRUST_TOKEN_pst_v1_voprf with draft-21 of VOPRF
dvorak42 Apr 18, 2023
d5f3a9e
Squeeze a block at a time when computing the matrix in Kyber
davidben Apr 25, 2023
d42c4e4
Specify the TLS cipher order more straightforwardly
davidben Apr 22, 2023
a0afd6a
Add some missing includes
davidben Apr 26, 2023
0c7527b
X509_sign, etc., should return the length of the signature on success
davidben Apr 26, 2023
b352546
Remove go:build ignore from convert_wycheproof
davidben Apr 26, 2023
26669ff
Don't copy all of bssl-sys into the CMake build directory
davidben Apr 21, 2023
691e45a
Remove unimplemented SSL BIO_ctrl values
davidben Apr 21, 2023
d206f3d
Move the old SPKAC types to their own section
davidben Apr 20, 2023
a02b743
runner: Remove an unnecessary use of AllCurves
davidben Apr 26, 2023
2f6409e
Support WPA 3.1 "enterprise" mode.
agl Apr 10, 2023
9939e14
Invalidated cached RSA, DH, and DSA state when changing keys
davidben Apr 26, 2023
b811a6c
Add Kyber to runner tests
agl May 1, 2023
048d21c
Disable BlindingCacheConcurrency on FreeBSD.
davidben May 1, 2023
86ada1e
Add new APIs for creating RSA keys
davidben Apr 26, 2023
77b6f25
Replace interface{} with any
davidben May 2, 2023
051f891
Update references to draft-irtf-cfrg-gcmsiv
davidben May 2, 2023
4c8bcf0
Implement the AuthEncap/AuthDecap HPKE modes
davidben Apr 28, 2023
4f9ec49
No-op merge of BoringSSL '89de6e1': Move RSA (en|de)cryption out of t…
briansmith Sep 28, 2023
5b32c4b
Ignore BoringSSL 'c5f762d'..'32b5130'
briansmith Sep 28, 2023
6e85944
Merge BoringSSL 'aa31748': Generate 64-bit Curve25519 and P256 code f…
briansmith Sep 28, 2023
83e464d
Ignore BoringSSL 'd9f209b'..'5748eb8'.
briansmith Sep 28, 2023
1833320
Merge BoringSSL 'ece1f86': Re-add go:build ignore lines
briansmith Sep 28, 2023
12fc9fd
Ignore BoringSSL '4b6d950'..'4c8bcf0'
briansmith Sep 28, 2023
af45ee2
Add newly-added files to Cargo.toml to fix `package` job.
briansmith Sep 28, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -137,8 +137,10 @@ include = [
"tests/rsa_test_public_modulus.bin",
"third_party/fiat/curve25519_32.h",
"third_party/fiat/curve25519_64.h",
"third_party/fiat/curve25519_64_msvc.h",
"third_party/fiat/p256_32.h",
"third_party/fiat/p256_64.h",
"third_party/fiat/p256_64_msvc.h",
"third_party/fiat/LICENSE",
"third_party/NIST/SHAVS/SHA1LongMsg.rsp",
"third_party/NIST/SHAVS/SHA1Monte.rsp",
Expand Down
10 changes: 6 additions & 4 deletions crypto/curve25519/curve25519.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,14 +43,16 @@
// Various pre-computed constants.
#include "./curve25519_tables.h"

#if defined(BORINGSSL_CURVE25519_64BIT)
#if defined(BORINGSSL_HAS_UINT128)
#if defined(__GNUC__)
#pragma GCC diagnostic ignored "-Wpedantic"
#endif
#include "../../third_party/fiat/curve25519_64.h"
#elif defined(OPENSSL_64_BIT)
#include "../../third_party/fiat/curve25519_64_msvc.h"
#else
#include "../../third_party/fiat/curve25519_32.h"
#endif // BORINGSSL_CURVE25519_64BIT
#endif


// Low-level intrinsic operations
Expand All @@ -75,7 +77,7 @@ static uint64_t load_4(const uint8_t *in) {

// Field operations.

#if defined(BORINGSSL_CURVE25519_64BIT)
#if defined(OPENSSL_64_BIT)

// assert_fe asserts that |f| satisfies bounds:
//
Expand Down Expand Up @@ -149,7 +151,7 @@ static uint64_t load_4(const uint8_t *in) {
} \
} while (0)

#endif // BORINGSSL_CURVE25519_64BIT
#endif // OPENSSL_64_BIT

OPENSSL_STATIC_ASSERT(sizeof(fe) == sizeof(fe_limb_t) * FE_NUM_LIMBS,
"fe_limb_t[FE_NUM_LIMBS] is inconsistent with fe");
Expand Down
Loading