Skip to content

Commit

Permalink
Merge remote-tracking branch 'bssl/master' into merge-bssl
Browse files Browse the repository at this point in the history
  • Loading branch information
@bryce-shang
bryce-shang committed Feb 18, 2021
2 parents e86f700 + bbd1742 commit dae88e2
Show file tree
Hide file tree
Showing 340 changed files with 30,978 additions and 19,979 deletions.
13 changes: 13 additions & 0 deletions .clang-format
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,19 @@ StatementMacros:
- "DECLARE_PEM_write_const"
- "DECLARE_PEM_write_fp"
- "DECLARE_PEM_write_fp_const"
- "IMPLEMENT_ASN1_ALLOC_FUNCTIONS"
- "IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname"
- "IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname"
- "IMPLEMENT_ASN1_DUP_FUNCTION"
- "IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname"
- "IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname"
- "IMPLEMENT_ASN1_FUNCTIONS"
- "IMPLEMENT_ASN1_FUNCTIONS_const"
- "IMPLEMENT_ASN1_FUNCTIONS_const_fname"
- "IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name"
- "IMPLEMENT_ASN1_FUNCTIONS_fname"
- "IMPLEMENT_ASN1_FUNCTIONS_name"
- "IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS"
- "IMPLEMENT_PEM_read"
- "IMPLEMENT_PEM_read_bio"
- "IMPLEMENT_PEM_read_fp"
Expand Down
8 changes: 0 additions & 8 deletions BUILDING.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -159,14 +159,6 @@ BoringSSL maintainers if making use of it.

## Known Limitations on Windows

* Versions of CMake since 3.0.2 have a bug in its Ninja generator that causes
yasm to output warnings

yasm: warning: can open only one input file, only the last file will be processed

These warnings can be safely ignored. The cmake bug is
http://www.cmake.org/Bug/view.php?id=15253.

* CMake can generate Visual Studio projects, but the generated project files
don't have steps for assembling the assembly language source files, so they
currently cannot be used to build BoringSSL.
Expand Down
29 changes: 28 additions & 1 deletion CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -529,6 +529,8 @@ elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "i686")
set(ARCH "x86")
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "aarch64")
set(ARCH "aarch64")
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "ARM64")
set(ARCH "aarch64")
elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "arm64")
set(ARCH "aarch64")
# Apple A12 Bionic chipset which is added in iPhone XS/XS Max/XR uses arm64e architecture.
Expand Down Expand Up @@ -696,6 +698,30 @@ if (NOT ${CMAKE_VERSION} VERSION_LESS "3.2")
endif()

if(GO_EXECUTABLE)
if(FIPS)
add_custom_target(
acvp_tests
COMMAND ${GO_EXECUTABLE} build -o ${CMAKE_BINARY_DIR}/acvptool
boringssl.googlesource.com/boringssl/util/fipstools/acvp/acvptool
COMMAND ${GO_EXECUTABLE} build -o ${CMAKE_BINARY_DIR}/testmodulewrapper
boringssl.googlesource.com/boringssl/util/fipstools/acvp/acvptool/testmodulewrapper
COMMAND cd util/fipstools/acvp/acvptool/test &&
${GO_EXECUTABLE} run check_expected.go
-tool ${CMAKE_BINARY_DIR}/acvptool
-module-wrappers modulewrapper:$<TARGET_FILE:modulewrapper>,testmodulewrapper:${CMAKE_BINARY_DIR}/testmodulewrapper
-tests tests.json
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
DEPENDS modulewrapper
USES_TERMINAL)

add_custom_target(
fips_specific_tests_if_any
DEPENDS acvp_tests
)
else()
add_custom_target(fips_specific_tests_if_any)
endif()

add_custom_target(
run_tests
COMMAND ${GO_EXECUTABLE} run util/all_tests.go -build-dir
Expand All @@ -704,7 +730,7 @@ if(GO_EXECUTABLE)
${GO_EXECUTABLE} test -timeout ${GO_TEST_TIMEOUT} -shim-path $<TARGET_FILE:bssl_shim>
${HANDSHAKER_ARGS} ${RUNNER_ARGS}
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
DEPENDS all_tests bssl_shim handshaker
DEPENDS all_tests bssl_shim handshaker fips_specific_tests_if_any
${MAYBE_USES_TERMINAL})

add_custom_target(
Expand Down Expand Up @@ -733,6 +759,7 @@ else()
DEPENDS all_tests
${MAYBE_USES_TERMINAL})
endif()

# Copy awslc-config.cmake to build artifacts.
configure_file("cmake/awslc-config.cmake"
"${CMAKE_CURRENT_BINARY_DIR}/awslc-config.cmake"
Expand Down
38 changes: 23 additions & 15 deletions crypto/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,17 +47,23 @@ if(NOT OPENSSL_NO_ASM)
endforeach()
endif()
else()
if(${ARCH} STREQUAL "x86_64")
set(PERLASM_STYLE nasm)
if(${ARCH} STREQUAL "aarch64")
set(PERLASM_STYLE win64)
set(ASM_EXT S)
enable_language(ASM)
else()
set(PERLASM_STYLE win32n)
set(PERLASM_FLAGS "-DOPENSSL_IA32_SSE2")
endif()
set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -gcv8")
if(${ARCH} STREQUAL "x86_64")
set(PERLASM_STYLE nasm)
else()
set(PERLASM_STYLE win32n)
set(PERLASM_FLAGS "-DOPENSSL_IA32_SSE2")
endif()
set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -gcv8")

# On Windows, we use the NASM output, specifically built with Yasm.
set(ASM_EXT asm)
enable_language(ASM_NASM)
# On Windows, we use the NASM output.
set(ASM_EXT asm)
enable_language(ASM_NASM)
endif()
endif()
endif()

Expand Down Expand Up @@ -254,6 +260,7 @@ add_library(
bio/printf.c
bio/socket.c
bio/socket_helper.c
blake2/blake2.c
bn_extra/bn_asn1.c
bn_extra/convert.c
buf/buf.c
Expand All @@ -278,17 +285,16 @@ add_library(
conf/conf.c
cpu-aarch64-fuchsia.c
cpu-aarch64-linux.c
cpu-aarch64-win.c
cpu-arm-linux.c
cpu-arm.c
cpu-intel.c
cpu-ppc64le.c
crypto.c
curve25519/curve25519.c
curve25519/spake25519.c
dh/dh.c
dh/params.c
dh/check.c
dh/dh_asn1.c
dh_extra/params.c
dh_extra/dh_asn1.c
digest_extra/digest_extra.c
dsa/dsa.c
dsa/dsa_asn1.c
Expand Down Expand Up @@ -345,6 +351,7 @@ add_library(
rand_extra/deterministic.c
rand_extra/forkunsafe.c
rand_extra/fuchsia.c
rand_extra/passive.c
rand_extra/rand_extra.c
rand_extra/windows.c
rc4/rc4.c
Expand Down Expand Up @@ -506,8 +513,9 @@ add_executable(
abi_self_test.cc
asn1/asn1_test.cc
base64/base64_test.cc
buf/buf_test.cc
bio/bio_test.cc
blake2/blake2_test.cc
buf/buf_test.cc
bytestring/bytestring_test.cc
chacha/chacha_test.cc
cipher_extra/aead_test.cc
Expand All @@ -521,7 +529,7 @@ add_executable(
curve25519/spake25519_test.cc
curve25519/x25519_test.cc
ecdh_extra/ecdh_test.cc
dh/dh_test.cc
dh_extra/dh_test.cc
digest_extra/digest_test.cc
dsa/dsa_test.cc
err/err_test.cc
Expand Down
103 changes: 73 additions & 30 deletions crypto/asn1/asn1_test.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,44 @@ TEST(ASN1Test, IntegerSetting) {
}
}

template <typename T>
void TestSerialize(T obj, int (*i2d_func)(T a, uint8_t **pp),
bssl::Span<const uint8_t> expected) {
int len = static_cast<int>(expected.size());
ASSERT_EQ(i2d_func(obj, nullptr), len);

std::vector<uint8_t> buf(expected.size());
uint8_t *ptr = buf.data();
ASSERT_EQ(i2d_func(obj, &ptr), len);
EXPECT_EQ(ptr, buf.data() + buf.size());
EXPECT_EQ(Bytes(expected), Bytes(buf));

// Test the allocating version.
ptr = nullptr;
ASSERT_EQ(i2d_func(obj, &ptr), len);
EXPECT_EQ(Bytes(expected), Bytes(ptr, expected.size()));
OPENSSL_free(ptr);
}

TEST(ASN1Test, SerializeObject) {
static const uint8_t kDER[] = {0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x01};
const ASN1_OBJECT *obj = OBJ_nid2obj(NID_rsaEncryption);
TestSerialize(obj, i2d_ASN1_OBJECT, kDER);
}

TEST(ASN1Test, SerializeBoolean) {
static const uint8_t kTrue[] = {0x01, 0x01, 0xff};
TestSerialize(0xff, i2d_ASN1_BOOLEAN, kTrue);

static const uint8_t kFalse[] = {0x01, 0x01, 0x00};
TestSerialize(0x00, i2d_ASN1_BOOLEAN, kFalse);
}

// The ASN.1 macros do not work on Windows shared library builds, where usage of
// |OPENSSL_EXPORT| is a bit stricter.
#if !defined(OPENSSL_WINDOWS) || !defined(BORINGSSL_SHARED_LIBRARY)

typedef struct asn1_linked_list_st {
struct asn1_linked_list_st *next;
} ASN1_LINKED_LIST;
Expand Down Expand Up @@ -151,36 +189,41 @@ TEST(ASN1Test, Recursive) {
ASN1_LINKED_LIST_free(list);
}

template <typename T>
void TestSerialize(T obj, int (*i2d_func)(T a, uint8_t **pp),
bssl::Span<const uint8_t> expected) {
int len = static_cast<int>(expected.size());
ASSERT_EQ(i2d_func(obj, nullptr), len);

std::vector<uint8_t> buf(expected.size());
uint8_t *ptr = buf.data();
ASSERT_EQ(i2d_func(obj, &ptr), len);
EXPECT_EQ(ptr, buf.data() + buf.size());
EXPECT_EQ(Bytes(expected), Bytes(buf));

// Test the allocating version.
ptr = nullptr;
ASSERT_EQ(i2d_func(obj, &ptr), len);
EXPECT_EQ(Bytes(expected), Bytes(ptr, expected.size()));
OPENSSL_free(ptr);
}
struct IMPLICIT_CHOICE {
ASN1_STRING *string;
};

TEST(ASN1Test, SerializeObject) {
static const uint8_t kDER[] = {0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x01};
const ASN1_OBJECT *obj = OBJ_nid2obj(NID_rsaEncryption);
TestSerialize(obj, i2d_ASN1_OBJECT, kDER);
// clang-format off
DECLARE_ASN1_FUNCTIONS(IMPLICIT_CHOICE)

ASN1_SEQUENCE(IMPLICIT_CHOICE) = {
ASN1_IMP(IMPLICIT_CHOICE, string, DIRECTORYSTRING, 0)
} ASN1_SEQUENCE_END(IMPLICIT_CHOICE)

IMPLEMENT_ASN1_FUNCTIONS(IMPLICIT_CHOICE)
// clang-format on

// Test that the ASN.1 templates reject types with implicitly-tagged CHOICE
// types.
TEST(ASN1Test, ImplicitChoice) {
// Serializing a type with an implicitly tagged CHOICE should fail.
std::unique_ptr<IMPLICIT_CHOICE, decltype(&IMPLICIT_CHOICE_free)> obj(
IMPLICIT_CHOICE_new(), IMPLICIT_CHOICE_free);
EXPECT_EQ(-1, i2d_IMPLICIT_CHOICE(obj.get(), nullptr));

// An implicitly-tagged CHOICE is an error. Depending on the implementation,
// it may be misinterpreted as without the tag, or as clobbering the CHOICE
// tag. Test both inputs and ensure they fail.

// SEQUENCE { UTF8String {} }
static const uint8_t kInput1[] = {0x30, 0x02, 0x0c, 0x00};
const uint8_t *ptr = kInput1;
EXPECT_EQ(nullptr, d2i_IMPLICIT_CHOICE(nullptr, &ptr, sizeof(kInput1)));

// SEQUENCE { [0 PRIMITIVE] {} }
static const uint8_t kInput2[] = {0x30, 0x02, 0x80, 0x00};
ptr = kInput2;
EXPECT_EQ(nullptr, d2i_IMPLICIT_CHOICE(nullptr, &ptr, sizeof(kInput2)));
}

TEST(ASN1Test, SerializeBoolean) {
static const uint8_t kTrue[] = {0x01, 0x01, 0xff};
TestSerialize(0xff, i2d_ASN1_BOOLEAN, kTrue);

static const uint8_t kFalse[] = {0x01, 0x01, 0x00};
TestSerialize(0x00, i2d_ASN1_BOOLEAN, kFalse);
}
#endif // !WINDOWS || !SHARED_LIBRARY
4 changes: 2 additions & 2 deletions crypto/asn1/tasn_dec.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -267,8 +267,8 @@ static int asn1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in,

case ASN1_ITYPE_CHOICE:
/*
* It never makes sense for CHOICE types to have implicit tagging, so
* if tag != -1, then this looks like an error in the template.
* It never makes sense for CHOICE types to have implicit tagging, so if
* tag != -1, then this looks like an error in the template.
*/
if (tag != -1) {
OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_TEMPLATE);
Expand Down
4 changes: 2 additions & 2 deletions crypto/asn1/tasn_enc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,8 +157,8 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,

case ASN1_ITYPE_CHOICE:
/*
* It never makes sense for CHOICE types to have implicit tagging, so
* if tag != -1, then this looks like an error in the template.
* It never makes sense for CHOICE types to have implicit tagging, so if
* tag != -1, then this looks like an error in the template.
*/
if (tag != -1) {
OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_TEMPLATE);
Expand Down
4 changes: 4 additions & 0 deletions crypto/bio/socket_helper.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,11 @@ int bio_ip_and_port_to_socket_and_addr(int *out_sock,
ret = getaddrinfo(hostname, port_str, &hint, &result);
if (ret != 0) {
OPENSSL_PUT_ERROR(SYS, 0);
#if defined(OPENSSL_WINDOWS)
ERR_add_error_data(1, gai_strerrorA(ret));
#else
ERR_add_error_data(1, gai_strerror(ret));
#endif
return 0;
}

Expand Down
Loading

0 comments on commit dae88e2

Please sign in to comment.