tree a20a9135cb8e621a7ba03e90a5844365e936c0a1
parent ddc06518da2fd47baa7aa6cf5bd22122b7b4e70d
author Piotr Sikora <piotrsikora@google.com> 1528231635 -0700
committer Piotr Sikora <piotrsikora@google.com> 1528596609 +0000

Bazel: update BoringSSL to 5601bda / 372daf7 (master-with-bazel).

This update includes the following changes:

5601bdac Rename crypto/rsa_extra/print.c.
990a3232 Add --embed_test_data=false option to generate_build_files.py
239c05a7 Allow convert_wycheproof.go to be used one file at a time.
576b6378 Move convert_wycheproof.go to util/
189270cd Ignore Spectre mitigation warning.
c93724b5 Benchmark TLS AES-CBC ciphers in both directions.
fee8709f Replace |alloca| in |BN_mod_exp_mont_consttime|.
63e2a081 Spell Falko Strenzke's name correctly.
982279b3 Add a PKCS#12 fuzzer.
2f5100e6 More compatibility stuff.
9b2c6a93 Extract friendly names attached to certificates.
22ae0b85 Try both null and empty passwords when decoding PKCS#12.
910320a3 Restore some revocation-related X.509 extensions.
db196aab Distinguish unrecognized SPKI/PKCS8 key types from syntax errors.
91254c24 Rename |asm_AES_*| to |aes_nohw_*|.
d12f2ba5 Tweak RSA errors for compatibility.
fa544f1c Reject if the ALPN callback returned an empty protocol.
e6737a86 x509_test: Fix gcc-8 build
911cc0a0 The legacy client OCSP callback should run without server OCSP.
d6e31f6a Return more placeholder version strings.
9db1a001 Support 3DES-CMAC.
62abcebb Add a driver for Wycheproof CMAC tests.
370bb356 Refresh TLS fuzzer corpora.
05750f23 Revert "Revert "Revert "Revert "Make x86(-64) use the same aes_hw_* infrastructure as POWER and the ARMs.""""
5b220ee7 Add APIs to query authentication properties of SSL_SESSIONs.
69271b5d Revert "Revert "Revert "Make x86(-64) use the same aes_hw_* infrastructure as POWER and the ARMs."""
7d1f3598 Show an error before we abort the process for an entropy failure.
103ed085 Implement legacy OCSP APIs for libssl.
7b832ad1 Don't crash if asked to treat PBES2 as a PBES1 scheme.
f05e3eaf Add a bunch of X509_STORE getters and setters.
2e67153d Add PKCS12_create.
a3c2517b Add i2d_PKCS12*.
bc2562e5 Treat PKCS#12 passwords as UTF-8.
ae153bb9 Use new encoding functions in ASN1_mbstring_ncopy.
99767ecd Enable ADX assembly.
b06f92da Add new character encoding functions.
29d97ff3 Revert "Revert "Make x86(-64) use the same aes_hw_* infrastructure as POWER and the ARMs.""
aca24c87 Revert "Make x86(-64) use the same aes_hw_* infrastructure as POWER and the ARMs."
5f001d14 Const-correct some functions.
26ba48a6 Make x86(-64) use the same aes_hw_* infrastructure as POWER and the ARMs.
56c4ed9a Allow enabling all TLS 1.3 variants by setting |tls13_default|.
65359f08 Don't keep trying to read from stdin after EOF.
d4e091ec Refresh TLS fuzzer corpora.
418cdc4d Use the right alert for bad CA lists.
3babc86d Expand the documentation of |SSL_set_shed_handshake_config|.
8094b54e Add BIO versions of i2d_DHparams and d2i_DHparams.
02de7bd3 Add some more accessors to SSL_SESSION.
f64c3737 Fix build with GCC 4.9.2 and -Wtype-limits.
bb3a4569 Move some RSA keygen support code into separate files.
5d626b22 Add some more compatibility functions.
044f637f reformat third_party/wycheproof_testvectors/METADATA
477a9262 Bump BORINGSSL_API_VERSION.
57eaeaba Fix include path.
91374e0c Add a stub e_os2.h header.
0318b051 Add some OpenSSL compatibility functions and hacks.
1d339558 Fix clang-cl build.
26aa7c88 Handle blocked writes in bssl client/server.
ed188fd8 Enforce supported_versions in the second ServerHello.
3d9705d0 Fix bssl handling of buffered read data.
28385db6 Fix bssl select loop on Windows.
2a92847c Restore some MSVC warnings.
bf33114b Rename third_party/wycheproof to satisfy a bureaucrat.
98831738 Revert "Add other Windows configurations to the CQ."
b0412a6e Add other Windows configurations to the CQ.
3c37d0ab Reland "Fix bssl client/server's error-handling."
0cdbc876 Revert "Fix bssl client/server's error-handling."
e7ca8a5d Fix bssl client/server's error-handling.
e30fac63 Fuzz SSL_serialize_handoff() and SSL_serialize_handback().
9fdf7cb9 SSL_apply_handback: check session is where it's expected to be.
0e9e0ba1 SSL_apply_handback: check that SSL version is valid.
537553ff Prevent out of bound read in do_buf (a_strex).
179c4e25 Update Wycheproof, add keywrap tests, and fix a bug.
cf341d02 Add missing #include of <openssl/mem.h>.
f6d9f0b5 bn/asm/*-mont.pl: fix memory access pattern in final subtraction.
3e87165d Avoid compiler errors for Android ARMv7.
dd444b1d Fix bugs in X509_NAME_add_entry.
0c9ac2e7 Drop FULL_UNROLL code in aes.c.
0ca92143 Temporarily restore SHA256 and SHA384 cipher suite aliases.
b95d4b4c Move srtp_profiles to SSL_CONFIG.
98472cb3 Consistently use session_ctx for session caching.
8e75ae48 Add a Wycheproof driver for AES-CBC.
302bb396 Small curve25519 cleanups.
6e678eeb Remove legacy SHA-2 CBC ciphers.
71666cb8 Allow renego and config shedding to coexist more smoothly.
b7bc80a9 SSL_CONFIG: new struct for sheddable handshake configuration.
a2dd7818 Defer writing the shim settings.
3f944674 Add an ECDH Wycheproof driver.
7760af4b Print tcId in converted Wycheproof files.
55053286 Add AEAD Wycheproof drivers.
58d6fc48 Add missing #include of <openssl/err.h>.
c596415e Add a DSA Wycheproof driver.
57072742 Add Ed25519 Wycheproof driver.
6ae7ddb7 Add some notes on how to handle breaking changes.
8370fb6b Implement constant-time generic multiplication.
8b0dc7a7 Simplify ec_wNAF_mul table sizing.
041dd68c Clear mallocs in ec_wNAF_mul.
e14e4a7e Remove ec_compute_wNAF's failure cases.
40d76f4f Add ECDSA and RSA verify Wycheproof drivers.
5509bc06 Add a test driver for Wycheproof's x25519_test.json.
855dabc9 Add an accessor for session->certs.
bf4bcdf1 Fix some stuttering.
2d10c368 Check in a copy of Project Wycheproof test vectors.
b8546dd8 Update location of root certificates on Fuchsia
cece3261 Add SHA256_TransformBlocks.
ec4f0dda EC_GROUP_dup cannot fail.
32e0d100 Add EC_FELEM for EC_POINTs and related temporaries.
6a289b3e Remove EC_POINTs_make_affine and related logic.
06c28d8e Simplify shim timeout logic.
48b276db Give ssl_cipher_preference_list_st a destructor.
06d467c5 ghashv8-armx.pl: add Qualcomm Kryo results.
a7c8f2b7 ghashv8-armvx.pl: Fix various typos.
a63d0ad4 Require BN_mod_exp_mont* inputs be reduced.
52a68a9b Remove unused string.h include.
5c0e0cec Remove Z = 1 special-case in generic point_get_affine.
f5858ca0 Remove unnecessary endian flip in p224-64.c.
b8f14b7d Add dedicated scalar inversion code to p256-x86_64.c.
364a51ec Abstract scalar inversion in EC_METHOD.
b27b579f Add some tests for scalar operations.
3861ae66 p256-x86_64-asm.pl: add .cfi and SEH handlers to new functions.
5c30dab8 Import P-256 scalar multiplication assembly from OpenSSL.
7121fe24 Align ECDSA sign/verify scalar inversions.
941f5354 Abstract away EC_SCALAR operations.
9291be5b Remove return values from bn_*_small.
3f8074c2 Fix the error on overly large group orders.
cd012549 Explicitly guarantee BN_MONT_CTX::{RR,N} have the same width.
e3aba378 Fix typo in ssl_cert_cache_chain_certs.
a2938719 Improve the RSA key generation failure probability.
9af9b946 Restore the BN_mod codepath for public Montgomery moduli.
7e2a8a34 Speed up variable windowed exponentation a bit.
b1e6a854 Change OPENSSL_cpuid_setup to reserve more extended feature space.
35e7c994 Remove files from Trusty which can't link because of Trusty libc.
6f6a237d delocate: put emitted labels in a specific file.
56b1a8ef Test the high-order bit in X25519.
56ea9e27 Fix bn_mod_exp_mont_small when exponentiating to zero.
e0ae249f Remove a = 0 special-case in BN_mod_exp_mont.
d3192050 Deny CRT to unbalanced RSA keys.
024f5df3 Avoid some divisions in Lucky 13 fix.
e325c3f4 Give CERT a destructor.
fceca8e2 Move srtp_profile to ssl->s3.
e28552de Add an API to disable RSA-PSS for certificates.
c9775322 Pretty-print TicketAEADMethod tests.
6879e193 Rename SSL_SIGN_RSA_PSS_SHA* constants.
5ad94767 Remove legacy SSL_CTX_sess_set_get_cb overload.
68478b7e Add runtime bounds checks to bssl::Span.
9f0e7cb3 Move TB state to ssl->s3.
b8b1a9d8 Add SSL_SESSION_get0_cipher.
1414d86f tool: Move the RSA specific code from |Speed| to |SpeedRSA|.
27e4c3ba Add an OPENSSL_malloc_init stub.
de20810f Fix return value in speed tool.
acddb8c1 Avoid modifying stack in sk_find.
c5154f7d SSL_serialize_handoff: serialize fewer things.
868ec735 SSL_apply_handback: check that |max_send_fragment| is nonzero.
98dd68fb [util] Generate separate GN source sets for headers and sources
5b2a51de Check for nullptr result of SSLKeyShare::Create().
e2ab21d1 Use the actual record header, rather than reassembling it.
f11ea190 Actually benchmark RSA verification with a fresh key.
bb2e1e1e No-op comment to kick the bots.
628b3c7f Don't write out a bad OID
dcd862c1 No-op commit to kick the bots.
b2eaeb0b Drop some trial-division primes for 1024-bit candidates.
861f384d Implement TLS 1.3 draft28.
eda47f5d Make generic point arithmetic slightly less variable-time.
56986f90 Hand back ECDHE split handshakes after the first server message.

Change-Id: Ia1bc0f57111a18e0fe979842fcf28e90eceb398e
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Reviewed-on: https://nginx-review.googlesource.com/3401
Reviewed-by: Lizan Zhou <zlizan@google.com>