android-ndk-boringssl.git
3 years agoMerge "Revert "Use libmingwex for gmtime_s"" master
Dan Albert [Mon, 25 Jan 2016 21:02:43 +0000 (21:02 +0000)]
Merge "Revert "Use libmingwex for gmtime_s""

3 years agoRevert "Use libmingwex for gmtime_s"
Dan Albert [Fri, 15 Jan 2016 19:08:59 +0000 (11:08 -0800)]
Revert "Use libmingwex for gmtime_s"

The new version of mingw has moved all of time_s.h into time.h.

This reverts commit 1f6fdd5a306c0a08f5dcf7ef6696c2efe4839882.

Bug: http://b/26523949
Change-Id: I58f05135ac44fa053133e0cfe999054b2694b682

3 years agoexternal/boringssl: sync to 7b8b9c17
Adam Langley [Wed, 13 Jan 2016 23:00:54 +0000 (15:00 -0800)]
external/boringssl: sync to 7b8b9c17

This includes the following changes from BoringSSL :

7b8b9c1 Include 'asm' in the name of X25519 asm sources.
3202750 Update the fuzz tests for the server.
6544426 Fix a ** 0 mod 1 = 0 for real this time.
fe5f7c7 Only reserve EVP_MAX_MD_SIZE for the Finished, not twice of it.
0d56f88 Switch s to ssl everywhere.
974c7ba Route DHE through the SSL_ECDH abstraction as well.
4cc36ad Make it possible to tell what curve was used on the server.
4298d77 Implement draft-ietf-tls-curve25519-01 in C.
c18ef75 Allocate a NID for X25519.
3a2a480 Remove long-dead comment.
cba2b62 Implement draft-ietf-tls-curve25519-01 in Go.
ab14563 Bundle a copy of golang.org/x/crypto/curve25519 for testing.
a029ebc Switch the bundled poly1305 to relative imports.
64d9250 Completely remove P-224 from the TLS stack.
8c2b3bf Test all supported curves (including those off by default).
fc82512 Convert ssl3_send_cert_verify to CBB.
5fb18c6 Make MSVC happy.
2a0b391 Rewrite ssl3_send_server_key_exchange to use CBB.
d16bf34 Add a -lldb flag to runner.go.
af21bcf Remove other unnecessary BN_CTX allocations.
ae0eaaa Convert ssl3_send_client_key_exchange to CBB.
3ac4b3a Remove NO_ASM define that I accidently included in the previous commit.
e6c5402 Don't build X25519 asm code when NO_ASM is set.
77a173e Add x86-64 assembly for X25519.
c75c0ae Add #defines for ED25519 key and signature lengths.
48cce66 Tidy up ssl3_get_server_key_exchange slightly.
c1cc858 Check for EC_KEY_set_public_key error.
4cc671c Add CBB_reserve and CBB_did_write.
e13263d Resolve a few old TODOs.
841934f Remove stack macros for nonexistent types.
70ab223 Remove ASN1_R_MALLOC_FAILURE.
b965c63 Reject calls to X509_verify_cert that have not been reinitialised
3f5b43d Simplify RSA key exchange padding check.
3ef6085 Refuse to parse RSA pubkeys with invalid exponents.
afe57cb Add a tool to generate Ed25519 keys.
77c3c0b Enable Ed25519 when building with OPENSSL_SMALL.
9f897b2 Remove the stitched RC4-MD5 code and use the generic one.
1741a9d Save some mallocs in computing the MAC for e_tls.c.
df57163 Add RC4-SHA1 and DES-EDE3-CBC-SHA1 to bssl speed.
13414b3 Implement draft-ietf-tls-chacha20-poly1305-04.
3748990 Implement draft-ietf-tls-chacha20-poly1305-04 in Go.
2089fdd Implement RFC 7539 in Go.
86e412d Add client cert support to bssl client.
23a681b Fix build.
e320392 Rename the Go ChaCha20-Poly1305 implementation.
8ffab72 Point EVP_aead_chacha20_poly1305 at the standardized version.
fef6fb5 Fix ChaCha20-Poly1305 tests.
60a08ac Remove unreachable code to duplicate DH keys.
4ec0cce Slightly tweak some array allocations.
2936170 Fix memory leak in DSA redo case.
a01deee Make CBB_len relative to its argument.
77385bb Mark platform-specific HOST_[c2l|l2c] as (void).
6969971 Remove a dead prototype.
1b36716 Remove crypto/header_removed.h.
017231a Remove asm __asm__ define.
793c21e Make HOST_l2c return void.
0aff3ff Store the partial block as uint8_t, not uint32_t.
5a19d7d Use the straight-forward ROTATE macro.
78fefbf Reformat md32_common.h, part 2.
fea1137 Reformat md32_common.h, part 1.
871fff0 *_Update of length zero is legal.
d9f0671 Remove |need_record_splitting| from |SSL3_STATE|.
cd48038 Remove unused fields from SSL3_STATE.
7fc0100 Slightly simplify SSL3_RECORD.
ece5ba2 Reset ssl error codes.
a41280d Pull ChangeCipherSpec into the handshake state machine.
8fd5c23 Simplify fragmented HelloRequest state.
ef5dfd2 Add tests for malformed HelloRequests.
8411b24 Add tests for bad ChangeCipherSpecs.
502a843 Switch unrolled loop in BN_usub with memcpy.
c3ae38b Remove DH EVP_PKEY hooks.
7100ee9 Chromium's update.sh is dead, long live update.py
f28dd64 Fix flaky BadRSAClientKeyExchange-1 test.
4234885 Remove unused functions.
45dab25 Skip free callbacks on empty CRYPTO_EX_DATAs.
8a58933 Remove the CRYPTO_EX_new callback.
0abd6f2 Get struct timeval from sys/time.h.
1246670 Use UINT64_C in sha512.c table.
5ddffbb Make SSL_(CTX_)?set_tmp_ecdh call SSL_(CTX_)?set1_curves.
53e5c2c Remove SSL_(CTX_)?set_ecdh_callback.
756ad17 Initialize |one_index| in OAEP padding check.
1634a33 Convert rsa/padding.c to constant-time helpers.
b36a395 Add slightly better RSA key exchange tests.
0bd71eb Remove weird ret negation logic.
e9cddb8 Remove SSL_OP_LEGACY_SERVER_CONNECT.
3e052de Tighten SSL_OP_LEGACY_SERVER_CONNECT to align with RFC 5746.
03f0005 Remove SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER.
ef5e515 Remove SSL_OP_TLS_D5_BUG.
c100ef4 Limit depth of ASN1 parse printing.
2205093 Add a comment in SetTestState from bssl_shim.
6ae67df Don't leak Android hacks to other build platforms.
a0ef7b0 Enforce that |EC_KEY| private key is in [0, group->order).
533a273 Add |EC_METHOD| method for verifying public key order.
a3d9de0 Add |EC_GROUP_get0_order| to replace |EC_GROUP_get_order|.
8847856 Include <sys/time.h> in packeted_bio.h for 'timeval'
dca63cf Don't abort in |init_once| if |fcntl| returns ENOSYS
afd565f Add defines for SRTP profiles using GCM ciphers from RFC 7714.
902870e Gate SHA_CTX compatibility on !WINDOWS.
34aa55c Support the SHA_CTX hack without ANDROID.
6d9e5a7 Re-apply 75b833cc819a9d189adb0fdd56327bee600ff9e9
28243c0 Add PSS parameter check.
e701f16 bn/asm/x86_64-mont5.pl: fix carry propagating bug (CVE-2015-3193).
cb85298 Fix leak with ASN.1 combine.
c4f25ce Work around yaSSL bug.
c5eb467 Remove dead code in p256-x86_64.
758d127 Add get0 getters for EVP_PKEY.
fde89b4 avoid clashes with libc's 'open' in e_chacha20poly1305.c
60a45aa Remove reference to removed |RSA_FLAG_NO_CONSTTIME| flag.
81edc9b Do away with BN_LLONG in favor of BN_ULLONG.
e8fe07f Fix AES XTS mode key size.
93a5b44 Make CRYPTO_library_init use a CRYPTO_once_t.
bf76218 Remove the |ri| field of |BN_MONT_CTX|.
596ab10 s/BN_BITS/BN_BITS2/ in |BN_mod_inverse_ex|; remove |BN_BITS| & |BN_MASK|.
7af36e1 Share common definitions of |TOBN| and |BIGNUM_STATIC|.
ff2df33 Reformat the cipher suite table.
9f2e277 Remove strength_bits.
d6e9eec Remove algo_strength.
dcb6ef0 Remove algorithm_ssl.
d28f59c Switch the keylog BIO to a callback.
fba735c Register the *25519 tests as dependencies of all_tests.
f3376ac Remove |EC_POINTs_mul| & simplify p256-x86_64.
301efc8 Fix error handling in |p256-x86_64|.
e2136d9 Remove |EC_GROUP_precompute_mult| and |EC_KEY_precompute_mult|.
9b26297 Make |EC_GROUP_precompute_mult|/|EC_KEY_precompute_mult| no-ops.
5058d79 Remove p224-64 and p256-64 dead code for non-default generators.
b1b6229 Add NEON implementation of curve25519.
9e65d48 Allow |CRYPTO_is_NEON_capable| to be known at compile time, if possible.
3ac32b1 Fix curve25519 code for MSVC.
4fb0dc4 Add X25519 and Ed25519 support.
c324f17 Make sure pthread_once() succeeds.
9361243 Don't include <alloca.h>, it's no longer needed.
b00061c Add SSL_CIPHER_is_AES[128|256]CBC.
3a59611 size_t SSL*_use_*_ASN1.
b324159 Fix ssl3_send_server_key_exchange error path.
f584a5a Reset epoch state in one place.
2077cf9 Use UINT64_C instead of OPENSSL_U64.
af07365 Check for overflow when parsing a CBS with d2i_*.
780cd92 modes/asm/ghash-armv4.pl: extend Apple fix to all clang cases.
f9c77de Drop CBB allocation failure test.
a33915d Have |CBB_init| zero the |CBB| before any possible failures.
c5c85de Make RAND_seed read a byte of random data.
d9e2702 Don't encode or decode ∞.
e7806fd Remove point-on-curve check from |ec_GFp_simple_oct2point|.
20c3731 Become partially -Wmissing-variable-declarations-clean.
7308aaa Remove `EC_GFp_simple_method` (dead code).
f872951 Fix null pointer dereference when using "simple" EC.
8bde5d2 Remove the unused |Ni| member of |BN_MONT_CTX|.
ce7ae6f Enable AVX code for SHA-*.
9f1f04f Remove nistz256 dead code for non-default generators.
d7421eb Remove condition which always evaluates to true (size_t >= 0).
d386394 Test for underflow before subtraction.
ef14b2d Remove stl_compat.h.
cd24a39 Limit DHE groups to 4096-bit.
99fdfb9 Move curve check out of tls12_check_peer_sigalg.

Change-Id: Id2d7110569d250b1bae8f8ce7d4421a92f581a31

3 years agoDo not sanitize host static libraries.
Alex Klyubin [Fri, 11 Dec 2015 20:45:14 +0000 (12:45 -0800)]
Do not sanitize host static libraries.

Sanitization currently makes these libraries reference symbols which
cannot be resolved at runtime without additional magic.

Disable this until we can find a fix. This currently makes signapk
fail with:
libconscrypt_openjdk_jni.so: undefined symbol: __asan_option_detect_stack_use_after_return
at java.lang.ClassLoader$NativeLibrary.load(Native Method)
at java.lang.ClassLoader.loadLibrary1(ClassLoader.java:1965)
at java.lang.ClassLoader.loadLibrary0(ClassLoader.java:1890)
at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1880)
at java.lang.Runtime.loadLibrary0(Runtime.java:849)
at java.lang.System.loadLibrary(System.java:1088)
at org.conscrypt.NativeCryptoJni.init(NativeCryptoJni.java:25)
at org.conscrypt.NativeCrypto.<clinit>(NativeCrypto.java:54)
at org.conscrypt.OpenSSLBIOInputStream.<init>(OpenSSLBIOInputStream.java:34)
at org.conscrypt.OpenSSLX509Certificate.fromX509PemInputStream(OpenSSLX509Certificate.java:119)
at org.conscrypt.OpenSSLX509CertificateFactory$1.fromX509PemInputStream(OpenSSLX509CertificateFactory.java:220)
at org.conscrypt.OpenSSLX509CertificateFactory$1.fromX509PemInputStream(OpenSSLX509CertificateFactory.java:216)
at org.conscrypt.OpenSSLX509CertificateFactory$Parser.generateItem(OpenSSLX509CertificateFactory.java:94)
at org.conscrypt.OpenSSLX509CertificateFactory.engineGenerateCertificate(OpenSSLX509CertificateFactory.java:272)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:339)
at com.android.signapk.SignApk.readPublicKey(SignApk.java:161)
at com.android.signapk.SignApk.main(SignApk.java:933)

Bug: 26160319
Change-Id: I9f8d949bf571eb2511d42d472ecf23a5e8c03758

3 years agoRevert "Revert "Opt-out of STL""
Kenny Root [Fri, 4 Dec 2015 20:52:23 +0000 (12:52 -0800)]
Revert "Revert "Opt-out of STL""

Now with a proper pthread dependency.

This reverts commit 658a3498901326a0544d9a5410061a975fd0988d.

Change-Id: I98414598c885904cb1988f30b339da7181cda341

3 years agoRevert "Opt-out of STL"
Kenny Root [Fri, 4 Dec 2015 20:44:07 +0000 (20:44 +0000)]
Revert "Opt-out of STL"

We were depending on pthread that was being pulled in via STL, so revert
this until we can fix the dependency correctly.

This reverts commit f88d692da8c082678ff553efcba725df93b2f4a1.

Change-Id: Ica803c825db66e52ffa1d41cf709da9313dded1b

3 years agoOpt-out of STL
Colin Cross [Thu, 3 Dec 2015 23:41:30 +0000 (15:41 -0800)]
Opt-out of STL

libssl and libcrypto don't use STL, set LOCAL_CXX_STL := none for the
host modules.

Change-Id: I22c36e477ec812a38dc1c6463bd398503a1f4b69

3 years agoexternal/boringssl: update from upstream
Adam Langley [Thu, 12 Nov 2015 20:15:39 +0000 (12:15 -0800)]
external/boringssl: update from upstream

BUG=24082170

7104cc9 Update and fix fuzzing instructions.
9a4beb8 Add four, basic fuzz tests.
4ab2540 Add AArch64 Montgomery assembly.
ad38dc7 Enable Montgomery optimisations on ARM.
2e64f1b Check PKCS#8 pkey field is valid before cleansing.
f606f98 bssl pkcs12 shouldn't crash on missing key.
e348ff4 Fix build.
6e80765 Add SSL_get_server_key_exchange_hash.
788be4a Remove the hard-coded SHA-1 exception for sigalgs.
5d5e39f Remove non-ASM version of |bn_mul_mont| in bn/generic.c.
59b0fcc Define BORINGSSL_201510.
e6d1e5a Use typedef names, not struct names.
16285ea Rewrite DTLS handshake message sending logic.
c81ee8b Add missing state to DTLS state machine.
2e24b9b Allow SHA-512 unaligned data access in |OPENSSL_NO_ASM| mode.
e82e6f6 Constify more BN_MONT_CTX parameters.
c7817d8 Add SSL_CIPHER_get_min_version and tidy up SSL_TLSV1_2 logic.
9d94d5e Remove untested, unnecessary big-endian SHA-1/SHA-256 optimizations.
38feb99 Require that EC points are on the curve.
ef793f4 Add various functions for SSL_CIPHER.
f93995b Test that the client doesn't offer TLS 1.2 ciphers when it shouldn't.
5f88999 Fix up several comments and detect problems in the future.
e57a192 Add missing newline in aead.h.
c2d3280 Add SSL_get_ivs.
a97b737 Separate CCS and handshake writing in DTLS.
ac9404c Improve crypto/digest/md32_common.h mechanism.
8fb0f52 Free BN_MONT_CTX in generic code.
bb87535 Fix ASan bot.
d93831d Make it possible for a static linker to discard unused RSA functions.
e8f783a Unwind DH_METHOD and DSA_METHOD.
3fc138e Don't bother sampling __func__.
165248c Fix several MSVC warnings.
8f7ecb8 (Hopefully) fix a warning on Windows.
466b989 Initialise variable before jump.
1895493 Add Intel's P-256
27a0d08 Add ssl_renegotiate_ignore.
fa9eb56 Correct the spelling of "primitive".
f1c1cf8 Revert "Improve crypto/digest/md32_common.h mechanism."
00461cf Improve crypto/digest/md32_common.h mechanism.
ecc2591 Update link to Google style guide.
efb42fb Make BN_mod_exp_mont_consttime take a const context.
eb8be01 Add ciphers option to bssl.
09d68c9 Expand a comment.
2e0901b Don't use ssl3_write_pending in DTLS.
13e81fc Fix DTLS asynchronous write handling.
ebda9b3 Make recordingconn emit more useful things for DTLS.
069bedf Fix documentation typo.
ce51469 Fix a missing initializer that only Clang warns about.
d9e8173 Fix several warnings that arise in Android.
bb85f3d Reorganise |SSL_SESSION| and |SSL| to save a little memory.
dff504d Make the instructions for downloading the ARM compiler easier to copy and paste.

Change-Id: I5ef2238f77f2bcab239919c8c50c3705b4577f09

3 years agoRevert "Revert "external/boringssl: sync with upstream.""
Kenny Root [Fri, 6 Nov 2015 23:31:15 +0000 (15:31 -0800)]
Revert "Revert "external/boringssl: sync with upstream.""

This reverts commit 03bcf618b7ed811b305845461fbb5497dfe55ac3.

No changes here. trusty build was fixed with the required rules.mk changes.

3 years agotrusty: Set OPENSSL_STATIC_ARMCAP* based on make variables
Arve Hjønnevåg [Sat, 19 Sep 2015 04:10:36 +0000 (21:10 -0700)]
trusty: Set OPENSSL_STATIC_ARMCAP* based on make variables

Change-Id: Ide28171787db4e481b0b05b4107e58071d8c0fee

3 years agoMerge changes I49931c6e,Ia906bc8e,I6a663f00
Kenny Root [Fri, 6 Nov 2015 23:03:11 +0000 (23:03 +0000)]
Merge changes I49931c6e,Ia906bc8e,I6a663f00

* changes:
  trusty: Build boringssl as a .a instead of .o
  trusty: Remove lib/libc-trusty from dependency list.
  Fix trusty build warnings about duplicate files

3 years agoMerge "Revert "external/boringssl: sync with upstream.""
Kenny Root [Thu, 5 Nov 2015 20:20:47 +0000 (20:20 +0000)]
Merge "Revert "external/boringssl: sync with upstream.""

3 years agoRevert "external/boringssl: sync with upstream."
Kenny Root [Thu, 5 Nov 2015 20:20:27 +0000 (20:20 +0000)]
Revert "external/boringssl: sync with upstream."

This reverts commit fdeb488e6332a17729db5a04236e48a46a019272.

This breaks trusty since it doesn't have setjmp.h

Change-Id: I960e25aa0bb2eef1237743b1567f7cb7f6d40497

3 years agoMerge "external/boringssl: sync with upstream."
Kenny Root [Thu, 5 Nov 2015 19:23:03 +0000 (19:23 +0000)]
Merge "external/boringssl: sync with upstream."

3 years agoexternal/boringssl: sync with upstream.
Adam Langley [Fri, 30 Oct 2015 20:15:30 +0000 (13:15 -0700)]
external/boringssl: sync with upstream.

See the following URL for a list of the changes included in this sync:

https://boringssl.googlesource.com/boringssl/+log/d98dc1311e20193ac188e359e91aeaaf5cc3a7e2..51a01a5cd44b3bdfab5220847000f13fc85f000b

Change-Id: I36535827f652536dfd687c1646bbea1535fc8e44

3 years agoMerge "external/boringssl: remove BORINGSSL_201509 support."
Kenny Root [Thu, 22 Oct 2015 00:13:49 +0000 (00:13 +0000)]
Merge "external/boringssl: remove BORINGSSL_201509 support."
am: 6e19d4dc05

* commit '6e19d4dc059301bed57d7dae7750c69fecb51b15':
  external/boringssl: remove BORINGSSL_201509 support.

3 years agoMerge "external/boringssl: remove BORINGSSL_201509 support."
Kenny Root [Thu, 22 Oct 2015 00:11:03 +0000 (00:11 +0000)]
Merge "external/boringssl: remove BORINGSSL_201509 support."

3 years agoam b58f8d1f: (-s ours) DO NOT MERGE ANYWHERE Revert "Whitelist windows modules"
Kenny Root [Sat, 3 Oct 2015 02:27:04 +0000 (02:27 +0000)]
am b58f8d1f: (-s ours) DO NOT MERGE ANYWHERE Revert "Whitelist windows modules"

* commit 'b58f8d1fed1cfc47760125d23160ca78f364722b':
  DO NOT MERGE ANYWHERE Revert "Whitelist windows modules"

3 years agoDO NOT MERGE ANYWHERE Revert "Whitelist windows modules"
Kenny Root [Sat, 3 Oct 2015 00:37:41 +0000 (17:37 -0700)]
DO NOT MERGE ANYWHERE Revert "Whitelist windows modules"

This is only needed in the mnc-ub-dev branch to deal with the older
build project.

This reverts commit 08656b61d075740bfb24ddcce65223146259fc02.

Change-Id: I7440e3d6371e6d98f1f77705f8bf374e7f37fbe2

3 years agoMerge mnc-dr-dev-plus-aosp into mnc-ub-dev
Kenny Root [Fri, 2 Oct 2015 23:09:15 +0000 (16:09 -0700)]
Merge mnc-dr-dev-plus-aosp into mnc-ub-dev

This pulls in the latest version of BoringSSL.

Change-Id: I0ab5c73d60f41a696c9a828fac87670aaca10dec

3 years agotrusty: Build boringssl as a .a instead of .o
Arve Hjønnevåg [Fri, 2 Oct 2015 03:48:35 +0000 (20:48 -0700)]
trusty: Build boringssl as a .a instead of .o

The default partially linked lk module .o files does not allow
unreferenced assembly files to be dropped.

Change-Id: I49931c6e1a17fa6552fa444c8e5e20ca7fca5cf1

3 years agotrusty: Remove lib/libc-trusty from dependency list.
Arve Hjønnevåg [Fri, 2 Oct 2015 03:50:36 +0000 (20:50 -0700)]
trusty: Remove lib/libc-trusty from dependency list.

This allows linking into the kernel.

Change-Id: Ia906bc8eff1f85a78aa8afb72f7fd0d26d5529ee

3 years agoexternal/boringssl: remove BORINGSSL_201509 support.
Adam Langley [Wed, 30 Sep 2015 22:08:01 +0000 (15:08 -0700)]
external/boringssl: remove BORINGSSL_201509 support.

The BORINGSSL_201509 define was used to make updating BoringSSL in
external/boringssl less painful. It allowed code to compile with either
the old BoringSSL (which didn't define BORINGSSL_201509) or with the new
(which does).

Now that the new version has landed, this change removes that define. It
must be landed after the changes elsewhere in Android that remove
references to this define.

Change-Id: I19e661419f830459d015bf14e7905af2ec41b735

3 years agoFix trusty build warnings about duplicate files
Arve Hjønnevåg [Sat, 19 Sep 2015 03:56:46 +0000 (20:56 -0700)]
Fix trusty build warnings about duplicate files

Change-Id: I6a663f0039eb1557269696b1af9034cda5dbb983

3 years agoam 3df15298: am 184bc934: BoringSSL: always build with symbol visibility flags.
Adam Langley [Fri, 25 Sep 2015 17:55:26 +0000 (17:55 +0000)]
am 3df15298: am 184bc934: BoringSSL: always build with symbol visibility flags.

* commit '3df15298f187027066b40757c1c0fe209fe8465e':
  BoringSSL: always build with symbol visibility flags.

3 years agoam 184bc934: BoringSSL: always build with symbol visibility flags.
Adam Langley [Fri, 25 Sep 2015 17:50:28 +0000 (17:50 +0000)]
am 184bc934: BoringSSL: always build with symbol visibility flags.

* commit '184bc93440dbfefbd499f7164e8a1b22540f5571':
  BoringSSL: always build with symbol visibility flags.

3 years agoBoringSSL: always build with symbol visibility flags.
Adam Langley [Fri, 25 Sep 2015 17:27:29 +0000 (10:27 -0700)]
BoringSSL: always build with symbol visibility flags.

When building for shared libraries, setting BORINGSSL_SHARED_LIBRARY,
BORINGSSL_IMPLEMENTATION and setting the default symbol visibility to
“hidden” causes the correct symbol visibility to be set.

This change causes symbol visibility always to be set, even for the
static builds. The reason is the the static builds are often then
included in shared libraries, so they're not really static after all.
Setting the symbol visibility in this case can avoid a lot of references
via the PLT and GOT for internal symbols.

Most importantly, some of the x86 asm code has IP-relative references to
data and, unless the visibility of the target symbol is “hidden”, the
linker believes that it needs a textrel, which breaks linking that code
into shared libraries.

Change-Id: I00e8d045bcece7b872d88bdf965c5baf65c2d639

3 years agoam d947d006: am b8494591: Revert "Revert "external/boringssl: sync with upstream.""
Kenny Root [Fri, 25 Sep 2015 02:46:08 +0000 (02:46 +0000)]
am d947d006: am b8494591: Revert "Revert "external/boringssl: sync with upstream.""

* commit 'd947d006e7a7ebcfdfe642e686250caf2028c2c1':
  Revert "Revert "external/boringssl: sync with upstream.""

3 years agoam b8494591: Revert "Revert "external/boringssl: sync with upstream.""
Kenny Root [Fri, 25 Sep 2015 02:36:32 +0000 (02:36 +0000)]
am b8494591: Revert "Revert "external/boringssl: sync with upstream.""

* commit 'b8494591d1b1a143f3b192d845c238bbf3bc629d':
  Revert "Revert "external/boringssl: sync with upstream.""

3 years agoRevert "Revert "external/boringssl: sync with upstream.""
Kenny Root [Fri, 25 Sep 2015 02:29:14 +0000 (02:29 +0000)]
Revert "Revert "external/boringssl: sync with upstream.""

This reverts commit a04d78d392463df4e69a64360c952ffa5abd22f7.

Underlying issue was fixed.

Change-Id: I49685b653d16e728eb38e79e02b2c33ddeefed88

3 years agoam 00bc53f6: am a04d78d3: Revert "external/boringssl: sync with upstream."
Kenny Root [Fri, 25 Sep 2015 00:44:37 +0000 (00:44 +0000)]
am 00bc53f6: am a04d78d3: Revert "external/boringssl: sync with upstream."

* commit '00bc53f6f4436972b7a8dcf2c1e5fd0ad7515872':
  Revert "external/boringssl: sync with upstream."

3 years agoam a04d78d3: Revert "external/boringssl: sync with upstream."
Kenny Root [Fri, 25 Sep 2015 00:37:00 +0000 (00:37 +0000)]
am a04d78d3: Revert "external/boringssl: sync with upstream."

* commit 'a04d78d392463df4e69a64360c952ffa5abd22f7':
  Revert "external/boringssl: sync with upstream."

3 years agoRevert "external/boringssl: sync with upstream."
Kenny Root [Fri, 25 Sep 2015 00:26:37 +0000 (00:26 +0000)]
Revert "external/boringssl: sync with upstream."

This reverts commit 1e4884f615b20946411a74e41eb9c6aa65e2d5f3.

This breaks some x86 builds.

Change-Id: I4d4310663ce52bc0a130e6b9dbc22b868ff4fb25

3 years agoam 3781a606: am 1e4884f6: external/boringssl: sync with upstream.
Adam Langley [Thu, 24 Sep 2015 23:03:06 +0000 (23:03 +0000)]
am 3781a606: am 1e4884f6: external/boringssl: sync with upstream.

* commit '3781a60670f92c3c6fca860cb4589495cefa2e56':
  external/boringssl: sync with upstream.

3 years agoam 1e4884f6: external/boringssl: sync with upstream.
Adam Langley [Thu, 24 Sep 2015 22:57:25 +0000 (22:57 +0000)]
am 1e4884f6: external/boringssl: sync with upstream.

* commit '1e4884f615b20946411a74e41eb9c6aa65e2d5f3':
  external/boringssl: sync with upstream.

3 years agoexternal/boringssl: sync with upstream.
Adam Langley [Thu, 24 Sep 2015 17:57:52 +0000 (10:57 -0700)]
external/boringssl: sync with upstream.

This change imports the current version of BoringSSL. The only local
change now is that |BORINGSSL_201509| is defined in base.h. This allows
this change to be made without (hopefully) breaking the build.

This change will need https://android-review.googlesource.com/172744 to
be landed afterwards to update a test.

Change-Id: I6d1f463f7785a2423bd846305af91c973c326104

3 years agoam 4ca36931: am 08656b61: Whitelist windows modules
Dan Willemsen [Thu, 3 Sep 2015 18:56:42 +0000 (18:56 +0000)]
am 4ca36931: am 08656b61: Whitelist windows modules

* commit '4ca36931e543512682d75e8e6d923144261dfd4d':
  Whitelist windows modules

3 years agoam 08656b61: Whitelist windows modules
Dan Willemsen [Thu, 3 Sep 2015 18:48:47 +0000 (18:48 +0000)]
am 08656b61: Whitelist windows modules

* commit '08656b61d075740bfb24ddcce65223146259fc02':
  Whitelist windows modules

3 years agoWhitelist windows modules
Dan Willemsen [Wed, 19 Aug 2015 00:47:53 +0000 (17:47 -0700)]
Whitelist windows modules

And stop changing variables based on HOST_OS.

Bug: 23566667
Change-Id: I3b3b2f0aef066eb224cb1fa6f2e9f32c32695711

3 years agoam 929d45bb: (-s ours) am e25abed5: Fix and re-enable clang build.
Dan Albert [Thu, 27 Aug 2015 05:10:39 +0000 (05:10 +0000)]
am 929d45bb: (-s ours) am e25abed5: Fix and re-enable clang build.

* commit '929d45bbdac9245b6516f033fb7ce4059a9067b8':

3 years agoam 5100c0f3: (-s ours) am 13204c36: Disable clang build temporarily to fix build.
Dan Albert [Thu, 27 Aug 2015 05:10:39 +0000 (05:10 +0000)]
am 5100c0f3: (-s ours) am 13204c36: Disable clang build temporarily to fix build.

* commit '5100c0f3f529f9eba6ea43310abdbbf6bb84ac4d':

3 years agoam 3b2c6065: (-s ours) am 07f4f423: Merge changes Icdc56a50,I63d5dc28,Ia7d0c5d8,I47406533
Kenny Root [Thu, 27 Aug 2015 05:10:38 +0000 (05:10 +0000)]
am 3b2c6065: (-s ours) am 07f4f423: Merge changes Icdc56a50,I63d5dc28,Ia7d0c5d8,I47406533

* commit '3b2c60656d36f47063e972b9aa2c11ef235253a6':

3 years agoam e25abed5: Fix and re-enable clang build.
Dan Albert [Sat, 15 Aug 2015 03:42:14 +0000 (03:42 +0000)]
am e25abed5: Fix and re-enable clang build.

* commit 'e25abed5ef1542dc435905e05597fe374382fbec':
  Fix and re-enable clang build.

3 years agoam e25abed5: Fix and re-enable clang build.
Dan Albert [Sat, 15 Aug 2015 03:42:11 +0000 (03:42 +0000)]
am e25abed5: Fix and re-enable clang build.

* commit 'e25abed5ef1542dc435905e05597fe374382fbec':
  Fix and re-enable clang build.

3 years agoam 13204c36: Disable clang build temporarily to fix build.
Dan Albert [Sat, 15 Aug 2015 03:16:27 +0000 (03:16 +0000)]
am 13204c36: Disable clang build temporarily to fix build.

* commit '13204c36644625f117cc23bb9f2121b76653555f':
  Disable clang build temporarily to fix build.

3 years agoam 13204c36: Disable clang build temporarily to fix build.
Dan Albert [Sat, 15 Aug 2015 03:14:41 +0000 (03:14 +0000)]
am 13204c36: Disable clang build temporarily to fix build.

* commit '13204c36644625f117cc23bb9f2121b76653555f':
  Disable clang build temporarily to fix build.

3 years agoFix and re-enable clang build.
Dan Albert [Sat, 15 Aug 2015 03:11:19 +0000 (20:11 -0700)]
Fix and re-enable clang build.

TARGET_ARCH will be arm64 even when building the 32-bit code for an
aarch64 target. Properly restrict the use of the armv8-a+crypto flag.

Change-Id: Ica762d0ee22f35638a052afb2c904d49e2d08653

3 years agoDisable clang build temporarily to fix build.
Dan Albert [Sat, 15 Aug 2015 02:55:59 +0000 (19:55 -0700)]
Disable clang build temporarily to fix build.

The new clang doesn't like armv8-a+crypto, and it's not clear why yet.
Disabling clang while we investigate.

Change-Id: I255af7c7fd503ded43e8aeaf54a07f423f870aaa

3 years agoam 07f4f423: Merge changes Icdc56a50,I63d5dc28,Ia7d0c5d8,I47406533
Kenny Root [Fri, 24 Jul 2015 21:10:53 +0000 (21:10 +0000)]
am 07f4f423: Merge changes Icdc56a50,I63d5dc28,Ia7d0c5d8,I47406533

* commit '07f4f42347557420f105a72d9a93bc8ee88a3dc5':
  Handle RDRAND failures.
  dsa_pub_encode: Write out DSA parameters (p, q, g) in addition to key.
  Fix for CVE-2015-1789.
  Fixes for CVE-2015-1791.

3 years agoam 07f4f423: Merge changes Icdc56a50,I63d5dc28,Ia7d0c5d8,I47406533
Kenny Root [Fri, 24 Jul 2015 21:02:57 +0000 (21:02 +0000)]
am 07f4f423: Merge changes Icdc56a50,I63d5dc28,Ia7d0c5d8,I47406533

* commit '07f4f42347557420f105a72d9a93bc8ee88a3dc5':
  Handle RDRAND failures.
  dsa_pub_encode: Write out DSA parameters (p, q, g) in addition to key.
  Fix for CVE-2015-1789.
  Fixes for CVE-2015-1791.

3 years agoMerge changes Icdc56a50,I63d5dc28,Ia7d0c5d8,I47406533
Kenny Root [Fri, 24 Jul 2015 18:56:05 +0000 (18:56 +0000)]
Merge changes Icdc56a50,I63d5dc28,Ia7d0c5d8,I47406533

* changes:
  Handle RDRAND failures.
  dsa_pub_encode: Write out DSA parameters (p, q, g) in addition to key.
  Fix for CVE-2015-1789.
  Fixes for CVE-2015-1791.

3 years agoam 71a0705e: Add a build target to build bssl for host.
Narayan Kamath [Sat, 4 Jul 2015 02:58:01 +0000 (02:58 +0000)]
am 71a0705e: Add a build target to build bssl for host.

* commit '71a0705e8fc5c39ca5b1daa512ef90c37246a76f':
  Add a build target to build bssl for host.

3 years agoam 691ef9d0: am f7063c1e: Add rules.mk for building Trusty.
Adam Langley [Tue, 30 Jun 2015 21:45:14 +0000 (21:45 +0000)]
am 691ef9d0: am f7063c1e: Add rules.mk for building Trusty.

* commit '691ef9d0ff0ece39ffd6a58960a7cd195ef584ae':
  Add rules.mk for building Trusty.

3 years agoam f7063c1e: Add rules.mk for building Trusty.
Adam Langley [Tue, 30 Jun 2015 21:24:29 +0000 (21:24 +0000)]
am f7063c1e: Add rules.mk for building Trusty.

* commit 'f7063c1e913edebd3402a2c2467c1bdb3d4b79a9':
  Add rules.mk for building Trusty.

3 years agoAdd rules.mk for building Trusty.
Adam Langley [Wed, 13 May 2015 17:49:39 +0000 (10:49 -0700)]
Add rules.mk for building Trusty.

(This is a no-op change for the Android build. The Android build system
doesn't care about rules.mk.)

This is cherry-picked from AOSP.  It's needed in mnc-dev so that the
t132-mnc branch of Trusty can track this version of BoringSSL rather
than the one from AOSP.  That's important so we can have reproducible
builds of the MNC version of Trusty for Volantis.

Bug: 22202624
Change-Id: I19359abd83983efa597047f88295bb4f88bb415b

3 years agoAdd a build target to build bssl for host.
Narayan Kamath [Wed, 24 Jun 2015 09:35:36 +0000 (10:35 +0100)]
Add a build target to build bssl for host.

Change-Id: I22c079a2486acc2aa68c4b99f026bbdcbea9d4ff

3 years agoHandle RDRAND failures.
Adam Langley [Tue, 23 Jun 2015 23:28:07 +0000 (16:28 -0700)]
Handle RDRAND failures.

I mistakenly believed that only RDSEED could fail. However, the Intel
manuals state that RDRAND can fail too.

This change cherry-picks the following BoringSSL changes:

2cac3506 – Handle RDRAND failures.
248abbd7 – Add missing comma in .type pragma for rdrand code.

Change-Id: Icdc56a50ce36e9c525063583882c676a5312d313

3 years agodsa_pub_encode: Write out DSA parameters (p, q, g) in addition to key.
Adam Langley [Tue, 23 Jun 2015 23:25:33 +0000 (16:25 -0700)]
dsa_pub_encode: Write out DSA parameters (p, q, g) in addition to key.

This change cherry-picks BoringSSL's e65886a5.

Change-Id: I63d5dc280d420b64b658bfd85f180a01adb8a18b

3 years agoFix for CVE-2015-1789.
Adam Langley [Tue, 23 Jun 2015 23:23:41 +0000 (16:23 -0700)]
Fix for CVE-2015-1789.

X509_cmp_time does not properly check the length of the ASN1_TIME string
and can read a few bytes out of bounds. In addition, X509_cmp_time
accepts an arbitrary number of fractional seconds in the time string.

An attacker can use this to craft malformed certificates and CRLs of
various sizes and potentially cause a segmentation fault, resulting in a
DoS on applications that verify certificates or CRLs. TLS clients that
verify CRLs are affected. TLS clients and servers with client
authentication enabled may be affected if they use custom verification
callbacks.

This change cherry-picks the following changes from BoringSSL:

d87021d2 – Fix length checks in X509_cmp_time to avoid out-of-bounds reads.

Change-Id: Ia7d0c5d889f61a3c4be6ea79a5ab41f67bc3c65c

3 years agoFixes for CVE-2015-1791.
Adam Langley [Tue, 23 Jun 2015 23:20:13 +0000 (16:20 -0700)]
Fixes for CVE-2015-1791.

If a NewSessionTicket is received by a multi-threaded client when
attempting to reuse a previous ticket then a race condition can occur
potentially leading to a double free of the ticket data.

This change cherry-picks the following BoringSSL changes:

b31040d0 – Get rid of CERT_PKEY slots in SESS_CERT.
fd67aa8c – Add SSL_SESSION_from_bytes.
95d31825 – Duplicate SSL_SESSIONs when renewing them.
d65bb78c – Add SSL_initial_handshake_complete.
680ca961 – Preserve session->sess_cert on ticket renewal.

Change-Id: I474065330842e4ab0066b2485c1489a50e4dfd5b

3 years agoam f7fe69bb: am dfb3ba68: Add ECDHE-PSK-AES{128,256}-SHA cipher suites.
Adam Langley [Mon, 15 Jun 2015 23:39:29 +0000 (23:39 +0000)]
am f7fe69bb: am dfb3ba68: Add ECDHE-PSK-AES{128,256}-SHA cipher suites.

* commit 'f7fe69bb92ec196fc97ab65f678de993e00e41b7':
  Add ECDHE-PSK-AES{128,256}-SHA cipher suites.

3 years agoresolved conflicts for merge of 6d66cf82 to mnc-dev-plus-aosp
Kenny Root [Mon, 15 Jun 2015 23:36:21 +0000 (16:36 -0700)]
resolved conflicts for merge of 6d66cf82 to mnc-dev-plus-aosp

3 years agoam 0e6bb1c7: Add ECDHE-PSK-AES{128,256}-SHA cipher suites.
Adam Langley [Mon, 15 Jun 2015 23:09:22 +0000 (23:09 +0000)]
am 0e6bb1c7: Add ECDHE-PSK-AES{128,256}-SHA cipher suites.

* commit '0e6bb1c72014c26289d09f4deea9c25706be5824':
  Add ECDHE-PSK-AES{128,256}-SHA cipher suites.

3 years agoam a4be71ce: Drop ECDHE-PSK-AES-128-GCM.
Adam Langley [Mon, 15 Jun 2015 23:09:21 +0000 (23:09 +0000)]
am a4be71ce: Drop ECDHE-PSK-AES-128-GCM.

* commit 'a4be71cee108bfed76ddb37552b7e48945d91b49':
  Drop ECDHE-PSK-AES-128-GCM.

3 years agoam dfb3ba68: Add ECDHE-PSK-AES{128,256}-SHA cipher suites.
Adam Langley [Mon, 15 Jun 2015 23:01:56 +0000 (23:01 +0000)]
am dfb3ba68: Add ECDHE-PSK-AES{128,256}-SHA cipher suites.

* commit 'dfb3ba68fd0011cba7d8e4c1a46295099fef85bf':
  Add ECDHE-PSK-AES{128,256}-SHA cipher suites.

3 years agoam 4bae3aba: Drop ECDHE-PSK-AES-128-GCM.
Adam Langley [Mon, 15 Jun 2015 23:01:56 +0000 (23:01 +0000)]
am 4bae3aba: Drop ECDHE-PSK-AES-128-GCM.

* commit '4bae3aba0494da7c4e3c1b28ff978eb38e6323e6':
  Drop ECDHE-PSK-AES-128-GCM.

3 years agoAdd ECDHE-PSK-AES{128,256}-SHA cipher suites.
Adam Langley [Mon, 15 Jun 2015 20:52:15 +0000 (13:52 -0700)]
Add ECDHE-PSK-AES{128,256}-SHA cipher suites.

If we're going to have PSK and use standard cipher suites, this might be
the best that we can do for the moment.

(This is a cherry-pick of BoringSSL's 85bc5601.)

(cherry picked from commit 0e6bb1c72014c26289d09f4deea9c25706be5824)

Bug: 21522548
Change-Id: Ic94c74a2b3ee2387f640efff510646d1836efbfb

3 years agoDrop ECDHE-PSK-AES-128-GCM.
Adam Langley [Mon, 15 Jun 2015 20:51:03 +0000 (13:51 -0700)]
Drop ECDHE-PSK-AES-128-GCM.

This is the best PSK cipher suite, but it's non-standard and nobody is
using it. Trivial to bring back in the future if we have need of it.

(Note that this is a no-op in Android because Android had already
disabled this cipher suite.)

(This is a cherry-pick of BoringSSL's 1feb42a2.)

(cherry picked from commit a4be71cee108bfed76ddb37552b7e48945d91b49)

Bug: 21522548
Change-Id: I2a051724500341053595f59e755349544da63ce5

3 years agoAdd ECDHE-PSK-AES{128,256}-SHA cipher suites.
Adam Langley [Mon, 15 Jun 2015 20:52:15 +0000 (13:52 -0700)]
Add ECDHE-PSK-AES{128,256}-SHA cipher suites.

If we're going to have PSK and use standard cipher suites, this might be
the best that we can do for the moment.

(This is a cherry-pick of BoringSSL's 85bc5601.)

Bug: 21522548
Change-Id: Ic94c74a2b3ee2387f640efff510646d1836efbfb

3 years agoDrop ECDHE-PSK-AES-128-GCM.
Adam Langley [Mon, 15 Jun 2015 20:51:03 +0000 (13:51 -0700)]
Drop ECDHE-PSK-AES-128-GCM.

This is the best PSK cipher suite, but it's non-standard and nobody is
using it. Trivial to bring back in the future if we have need of it.

(Note that this is a no-op in Android because Android had already
disabled this cipher suite.)

(This is a cherry-pick of BoringSSL's 1feb42a2.)

Bug: 21522548
Change-Id: I2a051724500341053595f59e755349544da63ce5

3 years agoam 1f76c138: am dbfa1800: s/-Wno-unused-parameters/-Wno-unused-parameter/
Adam Langley [Fri, 12 Jun 2015 17:31:47 +0000 (17:31 +0000)]
am 1f76c138: am dbfa1800: s/-Wno-unused-parameters/-Wno-unused-parameter/

* commit '1f76c1381df635b46e93b4a592b1024a4418be24':
  s/-Wno-unused-parameters/-Wno-unused-parameter/

3 years agoam dbfa1800: s/-Wno-unused-parameters/-Wno-unused-parameter/
Adam Langley [Fri, 12 Jun 2015 17:15:06 +0000 (17:15 +0000)]
am dbfa1800: s/-Wno-unused-parameters/-Wno-unused-parameter/

* commit 'dbfa1800f3b4f00609142853f43897e760eb33c2':
  s/-Wno-unused-parameters/-Wno-unused-parameter/

3 years agos/-Wno-unused-parameters/-Wno-unused-parameter/
Adam Langley [Thu, 21 May 2015 18:20:21 +0000 (11:20 -0700)]
s/-Wno-unused-parameters/-Wno-unused-parameter/

The former triggers warnings in Clang. Also USE_CLANG_PLATFORM_BUILD=1
doesn't work (the second time this has bitten me—you have to set it to
“true”).

(cherry picked from commit 86426f7cc9838613249690be03ddbee18efd1a29)

Bug: 21804522
Change-Id: Ia59f6667674c1c69bd96287cc576bbfc889c5f77

3 years agoam 9701a2fb: am 53b272a2: Bump revision of BoringSSL.
Adam Langley [Fri, 12 Jun 2015 16:40:28 +0000 (16:40 +0000)]
am 9701a2fb: am 53b272a2: Bump revision of BoringSSL.

* commit '9701a2fbe20a18d08253e84e8ec39d94db5376e0':
  Bump revision of BoringSSL.

3 years agoam 53b272a2: Bump revision of BoringSSL.
Adam Langley [Fri, 12 Jun 2015 16:28:27 +0000 (16:28 +0000)]
am 53b272a2: Bump revision of BoringSSL.

* commit '53b272a2813a0b11f107d77100ff8805ada8fbd2':
  Bump revision of BoringSSL.

3 years agoBump revision of BoringSSL.
Adam Langley [Fri, 5 Jun 2015 00:45:09 +0000 (17:45 -0700)]
Bump revision of BoringSSL.

This depends on https://android-review.googlesource.com/#/c/153481/

af0e32c Add SSL_get_tls_unique.
691992b Minor typo fix in comment.
cc1e3df Make CBS_get_any_asn1_element accept only DER.
0976096 bytestring: Test out_header_len != NULL before writing.
ba5934b Tighten up EMS resumption behaviour.
b0eef0a runner: minor tidyups.
9f8ef2d Add |EVP_get_digestbyname|.
b7326b0 Implement |PEM_def_callback| and call it where appropriate.
e26e590 Avoid unused variable warnings with assert.
efad697 Sync vs_toolschain.py up with Chromium.
39da317 Empty commit to kick the bots.
1550a84 Allow compilation for armv6
9a4996e Fix compilation of sha256-armv4.S when using -march=armv6
485a50a Match the ifdef check in bsaes-armv7.S
e216288 Unexport and prune EVP_MD_CTX flags.
af8731f Remove HMAC_CTX_set_flags.
bf3208b Add additional HMAC tests.
a1c90a5 Further tidy up cipher logic.
0fa4012 Add a test that DTLS does not support RC4.
9a980ab Fold TLS1_PRF_* into SSL_HANDSHAKE_MAC_*
29864b5 Remove SSL_CIPHER_ALGORITHM2_AEAD.
904dc72 Fold away SSL_PROTOCOL_METHOD hooks shared between TLS and DTLS.
a602277 Split ssl_read_bytes hook into app_data and close_notify hooks.
c933a47 Switch the ssl_write_bytes hook to ssl_write_app_data.
2c36792 EVP_Digest*Update, EVP_DigestFinal, and HMAC_Update can never fail.
e2375e1 Low-level hash 'final' functions cannot fail.
049756b Fix integer types in low-level hash functions.
338e067 Reject sessions with the wrong structure version.
f297e02 Reject unknown fields in d2i_SSL_SESSION.
8a228f5 Disable the malloc interceptor without glibc.
bd15a8e Fix DTLS handling of multiple records in a packet.
15eaafb Fix bn_test's bc output and shut it up a little.
efd8eb3 Tidy up overflows in obj_cmp.
05ead68 Readd CRYPTO_{LOCK|UNLOCK|READ|WRITE}.
71106ad Add |BIO_read_asn1| to read a single ASN.1 object.
eb930b8 Fix signed/unsigned warning in bn_test.cc.
b3a7b51 Fix off-by-one in BN_rand
074cc04 Reject negative shifts for BN_rshift and BN_lshift.
75fb74a aes/asm/bsaes-armv7.pl: fix compilation with Xcode 6.3.
ff81e10 Add OPENSSL_PUT_ERROR line to X509V3_parse_list.
1590811 Fix typo in valid_star.
e76ccae Release handshake buffer when sending no certificate.
5f04b65 Release the handshake buffer on the client for abbreviated handshakes.
5c1ce29 Decide whether or not to request client certificates early.
4b30b28 Remove server-side renego session resumption check.
5aea93e Deprecate and no-op SSL_VERIFY_CLIENT_ONCE.
34a1635 Remove fake RLE compression OID.
9c0918f Fix typo in objects.txt
91af02a Add some comments and tweak assertions for cbc.c.
74d8bc2 Don't make SSL_MODE_*HELLO_TIME configurable.
7b5aff4 Have consumers supply OPENSSL_C11_ATOMIC.
ac63748 Revert "tool: we don't need -lrt."
444dce4 Do-nothing fns |OpenSSL_add_all_ciphers| and |OpenSSL_add_all_digests|.
ece089c Deprecate and no-op SSL_set_state.
be05c63 Remove compatibility s->version checks.
8ec8810 Remove SSL_in_before and SSL_ST_BEFORE.
cd90f3a Remove renegotiation deferral logic.
44d3eed Forbid caller-initiated renegotiations and all renego as a servers.
3d59e04 Fix test used for not-in-place CBC mode.
5f387e3 Remove s->renegotiate check in SSL_clear.
20f6e97 Switch three more renegotiate checks to initial_handshake_complete.
d23d5a5 Remove remnants of DTLS renegotiate.
9a41d1b Deprecate SSL_*_read_ahead and enforce DTLS packet boundaries.
76e48c5 Fix Windows mode.
3fa65f0 Fix some malloc test crashs.
0b635c5 Add malloc test support to unit tests.
3e3090d Pass a dtls1_use_epoch enum down to dtls1_seal_record.
31a0779 Factor SSL_AEAD_CTX into a dedicated type.
69d07d9 Get version-related functions from crypto.h rather than ssl.h.
b487df6 Pull version, option, and mode APIs into their own sections.
7270cfc Prune version constants.
7ef9fff Remove ssl_ok.
afc9ecd Unexport ssl_get_new_session and ssl_update_cache.
3b7456e Fix some documentation typos.
b480428 Also skip #elif lines.
6deacb3 Parse macros in getNameFromDecl.
4831c33 Document some core SSL_CTX and SSL methods.
4dab297 Don't use struct names in ssl.h.
760b1dd Tidy up state machine coverage tests.
3629c7b Add client peer-initiated renego to the state machine tests.
cff0b90 Add client-side tests for renegotiation_info enforcement.
6bff1ca Specify argc and argv arguments to refcount_test:main.
12a4768 Try to fix MSVC and __STDC_VERSION__ again.
cb56c2a Cast refcounts to _Atomic before use.
0d1d0d5 Try again to only test __STDC_VERSION__ when defined.
7b348dc Disable C11 atomics on OS X.
04edcc8 Tag the mutex functions with OPENSSL_EXPORT.
6e1f645 Don't test __STDC_VERSION__ unless it's defined.
552df47 Remove leftovers of the old-style locks.
6fb174e Remove last references to named locks.
4bdb6e4 Remove remaining calls to the old lock functions.
03163f3 Remove |CRYPTO_add|.
0b5e390 Convert reference counts in ssl/
0da323a Convert reference counts in crypto/
6f2e733 Add infrastructure for reference counts.
daaff93 Use C11 _Static_assert where available.
dc8c739 Implement |DES_ede2_cbc_encrypt|.
a7997f1 Set minimum DH group size to 1024 bits.
4a7b70d Add LICENSE file.
b3a262c Fix |SSLeay|.
f0320d3 Fix use after free in X509.
3dacff9 Always include x86_64-gcc.c in the standalone build.
9660032 Don't use x86_64-gcc.c with NO_ASM.
81091d5 Don't use uninitialized memory in RAND_bytes.
d72e284 Support arbitrary elliptic curve groups.
a07c0fc Fix SSL_get_current_cipher.
4b27d9f Never resume sessions on renegotiations.
785e07b Copy ecdsa_meth in EC_KEY_copy.
08dc68d Define no-op options consistently.
e6df054 Add s->s3->initial_handshake_complete.
897e5e0 Default renegotiations to off.
4690bb5 Port cipher_test to file_test.
771a138 Add missing #include for abort()
de12d6c Mind the end of the buffer in aligned case of generic RC4 implementation.
5694b3a Fix invalid assert in CRYPTO_ctr128_encrypt.
9b68e72 Define compatibility function |ERR_remove_state|.
2607383 Fix generate_build_files.py to account for crypto/test.
af3d5bd Add no-op |RAND_load_file| function for compatibility.
58e95fc Remove a spurious semicolon after |DECLARE_LHASH_OF|.
3c65171 Add buffer.h for compatibility.
c85373d Use EVP_AEAD_CTX in crypto/cipher/internal.h.

(cherry picked from commit f4e427204234da139fd0585def4b4e22502e33f0)

cfb958c Fix Windows SDK build again

Bug: 21325235
Change-Id: Icb01f6393bedebea332fc62dd92b8f6af7d49d9b

3 years agoam cfb958c9: Fix Windows SDK build again
Kenny Root [Tue, 9 Jun 2015 01:28:43 +0000 (01:28 +0000)]
am cfb958c9: Fix Windows SDK build again

* commit 'cfb958c9a3369d555e4515a6277be43185af4445':
  Fix Windows SDK build again

3 years agoFix Windows SDK build again
Kenny Root [Tue, 9 Jun 2015 01:08:33 +0000 (18:08 -0700)]
Fix Windows SDK build again

Windows SDK doesn't like uppercase includes because of MinGW being used
on case-sensitive filesystems.

Change-Id: I27ec95f26f105798e0da118d06aa82f003be2878

3 years agoam f4e42720: Bump revision of BoringSSL.
Adam Langley [Tue, 9 Jun 2015 00:31:54 +0000 (00:31 +0000)]
am f4e42720: Bump revision of BoringSSL.

* commit 'f4e427204234da139fd0585def4b4e22502e33f0':
  Bump revision of BoringSSL.

3 years agoBump revision of BoringSSL.
Adam Langley [Fri, 5 Jun 2015 00:45:09 +0000 (17:45 -0700)]
Bump revision of BoringSSL.

This depends on https://android-review.googlesource.com/#/c/153481/

af0e32c Add SSL_get_tls_unique.
691992b Minor typo fix in comment.
cc1e3df Make CBS_get_any_asn1_element accept only DER.
0976096 bytestring: Test out_header_len != NULL before writing.
ba5934b Tighten up EMS resumption behaviour.
b0eef0a runner: minor tidyups.
9f8ef2d Add |EVP_get_digestbyname|.
b7326b0 Implement |PEM_def_callback| and call it where appropriate.
e26e590 Avoid unused variable warnings with assert.
efad697 Sync vs_toolschain.py up with Chromium.
39da317 Empty commit to kick the bots.
1550a84 Allow compilation for armv6
9a4996e Fix compilation of sha256-armv4.S when using -march=armv6
485a50a Match the ifdef check in bsaes-armv7.S
e216288 Unexport and prune EVP_MD_CTX flags.
af8731f Remove HMAC_CTX_set_flags.
bf3208b Add additional HMAC tests.
a1c90a5 Further tidy up cipher logic.
0fa4012 Add a test that DTLS does not support RC4.
9a980ab Fold TLS1_PRF_* into SSL_HANDSHAKE_MAC_*
29864b5 Remove SSL_CIPHER_ALGORITHM2_AEAD.
904dc72 Fold away SSL_PROTOCOL_METHOD hooks shared between TLS and DTLS.
a602277 Split ssl_read_bytes hook into app_data and close_notify hooks.
c933a47 Switch the ssl_write_bytes hook to ssl_write_app_data.
2c36792 EVP_Digest*Update, EVP_DigestFinal, and HMAC_Update can never fail.
e2375e1 Low-level hash 'final' functions cannot fail.
049756b Fix integer types in low-level hash functions.
338e067 Reject sessions with the wrong structure version.
f297e02 Reject unknown fields in d2i_SSL_SESSION.
8a228f5 Disable the malloc interceptor without glibc.
bd15a8e Fix DTLS handling of multiple records in a packet.
15eaafb Fix bn_test's bc output and shut it up a little.
efd8eb3 Tidy up overflows in obj_cmp.
05ead68 Readd CRYPTO_{LOCK|UNLOCK|READ|WRITE}.
71106ad Add |BIO_read_asn1| to read a single ASN.1 object.
eb930b8 Fix signed/unsigned warning in bn_test.cc.
b3a7b51 Fix off-by-one in BN_rand
074cc04 Reject negative shifts for BN_rshift and BN_lshift.
75fb74a aes/asm/bsaes-armv7.pl: fix compilation with Xcode 6.3.
ff81e10 Add OPENSSL_PUT_ERROR line to X509V3_parse_list.
1590811 Fix typo in valid_star.
e76ccae Release handshake buffer when sending no certificate.
5f04b65 Release the handshake buffer on the client for abbreviated handshakes.
5c1ce29 Decide whether or not to request client certificates early.
4b30b28 Remove server-side renego session resumption check.
5aea93e Deprecate and no-op SSL_VERIFY_CLIENT_ONCE.
34a1635 Remove fake RLE compression OID.
9c0918f Fix typo in objects.txt
91af02a Add some comments and tweak assertions for cbc.c.
74d8bc2 Don't make SSL_MODE_*HELLO_TIME configurable.
7b5aff4 Have consumers supply OPENSSL_C11_ATOMIC.
ac63748 Revert "tool: we don't need -lrt."
444dce4 Do-nothing fns |OpenSSL_add_all_ciphers| and |OpenSSL_add_all_digests|.
ece089c Deprecate and no-op SSL_set_state.
be05c63 Remove compatibility s->version checks.
8ec8810 Remove SSL_in_before and SSL_ST_BEFORE.
cd90f3a Remove renegotiation deferral logic.
44d3eed Forbid caller-initiated renegotiations and all renego as a servers.
3d59e04 Fix test used for not-in-place CBC mode.
5f387e3 Remove s->renegotiate check in SSL_clear.
20f6e97 Switch three more renegotiate checks to initial_handshake_complete.
d23d5a5 Remove remnants of DTLS renegotiate.
9a41d1b Deprecate SSL_*_read_ahead and enforce DTLS packet boundaries.
76e48c5 Fix Windows mode.
3fa65f0 Fix some malloc test crashs.
0b635c5 Add malloc test support to unit tests.
3e3090d Pass a dtls1_use_epoch enum down to dtls1_seal_record.
31a0779 Factor SSL_AEAD_CTX into a dedicated type.
69d07d9 Get version-related functions from crypto.h rather than ssl.h.
b487df6 Pull version, option, and mode APIs into their own sections.
7270cfc Prune version constants.
7ef9fff Remove ssl_ok.
afc9ecd Unexport ssl_get_new_session and ssl_update_cache.
3b7456e Fix some documentation typos.
b480428 Also skip #elif lines.
6deacb3 Parse macros in getNameFromDecl.
4831c33 Document some core SSL_CTX and SSL methods.
4dab297 Don't use struct names in ssl.h.
760b1dd Tidy up state machine coverage tests.
3629c7b Add client peer-initiated renego to the state machine tests.
cff0b90 Add client-side tests for renegotiation_info enforcement.
6bff1ca Specify argc and argv arguments to refcount_test:main.
12a4768 Try to fix MSVC and __STDC_VERSION__ again.
cb56c2a Cast refcounts to _Atomic before use.
0d1d0d5 Try again to only test __STDC_VERSION__ when defined.
7b348dc Disable C11 atomics on OS X.
04edcc8 Tag the mutex functions with OPENSSL_EXPORT.
6e1f645 Don't test __STDC_VERSION__ unless it's defined.
552df47 Remove leftovers of the old-style locks.
6fb174e Remove last references to named locks.
4bdb6e4 Remove remaining calls to the old lock functions.
03163f3 Remove |CRYPTO_add|.
0b5e390 Convert reference counts in ssl/
0da323a Convert reference counts in crypto/
6f2e733 Add infrastructure for reference counts.
daaff93 Use C11 _Static_assert where available.
dc8c739 Implement |DES_ede2_cbc_encrypt|.
a7997f1 Set minimum DH group size to 1024 bits.
4a7b70d Add LICENSE file.
b3a262c Fix |SSLeay|.
f0320d3 Fix use after free in X509.
3dacff9 Always include x86_64-gcc.c in the standalone build.
9660032 Don't use x86_64-gcc.c with NO_ASM.
81091d5 Don't use uninitialized memory in RAND_bytes.
d72e284 Support arbitrary elliptic curve groups.
a07c0fc Fix SSL_get_current_cipher.
4b27d9f Never resume sessions on renegotiations.
785e07b Copy ecdsa_meth in EC_KEY_copy.
08dc68d Define no-op options consistently.
e6df054 Add s->s3->initial_handshake_complete.
897e5e0 Default renegotiations to off.
4690bb5 Port cipher_test to file_test.
771a138 Add missing #include for abort()
de12d6c Mind the end of the buffer in aligned case of generic RC4 implementation.
5694b3a Fix invalid assert in CRYPTO_ctr128_encrypt.
9b68e72 Define compatibility function |ERR_remove_state|.
2607383 Fix generate_build_files.py to account for crypto/test.
af3d5bd Add no-op |RAND_load_file| function for compatibility.
58e95fc Remove a spurious semicolon after |DECLARE_LHASH_OF|.
3c65171 Add buffer.h for compatibility.
c85373d Use EVP_AEAD_CTX in crypto/cipher/internal.h.

Change-Id: Ife3698f4520572e1fca48732c6a1cbd4254ec85c

3 years agoam 82ea5181: am 8bba6292: Disable 0xcafe cipher suite (PSK with AES-GCM).
Adam Langley [Wed, 3 Jun 2015 02:22:14 +0000 (02:22 +0000)]
am 82ea5181: am 8bba6292: Disable 0xcafe cipher suite (PSK with AES-GCM).

* commit '82ea518198c8ce74418c90597ccf8f444d1154ab':
  Disable 0xcafe cipher suite (PSK with AES-GCM).

3 years agoam 0d4deb2b: Disable 0xcafe cipher suite (PSK with AES-GCM).
Adam Langley [Wed, 3 Jun 2015 00:32:18 +0000 (00:32 +0000)]
am 0d4deb2b: Disable 0xcafe cipher suite (PSK with AES-GCM).

* commit '0d4deb2be14e6590f332920f62b84ef04d153ed1':
  Disable 0xcafe cipher suite (PSK with AES-GCM).

3 years agoam 8bba6292: Disable 0xcafe cipher suite (PSK with AES-GCM).
Adam Langley [Wed, 3 Jun 2015 00:17:53 +0000 (00:17 +0000)]
am 8bba6292: Disable 0xcafe cipher suite (PSK with AES-GCM).

* commit '8bba6292604e7ea3a45449b11c53e7660259956d':
  Disable 0xcafe cipher suite (PSK with AES-GCM).

3 years agoDisable 0xcafe cipher suite (PSK with AES-GCM).
Adam Langley [Tue, 2 Jun 2015 20:27:06 +0000 (13:27 -0700)]
Disable 0xcafe cipher suite (PSK with AES-GCM).

This is a non-standard cipher suite that's not used in the Android
system.

(cherry picked from commit 0d4deb2be14e6590f332920f62b84ef04d153ed1)

Bug: 21522548
Change-Id: I07a2783965e9e891473327c9039583b4f89e9f27

3 years agoDisable 0xcafe cipher suite (PSK with AES-GCM).
Adam Langley [Tue, 2 Jun 2015 20:27:06 +0000 (13:27 -0700)]
Disable 0xcafe cipher suite (PSK with AES-GCM).

This is a non-standard cipher suite that's not used in the Android
system.

Bug: 21522548
Change-Id: I07a2783965e9e891473327c9039583b4f89e9f27

3 years agoam 15bef6ea: am 4f05b238: Add |BIO_read_asn1| to read a single ASN.1 object.
Adam Langley [Fri, 22 May 2015 23:26:30 +0000 (23:26 +0000)]
am 15bef6ea: am 4f05b238: Add |BIO_read_asn1| to read a single ASN.1 object.

* commit '15bef6eaa430acbc56f5e11cf98adbf7e8956ff6':
  Add |BIO_read_asn1| to read a single ASN.1 object.

3 years agoam 4f05b238: Add |BIO_read_asn1| to read a single ASN.1 object.
Adam Langley [Fri, 22 May 2015 23:13:35 +0000 (23:13 +0000)]
am 4f05b238: Add |BIO_read_asn1| to read a single ASN.1 object.

* commit '4f05b238eec1f3f026657a6da19058143d34ceaa':
  Add |BIO_read_asn1| to read a single ASN.1 object.

3 years agoAdd |BIO_read_asn1| to read a single ASN.1 object.
Adam Langley [Tue, 19 May 2015 00:27:14 +0000 (17:27 -0700)]
Add |BIO_read_asn1| to read a single ASN.1 object.

Android needs to be able to read a PKCS#7 blob from a Java InputStream.
This change adds |BIO_read_asn1| which reads a single ASN.1 object from
the start of a BIO without overreading.

(Taken from upstream's https://boringssl-review.googlesource.com/4800)
(cherry picked from commit f5cea4e0c1c842a9de02ce39cd6ff7ae66363b21)

Bug: 21396526
Bug: 21209493
Change-Id: Id88f34bedfdff4963c72bcd5c84f2915785d1fcd

3 years agoam 86426f7c: s/-Wno-unused-parameters/-Wno-unused-parameter/
Adam Langley [Thu, 21 May 2015 18:58:40 +0000 (18:58 +0000)]
am 86426f7c: s/-Wno-unused-parameters/-Wno-unused-parameter/

* commit '86426f7cc9838613249690be03ddbee18efd1a29':
  s/-Wno-unused-parameters/-Wno-unused-parameter/

3 years agoam e1e9d3f1: am 3f3c43ff: external/boringssl: add -Wno-unused-parameters.
Adam Langley [Thu, 21 May 2015 18:48:56 +0000 (18:48 +0000)]
am e1e9d3f1: am 3f3c43ff: external/boringssl: add -Wno-unused-parameters.

* commit 'e1e9d3f1d62daac75af450c3200359d8c5b6efbf':
  external/boringssl: add -Wno-unused-parameters.

3 years agoam 16eeb4c7: am 58dc65d0: external/boringssl: fix |SSLeay|.
Adam Langley [Thu, 21 May 2015 18:48:54 +0000 (18:48 +0000)]
am 16eeb4c7: am 58dc65d0: external/boringssl: fix |SSLeay|.

* commit '16eeb4c77688e29b80a9edc981069be8e77d638b':
  external/boringssl: fix |SSLeay|.

3 years agos/-Wno-unused-parameters/-Wno-unused-parameter/
Adam Langley [Thu, 21 May 2015 18:20:21 +0000 (11:20 -0700)]
s/-Wno-unused-parameters/-Wno-unused-parameter/

The former triggers warnings in Clang. Also USE_CLANG_PLATFORM_BUILD=1
doesn't work (the second time this has bitten me—you have to set it to
“true”).

Change-Id: Ia59f6667674c1c69bd96287cc576bbfc889c5f77

3 years agoam 3f3c43ff: external/boringssl: add -Wno-unused-parameters.
Adam Langley [Thu, 21 May 2015 17:39:43 +0000 (17:39 +0000)]
am 3f3c43ff: external/boringssl: add -Wno-unused-parameters.

* commit '3f3c43ff4f6f9ed103f550e469805f2d8c0f6f86':
  external/boringssl: add -Wno-unused-parameters.

3 years agoam 58dc65d0: external/boringssl: fix |SSLeay|.
Adam Langley [Thu, 21 May 2015 17:39:42 +0000 (17:39 +0000)]
am 58dc65d0: external/boringssl: fix |SSLeay|.

* commit '58dc65d0b61c75c2d7ffcc942ec4e9f43b70b9cc':
  external/boringssl: fix |SSLeay|.

3 years agoexternal/boringssl: add -Wno-unused-parameters.
Adam Langley [Tue, 19 May 2015 22:46:27 +0000 (15:46 -0700)]
external/boringssl: add -Wno-unused-parameters.

Clang is throwing errors becaues of unused parameters, but not all
parameters are supposed to be used. Also, having errors in Android that
aren't enforced upstream invites this problem repeating ever more in the
future.

Bug: 21304073
Change-Id: I8e81d6d6659896b5b16a1406e8637e489f8059fd
(cherry picked from commit 71cbcbedb24dacc402647b2e8b2a52b76cf5cfc2)

3 years agoexternal/boringssl: fix |SSLeay|.
Adam Langley [Tue, 19 May 2015 22:56:28 +0000 (15:56 -0700)]
external/boringssl: fix |SSLeay|.

SSLeay is a compatibility function for OpenSSL, but I got it wrong.
It doesn't return a string, it returns a number. This doesn't end up
making any difference, but it fixes a warning when building OpenSSH.

Bug: 21304170
Change-Id: I3e4bb0240b18647cfe2a3ce5869948a4527ff0f0
(cherry picked from commit 12addf8c63e77091bece8ad715f30cfd957a5332)

3 years agoam 12addf8c: external/boringssl: fix |SSLeay|.
Adam Langley [Wed, 20 May 2015 03:03:20 +0000 (03:03 +0000)]
am 12addf8c: external/boringssl: fix |SSLeay|.

* commit '12addf8c63e77091bece8ad715f30cfd957a5332':
  external/boringssl: fix |SSLeay|.

3 years agoam 71cbcbed: external/boringssl: add -Wno-unused-parameters.
Adam Langley [Wed, 20 May 2015 03:03:19 +0000 (03:03 +0000)]
am 71cbcbed: external/boringssl: add -Wno-unused-parameters.

* commit '71cbcbedb24dacc402647b2e8b2a52b76cf5cfc2':
  external/boringssl: add -Wno-unused-parameters.

3 years agoam 190eb169: external/boringssl: fix use after free in X509.
Adam Langley [Wed, 20 May 2015 03:03:15 +0000 (03:03 +0000)]
am 190eb169: external/boringssl: fix use after free in X509.

* commit '190eb169ed96e72590cae9e6c3258e88c8efc7c0':
  external/boringssl: fix use after free in X509.

3 years agoam 3ca955ad: Copy ecdsa_meth in EC_KEY_copy.
Adam Langley [Wed, 20 May 2015 03:03:14 +0000 (03:03 +0000)]
am 3ca955ad: Copy ecdsa_meth in EC_KEY_copy.

* commit '3ca955adbf31e6991e12f19f7c082b780e424172':
  Copy ecdsa_meth in EC_KEY_copy.