Upstream merge 2023-11-10 #1302

OPENSSL_WINDOWS doesn't *quite* imply that crypto/rand_extra/windows.c is used, thanks to fuzzer mode. The sea of ifdefs here is becoming quite a mess, so I've added OPENSSL_RAND_* resolve the dispatch in one place. Perhaps later we should also we can also simplify this by just including CRYPTO_init_sysrand and CRYPTO_sysrand_if_available in all the C files. But that'll be easier to do when Trusty's RNG is moved in tree. While I'm here, fold some of the ifdefs in windows.c together. Change-Id: Ic9c21c5c943a409ebb1d77f27daea1eeb9422e9d Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/61085 Auto-Submit: David Benjamin <[email protected]> Reviewed-by: Bob Beck <[email protected]> Commit-Queue: Bob Beck <[email protected]> (cherry picked from commit a36924781733a73ecddf2f02ba74069fd5ba341c)

Change-Id: Id38833b329b0d661fb18e8a75b671379effe82a6 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/61166 Auto-Submit: David Benjamin <[email protected]> Commit-Queue: Bob Beck <[email protected]> Reviewed-by: Bob Beck <[email protected]> (cherry picked from commit 9ad0e9d7da6372ca61e137610999e5683d7a9749)

The standard macro-based pattern does not work in bindgen because of rust-lang/rust-bindgen#2544 Change-Id: Ic2b92e779ade2ed55a627bba9c76f7df5c0f6136 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/61185 Reviewed-by: Bob Beck <[email protected]> Commit-Queue: Bob Beck <[email protected]> Auto-Submit: David Benjamin <[email protected]> (cherry picked from commit 4e88a3557f6a022e30d1ff85fbd87e1173848be2)

BN_MONT_CTX already has the modulus, so just use it. This is one less value to initialize statically. Bug: 20 Change-Id: I78f73994ab595b795e99d67851bdff3b73fc3dd6 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/60926 Commit-Queue: David Benjamin <[email protected]> Reviewed-by: Adam Langley <[email protected]> (cherry picked from commit 6f13380d27835e70ec7caf807da7a1f239b10da6)

While I'm here, update x/crypto and x/net to their latest versions. byteReader is a straightforward port, except there doesn't seem to be a convenient way to read length-prefixed bytes without manually casting from cryptobyte.String to []byte, so I've done that. byteBuilder is a bit more involved because it's based on closures, but still a mechanical change. As part of this, I switched runner's ticket format to use u24 length prefixes instead of u32, because cryptobyte.String doesn't have u32 length prefixes. (Although, oddly, cryptobyte.Builder does.) Fixed: 374 Change-Id: If9bea0b41fe2b8bc48f040a667753b160da469bb Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/61186 Auto-Submit: David Benjamin <[email protected]> Reviewed-by: Adam Langley <[email protected]> Commit-Queue: Adam Langley <[email protected]> (cherry picked from commit 286ea215ec6669152feb71a28075ae69b957f4bf)

One less value to initialize statically. Instead, just check if r + order < p. It's one additional comparison, but those have negligible cost here. Bug: 20 Change-Id: Iabc9c1894b58aeba45282e3360e38fe843eb7139 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/60927 Reviewed-by: Bob Beck <[email protected]> Commit-Queue: David Benjamin <[email protected]> Reviewed-by: Adam Langley <[email protected]> (cherry picked from commit 5eab868eaa5f7a975d50579182e26902441342be)

This removes a place where we make hard-coded assumes about test names. Also it shards pki_test, as that test suite is large enough to benefit from it. Change-Id: I392254b73a2df2f022ccf13508552372c103bff7 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/61285 Reviewed-by: Bob Beck <[email protected]> Commit-Queue: Bob Beck <[email protected]> (cherry picked from commit 63f4b806d6085c1a75e40da7d2de972e781ef588)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Upstream merge 2023-11-10 #1302

Upstream merge 2023-11-10 #1302

Commits on Nov 14, 2023