Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update to upstream f10c1dc #122

Merged
merged 82 commits into from
Sep 13, 2024
Merged

Update to upstream f10c1dc #122

Show file tree
Hide file tree
Changes from 81 commits
Commits
Show all changes
82 commits
Select commit Hold shift + click to select a range
4d46fd2
Update build tools
davidben Aug 12, 2024
f9e0c6c
Use "dtls13" label prefix for DTLS 1.3.
nharper Aug 2, 2024
84845ad
Update the bn_div_rem_words comment
davidben Aug 12, 2024
24bd38f
Move discussion on BN_div's sign to the headers
davidben Aug 12, 2024
3529cba
Cite where BN_div actually comes from
davidben Aug 9, 2024
d0e9c06
Fix documentation missed in 82f9853fc7.
nharper Aug 13, 2024
e64610a
Pass additional parameters to decrypt() in test runner.
nharper Jul 23, 2024
41754d5
Refactor record header length in test runner.
nharper Jul 23, 2024
5365f84
Remove the now impossible BN_R_NOT_INITIALIZED check in BN_div
davidben Aug 9, 2024
9cc6d47
Comment what "normalize" means in BN_div
davidben Aug 9, 2024
5615db6
Clean up some BN_div variable declarations
davidben Aug 9, 2024
1b421be
Reverse the loop variable in BN_div and assert pointer invariants
davidben Aug 10, 2024
99c8a7d
Simplify and clarify the snum padding logic in BN_div
davidben Aug 9, 2024
9eb843a
Remove resp variable in BN_div
davidben Aug 10, 2024
08a232f
Size res in BN_div correctly
davidben Aug 12, 2024
c98b28b
Clear AVX512 feature bits when AVX512 not actually supported
ebiggers Aug 14, 2024
942454e
Add RSA 3072 to bssl SpeedRSA benchmark.
jenniebrown Aug 14, 2024
12391e6
Include <string> in pki/string_util.h
ebiggers Aug 14, 2024
1a87f28
Comment the core BN_div loop
davidben Aug 12, 2024
bddc709
Correct DOS line endings.
Aug 15, 2024
a057e5d
Add Sapphire Rapids to SDE tests
ebiggers Aug 14, 2024
b4da52c
Remove the confusing extra word in BN_div
davidben Aug 12, 2024
06706ea
Split off DTLS record header parsing in test runner.
nharper Jul 24, 2024
97e89eb
Remove remaining running pointers in BN_div
davidben Aug 13, 2024
16f68ed
Final cleanup pass in BN_div
davidben Aug 13, 2024
f64d50d
[riscv64] Add qemu-static CIPD dependency for RISC-V checkouts
Aug 12, 2024
0ba2001
Add ML-DSA.
Aug 1, 2024
8af4323
Implement DTLS 1.3 record header.
nharper Jul 24, 2024
74a51c6
Deprecate the experimental dilithium code.
Aug 20, 2024
500fa1f
Add ML-KEM.
Jul 30, 2024
526a3c4
Fix some ClangTidy nits in ML-DSA.
Aug 19, 2024
0ee584b
ML-DSA: focus the API on saving private keys as seeds.
Aug 21, 2024
f1b043c
Silence clang-tidy warnings in ML-KEM
Aug 22, 2024
389810d
Add tests for reconstruct_seqnum.
nharper Aug 20, 2024
e13f7e2
Specify the list of fuzzers with build.json
davidben Aug 21, 2024
da3cd90
Don't use weak symbols in the EDK2 build.
Aug 22, 2024
d520396
Move ECDSA_SIG out of BCM
davidben Aug 15, 2024
eaca041
runner: Convert a few more of the test stack's parsers to cryptobyte
davidben Aug 23, 2024
0fbc17a
Use BSSL_NAMESPACE_{BEGIN,END} macros more consistently
davidben Aug 21, 2024
06aff98
Remove the unused MLKEM1024_SHARED_SECRET_BYTES
Aug 26, 2024
9875479
Specify the list of Rust files with build.json
davidben Aug 21, 2024
0a2d3a4
Add P-256 KEM to HPKE.
Aug 26, 2024
3551079
Clarify that ASN1_STRING reprs are not always the DER one
davidben Aug 27, 2024
6f7c3de
Update README with new bugtracker links
davidben Aug 27, 2024
7fb4d3d
Implement X25519MLKEM768 for TLS
davidben Aug 23, 2024
2a4643f
Add a pre-generated GN source list
davidben Aug 21, 2024
d3c1afd
Fix generate_build_files.py
davidben Aug 28, 2024
824867d
Fix one of two issues breaking the Bazel build
davidben Aug 28, 2024
2d94b5e
Support detecting AVX512BW, AVX512VL, VAES, and VPCLMULQDQ
ebiggers Aug 20, 2024
afaccd4
Support detecting preference for ymm registers over zmm
ebiggers Aug 20, 2024
0b8ef03
Fix IWYU issue in internal header
davidben Aug 28, 2024
296ef28
Disable parse_headers feature
davidben Aug 28, 2024
b450abd
Fix a couple more IWYU errors
davidben Aug 28, 2024
13ef6ea
Extract C++ files, rather than C, when working around Bazel bugs
davidben Aug 28, 2024
c25c376
Add an optional Bazel package to CI
davidben Aug 29, 2024
ec09a2d
Move urandom and OS entropy support out of BCM
Apr 29, 2024
ee79a93
Move fork detection support out of bcm
May 31, 2024
d263849
Fix some mistakes in build.json
davidben Aug 29, 2024
3a138e4
Rename bcm.c fragments to foo.c.inc
davidben Aug 29, 2024
6c3a639
DTLS 1.3 compatibility mode fix in test runner.
nharper Aug 28, 2024
d8cd383
Allow empty passwords in PEM password callback
davidben Aug 29, 2024
7303079
Add DTLS 1.3 sequence number encryption
nharper Aug 6, 2024
dd23a93
Move ecp_nistz256_from_mont out of the header
davidben Aug 31, 2024
517fd77
Remove some stray debugging
davidben Sep 3, 2024
d4ae47e
Mark the CPU capability helpers as const, not just pure
davidben Sep 3, 2024
6b9ca1a
Remove OPENSSL_ia32cap_P references from P-256 assembly
davidben May 4, 2024
d22f250
Remove OPENSSL_ia32cap_P references from ChaCha20-Poly1305 assembly
davidben Sep 2, 2024
a89348c
Fix some missing includes in BCM
davidben Sep 1, 2024
757f360
Consistently use accessors in service_indicator.c.inc
davidben Sep 1, 2024
2c807d4
Simplify some unnecessary sign bit juggling
davidben Sep 1, 2024
6763c95
Clarify BN_uadd and BN_usub's documentation
davidben Sep 1, 2024
2fc7912
Remove now unnecessary OPENSSL_init_cpuid call
davidben Sep 4, 2024
9224e6d
Fix all_tests.go test counts
davidben Sep 3, 2024
97322b2
Rename SPX files to have `spx_` prefix.
Sep 4, 2024
70a7387
Extract md4 from bcm
Aug 28, 2024
a8c536c
Leave some more breadcrumbs in docs for error-handling
davidben Sep 5, 2024
ed95627
Revamp test coverage for invalid key shares
davidben Sep 5, 2024
2595943
Extract MD5 from bcm
Aug 28, 2024
01e1ae3
Remove the bcm md5 assembler files.
Sep 6, 2024
f10c1dc
nist-pkits: update README.chromium metadata
Sep 9, 2024
9e48fb3
Update to upstream f10c1dc
pi-314159 Sep 10, 2024
5918e7d
Update README.md
pi-314159 Sep 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
/util/bot/nasm-win32.exe
/util/bot/ninja
/util/bot/perl-win32
/util/bot/qemu-static
/util/bot/sde-linux64
/util/bot/sde-linux64.tar.xz
/util/bot/sde-win32
Expand Down
14 changes: 12 additions & 2 deletions API-CONVENTIONS.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,15 @@ for more details.
As with `errno`, callers must test the function's return value, not the error
queue to determine whether an operation failed. Some codepaths may not interact
with the error queue, and the error queue may have state from a previous failed
operation.
operation. After checking for failure, the caller can then inspect the error
queue in the failure case for details.

As a notable exception, some functions in the SSL/TLS library use a multi-step
process to indicate failure: First, the return value indicates whether the
operation failed. Then, `SSL_get_error` indicates whether the failure was due to
an error (`SSL_ERROR_SSL`) or some recoverable condition (e.g.
`SSL_ERROR_WANT_READ`). In the former case, the caller can use the error queue
for more information.

When ignoring a failed operation, it is recommended to call `ERR_clear_error` to
avoid the state interacting with future operations. Failing to do so should not
Expand All @@ -50,7 +58,9 @@ operations being mixed in error logging. We hope to
situation in the future.

Where possible, avoid conditioning on specific reason codes and limit usage to
logging. The reason codes are very specific and may change over time.
logging. The reason codes are very fine-grained and tend to leak details of the
library's internal structure. Changes in the library often have a side effect of
changing the exact reason code returned.


## Memory allocation
Expand Down
6 changes: 6 additions & 0 deletions BUILD.bazel
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,12 @@ load(
)
load(":util/util.bzl", "bssl_cc_binary", "bssl_cc_library", "bssl_cc_test")

# Disable the parse_headers feature. It does not work well in C right now. See
# https://github.com/bazelbuild/bazel/issues/23460 for details. When that is
# fixed, if enabled, we likely also need to rename some headers to .inc per
# https://google.github.io/styleguide/cppguide.html#Self_contained_Headers
package(features = ["-parse_headers"])

licenses(["notice"])

exports_files(["LICENSE"])
Expand Down
4 changes: 4 additions & 0 deletions CMakeLists.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -535,6 +535,10 @@ if(FIPS_DELOCATE)
target_include_directories(bcm_c_generated_asm PRIVATE ${PROJECT_SOURCE_DIR}/include)
set_target_properties(bcm_c_generated_asm PROPERTIES COMPILE_OPTIONS "-S")
set_target_properties(bcm_c_generated_asm PROPERTIES POSITION_INDEPENDENT_CODE ON)
if(CLANG)
# Clang warns when passing both -c (from CMake) and -S.
set_property(TARGET bcm_c_generated_asm APPEND PROPERTY COMPILE_OPTIONS "-Wno-unused-command-line-argument")
endif()

set(TARGET_FLAG "")
if(CMAKE_ASM_COMPILER_TARGET)
Expand Down
Loading