Upstream merge 2024 08 19 (#1781)

See internal documentation.

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license and the ISC license.

CMakeLists.txt

@@ -114,16 +114,8 @@ if (TEST_SYSGENID_PATH)
   add_definitions(-DAWSLC_SYSGENID_PATH=\"${TEST_SYSGENID_PATH}\")
 endif()
 
-if(ANDROID)
-  # Android-NDK CMake files reconfigure the path and so Perl won't be found.
-  # However, ninja will still find them in $PATH if we just name them.
-  if(NOT DISABLE_PERL AND NOT PERL_EXECUTABLE)
-    set(PERL_EXECUTABLE "perl")
-  endif()
-else()
-  if(NOT DISABLE_PERL)
-    find_package(Perl)
-  endif()
+if(NOT DISABLE_PERL)
+  find_package(Perl REQUIRED)
 endif()
 
 if("${CMAKE_SYSTEM_NAME}" STREQUAL "Linux" AND NOT CMAKE_CROSSCOMPILING)

cmake/go.cmake

@@ -1,13 +1,5 @@
-if(ANDROID)
-  # Android-NDK CMake files reconfigure the path and so Go won't be found.
-  # However, ninja will still find them in $PATH if we just name them.
-  if(NOT DISABLE_GO AND NOT GO_EXECUTABLE)
-    set(GO_EXECUTABLE "go")
-  endif()
-else()
-  if(NOT DISABLE_GO)
-    find_program(GO_EXECUTABLE go)
-  endif()
+if(NOT DISABLE_GO)
+find_program(GO_EXECUTABLE go)
 endif()
 
 if(NOT GO_EXECUTABLE AND NOT DISABLE_GO)

crypto/CMakeLists.txt

@@ -701,8 +701,10 @@ endif()
 # CMAKE_SYSTEM_NAME is "Generic" for embedded OSes:
 # https://cmake.org/cmake/help/book/mastering-cmake/chapter/Cross%20Compiling%20With%20CMake.html#toolchain-files
 #
-# For now we assume embedded OSes do not have threads.
-if(NOT (ANDROID OR CMAKE_SYSTEM_NAME STREQUAL "Generic"))
+# For now we assume embedded OSes do not have threads. Additionally, the Threads
+# package does not work with Android, but Android does not require any extra
+# parameters to link pthreads.
+if(NOT CMAKE_SYSTEM_NAME MATCHES "^(Generic|Android)$")
   find_package(Threads REQUIRED)
   target_link_libraries(crypto PUBLIC Threads::Threads)
 endif()

crypto/fipsmodule/bn/bytes.c

@@ -63,26 +63,31 @@
 
 void bn_big_endian_to_words(BN_ULONG *out, size_t out_len, const uint8_t *in,
                             size_t in_len) {
-  for (size_t i = 0; i < out_len; i++) {
-    if (in_len < sizeof(BN_ULONG)) {
-      // Load the last partial word.
-      BN_ULONG word = 0;
-      for (size_t j = 0; j < in_len; j++) {
-        word = (word << 8) | in[j];
-      }
-      in_len = 0;
-      out[i] = word;
-      // Fill the remainder with zeros.
-      OPENSSL_memset(out + i + 1, 0, (out_len - i - 1) * sizeof(BN_ULONG));
-      break;
-    }
+  // The caller should have sized |out| to fit |in| without truncating. This
+  // condition ensures we do not overflow |out|, so use a runtime check.
+  BSSL_CHECK(in_len <= out_len * sizeof(BN_ULONG));
 
+  // Load whole words.
+  while (in_len >= sizeof(BN_ULONG)) {
     in_len -= sizeof(BN_ULONG);
-    out[i] = CRYPTO_load_word_be(in + in_len);
+    out[0] = CRYPTO_load_word_be(in + in_len);
+    out++;
+    out_len--;
   }
 
-  // The caller should have sized the output to avoid truncation.
-  assert(in_len == 0);
+  // Load the last partial word.
+  if (in_len != 0) {
+    BN_ULONG word = 0;
+    for (size_t i = 0; i < in_len; i++) {
+      word = (word << 8) | in[i];
+    }
+    out[0] = word;
+    out++;
+    out_len--;
+  }
+
+  // Fill the remainder with zeros.
+  OPENSSL_memset(out, 0, out_len * sizeof(BN_ULONG));
 }
 
 BIGNUM *BN_bin2bn(const uint8_t *in, size_t len, BIGNUM *ret) {

crypto/fipsmodule/bn/internal.h

@@ -774,7 +774,7 @@ void bn_mod_inverse0_prime_mont_small(BN_ULONG *r, const BN_ULONG *a,
 // unsigned integer and writes the result to |out_len| words in |out|. The output
 // is in little-endian word order with |out[0]| being the least-significant word.
 // |out_len| must be large enough to represent any |in_len|-byte value. That is,
-// |out_len| must be at least |BN_BYTES * in_len|.
+// |in_len| must be at most |BN_BYTES * out_len|.
 void bn_big_endian_to_words(BN_ULONG *out, size_t out_len, const uint8_t *in,
                             size_t in_len);
 

crypto/internal.h

@@ -198,12 +198,20 @@ typedef __uint128_t uint128_t;
 #define OPENSSL_FALLTHROUGH
 #endif
 
+// GCC-like compilers indicate SSE2 with |__SSE2__|. MSVC leaves the caller to
+// know that x86_64 has SSE2, and uses _M_IX86_FP to indicate SSE2 on x86.
+// https://learn.microsoft.com/en-us/cpp/preprocessor/predefined-macros?view=msvc-170
+#if defined(__SSE2__) || defined(_M_AMD64) || defined(_M_X64) || \
+    (defined(_M_IX86_FP) && _M_IX86_FP >= 2)
+#define OPENSSL_SSE2
+#endif
+
 // For convenience in testing 64-bit generic code, we allow disabling SSE2
 // intrinsics via |OPENSSL_NO_SSE2_FOR_TESTING|. x86_64 always has SSE2
 // available, so we would otherwise need to test such code on a non-x86_64
 // platform.
-#if defined(__SSE2__) && !defined(OPENSSL_NO_SSE2_FOR_TESTING)
-#define OPENSSL_SSE2
+#if defined(OPENSSL_SSE2) && defined(OPENSSL_NO_SSE2_FOR_TESTING)
+#undef OPENSSL_SSE2
 #endif
 
 #if defined(__GNUC__) || defined(__clang__)

include/openssl/posix_time.h

@@ -0,0 +1,45 @@
+/* Copyright (c) 2022, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#ifndef OPENSSL_HEADER_POSIX_TIME_H
+#define OPENSSL_HEADER_POSIX_TIME_H
+
+#include <openssl/base.h>
+
+#include <time.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+
+// Time functions.
+
+
+// OPENSSL_posix_to_tm converts a int64_t POSIX time value in |time|, which must
+// be in the range of year 0000 to 9999, to a broken out time value in |tm|. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int OPENSSL_posix_to_tm(int64_t time, struct tm *out_tm);
+
+// OPENSSL_tm_to_posix converts a time value between the years 0 and 9999 in
+// |tm| to a POSIX time value in |out|. One is returned on success, zero is
+// returned on failure. It is a failure if |tm| contains out of range values.
+OPENSSL_EXPORT int OPENSSL_tm_to_posix(const struct tm *tm, int64_t *out);
+
+
+#if defined(__cplusplus)
+}  // extern C
+#endif
+
+#endif  // OPENSSL_HEADER_POSIX_TIME_H

include/openssl/time.h

@@ -1,4 +1,4 @@
-/* Copyright (c) 2022, Google Inc.
+/* Copyright (c) 2024, Google Inc.
  *
  * Permission to use, copy, modify, and/or distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -15,31 +15,8 @@
 #ifndef OPENSSL_HEADER_TIME_H
 #define OPENSSL_HEADER_TIME_H
 
-#include <openssl/base.h>
+// Compatibility header, to be deprecated. use <openssl/posix_time.h> instead.
 
-#include <time.h>
-
-#if defined(__cplusplus)
-extern "C" {
-#endif
-
-
-// Time functions.
-
-
-// OPENSSL_posix_to_tm converts a int64_t POSIX time value in |time|, which must
-// be in the range of year 0000 to 9999, to a broken out time value in |tm|. It
-// returns one on success and zero on error.
-OPENSSL_EXPORT int OPENSSL_posix_to_tm(int64_t time, struct tm *out_tm);
-
-// OPENSSL_tm_to_posix converts a time value between the years 0 and 9999 in
-// |tm| to a POSIX time value in |out|. One is returned on success, zero is
-// returned on failure. It is a failure if |tm| contains out of range values.
-OPENSSL_EXPORT int OPENSSL_tm_to_posix(const struct tm *tm, int64_t *out);
-
-
-#if defined(__cplusplus)
-}  // extern C
-#endif
+#include <openssl/posix_time.h>
 
 #endif  // OPENSSL_HEADER_TIME_H

util/doc.config

@@ -14,10 +14,10 @@
       "include/openssl/mem.h",
       "include/openssl/obj.h",
       "include/openssl/pool.h",
+      "include/openssl/posix_time.h",
       "include/openssl/rand.h",
       "include/openssl/service_indicator.h",
-      "include/openssl/stack.h",
-      "include/openssl/time.h"
+      "include/openssl/stack.h"
     ]
   },{
     "Name": "Low-level crypto primitives",