Upstream merge 2024 10 17 #1934
Open
+822
−642
Commits on Oct 17, 2024
-
Write down the bounds for the sha*_block_data_order functions
May as well. Change-Id: I0d15f0f6f703129f08df4a105a34c8ff06cb06b5 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65871 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Bob Beck <bbe@google.com> (cherry picked from commit 70054a3a7bf1c3b26a2fcb9b064002e6962e3480)
-
Move capability checks in sha1-586.pl to C
sha256-586.pl and sha512-586.pl have their own unique challenges, so I'll do them separately. Bug: 673 Change-Id: Ic9be0454fddf75e7f49bcccd8a86a4ff8862ff67 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65872 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Bob Beck <bbe@google.com> (cherry picked from commit 11688849bf1c9d4d0d1ad8aa7cd860275284317b)
-
Document some miscellaneous x509.h functions
These three aren't part of some larger category of functions. Bug: 426 Change-Id: I94c977b20c6e6beb51df9d89f86851c960b4dfc6 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65809 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Bob Beck <bbe@google.com> (cherry picked from commit e273d1d18794ceb236bd426ec91079b2ebc660bb)
-
Remove old "check for P4" in sha256-586.pl
Historically, OPENSSL_ia32cap_P used reserved bit 20 to trigger some variation in the RC4 implementation. That same bit was used in upstream's f889bb03841c69330d1e14a873c9982d3702f2d0 to disable some optimization on the Pentium 4. We've long since always cleared that flag (see cpu_intel.c), so this is dead code. Remove it. Change-Id: Ib9c0d88235617941833eb8aabb17a4713bdf6606 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65873 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Bob Beck <bbe@google.com> (cherry picked from commit 3f119b7f774900ce22e9b65068e10aa7bdc7fd91)
Commits on Oct 18, 2024
-
Move capability checks in sha256-586.pl to C
This took a little restructuring because they were previously all one big function. Some notes: - label() and set_label() in x86 perlasm default to function-scoped. But static_label() marks a label as file-scoped, which is why "pic_point" and "K256" work. - There's a pretty sizeable common preamble. I just copied it to each for simplicity. I'm pretty sure some of it is wasted, but it's definitely not all wasted, between loading parameters, setting up stack alignment, and saving the old stack location. But I'm not sure if all those 16 bytes are actually used. Bug: 673 Change-Id: I6e8671d05d07cb4676ecf117dd56e2ed355c5d19 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65874 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Bob Beck <bbe@google.com> (cherry picked from commit 469118ca637887427f9727f1aac13c3e5bdee068)
-
Use BIO_TYPE_* constants for flags
Also remove some of the comments that, with the constants, don't provide any real value. Change-Id: Ie73d840ac5613a6750796e21a9ab1d644edfe5b1 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66448 Reviewed-by: Bob Beck <bbe@google.com> Auto-Submit: David Benjamin <davidben@google.com> Commit-Queue: Bob Beck <bbe@google.com> (cherry picked from commit 7101b14d18f1a3bb9c3c6b9de56924e21bb08be5)
-
Const-correct the 'kstr' parameter of PEM functions
Also rename to pass and pass_len, which makes a bit more sense for what these are. Change-Id: If3421ed7890c92cd11130641a8a2e090cc7f8b91 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65810 Commit-Queue: David Benjamin <davidben@google.com> Auto-Submit: David Benjamin <davidben@google.com> Reviewed-by: Bob Beck <bbe@google.com> (cherry picked from commit e44712755dd9281656009d4931cf7ae12201ae21)
-
Make an internal RefCounted base class for libssl
This is still a bit more tedious than I'd like, but we've got three of these and I'm about to add a fourth. Add something like Chromium's base class. But where Chromium integrates the base class directly with scoped_refptr (giving a place for a static_assert that you did the subclassing right), we don't quite have that since we need to integrate with the external C API. Instead, use the "passkey" pattern and have RefCounted<T>'s protected constructor take a struct that only T can construct. The passkey ensures that only T can construct RefCounted<T>, and the protectedness ensures that T subclassed RefCounted<T>. (I think the latter already comes from the static_cast in DecRef, but may as well.) Change-Id: Icf4cbc7d4168010ee46dfa3a7b0a2e7c20aaf383 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66369 Reviewed-by: Bob Beck <bbe@google.com> Commit-Queue: David Benjamin <davidben@google.com> (cherry picked from commit fbf10f0d968beb56622eb4927bace53a0e931189)
Commits on Oct 21, 2024
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.