Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upstream merge 2024 10 17 #1934

Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open

Upstream merge 2024 10 17 #1934

wants to merge 9 commits into from
+822 −642

Conversation

torben-hansen
Copy link
Contributor

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

@davidben @torben-hansen
Write down the bounds for the sha*_block_data_order functions
09e9443 
May as well.

Change-Id: I0d15f0f6f703129f08df4a105a34c8ff06cb06b5
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65871
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
(cherry picked from commit 70054a3a7bf1c3b26a2fcb9b064002e6962e3480)
@davidben @torben-hansen
Move capability checks in sha1-586.pl to C
441380e 
sha256-586.pl and sha512-586.pl have their own unique challenges, so
I'll do them separately.

Bug: 673
Change-Id: Ic9be0454fddf75e7f49bcccd8a86a4ff8862ff67
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65872
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
(cherry picked from commit 11688849bf1c9d4d0d1ad8aa7cd860275284317b)
@davidben @torben-hansen
Document some miscellaneous x509.h functions
fd70e3d 
These three aren't part of some larger category of functions.

Bug: 426
Change-Id: I94c977b20c6e6beb51df9d89f86851c960b4dfc6
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65809
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
(cherry picked from commit e273d1d18794ceb236bd426ec91079b2ebc660bb)
@davidben @torben-hansen
Remove old "check for P4" in sha256-586.pl
d1c871c 
Historically, OPENSSL_ia32cap_P used reserved bit 20 to trigger some
variation in the RC4 implementation. That same bit was used in
upstream's f889bb03841c69330d1e14a873c9982d3702f2d0 to disable some
optimization on the Pentium 4.

We've long since always cleared that flag (see cpu_intel.c), so this is
dead code. Remove it.

Change-Id: Ib9c0d88235617941833eb8aabb17a4713bdf6606
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65873
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
(cherry picked from commit 3f119b7f774900ce22e9b65068e10aa7bdc7fd91)
@davidben @torben-hansen
Move capability checks in sha256-586.pl to C
6a6ead0 
This took a little restructuring because they were previously all one
big function. Some notes:

- label() and set_label() in x86 perlasm default to function-scoped. But
  static_label() marks a label as file-scoped, which is why "pic_point"
  and "K256" work.

- There's a pretty sizeable common preamble. I just copied it to each
  for simplicity. I'm pretty sure some of it is wasted, but it's
  definitely not all wasted, between loading parameters, setting up
  stack alignment, and saving the old stack location. But I'm not sure
  if all those 16 bytes are actually used.

Bug: 673
Change-Id: I6e8671d05d07cb4676ecf117dd56e2ed355c5d19
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65874
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
(cherry picked from commit 469118ca637887427f9727f1aac13c3e5bdee068)
@davidben @torben-hansen
Use BIO_TYPE_* constants for flags
c389e02 
Also remove some of the comments that, with the constants, don't provide
any real value.

Change-Id: Ie73d840ac5613a6750796e21a9ab1d644edfe5b1
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66448
Reviewed-by: Bob Beck <bbe@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
(cherry picked from commit 7101b14d18f1a3bb9c3c6b9de56924e21bb08be5)
@davidben @torben-hansen
Const-correct the 'kstr' parameter of PEM functions
2bf3139 
Also rename to pass and pass_len, which makes a bit more sense for what
these are.

Change-Id: If3421ed7890c92cd11130641a8a2e090cc7f8b91
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65810
Commit-Queue: David Benjamin <davidben@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
(cherry picked from commit e44712755dd9281656009d4931cf7ae12201ae21)
@davidben @torben-hansen
Make an internal RefCounted base class for libssl
6712c07 
This is still a bit more tedious than I'd like, but we've got three of
these and I'm about to add a fourth. Add something like Chromium's base
class. But where Chromium integrates the base class directly with
scoped_refptr (giving a place for a static_assert that you did the
subclassing right), we don't quite have that since we need to integrate
with the external C API.

Instead, use the "passkey" pattern and have RefCounted<T>'s protected
constructor take a struct that only T can construct. The passkey ensures
that only T can construct RefCounted<T>, and the protectedness ensures
that T subclassed RefCounted<T>. (I think the latter already comes from
the static_cast in DecRef, but may as well.)

Change-Id: Icf4cbc7d4168010ee46dfa3a7b0a2e7c20aaf383
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66369
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
(cherry picked from commit fbf10f0d968beb56622eb4927bace53a0e931189)
@torben-hansen torben-hansen requested a review from a team as a code owner October 18, 2024 20:10
@codecov-commenter
Copy link

codecov-commenter commented Oct 18, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 67.14286% with 23 lines in your changes missing coverage. Please review.

Project coverage is 78.68%. Comparing base (5afcb95) to head (328ef55).
Report is 4 commits behind head on main.

Files with missing lines Patch % Lines
crypto/pem/pem_pk8.c 4.16% 23 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1934      +/-   ##
==========================================
+ Coverage   78.54%   78.68%   +0.13%     
==========================================
  Files         585      585              
  Lines       99803   100838    +1035     
  Branches    14284    14293       +9     
==========================================
+ Hits        78394    79342     +948     
- Misses      20775    20861      +86     
- Partials      634      635       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@samuel40791765 samuel40791765 samuel40791765 approved these changes

@justsmth justsmth Awaiting requested review from justsmth

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@torben-hansen @codecov-commenter @samuel40791765 @davidben