kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
8d606e361c
boringssl/crypto/crypto.c

174 lines
5.1 KiB
C
Raw Normal View History

Add a CRYPTO_library_init and static-initializer-less build option. Chromium does not like static initializers, and the CPU logic uses one to initialize CPU bits. However, the crypto library lacks an explicit initialization function, which could complicate (no compile-time errors) porting existing code which uses crypto/, but not ssl/. Add an explicit CRYPTO_library_init function, but make it a no-op by default. It only does anything (and is required) if building with BORINGSSL_NO_STATIC_INITIALIZER. Change-Id: I6933bdc3447fb382b1f87c788e5b8142d6f3fe39 Reviewed-on: https://boringssl-review.googlesource.com/1770 Reviewed-by: Adam Langley <agl@google.com>
2014-09-12 00:11:15 +01:00
/* Copyright (c) 2014, Google Inc.
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
#include <openssl/crypto.h>
Become partially -Wmissing-variable-declarations-clean. There's a few things that will be kind of a nuisance and possibly not worth it (crypto/asn1 dumps a lot of undeclared things, etc.). But it caught some mistakes. Even without the warning, making sure to include the externs before defining a function helps catch type mismatches. Change-Id: I3dab282aaba6023e7cebc94ed7a767a5d7446b08 Reviewed-on: https://boringssl-review.googlesource.com/6484 Reviewed-by: Adam Langley <agl@google.com>
2015-11-12 05:33:18 +00:00
#include <openssl/cpu.h>
Add a CRYPTO_library_init and static-initializer-less build option. Chromium does not like static initializers, and the CPU logic uses one to initialize CPU bits. However, the crypto library lacks an explicit initialization function, which could complicate (no compile-time errors) porting existing code which uses crypto/, but not ssl/. Add an explicit CRYPTO_library_init function, but make it a no-op by default. It only does anything (and is required) if building with BORINGSSL_NO_STATIC_INITIALIZER. Change-Id: I6933bdc3447fb382b1f87c788e5b8142d6f3fe39 Reviewed-on: https://boringssl-review.googlesource.com/1770 Reviewed-by: Adam Langley <agl@google.com>
2014-09-12 00:11:15 +01:00
#include "internal.h"
aarch64 support. This is an initial cut at aarch64 support. I have only qemu to test it however—hopefully hardware will be coming soon. This also affects 32-bit ARM in that aarch64 chips can run 32-bit code and we would like to be able to take advantage of the crypto operations even in 32-bit mode. AES and GHASH should Just Work in this case: the -armx.pl files can be built for either 32- or 64-bit mode based on the flavour argument given to the Perl script. SHA-1 and SHA-256 don't work like this however because they've never support for multiple implementations, thus BoringSSL built for 32-bit won't use the SHA instructions on an aarch64 chip. No dedicated ChaCha20 or Poly1305 support yet. Change-Id: Ib275bc4894a365c8ec7c42f4e91af6dba3bd686c Reviewed-on: https://boringssl-review.googlesource.com/2801 Reviewed-by: Adam Langley <agl@google.com>
2015-01-09 23:44:37 +00:00
Allow ARM capabilities to be set at compile time. Some ARM environments don't support |getauxval| or signals and need to configure the capabilities of the chip at compile time. This change adds defines that allow them to do so. Change-Id: I4e6987f69dd13444029bc7ac7ed4dbf8fb1faa76 Reviewed-on: https://boringssl-review.googlesource.com/6280 Reviewed-by: Adam Langley <agl@google.com>
2015-10-16 23:46:46 +01:00
#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_STATIC_ARMCAP) && \
aarch64 support. This is an initial cut at aarch64 support. I have only qemu to test it however—hopefully hardware will be coming soon. This also affects 32-bit ARM in that aarch64 chips can run 32-bit code and we would like to be able to take advantage of the crypto operations even in 32-bit mode. AES and GHASH should Just Work in this case: the -armx.pl files can be built for either 32- or 64-bit mode based on the flavour argument given to the Perl script. SHA-1 and SHA-256 don't work like this however because they've never support for multiple implementations, thus BoringSSL built for 32-bit won't use the SHA instructions on an aarch64 chip. No dedicated ChaCha20 or Poly1305 support yet. Change-Id: Ib275bc4894a365c8ec7c42f4e91af6dba3bd686c Reviewed-on: https://boringssl-review.googlesource.com/2801 Reviewed-by: Adam Langley <agl@google.com>
2015-01-09 23:44:37 +00:00
(defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || \
Add PPC64LE assembly for AES-GCM. This change adds AES and GHASH assembly from upstream, with the aim of speeding up AES-GCM. The PPC64LE assembly matches the interface of the ARMv8 assembly so I've changed the prefix of both sets of asm functions to be the same ("aes_hw_"). Otherwise, the new assmebly files and Perlasm match exactly those from upstream's c536b6be1a (from their master branch). Before: Did 1879000 AES-128-GCM (16 bytes) seal operations in 1000428us (1878196.1 ops/sec): 30.1 MB/s Did 61000 AES-128-GCM (1350 bytes) seal operations in 1006660us (60596.4 ops/sec): 81.8 MB/s Did 11000 AES-128-GCM (8192 bytes) seal operations in 1072649us (10255.0 ops/sec): 84.0 MB/s Did 1665000 AES-256-GCM (16 bytes) seal operations in 1000591us (1664016.6 ops/sec): 26.6 MB/s Did 52000 AES-256-GCM (1350 bytes) seal operations in 1006971us (51640.0 ops/sec): 69.7 MB/s Did 8840 AES-256-GCM (8192 bytes) seal operations in 1013294us (8724.0 ops/sec): 71.5 MB/s After: Did 4994000 AES-128-GCM (16 bytes) seal operations in 1000017us (4993915.1 ops/sec): 79.9 MB/s Did 1389000 AES-128-GCM (1350 bytes) seal operations in 1000073us (1388898.6 ops/sec): 1875.0 MB/s Did 319000 AES-128-GCM (8192 bytes) seal operations in 1000101us (318967.8 ops/sec): 2613.0 MB/s Did 4668000 AES-256-GCM (16 bytes) seal operations in 1000149us (4667304.6 ops/sec): 74.7 MB/s Did 1202000 AES-256-GCM (1350 bytes) seal operations in 1000646us (1201224.0 ops/sec): 1621.7 MB/s Did 269000 AES-256-GCM (8192 bytes) seal operations in 1002804us (268247.8 ops/sec): 2197.5 MB/s Change-Id: Id848562bd4e1aa79a4683012501dfa5e6c08cfcc Reviewed-on: https://boringssl-review.googlesource.com/11262 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-09-23 20:47:24 +01:00
defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) || \
defined(OPENSSL_PPC64LE))
/* x86, x86_64, the ARMs and ppc64le need to record the result of a
* cpuid/getauxval call for the asm to work correctly, unless compiled without
* asm code. */
Don't try to setup CPUID if NO_ASM. Change-Id: Idec1cda87b0a58e9350d0e10c3251a2c47ac1929 Reviewed-on: https://boringssl-review.googlesource.com/1790 Reviewed-by: Adam Langley <agl@google.com>
2014-09-19 18:15:33 +01:00
#define NEED_CPUID
Add a CRYPTO_library_init and static-initializer-less build option. Chromium does not like static initializers, and the CPU logic uses one to initialize CPU bits. However, the crypto library lacks an explicit initialization function, which could complicate (no compile-time errors) porting existing code which uses crypto/, but not ssl/. Add an explicit CRYPTO_library_init function, but make it a no-op by default. It only does anything (and is required) if building with BORINGSSL_NO_STATIC_INITIALIZER. Change-Id: I6933bdc3447fb382b1f87c788e5b8142d6f3fe39 Reviewed-on: https://boringssl-review.googlesource.com/1770 Reviewed-by: Adam Langley <agl@google.com>
2014-09-12 00:11:15 +01:00
Don't try to setup CPUID if NO_ASM. Change-Id: Idec1cda87b0a58e9350d0e10c3251a2c47ac1929 Reviewed-on: https://boringssl-review.googlesource.com/1790 Reviewed-by: Adam Langley <agl@google.com>
2014-09-19 18:15:33 +01:00
#else
/* Otherwise, don't emit a static initialiser. */
#if !defined(BORINGSSL_NO_STATIC_INITIALIZER)
Add a CRYPTO_library_init and static-initializer-less build option. Chromium does not like static initializers, and the CPU logic uses one to initialize CPU bits. However, the crypto library lacks an explicit initialization function, which could complicate (no compile-time errors) porting existing code which uses crypto/, but not ssl/. Add an explicit CRYPTO_library_init function, but make it a no-op by default. It only does anything (and is required) if building with BORINGSSL_NO_STATIC_INITIALIZER. Change-Id: I6933bdc3447fb382b1f87c788e5b8142d6f3fe39 Reviewed-on: https://boringssl-review.googlesource.com/1770 Reviewed-by: Adam Langley <agl@google.com>
2014-09-12 00:11:15 +01:00
#define BORINGSSL_NO_STATIC_INITIALIZER
#endif
aarch64 support. This is an initial cut at aarch64 support. I have only qemu to test it however—hopefully hardware will be coming soon. This also affects 32-bit ARM in that aarch64 chips can run 32-bit code and we would like to be able to take advantage of the crypto operations even in 32-bit mode. AES and GHASH should Just Work in this case: the -armx.pl files can be built for either 32- or 64-bit mode based on the flavour argument given to the Perl script. SHA-1 and SHA-256 don't work like this however because they've never support for multiple implementations, thus BoringSSL built for 32-bit won't use the SHA instructions on an aarch64 chip. No dedicated ChaCha20 or Poly1305 support yet. Change-Id: Ib275bc4894a365c8ec7c42f4e91af6dba3bd686c Reviewed-on: https://boringssl-review.googlesource.com/2801 Reviewed-by: Adam Langley <agl@google.com>
2015-01-09 23:44:37 +00:00
#endif /* !OPENSSL_NO_ASM && (OPENSSL_X86 || OPENSSL_X86_64 ||
OPENSSL_ARM || OPENSSL_AARCH64) */
/* The capability variables are defined in this file in order to work around a
* linker bug. When linking with a .a, if no symbols in a .o are referenced
* then the .o is discarded, even if it has constructor functions.
*
* This still means that any binaries that don't include some functionality
* that tests the capability values will still skip the constructor but, so
* far, the init constructor function only sets the capability variables. */
#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
Make the POWER hardware capability value a global in crypto.c. (Thanks to Sam Panzer for the patch.) At least some linkers will drop constructor functions if no symbols from that translation unit are used elsewhere in the program. On POWER, since the cached capability value isn't a global in crypto.o (like other platforms), the constructor function is getting discarded. The C++11 spec says (3.6.2, paragraph 4): It is implementation-defined whether the dynamic initialization of a non-local variable with static storage duration is done before the first statement of main. If the initialization is deferred to some point in time after the first statement of main, it shall occur before the first odr-use (3.2) of any function or variable defined in the same translation unit as the variable to be initialized. Compilers appear to interpret that to mean they are allowed to drop (i.e. indefinitely defer) constructors that occur in translation units that are never used, so they can avoid initializing some part of a library if it's dropped on the floor. This change makes the hardware capability value for POWER a global in crypto.c, which should prevent the constructor function from being ignored. Change-Id: I43ebe492d0ac1491f6f6c2097971a277f923dd3e Reviewed-on: https://boringssl-review.googlesource.com/14664 Commit-Queue: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-04-04 19:08:28 +01:00
aarch64 support. This is an initial cut at aarch64 support. I have only qemu to test it however—hopefully hardware will be coming soon. This also affects 32-bit ARM in that aarch64 chips can run 32-bit code and we would like to be able to take advantage of the crypto operations even in 32-bit mode. AES and GHASH should Just Work in this case: the -armx.pl files can be built for either 32- or 64-bit mode based on the flavour argument given to the Perl script. SHA-1 and SHA-256 don't work like this however because they've never support for multiple implementations, thus BoringSSL built for 32-bit won't use the SHA instructions on an aarch64 chip. No dedicated ChaCha20 or Poly1305 support yet. Change-Id: Ib275bc4894a365c8ec7c42f4e91af6dba3bd686c Reviewed-on: https://boringssl-review.googlesource.com/2801 Reviewed-by: Adam Langley <agl@google.com>
2015-01-09 23:44:37 +00:00
/* This value must be explicitly initialised to zero in order to work around a
* bug in libtool or the linker on OS X.
*
* If not initialised then it becomes a "common symbol". When put into an
* archive, linking on OS X will fail to resolve common symbols. By
* initialising it to zero, it becomes a "data symbol", which isn't so
* affected. */
uint32_t OPENSSL_ia32cap_P[4] = {0};
Make the POWER hardware capability value a global in crypto.c. (Thanks to Sam Panzer for the patch.) At least some linkers will drop constructor functions if no symbols from that translation unit are used elsewhere in the program. On POWER, since the cached capability value isn't a global in crypto.o (like other platforms), the constructor function is getting discarded. The C++11 spec says (3.6.2, paragraph 4): It is implementation-defined whether the dynamic initialization of a non-local variable with static storage duration is done before the first statement of main. If the initialization is deferred to some point in time after the first statement of main, it shall occur before the first odr-use (3.2) of any function or variable defined in the same translation unit as the variable to be initialized. Compilers appear to interpret that to mean they are allowed to drop (i.e. indefinitely defer) constructors that occur in translation units that are never used, so they can avoid initializing some part of a library if it's dropped on the floor. This change makes the hardware capability value for POWER a global in crypto.c, which should prevent the constructor function from being ignored. Change-Id: I43ebe492d0ac1491f6f6c2097971a277f923dd3e Reviewed-on: https://boringssl-review.googlesource.com/14664 Commit-Queue: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-04-04 19:08:28 +01:00
#elif defined(OPENSSL_PPC64LE)
unsigned long OPENSSL_ppc64le_hwcap2 = 0;
aarch64 support. This is an initial cut at aarch64 support. I have only qemu to test it however—hopefully hardware will be coming soon. This also affects 32-bit ARM in that aarch64 chips can run 32-bit code and we would like to be able to take advantage of the crypto operations even in 32-bit mode. AES and GHASH should Just Work in this case: the -armx.pl files can be built for either 32- or 64-bit mode based on the flavour argument given to the Perl script. SHA-1 and SHA-256 don't work like this however because they've never support for multiple implementations, thus BoringSSL built for 32-bit won't use the SHA instructions on an aarch64 chip. No dedicated ChaCha20 or Poly1305 support yet. Change-Id: Ib275bc4894a365c8ec7c42f4e91af6dba3bd686c Reviewed-on: https://boringssl-review.googlesource.com/2801 Reviewed-by: Adam Langley <agl@google.com>
2015-01-09 23:44:37 +00:00
#elif defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)
Move arm_arch.h and fix up lots of include paths. arm_arch.h is included from ARM asm files, but lives in crypto/, not openssl/include/. Since the asm files are often built from a different location than their position in the source tree, relative include paths are unlikely to work so, rather than having crypto/ be a de-facto, second global include path, this change moves arm_arch.h to include/openssl/. It also removes entries from many include paths because they should be needed as relative includes are always based on the locations of the source file. Change-Id: I638ff43d641ca043a4fc06c0d901b11c6ff73542 Reviewed-on: https://boringssl-review.googlesource.com/5746 Reviewed-by: Adam Langley <agl@google.com>
2015-08-25 02:03:17 +01:00
#include <openssl/arm_arch.h>
aarch64 support. This is an initial cut at aarch64 support. I have only qemu to test it however—hopefully hardware will be coming soon. This also affects 32-bit ARM in that aarch64 chips can run 32-bit code and we would like to be able to take advantage of the crypto operations even in 32-bit mode. AES and GHASH should Just Work in this case: the -armx.pl files can be built for either 32- or 64-bit mode based on the flavour argument given to the Perl script. SHA-1 and SHA-256 don't work like this however because they've never support for multiple implementations, thus BoringSSL built for 32-bit won't use the SHA instructions on an aarch64 chip. No dedicated ChaCha20 or Poly1305 support yet. Change-Id: Ib275bc4894a365c8ec7c42f4e91af6dba3bd686c Reviewed-on: https://boringssl-review.googlesource.com/2801 Reviewed-by: Adam Langley <agl@google.com>
2015-01-09 23:44:37 +00:00
Allow ARM capabilities to be set at compile time. Some ARM environments don't support |getauxval| or signals and need to configure the capabilities of the chip at compile time. This change adds defines that allow them to do so. Change-Id: I4e6987f69dd13444029bc7ac7ed4dbf8fb1faa76 Reviewed-on: https://boringssl-review.googlesource.com/6280 Reviewed-by: Adam Langley <agl@google.com>
2015-10-16 23:46:46 +01:00
#if defined(OPENSSL_STATIC_ARMCAP)
uint32_t OPENSSL_armcap_P =
#if defined(OPENSSL_STATIC_ARMCAP_NEON) || defined(__ARM_NEON__)
Remove CRYPTO_set_NEON_functional. This depends on https://codereview.chromium.org/1730823002/. The bit was only ever targetted to one (rather old) CPU. Disable NEON on it uniformly, so we don't have to worry about whether any new NEON code breaks it. BUG=589200 Change-Id: Icc7d17d634735aca5425fe0a765ec2fba3329326 Reviewed-on: https://boringssl-review.googlesource.com/7211 Reviewed-by: Adam Langley <agl@google.com>
2016-02-23 23:04:15 +00:00
ARMV7_NEON |
Allow ARM capabilities to be set at compile time. Some ARM environments don't support |getauxval| or signals and need to configure the capabilities of the chip at compile time. This change adds defines that allow them to do so. Change-Id: I4e6987f69dd13444029bc7ac7ed4dbf8fb1faa76 Reviewed-on: https://boringssl-review.googlesource.com/6280 Reviewed-by: Adam Langley <agl@google.com>
2015-10-16 23:46:46 +01:00
#endif
Set static armcaps based on __ARM_FEATURE_CRYPTO. Originally we had some confusion around whether the features could be toggled individually or not. Per the ARM C Language Extensions doc[1], __ARM_FEATURE_CRYPTO implies the "crypto extension" which encompasses all of them. The runtime CPUID equivalent can report the features individually, but it seems no one separates them in practice, for now. (If they ever do, probably there'll be a new set of #defines.) [1] http://infocenter.arm.com/help/topic/com.arm.doc.ihi0053c/IHI0053C_acle_2_0.pdf Change-Id: I12915dfc308f58fb005286db75e50d8328eeb3ea Reviewed-on: https://boringssl-review.googlesource.com/16991 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-06-08 21:53:28 +01:00
#if defined(OPENSSL_STATIC_ARMCAP_AES) || defined(__ARM_FEATURE_CRYPTO)
Allow ARM capabilities to be set at compile time. Some ARM environments don't support |getauxval| or signals and need to configure the capabilities of the chip at compile time. This change adds defines that allow them to do so. Change-Id: I4e6987f69dd13444029bc7ac7ed4dbf8fb1faa76 Reviewed-on: https://boringssl-review.googlesource.com/6280 Reviewed-by: Adam Langley <agl@google.com>
2015-10-16 23:46:46 +01:00
ARMV8_AES |
#endif
Set static armcaps based on __ARM_FEATURE_CRYPTO. Originally we had some confusion around whether the features could be toggled individually or not. Per the ARM C Language Extensions doc[1], __ARM_FEATURE_CRYPTO implies the "crypto extension" which encompasses all of them. The runtime CPUID equivalent can report the features individually, but it seems no one separates them in practice, for now. (If they ever do, probably there'll be a new set of #defines.) [1] http://infocenter.arm.com/help/topic/com.arm.doc.ihi0053c/IHI0053C_acle_2_0.pdf Change-Id: I12915dfc308f58fb005286db75e50d8328eeb3ea Reviewed-on: https://boringssl-review.googlesource.com/16991 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-06-08 21:53:28 +01:00
#if defined(OPENSSL_STATIC_ARMCAP_SHA1) || defined(__ARM_FEATURE_CRYPTO)
Allow ARM capabilities to be set at compile time. Some ARM environments don't support |getauxval| or signals and need to configure the capabilities of the chip at compile time. This change adds defines that allow them to do so. Change-Id: I4e6987f69dd13444029bc7ac7ed4dbf8fb1faa76 Reviewed-on: https://boringssl-review.googlesource.com/6280 Reviewed-by: Adam Langley <agl@google.com>
2015-10-16 23:46:46 +01:00
ARMV8_SHA1 |
#endif
Set static armcaps based on __ARM_FEATURE_CRYPTO. Originally we had some confusion around whether the features could be toggled individually or not. Per the ARM C Language Extensions doc[1], __ARM_FEATURE_CRYPTO implies the "crypto extension" which encompasses all of them. The runtime CPUID equivalent can report the features individually, but it seems no one separates them in practice, for now. (If they ever do, probably there'll be a new set of #defines.) [1] http://infocenter.arm.com/help/topic/com.arm.doc.ihi0053c/IHI0053C_acle_2_0.pdf Change-Id: I12915dfc308f58fb005286db75e50d8328eeb3ea Reviewed-on: https://boringssl-review.googlesource.com/16991 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-06-08 21:53:28 +01:00
#if defined(OPENSSL_STATIC_ARMCAP_SHA256) || defined(__ARM_FEATURE_CRYPTO)
Allow ARM capabilities to be set at compile time. Some ARM environments don't support |getauxval| or signals and need to configure the capabilities of the chip at compile time. This change adds defines that allow them to do so. Change-Id: I4e6987f69dd13444029bc7ac7ed4dbf8fb1faa76 Reviewed-on: https://boringssl-review.googlesource.com/6280 Reviewed-by: Adam Langley <agl@google.com>
2015-10-16 23:46:46 +01:00
ARMV8_SHA256 |
#endif
Set static armcaps based on __ARM_FEATURE_CRYPTO. Originally we had some confusion around whether the features could be toggled individually or not. Per the ARM C Language Extensions doc[1], __ARM_FEATURE_CRYPTO implies the "crypto extension" which encompasses all of them. The runtime CPUID equivalent can report the features individually, but it seems no one separates them in practice, for now. (If they ever do, probably there'll be a new set of #defines.) [1] http://infocenter.arm.com/help/topic/com.arm.doc.ihi0053c/IHI0053C_acle_2_0.pdf Change-Id: I12915dfc308f58fb005286db75e50d8328eeb3ea Reviewed-on: https://boringssl-review.googlesource.com/16991 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-06-08 21:53:28 +01:00
#if defined(OPENSSL_STATIC_ARMCAP_PMULL) || defined(__ARM_FEATURE_CRYPTO)
Allow ARM capabilities to be set at compile time. Some ARM environments don't support |getauxval| or signals and need to configure the capabilities of the chip at compile time. This change adds defines that allow them to do so. Change-Id: I4e6987f69dd13444029bc7ac7ed4dbf8fb1faa76 Reviewed-on: https://boringssl-review.googlesource.com/6280 Reviewed-by: Adam Langley <agl@google.com>
2015-10-16 23:46:46 +01:00
ARMV8_PMULL |
#endif
0;
aarch64 support. This is an initial cut at aarch64 support. I have only qemu to test it however—hopefully hardware will be coming soon. This also affects 32-bit ARM in that aarch64 chips can run 32-bit code and we would like to be able to take advantage of the crypto operations even in 32-bit mode. AES and GHASH should Just Work in this case: the -armx.pl files can be built for either 32- or 64-bit mode based on the flavour argument given to the Perl script. SHA-1 and SHA-256 don't work like this however because they've never support for multiple implementations, thus BoringSSL built for 32-bit won't use the SHA instructions on an aarch64 chip. No dedicated ChaCha20 or Poly1305 support yet. Change-Id: Ib275bc4894a365c8ec7c42f4e91af6dba3bd686c Reviewed-on: https://boringssl-review.googlesource.com/2801 Reviewed-by: Adam Langley <agl@google.com>
2015-01-09 23:44:37 +00:00
#else
Remove CRYPTO_set_NEON_functional. This depends on https://codereview.chromium.org/1730823002/. The bit was only ever targetted to one (rather old) CPU. Disable NEON on it uniformly, so we don't have to worry about whether any new NEON code breaks it. BUG=589200 Change-Id: Icc7d17d634735aca5425fe0a765ec2fba3329326 Reviewed-on: https://boringssl-review.googlesource.com/7211 Reviewed-by: Adam Langley <agl@google.com>
2016-02-23 23:04:15 +00:00
uint32_t OPENSSL_armcap_P = 0;
aarch64 support. This is an initial cut at aarch64 support. I have only qemu to test it however—hopefully hardware will be coming soon. This also affects 32-bit ARM in that aarch64 chips can run 32-bit code and we would like to be able to take advantage of the crypto operations even in 32-bit mode. AES and GHASH should Just Work in this case: the -armx.pl files can be built for either 32- or 64-bit mode based on the flavour argument given to the Perl script. SHA-1 and SHA-256 don't work like this however because they've never support for multiple implementations, thus BoringSSL built for 32-bit won't use the SHA instructions on an aarch64 chip. No dedicated ChaCha20 or Poly1305 support yet. Change-Id: Ib275bc4894a365c8ec7c42f4e91af6dba3bd686c Reviewed-on: https://boringssl-review.googlesource.com/2801 Reviewed-by: Adam Langley <agl@google.com>
2015-01-09 23:44:37 +00:00
#endif
#endif
First part of the FIPS module. Change-Id: Ic3a91ccd2c8cdc364740f256fdb8a7ff66177947 Reviewed-on: https://boringssl-review.googlesource.com/14506 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com>
2017-04-04 22:21:43 +01:00
#if defined(BORINGSSL_FIPS)
/* In FIPS mode, the power-on self-test function calls |CRYPTO_library_init|
* because we have to ensure that CPUID detection occurs first. */
#define BORINGSSL_NO_STATIC_INITIALIZER
#endif
Don't try to setup CPUID if NO_ASM. Change-Id: Idec1cda87b0a58e9350d0e10c3251a2c47ac1929 Reviewed-on: https://boringssl-review.googlesource.com/1790 Reviewed-by: Adam Langley <agl@google.com>
2014-09-19 18:15:33 +01:00
Make CRYPTO_library_init use a CRYPTO_once_t. Initialization by multiple consumers on ARM is still problematic due to CRYPTO_set_NEON_{capable,functional}, until we reimplement that in-library, but if that is called before the first CRYPTO_library_init, this change makes it safe. BUG=556462 Change-Id: I5845d09cca909bace8293ba7adf09a3bd0d4f943 Reviewed-on: https://boringssl-review.googlesource.com/6519 Reviewed-by: Adam Langley <agl@google.com>
2015-11-19 16:39:46 +00:00
#if defined(OPENSSL_WINDOWS) && !defined(BORINGSSL_NO_STATIC_INITIALIZER)
Add a CRYPTO_library_init and static-initializer-less build option. Chromium does not like static initializers, and the CPU logic uses one to initialize CPU bits. However, the crypto library lacks an explicit initialization function, which could complicate (no compile-time errors) porting existing code which uses crypto/, but not ssl/. Add an explicit CRYPTO_library_init function, but make it a no-op by default. It only does anything (and is required) if building with BORINGSSL_NO_STATIC_INITIALIZER. Change-Id: I6933bdc3447fb382b1f87c788e5b8142d6f3fe39 Reviewed-on: https://boringssl-review.googlesource.com/1770 Reviewed-by: Adam Langley <agl@google.com>
2014-09-12 00:11:15 +01:00
#define OPENSSL_CDECL __cdecl
#else
#define OPENSSL_CDECL
#endif
Make CRYPTO_library_init use a CRYPTO_once_t. Initialization by multiple consumers on ARM is still problematic due to CRYPTO_set_NEON_{capable,functional}, until we reimplement that in-library, but if that is called before the first CRYPTO_library_init, this change makes it safe. BUG=556462 Change-Id: I5845d09cca909bace8293ba7adf09a3bd0d4f943 Reviewed-on: https://boringssl-review.googlesource.com/6519 Reviewed-by: Adam Langley <agl@google.com>
2015-11-19 16:39:46 +00:00
#if defined(BORINGSSL_NO_STATIC_INITIALIZER)
static CRYPTO_once_t once = CRYPTO_ONCE_INIT;
#elif defined(OPENSSL_WINDOWS)
Add a CRYPTO_library_init and static-initializer-less build option. Chromium does not like static initializers, and the CPU logic uses one to initialize CPU bits. However, the crypto library lacks an explicit initialization function, which could complicate (no compile-time errors) porting existing code which uses crypto/, but not ssl/. Add an explicit CRYPTO_library_init function, but make it a no-op by default. It only does anything (and is required) if building with BORINGSSL_NO_STATIC_INITIALIZER. Change-Id: I6933bdc3447fb382b1f87c788e5b8142d6f3fe39 Reviewed-on: https://boringssl-review.googlesource.com/1770 Reviewed-by: Adam Langley <agl@google.com>
2014-09-12 00:11:15 +01:00
#pragma section(".CRT$XCU", read)
static void __cdecl do_library_init(void);
__declspec(allocate(".CRT$XCU")) void(*library_init_constructor)(void) =
do_library_init;
Make CRYPTO_library_init use a CRYPTO_once_t. Initialization by multiple consumers on ARM is still problematic due to CRYPTO_set_NEON_{capable,functional}, until we reimplement that in-library, but if that is called before the first CRYPTO_library_init, this change makes it safe. BUG=556462 Change-Id: I5845d09cca909bace8293ba7adf09a3bd0d4f943 Reviewed-on: https://boringssl-review.googlesource.com/6519 Reviewed-by: Adam Langley <agl@google.com>
2015-11-19 16:39:46 +00:00
#else
static void do_library_init(void) __attribute__ ((constructor));
Add a CRYPTO_library_init and static-initializer-less build option. Chromium does not like static initializers, and the CPU logic uses one to initialize CPU bits. However, the crypto library lacks an explicit initialization function, which could complicate (no compile-time errors) porting existing code which uses crypto/, but not ssl/. Add an explicit CRYPTO_library_init function, but make it a no-op by default. It only does anything (and is required) if building with BORINGSSL_NO_STATIC_INITIALIZER. Change-Id: I6933bdc3447fb382b1f87c788e5b8142d6f3fe39 Reviewed-on: https://boringssl-review.googlesource.com/1770 Reviewed-by: Adam Langley <agl@google.com>
2014-09-12 00:11:15 +01:00
#endif
/* do_library_init is the actual initialization function. If
* BORINGSSL_NO_STATIC_INITIALIZER isn't defined, this is set as a static
* initializer. Otherwise, it is called by CRYPTO_library_init. */
static void OPENSSL_CDECL do_library_init(void) {
aarch64 support. This is an initial cut at aarch64 support. I have only qemu to test it however—hopefully hardware will be coming soon. This also affects 32-bit ARM in that aarch64 chips can run 32-bit code and we would like to be able to take advantage of the crypto operations even in 32-bit mode. AES and GHASH should Just Work in this case: the -armx.pl files can be built for either 32- or 64-bit mode based on the flavour argument given to the Perl script. SHA-1 and SHA-256 don't work like this however because they've never support for multiple implementations, thus BoringSSL built for 32-bit won't use the SHA instructions on an aarch64 chip. No dedicated ChaCha20 or Poly1305 support yet. Change-Id: Ib275bc4894a365c8ec7c42f4e91af6dba3bd686c Reviewed-on: https://boringssl-review.googlesource.com/2801 Reviewed-by: Adam Langley <agl@google.com>
2015-01-09 23:44:37 +00:00
/* WARNING: this function may only configure the capability variables. See the
* note above about the linker bug. */
Don't try to setup CPUID if NO_ASM. Change-Id: Idec1cda87b0a58e9350d0e10c3251a2c47ac1929 Reviewed-on: https://boringssl-review.googlesource.com/1790 Reviewed-by: Adam Langley <agl@google.com>
2014-09-19 18:15:33 +01:00
#if defined(NEED_CPUID)
Add a CRYPTO_library_init and static-initializer-less build option. Chromium does not like static initializers, and the CPU logic uses one to initialize CPU bits. However, the crypto library lacks an explicit initialization function, which could complicate (no compile-time errors) porting existing code which uses crypto/, but not ssl/. Add an explicit CRYPTO_library_init function, but make it a no-op by default. It only does anything (and is required) if building with BORINGSSL_NO_STATIC_INITIALIZER. Change-Id: I6933bdc3447fb382b1f87c788e5b8142d6f3fe39 Reviewed-on: https://boringssl-review.googlesource.com/1770 Reviewed-by: Adam Langley <agl@google.com>
2014-09-12 00:11:15 +01:00
OPENSSL_cpuid_setup();
#endif
}
void CRYPTO_library_init(void) {
/* TODO(davidben): It would be tidier if this build knob could be replaced
* with an internal lazy-init mechanism that would handle things correctly
Make CRYPTO_library_init use a CRYPTO_once_t. Initialization by multiple consumers on ARM is still problematic due to CRYPTO_set_NEON_{capable,functional}, until we reimplement that in-library, but if that is called before the first CRYPTO_library_init, this change makes it safe. BUG=556462 Change-Id: I5845d09cca909bace8293ba7adf09a3bd0d4f943 Reviewed-on: https://boringssl-review.googlesource.com/6519 Reviewed-by: Adam Langley <agl@google.com>
2015-11-19 16:39:46 +00:00
* in-library. https://crbug.com/542879 */
Add a CRYPTO_library_init and static-initializer-less build option. Chromium does not like static initializers, and the CPU logic uses one to initialize CPU bits. However, the crypto library lacks an explicit initialization function, which could complicate (no compile-time errors) porting existing code which uses crypto/, but not ssl/. Add an explicit CRYPTO_library_init function, but make it a no-op by default. It only does anything (and is required) if building with BORINGSSL_NO_STATIC_INITIALIZER. Change-Id: I6933bdc3447fb382b1f87c788e5b8142d6f3fe39 Reviewed-on: https://boringssl-review.googlesource.com/1770 Reviewed-by: Adam Langley <agl@google.com>
2014-09-12 00:11:15 +01:00
#if defined(BORINGSSL_NO_STATIC_INITIALIZER)
Make CRYPTO_library_init use a CRYPTO_once_t. Initialization by multiple consumers on ARM is still problematic due to CRYPTO_set_NEON_{capable,functional}, until we reimplement that in-library, but if that is called before the first CRYPTO_library_init, this change makes it safe. BUG=556462 Change-Id: I5845d09cca909bace8293ba7adf09a3bd0d4f943 Reviewed-on: https://boringssl-review.googlesource.com/6519 Reviewed-by: Adam Langley <agl@google.com>
2015-11-19 16:39:46 +00:00
CRYPTO_once(&once, do_library_init);
Add a CRYPTO_library_init and static-initializer-less build option. Chromium does not like static initializers, and the CPU logic uses one to initialize CPU bits. However, the crypto library lacks an explicit initialization function, which could complicate (no compile-time errors) porting existing code which uses crypto/, but not ssl/. Add an explicit CRYPTO_library_init function, but make it a no-op by default. It only does anything (and is required) if building with BORINGSSL_NO_STATIC_INITIALIZER. Change-Id: I6933bdc3447fb382b1f87c788e5b8142d6f3fe39 Reviewed-on: https://boringssl-review.googlesource.com/1770 Reviewed-by: Adam Langley <agl@google.com>
2014-09-12 00:11:15 +01:00
#endif
}
Compatibility changes for wpa_supplicant and OpenSSH. OpenSSH, especially, does some terrible things that mean that it needs the EVP_CIPHER structure to be exposed ☹. Damian is open to a better API to replace this, but only if OpenSSL agree too. Either way, it won't be happening soon. Change-Id: I393b7a6af6694d4d2fe9ebcccd40286eff4029bd Reviewed-on: https://boringssl-review.googlesource.com/4330 Reviewed-by: Adam Langley <agl@google.com>
2015-04-13 22:34:17 +01:00
Add |CRYPTO_is_confidential_build|. In the past we have needed the ability to deploy security fixes to our frontend systems without leaking them in source code or in published binaries. This change adds a function that provides some infrastructure for supporting this in BoringSSL while meeting our internal build needs. We do not currently have any specific patch that requires this—this is purely preparation. Change-Id: I5c64839e86db4e5ea7419a38106d8f88b8e5987e Reviewed-on: https://boringssl-review.googlesource.com/7849 Reviewed-by: David Benjamin <davidben@google.com>
2016-05-03 17:16:21 +01:00
int CRYPTO_is_confidential_build(void) {
#if defined(BORINGSSL_CONFIDENTIAL)
return 1;
#else
return 0;
#endif
}
Add CRYPTO_has_asm. This function will return whether BoringSSL was built with OPENSSL_NO_ASM. This will allow us to write a test in our internal codebase which asserts that normal builds should always have assembly code included. Change-Id: Ib226bf63199022f0039d590edd50c0cc823927b9 Reviewed-on: https://boringssl-review.googlesource.com/7960 Reviewed-by: David Benjamin <davidben@google.com>
2016-05-16 21:44:40 +01:00
int CRYPTO_has_asm(void) {
#if defined(OPENSSL_NO_ASM)
return 0;
#else
return 1;
#endif
}
Compatibility changes for wpa_supplicant and OpenSSH. OpenSSH, especially, does some terrible things that mean that it needs the EVP_CIPHER structure to be exposed ☹. Damian is open to a better API to replace this, but only if OpenSSL agree too. Either way, it won't be happening soon. Change-Id: I393b7a6af6694d4d2fe9ebcccd40286eff4029bd Reviewed-on: https://boringssl-review.googlesource.com/4330 Reviewed-by: Adam Langley <agl@google.com>
2015-04-13 22:34:17 +01:00
const char *SSLeay_version(int unused) {
Fix |SSLeay|. SSLeay is a compatibility function for OpenSSL, but I got it wrong. It doesn't return a string, it returns a number. This doesn't end up making any difference, but it fixes a warning when building OpenSSH. Change-Id: I327ab4f70313c93c18f81d8804ba4acdc3bc1a4a Reviewed-on: https://boringssl-review.googlesource.com/4811 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
2015-05-20 00:30:20 +01:00
return "BoringSSL";
Compatibility changes for wpa_supplicant and OpenSSH. OpenSSH, especially, does some terrible things that mean that it needs the EVP_CIPHER structure to be exposed ☹. Damian is open to a better API to replace this, but only if OpenSSL agree too. Either way, it won't be happening soon. Change-Id: I393b7a6af6694d4d2fe9ebcccd40286eff4029bd Reviewed-on: https://boringssl-review.googlesource.com/4330 Reviewed-by: Adam Langley <agl@google.com>
2015-04-13 22:34:17 +01:00
}
Fix |SSLeay|. SSLeay is a compatibility function for OpenSSL, but I got it wrong. It doesn't return a string, it returns a number. This doesn't end up making any difference, but it fixes a warning when building OpenSSH. Change-Id: I327ab4f70313c93c18f81d8804ba4acdc3bc1a4a Reviewed-on: https://boringssl-review.googlesource.com/4811 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
2015-05-20 00:30:20 +01:00
unsigned long SSLeay(void) {
return OPENSSL_VERSION_NUMBER;
Compatibility changes for wpa_supplicant and OpenSSH. OpenSSH, especially, does some terrible things that mean that it needs the EVP_CIPHER structure to be exposed ☹. Damian is open to a better API to replace this, but only if OpenSSL agree too. Either way, it won't be happening soon. Change-Id: I393b7a6af6694d4d2fe9ebcccd40286eff4029bd Reviewed-on: https://boringssl-review.googlesource.com/4330 Reviewed-by: Adam Langley <agl@google.com>
2015-04-13 22:34:17 +01:00
}
Add no-op functions |CRYPTO_malloc_init| and |ENGINE_load_builtin_engines|. This reduces the impact on Netty. See https://github.com/Scottmitch/netty-tcnative/commit/904b84ce41fc44dd1d3955df69912d91906c9877#commitcomment-12159877 Change-Id: I22f9e1edaeb9e721326867ae2b4f3da2c5441437 Reviewed-on: https://boringssl-review.googlesource.com/5535 Reviewed-by: Adam Langley <alangley@gmail.com>
2015-08-02 17:35:44 +01:00
int CRYPTO_malloc_init(void) {
return 1;
}
void ENGINE_load_builtin_engines(void) {}
Add a few more no-op stubs for cURL compatibility. With these stubs, cURL should not need any BoringSSL #ifdefs at all, except for their OCSP #ifdefs (which can switch to the more generally useful OPENSSL_NO_OCSP) and the workaround for wincrypt.h macro collisions. That we intentionally leave to the consumer rather than add a partial hack that makes the build sensitive to include order. (I'll send them a patch upstream once this cycles in.) Change-Id: I815fe67e51e80e9aafa9b91ae68867ca1ff1d623 Reviewed-on: https://boringssl-review.googlesource.com/6980 Reviewed-by: Adam Langley <agl@google.com>
2016-01-26 06:09:19 +00:00
Add no-op function ENGINE_register_all_complete. libssh2 expects this function. Change-Id: Ie2d6ceb25d1b633e1363e82f8a6c187b75a4319f Reviewed-on: https://boringssl-review.googlesource.com/8735 Reviewed-by: David Benjamin <davidben@google.com>
2016-07-12 18:26:56 +01:00
int ENGINE_register_all_complete(void) {
return 1;
}
Add a few more no-op stubs for cURL compatibility. With these stubs, cURL should not need any BoringSSL #ifdefs at all, except for their OCSP #ifdefs (which can switch to the more generally useful OPENSSL_NO_OCSP) and the workaround for wincrypt.h macro collisions. That we intentionally leave to the consumer rather than add a partial hack that makes the build sensitive to include order. (I'll send them a patch upstream once this cycles in.) Change-Id: I815fe67e51e80e9aafa9b91ae68867ca1ff1d623 Reviewed-on: https://boringssl-review.googlesource.com/6980 Reviewed-by: Adam Langley <agl@google.com>
2016-01-26 06:09:19 +00:00
void OPENSSL_load_builtin_modules(void) {}
Reference in New Issue Copy Permalink