Commit Graph

4324 Commits

Author SHA1 Message Date
Steven Valdez
467d3220f8 Add FIPS-compliant key generation that calls check_fips for RSA and EC.
Change-Id: Ie466b7b55bdd679c5baf2127bd8de4a5058fc3b7
Reviewed-on: https://boringssl-review.googlesource.com/16346
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-17 16:30:48 +00:00
Alessandro Ghedini
1ac4f16fe9 tool: don't explicitly disable SSLv3 in the server
Since SSLv3 is disabled by default now this is not needed anymore, but
it makes enabling SSLv3 using -min-version impossible.

At some point this should be removed anyway (when SSLv3 support is
removed), so might as well do it now and fix this tiny problem.

Change-Id: Ie3f7453b5b5198f33fcc4d4294102f116b8843ae
Reviewed-on: https://boringssl-review.googlesource.com/16404
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-17 15:18:38 +00:00
Adam Langley
208e239371 Move OPENSSL_ASAN to base.h.
Saves having it in several places.

Change-Id: I329e1bf4dd4a7f51396e36e2604280fcca32b58c
Reviewed-on: https://boringssl-review.googlesource.com/16026
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-16 20:16:52 +00:00
David Benjamin
4dcc290eb0 Fix GOTPCREL accesses to symbols defined outside the module.
5c38c05b26 caused foo@GOTPCREL for
external foo to resolve to bcm_redirector_foo. This is morally
equivalent to using foo@PLT when a pointer to foo is needed. But this
does not work if foo is data. Notably, this ended up mangling
OPENSSL_ia32cap_P because it failed to recognize it as an symbol in the
library (but external to the module). It also mangles some things that
ASan emits.

(It also breaks non-NULL function pointer comparisons, but those are
silly.)

Instead, apply a variation of the OPENSSL_ia32cap_addr_delta trick that
works for the GOT. "addr_delta" is really weird, so I'm calling this an
"external relocation". This causes fprintf(stderr) to work and also
seems to keep ASan compiling. I was unable to reproduce the case that
5c38c05b26 added the bcm_redirector_foo
transform for.

Also tighten up the pattern. No need to reference a bit of memory twice
since we just loaded it into a register.

Change-Id: If5520fc0887e83e23a08828e40fbbed9e47d912e
Reviewed-on: https://boringssl-review.googlesource.com/16345
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-15 23:33:15 +00:00
David Benjamin
b056ed304d No-op change to kick the bots.
Let's see if the SDE builders work now.

Change-Id: Iad555b5e9ed4b65ee65ac6d276282c110007f362
2017-05-15 17:00:31 -04:00
Alessandro Ghedini
48b6b8f00f Add SSL_CIPHER_has_SHA384_HMAC.
Change-Id: I7d8f9098038a82b29ab0eff8a3258975d8804a68
Reviewed-on: https://boringssl-review.googlesource.com/16264
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-15 16:36:34 +00:00
Adam Langley
39655ef01a Add AES-GCM-SIV tests for counter wrapping.
AES-GCM-SIV specifies that the counter is a 32-bit, unsigned number.
These test vectors are crafted to trigger a wrap-around and ensure that
corner of the spec is implemented correctly.

Change-Id: I911482ca0b6465a7623ee1b74a6cb1d5e54ddbea
Reviewed-on: https://boringssl-review.googlesource.com/16324
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-15 16:08:46 +00:00
Adam Langley
2f238d981a Accept vmovq as an alias for movq.
Change-Id: I358b5da2463597e6b3d5841a4faa974c604e5df5
Reviewed-on: https://boringssl-review.googlesource.com/16284
Reviewed-by: Matt Braithwaite <mab@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-12 20:33:40 +00:00
Martin Kreichgauer
866c219432 crypto/fipsmodule: Allow breaking CRNG self-test.
Change-Id: I3d1ddc8cca9fb1da5d0b6a68ba2125c89e5bc0ce
Reviewed-on: https://boringssl-review.googlesource.com/16304
Commit-Queue: Martin Kreichgauer <martinkr@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-12 18:43:09 +00:00
David Benjamin
391cc8c7a1 Move FIPS build tools to util/fipstools.
This makes things a little easier for some of our tooling.

Change-Id: Ia7e73daf0a5150b106cf9b03b10cae194cb8fc5a
Reviewed-on: https://boringssl-review.googlesource.com/15104
Reviewed-by: Matt Braithwaite <mab@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2017-05-12 15:08:46 +00:00
David Benjamin
583c12ea97 Remove filename argument to x86 asm_init.
43e5a26b53 removed the .file directive
from x86asm.pl. This removes the parameter from asm_init altogether. See
also upstream's e195c8a2562baef0fdcae330556ed60b1e922b0e.

Change-Id: I65761bc962d09f9210661a38ecf6df23eae8743d
Reviewed-on: https://boringssl-review.googlesource.com/16247
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-12 14:58:27 +00:00
David Benjamin
c5388a1cd1 Add sde-linux64 to .gitignore.
Once the ACL issue is sorted out, this will mean we don't need to
re-download it each run.

BUG=180

Change-Id: I589d3944f8b6ab93d8fd279966484621ab825daa
Reviewed-on: https://boringssl-review.googlesource.com/16248
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-12 14:53:07 +00:00
David Benjamin
44ccadc825 No-op change to kick the bots.
Tweaked the SDE ACLs slightly. Unclear if that fixed it.

Change-Id: I29f185b0bc36aee4481e7dfa1fb8d3e48b75612a
2017-05-12 00:50:42 -04:00
David Benjamin
c4dfc6f4c8 Revert "Add sde-linux64 to .gitignore."
This reverts commit fee8559162.

Oops. Didn't mean to push that one without review.
2017-05-12 00:43:40 -04:00
David Benjamin
fee8559162 Add sde-linux64 to .gitignore.
Once the ACL issue is sorted out, this will mean we don't need to
re-download it each run.

BUG=180

Change-Id: Iddcceafa3b359f8d5c7875887ecbaf21671c93f9
2017-05-12 00:42:44 -04:00
David Benjamin
18ffb16b6a No-op change to cycle the bots.
Change-Id: If69184003f00123c5b1d1c81fc5b0fe757360687
2017-05-12 00:34:02 -04:00
David Benjamin
ad50a0d7cd Fix diff_asm.go and revert another local MASM perlasm change.
We're not using the MASM output, so don't bother maintaining a diff on
it.

Change-Id: I7321e58c8b267be91d58849927139b74cc96eddc
Reviewed-on: https://boringssl-review.googlesource.com/16246
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-11 23:30:01 +00:00
David Benjamin
82a83ff577 No-op change to cycle the bots.
Change-Id: Iae2399c98500113ea7fa238ba4968a79e901eca0
2017-05-11 19:10:30 -04:00
David Benjamin
768e6822cc Only fixup CMAKE_ASM_FLAGS -isysroot if CMAKE_OSX_SYSROOT is set.
Sometimes[1] CMake will do a build on Darwin without setting up
CMAKE_OSX_SYSROOT. This appears to be to support the "basic POSIX-only
case"[2]. The hard-coded CMake logic we're mimicking[3] handles this
case, so do the same.

[1] f6b93fbf3a/Modules/Platform/Darwin-Initialize.cmake (L48)
[2] 43b74793de
[3] https://github.com/Kitware/CMake/blob/master/Source/cmLocalGenerator.cxx#L1307

Change-Id: Ica5ae8510d07eca384cc366dd3de10b0c1ce0f81
Reviewed-on: https://boringssl-review.googlesource.com/16245
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-11 22:14:07 +00:00
David Benjamin
edafe47968 Add hash of SDE tool for the bots.
1de4bdf147a8a3b93306ecc65cf1f15a8334f508a29ab0b3ee163443ce764d5e sde-external-7.58.0-2017-01-23-lin.tar.bz2

Also teach extract.py to handle symlinks and tar.bz2 files.

BUG=180

Change-Id: Iddce09169f077c8f1bef9bd0dd0e05605b17769a
Reviewed-on: https://boringssl-review.googlesource.com/16244
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-11 20:10:33 +00:00
Steven Valdez
43e5a26b53 Fixing assembly coverage reporting.
Due to issues with CMake enable_language, we have to delay setting
CMAKE_ASM_FLAGS until after enable_language(ASM) has been called.

We also need to remove the '.file' macro from x86gas.pl to prevent the
filenames from being overridden from those provided by the build
system.

Change-Id: I436f57ec45e4751714af49e1211a0d7810e4e56a
Reviewed-on: https://boringssl-review.googlesource.com/16127
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-11 16:55:29 +00:00
David Benjamin
c5f0c16b61 Restore ios64_compile to the CQ.
See if it works now that
https://boringssl-review.googlesource.com/c/16150/ is in.

Change-Id: I082f4826d1a2d8688664ce2f24a5ad561e4c41c4
Reviewed-on: https://boringssl-review.googlesource.com/16204
Reviewed-by: Steven Valdez <svaldez@google.com>
2017-05-11 16:49:08 +00:00
David Benjamin
1e5cb820de Add an option to build libFuzzer from DEPS.
The bots will need to get libFuzzer externally. As usual, borrow
Chromium's copy.

Change-Id: I5ed879bbc76188838adcf9d51855e76c481ace5b
Reviewed-on: https://boringssl-review.googlesource.com/16146
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
2017-05-10 22:12:32 +00:00
David Benjamin
799676c998 Add a flag to configure the path to the SDE executable.
BUG=180

Change-Id: Id03991cc785571bc10b3ee4b4fe3e367d347ff82
Reviewed-on: https://boringssl-review.googlesource.com/16164
Reviewed-by: Steven Valdez <svaldez@google.com>
2017-05-10 21:56:38 +00:00
David Benjamin
ebc4de6719 Update tools from Chromium.
Change-Id: I3bf5fcb210c181c3f7131304e41027ba081e3c0e
Reviewed-on: https://boringssl-review.googlesource.com/16145
Reviewed-by: Steven Valdez <svaldez@google.com>
2017-05-10 21:45:33 +00:00
David Benjamin
63a13ac6fa Take ios64_compile out of the CQ.
It appears to need a newer toolchain and we're currently using the 10.9
swarming pool. Take it out of rotation for now. Will sort it out
tomorrow.

Change-Id: If37421732045a92517de6ee76f3ba6abe98a7fe2
Reviewed-on: https://boringssl-review.googlesource.com/16149
Reviewed-by: David Benjamin <davidben@google.com>
2017-05-10 21:44:21 +00:00
David Benjamin
ce3ec70edf Fix cq.cfg formatting.
There were tab characters instead of two spaces in random places.

Change-Id: I7fcebf60856406f5fc6527afad5a157c956930b7
Reviewed-on: https://boringssl-review.googlesource.com/16148
Reviewed-by: Steven Valdez <svaldez@google.com>
2017-05-10 20:49:58 +00:00
David Benjamin
d4847c6d96 Add some Android and iOS compile bots to the CQ.
Change-Id: I0bdc3be7fbc746fb36d7b893cc17959009ad33af
Reviewed-on: https://boringssl-review.googlesource.com/16147
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
2017-05-10 20:49:26 +00:00
Martin Kreichgauer
0402f89448 crypto/fipsmodule: Make more Known Answer Tests breakable.
This allows breaking Known Answer Tests for AES-GCM, DES, SHA-1,
SHA-256, SHA-512, RSA signing and DRBG as required by FIPS.

Change-Id: I8e59698a5048656021f296195229a09ca5cd767c
Reviewed-on: https://boringssl-review.googlesource.com/16088
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-10 18:36:00 +00:00
David Benjamin
74cd5d98cc Refresh fuzzer corpus.
Change-Id: I7505fbfbc3e9d0f70b7a0ca1a97e0e9bdcd0f2a4
Reviewed-on: https://boringssl-review.googlesource.com/16129
Reviewed-by: Adam Langley <agl@google.com>
2017-05-10 17:06:02 +00:00
David Benjamin
08ab59b8d7 Switch from 8bit-counters to trace-pc-guard.
Otherwise clang complains about:

  clang: error: argument '-fsanitize-coverage=8bit-counters' is
  deprecated, use '-fsanitize-coverage=trace-pc-guard' instead
  [-Werror,-Wdeprecated]

Change-Id: Icb2a8f874734040df6a2d39a62f8e946b366bfca
Reviewed-on: https://boringssl-review.googlesource.com/16128
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-10 17:04:38 +00:00
David Benjamin
1d59f6e3e2 Add a flag to toggle the buggy RSA parser.
It's about time we got rid of this. As a first step, introduce a flag,
so that some consumers may stage this change in appropriately.

BUG=chromium:534766,chromium:532048

Change-Id: Id53f0bacf5bdbf85dd71d1262d9f3a9ce3c4111f
Reviewed-on: https://boringssl-review.googlesource.com/16104
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-10 15:49:33 +00:00
David Benjamin
8b0515b0f1 Fix fuzzer build.
I'm going to work on adding these to CI, since we keep breaking it on
accident.

Change-Id: I9acd4d3fa7b00c4f0cb0f187dae6bb9c51997515
Reviewed-on: https://boringssl-review.googlesource.com/16125
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-10 15:18:01 +00:00
David Benjamin
f99d2c6141 Remove obsolete TODO.
This has since been done.

Change-Id: I498f845fa4ba3d1c04a5892831be4b07f31536d4
Reviewed-on: https://boringssl-review.googlesource.com/16124
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-10 15:17:10 +00:00
Steven Valdez
873ebc9783 Improve TestConfig flags for initial and resumption connections.
Change-Id: I97a2920a08f995ea70425ad9126f1dced067f2a4
Reviewed-on: https://boringssl-review.googlesource.com/16084
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-09 21:14:28 +00:00
David Benjamin
93731d9dd4 Remove old SSL min/max version functions.
I think I've finally cleared this out. Everything should be using
upstream's longer 'proto' names now.

Change-Id: I6ab283dca845fdc184f3764223d027acba59ca91
Reviewed-on: https://boringssl-review.googlesource.com/16086
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-09 19:25:21 +00:00
Matthew Braithwaite
20d202bb0e unrandom: #define _GNU_SOURCE, for syscall().
This is needed when unrandom.c is compiled on its own.

Change-Id: Ia46e06d267c097e5fa0296092a7270a4cd0b2044
Reviewed-on: https://boringssl-review.googlesource.com/16085
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-09 17:41:17 +00:00
Adam Langley
e838cfb51f Add a way to break one of the KAT tests.
This is required by FIPS testing.

Change-Id: Ia399a0bf3d03182499c0565278a3713cebe771e3
Reviewed-on: https://boringssl-review.googlesource.com/16044
Commit-Queue: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-09 16:48:37 +00:00
Matthew Braithwaite
95511e9842 generate_build_files: omit tests from fips_fragments.
This enforces the invariant "fips_fragments are the C sources that
make up bcm.c."

Change-Id: I3a29c5203eb2e1547cc069617183d5fd570b3de8
Reviewed-on: https://boringssl-review.googlesource.com/16064
Reviewed-by: Adam Langley <agl@google.com>
2017-05-08 23:49:44 +00:00
David Benjamin
0d5b886ef8 Switch BN_generate_dsa_nonce's hash back to SHA-512/256.
SHA-512 is faster to calculate on 64-bit systems and that's what we were
using before. (Though, realistically, this doesn't show up at all.)

Change-Id: Id4f386ca0b5645a863b36405eef03bc62d0f29b3
Reviewed-on: https://boringssl-review.googlesource.com/16006
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-08 22:00:48 +00:00
David Benjamin
4d1f4ba08d Timeout the shim on Accept and Wait.
https://build.chromium.org/p/client.boringssl/builders/linux_fips_rel/builds/115
appears to have failed because we were hanging on Accept() forever.
Impose a timeout on that and waiting for the process to return so we at
least can see what stdout/stderr was received so far.

Change-Id: Ief7f7759d02a3fbfc504d2f214b742672b0fe9e6
Reviewed-on: https://boringssl-review.googlesource.com/16005
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-08 20:42:20 +00:00
Adam Langley
4c7b3bfd73 Switch integrity hash to SHA-512.
SHA-512 is faster to calculate on 64-bit systems and we're only
targetting 64-bit systems with FIPS.

Change-Id: I5e9b8419ad4ddc72ec682c4193ffb17975d228e5
Reviewed-on: https://boringssl-review.googlesource.com/16025
Commit-Queue: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-08 20:36:20 +00:00
Adam Langley
238148a8f6 Don't indicate FIPS mode when built with ASAN.
ASAN prevents the integrity test from running, so don't indicate FIPS
mode in that case.

Change-Id: I14c79e733e53ef16f164132bc1fded871ce3f133
Reviewed-on: https://boringssl-review.googlesource.com/16024
Commit-Queue: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-08 19:51:14 +00:00
Adam Langley
c0485d67f4 Teach delocate.go to handle loading function pointers into XMM registers.
Sadly, LEA cannot target XMM registers.

Change-Id: I5f4245b5df1625ba3ea7ebf7ccf6dcceb9dab1d9
Reviewed-on: https://boringssl-review.googlesource.com/15988
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-08 17:26:20 +00:00
David Benjamin
c862c31f4c perlasm/x86_64-xlate.pl: work around problem with hex constants in masm.
Perl, multiple versions, for some reason occasionally takes issue with
letter b[?] in ox([0-9a-f]+) regex. As result some constants, such as
0xb1 came out wrong when generating code for MASM. Fixes upstream
GH#3241.

(Imported from upstream's c47aea8af1e28e46e1ad5e2e7468b49fec3f4f29.)

This does not affect of the configurations we generate and is imported
to avoid a diff against upstream.

Change-Id: Iacde0ca5220c3607681fad081fbe72d8d613518f
Reviewed-on: https://boringssl-review.googlesource.com/15985
Reviewed-by: Adam Langley <agl@google.com>
2017-05-05 23:10:56 +00:00
David Benjamin
4323e22793 Tidy up FIPS module dependencies.
This avoids depending the FIPS module on crypto/bytestring and moves
ECDSA_SIG_{new,free} into the module.

Change-Id: I7b45ef07f1140873a0da300501141b6ae272a5d9
Reviewed-on: https://boringssl-review.googlesource.com/15984
Reviewed-by: Adam Langley <agl@google.com>
2017-05-05 23:10:24 +00:00
David Benjamin
e34eaa6409 Remove old masm workaround.
This dates to ded93581f1, but we have
since switched to building with nasm, to match upstream's supported
assemblers. Since this doesn't affect anything we generate, remove the
workaround to reduce the diff against upstream.

Change-Id: I549ae97ad6d6f28836f6c9d54dcf51c518de7521
Reviewed-on: https://boringssl-review.googlesource.com/15986
Reviewed-by: Adam Langley <agl@google.com>
2017-05-05 23:07:47 +00:00
Matthew Braithwaite
45dd8a04f5 Add missing #includes of delocate.h.
Change-Id: I48adda9909ded195005c4f8277f153d4dbd2bfec
Reviewed-on: https://boringssl-review.googlesource.com/15987
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-05 22:41:30 +00:00
Adam Langley
2e2a226ac9 Move cipher/ into crypto/fipsmodule/
Change-Id: Id65e0988534056a72d9b40cc9ba5194e2d9b8a7c
Reviewed-on: https://boringssl-review.googlesource.com/15904
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-05 22:39:40 +00:00
Adam Langley
4249481a66 Add EVP_AEAD_CTX_[new|free] and UniquePtr support.
EVP_AEAD_CTX is otherwise a pain to use from C++ when you need to keep
it around.

Change-Id: I1dff926b33a3246680be21b89b69dfb336d25cd5
Reviewed-on: https://boringssl-review.googlesource.com/15965
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-05 21:29:44 +00:00