boringssl

kris/boringssl

Fork 0

Commit Graph

Author	SHA1	Message	Date
Martin Kreichgauer	866c219432	crypto/fipsmodule: Allow breaking CRNG self-test. Change-Id: I3d1ddc8cca9fb1da5d0b6a68ba2125c89e5bc0ce Reviewed-on: https://boringssl-review.googlesource.com/16304 Commit-Queue: Martin Kreichgauer <martinkr@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	2017-05-12 18:43:09 +00:00
David Benjamin	91871018a4	Add an OPENSSL_ia32cap_get() function for C code. OPENSSL_ia32cap_addr avoids any relocations within the module, at the cost of a runtime TEXTREL, which causes problems in some cases. (Notably, if someone links us into a binary which uses the GCC "ifunc" attribute, the loader crashes.) Fix C references of OPENSSL_ia32cap_addr with a function. This is analogous to the BSS getters. A follow-up commit will fix perlasm with a different scheme which avoids calling into a function (clobbering registers and complicating unwind directives.) Change-Id: I09d6cda4cec35b693e16b5387611167da8c7a6de Reviewed-on: https://boringssl-review.googlesource.com/15525 Reviewed-by: Adam Langley <agl@google.com>	2017-04-27 20:34:23 +00:00
Adam Langley	7784104dd8	Move much of rand/ into the FIPS module. Support for platforms that we don't support FIPS on doesn't need to be in the module. Also, functions for dealing with whether fork-unsafe buffering is enabled are left out because they aren't implementing any cryptography and they use global r/w state, making their inclusion painful. Change-Id: I71a0123db6f5449e9dfc7ec7dea0944428e661aa Reviewed-on: https://boringssl-review.googlesource.com/15084 Reviewed-by: Adam Langley <agl@google.com>	2017-04-21 22:03:18 +00:00

Author

SHA1

Message

Date

Martin Kreichgauer

866c219432

crypto/fipsmodule: Allow breaking CRNG self-test.

Change-Id: I3d1ddc8cca9fb1da5d0b6a68ba2125c89e5bc0ce
Reviewed-on: https://boringssl-review.googlesource.com/16304
Commit-Queue: Martin Kreichgauer <martinkr@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

2017-05-12 18:43:09 +00:00

David Benjamin

91871018a4

Add an OPENSSL_ia32cap_get() function for C code.

OPENSSL_ia32cap_addr avoids any relocations within the module, at the
cost of a runtime TEXTREL, which causes problems in some cases.
(Notably, if someone links us into a binary which uses the GCC "ifunc"
attribute, the loader crashes.)

Fix C references of OPENSSL_ia32cap_addr with a function. This is
analogous to the BSS getters. A follow-up commit will fix perlasm with a
different scheme which avoids calling into a function (clobbering
registers and complicating unwind directives.)

Change-Id: I09d6cda4cec35b693e16b5387611167da8c7a6de
Reviewed-on: https://boringssl-review.googlesource.com/15525
Reviewed-by: Adam Langley <agl@google.com>

2017-04-27 20:34:23 +00:00

Adam Langley

7784104dd8

Move much of rand/ into the FIPS module.

Support for platforms that we don't support FIPS on doesn't need to be
in the module. Also, functions for dealing with whether fork-unsafe
buffering is enabled are left out because they aren't implementing any
cryptography and they use global r/w state, making their inclusion
painful.

Change-Id: I71a0123db6f5449e9dfc7ec7dea0944428e661aa
Reviewed-on: https://boringssl-review.googlesource.com/15084
Reviewed-by: Adam Langley <agl@google.com>

2017-04-21 22:03:18 +00:00

3 Commits