Commit Graph

893 Commits

Author SHA1 Message Date
David Benjamin
ac6900b0d3 Disallow peer-initiated renegotiations in DTLS.
We have no use for DTLS renego and it's even more complex than TLS renego.

Change-Id: I8680ab361cc8761dd7fc8dfb1bfe1ff4abc6612f
Reviewed-on: https://boringssl-review.googlesource.com/3218
Reviewed-by: Adam Langley <agl@google.com>
2015-02-03 19:06:02 +00:00
David Benjamin
c39be857a8 Reformat dtls1.h.
Change-Id: If035f44febec2a2717c3aba03f6d05ae290d247b
Reviewed-on: https://boringssl-review.googlesource.com/3217
Reviewed-by: Adam Langley <agl@google.com>
2015-02-03 19:05:39 +00:00
David Benjamin
b3774b9619 Add initial handshake reassembly tests.
For now, only test reorderings when we always or never fragment messages.
There's a third untested case: when full messages and fragments are mixed. That
will be tested later after making it actually work.

Change-Id: Ic4efb3f5e87b1319baf2d4af31eafa40f6a50fa6
Reviewed-on: https://boringssl-review.googlesource.com/3216
Reviewed-by: Adam Langley <agl@google.com>
2015-02-03 19:05:30 +00:00
Doug Hogan
5ba305643f Don't accept tag number 31 (long form identifier octets) in CBB_add_asn1.
Tag number 31 is a long form tag that requires multiple octets.  It
cannot be handled by adding a single uint8.  Changed CBB_add_asn1()
to return 0 when it is passed in the extension for tag 31.

Change-Id: Ia33936d4f174d1a7176eb11da0b5c7370efb9416
2015-02-03 11:03:59 -08:00
Doug Hogan
2683af70e7 Fix typo and ASN.1 tag number range comment in bytestring.h.
CBS_get_asn1() and CBS_get_any_asn1_element() only support the single
byte ASN.1 identifier octets (aka short form tags).  Tag number 31 is
the start of the multi-byte long form per X.690 section 8.1.2.4.

Change-Id: I892600f4946e880a4ff03d219181116ef04f5372
Reviewed-on: https://boringssl-review.googlesource.com/3241
Reviewed-by: Adam Langley <agl@google.com>
2015-02-03 01:03:59 +00:00
Doug Hogan
a84f06fc1e Move free from cbb_init() to only CBB_init().
CBB_init_fixed() should not call free because it can lead to use after
free or double free bugs.  The caller should be responsible for
creating and destroying the buffer.

In the current code, ssl3_get_v2_client_hello() may free s->init_buf->data
via CBB_init_fixed().  It can also be freed via SSL_free(s) since
ssl3_get_v2_client_hello() doesn't set it to NULL and CBB_init_fixed()
can't set the caller's pointer to NULL.

Change-Id: Ia05a67ae25af7eb4fb04f08f20d50d912b41e38b
2015-02-02 17:01:32 -08:00
David Benjamin
d660b57208 runner: Refactor handshake fragmenting slightly.
No behavior change. This is in preparation for buffering a flight of handshake
messages to reorder vigorously on flush.

Change-Id: Ic348829b340bf58d28f332027646559cb11046ac
Reviewed-on: https://boringssl-review.googlesource.com/3215
Reviewed-by: Adam Langley <agl@google.com>
2015-02-03 00:43:13 +00:00
David Benjamin
79ae85e4f7 Remove NETSCAPE_HANG_BUG.
It dates to 2000 from upstream and is only used when serving client auth to
Netscape. It will also get in the way when we get to merging DTLS and TLS
handshake functions because NETSCAPE_HANG_BUG is not valid for DTLS as it is
(the handshake fragmentation code will get confused).

Removing per comment on https://boringssl-review.googlesource.com/#/c/2602/

Change-Id: Ia2d086205bbfed002dc33b2203a47206f373b820
Reviewed-on: https://boringssl-review.googlesource.com/3214
Reviewed-by: Adam Langley <agl@google.com>
2015-02-03 00:41:15 +00:00
David Benjamin
e33b9b0a87 Remove dtls1_timeout_st.
All but one field is a no-op.

Change-Id: Ib7bc59a12ce792d5e42fb6e04a4aff54f42643a9
Reviewed-on: https://boringssl-review.googlesource.com/3213
Reviewed-by: Adam Langley <agl@google.com>
2015-02-03 00:41:07 +00:00
David Benjamin
83f9040339 Add DTLS timeout and retransmit tests.
This extends the packet adaptor protocol to send three commands:
  type command =
    | Packet of []byte
    | Timeout of time.Duration
    | TimeoutAck

When the shim processes a Timeout in BIO_read, it sends TimeoutAck, fails the
BIO_read, returns out of the SSL stack, advances the clock, calls
DTLSv1_handle_timeout, and continues.

If the Go side sends Timeout right between sending handshake flight N and
reading flight N+1, the shim won't read the Timeout until it has sent flight
N+1 (it only processes packet commands in BIO_read), so the TimeoutAck comes
after N+1. Go then drops all packets before the TimeoutAck, thus dropping one
transmit of flight N+1 without having to actually process the packets to
determine the end of the flight. The shim then sees the updated clock, calls
DTLSv1_handle_timeout, and re-sends flight N+1 for Go to process for real.

When dropping packets, Go checks the epoch and increments sequence numbers so
that we can continue to be strict here. This requires tracking the initial
sequence number of the next epoch.

The final Finished message takes an additional special-case to test. DTLS
triggers retransmits on either a timeout or seeing a stale flight. OpenSSL only
implements the former which should be sufficient (and is necessary) EXCEPT for
the final Finished message. If the peer's final Finished message is lost, it
won't be waiting for a message from us, so it won't time out anything. That
retransmit must be triggered on stale message, so we retransmit the Finished
message in Go.

Change-Id: I3ffbdb1de525beb2ee831b304670a3387877634c
Reviewed-on: https://boringssl-review.googlesource.com/3212
Reviewed-by: Adam Langley <agl@google.com>
2015-02-03 00:40:58 +00:00
David Benjamin
d9b091b5e2 Revert "Drop retransmits in DTLS tests."
This reverts commit c67a3ae6ba. With a
deterministic clock, we can now go back to being strict about retransmits. Our
tests will now require that the shim only retransmit when we expect it to.

Change-Id: Iab1deb9665dcd294790c8253d920089e83a9140c
Reviewed-on: https://boringssl-review.googlesource.com/3211
Reviewed-by: Adam Langley <agl@google.com>
2015-02-03 00:39:57 +00:00
David Benjamin
377fc3160c Document DTLS timeout API and add current_time_cb hook.
This is so the tests needn't be sensitive to the clock. It is, unfortunately, a
test-only hook, but the DTLS retransmit/timeout logic more-or-less requires it
currently. Use this hook to, for now, freeze the clock at zero. This makes the
tests deterministic.

It might be worth designing a saner API in the future. The current one,
notably, requires that the caller's clock be compatible with the one we
internally use. It's also not clear whether the caller needs to call
DTLSv1_handle_timeout or can just rely on the state machine doing it internally
(as it does do). But mock clocks are relatively tame and WebRTC wants to
compile against upstream OpenSSL for now, so we're limited in how much new API
we can build.

Change-Id: I7aad51570596f69275ed0fc1a8892393e4b7ba13
Reviewed-on: https://boringssl-review.googlesource.com/3210
Reviewed-by: Adam Langley <agl@google.com>
2015-02-03 00:39:44 +00:00
Adam Langley
868c7ef1f4 Don't assume alignment of ChaCha key on ARM.
When addressing [1], I checked the AEAD code but brain-farted: a key is
aligned in that code, but it's the Poly1305 key, which doesn't matter
here.

It would be nice to align the ChaCha key too, but Android doesn't have
|posix_memalign| in the versions that we care about. It does have
|memalign|, but that's documented as "obsolete" and we don't have a
concept of an Android OS yet and I don't want to add one just for this.

So this change uses the buffer for loading the key again.

(Note that we never used to check for alignment of the |key| before
calling this. We must have gotten it for free somehow when checking the
alignment of |in| and |out|. But there are clearly some paths that don't
have an aligned key:
https://code.google.com/p/chromium/issues/detail?id=454308.)

At least the generation script started paying off immediately ☺.

[1] https://boringssl-review.googlesource.com/#/c/3132/1/crypto/chacha/chacha_vec.c@185

Change-Id: I4f893ba0733440fddd453f9636cc2aeaf05076ed
Reviewed-on: https://boringssl-review.googlesource.com/3270
Reviewed-by: Adam Langley <agl@google.com>
2015-02-03 00:34:17 +00:00
Adam Langley
64b17ccf15 Fix patch collision of d062c8af and 2b2d66d4.
These two patches conflicted but, because it wasn't a textual conflict,
Gerrit didn't notice.

Change-Id: I53464127e5e71dfa2f6c8a8847b41968671c2047
2015-02-02 16:30:27 -08:00
Adam Langley
23343e4b12 Fix AES-256 NIDs.
Thanks to an anonymous bug report.

Change-Id: Icdde78c82c8ee13fb64e0124712b240295677f63
Reviewed-on: https://boringssl-review.googlesource.com/3260
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-02-02 19:56:13 +00:00
Adam Langley
d062c8afba Probe for NEON support if getauxval is missing.
Android didn't have getauxval until Jelly Bean (4.1). This means that
BoringSSL running on older Androids won't be able to detect NEON
support. (This is moot for Chromium because Chromium calls
android_getCpuFeatures and sets the NEON flag itself, but other users of
BoringSSL on Android probably won't do that.)

This change mirrors a little of what upstream does and tries running a
NEON instruction with a handler for SIGILL installed.

Change-Id: I853b85c37ffb049b240582d71fcf07adedc37a30
Reviewed-on: https://boringssl-review.googlesource.com/3190
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-02-02 19:51:14 +00:00
Adam Langley
2b2d66d409 Remove string.h from base.h.
Including string.h in base.h causes any file that includes a BoringSSL
header to include string.h. Generally this wouldn't be a problem,
although string.h might slow down the compile if it wasn't otherwise
needed. However, it also causes problems for ipsec-tools in Android
because OpenSSL didn't have this behaviour.

This change removes string.h from base.h and, instead, adds it to each
.c file that requires it.

Change-Id: I5968e50b0e230fd3adf9b72dd2836e6f52d6fb37
Reviewed-on: https://boringssl-review.googlesource.com/3200
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-02-02 19:14:15 +00:00
Brian Smith
efed2210e8 Enable more warnings & treat warnings as errors on Windows.
Change-Id: I2bf0144aaa8b670ff00b8e8dfe36bd4d237b9a8a
Reviewed-on: https://boringssl-review.googlesource.com/3140
Reviewed-by: Adam Langley <agl@google.com>
2015-01-31 00:18:55 +00:00
Douglas Katzman
0bb81fcd66 Fix misleading comment.
|num_rounds| is neither a parameter nor manifest constant.

Change-Id: I6c1d3a3819731f53fdd01eef6bb4de8a45176a1d
Reviewed-on: https://boringssl-review.googlesource.com/3180
Reviewed-by: Adam Langley <agl@google.com>
2015-01-30 22:31:00 +00:00
Adam Langley
ab21891e34 Add a script to generate the ChaCha ARM asm.
Obviously I shouldn't be doing this by hand each time.

Change-Id: I64e3f5ede5c47eddbff3b18172a95becc681b486
Reviewed-on: https://boringssl-review.googlesource.com/3170
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-01-30 21:47:22 +00:00
Adam Langley
be629e0e92 Another fix for the regenerated chacha_vec_arm.S.
I put the header back, but missed the #endif at the end of the file.
Regenerating this is clearly too error prone – I'll write a script to do
it for the future.

Change-Id: I06968c9f7a4673f5942725e727c67cb4e01d361a
2015-01-30 10:28:37 -08:00
Adam Langley
9115755006 Convert latin-1 files to UTF-8.
A handful of latin-1 codepoints existed a trio of files. This change
switches the encoding to UTF-8.

Change-Id: I00309e4d1ee3101e0cc02abc53196eafa17a4fa5
2015-01-29 17:26:36 -08:00
David Benjamin
ba90d7c56e Test HMAC_CTX initial state and remove now unneccessary code.
The special-case in HMAC is no longer needed. Test that HMAC_CTX is initialized
with the zero key.

Change-Id: I4ee2b495047760765c7d7fdfb4ccb510723aa263
Reviewed-on: https://boringssl-review.googlesource.com/3121
Reviewed-by: Adam Langley <agl@google.com>
2015-01-29 20:24:49 +00:00
Adam Langley
d5c0980e33 Update the command line for generating the ChaCha asm.
This command line matches what was used to generate the current file.

Change-Id: I2f730768f4efc1b23860cc7b27d5005311c554ea
2015-01-29 12:20:07 -08:00
Adam Langley
8de7597af3 Don't require alignment in ChaCha20 on ARM.
By copying the input and output data via an aligned buffer, the
alignment requirements for the NEON ChaCha implementation on ARM can be
eliminted. This does, however, reduce the speed when aligned buffers are
used. However, updating the GCC version used to generate the ASM more
than makes up for that.

On a SnapDragon 801 (OnePlus One) the aligned speed was 214.6 MB/s and
the unaligned speed was 112.1 MB/s. Now both are 218.4 MB/s. A Nexus 7
also shows a slight speed up.

Change-Id: I68321ba56767fa5354b31a1491a539b299236e9a
Reviewed-on: https://boringssl-review.googlesource.com/3132
Reviewed-by: Adam Langley <agl@google.com>
2015-01-29 20:06:41 +00:00
Adam Langley
267253470a Align pointers by hand.
This avoids having Windows be different and is also easier for testing
because it's a simple matter to unalign the pointer if needed.

Change-Id: I32cfa5834e3fe4f16304a25092b9c71946d4744d
Reviewed-on: https://boringssl-review.googlesource.com/3131
Reviewed-by: Adam Langley <agl@google.com>
2015-01-29 20:06:34 +00:00
Brian Smith
a87de9b39b Define WIN32_LEAN_AND_MEAN in the build system, not in the code.
This avoids a conflict with the Chromium build system, which
defines WIN32_LEAN_AND_MEAN with a different value.

BUG=crbug.com/453196

Change-Id: Ia15ec7c20325c1961af4f32e5208266e5f846f35
Reviewed-on: https://boringssl-review.googlesource.com/3150
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-01-29 18:48:57 +00:00
Adam Langley
4a0f0c4910 Change CMakeLists.txt to two-space indent.
find -name CMakeLists.txt -type f | xargs sed -e 's/\t/  /g' -i

Change-Id: I01636b1849c00ba918f48828252492d99b0403ac
2015-01-28 16:37:10 -08:00
Brian Smith
2e38008558 Define _HAS_EXCEPTIONS=0 to avoid MSVC C4530 warning.
Avoid "warning C4530: C++ exception handler used, but unwind semantics
are not enabled. Specify /EHsc" when compiling MSVC's <xlocale> by
disabling the exception code in MSVC's STL using _HAS_EXCEPTIONS=0.

Change-Id: I75aeb445d58cc9fb44467a6044386ae6b519cca8
Reviewed-on: https://boringssl-review.googlesource.com/3111
Reviewed-by: Adam Langley <agl@google.com>
2015-01-29 00:35:19 +00:00
Eric Roman
bcc4fa87af Add unit-tests for PBKDF2.
BUG=http://crbug.com/449409

Change-Id: I0f7de3ef0e43588d55955e92ba16ebb02a97d099
Reviewed-on: https://boringssl-review.googlesource.com/3080
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 20:48:17 +00:00
David Benjamin
507c1eec51 Honor the standard BUILD_SHARED_LIBS cmake variable.
The variable switches the default type for add_library from STATIC to SHARED.
We can condition additional stuff on that for convenience. (tabtest still
doesn't build.)

BoringSSL as any kind of stable system shared library is still very much
unsupported, but this is probably handy for making sure we don't forget all
those pesky OPENSSL_EXPORTs.

Change-Id: I66ab80bcddbf3724e03e85384141fdf4f4acbc2e
Reviewed-on: https://boringssl-review.googlesource.com/3092
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 20:40:10 +00:00
David Benjamin
f4600adb0e Add missing OPENSSL_EXPORTs.
Forgot to export those when adding them.

Change-Id: I206f488eb38e5ff55b8c212911aced0cf28b7664
Reviewed-on: https://boringssl-review.googlesource.com/3090
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 20:38:33 +00:00
David Benjamin
f058dae8fc Revert "Add a test for CONF_parse_list."
This reverts commit cd5c892a87. We'd rather get
rid of crypto/conf altogether, and these tests will require that we
OPENSSL_EXPORT conf.h's functions.

Change-Id: I271511ba321201e60de94e5c79c4b565ce31728f
Reviewed-on: https://boringssl-review.googlesource.com/3120
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 20:38:24 +00:00
Brian Smith
dc94b54708 Clean up use of Windows Platform SDK headers.
Define WIN32_LEAN_AND_MEAN before including Windows Platform SDK
headers to preempt naming conflicts and to make the build faster. Avoid
including those headers in BoringSSL headers. Document that Platform
SDK 8.1 or later is required on Windows.

Change-Id: I907ada21dc722527ea37e839c71c5157455a7003
Reviewed-on: https://boringssl-review.googlesource.com/3100
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 20:36:49 +00:00
Brian Smith
33970e6ce0 Enable bssl client/s_client and server/s_server on Windows.
Change-Id: Iea9bd25176724b56ebb21bded6925f5d30176548
Reviewed-on: https://boringssl-review.googlesource.com/3071
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 20:24:09 +00:00
David Benjamin
9a9a193388 Build with -fvisibility=hidden.
This matches the Chromium build, in both static and components builds. (Also
happens to sort out an undocumented requirement of the standalone shared
library build.)

Change-Id: Ib47fc4c2143115fe6faf9b83079576075efd72bb
Reviewed-on: https://boringssl-review.googlesource.com/3091
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 20:09:20 +00:00
Brian Smith
afdaeee7ed Enable bssl (md5sum, sha256sum, etc.) on Windows.
We deal with the difference between binary and text modes on Windows by
doing all I/O in binary mode (including, in particular,
stdin/stdout/stderr) and by treating text mode as equivalent to binary
mode (i.e. we use Unix line ending semantics).

Change-Id: I76a46d8d02cd7efe1931c8272d8f2c311aef3acb
Reviewed-on: https://boringssl-review.googlesource.com/3070
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 20:07:39 +00:00
Eric Roman
2fe7f2d0d9 Initialize HMAC keys to zero.
In an attempt to assign a zero-length HMAC key, consumers might
incorrectly call:

   HMAC_Init_ex(key=NULL, key_len=0)

This does not work as expected since |key==NULL| has special semantics.
This bug may consequently result in uninitialized memory being used for
the HMAC key data.

This workaround doesn't fix all the problems associated with this
pattern, however by defaulting to a zero key the results are more
predictable than before.

BUG=http://crbug.com/449409

Change-Id: I777276d57c61f1c0cce80b18e28a9b063784733f
Reviewed-on: https://boringssl-review.googlesource.com/3040
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 01:27:25 +00:00
Brian Smith
1d75c8be73 Improve compatibility with CMake 3.0 and later
CMake 3.0 changed the identifier for Apple-supplied Clang to
AppleClang.

CMake 3.1 changed the behavior of variable expansion in quoted
strings and complains with warning CMP0054 twice without these
changes.

BUG=crbug.com/451610

Change-Id: I0f1514ec302cf5f1b5cfc2c5a1c71c9e20d5e855
Reviewed-on: https://boringssl-review.googlesource.com/3011
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 01:13:46 +00:00
Brian Smith
ed30c0d6cf Improve the documentation in BUILDING
The initial instructions given don't work on Windows for a variety of
reasons. Document the prerequisite tools and the limitations on
Windows.

BUG=crbug.com/451610

Change-Id: Ib5eaf00ed9b91c02b4d0e9987f8f3b4eb73266d3
Reviewed-on: https://boringssl-review.googlesource.com/3010
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 01:13:15 +00:00
David Benjamin
b7f3144a20 Add a style guide.
I hear all the cool projects have those.

Change-Id: I0fb82ddb3f7c1768523311637099baf26c574c75
Reviewed-on: https://boringssl-review.googlesource.com/3062
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 01:12:05 +00:00
David Benjamin
69ad27fdd8 Run x86 perlasm on UNIX with -fPIC.
This matches the Chromium build.

Change-Id: I6ebd01c6ecb67c79577f98cf468dc204721595ef
Reviewed-on: https://boringssl-review.googlesource.com/3063
Reviewed-by: Adam Langley <agl@google.com>
2015-01-27 19:32:17 +00:00
David Benjamin
36eb7d5fbc Fix buffer size in aead_test.c.
out2 wasn't sized to account for stateful AEAD open requiring a seal overhead's
worth of scratch space. Also, pass in sizeof(out2) rather than a computed
ciphertext length, so the max_out check would have actually caught this.

Change-Id: Ibe689424f6c8ad550b3a45266699892076e7ba5e
Reviewed-on: https://boringssl-review.googlesource.com/3060
Reviewed-by: Adam Langley <agl@google.com>
2015-01-27 01:38:57 +00:00
David Benjamin
53cbd6c8a0 Fix unused variable warning in OPENSSL_NO_ASM build.
Te4 is used in in crypto/aes/aes.c. It's used upstream in an alternate
implementation of AES_set_encrypt_key not included in our version.

Change-Id: I5704dbc714bdb05ef515cbf2aff5e43c3b62c5b2
Reviewed-on: https://boringssl-review.googlesource.com/3061
Reviewed-by: Adam Langley <agl@google.com>
2015-01-27 01:34:54 +00:00
Adam Langley
bed8f7307e Fix build after mistake addressing comments in cca4d599.
My screwup—I didn't rebuild before submitting :(

Change-Id: If3e1a5cc5bdf6cacb94bc23896619796b22bd9d2
2015-01-26 16:34:37 -08:00
Adam Langley
cca4d5991f Add digest sum handling to the tool.
Android might want to replace the system *sum (i.e. md5sum, sha256sum
etc) binaries with a symlink to the BoringSSL tool binary.

This change also allows the tool to figure out what to do based on
argv[0] if it matches one of the known commands.

Change-Id: Ia4fc3cff45ce2ae623dae6786eea5d7ad127d44b
Reviewed-on: https://boringssl-review.googlesource.com/2940
Reviewed-by: Adam Langley <agl@google.com>
2015-01-26 21:27:18 +00:00
David Benjamin
cd5c892a87 Add a test for CONF_parse_list.
Change-Id: I7af0753cac07756a75d03a4820a16f3f8b18d7ba
Reviewed-on: https://boringssl-review.googlesource.com/3026
Reviewed-by: Adam Langley <agl@google.com>
2015-01-26 21:24:50 +00:00
Adam Langley
fd4eb60497 Remove duplication of common DH parameters.
Previously, the data for the common DH parameters was given twice: once
with 64-bit limbs and again with 32-bit limbs. A simple macro can
eliminate this duplication.

Change-Id: I15af008a769616f8146845cc8dd0e6526aa142ba
Reviewed-on: https://boringssl-review.googlesource.com/2950
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-01-26 20:26:51 +00:00
Adam Langley
b4a494cc32 Reformat SSL/TLS headers.
Change-Id: Id9d848a6bb13a414d7c199674ff980c5011f92cf
Reviewed-on: https://boringssl-review.googlesource.com/3000
Reviewed-by: Adam Langley <agl@google.com>
2015-01-26 20:23:09 +00:00
David Benjamin
347f025d75 Remove unused modexp512-x86_64.pl.
See upstream's c436e05bdc7f49985a750df64122c960240b3ae1.

Change-Id: I7cbe5315a769450e4630dd4e8f465cdfd45c2e08
Reviewed-on: https://boringssl-review.googlesource.com/3025
Reviewed-by: Adam Langley <agl@google.com>
2015-01-26 18:45:45 +00:00