)]}' { "log": [ { "commit": "54c956b2e668e11c75f1ee0367f1b3a0ad28eff9", "tree": "e5c381b1d19e7c73d7fc834b5e30cef3d367fc3d", "parents": [ "ee4c2a38a05873b8812fed97efae0ffc5ff51d46" ], "author": { "name": "Kenichi Ishibashi", "email": "bashi@chromium.org", "time": "Sun Mar 17 16:02:03 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Wed Mar 27 16:43:10 2024 +0000" }, "message": "[rust] Tell Cargo to link cpp runtime library\n\nhttps://boringssl-review.googlesource.com/c/boringssl/+/66288\nallowed C++ runtime in libssl. The build script of bssl-sys crate\nshould indicate that the crate requires a C++ runtime. Use\nlibc++ on MacOS and libstdc++ on other unix like systems by\ndefault. Introduce a new environment variable to configure C++\nruntime to use.\n\nChange-Id: Ib445955012126080dd03ad7b650287ea9dde10b0\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67147\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n" }, { "commit": "ee4c2a38a05873b8812fed97efae0ffc5ff51d46", "tree": "ee70a32e9258bd37b50ecd1e3aa4de3fd8befc7f", "parents": [ "70b33d39048abaa1c810ad63ace4b05af7b94d15" ], "author": { "name": "Aaron Knobloch", "email": "aknobloch@google.com", "time": "Mon Mar 25 20:45:09 2024 +0000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Mar 25 21:09:36 2024 +0000" }, "message": "Update run_android_tests to exit on invalid ABI\n\nChange-Id: I3663a5efe1f71192e69e3e04821a481043d145bb\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67467\nCommit-Queue: Aaron Knobloch \u003caknobloch@google.com\u003e\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\nAuto-Submit: Aaron Knobloch \u003caknobloch@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "70b33d39048abaa1c810ad63ace4b05af7b94d15", "tree": "a2dcabdbc1b31200ace6a6a1e70f95ed787f9656", "parents": [ "febb44031d5797b73715e676042272375587d15b" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Mar 19 17:50:16 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Sat Mar 23 23:22:31 2024 +0000" }, "message": "Move fips_fragments into bcm.internal_hdrs in build.json\n\nThis is sliiiightly weird because we can\u0027t quite decide whether these\nare headers with the wrong extension or standalone C files. But since\nmost of our build does the former, I\u0027ve done this for now. I expect\nwe\u0027ll need to iterate on this one a bit.\n\nBug: 542\nChange-Id: Ib50332c0804efb5a1aa37fe445f129156260835a\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67300\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "febb44031d5797b73715e676042272375587d15b", "tree": "dc1a30c200c668668efe1c064a165384fdbcd932", "parents": [ "2d7f6c6e65a49c04b5ef545f1f3b979a74f89c2c" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Mar 19 16:52:15 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Sat Mar 23 22:22:42 2024 +0000" }, "message": "Move internal headers to build.json\n\nCMake doesn\u0027t use these, but a lot of our other build systems need it.\n\nBug: 542\nChange-Id: I74388751b832921ac121abd3d5755880f352a449\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67299\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "2d7f6c6e65a49c04b5ef545f1f3b979a74f89c2c", "tree": "3ad451f3e7720db6e3d460fcfecb6dd6450fcdc7", "parents": [ "cb2f3e8af1f26b8bd6fb1452c2eb430a84d0caa2" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Wed Mar 20 15:10:12 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Sat Mar 23 21:29:52 2024 +0000" }, "message": "Flatten crypto/CMakeLists.txt into the top-level\n\nThis avoids needing to rebase the source lists. It also means that\nlibcrypto.a and libssl.a end up directly in the build directory, which\nmakes it a bit easier to pass it to, say, gcc -L when testing things.\n\nThat file is, alas, getting a bit large. delocate is a pretty large\namount of code. I tried to abstract things into functions to toss into a\ncmake/delocate.cmake, but CMake is really bad at making abstractions.\n\nBug: 542\nChange-Id: I084d7a6bdd4c21ac27859b8b0c9d7a84829f2823\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67298\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "cb2f3e8af1f26b8bd6fb1452c2eb430a84d0caa2", "tree": "67d727a0b61c3cb4acb84b6c0397d30bf96a4e0a", "parents": [ "49b92bc1ffb5fde787b5e4cc53ceec0ab3b1b7a4" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Mar 18 23:17:59 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Sat Mar 23 21:12:33 2024 +0000" }, "message": "Move crypto_sources to build.json\n\nBug: 542\nChange-Id: Ie5590a0a68431903587fa87d70c1acac4161e9b9\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67297\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "49b92bc1ffb5fde787b5e4cc53ceec0ab3b1b7a4", "tree": "2b9981de3099428162c40599e13f919da20fec1d", "parents": [ "3ae23976862fa9036ab52e47c8a22025f5d76ca0" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Mar 18 23:36:59 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Sat Mar 23 15:04:01 2024 +0000" }, "message": "Specify public headers in build.json\n\nThe CMake build doesn\u0027t use it, but this will be needed for the other\nbuilds to be driven by util/pregenerate.\n\nBug: 542\nChange-Id: If95cbcef1803e30ffc5ab7c9227fdcc6c53adf34\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67296\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "3ae23976862fa9036ab52e47c8a22025f5d76ca0", "tree": "32196be50aa78eb420ef15854d2b373dee526021", "parents": [ "231510cf506711eae6f7f06be9626bc7e44982b4" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Mar 18 22:43:46 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Sat Mar 23 14:43:15 2024 +0000" }, "message": "Rework the test data story\n\nWe originally embedded test data because of deficiencies in Android\u0027s\nbuild. Android had no way to specify test data with tests. That has\nsince been resolved, and the embedding mechanism has gotten unwieldy.\n\nThis unifies pki_test and crypto_test\u0027s test data story, and does so in\na way that all tests can participate in. (We can now use FileTest in\ndecrepit_test.)\n\nUpdate-Note: This will require some tweaks to downstream builds. We no\nlonger emit an (unwieldy) crypto_test_data.cc file. Instead, tests will\nexpect test data be available at the current working directory. This can\nbe overridden with the BORINGSSL_TEST_DATA_ROOT environment variable.\n\nCallers with more complex needs can build with\nBORINGSSL_CUSTOM_GET_TEST_DATA and then link in an alternate\nimplementation of this function.\n\nOn the off chance some project needs it, I\u0027ve kept the\nembed_test_data.go script around for now, but I expect we can delete it\nin the future.\n\nFixed: 681\nChange-Id: If181ce043e1eea3148838f1bb4db9ee4bfda0d08\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67295\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "231510cf506711eae6f7f06be9626bc7e44982b4", "tree": "194902b134c9bdbefe4c0e34779c062274dd05eb", "parents": [ "e539b93eaa9144445f70bec4ab38ed14c78cafaf" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Mar 18 22:39:15 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Sat Mar 23 00:06:50 2024 +0000" }, "message": "Move the rest of sources.cmake into util/pregenerate\n\nBug: 542\nChange-Id: I23c3c5c01ae41bd98f605b34e09269a6602a2c49\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67294\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "e539b93eaa9144445f70bec4ab38ed14c78cafaf", "tree": "adf8f26b1e8c4498ef2f210faa4a512204c9c236", "parents": [ "6cbf2c09f280fbf2190affee046783d0fe543113" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Mar 18 22:21:18 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Mar 22 23:49:31 2024 +0000" }, "message": "Use source lists to find pki_test data in run_android_tests.go\n\nWe now have (some of) our test sources in an easily parseable form.\nrun_android_tests.go no longer needs to crawl the source tree.\n\nNote this required fixing the .gitignore rules. If a .gitignore line\ndoesn\u0027t have a slash at the start or middle, it applies to\nsubdirectories as well. This is confusing, so I just stuck a leading\nslash in front of all of them.\n\nBug: 681\nChange-Id: I389c2a0560594fbd23c60b5b614b0ccfedf28926\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67293\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "6cbf2c09f280fbf2190affee046783d0fe543113", "tree": "c00906140786a967f3cf1919c49aaaf2e423c103", "parents": [ "115deb3628a770831b785ac6647b2d43b276b290" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Mar 18 22:11:06 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Mar 22 23:32:05 2024 +0000" }, "message": "Move test data lists to util/pregenerate\n\nSince we can now handle glob patterns, make those shorter.\n\nBug: 542\nChange-Id: I971d9785bce0db7b2e8c41c8c82468afde64540d\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67292\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "115deb3628a770831b785ac6647b2d43b276b290", "tree": "04db0680f7893cf3fd20754b8c1e23e69587dc41", "parents": [ "e9b0c71f0b0446519a35938e88e79cff6e793669" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Mar 18 18:08:57 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Mar 22 22:45:42 2024 +0000" }, "message": "Support glob patterns in build.json\n\nThis is primarily in preparation for pki_test\u0027s data list. That thing is\n80% of source.cmake. glob patterns are normally not great, but since\nwe\u0027re checking the result in, that should be fine.\n\nBug: 542\nChange-Id: I6ccf69f4a2ce08b153de5eb9dfb2f9b01654e1ce\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67290\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "e9b0c71f0b0446519a35938e88e79cff6e793669", "tree": "e1df8843148ee8cca839f61b91bfff6b9e948d7b", "parents": [ "368d0d87d0bd00f8227f74ce18e8e4384eaf6afa" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sat Mar 23 07:16:14 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Mar 22 22:20:54 2024 +0000" }, "message": "Correctly sort err_data.c inputs\n\nBug: 542\nChange-Id: Idd5df8cc485deae6a2fde142854e24e7fecd0520\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67289\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "368d0d87d0bd00f8227f74ce18e8e4384eaf6afa", "tree": "b91f4620f4acdfbea15301e7439cf8da7ed62312", "parents": [ "fe0c91e74481e335f434dd6403eeb7ce160fe18d" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Fri Mar 22 16:40:09 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Mar 22 06:59:26 2024 +0000" }, "message": "Regenerate err_data.c\n\nThe error list was updated in between when I uploaded and landed the\ngenerated version.\n\nBug: 542\nChange-Id: I4d0efdca20264fd2a6508dd8ff4065bd903d5a79\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67428\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "fe0c91e74481e335f434dd6403eeb7ce160fe18d", "tree": "fa575ae782d0c46e9733017c7b57a14cc33c0d01", "parents": [ "36e85b6a05fe185f6b3a1b7e609e8b775c9b5a81" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Mar 18 15:37:24 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Mar 22 05:15:56 2024 +0000" }, "message": "Check in pre-generated perlasm and error data files\n\nThis adds a tool for managing pre-generated files, aligning our CMake\nand non-CMake builds. The plan is roughly:\n\nThe source of truth for the file lists will (eventually) be build.json.\nThis describes the build in terms of the files that we directly edit.\n\nHowever, we have a two-phase build. First a pregeneration step\ntransforms some of the less convenient inputs into checked in files.\nNotably perlasm files get expanded. This produces an equivalent JSON\nstructure with fewer inputs. The same tool then outputs that structure\ninto whatever build systems we want.\n\nThis initial version pre-generates err_data.c and perlasm files. I\u0027ve\nnot wired up the various build formats, except for CMake (for the CMake\nbuild to consume) and JSON (for generate_build_files.py to parse).\nbuild.json is also, for now, only a subset of the build. Later changes\n\nThe upshot of all this is we no longer have a Perl build dependency!\nPerl is now only needed when working on BoringSSL. It nearly removes the\nGo one, but Go is still needed to run and (for now) build the tests.\n\nTo keep the generated files up-to-date, once this lands, I\u0027ll update our\nCI to run `go run ./util/pregenerate -check` which asserts that all\ngenerated files are correct. From there we can land the later changes in\nthis patch series that uses this more extensively. My eventual goal is\nto replace generate_build_files.py altogether and the\n\"master-with-bazel\" branch. Instead we\u0027ll just have sources.bzl,\nsources.gni, etc. all checked into the tree directly. And then the\nnormal branch will just have both a CMake and Bazel build in it.\n\nUpdate-Note: generate_build_files.py no longer generates assembly files\nor err_data.c. Those are now checked into the tree directly.\n\nBug: 542\nChange-Id: I71f5ff7417be811f8b7888b345279474e6b38ee9\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67288\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "36e85b6a05fe185f6b3a1b7e609e8b775c9b5a81", "tree": "ab56b49364a5b770827d42a62140bc508ae4e166", "parents": [ "821fe3380cce646fa3557b882d91fba318981b9b" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Mar 18 13:58:15 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Mar 22 04:15:32 2024 +0000" }, "message": "Flatten crypto/fipsmodule/CMakeLists.txt up a layer\n\nThis is one step towards flattening the libcrypto build into the\ntop-level CMakeLists.txt file. (This is to align the CMake build with\nour other builds, and also make it easier to consume a CRYPTO_SOURCES\nvariable without having to prepend \"../\" in front of each value.)\n\nThis also avoids a rather annoying corner of CMake: files generated in a\ndifferent directory don\u0027t work well, which is why we had all this mess\nwith EXTERNAL_OBJECT, GENERATED, and bcm_o_target. Globbing it into one\nfile is a bit unwieldy, but avoids this. (CMake is incredibly bad at\ncustom rules.)\n\nBug: 542\nChange-Id: Ia5038511af339a0eae2af56875a42581eb1ed15b\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67287\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "821fe3380cce646fa3557b882d91fba318981b9b", "tree": "70c422cd37f10d6f10016e1362e7993de38e3939", "parents": [ "4ac76f07a401b9b11d6ff305049721cfe3f6a777" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Fri Mar 22 13:16:03 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Mar 22 04:06:12 2024 +0000" }, "message": "Document that null STACK_OF(T) can be used with several functions\n\nLots of code relies on this, so we ought to document it. A null\nSTACK_OF(T) is treated as an immutable empty list.\n\nChange-Id: I10d0ba8f7b33c7f3febaf92c2cd3da25a0eb0f80\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67407\nReviewed-by: Theo Buehler \u003ctheorbuehler@gmail.com\u003e\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: Bob Beck \u003cbbe@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "4ac76f07a401b9b11d6ff305049721cfe3f6a777", "tree": "e55a4e25f28c21fb8f30a52a1e712ce57adf2d38", "parents": [ "ae719ab057a7db33a388fd52ea30397273036d63" ], "author": { "name": "Theo Buehler", "email": "theorbuehler@gmail.com", "time": "Thu Mar 21 22:16:06 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Mar 22 04:04:36 2024 +0000" }, "message": "Remove unused flags argument from trust handlers\n\nChange-Id: Ie16e9ab0897305089672720efa4530d43074f692\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67387\nAuto-Submit: Theo Buehler \u003ctheorbuehler@gmail.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "ae719ab057a7db33a388fd52ea30397273036d63", "tree": "45c9d799ed13461544ffeda09d01909875505c21", "parents": [ "06fb6e1b129d426b0f543e0e77890295175f012a" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Mar 18 13:05:58 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Mar 22 03:57:45 2024 +0000" }, "message": "Build fips_shared_support.c as part of libcrypto\n\nThis aligns with the generated build, where fips_shared_support.c is\npart of crypto_sources, not the delocated part.\n\nIt is conceptually part of bcm, but our generated builds currently\nonly separate on basis of delocated/partial-linked vs. not delocated.\n\nBug: 542\nChange-Id: Ib8de3fb0a7778c9000c3b4fca978d43cb9a29d12\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67267\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "06fb6e1b129d426b0f543e0e77890295175f012a", "tree": "25332a80d811e7317dc6cc61580c742a496999ca", "parents": [ "e57ab142c0cabf30b6d4e85b8038003cc179716b" ], "author": { "name": "Bob Beck", "email": "bbe@google.com", "time": "Sat Mar 09 17:22:26 2024 +0000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Mar 21 06:02:41 2024 +0000" }, "message": "Make it plainly obvious this is experimental code.\n\nSince we are saying this will die when standardized, let us\nensure users of this code from this location take notice\nand action before using it.\n\nWe then selectively allow it in the speed tool and in our tests.\n\nIf we like this approach, I\u0027ll go back and apply it to kyber\n(which will have some other fallout consequences to fix) but this\none should be painless right now.\n\nThis can also be applied to Dilithium when it comes back.\n\nFuture experimentals could be added in this manner.\n\nChange-Id: Ie3b41cf16278868562ef1c8b28f2caed5e0e2dd1\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66887\nCommit-Queue: Bob Beck \u003cbbe@google.com\u003e\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "e57ab142c0cabf30b6d4e85b8038003cc179716b", "tree": "cbccf40f6f618455bfef822f3ba150cb278fca97", "parents": [ "021ec339112553e3211cdeea98d29fd659d455ef" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sun Mar 17 15:40:03 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Mar 21 03:34:31 2024 +0000" }, "message": "Add some barebones support for DH in EVP\n\nOpenSSH needs this. Features that have been intentionally omitted for\nnow:\n\n- X9.42-style Diffie-Hellman (\"DHX\"). We continue not to support this.\n Use ECDH or X25519 instead.\n\n- SPKI and PKCS#8 serialization. Use ECDH or X25519 instead. The format\n is a bit ill-defined. Moreover, until we solve the serialization\n aspects of https://crbug.com/boringssl/497, adding them would put this\n legacy algorithm on path for every caller.\n\n- Most of the random options like stapling a KDF, etc. Though I did add\n EVP_PKEY_CTX_set_dh_pad because it\u0027s the only way to undo OpenSSL\u0027s\n bug where they chop off leading zeros by default.\n\n- Parameter generation. Diffie-Hellman parameters should not be\n generated at runtime.\n\nThis means you need to bootstrap with a DH object and then wrap it in an\nEVP_PKEY. This matches the limitations of the EVP API in OpenSSL 1.1.x.\nUnfortunately the OpenSSL 3.x APIs are unsuitable for many, many\nreasons, so I expect when we get further along in\nhttps://crbug.com/boringssl/535, we\u0027ll have established some patterns\nhere that we can apply to EVP_PKEY_DH too.\n\nChange-Id: I34b4e8799afb266ea5602a70115cc2146f19c6a7\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67207\nReviewed-by: Theo Buehler \u003ctheorbuehler@gmail.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "021ec339112553e3211cdeea98d29fd659d455ef", "tree": "72c173f437cd610dde0f0d0e888b8469a936e9a3", "parents": [ "8248baaf3e14895cc85255c009aace5fb92d0c95" ], "author": { "name": "Bob Beck", "email": "bbe@google.com", "time": "Fri Feb 16 16:34:46 2024 +0000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Mar 21 02:54:02 2024 +0000" }, "message": "Add verify_errors as public error API\n\nBug: 660, b:323560158\nChange-Id: I1154fb848de28fd0417660cce1f99e3d29107840\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66327\nCommit-Queue: Bob Beck \u003cbbe@google.com\u003e\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "8248baaf3e14895cc85255c009aace5fb92d0c95", "tree": "c9f8fbf85306fb10ee5fb8e194deef0d81984eb7", "parents": [ "9b8b483276da2b3d36ea21e97743e310314a8de0" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sun Mar 17 17:17:59 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Mar 21 02:44:57 2024 +0000" }, "message": "Fix EVP_PKEY_CTX_dup with EC generation\n\ngen_group wasn\u0027t copied over.\n\nChange-Id: If5341dce69fe0297b6bd9a5fb7ed34d546201604\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67167\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "9b8b483276da2b3d36ea21e97743e310314a8de0", "tree": "f375612a9d5969c3f869afe446c25dd02d40115d", "parents": [ "fce5cf02378a839174935b83b58f54aba6c2bb3e" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Jan 16 15:48:17 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Mar 21 02:21:19 2024 +0000" }, "message": "Start making asserts constant-time too\n\nWe\u0027ve historically settled on treating asserts as not in scope for our\nconstant-time goals. Production binaries are expected to be optimized\nbuilds, with debug assertions turned off. (We have a handful of\nassertions in perf-sensitive code that you definitely do not want to run\nwith.) Secret data has invariants too, so it is useful to be able to\nwrite debug assertions on them.\n\nHowever, combined with our default CMake build being a debug build, this\nseems to cause some confusion with researchers sometimes. Also, if we\never get language-level constant-time support, we would need to resolve\nthis mismatch anyway. (I assume any language support would put enough\ninto the type system to force us to declassify any intentional branches\non secret-by-data-flow bools, notably those we assert on.) So I\u0027m\ninclined to just make our asserts constant-time.\n\nThere are two issues around asserts, at least with our valgrind-based\nvalidation:\n\nThe first is that a couple of asserts over secret data compute their\ncondition leakily. We can just fix these. The only such ones I found\nwere in bn_reduce_once and bn_gcd_consttime.\n\nThe second is that almost every assert over secret data will be flagged\nas an invalid branch by valgrind. However, presuming the condition\nitself was computed in constant time, this branch is actually safe. If\nwe were willing to abort the process when false, the assert is clearly\npublicly true. We just need to declassify the boolean to assert on it.\n\nassert(constant_time_declassify_int(expr)) is really long, so I made an\ninternal wrapper macro declassify_assert(expr). Not sure if that\u0027s the\nbest name. constant_time_declassify_assert(expr) is kinda long.\nconstant_time_assert(expr) fits with the rest of that namespace, but\nreads as if we\u0027re somehow running an assert without branching, when the\nwhole point is that we *are* branching and need to explicitly say it\u0027s\nokay to.\n\nFixed: 339\nChange-Id: Ie33b99bf9a269b11d2c48d246cc4934be7e239ff\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65467\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "fce5cf02378a839174935b83b58f54aba6c2bb3e", "tree": "ab503902c961d675d349615bf8e27e83b4e16095", "parents": [ "c99364a313795b2baaa40bd0683a05ae2e1cd993" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Jan 15 19:28:39 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Mar 21 01:59:04 2024 +0000" }, "message": "Clear some more false positives from constant-time validation\n\nMostly bits of DSA and RSA keygen, flagged when we make the PRNG output\nsecret by default. There\u0027s still a ton of RSA to resolve, mostly because\nour constant-time bignum strategy does not interact well with valgrind\nwhen handling RSA\u0027s secret-value / public-bit-length situation. Also\nRSA\u0027s ASN.1 serialization is unavoidably leaky.\n\nBug: 676\nChange-Id: I08d273959065c4db6fd44180a6ac56a82f862fe8\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65447\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "c99364a313795b2baaa40bd0683a05ae2e1cd993", "tree": "6e61ce861d27bccf0e442621e03b0d01679e2005", "parents": [ "a200650ac344338f9af86822266984804eb86370" ], "author": { "name": "Theo Buehler", "email": "theorbuehler@gmail.com", "time": "Sun Mar 17 14:46:22 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Mar 21 01:23:48 2024 +0000" }, "message": "Fix X509_ALGOR_set_md()\n\nThis API allocates internally and can leave a corrupted |alg| behind.\nChange it to return an int so that callers can check for an error.\nAlso fix its only caller in rsa_md_to_algor().\n\nThis is an ABI change but will not break any callers.\n\nAlso add a small regress test for this API.\n\nChange-Id: I7a5d1729dcd4c7726c3d4ead3740d478231f3611\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67187\nCommit-Queue: Theo Buehler \u003ctheorbuehler@gmail.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "a200650ac344338f9af86822266984804eb86370", "tree": "738f52ed1e024b1adbfe991291541348f33b05a6", "parents": [ "31442d490cc487998e0fb351e854a9ff9b3ac35e" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Mar 18 18:18:57 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Wed Mar 20 06:17:42 2024 +0000" }, "message": "Trim unused files from PKI_TEST_DATA\n\nThe Python scripts (which probably don\u0027t work anymore) don\u0027t need to be\nshipped to the test. Neither to the .h files. Also we have some random\nfiles that are remnants of being around Chromium.\n\nWe also don\u0027t need the ship the .key files.\n\nChange-Id: I847b449accee1c4005304380b47f3ff876a09fa5\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67291\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "31442d490cc487998e0fb351e854a9ff9b3ac35e", "tree": "1d86eb1172194ba1670a909e40ff3ff1476a4f47", "parents": [ "0cb032aa4c677ad432dc422276d7b963c6acbb58" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Mar 18 14:21:13 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Wed Mar 20 01:25:59 2024 +0000" }, "message": "Remove unnecessary LINKER_LANGUAGE setting in CMake build\n\nThis seems to be unnecessary.\n\nChange-Id: I0439739543d6593aadc87fc97e4ad5870616730e\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67268\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "0cb032aa4c677ad432dc422276d7b963c6acbb58", "tree": "84e494a59bf27716cc663fcb864445ebc15bab65", "parents": [ "c5e9b4be0f2fabaac68961c0edce381703731d03" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sun Mar 17 11:57:33 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Wed Mar 20 01:08:24 2024 +0000" }, "message": "Move ssl and decrepit sources to sources.cmake\n\nBug: 542\nChange-Id: Iec0348555b988f8eb8eb24394a867e015b125c20\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67227\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "c5e9b4be0f2fabaac68961c0edce381703731d03", "tree": "ce5d7123caa9ed3e6fd08064413ee512b091f791", "parents": [ "8ede9514dac7cace2084d95502d4bd8ea39b08b6" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Mar 19 13:34:28 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 19 06:08:51 2024 +0000" }, "message": "Add threading documentation to DH and DSA\n\nThe RSA, etc., APIs have some discussion on threading expectations. We\nshould have the same text on DH and DSA.\n\nWhile I\u0027m here, const-correct DSA_SIG in some legacy DSA APIs.\n\nChange-Id: I6ad43c9347c320dc0b1c8e73850fa07c41e028ea\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67247\nReviewed-by: Theo Buehler \u003ctheorbuehler@gmail.com\u003e\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "8ede9514dac7cace2084d95502d4bd8ea39b08b6", "tree": "676fb94fa5df66e9bfed7cc2358c3edba91c2eb4", "parents": [ "044fbc86ef5505d5fdab2befd476992ad1074665" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sun Mar 17 15:29:54 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 19 01:42:31 2024 +0000" }, "message": "Make EVP_PKEY_type into the identity function\n\nThis function exists because callers sometimes write\nEVP_PKEY_type(EVP_PKEY_id(pkey)), which is equivalent to\nEVP_PKEY_base_id(pkey).\n\nIn OpenSSL, all this existed so that a type parsed as EVP_PKEY_RSA2\ncould still be mapped to EVP_PKEY_RSA. We haven\u0027t supported this since\n2015, so this purely exists as a way to check that the key type exists.\nIn doing so, it currently pulls in the full implementation of every key\ntype.\n\nI could replicate the list of keys, but that is one more place we have\nto keep things up-to-date. Instead, just make this function the\nidentity. Looking through callers, it did not appear anyone depended on\nthe error condition.\n\nUpdate-Note: EVP_PKEY_type used to return NID_undef when given a garbage\nkey type. Given it is only ever used in concert with EVP_PKEY_id, this\nis unlikely to impact anyone. If it does, we can do the more tedious\noption.\n\nBug: 497\nChange-Id: Ibf68a07ef6906398df0fec425c869c107b8c90f4\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67109\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "044fbc86ef5505d5fdab2befd476992ad1074665", "tree": "4ec20853d50804d1b672bfd5e3fdf2363d95e7f3", "parents": [ "660973695bd20a22201e979a6e6f8c335f939cfe" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sun Mar 17 15:19:33 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Mar 18 12:22:18 2024 +0000" }, "message": "Move EVP_PKEY setters to their corresponding type-specific files\n\nJust a little tidier.\n\nChange-Id: Icf041a249f30fa941e54003a3b87d1a7377ffe56\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67108\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "660973695bd20a22201e979a6e6f8c335f939cfe", "tree": "d0ced457868f37ea2f0626028050d80c566a1b06", "parents": [ "fea4c97491e43455063fda6967e4a2cc4234baf5" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sun Mar 17 14:53:47 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Mar 18 07:56:51 2024 +0000" }, "message": "Avoid EVP_PKEY_set_type in EVP_PKEY_new_raw_*_key\n\nThese are effectively just APIs for creating Ed25519 and X25519 keys. We\nmay want to rethink this a bit later, but for now let\u0027s just do this.\n\nBug: 497\nChange-Id: I01ae06fa86af96da993fd41611472838475bf094\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67128\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "fea4c97491e43455063fda6967e4a2cc4234baf5", "tree": "27a62ea6ecdb01bfa2d505d3c678df1b4a40be04", "parents": [ "b85a0d1ebe76d80986708ce3a8faa120d49ef8fe" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sun Mar 17 14:40:02 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Mar 18 05:58:24 2024 +0000" }, "message": "Remove some unnecessary dependencies on EVP_PKEY_set_type\n\nEVP_PKEY_set_type needs to pull in every supported EVP_PKEY type, but\nmost of our calls within the library already know what type they\u0027re\nworking with. Have them call evp_pkey_set_method directly.\n\nBug: 497\nChange-Id: I17cb9a0dff0da55206686bce1d8e1df4773f6f4d\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67127\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "b85a0d1ebe76d80986708ce3a8faa120d49ef8fe", "tree": "3adbb43f82b908b4d039636f2d663157d310e73b", "parents": [ "c38abd038c6d6f6ebbe200090821e23313c4bd9c" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sun Mar 17 12:04:45 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Sun Mar 17 22:57:54 2024 +0000" }, "message": "Gate -Wframe-larger-than on Clang 13\n\nThis is a somewhat speculative fix for https://crbug.com/boringssl/709.\n\nFixed: 709\nChange-Id: I7ace65ca86048a04994fef7811527423af70e933\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67087\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "c38abd038c6d6f6ebbe200090821e23313c4bd9c", "tree": "1c5cbd243369c6b3405541dd3c9ccc400ff33d4d", "parents": [ "ec45e104a608ba556be73a0776cfb495c6c8ae44" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sun Mar 17 14:59:27 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Sun Mar 17 21:48:45 2024 +0000" }, "message": "Make ninja run_tests output less confusing\n\nWe say \"all tests passed\" but we actually mean only the unit tests. Now\nthe output is:\n\n Running Go tests\n ok \tboringssl.googlesource.com/boringssl/ssl/test/runner/hpke\t(cached)\n ok \tboringssl.googlesource.com/boringssl/util/ar\t(cached)\n ok \tboringssl.googlesource.com/boringssl/util/fipstools/acvp/acvptool/testmodulewrapper\t(cached)\n ok \tboringssl.googlesource.com/boringssl/util/fipstools/delocate\t(cached)\n\n Running unit tests\n ssl_test [shard 1/10]\n ...\n pki_test [shard 8/10]\n All unit tests passed!\n\n Running SSL tests\n 0/0/5481/5481/5481\n PASS\n ok \tboringssl.googlesource.com/boringssl/ssl/test/runner\t21.110s\n\nall_tests.go really should be called unit_tests.go, but renaming it will\nprobably be too annoying.\n\nChange-Id: I7ff6684221930e19152ab3400419f4e5209aaf46\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67107\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "ec45e104a608ba556be73a0776cfb495c6c8ae44", "tree": "5615330e4d930e276763e849fb25a81b955668be", "parents": [ "440c51317bcbc15aec372bc78cf6fbf59d7eb435" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sun Mar 17 16:15:48 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Sun Mar 17 07:42:18 2024 +0000" }, "message": "X509_ALGOR_set_md is a mess, document it\n\ntb noticed that our X509_ALGOR_set_md differs from OpenSSL because we\nnever set EVP_MD_FLAG_DIGALGID_ABSENT. That is, we include an explicit\nNULL parameter, while OpenSSL omits it.\n\nRFC 4055, section 2.1 says:\n\n There are two possible encodings for the AlgorithmIdentifier\n parameters field associated with these object identifiers. The two\n alternatives arise from the loss of the OPTIONAL associated with the\n algorithm identifier parameters when the 1988 syntax for\n AlgorithmIdentifier was translated into the 1997 syntax. Later the\n OPTIONAL was recovered via a defect report, but by then many people\n thought that algorithm parameters were mandatory. Because of this\n history some implementations encode parameters as a NULL element\n while others omit them entirely. The correct encoding is to omit the\n parameters field; however, when RSASSA-PSS and RSAES-OAEP were\n defined, it was done using the NULL parameters rather than absent\n parameters.\n\n ...\n\n To be clear, the following algorithm identifiers are used when a NULL\n parameter MUST be present:\n\n ...\n\nMy read of this text is:\n\n1. The correct encoding of, say, SHA-256 as an AlgorithmIdentifer *was*\n to omit the parameter. So if you\u0027re using it in, I dunno, CMS, you\n should omit it.\n\n2. Due to a mishap, RSASSA-PSS originally said otherwise and included\n it. Additionally, there are some implementations that only work if\n you include it.\n\n3. Once the mistake was discovered, PSS chose to preserve the mistake,\n rather than undo it.\n\nThis means that the correct encoding of SHA-256 as an AlgorithmIdentifer\nis *different* depending on whether you\u0027re doing PSS or CMS.\nFortunately, there are only two users of this function, one inside the\nlibrary and one in Android. Both are trying to encode PSS, so the\ncurrent behavior is correct. Nonetheless, we should document this.\n\nAlso, because this is a huge mess, we should also add an API for\nspecifically encoding RSA-PSS. From there, we can update Android to call\nthat function and remove X509_ALGOR_set_md.\n\nAmusingly, RSASSA-PKCS1-v1_5 *also* differs from the \"correct\" encoding.\nRFC 8017, Appendix B.1 says:\n\n The parameters field associated with id-sha1, id-sha224, id-sha256,\n id-sha384, id-sha512, id-sha512/224, and id-sha512/256 should\n generally be omitted, but if present, it shall have a value of type\n NULL.\n\n This is to align with the definitions originally promulgated by NIST.\n For the SHA algorithms, implementations MUST accept\n AlgorithmIdentifier values both without parameters and with NULL\n parameters.\n\n Exception: When formatting the DigestInfoValue in EMSA-PKCS1-v1_5\n (see Section 9.2), the parameters field associated with id-sha1,\n id-sha224, id-sha256, id-sha384, id-sha512, id-sha512/224, and\n id-sha512/256 shall have a value of type NULL. This is to maintain\n compatibility with existing implementations and with the numeric\n information values already published for EMSA-PKCS1-v1_5, which are\n also reflected in IEEE 1363a [IEEE1363A].\n\nFinally, there\u0027s EVP_marshal_digest_algorithm, used in PKCS#8 and OCSP.\nI suspect we\u0027re doing that one wrong. I\u0027ve left a TODO there to dig into\nthat one.\n\nBug: 710\nChange-Id: I46b11f8c56442a9badd186c7f04bb366147ed98f\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67088\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "440c51317bcbc15aec372bc78cf6fbf59d7eb435", "tree": "f55d370f58a045a8e55a0232693327871192a7e2", "parents": [ "f57a11ae566ac17c1b028d79950227a33ae32fad" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sat Mar 16 21:22:59 2024 -0400" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Sun Mar 17 01:40:33 2024 +0000" }, "message": "Filter out DW.ref.__gxx_personality_v0 in read_symbols.go\n\nAs documented, the symbol prefixing mechanism is experimental and\nunsupported. There are several corners where we know it doesn\u0027t give the\ncorrect output. Nonetheless, this is an easy one to fix.\n\nFixed: 707\nChange-Id: I69a3e61a3198a193cb90f822218f1efbaa31fb1a\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67067\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\nCommit-Queue: Adam Langley \u003cagl@google.com\u003e\n" }, { "commit": "f57a11ae566ac17c1b028d79950227a33ae32fad", "tree": "b382db5a2d9293cee730036f85fe46c4f6ad429d", "parents": [ "fae0964b3d44e94ca2a2d21f86e61dabe683d130" ], "author": { "name": "Theo Buehler", "email": "theorbuehler@gmail.com", "time": "Sat Mar 16 16:49:53 2024 +1000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Sat Mar 16 22:48:54 2024 +0000" }, "message": "Remove unused app_data from EVP_CIPHER\n\nThis field makes no sense for static const structures. It was added\nearly on but never used as far as I can tell.\n\nChange-Id: Ie0272c5f498ad777cb3b114589248d8b403ae457\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67047\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: Adam Langley \u003cagl@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n" }, { "commit": "fae0964b3d44e94ca2a2d21f86e61dabe683d130", "tree": "32afb7984ef813e6381f34f1f7bb46f45d3a0780", "parents": [ "356d37861f5772e2d87ef443f61f33c020e52b04" ], "author": { "name": "Bob Beck", "email": "bbe@google.com", "time": "Tue Mar 12 19:31:09 2024 +0000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Wed Mar 13 15:52:19 2024 +0000" }, "message": "Re-remove unnecesary stat calls from by_dir.c\n\nAfter examining consumer test code and discussion with davidben,\nthe stat here serves only to get out of this code without having\nan error on the error stack when the file does not exist, which is\nthen interpreted as the CA or CRL does not exist. Instead, we\nsimply attempt to open the files, and if it does not work for\nany reason, clear the error that was set.\n\nThis changes us to treat any failure in finding a CA or CRL using\nthe by directory lookup as if the file was just not present. This\nensures a consistent behaviour with the error returned from the\nverification code. We don\u0027t differentiate between the file not existing\nor other errors such as garbage in the file.\n\nFixed: 708\nChange-Id: I1eee01282cde803fb7c9b52003da3dfbd5ba9e33\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66967\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "356d37861f5772e2d87ef443f61f33c020e52b04", "tree": "be905e2a1ba2ce3afe840a651422a37fe9ee2fd2", "parents": [ "3ac09394a0c027ca077b8cfda4c0dbc8837ce87a" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Mar 12 15:41:16 2024 -0400" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 12 21:01:19 2024 +0000" }, "message": "Add a regression test for error handling and hash_dir\n\nSee bug.\n\nBug: 708\nChange-Id: Ic7a8ab069a9149b085480094f434e36cb13b4908\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66987\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "3ac09394a0c027ca077b8cfda4c0dbc8837ce87a", "tree": "ffc8be0afa1c8d54afcfd1a658bb334750007503", "parents": [ "3bdf9afb5d14d1b156c97a93e05a96d38338ce71" ], "author": { "name": "Bob Beck", "email": "bbe@google.com", "time": "Tue Mar 12 17:53:50 2024 +0000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 12 19:03:12 2024 +0000" }, "message": "Fix spelling of Identifier\n\nMake google3 common typos stop complaining in the future.\n\nChange-Id: Ib5156335afa691427dbe618c8b29797665cef35f\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66947\nAuto-Submit: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: Bob Beck \u003cbbe@google.com\u003e\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "3bdf9afb5d14d1b156c97a93e05a96d38338ce71", "tree": "b24e9f9b3cda095d04f2a2f33d6018e76c9fa236", "parents": [ "4fa4804c8ab4521079af62dba5260a99c34b8a29" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Mar 12 12:17:40 2024 -0400" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 12 16:50:55 2024 +0000" }, "message": "Revert \"Remove unnecessary stat calls from by_dir.c\"\n\nThis reverts commit d4faa8d63a06a5feff2e5b68695adf9bf8fd1f81. This turns\nout to have been load-bearing, but more investigation and tests are\nneeded. See bug.\n\nBug: 708\nChange-Id: I70eac81dbab01a7d47092719b85a004373851468\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66928\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "4fa4804c8ab4521079af62dba5260a99c34b8a29", "tree": "02c9201fe5c38541326be03c1c3e7dead435f932", "parents": [ "dbad745811195c00b729efd0ee0a09b7d9fce1d2" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Mar 12 09:48:29 2024 -0400" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 12 15:17:20 2024 +0000" }, "message": "Don\u0027t dereference hs-\u003ecredential on TLS 1.2 PSK ciphers\n\nTLS 1.2 PSK ciphers don\u0027t use the credentials system and won\u0027t have a\ncredential set. The OCSP and SCT extension callbacks didn\u0027t handle this\ncase correctly.\n\nSince we were already checking for ssl_cipher_uses_certificate_auth in\nthe OCSP one, which implies there\u0027s a credential, I opted to just fix\nthe order of the conditions, as well as align the SCT one with it.\n\nI thought we had test coverage for this, but runner automatically\nconfigures a certificate even when it doesn\u0027t need one, so we never\nactually exercised this path. Refine the automatic behavior a bit.\n\nChange-Id: Idf7f06688fc51a2f5d23fd83c23f6da7035e27a7\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66927\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: Bob Beck \u003cbbe@google.com\u003e\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Pete Bentley \u003cprb@google.com\u003e\n" }, { "commit": "dbad745811195c00b729efd0ee0a09b7d9fce1d2", "tree": "8e23997ad589cb02fa009b8e2757d1fd2d506489", "parents": [ "5ee4e9512e9a99f97c4a3fad397034028b3457c2" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Feb 20 15:06:57 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Mar 11 23:26:13 2024 +0000" }, "message": "Add ERR_lib_symbol_name and ERR_reason_symbol_name\n\nCPython needs this operation. See\nhttps://github.com/openssl/openssl/issues/19848 and\nhttps://discuss.python.org/t/error-tables-in-the-ssl-module/25431 for\ndetails.\n\nIn principle, our functions already return the symbol names. The\ndifferences are:\n\n- Our library strings say \"common libcrypto routines\" instead of\n \"CRYPTO\".\n- The global reason codes say \"internal error\" instead of\n \"INTERNAL_ERROR\". (We should consider changing this.)\n- The library forwarding reason codes (ERR_R_BN_LIB) say the library\n string instead of \"BN_LIB\". (We should consider changing this.)\n- errnos report strerror\n- Unknown errors return \"unknown error\" because we\u0027ve found that\n projects tend to crash when these APIs return NULL.\n\nThe new APIs consistently return the symbol name, when available. If\nunavailable (ERR_LIB_SYS\u0027s errno reasons), it returns NULL because I\nassume callers would rather be able to handle that case themselves.\nHopefully this will not be as common so callers can take on this one.\n\nChange-Id: Idd9e4b1cb5a4f64513310d8066d6bf3970722c23\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66807\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "5ee4e9512e9a99f97c4a3fad397034028b3457c2", "tree": "0be7e768538d0aea7482aad1a3b014ea1cc23e6e", "parents": [ "a792f8804773f9c6c8fa55a8d9a502d56bd79b2b" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Wed Mar 06 16:48:35 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Mar 11 21:55:10 2024 +0000" }, "message": "Add BIO_FP_TEXT\n\nThis CL allows us to reduce the patch set on CPython.\n\nBIO_new_fp is the FILE* analog of BIO_new_fd. However, it behaves very\nstrangely w.r.t. Windows file translation modes. Instead of simply\ninheriting the FILE* as the caller constructed it, it unconditionally\noverrides the file\u0027s translation mode!\n\nThis is surprising. Moreover, if you change the mode without flushing\nthe file, weird things happen, as Windows documentation discusses:\nhttps://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/setmode?view\u003dmsvc-170\n\nThis leaks all the way up to calling code, because callers need to pass\na matching BIO_FP_TEXT to the FILE* they made. To be source-compatible\nwith such callers, notably CPython, we need to at least provide\nBIO_FP_TEXT.\n\nI first tried to fully match OpenSSL\u0027s semantics, but OpenSSL\u0027s\nsemantics are quite dangerous. Code tested on POSIX, calling\nBIO_new_fp(some_file, BIO_NOCLOSE), without much thought, is subtly\nbroken on Windows. It will change the mode of any file passed into it to\nbinary!\n\nOur own code runs into this. BIO_new_file internally calls BIO_new_fp.\nIn OpenSSL, they need to re-parse the mode string and figure out the\nright flag. ASN1_STRING_print_ex_fp doesn\u0027t even know which is the right\none. In OpenSSL, they actually call fwrite manually. We wrap it in a BIO\nand then use the BIO version, because it makes no sense to not use the\nabstraction we already have lying around. But that is incompatible with\nOpenSSL\u0027s semantics.\n\nSo instead I\u0027ve opted to make BIO_FP_TEXT switch the mode, but no flag\njust leaves the mode alone. This is slightly OpenSSL-incompatible\nbecause this code will work in OpenSSL, but continue to not work in\nBoringSSL:\n\n // Oops, I actually wanted binary but forgot to use \"rb\"\n FILE *f \u003d fopen(\"blah\", \"r\");\n // But bio fixed it for me!\n BIO *bio \u003d BIO_new_fp(f, BIO_NOCLOSE);\n\nBut callers should have passed \"rb\" if they wanted binary. This is also\npreexisting and no one has noticed. I think it\u0027s far more likely that\napplications *aren\u0027t* expecting BIO_new_fp to secretly change the input\nFILE\u0027s mode. If we ever need to, we can adopt OpenSSL\u0027s semantics and\nthen add BIO_FP_LEAVE_MY_FILE_ALONE. But those are worse defaults.\n\nChange-Id: I2905673c523eb24312c15d3000cbe34a66602700\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66809\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "a792f8804773f9c6c8fa55a8d9a502d56bd79b2b", "tree": "b4778df848e1fadf463dfd92f488b166d49bd664", "parents": [ "ddb002fc522a7ab7939a892862febcccd62f23e4" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Mar 11 15:59:01 2024 -0400" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Mar 11 21:49:17 2024 +0000" }, "message": "Fix a number of cases overwriting certificates, keys, etc. with SSL_CREDENTIAL\n\nField-by-field setters make the worst APIs. This fixes the following:\n\n- Calling SSL_CTX_set_chain_and_key twice should override the old one\n (Regression from SSL_CREDENTIAL.)\n\n- Various APIs forgot to clear the old chain before appending new ones.\n (Regression from SSL_CREDENTIAL.)\n\n- Switching between a custom private key and a concrete one should not\n leave the old one lying around. (I think this was always broken.)\n\nAdd tests for all of these cases.\n\nChange-Id: Ief7b3aecf2ada3b123d79d4eddf464c65d5f7d0d\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66907\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "ddb002fc522a7ab7939a892862febcccd62f23e4", "tree": "2c09bc66722d51e02d3a01ea8ef2c304da321b01", "parents": [ "29bb1a7ebe55102c90611c021a142fdb6e97f8d5" ], "author": { "name": "Bob Beck", "email": "bbe@google.com", "time": "Sat Mar 09 17:10:54 2024 +0000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Mar 11 16:35:23 2024 +0000" }, "message": "Set -Wframe-larger-than\u003d25344 for a typical cmake clang compile.\n\nThis ensures that in the \"usual\" development process building and\nrunning the tests will enforce this stack limit, which is encountered\nin google3. This will prevent future development from adding code\nand tests which blow over this limit and break google3\n\nChange-Id: If722c7029cca63eb7d1e80de4b640b84839bb020\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66867\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nAuto-Submit: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "29bb1a7ebe55102c90611c021a142fdb6e97f8d5", "tree": "7ff355c03a0446ddfd9e628628c386963c16af69", "parents": [ "a56407d27da6ebf63ae9817dc19587a0ae98ef4a" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Fri Mar 08 18:54:57 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Sat Mar 09 00:33:49 2024 +0000" }, "message": "Make crypto_test build with -Wframe-larger-than\u003d25344\n\nOne consumer builds libcrypto with -Wframe-larger-than\u003d25344. They\ndon\u0027t seem to build crypto_test, but mimicking that limit will be easier\nif we can just apply it across the board.\n\nChange-Id: I619780809f7cf8ac915fe1a103965b5f2e6dcd50\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66828\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "a56407d27da6ebf63ae9817dc19587a0ae98ef4a", "tree": "178d980c12db5dd53a62661095b4246b8ed6b3c1", "parents": [ "cf4f615d706d54fca9323fb1595d88f7ee2d7517" ], "author": { "name": "Bob Beck", "email": "bbe@google.com", "time": "Fri Mar 08 23:40:19 2024 +0000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Sat Mar 09 00:11:19 2024 +0000" }, "message": "Revert \"Add a Dilithium implementation.\"\n\nThis reverts commit 9b34a3224062c456ff0d0b77fd9a34c5ad08dfea.\n\nSadly this blow\u0027s up google3 because of stack usage being higher\nthan google3\u0027s limits\n\nChange-Id: I8f1493a158e5fcab508593841ac3a37eb8404dcc\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66847\nAuto-Submit: Bob Beck \u003cbbe@google.com\u003e\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "cf4f615d706d54fca9323fb1595d88f7ee2d7517", "tree": "0cf516eb7c20aa3e5082658c3bbb2f5205865c5c", "parents": [ "5a3faaa2d50b2540c6973531841723f633f388cd" ], "author": { "name": "Ilya Tokar", "email": "tokarip@google.com", "time": "Fri Mar 08 15:53:55 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Mar 08 21:24:37 2024 +0000" }, "message": "Fix sha1 dynamic dispatch issues.\n\n1) We are calling sha1_block_data_order_avx when avx2 is enabled\nWe should be calling sha1_block_data_order_avx2\n2) Looks like clang doesn\u0027t define __BMI1__ and calls it simply\n__BMI__, see https://godbolt.org/z/s8anxn9rc\nThis is less of an issue since we will fallback to dynamic dispatch\nanyway.\n\nChange-Id: I9821405444c2e39167f1423c5f08bfcbca1efa51\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66827\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "5a3faaa2d50b2540c6973531841723f633f388cd", "tree": "bb8a49be2b0a916ced5fc5ddfa519fe19d91c5c1", "parents": [ "05c285d4351052025c79e711dd0e491fdd7b6d85" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Wed Mar 06 12:40:33 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Mar 07 23:14:38 2024 +0000" }, "message": "Remove an unused runner/shim flag in SSL tests\n\nChange-Id: Id0efd039ba71489f88b9b669a327b29075f3f7de\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66787\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "05c285d4351052025c79e711dd0e491fdd7b6d85", "tree": "704af22a02434ddad295022db180ebd11243f13e", "parents": [ "91a3f26a2e5a0b8dab61b72ba6ae044372af3891" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Mar 04 13:23:06 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Mar 07 22:38:58 2024 +0000" }, "message": "Only negotiate ECDHE curves and sigalgs once\n\nIn the process of picking credentials, we pick the signature algorithm\nand, in TLS 1.2, also the cipher suite. Save those decisions so we don\u0027t\nrepeat them. Right now we have to recompute it, even though it cannot\nfail, which means there were a handful of error paths that were actually\nimpossible.\n\nBug: 249\nChange-Id: If8d5cbf4dc07e722bf7c33b4b4ccf967c451a5f9\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66707\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "91a3f26a2e5a0b8dab61b72ba6ae044372af3891", "tree": "87118ebdf8527ae7e1eddc4dad78078373bc6d21", "parents": [ "1a118bbf76ab52698961a1c7ec717ab0080b037d" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sat Feb 10 11:08:08 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Mar 07 22:19:26 2024 +0000" }, "message": "Add an SSL_CREDENTIAL API for ECDSA/RSA and delegated credentials\n\nThis adds a notion of \"credentials\" to BoringSSL\u0027s API, to support\ncertificate selection by key type (typically ECDSA vs RSA), though the\naim is for it to be generalizable to other certificate types and other\nkinds of selection criteria, such as Trust Expressions, or Merkle Tree\nCertificates. Since we already had some nascent delegated credentials\nI\u0027ve reworked that feature with SSL_CREDENTIALs as well.\n\nThe model is that you create an SSL_CREDENTIAL object containing all the\nconfiguration for what you are authenticating as. An X.509\nSSL_CREDENTIAL has a certificate chain, private key, optionally an OCSP\nresponse and SCT list. Delegated credentials are similar. In the future,\nwe might use this for raw public keys, other certificate types, etc.\nOnce you set those up, you configure those on the SSL or SSL_CTX in\npreference order, and BoringSSL will internally pick the first one that\nis usable.\n\nThe current implementation ends up redundantly selecting the signature\nalgorithm a couple of times. This works but is a little goofy. A\nfollow-up change will remove this redundancy. The protocol between the\nrunner and shim for tests is also a little weird, but it was the easiest\nway I could think of for injecting that. Long-term, I think we should\njust replace that protocol with a JSON structure. (See\nhttps://crbug.com/boringssl/704.)\n\nAs split handshakes are in the process of being replaced with handshake\nhints, this won\u0027t work with split handshakes. It works with handshake\nhints without any extra work.\n\nUpdate-Note: The delegated credentials API has been revamped.\nPreviously, it worked by configuring an optional delegated credential\nand key with your normal certificate chain. This has the side effect of\nforcing your DC issuer and your fallback certificate to be the same. The\nSSL_CREDENTIAL API lifts this restriction.\n\nA delegated credential is now just a different kind of credential. It\nmay use the same certificate chain as an X.509 credential or be\ncompletely separate. All the SSL_CREDENTIAL APIs take CRYPTO_BUFFERs,\nso, if common, the buffers may be shared to reduce memory.\n\nThe SSL_delegated_credential_used API is also removed, in favor of the\nmore general SSL_get0_selected_credential API. Callers can use ex_data\nor pointer equality to identify the credential.\n\nBug: 249\nChange-Id: Ibc290df3b7b95f148df12625e41cf55c50566602\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66690\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "1a118bbf76ab52698961a1c7ec717ab0080b037d", "tree": "9a1fd24ef0ff4ba9da2e88bcda98e2f1260b71e9", "parents": [ "860db9e98f23c6e2692afb143a04987cc232e1f5" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Wed Mar 06 18:14:12 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Mar 07 00:51:57 2024 +0000" }, "message": "Rename CRYPTO_get_ex_new_index to CRYPTO_get_ex_new_index_ex\n\nChange-Id: I459e71c4ff12cdcd2783704409b64bbc0fe9b23d\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66808\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "860db9e98f23c6e2692afb143a04987cc232e1f5", "tree": "fbaa21e5217bbfba8e06fd978c40f3b236520e67", "parents": [ "9280f153df0e4c651d658fb1f137dfc18136144e" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sat Mar 02 22:53:13 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Wed Mar 06 23:21:38 2024 +0000" }, "message": "Remove unused group_id parameter in TLS 1.3 cipher suite selection\n\nThis is a remnant of when we tried to correlate AEAD selection with\npost-quantum curves. Also remove a redundant call to\ntls1_get_shared_group. We already saved the result in hs-\u003enew_session,\nso there\u0027s no need to compute it again.\n\nChange-Id: I2425ad40bf664f4d248e1dcf610f574a6cad68bc\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66689\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "9280f153df0e4c651d658fb1f137dfc18136144e", "tree": "8664c3c729a19907a766900439816bea2915779d", "parents": [ "e202e51cb0912f36dafbd2e67cf04d6ec82f3180" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Fri Mar 01 17:20:04 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Wed Mar 06 18:19:57 2024 +0000" }, "message": "Check ECDSA curves in TLS 1.2 servers\n\nIn TLS 1.2 and below, the supported_curves list simultaneously contrains\nECDH and ECDSA. Since BoringSSL, previously, did not handle ECDSA\ncertificate selection in the library, we ignored the latter and left it\nto the callers. If configured with an ECDSA certificate that didn\u0027t\nmatch the peer\u0027s curve list, we proceeded anyway, and left it to the\nclient to reject the connection.\n\nThis contradicts RFC 8422, which says:\n\n The server constructs an appropriate certificate chain and conveys it\n to the client in the Certificate message. If the client has used a\n Supported Elliptic Curves Extension, the public key in the server\u0027s\n certificate MUST respect the client\u0027s choice of elliptic curves. A\n server that cannot satisfy this requirement MUST NOT choose an ECC\n cipher suite in its ServerHello message.)\n\nAs with the previous client certificate change, once we move certificate\nselection into the library, we\u0027ll need to evaluate this ourselves. A\nnatural implementation of it will, as a side effect, cause us to enforce\nthis match, even when only a single certificate is configured. This CL\nlands that behavior change ahead of time and, in case there are\ncompatibility impats, leaves a flag, SSL_set_check_ecdsa_curve, to\nrestore the old behavior. If the change goes through fine, we can retire\nthe flag after a few months.\n\nIf this does cause a problem, we can opt to turn it off for the default\ncertificate, or only enable it when multiple certificates are\nconfigured, but these all result in some slightly suboptimal behavior,\nso I think we should treat them as contingency plans.\n\nTo help debugging, I gave this a dedicated error, though doing so is a\nlittle tricky because of the PSK fallback. (See the\nCheckECDSACurve-PSK-TLS12 test.)\n\nUpdate-Note: A TLS 1.2 (or below) server, using an ECDSA certificate,\nconnecting to a client which doesn\u0027t advertise its ECDSA curve will now\nfail the connection slightly earlier, rather than sending the\ncertificate and waiting for the client to reject it. The connection\nshould fail either way, but now it will fail earlier with\nSSL_R_WRONG_CURVE. If the client was buggy and did not correctly\nadvertise its own capabilities, this may cause a connection to fail\ndespite previously succeeding. We have included a temporary API,\nSSL_set_check_ecdsa_curve, to disable this behavior in the event this\nhas any impact, but please contact the BoringSSL team if you need it,\nas it will interfere with improvements down the line.\n\nTLS 1.3 is not impacted by this change, neither are clients, or RSA\ncertificiates. Additionally, if your server was already looking at the\ncurve list before configuring an ECDSA certificate in TLS 1.2, this\nwill also have no impact.\n\nBug: 249\nChange-Id: I2f1d4e2627641319556847cbbbcdddf347bbc8a9\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66688\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "e202e51cb0912f36dafbd2e67cf04d6ec82f3180", "tree": "0cd395ea012469fb4e4a6794291449bde4bd7f09", "parents": [ "60c2867092af66bbe369f00d8214b6d06fcb376a" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sat Mar 02 09:29:22 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Wed Mar 06 17:47:59 2024 +0000" }, "message": "Inline CBS_init, CBS_data, and CBS_len\n\nThese are very basic accessors and we\u0027ll never make CBS opaque. Just\ninline them so the compiler can optimize around them.\n\nChange-Id: I65442acb9a89a611082c7e0c82b365c78adae7f4\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66727\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "60c2867092af66bbe369f00d8214b6d06fcb376a", "tree": "4afd1d29e947c804ba1b56b96c531e2cb41cdb6a", "parents": [ "69eec38a25a709553db67e5cba43b43c23e26848" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Fri Mar 01 12:37:47 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Wed Mar 06 17:36:42 2024 +0000" }, "message": "Check client certificate types in TLS \u003c\u003d 1.2\n\nTLS \u003c\u003d 1.2 servers indicate supported client certificate key types with\na certificate_types field in the CertificateRequest. Historically, we\u0027ve\njust ignored this field, because we\u0027ve always outsourced certificate\nselection to the caller anyway. This meant that, if you configured an\nRSA client certificate in response to a server that requested only ECDSA\ncertificates, we would happily send the certificate and leave it to the\nserver to decide if it was happy.\n\nStrictly speaking, this was in violation of RFC 5246:\n\n - The end-entity certificate provided by the client MUST contain a\n key that is compatible with certificate_types. [...]\n\nAlthough prior TLS versions didn\u0027t say anything useful about this either\nway.\n\nOnce we move certificate selection into the library, we\u0027ll want to start\nevaluating supported algorithms ourselves. A natural implementation of\nit will, as a side effect, cause us to enforce this match, even when\nonly a single certificate is configured. Since this is unlikely to have\nany real compatibility impact (every TLS server I\u0027ve seen just hardcodes\nthis list), let\u0027s just try turning it on. On the off chance it does\nbreak someone, I\u0027ve left a flag, SSL_set_check_client_certificate_type,\nfor folks to turn this check off. The flag will most likely be\nunnecessary, in which case we can retire it after a few months.\n\nIf this does cause a problem, we can opt to turn it off for the default\ncertificate, or only enable it when multiple certificates are\nconfigured, or lean on the sigalgs list (doesn\u0027t work for 1.0/1.1), but\nthese all result in some slightly suboptimal behavior, so I think we\nshould treat them as contingency plans.\n\nUpdate-Note: A TLS 1.2 (or below) client, using client certificates,\nconnecting to a TLS server which doesn\u0027t support its certificate type\nwill now fail the connection slightly earlier, rather than sending the\ncertificate and waiting for the server to reject it. The connection\nshould fail either way, but now it will fail earlier with\nSSL_R_UNKNOWN_CERTIFICATE_TYPE. If the server was buggy and did not\ncorrectly advertise its own capabilities (very very unlikely), this may\ncause a connection to fail despite previously succeeding. We have\nincluded a temporary API, SSL_set_check_client_certificate_type, to\ndisable this behavior in the unlikely event this has any impact, but\nplease contact the BoringSSL team if you need it, as it will interfere\nwith improvements down the line.\n\nThis change does not affect servers requesting client certificates, only\nclients sending them.\n\nBug: 249\nChange-Id: I159bc444c4ee79fbe5c476d4253b48d58d2538be\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66687\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "69eec38a25a709553db67e5cba43b43c23e26848", "tree": "be15415446f2c0bd6cc7e01156915bef82ceec38", "parents": [ "9b34a3224062c456ff0d0b77fd9a34c5ad08dfea" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Thu Feb 29 19:49:37 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Wed Mar 06 16:42:06 2024 +0000" }, "message": "runner: Add a test for hint mismatch due to public key\n\nThe implementation itself does check for a match, but we never tested\nit. I suspect I omitted it because, in TLS 1.3, that check is actually\nredundant. However, in TLS 1.2, it\u0027s load-bearing.\n\nChange-Id: I51ed0b2b554ff2090b360db2c60e22ca0afe0c89\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66669\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "9b34a3224062c456ff0d0b77fd9a34c5ad08dfea", "tree": "012e648a35a385c4c7942577c83e24b9e4a619e8", "parents": [ "4e8a84758d65656f3db91a609f6eaa0219999bbb" ], "author": { "name": "Guillaume Endignoux", "email": "guillaumee@google.com", "time": "Thu Oct 26 16:44:48 2023 +0200" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Wed Mar 06 13:31:29 2024 +0000" }, "message": "Add a Dilithium implementation.\n\nThis is a reference implementation, not intended to be optimized, but\nreasonably efficient to be usable and (best-effort) constant time.\n\nChange-Id: I47489b566f65e946edd519aa168aee359d1e9f1a\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/63685\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: Adam Langley \u003cagl@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n" }, { "commit": "4e8a84758d65656f3db91a609f6eaa0219999bbb", "tree": "c23a8dfde27d548a821448c1b45d83a4e349e57f", "parents": [ "2fb5cdb6c44506442fce110c2d3903a880888dfb" ], "author": { "name": "Adam Langley", "email": "agl@chromium.org", "time": "Thu Feb 22 11:49:41 2024 -0800" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Wed Mar 06 00:46:22 2024 +0000" }, "message": "Tidy up Rust HPKE binding.\n\nThe doc test didn\u0027t compile and needs support for generating keys in\norder to be a good example. Also bind all the AEADs that we support, and\nhave the encapsulated key be a second return value when creating a\nsender, rather than carrying it in memory for the whole lifetime.\n\nChange-Id: I1533560a925d4e239eedbfa0f4213d9e79085b77\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66527\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: Adam Langley \u003cagl@google.com\u003e\n" }, { "commit": "2fb5cdb6c44506442fce110c2d3903a880888dfb", "tree": "3f3f5470a42e031dddf875c4c214b9de911ea9c5", "parents": [ "665194823b7e3973d988bc5d2ca1c2c635c1a4e8" ], "author": { "name": "Bob Beck", "email": "bbe@google.com", "time": "Wed Feb 21 22:17:12 2024 +0000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Wed Mar 06 00:02:56 2024 +0000" }, "message": "Move spx from internal to include/openssl/experimental\n\nChange-Id: I5c8db3bbca774c7f503538b43f79077421574b0f\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66487\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\nCommit-Queue: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "665194823b7e3973d988bc5d2ca1c2c635c1a4e8", "tree": "3676d687ca8e6d0b65623410f1a79f18f72f53f5", "parents": [ "f1918380c4e21c84d203234ecefc645061befc9f" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Wed Feb 28 17:51:12 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 05 23:37:40 2024 +0000" }, "message": "runner: Configure all relevant fields from the Credential type\n\nThis is in preparation for configuring multiple Credential objects on\nthe shim in tests. As part of this, I\u0027ve removed the OCSP response and\nSCT list from the default credentials and made the tests that need them\nexplicitly configure credentials with them.\n\nBug: 249\nChange-Id: I4623a55e184af18fbd9ac16261eaa6c4e41c69c1\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66668\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "f1918380c4e21c84d203234ecefc645061befc9f", "tree": "2d152d7b96d022662e6999f33bc2f401611ab134", "parents": [ "fc1f5213b61edc1da123c36e14ed3f7a70f8bb1b" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Wed Feb 28 15:00:27 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 05 21:47:31 2024 +0000" }, "message": "runner: Rename CertificateChain to Credential\n\nAfter https://boringssl-review.googlesource.com/c/boringssl/+/62565 just\nrenamed it. :-)\n\nThis is in preparation for the type being used to test the\nSSL_CREDENTIAL machinery. Since we\u0027ll be using this to specify a\ncredential on the shim, let\u0027s just make the name match.\n\nBug: 249\nChange-Id: I03e95d120266ccef2111f9bff4c97cef30deb7d3\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66667\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "fc1f5213b61edc1da123c36e14ed3f7a70f8bb1b", "tree": "5d8f342d1bce612c6502ad2b802f69f32e105cf8", "parents": [ "f4ac688b2bc19a5675dfd9cc17e796a9b8b692af" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Feb 27 15:44:04 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 05 21:19:38 2024 +0000" }, "message": "Align CRYPTO_get_ex_new_index with the public API\u0027s calling convention\n\nAlthough we usually prefer not to use special -1 returns for errors, the\npublic API does this across the board. Making the internal function\ndifferent doesn\u0027t do much good.\n\nChange-Id: I6bfe8c9d989da81affeb5cb652de8d3edcbf5efa\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66649\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "f4ac688b2bc19a5675dfd9cc17e796a9b8b692af", "tree": "08c5b5be9736f538114bfeb0c6e356c275958eac", "parents": [ "ad914954425b6f095bc974784c088ec00b0be8f2" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Feb 27 14:59:21 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 05 19:30:31 2024 +0000" }, "message": "Make bssl_shim\u0027s setup logic infallible\n\nTrying to handle malloc failures here is a bit tedious. Just suppress\nmalloc failures because nothing useful can progress when we can\u0027t even\nallocate ex_data.\n\nChange-Id: Ieaf417bcf9285783a76097319782282ce74e4734\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66648\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "ad914954425b6f095bc974784c088ec00b0be8f2", "tree": "e90bf1347227633409217ad2cd8403869aa0e8c4", "parents": [ "c9a9d8d5a90b55bea3ce019465821478e7036077" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Feb 26 15:04:54 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 05 19:03:26 2024 +0000" }, "message": "Slightly simplify ssl_x509.cc\n\nWe\u0027ve got a few too many of these set1/set0 wrappers.\n\nChange-Id: I4bde492b1a2a90a151b26800076d085f7122f623\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66607\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "c9a9d8d5a90b55bea3ce019465821478e7036077", "tree": "6c419c256dd887d33e9e92a385e084326f632ccd", "parents": [ "efad2bfc83544bb926921de61baf6f962e685671" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Fri Feb 23 17:56:50 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 05 18:41:24 2024 +0000" }, "message": "Forbid RSA delegated credentials\n\nRFC 9345 has this bizarre special case forbiding the rsaEncryption OID\nfor delegated credentials. This doesn\u0027t make much sense as DCs already\nconstrain to a single signature algorithm. In fact, they didn\u0027t need to\nuse SPKIs at all and could have just encoded the type-specific values.\n\nNonetheless, this is where the spec went up. We have long rejected the\nRSASSA-PSS OID as being unusably complex, so this effectively means we\nwill never permit RSA delegated credentials.\n\nThis was another oversight in\nhttps://boringssl-review.googlesource.com/c/34884. Fix it separately\nbefore everything is reworked to SSL_CREDENTIAL.\n\nBug: 249\nChange-Id: I7eae1e8da9da8052b8d985e78388ef8f2b235942\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66567\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "efad2bfc83544bb926921de61baf6f962e685671", "tree": "27d6f28485ec0c04bb9eda798e2ebbc7464882dc", "parents": [ "9f376b0694dfb8528fa2200369b48632563e972f" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Fri Feb 23 14:37:10 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 05 18:03:24 2024 +0000" }, "message": "Fix delegated credential signature algorithm handling\n\nhttps://boringssl-review.googlesource.com/c/34884 tried to update to the\nnewer DC draft, but didn\u0027t quite do so. In that update, DCs\novercomplicated the signature algorithm negotiation so that there are\ntwo different signature algorithm lists, used in different contexts.\n\nThe existing signature_algorithms extension is used to verify the\nsignature *on* the DC, made by the end-entity certificate. On the server\nside, we should be using that to decide whether to use the DC, and we\nweren\u0027t.\n\nThe new delegated_credentials extension contains another sigalg list.\nThat is used to verify the signature *by* the DC, in the\nCertificateVerify message. (This means DC changes the operative sigalg\nlist for the CertificateVerify message, which is quite a mess.) On the\nserver side, the above CL mixed things up. When deciding whether to use\nDCs, it checked the correct list. When actually using DCs, it checked\nthe wrong one. As a result, any time the DC list wasn\u0027t a subset of the\nmain list, the connection would just break!\n\nFix both of these, in preparation for redoing DCs over the upcoming\nSSL_CREDENTIAL mechanism.\n\nThankfully we don\u0027t support one direction of DC usage (authenticating in\nC++ and verifying in Go), so there are fewer places to worry about\nmixing this up. Given this overcomplication, I\u0027m now much, much less\ninclined to ever support DCs as a client, without an rfc9345bis to redo\nthis.\n\nBug: 249\nChange-Id: Id5257e89a6c8daf1635757be473c45029492d420\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66550\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "9f376b0694dfb8528fa2200369b48632563e972f", "tree": "be0acbdfc1bb389240c7c6f6a3435308deb36c46", "parents": [ "8037383527cd5105f38ef328db5171815b9c3ea4" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Fri Feb 23 15:02:23 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 05 17:44:54 2024 +0000" }, "message": "Make DelegatedCredentials-KeyMismatch test less confusing\n\nThis is passing in a different TLS version, but the TLS version is both\nnonsense and doesn\u0027t figure into the delegated credential anyway. All\nthis test is doing is generating a different keypair and mixing them up.\nProbably we should move it to ssl_test, as it\u0027s not really testing\nanything about the protocol, but I\u0027ve just left it alone and fixed the\ntest.\n\nAlso fix another issue in the test: the getSigner / signMessage chord\nshould just be a plain signMessage call. There were a few other issues\nof that shape, but they\u0027ll be fixed in a follow-up change because they\nreveal a deeper problem with\nhttps://boringssl-review.googlesource.com/c/34884\n\nChange-Id: I090b41a081f694b4ff8d97f3895645d6a620904d\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66549\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "8037383527cd5105f38ef328db5171815b9c3ea4", "tree": "9080c6924fa5f3ff08c7a4e345a2b9c4b4655b93", "parents": [ "88a537fe4e99d45804a832fbab27a938f995336d" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Fri Feb 23 14:43:33 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 05 17:08:54 2024 +0000" }, "message": "Use slices.Contains in ssl/test/runner\n\nMinor cleanup afforded by Go 1.21\n\nChange-Id: I49a0f257f2585e54159014f1f442497a816e6589\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66548\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "88a537fe4e99d45804a832fbab27a938f995336d", "tree": "5cb6ed75460373470a879a6b92a1f556a55a02a7", "parents": [ "e3af7710ed006e228382c8041782cba81ff4040a" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Fri Feb 23 11:25:22 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Mar 05 00:09:17 2024 +0000" }, "message": "Fold ssl_add_cert_chain into its caller\n\nI\u0027m not sure why we pulled that out separately. Also remove the\nERR_R_INTERNAL_ERRORs. Those are a remnant of when CBB did not\nparticipate in the error queue and we wanted to leave something there.\n\nChange-Id: Ic7db602ddce6e6fa873c892f742126d9a628494c\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66547\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "e3af7710ed006e228382c8041782cba81ff4040a", "tree": "20763847a9c020499bab2636dbd3ddda2f63477c", "parents": [ "1e8461cc151960ad941ee7dd0e0bb13337e3c556" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Wed Feb 28 13:24:17 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Mar 04 23:44:29 2024 +0000" }, "message": "runner: Remove the ability to configure multiple certificates\n\nWhile we do want to add this to the shim and real TLS stack, we have no\nneed to configure this on the runner. This is a remnant of runner being\na production TLS stack. We only ever configure one certificate because\nwe know what we expect the peer to send.\n\nChange-Id: Idaafc66a2a7f83a929a6a61c19b97cdef158c534\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66647\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "1e8461cc151960ad941ee7dd0e0bb13337e3c556", "tree": "95a7ff65e03a8dcb7d6aa7ed0b47b6c820a51f23", "parents": [ "df3b58ea74c50ff785ab902be3b007ff008d3e3c" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Wed Feb 28 13:15:53 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Mar 04 22:36:49 2024 +0000" }, "message": "runner: Use go:embed\n\nThis removes the need to ship the PEM files with the built runner.\nInstead we can use go:embed to pick up the key files. We do, annoyingly,\nneed to write the Channel ID file to a temporary, but it\u0027s not a huge\ndeal. When/if we rework all this to JSON, we can avoid this.\n\nChange-Id: Ie0d187a5396546dc157906430639c26b3cc59ca2\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66627\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "df3b58ea74c50ff785ab902be3b007ff008d3e3c", "tree": "e87b42c56fbc1fcd290454b333d4f6230fd8d483", "parents": [ "a9a3ca49444bb1efac115e64d3ab469c54bec984" ], "author": { "name": "Roland Shoemaker", "email": "bracewell@google.com", "time": "Mon Aug 21 09:45:18 2023 -0700" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Wed Feb 28 18:04:35 2024 +0000" }, "message": "Generate certs on the fly in runner, pass trusted cert to shim\n\nRather than using the pre-generated certificates, generate them on the\nfly. This allows TLS stacks for which certificate validation and\nverification are coupled to work as expected. Certificates and keys are\nwritten to temporary files which are then passed to the shim, and\ncleaned up on exit. This requires reworking how testCase passes\ncerts/keys by adding a new field, sendCertificate, rather than manually\nsetting the -cert-file and -key-file flags. Incidentally the\nrsaChainCertificate is removed, since it was essentially unused, and all\ntests that used it also work with rsaCertificate. Finally, include a\nsingle SAN (\"test\") in all certificates, which fixes some TLS stacks\nwhich require this to operate (such as rustls, which currently\nregenerates all the certificates currently in the tree to add a SAN).\n\nAdditionally, add a new flag, -trust-cert, which tells the the shim\nwhich certificates it should trust. Shims for TLS stacks which\ncan completely decouple validation and verification of X509 certificates\n(like BoringSSL) can ignore this flag, but for stacks where this\nfunctionality is somewhat more intertwined (like Go), this allows the\nshim to properly process the sent certificates.\n\nChange-Id: Ic5c63e18fb2b852cc693aacb3b06cfe7993bc90c\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/62565\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "a9a3ca49444bb1efac115e64d3ab469c54bec984", "tree": "902d1c3647db67caed09b7fb4754cf4c4bdf2c8c", "parents": [ "5bed5b9aaab4edc8c0ee62493b6e760f9f7a3457" ], "author": { "name": "Chidera Olibie", "email": "colibie@google.com", "time": "Mon Feb 26 14:13:31 2024 +0000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Tue Feb 27 22:05:18 2024 +0000" }, "message": "Make pki_sources available to Soong\n\nThis allows building libpki in aosp with some changes\nto the downstream bp file\n\nBug: b/322154153\nChange-Id: I68773079ec44929b71c1990d13bd3198a4c57ea7\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66587\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "5bed5b9aaab4edc8c0ee62493b6e760f9f7a3457", "tree": "d3a51ece82344b1b81ccabebeacfa6927aa552a7", "parents": [ "5733adaeccbf1025d1afa9f87840f5287cdd48a9" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sat Feb 17 23:12:34 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Feb 26 22:20:51 2024 +0000" }, "message": "Finish documenting x509.h\n\nIt took 3.5 years, but this header is now DONE! I opted to add a section\nfor each extension just because there were so many functions. It\u0027s a\nlittle weird because, for example, we don\u0027t have a section for key usage\nbecause it\u0027s just BIT STRING. But I think this is better than having a\ngreat big \"types for built-in extensions\" section.\n\nFixed: 426\nChange-Id: Ifc7684cc6ff6a211ea1f5065eff67663adf004b3\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66392\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "5733adaeccbf1025d1afa9f87840f5287cdd48a9", "tree": "37c55ed4100f217fa2d13e076015d5dca984b6cd", "parents": [ "89134daffd70531be70cdfdd14e9d0e00903fd3c" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Wed Feb 14 22:44:53 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Feb 26 22:15:26 2024 +0000" }, "message": "Add safety coments to bssl-sys\n\nAs with all FFI libraries, the Rust conventions around safety don\u0027t\nreally work well. There\u0027s a ton of noise from bindgen needing to\nconservatively mark everything unsafe, obscuring true safety sharp edges\nlike Rust\u0027s FFI-incompatible empty slice representation.\n\nChange-Id: I2199e61b4900a01e3610772063765c5bb0cb493c\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66287\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "89134daffd70531be70cdfdd14e9d0e00903fd3c", "tree": "22777085a3dbfcc3ff101614ba39608dfdd2255e", "parents": [ "db614a5677d90e48cfb2c0f8197f1b5168fceea5" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sun Feb 18 00:17:50 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Feb 26 22:08:59 2024 +0000" }, "message": "Test X509_verify_cert with CAs that share a name\n\nIn that case, we rely on AKID/SKID matches to disambiguate. However,\nOpenSSL\u0027s internal interfaces are not very good at handling this case\nand often work around their own bugs. As a precursor to, hopefully,\ncleaning that up someday, test this, with both direct adding and\nhash_dir.\n\nI\u0027ve just tested the basic case here. Looking at the code, I think\nthere are bugs where, e.g., if CA1 was added directly and CA2 is only\naccessible via hash_dir, X509_STORE_CTX_get1_issuer does not know to\ncheck hash_dir for CA2, because internal interfaces get in the way.\n\nBug: 685\nChange-Id: I32737661c84d6a006cf9d5ae1ec42b3f27437bf0\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66010\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "db614a5677d90e48cfb2c0f8197f1b5168fceea5", "tree": "167bf06d65dd345ed15ea9b091f7bba9df667256", "parents": [ "4066ebc79f07c8b639fa1ca3f26aa2509727831d" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sat Feb 17 23:27:25 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Feb 26 21:11:48 2024 +0000" }, "message": "Document the remaining struct types in x509.h\n\nThis is mostly all repetitive text, but a couple structures with unions\ndeserve special warning. The \"ADB\" (ANY DEFINED BY) stuff is pretty\nscary.\n\nBug: 426\nChange-Id: I85d27dd4e4676cf51c30529c53b6f2867c205caf\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66391\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "4066ebc79f07c8b639fa1ca3f26aa2509727831d", "tree": "9327062a304cc372910ca659ce9e98dc04e02281", "parents": [ "7f151ca07d67d1eb51289169ffc51fe3b38f878d" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sat Feb 17 21:58:51 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Feb 26 20:17:07 2024 +0000" }, "message": "Expand and document the remaining DECLARE_ASN1_* macros\n\nThey\u0027re still in the \"underdocumented\" section for ease of review. I\nwanted to separate out expanding the macros from moving things around.\n\nBug: 426\nChange-Id: Ib5fcedf180b478d5552113025d9353d29bb1961f\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66390\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "7f151ca07d67d1eb51289169ffc51fe3b38f878d", "tree": "206827efe503c074d481ba7c688c93a216bfe7ac", "parents": [ "ae1c1a482588ab9b6c5f97b8663cdc50ac2444dd" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sat Feb 17 21:50:58 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Feb 26 17:02:45 2024 +0000" }, "message": "Unexport i2d, d2i, and ASN1_ITEM for X.509 interior types\n\nMany of the extension types are not the extensions themselves, but the\ninterious types used in various subfields. In preparation for when we\nrewrite these parsers with \u003copenssl/bytestring.h\u003e, having fewer of these\nmeans fewer compatibility functions to bridge the calling conventions.\n\nWe do still need new/free functions, so that callers can construct\nextensions themselves. While I\u0027m here, go ahead and expand the macros\nand document.\n\n(Top-level extension types need ASN1_ITEMs for X509V3_METHOD, and\nd2i/i2d functions for callers that wish to parse and serialize. But\nthere\u0027s no real need to do this for the individual fields.)\n\nUpdate-Note: Some interior ASN.1 types no longer have d2i and i2d\nfunctions or ASN1_ITEMs. I checked code search and no one was using any\nof these. We can restore them as needed.\n\nBug: 547\nChange-Id: I0b2840bf4aea2212a757ce39b4918c8742043725\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66389\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "ae1c1a482588ab9b6c5f97b8663cdc50ac2444dd", "tree": "d0d4cae94b974b24a5fbedce9f5e40cc8407e3da", "parents": [ "9d7535f51f84a079c05b27134fcf6111649c56c9" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sat Dec 30 13:01:38 2023 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Feb 26 16:25:26 2024 +0000" }, "message": "Document filesystem-based X509_STORE APIs\n\nThis includes the somewhat odd \"defaults\" API, which I\u0027ve currently left\nkind of handwavy. We should eventually decide what to do with this, be\nit remove it, decide /etc/ssl is a fine default, or do something else\nentirely. But I\u0027ll leave that to future us.\n\n(If nothing else, we really should make it return an error on Windows\nand macOS. It\u0027s really just Linux where /etc/ssl is a plausible platform\nAPI.)\n\nBug: 426\nChange-Id: Iacd2bb903f452ffe236a7a0b97e3072b5dcd8516\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66388\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "9d7535f51f84a079c05b27134fcf6111649c56c9", "tree": "d06caf15de33b94150dffe3401084b9a14a4ad2e", "parents": [ "a6e2be46c6fa2e65ecd5ebeb4ff6fad3ad333dc2" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Dec 26 15:33:13 2023 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Feb 23 20:24:55 2024 +0000" }, "message": "Document APIs relating to built-in and custom extensions\n\nWhile I\u0027m here, unexport STACK_OF(X509V3_EXT_METHOD). We use it\ninternally, but it never appears in any public APIs, and there\u0027s no real\nreason for any caller to use it.\n\nBug: 426\nChange-Id: I6057834847a37f435d1b687701a3e65b5afb2890\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66387\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: Bob Beck \u003cbbe@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "a6e2be46c6fa2e65ecd5ebeb4ff6fad3ad333dc2", "tree": "f21b128829fc508f2c373cb5e5815dc84885cc83", "parents": [ "ec2a08dda8e7b156253abcf21f2c7ea80de39f82" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Wed Feb 21 22:59:16 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Feb 23 18:27:06 2024 +0000" }, "message": "Add tests for what happens when no certificate is configured\n\nWe have ssl_has_certificate and ssl_has_private_key calls scattered\nthroughout libssl, but they\u0027re never actually tested. The checks are\nalso a little subtle because of cert-\u003echain\u0027s weird representation of\nthe leaf being missing but a chain configured.\n\nIn hindsight, possibly we should have made them separate fields, but\nit\u0027s too late now. We\u0027d have to get rid of SSL_CTX_get0_chain and\nSSL_get0_chain. Normally we don\u0027t bother with these functions, under the\n\"you should know what you configured\" theory, but one caller needed it\nrecently in\nhttps://boringssl-review.googlesource.com/c/boringssl/+/66087\n\nThe tests also confirm that most of the ssl_has_private_key calls,\nother than the one in ssl_has_certificate, are redundant. The\nssl_has_certificate calls are also in an odd place.\n\nThis will all get shuffled around with SSL_CREDENTIAL, so set up tests\nfirst.\n\nBug: 249\nChange-Id: If1bb7097a15649e593886c3c22e2cc829a853830\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66508\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "ec2a08dda8e7b156253abcf21f2c7ea80de39f82", "tree": "44b1ae747b5632d80c3860f88abc85f0267c2348", "parents": [ "85c5d9668fe3aef03dc3b5099adc549039a79ff9" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Wed Feb 21 23:21:16 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Feb 23 18:08:53 2024 +0000" }, "message": "Introduce a test helper for asserting on the error\n\nThis produces slightly nicer output, is less code, and helps us remember\nto check both the library and reason code.\n\nChange-Id: Ic49508accb0bc8a25cbb5b94cc7e4aeb1bd8cbd0\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66507\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "85c5d9668fe3aef03dc3b5099adc549039a79ff9", "tree": "c356673527a9fb57af9ec37b2529b381e844fcca", "parents": [ "5d880140674cd36d84331de7df95c2dc00dc7686" ], "author": { "name": "Bob Beck", "email": "bbe@google.com", "time": "Wed Feb 21 22:07:58 2024 +0000" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Feb 23 17:00:23 2024 +0000" }, "message": "Make an include/openssl/experimental. Move kyber to it for now.\n\nUpdate-Note: \u003copenssl/kyber.h\u003e has moved to\n\u003copenssl/experimental/kyber.h\u003e\n\nChange-Id: I51d37aeb2b6cfbbaae494cc38f1b0a82669d2692\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66467\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\nAuto-Submit: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "5d880140674cd36d84331de7df95c2dc00dc7686", "tree": "2ae3f65583cd7b379216559f3fe54368beff82cd", "parents": [ "bca5875eb3c25348ec07758cde66ebec27031ce4" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Feb 20 17:34:14 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Feb 23 16:35:04 2024 +0000" }, "message": "Deprecate and simplify SSL_CTX_check_private_key\n\nIt is not actually possible to configure an inconsistent certificate and\nprivate key pair (short of mutating the objects after you\u0027ve configured\nthem). The functions that configure certificates and private keys will\nrefuse to get CERT into an inconsistent state.\n\nSSL_CTX_check_private_key is really just checking that you have a\ncertificate and private key at all. Some callers (notably pyOpenSSL\u0027s\ntests) are written as if SSL_CTX_check_private_key does something more,\nbut that\u0027s only because they also configure certificate and private key\nin the wrong order. If you configure the key first, configuring the\ncertificate silently drops the mismatched private key because OpenSSL\nthinks you\u0027re overwriting an identity. SSL_CTX_check_private_key is\nreally just detecting this case.\n\nAdd tests for all this behavior, document that certificates should be\nconfigured first, and then deprecate SSL_CTX_check_private_key because,\nin the correct order, this function is superfluous.\n\nThis will get shuffled around with SSL_CREDENTIAL, so add some tests\nfirst.\n\nBug: 249\nChange-Id: I3fcc0f51add1826d581583b43ff003c0dea979dd\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66447\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "bca5875eb3c25348ec07758cde66ebec27031ce4", "tree": "b89251a411a364a407905fd148979e3b35f816b7", "parents": [ "d4faa8d63a06a5feff2e5b68695adf9bf8fd1f81" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sun Feb 04 10:24:18 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Feb 23 16:20:22 2024 +0000" }, "message": "Use a more fine-grained lock in by_dir.c\n\nDifferent BY_DIR_ENTRYs don\u0027t need to share a lock. Also switch some\ncode to use OPENSSL_strndup.\n\nChange-Id: I3809e001afb9577bb96aab214e80e173900356fe\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66012\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "d4faa8d63a06a5feff2e5b68695adf9bf8fd1f81", "tree": "777ac23308816deb852912c772e0841bfdf9a853", "parents": [ "6db6604cb507f4dda3c60ccc803f19338a3e7204" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sun Feb 04 09:26:55 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Feb 23 11:34:37 2024 +0000" }, "message": "Remove unnecessary stat calls from by_dir.c\n\nIf the file doesn\u0027t exist, we\u0027ll fail when we go to read it anyway. The\nstat call just adds a needless ifdef here.\n\nChange-Id: I00a52f988bc1d45622e559b496ef2293b3719863\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66011\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "6db6604cb507f4dda3c60ccc803f19338a3e7204", "tree": "bbe24e276b156953257102d73b8d41c60874b7b4", "parents": [ "cadebfd6398e017addaae4878662aadb42f60bda" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Feb 20 13:57:21 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Feb 23 11:12:46 2024 +0000" }, "message": "Use std::copy instead of OPENSSL_memcpy for the internal bssl::Array::CopyFrom\n\nThis (internal) abstraction was originally made for trivial types, but\nif we ever got a complex type, we should use C++ copies, not C copies,\nto preserve all the rules of that type.\n\nA good STL will specialize std::copy to memmove/memcpy when possible, so\nthis should not appreciably change the generated code.\n\nChange-Id: I76af334ef667e545dbbbe87315ce5b30a327358c\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66427\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "cadebfd6398e017addaae4878662aadb42f60bda", "tree": "1f8a324a8c22fcbe8d0abdd3920781774a43299c", "parents": [ "ab4037e3d14b2b1e02c93f76d80a8dd0ce3193fc" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sun Feb 04 23:27:14 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Feb 23 11:08:04 2024 +0000" }, "message": "Consistently open files in binary mode on Windows\n\nBIO_*_filename, in upstream OpenSSL, opens in binary mode on Windows,\nnot text mode. We seem to have lost those ifdefs in the fork. But since\nC mandates the \u0027b\u0027 suffix (POSIX just ignores it), apply it consistently\nto all OSes for simplicity.\n\nThis fixes X509_FILETYPE_ASN1 in X509_STORE\u0027s file-based machinery on\nWindows.\n\nAlso fix the various BIO_new_file calls to all specify binary mode.\nLooking through them, I don\u0027t think any of them care (they\u0027re all\nparsing PEM), but let\u0027s just apply it across the board so we don\u0027t have\nto think about this.\n\nUpdate-Note: BIO_read_filename, etc., now open in binary mode on\nWindows. This matches OpenSSL behavior.\n\nChange-Id: I7e555085d5c66ad2f205b476d0317570075bbadb\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66009\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "ab4037e3d14b2b1e02c93f76d80a8dd0ce3193fc", "tree": "65611b5aa6da155d425fba15c51265c65ec69b71", "parents": [ "0ff377a30c10e7ea34eb5efc5b5a8ebb90d8ba9a" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sat Feb 03 23:22:06 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Feb 22 22:41:50 2024 +0000" }, "message": "Add some tests for X509_LOOKUP_hash_dir\n\nWriting these tests revealed that actually this has been broken on\nWindows this whole time!\n\nFirst, the APIs to configure a directory actually configure a\ncolon-separated list of directories. But file paths contain colons on\nWindows, so the actual separator on Windows is semicolon. But that got\nlost in the fork at some point. This CL fixes that.\n\nSecond, X509_FILETYPE_ASN1 is broken because of a text vs binary mode\nmixup. The following CL will fix this.\n\nSome of the behaviors tested here around CRLs are not quite reasonable.\nSee https://crbug.com/boringssl/690 for details. For now, I\u0027ve tried to\ncapture the existing behavior. As BY_DIR actually maintains some shared\nmutable state, I\u0027ve also added TSAn tests.\n\nAnother subtlety is that multiple CAs with the same name work, but the\nreason they work is pretty messy because OpenSSL\u0027s internal interfaces\nare incompatible with it. Instead, OpenSSL works around itself with the\nX509_STORE cache. These tests do not cover this case, but a subsequent\nCL will add tests for it.\n\nChange-Id: Ifd8f2faea164edb0eda771350cd9bf6dc94104e7\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66008\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "0ff377a30c10e7ea34eb5efc5b5a8ebb90d8ba9a", "tree": "d947a893f366487f44f34f3f6439552d54da65fa", "parents": [ "c06c4d5ea6dc3118c2851e0010aa441161e2a983" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sat Feb 03 09:47:19 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Feb 22 22:30:35 2024 +0000" }, "message": "Add some utilities for testing temporary files\n\nAvoid rewriting the FILE scoper, and deal with the Android problem in\none place. This header will also, in the next CL, be the home for a\ntemporary directory helper for hash_dir.\n\nChange-Id: I4be69ef6c2ac3443b80ee8852bcce4078bf7f118\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66007\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "c06c4d5ea6dc3118c2851e0010aa441161e2a983", "tree": "be898639309b327e6ae192022f750f11d41b995f", "parents": [ "4fe29ebc759e482891e96fc4170eb3db26c0bc13" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Feb 13 23:02:14 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Feb 22 22:03:36 2024 +0000" }, "message": "Remove redundant piece of DC state\n\nNow that delegated credentials comes with its own sigalg list (hooray\nfor wasted ClientHello bytes), we don\u0027t need a\ndelegated_credential_requested. It\u0027s already implicit in whether we\nparsed any sigalgs.\n\nChange-Id: I5169e4b24a41dd4973fc581087c881d34b5075fa\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66373\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "4fe29ebc759e482891e96fc4170eb3db26c0bc13", "tree": "19c44a8a237af37cab88d7814a0e190f45aba7e1", "parents": [ "9a4e1095c0c1140a50e52d4f2f8112c0c405dd43" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Feb 13 22:58:39 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Feb 22 19:24:18 2024 +0000" }, "message": "Test an unusual split between context and connection configuration\n\nNo one would ever do this, but it works today and we should keep it\nworking. As part of certificate selection, we\u0027ll be introducing an\nSSL_CREDENTIAL object. In doing so, the existing APIs will mutate a\nbuilt-in \"default\" credential. If we made a shallow copy, it would break\nthings.\n\nBug: 249\nChange-Id: I75b1486289659611184a42e87771a6cf7ddb5aa7\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66372\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" }, { "commit": "9a4e1095c0c1140a50e52d4f2f8112c0c405dd43", "tree": "94a3429c64da66a1481608f0287ed5a60882086e", "parents": [ "281053e9cc3bb65bee52012e868d1c0ef72d065d" ], "author": { "name": "Zequan Wu", "email": "zequanwu@google.com", "time": "Thu Feb 22 11:01:58 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Feb 22 16:09:42 2024 +0000" }, "message": "Remove redundant bssl_sys import\n\nR\u003dagl@chromium.org\n\nBug: chromium:326247202\nChange-Id: I6c1bb77da2ce428fd7c9be3c0ea542ca8c84d443\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66449\nReviewed-by: danakj \u003cdanakj@chromium.org\u003e\nAuto-Submit: Zequan Wu \u003czequanwu@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\nCommit-Queue: Adam Langley \u003cagl@google.com\u003e\n" }, { "commit": "281053e9cc3bb65bee52012e868d1c0ef72d065d", "tree": "77a12981a4e34b036ccc94d037ce83e05271ea67", "parents": [ "1bd6e92b2a454009cc3243f5eb54f09c1929810c" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Feb 13 22:52:54 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Feb 22 05:53:29 2024 +0000" }, "message": "Remove some impossible null checks\n\nThe CERT structure is never null.\n\nChange-Id: I92436e1ad6156a9f79d30f4f5e989022e8fd0e9d\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66371\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n" }, { "commit": "1bd6e92b2a454009cc3243f5eb54f09c1929810c", "tree": "d2b5c2ad2bd347b4b2e58c033c431a5afcfb561b", "parents": [ "fbf10f0d968beb56622eb4927bace53a0e931189" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Mon Feb 12 18:09:37 2024 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Thu Feb 22 05:37:05 2024 +0000" }, "message": "Remove some indirection in SSL_certs_clear\n\nIf we move SSL_certs_clear to ssl_cert.cc, ssl_cert_clear_certs does not\nneed to be in the header. Moreover, its only other caller, ~CERT(), does\nnot need to call it. Now that everything outside of SSL_X509_METHOD is\nmanaged with scopers, the destructor does it automatically. And\ncert_free on SSL_X509_METHOD already automatically calls cert_clear, so\nit\u0027s a no-op to do it again.\n\nChange-Id: Ief9c704cc45440288783564ac4db4a27fbec1bfc\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66370\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n" } ], "next": "fbf10f0d968beb56622eb4927bace53a0e931189" }