aws-crt 0.1.9 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/aws-crt-ffi/crt/aws-c-auth/include/aws/auth/auth.h +1 -0
- data/aws-crt-ffi/crt/aws-c-auth/include/aws/auth/aws_imds_client.h +5 -0
- data/aws-crt-ffi/crt/aws-c-auth/include/aws/auth/credentials.h +5 -0
- data/aws-crt-ffi/crt/aws-c-auth/include/aws/auth/private/aws_signing.h +1 -0
- data/aws-crt-ffi/crt/aws-c-auth/include/aws/auth/private/credentials_utils.h +2 -0
- data/aws-crt-ffi/crt/aws-c-auth/include/aws/auth/signing_config.h +1 -0
- data/aws-crt-ffi/crt/aws-c-auth/source/auth.c +3 -1
- data/aws-crt-ffi/crt/aws-c-auth/source/aws_imds_client.c +146 -63
- data/aws-crt-ffi/crt/aws-c-auth/source/aws_signing.c +41 -19
- data/aws-crt-ffi/crt/aws-c-auth/source/credentials_provider_imds.c +1 -0
- data/aws-crt-ffi/crt/aws-c-auth/source/credentials_utils.c +1 -0
- data/aws-crt-ffi/crt/aws-c-auth/source/signable_http_request.c +2 -1
- data/aws-crt-ffi/crt/aws-c-auth/source/signing_config.c +25 -0
- data/aws-crt-ffi/crt/aws-c-auth/tests/CMakeLists.txt +3 -0
- data/aws-crt-ffi/crt/aws-c-auth/tests/aws_imds_client_test.c +197 -31
- data/aws-crt-ffi/crt/aws-c-auth/tests/credentials_provider_imds_tests.c +16 -18
- data/aws-crt-ffi/crt/aws-c-auth/tests/sigv4_signing_tests.c +3 -1
- data/aws-crt-ffi/crt/aws-c-cal/include/aws/cal/private/opensslcrypto_common.h +22 -0
- data/aws-crt-ffi/crt/aws-c-cal/source/darwin/commoncrypto_aes.c +46 -17
- data/aws-crt-ffi/crt/aws-c-cal/source/unix/openssl_aes.c +1 -0
- data/aws-crt-ffi/crt/aws-c-cal/source/unix/openssl_platform_init.c +7 -0
- data/aws-crt-ffi/crt/aws-c-cal/source/unix/openssl_rsa.c +59 -2
- data/aws-crt-ffi/crt/aws-c-cal/source/unix/opensslcrypto_ecc.c +1 -0
- data/aws-crt-ffi/crt/aws-c-common/CMakeLists.txt +13 -1
- data/aws-crt-ffi/crt/aws-c-common/THIRD-PARTY-LICENSES.txt +28 -7
- data/aws-crt-ffi/crt/aws-c-common/bin/system_info/CMakeLists.txt +18 -0
- data/aws-crt-ffi/crt/aws-c-common/bin/system_info/print_system_info.c +48 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/allocator.h +23 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/byte_buf.h +12 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/cross_process_lock.h +35 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/hash_table.h +1 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/priority_queue.h +24 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/private/system_info_priv.h +37 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/system_info.h +47 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/system_resource_util.h +30 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/testing/aws_test_harness.h +3 -2
- data/aws-crt-ffi/crt/aws-c-common/source/allocator.c +64 -13
- data/aws-crt-ffi/crt/aws-c-common/source/android/logging.c +14 -0
- data/aws-crt-ffi/crt/aws-c-common/source/common.c +3 -3
- data/aws-crt-ffi/crt/aws-c-common/source/file.c +96 -35
- data/aws-crt-ffi/crt/aws-c-common/source/linux/system_info.c +24 -0
- data/aws-crt-ffi/crt/aws-c-common/source/memtrace.c +10 -3
- data/aws-crt-ffi/crt/aws-c-common/source/platform_fallback_stubs/system_info.c +21 -0
- data/aws-crt-ffi/crt/aws-c-common/source/posix/cross_process_lock.c +141 -0
- data/aws-crt-ffi/crt/aws-c-common/source/posix/system_info.c +1 -1
- data/aws-crt-ffi/crt/aws-c-common/source/posix/system_resource_utils.c +32 -0
- data/aws-crt-ffi/crt/aws-c-common/source/priority_queue.c +24 -0
- data/aws-crt-ffi/crt/aws-c-common/source/system_info.c +80 -0
- data/aws-crt-ffi/crt/aws-c-common/source/task_scheduler.c +2 -2
- data/aws-crt-ffi/crt/aws-c-common/source/windows/cross_process_lock.c +93 -0
- data/aws-crt-ffi/crt/aws-c-common/source/windows/system_resource_utils.c +31 -0
- data/aws-crt-ffi/crt/aws-c-common/tests/CMakeLists.txt +16 -0
- data/aws-crt-ffi/crt/aws-c-common/tests/alloc_test.c +83 -22
- data/aws-crt-ffi/crt/aws-c-common/tests/cross_process_lock_tests.c +116 -0
- data/aws-crt-ffi/crt/aws-c-common/tests/file_test.c +103 -0
- data/aws-crt-ffi/crt/aws-c-common/tests/priority_queue_test.c +36 -0
- data/aws-crt-ffi/crt/aws-c-common/tests/system_info_tests.c +19 -0
- data/aws-crt-ffi/crt/aws-c-common/tests/system_resource_util_test.c +37 -0
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/connection.h +9 -0
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/http.h +1 -0
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/connection_impl.h +5 -4
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/connection_manager_system_vtable.h +10 -18
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/proxy_impl.h +5 -1
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/request_response_impl.h +5 -0
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/request_response.h +10 -0
- data/aws-crt-ffi/crt/aws-c-http/source/connection.c +5 -2
- data/aws-crt-ffi/crt/aws-c-http/source/connection_manager.c +22 -21
- data/aws-crt-ffi/crt/aws-c-http/source/h1_connection.c +102 -17
- data/aws-crt-ffi/crt/aws-c-http/source/h1_stream.c +1 -0
- data/aws-crt-ffi/crt/aws-c-http/source/http.c +3 -0
- data/aws-crt-ffi/crt/aws-c-http/source/proxy_connection.c +2 -2
- data/aws-crt-ffi/crt/aws-c-http/tests/CMakeLists.txt +2 -0
- data/aws-crt-ffi/crt/aws-c-http/tests/test_connection_manager.c +18 -18
- data/aws-crt-ffi/crt/aws-c-http/tests/test_h1_client.c +111 -1
- data/aws-crt-ffi/crt/aws-c-http/tests/test_proxy.c +2 -2
- data/aws-crt-ffi/crt/aws-c-http/tests/test_stream_manager.c +2 -2
- data/aws-crt-ffi/crt/aws-c-io/include/aws/io/retry_strategy.h +1 -1
- data/aws-crt-ffi/crt/aws-c-io/source/exponential_backoff_retry_strategy.c +1 -1
- data/aws-crt-ffi/crt/aws-c-io/source/pkcs11_tls_op_handler.c +2 -4
- data/aws-crt-ffi/crt/aws-lc/CMakeLists.txt +16 -8
- data/aws-crt-ffi/crt/aws-lc/cmake/go.cmake +6 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/CMakeLists.txt +6 -9
- data/aws-crt-ffi/crt/aws-lc/crypto/asn1/a_time.c +34 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/asn1/a_utctm.c +4 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/asn1/asn1_test.cc +41 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/bio/bio_mem.c +6 -7
- data/aws-crt-ffi/crt/aws-lc/crypto/bio/bio_test.cc +152 -16
- data/aws-crt-ffi/crt/aws-lc/crypto/bio/connect.c +6 -12
- data/aws-crt-ffi/crt/aws-lc/crypto/bio/fd.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/bio/file.c +20 -8
- data/aws-crt-ffi/crt/aws-lc/crypto/bio/socket.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/bio/socket_helper.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/blake2/blake2.c +11 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/bytestring/cbb.c +13 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/bytestring/cbs.c +9 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/chacha/asm/chacha-armv8.pl +1 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/chacha/chacha.c +49 -8
- data/aws-crt-ffi/crt/aws-lc/crypto/chacha/chacha_test.cc +110 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/chacha/internal.h +8 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/compiler_test.cc +4 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/conf/conf_test.cc +1 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/crypto_test.cc +9 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/curve25519/curve25519.c +189 -108
- data/aws-crt-ffi/crt/aws-lc/crypto/curve25519/curve25519_nohw.c +78 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/curve25519/ed25519_test.cc +9 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/curve25519/internal.h +24 -10
- data/aws-crt-ffi/crt/aws-lc/crypto/curve25519/spake25519.c +4 -4
- data/aws-crt-ffi/crt/aws-lc/crypto/curve25519/x25519_test.cc +80 -11
- data/aws-crt-ffi/crt/aws-lc/crypto/decrepit/evp/evp_do_all.c +2 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/digest_extra/digest_extra.c +8 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/digest_extra/digest_test.cc +110 -45
- data/aws-crt-ffi/crt/aws-lc/crypto/dsa/dsa_test.cc +8 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/dsa/internal.h +18 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/dynamic_loading_test.c +8 -5
- data/aws-crt-ffi/crt/aws-lc/crypto/ec_extra/ec_derive.c +4 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/ec_extra/hash_to_curve.c +6 -18
- data/aws-crt-ffi/crt/aws-lc/crypto/endian_test.cc +308 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/err/ssl.errordata +2 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/evp_extra_test.cc +2 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/evp_test.cc +11 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/evp_tests.txt +25 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/p_ec_asn1.c +1 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/p_kem.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/p_rsa_asn1.c +1 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/print.c +7 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/scrypt.c +13 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/CMakeLists.txt +13 -4
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/aes/aes_nohw.c +18 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bcm.c +12 -4
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/bn_assert_test.cc +77 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/bn_test.cc +30 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/bytes.c +112 -22
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/div.c +12 -5
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/exponentiation.c +54 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/gcd.c +5 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/internal.h +37 -15
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/montgomery.c +4 -11
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/montgomery_inv.c +51 -15
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/cipher/aead.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/digest/digest.c +29 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/digest/digests.c +89 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/digest/internal.h +4 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/ec.c +19 -36
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/ec_key.c +3 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/ec_montgomery.c +9 -7
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/ec_test.cc +33 -9
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/internal.h +17 -12
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/p224-64.c +5 -8
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/p256-nistz.c +8 -8
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/p256.c +9 -8
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/p384.c +33 -16
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/p521.c +14 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/scalar.c +26 -24
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/simple_mul.c +8 -5
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/wnaf.c +3 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ecdsa/ecdsa.c +9 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/evp/evp.c +43 -12
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/evp/p_ec.c +4 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/hmac/hmac.c +3 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/modes/xts.c +26 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rand/cpu_jitter_test.cc +1 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rand/internal.h +20 -11
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rand/rand.c +10 -10
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rand/urandom.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rsa/internal.h +59 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rsa/padding.c +9 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rsa/rsa.c +7 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rsa/rsa_impl.c +51 -60
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/service_indicator/service_indicator.c +5 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/service_indicator/service_indicator_test.cc +205 -5
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/sha/asm/sha1-armv8.pl +1 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/sha/asm/sha512-armv8.pl +1 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/sha/internal.h +8 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/sha/sha3.c +37 -15
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/sha/sha3_test.cc +115 -110
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/sha/sha512.c +55 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/sshkdf/sshkdf.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/hmac_extra/hmac_test.cc +12 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/hmac_extra/hmac_tests.txt +10 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/hrss/asm/poly_rq_mul.S +2 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/impl_dispatch_test.cc +9 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/internal.h +90 -8
- data/aws-crt-ffi/crt/aws-lc/crypto/kem/kem.c +28 -27
- data/aws-crt-ffi/crt/aws-lc/crypto/kyber/kem_kyber.h +14 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/obj/obj_dat.h +52 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/obj/obj_mac.num +5 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/obj/objects.txt +7 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/perlasm/arm-xlate.pl +3 -14
- data/aws-crt-ffi/crt/aws-lc/crypto/perlasm/ppc-xlate.pl +1 -5
- data/aws-crt-ffi/crt/aws-lc/crypto/perlasm/x86_64-xlate.pl +4 -15
- data/aws-crt-ffi/crt/aws-lc/crypto/perlasm/x86asm.pl +4 -13
- data/aws-crt-ffi/crt/aws-lc/crypto/poly1305/poly1305_arm_asm.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/crypto/rand_extra/deterministic.c +4 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/rand_extra/fuchsia.c +4 -4
- data/aws-crt-ffi/crt/aws-lc/crypto/rand_extra/rand_test.cc +0 -63
- data/aws-crt-ffi/crt/aws-lc/crypto/rand_extra/windows.c +41 -19
- data/aws-crt-ffi/crt/aws-lc/crypto/rsa_extra/rsa_test.cc +3 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/siphash/siphash.c +12 -5
- data/aws-crt-ffi/crt/aws-lc/crypto/siphash/siphash_test.cc +5 -5
- data/aws-crt-ffi/crt/aws-lc/crypto/stack/stack.c +68 -46
- data/aws-crt-ffi/crt/aws-lc/crypto/trust_token/pmbtoken.c +4 -4
- data/aws-crt-ffi/crt/aws-lc/crypto/trust_token/voprf.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/x509/by_dir.c +0 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/x509/internal.h +4 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/x509/x509_lu.c +33 -9
- data/aws-crt-ffi/crt/aws-lc/crypto/x509/x509_test.cc +87 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/x509/x509_trs.c +1 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/x509/x509_vfy.c +35 -13
- data/aws-crt-ffi/crt/aws-lc/crypto/x509v3/v3_lib.c +2 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/x509v3/v3_purp.c +4 -6
- data/aws-crt-ffi/crt/aws-lc/generated-src/crypto_test_data.cc +179 -151
- data/aws-crt-ffi/crt/aws-lc/generated-src/err_data.c +353 -349
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/chacha/chacha-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/cipher_extra/chacha20_poly1305_armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/aesv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/aesv8-gcm-armv8-unroll8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/aesv8-gcm-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/armv8-mont.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/bn-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/ghash-neon-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/ghashv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/keccak1600-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/md5-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/p256-armv8-asm.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/p256_beeu-armv8-asm.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/sha1-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/sha256-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/sha512-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/vpaes-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/test/trampoline-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/chacha/chacha-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/aesv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/armv4-mont.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/bsaes-armv7.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/ghash-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/ghashv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/sha1-armv4-large.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/sha256-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/sha512-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/vpaes-armv7.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/test/trampoline-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/chacha/chacha-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/cipher_extra/chacha20_poly1305_armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/aesv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/aesv8-gcm-armv8-unroll8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/aesv8-gcm-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/armv8-mont.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/bn-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/ghash-neon-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/ghashv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/keccak1600-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/md5-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/p256-armv8-asm.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/p256_beeu-armv8-asm.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/sha1-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/sha256-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/sha512-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/vpaes-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/test/trampoline-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/chacha/chacha-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/aesv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/armv4-mont.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/bsaes-armv7.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/ghash-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/ghashv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/sha1-armv4-large.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/sha256-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/sha512-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/vpaes-armv7.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/test/trampoline-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-ppc64le/crypto/fipsmodule/aesp8-ppc.S +1 -5
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-ppc64le/crypto/fipsmodule/ghashp8-ppc.S +1 -5
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-ppc64le/crypto/test/trampoline-ppc.S +1 -5
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/chacha/chacha-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/aesni-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/bn-586.S +4 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/co-586.S +4 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/ghash-ssse3-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/ghash-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/md5-586.S +4 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/sha1-586.S +4 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/sha256-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/sha512-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/vpaes-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/x86-mont.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/test/trampoline-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/chacha/chacha-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/cipher_extra/aesni-sha1-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/cipher_extra/aesni-sha256-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/aesni-gcm-avx512.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/aesni-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/aesni-xts-avx512.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/ghash-ssse3-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/ghash-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/md5-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/p256-x86_64-asm.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/p256_beeu-x86_64-asm.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/rdrand-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/rsaz-avx2.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/sha1-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/sha256-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/sha512-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/vpaes-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/x86_64-mont.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/x86_64-mont5.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/test/trampoline-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/chacha/chacha-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/aesni-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/bn-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/co-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/ghash-ssse3-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/ghash-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/md5-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/sha1-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/sha256-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/sha512-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/vpaes-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/x86-mont.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/test/trampoline-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/chacha/chacha-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/cipher_extra/aesni-sha1-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/cipher_extra/aesni-sha256-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/aesni-gcm-avx512.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/aesni-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/aesni-xts-avx512.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/ghash-ssse3-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/ghash-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/md5-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/p256-x86_64-asm.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/p256_beeu-x86_64-asm.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/rdrand-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/rsaz-avx2.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/sha1-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/sha256-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/sha512-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/vpaes-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/x86_64-mont.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/x86_64-mont5.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/test/trampoline-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/chacha/chacha-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/cipher_extra/chacha20_poly1305_armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/aesv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/aesv8-gcm-armv8-unroll8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/aesv8-gcm-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/armv8-mont.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/bn-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/ghash-neon-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/ghashv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/keccak1600-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/md5-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/p256-armv8-asm.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/p256_beeu-armv8-asm.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/sha1-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/sha256-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/sha512-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/vpaes-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/test/trampoline-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/go.mod +4 -4
- data/aws-crt-ffi/crt/aws-lc/go.sum +8 -10
- data/aws-crt-ffi/crt/aws-lc/include/openssl/aead.h +2 -2
- data/aws-crt-ffi/crt/aws-lc/include/openssl/arm_arch.h +4 -119
- data/aws-crt-ffi/crt/aws-lc/include/openssl/asm_base.h +185 -0
- data/aws-crt-ffi/crt/aws-lc/include/openssl/asn1.h +5 -0
- data/aws-crt-ffi/crt/aws-lc/include/openssl/base.h +31 -134
- data/aws-crt-ffi/crt/aws-lc/include/openssl/bio.h +30 -18
- data/aws-crt-ffi/crt/aws-lc/include/openssl/bn.h +0 -2
- data/aws-crt-ffi/crt/aws-lc/include/openssl/chacha.h +6 -0
- data/aws-crt-ffi/crt/aws-lc/include/openssl/cipher.h +2 -2
- data/aws-crt-ffi/crt/aws-lc/include/openssl/digest.h +9 -6
- data/aws-crt-ffi/crt/aws-lc/include/openssl/dsa.h +0 -21
- data/aws-crt-ffi/crt/aws-lc/include/openssl/ec.h +1 -1
- data/aws-crt-ffi/crt/aws-lc/include/openssl/err.h +1 -1
- data/aws-crt-ffi/crt/aws-lc/include/openssl/evp.h +8 -5
- data/aws-crt-ffi/crt/aws-lc/include/openssl/nid.h +21 -0
- data/aws-crt-ffi/crt/aws-lc/include/openssl/rsa.h +1 -65
- data/aws-crt-ffi/crt/aws-lc/include/openssl/sha.h +22 -1
- data/aws-crt-ffi/crt/aws-lc/include/openssl/ssl.h +121 -13
- data/aws-crt-ffi/crt/aws-lc/include/openssl/stack.h +229 -208
- data/aws-crt-ffi/crt/aws-lc/include/openssl/target.h +166 -0
- data/aws-crt-ffi/crt/aws-lc/include/openssl/x509.h +30 -10
- data/aws-crt-ffi/crt/aws-lc/include/openssl/x509v3.h +6 -4
- data/aws-crt-ffi/crt/aws-lc/sources.cmake +2 -0
- data/aws-crt-ffi/crt/aws-lc/ssl/extensions.cc +12 -7
- data/aws-crt-ffi/crt/aws-lc/ssl/handshake_server.cc +28 -18
- data/aws-crt-ffi/crt/aws-lc/ssl/internal.h +41 -6
- data/aws-crt-ffi/crt/aws-lc/ssl/s3_both.cc +9 -17
- data/aws-crt-ffi/crt/aws-lc/ssl/ssl_cipher.cc +13 -5
- data/aws-crt-ffi/crt/aws-lc/ssl/ssl_key_share.cc +542 -2
- data/aws-crt-ffi/crt/aws-lc/ssl/ssl_lib.cc +35 -0
- data/aws-crt-ffi/crt/aws-lc/ssl/ssl_test.cc +1847 -14
- data/aws-crt-ffi/crt/aws-lc/ssl/ssl_x509.cc +128 -0
- data/aws-crt-ffi/crt/aws-lc/ssl/test/PORTING.md +10 -7
- data/aws-crt-ffi/crt/aws-lc/ssl/test/bssl_shim.cc +133 -77
- data/aws-crt-ffi/crt/aws-lc/ssl/test/handshake_util.cc +3 -3
- data/aws-crt-ffi/crt/aws-lc/ssl/test/handshaker.cc +4 -0
- data/aws-crt-ffi/crt/aws-lc/ssl/test/runner/handshake_client.go +6 -2
- data/aws-crt-ffi/crt/aws-lc/ssl/test/runner/handshake_messages.go +894 -1042
- data/aws-crt-ffi/crt/aws-lc/ssl/test/runner/handshake_server.go +24 -23
- data/aws-crt-ffi/crt/aws-lc/ssl/test/runner/prf.go +6 -5
- data/aws-crt-ffi/crt/aws-lc/ssl/test/runner/runner.go +56 -55
- data/aws-crt-ffi/crt/aws-lc/ssl/test/runner/shim_dispatcher.go +188 -0
- data/aws-crt-ffi/crt/aws-lc/ssl/test/runner/ticket.go +37 -39
- data/aws-crt-ffi/crt/aws-lc/ssl/test/test_config.cc +59 -24
- data/aws-crt-ffi/crt/aws-lc/ssl/test/test_config.h +3 -2
- data/aws-crt-ffi/crt/aws-lc/ssl/tls13_server.cc +10 -11
- data/aws-crt-ffi/crt/aws-lc/tests/ci/cdk/app.py +4 -4
- data/aws-crt-ffi/crt/aws-lc/tests/ci/cdk/cdk/{aws_lc_mac_arm_ci_stack.py → aws_lc_ec2_test_framework_ci_stack.py} +13 -29
- data/aws-crt-ffi/crt/aws-lc/tests/ci/cdk/cdk/ssm/general_test_run_ssm_document.yaml +43 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/common_posix_setup.sh +10 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-aarch/amazonlinux-2023_base/Dockerfile +5 -1
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-aarch/ubuntu-22.04_base/Dockerfile +19 -3
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-x86/amazonlinux-2_gcc-7x-intel-sde/Dockerfile +5 -4
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-x86/build_images.sh +1 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-x86/push_images.sh +2 -1
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-x86/ubuntu-20.04_clang-10x_formal-verification/create_image.sh +1 -1
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-x86/ubuntu-22.04_base/Dockerfile +1 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-x86/ubuntu-22.04_clang-14x-sde/Dockerfile +42 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/windows/vs2017/Dockerfile +14 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/windows/windows_base/Dockerfile +3 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/integration/README.md +12 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/integration/nginx_patch/aws-lc-nginx.patch +68 -23
- data/aws-crt-ffi/crt/aws-lc/tests/ci/integration/run_crt_integration.sh +27 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/integration/run_monit_integration.sh +56 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/integration/sslproxy_patch/aws-lc-sslproxy.patch +2 -2
- data/aws-crt-ffi/crt/aws-lc/tests/ci/run_ec2_test_framework.sh +135 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/run_fips_tests.sh +14 -2
- data/aws-crt-ffi/crt/aws-lc/tests/ci/run_tests_with_sde.sh +4 -1
- data/aws-crt-ffi/crt/aws-lc/tests/ci/run_tests_with_sde_asan.sh +14 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/run_windows_tests.bat +39 -3
- data/aws-crt-ffi/crt/aws-lc/third_party/fiat/README.md +21 -6
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/bignum_madd_n25519.S +284 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/bignum_madd_n25519_alt.S +210 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/bignum_mod_n25519.S +186 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/bignum_neg_p25519.S +65 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519.S +1043 -352
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519_alt.S +1043 -352
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519_byte.S +1043 -352
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519_byte_alt.S +1043 -352
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519base.S +1042 -352
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519base_alt.S +1042 -352
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519base_byte.S +1042 -352
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519base_byte_alt.S +1043 -354
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/edwards25519_decode.S +700 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/edwards25519_decode_alt.S +563 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/edwards25519_encode.S +131 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/edwards25519_scalarmulbase.S +9626 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/edwards25519_scalarmulbase_alt.S +9468 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/edwards25519_scalarmuldouble.S +3157 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/edwards25519_scalarmuldouble_alt.S +2941 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/p384/Makefile +1 -1
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/p521/Makefile +1 -1
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/include/s2n-bignum_aws-lc.h +34 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/bignum_madd_n25519.S +219 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/bignum_madd_n25519_alt.S +245 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/bignum_mod_n25519.S +228 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/bignum_neg_p25519.S +86 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/curve25519_x25519.S +1350 -407
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/curve25519_x25519_alt.S +1350 -407
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/curve25519_x25519base.S +1344 -400
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/curve25519_x25519base_alt.S +1348 -402
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/edwards25519_decode.S +670 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/edwards25519_decode_alt.S +751 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/edwards25519_encode.S +81 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/edwards25519_scalarmulbase.S +9910 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/edwards25519_scalarmulbase_alt.S +9986 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/edwards25519_scalarmuldouble.S +3619 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/edwards25519_scalarmuldouble_alt.S +3736 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/wycheproof_testvectors/hmac_sha512_224_test.json +1978 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/wycheproof_testvectors/hmac_sha512_224_test.txt +1403 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/wycheproof_testvectors/hmac_sha512_256_test.json +1993 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/wycheproof_testvectors/hmac_sha512_256_test.txt +1416 -0
- data/aws-crt-ffi/crt/aws-lc/tool/digest.cc +4 -0
- data/aws-crt-ffi/crt/aws-lc/tool/internal.h +1 -0
- data/aws-crt-ffi/crt/aws-lc/tool/speed.cc +53 -6
- data/aws-crt-ffi/crt/aws-lc/util/all_tests.go +43 -12
- data/aws-crt-ffi/crt/aws-lc/util/all_tests.json +13 -5
- data/aws-crt-ffi/crt/aws-lc/util/bot/DEPS +4 -4
- data/aws-crt-ffi/crt/aws-lc/util/bot/update_clang.py +8 -2
- data/aws-crt-ffi/crt/aws-lc/util/codecov-ci.sh +82 -0
- data/aws-crt-ffi/crt/aws-lc/util/convert_wycheproof/convert_wycheproof.go +7 -5
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/ACVP.md +7 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/subprocess/hash.go +24 -9
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/subprocess/rsa.go +3 -4
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/subprocess/subprocess.go +15 -10
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/expected/HMAC-SHA2-512-224.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/expected/SHA2-512-224.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/expected/SHAKE-128.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/expected/SHAKE-256.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/sha-tests/sha512-224-tests.json +1 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/sha-tests/shake-128-tests.json +1 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/sha-tests/shake-256-tests.json +1 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/tests.json +1 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/vectors/HMAC-SHA2-512-224.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/vectors/SHA2-512-224.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/vectors/SHAKE-128.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/vectors/SHAKE-256.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/modulewrapper/main.cc +4 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/modulewrapper/modulewrapper.cc +144 -1
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/delocate/delocate.go +9 -3
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/delocate/testdata/aarch64-Basic/in.s +4 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/delocate/testdata/aarch64-Basic/out.s +11 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/inject_hash/inject_hash.go +13 -4
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/test-break-kat.sh +2 -0
- data/aws-crt-ffi/crt/aws-lc/util/testconfig/testconfig.go +2 -1
- data/aws-crt-ffi/crt/s2n/api/s2n.h +9 -5
- data/aws-crt-ffi/crt/s2n/bindings/rust/bench/benches/handshake.rs +9 -6
- data/aws-crt-ffi/crt/s2n/bindings/rust/bench/benches/resumption.rs +14 -14
- data/aws-crt-ffi/crt/s2n/bindings/rust/bench/benches/throughput.rs +9 -6
- data/aws-crt-ffi/crt/s2n/bindings/rust/bench/src/harness.rs +106 -102
- data/aws-crt-ffi/crt/s2n/bindings/rust/bench/src/openssl.rs +24 -20
- data/aws-crt-ffi/crt/s2n/bindings/rust/bench/src/rustls.rs +28 -24
- data/aws-crt-ffi/crt/s2n/bindings/rust/bench/src/s2n_tls.rs +52 -50
- data/aws-crt-ffi/crt/s2n/bindings/rust/generate/Cargo.toml +1 -0
- data/aws-crt-ffi/crt/s2n/bindings/rust/integration/Cargo.toml +3 -0
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls/Cargo.toml +2 -2
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls/src/connection.rs +9 -0
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls-sys/templates/Cargo.template +2 -1
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls-tokio/Cargo.toml +2 -2
- data/aws-crt-ffi/crt/s2n/tests/cbmc/sources/make_common_datastructures.c +9 -2
- data/aws-crt-ffi/crt/s2n/tests/fuzz/s2n_client_cert_verify_recv_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/fuzz/s2n_hybrid_ecdhe_kyber_r3_fuzz_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/fuzz/s2n_tls13_cert_verify_recv_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_version_negotiation.py +4 -4
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_auth_selection_test.c +19 -9
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_client_auth_handshake_test.c +3 -3
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_client_cert_verify_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_client_hello_recv_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_client_hello_test.c +4 -4
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_client_signature_algorithms_extension_test.c +4 -5
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_connection_protocol_versions_test.c +390 -0
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_connection_test.c +8 -4
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_handshake_test.c +2 -1
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_quic_support_io_test.c +106 -0
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_security_policies_test.c +6 -2
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_self_talk_offload_signing_test.c +3 -3
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_self_talk_session_resumption_test.c +135 -0
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_server_new_session_ticket_test.c +32 -0
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_server_signature_algorithms_extension_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_signature_algorithms_test.c +307 -283
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_cert_request_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_cert_verify_test.c +18 -17
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_x509_validator_test.c +125 -0
- data/aws-crt-ffi/crt/s2n/tls/extensions/s2n_client_signature_algorithms.c +8 -1
- data/aws-crt-ffi/crt/s2n/tls/extensions/s2n_client_supported_versions.c +43 -11
- data/aws-crt-ffi/crt/s2n/tls/extensions/s2n_client_supported_versions.h +3 -0
- data/aws-crt-ffi/crt/s2n/tls/extensions/s2n_server_signature_algorithms.c +8 -1
- data/aws-crt-ffi/crt/s2n/tls/s2n_auth_selection.c +4 -2
- data/aws-crt-ffi/crt/s2n/tls/s2n_client_cert_verify.c +7 -10
- data/aws-crt-ffi/crt/s2n/tls/s2n_client_hello.c +2 -2
- data/aws-crt-ffi/crt/s2n/tls/s2n_connection.c +75 -14
- data/aws-crt-ffi/crt/s2n/tls/s2n_handshake.h +2 -2
- data/aws-crt-ffi/crt/s2n/tls/s2n_post_handshake.c +1 -1
- data/aws-crt-ffi/crt/s2n/tls/s2n_post_handshake.h +1 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_quic_support.c +29 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_quic_support.h +5 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_security_policies.c +40 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_security_policies.h +4 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_server_cert_request.c +1 -1
- data/aws-crt-ffi/crt/s2n/tls/s2n_server_hello.c +0 -3
- data/aws-crt-ffi/crt/s2n/tls/s2n_server_key_exchange.c +8 -9
- data/aws-crt-ffi/crt/s2n/tls/s2n_server_new_session_ticket.c +8 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_signature_algorithms.c +111 -72
- data/aws-crt-ffi/crt/s2n/tls/s2n_signature_algorithms.h +11 -9
- data/aws-crt-ffi/crt/s2n/tls/s2n_signature_scheme.c +9 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_signature_scheme.h +2 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_tls13_certificate_verify.c +12 -18
- data/aws-crt-ffi/crt/s2n/tls/s2n_x509_validator.c +7 -7
- data/aws-crt-ffi/src/api.h +1 -0
- data/lib/aws-crt/native.rb +1 -1
- metadata +68 -5
- data/aws-crt-ffi/crt/aws-lc/tests/ci/cdk/cdk/ssm/m1_tests_ssm_document.yaml +0 -34
- data/aws-crt-ffi/crt/aws-lc/tests/ci/run_m1_ec2_instance.sh +0 -96
|
@@ -0,0 +1,308 @@
|
|
|
1
|
+
#include <gtest/gtest.h>
|
|
2
|
+
#include "internal.h"
|
|
3
|
+
#include "openssl/aes.h"
|
|
4
|
+
#include "openssl/bn.h"
|
|
5
|
+
#include "test/test_util.h"
|
|
6
|
+
|
|
7
|
+
|
|
8
|
+
TEST(EndianTest, u32Operations) {
|
|
9
|
+
uint8_t buffer[4];
|
|
10
|
+
uint32_t val = 0x12345678;
|
|
11
|
+
uint8_t expected_be[4] = {0x12, 0x34, 0x56, 0x78};
|
|
12
|
+
uint8_t expected_le[4] = {0x78, 0x56, 0x34, 0x12};
|
|
13
|
+
|
|
14
|
+
|
|
15
|
+
CRYPTO_store_u32_le(buffer, val);
|
|
16
|
+
EXPECT_EQ(Bytes(expected_le), Bytes(buffer));
|
|
17
|
+
EXPECT_EQ(val, CRYPTO_load_u32_le(buffer));
|
|
18
|
+
|
|
19
|
+
CRYPTO_store_u32_be(buffer, val);
|
|
20
|
+
EXPECT_EQ(Bytes(expected_be), Bytes(buffer));
|
|
21
|
+
EXPECT_EQ(val, CRYPTO_load_u32_be(buffer));
|
|
22
|
+
}
|
|
23
|
+
|
|
24
|
+
TEST(EndianTest, u64Operations) {
|
|
25
|
+
uint8_t buffer[8];
|
|
26
|
+
uint64_t val = 0x123456789abcdef0;
|
|
27
|
+
uint8_t expected_be[8] = {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0};
|
|
28
|
+
uint8_t expected_le[8] = {0xf0, 0xde, 0xbc, 0x9a, 0x78, 0x56, 0x34, 0x12};
|
|
29
|
+
|
|
30
|
+
CRYPTO_store_u64_le(buffer, val);
|
|
31
|
+
EXPECT_EQ(Bytes(expected_le), Bytes(buffer));
|
|
32
|
+
EXPECT_EQ(val, CRYPTO_load_u64_le(buffer));
|
|
33
|
+
|
|
34
|
+
CRYPTO_store_u64_be(buffer, val);
|
|
35
|
+
EXPECT_EQ(Bytes(expected_be), Bytes(buffer));
|
|
36
|
+
EXPECT_EQ(val, CRYPTO_load_u64_be(buffer));
|
|
37
|
+
}
|
|
38
|
+
|
|
39
|
+
TEST(EndianTest, wordOperations) {
|
|
40
|
+
uint8_t buffer[sizeof(crypto_word_t)];
|
|
41
|
+
#if defined(OPENSSL_64_BIT)
|
|
42
|
+
size_t val = 0x123456789abcdef0;
|
|
43
|
+
uint8_t expected_le[8] = {0xf0, 0xde, 0xbc, 0x9a, 0x78, 0x56, 0x34, 0x12};
|
|
44
|
+
#else
|
|
45
|
+
size_t val = 0x12345678;
|
|
46
|
+
uint8_t expected_le[4] = {0x78, 0x56, 0x34, 0x12};
|
|
47
|
+
#endif
|
|
48
|
+
|
|
49
|
+
CRYPTO_store_word_le(buffer, val);
|
|
50
|
+
EXPECT_EQ(Bytes(expected_le), Bytes(buffer));
|
|
51
|
+
EXPECT_EQ(val, CRYPTO_load_word_le(buffer));
|
|
52
|
+
}
|
|
53
|
+
|
|
54
|
+
TEST(EndianTest, TestRotate32) {
|
|
55
|
+
uint32_t value = 0b00000010000000000000000000000;
|
|
56
|
+
uint32_t expected = 0b00100000000000000000000000000;
|
|
57
|
+
|
|
58
|
+
uint32_t rotl_by = 4;
|
|
59
|
+
uint32_t rotr_by = 32 - rotl_by;
|
|
60
|
+
|
|
61
|
+
uint32_t rotl_value = CRYPTO_rotl_u32(value, rotl_by);
|
|
62
|
+
uint32_t rotr_value = CRYPTO_rotr_u32(value, rotr_by);
|
|
63
|
+
|
|
64
|
+
ASSERT_EQ(rotl_value, rotr_value);
|
|
65
|
+
EXPECT_EQ(expected, rotl_value);
|
|
66
|
+
ASSERT_EQ(CRYPTO_rotr_u32(rotl_value, rotl_by), value);
|
|
67
|
+
}
|
|
68
|
+
|
|
69
|
+
TEST(EndianTest, TestRotate64) {
|
|
70
|
+
uint64_t value = 0b0000001000000000000000000000000000010000000000000000000000;
|
|
71
|
+
uint64_t expected = 0b0010000000000000000000000000000100000000000000000000000000;
|
|
72
|
+
|
|
73
|
+
uint64_t rotl_by = 4;
|
|
74
|
+
uint64_t rotr_by = 64 - rotl_by;
|
|
75
|
+
|
|
76
|
+
uint64_t rotl_value = CRYPTO_rotl_u64(value, rotl_by);
|
|
77
|
+
uint64_t rotr_value = CRYPTO_rotr_u64(value, rotr_by);
|
|
78
|
+
|
|
79
|
+
ASSERT_EQ(rotl_value, rotr_value);
|
|
80
|
+
EXPECT_EQ(expected, rotl_value);
|
|
81
|
+
ASSERT_EQ(CRYPTO_rotr_u64(rotl_value, rotl_by), value);
|
|
82
|
+
}
|
|
83
|
+
|
|
84
|
+
union test_union {
|
|
85
|
+
uint16_t big[2];
|
|
86
|
+
uint8_t small[4];
|
|
87
|
+
};
|
|
88
|
+
|
|
89
|
+
struct test_struct {
|
|
90
|
+
test_union union_val;
|
|
91
|
+
};
|
|
92
|
+
|
|
93
|
+
TEST(EndianTest, TestStructUnion) {
|
|
94
|
+
struct test_struct val = {{{0}}};
|
|
95
|
+
val.union_val.big[0] = 0x1234;
|
|
96
|
+
val.union_val.big[1] = 0x5678;
|
|
97
|
+
|
|
98
|
+
|
|
99
|
+
#if defined(OPENSSL_BIG_ENDIAN)
|
|
100
|
+
ASSERT_EQ(val.union_val.small[0], 0x12);
|
|
101
|
+
ASSERT_EQ(val.union_val.small[1], 0x34);
|
|
102
|
+
ASSERT_EQ(val.union_val.small[2], 0x56);
|
|
103
|
+
ASSERT_EQ(val.union_val.small[3], 0x78);
|
|
104
|
+
#else
|
|
105
|
+
ASSERT_EQ(val.union_val.small[0], 0x34);
|
|
106
|
+
ASSERT_EQ(val.union_val.small[1], 0x12);
|
|
107
|
+
ASSERT_EQ(val.union_val.small[2], 0x78);
|
|
108
|
+
ASSERT_EQ(val.union_val.small[3], 0x56);
|
|
109
|
+
#endif
|
|
110
|
+
}
|
|
111
|
+
|
|
112
|
+
// Shift left is increasing value/significance
|
|
113
|
+
// shift right decreases value/drops values
|
|
114
|
+
TEST(EndianTest, Shifting) {
|
|
115
|
+
uint32_t test = 0b1010000000010001;
|
|
116
|
+
ASSERT_EQ(test << 4, (uint32_t)0b10100000000100010000);
|
|
117
|
+
ASSERT_EQ(test >> 4, (uint32_t)0b101000000001);
|
|
118
|
+
}
|
|
119
|
+
|
|
120
|
+
TEST(EndianTest, Swap) {
|
|
121
|
+
EXPECT_EQ(0x3412, CRYPTO_bswap2(0x1234));
|
|
122
|
+
EXPECT_EQ((uint32_t)0x78563412, CRYPTO_bswap4(0x12345678));
|
|
123
|
+
EXPECT_EQ(0xf0debc9a78563412, CRYPTO_bswap8(0x123456789abcdef0));
|
|
124
|
+
}
|
|
125
|
+
|
|
126
|
+
TEST(EndianTest, BN_bin2bn) {
|
|
127
|
+
bssl::UniquePtr<BIGNUM> x(BN_new());
|
|
128
|
+
uint8_t input[256];
|
|
129
|
+
OPENSSL_memset(input, 0, sizeof(input));
|
|
130
|
+
input[0] = 0xaa;
|
|
131
|
+
input[1] = 0x01;
|
|
132
|
+
input[254] = 0x01;
|
|
133
|
+
input[255] = 0x02;
|
|
134
|
+
ASSERT_NE(nullptr, BN_bin2bn(input, sizeof(input), x.get()));
|
|
135
|
+
EXPECT_FALSE(BN_is_zero(x.get()));
|
|
136
|
+
for (size_t i = 1; i < (sizeof(input)*8/BN_BITS2) - 1; i++) {
|
|
137
|
+
SCOPED_TRACE(i);
|
|
138
|
+
EXPECT_EQ((uint64_t)0, x.get()->d[i]);
|
|
139
|
+
}
|
|
140
|
+
EXPECT_EQ((uint64_t)0x0102, x.get()->d[0]);
|
|
141
|
+
EXPECT_EQ((uint64_t)0xaa01 << (BN_BITS2-16), x.get()->d[(256*8/BN_BITS2)-1]);
|
|
142
|
+
}
|
|
143
|
+
|
|
144
|
+
TEST(EndianTest, BN_le2bn) {
|
|
145
|
+
bssl::UniquePtr<BIGNUM> x(BN_new());
|
|
146
|
+
uint8_t input[256];
|
|
147
|
+
OPENSSL_memset(input, 0, sizeof(input));
|
|
148
|
+
input[0] = 0xaa;
|
|
149
|
+
input[1] = 0x01;
|
|
150
|
+
input[254] = 0x01;
|
|
151
|
+
input[255] = 0x02;
|
|
152
|
+
ASSERT_NE(nullptr, BN_le2bn(input, sizeof(input), x.get()));
|
|
153
|
+
EXPECT_FALSE(BN_is_zero(x.get()));
|
|
154
|
+
for (int i = 1; i < (256*8/BN_BITS2) - 1; i++) {
|
|
155
|
+
SCOPED_TRACE(i);
|
|
156
|
+
EXPECT_EQ((uint64_t)0, x.get()->d[i]);
|
|
157
|
+
}
|
|
158
|
+
EXPECT_EQ((uint64_t)0x01aa, x.get()->d[0]);
|
|
159
|
+
EXPECT_EQ((uint64_t)0x0201 << (BN_BITS2-16), x.get()->d[(256*8/BN_BITS2)-1]);
|
|
160
|
+
}
|
|
161
|
+
|
|
162
|
+
// This test creates a BIGNUM, where 255 bytes are significant.
|
|
163
|
+
// Notice that 255 = 7 (mod 8) and 255 = 3 (mod 4), so the most significant
|
|
164
|
+
// bytes do not fill an entire word in the output BIGNUM, requiring special
|
|
165
|
+
// handling in the underlying logic.
|
|
166
|
+
TEST(EndianTest, BN_le2bn_255) {
|
|
167
|
+
bssl::UniquePtr<BIGNUM> x(BN_new());
|
|
168
|
+
uint8_t input[255];
|
|
169
|
+
OPENSSL_memset(input, 0, sizeof(input));
|
|
170
|
+
input[0] = 0xaa;
|
|
171
|
+
input[1] = 0x01;
|
|
172
|
+
input[254] = 0x01;
|
|
173
|
+
ASSERT_TRUE(BN_le2bn(input, sizeof(input), x.get()));
|
|
174
|
+
EXPECT_FALSE(BN_is_zero(x.get()));
|
|
175
|
+
for (size_t i = 1; i <= (255/sizeof(BN_ULONG)) - 1; i++) {
|
|
176
|
+
EXPECT_EQ((BN_ULONG)0, x.get()->d[i]);
|
|
177
|
+
}
|
|
178
|
+
EXPECT_EQ((BN_ULONG)0x01aa, x.get()->d[0]);
|
|
179
|
+
EXPECT_EQ((BN_ULONG)0x01 << (BN_BITS2-16), x.get()->d[255/sizeof(BN_ULONG)]);
|
|
180
|
+
}
|
|
181
|
+
|
|
182
|
+
TEST(EndianTest, BN_bn2bin) {
|
|
183
|
+
bssl::UniquePtr<BIGNUM> x(BN_new());
|
|
184
|
+
uint8_t input[256];
|
|
185
|
+
OPENSSL_memset(input, 0, sizeof(input));
|
|
186
|
+
input[0] = 0xaa;
|
|
187
|
+
input[1] = 0x01;
|
|
188
|
+
input[254] = 0x01;
|
|
189
|
+
input[255] = 0x02;
|
|
190
|
+
ASSERT_NE(nullptr, BN_bin2bn(input, sizeof(input), x.get()));
|
|
191
|
+
|
|
192
|
+
uint8_t out[256];
|
|
193
|
+
OPENSSL_memset(out, 0, sizeof(out));
|
|
194
|
+
EXPECT_EQ((size_t)256, BN_bn2bin(x.get(), out));
|
|
195
|
+
EXPECT_EQ(Bytes(input), Bytes(out));
|
|
196
|
+
}
|
|
197
|
+
|
|
198
|
+
TEST(EndianTest, BN_bn2le_padded) {
|
|
199
|
+
bssl::UniquePtr<BIGNUM> x(BN_new());
|
|
200
|
+
uint8_t input[256];
|
|
201
|
+
OPENSSL_memset(input, 0, sizeof(input));
|
|
202
|
+
input[0] = 0xaa;
|
|
203
|
+
input[1] = 0x01;
|
|
204
|
+
input[254] = 0x01;
|
|
205
|
+
input[255] = 0x02;
|
|
206
|
+
ASSERT_NE(nullptr, BN_le2bn(input, sizeof(input), x.get()));
|
|
207
|
+
|
|
208
|
+
uint8_t out[256];
|
|
209
|
+
OPENSSL_memset(out, 0, sizeof(out));
|
|
210
|
+
EXPECT_EQ(1, BN_bn2le_padded(out, sizeof(out), x.get()));
|
|
211
|
+
EXPECT_EQ(Bytes(input), Bytes(out));
|
|
212
|
+
}
|
|
213
|
+
|
|
214
|
+
// This test creates a BIGNUM, where 255 bytes are significant.
|
|
215
|
+
// It then calls |BN_bn2le_padded| to write the number into a 255-byte array
|
|
216
|
+
// in little-endian byte-order.
|
|
217
|
+
// Notice that 255 = 7 (mod 8) and 255 = 3 (mod 4), so the output array does not
|
|
218
|
+
// have room to hold every word of the input, requiring special handling
|
|
219
|
+
// in the underlying logic.
|
|
220
|
+
TEST(EndianTest, BN_bn2le_padded_255) {
|
|
221
|
+
bssl::UniquePtr<BIGNUM> x(BN_new());
|
|
222
|
+
uint8_t input[255];
|
|
223
|
+
OPENSSL_memset(input, 0, sizeof(input));
|
|
224
|
+
input[0] = 0xaa;
|
|
225
|
+
input[1] = 0x01;
|
|
226
|
+
input[253] = 0x01;
|
|
227
|
+
input[254] = 0x01;
|
|
228
|
+
ASSERT_TRUE(BN_le2bn(input, sizeof(input), x.get()));
|
|
229
|
+
|
|
230
|
+
uint8_t out[255];
|
|
231
|
+
OPENSSL_memset(out, 0, sizeof(out));
|
|
232
|
+
EXPECT_EQ(1, BN_bn2le_padded(out, sizeof(out), x.get()));
|
|
233
|
+
EXPECT_EQ(Bytes(input), Bytes(out));
|
|
234
|
+
}
|
|
235
|
+
|
|
236
|
+
// This test creates a 256-byte BIGNUM, where only 2 bytes are significant.
|
|
237
|
+
// It then calls |BN_bn2le_padded| to write the number into a 2-byte array
|
|
238
|
+
// in little-endian byte-order.
|
|
239
|
+
TEST(EndianTest, BN_bn2le_padded_much) {
|
|
240
|
+
bssl::UniquePtr<BIGNUM> x(BN_new());
|
|
241
|
+
uint8_t input[256];
|
|
242
|
+
OPENSSL_memset(input, 0, sizeof(input));
|
|
243
|
+
input[0] = 0xaa;
|
|
244
|
+
input[1] = 0x01;
|
|
245
|
+
ASSERT_TRUE(BN_le2bn(input, sizeof(input), x.get()));
|
|
246
|
+
|
|
247
|
+
uint8_t out[2];
|
|
248
|
+
OPENSSL_memset(out, 0, sizeof(out));
|
|
249
|
+
EXPECT_EQ(1, BN_bn2le_padded(out, sizeof(out), x.get()));
|
|
250
|
+
EXPECT_EQ(Bytes(input, 2), Bytes(out, 2));
|
|
251
|
+
}
|
|
252
|
+
|
|
253
|
+
|
|
254
|
+
TEST(EndianTest, BN_bn2bin_padded) {
|
|
255
|
+
bssl::UniquePtr<BIGNUM> x(BN_new());
|
|
256
|
+
uint8_t input[256];
|
|
257
|
+
OPENSSL_memset(input, 0, sizeof(input));
|
|
258
|
+
input[0] = 0xaa;
|
|
259
|
+
input[1] = 0x01;
|
|
260
|
+
input[254] = 0x01;
|
|
261
|
+
input[255] = 0x02;
|
|
262
|
+
ASSERT_NE(nullptr, BN_bin2bn(input, sizeof(input), x.get()));
|
|
263
|
+
|
|
264
|
+
uint8_t out[256];
|
|
265
|
+
OPENSSL_memset(out, 0, sizeof(out));
|
|
266
|
+
EXPECT_EQ(1, BN_bn2bin_padded(out, sizeof(out), x.get()));
|
|
267
|
+
EXPECT_EQ(Bytes(input), Bytes(out));
|
|
268
|
+
}
|
|
269
|
+
|
|
270
|
+
TEST(EndianTest, AES) {
|
|
271
|
+
// Initialize the key and message buffers with zeros
|
|
272
|
+
uint8_t key[16] = {0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22, 0x33,
|
|
273
|
+
0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x50};
|
|
274
|
+
uint8_t message[AES_BLOCK_SIZE] = {0x50, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
|
|
275
|
+
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99};
|
|
276
|
+
|
|
277
|
+
// Allocate buffer to store the encrypted message
|
|
278
|
+
uint8_t encrypted_message[AES_BLOCK_SIZE];
|
|
279
|
+
|
|
280
|
+
// Create an AES_KEY struct
|
|
281
|
+
AES_KEY aes_key = {{0}, 0};
|
|
282
|
+
ASSERT_EQ(0, AES_set_encrypt_key(key, 128, &aes_key));
|
|
283
|
+
|
|
284
|
+
AES_encrypt(message, encrypted_message, &aes_key);
|
|
285
|
+
|
|
286
|
+
const uint8_t known_value_bytes[AES_BLOCK_SIZE] = {
|
|
287
|
+
0x5e, 0x3e, 0x8e, 0x76, 0xf4, 0xf2, 0x7d, 0x41, 0x35, 0x86, 0x96, 0xb5, 0x57, 0x2d, 0xd5, 0xc6
|
|
288
|
+
};
|
|
289
|
+
EXPECT_EQ(Bytes(known_value_bytes), Bytes(encrypted_message));
|
|
290
|
+
}
|
|
291
|
+
|
|
292
|
+
TEST(EndianTest, memcpy) {
|
|
293
|
+
uint8_t buffer[2] = {0xab, 0xcd};
|
|
294
|
+
uint16_t out = 0;
|
|
295
|
+
memcpy(&out, buffer, 2);
|
|
296
|
+
#if defined(OPENSSL_BIG_ENDIAN)
|
|
297
|
+
EXPECT_EQ(out, 0xabcd);
|
|
298
|
+
#else
|
|
299
|
+
EXPECT_EQ(out, 0xcdab);
|
|
300
|
+
#endif
|
|
301
|
+
}
|
|
302
|
+
|
|
303
|
+
TEST(EndianTest, masking) {
|
|
304
|
+
uint16_t value = 0xabcd;
|
|
305
|
+
uint16_t mask = 0xf00f;
|
|
306
|
+
uint16_t result = value & mask;
|
|
307
|
+
EXPECT_EQ(result, 0xa00d);
|
|
308
|
+
}
|
|
@@ -1969,6 +1969,8 @@ struct RsassaPssParamsMatchTestInput {
|
|
|
1969
1969
|
EVP_sha384(), 0},
|
|
1970
1970
|
{kExampleRSAPSSKeyPKCS8, sizeof(kExampleRSAPSSKeyPKCS8), EVP_sha512(),
|
|
1971
1971
|
EVP_sha512(), 0},
|
|
1972
|
+
{kExampleRSAPSSKeyPKCS8, sizeof(kExampleRSAPSSKeyPKCS8), EVP_sha512_224(),
|
|
1973
|
+
EVP_sha512_224(), 0},
|
|
1972
1974
|
{kExampleRSAPSSKeyPKCS8, sizeof(kExampleRSAPSSKeyPKCS8), EVP_sha512_256(),
|
|
1973
1975
|
EVP_sha512_256(), 0},
|
|
1974
1976
|
// This test expects success when setting |signature_md| and |rsa_mgf1_md|
|
|
@@ -103,6 +103,8 @@ static const EVP_MD *GetDigest(FileTest *t, const std::string &name) {
|
|
|
103
103
|
return EVP_sha384();
|
|
104
104
|
} else if (name == "SHA512") {
|
|
105
105
|
return EVP_sha512();
|
|
106
|
+
} else if (name == "SHA512/224") {
|
|
107
|
+
return EVP_sha512_224();
|
|
106
108
|
} else if (name == "SHA512/256") {
|
|
107
109
|
return EVP_sha512_256();
|
|
108
110
|
} else if (name == "SHA3-224") {
|
|
@@ -113,6 +115,10 @@ static const EVP_MD *GetDigest(FileTest *t, const std::string &name) {
|
|
|
113
115
|
return EVP_sha3_384();
|
|
114
116
|
} else if (name == "SHA3-512") {
|
|
115
117
|
return EVP_sha3_512();
|
|
118
|
+
} else if (name == "SHAKE128") {
|
|
119
|
+
return EVP_shake128();
|
|
120
|
+
} else if (name == "SHAKE256") {
|
|
121
|
+
return EVP_shake256();
|
|
116
122
|
}
|
|
117
123
|
ADD_FAILURE() << "Unknown digest: " << name;
|
|
118
124
|
return nullptr;
|
|
@@ -138,7 +144,7 @@ static int GetKeyType(FileTest *t, const std::string &name) {
|
|
|
138
144
|
return EVP_PKEY_NONE;
|
|
139
145
|
}
|
|
140
146
|
|
|
141
|
-
static
|
|
147
|
+
static bool GetRSAPadding(FileTest *t, int *out, const std::string &name) {
|
|
142
148
|
if (name == "PKCS1") {
|
|
143
149
|
*out = RSA_PKCS1_PADDING;
|
|
144
150
|
return true;
|
|
@@ -151,6 +157,10 @@ static int GetRSAPadding(FileTest *t, int *out, const std::string &name) {
|
|
|
151
157
|
*out = RSA_PKCS1_OAEP_PADDING;
|
|
152
158
|
return true;
|
|
153
159
|
}
|
|
160
|
+
if (name == "None") {
|
|
161
|
+
*out = RSA_NO_PADDING;
|
|
162
|
+
return true;
|
|
163
|
+
}
|
|
154
164
|
ADD_FAILURE() << "Unknown RSA padding mode: " << name;
|
|
155
165
|
return false;
|
|
156
166
|
}
|
|
@@ -155,6 +155,21 @@ PublicKey = P-256-SPKI
|
|
|
155
155
|
Input = 305b301506072a8648ce3d020106082a8648ce3d0301070500034200042c150f429ce70f216c252cf5e062ce1f639cd5d165c7f89424072c27197d78b33b920e95cdb664e990dcf0cfea0d94e2a8e6af9d0e58056e653104925b9fe6c9
|
|
156
156
|
Error = DECODE_ERROR
|
|
157
157
|
|
|
158
|
+
PrivateKey = P-224-ExplicitParameters
|
|
159
|
+
Input = 308201540201003081eb06072a8648ce3d02013081df020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff0000000000000000000000013053041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4031500bd71344799d5c7fcdc45b59fa3b9ab8f6a948bc5043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d0201010461305f020101041caa17cf0a0c8064bf6b509c212e48293d61e0d97acc85f8dea5c99166a13c033a00041a95d8c8d08635ad7fa0facd3a9fe56f8f42451b58ea8a29f7d28b0fb214690b1149a69f016f644cdb3320b78a381027835d6091903f0513
|
|
160
|
+
Type = EC
|
|
161
|
+
Output = 3078020100301006072a8648ce3d020106052b810400210461305f020101041caa17cf0a0c8064bf6b509c212e48293d61e0d97acc85f8dea5c99166a13c033a00041a95d8c8d08635ad7fa0facd3a9fe56f8f42451b58ea8a29f7d28b0fb214690b1149a69f016f644cdb3320b78a381027835d6091903f0513
|
|
162
|
+
|
|
163
|
+
PrivateKey = P-384-ExplicitParameters
|
|
164
|
+
Input = 3082020c0201003082016406072a8648ce3d020130820157020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff307b0430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef031500a335926aa319a27a1d00896a6773a4827acdac73046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc5297302010104819e30819b0201010430a29991b86091401328e62ec8caadd0482f887ff0936910e42a56c19f48cbe87331037a4e2b36f1091dd4a26ee2d2b01fa16403620004826b3df548ad2e0b96436cb13508e88745a33b4b06cf485ad8350824b4dfe01ee66a5e1d1aaebfebcaa6337a1f33c338afc0d59b7ce7e389f73f66c9c4a44bbfcf570aec5cc52e7b6608c9061ab4d72de933448c39dd9238177917d398c22c5e
|
|
165
|
+
Type = EC
|
|
166
|
+
Output = 3081b6020100301006072a8648ce3d020106052b8104002204819e30819b0201010430a29991b86091401328e62ec8caadd0482f887ff0936910e42a56c19f48cbe87331037a4e2b36f1091dd4a26ee2d2b01fa16403620004826b3df548ad2e0b96436cb13508e88745a33b4b06cf485ad8350824b4dfe01ee66a5e1d1aaebfebcaa6337a1f33c338afc0d59b7ce7e389f73f66c9c4a44bbfcf570aec5cc52e7b6608c9061ab4d72de933448c39dd9238177917d398c22c5e
|
|
167
|
+
|
|
168
|
+
PrivateKey = P-521-ExplicitParameters
|
|
169
|
+
Input = 308202b0020100308201d006072a8648ce3d0201308201c3020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff30819f044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc04420051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00031500d09e8800291cb85396cc6717393284aaa0da64ba0481850400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e913864090201010481d63081d30201010442002eeee9c16b9b4d2dee606f443cf3b41d2899a4734ff7555b54c735afb34a6912f81c68a89ea9b427c69a1026d98ef1d7f9c683aec5c5103d9a4c21e403c638412fa18189038186000400f58adcbe5c07f6b500fadd3209487e38f9567f97c2204435a4eb140739905c201407e2530a6667216aad01fb849bcbefa3862b2f187f13c9a87923d378a0a184df017b4bb93f4766531785878458da6aaa525724e10dfb1f35cfbe55c56fc705714295ea74b6c3e714152ad78e929f5415683aed9bc7c68f0329934177829d715f03f2
|
|
170
|
+
Type = EC
|
|
171
|
+
Output = 3081ee020100301006072a8648ce3d020106052b810400230481d63081d30201010442002eeee9c16b9b4d2dee606f443cf3b41d2899a4734ff7555b54c735afb34a6912f81c68a89ea9b427c69a1026d98ef1d7f9c683aec5c5103d9a4c21e403c638412fa18189038186000400f58adcbe5c07f6b500fadd3209487e38f9567f97c2204435a4eb140739905c201407e2530a6667216aad01fb849bcbefa3862b2f187f13c9a87923d378a0a184df017b4bb93f4766531785878458da6aaa525724e10dfb1f35cfbe55c56fc705714295ea74b6c3e714152ad78e929f5415683aed9bc7c68f0329934177829d715f03f2
|
|
172
|
+
|
|
158
173
|
# A DSA private key.
|
|
159
174
|
PrivateKey = DSA-1024
|
|
160
175
|
Type = DSA
|
|
@@ -772,6 +787,16 @@ Digest = SHA256
|
|
|
772
787
|
Input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
|
773
788
|
Output = 07fa4e3de9c002c41c952dc292ef5a814c4c17dc1a6cf958c4c971e8089676d6661b442270ef9295c41e5385c9628aa1bdee2cc2558b8473ba212f2ba04b9ff2264c19187b9506b1d0a1cc2751844cc8dedf555d62ce81bc0e70bfe83d0184ee964593af91b9b327c0fb272c799148cd8737d412cbf36c2ad25fd66977bf805f
|
|
774
789
|
|
|
790
|
+
# The input is 1 (mod p) and q - 1 (mod q). If the CRT implementation does not
|
|
791
|
+
# account for p < q, the subtraction step will break. However, this test only
|
|
792
|
+
# works when RSA blinding is disabled. When blinding is enabled, these values
|
|
793
|
+
# are randomized and, instead, either this or the above test will hit this case
|
|
794
|
+
# if repeated enough. (It hits it with probability (q-p)^2 / 2pq, or 1.8% here.)
|
|
795
|
+
Encrypt = RSA-Swapped
|
|
796
|
+
RSAPadding = None
|
|
797
|
+
Input = 7ab490e1f5e718ff23a9e738f9867559e3a6ea72332e3bcc1b6f58585218ed815a865dab75e3f44ea550bdef815101d6039251a513fd99188c1916abb94b15ef72de793f6472a342b33a125cfc96a4fc89d140e337f5fe6ff937ed3f34b6b09f5227f598e12faddf4423254acbee748197bed26954502c7484c65e279fed7fed
|
|
798
|
+
CheckDecrypt
|
|
799
|
+
|
|
775
800
|
# Though we will never generate such a key, test that RSA keys where p and q are
|
|
776
801
|
# different sizes work properly.
|
|
777
802
|
PrivateKey = RSA-PrimeMismatch
|
|
@@ -141,9 +141,9 @@ static int pkey_kem_decapsulate(EVP_PKEY_CTX *ctx,
|
|
|
141
141
|
}
|
|
142
142
|
|
|
143
143
|
// The input and output buffers need to be large enough.
|
|
144
|
-
if (ciphertext_len
|
|
144
|
+
if (ciphertext_len != kem->ciphertext_len ||
|
|
145
145
|
*shared_secret_len < kem->shared_secret_len) {
|
|
146
|
-
OPENSSL_PUT_ERROR(EVP,
|
|
146
|
+
OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_BUFFER_SIZE);
|
|
147
147
|
return 0;
|
|
148
148
|
}
|
|
149
149
|
|
|
@@ -200,12 +200,12 @@ static int rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent) {
|
|
|
200
200
|
static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) {
|
|
201
201
|
const BIGNUM *priv_key = NULL;
|
|
202
202
|
if (ptype == 2) {
|
|
203
|
-
priv_key = x
|
|
203
|
+
priv_key = DSA_get0_priv_key(x);
|
|
204
204
|
}
|
|
205
205
|
|
|
206
206
|
const BIGNUM *pub_key = NULL;
|
|
207
207
|
if (ptype > 0) {
|
|
208
|
-
pub_key = x
|
|
208
|
+
pub_key = DSA_get0_pub_key(x);
|
|
209
209
|
}
|
|
210
210
|
|
|
211
211
|
const char *ktype = "DSA-Parameters";
|
|
@@ -216,14 +216,15 @@ static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) {
|
|
|
216
216
|
}
|
|
217
217
|
|
|
218
218
|
if (!BIO_indent(bp, off, 128) ||
|
|
219
|
-
BIO_printf(bp, "%s: (%u bit)\n", ktype, BN_num_bits(x
|
|
219
|
+
BIO_printf(bp, "%s: (%u bit)\n", ktype, BN_num_bits(DSA_get0_p(x))) <=
|
|
220
|
+
0 ||
|
|
220
221
|
// |priv_key| and |pub_key| may be NULL, in which case |bn_print| will
|
|
221
222
|
// silently skip them.
|
|
222
223
|
!bn_print(bp, "priv:", priv_key, off) ||
|
|
223
224
|
!bn_print(bp, "pub:", pub_key, off) ||
|
|
224
|
-
!bn_print(bp, "P:", x
|
|
225
|
-
!bn_print(bp, "Q:", x
|
|
226
|
-
!bn_print(bp, "G:", x
|
|
225
|
+
!bn_print(bp, "P:", DSA_get0_p(x), off) ||
|
|
226
|
+
!bn_print(bp, "Q:", DSA_get0_q(x), off) ||
|
|
227
|
+
!bn_print(bp, "G:", DSA_get0_g(x), off)) {
|
|
227
228
|
return 0;
|
|
228
229
|
}
|
|
229
230
|
|
|
@@ -28,7 +28,8 @@
|
|
|
28
28
|
// scrypt blocks, respectively.
|
|
29
29
|
|
|
30
30
|
// A block_t is a Salsa20 block.
|
|
31
|
-
|
|
31
|
+
#define SCRYPT_BLOCK_WORD_CNT 16
|
|
32
|
+
typedef struct { uint32_t words[SCRYPT_BLOCK_WORD_CNT]; } block_t;
|
|
32
33
|
|
|
33
34
|
OPENSSL_STATIC_ASSERT(sizeof(block_t) == 64, block_t_has_padding)
|
|
34
35
|
|
|
@@ -111,7 +112,13 @@ static void scryptBlockMix(block_t *out, const block_t *B, uint64_t r) {
|
|
|
111
112
|
static void scryptROMix(block_t *B, uint64_t r, uint64_t N, block_t *T,
|
|
112
113
|
block_t *V) {
|
|
113
114
|
// Steps 1 and 2.
|
|
115
|
+
#ifdef OPENSSL_BIG_ENDIAN
|
|
116
|
+
for(size_t i = 0; i < (2 * r * SCRYPT_BLOCK_WORD_CNT); i++) {
|
|
117
|
+
CRYPTO_store_u32_le(&V->words[i], B->words[i]);
|
|
118
|
+
}
|
|
119
|
+
#else
|
|
114
120
|
OPENSSL_memcpy(V, B, 2 * r * sizeof(block_t));
|
|
121
|
+
#endif
|
|
115
122
|
for (uint64_t i = 1; i < N; i++) {
|
|
116
123
|
scryptBlockMix(&V[2 * r * i /* scrypt block i */],
|
|
117
124
|
&V[2 * r * (i - 1) /* scrypt block i-1 */], r);
|
|
@@ -127,6 +134,11 @@ static void scryptROMix(block_t *B, uint64_t r, uint64_t N, block_t *T,
|
|
|
127
134
|
}
|
|
128
135
|
scryptBlockMix(B, T, r);
|
|
129
136
|
}
|
|
137
|
+
#ifdef OPENSSL_BIG_ENDIAN
|
|
138
|
+
for(size_t i = 0; i < (2 * r * SCRYPT_BLOCK_WORD_CNT); i++) {
|
|
139
|
+
CRYPTO_store_u32_le(&B->words[i], B->words[i]);
|
|
140
|
+
}
|
|
141
|
+
#endif
|
|
130
142
|
}
|
|
131
143
|
|
|
132
144
|
// SCRYPT_PR_MAX is the maximum value of p * r. This is equivalent to the
|
|
@@ -162,7 +162,7 @@ endif()
|
|
|
162
162
|
if ((CMAKE_ASM_COMPILER_ID MATCHES "Clang" OR CMAKE_ASM_COMPILER MATCHES "clang") AND
|
|
163
163
|
(CMAKE_ASM_COMPILER_VERSION VERSION_LESS "7.0.0") AND (ARCH STREQUAL "x86_64"))
|
|
164
164
|
set_source_files_properties(${CMAKE_CURRENT_BINARY_DIR}/aesni-gcm-avx512.${ASM_EXT} PROPERTIES COMPILE_FLAGS "-mavx512f -mavx512bw -mavx512dq -mavx512vl")
|
|
165
|
-
set_source_files_properties(${CMAKE_CURRENT_BINARY_DIR}/aesni-xts-avx512.${ASM_EXT} PROPERTIES COMPILE_FLAGS "-mavx512f -mavx512bw -mavx512dq -mavx512vl
|
|
165
|
+
set_source_files_properties(${CMAKE_CURRENT_BINARY_DIR}/aesni-xts-avx512.${ASM_EXT} PROPERTIES COMPILE_FLAGS "-mavx512f -mavx512bw -mavx512dq -mavx512vl")
|
|
166
166
|
endif()
|
|
167
167
|
|
|
168
168
|
# s2n-bignum files can be compiled on Unix platforms only (except Apple),
|
|
@@ -249,6 +249,11 @@ if((((ARCH STREQUAL "x86_64") AND NOT MY_ASSEMBLER_IS_TOO_OLD_FOR_AVX) OR
|
|
|
249
249
|
fastmul/bignum_ksqr_16_32_neon.S
|
|
250
250
|
fastmul/bignum_ksqr_32_64_neon.S
|
|
251
251
|
fastmul/bignum_emontredc_8n_neon.S
|
|
252
|
+
|
|
253
|
+
generic/bignum_copy_row_from_table.S
|
|
254
|
+
generic/bignum_copy_row_from_table_8n_neon.S
|
|
255
|
+
generic/bignum_copy_row_from_table_16_neon.S
|
|
256
|
+
generic/bignum_copy_row_from_table_32_neon.S
|
|
252
257
|
)
|
|
253
258
|
endif()
|
|
254
259
|
endif()
|
|
@@ -270,6 +275,8 @@ function(cpreprocess dest src)
|
|
|
270
275
|
DEPENDS
|
|
271
276
|
${src}
|
|
272
277
|
${PROJECT_SOURCE_DIR}/include/openssl/arm_arch.h
|
|
278
|
+
${PROJECT_SOURCE_DIR}/include/openssl/asm_base.h
|
|
279
|
+
${PROJECT_SOURCE_DIR}/include/openssl/target.h
|
|
273
280
|
WORKING_DIRECTORY .
|
|
274
281
|
)
|
|
275
282
|
endfunction()
|
|
@@ -453,17 +460,19 @@ elseif(FIPS_SHARED)
|
|
|
453
460
|
# generate the output object file where all the code in the __text section
|
|
454
461
|
# and all the read-only data in the __const section are between the
|
|
455
462
|
# respective start and end markers.
|
|
463
|
+
if (CMAKE_OSX_DEPLOYMENT_TARGET)
|
|
464
|
+
set(OSX_VERSION_MIN_FLAG "-mmacosx-version-min=${CMAKE_OSX_DEPLOYMENT_TARGET}")
|
|
465
|
+
endif()
|
|
456
466
|
add_custom_command(
|
|
457
467
|
OUTPUT fips_apple_start.o
|
|
458
|
-
COMMAND ${CMAKE_C_COMPILER} -arch ${CMAKE_SYSTEM_PROCESSOR} -isysroot ${CMAKE_OSX_SYSROOT} -c ${CMAKE_CURRENT_SOURCE_DIR}/fips_shared_library_marker.c -DAWSLC_FIPS_SHARED_START -o fips_apple_start.o
|
|
468
|
+
COMMAND ${CMAKE_C_COMPILER} -arch ${CMAKE_SYSTEM_PROCESSOR} -isysroot ${CMAKE_OSX_SYSROOT} ${OSX_VERSION_MIN_FLAG} -c ${CMAKE_CURRENT_SOURCE_DIR}/fips_shared_library_marker.c -DAWSLC_FIPS_SHARED_START -o fips_apple_start.o
|
|
459
469
|
DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/fips_shared_library_marker.c
|
|
460
470
|
)
|
|
461
471
|
add_custom_command(
|
|
462
472
|
OUTPUT fips_apple_end.o
|
|
463
|
-
COMMAND ${CMAKE_C_COMPILER} -arch ${CMAKE_SYSTEM_PROCESSOR} -isysroot ${CMAKE_OSX_SYSROOT} -c ${CMAKE_CURRENT_SOURCE_DIR}/fips_shared_library_marker.c -DAWSLC_FIPS_SHARED_END -o fips_apple_end.o
|
|
473
|
+
COMMAND ${CMAKE_C_COMPILER} -arch ${CMAKE_SYSTEM_PROCESSOR} -isysroot ${CMAKE_OSX_SYSROOT} ${OSX_VERSION_MIN_FLAG} -c ${CMAKE_CURRENT_SOURCE_DIR}/fips_shared_library_marker.c -DAWSLC_FIPS_SHARED_END -o fips_apple_end.o
|
|
464
474
|
DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/fips_shared_library_marker.c
|
|
465
475
|
)
|
|
466
|
-
|
|
467
476
|
add_custom_command(
|
|
468
477
|
OUTPUT bcm.o
|
|
469
478
|
COMMAND ${CMAKE_LINKER} -r fips_apple_start.o -force_load $<TARGET_FILE:bcm_library> fips_apple_end.o -keep_private_externs -o bcm.o
|
|
@@ -349,15 +349,27 @@ static inline void aes_nohw_compact_block(aes_word_t out[AES_NOHW_BLOCK_WORDS],
|
|
|
349
349
|
#if defined(OPENSSL_SSE2)
|
|
350
350
|
// No conversions needed.
|
|
351
351
|
#elif defined(OPENSSL_64_BIT)
|
|
352
|
+
#if defined(OPENSSL_BIG_ENDIAN)
|
|
353
|
+
uint64_t a0 = aes_nohw_compact_word(CRYPTO_load_u64_le(&out[0]));
|
|
354
|
+
uint64_t a1 = aes_nohw_compact_word(CRYPTO_load_u64_le(&out[1]));
|
|
355
|
+
#else
|
|
352
356
|
uint64_t a0 = aes_nohw_compact_word(out[0]);
|
|
353
357
|
uint64_t a1 = aes_nohw_compact_word(out[1]);
|
|
358
|
+
#endif
|
|
354
359
|
out[0] = (a0 & UINT64_C(0x00000000ffffffff)) | (a1 << 32);
|
|
355
360
|
out[1] = (a1 & UINT64_C(0xffffffff00000000)) | (a0 >> 32);
|
|
361
|
+
#else
|
|
362
|
+
#if defined(OPENSSL_BIG_ENDIAN)
|
|
363
|
+
uint32_t a0 = aes_nohw_compact_word(CRYPTO_load_u32_le(&out[0]));
|
|
364
|
+
uint32_t a1 = aes_nohw_compact_word(CRYPTO_load_u32_le(&out[1]));
|
|
365
|
+
uint32_t a2 = aes_nohw_compact_word(CRYPTO_load_u32_le(&out[2]));
|
|
366
|
+
uint32_t a3 = aes_nohw_compact_word(CRYPTO_load_u32_le(&out[3]));
|
|
356
367
|
#else
|
|
357
368
|
uint32_t a0 = aes_nohw_compact_word(out[0]);
|
|
358
369
|
uint32_t a1 = aes_nohw_compact_word(out[1]);
|
|
359
370
|
uint32_t a2 = aes_nohw_compact_word(out[2]);
|
|
360
371
|
uint32_t a3 = aes_nohw_compact_word(out[3]);
|
|
372
|
+
#endif
|
|
361
373
|
// Note clang, when building for ARM Thumb2, will sometimes miscompile
|
|
362
374
|
// expressions such as (a0 & 0x0000ff00) << 8, particularly when building
|
|
363
375
|
// without optimizations. This bug was introduced in
|
|
@@ -381,8 +393,8 @@ static inline void aes_nohw_uncompact_block(
|
|
|
381
393
|
aes_nohw_uncompact_word((a0 & UINT64_C(0x00000000ffffffff)) | (a1 << 32));
|
|
382
394
|
uint64_t b1 =
|
|
383
395
|
aes_nohw_uncompact_word((a1 & UINT64_C(0xffffffff00000000)) | (a0 >> 32));
|
|
384
|
-
|
|
385
|
-
|
|
396
|
+
CRYPTO_store_u64_le(&out[0], b0);
|
|
397
|
+
CRYPTO_store_u64_le(&out[8], b1);
|
|
386
398
|
#else
|
|
387
399
|
uint32_t a0 = in[0];
|
|
388
400
|
uint32_t a1 = in[1];
|
|
@@ -403,10 +415,10 @@ static inline void aes_nohw_uncompact_block(
|
|
|
403
415
|
b1 = aes_nohw_uncompact_word(b1);
|
|
404
416
|
b2 = aes_nohw_uncompact_word(b2);
|
|
405
417
|
b3 = aes_nohw_uncompact_word(b3);
|
|
406
|
-
|
|
407
|
-
|
|
408
|
-
|
|
409
|
-
|
|
418
|
+
CRYPTO_store_u32_le(&out[0], b0);
|
|
419
|
+
CRYPTO_store_u32_le(&out[4], b1);
|
|
420
|
+
CRYPTO_store_u32_le(&out[8], b2);
|
|
421
|
+
CRYPTO_store_u32_le(&out[12], b3);
|
|
410
422
|
#endif
|
|
411
423
|
}
|
|
412
424
|
|
|
@@ -228,14 +228,19 @@ static void BORINGSSL_bcm_power_on_self_test(void) __attribute__ ((constructor))
|
|
|
228
228
|
#endif
|
|
229
229
|
|
|
230
230
|
static void BORINGSSL_bcm_power_on_self_test(void) {
|
|
231
|
-
|
|
231
|
+
// TODO: remove !defined(OPENSSL_PPC64BE) from the check below when starting to support
|
|
232
|
+
// PPC64BE that has VCRYPTO capability. In that case, add `|| defined(OPENSSL_PPC64BE)`
|
|
233
|
+
// to `#if defined(OPENSSL_PPC64LE)` wherever it occurs.
|
|
234
|
+
#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_PPC32BE) && !defined(OPENSSL_PPC64BE)
|
|
232
235
|
OPENSSL_cpuid_setup();
|
|
233
236
|
#endif
|
|
234
237
|
|
|
238
|
+
#if defined(FIPS_ENTROPY_SOURCE_JITTER_CPU)
|
|
235
239
|
if (jent_entropy_init()) {
|
|
236
240
|
fprintf(stderr, "CPU Jitter entropy RNG initialization failed.\n");
|
|
237
241
|
goto err;
|
|
238
242
|
}
|
|
243
|
+
#endif
|
|
239
244
|
|
|
240
245
|
#if !defined(OPENSSL_ASAN)
|
|
241
246
|
// Integrity tests cannot run under ASAN because it involves reading the full
|
|
@@ -273,7 +278,7 @@ int BORINGSSL_integrity_test(void) {
|
|
|
273
278
|
assert_not_within(start, OPENSSL_ia32cap_P, end);
|
|
274
279
|
#elif defined(OPENSSL_AARCH64)
|
|
275
280
|
assert_not_within(start, &OPENSSL_armcap_P, end);
|
|
276
|
-
#endif
|
|
281
|
+
#endif
|
|
277
282
|
|
|
278
283
|
#if defined(BORINGSSL_SHARED_LIBRARY)
|
|
279
284
|
const uint8_t *const rodata_start = BORINGSSL_bcm_rodata_start;
|
|
@@ -320,11 +325,14 @@ int BORINGSSL_integrity_test(void) {
|
|
|
320
325
|
#endif
|
|
321
326
|
#if defined(BORINGSSL_SHARED_LIBRARY)
|
|
322
327
|
uint64_t length = end - start;
|
|
323
|
-
|
|
328
|
+
uint8_t buffer[sizeof(length)];
|
|
329
|
+
CRYPTO_store_u64_le(buffer, length);
|
|
330
|
+
HMAC_Update(&hmac_ctx, buffer, sizeof(length));
|
|
324
331
|
HMAC_Update(&hmac_ctx, start, length);
|
|
325
332
|
|
|
326
333
|
length = rodata_end - rodata_start;
|
|
327
|
-
|
|
334
|
+
CRYPTO_store_u64_le(buffer, length);
|
|
335
|
+
HMAC_Update(&hmac_ctx, buffer, sizeof(length));
|
|
328
336
|
HMAC_Update(&hmac_ctx, rodata_start, length);
|
|
329
337
|
#else
|
|
330
338
|
HMAC_Update(&hmac_ctx, start, end - start);
|