aws-crt 0.1.9 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/aws-crt-ffi/crt/aws-c-auth/include/aws/auth/auth.h +1 -0
- data/aws-crt-ffi/crt/aws-c-auth/include/aws/auth/aws_imds_client.h +5 -0
- data/aws-crt-ffi/crt/aws-c-auth/include/aws/auth/credentials.h +5 -0
- data/aws-crt-ffi/crt/aws-c-auth/include/aws/auth/private/aws_signing.h +1 -0
- data/aws-crt-ffi/crt/aws-c-auth/include/aws/auth/private/credentials_utils.h +2 -0
- data/aws-crt-ffi/crt/aws-c-auth/include/aws/auth/signing_config.h +1 -0
- data/aws-crt-ffi/crt/aws-c-auth/source/auth.c +3 -1
- data/aws-crt-ffi/crt/aws-c-auth/source/aws_imds_client.c +146 -63
- data/aws-crt-ffi/crt/aws-c-auth/source/aws_signing.c +41 -19
- data/aws-crt-ffi/crt/aws-c-auth/source/credentials_provider_imds.c +1 -0
- data/aws-crt-ffi/crt/aws-c-auth/source/credentials_utils.c +1 -0
- data/aws-crt-ffi/crt/aws-c-auth/source/signable_http_request.c +2 -1
- data/aws-crt-ffi/crt/aws-c-auth/source/signing_config.c +25 -0
- data/aws-crt-ffi/crt/aws-c-auth/tests/CMakeLists.txt +3 -0
- data/aws-crt-ffi/crt/aws-c-auth/tests/aws_imds_client_test.c +197 -31
- data/aws-crt-ffi/crt/aws-c-auth/tests/credentials_provider_imds_tests.c +16 -18
- data/aws-crt-ffi/crt/aws-c-auth/tests/sigv4_signing_tests.c +3 -1
- data/aws-crt-ffi/crt/aws-c-cal/include/aws/cal/private/opensslcrypto_common.h +22 -0
- data/aws-crt-ffi/crt/aws-c-cal/source/darwin/commoncrypto_aes.c +46 -17
- data/aws-crt-ffi/crt/aws-c-cal/source/unix/openssl_aes.c +1 -0
- data/aws-crt-ffi/crt/aws-c-cal/source/unix/openssl_platform_init.c +7 -0
- data/aws-crt-ffi/crt/aws-c-cal/source/unix/openssl_rsa.c +59 -2
- data/aws-crt-ffi/crt/aws-c-cal/source/unix/opensslcrypto_ecc.c +1 -0
- data/aws-crt-ffi/crt/aws-c-common/CMakeLists.txt +13 -1
- data/aws-crt-ffi/crt/aws-c-common/THIRD-PARTY-LICENSES.txt +28 -7
- data/aws-crt-ffi/crt/aws-c-common/bin/system_info/CMakeLists.txt +18 -0
- data/aws-crt-ffi/crt/aws-c-common/bin/system_info/print_system_info.c +48 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/allocator.h +23 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/byte_buf.h +12 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/cross_process_lock.h +35 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/hash_table.h +1 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/priority_queue.h +24 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/private/system_info_priv.h +37 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/system_info.h +47 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/system_resource_util.h +30 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/testing/aws_test_harness.h +3 -2
- data/aws-crt-ffi/crt/aws-c-common/source/allocator.c +64 -13
- data/aws-crt-ffi/crt/aws-c-common/source/android/logging.c +14 -0
- data/aws-crt-ffi/crt/aws-c-common/source/common.c +3 -3
- data/aws-crt-ffi/crt/aws-c-common/source/file.c +96 -35
- data/aws-crt-ffi/crt/aws-c-common/source/linux/system_info.c +24 -0
- data/aws-crt-ffi/crt/aws-c-common/source/memtrace.c +10 -3
- data/aws-crt-ffi/crt/aws-c-common/source/platform_fallback_stubs/system_info.c +21 -0
- data/aws-crt-ffi/crt/aws-c-common/source/posix/cross_process_lock.c +141 -0
- data/aws-crt-ffi/crt/aws-c-common/source/posix/system_info.c +1 -1
- data/aws-crt-ffi/crt/aws-c-common/source/posix/system_resource_utils.c +32 -0
- data/aws-crt-ffi/crt/aws-c-common/source/priority_queue.c +24 -0
- data/aws-crt-ffi/crt/aws-c-common/source/system_info.c +80 -0
- data/aws-crt-ffi/crt/aws-c-common/source/task_scheduler.c +2 -2
- data/aws-crt-ffi/crt/aws-c-common/source/windows/cross_process_lock.c +93 -0
- data/aws-crt-ffi/crt/aws-c-common/source/windows/system_resource_utils.c +31 -0
- data/aws-crt-ffi/crt/aws-c-common/tests/CMakeLists.txt +16 -0
- data/aws-crt-ffi/crt/aws-c-common/tests/alloc_test.c +83 -22
- data/aws-crt-ffi/crt/aws-c-common/tests/cross_process_lock_tests.c +116 -0
- data/aws-crt-ffi/crt/aws-c-common/tests/file_test.c +103 -0
- data/aws-crt-ffi/crt/aws-c-common/tests/priority_queue_test.c +36 -0
- data/aws-crt-ffi/crt/aws-c-common/tests/system_info_tests.c +19 -0
- data/aws-crt-ffi/crt/aws-c-common/tests/system_resource_util_test.c +37 -0
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/connection.h +9 -0
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/http.h +1 -0
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/connection_impl.h +5 -4
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/connection_manager_system_vtable.h +10 -18
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/proxy_impl.h +5 -1
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/request_response_impl.h +5 -0
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/request_response.h +10 -0
- data/aws-crt-ffi/crt/aws-c-http/source/connection.c +5 -2
- data/aws-crt-ffi/crt/aws-c-http/source/connection_manager.c +22 -21
- data/aws-crt-ffi/crt/aws-c-http/source/h1_connection.c +102 -17
- data/aws-crt-ffi/crt/aws-c-http/source/h1_stream.c +1 -0
- data/aws-crt-ffi/crt/aws-c-http/source/http.c +3 -0
- data/aws-crt-ffi/crt/aws-c-http/source/proxy_connection.c +2 -2
- data/aws-crt-ffi/crt/aws-c-http/tests/CMakeLists.txt +2 -0
- data/aws-crt-ffi/crt/aws-c-http/tests/test_connection_manager.c +18 -18
- data/aws-crt-ffi/crt/aws-c-http/tests/test_h1_client.c +111 -1
- data/aws-crt-ffi/crt/aws-c-http/tests/test_proxy.c +2 -2
- data/aws-crt-ffi/crt/aws-c-http/tests/test_stream_manager.c +2 -2
- data/aws-crt-ffi/crt/aws-c-io/include/aws/io/retry_strategy.h +1 -1
- data/aws-crt-ffi/crt/aws-c-io/source/exponential_backoff_retry_strategy.c +1 -1
- data/aws-crt-ffi/crt/aws-c-io/source/pkcs11_tls_op_handler.c +2 -4
- data/aws-crt-ffi/crt/aws-lc/CMakeLists.txt +16 -8
- data/aws-crt-ffi/crt/aws-lc/cmake/go.cmake +6 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/CMakeLists.txt +6 -9
- data/aws-crt-ffi/crt/aws-lc/crypto/asn1/a_time.c +34 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/asn1/a_utctm.c +4 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/asn1/asn1_test.cc +41 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/bio/bio_mem.c +6 -7
- data/aws-crt-ffi/crt/aws-lc/crypto/bio/bio_test.cc +152 -16
- data/aws-crt-ffi/crt/aws-lc/crypto/bio/connect.c +6 -12
- data/aws-crt-ffi/crt/aws-lc/crypto/bio/fd.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/bio/file.c +20 -8
- data/aws-crt-ffi/crt/aws-lc/crypto/bio/socket.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/bio/socket_helper.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/blake2/blake2.c +11 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/bytestring/cbb.c +13 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/bytestring/cbs.c +9 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/chacha/asm/chacha-armv8.pl +1 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/chacha/chacha.c +49 -8
- data/aws-crt-ffi/crt/aws-lc/crypto/chacha/chacha_test.cc +110 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/chacha/internal.h +8 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/compiler_test.cc +4 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/conf/conf_test.cc +1 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/crypto_test.cc +9 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/curve25519/curve25519.c +189 -108
- data/aws-crt-ffi/crt/aws-lc/crypto/curve25519/curve25519_nohw.c +78 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/curve25519/ed25519_test.cc +9 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/curve25519/internal.h +24 -10
- data/aws-crt-ffi/crt/aws-lc/crypto/curve25519/spake25519.c +4 -4
- data/aws-crt-ffi/crt/aws-lc/crypto/curve25519/x25519_test.cc +80 -11
- data/aws-crt-ffi/crt/aws-lc/crypto/decrepit/evp/evp_do_all.c +2 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/digest_extra/digest_extra.c +8 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/digest_extra/digest_test.cc +110 -45
- data/aws-crt-ffi/crt/aws-lc/crypto/dsa/dsa_test.cc +8 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/dsa/internal.h +18 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/dynamic_loading_test.c +8 -5
- data/aws-crt-ffi/crt/aws-lc/crypto/ec_extra/ec_derive.c +4 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/ec_extra/hash_to_curve.c +6 -18
- data/aws-crt-ffi/crt/aws-lc/crypto/endian_test.cc +308 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/err/ssl.errordata +2 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/evp_extra_test.cc +2 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/evp_test.cc +11 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/evp_tests.txt +25 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/p_ec_asn1.c +1 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/p_kem.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/p_rsa_asn1.c +1 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/print.c +7 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/evp_extra/scrypt.c +13 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/CMakeLists.txt +13 -4
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/aes/aes_nohw.c +18 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bcm.c +12 -4
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/bn_assert_test.cc +77 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/bn_test.cc +30 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/bytes.c +112 -22
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/div.c +12 -5
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/exponentiation.c +54 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/gcd.c +5 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/internal.h +37 -15
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/montgomery.c +4 -11
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/bn/montgomery_inv.c +51 -15
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/cipher/aead.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/digest/digest.c +29 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/digest/digests.c +89 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/digest/internal.h +4 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/ec.c +19 -36
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/ec_key.c +3 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/ec_montgomery.c +9 -7
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/ec_test.cc +33 -9
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/internal.h +17 -12
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/p224-64.c +5 -8
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/p256-nistz.c +8 -8
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/p256.c +9 -8
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/p384.c +33 -16
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/p521.c +14 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/scalar.c +26 -24
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/simple_mul.c +8 -5
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ec/wnaf.c +3 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/ecdsa/ecdsa.c +9 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/evp/evp.c +43 -12
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/evp/p_ec.c +4 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/hmac/hmac.c +3 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/modes/xts.c +26 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rand/cpu_jitter_test.cc +1 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rand/internal.h +20 -11
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rand/rand.c +10 -10
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rand/urandom.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rsa/internal.h +59 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rsa/padding.c +9 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rsa/rsa.c +7 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/rsa/rsa_impl.c +51 -60
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/service_indicator/service_indicator.c +5 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/service_indicator/service_indicator_test.cc +205 -5
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/sha/asm/sha1-armv8.pl +1 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/sha/asm/sha512-armv8.pl +1 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/sha/internal.h +8 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/sha/sha3.c +37 -15
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/sha/sha3_test.cc +115 -110
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/sha/sha512.c +55 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/fipsmodule/sshkdf/sshkdf.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/hmac_extra/hmac_test.cc +12 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/hmac_extra/hmac_tests.txt +10 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/hrss/asm/poly_rq_mul.S +2 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/impl_dispatch_test.cc +9 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/internal.h +90 -8
- data/aws-crt-ffi/crt/aws-lc/crypto/kem/kem.c +28 -27
- data/aws-crt-ffi/crt/aws-lc/crypto/kyber/kem_kyber.h +14 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/obj/obj_dat.h +52 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/obj/obj_mac.num +5 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/obj/objects.txt +7 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/perlasm/arm-xlate.pl +3 -14
- data/aws-crt-ffi/crt/aws-lc/crypto/perlasm/ppc-xlate.pl +1 -5
- data/aws-crt-ffi/crt/aws-lc/crypto/perlasm/x86_64-xlate.pl +4 -15
- data/aws-crt-ffi/crt/aws-lc/crypto/perlasm/x86asm.pl +4 -13
- data/aws-crt-ffi/crt/aws-lc/crypto/poly1305/poly1305_arm_asm.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/crypto/rand_extra/deterministic.c +4 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/rand_extra/fuchsia.c +4 -4
- data/aws-crt-ffi/crt/aws-lc/crypto/rand_extra/rand_test.cc +0 -63
- data/aws-crt-ffi/crt/aws-lc/crypto/rand_extra/windows.c +41 -19
- data/aws-crt-ffi/crt/aws-lc/crypto/rsa_extra/rsa_test.cc +3 -3
- data/aws-crt-ffi/crt/aws-lc/crypto/siphash/siphash.c +12 -5
- data/aws-crt-ffi/crt/aws-lc/crypto/siphash/siphash_test.cc +5 -5
- data/aws-crt-ffi/crt/aws-lc/crypto/stack/stack.c +68 -46
- data/aws-crt-ffi/crt/aws-lc/crypto/trust_token/pmbtoken.c +4 -4
- data/aws-crt-ffi/crt/aws-lc/crypto/trust_token/voprf.c +2 -2
- data/aws-crt-ffi/crt/aws-lc/crypto/x509/by_dir.c +0 -6
- data/aws-crt-ffi/crt/aws-lc/crypto/x509/internal.h +4 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/x509/x509_lu.c +33 -9
- data/aws-crt-ffi/crt/aws-lc/crypto/x509/x509_test.cc +87 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/x509/x509_trs.c +1 -1
- data/aws-crt-ffi/crt/aws-lc/crypto/x509/x509_vfy.c +35 -13
- data/aws-crt-ffi/crt/aws-lc/crypto/x509v3/v3_lib.c +2 -0
- data/aws-crt-ffi/crt/aws-lc/crypto/x509v3/v3_purp.c +4 -6
- data/aws-crt-ffi/crt/aws-lc/generated-src/crypto_test_data.cc +179 -151
- data/aws-crt-ffi/crt/aws-lc/generated-src/err_data.c +353 -349
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/chacha/chacha-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/cipher_extra/chacha20_poly1305_armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/aesv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/aesv8-gcm-armv8-unroll8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/aesv8-gcm-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/armv8-mont.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/bn-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/ghash-neon-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/ghashv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/keccak1600-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/md5-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/p256-armv8-asm.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/p256_beeu-armv8-asm.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/sha1-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/sha256-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/sha512-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/fipsmodule/vpaes-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-aarch64/crypto/test/trampoline-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/chacha/chacha-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/aesv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/armv4-mont.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/bsaes-armv7.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/ghash-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/ghashv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/sha1-armv4-large.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/sha256-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/sha512-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/fipsmodule/vpaes-armv7.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/ios-arm/crypto/test/trampoline-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/chacha/chacha-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/cipher_extra/chacha20_poly1305_armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/aesv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/aesv8-gcm-armv8-unroll8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/aesv8-gcm-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/armv8-mont.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/bn-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/ghash-neon-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/ghashv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/keccak1600-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/md5-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/p256-armv8-asm.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/p256_beeu-armv8-asm.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/sha1-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/sha256-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/sha512-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/fipsmodule/vpaes-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-aarch64/crypto/test/trampoline-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/chacha/chacha-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/aesv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/armv4-mont.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/bsaes-armv7.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/ghash-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/ghashv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/sha1-armv4-large.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/sha256-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/sha512-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/fipsmodule/vpaes-armv7.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-arm/crypto/test/trampoline-armv4.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-ppc64le/crypto/fipsmodule/aesp8-ppc.S +1 -5
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-ppc64le/crypto/fipsmodule/ghashp8-ppc.S +1 -5
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-ppc64le/crypto/test/trampoline-ppc.S +1 -5
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/chacha/chacha-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/aesni-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/bn-586.S +4 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/co-586.S +4 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/ghash-ssse3-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/ghash-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/md5-586.S +4 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/sha1-586.S +4 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/sha256-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/sha512-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/vpaes-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/fipsmodule/x86-mont.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86/crypto/test/trampoline-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/chacha/chacha-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/cipher_extra/aesni-sha1-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/cipher_extra/aesni-sha256-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/aesni-gcm-avx512.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/aesni-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/aesni-xts-avx512.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/ghash-ssse3-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/ghash-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/md5-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/p256-x86_64-asm.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/p256_beeu-x86_64-asm.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/rdrand-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/rsaz-avx2.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/sha1-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/sha256-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/sha512-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/vpaes-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/x86_64-mont.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/fipsmodule/x86_64-mont5.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/linux-x86_64/crypto/test/trampoline-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/chacha/chacha-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/aesni-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/bn-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/co-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/ghash-ssse3-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/ghash-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/md5-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/sha1-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/sha256-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/sha512-586.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/vpaes-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/fipsmodule/x86-mont.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86/crypto/test/trampoline-x86.S +3 -12
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/chacha/chacha-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/cipher_extra/aes128gcmsiv-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/cipher_extra/aesni-sha1-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/cipher_extra/aesni-sha256-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/cipher_extra/chacha20_poly1305_x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/aesni-gcm-avx512.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/aesni-gcm-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/aesni-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/aesni-xts-avx512.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/ghash-ssse3-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/ghash-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/md5-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/p256-x86_64-asm.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/p256_beeu-x86_64-asm.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/rdrand-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/rsaz-avx2.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/sha1-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/sha256-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/sha512-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/vpaes-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/x86_64-mont.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/fipsmodule/x86_64-mont5.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/mac-x86_64/crypto/test/trampoline-x86_64.S +2 -11
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/chacha/chacha-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/cipher_extra/chacha20_poly1305_armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/aesv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/aesv8-gcm-armv8-unroll8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/aesv8-gcm-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/armv8-mont.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/bn-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/ghash-neon-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/ghashv8-armx.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/keccak1600-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/md5-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/p256-armv8-asm.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/p256_beeu-armv8-asm.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/sha1-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/sha256-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/sha512-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/fipsmodule/vpaes-armv8.S +3 -13
- data/aws-crt-ffi/crt/aws-lc/generated-src/win-aarch64/crypto/test/trampoline-armv8.S +4 -14
- data/aws-crt-ffi/crt/aws-lc/go.mod +4 -4
- data/aws-crt-ffi/crt/aws-lc/go.sum +8 -10
- data/aws-crt-ffi/crt/aws-lc/include/openssl/aead.h +2 -2
- data/aws-crt-ffi/crt/aws-lc/include/openssl/arm_arch.h +4 -119
- data/aws-crt-ffi/crt/aws-lc/include/openssl/asm_base.h +185 -0
- data/aws-crt-ffi/crt/aws-lc/include/openssl/asn1.h +5 -0
- data/aws-crt-ffi/crt/aws-lc/include/openssl/base.h +31 -134
- data/aws-crt-ffi/crt/aws-lc/include/openssl/bio.h +30 -18
- data/aws-crt-ffi/crt/aws-lc/include/openssl/bn.h +0 -2
- data/aws-crt-ffi/crt/aws-lc/include/openssl/chacha.h +6 -0
- data/aws-crt-ffi/crt/aws-lc/include/openssl/cipher.h +2 -2
- data/aws-crt-ffi/crt/aws-lc/include/openssl/digest.h +9 -6
- data/aws-crt-ffi/crt/aws-lc/include/openssl/dsa.h +0 -21
- data/aws-crt-ffi/crt/aws-lc/include/openssl/ec.h +1 -1
- data/aws-crt-ffi/crt/aws-lc/include/openssl/err.h +1 -1
- data/aws-crt-ffi/crt/aws-lc/include/openssl/evp.h +8 -5
- data/aws-crt-ffi/crt/aws-lc/include/openssl/nid.h +21 -0
- data/aws-crt-ffi/crt/aws-lc/include/openssl/rsa.h +1 -65
- data/aws-crt-ffi/crt/aws-lc/include/openssl/sha.h +22 -1
- data/aws-crt-ffi/crt/aws-lc/include/openssl/ssl.h +121 -13
- data/aws-crt-ffi/crt/aws-lc/include/openssl/stack.h +229 -208
- data/aws-crt-ffi/crt/aws-lc/include/openssl/target.h +166 -0
- data/aws-crt-ffi/crt/aws-lc/include/openssl/x509.h +30 -10
- data/aws-crt-ffi/crt/aws-lc/include/openssl/x509v3.h +6 -4
- data/aws-crt-ffi/crt/aws-lc/sources.cmake +2 -0
- data/aws-crt-ffi/crt/aws-lc/ssl/extensions.cc +12 -7
- data/aws-crt-ffi/crt/aws-lc/ssl/handshake_server.cc +28 -18
- data/aws-crt-ffi/crt/aws-lc/ssl/internal.h +41 -6
- data/aws-crt-ffi/crt/aws-lc/ssl/s3_both.cc +9 -17
- data/aws-crt-ffi/crt/aws-lc/ssl/ssl_cipher.cc +13 -5
- data/aws-crt-ffi/crt/aws-lc/ssl/ssl_key_share.cc +542 -2
- data/aws-crt-ffi/crt/aws-lc/ssl/ssl_lib.cc +35 -0
- data/aws-crt-ffi/crt/aws-lc/ssl/ssl_test.cc +1847 -14
- data/aws-crt-ffi/crt/aws-lc/ssl/ssl_x509.cc +128 -0
- data/aws-crt-ffi/crt/aws-lc/ssl/test/PORTING.md +10 -7
- data/aws-crt-ffi/crt/aws-lc/ssl/test/bssl_shim.cc +133 -77
- data/aws-crt-ffi/crt/aws-lc/ssl/test/handshake_util.cc +3 -3
- data/aws-crt-ffi/crt/aws-lc/ssl/test/handshaker.cc +4 -0
- data/aws-crt-ffi/crt/aws-lc/ssl/test/runner/handshake_client.go +6 -2
- data/aws-crt-ffi/crt/aws-lc/ssl/test/runner/handshake_messages.go +894 -1042
- data/aws-crt-ffi/crt/aws-lc/ssl/test/runner/handshake_server.go +24 -23
- data/aws-crt-ffi/crt/aws-lc/ssl/test/runner/prf.go +6 -5
- data/aws-crt-ffi/crt/aws-lc/ssl/test/runner/runner.go +56 -55
- data/aws-crt-ffi/crt/aws-lc/ssl/test/runner/shim_dispatcher.go +188 -0
- data/aws-crt-ffi/crt/aws-lc/ssl/test/runner/ticket.go +37 -39
- data/aws-crt-ffi/crt/aws-lc/ssl/test/test_config.cc +59 -24
- data/aws-crt-ffi/crt/aws-lc/ssl/test/test_config.h +3 -2
- data/aws-crt-ffi/crt/aws-lc/ssl/tls13_server.cc +10 -11
- data/aws-crt-ffi/crt/aws-lc/tests/ci/cdk/app.py +4 -4
- data/aws-crt-ffi/crt/aws-lc/tests/ci/cdk/cdk/{aws_lc_mac_arm_ci_stack.py → aws_lc_ec2_test_framework_ci_stack.py} +13 -29
- data/aws-crt-ffi/crt/aws-lc/tests/ci/cdk/cdk/ssm/general_test_run_ssm_document.yaml +43 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/common_posix_setup.sh +10 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-aarch/amazonlinux-2023_base/Dockerfile +5 -1
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-aarch/ubuntu-22.04_base/Dockerfile +19 -3
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-x86/amazonlinux-2_gcc-7x-intel-sde/Dockerfile +5 -4
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-x86/build_images.sh +1 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-x86/push_images.sh +2 -1
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-x86/ubuntu-20.04_clang-10x_formal-verification/create_image.sh +1 -1
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-x86/ubuntu-22.04_base/Dockerfile +1 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/linux-x86/ubuntu-22.04_clang-14x-sde/Dockerfile +42 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/windows/vs2017/Dockerfile +14 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/docker_images/windows/windows_base/Dockerfile +3 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/integration/README.md +12 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/integration/nginx_patch/aws-lc-nginx.patch +68 -23
- data/aws-crt-ffi/crt/aws-lc/tests/ci/integration/run_crt_integration.sh +27 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/integration/run_monit_integration.sh +56 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/integration/sslproxy_patch/aws-lc-sslproxy.patch +2 -2
- data/aws-crt-ffi/crt/aws-lc/tests/ci/run_ec2_test_framework.sh +135 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/run_fips_tests.sh +14 -2
- data/aws-crt-ffi/crt/aws-lc/tests/ci/run_tests_with_sde.sh +4 -1
- data/aws-crt-ffi/crt/aws-lc/tests/ci/run_tests_with_sde_asan.sh +14 -0
- data/aws-crt-ffi/crt/aws-lc/tests/ci/run_windows_tests.bat +39 -3
- data/aws-crt-ffi/crt/aws-lc/third_party/fiat/README.md +21 -6
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/bignum_madd_n25519.S +284 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/bignum_madd_n25519_alt.S +210 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/bignum_mod_n25519.S +186 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/bignum_neg_p25519.S +65 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519.S +1043 -352
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519_alt.S +1043 -352
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519_byte.S +1043 -352
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519_byte_alt.S +1043 -352
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519base.S +1042 -352
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519base_alt.S +1042 -352
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519base_byte.S +1042 -352
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/curve25519_x25519base_byte_alt.S +1043 -354
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/edwards25519_decode.S +700 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/edwards25519_decode_alt.S +563 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/edwards25519_encode.S +131 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/edwards25519_scalarmulbase.S +9626 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/edwards25519_scalarmulbase_alt.S +9468 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/edwards25519_scalarmuldouble.S +3157 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/curve25519/edwards25519_scalarmuldouble_alt.S +2941 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/p384/Makefile +1 -1
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/arm/p521/Makefile +1 -1
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/include/s2n-bignum_aws-lc.h +34 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/bignum_madd_n25519.S +219 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/bignum_madd_n25519_alt.S +245 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/bignum_mod_n25519.S +228 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/bignum_neg_p25519.S +86 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/curve25519_x25519.S +1350 -407
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/curve25519_x25519_alt.S +1350 -407
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/curve25519_x25519base.S +1344 -400
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/curve25519_x25519base_alt.S +1348 -402
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/edwards25519_decode.S +670 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/edwards25519_decode_alt.S +751 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/edwards25519_encode.S +81 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/edwards25519_scalarmulbase.S +9910 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/edwards25519_scalarmulbase_alt.S +9986 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/edwards25519_scalarmuldouble.S +3619 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/s2n-bignum/x86_att/curve25519/edwards25519_scalarmuldouble_alt.S +3736 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/wycheproof_testvectors/hmac_sha512_224_test.json +1978 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/wycheproof_testvectors/hmac_sha512_224_test.txt +1403 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/wycheproof_testvectors/hmac_sha512_256_test.json +1993 -0
- data/aws-crt-ffi/crt/aws-lc/third_party/wycheproof_testvectors/hmac_sha512_256_test.txt +1416 -0
- data/aws-crt-ffi/crt/aws-lc/tool/digest.cc +4 -0
- data/aws-crt-ffi/crt/aws-lc/tool/internal.h +1 -0
- data/aws-crt-ffi/crt/aws-lc/tool/speed.cc +53 -6
- data/aws-crt-ffi/crt/aws-lc/util/all_tests.go +43 -12
- data/aws-crt-ffi/crt/aws-lc/util/all_tests.json +13 -5
- data/aws-crt-ffi/crt/aws-lc/util/bot/DEPS +4 -4
- data/aws-crt-ffi/crt/aws-lc/util/bot/update_clang.py +8 -2
- data/aws-crt-ffi/crt/aws-lc/util/codecov-ci.sh +82 -0
- data/aws-crt-ffi/crt/aws-lc/util/convert_wycheproof/convert_wycheproof.go +7 -5
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/ACVP.md +7 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/subprocess/hash.go +24 -9
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/subprocess/rsa.go +3 -4
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/subprocess/subprocess.go +15 -10
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/expected/HMAC-SHA2-512-224.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/expected/SHA2-512-224.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/expected/SHAKE-128.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/expected/SHAKE-256.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/sha-tests/sha512-224-tests.json +1 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/sha-tests/shake-128-tests.json +1 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/sha-tests/shake-256-tests.json +1 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/tests.json +1 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/vectors/HMAC-SHA2-512-224.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/vectors/SHA2-512-224.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/vectors/SHAKE-128.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/acvptool/test/vectors/SHAKE-256.bz2 +0 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/modulewrapper/main.cc +4 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/acvp/modulewrapper/modulewrapper.cc +144 -1
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/delocate/delocate.go +9 -3
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/delocate/testdata/aarch64-Basic/in.s +4 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/delocate/testdata/aarch64-Basic/out.s +11 -0
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/inject_hash/inject_hash.go +13 -4
- data/aws-crt-ffi/crt/aws-lc/util/fipstools/test-break-kat.sh +2 -0
- data/aws-crt-ffi/crt/aws-lc/util/testconfig/testconfig.go +2 -1
- data/aws-crt-ffi/crt/s2n/api/s2n.h +9 -5
- data/aws-crt-ffi/crt/s2n/bindings/rust/bench/benches/handshake.rs +9 -6
- data/aws-crt-ffi/crt/s2n/bindings/rust/bench/benches/resumption.rs +14 -14
- data/aws-crt-ffi/crt/s2n/bindings/rust/bench/benches/throughput.rs +9 -6
- data/aws-crt-ffi/crt/s2n/bindings/rust/bench/src/harness.rs +106 -102
- data/aws-crt-ffi/crt/s2n/bindings/rust/bench/src/openssl.rs +24 -20
- data/aws-crt-ffi/crt/s2n/bindings/rust/bench/src/rustls.rs +28 -24
- data/aws-crt-ffi/crt/s2n/bindings/rust/bench/src/s2n_tls.rs +52 -50
- data/aws-crt-ffi/crt/s2n/bindings/rust/generate/Cargo.toml +1 -0
- data/aws-crt-ffi/crt/s2n/bindings/rust/integration/Cargo.toml +3 -0
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls/Cargo.toml +2 -2
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls/src/connection.rs +9 -0
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls-sys/templates/Cargo.template +2 -1
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls-tokio/Cargo.toml +2 -2
- data/aws-crt-ffi/crt/s2n/tests/cbmc/sources/make_common_datastructures.c +9 -2
- data/aws-crt-ffi/crt/s2n/tests/fuzz/s2n_client_cert_verify_recv_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/fuzz/s2n_hybrid_ecdhe_kyber_r3_fuzz_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/fuzz/s2n_tls13_cert_verify_recv_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_version_negotiation.py +4 -4
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_auth_selection_test.c +19 -9
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_client_auth_handshake_test.c +3 -3
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_client_cert_verify_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_client_hello_recv_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_client_hello_test.c +4 -4
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_client_signature_algorithms_extension_test.c +4 -5
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_connection_protocol_versions_test.c +390 -0
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_connection_test.c +8 -4
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_handshake_test.c +2 -1
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_quic_support_io_test.c +106 -0
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_security_policies_test.c +6 -2
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_self_talk_offload_signing_test.c +3 -3
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_self_talk_session_resumption_test.c +135 -0
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_server_new_session_ticket_test.c +32 -0
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_server_signature_algorithms_extension_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_signature_algorithms_test.c +307 -283
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_cert_request_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_cert_verify_test.c +18 -17
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_x509_validator_test.c +125 -0
- data/aws-crt-ffi/crt/s2n/tls/extensions/s2n_client_signature_algorithms.c +8 -1
- data/aws-crt-ffi/crt/s2n/tls/extensions/s2n_client_supported_versions.c +43 -11
- data/aws-crt-ffi/crt/s2n/tls/extensions/s2n_client_supported_versions.h +3 -0
- data/aws-crt-ffi/crt/s2n/tls/extensions/s2n_server_signature_algorithms.c +8 -1
- data/aws-crt-ffi/crt/s2n/tls/s2n_auth_selection.c +4 -2
- data/aws-crt-ffi/crt/s2n/tls/s2n_client_cert_verify.c +7 -10
- data/aws-crt-ffi/crt/s2n/tls/s2n_client_hello.c +2 -2
- data/aws-crt-ffi/crt/s2n/tls/s2n_connection.c +75 -14
- data/aws-crt-ffi/crt/s2n/tls/s2n_handshake.h +2 -2
- data/aws-crt-ffi/crt/s2n/tls/s2n_post_handshake.c +1 -1
- data/aws-crt-ffi/crt/s2n/tls/s2n_post_handshake.h +1 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_quic_support.c +29 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_quic_support.h +5 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_security_policies.c +40 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_security_policies.h +4 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_server_cert_request.c +1 -1
- data/aws-crt-ffi/crt/s2n/tls/s2n_server_hello.c +0 -3
- data/aws-crt-ffi/crt/s2n/tls/s2n_server_key_exchange.c +8 -9
- data/aws-crt-ffi/crt/s2n/tls/s2n_server_new_session_ticket.c +8 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_signature_algorithms.c +111 -72
- data/aws-crt-ffi/crt/s2n/tls/s2n_signature_algorithms.h +11 -9
- data/aws-crt-ffi/crt/s2n/tls/s2n_signature_scheme.c +9 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_signature_scheme.h +2 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_tls13_certificate_verify.c +12 -18
- data/aws-crt-ffi/crt/s2n/tls/s2n_x509_validator.c +7 -7
- data/aws-crt-ffi/src/api.h +1 -0
- data/lib/aws-crt/native.rb +1 -1
- metadata +68 -5
- data/aws-crt-ffi/crt/aws-lc/tests/ci/cdk/cdk/ssm/m1_tests_ssm_document.yaml +0 -34
- data/aws-crt-ffi/crt/aws-lc/tests/ci/run_m1_ec2_instance.sh +0 -96
|
@@ -451,6 +451,10 @@ bool SHA512Sum(const std::vector<std::string> &args) {
|
|
|
451
451
|
return DigestSum(EVP_sha512(), args);
|
|
452
452
|
}
|
|
453
453
|
|
|
454
|
+
bool SHA512224Sum(const std::vector<std::string> &args) {
|
|
455
|
+
return DigestSum(EVP_sha512_224(), args);
|
|
456
|
+
}
|
|
457
|
+
|
|
454
458
|
bool SHA512256Sum(const std::vector<std::string> &args) {
|
|
455
459
|
return DigestSum(EVP_sha512_256(), args);
|
|
456
460
|
}
|
|
@@ -146,6 +146,7 @@ bool SHA224Sum(const std::vector<std::string> &args);
|
|
|
146
146
|
bool SHA256Sum(const std::vector<std::string> &args);
|
|
147
147
|
bool SHA384Sum(const std::vector<std::string> &args);
|
|
148
148
|
bool SHA512Sum(const std::vector<std::string> &args);
|
|
149
|
+
bool SHA512224Sum(const std::vector<std::string> &args);
|
|
149
150
|
bool SHA512256Sum(const std::vector<std::string> &args);
|
|
150
151
|
bool Server(const std::vector<std::string> &args);
|
|
151
152
|
bool Sign(const std::vector<std::string> &args);
|
|
@@ -337,7 +337,7 @@ static bool SpeedRSA(const std::string &selected) {
|
|
|
337
337
|
// RSA key, with a new |BN_MONT_CTX| for the public modulus. If we
|
|
338
338
|
// were to use |key| directly instead, then these costs wouldn't be
|
|
339
339
|
// accounted for.
|
|
340
|
-
|
|
340
|
+
BM_NAMESPACE::UniquePtr<RSA> verify_key(RSA_new());
|
|
341
341
|
if (!verify_key) {
|
|
342
342
|
return false;
|
|
343
343
|
}
|
|
@@ -1632,7 +1632,44 @@ static bool SpeedECMUL(const std::string &selected) {
|
|
|
1632
1632
|
SpeedECMULCurve("ECMUL P-521", NID_secp521r1, selected) &&
|
|
1633
1633
|
SpeedECMULCurve("ECMUL secp256k1", NID_secp256k1, selected);
|
|
1634
1634
|
}
|
|
1635
|
-
|
|
1635
|
+
|
|
1636
|
+
#endif // !defined(OPENSSL_1_0_BENCHMARK)
|
|
1637
|
+
|
|
1638
|
+
// Only new AWS-LC (>= 22) and new OpenSSL (>= 1.1.1) support FFDH
|
|
1639
|
+
#if (!defined(OPENSSL_1_0_BENCHMARK) && !defined(BORINGSSL_BENCHMARK) && !defined(OPENSSL_IS_AWSLC)) || AWSLC_API_VERSION >= 22
|
|
1640
|
+
static bool SpeedFFDHGroup(const std::string &name, int nid,
|
|
1641
|
+
const std::string &selected) {
|
|
1642
|
+
if (!selected.empty() && name.find(selected) == std::string::npos) {
|
|
1643
|
+
return true;
|
|
1644
|
+
}
|
|
1645
|
+
|
|
1646
|
+
BM_NAMESPACE::UniquePtr<DH> server_dh(DH_new_by_nid(nid));
|
|
1647
|
+
if(!DH_generate_key(server_dh.get())) {
|
|
1648
|
+
return false;
|
|
1649
|
+
}
|
|
1650
|
+
const BIGNUM *server_pub = DH_get0_pub_key(server_dh.get());
|
|
1651
|
+
|
|
1652
|
+
int dh_size = DH_size(server_dh.get());
|
|
1653
|
+
std::unique_ptr<uint8_t[]> shared_secret(new uint8_t[dh_size]);
|
|
1654
|
+
|
|
1655
|
+
TimeResults results;
|
|
1656
|
+
if (!TimeFunction(&results, [&shared_secret, &server_pub, &dh_size, &nid]() -> bool {
|
|
1657
|
+
BM_NAMESPACE::UniquePtr<DH> client_dh(DH_new_by_nid(nid));
|
|
1658
|
+
return DH_generate_key(client_dh.get()) &&
|
|
1659
|
+
dh_size == DH_compute_key_padded(shared_secret.get(), server_pub, client_dh.get());
|
|
1660
|
+
})) {
|
|
1661
|
+
return false;
|
|
1662
|
+
}
|
|
1663
|
+
|
|
1664
|
+
results.Print(name);
|
|
1665
|
+
return true;
|
|
1666
|
+
}
|
|
1667
|
+
|
|
1668
|
+
static bool SpeedFFDH(const std::string &selected) {
|
|
1669
|
+
return SpeedFFDHGroup("FFDH 2048", NID_ffdhe2048, selected) &&
|
|
1670
|
+
SpeedFFDHGroup("FFDH 4096", NID_ffdhe4096, selected);
|
|
1671
|
+
}
|
|
1672
|
+
#endif //(!defined(OPENSSL_1_0_BENCHMARK) && !defined(BORINGSSL_BENCHMARK) && !defined(OPENSSL_IS_AWSLC)) || AWSLC_API_VERSION >= 22
|
|
1636
1673
|
|
|
1637
1674
|
#if !defined(OPENSSL_BENCHMARK)
|
|
1638
1675
|
static bool Speed25519(const std::string &selected) {
|
|
@@ -2215,6 +2252,7 @@ static bool SpeedSelfTest(const std::string &selected) {
|
|
|
2215
2252
|
return true;
|
|
2216
2253
|
}
|
|
2217
2254
|
|
|
2255
|
+
#if defined(FIPS_ENTROPY_SOURCE_JITTER_CPU)
|
|
2218
2256
|
static bool SpeedJitter(size_t chunk_size) {
|
|
2219
2257
|
struct rand_data *jitter_ec = jent_entropy_collector_alloc(0, JENT_FORCE_FIPS);
|
|
2220
2258
|
|
|
@@ -2251,6 +2289,7 @@ static bool SpeedJitter(std::string selected) {
|
|
|
2251
2289
|
return true;
|
|
2252
2290
|
}
|
|
2253
2291
|
#endif
|
|
2292
|
+
#endif
|
|
2254
2293
|
|
|
2255
2294
|
static bool SpeedDHcheck(size_t prime_bit_length) {
|
|
2256
2295
|
|
|
@@ -2349,7 +2388,7 @@ static bool SpeedPKCS8(const std::string &selected) {
|
|
|
2349
2388
|
return false;
|
|
2350
2389
|
}
|
|
2351
2390
|
results.Print("Ed25519 PKCS#8 v1 decode");
|
|
2352
|
-
|
|
2391
|
+
|
|
2353
2392
|
CBB_cleanup(&out);
|
|
2354
2393
|
|
|
2355
2394
|
if (!CBB_init(&out, 1024)) {
|
|
@@ -2448,7 +2487,7 @@ static bool parseCommaArgument(std::vector<std::string> &vector,
|
|
|
2448
2487
|
return true;
|
|
2449
2488
|
}
|
|
2450
2489
|
|
|
2451
|
-
// parseStringVectorToIntegerVector attempts to parse each element of
|
|
2490
|
+
// parseStringVectorToIntegerVector attempts to parse each element of
|
|
2452
2491
|
// |in_vector| as a size_t integer and adds the result to |out_vector|. Clears
|
|
2453
2492
|
// |out_vector|.
|
|
2454
2493
|
static bool parseStringVectorToIntegerVector(
|
|
@@ -2588,6 +2627,10 @@ bool Speed(const std::vector<std::string> &args) {
|
|
|
2588
2627
|
!SpeedECMUL(selected) ||
|
|
2589
2628
|
// OpenSSL 1.0 doesn't support Scrypt
|
|
2590
2629
|
!SpeedScrypt(selected) ||
|
|
2630
|
+
#endif
|
|
2631
|
+
#if (!defined(OPENSSL_1_0_BENCHMARK) && !defined(BORINGSSL_BENCHMARK) && !defined(OPENSSL_IS_AWSLC)) || AWSLC_API_VERSION >= 22
|
|
2632
|
+
// OpenSSL 1.0 and BoringSSL don't support DH_new_by_nid, NID_ffdhe2048, or NID_ffdhe4096
|
|
2633
|
+
!SpeedFFDH(selected) ||
|
|
2591
2634
|
#endif
|
|
2592
2635
|
!SpeedRSA(selected) ||
|
|
2593
2636
|
!SpeedRSAKeyGen(false, selected) ||
|
|
@@ -2641,10 +2684,14 @@ bool Speed(const std::vector<std::string> &args) {
|
|
|
2641
2684
|
}
|
|
2642
2685
|
|
|
2643
2686
|
#if defined(AWSLC_FIPS)
|
|
2644
|
-
if (!SpeedSelfTest(selected)
|
|
2645
|
-
!SpeedJitter(selected)) {
|
|
2687
|
+
if (!SpeedSelfTest(selected)) {
|
|
2646
2688
|
return false;
|
|
2647
2689
|
}
|
|
2690
|
+
#if defined(FIPS_ENTROPY_SOURCE_JITTER_CPU)
|
|
2691
|
+
if (!SpeedJitter(selected)) {
|
|
2692
|
+
return false;
|
|
2693
|
+
}
|
|
2694
|
+
#endif
|
|
2648
2695
|
#endif
|
|
2649
2696
|
}
|
|
2650
2697
|
|
|
@@ -18,6 +18,7 @@ package main
|
|
|
18
18
|
|
|
19
19
|
import (
|
|
20
20
|
"bytes"
|
|
21
|
+
"context"
|
|
21
22
|
"errors"
|
|
22
23
|
"flag"
|
|
23
24
|
"fmt"
|
|
@@ -29,6 +30,7 @@ import (
|
|
|
29
30
|
"strings"
|
|
30
31
|
"sync"
|
|
31
32
|
"syscall"
|
|
33
|
+
"time"
|
|
32
34
|
|
|
33
35
|
"boringssl.googlesource.com/boringssl/util/testconfig"
|
|
34
36
|
"boringssl.googlesource.com/boringssl/util/testresult"
|
|
@@ -135,7 +137,7 @@ func gdbOf(path string, args ...string) *exec.Cmd {
|
|
|
135
137
|
return exec.Command("xterm", xtermArgs...)
|
|
136
138
|
}
|
|
137
139
|
|
|
138
|
-
func sdeOf(cpu, path string, args ...string) *exec.Cmd {
|
|
140
|
+
func sdeOf(cpu, path string, args ...string) (*exec.Cmd, context.CancelFunc) {
|
|
139
141
|
sdeArgs := []string{"-" + cpu}
|
|
140
142
|
// The kernel's vdso code for gettimeofday sometimes uses the RDTSCP
|
|
141
143
|
// instruction. Although SDE has a -chip_check_vsyscall flag that
|
|
@@ -147,12 +149,18 @@ func sdeOf(cpu, path string, args ...string) *exec.Cmd {
|
|
|
147
149
|
}
|
|
148
150
|
sdeArgs = append(sdeArgs, "--", path)
|
|
149
151
|
sdeArgs = append(sdeArgs, args...)
|
|
150
|
-
|
|
152
|
+
|
|
153
|
+
// TODO(CryptoAlg-2154):SDE+ASAN tests will hang without exiting if tests pass for an unknown reason.
|
|
154
|
+
// Current workaround is to manually cancel the run after 20 minutes and check the output.
|
|
155
|
+
ctx, cancel := context.WithTimeout(context.Background(), 1200*time.Second)
|
|
156
|
+
|
|
157
|
+
return exec.CommandContext(ctx, *sdePath, sdeArgs...), cancel
|
|
151
158
|
}
|
|
152
159
|
|
|
153
160
|
var (
|
|
154
161
|
errMoreMallocs = errors.New("child process did not exhaust all allocation calls")
|
|
155
162
|
errTestSkipped = errors.New("test was skipped")
|
|
163
|
+
errTestHanging = errors.New("test hangs without exiting")
|
|
156
164
|
)
|
|
157
165
|
|
|
158
166
|
func runTestOnce(test test, mallocNumToFail int64) (passed bool, err error) {
|
|
@@ -164,6 +172,8 @@ func runTestOnce(test test, mallocNumToFail int64) (passed bool, err error) {
|
|
|
164
172
|
args = append(args, "--no_unwind_tests")
|
|
165
173
|
}
|
|
166
174
|
var cmd *exec.Cmd
|
|
175
|
+
var cancel context.CancelFunc
|
|
176
|
+
cancelled := false
|
|
167
177
|
if *useValgrind {
|
|
168
178
|
cmd = valgrindOf(false, test.ValgrindSupp, prog, args...)
|
|
169
179
|
} else if *useCallgrind {
|
|
@@ -171,7 +181,13 @@ func runTestOnce(test test, mallocNumToFail int64) (passed bool, err error) {
|
|
|
171
181
|
} else if *useGDB {
|
|
172
182
|
cmd = gdbOf(prog, args...)
|
|
173
183
|
} else if *useSDE {
|
|
174
|
-
cmd = sdeOf(test.cpu, prog, args...)
|
|
184
|
+
cmd, cancel = sdeOf(test.cpu, prog, args...)
|
|
185
|
+
defer cancel()
|
|
186
|
+
|
|
187
|
+
cmd.Cancel = func() error {
|
|
188
|
+
cancelled = true
|
|
189
|
+
return cmd.Process.Kill()
|
|
190
|
+
}
|
|
175
191
|
} else {
|
|
176
192
|
cmd = exec.Command(prog, args...)
|
|
177
193
|
}
|
|
@@ -201,6 +217,7 @@ func runTestOnce(test test, mallocNumToFail int64) (passed bool, err error) {
|
|
|
201
217
|
if err := cmd.Start(); err != nil {
|
|
202
218
|
return false, err
|
|
203
219
|
}
|
|
220
|
+
|
|
204
221
|
if err := cmd.Wait(); err != nil {
|
|
205
222
|
if exitError, ok := err.(*exec.ExitError); ok {
|
|
206
223
|
switch exitError.Sys().(syscall.WaitStatus).ExitStatus() {
|
|
@@ -210,28 +227,36 @@ func runTestOnce(test test, mallocNumToFail int64) (passed bool, err error) {
|
|
|
210
227
|
fmt.Print(string(outBuf.Bytes()))
|
|
211
228
|
return false, errTestSkipped
|
|
212
229
|
}
|
|
230
|
+
if cancelled {
|
|
231
|
+
return testPass(outBuf), errTestHanging
|
|
232
|
+
}
|
|
213
233
|
}
|
|
214
234
|
fmt.Print(string(outBuf.Bytes()))
|
|
215
235
|
return false, err
|
|
216
236
|
}
|
|
217
237
|
|
|
238
|
+
|
|
239
|
+
return testPass(outBuf), nil
|
|
240
|
+
}
|
|
241
|
+
|
|
242
|
+
func testPass(outBuf bytes.Buffer) bool {
|
|
218
243
|
// Account for Windows line-endings.
|
|
219
244
|
stdout := bytes.Replace(outBuf.Bytes(), []byte("\r\n"), []byte("\n"), -1)
|
|
220
245
|
|
|
221
246
|
if bytes.HasSuffix(stdout, []byte("PASS\n")) &&
|
|
222
247
|
(len(stdout) == 5 || stdout[len(stdout)-6] == '\n') {
|
|
223
|
-
return true
|
|
248
|
+
return true
|
|
224
249
|
}
|
|
225
250
|
|
|
226
251
|
// Also accept a googletest-style pass line. This is left here in
|
|
227
252
|
// transition until the tests are all converted and this script made
|
|
228
253
|
// unnecessary.
|
|
229
254
|
if bytes.Contains(stdout, []byte("\n[ PASSED ]")) {
|
|
230
|
-
return true
|
|
255
|
+
return true
|
|
231
256
|
}
|
|
232
257
|
|
|
233
258
|
fmt.Print(string(outBuf.Bytes()))
|
|
234
|
-
return false
|
|
259
|
+
return false
|
|
235
260
|
}
|
|
236
261
|
|
|
237
262
|
func runTest(test test) (bool, error) {
|
|
@@ -315,12 +340,7 @@ func (t test) envMsg() string {
|
|
|
315
340
|
}
|
|
316
341
|
|
|
317
342
|
func (t test) getGTestShards() ([]test, error) {
|
|
318
|
-
if *numWorkers == 1 ||
|
|
319
|
-
return []test{t}, nil
|
|
320
|
-
}
|
|
321
|
-
|
|
322
|
-
// Only shard the three GTest-based tests.
|
|
323
|
-
if t.Cmd[0] != "crypto/crypto_test" && t.Cmd[0] != "ssl/ssl_test" {
|
|
343
|
+
if *numWorkers == 1 || !t.Shard {
|
|
324
344
|
return []test{t}, nil
|
|
325
345
|
}
|
|
326
346
|
|
|
@@ -412,6 +432,17 @@ func main() {
|
|
|
412
432
|
fmt.Printf("%s was skipped\n", args[0])
|
|
413
433
|
skipped = append(skipped, test)
|
|
414
434
|
testOutput.AddSkip(test.longName())
|
|
435
|
+
} else if testResult.Error == errTestHanging {
|
|
436
|
+
if !testResult.Passed {
|
|
437
|
+
fmt.Printf("%s\n", test.longName())
|
|
438
|
+
fmt.Printf("%s was left hanging without finishing.\n", args[0])
|
|
439
|
+
failed = append(failed, test)
|
|
440
|
+
testOutput.AddResult(test.longName(), "FAIL")
|
|
441
|
+
} else {
|
|
442
|
+
fmt.Printf("%s\n", test.shortName())
|
|
443
|
+
fmt.Printf("%s was left hanging, but actually passed\n", args[0])
|
|
444
|
+
testOutput.AddResult(test.longName(), "PASS")
|
|
445
|
+
}
|
|
415
446
|
} else if testResult.Error != nil {
|
|
416
447
|
fmt.Printf("%s\n", test.longName())
|
|
417
448
|
fmt.Printf("%s failed to complete: %s\n", args[0], testResult.Error)
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
[
|
|
2
2
|
{
|
|
3
3
|
"cmd": ["crypto/crypto_test"],
|
|
4
|
-
"valgrind_supp": ["valgrind_suppressions_crypto_test.supp"]
|
|
4
|
+
"valgrind_supp": ["valgrind_suppressions_crypto_test.supp"],
|
|
5
|
+
"shard": true
|
|
5
6
|
},
|
|
6
7
|
{
|
|
7
8
|
"cmd": ["crypto/crypto_test", "--gtest_also_run_disabled_tests", "--gtest_filter=BNTest.DISABLED_WycheproofPrimality"],
|
|
@@ -16,19 +17,22 @@
|
|
|
16
17
|
"cmd": ["crypto/crypto_test"],
|
|
17
18
|
"env": ["OPENSSL_armcap=0x0"],
|
|
18
19
|
"target_arch": "arm",
|
|
19
|
-
"skip_valgrind": true
|
|
20
|
+
"skip_valgrind": true,
|
|
21
|
+
"shard": true
|
|
20
22
|
},
|
|
21
23
|
{
|
|
22
24
|
"cmd": ["crypto/crypto_test"],
|
|
23
25
|
"env": ["OPENSSL_armcap=0x1"],
|
|
24
26
|
"target_arch": "arm",
|
|
25
|
-
"skip_valgrind": true
|
|
27
|
+
"skip_valgrind": true,
|
|
28
|
+
"shard": true
|
|
26
29
|
},
|
|
27
30
|
{
|
|
28
31
|
"cmd": ["crypto/crypto_test"],
|
|
29
32
|
"env": ["OPENSSL_armcap=0x3D"],
|
|
30
33
|
"target_arch": "arm",
|
|
31
|
-
"skip_valgrind": true
|
|
34
|
+
"skip_valgrind": true,
|
|
35
|
+
"shard": true
|
|
32
36
|
},
|
|
33
37
|
{
|
|
34
38
|
"comment": "Test OPENSSL_ia32cap on crypto_test for x86, as urandom_test is disabled for shared builds on x86",
|
|
@@ -93,7 +97,11 @@
|
|
|
93
97
|
"skip_valgrind": true
|
|
94
98
|
},
|
|
95
99
|
{
|
|
96
|
-
"cmd": ["ssl/ssl_test"]
|
|
100
|
+
"cmd": ["ssl/ssl_test"],
|
|
101
|
+
"shard": true
|
|
102
|
+
},
|
|
103
|
+
{
|
|
104
|
+
"cmd": ["ssl/integration_test"]
|
|
97
105
|
},
|
|
98
106
|
{
|
|
99
107
|
"cmd": ["crypto/mem_test"]
|
|
@@ -25,19 +25,19 @@ vars = {
|
|
|
25
25
|
# cipd describe PACKAGE_NAME -version latest
|
|
26
26
|
|
|
27
27
|
# infra/3pp/tools/cmake/linux-amd64
|
|
28
|
-
'cmake_version': 'version:2@3.26.
|
|
28
|
+
'cmake_version': 'version:2@3.26.4.chromium.7',
|
|
29
29
|
# infra/3pp/tools/go/linux-amd64
|
|
30
|
-
'go_version': 'version:2@1.20.
|
|
30
|
+
'go_version': 'version:2@1.20.5',
|
|
31
31
|
# infra/3pp/tools/perl/windows-amd64
|
|
32
32
|
'perl_version': 'version:2@5.32.1.1',
|
|
33
33
|
|
|
34
34
|
# Update the following from
|
|
35
35
|
# https://chromium.googlesource.com/chromium/src/+/main/DEPS
|
|
36
36
|
'android_sdk_platform-tools_version': 'RSI3iwryh7URLGRgJHsCvUxj092woTPnKt4pwFcJ6L8C',
|
|
37
|
-
'android_ndk_revision': '
|
|
37
|
+
'android_ndk_revision': '310956bd122ec2b96049f8d7398de6b717f3452e',
|
|
38
38
|
'libfuzzer_revision': 'debe7d2d1982e540fbd6bd78604bf001753f9e74',
|
|
39
39
|
'libcxx_revision': 'f8279b01085b800724f5c5629dc365b9f040dc53',
|
|
40
|
-
'libcxxabi_revision': '
|
|
40
|
+
'libcxxabi_revision': '899caea3814eeb45c689fc206052968943fd5cb8',
|
|
41
41
|
'ninja_version': 'version:2@1.11.1.chromium.6',
|
|
42
42
|
}
|
|
43
43
|
|
|
@@ -9,6 +9,7 @@ from __future__ import division
|
|
|
9
9
|
from __future__ import print_function
|
|
10
10
|
|
|
11
11
|
import os
|
|
12
|
+
import platform
|
|
12
13
|
import shutil
|
|
13
14
|
import subprocess
|
|
14
15
|
import stat
|
|
@@ -28,8 +29,8 @@ except ImportError:
|
|
|
28
29
|
# CLANG_REVISION and CLANG_SUB_REVISION determine the build of clang
|
|
29
30
|
# to use. These should be synced with tools/clang/scripts/update.py in
|
|
30
31
|
# Chromium.
|
|
31
|
-
CLANG_REVISION = 'llvmorg-17-init-
|
|
32
|
-
CLANG_SUB_REVISION =
|
|
32
|
+
CLANG_REVISION = 'llvmorg-17-init-12166-g7586aeab'
|
|
33
|
+
CLANG_SUB_REVISION = 3
|
|
33
34
|
|
|
34
35
|
PACKAGE_VERSION = '%s-%s' % (CLANG_REVISION, CLANG_SUB_REVISION)
|
|
35
36
|
|
|
@@ -138,6 +139,11 @@ def UpdateClang():
|
|
|
138
139
|
cds_full_url = CDS_URL + '/Win/' + cds_file
|
|
139
140
|
elif sys.platform.startswith('linux'):
|
|
140
141
|
cds_full_url = CDS_URL + '/Linux_x64/' + cds_file
|
|
142
|
+
elif sys.platform == 'darwin':
|
|
143
|
+
if platform.machine() == 'arm64':
|
|
144
|
+
cds_full_url = CDS_URL + '/Mac_arm64/' + cds_file
|
|
145
|
+
else:
|
|
146
|
+
cds_full_url = CDS_URL + '/Mac/' + cds_file
|
|
141
147
|
else:
|
|
142
148
|
return 0
|
|
143
149
|
|
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
#!/usr/bin/env bash
|
|
2
|
+
#
|
|
3
|
+
# Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
|
|
4
|
+
# SPDX-License-Identifier: Apache-2.0 OR ISC
|
|
5
|
+
#
|
|
6
|
+
|
|
7
|
+
set -xe
|
|
8
|
+
|
|
9
|
+
SRC=$(pwd)
|
|
10
|
+
SRC=$(readlink -f "$SRC")
|
|
11
|
+
|
|
12
|
+
# Sanity check
|
|
13
|
+
DIRNAME=$(basename -- "${SRC}")
|
|
14
|
+
if [[ "${DIRNAME}" != 'aws-lc' ]]; then
|
|
15
|
+
echo "Script must be executed from aws-lc directory"
|
|
16
|
+
exit 1
|
|
17
|
+
fi
|
|
18
|
+
|
|
19
|
+
BUILD="$1"
|
|
20
|
+
if [ -n "$BUILD" ]; then
|
|
21
|
+
mkdir -p "${BUILD}"
|
|
22
|
+
BUILD=$(readlink -f "$BUILD")
|
|
23
|
+
BUILD_HTML=$(mkdir -vp "$BUILD/html")
|
|
24
|
+
else
|
|
25
|
+
echo "Must specify a build directory."
|
|
26
|
+
exit 1
|
|
27
|
+
fi
|
|
28
|
+
|
|
29
|
+
LCOV_PARAMS=()
|
|
30
|
+
LCOV_PARAMS+=(--exclude '*/third_party/*')
|
|
31
|
+
LCOV_PARAMS+=(--exclude '*/tool/*')
|
|
32
|
+
LCOV_PARAMS+=(--exclude '*_test.*')
|
|
33
|
+
LCOV_PARAMS+=(--exclude '*/test_*')
|
|
34
|
+
LCOV_PARAMS+=(--exclude '*_test_*')
|
|
35
|
+
LCOV_PARAMS+=(--exclude '*/gtest_*')
|
|
36
|
+
LCOV_PARAMS+=(--exclude '*/wycheproof_*')
|
|
37
|
+
if [[ "$(uname -s)" == "Darwin" ]]; then
|
|
38
|
+
LCOV_PARAMS+=(--exclude '/Applications/*')
|
|
39
|
+
LCOV_IGNORE_ERRORS="inconsistent,inconsistent,gcov,gcov"
|
|
40
|
+
GENHTML_IGNORE_ERRORS="inconsistent,unmapped"
|
|
41
|
+
else
|
|
42
|
+
LCOV_PARAMS+=(--exclude '/usr/*')
|
|
43
|
+
LCOV_PARAMS+=(--exclude '/lib/*')
|
|
44
|
+
if lcov --version | grep --silent 'LCOV version 1.'; then
|
|
45
|
+
LCOV_IGNORE_ERRORS="gcov,source,graph"
|
|
46
|
+
else
|
|
47
|
+
LCOV_IGNORE_ERRORS="negative,mismatch,unused"
|
|
48
|
+
fi
|
|
49
|
+
GENHTML_IGNORE_ERRORS="inconsistent,unmapped"
|
|
50
|
+
fi
|
|
51
|
+
LCOV_PARAMS+=(--ignore-errors ${LCOV_IGNORE_ERRORS})
|
|
52
|
+
|
|
53
|
+
CMAKE_SETUP_PARAMS=(-DGCOV=1 -DDISABLE_PERL=1 -DBUILD_TESTING=1 -DBUILD_LIBSSL=1 -DCMAKE_BUILD_TYPE=Debug -S "${SRC}")
|
|
54
|
+
|
|
55
|
+
function generate_coverage() {
|
|
56
|
+
mkdir -p "${BUILD}/${1}"
|
|
57
|
+
BUILD_DIR="${BUILD}/${1}"
|
|
58
|
+
|
|
59
|
+
# Build
|
|
60
|
+
cmake ${2} ${CMAKE_SETUP_PARAMS} -B "${BUILD_DIR}"
|
|
61
|
+
cmake --build "${BUILD_DIR}" --target all_tests
|
|
62
|
+
|
|
63
|
+
# Collect initial coverage data
|
|
64
|
+
lcov --capture "${LCOV_PARAMS[@]}" --initial --directory "${BUILD_DIR}" --output-file "${BUILD}/initial-${1}.info"
|
|
65
|
+
|
|
66
|
+
# Run tests
|
|
67
|
+
cmake --build "${BUILD_DIR}" --target run_tests
|
|
68
|
+
|
|
69
|
+
# Collect coverage data and combine it with initial data
|
|
70
|
+
lcov --capture "${LCOV_PARAMS[@]}" --directory "${BUILD_DIR}" --output-file "${BUILD}/test-${1}.info"
|
|
71
|
+
lcov "${LCOV_PARAMS[@]}" --add-tracefile "${BUILD}/initial-${1}.info" --add-tracefile "${BUILD}/test-${1}.info" --output-file "${BUILD}/coverage-${1}.info"
|
|
72
|
+
}
|
|
73
|
+
|
|
74
|
+
# Default x86-64 build/test
|
|
75
|
+
generate_coverage "default" ""
|
|
76
|
+
|
|
77
|
+
# No Assembly x86-64 build/test
|
|
78
|
+
generate_coverage "no-asm" "-DOPENSSL_NO_ASM=1"
|
|
79
|
+
|
|
80
|
+
#genhtml --ignore-errors ${GENHTML_IGNORE_ERRORS} --output-directory "${BUILD_HTML}" "${BUILD}"/coverage-*.info
|
|
81
|
+
#open "${BUILD_HTML}"/index.html
|
|
82
|
+
|
|
@@ -26,11 +26,11 @@ import (
|
|
|
26
26
|
)
|
|
27
27
|
|
|
28
28
|
type wycheproofTest struct {
|
|
29
|
-
Algorithm string
|
|
30
|
-
GeneratorVersion string
|
|
31
|
-
NumberOfTests int
|
|
32
|
-
Notes map[string]
|
|
33
|
-
Header []string
|
|
29
|
+
Algorithm string `json:"algorithm"`
|
|
30
|
+
GeneratorVersion string `json:"generatorVersion"`
|
|
31
|
+
NumberOfTests int `json:"numberOfTests"`
|
|
32
|
+
Notes map[string]any `json:"notes"`
|
|
33
|
+
Header []string `json:"header"`
|
|
34
34
|
// encoding/json does not support collecting unused keys, so we leave
|
|
35
35
|
// everything past this point as generic.
|
|
36
36
|
TestGroups []map[string]any `json:"testGroups"`
|
|
@@ -224,6 +224,8 @@ var defaultInputs = []string{
|
|
|
224
224
|
"hmac_sha256_test.json",
|
|
225
225
|
"hmac_sha384_test.json",
|
|
226
226
|
"hmac_sha512_test.json",
|
|
227
|
+
"hmac_sha512_224_test.json",
|
|
228
|
+
"hmac_sha512_256_test.json",
|
|
227
229
|
"kw_test.json",
|
|
228
230
|
"kwp_test.json",
|
|
229
231
|
"primality_test.json",
|
|
@@ -82,6 +82,7 @@ The other commands are as follows. (Note that you only need to implement the com
|
|
|
82
82
|
| HMAC-SHA2-256 | Value to hash, key | Digest |
|
|
83
83
|
| HMAC-SHA2-384 | Value to hash, key | Digest |
|
|
84
84
|
| HMAC-SHA2-512 | Value to hash, key | Digest |
|
|
85
|
+
| HMAC-SHA2-512/224 | Value to hash, key | Digest |
|
|
85
86
|
| HMAC-SHA2-512/256 | Value to hash, key | Digest |
|
|
86
87
|
| hmacDRBG/<HASH>| Output length, entropy, personalisation, ad1, ad2, nonce | Output |
|
|
87
88
|
| hmacDRBG-reseed/<HASH>| Output length, entropy, personalisation, reseedAD, reseedEntropy, ad1, ad2, nonce | Output |
|
|
@@ -97,13 +98,19 @@ The other commands are as follows. (Note that you only need to implement the com
|
|
|
97
98
|
| SHA2-256 | Value to hash | Digest |
|
|
98
99
|
| SHA2-384 | Value to hash | Digest |
|
|
99
100
|
| SHA2-512 | Value to hash | Digest |
|
|
101
|
+
| SHA2-512/224 | Value to hash | Digest |
|
|
100
102
|
| SHA2-512/256 | Value to hash | Digest |
|
|
103
|
+
| SHAKE-128 | Value to hash, output len | Digest |
|
|
104
|
+
| SHAKE-256 | Value to hash, output len | Digest |
|
|
101
105
|
| SHA-1/MCT | Initial seed¹ | Digest |
|
|
102
106
|
| SHA2-224/MCT | Initial seed¹ | Digest |
|
|
103
107
|
| SHA2-256/MCT | Initial seed¹ | Digest |
|
|
104
108
|
| SHA2-384/MCT | Initial seed¹ | Digest |
|
|
105
109
|
| SHA2-512/MCT | Initial seed¹ | Digest |
|
|
110
|
+
| SHA2-512/224/MCT | Initial seed¹ | Digest |
|
|
106
111
|
| SHA2-512/256/MCT | Initial seed¹ | Digest |
|
|
112
|
+
| SHAKE-128/MCT | Initial seed_, output len | Digest |
|
|
113
|
+
| SHAKE-256/MCT | Initial seed_, output len | Digest |
|
|
107
114
|
| TLSKDF/<1.0\|1.2>/<HASH> | Number output bytes, secret, label, seed1, seed2 | Output |
|
|
108
115
|
|
|
109
116
|
¹ The iterated tests would result in excessive numbers of round trips if the module wrapper handled only basic operations. Thus some ACVP logic is pushed down for these tests so that the inner loop can be handled locally. Either read the NIST documentation ([block-ciphers](https://pages.nist.gov/ACVP/draft-celi-acvp-symmetric.html#name-monte-carlo-tests-for-block) [hashes](https://pages.nist.gov/ACVP/draft-celi-acvp-sha.html#name-monte-carlo-tests-for-sha-1)) to understand the iteration count and return values or, probably more fruitfully, see how these functions are handled in the `modulewrapper` directory.
|
|
@@ -19,6 +19,7 @@ import (
|
|
|
19
19
|
"encoding/hex"
|
|
20
20
|
"encoding/json"
|
|
21
21
|
"fmt"
|
|
22
|
+
"strings"
|
|
22
23
|
)
|
|
23
24
|
|
|
24
25
|
// The following structures reflect the JSON of ACVP hash tests. See
|
|
@@ -29,13 +30,16 @@ type hashTestVectorSet struct {
|
|
|
29
30
|
}
|
|
30
31
|
|
|
31
32
|
type hashTestGroup struct {
|
|
32
|
-
ID
|
|
33
|
-
Type
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
33
|
+
ID uint64 `json:"tgId"`
|
|
34
|
+
Type string `json:"testType"`
|
|
35
|
+
MaxOutLen *uint64 `json:"maxOutLen,omitempty"`
|
|
36
|
+
MinOutLen *uint64 `json:"minxOutLen,omitempty"`
|
|
37
|
+
Tests []struct {
|
|
38
|
+
ID uint64 `json:"tcId"`
|
|
39
|
+
BitLength uint64 `json:"len"`
|
|
40
|
+
MsgHex string `json:"msg"`
|
|
41
|
+
OutputLength *uint64 `json:"outLen,omitempty"`
|
|
42
|
+
LargeMsg hashLargeMsg `json:"largeMsg"`
|
|
39
43
|
} `json:"tests"`
|
|
40
44
|
}
|
|
41
45
|
|
|
@@ -97,8 +101,16 @@ func (h *hashPrimitive) Process(vectorSet []byte, m Transactable) (any, error) {
|
|
|
97
101
|
|
|
98
102
|
// http://usnistgov.github.io/ACVP/artifacts/draft-celi-acvp-sha-00.html#rfc.section.3
|
|
99
103
|
switch group.Type {
|
|
104
|
+
case "VOT":
|
|
105
|
+
fallthrough
|
|
100
106
|
case "AFT":
|
|
101
|
-
|
|
107
|
+
args := [][]byte{}
|
|
108
|
+
args = append(args, msg)
|
|
109
|
+
if test.OutputLength != nil {
|
|
110
|
+
outLenBytes := *test.OutputLength / 8
|
|
111
|
+
args = append(args, uint32le(uint32(outLenBytes)))
|
|
112
|
+
}
|
|
113
|
+
result, err := m.Transact(h.algo, 1, args...)
|
|
102
114
|
if err != nil {
|
|
103
115
|
panic(h.algo + " hash operation failed: " + err.Error())
|
|
104
116
|
}
|
|
@@ -109,7 +121,10 @@ func (h *hashPrimitive) Process(vectorSet []byte, m Transactable) (any, error) {
|
|
|
109
121
|
})
|
|
110
122
|
|
|
111
123
|
case "MCT":
|
|
112
|
-
|
|
124
|
+
// MCT tests for conventional digest functions expect message
|
|
125
|
+
// and digest output lengths to be equivalent, however SHAKE
|
|
126
|
+
// does not have a predefined output length.
|
|
127
|
+
if len(msg) != h.size && !strings.HasPrefix(h.algo, "SHAKE") {
|
|
113
128
|
return nil, fmt.Errorf("MCT test case %d/%d contains message of length %d but the digest length is %d", group.ID, test.ID, len(msg), h.size)
|
|
114
129
|
}
|
|
115
130
|
|
|
@@ -126,10 +126,9 @@ func processKeyGen(vectorSet []byte, m Transactable) (any, error) {
|
|
|
126
126
|
var ret []rsaKeyGenTestGroupResponse
|
|
127
127
|
|
|
128
128
|
for _, group := range parsed.Groups {
|
|
129
|
-
// GDT
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
return nil, fmt.Errorf("RSA KeyGen test group has type %q, but only generation tests (%q) are supported", group.Type, expectedType)
|
|
129
|
+
// We support both GDT and AFT tests, which are formatted the same and expect the same output.
|
|
130
|
+
if !(group.Type == "GDT" || group.Type == "AFT") {
|
|
131
|
+
return nil, fmt.Errorf("RSA KeyGen test group has type %q, but only GDT and AFT tests are supported", group.Type)
|
|
133
132
|
}
|
|
134
133
|
|
|
135
134
|
response := rsaKeyGenTestGroupResponse{
|
|
@@ -97,16 +97,20 @@ func NewWithIO(cmd *exec.Cmd, in io.WriteCloser, out io.ReadCloser) *Subprocess
|
|
|
97
97
|
}
|
|
98
98
|
|
|
99
99
|
m.primitives = map[string]primitive{
|
|
100
|
-
"SHA-1":
|
|
101
|
-
"SHA2-224":
|
|
102
|
-
"SHA2-256":
|
|
103
|
-
"SHA2-384":
|
|
104
|
-
"SHA2-512":
|
|
105
|
-
"SHA2-512/
|
|
106
|
-
"
|
|
107
|
-
"SHA3-
|
|
108
|
-
"SHA3-
|
|
109
|
-
"SHA3-
|
|
100
|
+
"SHA-1": &hashPrimitive{"SHA-1", 20},
|
|
101
|
+
"SHA2-224": &hashPrimitive{"SHA2-224", 28},
|
|
102
|
+
"SHA2-256": &hashPrimitive{"SHA2-256", 32},
|
|
103
|
+
"SHA2-384": &hashPrimitive{"SHA2-384", 48},
|
|
104
|
+
"SHA2-512": &hashPrimitive{"SHA2-512", 64},
|
|
105
|
+
"SHA2-512/224": &hashPrimitive{"SHA2-512/224", 28},
|
|
106
|
+
"SHA2-512/256": &hashPrimitive{"SHA2-512/256", 32},
|
|
107
|
+
"SHA3-224": &hashPrimitive{"SHA3-224", 28},
|
|
108
|
+
"SHA3-256": &hashPrimitive{"SHA3-256", 32},
|
|
109
|
+
"SHA3-384": &hashPrimitive{"SHA3-384", 48},
|
|
110
|
+
"SHA3-512": &hashPrimitive{"SHA3-512", 64},
|
|
111
|
+
// NOTE: SHAKE does not have a predifined digest output size
|
|
112
|
+
"SHAKE-128": &hashPrimitive{"SHAKE-128", -1},
|
|
113
|
+
"SHAKE-256": &hashPrimitive{"SHAKE-256", -1},
|
|
110
114
|
"ACVP-AES-ECB": &blockCipher{"AES", 16, 2, true, false, iterateAES},
|
|
111
115
|
"ACVP-AES-CBC": &blockCipher{"AES-CBC", 16, 2, true, true, iterateAESCBC},
|
|
112
116
|
"ACVP-AES-CBC-CS3": &blockCipher{"AES-CBC-CS3", 16, 1, false, true, iterateAESCBC},
|
|
@@ -124,6 +128,7 @@ func NewWithIO(cmd *exec.Cmd, in io.WriteCloser, out io.ReadCloser) *Subprocess
|
|
|
124
128
|
"HMAC-SHA2-256": &hmacPrimitive{"HMAC-SHA2-256", 32},
|
|
125
129
|
"HMAC-SHA2-384": &hmacPrimitive{"HMAC-SHA2-384", 48},
|
|
126
130
|
"HMAC-SHA2-512": &hmacPrimitive{"HMAC-SHA2-512", 64},
|
|
131
|
+
"HMAC-SHA2-512/224": &hmacPrimitive{"HMAC-SHA2-512/224", 28},
|
|
127
132
|
"HMAC-SHA2-512/256": &hmacPrimitive{"HMAC-SHA2-512/256", 32},
|
|
128
133
|
"HMAC-SHA3-224": &hmacPrimitive{"HMAC-SHA3-224", 28},
|
|
129
134
|
"HMAC-SHA3-256": &hmacPrimitive{"HMAC-SHA3-256", 32},
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
[{"Wrapper": "modulewrapper", "In": "vectors/SHA2-512-224.bz2", "Out": "expected/SHA2-512-224.bz2"}]
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
[{"Wrapper": "modulewrapper", "In": "vectors/SHAKE-128.bz2", "Out": "expected/SHAKE-128.bz2"}]
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
[{"Wrapper": "modulewrapper", "In": "vectors/SHAKE-256.bz2", "Out": "expected/SHAKE-256.bz2"}]
|