`winapi` is in maintenance mode and the new blessed way to access Windows APIs are the `windows`
and `windows-sys` crates. I don't think any types of `winapi` were exposed in the public API so
I used `windows-sys` since it has much faster compile times.
The slice indexing was wrong. CI did not catch this because it only
uses the implementations that the feature detection logic chooses,
and in CI it uses the emulator that always chooses the hardware AES
implementation.
The consequence is that on 32-bit ARM targets with NEON but without
hardware AES, the encryption/decryption is done incorrectly.
The change that introduced this problem was
74aa79b650f8a1f751993a56046ca43166ae9934. I checked (and tested) the
latest release (0.16.20) to verify that it is correct. So this only
affects 0.17, which wasn't been released yet.
The fix mirrors what we were doing before in 0.16.20.
BoringSSL split up there bn_tests.txt into multiple files, which we had
done previously. Prepare to merge that BoringSSL change by putting the
test input files in the same places.
This removes one more patch, and adapts import to deal with gmock from chrome
which is now included in boring.
Bug: chromium:1322914
Change-Id: I2a5957f741252941fea76205a21e98fd655f8cae
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/63225
Commit-Queue: Adam Langley <agl@google.com>
Auto-Submit: Bob Beck <bbe@google.com>
Reviewed-by: Adam Langley <agl@google.com>
When the `alloc` feature is disabled, on lesser-used targets we don't
build `bigint` but we still need some of the Montgomery arithmetic.
```
git diff \
HEAD^1:src/arithmetic/bigint/bn_mul_mont_fallback.rs \
src/arithmetic/montgomery.rs
```
```
git diff \
HEAD^1:src/arithmetic/bigint.rs \
src/arithmetic/montgomery.rs
```
Instead the spelling is message(FATAL_ERROR "blah"). Although
error("blah") also works because it just complains that error doesn't
exist.
Change-Id: I80384e0198a9013f93f9403d0a4c256749905045
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/63106
Reviewed-by: Bob Beck <bbe@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
The test case that is enabled in the merged BoringSSL change was already enabled in
*ring*, so nothing changed regarding the test cases. *ring* doesn't use RSAZ.
```
git difftool \
801a801:crypto/fipsmodule/bn/bn_tests.txt \
.\src\arithmetic\bigint_elem_exp_consttime_tests.txt
```
