This is another attempt for ring to support fuchsia, by directly
calling `zx_cprng_draw` to generate random byte strings. This avoids
having to pull in an extra dependency (which #634 did). With this
change, all the ring tests pass on fuchsia.
I agree to license my contributions to each file under the terms given
at the top of each file I changed.
Closes#428
Testing with API 24 images because there are no API 26 ARM images available.
I agree to license my contributions to each file under the terms given
at the top of each file I changed.
Some of the targets in Rust's `cross` toolchains have old libc headers
that don't have sys/auxv.h, and we want to do this in Rust anyway.
Unfortunately, in the process of doing so, I found out that
`libc::getauxval()` isn't available in enough places either, so we skip
dealing with *that* too.
Rename some GCM assembly functions so that all functions that do the
same thing the same way have the same name, to make the dispatching
logic simpler.
Thread CPU feature caching witnesses through the GCM dispatching logic
to make feature detection less error-prone.
Start an internal Rust API for feature detection.
This reverts commit c1c9c2221ef26c7cb808ffe79dad4217bd7f431b.
I am looking at improving the API in a different way, so I'm undoing
this change to reduce churn in the interim.
The "Submodules and file naming" section ended with three backticks (` ``` `), which caused the next section to be unformatted instead of using proper Markdown formatting.
Run on Rust stable.
Install C++ compiler and other Kcov dependencies.
Don't install sources and packages that are not needed.
Update Kcov to the latest version.
I agree to license my contributions to each file under the terms given
at the top of each file I changed.
Removed unnecessary `sudo` entries.
Make `distro` explicit in case we want to mix Linux build environments.
Adjust compiler packages to the correct defaults.
I agree to license my contributions to each file under the terms given
at the top of each file I changed.
`num >= 4` is not the same as `num & ~3`. This is pretty much a no-op
change because we expect that we'll never encounter a situation where
`num` is too large to be represented as a 32-bit integer.
This will ensure that this code is tested in CI and is being compiled
by MSVC; previously this C code wasn't being tested at all because all
platforms we use for testing were taking other code paths.
The GHASH part of the tag was effectively being truncated to 16 bits
each round because of a type confusion error. Prior to commit
c4e76592fb2983cd17d20882bf391377b9c44395, the `Xi` parameter of
`GFp_gcm_ghash_4bit` was `uint64_t Xi[2]` and it worked correctly.
In c4e76592fb2983cd17d20882bf391377b9c44395 the type was changed to
`uint8_t Xi[16]`. Most of the code was adapted to the new type,
except these two lines. In particular, note that in that commit that
`GFp_gcm_gmult_4bit` did have the same change made to it.
This only affects AAarch64 platforms without PMULL. X86, X86_64,
and 32-bit ARM have only assembly language code for GCM that is used
instead, so they are unaffected. AAarch64 platforms with PMULL, e.g.
most phones, are not affected because they will use the PMULL-based
code. Consequently, this code wasn't being tested in CI or in most
other configurations.
The C compilers didn't catch this because Clang and GCC do not enable
`-Wconversion` even when `-Wextra` is provided, and because this code
is never compiled with MSVC. A future commit will change both of these
aspects. I verified that MSVC 2017 catches this bug immediately as soon
as allow it to be compiled for X86_64.
