Enable `ring::agreement` for wasm32 targets using the small
implementation of Curve25519.
Use the small Curve25519 implementation of Curve25519 (and
P-256) for all targets except for Aarch64 and x86-64.
Besides being smaller, the small implementations are likely
more resistant to compiler-introduced side-channels, which
is especially important for the wasm32 virtual machine and
other targets that we don't QA as thoroughly as AAarch64
and x86-64.
Bring in the previously-removed definition of `fe_mul_llt`
from BoringSSL as of commit
8d71d244c0debac4079beeb02b5802fde59b94bd.
Benchmarks require Rust 1.65 or later currently due to benchmark-only
dependencies.
Also, benchmarks add a lot of downloading/build time because they have
many more dependencies. So, skipping them in these jobs makes them
faster.
Don't warn during `cargo build` or `cargo test`, but deny them
in `mk/clippy.sh` so that they are caught in CI. Limit `cargo build`
warnings to things that matter during the edit/test cycle.
In particular, eliminate the use of `ArrayEncoding::as_byte_array` as
we work towards removing that function because it uses `unsafe`.
Where `Block` is used in parameters to C/assembly code, I verified that
the C/assembly code uses `uint8_t *` as the function type (meaning
`uint8_t[16]`) in the BoringSSL headers. Until recently the stuff in
GCM was using `uint64_t` or a union containing `uint64_t`, which is why
block was previously defined in terms of `BigEndian<u64>`.
This is a step towards eliminating `unsafe` usage in `ring::endian` by
eliminating one use of `ArrayEncoding::as_byte_array`.
Since this is the only usage of `LittleEndian`, it is removed
completely.
This simple `array_flatten` polyfill will be useful for multiple
improvements towards eliminating the unsafe code in `endian`.
*ring* defined a function named `OPENSSL_memcmp` that did what
`CRYPTO_memcmp` does in BoringSSL, and BoringSSL has a different
function called `OPENSSL_memcmp`. *ring* doesn't need
`OPENSSL_memcmp` so sync the `CRYPTO_memcmp` stuff with BoringSSL.
This eliminates unnecessary differences from BoringSSL.
Our policy is to set warnings-as-errors only when buildingt from Git,
not when building from a packaged release. This flag is another aspect
of warnings-as-errors.
`dev_urandom_fallback` presently does nothing, so don't bother adding
it as a matrix dimension.
Because `dev_urandom_fallback` does nothing,
`--no-default-features --features=alloc` is effectively the same as the
default feature set, so don't add it as a matrix dimension.
`--all-features` is no longer appropriate after the ARM hardware feature
disabling features were added, so replace it with what we really want,
`--features=std,slow_tests`.
In the coverage section, `--features=alloc,dev_urandom_fallback,std` is
the same as `--features=std` since `alloc and `urandom_fallback` are
default features.
Move the Criterion.rs dependency out of *ring* into a new `ring-benches`
crate. This speeds up many build scenerios by eliminating a bunch of
dependencies from *ring*'s dependency tree for `cargo test`.
