Go to file

Adam Langley be84aeed7d acvptool: create fresh variables in loops.

Referencing a variable in a closure captures it by _address_. So
referencing a loop variable can go horribly wrong:
https://go.dev/play/p/f2ivPAIN_bG

This is accepted as essentially a bug by Go and will be fixed in a
future release (https://github.com/golang/go/wiki/LoopvarExperiment).
But, for now at least, work around it.

Our tests trim the ACVP inputs to only have a single test case per group
in many cases, which hides most of this issue from tests. When we run
run full ACVP sets, our modulewrapper is seemingly fast enough not to
notice there either. But I've updated one of the tests here by
duplicating a test case enough that it catches this a meaningful amount
of the time.

Change-Id: I8216c00f67636ab7dad927eae4b49ae45ae3cf31
Bug: 646
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/62965
Reviewed-by: David Benjamin <davidben@google.com>
Auto-Submit: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>

2023-09-06 16:43:18 +00:00

.github

Add a PULL_REQUEST_TEMPLATE.

2016-03-08 15:23:52 +00:00

cmake

Select SHA-256 vs SHA-512 explicitly in perlasm

2023-08-15 17:06:09 +00:00

crypto

Update googletest and include googlemock

2023-09-05 21:11:19 +00:00

decrepit

Support Android's "baremetal" target

2023-07-18 19:46:50 +00:00

fuzz

Sync pki to chromium d740199e083b70d13506973c6f479f0b01165a05

2023-08-17 20:40:22 +00:00

include/openssl

Return the correct value in EVP_CIPHER_CTX_iv_length after EVP_CTRL_AEAD_SET_IVLEN

2023-09-05 21:04:13 +00:00

pki

Sync pki to chromium 1ef93e346424a24fa27ee55a36254b6ee0f96e86

2023-09-06 14:05:18 +00:00

rust

Add X25519 bindings for bssl-crypto

2023-09-05 19:31:47 +00:00

ssl

runner: Check that the shim HRRs echo the session ID

2023-09-01 17:26:35 +00:00

third_party

Update googletest and include googlemock

2023-09-05 21:11:19 +00:00

tool

Use constant curve-specific groups whenever possible

2023-07-11 20:07:57 +00:00

util

acvptool: create fresh variables in loops.

2023-09-06 16:43:18 +00:00

.clang-format

Fix some clang-format formatting.

2023-02-03 17:37:30 +00:00

.gitignore

Rust build cleanup

2023-03-14 21:34:08 +00:00

API-CONVENTIONS.md

Clarify "reference" and fix typo.

2018-09-05 19:06:48 +00:00

BREAKING-CHANGES.md

Add some notes on how to handle breaking changes.

2018-04-28 00:04:41 +00:00

BUILDING.md

Bump the minimum supported MSVC version to VS2019

2023-05-08 21:46:15 +00:00

CMakeLists.txt

Update googletest and include googlemock

2023-09-05 21:11:19 +00:00

codereview.settings

Comment change in codereview.settings

2018-07-26 00:23:04 +00:00

CONTRIBUTING.md

Add bbe@ to list of reviewers

2023-02-17 18:59:37 +00:00

FUZZING.md

Update docs to recommend a much more convenient CMake invocation

2023-04-19 20:16:58 +00:00

go.mod

Replace byteBuilder and byteReader with cryptobyte

2023-06-27 16:43:40 +00:00

go.sum

Replace byteBuilder and byteReader with cryptobyte

2023-06-27 16:43:40 +00:00

INCORPORATING.md

Link Googlers to the new porting policy doc

2023-07-20 21:54:39 +00:00

LICENSE

Add optimised Aarch64 GCM.

2023-01-17 21:18:52 +00:00

PORTING.md

Remove d2i_FOO object reuse

2023-02-08 17:55:12 +00:00

README.md

See whether relative links work for the documentation.

2022-12-08 18:40:20 +00:00

SANDBOXING.md

Add a comment about the Chromium sandbox for macOS sysctls

2023-05-18 23:47:10 +00:00

sources.cmake

Sync pki to chromium 1ef93e346424a24fa27ee55a36254b6ee0f96e86

2023-09-06 14:05:18 +00:00

STYLE.md

Fix some style guide samples.

2017-08-31 14:24:45 +00:00

README.md

BoringSSL

BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.

BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.

Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.

Project links:

There are other files in this directory which might be helpful:

PORTING.md: how to port OpenSSL-using code to BoringSSL.
BUILDING.md: how to build BoringSSL
INCORPORATING.md: how to incorporate BoringSSL into a project.
API-CONVENTIONS.md: general API conventions for BoringSSL consumers and developers.
STYLE.md: rules and guidelines for coding style.
include/openssl: public headers with API documentation in comments. Also available online.
FUZZING.md: information about fuzzing BoringSSL.
CONTRIBUTING.md: how to contribute to BoringSSL.
BREAKING-CHANGES.md: notes on potentially-breaking changes.
SANDBOXING.md: notes on using BoringSSL in a sandboxed environment.

Languages

Assembly 36.3%

C 35.8%

Rust 23.2%

Perl 2.5%

Python 0.9%

Other 1.2%