Upstream merge 2024 04 16 (#1535)

aws · Apr 20, 2024 · c295aef · c295aef
2 parents 0aebf17 + 2e51629
commit c295aef
Show file tree

Hide file tree

Showing 15 changed files with 365 additions and 390 deletions.
diff --git a/API-CONVENTIONS.md b/API-CONVENTIONS.md
@@ -1,7 +1,7 @@
 # BoringSSL API Conventions
 
 This document describes conventions for BoringSSL APIs. The [style
-guide](/STYLE.md) also includes guidelines, but this document is targeted at
+guide](./STYLE.md) also includes guidelines, but this document is targeted at
 both API consumers and developers.
 
 

diff --git a/BUILDING.md b/BUILDING.md
@@ -4,7 +4,7 @@
 
 The standalone CMake build is primarily intended for developers. If embedding
 AWS-LC into another project with a pre-existing build system, see
-[INCORPORATING.md](/INCORPORATING.md).
+[INCORPORATING.md](./INCORPORATING.md).
 
 If in doubt, use the most recent stable version of each build tool.
 

diff --git a/INCORPORATING.md b/INCORPORATING.md
@@ -1,4 +1,5 @@
 # Incorporating AWS-LC into a project
+
 ## Which branch to use
 
 AWS-LC usage typically follows a
@@ -24,14 +25,14 @@ outside of the CMake environment, these intermediates are generated and
 checked into the AWS-LC source repository in `generated-src`. This avoids
 incorporating projects needing to support Perl and Go in their build systems.
 
-The script [`util/generate_build_files.py`](/util/generate_build_files.py)
+The script [`util/generate_build_files.py`](./util/generate_build_files.py)
 expects to be run from the `aws-lc` directory. The generated build files will 
 be output to `aws-lc/generated-src`. If you don't use any of the supported
 build systems then you should augment `generate_build_files.py` with support
 for it.
 
 The script will pregenerate the intermediate files (see
-[BUILDING.md](/BUILDING.md) for details about which tools will need to be
+[BUILDING.md](./BUILDING.md) for details about which tools will need to be
 installed) and output helper files for that build system. It doesn't generate a
 complete build script, just file and test lists, which change often.
 

diff --git a/SANDBOXING.md b/SANDBOXING.md
@@ -21,7 +21,7 @@ would be a sandbox escape.
 
 This document attempts to describe these baseline OS dependencies and long-lived
 internal resources. These dependencies may change over time, but we aim to
-[work with sandboxed consumers](/BREAKING-CHANGES.md) when they do. However,
+[work with sandboxed consumers](./BREAKING-CHANGES.md) when they do. However,
 each sandbox imposes different constraints, so, above all, sandboxed consumers
 must have ample test coverage to detect issues as they arise.
 

diff --git a/crypto/fipsmodule/FIPS.md b/crypto/fipsmodule/FIPS.md
@@ -8,11 +8,11 @@ Please note that we cannot answer questions about FIPS, nor about using BoringSS
 
 BoringCrypto has undergone the following validations:
 
-1. 2017-06-15: certificate [#2964](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/2964), [security policy](/crypto/fipsmodule/policydocs/BoringCrypto-Security-Policy-20170615.docx) (in docx format).
-1. 2018-07-30: certificate [#3318](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/3318), [security policy](/crypto/fipsmodule/policydocs/BoringCrypto-Security-Policy-20180730.docx) (in docx format).
-1. 2019-08-08: certificate [#3678](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/3678), [security policy](/crypto/fipsmodule/policydocs/BoringCrypto-Security-Policy-20190808.docx) (in docx format).
-1. 2019-10-20: certificate [#3753](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/3753), [security policy](/crypto/fipsmodule/policydocs/BoringCrypto-Android-Security-Policy-20191020.docx) (in docx format).
-1. 2021-01-28: certificate [#4156](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/4156), [security policy](/crypto/fipsmodule/policydocs/BoringCrypto-Android-Security-Policy-20210319.docx) (in docx format).
+1. 2017-06-15: certificate [#2964](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/2964), [security policy](./policydocs/BoringCrypto-Security-Policy-20170615.docx) (in docx format).
+1. 2018-07-30: certificate [#3318](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/3318), [security policy](./policydocs/BoringCrypto-Security-Policy-20180730.docx) (in docx format).
+1. 2019-08-08: certificate [#3678](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/3678), [security policy](./policydocs/BoringCrypto-Security-Policy-20190808.docx) (in docx format).
+1. 2019-10-20: certificate [#3753](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/3753), [security policy](./policydocs/BoringCrypto-Android-Security-Policy-20191020.docx) (in docx format).
+1. 2021-01-28: certificate [#4156](https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/4156), [security policy](./policydocs/BoringCrypto-Android-Security-Policy-20210319.docx) (in docx format).
 1. 2021-04-29: certificate [#4407](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4407).
 
 ## Running ACVP tests
@@ -120,7 +120,7 @@ The most obvious cause of relocations are out-calls from the module to non-crypt
 
 Offsets to these functions cannot be known until the final link because only the linker sees the object files containing them. Thus calls to these functions are rewritten into an IP-relative jump to a redirector function. The redirector functions contain a single jump instruction to the real function and are placed outside of the module and are thus not hashed (see diagram).
 
-![module structure](/crypto/fipsmodule/intcheck1.png)
+![module structure](./intcheck1.png)
 
 In this diagram, the integrity check hashes from `module_start` to `module_end`. Since this does not cover the jump to `memcpy`, it's fine that the linker will poke the final offset into that instruction.
 
@@ -152,7 +152,7 @@ In order to actually implement the integrity test, a constructor function within
 
 Initially the known-good value will be incorrect. Another script (`inject_hash.go`) calculates the correct value from the assembled object and injects it back into the object.
 
-![build process](/crypto/fipsmodule/intcheck2.png)
+![build process](./intcheck2.png)
 
 ### Comparison with OpenSSL's method
 
@@ -172,4 +172,4 @@ Some of the similarities are worth noting:
 
 1. OpenSSL has all out-calls from the module indirecting via the PLT, which is equivalent to the redirector functions described above.
 
-![OpenSSL build process](/crypto/fipsmodule/intcheck3.png)
+![OpenSSL build process](./intcheck3.png)
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
@@ -92,14 +92,16 @@ static void free_dir(X509_LOOKUP *lu);
 static int add_cert_dir(BY_DIR *ctx, const char *dir, int type);
 static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
  X509_OBJECT *ret);
-static X509_LOOKUP_METHOD x509_dir_lookup = {
+static const X509_LOOKUP_METHOD x509_dir_lookup = {
  new_dir, // new
  free_dir, // free
  dir_ctrl, // ctrl
  get_cert_by_subject, // get_by_subject
 };
 
-X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void) { return &x509_dir_lookup; }
+const X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void) {
+ return &x509_dir_lookup;
+}
 
 static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
  char **retp) {
@@ -397,3 +399,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
  BUF_MEM_free(b);
  return ok;
 }
+
+int X509_LOOKUP_add_dir(X509_LOOKUP *lookup, const char *name, int type) {
+ return X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, name, type, NULL);
+}
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
@@ -65,46 +65,35 @@
 
 static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
  char **ret);
-static X509_LOOKUP_METHOD x509_file_lookup = {
+static const X509_LOOKUP_METHOD x509_file_lookup = {
  NULL, // new
  NULL, // free
  by_file_ctrl, // ctrl
  NULL, // get_by_subject
 };
 
-X509_LOOKUP_METHOD *X509_LOOKUP_file(void) { return &x509_file_lookup; }
+const X509_LOOKUP_METHOD *X509_LOOKUP_file(void) { return &x509_file_lookup; }
 
 static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
  char **ret) {
- int ok = 0;
- const char *file;
-
- switch (cmd) {
- case X509_L_FILE_LOAD:
- if (argl == X509_FILETYPE_DEFAULT) {
- file = getenv(X509_get_default_cert_file_env());
- if (file) {
- ok = (X509_load_cert_crl_file(ctx, file, X509_FILETYPE_PEM) != 0);
- }
-
- else {
- ok = (X509_load_cert_crl_file(ctx, X509_get_default_cert_file(),
- X509_FILETYPE_PEM) != 0);
- }
-
- if (!ok) {
- OPENSSL_PUT_ERROR(X509, X509_R_LOADING_DEFAULTS);
- }
- } else {
- if (argl == X509_FILETYPE_PEM) {
- ok = (X509_load_cert_crl_file(ctx, argp, X509_FILETYPE_PEM) != 0);
- } else {
- ok = (X509_load_cert_file(ctx, argp, (int)argl) != 0);
- }
- }
- break;
+ if (cmd != X509_L_FILE_LOAD) {
+ return 0;
+ }
+ const char *file = argp;
+ int type = argl;
+ if (argl == X509_FILETYPE_DEFAULT) {
+ if ((file = getenv(X509_get_default_cert_file_env())) == NULL) {
+ file = X509_get_default_cert_file();
+ }
+ type = X509_FILETYPE_PEM;
+ }
+ if (X509_load_cert_crl_file(ctx, file, type) != 0) {
+ return 1;
  }
- return ok;
+ if (argl == X509_FILETYPE_DEFAULT) {
+ OPENSSL_PUT_ERROR(X509, X509_R_LOADING_DEFAULTS);
+ }
+ return 0;
 }
 
 int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) {
@@ -274,3 +263,7 @@ int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type) {
  sk_X509_INFO_pop_free(inf, X509_INFO_free);
  return count;
 }
+
+int X509_LOOKUP_load_file(X509_LOOKUP *lookup, const char *name, int type) {
+ return X509_LOOKUP_ctrl(lookup, X509_L_FILE_LOAD, name, type, NULL);
+}
diff --git a/crypto/x509/internal.h b/crypto/x509/internal.h
@@ -257,7 +257,6 @@ struct X509_VERIFY_PARAM_st {
  // The following fields specify acceptable peer identities.
  STACK_OF(OPENSSL_STRING) *hosts; // Set of acceptable names
  unsigned int hostflags; // Flags to control matching features
- char *peername; // Matching hostname in peer certificate
  char *email; // If not NULL email address to match
  size_t emaillen;
  unsigned char *ip; // If not NULL IP address to match
@@ -311,7 +310,7 @@ struct x509_store_st {
 
 // This is the functions plus an instance of the local variables.
 struct x509_lookup_st {
- X509_LOOKUP_METHOD *method; // the functions
+ const X509_LOOKUP_METHOD *method; // the functions
  void *method_data; // method data
 
  X509_STORE *store_ctx; // who owns us
@@ -540,6 +539,10 @@ int X509V3_add_value_int(const char *name, const ASN1_INTEGER *aint,
 OPENSSL_EXPORT int GENERAL_NAME_cmp(const GENERAL_NAME *a,
  const GENERAL_NAME *b);
 
+// X509_VERIFY_PARAM_lookup returns a pre-defined |X509_VERIFY_PARAM| named by
+// |name|, or NULL if no such name is defined.
+const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name);
+
 
 #if defined(__cplusplus)
 } // extern C

diff --git a/crypto/x509/v3_prn.c b/crypto/x509/v3_prn.c
@@ -69,9 +69,8 @@ static int unknown_ext_print(BIO *out, const X509_EXTENSION *ext,
  unsigned long flag, int indent, int supported);
 
 // Print out a name+value stack
-
-void X509V3_EXT_val_prn(BIO *out, const STACK_OF(CONF_VALUE) *val, int indent,
- int ml) {
+static void X509V3_EXT_val_prn(BIO *out, const STACK_OF(CONF_VALUE) *val,
+ int indent, int ml) {
  if (!val) {
  return;
  }

diff --git a/crypto/x509/v3_purp.c b/crypto/x509/v3_purp.c
@@ -312,43 +312,18 @@ char *X509_PURPOSE_get0_sname(const X509_PURPOSE *xp) { return xp->sname; }
 
 int X509_PURPOSE_get_trust(const X509_PURPOSE *xp) { return xp->trust; }
 
-static int nid_cmp(const void *void_a, const void *void_b) {
- const int *a = void_a, *b = void_b;
-
- return *a - *b;
-}
-
 int X509_supported_extension(const X509_EXTENSION *ex) {
- // This table is a list of the NIDs of supported extensions: that is
- // those which are used by the verify process. If an extension is
- // critical and doesn't appear in this list then the verify process will
- // normally reject the certificate. The list must be kept in numerical
- // order because it will be searched using bsearch.
-
- static const int supported_nids[] = {
- NID_netscape_cert_type, // 71
- NID_key_usage, // 83
- NID_subject_alt_name, // 85
- NID_basic_constraints, // 87
- NID_certificate_policies, // 89
- NID_ext_key_usage, // 126
- NID_policy_constraints, // 401
- NID_name_constraints, // 666
- NID_policy_mappings, // 747
- NID_inhibit_any_policy // 748
- };
-
- int ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));
-
- if (ex_nid == NID_undef) {
- return 0;
- }
-
- if (bsearch(&ex_nid, supported_nids, sizeof(supported_nids) / sizeof(int),
- sizeof(int), nid_cmp) != NULL) {
- return 1;
- }
- return 0;
+ int nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));
+ return nid == NID_netscape_cert_type || //
+ nid == NID_key_usage || //
+ nid == NID_subject_alt_name || //
+ nid == NID_basic_constraints || //
+ nid == NID_certificate_policies || //
+ nid == NID_ext_key_usage || //
+ nid == NID_policy_constraints || //
+ nid == NID_name_constraints || //
+ nid == NID_policy_mappings || //
+ nid == NID_inhibit_any_policy;
 }
 
 static int setup_dp(X509 *x, DIST_POINT *dp) {