summaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorvitalybuka@chromium.org <vitalybuka@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2014-07-17 20:07:06 +0000
committervitalybuka@chromium.org <vitalybuka@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2014-07-17 20:07:06 +0000
commit2fcd215fc3158d44935845ee86e98346848cab8b (patch)
treefbf1938a15bc6a027e1912ce9da7d1537f906ef5 /crypto
parent5657db4b4384ac2cd77c21a68afda29537811f16 (diff)
downloadchromium_src-2fcd215fc3158d44935845ee86e98346848cab8b.zip
chromium_src-2fcd215fc3158d44935845ee86e98346848cab8b.tar.gz
chromium_src-2fcd215fc3158d44935845ee86e98346848cab8b.tar.bz2
Revert 283813 "Switch to BoringSSL."
Failed WebRtcBrowserTest on android_dbg_triggered_tests. > Switch to BoringSSL. > > (This is a reland of r283542 which was reverted in r283591 because it > broke the WebView build. The android_aosp trybots are broken[1] so this > based on hope.) > > This is a much larger change than its diff suggests. If it breaks > something, please revert first and ask questions later. > > [1] http://code.google.com/p/chromium/issues/detail?id=394597 > > BUG=none > > Review URL: https://codereview.chromium.org/399993002 TBR=agl@chromium.org Review URL: https://codereview.chromium.org/405503002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@283845 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'crypto')
-rw-r--r--crypto/BUILD.gn2
-rw-r--r--crypto/crypto.gyp4
-rw-r--r--crypto/crypto_nacl.gyp2
-rw-r--r--crypto/encryptor_openssl.cc5
-rw-r--r--crypto/openssl_bio_string_unittest.cc7
-rw-r--r--crypto/openssl_util.cc8
-rw-r--r--crypto/rsa_private_key_openssl.cc2
-rw-r--r--crypto/scoped_openssl_types.h1
-rw-r--r--crypto/signature_verifier_openssl.cc15
9 files changed, 21 insertions, 25 deletions
diff --git a/crypto/BUILD.gn b/crypto/BUILD.gn
index bd7f06d..30784208 100644
--- a/crypto/BUILD.gn
+++ b/crypto/BUILD.gn
@@ -242,7 +242,7 @@ test("crypto_unittests") {
# on the current SSL library should just depend on this.
group("platform") {
if (use_openssl) {
- deps = [ "//third_party/boringssl" ]
+ deps = [ "//third_party/openssl" ]
} else {
deps = [ "//net/third_party/nss/ssl:libssl" ]
if (is_linux) {
diff --git a/crypto/crypto.gyp b/crypto/crypto.gyp
index 42f3cad..0c472ff 100644
--- a/crypto/crypto.gyp
+++ b/crypto/crypto.gyp
@@ -100,7 +100,7 @@
}],
[ 'use_openssl==1', {
'dependencies': [
- '../third_party/boringssl/boringssl.gyp:boringssl',
+ '../third_party/openssl/openssl.gyp:openssl',
],
# TODO(joth): Use a glob to match exclude patterns once the
# OpenSSL file set is complete.
@@ -209,7 +209,7 @@
}],
[ 'use_openssl==1', {
'dependencies': [
- '../third_party/boringssl/boringssl.gyp:boringssl',
+ '../third_party/openssl/openssl.gyp:openssl',
],
'sources!': [
'nss_util_unittest.cc',
diff --git a/crypto/crypto_nacl.gyp b/crypto/crypto_nacl.gyp
index 4451610..6ec5e83 100644
--- a/crypto/crypto_nacl.gyp
+++ b/crypto/crypto_nacl.gyp
@@ -22,7 +22,7 @@
'build_pnacl_newlib': 1,
},
'dependencies': [
- '../third_party/boringssl/boringssl_nacl.gyp:boringssl_nacl',
+ '../third_party/openssl/openssl_nacl.gyp:openssl_nacl',
'../native_client/tools.gyp:prep_toolchain',
'../native_client_sdk/native_client_sdk_untrusted.gyp:nacl_io_untrusted',
],
diff --git a/crypto/encryptor_openssl.cc b/crypto/encryptor_openssl.cc
index 0504adb..0bf96b7 100644
--- a/crypto/encryptor_openssl.cc
+++ b/crypto/encryptor_openssl.cc
@@ -19,6 +19,7 @@ namespace {
const EVP_CIPHER* GetCipherForKey(SymmetricKey* key) {
switch (key->key().length()) {
case 16: return EVP_aes_128_cbc();
+ case 24: return EVP_aes_192_cbc();
case 32: return EVP_aes_256_cbc();
default: return NULL;
}
@@ -99,8 +100,8 @@ bool Encryptor::Crypt(bool do_encrypt,
DCHECK(cipher); // Already handled in Init();
const std::string& key = key_->key();
- DCHECK_EQ(EVP_CIPHER_iv_length(cipher), iv_.length());
- DCHECK_EQ(EVP_CIPHER_key_length(cipher), key.length());
+ DCHECK_EQ(EVP_CIPHER_iv_length(cipher), static_cast<int>(iv_.length()));
+ DCHECK_EQ(EVP_CIPHER_key_length(cipher), static_cast<int>(key.length()));
ScopedCipherCTX ctx;
if (!EVP_CipherInit_ex(ctx.get(), cipher, NULL,
diff --git a/crypto/openssl_bio_string_unittest.cc b/crypto/openssl_bio_string_unittest.cc
index 9dfa0e7..2467215 100644
--- a/crypto/openssl_bio_string_unittest.cc
+++ b/crypto/openssl_bio_string_unittest.cc
@@ -23,17 +23,24 @@ TEST(OpenSSLBIOString, TestWrite) {
EXPECT_EQ(static_cast<int>(expected1.size()),
BIO_printf(bio.get(), "a %s\nb %i\n", "one", 2));
EXPECT_EQ(expected1, s);
+ EXPECT_EQ(static_cast<int>(expected1.size()), BIO_tell(bio.get()));
EXPECT_EQ(1, BIO_flush(bio.get()));
+ EXPECT_EQ(-1, BIO_seek(bio.get(), 0));
EXPECT_EQ(expected1, s);
EXPECT_EQ(static_cast<int>(expected2.size()),
BIO_write(bio.get(), expected2.data(), expected2.size()));
EXPECT_EQ(expected1 + expected2, s);
+ EXPECT_EQ(static_cast<int>(expected1.size() + expected2.size()),
+ BIO_tell(bio.get()));
EXPECT_EQ(static_cast<int>(expected3.size()),
BIO_puts(bio.get(), expected3.c_str()));
EXPECT_EQ(expected1 + expected2 + expected3, s);
+ EXPECT_EQ(static_cast<int>(expected1.size() + expected2.size() +
+ expected3.size()),
+ BIO_tell(bio.get()));
}
EXPECT_EQ(expected1 + expected2 + expected3, s);
}
diff --git a/crypto/openssl_util.cc b/crypto/openssl_util.cc
index 94bf246..34af810 100644
--- a/crypto/openssl_util.cc
+++ b/crypto/openssl_util.cc
@@ -6,7 +6,6 @@
#include <openssl/err.h>
#include <openssl/ssl.h>
-#include <openssl/cpu.h>
#include "base/logging.h"
#include "base/memory/scoped_vector.h"
@@ -23,9 +22,8 @@ namespace crypto {
namespace {
-void CurrentThreadId(CRYPTO_THREADID* id) {
- CRYPTO_THREADID_set_numeric(
- id, static_cast<unsigned long>(base::PlatformThread::CurrentId()));
+unsigned long CurrentThreadId() {
+ return static_cast<unsigned long>(base::PlatformThread::CurrentId());
}
// Singleton for initializing and cleaning up the OpenSSL library.
@@ -55,7 +53,7 @@ class OpenSSLInitSingleton {
for (int i = 0; i < num_locks; ++i)
locks_.push_back(new base::Lock());
CRYPTO_set_locking_callback(LockingCallback);
- CRYPTO_THREADID_set_callback(CurrentThreadId);
+ CRYPTO_set_id_callback(CurrentThreadId);
#if defined(OS_ANDROID) && defined(ARCH_CPU_ARMEL)
const bool has_neon =
diff --git a/crypto/rsa_private_key_openssl.cc b/crypto/rsa_private_key_openssl.cc
index 8dcde61..e3cf04c 100644
--- a/crypto/rsa_private_key_openssl.cc
+++ b/crypto/rsa_private_key_openssl.cc
@@ -4,8 +4,6 @@
#include "crypto/rsa_private_key.h"
-#include <openssl/bio.h>
-#include <openssl/bn.h>
#include <openssl/evp.h>
#include <openssl/pkcs12.h>
#include <openssl/rsa.h>
diff --git a/crypto/scoped_openssl_types.h b/crypto/scoped_openssl_types.h
index 19953a2..a949233 100644
--- a/crypto/scoped_openssl_types.h
+++ b/crypto/scoped_openssl_types.h
@@ -5,7 +5,6 @@
#ifndef CRYPTO_SCOPED_OPENSSL_TYPES_H_
#define CRYPTO_SCOPED_OPENSSL_TYPES_H_
-#include <openssl/bio.h>
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/ec.h>
diff --git a/crypto/signature_verifier_openssl.cc b/crypto/signature_verifier_openssl.cc
index a855120..155a2cf3 100644
--- a/crypto/signature_verifier_openssl.cc
+++ b/crypto/signature_verifier_openssl.cc
@@ -26,7 +26,7 @@ const EVP_MD* ToOpenSSLDigest(SignatureVerifier::HashAlgorithm hash_alg) {
case SignatureVerifier::SHA256:
return EVP_sha256();
}
- return NULL;
+ return EVP_md_null();
}
} // namespace
@@ -80,11 +80,8 @@ bool SignatureVerifier::VerifyInitRSAPSS(HashAlgorithm hash_alg,
const uint8* public_key_info,
int public_key_info_len) {
OpenSSLErrStackTracer err_tracer(FROM_HERE);
- const EVP_MD* const digest = ToOpenSSLDigest(hash_alg);
+ const EVP_MD* digest = ToOpenSSLDigest(hash_alg);
DCHECK(digest);
- if (!digest) {
- return false;
- }
EVP_PKEY_CTX* pkey_ctx;
if (!CommonInit(digest, signature, signature_len, public_key_info,
@@ -95,12 +92,8 @@ bool SignatureVerifier::VerifyInitRSAPSS(HashAlgorithm hash_alg,
int rv = EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING);
if (rv != 1)
return false;
- const EVP_MD* const mgf_digest = ToOpenSSLDigest(mask_hash_alg);
- DCHECK(mgf_digest);
- if (!mgf_digest) {
- return false;
- }
- rv = EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, mgf_digest);
+ rv = EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx,
+ ToOpenSSLDigest(mask_hash_alg));
if (rv != 1)
return false;
rv = EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, salt_len);