diff options
author | vitalybuka@chromium.org <vitalybuka@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-07-17 20:07:06 +0000 |
---|---|---|
committer | vitalybuka@chromium.org <vitalybuka@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-07-17 20:07:06 +0000 |
commit | 2fcd215fc3158d44935845ee86e98346848cab8b (patch) | |
tree | fbf1938a15bc6a027e1912ce9da7d1537f906ef5 /crypto | |
parent | 5657db4b4384ac2cd77c21a68afda29537811f16 (diff) | |
download | chromium_src-2fcd215fc3158d44935845ee86e98346848cab8b.zip chromium_src-2fcd215fc3158d44935845ee86e98346848cab8b.tar.gz chromium_src-2fcd215fc3158d44935845ee86e98346848cab8b.tar.bz2 |
Revert 283813 "Switch to BoringSSL."
Failed WebRtcBrowserTest on android_dbg_triggered_tests.
> Switch to BoringSSL.
>
> (This is a reland of r283542 which was reverted in r283591 because it
> broke the WebView build. The android_aosp trybots are broken[1] so this
> based on hope.)
>
> This is a much larger change than its diff suggests. If it breaks
> something, please revert first and ask questions later.
>
> [1] http://code.google.com/p/chromium/issues/detail?id=394597
>
> BUG=none
>
> Review URL: https://codereview.chromium.org/399993002
TBR=agl@chromium.org
Review URL: https://codereview.chromium.org/405503002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@283845 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/BUILD.gn | 2 | ||||
-rw-r--r-- | crypto/crypto.gyp | 4 | ||||
-rw-r--r-- | crypto/crypto_nacl.gyp | 2 | ||||
-rw-r--r-- | crypto/encryptor_openssl.cc | 5 | ||||
-rw-r--r-- | crypto/openssl_bio_string_unittest.cc | 7 | ||||
-rw-r--r-- | crypto/openssl_util.cc | 8 | ||||
-rw-r--r-- | crypto/rsa_private_key_openssl.cc | 2 | ||||
-rw-r--r-- | crypto/scoped_openssl_types.h | 1 | ||||
-rw-r--r-- | crypto/signature_verifier_openssl.cc | 15 |
9 files changed, 21 insertions, 25 deletions
diff --git a/crypto/BUILD.gn b/crypto/BUILD.gn index bd7f06d..30784208 100644 --- a/crypto/BUILD.gn +++ b/crypto/BUILD.gn @@ -242,7 +242,7 @@ test("crypto_unittests") { # on the current SSL library should just depend on this. group("platform") { if (use_openssl) { - deps = [ "//third_party/boringssl" ] + deps = [ "//third_party/openssl" ] } else { deps = [ "//net/third_party/nss/ssl:libssl" ] if (is_linux) { diff --git a/crypto/crypto.gyp b/crypto/crypto.gyp index 42f3cad..0c472ff 100644 --- a/crypto/crypto.gyp +++ b/crypto/crypto.gyp @@ -100,7 +100,7 @@ }], [ 'use_openssl==1', { 'dependencies': [ - '../third_party/boringssl/boringssl.gyp:boringssl', + '../third_party/openssl/openssl.gyp:openssl', ], # TODO(joth): Use a glob to match exclude patterns once the # OpenSSL file set is complete. @@ -209,7 +209,7 @@ }], [ 'use_openssl==1', { 'dependencies': [ - '../third_party/boringssl/boringssl.gyp:boringssl', + '../third_party/openssl/openssl.gyp:openssl', ], 'sources!': [ 'nss_util_unittest.cc', diff --git a/crypto/crypto_nacl.gyp b/crypto/crypto_nacl.gyp index 4451610..6ec5e83 100644 --- a/crypto/crypto_nacl.gyp +++ b/crypto/crypto_nacl.gyp @@ -22,7 +22,7 @@ 'build_pnacl_newlib': 1, }, 'dependencies': [ - '../third_party/boringssl/boringssl_nacl.gyp:boringssl_nacl', + '../third_party/openssl/openssl_nacl.gyp:openssl_nacl', '../native_client/tools.gyp:prep_toolchain', '../native_client_sdk/native_client_sdk_untrusted.gyp:nacl_io_untrusted', ], diff --git a/crypto/encryptor_openssl.cc b/crypto/encryptor_openssl.cc index 0504adb..0bf96b7 100644 --- a/crypto/encryptor_openssl.cc +++ b/crypto/encryptor_openssl.cc @@ -19,6 +19,7 @@ namespace { const EVP_CIPHER* GetCipherForKey(SymmetricKey* key) { switch (key->key().length()) { case 16: return EVP_aes_128_cbc(); + case 24: return EVP_aes_192_cbc(); case 32: return EVP_aes_256_cbc(); default: return NULL; } @@ -99,8 +100,8 @@ bool Encryptor::Crypt(bool do_encrypt, DCHECK(cipher); // Already handled in Init(); const std::string& key = key_->key(); - DCHECK_EQ(EVP_CIPHER_iv_length(cipher), iv_.length()); - DCHECK_EQ(EVP_CIPHER_key_length(cipher), key.length()); + DCHECK_EQ(EVP_CIPHER_iv_length(cipher), static_cast<int>(iv_.length())); + DCHECK_EQ(EVP_CIPHER_key_length(cipher), static_cast<int>(key.length())); ScopedCipherCTX ctx; if (!EVP_CipherInit_ex(ctx.get(), cipher, NULL, diff --git a/crypto/openssl_bio_string_unittest.cc b/crypto/openssl_bio_string_unittest.cc index 9dfa0e7..2467215 100644 --- a/crypto/openssl_bio_string_unittest.cc +++ b/crypto/openssl_bio_string_unittest.cc @@ -23,17 +23,24 @@ TEST(OpenSSLBIOString, TestWrite) { EXPECT_EQ(static_cast<int>(expected1.size()), BIO_printf(bio.get(), "a %s\nb %i\n", "one", 2)); EXPECT_EQ(expected1, s); + EXPECT_EQ(static_cast<int>(expected1.size()), BIO_tell(bio.get())); EXPECT_EQ(1, BIO_flush(bio.get())); + EXPECT_EQ(-1, BIO_seek(bio.get(), 0)); EXPECT_EQ(expected1, s); EXPECT_EQ(static_cast<int>(expected2.size()), BIO_write(bio.get(), expected2.data(), expected2.size())); EXPECT_EQ(expected1 + expected2, s); + EXPECT_EQ(static_cast<int>(expected1.size() + expected2.size()), + BIO_tell(bio.get())); EXPECT_EQ(static_cast<int>(expected3.size()), BIO_puts(bio.get(), expected3.c_str())); EXPECT_EQ(expected1 + expected2 + expected3, s); + EXPECT_EQ(static_cast<int>(expected1.size() + expected2.size() + + expected3.size()), + BIO_tell(bio.get())); } EXPECT_EQ(expected1 + expected2 + expected3, s); } diff --git a/crypto/openssl_util.cc b/crypto/openssl_util.cc index 94bf246..34af810 100644 --- a/crypto/openssl_util.cc +++ b/crypto/openssl_util.cc @@ -6,7 +6,6 @@ #include <openssl/err.h> #include <openssl/ssl.h> -#include <openssl/cpu.h> #include "base/logging.h" #include "base/memory/scoped_vector.h" @@ -23,9 +22,8 @@ namespace crypto { namespace { -void CurrentThreadId(CRYPTO_THREADID* id) { - CRYPTO_THREADID_set_numeric( - id, static_cast<unsigned long>(base::PlatformThread::CurrentId())); +unsigned long CurrentThreadId() { + return static_cast<unsigned long>(base::PlatformThread::CurrentId()); } // Singleton for initializing and cleaning up the OpenSSL library. @@ -55,7 +53,7 @@ class OpenSSLInitSingleton { for (int i = 0; i < num_locks; ++i) locks_.push_back(new base::Lock()); CRYPTO_set_locking_callback(LockingCallback); - CRYPTO_THREADID_set_callback(CurrentThreadId); + CRYPTO_set_id_callback(CurrentThreadId); #if defined(OS_ANDROID) && defined(ARCH_CPU_ARMEL) const bool has_neon = diff --git a/crypto/rsa_private_key_openssl.cc b/crypto/rsa_private_key_openssl.cc index 8dcde61..e3cf04c 100644 --- a/crypto/rsa_private_key_openssl.cc +++ b/crypto/rsa_private_key_openssl.cc @@ -4,8 +4,6 @@ #include "crypto/rsa_private_key.h" -#include <openssl/bio.h> -#include <openssl/bn.h> #include <openssl/evp.h> #include <openssl/pkcs12.h> #include <openssl/rsa.h> diff --git a/crypto/scoped_openssl_types.h b/crypto/scoped_openssl_types.h index 19953a2..a949233 100644 --- a/crypto/scoped_openssl_types.h +++ b/crypto/scoped_openssl_types.h @@ -5,7 +5,6 @@ #ifndef CRYPTO_SCOPED_OPENSSL_TYPES_H_ #define CRYPTO_SCOPED_OPENSSL_TYPES_H_ -#include <openssl/bio.h> #include <openssl/bn.h> #include <openssl/dsa.h> #include <openssl/ec.h> diff --git a/crypto/signature_verifier_openssl.cc b/crypto/signature_verifier_openssl.cc index a855120..155a2cf3 100644 --- a/crypto/signature_verifier_openssl.cc +++ b/crypto/signature_verifier_openssl.cc @@ -26,7 +26,7 @@ const EVP_MD* ToOpenSSLDigest(SignatureVerifier::HashAlgorithm hash_alg) { case SignatureVerifier::SHA256: return EVP_sha256(); } - return NULL; + return EVP_md_null(); } } // namespace @@ -80,11 +80,8 @@ bool SignatureVerifier::VerifyInitRSAPSS(HashAlgorithm hash_alg, const uint8* public_key_info, int public_key_info_len) { OpenSSLErrStackTracer err_tracer(FROM_HERE); - const EVP_MD* const digest = ToOpenSSLDigest(hash_alg); + const EVP_MD* digest = ToOpenSSLDigest(hash_alg); DCHECK(digest); - if (!digest) { - return false; - } EVP_PKEY_CTX* pkey_ctx; if (!CommonInit(digest, signature, signature_len, public_key_info, @@ -95,12 +92,8 @@ bool SignatureVerifier::VerifyInitRSAPSS(HashAlgorithm hash_alg, int rv = EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING); if (rv != 1) return false; - const EVP_MD* const mgf_digest = ToOpenSSLDigest(mask_hash_alg); - DCHECK(mgf_digest); - if (!mgf_digest) { - return false; - } - rv = EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, mgf_digest); + rv = EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, + ToOpenSSLDigest(mask_hash_alg)); if (rv != 1) return false; rv = EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, salt_len); |