Switch to BoringSSL.

(This is a reland of r283542 which was reverted in r283591 because it broke the WebView build. The android_aosp trybots are broken[1] so this based on hope.) This is a much larger change than its diff suggests. If it breaks something, please revert first and ask questions later. [1] http://code.google.com/p/chromium/issues/detail?id=394597 BUG=none Review URL: https://codereview.chromium.org/399993002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@283813 0039d316-1c4b-4281-b951-d872f2087c98
author: agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2014-07-17 17:59:10 +0000
committer: agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2014-07-17 17:59:10 +0000
commit: 2126ceff10266d71675244ba89c6a7951cfb3d8b (patch)
tree: 8d161378853a3ac9965098fd3da3f7ff1511ce24 /crypto
parent: 791733d3dbc0dc80ba00b70a8c18ebaf2c2af812 (diff)
download: chromium_src-2126ceff10266d71675244ba89c6a7951cfb3d8b.zip
chromium_src-2126ceff10266d71675244ba89c6a7951cfb3d8b.tar.gz
chromium_src-2126ceff10266d71675244ba89c6a7951cfb3d8b.tar.bz2
9 files changed, 25 insertions, 21 deletions
diff --git a/crypto/BUILD.gn b/crypto/BUILD.gn
index 30784208..bd7f06d 100644
--- a/crypto/BUILD.gn
+++ b/crypto/BUILD.gn
@@ -242,7 +242,7 @@ test("crypto_unittests") {
 # on the current SSL library should just depend on this.
 group("platform") {
   if (use_openssl) {
-    deps = [ "//third_party/openssl" ]
+    deps = [ "//third_party/boringssl" ]
   } else {
     deps = [ "//net/third_party/nss/ssl:libssl" ]
     if (is_linux) {
diff --git a/crypto/crypto.gyp b/crypto/crypto.gyp
index 0c472ff..42f3cad 100644
--- a/crypto/crypto.gyp
+++ b/crypto/crypto.gyp
@@ -100,7 +100,7 @@
         }],
         [ 'use_openssl==1', {
             'dependencies': [
-              '../third_party/openssl/openssl.gyp:openssl',
+              '../third_party/boringssl/boringssl.gyp:boringssl',
             ],
             # TODO(joth): Use a glob to match exclude patterns once the
             #             OpenSSL file set is complete.
@@ -209,7 +209,7 @@
         }],
         [ 'use_openssl==1', {
           'dependencies': [
-            '../third_party/openssl/openssl.gyp:openssl',
+            '../third_party/boringssl/boringssl.gyp:boringssl',
           ],
           'sources!': [
             'nss_util_unittest.cc',
diff --git a/crypto/crypto_nacl.gyp b/crypto/crypto_nacl.gyp
index 6ec5e83..4451610 100644
--- a/crypto/crypto_nacl.gyp
+++ b/crypto/crypto_nacl.gyp
@@ -22,7 +22,7 @@
         'build_pnacl_newlib': 1,
       },
       'dependencies': [
-        '../third_party/openssl/openssl_nacl.gyp:openssl_nacl',
+        '../third_party/boringssl/boringssl_nacl.gyp:boringssl_nacl',
         '../native_client/tools.gyp:prep_toolchain',
         '../native_client_sdk/native_client_sdk_untrusted.gyp:nacl_io_untrusted',
       ],
diff --git a/crypto/encryptor_openssl.cc b/crypto/encryptor_openssl.cc
index 0bf96b7..0504adb 100644
--- a/crypto/encryptor_openssl.cc
+++ b/crypto/encryptor_openssl.cc
@@ -19,7 +19,6 @@ namespace {
 const EVP_CIPHER* GetCipherForKey(SymmetricKey* key) {
   switch (key->key().length()) {
     case 16: return EVP_aes_128_cbc();
-    case 24: return EVP_aes_192_cbc();
     case 32: return EVP_aes_256_cbc();
     default: return NULL;
   }
@@ -100,8 +99,8 @@ bool Encryptor::Crypt(bool do_encrypt,
   DCHECK(cipher);  // Already handled in Init();
 
   const std::string& key = key_->key();
-  DCHECK_EQ(EVP_CIPHER_iv_length(cipher), static_cast<int>(iv_.length()));
-  DCHECK_EQ(EVP_CIPHER_key_length(cipher), static_cast<int>(key.length()));
+  DCHECK_EQ(EVP_CIPHER_iv_length(cipher), iv_.length());
+  DCHECK_EQ(EVP_CIPHER_key_length(cipher), key.length());
 
   ScopedCipherCTX ctx;
   if (!EVP_CipherInit_ex(ctx.get(), cipher, NULL,
diff --git a/crypto/openssl_bio_string_unittest.cc b/crypto/openssl_bio_string_unittest.cc
index 2467215..9dfa0e7 100644
--- a/crypto/openssl_bio_string_unittest.cc
+++ b/crypto/openssl_bio_string_unittest.cc
@@ -23,24 +23,17 @@ TEST(OpenSSLBIOString, TestWrite) {
     EXPECT_EQ(static_cast<int>(expected1.size()),
               BIO_printf(bio.get(), "a %s\nb %i\n", "one", 2));
     EXPECT_EQ(expected1, s);
-    EXPECT_EQ(static_cast<int>(expected1.size()), BIO_tell(bio.get()));
 
     EXPECT_EQ(1, BIO_flush(bio.get()));
-    EXPECT_EQ(-1, BIO_seek(bio.get(), 0));
     EXPECT_EQ(expected1, s);
 
     EXPECT_EQ(static_cast<int>(expected2.size()),
               BIO_write(bio.get(), expected2.data(), expected2.size()));
     EXPECT_EQ(expected1 + expected2, s);
-    EXPECT_EQ(static_cast<int>(expected1.size() + expected2.size()),
-              BIO_tell(bio.get()));
 
     EXPECT_EQ(static_cast<int>(expected3.size()),
               BIO_puts(bio.get(), expected3.c_str()));
     EXPECT_EQ(expected1 + expected2 + expected3, s);
-    EXPECT_EQ(static_cast<int>(expected1.size() + expected2.size() +
-                               expected3.size()),
-              BIO_tell(bio.get()));
   }
   EXPECT_EQ(expected1 + expected2 + expected3, s);
 }
diff --git a/crypto/openssl_util.cc b/crypto/openssl_util.cc
index 34af810..94bf246 100644
--- a/crypto/openssl_util.cc
+++ b/crypto/openssl_util.cc
@@ -6,6 +6,7 @@
 
 #include <openssl/err.h>
 #include <openssl/ssl.h>
+#include <openssl/cpu.h>
 
 #include "base/logging.h"
 #include "base/memory/scoped_vector.h"
@@ -22,8 +23,9 @@ namespace crypto {
 
 namespace {
 
-unsigned long CurrentThreadId() {
-  return static_cast<unsigned long>(base::PlatformThread::CurrentId());
+void CurrentThreadId(CRYPTO_THREADID* id) {
+  CRYPTO_THREADID_set_numeric(
+      id, static_cast<unsigned long>(base::PlatformThread::CurrentId()));
 }
 
 // Singleton for initializing and cleaning up the OpenSSL library.
@@ -53,7 +55,7 @@ class OpenSSLInitSingleton {
     for (int i = 0; i < num_locks; ++i)
       locks_.push_back(new base::Lock());
     CRYPTO_set_locking_callback(LockingCallback);
-    CRYPTO_set_id_callback(CurrentThreadId);
+    CRYPTO_THREADID_set_callback(CurrentThreadId);
 
 #if defined(OS_ANDROID) && defined(ARCH_CPU_ARMEL)
     const bool has_neon =
diff --git a/crypto/rsa_private_key_openssl.cc b/crypto/rsa_private_key_openssl.cc
index e3cf04c..8dcde61 100644
--- a/crypto/rsa_private_key_openssl.cc
+++ b/crypto/rsa_private_key_openssl.cc
@@ -4,6 +4,8 @@
 
 #include "crypto/rsa_private_key.h"
 
+#include <openssl/bio.h>
+#include <openssl/bn.h>
 #include <openssl/evp.h>
 #include <openssl/pkcs12.h>
 #include <openssl/rsa.h>
diff --git a/crypto/scoped_openssl_types.h b/crypto/scoped_openssl_types.h
index a949233..19953a2 100644
--- a/crypto/scoped_openssl_types.h
+++ b/crypto/scoped_openssl_types.h
@@ -5,6 +5,7 @@
 #ifndef CRYPTO_SCOPED_OPENSSL_TYPES_H_
 #define CRYPTO_SCOPED_OPENSSL_TYPES_H_
 
+#include <openssl/bio.h>
 #include <openssl/bn.h>
 #include <openssl/dsa.h>
 #include <openssl/ec.h>
diff --git a/crypto/signature_verifier_openssl.cc b/crypto/signature_verifier_openssl.cc
index 155a2cf3..a855120 100644
--- a/crypto/signature_verifier_openssl.cc
+++ b/crypto/signature_verifier_openssl.cc
@@ -26,7 +26,7 @@ const EVP_MD* ToOpenSSLDigest(SignatureVerifier::HashAlgorithm hash_alg) {
     case SignatureVerifier::SHA256:
       return EVP_sha256();
   }
-  return EVP_md_null();
+  return NULL;
 }
 
 }  // namespace
@@ -80,8 +80,11 @@ bool SignatureVerifier::VerifyInitRSAPSS(HashAlgorithm hash_alg,
                                          const uint8* public_key_info,
                                          int public_key_info_len) {
   OpenSSLErrStackTracer err_tracer(FROM_HERE);
-  const EVP_MD* digest = ToOpenSSLDigest(hash_alg);
+  const EVP_MD* const digest = ToOpenSSLDigest(hash_alg);
   DCHECK(digest);
+  if (!digest) {
+    return false;
+  }
 
   EVP_PKEY_CTX* pkey_ctx;
   if (!CommonInit(digest, signature, signature_len, public_key_info,
@@ -92,8 +95,12 @@ bool SignatureVerifier::VerifyInitRSAPSS(HashAlgorithm hash_alg,
   int rv = EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING);
   if (rv != 1)
     return false;
-  rv = EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx,
-                                    ToOpenSSLDigest(mask_hash_alg));
+  const EVP_MD* const mgf_digest = ToOpenSSLDigest(mask_hash_alg);
+  DCHECK(mgf_digest);
+  if (!mgf_digest) {
+    return false;
+  }
+  rv = EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, mgf_digest);
   if (rv != 1)
     return false;
   rv = EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, salt_len);
author	agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2014-07-17 17:59:10 +0000
committer	agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2014-07-17 17:59:10 +0000
commit	2126ceff10266d71675244ba89c6a7951cfb3d8b (patch)
tree	8d161378853a3ac9965098fd3da3f7ff1511ce24 /crypto
parent	791733d3dbc0dc80ba00b70a8c18ebaf2c2af812 (diff)
download	chromium_src-2126ceff10266d71675244ba89c6a7951cfb3d8b.zip chromium_src-2126ceff10266d71675244ba89c6a7951cfb3d8b.tar.gz chromium_src-2126ceff10266d71675244ba89c6a7951cfb3d8b.tar.bz2