Update BoringSSL to abfd5ebc87ddca0fab9fca067c9d7edbc355eae8 (#424)

* Update BoringSSL vendoring scripts for new perlasm * More patches * Update BoringSSL to abfd5ebc87ddca0fab9fca067c9d7edbc355eae8 * Fixup newly opaquified types
apple · Apr 13, 2023 · 9d0d5d8 · 9d0d5d8
1 parent f042165
commit 9d0d5d8
Show file tree

Hide file tree

Showing 380 changed files with 14,028 additions and 9,681 deletions.
diff --git a/Package.swift b/Package.swift
@@ -26,7 +26,7 @@ import class Foundation.ProcessInfo
 // Sources/CNIOBoringSSL directory. The source repository is at
 // https://boringssl.googlesource.com/boringssl.
 //
-// BoringSSL Commit: b819f7e9392d25db6705a6bd3c92be3bb91775e2
+// BoringSSL Commit: abfd5ebc87ddca0fab9fca067c9d7edbc355eae8
 
 /// This function generates the dependencies we want to express.
 ///

diff --git a/Package@swift-5.5.swift b/Package@swift-5.5.swift
@@ -26,7 +26,7 @@ import class Foundation.ProcessInfo
 // Sources/CNIOBoringSSL directory. The source repository is at
 // https://boringssl.googlesource.com/boringssl.
 //
-// BoringSSL Commit: b819f7e9392d25db6705a6bd3c92be3bb91775e2
+// BoringSSL Commit: abfd5ebc87ddca0fab9fca067c9d7edbc355eae8
 
 /// This function generates the dependencies we want to express.
 ///

diff --git a/Sources/CNIOBoringSSL/crypto/asn1/a_bitstr.c b/Sources/CNIOBoringSSL/crypto/asn1/a_bitstr.c
@@ -66,7 +66,8 @@
 #include "internal.h"
 
 
-int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, const unsigned char *d, int len) {
+int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, const unsigned char *d,
+                        ossl_ssize_t len) {
   return ASN1_STRING_set(x, d, len);
 }
 
@@ -115,6 +116,10 @@ int i2c_ASN1_BIT_STRING(const ASN1_BIT_STRING *a, unsigned char **pp) {
 
   uint8_t bits;
   int len = asn1_bit_string_length(a, &bits);
+  if (len > INT_MAX - 1) {
+    OPENSSL_PUT_ERROR(ASN1, ERR_R_OVERFLOW);
+    return 0;
+  }
   int ret = 1 + len;
   if (pp == NULL) {
     return ret;
@@ -179,7 +184,6 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
   if (len > 0) {
     s = OPENSSL_memdup(p, len);
     if (s == NULL) {
-      OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
       goto err;
     }
     p += len;
@@ -231,7 +235,6 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) {
       c = (unsigned char *)OPENSSL_realloc(a->data, w + 1);
     }
     if (c == NULL) {
-      OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
       return 0;
     }
     if (w + 1 - a->length > 0) {

diff --git a/Sources/CNIOBoringSSL/crypto/asn1/a_bool.c b/Sources/CNIOBoringSSL/crypto/asn1/a_bool.c
@@ -56,65 +56,40 @@
 
 #include <CNIOBoringSSL_asn1.h>
 
+#include <CNIOBoringSSL_bytestring.h>
 #include <CNIOBoringSSL_err.h>
-#include <CNIOBoringSSL_mem.h>
 
-int i2d_ASN1_BOOLEAN(ASN1_BOOLEAN a, unsigned char **pp) {
-  int r;
-  unsigned char *p, *allocated = NULL;
+#include "../bytestring/internal.h"
 
-  r = ASN1_object_size(0, 1, V_ASN1_BOOLEAN);
-  if (pp == NULL) {
-    return r;
-  }
-
-  if (*pp == NULL) {
-    if ((p = allocated = OPENSSL_malloc(r)) == NULL) {
-      OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
-      return -1;
-    }
-  } else {
-    p = *pp;
-  }
-
-  ASN1_put_object(&p, 0, 1, V_ASN1_BOOLEAN, V_ASN1_UNIVERSAL);
-  *p = a ? 0xff : 0x00;
-
-  // If a new buffer was allocated, just return it back.
-  // If not, return the incremented buffer pointer.
-  *pp = allocated != NULL ? allocated : p + 1;
-  return r;
-}
 
-ASN1_BOOLEAN d2i_ASN1_BOOLEAN(ASN1_BOOLEAN *a, const unsigned char **pp,
-                              long length) {
-  const unsigned char *p = *pp;
-  long len;
-  int inf, tag, xclass;
-  inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
-  if (inf & 0x80) {
-    OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_OBJECT_HEADER);
+int i2d_ASN1_BOOLEAN(ASN1_BOOLEAN a, unsigned char **outp) {
+  CBB cbb;
+  if (!CBB_init(&cbb, 3) ||  //
+      !CBB_add_asn1_bool(&cbb, a != ASN1_BOOLEAN_FALSE)) {
+    CBB_cleanup(&cbb);
     return -1;
   }
+  return CBB_finish_i2d(&cbb, outp);
+}
 
-  if (inf & V_ASN1_CONSTRUCTED) {
-    OPENSSL_PUT_ERROR(ASN1, ASN1_R_TYPE_NOT_PRIMITIVE);
-    return -1;
+ASN1_BOOLEAN d2i_ASN1_BOOLEAN(ASN1_BOOLEAN *out, const unsigned char **inp,
+                              long len) {
+  if (len < 0) {
+    return ASN1_BOOLEAN_NONE;
   }
 
-  if (tag != V_ASN1_BOOLEAN || xclass != V_ASN1_UNIVERSAL) {
-    OPENSSL_PUT_ERROR(ASN1, ASN1_R_EXPECTING_A_BOOLEAN);
-    return -1;
+  CBS cbs;
+  CBS_init(&cbs, *inp, (size_t)len);
+  int val;
+  if (!CBS_get_asn1_bool(&cbs, &val)) {
+    OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR);
+    return ASN1_BOOLEAN_NONE;
   }
 
-  if (len != 1) {
-    OPENSSL_PUT_ERROR(ASN1, ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
-    return -1;
-  }
-  ASN1_BOOLEAN ret = (ASN1_BOOLEAN) * (p++);
-  if (a != NULL) {
-    (*a) = ret;
+  ASN1_BOOLEAN ret = val ? ASN1_BOOLEAN_TRUE : ASN1_BOOLEAN_FALSE;
+  if (out != NULL) {
+    *out = ret;
   }
-  *pp = p;
+  *inp = CBS_data(&cbs);
   return ret;
 }
diff --git a/Sources/CNIOBoringSSL/crypto/asn1/a_dup.c b/Sources/CNIOBoringSSL/crypto/asn1/a_dup.c
@@ -75,7 +75,6 @@ void *ASN1_item_dup(const ASN1_ITEM *it, void *x) {
 
   i = ASN1_item_i2d(x, &b, it);
   if (b == NULL) {
-    OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
     return NULL;
   }
   p = b;

diff --git a/Sources/CNIOBoringSSL/crypto/asn1/a_gentm.c b/Sources/CNIOBoringSSL/crypto/asn1/a_gentm.c
@@ -58,6 +58,7 @@
 #include <CNIOBoringSSL_bytestring.h>
 #include <CNIOBoringSSL_err.h>
 #include <CNIOBoringSSL_mem.h>
+#include <CNIOBoringSSL_time.h>
 
 #include <string.h>
 #include <time.h>
@@ -81,34 +82,32 @@ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *d) {
 }
 
 int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str) {
-  ASN1_GENERALIZEDTIME t;
-
-  t.type = V_ASN1_GENERALIZEDTIME;
-  t.length = strlen(str);
-  t.data = (unsigned char *)str;
-  if (ASN1_GENERALIZEDTIME_check(&t)) {
-    if (s != NULL) {
-      if (!ASN1_STRING_set((ASN1_STRING *)s, (unsigned char *)str, t.length)) {
-        return 0;
-      }
-      s->type = V_ASN1_GENERALIZEDTIME;
-    }
-    return 1;
-  } else {
+  size_t len = strlen(str);
+  CBS cbs;
+  CBS_init(&cbs, (const uint8_t *)str, len);
+  if (!CBS_parse_generalized_time(&cbs, /*out_tm=*/NULL,
+                                  /*allow_timezone_offset=*/0)) {
     return 0;
   }
+  if (s != NULL) {
+    if (!ASN1_STRING_set(s, str, len)) {
+      return 0;
+    }
+    s->type = V_ASN1_GENERALIZEDTIME;
+  }
+  return 1;
 }
 
 ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
-                                               time_t t) {
-  return ASN1_GENERALIZEDTIME_adj(s, t, 0, 0);
+                                               int64_t posix_time) {
+  return ASN1_GENERALIZEDTIME_adj(s, posix_time, 0, 0);
 }
 
 ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
-                                               time_t t, int offset_day,
+                                               int64_t posix_time, int offset_day,
                                                long offset_sec) {
   struct tm data;
-  if (!OPENSSL_gmtime(&t, &data)) {
+  if (!OPENSSL_posix_to_tm(posix_time, &data)) {
     return NULL;
   }
 

diff --git a/Sources/CNIOBoringSSL/crypto/asn1/a_i2d_fp.c b/Sources/CNIOBoringSSL/crypto/asn1/a_i2d_fp.c
@@ -76,7 +76,6 @@ int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x) {
   unsigned char *b = NULL;
   int n = ASN1_item_i2d(x, &b, it);
   if (b == NULL) {
-    OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
     return 0;
   }
 

diff --git a/Sources/CNIOBoringSSL/crypto/asn1/a_int.c b/Sources/CNIOBoringSSL/crypto/asn1/a_int.c
@@ -122,14 +122,17 @@ int i2c_ASN1_INTEGER(const ASN1_INTEGER *in, unsigned char **outp) {
   // |ASN1_INTEGER|s should be represented minimally, but it is possible to
   // construct invalid ones. Skip leading zeros so this does not produce an
   // invalid encoding or break invariants.
-  int start = 0;
-  while (start < in->length && in->data[start] == 0) {
-    start++;
+  CBS cbs;
+  CBS_init(&cbs, in->data, in->length);
+  while (CBS_len(&cbs) > 0 && CBS_data(&cbs)[0] == 0) {
+    CBS_skip(&cbs, 1);
   }
 
   int is_negative = (in->type & V_ASN1_NEG) != 0;
-  int pad;
-  if (start >= in->length) {
+  size_t pad;
+  CBS copy = cbs;
+  uint8_t msb;
+  if (!CBS_get_u8(&copy, &msb)) {
     // Zero is represented as a single byte.
     is_negative = 0;
     pad = 1;
@@ -138,20 +141,19 @@ int i2c_ASN1_INTEGER(const ASN1_INTEGER *in, unsigned char **outp) {
     // through 0x00...01 and need an extra byte to be negative.
     // 0x01...00 through 0x80...00 have a two's complement of 0xfe...ff
     // through 0x80...00 and can be negated as-is.
-    pad = in->data[start] > 0x80 ||
-          (in->data[start] == 0x80 &&
-           !is_all_zeros(in->data + start + 1, in->length - start - 1));
+    pad = msb > 0x80 ||
+          (msb == 0x80 && !is_all_zeros(CBS_data(&copy), CBS_len(&copy)));
   } else {
     // If the high bit is set, the signed representation needs an extra
     // byte to be positive.
-    pad = (in->data[start] & 0x80) != 0;
+    pad = (msb & 0x80) != 0;
   }
 
-  if (in->length - start > INT_MAX - pad) {
+  if (CBS_len(&cbs) > INT_MAX - pad) {
     OPENSSL_PUT_ERROR(ASN1, ERR_R_OVERFLOW);
     return 0;
   }
-  int len = pad + in->length - start;
+  int len = (int)(pad + CBS_len(&cbs));
   assert(len > 0);
   if (outp == NULL) {
     return len;
@@ -160,7 +162,7 @@ int i2c_ASN1_INTEGER(const ASN1_INTEGER *in, unsigned char **outp) {
   if (pad) {
     (*outp)[0] = 0;
   }
-  OPENSSL_memcpy(*outp + pad, in->data + start, in->length - start);
+  OPENSSL_memcpy(*outp + pad, CBS_data(&cbs), CBS_len(&cbs));
   if (is_negative) {
     negate_twos_complement(*outp, len);
     assert((*outp)[0] >= 0x80);