Merge pull request #131 from pi-314159/20241219

Update to upstream be21ef7
open-quantum-safe · Dec 21, 2024 · 69bd782 · 69bd782
2 parents fc7bd73 + b08e9b9
commit 69bd782
Show file tree

Hide file tree

Showing 2,179 changed files with 149,205 additions and 126,395 deletions.
diff --git a/.bazelrc b/.bazelrc
@@ -1,4 +1,4 @@
-# Copyright (c) 2024, Google Inc.
+# Copyright 2024 The BoringSSL Authors
 #
 # Permission to use, copy, modify, and/or distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
@@ -33,6 +33,12 @@ build:linux --cxxopt=-std=c++17
 build:macos --cxxopt=-std=c++17
 build:windows --cxxopt=/std:c++17
 
+# Our own builds should strictly build without warnings, but we don't add those
+# in targets like other flags because we can't assume all users will have clean
+# builds too.
+build:linux --cxxopt=-Werror
+build:macos --cxxopt=-Werror
+
 # Without setting a minimum macOS version, std::optional does not work.
 build:macos --cxxopt=-mmacosx-version-min=10.15
 

diff --git a/.bazelversion b/.bazelversion
@@ -0,0 +1 @@
+7.4.1
diff --git a/.bcr/README.md b/.bcr/README.md
@@ -0,0 +1,6 @@
+# BCR Configuration
+
+This directory contains configuration information for BCR. It is patterned after
+the [Publish to BCR app](https://github.com/bazel-contrib/publish-to-bcr/tree/main/templates),
+which we have [opted not to use](https://github.com/bazel-contrib/publish-to-bcr/issues/157).
+However, `presubmit.yml` is used by [our own BCR tooling](../docs/releasing.md).
diff --git a/.bcr/config.yml b/.bcr/config.yml
diff --git a/.bcr/metadata.template.json b/.bcr/metadata.template.json
@@ -0,0 +1,25 @@
+{
+  "homepage": "https://boringssl.googlesource.com/boringssl/",
+  "maintainers": [
+    {
+      "email": "[email protected]",
+      "github": "agl",
+      "name": "Adam Langley"
+    },
+    {
+      "email": "[email protected]",
+      "github": "bob-beck",
+      "name": "Bob Beck"
+    },
+    {
+      "email": "[email protected]",
+      "github": "davidben",
+      "name": "David Benjamin"
+    }
+  ],
+  "repository": [
+    "github:google/boringssl"
+  ],
+  "versions": [],
+  "yanked_versions": {}
+}
diff --git a/.bcr/presubmit.yml b/.bcr/presubmit.yml
@@ -0,0 +1,43 @@
+build_targets: &build_targets
+  - "@boringssl//:crypto"
+  - "@boringssl//:ssl"
+
+matrix: &matrix
+  non_macos_platform:
+    - debian11
+    - ubuntu2204
+    - windows
+  bazel: [7.x]
+tasks:
+  verify_targets:
+    name: Verify build targets
+    platform: ${{ non_macos_platform }}
+    bazel: ${{ bazel }}
+    build_targets: *build_targets
+  # Work around https://github.com/bazelbuild/bazel/issues/10472
+  verify_targets_on_macos:
+    name: Verify build targets on macOS
+    platform: macos
+    bazel: ${{ bazel }}
+    build_targets: *build_targets
+    build_flags: &macos_workaround
+      - '--cxxopt=-std=c++17'
+      - '--sandbox_block_path=/usr/local'
+bcr_test_module:
+  module_path: util/bazel-example
+  matrix: *matrix
+  tasks:
+    run_test_module:
+      name: Run test module
+      platform: ${{ non_macos_platform }}
+      bazel: ${{ bazel }}
+      build_targets:
+        - //...
+    # Work around https://github.com/bazelbuild/bazel/issues/10472
+    run_test_module_on_macos:
+      name: Run test module on macOS
+      platform: macos
+      bazel: ${{ bazel }}
+      build_targets:
+        - //...
+      build_flags: *macos_workaround
diff --git a/.bcr/source.template.json b/.bcr/source.template.json
@@ -0,0 +1,5 @@
+{
+  "integrity": "",
+  "strip_prefix": "{REPO}-{VERSION}",
+  "url": "https://github.com/{OWNER}/{REPO}/releases/download/{TAG}/{REPO}-{TAG}.tar.gz"
+}
diff --git a/.gitignore b/.gitignore
@@ -24,6 +24,7 @@
 /util/bot/libcxx
 /util/bot/libcxxabi
 /util/bot/llvm-build
+/util/bot/llvm-libc
 /util/bot/nasm-win32.exe
 /util/bot/ninja
 /util/bot/perl-win32

diff --git a/AUTHORS b/AUTHORS
@@ -0,0 +1,49 @@
+# This is the list of BoringSSL's significant contributors.
+#
+# This does not necessarily list everyone who has contributed code,
+# especially since many employees of one corporation may be contributing.
+# To see the full list of contributors, see the revision history in
+# source control.
+Google LLC
+Brian Smith
+
+# Additionally, much of the code in BoringSSL is derived from code in the
+# OpenSSL project. We thank the OpenSSL project’s contributors for their
+# work. Some of these contributors are listed below. For the full list of
+# these contributors, see AUTHORS.md in OpenSSL and the revision history
+# in OpenSSL’s source control.
+OpenSSL Software Services, Inc.
+OpenSSL Software Foundation, Inc.
+Andy Polyakov
+Ben Laurie
+Ben Kaduk
+Bernd Edlinger
+Bodo Möller
+David Benjamin
+David von Oheimb
+Dmitry Belyavskiy (Дмитрий Белявский)
+Emilia Käsper
+Eric Young
+Geoff Thorpe
+Holger Reif
+Kurt Roeckx
+Lutz Jänicke
+Mark J. Cox
+Matt Caswell
+Matthias St. Pierre
+Nicola Tuveri
+Nils Larsch
+Patrick Steuer
+Paul Dale
+Paul C. Sutton
+Paul Yang
+Ralf S. Engelschall
+Rich Salz
+Richard Levitte
+Shane Lontis
+Stephen Henson
+Steve Marquess
+Tim Hudson
+Tomáš Mráz
+Ulf Möller
+Viktor Dukhovni
diff --git a/BUILD.bazel b/BUILD.bazel
@@ -1,4 +1,4 @@
-# Copyright (c) 2024, Google Inc.
+# Copyright 2024 The BoringSSL Authors
 #
 # Permission to use, copy, modify, and/or distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
@@ -43,14 +43,31 @@ load(
     "urandom_test_sources",
 )
 load(":util/util.bzl", "bssl_cc_binary", "bssl_cc_library", "bssl_cc_test")
+load("@rules_license//rules:license.bzl", "license")
 
-# Disable the parse_headers feature. It does not work well in C right now. See
-# https://github.com/bazelbuild/bazel/issues/23460 for details. When that is
-# fixed, if enabled, we likely also need to rename some headers to .inc per
-# https://google.github.io/styleguide/cppguide.html#Self_contained_Headers
-package(features = ["-parse_headers"])
+package(
+    default_applicable_licenses = [":license"],
+    # Disable the parse_headers feature. It does not work well in C right now.
+    # See https://github.com/bazelbuild/bazel/issues/23460 for details. When
+    # that is fixed, if enabled, we likely also need to rename some headers to
+    # .inc per
+    # https://google.github.io/styleguide/cppguide.html#Self_contained_Headers
+    features = ["-parse_headers"],
+)
 
-licenses(["notice"])
+license(
+    name = "license",
+    package_name = "BoringSSL",
+    # TODO(crbug.com/364634028): Update this once we've aligned with OpenSSL's
+    # new license.
+    license_kinds = [
+        "@rules_license//licenses/spdx:ISC",
+        "@rules_license//licenses/spdx:OpenSSL",
+        "@rules_license//licenses/spdx:MIT",
+        "@rules_license//licenses/spdx:SSLeay-standalone",
+    ],
+    license_text = "LICENSE",
+)
 
 exports_files(["LICENSE"])
 

diff --git a/BUILDING.md b/BUILDING.md
@@ -25,8 +25,8 @@ most recent stable version of each tool.
     by CMake, it may be configured explicitly by setting
     `CMAKE_ASM_NASM_COMPILER`.
 
-  * Compilers for C11 and C++14, or later, are required. On Windows, MSVC from
-    Visual Studio 2019 or later with Windows 10 SDK 2104 or later are
+  * Compilers for C11 and C++17, or later, are required. On Windows, MSVC from
+    Visual Studio 2022 or later with Windows 10 SDK 2104 or later are
     supported, but using the latest versions is recommended. Recent versions of
     GCC (6.1+) and Clang should work on non-Windows platforms, and maybe on
     Windows too.

diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -1,4 +1,4 @@
-cmake_minimum_required(VERSION 3.12)
+cmake_minimum_required(VERSION 3.16)
 
 # Defer enabling C and CXX languages.
 project(BoringSSL NONE)
@@ -97,7 +97,7 @@ if(CMAKE_SYSTEM_NAME STREQUAL "Emscripten")
   set(EMSCRIPTEN 1)
 endif()
 
-set(CMAKE_CXX_STANDARD 14)
+set(CMAKE_CXX_STANDARD 17)
 set(CMAKE_CXX_STANDARD_REQUIRED ON)
 set(CMAKE_C_STANDARD 11)
 set(CMAKE_C_STANDARD_REQUIRED ON)
@@ -123,7 +123,7 @@ if(CMAKE_COMPILER_IS_GNUCXX OR CLANG)
   endif()
 
   if(CLANG)
-    set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wnewline-eof -fcolor-diagnostics")
+    set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wnewline-eof -Wextra-semi -fcolor-diagnostics")
   else()
     # GCC (at least 4.8.4) has a bug where it'll find unreachable free() calls
     # and declare that the code is trying to free a stack pointer.
@@ -365,7 +365,9 @@ if(FIPS_DELOCATE OR NOT OPENSSL_NO_ASM)
     set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -gcv8")
   else()
     enable_language(ASM)
-    set(OPENSSL_ASM TRUE)
+    if (NOT OPENSSL_NO_ASM)
+      set(OPENSSL_ASM TRUE)
+    endif()
     # Work around https://gitlab.kitware.com/cmake/cmake/-/issues/20771 in older
     # CMake versions.
     if(APPLE AND CMAKE_VERSION VERSION_LESS 3.19)
@@ -447,7 +449,10 @@ if(USE_CUSTOM_LIBCXX)
     libcxx PRIVATE
     -D_LIBCPP_BUILDING_LIBRARY
     -DLIBCXX_BUILDING_LIBCXXABI
+    -DLIBC_NAMESPACE=bssl_llvm_libc
   )
+  # LLVM libc++ depends on some shared headers from LLVM libc.
+  target_include_directories(libcxx PRIVATE util/bot/llvm-libc)
   set_target_properties(
     libcxx libcxxabi PROPERTIES
     COMPILE_FLAGS "-Wno-missing-prototypes -Wno-implicit-fallthrough"
@@ -529,15 +534,25 @@ if(FIPS_DELOCATE AND FIPS_SHARED)
   message(FATAL_ERROR "Can't set both delocate and shared mode for FIPS build")
 endif()
 
+# OSS-Fuzz relies on BORINGSSL_ALLOW_CXX_RUNTIME because -fno-rtti and
+# -fsanitize=vptr are incompatible.
+set(NO_CXX_RUNTIME_FLAGS)
+if(NOT MSVC AND NOT BORINGSSL_ALLOW_CXX_RUNTIME)
+  # Without -fno-exceptions, use of std::unique_ptr emits a call to
+  # std::terminate.
+  set(NO_CXX_RUNTIME_FLAGS -fno-exceptions -fno-rtti)
+endif()
+
 if(FIPS_DELOCATE)
   add_library(bcm_c_generated_asm STATIC ${BCM_SOURCES})
+  # The C++ code in libcrypto shouldn't depend on libstdc++.
+  target_compile_options(bcm_c_generated_asm PRIVATE $<$<COMPILE_LANGUAGE:CXX>:${NO_CXX_RUNTIME_FLAGS}> "-S")
   add_dependencies(bcm_c_generated_asm boringssl_prefix_symbols)
   target_include_directories(bcm_c_generated_asm PRIVATE ${PROJECT_SOURCE_DIR}/include)
-  set_target_properties(bcm_c_generated_asm PROPERTIES COMPILE_OPTIONS "-S")
   set_target_properties(bcm_c_generated_asm PROPERTIES POSITION_INDEPENDENT_CODE ON)
   if(CLANG)
     # Clang warns when passing both -c (from CMake) and -S.
-    set_property(TARGET bcm_c_generated_asm APPEND PROPERTY COMPILE_OPTIONS "-Wno-unused-command-line-argument")
+    target_compile_options(bcm_c_generated_asm PRIVATE "-Wno-unused-command-line-argument")
   endif()
 
   set(TARGET_FLAG "")
@@ -581,6 +596,8 @@ elseif(FIPS_SHARED)
   endif()
 
   add_library(bcm_library STATIC ${BCM_SOURCES} ${BCM_SOURCES_ASM_USED})
+  # The C++ code in libcrypto shouldn't depend on libstdc++.
+  target_compile_options(bcm_library PRIVATE $<$<COMPILE_LANGUAGE:CXX>:${NO_CXX_RUNTIME_FLAGS}>)
   add_dependencies(bcm_library boringssl_prefix_symbols)
   target_include_directories(bcm_library PRIVATE ${PROJECT_SOURCE_DIR}/include)
 
@@ -593,12 +610,16 @@ elseif(FIPS_SHARED)
   set(CRYPTO_FIPS_OBJECTS bcm.o)
 else()
   add_library(fipsmodule OBJECT ${BCM_SOURCES} ${BCM_SOURCES_ASM_USED})
+  # The C++ code in libcrypto shouldn't depend on libstdc++.
+  target_compile_options(fipsmodule PRIVATE $<$<COMPILE_LANGUAGE:CXX>:${NO_CXX_RUNTIME_FLAGS}>)
   add_dependencies(fipsmodule boringssl_prefix_symbols)
   target_include_directories(fipsmodule PRIVATE ${PROJECT_SOURCE_DIR}/include)
   set(CRYPTO_FIPS_OBJECTS $<TARGET_OBJECTS:fipsmodule>)
 endif()
 
 add_library(crypto ${CRYPTO_SOURCES} ${CRYPTO_FIPS_OBJECTS} ${CRYPTO_SOURCES_ASM_USED})
+  # The C++ code in libcrypto shouldn't depend on libstdc++.
+target_compile_options(crypto PRIVATE $<$<COMPILE_LANGUAGE:CXX>:${NO_CXX_RUNTIME_FLAGS}>)
 target_include_directories(crypto PUBLIC
   $<BUILD_INTERFACE:${PROJECT_SOURCE_DIR}/include>
   $<INSTALL_INTERFACE:include>
@@ -696,12 +717,9 @@ add_executable(pki_test ${PKI_TEST_SOURCES})
 target_link_libraries(pki_test test_support_lib boringssl_gtest pki crypto)
 add_dependencies(all_tests pki_test)
 
-# The PKI library requires C++17.
 set_target_properties(
   pki pki_test
   PROPERTIES
-  CXX_STANDARD 17
-  CXX_STANDARD_REQUIRED YES
   COMPILE_FLAGS "${PKI_CXX_FLAGS}")
 
 add_executable(bssl ${BSSL_SOURCES})
@@ -721,7 +739,10 @@ if(FUZZ)
     add_library(Fuzzer STATIC ${LIBFUZZER_SOURCES})
     # libFuzzer does not pass our aggressive warnings. It also must be built
     # without -fsanitize-coverage options or clang crashes.
-    set_target_properties(Fuzzer PROPERTIES COMPILE_FLAGS "-Wno-shadow -Wno-format-nonliteral -Wno-missing-prototypes -fsanitize-coverage=0")
+    set_target_properties(
+      Fuzzer PROPERTIES
+      COMPILE_FLAGS "-Wno-shadow -Wno-format-nonliteral -Wno-missing-prototypes -fsanitize-coverage=0"
+    )
   endif()
 
   add_subdirectory(fuzz)
@@ -793,19 +814,8 @@ else()
 endif()
 
 if(INSTALL_ENABLED)
-  # CMake versions before 3.14 do not have default destination values. Executable
-  # and library targets that use a default destination should include this
-  # variable.
-  if(CMAKE_VERSION VERSION_LESS "3.14")
-    set(INSTALL_DESTINATION_DEFAULT
-        ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
-        LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}
-        RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
-  endif()
-
-  install(TARGETS crypto ssl
-          EXPORT OpenSSLTargets ${INSTALL_DESTINATION_DEFAULT})
-  install(TARGETS bssl DESTINATION ${INSTALL_DESTINATION_DEFAULT})
+  install(TARGETS crypto ssl EXPORT OpenSSLTargets)
+  install(TARGETS bssl)
   install(DIRECTORY include/ DESTINATION ${CMAKE_INSTALL_INCLUDEDIR})
   install(EXPORT OpenSSLTargets
           FILE OpenSSLTargets.cmake

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -46,6 +46,22 @@ version of it. (Use the `git rebase` or `git commit --amend` commands.)
 For more detailed instructions, see the
 [Gerrit User Guide](https://gerrit-review.googlesource.com/Documentation/intro-user.html).
 
+### Copyright headers
+New files contributed directly to BoringSSL should use the following copyright
+header, where `YEAR` is the year the file was added:
+
+    Copyright YEAR The BoringSSL Authors
+
+To list individual contributors, we maintain an [AUTHORS](./AUTHORS) file at the
+top level of the project. See [this documentation](https://opensource.google/documentation/reference/releasing/authors)
+for more details. If you wish to be added, you are welcome to add yourself as
+part of your contribution, or request that we add you.
+
+We started the AUTHORS file after the project began, and after receiving many
+valuable contributions. To avoid being presumptuous, we did not proactively list
+all past contributors. If you previously made a contribution, you are likewise
+welcome to send us a patch to be added, or request that we add you.
+
 ### The small print
 Contributions made by corporations are covered by a different agreement than
 the one above, the