Upgrade to upstream 519c2986c73c23461b130ad19b93fd7d081353d5 (Chromium 92 0 4515 107)

.clang-format

@@ -4,4 +4,65 @@ AllowShortIfStatementsOnASingleLine: false
 AllowShortLoopsOnASingleLine: false
 DerivePointerAlignment: false
 PointerAlignment: Right
-
+# TODO(davidben): The default for Google style is now Regroup, but the default
+# IncludeCategories does not recognize <openssl/header.h>. We should
+# reconfigure IncludeCategories to match. For now, keep it at Preserve.
+IncludeBlocks: Preserve
+TypenameMacros: ['LHASH_OF', 'STACK_OF']
+StatementMacros:
+  - "DECLARE_ASN1_ALLOC_FUNCTIONS"
+  - "DECLARE_ASN1_ALLOC_FUNCTIONS_name"
+  - "DECLARE_ASN1_ENCODE_FUNCTIONS"
+  - "DECLARE_ASN1_ENCODE_FUNCTIONS_const"
+  - "DECLARE_ASN1_FUNCTIONS"
+  - "DECLARE_ASN1_FUNCTIONS_const"
+  - "DECLARE_ASN1_FUNCTIONS_fname"
+  - "DECLARE_ASN1_FUNCTIONS_name"
+  - "DECLARE_ASN1_PRINT_FUNCTION"
+  - "DECLARE_ASN1_PRINT_FUNCTION_fname"
+  - "DECLARE_PEM_read"
+  - "DECLARE_PEM_read_bio"
+  - "DECLARE_PEM_read_fp"
+  - "DECLARE_PEM_rw"
+  - "DECLARE_PEM_rw_cb"
+  - "DECLARE_PEM_rw_const"
+  - "DECLARE_PEM_write"
+  - "DECLARE_PEM_write_bio"
+  - "DECLARE_PEM_write_bio_const"
+  - "DECLARE_PEM_write_cb"
+  - "DECLARE_PEM_write_cb_bio"
+  - "DECLARE_PEM_write_cb_fp"
+  - "DECLARE_PEM_write_const"
+  - "DECLARE_PEM_write_fp"
+  - "DECLARE_PEM_write_fp_const"
+  - "IMPLEMENT_ASN1_ALLOC_FUNCTIONS"
+  - "IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname"
+  - "IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname"
+  - "IMPLEMENT_ASN1_DUP_FUNCTION"
+  - "IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname"
+  - "IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname"
+  - "IMPLEMENT_ASN1_FUNCTIONS"
+  - "IMPLEMENT_ASN1_FUNCTIONS_const"
+  - "IMPLEMENT_ASN1_FUNCTIONS_const_fname"
+  - "IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name"
+  - "IMPLEMENT_ASN1_FUNCTIONS_fname"
+  - "IMPLEMENT_ASN1_FUNCTIONS_name"
+  - "IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS"
+  - "IMPLEMENT_PEM_read"
+  - "IMPLEMENT_PEM_read_bio"
+  - "IMPLEMENT_PEM_read_fp"
+  - "IMPLEMENT_PEM_rw"
+  - "IMPLEMENT_PEM_rw_cb"
+  - "IMPLEMENT_PEM_rw_const"
+  - "IMPLEMENT_PEM_write"
+  - "IMPLEMENT_PEM_write_bio"
+  - "IMPLEMENT_PEM_write_bio_const"
+  - "IMPLEMENT_PEM_write_cb"
+  - "IMPLEMENT_PEM_write_cb_bio"
+  - "IMPLEMENT_PEM_write_cb_bio_const"
+  - "IMPLEMENT_PEM_write_cb_const"
+  - "IMPLEMENT_PEM_write_cb_fp"
+  - "IMPLEMENT_PEM_write_cb_fp_const"
+  - "IMPLEMENT_PEM_write_const"
+  - "IMPLEMENT_PEM_write_fp"
+  - "IMPLEMENT_PEM_write_fp_const"

.gitignore

@@ -11,13 +11,11 @@ doc/doc.css
 util/bot/android_ndk
 util/bot/android_sdk/public
 util/bot/cmake-linux64
-util/bot/cmake-linux64.tar.gz
 util/bot/cmake-mac
-util/bot/cmake-mac.tar.gz
 util/bot/cmake-win32
 util/bot/cmake-win32.zip
 util/bot/golang
-util/bot/gyp
+util/bot/libFuzzer
 util/bot/libcxx
 util/bot/libcxxabi
 util/bot/llvm-build

BUILDING.md

@@ -10,7 +10,7 @@ Unless otherwise noted, build tools must at most five years old, matching
 [Abseil guidelines](https://abseil.io/about/compatibility). If in doubt, use the
 most recent stable version of each tool.
 
-  * [CMake](https://cmake.org/download/) 3.0 or later is required.
+  * [CMake](https://cmake.org/download/) 3.5 or later is required.
 
   * A recent version of Perl is required. On Windows,
     [Active State Perl](http://www.activestate.com/activeperl/) has been
@@ -157,14 +157,6 @@ BoringSSL maintainers if making use of it.
 
 ## Known Limitations on Windows
 
-  * Versions of CMake since 3.0.2 have a bug in its Ninja generator that causes
-    yasm to output warnings
-
-        yasm: warning: can open only one input file, only the last file will be processed
-
-    These warnings can be safely ignored. The cmake bug is
-    http://www.cmake.org/Bug/view.php?id=15253.
-
   * CMake can generate Visual Studio projects, but the generated project files
     don't have steps for assembling the assembly language source files, so they
     currently cannot be used to build BoringSSL.

CMakeLists.txt

@@ -1,4 +1,4 @@
-cmake_minimum_required(VERSION 3.0)
+cmake_minimum_required(VERSION 3.5)
 
 # Defer enabling C and CXX languages.
 project(BoringSSL NONE)
@@ -261,11 +261,7 @@ if((CMAKE_COMPILER_IS_GNUCXX AND CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.7.9
 endif()
 
 if(CMAKE_COMPILER_IS_GNUCXX)
-  if((CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.8.99") OR CLANG)
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=c11")
-  else()
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=c99")
-  endif()
+  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=c11")
 endif()
 
 # pthread_rwlock_t requires a feature flag.
@@ -471,7 +467,7 @@ elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "amd64")
   set(ARCH "x86_64")
 elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "AMD64")
   # cmake reports AMD64 on Windows, but we might be building for 32-bit.
-  if(CMAKE_CL_64)
+  if(CMAKE_SIZEOF_VOID_P EQUAL 8)
     set(ARCH "x86_64")
   else()
     set(ARCH "x86")
@@ -484,6 +480,8 @@ elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "i686")
   set(ARCH "x86")
 elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "aarch64")
   set(ARCH "aarch64")
+elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "ARM64")
+  set(ARCH "aarch64")
 elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "arm64")
   set(ARCH "aarch64")
 # Apple A12 Bionic chipset which is added in iPhone XS/XS Max/XR uses arm64e architecture.
@@ -573,10 +571,21 @@ include_directories(third_party/googletest/include)
 # themselves as dependencies next to the target definition.
 add_custom_target(all_tests)
 
+# On Windows, CRYPTO_TEST_DATA is too long to fit in command-line limits.
+# TODO(davidben): CMake 3.12 has a list(JOIN) command. Use that when we've
+# updated the minimum version.
+set(EMBED_TEST_DATA_ARGS "")
+foreach(arg ${CRYPTO_TEST_DATA})
+  set(EMBED_TEST_DATA_ARGS "${EMBED_TEST_DATA_ARGS}${arg}\n")
+endforeach()
+file(WRITE "${CMAKE_CURRENT_BINARY_DIR}/embed_test_data_args.txt"
+     "${EMBED_TEST_DATA_ARGS}")
+
 add_custom_command(
   OUTPUT crypto_test_data.cc
-  COMMAND ${GO_EXECUTABLE} run util/embed_test_data.go ${CRYPTO_TEST_DATA} >
-  ${CMAKE_CURRENT_BINARY_DIR}/crypto_test_data.cc
+  COMMAND ${GO_EXECUTABLE} run util/embed_test_data.go -file-list
+          "${CMAKE_CURRENT_BINARY_DIR}/embed_test_data_args.txt" >
+          "${CMAKE_CURRENT_BINARY_DIR}/crypto_test_data.cc"
   DEPENDS util/embed_test_data.go ${CRYPTO_TEST_DATA}
   WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
 
@@ -625,15 +634,34 @@ if(FUZZ)
   add_subdirectory(fuzz)
 endif()
 
-if(NOT ${CMAKE_VERSION} VERSION_LESS "3.2")
-  # USES_TERMINAL is only available in CMake 3.2 or later.
-  set(MAYBE_USES_TERMINAL USES_TERMINAL)
-endif()
-
 if(UNIX AND NOT APPLE AND NOT ANDROID)
   set(HANDSHAKER_ARGS "-handshaker-path" $<TARGET_FILE:handshaker>)
 endif()
 
+if(FIPS)
+  add_custom_target(
+    acvp_tests
+    COMMAND ${GO_EXECUTABLE} build -o ${CMAKE_BINARY_DIR}/acvptool
+            boringssl.googlesource.com/boringssl/util/fipstools/acvp/acvptool
+    COMMAND ${GO_EXECUTABLE} build -o ${CMAKE_BINARY_DIR}/testmodulewrapper
+            boringssl.googlesource.com/boringssl/util/fipstools/acvp/acvptool/testmodulewrapper
+    COMMAND cd util/fipstools/acvp/acvptool/test &&
+            ${GO_EXECUTABLE} run check_expected.go
+            -tool ${CMAKE_BINARY_DIR}/acvptool
+            -module-wrappers modulewrapper:$<TARGET_FILE:modulewrapper>,testmodulewrapper:${CMAKE_BINARY_DIR}/testmodulewrapper
+            -tests tests.json
+    WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
+    DEPENDS modulewrapper
+    USES_TERMINAL)
+
+  add_custom_target(
+    fips_specific_tests_if_any
+    DEPENDS acvp_tests
+  )
+else()
+  add_custom_target(fips_specific_tests_if_any)
+endif()
+
 add_custom_target(
     run_tests
     COMMAND ${GO_EXECUTABLE} run util/all_tests.go -build-dir
@@ -642,5 +670,5 @@ add_custom_target(
             ${GO_EXECUTABLE} test -shim-path $<TARGET_FILE:bssl_shim>
               ${HANDSHAKER_ARGS} ${RUNNER_ARGS}
     WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
-    DEPENDS all_tests bssl_shim handshaker
-    ${MAYBE_USES_TERMINAL})
+    DEPENDS all_tests bssl_shim handshaker fips_specific_tests_if_any
+    USES_TERMINAL)

FUZZING.md

@@ -42,11 +42,11 @@ These were determined by rounding up the length of the largest case in the corpu
 
 There are directories in `fuzz/` for each of the fuzzing tests which contain seed files for fuzzing. Some of the seed files were generated manually but many of them are “interesting” results generated by the fuzzing itself. (Where “interesting” means that it triggered a previously unknown path in the code.)
 
-## Minimising the corpuses
+## Minimising the corpora
 
 When a large number of new seeds are available, it's a good idea to minimise the corpus so that different seeds that trigger the same code paths can be deduplicated.
 
-In order to minimise all the corpuses, build for fuzzing and run `./fuzz/minimise_corpuses.sh`. Note that minimisation is, oddly, often not idempotent for unknown reasons.
+In order to minimise all the corpora, build for fuzzing and run `./fuzz/minimise_corpora.sh`. Note that minimisation is, oddly, often not idempotent for unknown reasons.
 
 ## Fuzzer mode
 

README.md

@@ -111,7 +111,7 @@ We regularly test the fork on Ubuntu 18.04 and above. Support for other platform
 On **Ubuntu**, you need to install the following packages:
 
 ```
-sudo apt install cmake gcc ninja-build libunwind-dev pkg-config python3 python3-psutil
+sudo apt install cmake gcc ninja-build libunwind-dev pkg-config python3 python3-psutil golang-go
 ```
 
 You will also need the latest version of the toolchain for the Go programming language, available [here](https://golang.org/dl/)
@@ -177,7 +177,7 @@ tool/bssl client -curves <KEX> -connect localhost:4433
 
 where `<KEX>` is one of the quantum-safe or hybrid key exchange algorithms listed in the [Supported Algorithms](#supported-algorithms) section above.
 
-You can also simply run `python3 oqs_scripts/oqs_try_handshake.py`, which will pick a random key-exchange and signature algorithm and will attempt a handshake between the TLS server and client with the chosen algorithms.
+You can also simply run `python3 oqs_scripts/try_handshake.py`, which will pick a random key-exchange and signature algorithm and will attempt a handshake between the TLS server and client with the chosen algorithms.
 
 ## Team
 

SANDBOXING.md

@@ -64,7 +64,12 @@ should ensure this regardless.
 Any BoringSSL function may draw entropy from the OS. On Windows, this uses
 `RtlGenRandom` and, on POSIX systems, this uses `getrandom`, `getentropy`, or a
 `read` from a file descriptor to `/dev/urandom`. These operations must succeed
-or BoringSSL will abort the process.
+or BoringSSL will abort the process. BoringSSL only probes for `getrandom`
+support once and assumes support is consistent for the lifetime of the address
+space (and any copies made via `fork`). If a syscall-filtering sandbox is
+enabled partway through this lifetime and changes whether `getrandom` works,
+BoringSSL may abort the process. Sandboxes are recommended to allow
+`getrandom`.
 
 Note even deterministic algorithms may require OS entropy. For example,
 RSASSA-PKCS1-v1_5 is deterministic, but BoringSSL draws entropy to implement