Upstream merge 2023-06-26 #1072
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dkostic
force-pushed
the
upstream-merge-2023-06-26
branch
from
60dd08d to
8800eac
Compare
torben-hansen
approved these changes
Jun 26, 2023
samuel40791765
approved these changes
Jun 26, 2023
Add a new flag, -shim-extra-flags, which allows specifying additional flags to pass to the shim binary on all invocations. These flags will be passed as the first flags to the shim in order to take advantage of some slightly confusing Go flag semantics. Change-Id: I382f47bfe2662903b43135fcb249b46646fc9e7b Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/59245 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com> (cherry picked from commit edf7662c8207b116f45e3b31f13c326916b93d34)
This can still be run like go run ../../util/convert_wycheproof. This is part of an attempt to reland 54b04fdc21d540a6e24f9ddb7ddc3e583518e24f, which ran into an issue with internal tooling that could not handle standalone Go files. Since the only such target we actually needed to run in that repository is convert_wycheproof, just promote it into its own package. Then we can stop trying to import util. Change-Id: I6237777dad09e5c81ad961816ce14a287ab2d46a Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/59185 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> Auto-Submit: David Benjamin <davidben@google.com> (cherry picked from commit 5748eb8a3314281151af1edc63ba58bfd7097d7d)
This reverts commit bab2f96e2637acb107fe9b099c58befbca918748. This clears the sea of red in my editor. Change-Id: I600ef6c36556fb526da729f0f0d8bc69db5c5a08 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/59186 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> (cherry picked from commit ece1f86968f576ec6876fc398fd191256ce31039)
This aligns the DLEQ proof portion of TRUST_TOKEN_pst_v1_voprf with draft-irtf-cfrg-voprf-21. The blind and finalize operations still differ. Additionally, as VOPRF doesn't include batched issuance, the issuance process around the DLEQ proof is adapted from draft-robert-privacypass-batched-tokens-01. Bug: chromium:1414562 Change-Id: If1c6de0f92089a826968a57279ae598ccf89ca3e Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/58906 Commit-Queue: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com> (cherry picked from commit 4b6d950d8921d6dd5365de0797fcc97302b9561b)
When building BCM sources individually, this gets missed. Change-Id: I58858da441daaeffc5e54b653f5436fe817c4178 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/59306 Auto-Submit: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> (cherry picked from commit a0afd6ae2cbfcdfc56a355f4b53a6c2583414634)
Prior to https://boringssl-review.googlesource.com/c/boringssl/+/58548, ASN1_item_sign_ctx returned the length of the signature on success. It's unclear why anyone would ever want this, but some test was sensitive to it. (I think it was a typo.) Restore the old behavior. Change-Id: Ibf3e45331a339226744d51df703634d02b08a7c4 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/59307 Reviewed-by: Bob Beck <bbe@google.com> Auto-Submit: David Benjamin <davidben@google.com> Commit-Queue: Bob Beck <bbe@google.com> (cherry picked from commit 0c7527bb3a34a95387856827702bbb46c408457d)
The reason to make it a package was to avoid needing this, but I missed that git put it back. Change-Id: Idd6df275aa964083db525d4d5e300128b204d973 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/59305 Commit-Queue: Bob Beck <bbe@google.com> Reviewed-by: Bob Beck <bbe@google.com> Auto-Submit: David Benjamin <davidben@google.com> (cherry picked from commit b352546be44551f5aabc428ac4d0cc161cd1b2ec)
We have since added an implementation of a subset of the SSL BIO, but we don't implement all the features, notably some of the BIO_ctrl values. Remove them, so it doesn't look like they should work. Update-Note: I found no code using those symbols (that we build). If anything was, they most likely were broken. Now they'll fail to build and the brokenness will be more obvious. (If we find something needs it, we can always go back and implement them.) Fixed: 420 Change-Id: Iad03fa65f098023dca555a9b2ac0214ba4264546 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/59125 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> Auto-Submit: David Benjamin <davidben@google.com> (cherry picked from commit 691e45a9718e5e326b9af9843ab240fae8a07481)
dkostic
force-pushed
the
upstream-merge-2023-06-26
branch
from
8800eac to
b378a91
Compare
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
UPSTREAM MERGE, DO NOT SQUASH.
Issues:
Resolves #ISSUE-NUMBER1
Addresses #ISSUE-NUMBER2
Description of changes:
Describe AWS-LC’s current behavior and how your code changes that behavior. If there are no issues this pr is resolving, explain why this change is necessary.
Call-outs:
Point out areas that need special attention or support during the review process. Discuss architecture or design changes.
Testing:
How is this change tested (unit tests, fuzz tests, etc.)? Are there any testing steps to be verified by the reviewer?
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.