Merge remote-tracking branch 'upstream/main' into current-upstream-me…

…rge-20220411

.github/ISSUE_TEMPLATE/build-issue.md

@@ -9,7 +9,7 @@ assignees: ''
 
 ### Problem:
 
-A short description of the problem you are facing. Please include any build output and reproduction steps.
+A short description of the problem you are facing. Please include any build output, reproduction steps and environment(e.g. [Docker image](https://github.com/awslabs/aws-lc/blame/e7413d237bb60bf639e78aa43ff3c1b1783f0712/tests/ci/docker_images/linux-x86/ubuntu-20.04_base/Dockerfile)).
 
 #### Relevant details
 AWS-LC commit: (6b1bce0...)

.gitignore

@@ -31,6 +31,8 @@ util/bot/sde-win32.tar.xz
 util/bot/win_toolchain.json
 util/bot/yasm-win32.exe
 
-test_build_dir
+test_build_dir/
+cmake-build-debug/
+symbols.txt
 
 .DS_Store

CMakeLists.txt

@@ -128,17 +128,25 @@ if(BORINGSSL_PREFIX AND BORINGSSL_PREFIX_SYMBOLS AND GO_EXECUTABLE)
   # CMake automatically connects include_directories to the NASM command-line,
   # but not add_definitions.
   set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DBORINGSSL_PREFIX=${BORINGSSL_PREFIX}")
+  set(CMAKE_ASM_FLAGS "${CMAKE_ASM_FLAGS} -DBORINGSSL_PREFIX=${BORINGSSL_PREFIX}")
 
   # Use "symbol_prefix_include" to store generated header files
   include_directories(${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include)
+
+  if(IS_ABSOLUTE ${BORINGSSL_PREFIX_SYMBOLS})
+    set(BORINGSSL_PREFIX_SYMBOLS_PATH ${BORINGSSL_PREFIX_SYMBOLS})
+  else()
+    set(BORINGSSL_PREFIX_SYMBOLS_PATH ${CMAKE_BINARY_DIR}/${BORINGSSL_PREFIX_SYMBOLS})
+  endif()
+
   add_custom_command(
     OUTPUT symbol_prefix_include/boringssl_prefix_symbols.h
            symbol_prefix_include/boringssl_prefix_symbols_asm.h
            symbol_prefix_include/boringssl_prefix_symbols_nasm.inc
     COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include
-    COMMAND ${GO_EXECUTABLE} run ${CMAKE_CURRENT_SOURCE_DIR}/util/make_prefix_headers.go -out ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include ${BORINGSSL_PREFIX_SYMBOLS}
+    COMMAND ${GO_EXECUTABLE} run ${CMAKE_CURRENT_SOURCE_DIR}/util/make_prefix_headers.go -out ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include ${BORINGSSL_PREFIX_SYMBOLS_PATH}
     DEPENDS util/make_prefix_headers.go
-            ${CMAKE_BINARY_DIR}/${BORINGSSL_PREFIX_SYMBOLS})
+            ${BORINGSSL_PREFIX_SYMBOLS_PATH})
 
   # add_dependencies needs a target, not a file, so we add an intermediate
   # target.
@@ -196,6 +204,7 @@ endmacro()
 option(MY_ASSEMBLER_IS_TOO_OLD_FOR_AVX "Exclude AVX code from the build" OFF)
 if(MY_ASSEMBLER_IS_TOO_OLD_FOR_AVX)
   add_definitions(-DMY_ASSEMBLER_IS_TOO_OLD_FOR_AVX)
+  message(STATUS "MY_ASSEMBLER_IS_TOO_OLD_FOR_AVX selected, removing AVX optimisations")
 endif()
 
 # Detect if memcmp is wrongly stripped like strcmp.
@@ -232,8 +241,8 @@ if(GCC OR CLANG)
   set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=c99")
 
   # TODO(CryptoAlg-759): enable '-Wpedantic' if awslc has to follow c99 spec.
-  if(CLANG OR (GCC AND CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.1.2"))
-    # GCC 4.1.2 and below do not support all of these flags or they raise false positives.
+  if(CLANG OR (GCC AND CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.1.3"))
+    # GCC 4.1.3 and below do not support all of these flags or they raise false positives.
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fvisibility=hidden -Wall -Wextra -Wno-unused-parameter -Werror")
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wunused -Wcomment -Wchar-subscripts -Wuninitialized -Wshadow")
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wwrite-strings -Wformat-security -Wunused-result")
@@ -267,9 +276,9 @@ if(GCC OR CLANG)
 
   if(CLANG)
     set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wnewline-eof -fcolor-diagnostics")
-  elseif(CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.1.2")
+  elseif(CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.1.3")
     # GCC (at least 4.8.4) has a bug where it'll find unreachable free() calls
-    # and declare that the code is trying to free a stack pointer. GCC 4.1.2 and lower
+    # and declare that the code is trying to free a stack pointer. GCC 4.1.3 and lower
     # doesn't support this flag and can't use it.
     set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wno-free-nonheap-object")
   endif()
@@ -307,7 +316,7 @@ if(GCC OR CLANG)
     set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wmissing-prototypes")
   endif()
 
-  if(GCC AND "4.8" VERSION_GREATER CMAKE_C_COMPILER_VERSION AND CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.1.2")
+  if(GCC AND "4.8" VERSION_GREATER CMAKE_C_COMPILER_VERSION AND CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.1.3")
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-array-bounds")
   endif()
 
@@ -363,7 +372,14 @@ elseif(MSVC)
       "C5027" # move assignment operator was implicitly defined as deleted
       "C5045" # Compiler will insert Spectre mitigation for memory load if
               # /Qspectre switch specified
-      )
+      "C4255" # no function prototype given: converting '()' to '(void)'
+      "C4152" # non standard extension, function/data ptr conversion in expression
+              # used in bcm.c to check functions are inside the FIPS module memory region
+      "C4295" # array is too small to include a terminating null character
+      "C4701" # potentially uninitialized local
+      "C4505" # unreferenced local function has been removed
+      "C4702" # unreachable code in bcm.c power on tests
+          )
   set(MSVC_LEVEL4_WARNINGS_LIST
       # See https://connect.microsoft.com/VisualStudio/feedback/details/1217660/warning-c4265-when-using-functional-header
       "C4265" # class has virtual functions, but destructor is not virtual
@@ -528,7 +544,7 @@ if(FIPS)
       set(FIPS_DELOCATE "1")
     endif()
   endif()
-  if(FIPS_SHARED)
+  if(FIPS_SHARED AND ANDROID)
     # The Android CMake files set -ffunction-sections and -fdata-sections,
     # which is incompatible with FIPS_SHARED.
     set(CMAKE_C_FLAGS
@@ -751,11 +767,13 @@ if(BUILD_TESTING)
     set(RANDOM_TEST_EXEC urandom_test.so)
     set(SSL_TEST_EXEC ssl_test.so)
     set(DECREPIT_TEST_EXEC decrepit_test.so)
+    set(MEM_TEST_EXEC mem_test.so)
   else()
     set(CRYPTO_TEST_EXEC crypto_test)
     set(RANDOM_TEST_EXEC urandom_test)
     set(SSL_TEST_EXEC ssl_test)
     set(DECREPIT_TEST_EXEC decrepit_test)
+    set(MEM_TEST_EXEC mem_test)
   endif()
 endif()
 
@@ -817,16 +835,23 @@ endif()
 if(BUILD_TESTING)
   if(GO_EXECUTABLE)
     if(FIPS)
+      if(MSVC)
+        set(ACVP_TOOL ${CMAKE_BINARY_DIR}/acvptool.exe)
+        set(TEST_WRAPPER ${CMAKE_BINARY_DIR}/testmodulewrapper.exe)
+      else()
+        set(ACVP_TOOL ${CMAKE_BINARY_DIR}/acvptool)
+        set(TEST_WRAPPER ${CMAKE_BINARY_DIR}/testmodulewrapper)
+      endif()
       add_custom_target(
         acvp_tests
-        COMMAND ${GO_EXECUTABLE} build -o ${CMAKE_BINARY_DIR}/acvptool
+        COMMAND ${GO_EXECUTABLE} build -o ${ACVP_TOOL}
                 boringssl.googlesource.com/boringssl/util/fipstools/acvp/acvptool
-        COMMAND ${GO_EXECUTABLE} build -o ${CMAKE_BINARY_DIR}/testmodulewrapper
+        COMMAND ${GO_EXECUTABLE} build -o ${TEST_WRAPPER}
                 boringssl.googlesource.com/boringssl/util/fipstools/acvp/acvptool/testmodulewrapper
         COMMAND cd util/fipstools/acvp/acvptool/test &&
                 ${GO_EXECUTABLE} run check_expected.go
-                -tool ${CMAKE_BINARY_DIR}/acvptool
-                -module-wrappers modulewrapper:$<TARGET_FILE:modulewrapper>,testmodulewrapper:${CMAKE_BINARY_DIR}/testmodulewrapper
+                -tool ${ACVP_TOOL}
+                -module-wrappers modulewrapper:$<TARGET_FILE:modulewrapper>,testmodulewrapper:${TEST_WRAPPER}
                 -tests tests.json
         WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
         DEPENDS modulewrapper
@@ -910,3 +935,18 @@ endif()
 if(NOT MSVC AND NOT CLANG AND NOT GCC)
   message(STATUS "Alternative compiler '${CMAKE_C_COMPILER_ID}' detected. Not all flags may be set, check final options with 'cmake --build . -- VERBOSE=1'")
 endif()
+
+# Parse |OPENSSL_VERSION_NUMBER| in both files and make sure they match.
+# |OPENSSL_VERSION_NUMBER| exists in `opensslv.h` only to support
+# MySQL's CMake build.
+FILE(STRINGS "include/openssl/base.h"
+      BASE_VERSION_NUMBER
+      REGEX "^#[ ]*define[\t ]+OPENSSL_VERSION_NUMBER[\t ]+0x[0-9].*"
+      )
+FILE(STRINGS "include/openssl/opensslv.h"
+      OPENSSLV_VERSION_NUMBER
+      REGEX "^#[ ]*define[\t ]+OPENSSL_VERSION_NUMBER[\t ]+0x[0-9].*"
+      )
+if(NOT ${BASE_VERSION_NUMBER} MATCHES ${OPENSSLV_VERSION_NUMBER})
+  message( FATAL_ERROR "OPENSSL_VERSION_NUMBER in base.h and opensslv.h should match.")
+endif()

crypto/CMakeLists.txt

@@ -33,7 +33,9 @@ if(NOT OPENSSL_NO_ASM)
     set(CMAKE_ASM_FLAGS "${CMAKE_ASM_FLAGS} -Wa,--noexecstack")
 
     # Clang's integerated assembler does not support debug symbols.
-    if(NOT CMAKE_ASM_COMPILER_ID MATCHES "Clang")
+    if (CMAKE_ASM_COMPILER_ID MATCHES "Clang" OR CMAKE_ASM_COMPILER MATCHES "clang")
+      message(STATUS "Disabling debug symbols for Clang internal assembler")
+    else()
       set(CMAKE_ASM_FLAGS "${CMAKE_ASM_FLAGS} -Wa,-g")
     endif()
 
@@ -101,6 +103,10 @@ if(PERL_EXECUTABLE)
   perlasm(cipher_extra/aes128gcmsiv-x86_64.${ASM_EXT} cipher_extra/asm/aes128gcmsiv-x86_64.pl)
   perlasm(cipher_extra/chacha20_poly1305_x86_64.${ASM_EXT} cipher_extra/asm/chacha20_poly1305_x86_64.pl)
   perlasm(cipher_extra/chacha20_poly1305_armv8.${ASM_EXT} cipher_extra/asm/chacha20_poly1305_armv8.pl)
+  if(NOT MY_ASSEMBLER_IS_TOO_OLD_FOR_AVX)
+      perlasm(cipher_extra/aesni-sha1-x86_64.${ASM_EXT} cipher_extra/asm/aesni-sha1-x86_64.pl)
+      perlasm(cipher_extra/aesni-sha256-x86_64.${ASM_EXT} cipher_extra/asm/aesni-sha256-x86_64.pl)
+  endif()
   perlasm(test/trampoline-armv4.${ASM_EXT} test/asm/trampoline-armv4.pl)
   perlasm(test/trampoline-armv8.${ASM_EXT} test/asm/trampoline-armv8.pl)
   perlasm(test/trampoline-ppc.${ASM_EXT} test/asm/trampoline-ppc.pl)
@@ -133,13 +139,13 @@ endif()
 add_subdirectory(fipsmodule)
 
 if(FIPS_DELOCATE OR FIPS_SHARED)
-  SET_SOURCE_FILES_PROPERTIES(fipsmodule/bcm.o PROPERTIES EXTERNAL_OBJECT true)
-  SET_SOURCE_FILES_PROPERTIES(fipsmodule/bcm.o PROPERTIES GENERATED true)
+  SET_SOURCE_FILES_PROPERTIES(fipsmodule/${BCM_NAME} PROPERTIES EXTERNAL_OBJECT true)
+  SET_SOURCE_FILES_PROPERTIES(fipsmodule/${BCM_NAME} PROPERTIES GENERATED true)
 
   set(
     CRYPTO_FIPS_OBJECTS
 
-    fipsmodule/bcm.o
+    fipsmodule/${BCM_NAME}
   )
 endif()
 
@@ -182,15 +188,34 @@ if(ARCH STREQUAL "x86")
 endif()
 
 if(ARCH STREQUAL "x86_64")
-  set(
-    CRYPTO_ARCH_SOURCES
-
-    chacha/chacha-x86_64.${ASM_EXT}
-    cipher_extra/chacha20_poly1305_x86_64.${ASM_EXT}
-    cipher_extra/aes128gcmsiv-x86_64.${ASM_EXT}
-    test/trampoline-x86_64.${ASM_EXT}
-    hrss/asm/poly_rq_mul.S
-  )
+  if(MY_ASSEMBLER_IS_TOO_OLD_FOR_AVX)
+    # CryptoAlg-1091:
+    # Stitch code |aesni-sha1/256-x86_64.${ASM_EXT}| are not enabled due
+    # to some build issues and lack of tools to measure the performance gap.
+    # The disable is safer choice because |EVP_aes_128/256_cbc_hmac_sha1/256|
+    # are deprecated.
+    set(
+      CRYPTO_ARCH_SOURCES
+
+      chacha/chacha-x86_64.${ASM_EXT}
+      cipher_extra/chacha20_poly1305_x86_64.${ASM_EXT}
+      cipher_extra/aes128gcmsiv-x86_64.${ASM_EXT}
+      test/trampoline-x86_64.${ASM_EXT}
+      hrss/asm/poly_rq_mul.S
+    )
+  else()
+    set(
+      CRYPTO_ARCH_SOURCES
+
+      chacha/chacha-x86_64.${ASM_EXT}
+      cipher_extra/chacha20_poly1305_x86_64.${ASM_EXT}
+      cipher_extra/aes128gcmsiv-x86_64.${ASM_EXT}
+      cipher_extra/aesni-sha1-x86_64.${ASM_EXT}
+      cipher_extra/aesni-sha256-x86_64.${ASM_EXT}
+      test/trampoline-x86_64.${ASM_EXT}
+      hrss/asm/poly_rq_mul.S
+    )
+  endif()
 endif()
 
 if(GO_EXECUTABLE)
@@ -287,6 +312,8 @@ add_library(
   cipher_extra/e_aesctrhmac.c
   cipher_extra/e_aesgcmsiv.c
   cipher_extra/e_chacha20poly1305.c
+  cipher_extra/e_aes_cbc_hmac_sha1.c
+  cipher_extra/e_aes_cbc_hmac_sha256.c
   cipher_extra/e_des.c
   cipher_extra/e_null.c
   cipher_extra/e_rc2.c
@@ -452,6 +479,7 @@ add_library(
   x509v3/v3_purp.c
   x509v3/v3_skey.c
   x509v3/v3_utl.c
+  xts/xts.c
 
   ${CRYPTO_ARCH_SOURCES}
 )
@@ -481,33 +509,49 @@ function(build_libcrypto name module_source)
           $<INSTALL_INTERFACE:include>)
 endfunction()
 
-build_libcrypto(crypto $<TARGET_OBJECTS:fipsmodule>)
-
 if(FIPS_SHARED)
-  # Rewrite libcrypto.so (or libcrypto.dylib) to inject the correct module
-  # hash value. For now we support the FIPS build only on Linux, macOS and iOS.
+  # Rewrite libcrypto.so, libcrypto.dylib, or crypto.dll to inject the correct module
+  # hash value. For now we support the FIPS build only on Linux, macOS, iOS, and Windows.
+  if(MSVC)
+    # On Windows we use capture_hash.go to capture the computed integrity value that bcm.o prints to generate the
+    # correct value in generated_fips_shared_support.c. See FIPS.md for a full explanation of the process
+    build_libcrypto(precrypto $<TARGET_OBJECTS:fipsmodule>)
+    add_executable(fips_empty_main fipsmodule/fips_empty_main.c)
+    target_link_libraries(fips_empty_main PUBLIC precrypto)
+    add_custom_command(OUTPUT generated_fips_shared_support.c
+            COMMAND ${GO_EXECUTABLE} run
+            ${PROJECT_SOURCE_DIR}/util/fipstools/capture_hash/capture_hash.go
+            -in-executable $<TARGET_FILE:fips_empty_main> > generated_fips_shared_support.c
+            WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
+            DEPENDS fips_empty_main ${PROJECT_SOURCE_DIR}/util/fipstools/capture_hash/capture_hash.go
+            )
+    add_library(generated_fipsmodule OBJECT generated_fips_shared_support.c)
+    build_libcrypto(crypto $<TARGET_OBJECTS:generated_fipsmodule>)
+  else()
+    # On Apple and Linux platforms inject_hash.go can parse libcrypto and inject the hash directly into the final
+    # library.
+    build_libcrypto(crypto $<TARGET_OBJECTS:fipsmodule>)
+    if (APPLE)
+      set(INJECT_HASH_APPLE_FLAG "-apple")
+    endif()
 
-  if (APPLE)
-    set(INJECT_HASH_APPLE_FLAG "-apple")
+    add_custom_command(
+      TARGET crypto POST_BUILD
+      COMMAND ${GO_EXECUTABLE} run
+      ${PROJECT_SOURCE_DIR}/util/fipstools/inject_hash/inject_hash.go
+      -o $<TARGET_FILE:crypto> -in-object $<TARGET_FILE:crypto>
+      -sha256 ${INJECT_HASH_APPLE_FLAG}
+      # The DEPENDS argument to a POST_BUILD rule appears to be ignored. Thus
+      # go_executable isn't used (as it doesn't get built), but we list this
+      # dependency anyway in case it starts working in some CMake version.
+      DEPENDS ../util/fipstools/inject_hash/inject_hash.go
+      WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}
+    )
   endif()
-
-  add_custom_command(
-    TARGET crypto POST_BUILD
-    COMMAND ${GO_EXECUTABLE} run
-    ${PROJECT_SOURCE_DIR}/util/fipstools/inject_hash/inject_hash.go
-    -o $<TARGET_FILE:crypto> -in-object $<TARGET_FILE:crypto>
-    ${INJECT_HASH_APPLE_FLAG}
-    # The DEPENDS argument to a POST_BUILD rule appears to be ignored. Thus
-    # go_executable isn't used (as it doesn't get built), but we list this
-    # dependency anyway in case it starts working in some CMake version.
-    DEPENDS ../util/fipstools/inject_hash/inject_hash.go
-    WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}
-  )
+else()
+  build_libcrypto(crypto $<TARGET_OBJECTS:fipsmodule>)
 endif()
 
-
-
-
 # Every target depends on crypto, so we add libcxx as a dependency here to
 # simplify injecting it everywhere.
 if(USE_CUSTOM_LIBCXX)
@@ -522,6 +566,12 @@ endif()
 if(BUILD_TESTING)
   add_subdirectory(test)
 
+  add_executable(${MEM_TEST_EXEC} mem_test.cc $<TARGET_OBJECTS:boringssl_gtest_main>)
+  target_compile_definitions(${MEM_TEST_EXEC} PRIVATE BORINGSSL_IMPLEMENTATION)
+  add_dependencies(${MEM_TEST_EXEC} global_target)
+  target_link_libraries(${MEM_TEST_EXEC} test_support_lib boringssl_gtest crypto)
+  add_dependencies(all_tests ${MEM_TEST_EXEC})
+
   # urandom_test is a separate binary because it needs to be able to observe the
   # PRNG initialisation, which means that it can't have other tests running before
   # it does.
@@ -613,6 +663,7 @@ if(BUILD_TESTING)
     x509/x509_test.cc
     x509/x509_time_test.cc
     x509v3/tab_test.cc
+    xts/xts_test.cc
 
     $<TARGET_OBJECTS:crypto_test_data>
     $<TARGET_OBJECTS:boringssl_gtest_main>