Update BoringSSL to 2042972e8458833714bce23386931b1c79978439 (#334)

Package.swift

@@ -26,7 +26,7 @@ import class Foundation.ProcessInfo
 // Sources/CNIOBoringSSL directory. The source repository is at
 // https://boringssl.googlesource.com/boringssl.
 //
-// BoringSSL Commit: 3a667d10e94186fd503966f5638e134fe9fb4080
+// BoringSSL Commit: 2042972e8458833714bce23386931b1c79978439
 
 /// This function generates the dependencies we want to express.
 ///

Sources/CNIOBoringSSL/crypto/err/err.c

@@ -745,6 +745,22 @@ void ERR_add_error_dataf(const char *format, ...) {
   err_set_error_data(buf);
 }
 
+void ERR_set_error_data(char *data, int flags) {
+  if (!(flags & ERR_FLAG_STRING)) {
+    // We do not support non-string error data.
+    assert(0);
+    return;
+  }
+  if (flags & ERR_FLAG_MALLOCED) {
+    err_set_error_data(data);
+  } else {
+    char *copy = OPENSSL_strdup(data);
+    if (copy != NULL) {
+      err_set_error_data(copy);
+    }
+  }
+}
+
 int ERR_set_mark(void) {
   ERR_STATE *const state = err_get_state();
 

Sources/CNIOBoringSSL/crypto/fipsmodule/bn/prime.c

@@ -359,6 +359,18 @@ static int probable_prime_dh(BIGNUM *rnd, int bits, const BIGNUM *add,
 static int probable_prime_dh_safe(BIGNUM *rnd, int bits, const BIGNUM *add,
                                   const BIGNUM *rem, BN_CTX *ctx);
 
+BN_GENCB *BN_GENCB_new(void) {
+  BN_GENCB *callback = OPENSSL_malloc(sizeof(BN_GENCB));
+  if (callback == NULL) {
+    OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE);
+    return NULL;
+  }
+  OPENSSL_memset(callback, 0, sizeof(BN_GENCB));
+  return callback;
+}
+
+void BN_GENCB_free(BN_GENCB *callback) { OPENSSL_free(callback); }
+
 void BN_GENCB_set(BN_GENCB *callback,
                   int (*f)(int event, int n, struct bn_gencb_st *),
                   void *arg) {

Sources/CNIOBoringSSL/crypto/fipsmodule/rsa/rsa.c

@@ -930,6 +930,8 @@ int RSA_private_transform(RSA *rsa, uint8_t *out, const uint8_t *in,
 
 int RSA_flags(const RSA *rsa) { return rsa->flags; }
 
+int RSA_test_flags(const RSA *rsa, int flags) { return rsa->flags & flags; }
+
 int RSA_blinding_on(RSA *rsa, BN_CTX *ctx) {
   return 1;
 }

Sources/CNIOBoringSSL/crypto/x509/internal.h

@@ -179,6 +179,16 @@ struct X509_req_st {
   CRYPTO_refcount_t references;
 } /* X509_REQ */;
 
+struct x509_revoked_st {
+  ASN1_INTEGER *serialNumber;
+  ASN1_TIME *revocationDate;
+  STACK_OF(X509_EXTENSION) /* optional */ *extensions;
+  // Set up if indirect CRL
+  STACK_OF(GENERAL_NAME) *issuer;
+  // Revocation reason
+  int reason;
+} /* X509_REVOKED */;
+
 typedef struct {
   ASN1_INTEGER *version;
   X509_ALGOR *sig_alg;

Sources/CNIOBoringSSL/crypto/x509/t_crl.c

@@ -116,12 +116,12 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
     for (i = 0; i < sk_X509_REVOKED_num(rev); i++) {
         r = sk_X509_REVOKED_value(rev, i);
         BIO_printf(out, "    Serial Number: ");
-        i2a_ASN1_INTEGER(out, r->serialNumber);
+        i2a_ASN1_INTEGER(out, X509_REVOKED_get0_serialNumber(r));
         BIO_printf(out, "\n        Revocation Date: ");
-        ASN1_TIME_print(out, r->revocationDate);
+        ASN1_TIME_print(out, X509_REVOKED_get0_revocationDate(r));
         BIO_printf(out, "\n");
         X509V3_extensions_print(out, "CRL entry extensions",
-                                r->extensions, 0, 8);
+                                X509_REVOKED_get0_extensions(r), 0, 8);
     }
     X509_signature_print(out, sig_alg, signature);
 

Sources/CNIOBoringSSL/crypto/x509/x509cset.c

@@ -116,16 +116,8 @@ int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm)
 
 int X509_CRL_sort(X509_CRL *c)
 {
-    size_t i;
-    X509_REVOKED *r;
-    /*
-     * sort the data so it will be written in serial number order
-     */
+    /* Sort the data so it will be written in serial number order. */
     sk_X509_REVOKED_sort(c->crl->revoked);
-    for (i = 0; i < sk_X509_REVOKED_num(c->crl->revoked); i++) {
-        r = sk_X509_REVOKED_value(c->crl->revoked, i);
-        r->sequence = i;
-    }
     c->crl->enc.modified = 1;
     return 1;
 }

Sources/CNIOBoringSSL/hash.txt

@@ -1 +1 @@
-This directory is derived from BoringSSL cloned from https://boringssl.googlesource.com/boringssl at revision 3a667d10e94186fd503966f5638e134fe9fb4080
+This directory is derived from BoringSSL cloned from https://boringssl.googlesource.com/boringssl at revision 2042972e8458833714bce23386931b1c79978439

Sources/CNIOBoringSSL/include/CNIOBoringSSL_bn.h

@@ -658,6 +658,14 @@ struct bn_gencb_st {
   int (*callback)(int event, int n, struct bn_gencb_st *);
 };
 
+// BN_GENCB_new returns a newly-allocated |BN_GENCB| object, or NULL on
+// allocation failure. The result must be released with |BN_GENCB_free| when
+// done.
+OPENSSL_EXPORT BN_GENCB *BN_GENCB_new(void);
+
+// BN_GENCB_free releases memory associated with |callback|.
+OPENSSL_EXPORT void BN_GENCB_free(BN_GENCB *callback);
+
 // BN_GENCB_set configures |callback| to call |f| and sets |callout->arg| to
 // |arg|.
 OPENSSL_EXPORT void BN_GENCB_set(BN_GENCB *callback,

Sources/CNIOBoringSSL/include/CNIOBoringSSL_boringssl_prefix_symbols.h

@@ -316,6 +316,8 @@
 #define BN_CTX_new BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, BN_CTX_new)
 #define BN_CTX_start BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, BN_CTX_start)
 #define BN_GENCB_call BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, BN_GENCB_call)
+#define BN_GENCB_free BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, BN_GENCB_free)
+#define BN_GENCB_new BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, BN_GENCB_new)
 #define BN_GENCB_set BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, BN_GENCB_set)
 #define BN_MONT_CTX_copy BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, BN_MONT_CTX_copy)
 #define BN_MONT_CTX_free BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, BN_MONT_CTX_free)
@@ -888,6 +890,7 @@
 #define ERR_remove_thread_state BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ERR_remove_thread_state)
 #define ERR_restore_state BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ERR_restore_state)
 #define ERR_save_state BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ERR_save_state)
+#define ERR_set_error_data BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ERR_set_error_data)
 #define ERR_set_mark BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ERR_set_mark)
 #define EVP_AEAD_CTX_aead BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, EVP_AEAD_CTX_aead)
 #define EVP_AEAD_CTX_cleanup BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, EVP_AEAD_CTX_cleanup)
@@ -1591,6 +1594,7 @@
 #define RSA_sign_pss_mgf1 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RSA_sign_pss_mgf1)
 #define RSA_sign_raw BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RSA_sign_raw)
 #define RSA_size BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RSA_size)
+#define RSA_test_flags BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RSA_test_flags)
 #define RSA_up_ref BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RSA_up_ref)
 #define RSA_verify BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RSA_verify)
 #define RSA_verify_PKCS1_PSS_mgf1 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RSA_verify_PKCS1_PSS_mgf1)
@@ -2030,6 +2034,7 @@
 #define SSL_set1_curves_list BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, SSL_set1_curves_list)
 #define SSL_set1_delegated_credential BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, SSL_set1_delegated_credential)
 #define SSL_set1_ech_config_list BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, SSL_set1_ech_config_list)
+#define SSL_set1_host BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, SSL_set1_host)
 #define SSL_set1_param BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, SSL_set1_param)
 #define SSL_set1_sigalgs BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, SSL_set1_sigalgs)
 #define SSL_set1_sigalgs_list BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, SSL_set1_sigalgs_list)
@@ -2051,6 +2056,7 @@
 #define SSL_set_ex_data BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, SSL_set_ex_data)
 #define SSL_set_fd BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, SSL_set_fd)
 #define SSL_set_handshake_hints BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, SSL_set_handshake_hints)
+#define SSL_set_hostflags BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, SSL_set_hostflags)
 #define SSL_set_info_callback BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, SSL_set_info_callback)
 #define SSL_set_jdk11_workaround BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, SSL_set_jdk11_workaround)
 #define SSL_set_max_cert_list BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, SSL_set_max_cert_list)

Sources/CNIOBoringSSL/include/CNIOBoringSSL_boringssl_prefix_symbols_asm.h

@@ -321,6 +321,8 @@
 #define _BN_CTX_new BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, BN_CTX_new)
 #define _BN_CTX_start BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, BN_CTX_start)
 #define _BN_GENCB_call BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, BN_GENCB_call)
+#define _BN_GENCB_free BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, BN_GENCB_free)
+#define _BN_GENCB_new BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, BN_GENCB_new)
 #define _BN_GENCB_set BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, BN_GENCB_set)
 #define _BN_MONT_CTX_copy BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, BN_MONT_CTX_copy)
 #define _BN_MONT_CTX_free BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, BN_MONT_CTX_free)
@@ -893,6 +895,7 @@
 #define _ERR_remove_thread_state BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, ERR_remove_thread_state)
 #define _ERR_restore_state BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, ERR_restore_state)
 #define _ERR_save_state BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, ERR_save_state)
+#define _ERR_set_error_data BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, ERR_set_error_data)
 #define _ERR_set_mark BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, ERR_set_mark)
 #define _EVP_AEAD_CTX_aead BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, EVP_AEAD_CTX_aead)
 #define _EVP_AEAD_CTX_cleanup BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, EVP_AEAD_CTX_cleanup)
@@ -1596,6 +1599,7 @@
 #define _RSA_sign_pss_mgf1 BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, RSA_sign_pss_mgf1)
 #define _RSA_sign_raw BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, RSA_sign_raw)
 #define _RSA_size BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, RSA_size)
+#define _RSA_test_flags BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, RSA_test_flags)
 #define _RSA_up_ref BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, RSA_up_ref)
 #define _RSA_verify BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, RSA_verify)
 #define _RSA_verify_PKCS1_PSS_mgf1 BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, RSA_verify_PKCS1_PSS_mgf1)
@@ -2035,6 +2039,7 @@
 #define _SSL_set1_curves_list BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, SSL_set1_curves_list)
 #define _SSL_set1_delegated_credential BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, SSL_set1_delegated_credential)
 #define _SSL_set1_ech_config_list BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, SSL_set1_ech_config_list)
+#define _SSL_set1_host BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, SSL_set1_host)
 #define _SSL_set1_param BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, SSL_set1_param)
 #define _SSL_set1_sigalgs BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, SSL_set1_sigalgs)
 #define _SSL_set1_sigalgs_list BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, SSL_set1_sigalgs_list)
@@ -2056,6 +2061,7 @@
 #define _SSL_set_ex_data BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, SSL_set_ex_data)
 #define _SSL_set_fd BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, SSL_set_fd)
 #define _SSL_set_handshake_hints BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, SSL_set_handshake_hints)
+#define _SSL_set_hostflags BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, SSL_set_hostflags)
 #define _SSL_set_info_callback BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, SSL_set_info_callback)
 #define _SSL_set_jdk11_workaround BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, SSL_set_jdk11_workaround)
 #define _SSL_set_max_cert_list BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, SSL_set_max_cert_list)

Sources/CNIOBoringSSL/include/CNIOBoringSSL_err.h

@@ -183,6 +183,11 @@ OPENSSL_EXPORT uint32_t ERR_get_error_line(const char **file, int *line);
 // can be printed. This is always set if |data| is non-NULL.
 #define ERR_FLAG_STRING 1
 
+// ERR_FLAG_MALLOCED is passed into |ERR_set_error_data| to indicate that |data|
+// was allocated with |OPENSSL_malloc|. It is never returned from
+// |ERR_get_error_line_data|.
+#define ERR_FLAG_MALLOCED 2
+
 // ERR_get_error_line_data acts like |ERR_get_error_line|, but also returns the
 // error-specific data pointer and flags. The flags are a bitwise-OR of
 // |ERR_FLAG_*| values. The error-specific data is owned by the error queue
@@ -408,9 +413,10 @@ OPENSSL_EXPORT char *ERR_error_string(uint32_t packed_error, char *buf);
 // ERR_GET_FUNC returns zero. BoringSSL errors do not report a function code.
 #define ERR_GET_FUNC(packed_error) 0
 
-// ERR_TXT_STRING is provided for compatibility with code that assumes that
-// it's using OpenSSL.
+// ERR_TXT_* are provided for compatibility with code that assumes that it's
+// using OpenSSL.
 #define ERR_TXT_STRING ERR_FLAG_STRING
+#define ERR_TXT_MALLOCED ERR_FLAG_MALLOCED
 
 
 // Private functions.
@@ -444,6 +450,17 @@ OPENSSL_EXPORT void ERR_add_error_data(unsigned count, ...);
 OPENSSL_EXPORT void ERR_add_error_dataf(const char *format, ...)
     OPENSSL_PRINTF_FORMAT_FUNC(1, 2);
 
+// ERR_set_error_data sets the data on the most recent error to |data|, which
+// must be a NUL-terminated string. |flags| must contain |ERR_FLAG_STRING|. If
+// |flags| contains |ERR_FLAG_MALLOCED|, this function takes ownership of
+// |data|, which must have been allocated with |OPENSSL_malloc|. Otherwise, it
+// saves a copy of |data|.
+//
+// Note this differs from OpenSSL which, when |ERR_FLAG_MALLOCED| is unset,
+// saves the pointer as-is and requires it remain valid for the lifetime of the
+// address space.
+OPENSSL_EXPORT void ERR_set_error_data(char *data, int flags);
+
 // ERR_NUM_ERRORS is one more than the limit of the number of errors in the
 // queue.
 #define ERR_NUM_ERRORS 16

Sources/CNIOBoringSSL/include/CNIOBoringSSL_rsa.h

@@ -615,6 +615,9 @@ OPENSSL_EXPORT void *RSA_get_ex_data(const RSA *rsa, int idx);
 // constants.
 OPENSSL_EXPORT int RSA_flags(const RSA *rsa);
 
+// RSA_test_flags returns the subset of flags in |flags| which are set in |rsa|.
+OPENSSL_EXPORT int RSA_test_flags(const RSA *rsa, int flags);
+
 // RSA_blinding_on returns one.
 OPENSSL_EXPORT int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
 

Sources/CNIOBoringSSL/include/CNIOBoringSSL_ssl.h

@@ -2459,6 +2459,15 @@ OPENSSL_EXPORT int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(
 OPENSSL_EXPORT int (*SSL_get_verify_callback(const SSL *ssl))(
     int ok, X509_STORE_CTX *store_ctx);
 
+// SSL_set1_host sets a DNS name that will be required to be present in the
+// verified leaf certificate. It returns one on success and zero on error.
+//
+// Note: unless _some_ name checking is performed, certificate validation is
+// ineffective. Simply checking that a host has some certificate from a CA is
+// rarely meaningful—you have to check that the CA believed that the host was
+// who you expect to be talking to.
+OPENSSL_EXPORT int SSL_set1_host(SSL *ssl, const char *hostname);
+
 // SSL_CTX_set_verify_depth sets the maximum depth of a certificate chain
 // accepted in verification. This number does not include the leaf, so a depth
 // of 1 allows the leaf and one CA certificate.
@@ -2632,6 +2641,11 @@ OPENSSL_EXPORT int SSL_set_verify_algorithm_prefs(SSL *ssl,
                                                   const uint16_t *prefs,
                                                   size_t num_prefs);
 
+// SSL_set_hostflags calls |X509_VERIFY_PARAM_set_hostflags| on the
+// |X509_VERIFY_PARAM| associated with this |SSL*|. The |flags| argument
+// should be one of the |X509_CHECK_*| constants.
+OPENSSL_EXPORT void SSL_set_hostflags(SSL *ssl, unsigned flags);
+
 
 // Client certificate CA list.
 //

Sources/CNIOBoringSSL/include/CNIOBoringSSL_x509.h

@@ -249,17 +249,6 @@ DEFINE_STACK_OF(X509_TRUST)
   (ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | \
    XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN)
 
-struct x509_revoked_st {
-  ASN1_INTEGER *serialNumber;
-  ASN1_TIME *revocationDate;
-  STACK_OF(X509_EXTENSION) /* optional */ *extensions;
-  // Set up if indirect CRL
-  STACK_OF(GENERAL_NAME) *issuer;
-  // Revocation reason
-  int reason;
-  int sequence;  // load sequence
-};
-
 DEFINE_STACK_OF(X509_REVOKED)
 
 DECLARE_STACK_OF(GENERAL_NAMES)