From 589fdfec472d2031ac0d53fc069ae0596876648a Mon Sep 17 00:00:00 2001 From: Cory Benfield Date: Wed, 16 Oct 2024 10:45:51 +0100 Subject: [PATCH 1/2] Update vendoring script --- scripts/vendor-boringssl.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/scripts/vendor-boringssl.sh b/scripts/vendor-boringssl.sh index e4987039..3dc389e9 100755 --- a/scripts/vendor-boringssl.sh +++ b/scripts/vendor-boringssl.sh @@ -239,6 +239,15 @@ echo "REMOVING libssl" rm -rf "ssl" ) +echo "DISABLING assembly on x86 Windows" +( + # x86 Windows builds require nasm for acceleration. SwiftPM can't do that right now, + # so we disable the assembly. + cd "$DSTROOT" + gsed -i "/#define OPENSSL_HEADER_BASE_H/a#if defined(_WIN32) && (defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) || defined(__x86) || defined(__i386) || defined(__i386__) || defined(_M_IX86))\n#define OPENSSL_NO_ASM\n#endif" "include/openssl/base.h" + +) + mangle_symbols echo "RENAMING header files" From 57de1b5a6dec7c46f1d43cd2d5f9172dd5a382da Mon Sep 17 00:00:00 2001 From: Cory Benfield Date: Wed, 16 Oct 2024 10:46:13 +0100 Subject: [PATCH 2/2] Update BoringSSL to 2587c4974dbe9872451151c8e975f58567a1ce0d --- Package.swift | 2 +- Sources/CCryptoBoringSSL/crypto/bio/connect.c | 4 ++++ .../crypto/poly1305/poly1305_vec.c | 23 +++++++++++-------- Sources/CCryptoBoringSSL/hash.txt | 2 +- .../include/CCryptoBoringSSL_base.h | 3 +++ .../include/CCryptoBoringSSL_evp.h | 2 +- 6 files changed, 23 insertions(+), 13 deletions(-) diff --git a/Package.swift b/Package.swift index 45e6c44f..12c6db36 100644 --- a/Package.swift +++ b/Package.swift @@ -20,7 +20,7 @@ // Sources/CCryptoBoringSSL directory. The source repository is at // https://boringssl.googlesource.com/boringssl. // -// BoringSSL Commit: 76968bb3d53982560bcf08bcd0ba3e1865fe15cd +// BoringSSL Commit: 2587c4974dbe9872451151c8e975f58567a1ce0d import PackageDescription diff --git a/Sources/CCryptoBoringSSL/crypto/bio/connect.c b/Sources/CCryptoBoringSSL/crypto/bio/connect.c index 05cade82..79a663b8 100644 --- a/Sources/CCryptoBoringSSL/crypto/bio/connect.c +++ b/Sources/CCryptoBoringSSL/crypto/bio/connect.c @@ -487,7 +487,11 @@ static long conn_callback_ctrl(BIO *bio, int cmd, bio_info_cb fp) { // convention. OPENSSL_MSVC_PRAGMA(warning(push)) OPENSSL_MSVC_PRAGMA(warning(disable : 4191)) + OPENSSL_CLANG_PRAGMA("clang diagnostic push") + OPENSSL_CLANG_PRAGMA("clang diagnostic ignored \"-Wunknown-warning-option\"") + OPENSSL_CLANG_PRAGMA("clang diagnostic ignored \"-Wcast-function-type\"") data->info_callback = (int (*)(const struct bio_st *, int, int))fp; + OPENSSL_CLANG_PRAGMA("clang diagnostic pop") OPENSSL_MSVC_PRAGMA(warning(pop)) break; default: diff --git a/Sources/CCryptoBoringSSL/crypto/poly1305/poly1305_vec.c b/Sources/CCryptoBoringSSL/crypto/poly1305/poly1305_vec.c index 1fc0459c..0a535bb1 100644 --- a/Sources/CCryptoBoringSSL/crypto/poly1305/poly1305_vec.c +++ b/Sources/CCryptoBoringSSL/crypto/poly1305/poly1305_vec.c @@ -31,11 +31,11 @@ typedef __m128i xmmi; -static const alignas(16) uint32_t poly1305_x64_sse2_message_mask[4] = { +alignas(16) static const uint32_t poly1305_x64_sse2_message_mask[4] = { (1 << 26) - 1, 0, (1 << 26) - 1, 0}; -static const alignas(16) uint32_t poly1305_x64_sse2_5[4] = {5, 0, 5, 0}; -static const alignas(16) uint32_t poly1305_x64_sse2_1shl128[4] = { - (1 << 24), 0, (1 << 24), 0}; +alignas(16) static const uint32_t poly1305_x64_sse2_5[4] = {5, 0, 5, 0}; +alignas(16) static const uint32_t poly1305_x64_sse2_1shl128[4] = {(1 << 24), 0, + (1 << 24), 0}; static inline uint128_t add128(uint128_t a, uint128_t b) { return a + b; } @@ -136,7 +136,8 @@ void CRYPTO_poly1305_init(poly1305_state *state, const uint8_t key[32]) { static void poly1305_first_block(poly1305_state_internal *st, const uint8_t *m) { - const xmmi MMASK = _mm_load_si128((const xmmi *)poly1305_x64_sse2_message_mask); + const xmmi MMASK = + _mm_load_si128((const xmmi *)poly1305_x64_sse2_message_mask); const xmmi FIVE = _mm_load_si128((const xmmi *)poly1305_x64_sse2_5); const xmmi HIBIT = _mm_load_si128((const xmmi *)poly1305_x64_sse2_1shl128); xmmi T5, T6; @@ -181,7 +182,7 @@ static void poly1305_first_block(poly1305_state_internal *st, r20 = r20 & 0xfffffffffff; r21 += c; - p->R20.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)(r20)&0x3ffffff), + p->R20.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)(r20) & 0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0)); p->R21.v = _mm_shuffle_epi32( _mm_cvtsi32_si128((uint32_t)((r20 >> 26) | (r21 << 18)) & 0x3ffffff), @@ -229,7 +230,8 @@ static void poly1305_first_block(poly1305_state_internal *st, static void poly1305_blocks(poly1305_state_internal *st, const uint8_t *m, size_t bytes) { - const xmmi MMASK = _mm_load_si128((const xmmi *)poly1305_x64_sse2_message_mask); + const xmmi MMASK = + _mm_load_si128((const xmmi *)poly1305_x64_sse2_message_mask); const xmmi FIVE = _mm_load_si128((const xmmi *)poly1305_x64_sse2_5); const xmmi HIBIT = _mm_load_si128((const xmmi *)poly1305_x64_sse2_1shl128); @@ -419,7 +421,8 @@ static void poly1305_blocks(poly1305_state_internal *st, const uint8_t *m, static size_t poly1305_combine(poly1305_state_internal *st, const uint8_t *m, size_t bytes) { - const xmmi MMASK = _mm_load_si128((const xmmi *)poly1305_x64_sse2_message_mask); + const xmmi MMASK = + _mm_load_si128((const xmmi *)poly1305_x64_sse2_message_mask); const xmmi HIBIT = _mm_load_si128((const xmmi *)poly1305_x64_sse2_1shl128); const xmmi FIVE = _mm_load_si128((const xmmi *)poly1305_x64_sse2_5); @@ -547,7 +550,7 @@ static size_t poly1305_combine(poly1305_state_internal *st, const uint8_t *m, r1 = ((uint64_t)p->R21.d[3] << 32) | (uint64_t)p->R21.d[1]; r2 = ((uint64_t)p->R22.d[3] << 32) | (uint64_t)p->R22.d[1]; - p->R20.d[2] = (uint32_t)(r0)&0x3ffffff; + p->R20.d[2] = (uint32_t)(r0) & 0x3ffffff; p->R21.d[2] = (uint32_t)((r0 >> 26) | (r1 << 18)) & 0x3ffffff; p->R22.d[2] = (uint32_t)((r1 >> 8)) & 0x3ffffff; p->R23.d[2] = (uint32_t)((r1 >> 34) | (r2 << 10)) & 0x3ffffff; @@ -838,7 +841,7 @@ void CRYPTO_poly1305_finish(poly1305_state *state, uint8_t mac[16]) { c = (h1 >> 44); h1 &= 0xfffffffffff; t1 = (t1 >> 24); - h2 += (t1)+c; + h2 += (t1) + c; CRYPTO_store_u64_le(mac + 0, ((h0) | (h1 << 44))); CRYPTO_store_u64_le(mac + 8, ((h1 >> 20) | (h2 << 24))); diff --git a/Sources/CCryptoBoringSSL/hash.txt b/Sources/CCryptoBoringSSL/hash.txt index b0324a31..c8314b90 100644 --- a/Sources/CCryptoBoringSSL/hash.txt +++ b/Sources/CCryptoBoringSSL/hash.txt @@ -1 +1 @@ -This directory is derived from BoringSSL cloned from https://boringssl.googlesource.com/boringssl at revision 76968bb3d53982560bcf08bcd0ba3e1865fe15cd +This directory is derived from BoringSSL cloned from https://boringssl.googlesource.com/boringssl at revision 2587c4974dbe9872451151c8e975f58567a1ce0d diff --git a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_base.h b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_base.h index a3732230..3fb7f81c 100644 --- a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_base.h +++ b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_base.h @@ -54,6 +54,9 @@ #define OPENSSL_HEADER_BASE_H #define BORINGSSL_PREFIX CCryptoBoringSSL +#if defined(_WIN32) && (defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) || defined(__x86) || defined(__i386) || defined(__i386__) || defined(_M_IX86)) +#define OPENSSL_NO_ASM +#endif // This file should be the first included by all BoringSSL headers. diff --git a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_evp.h b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_evp.h index fa8c5b54..f2a72e1c 100644 --- a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_evp.h +++ b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_evp.h @@ -495,7 +495,7 @@ OPENSSL_EXPORT int PKCS5_PBKDF2_HMAC_SHA1(const char *password, // as described below. // // |N|, |r|, and |p| are as described in RFC 7914 section 6. They determine the -// cost of the operation. If |max_mem| is zero, a defult limit of 32MiB will be +// cost of the operation. If |max_mem| is zero, a default limit of 32MiB will be // used. // // The parameters are considered invalid under any of the following conditions: