Chiebot-Mirror/boringssl - boringssl - Gitea: Git with a cup of tea

Author	SHA1	Message	Date
David Benjamin	9d64d8d237	Miscellaneous -Wshorten-64-to-32 fixes. Bug: 516 Change-Id: Iba2014da414658c08e42e0993912fa73848832d3 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/54945 Reviewed-by: Bob Beck <bbe@google.com> Auto-Submit: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com>	2 years ago
David Benjamin	8501579acb	Fix MockQuicTransport::Flush error handling. BIO_flush may return a negative value, so we shouldn't cast it directly to bool. Change-Id: Ibdf688d1a6b4b316069e3b99a8a8b18974ee17ed Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/46534 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>	4 years ago
David Benjamin	c3ee9c8040	Replace MockQUICTransport tags with record types. They align exactly with TLS record types, so just use the existing constants. Change-Id: I693e7c740458cf73061e6b573eeb466d0fce93cc Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/44990 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>	4 years ago
David Benjamin	47d1274fd2	Make QUIC tests work with early data. This changes the format of the mock QUIC transport to include an explicit encryption level, matching real QUIC a bit better. In particular, we need that extra data to properly skip rejected early data on the shim side. (On the runner, we manage it by synchronizing with the TLS stack. Still, the levels make it a bit more accurate.) Testing sending and receiving of actual early data is not very relevant in QUIC since application I/O is external, but this allows us to more easily run the same tests in TLS and QUIC. Along the way, improve error-reporting in mock_quick_transport.cc so it's easier to diagnose record-level mismatches. Change-Id: I96175a4023134b03d61dac089f8e7ff4eb627933 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/44988 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>	4 years ago
David Benjamin	3743aafdac	Add SSL_CIPHER_get_protocol_id. This was introduced in OpenSSL 1.1.1, and wpa_supplicant expects us to have it. We had this same function as SSL_CIPHER_get_value (to match SSL_get_cipher_by_value). Align with upstream's name. It seems we also had a ssl_cipher_get_value lying around, so fold them together. (I've retained the assert in ssl_cipher_get_value as it seems reasonable enough; casting a hypothetical SSLv2 cipher ID to uint16_t would not behave correctly.) Change-Id: Ifbec460435bbc483f2c3de988522e321f2708172 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/42966 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com>	4 years ago
Adam Langley	fb0c05cac2	acvp: add CMAC-AES support. Change by Dan Janni. Change-Id: I3f059e7b1a822c6f97128ca92a693499a3f7fa8f Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/41984 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: David Benjamin <davidben@google.com>	4 years ago