Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: libboringssl1 | Distribution: SUSE Linux Enterprise 15 SP3 |
Version: 20200122 | Vendor: openSUSE |
Release: bp153.1.1 | Build date: Fri Apr 23 10:20:37 2021 |
Group: System/Libraries | Build host: obs-power9-06 |
Size: 2779625 | Source RPM: boringssl-20200122-bp153.1.1.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: https://boringssl.googlesource.com/boringssl/ | |
Summary: An SSL/TLS protocol implementation |
BoringSSL is an implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, derived from OpenSSL.
OpenSSL
* Thu May 28 2020 Jan Engelhardt <jengelh@inai.de> - Rectify groups. * Wed May 27 2020 Michał Rostecki <mrostecki@suse.com> - Remove patch for enabling shared linking - it was enabled upstream. * 0001-add-soversion-option.patch - Add boringssl-source subpackage. * Wed May 27 2020 mrostecki@suse.com - Update to version 20200122: * Define EVP compatibility constants for X448 and Ed448. * Allow shared libraries in the external CMake build. * Add a few little-endian functions to CBS/CBB. * Move iOS asm tricks up in external CMake build. * Try again to deal with expensive tests. * Restore ARM CPU variation tests on builders. * Remove SSL_CTX_set_rsa_pss_rsae_certs_enabled. * Work around another NULL/0 C language bug. * Use the MAYBE/DISABLED pattern in RSATest.BlindingCacheConcurrency. * Switch an #if-0-gated test to DISABLED_Foo. * Proxy: send whole SSL records through the handshaker. * Disable Wycheproof primality test cases on non-x86 (too slow) * test_state.cc: serialize the test clock. * Output after every Wycheproof primality test. * Maybe fix generated-CMake build on Android and iOS. * Detect the NDK path from CMAKE_TOOLCHAIN_FILE. * Tell Go to build for GOOS=android when running on Android. * Reland bitsliced aes_nohw implementation. * Add bssl client option to load a hashed directory of cacerts. * No-op change to run the new NO_SSE2 builders. * Clarify that we perform the point-on-curve check. * Reduce size of BlindingCacheConcurrency test under TSAN. * Compare vpaes/bsaes conversions against a reference implementation. * Enable the SSE2 Poly1305 implementation on clang-cl. * Remove alignment requirement on CRYPTO_poly1305_finish. * Fix double-free under load. * Add some XTS tests. * Add EncodeHex and DecodeHex functions to test_util.h. * Revert "Replace aes_nohw with a bitsliced implementation." * Replace aes_nohw with a bitsliced implementation. * Switch HRSS inversion algorithm. * Run EVP_CIPHER tests in-place. * Add an option to disable SSE2 intrinsics for testing. * Dummy change to trigger master-with-bazel builder. * Drop use of alignas(64) in aead_test.cc * Add standalone CMake build to generate_build_files.py * TLS 1.3 split handshake initial support. * Import Wycheproof primality tests. * Split BN_prime_checks into two constants for generation and validation. * Add some Miller-Rabin tests from Wycheproof. * Import Wycheproof PKCS#1 decrypt tests. * Import Wycheproof OAEP tests. * Import Wycheproof PKCS#1 signing tests. * Skip JWK keys when converting Wycheproof tests. * Import Wycheproof's size-specific RSA PKCS#1 verifying tests. * Handle "acceptable" Wycheproof inputs unambiguously. * Import Wycheproof XChaCha20-Poly1305 tests. * Import Wycheproof HMAC tests. * Import Wycheproof HKDF tests. * bytestring: add methods for int64. * Update Wycheproof test vectors. * Add mock QUIC transport to runner * Add test vectors for CVE-2019-1551 (not affected). * Fix check_bn_tests.go. * Fix MSan error in SSLTest.Handoff test. * SSLTest.Handoff: extend to include a session resumption. * inject_hash preserves filemode * Move TLS 1.3 state machine constants to internal.h. * Add a ppc64le ABI tester. * Allocate small TLS read buffers inline. * Remove unused labels from ARM ABI test assembly. * Update AAPCS and AAPCS64 links. * Fix EVP_has_aes_hardware on ppc64le. * Remove remnants of end_of_early_data alert from tests. * Add a test for ERR_error_string_n. * Remove post-quantum experiment signal extension. * Give ERR_error_string_n a return value for convenience. * Defer early keys to QUIC clients to after certificate reverification. * Defer releasing early secrets to QUIC servers. * Halve the size of the kNIDsIn* constants * modulewrapper: manage buffer with |unique_ptr|. * Add missing boringssl_prefix_symbols_asm.h include. * acvptool: add support for ECDSA * Inline gcm_init_4bit into gcm_init_ssse3. * Vectorize gcm_mul32_nohw and replace gcm_gmult_4bit_mmx. * Add a constant-time fallback GHASH implementation. * Conditionally define PTRACE_O_EXITKILL in urandom_test.cc * Fix build warning if _SCL_SECURE_NO_WARNINGS is defined globally * modulewrapper: use a raw string. * acvptool: add license headers. * Enable TLS 1.3 by default. * acvptool: Add support for DRBG * Discard user_canceled alerts in TLS 1.3. * Work around more C language bugs with empty spans. * No-op commit to test the new builder. * acvptool: Add support for HMAC * Add stub functions for RSA-PSS keygen parameters. * HelloRetryRequest getter * Add break-tests-android.sh script. * Add compatibility functions for sigalgs * Run AES-192-GCM in CAVP tests. * Rename a number of BUF_* functions to OPENSSL_*. * List bn_div fuzzer in documentation. * Reenable bn_div fuzzer. * Drop CECPQ2b code. * Add urandom_test to all_tests.json * Fix the standalone Android FIPS build. * Add sanity checks to FIPS module construction. * Correct relative path. * Add test for urandom.c * break-hash.go: Search ELF dynamic symbols if symbols not found. * Fix $OPENSSL_ia32cap handling. * Switch probable_prime to rejection sampling. * Rename the last remnants of the early_data_info extension. * Fix up BN_GENCB_call calls. * Do fewer trial divisions for larger RSA keygens. * Fix GRND_NONBLOCK flag when calling getrandom. * Simplify bn_miller_rabin_iteration slightly. * Add some notes on RSA key generation performance. * Break early on composites in the primality test. * Extract and test the deterministic part of Miller-Rabin. * Fix the FIPS + fuzzing build. * FIPS.md: document some recent Android changes. * Add a function to derive an EC key from some input secret. * Fix run_android_tests.go with shared library builds. * No-op change to test new builders. * Move no-exec-stack sections outside of #ifs. * Add |SSL_get_min_proto_version| and |SSL_get_max_proto_version| * Make FIPS build work for Android cross-compile. * Enable optional GRND_RANDOM flag to be passed to getrandom on Android. * Switch cert_compression_algs to GrowableArray. * Add GrowableArray<T> to ssl/internal.h. * Fixed quic_method lookup in TLS 1.3 server side handshake. * Add .note.GNU-stack at the source level. * -Wno-vla -> -Wvla * Add an option for explicit renegotiations. * tool: add -json flag to |speed| * Set -Wno-vla. * Use a pointer to module_hash in boringssl_fips_self_test() args. * Use a smaller hex digest in FIPS flag files when SHA-256 used. * Switch to using SHA-256 for FIPS integrity check on Android. * Use getentropy on macOS 10.12 and later. * Move #include of "internal.h", which defines |OPENSSL_URANDOM|. * Style nit. * Assert that BN_CTX_end is actually called. * Test some known large primes. * Test some Euler pseudoprimes. * Be consistent about Miller-Rabin vs Rabin-Miller. * fix build with armv6 Error: .size expression for _vpaes_decrypt_consts does not evaluate to a constant * Mark ssl_early_data_reason_t values stable. * Make the dispatch tests opt-in. * Bound the number of API calls in ssl_ctx_api.cc. * Only attempt to mprotect FIPS module for AArch64. * Opportunistically read entropy from the OS in FIPS mode. * Update INSTANTIATE_TEST_SUITE_P calls missing first argument. * Ignore build32 and build64 subdirectories. * Add page protection logic to BCM self test. * Disable unwind tests in FIPS mode. * Disable RDRAND on AMD family 0x17, models 0x70–0x7f. * Don't allow SGC EKUs for server certificates. * Add |SSL_CIPHER_get_value| to get the IANA number of a cipher suite. * Add XOF compilation compatibility flags * Replace BIO_printf with ASN1_STRING_print in GENERAL_NAME_print * Trigger a build on the ARM mode builder. * Fix vpaes-armv7.pl in ARM mode. * Add AES-192-GCM support to EVP_AEAD. * Add AES-256 CFB to libdecrepit. * Parse explicit EC curves more strictly. * Use the Go 1.13 standard library ed25519. * Update build tools. * Use ScopedEVP_AEAD_CTX in ImplDispatchTest.AEAD_AES_GCM. * Use a mix of bsaes and vpaes for CTR on NEON. * Use vpaes + conversion to setup CBC decrypt on NEON. * Add NEON vpaes-to-bsaes key converters. * Add vpaes-armv7.pl and replace non-parallel modes. * Correct comments for x86_64 _vpaes_encrypt_core_2x. * Add benchmarks for AES block operations. * Only write self test flag files if an environment variable is set. * Const-correct EC_KEY_set_public_key_affine_coordinates. * Revert "Fix VS build when assembler is enabled" * Support compilation via emscripten * Fix cross-compile of Android on Windows. * Move the config->async check into RetryAsync. * Clear *out in ReadHandshakeData's empty case. * Add initial support for 0-RTT with QUIC. * Have some more fun with spans. * Add OPENSSL_FALLTHROUGH to a few files. * Limit __attribute__ ((fallthrough)) to Clang >= 5. * Make |EVP_CIPHER_CTX_reset| return one. * Add Fallthru support for clang 10. * Add self-test suppression flag file for Android FIPS builds. * Align 0-RTT and resumption state machines slightly * Require getrandom in Android FIPS builds. * acvp: allow passing custom subprocess I/O. * Add a function to convert SSL_ERROR_* values to strings. * Fold SSL_want constants into SSL_get_error constants. * Use spans for the various TLS 1.3 secrets. * Switch another low-level function to spans. * Switch tls13_enc.cc to spans. * Check the second ClientHello's PSK binder on resumption. * Introduce libcrypto_bcm_sources for Android. * Remove stale TODO. * Add an android-cmake option to generate_build_files.py * Add a QUIC test for HelloRetryRequest. * Add missing ".text" to Windows code for dummy_chacha20_poly1305_asm * Update TODO to note that Clang git doesn't have the POWER bug. * Fix paths in break-tests.sh. * Fix POWER build with OPENSSL_NO_ASM. * Workaround Clang bug on POWER. * Add assembly support for -fsanitize=hwaddress tagged globals. * Fix typo in valgrind constant-time annotations. * acvp: add support for AES-ECB and AES-CBC. * Fix misspelled TODO. * Move CCM fragments out of the FIPS module. * Add EVP_PKEY_base_id. * Add some project links to README.md. * Make alert_dispatch into a bool. * Trim some more per-connection memory. * Remove SSL_export_early_keying_material. * Add EVP_PKEY support for X25519. * Make EVP_PKEY_bits return 253 for Ed25519. * Make SSL_get_servername work in the early callback. * Tue Mar 10 2020 Guillaume GARDET <guillaume.gardet@opensuse.org> - Fix arm build: * 0005-fix-alignment-for-arm.patch * Wed Dec 04 2019 Klaus Kämpf <kkaempf@suse.com> - fix s390x and ppc64le build * 0003-enable-s390x-builds.patch * 0004-fix-alignment-for-ppc64le.patch - rename add-soversion-option.patch to 0001-add-soversion-option.patch - rename 0001-crypto-Fix-aead_test-build-on-aarch64.patch to 0002-crypto-Fix-aead_test-build-on-aarch64.patch * Thu Oct 17 2019 Richard Brown <rbrown@suse.com> - Remove obsolete Groups tag (fate#326485) * Mon Oct 14 2019 Martin Pluskal <mpluskal@suse.com> - Update to version 20190916: * Revert "Fix VS build when assembler is enabled" * Only bypass the signature verification itself in fuzzer mode. * Move the PQ-experiment signal to SSL_CTX. * Name cipher suite tests in runner by IETF names. * Align TLS 1.3 cipher suite names with OpenSSL. * Prefix all the SIKE symbols. * Rename SIKE's params.c. * Add post-quantum experiment signal extension. * Fix shim error message endings. * Add initial draft of ACVP tool. * Implements SIKE/p434 * Add SipHash-2-4. * Remove android_tools checkout * Support key wrap with padding in CAVP. * Add android_sdk checkout * Move fipstools/ to util/fipstools/cavp * Factor out TLS cipher selection to ssl_choose_tls_cipher. * Emit empty signerInfos in PKCS#7 bundles. * Clarify language about default SSL_CTX session ticket key behavior. * Add an API to record use of delegated credential * Fix runner tests with Go 1.13. * Add a value barrier to constant-time selects. * Avoid leaking intermediate states in point doubling special case. * Split p224-64.c multiplication functions in three. * Add AES-KWP * Discuss the doubling case in windowed Booth representation. * Update build tools. * Set a minimum CMake version of 3.0. * Replace addc64,subc64,mul64 in SIKE Go code with functions from math/bits * Eliminate some superfluous conditions in SIKE Go code. * Fix various typos. * Fix name clash in test structures * bcm: don't forget to cleanup HMAC_CTX. * Handle fips_shared_support.c getting built in other builds. * Fix various mistakes in ec_GFp_nistp_recode_scalar_bits comment. * Fix filename in comment. * Split EC_METHOD.mul into two operations. * Split ec_point_mul_scalar into two operations. * Add FIPS shared mode. * delocate: add test for .file handling. * delocate: translate uleb128 and sleb128 directives * Integrate SIKE with TLS key exchange. * Convert ecdsa_p224_key.pem to PKCS#8. * Wed Sep 04 2019 Guillaume GARDET <guillaume.gardet@opensuse.org> - Re-enable build on aarch64 * Tue Sep 03 2019 Martin Pluskal <mpluskal@suse.com> - Update to version 20190523: * Disable RDRAND on AMD chips before Zen. * Always store early data tickets. * Align PKCS12_parse closer to OpenSSL. * Support PKCS#12 KeyBags. * Support PKCS#8 blobs using PBES2 with HMAC-SHA256. * Make EVP_PKEY_keygen work for Ed25519. * Sync aesp8-ppc.pl with upstream. * Update generate_build_files.py for SIKE. * Fix the last casts in third_party/sike. * Remove no-op casts around tt1. * Define p503 with crypto_word_t, not uint64_t. * Add support for SIKE/p503 post-quantum KEM * tool: fix speed tests. * Add an option to skip crypto_test_data.cc in GN too. * Save and restore errors when ignoring ssl_send_alert result. * Reject obviously invalid DSA parameters during signing. * Make expect/expected flag and variable names match. * clang-format Flag arrays in test_config.cc. * Rename remnants of ticket_early_data_info. * Enforce the ticket_age parameter for 0-RTT. * Add SSL_get_early_data_reason. * Remove implicit -on-resume for -expect-early-data-accept. * Use weak symbols only on supported platforms * Fix spelling in comments. * Add functions for "raw" EVP_PKEY serializations. * Remove stray underscores. * Add a compatibility EVP_DigestFinalXOF function. * Fix up EVP_DigestSign implementation for Ed25519. * Check for errors when setting up X509_STORE_CTX. * Convert a few more things from int to bool. * Compute the delegated credentials length prefix with CBB. * Convert the rest of ssl_test to GTest. * Check for x18 usage in aarch64 assembly. * Handle errors from close in perlasm scripts. * Hold off flushing NewSessionTicket until write. * Predeclare enums in base.h * Require certificates under name constraints use SANs. * Make X509_verify_cert_error_string thread-safe. * Disable the common name fallback on *any* SAN list. * Silently ignore X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT. * Add X509_CHECK_FLAG_NEVER_CHECK_SUBJECT. * Give ENGINE_free a return value. * Output a ClientHello during handoff. * Fix and test EVP_PKEY_CTX copying. * Test copying an EVP_MD_CTX. * Fix EVP_CIPHER_CTX_copy for AES-GCM. * Check key sizes in AES_set_*_key. * Add missing nonce_len check to aead_aes_gcm_siv_asm_open. * Test AES-GCM-SIV with OPENSSL_SMALL. * Handle CBB_cleanup on child CBBs more gracefully. * Update third_party/googletest. * Rename 'md' output parameter to 'out' and add bounds. * Update other build tools. * Update SDE to 8.35.0-2019-03-11. * nit: Update references to draft-ietf-tls-subcerts. * Support get versions with get_{min,max}_proto_version for context * Update ImplDispatchTest for bsaes-x86_64 removal. * Unwind the large_inputs hint in aes_ctr_set_key. * Add an optimized x86_64 vpaes ctr128_f and remove bsaes. * Add 16384 to the default bssl speed sizes. * Rewrite BN_CTX. * Save a temporary in BN_mod_exp_mont's w=1 case. * Reject long inputs in c2i_ASN1_INTEGER. * Harden the lower level parts of crypto/asn1 against overflows. * Remove d2i_ASN1_UINTEGER. * Drop some unused bsaes to aes_nohw dependencies. * Adapt gcm_*_neon to aarch64. * Patch out the aes_nohw fallback in bsaes_cbc_encrypt. * Patch out the aes_nohw fallback in bsaes_ctr32_encrypt_blocks. * Implement sk_find manually. * Make vpaes-armv8.pl compatible with XOM. * Support three-argument instructions on x86-64. * Correct outdated comments * Remove SSL_get_structure_sizes. * Prefer vpaes over bsaes in AES-GCM-SIV and AES-CCM. * Tell ASan about the OPENSSL_malloc prefix. * modes/asm/ghash-armv4.pl: address "infixes are deprecated" warnings. * Enable vpaes for aarch64, with CTR optimizations. * Check in vpaes-armv8.pl from OpenSSL unused and unmodified. * silence unused variable warnings when using OPENSSL_clear_free * Handle NULL public key in |EC_KEY_set_public_key|. * Add a 32-bit SSSE3 GHASH implementation. * Also include abi_test.cc in ssl_test_files. * Don't pull abi_test.cc into non-GTest targets. * Update *_set_cert_cb documentation regarding resumption * Add a reference for Linux ARM ABI. * Remove __ARM_ARCH__ guard on gcm_*_v8. * Fix bsaes-armv7.pl getting disabled by accident. * Add an option to configure bssl speed chunk size. * Appease GCC's uninitialized value warning. * Set VPAES flags in x86-64 code. * Enable vpaes for AES_* functions. * Avoid double-dispatch with AES_* vs aes_nohw_*. * Add uint64_t support in CBS and CBB. * Clear out a bunch of -Wextra-semi warnings. * Add compiled python files to .gitignore. * Fix x86_64-xlate.pl comment regex. * Add go 1.11 to go.mod. * Remove STRICT_ALIGNMENT code from modes. * Remove non-STRICT_ALIGNMENT code from xts.c. * Patch XTS out of ARMv7 bsaes too. * Remove stray prototype. * Always define GHASH. * Update delegated credentials to draft-03 * Use Windows symbol APIs in the unwind tester. * Unwind RDRAND functions correctly on Windows. * Patch out unused aesni-x86_64 functions. * Add ABI tests for aesni-gcm-x86_64.pl. * Add ABI tests for x86_64-mont5.pl. * sync EVP_get_cipherbyname with EVP_do_all_sorted * Hyperlink DOI to preferred resolver * Remove stray semicolons. * Remove separate default group list for servers. * Enable all curves (inc CECPQ2) during fuzzing. * Implement ABI testing for aarch64. * Fix ABI error in bn_mul_mont on aarch64. * Implement ABI testing for ARM. * Fix the order of Windows unwind codes. * Implement unwind testing for Windows. * Tolerate spaces when parsing .type directives. * runner: Don't generate an RSA key on startup. * Don't use bsaes over vpaes for CTR-DRBG. * perlasm/x86_64-xlate.pl: refine symbol recognition in .xdata. * Add instructions for debugging on Android with gdb. * Enforce key usage for RSA keys in TLS 1.2. * Remove infra/config folder in master branch. * Avoid SCT/OCSP extensions in SH on {Omit|Empty}Extensions * Test and fix an ABI issue with small parameters. * Add RSAZ ABI tests. * Better document RSAZ and tidy up types. * Add ABI testing for 32-bit x86. * Add a very roundabout EC keygen API. * Add some Node compatibility functions. * Implement server support for delegated credentials. * Add a constant-time pshufb-based GHASH implementation. * Tweak some slightly fragile tests. * Make 256-bit ciphers a preference for CECPQ2, not a requirement. * Update comments around JDK11 workaround. * Add a RelWithAsserts build configuration. * Remove union from |SHA512_CTX|. * Avoid unwind tests on libc functions. * Don't pass NULL,0 to qsort. * Fix signed left-shifts in curve25519.c. * Add an option to build with UBSan. * Fix undefined pointer casts in SHA-512 code. * HRSS: flatten sample distribution. * Add test of assembly code dispatch. * Simplify HRSS mod3 circuits. * Add SSL_OP_NO_RENEGOTIATION * Rename Fiat include files to end in .h * Switch to new fiat pipeline. * Don't look for libunwind if cross-compiling. * Mark some unmarked array sizes in curve25519.c. * Revert "Fix protos_len size in SSL_set_alpn_protos and SSL_CTX_set_alpn_protos" * Add ABI tests for GCM. * Fix SSL_R_TOO_MUCH_READ_EARLY_DATA. * Test CRYPTO_gcm128_tag in gcm_test.cc. * Remove pointer cast in P-256 table. * Ignore new fields in forthcoming Wycheproof tests. * Fix RSAZ's OPENSSL_cleanse. * Allow configuring QUIC method per-connection * Fix header file for _byteswap_ulong and _byteswap_uint64 from MSVC CRT * Add ABI tests for HRSS assembly. * Add AES ABI tests. * Move aes_nohw, bsaes, and vpaes prototypes to aes/internal.h. * Add direction flag checking to CHECK_ABI. * Add ABI tests for ChaCha20_ctr32. * Add ABI tests for MD5. * Refresh fuzzer corpus. * Delete the variants/draft code. * Update tools. * Fix protos_len size in SSL_set_alpn_protos and SSL_CTX_set_alpn_protos * Use handshake parameters to decide if cert/key are available * Add ABI tests for bn_mul_mont. * Add ABI tests for SHA*. * Make pkg-config optional. * Add DEPS rules to checkout Windows SDE. * Add ABI tests for rdrand. * Set NIDs for Blowfish and CAST. * Add a CFI tester to CHECK_ABI. * Fix some size_t to long casts. * Add EVP_CIPHER support for Blowfish and CAST to decrepit. * Be less clever with CHECK_ABI. * Update SDE and add the Windows version. * Remove pooling of PRNG state. * Add EC_KEY_key2buf for OpenSSL compatibility * Remove bundled copy of android-cmake. * Clarify build requirements. * Add EC_GROUP_order_bits for OpenSSL compatibility * Annotate leaf functions with .cfi_{startproc,endproc} * Fix beeu_mod_inverse_vartime CFI annotations and preamble. * Fix CFI annotations in p256-x86_64-asm.pl. * Add a comment about ecp_nistz256_point_add_affine's limitations. * Refresh p256-x86_64_tests.txt. * Fix some indentation nits. - Build using ninja - Update dependencies - Bump soversion - Limit building only to supported architectures * Fri Aug 30 2019 Martin Pluskal <mpluskal@suse.com> - Disable lto to fix build failure * Thu Apr 25 2019 Michał Rostecki <mrostecki@opensuse.org> - Add patch which fixes build on aarch64. * 0001-crypto-Fix-aead_test-build-on-aarch64.patch * Thu Apr 25 2019 dmueller@suse.com - Update to version 20181228: * Use thread-local storage for PRNG states if fork-unsafe buffering is enabled. * Add Win64 SEH unwind codes for the ABI test trampoline. * Translate .L directives inside .byte too. * Add an ABI testing framework. * Use same HKDF label as TLS 1.3 for QUIC as per draft-ietf-quic-tls-17 * Add |SSL_key_update|. * HRSS: omit reconstruction of ciphertext. * Add start of infrastructure for checking constant-time properties. * Don't enable intrinsics on x86 without ABI support. * HRSS: be strict about unused bits being zero. * Disable AES-GCM-SIV assembly on Windows. * Fix typo in AES-GCM-SIV comments. * Fix HRSS build error on ARM * Fix thread-safety bug in SSL_get_peer_cert_chain. * Remove HRSS confirmation hash. * Drop NEON assembly for HRSS. * Add |SSL_export_traffic_secrets|. * Patch out the XTS implementation in bsaes. * Remove .file and .loc directives from HRSS ARM asm. * Do not allow AES_128_GCM_SHA256 with CECPQ2. * Always 16-byte align |poly| elements. * Fix bug in HRSS tests. * Add initial HRSS support. * Forbid empty CertificateRequestsupported_signature_algorithms in TLS 1.2. * Eliminate |OPENSSL_ia32cap_P| in C code in the FIPS module. * Fix d2i_*_bio on partial reads. * Fix |BN_HEX_FMT2|. * Remove XOP code from sha512-x86_64.pl. * Pretend AMD XOP was never a thing. * Drop some explicit SSLKeyShare destructors. * Assume hyper-threading-like vulnerabilities are always present. * Replace the last CRITICAL_SECTION with SRWLOCK. * Validate ClientHellos in tests some more. * Re-enable AES-NI on 32-bit x86 too. * Make symbol-prefixing work on 32-bit x86. * Make Windows symbol-prefixing work. * Support Windows-style ar files. * Move __.SYMDEF handling to ar.go. * Fix stack_test.cc in the prefixed build. * Don't double-mangle C++ symbols on macOS. * Make read_symbols.go a bit more idiomatic. * Unexport and rename hex_to_string, string_to_hex, and name_cmp. * Satisfy golint. * Add a note that generated files are generated. * Work around a JDK 11 TLS 1.3 bug. * Move ARM cpuinfo functions to the header. * Regenerate obj_dat.h * go fmt * Support execute-only memory for AArch64 assembly. * Remove cacheline striping in copy_from_prebuf. * Tidy up type signature of BN_mod_exp_mont_consttime table. * No longer set CQ-Verified label on CQ success/failure. * Print a message when simulating CPUs. * Move JSON test results code into a common module. * In 0RTT mode, reverify the server certificate before sending early data. * Support assembly building for arm64e architecture. * Simulate other ARM CPUs when running tests. * Merge P-224 contract into serialisation. * Contract P-224 elements before returning them. * Add post-handshake support for the QUIC API. * Speculatively remove __STDC_*_MACROS. * Modernize OPENSSL_COMPILE_ASSERT, part 2. * Switch docs to recommending NASM. * Mark the |e| argument to |RSA_generate_key_ex| as const. * Clean up EC_POINT to byte conversions. * Need cpu.h for |OPENSSL_ia32cap_P|. * Rename EC_MAX_SCALAR_*. * Use EC_RAW_POINT in ECDSA. * Optimize EC_GFp_mont_method's cmp_x_coordinate. * Optimize EC_GFp_nistp256_method's cmp_x_coordinate. * Remove unreachable code. * Also accept __ARM_NEON * Remove some easy BN_CTXs. * Push BIGNUM out of the cmp_x_coordinate interface. * Push BIGNUM out of EC_METHOD's affine coordinates hook. * Fix r = p-n+epsilon ECDSA tests. * Don't include openssl/ec_key.h under extern "C". * Abstract hs_buf a little. * Inline ec_GFp_simple_group_get_degree. * Better test boundary cases of ec_cmp_x_coordinate. * Fix build when bcm.c is split up. * Revert "Revert "Speed up ECDSA verify on x86-64."" * Make SSL_get_current_cipher valid during QUIC callbacks. * Devirtualize ec_simple_{add,dbl}. * Refresh fuzzer corpora for changes to split-handshake serialization. * Serialize SSL curve list in handoff and check it on application. * Revert "Speed up ECDSA verify on x86-64." * Route the tuned add/dbl implementations out of EC_METHOD. * Speed up ECDSA verify on x86-64. * Include details about latest FIPS certification. * Serialize SSL configuration in handoff and check it on application. * Don't overflow state->calls on 16TiB RAND_bytes calls. * Buffer up QUIC data within a level internally. * Add an interface for QUIC integration. * Remove OPENSSL_NO_THREADS. * Minor fixes to bytestring.h header. * Test CBC padding more aggressively. * Restore CHECKED_CAST. * Fix EVP_tls_cbc_digest_record is slow using SHA-384 and short messages * Tidy up dsa_sign_setup. * Fix the build on glibc 2.15. * Modernize OPENSSL_COMPILE_ASSERT. * Fix redefinition of AEAD asserts in e_aes.c. * Guard sys/auxv.h include on !BORINGSSL_ANDROID. * Flatten EVP_AEAD_CTX * Implement SSL_get_tlsext_status_type * Fix documentation sectioning. * Remove support for GCC 4.7. * Print the name of the binary when blocking in getrandom. * Undo recent changes to |X509V3_EXT_conf_nid|. * Add a compatibility EVP_CIPH_OCB_MODE value. * [util] Mark srtp.h as an SSL header file * [rand] Disable RandTest.Fork on Fuchsia * Remove -fsanitize-cfi-icall-generalize-pointers. * Fix undefined function pointer casts in LHASH. * Use proper functions for lh_*. * Better handle AVX-512 assembly syntax. * Always push errors on BIO_read_asn1 failure. * Add a per-SSL TLS 1.3 downgrade enforcement option and improve tests. * Fix div.c to divide BN_ULLONG only if BN_CAN_DIVIDE_ULLONG defined. * Include aes.h in mode/internal.h * Fix section header capitalization. * Fix build in consumers that flag unused parameters. * [perlasm] Hide OPENSSL_armcap_P in assembly * Test the binary search more aggressively. * Opaquify CONF. * Bring Mac and iOS builders back to the CQ. * Remove LHASH_OF mention in X509V3_EXT_conf_nid. * Inline functions are apparently really complicated. * Actually disable RandTest.Fork on iOS. * Mostly fix undefined casts around STACK_OF's comparator. * Fix undefined casts in sk_*_pop_free and sk_*_deep_copy. * Take iOS builders out of the CQ rotation too. * Rewrite PEM_X509_INFO_read_bio. * Fix undefined block128_f, etc., casts. * Fix undefined function pointer casts in {d2i,i2d}_Foo_{bio,fp} * Fix undefined function pointer casts in IMPLEMENT_PEM_*. * Always print some diagnostic information when POST fails. * Disable RandTest.Fork on iOS. * Const-correct sk_find and sk_delete_ptr. * Add a test for STACK_OF(T). * Rename inject-hash: Bazel does not like hyphens. * Rename OPENSSL_NO_THREADS, part 1. * Fix ERR_GET_REASON checks. * Add a basic test for PEM_X509_INFO_read_bio. * Replace BIO_new + BIO_set_fp with BIO_new_fp. * Remove Mac try jobs from the CQ. * Add util/read_symbols.go * Tighten up getrandom handling. * Remove SHA384_Transform from sha.h. * Push an error on sigalg mismatch in X509_verify. * Sync bundled bits of golang.org/x/crypto. * Use Go modules with delocate. * Keep the GCM bits in one place. * Trim 88 bytes from each AES-GCM EVP_AEAD. * Set up Go modules. * Use sdallocx, if available, when deallocating. * Remove the add_alert hook. * Fix doc.go error capitalization. * Don't include quotes in heredocs. * Add missing bssl::UpRef overloads. * Roll back clang revision. * Update tools. * Fix BORINGSSL_NO_CXX. * Fix check of the pointer returned by BN_CTX_get * Include newlines at the end of generated asm. * Automatically disable assembly with MSAN. * Mark the C version of md5_block_data_order static. * Reorder some extensions to better match Firefox. * Make symbol-prefixing work on ARM. * Document alternative functions to BIO_f_base64. * Another batch of bools. * Add some RAND_bytes tests. * Support symbol prefixes * Fill in a fake session ID for TLS 1.3. * Create output directories for perlasm. * Fix Fiat path. * Fix GCC (8.2.1) build error. * Some more bools. * Flatten most of the crypto target. * Flatten assembly files. * Flatten the decrepit target. * Clarify "reference" and fix typo. * Fix corner case in cpuinfo parser. * Add some about ownership to API-CONVENTIONS. * Tidy up docs for #defines. * No negative moduli. * Document that ED25519_sign only fails on allocation failure * Clarify thread-safety of key objects. * shim: don't clear environment when invoking handshaker. * Switch the default TLS 1.3 variant to tls13_rfc. * Switch to Clang 6.0's fuzzer support. * Tue Dec 11 2018 Jan Engelhardt <jengelh@inai.de> - Trim redundant wording. Use multi-file find -exec invocation. * Fri Nov 16 2018 Michał Rostecki <mrostecki@suse.de> - To avoid conflicts with openssl development files, change all includes from openssl to boringssl. * Fri Nov 09 2018 Martin Pluskal <mpluskal@suse.com> - Use optflags when building - Do not create empty package * Thu Nov 08 2018 Michał Rostecki <mrostecki@suse.de> - Update to version 20181026: * Automatically disable assembly with MSAN. * Switch the default TLS 1.3 variant to tls13_rfc. * Wed Nov 07 2018 Michał Rostecki <mrostecki@suse.de> - Update to version 20181106: * Make SSL_get_current_cipher valid during QUIC callbacks. * Devirtualize ec_simple_{add,dbl}. * Refresh fuzzer corpora for changes to split-handshake serialization. * Serialize SSL curve list in handoff and check it on application. * Revert "Speed up ECDSA verify on x86-64." * Route the tuned add/dbl implementations out of EC_METHOD. * Speed up ECDSA verify on x86-64. * Include details about latest FIPS certification. * Serialize SSL configuration in handoff and check it on application. * Don't overflow state->calls on 16TiB RAND_bytes calls. - Use tar_scm service for fetching sources and versioning. * Wed Nov 07 2018 Michał Rostecki <mrostecki@suse.de> - Initial release - 0.0.0+git7499.6ec9e4 - Add add-soversion-option.patch - required to build libraries with soversion
/usr/lib64/libboringssl_crypto.so.1 /usr/lib64/libboringssl_ssl.so.1 /usr/share/doc/packages/libboringssl1 /usr/share/doc/packages/libboringssl1/README.md /usr/share/licenses/libboringssl1 /usr/share/licenses/libboringssl1/LICENSE
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 13:44:15 2024