min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3,091 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

3091 Commits

Author SHA1 Message Date
Ivan Nikulin 011d500460 Separate `fips` and `fips-link-precompiled` features. 
Make the later compatible with `rpk` feature.
 2023-08-30 11:41:20 +01:00
Ivan Nikulin a6e35a46b6 Bump version in Cargo.toml 2023-08-05 14:36:12 +01:00
Ivan Nikulin c482097d96 Release 3.0.4 2023-08-05 14:34:05 +01:00
Ivan Nikulin edfe18b196 Add missing cmake files to the package 2023-08-05 14:32:02 +01:00
Ivan Nikulin 55d2731a18 Release 3.0.3 2023-08-05 14:03:58 +01:00
Manuel Olguín Muñoz 57e54be907 Fix missing .trim() when verifying FIPS module name 2023-08-05 13:54:26 +01:00
Ivan Nikulin bb063aa9e6 Fix Diplay panics for HandshakeError with `rpk` (fixes #140) 2023-08-03 15:00:09 +01:00
Ivan Nikulin 308f0405bd Release 3.0.2 2023-08-03 13:38:59 +01:00
Ivan Nikulin 7fd29555b6 Fix feature gates for fips-link-precompiled 2023-08-03 13:38:59 +01:00
Anthony Ramine abfe2f7980 Switch boring from lazy_static to once_cell 2023-08-02 12:14:02 +01:00
Anthony Ramine af5bb39a78 Clean up and remove some unsafe code from ffi callbacks 2023-08-02 12:14:02 +01:00
Ivan Nikulin 959d7c034e Reduce release bundle size by excluding PQ test data 2023-08-01 18:36:51 +01:00
Nathan Mittler 74fd7a8ce4 Adding hmac.h to included headers 
This was originally going to be fixed by #101, however that PR was closed and superseded by #117, which was missing this fix.

The original problem was caused by #97, which updated boringssl to a version that included [a change that removed hmac.h from ssl.h](05b360d797).

This PR adds an include for hmac.h, so it is again available through boring-sys.
 2023-08-01 19:13:19 +02:00
Ivan Nikulin 2475ef386b Reduce release bundle size by excluding PQ test data 2023-08-01 17:51:44 +01:00
Ivan Nikulin 33e3d756ff Fix builds for features that require git patches 
Previously we were building from the deps directory with submodules. For publishing we were copying files in sumbodules into the package. With this we were making the package directory dirty with build artifacts and applied patches.

This commit change the build script's behaviour: sources are now copied to the output directory and then boringssl is built from there.

In addition, this commit adds files that were missing from the package for building with patches.
 2023-08-01 17:33:29 +01:00
Ivan Nikulin 6435c5b8d5 Fix publishing 2023-08-01 11:32:20 +01:00
Ivan Nikulin c71e2bed39
Merge pull request #131 from inikulin/rel-3.0.0 
Release 3.0.0
 2023-07-28 14:15:39 +01:00
Ivan Nikulin c12bfc21f6 Release 3.0.0 2023-07-28 14:07:22 +01:00
Ivan Nikulin 07a8b431ea Add git-cliff configuration 2023-07-28 14:02:46 +01:00
Ivan Nikulin 4761cf7805
Merge pull request #84 from signalapp/macos-cross-compile 
boring-sys: Handle cross-compiling macOS targets
 2023-07-28 13:21:04 +01:00
Ivan Nikulin 4e190ad00c
Merge pull request #95 from signalapp/libsignal-arm 
boring-sys: Add support for cross-compiling to Linux ARM(v7)
 2023-07-28 13:20:32 +01:00
Ivan Nikulin c07c414565
Merge pull request #96 from signalapp/android-sysroot 
boring-sys: Update Android NDK sysroot path
 2023-07-28 13:19:58 +01:00
Jordan Rose a39f0c78ee boring-sys: Handle cross-compiling macOS targets 
...such as compiling for Apple Silicon on an Intel Mac.
 2023-07-27 13:17:40 -07:00
morph027 bb5caa43a2 boring-sys: Add support for Linux ARM(v7) 
Signed-off-by: morph027 <stefan.heitmueller@gmx.com>
 2023-07-27 13:15:53 -07:00
Jordan Rose 32feb4f958 boring-sys: Update Android NDK sysroot path 
This longer path (inside the prebuilt toolchain included in the NDK)
has been the preferred sysroot since NDK r19. Newer NDKs no longer
have a top-level "sysroot" directory at all.
 2023-07-27 13:12:57 -07:00
Ivan Nikulin 3478bc2668
Merge pull request #83 from signalapp/private_key_to_der_pkcs8 
boring: Expose PKey::private_key_to_der_pkcs8(_passphrase)
 2023-07-27 10:11:02 +01:00
Ivan Nikulin f9e1d2e51c
Merge pull request #130 from inikulin/frankenfips 
Add fips-link-precompiled feature
 2023-07-27 10:05:08 +01:00
Ivan Nikulin d4ddd16ee2 Add fips-link-precompiled feature 2023-07-26 14:35:40 +01:00
Ivan Nikulin 09d92e54fc
Merge pull request #128 from ghedo/bssl_source_path 
Allow specifying a custom BoringSSL source directory
 2023-07-14 15:14:42 +01:00
Alessandro Ghedini f772338238 Allow specifying a custom BoringSSL source directory 2023-07-14 10:47:37 +01:00
Ivan Nikulin 63e178d880
Merge pull request #126 from inikulin/rpk-pqc 
Add RPK and PQ crypto features
 2023-07-10 23:08:33 +01:00
Ivan Nikulin 0b542999d4 Address review comments 2023-07-10 14:00:52 +01:00
Ivan Nikulin d59d170c4d Update docs 2023-07-10 12:29:30 +01:00
Ivan Nikulin d1ee9bfd86 Use workspace metadata for crates 2023-07-10 11:38:18 +01:00
Ivan Nikulin c4e8a94a69 Add RPK and PQ crypto features 2023-07-07 13:50:36 +01:00
Ivan Nikulin 8f488550eb
Merge pull request #120 from nox/revert 
Revert "Merge pull request #108 from nox/store-clone"
 2023-07-03 11:09:41 +01:00
Anthony Ramine 6e751e85cb Revert "Merge pull request #108 from nox/store-clone" 
This reverts commit 1c1af4b38b, reversing
changes made to da32be1fa9.

SslContextBuilder::cert_store_mut returns a &mut X509StoreBuilder
backed by a X509Store that is already shared with an existing SslContext.
 2023-05-15 15:36:17 +02:00
Anthony Ramine ad2517f797 Fix build 2023-05-15 15:36:17 +02:00
Ivan Nikulin 1c1af4b38b
Merge pull request #108 from nox/store-clone 
Implement ToOwned for X509StoreRef and Clone for X509Store
 2023-05-11 16:25:11 +01:00
Ivan Nikulin da32be1fa9
Merge pull request #114 from nox/nox/openssl-fixes 
Port security fixes from the openssl crate (fixes #111)
 2023-05-11 16:24:29 +01:00
Ivan Nikulin ec52371e6b
Merge pull request #79 from signalapp/deriver-leak 
boring: Fix memory leak in `Deriver`
 2023-05-11 16:23:56 +01:00
Ivan Nikulin 0dd85d187b
Merge pull request #117 from nox/bump-boringssl 
Update boringssl to latest upstream commit (fixes #100)
 2023-05-11 16:23:28 +01:00
Ivan Nikulin 561d786c10
Merge pull request #97 from PiotrSikora/boringcrypto_4407 
Update BoringCrypto to FIPS 140-2 certificate 4407.
 2023-05-11 16:22:25 +01:00
Ivan Nikulin e1dc466cd1
Merge pull request #104 from tbu-/pr_doc_typo 
psuedo → pseudo
 2023-05-11 16:20:47 +01:00
Ivan Nikulin 7cfe2065a3
Merge pull request #115 from nox/bindgen 
Bump bindgen to 0.65.1
 2023-05-09 23:04:37 +01:00
Piotr Sikora 902e7d0c92 Update BoringCrypto to FIPS 140-2 certificate 4407. 
Signed-off-by: Piotr Sikora <piotr@aviatrix.com>
 2023-05-09 10:37:32 +02:00
Anthony Ramine 6274f70726 Update boringssl to latest upstream commit 
Notable commits that cause code changes here:

X509 fields notBefore and notAfter need to be specified
https://boringssl-review.googlesource.com/c/boringssl/+/49349

X509ReqBuilder only accepts X509v1 now
https://boringssl-review.googlesource.com/c/boringssl/+/52605

Some functions switched from int to size_t
https://boringssl-review.googlesource.com/c/boringssl/+/54985

CECPQ2 support was dropped
https://boringssl-review.googlesource.com/c/boringssl/+/58645

This is a breaking change.
 2023-05-09 10:28:10 +02:00
Anthony Ramine 530db8841b Bump bindgen to 0.65.1 2023-05-05 11:58:47 +02:00
Anthony Ramine 2ceb99216f Implement ToOwned for X509StoreRef and Clone for X509Store 2023-05-05 11:10:42 +02:00
Alex Gaynor b36b1705b3 Fix race condition with X509Name creation 2023-05-05 11:10:11 +02:00