min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3,177 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

3177 Commits

Author SHA1 Message Date
Ivan Nikulin 33e3d756ff Fix builds for features that require git patches 
Previously we were building from the deps directory with submodules. For publishing we were copying files in sumbodules into the package. With this we were making the package directory dirty with build artifacts and applied patches.

This commit change the build script's behaviour: sources are now copied to the output directory and then boringssl is built from there.

In addition, this commit adds files that were missing from the package for building with patches.
 2023-08-01 17:33:29 +01:00
Ivan Nikulin 6435c5b8d5 Fix publishing 2023-08-01 11:32:20 +01:00
Ivan Nikulin c71e2bed39
Merge pull request #131 from inikulin/rel-3.0.0 
Release 3.0.0
 2023-07-28 14:15:39 +01:00
Ivan Nikulin c12bfc21f6 Release 3.0.0 2023-07-28 14:07:22 +01:00
Ivan Nikulin 07a8b431ea Add git-cliff configuration 2023-07-28 14:02:46 +01:00
Ivan Nikulin 4761cf7805
Merge pull request #84 from signalapp/macos-cross-compile 
boring-sys: Handle cross-compiling macOS targets
 2023-07-28 13:21:04 +01:00
Ivan Nikulin 4e190ad00c
Merge pull request #95 from signalapp/libsignal-arm 
boring-sys: Add support for cross-compiling to Linux ARM(v7)
 2023-07-28 13:20:32 +01:00
Ivan Nikulin c07c414565
Merge pull request #96 from signalapp/android-sysroot 
boring-sys: Update Android NDK sysroot path
 2023-07-28 13:19:58 +01:00
Jordan Rose a39f0c78ee boring-sys: Handle cross-compiling macOS targets 
...such as compiling for Apple Silicon on an Intel Mac.
 2023-07-27 13:17:40 -07:00
morph027 bb5caa43a2 boring-sys: Add support for Linux ARM(v7) 
Signed-off-by: morph027 <stefan.heitmueller@gmx.com>
 2023-07-27 13:15:53 -07:00
Jordan Rose 32feb4f958 boring-sys: Update Android NDK sysroot path 
This longer path (inside the prebuilt toolchain included in the NDK)
has been the preferred sysroot since NDK r19. Newer NDKs no longer
have a top-level "sysroot" directory at all.
 2023-07-27 13:12:57 -07:00
Ivan Nikulin 3478bc2668
Merge pull request #83 from signalapp/private_key_to_der_pkcs8 
boring: Expose PKey::private_key_to_der_pkcs8(_passphrase)
 2023-07-27 10:11:02 +01:00
Ivan Nikulin f9e1d2e51c
Merge pull request #130 from inikulin/frankenfips 
Add fips-link-precompiled feature
 2023-07-27 10:05:08 +01:00
Ivan Nikulin d4ddd16ee2 Add fips-link-precompiled feature 2023-07-26 14:35:40 +01:00
Ivan Nikulin 09d92e54fc
Merge pull request #128 from ghedo/bssl_source_path 
Allow specifying a custom BoringSSL source directory
 2023-07-14 15:14:42 +01:00
Alessandro Ghedini f772338238 Allow specifying a custom BoringSSL source directory 2023-07-14 10:47:37 +01:00
Ivan Nikulin 63e178d880
Merge pull request #126 from inikulin/rpk-pqc 
Add RPK and PQ crypto features
 2023-07-10 23:08:33 +01:00
Ivan Nikulin 0b542999d4 Address review comments 2023-07-10 14:00:52 +01:00
Ivan Nikulin d59d170c4d Update docs 2023-07-10 12:29:30 +01:00
Ivan Nikulin d1ee9bfd86 Use workspace metadata for crates 2023-07-10 11:38:18 +01:00
Ivan Nikulin c4e8a94a69 Add RPK and PQ crypto features 2023-07-07 13:50:36 +01:00
Ivan Nikulin 8f488550eb
Merge pull request #120 from nox/revert 
Revert "Merge pull request #108 from nox/store-clone"
 2023-07-03 11:09:41 +01:00
Anthony Ramine 6e751e85cb Revert "Merge pull request #108 from nox/store-clone" 
This reverts commit 1c1af4b38b, reversing
changes made to da32be1fa9.

SslContextBuilder::cert_store_mut returns a &mut X509StoreBuilder
backed by a X509Store that is already shared with an existing SslContext.
 2023-05-15 15:36:17 +02:00
Anthony Ramine ad2517f797 Fix build 2023-05-15 15:36:17 +02:00
Ivan Nikulin 1c1af4b38b
Merge pull request #108 from nox/store-clone 
Implement ToOwned for X509StoreRef and Clone for X509Store
 2023-05-11 16:25:11 +01:00
Ivan Nikulin da32be1fa9
Merge pull request #114 from nox/nox/openssl-fixes 
Port security fixes from the openssl crate (fixes #111)
 2023-05-11 16:24:29 +01:00
Ivan Nikulin ec52371e6b
Merge pull request #79 from signalapp/deriver-leak 
boring: Fix memory leak in `Deriver`
 2023-05-11 16:23:56 +01:00
Ivan Nikulin 0dd85d187b
Merge pull request #117 from nox/bump-boringssl 
Update boringssl to latest upstream commit (fixes #100)
 2023-05-11 16:23:28 +01:00
Ivan Nikulin 561d786c10
Merge pull request #97 from PiotrSikora/boringcrypto_4407 
Update BoringCrypto to FIPS 140-2 certificate 4407.
 2023-05-11 16:22:25 +01:00
Ivan Nikulin e1dc466cd1
Merge pull request #104 from tbu-/pr_doc_typo 
psuedo → pseudo
 2023-05-11 16:20:47 +01:00
Ivan Nikulin 7cfe2065a3
Merge pull request #115 from nox/bindgen 
Bump bindgen to 0.65.1
 2023-05-09 23:04:37 +01:00
Piotr Sikora 902e7d0c92 Update BoringCrypto to FIPS 140-2 certificate 4407. 
Signed-off-by: Piotr Sikora <piotr@aviatrix.com>
 2023-05-09 10:37:32 +02:00
Anthony Ramine 6274f70726 Update boringssl to latest upstream commit 
Notable commits that cause code changes here:

X509 fields notBefore and notAfter need to be specified
https://boringssl-review.googlesource.com/c/boringssl/+/49349

X509ReqBuilder only accepts X509v1 now
https://boringssl-review.googlesource.com/c/boringssl/+/52605

Some functions switched from int to size_t
https://boringssl-review.googlesource.com/c/boringssl/+/54985

CECPQ2 support was dropped
https://boringssl-review.googlesource.com/c/boringssl/+/58645

This is a breaking change.
 2023-05-09 10:28:10 +02:00
Anthony Ramine 530db8841b Bump bindgen to 0.65.1 2023-05-05 11:58:47 +02:00
Anthony Ramine 2ceb99216f Implement ToOwned for X509StoreRef and Clone for X509Store 2023-05-05 11:10:42 +02:00
Alex Gaynor b36b1705b3 Fix race condition with X509Name creation 2023-05-05 11:10:11 +02:00
Alex Gaynor 90dfe2f912 Document the horror show 2023-05-05 11:10:11 +02:00
Alex Gaynor c80e3a3ec5 Always provide an X509V3Context in X509Extension::new because OpenSSL requires it for some extensions (and segfaults without) 2023-05-05 11:10:11 +02:00
Alex Gaynor 0f28001027 Resolve an injection vulnerability in EKU creation 2023-05-05 11:10:10 +02:00
Alex Gaynor 1eea7c5271 Resolve an injection vulnerability in SAN creation 2023-05-05 11:10:10 +02:00
Rob Shearman ae0cd6b98e Add X509Name to/from DER methods 
Since X509Name is more complex than a single value (it's a a sequence
of entries) it's useful to be able to serialise/deserialise to/from
flat data, and DER is a natural form for this.

So add a {i2d,d2i}_X509_NAME -sys functions, and to_der/from_der
wrappers in X509NameRef and X509Name respectively.

Originally added in https://github.com/sfackler/rust-openssl/pull/1534
 2023-05-05 11:10:10 +02:00
Joshua Nitschke f8e225e6a4 Add additional function so that x509 name with specific type can be added 
Originally added in https://github.com/sfackler/rust-openssl/pull/1371
 2023-05-05 11:10:10 +02:00
Ivan Nikulin 4ce9c50b63
Merge pull request #116 from nox/clippy 
Fix all clippy lints
 2023-05-05 09:44:30 +01:00
Anthony Ramine 74b0cc0da7 Fix lints 2023-03-27 13:15:12 +02:00
Anthony Ramine 6d61bf2adb Fix google test 
Sometimes google replies with 302 to redirect to another Google website
with a country-specific TLD. We don't actually care which status code
is returned, just that we successfully connect to google.com with
the HTTPS connector.
 2023-03-27 13:14:40 +02:00
Anthony Ramine 7215070e22 Use ubuntu-20.04 image for FIPS build 
Later ubuntu images don't provide clang-7 anymore.
 2023-03-27 12:59:13 +02:00
Tobias Bucher 8c2c2bd2b6 Add link in docs 2023-02-28 14:33:07 +01:00
Tobias Bucher f102b3792b psuedo → pseudo 2023-02-28 13:27:35 +01:00
Ivan Nikulin 3059ba6e10
Merge pull request #78 from signalapp/aarch64-cross-compilation 
Add minimal cross-compilation support for Windows and AArch64 Linux
 2022-09-27 16:14:52 +01:00
Joshua Nelson 34929928c4 bump version number for tokio-boring 
this is necessary so we can publish a version with the `fips` feature,
even though in practice the crate is exactly the same.
 2022-09-16 13:13:08 -05:00