Update BoringSSL to 25773430c07075a368416c3646fa4b07daf4968a (#91)

Package.swift

@@ -20,7 +20,7 @@
 // Sources/CCryptoBoringSSL directory. The source repository is at
 // https://boringssl.googlesource.com/boringssl.
 //
-// BoringSSL Commit: 2e68a05c9943a8dec1758d4a393b2ae906fd3295
+// BoringSSL Commit: 25773430c07075a368416c3646fa4b07daf4968a
 
 import PackageDescription
 

Sources/CCryptoBoringSSL/crypto/asn1/a_mbstr.c

@@ -66,8 +66,6 @@
 #include "internal.h"
 #include "../bytestring/internal.h"
 
-static int is_printable(uint32_t value);
-
 /*
  * These functions take a string in UTF8, ASCII or multibyte form and a mask
  * of permissible ASN1 string types. It then works out the minimal type
@@ -153,7 +151,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
         }
 
         /* Update which output formats are still possible. */
-        if ((mask & B_ASN1_PRINTABLESTRING) && !is_printable(c)) {
+        if ((mask & B_ASN1_PRINTABLESTRING) && !asn1_is_printable(c)) {
             mask &= ~B_ASN1_PRINTABLESTRING;
         }
         if ((mask & B_ASN1_IA5STRING) && (c > 127)) {
@@ -285,24 +283,16 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
     return -1;
 }
 
-/* Return 1 if the character is permitted in a PrintableString */
-static int is_printable(uint32_t value)
+int asn1_is_printable(uint32_t value)
 {
-    int ch;
-    if (value > 0x7f)
+    if (value > 0x7f) {
         return 0;
-    ch = (int)value;
-    /*
-     * Note: we can't use 'isalnum' because certain accented characters may
-     * count as alphanumeric in some environments.
-     */
-    if ((ch >= 'a') && (ch <= 'z'))
-        return 1;
-    if ((ch >= 'A') && (ch <= 'Z'))
-        return 1;
-    if ((ch >= '0') && (ch <= '9'))
-        return 1;
-    if ((ch == ' ') || strchr("'()+,-./:=?", ch))
-        return 1;
-    return 0;
+    }
+    /* Note we cannot use |isalnum| because it is locale-dependent. */
+    return ('a' <= value && value <= 'z') ||  //
+           ('A' <= value && value <= 'Z') ||  //
+           ('0' <= value && value <= '9') ||  //
+           value == ' ' || value == '\'' || value == '(' || value == ')' ||
+           value == '+' || value == ',' || value == '-' || value == '.' ||
+           value == '/' || value == ':' || value == '=' || value == '?';
 }

Sources/CCryptoBoringSSL/crypto/asn1/a_print.c

@@ -56,38 +56,28 @@
 
 #include <CCryptoBoringSSL_asn1.h>
 
-#include <CCryptoBoringSSL_err.h>
-#include <CCryptoBoringSSL_mem.h>
+#include <string.h>
+
+#include "internal.h"
+
 
 int ASN1_PRINTABLE_type(const unsigned char *s, int len)
 {
-    int c;
-    int ia5 = 0;
-    int t61 = 0;
-
-    if (len <= 0)
-        len = -1;
-    if (s == NULL)
-        return (V_ASN1_PRINTABLESTRING);
+    if (len < 0) {
+        len = strlen((const char *)s);
+    }
 
-    while ((*s) && (len-- != 0)) {
-        c = *(s++);
-        if (!(((c >= 'a') && (c <= 'z')) ||
-              ((c >= 'A') && (c <= 'Z')) ||
-              (c == ' ') ||
-              ((c >= '0') && (c <= '9')) ||
-              (c == ' ') || (c == '\'') ||
-              (c == '(') || (c == ')') ||
-              (c == '+') || (c == ',') ||
-              (c == '-') || (c == '.') ||
-              (c == '/') || (c == ':') || (c == '=') || (c == '?')))
-            ia5 = 1;
-        if (c & 0x80)
-            t61 = 1;
+    int printable = 1;
+    for (int i = 0; i < len; i++) {
+        unsigned char c = s[i];
+        if (c & 0x80) {
+            /* No need to continue iterating. */
+            return V_ASN1_T61STRING;
+        }
+        if (!asn1_is_printable(c)) {
+            printable = 0;
+        }
     }
-    if (t61)
-        return (V_ASN1_T61STRING);
-    if (ia5)
-        return (V_ASN1_IA5STRING);
-    return (V_ASN1_PRINTABLESTRING);
+
+    return printable ? V_ASN1_PRINTABLESTRING : V_ASN1_IA5STRING;
 }

Sources/CCryptoBoringSSL/crypto/asn1/a_strex.c

@@ -279,7 +279,7 @@ static int do_hex_dump(BIO *out, unsigned char *buf, int buflen)
 /*
  * "dump" a string. This is done when the type is unknown, or the flags
  * request it. We can either dump the content octets or the entire DER
- * encoding. This uses the RFC2253 #01234 format.
+ * encoding. This uses the RFC 2253 #01234 format.
  */
 
 static int do_dump(unsigned long lflags, BIO *out, const ASN1_STRING *str)

Sources/CCryptoBoringSSL/crypto/asn1/a_strnid.c

@@ -118,7 +118,7 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
  * Now the tables and helper functions for the string table:
  */
 
-/* size limits: this stuff is taken straight from RFC3280 */
+/* size limits: this stuff is taken straight from RFC 3280 */
 
 #define ub_name                         32768
 #define ub_common_name                  64

Sources/CCryptoBoringSSL/crypto/asn1/internal.h

@@ -150,6 +150,10 @@ int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen,
  * a pointer. */
 const void *asn1_type_value_as_pointer(const ASN1_TYPE *a);
 
+/* asn1_is_printable returns one if |value| is a valid Unicode codepoint for an
+ * ASN.1 PrintableString, and zero otherwise. */
+int asn1_is_printable(uint32_t value);
+
 
 #if defined(__cplusplus)
 }  /* extern C */

Sources/CCryptoBoringSSL/crypto/bytestring/cbb.c

@@ -404,6 +404,15 @@ int CBB_add_bytes(CBB *cbb, const uint8_t *data, size_t len) {
   return 1;
 }
 
+int CBB_add_zeros(CBB *cbb, size_t len) {
+  uint8_t *out;
+  if (!CBB_add_space(cbb, &out, len)) {
+    return 0;
+  }
+  OPENSSL_memset(out, 0, len);
+  return 1;
+}
+
 int CBB_add_space(CBB *cbb, uint8_t **out_data, size_t len) {
   if (!CBB_flush(cbb) ||
       !cbb_buffer_add(cbb->base, out_data, len)) {

Sources/CCryptoBoringSSL/crypto/bytestring/cbs.c

@@ -216,6 +216,14 @@ int CBS_get_u24_length_prefixed(CBS *cbs, CBS *out) {
   return cbs_get_length_prefixed(cbs, out, 3);
 }
 
+int CBS_get_until_first(CBS *cbs, CBS *out, uint8_t c) {
+  const uint8_t *split = OPENSSL_memchr(CBS_data(cbs), c, CBS_len(cbs));
+  if (split == NULL) {
+    return 0;
+  }
+  return CBS_get_bytes(cbs, out, split - CBS_data(cbs));
+}
+
 // parse_base128_integer reads a big-endian base-128 integer from |cbs| and sets
 // |*out| to the result. This is the encoding used in DER for both high tag
 // number form and OID components.

Sources/CCryptoBoringSSL/crypto/digest_extra/digest_extra.c

@@ -83,6 +83,7 @@ static const struct nid_to_digest nid_to_digest_mapping[] = {
     {NID_sha256, EVP_sha256, SN_sha256, LN_sha256},
     {NID_sha384, EVP_sha384, SN_sha384, LN_sha384},
     {NID_sha512, EVP_sha512, SN_sha512, LN_sha512},
+    {NID_sha512_256, EVP_sha512_256, SN_sha512_256, LN_sha512_256},
     {NID_md5_sha1, EVP_md5_sha1, SN_md5_sha1, LN_md5_sha1},
     // As a remnant of signing |EVP_MD|s, OpenSSL returned the corresponding
     // hash function when given a signature OID. To avoid unintended lax parsing