Roll src/third_party/boringssl/src/ to 209b2562235f7dab66b8260624e7b3c5b00d14a6.

net/android/keystore_openssl.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/android/keystore_openssl.h"
 
 #include <jni.h>
 #include <openssl/bn.h>
 #include <openssl/ec.h>
 #include <openssl/engine.h>
@@ skipping 158 matching lines @@
 }
 
 int RsaMethodEncrypt(RSA* rsa,
                      size_t* out_len,
                      uint8_t* out,
                      size_t max_out,
                      const uint8_t* in,
                      size_t in_len,
                      int padding) {
   NOTIMPLEMENTED();
-  OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_UNKNOWN_ALGORITHM_TYPE);
+  OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_ALGORITHM_TYPE);

[davidben, 2015/07/21 18:27:56]

This will be going away once the Chrome/Android code uses the async signing
stuff (Android and everything else go through slightly different codepaths right
now. I'm probably going to have my new minion finish this cleanup as his first
task.), but it occurs to me you'll probably have to do something similar in
Conscrypt. That should have occurred to me. Oops.

[agl, 2015/07/21 19:25:58]

You mean that the code to bridge BoringSSL to Java-backed certs (in Conscrypt)
and keystore-backed certs (in keystore) will have to change? The ENGINE-based
code will still work, won't it? I don't have any problem changing Conscrypt, but
things like wpa_supplicant expect an ENGINE at the moment and changing that code
is more of a pain.

[davidben, 2015/07/21 19:43:25]

Just the Conscrypt stuff. You'll need to make the analogous change to
OPENSSL_PUT_ERROR lines when pulling the new BoringSSL in. wpa_supplicant
doesn't have any of those.

   return 0;
 }
 
 int RsaMethodSignRaw(RSA* rsa,
                      size_t* out_len,
                      uint8_t* out,
                      size_t max_out,
                      const uint8_t* in,
                      size_t in_len,
                      int padding) {
   DCHECK_EQ(RSA_PKCS1_PADDING, padding);
   if (padding != RSA_PKCS1_PADDING) {
     // TODO(davidben): If we need to, we can implement RSA_NO_PADDING
     // by using javax.crypto.Cipher and picking either the
     // "RSA/ECB/NoPadding" or "RSA/ECB/PKCS1Padding" transformation as
     // appropriate. I believe support for both of these was added in
     // the same Android version as the "NONEwithRSA"
     // java.security.Signature algorithm, so the same version checks
     // for GetRsaLegacyKey should work.
-    OPENSSL_PUT_ERROR(RSA, sign_raw, RSA_R_UNKNOWN_PADDING_TYPE);
+    OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_PADDING_TYPE);
     return 0;
   }
 
   // Retrieve private key JNI reference.
   const KeyExData *ex_data = RsaGetExData(rsa);
   if (!ex_data || !ex_data->private_key) {
     LOG(WARNING) << "Null JNI reference passed to RsaMethodSignRaw!";
-    OPENSSL_PUT_ERROR(RSA, sign_raw, ERR_R_INTERNAL_ERROR);
+    OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
     return 0;
   }
 
   // Pre-4.2 legacy codepath.
   if (ex_data->legacy_rsa) {
     int ret = ex_data->legacy_rsa->meth->rsa_priv_enc(
         in_len, in, out, ex_data->legacy_rsa, ANDROID_RSA_PKCS1_PADDING);
     if (ret < 0) {
       LOG(WARNING) << "Could not sign message in RsaMethodSignRaw!";
       // System OpenSSL will use a separate error queue, so it is still
       // necessary to push a new error.
       //
       // TODO(davidben): It would be good to also clear the system error queue
       // if there were some way to convince Java to do it. (Without going
       // through Java, it's difficult to get a handle on a system OpenSSL
       // function; dlopen loads a second copy.)
-      OPENSSL_PUT_ERROR(RSA, sign_raw, ERR_R_INTERNAL_ERROR);
+      OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
       return 0;
     }
     *out_len = ret;
     return 1;
   }
 
   base::StringPiece from_piece(reinterpret_cast<const char*>(in), in_len);
   std::vector<uint8_t> result;
   // For RSA keys, this function behaves as RSA_private_encrypt with
   // PKCS#1 padding.
   if (!RawSignDigestWithPrivateKey(ex_data->private_key, from_piece, &result)) {
     LOG(WARNING) << "Could not sign message in RsaMethodSignRaw!";
-    OPENSSL_PUT_ERROR(RSA, sign_raw, ERR_R_INTERNAL_ERROR);
+    OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
     return 0;
   }
 
   size_t expected_size = static_cast<size_t>(RSA_size(rsa));
   if (result.size() > expected_size) {
     LOG(ERROR) << "RSA Signature size mismatch, actual: "
                <<  result.size() << ", expected <= " << expected_size;
-    OPENSSL_PUT_ERROR(RSA, sign_raw, ERR_R_INTERNAL_ERROR);
+    OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
     return 0;
   }
 
   if (max_out < expected_size) {
-    OPENSSL_PUT_ERROR(RSA, sign_raw, RSA_R_DATA_TOO_LARGE);
+    OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE);
     return 0;
   }
 
   // Copy result to OpenSSL-provided buffer. RawSignDigestWithPrivateKey
   // should pad with leading 0s, but if it doesn't, pad the result.
   size_t zero_pad = expected_size - result.size();
   memset(out, 0, zero_pad);
   memcpy(out + zero_pad, &result[0], result.size());
   *out_len = expected_size;
 
   return 1;
 }
 
 int RsaMethodDecrypt(RSA* rsa,
                      size_t* out_len,
                      uint8_t* out,
                      size_t max_out,
                      const uint8_t* in,
                      size_t in_len,
                      int padding) {
   NOTIMPLEMENTED();
-  OPENSSL_PUT_ERROR(RSA, decrypt, RSA_R_UNKNOWN_ALGORITHM_TYPE);
+  OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_ALGORITHM_TYPE);
   return 0;
 }
 
 int RsaMethodVerifyRaw(RSA* rsa,
                        size_t* out_len,
                        uint8_t* out,
                        size_t max_out,
                        const uint8_t* in,
                        size_t in_len,
                        int padding) {
   NOTIMPLEMENTED();
-  OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_UNKNOWN_ALGORITHM_TYPE);
+  OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_ALGORITHM_TYPE);
   return 0;
 }
 
 const RSA_METHOD android_rsa_method = {
     {
      0 /* references */,
      1 /* is_static */
     } /* common */,
     nullptr /* app_data */,
 
@@ skipping 183 matching lines @@
   *sig_len = signature.size();
   return 1;
 }
 
 int EcdsaMethodVerify(const uint8_t* digest,
                       size_t digest_len,
                       const uint8_t* sig,
                       size_t sig_len,
                       EC_KEY* ec_key) {
   NOTIMPLEMENTED();
-  OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ECDSA_R_NOT_IMPLEMENTED);
+  OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_NOT_IMPLEMENTED);
   return 0;
 }
 
 // Setup an EVP_PKEY to wrap an existing platform PrivateKey object.
 // |private_key| is the JNI reference (local or global) to the object.
 // Returns a new EVP_PKEY on success, NULL otherwise.
 // On success, this creates a global JNI reference to the object that
 // is owned by and destroyed with the EVP_PKEY. I.e. the caller shall
 // always free |private_key| after the call.
 crypto::ScopedEVP_PKEY GetEcdsaPkeyWrapper(jobject private_key) {
@@ skipping 57 matching lines @@
       return GetEcdsaPkeyWrapper(private_key);
     default:
       LOG(WARNING)
           << "GetOpenSSLPrivateKeyWrapper() called with invalid key type";
       return nullptr;
   }
 }
 
 }  // namespace android
 }  // namespace net