Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: libboringssl1 | Distribution: openSUSE Tumbleweed |
Version: 0.20200921 | Vendor: openSUSE |
Release: 1.2 | Build date: Sun Oct 27 21:24:10 2024 |
Group: System/Libraries | Build host: reproducible |
Size: 1935603 | Source RPM: boringssl-0.20200921-1.2.src.rpm |
Packager: http://bugs.opensuse.org | |
Url: https://boringssl.googlesource.com/boringssl/ | |
Summary: An SSL/TLS protocol implementation |
BoringSSL is an implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, derived from OpenSSL.
OpenSSL
* Sun Oct 27 2024 Fridrich Strba <fstrba@suse.com> - Change version of the sources to 0.%%cd to avoid problems when upgrading if the versioning changes. - Added patch: * soname-sover.patch + Replace patchelf run with patch that makes cmake produce the shared libraries with the right SONAME and SOVER. - Remove unnecessary dependencies on go, patchelf, ninja and libunwind, since they are only needed for tests we are not running * Fri Feb 09 2024 Otto Hollmann <otto.hollmann@suse.com> - Replace python with python3 (bsc#1219308) * Wed May 04 2022 Andreas Schwab <schwab@suse.de> - 0001-Compile-for-RISC-V.patch: add support for RISC-V - enable build on riscv64 * Mon May 17 2021 mrostecki@suse.com - Update to version 20200921 (fixes bsc#1183836, bsc#1181866): * Add SSL_CIPHER_get_protocol_id. * Add TrustTokenV2. * Add X509_get_pathlen and X509_REVOKED_get0_extensions. * Add some accommodations for FreeRDP * Require non-NULL store in X509_STORE_CTX_init. * Const-correct X509V3_CONF_METHOD. * Avoid unions in X509_NAME logic. * Bump OPENSSL_VERSION_NUMBER to 1.1.1. * Document more of x509.h. * Fix potential leak in bssl::Array::Shrink. * Remove ASN1_STRING_length_set. * Revert "Check AlgorithmIdentifier parameters for RSA and ECDSA signatures." * Implement PSK variants of HPKE setup functions. * acvp: support working with files. * Document a few more functions in x509.h. * Add subject key ID and authority key ID accessors. * Remove sxnet and pkey_usage_period extensions. * Const-correct various X509 functions. * Make X509_set_not{Before,After} functions rather than macros. * Add X509_get0_uids from OpenSSL 1.1.0. * Bound RSA and DSA key sizes better. * Add set1 versions of X509 timestamp setters. * Consistently sort generated build files. * delocate: use 64-bit GOT offsets in the large memory model. * Update HPKE implementation and test vectors to draft-irtf-cfrg-hpke-05. * Handle NULL arguments in some i2d_* functions. * aarch64: support BTI and pointer authentication in assembly * Support delegated credentials verison 06 * delocation: large memory model support. * Enforce presence of ALPN when QUIC is in use. * Fix the naming of alert error codes. * Use golang.org/x/crypto in runner. * Disable ClientHello padding for QUIC. * Add X509_SIG_get0 and X509_SIG_getm. * Implement HPKE. * Disallow TLS 1.3 compatibility mode in QUIC. * Switch clang-format IncludeBlocks to Preserve. * Fix unterminated clang-format off. * Add line number to doc.go error messages. * Kick the bots. * Add a JSON output to generate_build_files.py. * Add details of 20190808 FIPS certification. * Link to ws2_32 more consistently. * Allow explicitly-encoded X.509v1 versions for now. * Opaquify PKCS8_PRIV_KEY_INFO. * Implement i2d_PUBKEY and friends without crypto/asn1. * Remove TRUST_TOKEN_experiment_v0. * Clarify in-place rules for low-level AES mode functions. * acvp: add CMAC-AES support. * acvp: add SP800-108 KDF support. * Remove x509->name. * Maybe build for AArch64 Windows. * sha1-x86_64: fix CFI. * Use |crypto_word_t| and |size_t| more consistently in ECC scalar recoding. * Enable shaext path for sha1. * Avoid relying on SSL_get_session's behavior during the handshake. * Add a -wait-for-debugger flag to runner. * Add missing OPENSSL_EXPORT to X509_get_X509_PUBKEY. * Const-correct various functions in crypto/asn1. * Remove uneeded switch statement. * Convert X.509 accessor macros to proper functions. * Remove X509_CINF_get_issuer and X509_CINF_get_extensions. * Remove X509_get_signature_type. * clang-format x509.h and run comment converter. * Check AlgorithmIdentifier parameters for RSA and ECDSA signatures. * Remove some unimplemented prototypes. * Check the X.509 version when parsing. * Fix x509v3_cache_extensions error-handling. * Work around Windows command-line limits in embed_test_data.go. * Move crypto/x509 test data into its own directory. * Test resumability of same, different, and default ticket keys. * Fixes warning when redefining PATH_MAX when building with MINGW. * Abstract fd operations better in tool. * Use CMAKE_SIZEOF_VOID_P instead of CMAKE_CL_64 * Enforce the keyUsage extension in TLS 1.2 client certs. * Reword some comments. * Add “Z Computation” KAT. * acvptool: handle negative sizeConstraint. * Let memory hooks override the size prefix. * acvptool: go fmt * Assert md_size > 0. * Remove -enable-ed25519 compat hack. * Add a |SSL_process_tls13_new_session_ticket|. * Use ctr32 optimizations for AES_ctr128_encrypt. * Test AES mode wrappers. * Bump minimum CMake version. * Modify how QUIC 0-RTT go/no-go decision is made. * Remove RAND_set_urandom_fd. * Document that getrandom support must be consistent. * Fix docs link for SSL_CTX_load_verify_locations * Fix TRUST_TOKEN experiment_v1 SRR map. * Add CRYPTO_pre_sandbox_init. * Still query getauxval if reading /proc/cpuinfo fails. * Add missing header to ec/wnaf.c * Fix OPENSSL_TSAN typo. * Fix p256-x86_64-table.h indentation. * Enable avx2 implementation of sha1. * Trim Z coordinates from the OPENSSL_SMALL P-256 tables. * Use public multi-scalar mults in Trust Tokens where applicable. * Use batched DLEQ proofs for Trust Token. * Restrict when 0-RTT will be accepted in QUIC. * Disable TLS 1.3 compatibility mode for QUIC. * Use a 5-bit comb for some Trust Tokens multiplications. * Use a (mostly) constant-time multi-scalar mult for Trust Tokens. * Batch inversions in Trust Tokens. * Rearrange the DLEQ logic slightly. * Use token hash to encode private metadata for Trust Token Experiment V1. * Introduce an EC_AFFINE abstraction. * Make the fuzzer PRNG thread-safe. * Disable fork-detect tests under TSAN. * Introduce TRUST_TOKENS_experiment_v1. * Route PMBToken calls through TRUST_TOKEN_METHOD. * Introduce a TRUST_TOKEN_METHOD hook to select TRUST_TOKEN variations. * fork_detect: be robust to qemu. * Move serialization of points inside pmbtoken.c. * Introduce PMBTOKENS key abstractions. * Fix the types used in token counts. * Remove unused code from ghash-x86_64.pl. * Switch the P-384 hash-to-curve to draft-07. * Add hash-to-curve code for P384. * Write down the expressions for all the NIST primes. * Move fork_detect files into rand/ * Harden against fork via MADV_WIPEONFORK. * Fix typo in comment. * Use faster addition chains for P-256 field inversion. * Tidy up third_party/fiat. * Prefix g_pre_comp in p256.c as well. * Add missing curve check to ec_hash_to_scalar_p521_xmd_sha512. * Add a tool to compare the output of bssl speed. * Benchmark ECDH slightly more accurately. * Align remaining Intel copyright notice. * Don't retain T in PMBTOKEN_PRETOKEN. * Check for trailing data in TRUST_TOKEN_CLIENT_finish_issuance. * Properly namespace everything in third_party/fiat/p256.c. * Update fiat-crypto. * Add missing ERR_LIB_TRUST_TOKEN constants. * Add bssl speed support for hashtocurve and trusttoken. * Implement DLEQ checks for Trust Token. * Fix error-handling in EVP_BytesToKey. * Fix Trust Token CBOR. * Match parameter names between header and source. * Trust Token Implementation. * Include mem.h for |CRYPTO_memcmp| * acvptool: add subprocess tests. * Add SHA-512-256. * Make ec_GFp_simple_cmp constant-time. * Tidy up CRYPTO_sysrand variants. * Do a better job testing EC_POINT_cmp. * Follow-up comments to hash_to_scalar. * Add a hash_to_scalar variation of P-521's hash_to_field. * Add SSL_SESSION_copy_without_early_data. * Double-check secret EC point multiplications. * Make ec_felem_equal constant-time. * Fix hash-to-curve comment. * Make ec_GFp_simple_is_on_curve constant-time. * Implement draft-irtf-cfrg-hash-to-curve-06. * Update list of tested SDE configurations. * Only draw from RDRAND for additional_data if it's fast. * Generalize bn_from_montgomery_small. * Remove BIGNUM from uncompressed coordinate parsing. * Add EC_RAW_POINT serialization function. * Base EC_FELEM conversions on bytes rather than BIGNUMs. * runner: Replace supportsVersions calls with allVersions. * Enable QUIC for some perMessageTest runner tests * Move BN_nnmod calls out of low-level group_set_curve. * Clean up various EC inversion functions. * Start to organize ec/internal.h a little. * Fix CFI for AVX2 ChaCha20-Poly1305. * Remove unused function prototype. * Enable more runner tests for QUIC * Require QUIC method with Transport Parameters and vice versa * acvptool: support non-interactive mode. * Add is_quic bit to SSL_SESSION * Update SDE. * Update tools. * Add simpler getters for DH and DSA. * Don't define default implementations for weak symbols. * Don't automatically run all tests for ABI testing. * Fix test build with recent Clang. * Remove LCM dependency from RSA_check_key. * Simplify bn_sub_part_words. * No-op commit to test Windows SDE bots. * ABI-test each AEAD. * Add memory tracking and sanitization hooks * Add X509_STORE_CTX_get0_chain. * Add DH_set_length. * Static assert that CRYPTO_MUTEX is sufficiently aligned. * [bazel] Format toplevel BUILD file with buildifier * Add |SSL_CTX_get0_chain|. * Configure QUIC secrets inside set_{read,write}_state. * Allow setting QUIC transport parameters after parsing the client's * Fix comment for |BORINGSSL_self_test|. * Trust Token Key Generation. * Revise QUIC encryption secret APIs. * Fix ec_point_mul_scalar_public's documentation. * Don't infinite loop when QUIC tests fail. * Tidy up transitions out of 0-RTT keys on the client. * Remove bn_sub_part_words assembly. * Keep the encryption state and encryption level in sync. * Add ECDSA_SIG_get0_r and ECDSA_SIG_get0_s. * Fix a couple of comment typos. * Const-correct various X509_NAME APIs. * Ignore old -enable-ed25519 flag. * Provide __NR_getrandom fillins in urandom test too. * Skip RSATest.DISABLED_BlindingCacheConcurrency in SDE. * Fix client handling of 0-RTT rejects with cipher mismatch. * runner: Tidy up 0-RTT support. * Add X509_getm_notBefore and X509_getm_notAfter. * Clean up TLS 1.3 handback logic. * Require handshake flights end at record boundaries. * Delete unreachable DTLS check. * Rename TLS-specific functions to tls_foo from ssl3_foo. * Rename ssl3_choose_cipher. * SSL_apply_handback: don't choke on trailing data. * ssl_test: test early data with split handshakes. * Check for overflow in massive mallocs. * Add more convenient RSA getters. * Remove SSL_CTX_set_ed25519_enabled. * Improve signature algorithm tests. * bazel: explicitly load C++ rules * Check enum values in handoff. * Restore fuzz/cert_corpus. * Add a -sigalgs option to bssl client. * Add SSL_set_verify_algorithm_prefs. * Switch verify sigalg pref functions to SSL_HANDSHAKE. * Add SSL_AD_NO_APPLICATION_PROTOCOL * Refresh corpora due to TLS 1.3 changes in handoff serialization. * handoff: set |enable_early_data| as part of handback. * Add 109 and 120 to SSL_alert_desc_string_long * runner: enable split handshake tests for TLS 1.3. * Make TLS 1.3 split handshakes work with early data. * Split half-RTT tickets out into a separate TLS 1.3 state. * Use BCryptGenRandom when building as Windows UWP app. * Thu May 28 2020 Jan Engelhardt <jengelh@inai.de> - Rectify groups. * Wed May 27 2020 Michał Rostecki <mrostecki@suse.com> - Remove patch for enabling shared linking - it was enabled upstream. * 0001-add-soversion-option.patch - Add boringssl-source subpackage. * Wed May 27 2020 mrostecki@suse.com - Update to version 20200122: * Define EVP compatibility constants for X448 and Ed448. * Allow shared libraries in the external CMake build. * Add a few little-endian functions to CBS/CBB. * Move iOS asm tricks up in external CMake build. * Try again to deal with expensive tests. * Restore ARM CPU variation tests on builders. * Remove SSL_CTX_set_rsa_pss_rsae_certs_enabled. * Work around another NULL/0 C language bug. * Use the MAYBE/DISABLED pattern in RSATest.BlindingCacheConcurrency. * Switch an #if-0-gated test to DISABLED_Foo. * Proxy: send whole SSL records through the handshaker. * Disable Wycheproof primality test cases on non-x86 (too slow) * test_state.cc: serialize the test clock. * Output after every Wycheproof primality test. * Maybe fix generated-CMake build on Android and iOS. * Detect the NDK path from CMAKE_TOOLCHAIN_FILE. * Tell Go to build for GOOS=android when running on Android. * Reland bitsliced aes_nohw implementation. * Add bssl client option to load a hashed directory of cacerts. * No-op change to run the new NO_SSE2 builders. * Clarify that we perform the point-on-curve check. * Reduce size of BlindingCacheConcurrency test under TSAN. * Compare vpaes/bsaes conversions against a reference implementation. * Enable the SSE2 Poly1305 implementation on clang-cl. * Remove alignment requirement on CRYPTO_poly1305_finish. * Fix double-free under load. * Add some XTS tests. * Add EncodeHex and DecodeHex functions to test_util.h. * Revert "Replace aes_nohw with a bitsliced implementation." * Replace aes_nohw with a bitsliced implementation. * Switch HRSS inversion algorithm. * Run EVP_CIPHER tests in-place. * Add an option to disable SSE2 intrinsics for testing. * Dummy change to trigger master-with-bazel builder. * Drop use of alignas(64) in aead_test.cc * Add standalone CMake build to generate_build_files.py * TLS 1.3 split handshake initial support. * Import Wycheproof primality tests. * Split BN_prime_checks into two constants for generation and validation. * Add some Miller-Rabin tests from Wycheproof. * Import Wycheproof PKCS#1 decrypt tests. * Import Wycheproof OAEP tests. * Import Wycheproof PKCS#1 signing tests. * Skip JWK keys when converting Wycheproof tests. * Import Wycheproof's size-specific RSA PKCS#1 verifying tests. * Handle "acceptable" Wycheproof inputs unambiguously. * Import Wycheproof XChaCha20-Poly1305 tests. * Import Wycheproof HMAC tests. * Import Wycheproof HKDF tests. * bytestring: add methods for int64. * Update Wycheproof test vectors. * Add mock QUIC transport to runner * Add test vectors for CVE-2019-1551 (not affected). * Fix check_bn_tests.go. * Fix MSan error in SSLTest.Handoff test. * SSLTest.Handoff: extend to include a session resumption. * inject_hash preserves filemode * Move TLS 1.3 state machine constants to internal.h. * Add a ppc64le ABI tester. * Allocate small TLS read buffers inline. * Remove unused labels from ARM ABI test assembly. * Update AAPCS and AAPCS64 links. * Fix EVP_has_aes_hardware on ppc64le. * Remove remnants of end_of_early_data alert from tests. * Add a test for ERR_error_string_n. * Remove post-quantum experiment signal extension. * Give ERR_error_string_n a return value for convenience. * Defer early keys to QUIC clients to after certificate reverification. * Defer releasing early secrets to QUIC servers. * Halve the size of the kNIDsIn* constants * modulewrapper: manage buffer with |unique_ptr|. * Add missing boringssl_prefix_symbols_asm.h include. * acvptool: add support for ECDSA * Inline gcm_init_4bit into gcm_init_ssse3. * Vectorize gcm_mul32_nohw and replace gcm_gmult_4bit_mmx. * Add a constant-time fallback GHASH implementation. * Conditionally define PTRACE_O_EXITKILL in urandom_test.cc * Fix build warning if _SCL_SECURE_NO_WARNINGS is defined globally * modulewrapper: use a raw string. * acvptool: add license headers. * Enable TLS 1.3 by default. * acvptool: Add support for DRBG * Discard user_canceled alerts in TLS 1.3. * Work around more C language bugs with empty spans. * No-op commit to test the new builder. * acvptool: Add support for HMAC * Add stub functions for RSA-PSS keygen parameters. * HelloRetryRequest getter * Add break-tests-android.sh script. * Add compatibility functions for sigalgs * Run AES-192-GCM in CAVP tests. * Rename a number of BUF_* functions to OPENSSL_*. * List bn_div fuzzer in documentation. * Reenable bn_div fuzzer. * Drop CECPQ2b code. * Add urandom_test to all_tests.json * Fix the standalone Android FIPS build. * Add sanity checks to FIPS module construction. * Correct relative path. * Add test for urandom.c * break-hash.go: Search ELF dynamic symbols if symbols not found. * Fix $OPENSSL_ia32cap handling. * Switch probable_prime to rejection sampling. * Rename the last remnants of the early_data_info extension. * Fix up BN_GENCB_call calls. * Do fewer trial divisions for larger RSA keygens. * Fix GRND_NONBLOCK flag when calling getrandom. * Simplify bn_miller_rabin_iteration slightly. * Add some notes on RSA key generation performance. * Break early on composites in the primality test. * Extract and test the deterministic part of Miller-Rabin. * Fix the FIPS + fuzzing build. * FIPS.md: document some recent Android changes. * Add a function to derive an EC key from some input secret. * Fix run_android_tests.go with shared library builds. * No-op change to test new builders. * Move no-exec-stack sections outside of #ifs. * Add |SSL_get_min_proto_version| and |SSL_get_max_proto_version| * Make FIPS build work for Android cross-compile. * Enable optional GRND_RANDOM flag to be passed to getrandom on Android. * Switch cert_compression_algs to GrowableArray. * Add GrowableArray<T> to ssl/internal.h. * Fixed quic_method lookup in TLS 1.3 server side handshake. * Add .note.GNU-stack at the source level. * -Wno-vla -> -Wvla * Add an option for explicit renegotiations. * tool: add -json flag to |speed| * Set -Wno-vla. * Use a pointer to module_hash in boringssl_fips_self_test() args. * Use a smaller hex digest in FIPS flag files when SHA-256 used. * Switch to using SHA-256 for FIPS integrity check on Android. * Use getentropy on macOS 10.12 and later. * Move #include of "internal.h", which defines |OPENSSL_URANDOM|. * Style nit. * Assert that BN_CTX_end is actually called. * Test some known large primes. * Test some Euler pseudoprimes. * Be consistent about Miller-Rabin vs Rabin-Miller. * fix build with armv6 Error: .size expression for _vpaes_decrypt_consts does not evaluate to a constant * Mark ssl_early_data_reason_t values stable. * Make the dispatch tests opt-in. * Bound the number of API calls in ssl_ctx_api.cc. * Only attempt to mprotect FIPS module for AArch64. * Opportunistically read entropy from the OS in FIPS mode. * Update INSTANTIATE_TEST_SUITE_P calls missing first argument. * Ignore build32 and build64 subdirectories. * Add page protection logic to BCM self test. * Disable unwind tests in FIPS mode. * Disable RDRAND on AMD family 0x17, models 0x70–0x7f. * Don't allow SGC EKUs for server certificates. * Add |SSL_CIPHER_get_value| to get the IANA number of a cipher suite. * Add XOF compilation compatibility flags * Replace BIO_printf with ASN1_STRING_print in GENERAL_NAME_print * Trigger a build on the ARM mode builder. * Fix vpaes-armv7.pl in ARM mode. * Add AES-192-GCM support to EVP_AEAD. * Add AES-256 CFB to libdecrepit. * Parse explicit EC curves more strictly. * Use the Go 1.13 standard library ed25519. * Update build tools. * Use ScopedEVP_AEAD_CTX in ImplDispatchTest.AEAD_AES_GCM. * Use a mix of bsaes and vpaes for CTR on NEON. * Use vpaes + conversion to setup CBC decrypt on NEON. * Add NEON vpaes-to-bsaes key converters. * Add vpaes-armv7.pl and replace non-parallel modes. * Correct comments for x86_64 _vpaes_encrypt_core_2x. * Add benchmarks for AES block operations. * Only write self test flag files if an environment variable is set. * Const-correct EC_KEY_set_public_key_affine_coordinates. * Revert "Fix VS build when assembler is enabled" * Support compilation via emscripten * Fix cross-compile of Android on Windows. * Move the config->async check into RetryAsync. * Clear *out in ReadHandshakeData's empty case. * Add initial support for 0-RTT with QUIC. * Have some more fun with spans. * Add OPENSSL_FALLTHROUGH to a few files. * Limit __attribute__ ((fallthrough)) to Clang >= 5. * Make |EVP_CIPHER_CTX_reset| return one. * Add Fallthru support for clang 10. * Add self-test suppression flag file for Android FIPS builds. * Align 0-RTT and resumption state machines slightly * Require getrandom in Android FIPS builds. * acvp: allow passing custom subprocess I/O. * Add a function to convert SSL_ERROR_* values to strings. * Fold SSL_want constants into SSL_get_error constants. * Use spans for the various TLS 1.3 secrets. * Switch another low-level function to spans. * Switch tls13_enc.cc to spans. * Check the second ClientHello's PSK binder on resumption. * Introduce libcrypto_bcm_sources for Android. * Remove stale TODO. * Add an android-cmake option to generate_build_files.py * Add a QUIC test for HelloRetryRequest. * Add missing ".text" to Windows code for dummy_chacha20_poly1305_asm * Update TODO to note that Clang git doesn't have the POWER bug. * Fix paths in break-tests.sh. * Fix POWER build with OPENSSL_NO_ASM. * Workaround Clang bug on POWER. * Add assembly support for -fsanitize=hwaddress tagged globals. * Fix typo in valgrind constant-time annotations. * acvp: add support for AES-ECB and AES-CBC. * Fix misspelled TODO. * Move CCM fragments out of the FIPS module. * Add EVP_PKEY_base_id. * Add some project links to README.md. * Make alert_dispatch into a bool. * Trim some more per-connection memory. * Remove SSL_export_early_keying_material. * Add EVP_PKEY support for X25519. * Make EVP_PKEY_bits return 253 for Ed25519. * Make SSL_get_servername work in the early callback. * Tue Mar 10 2020 Guillaume GARDET <guillaume.gardet@opensuse.org> - Fix arm build: * 0005-fix-alignment-for-arm.patch * Wed Dec 04 2019 Klaus Kämpf <kkaempf@suse.com> - fix s390x and ppc64le build * 0003-enable-s390x-builds.patch * 0004-fix-alignment-for-ppc64le.patch - rename add-soversion-option.patch to 0001-add-soversion-option.patch - rename 0001-crypto-Fix-aead_test-build-on-aarch64.patch to 0002-crypto-Fix-aead_test-build-on-aarch64.patch * Thu Oct 17 2019 Richard Brown <rbrown@suse.com> - Remove obsolete Groups tag (fate#326485)
/usr/lib/libboringssl_crypto.so.1 /usr/lib/libboringssl_ssl.so.1 /usr/share/doc/packages/libboringssl1 /usr/share/doc/packages/libboringssl1/README.md /usr/share/licenses/libboringssl1 /usr/share/licenses/libboringssl1/LICENSE
Generated by rpm2html 1.8.1
Fabrice Bellet, Sun Jan 12 02:11:34 2025