commit | 7a22a65098b6c067fc8f30e0454030d930f67167 | [log] [tgz] |
---|---|---|
author | Adam Langley <alangley@gmail.com> | Tue Apr 07 10:53:24 2020 -0700 |
committer | CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> | Wed Apr 08 18:29:21 2020 +0000 |
tree | c501a4c50267b687dafdf4fdc2dfbf7b597fd66a | |
parent | ea53011c6e8e68bd1c1d2883cc11cbf2d004835f [diff] |
Only draw from RDRAND for additional_data if it's fast. We seek to incorporate entropy into every |RAND_bytes| call to avoid problems with fork() and VM cloning. However, on some chips, RDRAND is significantly slower than a system call thus crushing the performance of |RAND_bytes|. This change disables use of RDRAND for this opportunistic draw for non-Intel chips. BoringSSL will then fall back to either the OS, or nothing (if fork-unsafe mode has been set). RDRAND is still used for seeding the PRNG whenever it is available. This now adds a new blocking case: RDRAND may be used for seeding, but the syscall to get additional_data was still blocking. Previously that didn't matter because, if a syscall was used to get additional_data, then a blocking one had already been used to seed. Thus the syscall for additional_data is now non-blocking. Also, we had both |hwrand| and |rdrand| names hanging around. We don't support entropy instructions other than RDRAND, so unify around |rdrand| naming. If we ever do add support for more we can properly abstract at that time. Change-Id: I91121b270a2ebc667543dad1324f37285daad893 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/40565 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com>
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.
Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.
Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.
BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.
Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.
Project links:
There are other files in this directory which might be helpful: