)]}'
{
  "commit": "e57ab142c0cabf30b6d4e85b8038003cc179716b",
  "tree": "cbccf40f6f618455bfef822f3ba150cb278fca97",
  "parents": [
    "021ec339112553e3211cdeea98d29fd659d455ef"
  ],
  "author": {
    "name": "David Benjamin",
    "email": "davidben@google.com",
    "time": "Sun Mar 17 15:40:03 2024 +1000"
  },
  "committer": {
    "name": "Boringssl LUCI CQ",
    "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com",
    "time": "Thu Mar 21 03:34:31 2024 +0000"
  },
  "message": "Add some barebones support for DH in EVP\n\nOpenSSH needs this. Features that have been intentionally omitted for\nnow:\n\n- X9.42-style Diffie-Hellman (\"DHX\"). We continue not to support this.\n  Use ECDH or X25519 instead.\n\n- SPKI and PKCS#8 serialization. Use ECDH or X25519 instead. The format\n  is a bit ill-defined. Moreover, until we solve the serialization\n  aspects of https://crbug.com/boringssl/497, adding them would put this\n  legacy algorithm on path for every caller.\n\n- Most of the random options like stapling a KDF, etc. Though I did add\n  EVP_PKEY_CTX_set_dh_pad because it\u0027s the only way to undo OpenSSL\u0027s\n  bug where they chop off leading zeros by default.\n\n- Parameter generation. Diffie-Hellman parameters should not be\n  generated at runtime.\n\nThis means you need to bootstrap with a DH object and then wrap it in an\nEVP_PKEY. This matches the limitations of the EVP API in OpenSSL 1.1.x.\nUnfortunately the OpenSSL 3.x APIs are unsuitable for many, many\nreasons, so I expect when we get further along in\nhttps://crbug.com/boringssl/535, we\u0027ll have established some patterns\nhere that we can apply to EVP_PKEY_DH too.\n\nChange-Id: I34b4e8799afb266ea5602a70115cc2146f19c6a7\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67207\nReviewed-by: Theo Buehler \u003ctheorbuehler@gmail.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "26c3507f495836f2107fa305da54384fe7b554b9",
      "old_mode": 33188,
      "old_path": "crypto/CMakeLists.txt",
      "new_id": "e064938951b3b68cb4278b9240da38880c34808a",
      "new_mode": 33188,
      "new_path": "crypto/CMakeLists.txt"
    },
    {
      "type": "modify",
      "old_id": "a581b1b30bdb9659d4331df09085862584bf36b1",
      "old_mode": 33188,
      "old_path": "crypto/err/evp.errordata",
      "new_id": "f65b7b0a8842f9e3e115b610d5326b68d66a93c8",
      "new_mode": 33188,
      "new_path": "crypto/err/evp.errordata"
    },
    {
      "type": "modify",
      "old_id": "3eefb526c47aafc9496751d5c383dc25071d1ba5",
      "old_mode": 33188,
      "old_path": "crypto/evp/evp.c",
      "new_id": "d81abe99936403ba41fa91efd960693d04bdc865",
      "new_mode": 33188,
      "new_path": "crypto/evp/evp.c"
    },
    {
      "type": "modify",
      "old_id": "8f341e9b41bfd47022a62bc6b09762fd64617625",
      "old_mode": 33188,
      "old_path": "crypto/evp/evp_asn1.c",
      "new_id": "11a0b8927fd37bea7bf59ab842eaaeff28ba02e3",
      "new_mode": 33188,
      "new_path": "crypto/evp/evp_asn1.c"
    },
    {
      "type": "modify",
      "old_id": "0b57dc96d02d1921f3dfa34c3a747e32727df971",
      "old_mode": 33188,
      "old_path": "crypto/evp/evp_extra_test.cc",
      "new_id": "2a771655767177b3447a668027d1c94945747d35",
      "new_mode": 33188,
      "new_path": "crypto/evp/evp_extra_test.cc"
    },
    {
      "type": "modify",
      "old_id": "fafd50bb530729371cff749b94ba59357153180a",
      "old_mode": 33188,
      "old_path": "crypto/evp/evp_test.cc",
      "new_id": "9189d259739cc66f71a823a91a839305e03fc4da",
      "new_mode": 33188,
      "new_path": "crypto/evp/evp_test.cc"
    },
    {
      "type": "modify",
      "old_id": "b9c8f9e0b884677a3ed26348bb0dd96364f5585b",
      "old_mode": 33188,
      "old_path": "crypto/evp/evp_tests.txt",
      "new_id": "e8e9f27a8934c2af3aeb73d9562e94f46495d1c8",
      "new_mode": 33188,
      "new_path": "crypto/evp/evp_tests.txt"
    },
    {
      "type": "modify",
      "old_id": "cf287c8df0ab409544967d033d049a5a455c621e",
      "old_mode": 33188,
      "old_path": "crypto/evp/internal.h",
      "new_id": "1d4742737647090bc1cded1bbe6f7907798e66a6",
      "new_mode": 33188,
      "new_path": "crypto/evp/internal.h"
    },
    {
      "type": "add",
      "old_id": "0000000000000000000000000000000000000000",
      "old_mode": 0,
      "old_path": "/dev/null",
      "new_id": "9953f82a044b32f6b5962887fdb0c601460188ca",
      "new_mode": 33188,
      "new_path": "crypto/evp/p_dh.c"
    },
    {
      "type": "add",
      "old_id": "0000000000000000000000000000000000000000",
      "old_mode": 0,
      "old_path": "/dev/null",
      "new_id": "b1038d1e8a2693647d601253314a5b27b7c851d4",
      "new_mode": 33188,
      "new_path": "crypto/evp/p_dh_asn1.c"
    },
    {
      "type": "modify",
      "old_id": "93b2eb38dd2fb7bfd7ac79b98a860aff8b78ec03",
      "old_mode": 33188,
      "old_path": "include/openssl/evp.h",
      "new_id": "43180f2607a78112a568cce8fc2360c41b6a074c",
      "new_mode": 33188,
      "new_path": "include/openssl/evp.h"
    },
    {
      "type": "modify",
      "old_id": "8583f521c57d0b8bc562c9b79127f70dedd83227",
      "old_mode": 33188,
      "old_path": "include/openssl/evp_errors.h",
      "new_id": "163f17e2ba91741479221ea6f624cae595825a64",
      "new_mode": 33188,
      "new_path": "include/openssl/evp_errors.h"
    }
  ]
}