Merge pull request tlspuffin#290 from tlspuffin/boringssl

Support for boringssl
michaelmera · Mar 29, 2024 · 310bb2f · 310bb2f
2 parents 482ebfe + 0d590fb
commit 310bb2f
Show file tree

Hide file tree

Showing 95 changed files with 24,400 additions and 48 deletions.
diff --git a/.github/workflows/on_main_push.yml b/.github/workflows/on_main_push.yml
@@ -42,6 +42,8 @@ jobs:
           - wolfssl540-heap
           - wolfssl540_asan-perf
           - wolfssl540-perf
+          - boringssl202403
+          - boringssl202403_asan
           - libssh
           - tlspuffin_no_default_features
           - sshpuffin_no_default_features
@@ -115,6 +117,12 @@ jobs:
           - name: wolfssl540-perf
             crate: tlspuffin
             features: wolfssl540,fix-CVE-2022-39173,fix-CVE-2022-42905
+          - name: boringssl202403
+            crate: tlspuffin
+            features: boringssl202403
+          - name: boringssl202403_asan
+            crate: tlspuffin
+            features: boringssl202403,asan
           - name: libssh
             crate: sshpuffin
             features: ""

diff --git a/.github/workflows/on_pull_request.yml b/.github/workflows/on_pull_request.yml
@@ -30,6 +30,8 @@ jobs:
           - wolfssl530
           - wolfssl530_asan
           - wolfssl540
+          - boringssl202403
+          - boringssl202403_asan
           - libssh
         include:
           - name: openssl111
@@ -61,6 +63,12 @@ jobs:
           - name: wolfssl530_asan
             crate: tlspuffin
             features: wolfssl530,asan
+          - name: boringssl202403
+            crate: tlspuffin
+            features: boringssl202403
+          - name: boringssl202403_asan
+            crate: tlspuffin
+            features: boringssl202403,asan
           - name: wolfssl540
             crate: tlspuffin
             features: wolfssl540

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -16,13 +16,16 @@ exclude = [
     "crates/wolfssl-sys",
     "crates/wolfssl-src",
     "crates/libssh-sys",
+    "crates/boringssl-src",
+    "crates/boringssl-sys",
+    "crates/boring"
 ]
 
 
 [workspace.package]
 version = "0.1.0"
 edition = "2021"
-authors = ["Maximilian Ammann <[email protected]>", "Lucca Hirschi <[email protected]>", "Michael Mera <[email protected]>"]
+authors = ["Maximilian Ammann <[email protected]>", "Lucca Hirschi <[email protected]>", "Michael Mera <[email protected]>", "Tom Gouville <[email protected]>"]
 repository = "https://github.com/tlspuffin/tlspuffin"
 homepage = "https://github.com/tlspuffin/tlspuffin"
 license = "MIT OR Apache-2.0"
@@ -48,3 +51,7 @@ debug = true
 
 [profile.dev]
 panic = "abort"
+# Without LTO, the fuzzer hangs in debug releases with BoringSSL
+# and ASAN. If you want to do a debug build with BoringSSL and ASAN
+# you need to activate LTO.
+# lto = true
diff --git a/README.md b/README.md
@@ -87,6 +87,8 @@ coverage, expressiveness of executable protocol traces and stable and extensible
   * OpenSSL 1.0.1f, 1.0.2u, 1.1.1k
   * LibreSSL 3.3.3
   * wolfSSL 5.1.0 - 5.4.0
+  * BoringSSL (last commit tested 368d0d87d0bd00f8227f74ce18e8e4384eaf6afa)
+    - Disclaimer : there is a bug will building in debug mode with asan (set `lto=true` in `Cargo.toml` to circumvent)
 * Reproducible for each LUT. We use sources from forks this are in the [tlspuffin organisation](https://github.com/tlspuffin)
 * 70% Test Coverage
 * Writtin in Rust!
@@ -105,6 +107,10 @@ WolfSSL:
 * autoconf
 * libtool
 
+BoringSSL:
+* go
+* cmake
+
 For the python `tlspuffin-analyzer`:
 * libyajl-dev
 * `wheel` from Python pip