Skip to content

Commit

Permalink
Revert "Use CRYPTO_BUFFER APIs instead of X509 when building with Bor…
Browse files Browse the repository at this point in the history 
…ingSSL."

This reverts commit 72f638a.

Reason for revert: downstream build failures

Original change's description:
> Use CRYPTO_BUFFER APIs instead of X509 when building with BoringSSL.
>
> Using CRYPTO_BUFFERs instead of legacy X509 objects offers memory and
> security gains, and will provide binary size improvements as well once
> the default list of built-in certificates can be removed; the code
> dealing with them still depends on the X509 API.
>
> Implemented by splitting openssl_identity and openssl_certificate
> into BoringSSL and vanilla OpenSSL implementations.
>
> Bug: webrtc:11410
> Change-Id: Idc043462faac5e4ab1b75bedab2057197f80aba6
> Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/174120
> Reviewed-by: Mirko Bonadei <[email protected]>
> Reviewed-by: David Benjamin <[email protected]>
> Reviewed-by: Harald Alvestrand <[email protected]>
> Commit-Queue: Taylor <[email protected]>
> Cr-Commit-Position: refs/heads/master@{#32811}

[email protected],[email protected],[email protected],[email protected]

Change-Id: Ib5e55cb5798a2f3d25a4460f5311d2e650d3fa82
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: webrtc:11410
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/196742
Reviewed-by: Sam Zackrisson <[email protected]>
Commit-Queue: Sam Zackrisson <[email protected]>
Cr-Commit-Position: refs/heads/master@{#32812}
  • Loading branch information
Sam Zackrisson authored and Commit Bot committed Dec 10, 2020
1 parent 72f638a commit 7e6290d
Show file tree
Hide file tree
Showing 24 changed files with 278 additions and 1,619 deletions.
2 changes: 1 addition & 1 deletion pc/test/fake_rtc_certificate_generator.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ static const rtc::RTCCertificatePEM kRsaPems[] = {

// ECDSA with EC_NIST_P256.
// These PEM strings were created by generating an identity with
// |SSLIdentity::Create| and invoking |identity->PrivateKeyToPEMString()|,
// |SSLIdentity::Generate| and invoking |identity->PrivateKeyToPEMString()|,
// |identity->PublicKeyToPEMString()| and
// |identity->certificate().ToPEMString()|.
static const rtc::RTCCertificatePEM kEcdsaPems[] = {
Expand Down
22 changes: 4 additions & 18 deletions rtc_base/BUILD.gn
View file
Original file line number Diff line number Diff line change
Expand Up @@ -911,10 +911,12 @@ rtc_library("rtc_base") {
"openssl.h",
"openssl_adapter.cc",
"openssl_adapter.h",
"openssl_certificate.cc",
"openssl_certificate.h",
"openssl_digest.cc",
"openssl_digest.h",
"openssl_key_pair.cc",
"openssl_key_pair.h",
"openssl_identity.cc",
"openssl_identity.h",
"openssl_session_cache.cc",
"openssl_session_cache.h",
"openssl_stream_adapter.cc",
Expand Down Expand Up @@ -960,22 +962,6 @@ rtc_library("rtc_base") {
"unique_id_generator.h",
]

if (rtc_openssl_is_boringssl) {
sources += [
"boringssl_certificate.cc",
"boringssl_certificate.h",
"boringssl_identity.cc",
"boringssl_identity.h",
]
} else {
sources += [
"openssl_certificate.cc",
"openssl_certificate.h",
"openssl_identity.cc",
"openssl_identity.h",
]
}

if (build_with_chromium) {
include_dirs = [ "../../boringssl/src/include" ]
public_configs += [ ":rtc_base_chromium_config" ]
Expand Down
Loading

0 comments on commit 7e6290d

Please sign in to comment.