Snap for 8782634 from f2c29695860da4a12287226ffed930e74fc2fd6b to sdk-release

Change-Id: I0aedb5dd0887dd88798af68faa7af1d79b77dd46
diff --git a/Android.bp b/Android.bp
index 2521600..a93e396 100644
--- a/Android.bp
+++ b/Android.bp
@@ -1,4 +1,4 @@
-// This file is generated by cargo2android.py --run --device.
+// This file is generated by cargo2android.py --config cargo2android.json.
 
 // WARNING! This crate has a change in dependency structure that is not yet
 // reflected on crates.io. This means that the automated update tool will
@@ -49,6 +49,7 @@
     host_supported: true,
     crate_name: "openssl",
     srcs: ["openssl/src/lib.rs"],
+    vendor_available: true,
     edition: "2018",
     cfgs: [
         "boringssl",
@@ -67,6 +68,10 @@
         "liblibc",
         "libonce_cell",
     ],
+    apex_available: [
+        "//apex_available:platform",
+        "com.android.virt",
+    ],
 }
 
 rust_proc_macro {
diff --git a/TEST_MAPPING b/TEST_MAPPING
new file mode 100644
index 0000000..9cce328
--- /dev/null
+++ b/TEST_MAPPING
@@ -0,0 +1,49 @@
+// Generated by update_crate_tests.py for tests that depend on this crate.
+{
+  "presubmit": [
+    {
+      "name": "apkdmverity.test"
+    },
+    {
+      "name": "authfs_device_test_src_lib"
+    },
+    {
+      "name": "libapkverify.integration_test"
+    },
+    {
+      "name": "libapkverify.test"
+    },
+    {
+      "name": "libidsig.test"
+    },
+    {
+      "name": "microdroid_manager_test"
+    },
+    {
+      "name": "virtualizationservice_device_test"
+    }
+  ],
+  "presubmit-rust": [
+    {
+      "name": "apkdmverity.test"
+    },
+    {
+      "name": "authfs_device_test_src_lib"
+    },
+    {
+      "name": "libapkverify.integration_test"
+    },
+    {
+      "name": "libapkverify.test"
+    },
+    {
+      "name": "libidsig.test"
+    },
+    {
+      "name": "microdroid_manager_test"
+    },
+    {
+      "name": "virtualizationservice_device_test"
+    }
+  ]
+}
diff --git a/cargo2android.json b/cargo2android.json
new file mode 100644
index 0000000..41450f8
--- /dev/null
+++ b/cargo2android.json
@@ -0,0 +1,10 @@
+{
+  "apex-available": [
+    "//apex_available:platform",
+    "com.android.virt"
+  ],
+  "device": true,
+  "features": "boringssl",
+  "run": true,
+  "vendor-available": true
+}
diff --git a/openssl/src/hash.rs b/openssl/src/hash.rs
index ba64a50..a7c02fa 100644
--- a/openssl/src/hash.rs
+++ b/openssl/src/hash.rs
@@ -139,6 +139,12 @@
         self.0
     }
 
+    /// The block size of the digest in bytes.
+    #[allow(clippy::trivially_copy_pass_by_ref)]
+    pub fn block_size(&self) -> usize {
+        unsafe { ffi::EVP_MD_block_size(self.0) as usize }
+    }
+
     /// The size of the digest in bytes.
     #[allow(clippy::trivially_copy_pass_by_ref)]
     pub fn size(&self) -> usize {
@@ -475,6 +481,9 @@
         for test in MD5_TESTS.iter() {
             hash_test(MessageDigest::md5(), test);
         }
+
+        assert_eq!(MessageDigest::md5().block_size(), 64);
+        assert_eq!(MessageDigest::md5().size(), 16);
     }
 
     #[test]
@@ -534,6 +543,9 @@
         for test in tests.iter() {
             hash_test(MessageDigest::sha1(), test);
         }
+
+        assert_eq!(MessageDigest::sha1().block_size(), 64);
+        assert_eq!(MessageDigest::sha1().size(), 20);
     }
 
     #[test]
@@ -546,6 +558,9 @@
         for test in tests.iter() {
             hash_test(MessageDigest::sha256(), test);
         }
+
+        assert_eq!(MessageDigest::sha256().block_size(), 64);
+        assert_eq!(MessageDigest::sha256().size(), 32);
     }
 
     #[cfg(ossl111)]
@@ -559,6 +574,9 @@
         for test in tests.iter() {
             hash_test(MessageDigest::sha3_224(), test);
         }
+
+        assert_eq!(MessageDigest::sha3_224().block_size(), 144);
+        assert_eq!(MessageDigest::sha3_224().size(), 28);
     }
 
     #[cfg(ossl111)]
@@ -572,6 +590,9 @@
         for test in tests.iter() {
             hash_test(MessageDigest::sha3_256(), test);
         }
+
+        assert_eq!(MessageDigest::sha3_256().block_size(), 136);
+        assert_eq!(MessageDigest::sha3_256().size(), 32);
     }
 
     #[cfg(ossl111)]
@@ -585,6 +606,9 @@
         for test in tests.iter() {
             hash_test(MessageDigest::sha3_384(), test);
         }
+
+        assert_eq!(MessageDigest::sha3_384().block_size(), 104);
+        assert_eq!(MessageDigest::sha3_384().size(), 48);
     }
 
     #[cfg(ossl111)]
@@ -598,6 +622,9 @@
         for test in tests.iter() {
             hash_test(MessageDigest::sha3_512(), test);
         }
+
+        assert_eq!(MessageDigest::sha3_512().block_size(), 72);
+        assert_eq!(MessageDigest::sha3_512().size(), 64);
     }
 
     #[cfg(ossl111)]
@@ -611,6 +638,9 @@
         for test in tests.iter() {
             hash_xof_test(MessageDigest::shake_128(), test);
         }
+
+        assert_eq!(MessageDigest::shake_128().block_size(), 168);
+        assert_eq!(MessageDigest::shake_128().size(), 16);
     }
 
     #[cfg(ossl111)]
@@ -624,6 +654,9 @@
         for test in tests.iter() {
             hash_xof_test(MessageDigest::shake_256(), test);
         }
+
+        assert_eq!(MessageDigest::shake_256().block_size(), 136);
+        assert_eq!(MessageDigest::shake_256().size(), 32);
     }
 
     #[test]
@@ -638,6 +671,9 @@
         for test in tests.iter() {
             hash_test(MessageDigest::ripemd160(), test);
         }
+
+        assert_eq!(MessageDigest::ripemd160().block_size(), 64);
+        assert_eq!(MessageDigest::ripemd160().size(), 20);
     }
 
     #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM3")))]
@@ -651,6 +687,9 @@
         for test in tests.iter() {
             hash_test(MessageDigest::sm3(), test);
         }
+
+        assert_eq!(MessageDigest::sm3().block_size(), 64);
+        assert_eq!(MessageDigest::sm3().size(), 32);
     }
 
     #[test]
diff --git a/openssl/src/hkdf.rs b/openssl/src/hkdf.rs
new file mode 100644
index 0000000..cc7e5b3
--- /dev/null
+++ b/openssl/src/hkdf.rs
@@ -0,0 +1,89 @@
+use crate::cvt;
+use crate::error::ErrorStack;
+use crate::md::MdRef;
+use foreign_types::ForeignTypeRef;
+use openssl_macros::corresponds;
+
+/// Computes HKDF (as specified by RFC 5869).
+///
+/// HKDF is an Extract-and-Expand algorithm. It does not do any key stretching,
+/// and as such, is not suited to be used alone to generate a key from a
+/// password.
+#[corresponds(HKDF)]
+#[inline]
+pub fn hkdf(
+    out_key: &mut [u8],
+    md: &MdRef,
+    secret: &[u8],
+    salt: &[u8],
+    info: &[u8],
+) -> Result<(), ErrorStack> {
+    unsafe {
+        cvt(ffi::HKDF(
+            out_key.as_mut_ptr(),
+            out_key.len(),
+            md.as_ptr(),
+            secret.as_ptr(),
+            secret.len(),
+            salt.as_ptr(),
+            salt.len(),
+            info.as_ptr(),
+            info.len(),
+        ))?;
+    }
+
+    Ok(())
+}
+
+/// Computes a HKDF PRK (as specified by RFC 5869).
+///
+/// WARNING: This function orders the inputs differently from RFC 5869
+/// specification. Double-check which parameter is the secret/IKM and which is
+/// the salt when using.
+#[corresponds(HKDF_extract)]
+#[inline]
+pub fn hkdf_extract<'a>(
+    out_key: &'a mut [u8],
+    md: &MdRef,
+    secret: &[u8],
+    salt: &[u8],
+) -> Result<&'a [u8], ErrorStack> {
+    let mut out_len = out_key.len();
+    unsafe {
+        cvt(ffi::HKDF_extract(
+            out_key.as_mut_ptr(),
+            &mut out_len,
+            md.as_ptr(),
+            secret.as_ptr(),
+            secret.len(),
+            salt.as_ptr(),
+            salt.len(),
+        ))?;
+    }
+
+    Ok(&out_key[..out_len])
+}
+
+/// Computes a HKDF OKM (as specified by RFC 5869).
+#[corresponds(HKDF_expand)]
+#[inline]
+pub fn hkdf_expand(
+    out_key: &mut [u8],
+    md: &MdRef,
+    prk: &[u8],
+    info: &[u8],
+) -> Result<(), ErrorStack> {
+    unsafe {
+        cvt(ffi::HKDF_expand(
+            out_key.as_mut_ptr(),
+            out_key.len(),
+            md.as_ptr(),
+            prk.as_ptr(),
+            prk.len(),
+            info.as_ptr(),
+            info.len(),
+        ))?;
+    }
+
+    Ok(())
+}
diff --git a/openssl/src/hmac.rs b/openssl/src/hmac.rs
new file mode 100644
index 0000000..601ae01
--- /dev/null
+++ b/openssl/src/hmac.rs
@@ -0,0 +1,68 @@
+use crate::cvt_p;
+use crate::error::ErrorStack;
+use crate::md::MdRef;
+use foreign_types::ForeignTypeRef;
+use openssl_macros::corresponds;
+use libc::{c_void, c_uint};
+use std::convert::TryFrom;
+
+/// Computes the HMAC as a one-shot operation.
+///
+/// Calculates the HMAC of data, using the given |key|
+/// and hash function |md|, and returns the result re-using the space from
+/// buffer |out|. On entry, |out| must contain at least |EVP_MD_size| bytes
+/// of space. The actual length of the result is used to resize the returned
+/// slice. An output size of |EVP_MAX_MD_SIZE| will always be large enough.
+/// It returns a resized |out| or ErrorStack on error.
+#[corresponds(HMAC)]
+#[inline]
+pub fn hmac<'a>(
+    md: &MdRef,
+    key: &[u8],
+    data: &[u8],
+    out: &'a mut [u8]
+) -> Result<&'a [u8], ErrorStack> {
+    let mut out_len = c_uint::try_from(out.len()).unwrap();
+    unsafe {
+        cvt_p(ffi::HMAC(
+            md.as_ptr(),
+            key.as_ptr() as *const c_void,
+            key.len(),
+            data.as_ptr(),
+            data.len(),
+            out.as_mut_ptr(),
+            &mut out_len
+            ))?;
+    }
+    Ok(&out[..out_len as usize])
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use crate::md::Md;
+    use crate::memcmp;
+
+    const SHA_256_DIGEST_SIZE:usize = 32;
+
+    #[test]
+    fn hmac_sha256_test() {
+        let expected_hmac = [0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf, 0xb, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x0, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7];
+        let mut out: [u8; SHA_256_DIGEST_SIZE] = [0; SHA_256_DIGEST_SIZE];
+        let key:[u8; 20] = [0x0b; 20];
+        let data = b"Hi There";
+        let hmac_result = hmac(Md::sha256(), &key, data, &mut out).expect("Couldn't calculate sha256 hmac");
+        expect!(memcmp::eq(&hmac_result, &expected_hmac));
+    }
+
+    #[test]
+    fn hmac_sha256_test_big_buffer() {
+        let expected_hmac = [0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf, 0xb, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x0, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7];
+        let mut out: [u8; 100] = [0; 100];
+        let key:[u8;20] = [0x0b; 20];
+        let data = b"Hi There";
+        let hmac_result = hmac(Md::sha256(), &key, data, &mut out).expect("Couldn't calculate sha256 hmac");
+        expect_eq!(hmac_result.len(), SHA_256_DIGEST_SIZE);
+        expect!(memcmp::eq(&hmac_result, &expected_hmac));
+    }
+}
diff --git a/openssl/src/lib.rs b/openssl/src/lib.rs
index 2da23fb..0bba5b9 100644
--- a/openssl/src/lib.rs
+++ b/openssl/src/lib.rs
@@ -158,6 +158,10 @@
 #[cfg(not(any(libressl, ossl300)))]
 pub mod fips;
 pub mod hash;
+#[cfg(boringssl)]
+pub mod hkdf;
+#[cfg(boringssl)]
+pub mod hmac;
 #[cfg(ossl300)]
 pub mod lib_ctx;
 pub mod md;
diff --git a/openssl/src/md.rs b/openssl/src/md.rs
index e532c9b..b9297e2 100644
--- a/openssl/src/md.rs
+++ b/openssl/src/md.rs
@@ -210,6 +210,13 @@
 unsafe impl Send for MdRef {}
 
 impl MdRef {
+    /// Returns the block size of the digest in bytes.
+    #[corresponds(EVP_MD_block_size)]
+    #[inline]
+    pub fn block_size(&self) -> usize {
+        unsafe { ffi::EVP_MD_block_size(self.as_ptr()) as usize }
+    }
+
     /// Returns the size of the digest in bytes.
     #[corresponds(EVP_MD_size)]
     #[inline]
diff --git a/openssl/src/pkey.rs b/openssl/src/pkey.rs
index d85e1bd..ce29210 100644
--- a/openssl/src/pkey.rs
+++ b/openssl/src/pkey.rs
@@ -47,7 +47,7 @@
 use crate::dsa::Dsa;
 use crate::ec::EcKey;
 use crate::error::ErrorStack;
-#[cfg(ossl110)]
+#[cfg(any(boringssl, ossl110))]
 use crate::pkey_ctx::PkeyCtx;
 use crate::rsa::Rsa;
 use crate::symm::Cipher;
@@ -89,7 +89,7 @@
     #[cfg(ossl110)]
     pub const HKDF: Id = Id(ffi::EVP_PKEY_HKDF);
 
-    #[cfg(ossl111)]
+    #[cfg(any(boringssl, ossl111))]
     pub const ED25519: Id = Id(ffi::EVP_PKEY_ED25519);
     #[cfg(ossl111)]
     pub const ED448: Id = Id(ffi::EVP_PKEY_ED448);
@@ -475,7 +475,7 @@
         ctx.keygen()
     }
 
-    #[cfg(ossl111)]
+    #[cfg(any(boringssl, ossl111))]
     fn generate_eddsa(id: Id) -> Result<PKey<Private>, ErrorStack> {
         let mut ctx = PkeyCtx::new_id(id)?;
         ctx.keygen_init()?;
@@ -495,7 +495,7 @@
     }
 
     /// Generates a new private Ed25519 key
-    #[cfg(ossl111)]
+    #[cfg(any(boringssl, ossl111))]
     pub fn generate_ed25519() -> Result<PKey<Private>, ErrorStack> {
         PKey::generate_eddsa(Id::ED25519)
     }
@@ -623,7 +623,7 @@
     ///
     /// Algorithm types that support raw private keys are HMAC, X25519, ED25519, X448 or ED448
     #[corresponds(EVP_PKEY_new_raw_private_key)]
-    #[cfg(ossl111)]
+    #[cfg(any(boringssl, ossl111))]
     pub fn private_key_from_raw_bytes(
         bytes: &[u8],
         key_type: Id,
@@ -664,7 +664,7 @@
     ///
     /// Algorithm types that support raw public keys are X25519, ED25519, X448 or ED448
     #[corresponds(EVP_PKEY_new_raw_public_key)]
-    #[cfg(ossl111)]
+    #[cfg(any(boringssl, ossl111))]
     pub fn public_key_from_raw_bytes(
         bytes: &[u8],
         key_type: Id,
diff --git a/openssl/src/sign.rs b/openssl/src/sign.rs
index 77b8de9..7b587a6 100644
--- a/openssl/src/sign.rs
+++ b/openssl/src/sign.rs
@@ -354,7 +354,7 @@
     /// OpenSSL documentation at [`EVP_DigestSign`].
     ///
     /// [`EVP_DigestSign`]: https://www.openssl.org/docs/man1.1.1/man3/EVP_DigestSign.html
-    #[cfg(ossl111)]
+    #[cfg(any(boringssl, ossl111))]
     pub fn sign_oneshot(
         &mut self,
         sig_buf: &mut [u8],
@@ -376,7 +376,7 @@
     /// Returns the signature.
     ///
     /// This is a simple convenience wrapper over `len` and `sign_oneshot`.
-    #[cfg(ossl111)]
+    #[cfg(any(boringssl, ossl111))]
     pub fn sign_oneshot_to_vec(&mut self, data_buf: &[u8]) -> Result<Vec<u8>, ErrorStack> {
         let mut sig_buf = vec![0; self.len()?];
         let len = self.sign_oneshot(&mut sig_buf, data_buf)?;
@@ -588,7 +588,7 @@
     /// OpenSSL documentation at [`EVP_DigestVerify`].
     ///
     /// [`EVP_DigestVerify`]: https://www.openssl.org/docs/man1.1.1/man3/EVP_DigestVerify.html
-    #[cfg(ossl111)]
+    #[cfg(any(boringssl, ossl111))]
     pub fn verify_oneshot(&mut self, signature: &[u8], buf: &[u8]) -> Result<bool, ErrorStack> {
         unsafe {
             let r = ffi::EVP_DigestVerify(