Repo created

TMessagesProj/jni/patches/boringssl/0001-add-aes-ige-mode.patch

@@ -0,0 +1,377 @@
+From b3958bdfcc9c753477fdf6e0da799c1c4e4077f1 Mon Sep 17 00:00:00 2001
+From: Marcus Hoffmann <bubu@bubu1.eu>
+Date: Tue, 31 Jul 2018 17:15:39 +0200
+Subject: [PATCH] add aes ige mode
+
+---
+ crypto/fipsmodule/CMakeLists.txt |   2 +
+ crypto/fipsmodule/aes/aes_ige.c  | 323 +++++++++++++++++++++++++++++++
+ include/openssl/aes.h            |   9 +
+ 3 files changed, 334 insertions(+)
+ create mode 100644 crypto/fipsmodule/aes/aes_ige.c
+
+diff --git a/crypto/fipsmodule/CMakeLists.txt b/crypto/fipsmodule/CMakeLists.txt
+index 30823755..b349572c 100644
+--- a/crypto/fipsmodule/CMakeLists.txt
++++ b/crypto/fipsmodule/CMakeLists.txt
+@@ -198,6 +198,8 @@ else()
+     bcm.c
+     fips_shared_support.c
+ 
++    aes/aes_ige.c
++
+     ${BCM_ASM_SOURCES}
+   )
+
+diff --git a/crypto/fipsmodule/aes/aes_ige.c b/crypto/fipsmodule/aes/aes_ige.c
+new file mode 100644
+index 00000000..b425c7d6
+--- /dev/null
++++ b/crypto/fipsmodule/aes/aes_ige.c
+@@ -0,0 +1,323 @@
++/* crypto/aes/aes_ige.c -*- mode:C; c-file-style: "eay" -*- */
++/* ====================================================================
++ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ *    notice, this list of conditions and the following disclaimer. 
++ *
++ * 2. Redistributions in binary form must reproduce the above copyright
++ *    notice, this list of conditions and the following disclaimer in
++ *    the documentation and/or other materials provided with the
++ *    distribution.
++ *
++ * 3. All advertising materials mentioning features or use of this
++ *    software must display the following acknowledgment:
++ *    "This product includes software developed by the OpenSSL Project
++ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
++ *
++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
++ *    endorse or promote products derived from this software without
++ *    prior written permission. For written permission, please contact
++ *    openssl-core@openssl.org.
++ *
++ * 5. Products derived from this software may not be called "OpenSSL"
++ *    nor may "OpenSSL" appear in their names without prior written
++ *    permission of the OpenSSL Project.
++ *
++ * 6. Redistributions of any form whatsoever must retain the following
++ *    acknowledgment:
++ *    "This product includes software developed by the OpenSSL Project
++ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
++ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
++ * OF THE POSSIBILITY OF SUCH DAMAGE.
++ * ====================================================================
++ *
++ */
++
++#include <openssl/aes.h>
++#include <assert.h>
++#include <memory.h>
++#include <string.h>
++
++#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
++typedef struct {
++        unsigned long data[N_WORDS];
++} aes_block_t;
++
++/* XXX: probably some better way to do this */
++#if defined(__i386__) || defined(__x86_64__)
++#define UNALIGNED_MEMOPS_ARE_FAST 1
++#else
++#define UNALIGNED_MEMOPS_ARE_FAST 0
++#endif
++
++#if UNALIGNED_MEMOPS_ARE_FAST
++#define load_block(d, s)        (d) = *(const aes_block_t *)(s)
++#define store_block(d, s)       *(aes_block_t *)(d) = (s)
++#else
++#define load_block(d, s)        memcpy((d).data, (s), AES_BLOCK_SIZE)
++#define store_block(d, s)       memcpy((d), (s).data, AES_BLOCK_SIZE)
++#endif
++
++/* N.B. The IV for this mode is _twice_ the block size */
++
++void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
++					 size_t length, const AES_KEY *key,
++					 unsigned char *ivec, const int enc)
++	{
++	size_t n;
++	size_t len = length;
++
++	assert(in && out && key && ivec);
++	assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
++	assert((length%AES_BLOCK_SIZE) == 0);
++
++	len = length / AES_BLOCK_SIZE;
++
++	if (AES_ENCRYPT == enc)
++		{
++		if (in != out &&
++		    (UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
++			{
++			aes_block_t *ivp = (aes_block_t *)ivec;
++			aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
++
++			while (len)
++				{
++				aes_block_t *inp = (aes_block_t *)in;
++				aes_block_t *outp = (aes_block_t *)out;
++
++				for(n=0 ; n < N_WORDS; ++n)
++					outp->data[n] = inp->data[n] ^ ivp->data[n];
++				AES_encrypt((unsigned char *)outp->data, (unsigned char *)outp->data, key);
++				for(n=0 ; n < N_WORDS; ++n)
++					outp->data[n] ^= iv2p->data[n];
++				ivp = outp;
++				iv2p = inp;
++				--len;
++				in += AES_BLOCK_SIZE;
++				out += AES_BLOCK_SIZE;
++				}
++			memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
++			memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
++			}
++		else
++			{
++			aes_block_t tmp, tmp2;
++			aes_block_t iv;
++			aes_block_t iv2;
++
++			load_block(iv, ivec);
++			load_block(iv2, ivec + AES_BLOCK_SIZE);
++
++			while (len)
++				{
++				load_block(tmp, in);
++				for(n=0 ; n < N_WORDS; ++n)
++					tmp2.data[n] = tmp.data[n] ^ iv.data[n];
++				AES_encrypt((unsigned char *)tmp2.data, (unsigned char *)tmp2.data, key);
++				for(n=0 ; n < N_WORDS; ++n)
++					tmp2.data[n] ^= iv2.data[n];
++				store_block(out, tmp2);
++				iv = tmp2;
++				iv2 = tmp;
++				--len;
++				in += AES_BLOCK_SIZE;
++				out += AES_BLOCK_SIZE;
++				}
++			memcpy(ivec, iv.data, AES_BLOCK_SIZE);
++			memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
++			}
++		}
++	else
++		{
++		if (in != out &&
++		    (UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
++			{
++			aes_block_t *ivp = (aes_block_t *)ivec;
++			aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
++
++			while (len)
++				{
++				aes_block_t tmp;
++				aes_block_t *inp = (aes_block_t *)in;
++				aes_block_t *outp = (aes_block_t *)out;
++
++				for(n=0 ; n < N_WORDS; ++n)
++					tmp.data[n] = inp->data[n] ^ iv2p->data[n];
++				AES_decrypt((unsigned char *)tmp.data, (unsigned char *)outp->data, key);
++				for(n=0 ; n < N_WORDS; ++n)
++					outp->data[n] ^= ivp->data[n];
++				ivp = inp;
++				iv2p = outp;
++				--len;
++				in += AES_BLOCK_SIZE;
++				out += AES_BLOCK_SIZE;
++				}
++			memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
++			memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
++			}
++		else
++			{
++			aes_block_t tmp, tmp2;
++			aes_block_t iv;
++			aes_block_t iv2;
++
++			load_block(iv, ivec);
++			load_block(iv2, ivec + AES_BLOCK_SIZE);
++
++			while (len)
++				{
++				load_block(tmp, in);
++				tmp2 = tmp;
++				for(n=0 ; n < N_WORDS; ++n)
++					tmp.data[n] ^= iv2.data[n];
++				AES_decrypt((unsigned char *)tmp.data, (unsigned char *)tmp.data, key);
++				for(n=0 ; n < N_WORDS; ++n)
++					tmp.data[n] ^= iv.data[n];
++				store_block(out, tmp);
++				iv = tmp2;
++				iv2 = tmp;
++				--len;
++				in += AES_BLOCK_SIZE;
++				out += AES_BLOCK_SIZE;
++				}
++			memcpy(ivec, iv.data, AES_BLOCK_SIZE);
++			memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
++			}
++		}
++	}
++
++/*
++ * Note that its effectively impossible to do biIGE in anything other
++ * than a single pass, so no provision is made for chaining.
++ */
++
++/* N.B. The IV for this mode is _four times_ the block size */
++
++void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
++						size_t length, const AES_KEY *key,
++						const AES_KEY *key2, const unsigned char *ivec,
++						const int enc)
++	{
++	size_t n;
++	size_t len = length;
++	unsigned char tmp[AES_BLOCK_SIZE];
++	unsigned char tmp2[AES_BLOCK_SIZE];
++	unsigned char tmp3[AES_BLOCK_SIZE];
++	unsigned char prev[AES_BLOCK_SIZE];
++	const unsigned char *iv;
++	const unsigned char *iv2;
++
++	assert(in && out && key && ivec);
++	assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
++	assert((length%AES_BLOCK_SIZE) == 0);
++
++	if (AES_ENCRYPT == enc)
++		{
++		/* XXX: Do a separate case for when in != out (strictly should
++		   check for overlap, too) */
++
++		/* First the forward pass */ 
++		iv = ivec;
++		iv2 = ivec + AES_BLOCK_SIZE;
++		while (len >= AES_BLOCK_SIZE)
++			{
++			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
++				out[n] = in[n] ^ iv[n];
++			AES_encrypt(out, out, key);
++			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
++				out[n] ^= iv2[n];
++			iv = out;
++			memcpy(prev, in, AES_BLOCK_SIZE);
++			iv2 = prev;
++			len -= AES_BLOCK_SIZE;
++			in += AES_BLOCK_SIZE;
++			out += AES_BLOCK_SIZE;
++			}
++
++		/* And now backwards */
++		iv = ivec + AES_BLOCK_SIZE*2;
++		iv2 = ivec + AES_BLOCK_SIZE*3;
++		len = length;
++		while(len >= AES_BLOCK_SIZE)
++			{
++			out -= AES_BLOCK_SIZE;
++			/* XXX: reduce copies by alternating between buffers */
++			memcpy(tmp, out, AES_BLOCK_SIZE);
++			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
++				out[n] ^= iv[n];
++			/*			hexdump(stdout, "out ^ iv", out, AES_BLOCK_SIZE); */
++			AES_encrypt(out, out, key);
++			/*			hexdump(stdout,"enc", out, AES_BLOCK_SIZE); */
++			/*			hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE); */
++			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
++				out[n] ^= iv2[n];
++			/*			hexdump(stdout,"out", out, AES_BLOCK_SIZE); */
++			iv = out;
++			memcpy(prev, tmp, AES_BLOCK_SIZE);
++			iv2 = prev;
++			len -= AES_BLOCK_SIZE;
++			}
++		}
++	else
++		{
++		/* First backwards */
++		iv = ivec + AES_BLOCK_SIZE*2;
++		iv2 = ivec + AES_BLOCK_SIZE*3;
++		in += length;
++		out += length;
++		while (len >= AES_BLOCK_SIZE)
++			{
++			in -= AES_BLOCK_SIZE;
++			out -= AES_BLOCK_SIZE;
++			memcpy(tmp, in, AES_BLOCK_SIZE);
++			memcpy(tmp2, in, AES_BLOCK_SIZE);
++			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
++				tmp[n] ^= iv2[n];
++			AES_decrypt(tmp, out, key);
++			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
++				out[n] ^= iv[n];
++			memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
++			iv = tmp3;
++			iv2 = out;
++			len -= AES_BLOCK_SIZE;
++			}
++
++		/* And now forwards */
++		iv = ivec;
++		iv2 = ivec + AES_BLOCK_SIZE;
++		len = length;
++		while (len >= AES_BLOCK_SIZE)
++			{
++			memcpy(tmp, out, AES_BLOCK_SIZE);
++			memcpy(tmp2, out, AES_BLOCK_SIZE);
++			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
++				tmp[n] ^= iv2[n];
++			AES_decrypt(tmp, out, key);
++			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
++				out[n] ^= iv[n];
++			memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
++			iv = tmp3;
++			iv2 = out;
++			len -= AES_BLOCK_SIZE;
++			in += AES_BLOCK_SIZE;
++			out += AES_BLOCK_SIZE;
++			}
++		}
++	}
+diff --git a/include/openssl/aes.h b/include/openssl/aes.h
+index 11565854..0130fec5 100644
+--- a/include/openssl/aes.h
++++ b/include/openssl/aes.h
+@@ -138,6 +138,15 @@ OPENSSL_EXPORT void AES_cfb128_encrypt(const uint8_t *in, uint8_t *out,
+                                        size_t len, const AES_KEY *key,
+                                        uint8_t *ivec, int *num, int enc);
+ 
++/* NB: the IV is _two_ blocks long */
++OPENSSL_EXPORT void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
++                                    size_t length, const AES_KEY *key,
++                                    unsigned char *ivec, const int enc);
++/* NB: the IV is _four_ blocks long */
++OPENSSL_EXPORT void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
++                                       size_t length, const AES_KEY *key,
++                                       const AES_KEY *key2, const unsigned char *ivec,
++                                       const int enc);
+ 
+ // AES key wrap.
+ //
+-- 
+2.17.1
+

TMessagesProj/jni/patches/boringssl/0001-only-build-what-we-need.patch

@@ -0,0 +1,242 @@
+From 02952ace408e331237a1ccd724f072b3e67ceb20 Mon Sep 17 00:00:00 2001
+From: thermatk <thermatk@thermatk.com>
+Date: Wed, 23 Jan 2019 22:16:34 +0100
+Subject: [PATCH] only build what we need
+
+---
+ CMakeLists.txt        | 36 ---------------------
+ crypto/CMakeLists.txt | 74 -------------------------------------------
+ ssl/CMakeLists.txt    | 18 ------------------
+ 3 files changed, 128 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index fd3532664..7fcfb1627 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -562,45 +562,9 @@ if(USE_CUSTOM_LIBCXX)
+   target_link_libraries(libcxx libcxxabi)
+   install(TARGETS libcxx EXPORT OpenSSLTargets DESTINATION ${CMAKE_INSTALL_LIBDIR})
+ endif()
+ 
+-# Add minimal googletest targets. The provided one has many side-effects, and
+-# googletest has a very straightforward build.
+-add_library(boringssl_gtest third_party/googletest/src/gtest-all.cc)
+-target_include_directories(boringssl_gtest PRIVATE third_party/googletest)
+-
+-include_directories(third_party/googletest/include)
+-
+-# Declare a dummy target to build all unit tests. Test targets should inject
+-# themselves as dependencies next to the target definition.
+-add_custom_target(all_tests)
+-
+-# On Windows, CRYPTO_TEST_DATA is too long to fit in command-line limits.
+-# TODO(davidben): CMake 3.12 has a list(JOIN) command. Use that when we've
+-# updated the minimum version.
+-set(EMBED_TEST_DATA_ARGS "")
+-foreach(arg ${CRYPTO_TEST_DATA})
+-  set(EMBED_TEST_DATA_ARGS "${EMBED_TEST_DATA_ARGS}${arg}\n")
+-endforeach()
+-file(WRITE "${CMAKE_CURRENT_BINARY_DIR}/embed_test_data_args.txt"
+-     "${EMBED_TEST_DATA_ARGS}")
+-
+-add_custom_command(
+-  OUTPUT crypto_test_data.cc
+-  COMMAND ${GO_EXECUTABLE} run util/embed_test_data.go -file-list
+-          "${CMAKE_CURRENT_BINARY_DIR}/embed_test_data_args.txt" >
+-          "${CMAKE_CURRENT_BINARY_DIR}/crypto_test_data.cc"
+-  DEPENDS util/embed_test_data.go ${CRYPTO_TEST_DATA}
+-  WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
+-
+-add_library(crypto_test_data OBJECT crypto_test_data.cc)
+-
+ add_subdirectory(crypto)
+ add_subdirectory(ssl)
+-add_subdirectory(ssl/test)
+-add_subdirectory(tool)
+-add_subdirectory(util/fipstools)
+-add_subdirectory(util/fipstools/acvp/modulewrapper)
+-add_subdirectory(decrepit)
+ 
+ if(FUZZ)
+   if(LIBFUZZER_FROM_DEPS)
+@@ -634,41 +598,6 @@ if(CMAKE_SYSTEM_NAME STREQUAL "Linux")
+   set(HANDSHAKER_ARGS "-handshaker-path" $<TARGET_FILE:handshaker>)
+ endif()
+ 
+-if(FIPS)
+-  add_custom_target(
+-    acvp_tests
+-    COMMAND ${GO_EXECUTABLE} build -o ${CMAKE_BINARY_DIR}/acvptool
+-            boringssl.googlesource.com/boringssl/util/fipstools/acvp/acvptool
+-    COMMAND ${GO_EXECUTABLE} build -o ${CMAKE_BINARY_DIR}/testmodulewrapper
+-            boringssl.googlesource.com/boringssl/util/fipstools/acvp/acvptool/testmodulewrapper
+-    COMMAND cd util/fipstools/acvp/acvptool/test &&
+-            ${GO_EXECUTABLE} run check_expected.go
+-            -tool ${CMAKE_BINARY_DIR}/acvptool
+-            -module-wrappers modulewrapper:$<TARGET_FILE:modulewrapper>,testmodulewrapper:${CMAKE_BINARY_DIR}/testmodulewrapper
+-            -tests tests.json
+-    WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
+-    DEPENDS modulewrapper
+-    USES_TERMINAL)
+-
+-  add_custom_target(
+-    fips_specific_tests_if_any
+-    DEPENDS acvp_tests
+-  )
+-else()
+-  add_custom_target(fips_specific_tests_if_any)
+-endif()
+-
+-add_custom_target(
+-    run_tests
+-    COMMAND ${GO_EXECUTABLE} run util/all_tests.go -build-dir
+-            ${CMAKE_BINARY_DIR}
+-    COMMAND cd ssl/test/runner &&
+-            ${GO_EXECUTABLE} test -shim-path $<TARGET_FILE:bssl_shim>
+-              ${HANDSHAKER_ARGS} ${RUNNER_ARGS}
+-    WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
+-    DEPENDS all_tests bssl_shim handshaker fips_specific_tests_if_any
+-    USES_TERMINAL)
+-
+ install(DIRECTORY include/ DESTINATION ${CMAKE_INSTALL_INCLUDEDIR})
+ 
+ install(EXPORT OpenSSLTargets
+diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt
+index e940f7d5f..f5221d70d 100644
+--- a/crypto/CMakeLists.txt
++++ b/crypto/CMakeLists.txt
+@@ -85,7 +85,6 @@ function(perlasm dest src)
+ endfunction()
+ 
+ add_subdirectory(fipsmodule)
+-add_subdirectory(test)
+ 
+ if(FIPS_DELOCATE OR FIPS_SHARED)
+   SET_SOURCE_FILES_PROPERTIES(fipsmodule/bcm.o PROPERTIES EXTERNAL_OBJECT true)
+@@ -466,97 +466,3 @@ endif()
+ if(USE_CUSTOM_LIBCXX)
+   target_link_libraries(crypto libcxx)
+ endif()
+-
+-# urandom_test is a separate binary because it needs to be able to observe the
+-# PRNG initialisation, which means that it can't have other tests running before
+-# it does.
+-add_executable(
+-  urandom_test
+-
+-  fipsmodule/rand/urandom_test.cc
+-)
+-
+-target_link_libraries(urandom_test test_support_lib boringssl_gtest crypto)
+-
+-add_dependencies(urandom_test global_target)
+-add_dependencies(all_tests urandom_test)
+-
+-add_executable(
+-  crypto_test
+-
+-  abi_self_test.cc
+-  asn1/asn1_test.cc
+-  base64/base64_test.cc
+-  bio/bio_test.cc
+-  blake2/blake2_test.cc
+-  buf/buf_test.cc
+-  bytestring/bytestring_test.cc
+-  chacha/chacha_test.cc
+-  cipher_extra/aead_test.cc
+-  cipher_extra/cipher_test.cc
+-  compiler_test.cc
+-  conf/conf_test.cc
+-  constant_time_test.cc
+-  cpu_arm_linux_test.cc
+-  crypto_test.cc
+-  curve25519/ed25519_test.cc
+-  curve25519/spake25519_test.cc
+-  curve25519/x25519_test.cc
+-  ecdh_extra/ecdh_test.cc
+-  dh_extra/dh_test.cc
+-  digest_extra/digest_test.cc
+-  dsa/dsa_test.cc
+-  err/err_test.cc
+-  evp/evp_extra_test.cc
+-  evp/evp_test.cc
+-  evp/pbkdf_test.cc
+-  evp/scrypt_test.cc
+-  fipsmodule/aes/aes_test.cc
+-  fipsmodule/bn/bn_test.cc
+-  fipsmodule/cmac/cmac_test.cc
+-  fipsmodule/ec/ec_test.cc
+-  fipsmodule/ec/p256-nistz_test.cc
+-  fipsmodule/ecdsa/ecdsa_test.cc
+-  fipsmodule/md5/md5_test.cc
+-  fipsmodule/modes/gcm_test.cc
+-  fipsmodule/rand/ctrdrbg_test.cc
+-  fipsmodule/rand/fork_detect_test.cc
+-  fipsmodule/service_indicator/service_indicator_test.cc
+-  fipsmodule/sha/sha_test.cc
+-  hkdf/hkdf_test.cc
+-  hpke/hpke_test.cc
+-  hmac_extra/hmac_test.cc
+-  hrss/hrss_test.cc
+-  impl_dispatch_test.cc
+-  lhash/lhash_test.cc
+-  obj/obj_test.cc
+-  pem/pem_test.cc
+-  pkcs7/pkcs7_test.cc
+-  pkcs8/pkcs8_test.cc
+-  pkcs8/pkcs12_test.cc
+-  poly1305/poly1305_test.cc
+-  pool/pool_test.cc
+-  rand_extra/rand_test.cc
+-  refcount_test.cc
+-  rsa_extra/rsa_test.cc
+-  self_test.cc
+-  stack/stack_test.cc
+-  siphash/siphash_test.cc
+-  test/file_test_gtest.cc
+-  thread_test.cc
+-  trust_token/trust_token_test.cc
+-  x509/x509_test.cc
+-  x509/x509_time_test.cc
+-  x509v3/tab_test.cc
+-
+-  $<TARGET_OBJECTS:crypto_test_data>
+-  $<TARGET_OBJECTS:boringssl_gtest_main>
+-)
+-
+-add_dependencies(crypto_test global_target)
+-
+-target_link_libraries(crypto_test test_support_lib boringssl_gtest crypto)
+-if(WIN32)
+-  target_link_libraries(crypto_test ws2_32)
+-endif()
+-add_dependencies(all_tests crypto_test)
+diff --git a/ssl/CMakeLists.txt b/ssl/CMakeLists.txt
+index 0fb532eae..f5cab9807 100644
+--- a/ssl/CMakeLists.txt
++++ b/ssl/CMakeLists.txt
+@@ -44,21 +44,3 @@ add_library(
+ add_dependencies(ssl global_target)
+ 
+ target_link_libraries(ssl crypto)
+-
+-add_executable(
+-  ssl_test
+-
+-  span_test.cc
+-  ssl_test.cc
+-  ssl_c_test.c
+-
+-  $<TARGET_OBJECTS:boringssl_gtest_main>
+-)
+-
+-add_dependencies(ssl_test global_target)
+-
+-target_link_libraries(ssl_test test_support_lib boringssl_gtest ssl crypto)
+-if(WIN32)
+-  target_link_libraries(ssl_test ws2_32)
+-endif()
+-add_dependencies(all_tests ssl_test)
+-- 
+2.20.1
+