From a28590918c92b1e73950639f3713e9e1248c6ca4 Mon Sep 17 00:00:00 2001 From: Mirko Bonadei Date: Fri, 2 Aug 2019 18:18:34 +0000 Subject: [PATCH] Revert "Adding new top-level directory crypto/" This reverts commit 7f1c58938db72b1508e383d94a0e59dd70ff306e. Reason for revert: this has been temporarily postponed. Original change's description: > Adding new top-level directory crypto/ > > Adding the crypto root directory to WebRTC. The goal with this change is to > centralize the management of crypto code into a single location. > > Currently we have cryptography code scattered across pc/ and rtc_base/ > which makes it difficult audit and maintain. > > By having a crypto/ directory we gain: > 1. A clear first point of contact for auditing the cryptography in WebRTC. > 2. Fine grain ownership to cryptography maintainers, we can include BoringSSL > maintainers in this directory. > 3. It improves maintanability of crypto code as we have improved modularization. > It will not be deeply nested in all different parts of WebRTC. > 4. Improved testability. We can cleanly build crypto libraries which plug into > pc/ which we can more easily mock. > 5. Enforce stricter rules. For example we may want to enforce ZeroOnFreeBuffer > for all sensitive material. This is easier to enforce in a single directory. > > Bug: webrtc:9600 > Change-Id: I8e76332c7dcdac0a45a470ba2e930196e1ccf395 > Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/125142 > Commit-Queue: Benjamin Wright > Reviewed-by: Niels Moller > Reviewed-by: Karl Wiberg > Cr-Commit-Position: refs/heads/master@{#27028} TBR=steveanton@webrtc.org,kwiberg@webrtc.org,nisse@webrtc.org,benwright@webrtc.org # Not skipping CQ checks because original CL landed > 1 day ago. Bug: webrtc:9600 Change-Id: I3c99e733d53d76071179f0ff9ffdec965d20829d Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/147871 Reviewed-by: Mirko Bonadei Reviewed-by: Benjamin Wright Commit-Queue: Benjamin Wright Cr-Commit-Position: refs/heads/master@{#28750} --- api/DEPS | 1 - crypto/OWNERS | 8 -------- crypto/README.md | 11 ----------- 3 files changed, 20 deletions(-) delete mode 100644 crypto/OWNERS delete mode 100644 crypto/README.md diff --git a/api/DEPS b/api/DEPS index 58b673646e..5b3267e993 100644 --- a/api/DEPS +++ b/api/DEPS @@ -9,7 +9,6 @@ include_rules = [ "-call", "-common_audio", "-common_video", - "-crypto", "-data", "-examples", "-ios", diff --git a/crypto/OWNERS b/crypto/OWNERS deleted file mode 100644 index e5b632a4eb..0000000000 --- a/crypto/OWNERS +++ /dev/null @@ -1,8 +0,0 @@ -benwright@webrtc.org -steveanton@webrtc.org -qingsi@webrtc.org - -# These are for the common case of adding or renaming files. If you're doing -# structural changes, please get a review from a reviewer in this file. -per-file *.gn=* -per-file *.gni=* diff --git a/crypto/README.md b/crypto/README.md deleted file mode 100644 index acb40eb6dd..0000000000 --- a/crypto/README.md +++ /dev/null @@ -1,11 +0,0 @@ -## What should be in the crypto directory -The crypto directory is intended to be a centralized location for all -cryptography code in WebRTC. This includes DTLS-SRTP, SRTP, HTTPS, -TLS, cryptography primitives interfaces such as HKDF and secure random -(backed by a concrete implementation in BoringSSL). - -## What should not be in the crypto directory -The crypto directory is not a general purpose security directory. Security -utilities such as ZeroBufferOnFree should still go in rtc_base/ and fuzzing -utilities in test/fuzzers. ASAN, TSAN and MSAN sanatizer utilities should also -not be in this directory.