Remove now unnecessary calls to CRYPTO_library_init
This was already almost always a no-op, except when built with BORINGSSL_NO_STATIC_INITIALIZER, as Chromium did. After https://boringssl-review.googlesource.com/c/boringssl/+/69508, it became a no-op even in that case too.
This means, 7 years later, I can finally atone for my sins and revert the QUIC changes made in https://chromium-review.googlesource.com/c/chromium/src/+/1070648 to accommodate this mess.
PiperOrigin-RevId: 745722782
diff --git a/quiche/quic/core/crypto/aead_base_decrypter.cc b/quiche/quic/core/crypto/aead_base_decrypter.cc
index b6a3c4f..5f8079d 100644
--- a/quiche/quic/core/crypto/aead_base_decrypter.cc
+++ b/quiche/quic/core/crypto/aead_base_decrypter.cc
@@ -20,22 +20,11 @@
namespace quic {
using ::quiche::ClearOpenSslErrors;
using ::quiche::DLogOpenSslErrors;
-namespace {
-const EVP_AEAD* InitAndCall(const EVP_AEAD* (*aead_getter)()) {
- // Ensure BoringSSL is initialized before calling |aead_getter|. In Chromium,
- // the static initializer is disabled.
- CRYPTO_library_init();
- return aead_getter();
-}
-
-} // namespace
-
-AeadBaseDecrypter::AeadBaseDecrypter(const EVP_AEAD* (*aead_getter)(),
- size_t key_size, size_t auth_tag_size,
- size_t nonce_size,
+AeadBaseDecrypter::AeadBaseDecrypter(const EVP_AEAD* aead_alg, size_t key_size,
+ size_t auth_tag_size, size_t nonce_size,
bool use_ietf_nonce_construction)
- : aead_alg_(InitAndCall(aead_getter)),
+ : aead_alg_(aead_alg),
key_size_(key_size),
auth_tag_size_(auth_tag_size),
nonce_size_(nonce_size),
diff --git a/quiche/quic/core/crypto/aead_base_decrypter.h b/quiche/quic/core/crypto/aead_base_decrypter.h
index 0454919..bd64320 100644
--- a/quiche/quic/core/crypto/aead_base_decrypter.h
+++ b/quiche/quic/core/crypto/aead_base_decrypter.h
@@ -17,9 +17,7 @@
// AeadBaseDecrypter is the base class of AEAD QuicDecrypter subclasses.
class QUICHE_EXPORT AeadBaseDecrypter : public QuicDecrypter {
public:
- // This takes the function pointer rather than the EVP_AEAD itself so
- // subclasses do not need to call CRYPTO_library_init.
- AeadBaseDecrypter(const EVP_AEAD* (*aead_getter)(), size_t key_size,
+ AeadBaseDecrypter(const EVP_AEAD* aead_alg, size_t key_size,
size_t auth_tag_size, size_t nonce_size,
bool use_ietf_nonce_construction);
AeadBaseDecrypter(const AeadBaseDecrypter&) = delete;
diff --git a/quiche/quic/core/crypto/aead_base_encrypter.cc b/quiche/quic/core/crypto/aead_base_encrypter.cc
index 928343f..8c178bb 100644
--- a/quiche/quic/core/crypto/aead_base_encrypter.cc
+++ b/quiche/quic/core/crypto/aead_base_encrypter.cc
@@ -18,22 +18,11 @@
namespace quic {
using ::quiche::DLogOpenSslErrors;
-namespace {
-const EVP_AEAD* InitAndCall(const EVP_AEAD* (*aead_getter)()) {
- // Ensure BoringSSL is initialized before calling |aead_getter|. In Chromium,
- // the static initializer is disabled.
- CRYPTO_library_init();
- return aead_getter();
-}
-
-} // namespace
-
-AeadBaseEncrypter::AeadBaseEncrypter(const EVP_AEAD* (*aead_getter)(),
- size_t key_size, size_t auth_tag_size,
- size_t nonce_size,
+AeadBaseEncrypter::AeadBaseEncrypter(const EVP_AEAD* aead_alg, size_t key_size,
+ size_t auth_tag_size, size_t nonce_size,
bool use_ietf_nonce_construction)
- : aead_alg_(InitAndCall(aead_getter)),
+ : aead_alg_(aead_alg),
key_size_(key_size),
auth_tag_size_(auth_tag_size),
nonce_size_(nonce_size),
diff --git a/quiche/quic/core/crypto/aead_base_encrypter.h b/quiche/quic/core/crypto/aead_base_encrypter.h
index cf2c8cd..ab1f5db 100644
--- a/quiche/quic/core/crypto/aead_base_encrypter.h
+++ b/quiche/quic/core/crypto/aead_base_encrypter.h
@@ -17,9 +17,7 @@
// AeadBaseEncrypter is the base class of AEAD QuicEncrypter subclasses.
class QUICHE_EXPORT AeadBaseEncrypter : public QuicEncrypter {
public:
- // This takes the function pointer rather than the EVP_AEAD itself so
- // subclasses do not need to call CRYPTO_library_init.
- AeadBaseEncrypter(const EVP_AEAD* (*aead_getter)(), size_t key_size,
+ AeadBaseEncrypter(const EVP_AEAD* aead_alg, size_t key_size,
size_t auth_tag_size, size_t nonce_size,
bool use_ietf_nonce_construction);
AeadBaseEncrypter(const AeadBaseEncrypter&) = delete;
diff --git a/quiche/quic/core/crypto/aes_128_gcm_12_decrypter.cc b/quiche/quic/core/crypto/aes_128_gcm_12_decrypter.cc
index 66f2ad2..7842508 100644
--- a/quiche/quic/core/crypto/aes_128_gcm_12_decrypter.cc
+++ b/quiche/quic/core/crypto/aes_128_gcm_12_decrypter.cc
@@ -17,7 +17,8 @@
} // namespace
Aes128Gcm12Decrypter::Aes128Gcm12Decrypter()
- : AesBaseDecrypter(EVP_aead_aes_128_gcm, kKeySize, kAuthTagSize, kNonceSize,
+ : AesBaseDecrypter(EVP_aead_aes_128_gcm(), kKeySize, kAuthTagSize,
+ kNonceSize,
/* use_ietf_nonce_construction */ false) {
static_assert(kKeySize <= kMaxKeySize, "key size too big");
static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big");
diff --git a/quiche/quic/core/crypto/aes_128_gcm_12_encrypter.cc b/quiche/quic/core/crypto/aes_128_gcm_12_encrypter.cc
index 5bbaeba..36275a2 100644
--- a/quiche/quic/core/crypto/aes_128_gcm_12_encrypter.cc
+++ b/quiche/quic/core/crypto/aes_128_gcm_12_encrypter.cc
@@ -16,7 +16,8 @@
} // namespace
Aes128Gcm12Encrypter::Aes128Gcm12Encrypter()
- : AesBaseEncrypter(EVP_aead_aes_128_gcm, kKeySize, kAuthTagSize, kNonceSize,
+ : AesBaseEncrypter(EVP_aead_aes_128_gcm(), kKeySize, kAuthTagSize,
+ kNonceSize,
/* use_ietf_nonce_construction */ false) {
static_assert(kKeySize <= kMaxKeySize, "key size too big");
static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big");
diff --git a/quiche/quic/core/crypto/aes_128_gcm_decrypter.cc b/quiche/quic/core/crypto/aes_128_gcm_decrypter.cc
index c43123b..de3e6de 100644
--- a/quiche/quic/core/crypto/aes_128_gcm_decrypter.cc
+++ b/quiche/quic/core/crypto/aes_128_gcm_decrypter.cc
@@ -19,7 +19,8 @@
} // namespace
Aes128GcmDecrypter::Aes128GcmDecrypter()
- : AesBaseDecrypter(EVP_aead_aes_128_gcm, kKeySize, kAuthTagSize, kNonceSize,
+ : AesBaseDecrypter(EVP_aead_aes_128_gcm(), kKeySize, kAuthTagSize,
+ kNonceSize,
/* use_ietf_nonce_construction */ true) {
static_assert(kKeySize <= kMaxKeySize, "key size too big");
static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big");
diff --git a/quiche/quic/core/crypto/aes_128_gcm_encrypter.cc b/quiche/quic/core/crypto/aes_128_gcm_encrypter.cc
index 22f9b2a..101888f 100644
--- a/quiche/quic/core/crypto/aes_128_gcm_encrypter.cc
+++ b/quiche/quic/core/crypto/aes_128_gcm_encrypter.cc
@@ -16,7 +16,8 @@
} // namespace
Aes128GcmEncrypter::Aes128GcmEncrypter()
- : AesBaseEncrypter(EVP_aead_aes_128_gcm, kKeySize, kAuthTagSize, kNonceSize,
+ : AesBaseEncrypter(EVP_aead_aes_128_gcm(), kKeySize, kAuthTagSize,
+ kNonceSize,
/* use_ietf_nonce_construction */ true) {
static_assert(kKeySize <= kMaxKeySize, "key size too big");
static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big");
diff --git a/quiche/quic/core/crypto/aes_256_gcm_decrypter.cc b/quiche/quic/core/crypto/aes_256_gcm_decrypter.cc
index 58d4e3c..8aa15f1 100644
--- a/quiche/quic/core/crypto/aes_256_gcm_decrypter.cc
+++ b/quiche/quic/core/crypto/aes_256_gcm_decrypter.cc
@@ -19,7 +19,8 @@
} // namespace
Aes256GcmDecrypter::Aes256GcmDecrypter()
- : AesBaseDecrypter(EVP_aead_aes_256_gcm, kKeySize, kAuthTagSize, kNonceSize,
+ : AesBaseDecrypter(EVP_aead_aes_256_gcm(), kKeySize, kAuthTagSize,
+ kNonceSize,
/* use_ietf_nonce_construction */ true) {
static_assert(kKeySize <= kMaxKeySize, "key size too big");
static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big");
diff --git a/quiche/quic/core/crypto/aes_256_gcm_encrypter.cc b/quiche/quic/core/crypto/aes_256_gcm_encrypter.cc
index 802ff99..27cb383 100644
--- a/quiche/quic/core/crypto/aes_256_gcm_encrypter.cc
+++ b/quiche/quic/core/crypto/aes_256_gcm_encrypter.cc
@@ -16,7 +16,8 @@
} // namespace
Aes256GcmEncrypter::Aes256GcmEncrypter()
- : AesBaseEncrypter(EVP_aead_aes_256_gcm, kKeySize, kAuthTagSize, kNonceSize,
+ : AesBaseEncrypter(EVP_aead_aes_256_gcm(), kKeySize, kAuthTagSize,
+ kNonceSize,
/* use_ietf_nonce_construction */ true) {
static_assert(kKeySize <= kMaxKeySize, "key size too big");
static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big");
diff --git a/quiche/quic/core/crypto/chacha20_poly1305_decrypter.cc b/quiche/quic/core/crypto/chacha20_poly1305_decrypter.cc
index 31758b4..9ec7f86 100644
--- a/quiche/quic/core/crypto/chacha20_poly1305_decrypter.cc
+++ b/quiche/quic/core/crypto/chacha20_poly1305_decrypter.cc
@@ -17,7 +17,7 @@
} // namespace
ChaCha20Poly1305Decrypter::ChaCha20Poly1305Decrypter()
- : ChaChaBaseDecrypter(EVP_aead_chacha20_poly1305, kKeySize, kAuthTagSize,
+ : ChaChaBaseDecrypter(EVP_aead_chacha20_poly1305(), kKeySize, kAuthTagSize,
kNonceSize,
/* use_ietf_nonce_construction */ false) {
static_assert(kKeySize <= kMaxKeySize, "key size too big");
diff --git a/quiche/quic/core/crypto/chacha20_poly1305_encrypter.cc b/quiche/quic/core/crypto/chacha20_poly1305_encrypter.cc
index f259dea..fca4b85 100644
--- a/quiche/quic/core/crypto/chacha20_poly1305_encrypter.cc
+++ b/quiche/quic/core/crypto/chacha20_poly1305_encrypter.cc
@@ -18,7 +18,7 @@
} // namespace
ChaCha20Poly1305Encrypter::ChaCha20Poly1305Encrypter()
- : ChaChaBaseEncrypter(EVP_aead_chacha20_poly1305, kKeySize, kAuthTagSize,
+ : ChaChaBaseEncrypter(EVP_aead_chacha20_poly1305(), kKeySize, kAuthTagSize,
kNonceSize,
/* use_ietf_nonce_construction */ false) {
static_assert(kKeySize <= kMaxKeySize, "key size too big");
diff --git a/quiche/quic/core/crypto/chacha20_poly1305_tls_decrypter.cc b/quiche/quic/core/crypto/chacha20_poly1305_tls_decrypter.cc
index 93b0993..623304d 100644
--- a/quiche/quic/core/crypto/chacha20_poly1305_tls_decrypter.cc
+++ b/quiche/quic/core/crypto/chacha20_poly1305_tls_decrypter.cc
@@ -19,7 +19,7 @@
} // namespace
ChaCha20Poly1305TlsDecrypter::ChaCha20Poly1305TlsDecrypter()
- : ChaChaBaseDecrypter(EVP_aead_chacha20_poly1305, kKeySize, kAuthTagSize,
+ : ChaChaBaseDecrypter(EVP_aead_chacha20_poly1305(), kKeySize, kAuthTagSize,
kNonceSize,
/* use_ietf_nonce_construction */ true) {
static_assert(kKeySize <= kMaxKeySize, "key size too big");
diff --git a/quiche/quic/core/crypto/chacha20_poly1305_tls_encrypter.cc b/quiche/quic/core/crypto/chacha20_poly1305_tls_encrypter.cc
index 0d7c69b..e47242b 100644
--- a/quiche/quic/core/crypto/chacha20_poly1305_tls_encrypter.cc
+++ b/quiche/quic/core/crypto/chacha20_poly1305_tls_encrypter.cc
@@ -18,7 +18,7 @@
} // namespace
ChaCha20Poly1305TlsEncrypter::ChaCha20Poly1305TlsEncrypter()
- : ChaChaBaseEncrypter(EVP_aead_chacha20_poly1305, kKeySize, kAuthTagSize,
+ : ChaChaBaseEncrypter(EVP_aead_chacha20_poly1305(), kKeySize, kAuthTagSize,
kNonceSize,
/* use_ietf_nonce_construction */ true) {
static_assert(kKeySize <= kMaxKeySize, "key size too big");
diff --git a/quiche/quic/core/crypto/tls_connection.cc b/quiche/quic/core/crypto/tls_connection.cc
index 66e26b7..dee6638 100644
--- a/quiche/quic/core/crypto/tls_connection.cc
+++ b/quiche/quic/core/crypto/tls_connection.cc
@@ -36,7 +36,6 @@
private:
SslIndexSingleton() {
- CRYPTO_library_init();
ssl_ex_data_index_connection_ =
SSL_get_ex_new_index(0, nullptr, nullptr, nullptr, nullptr);
QUICHE_CHECK_LE(0, ssl_ex_data_index_connection_);
@@ -129,7 +128,6 @@
// static
bssl::UniquePtr<SSL_CTX> TlsConnection::CreateSslCtx() {
- CRYPTO_library_init();
bssl::UniquePtr<SSL_CTX> ssl_ctx(SSL_CTX_new(TLS_with_buffers_method()));
SSL_CTX_set_min_proto_version(ssl_ctx.get(), TLS1_3_VERSION);
SSL_CTX_set_max_proto_version(ssl_ctx.get(), TLS1_3_VERSION);
diff --git a/quiche/quic/core/tls_chlo_extractor.cc b/quiche/quic/core/tls_chlo_extractor.cc
index 9060049..bf946c7 100644
--- a/quiche/quic/core/tls_chlo_extractor.cc
+++ b/quiche/quic/core/tls_chlo_extractor.cc
@@ -456,7 +456,6 @@
// initialized lazily in a thread-safe manner. |shared_handles| is therefore
// guaranteed to be initialized exactly once and never destructed.
static std::pair<SSL_CTX*, int>* shared_handles = []() {
- CRYPTO_library_init();
SSL_CTX* ssl_ctx = SSL_CTX_new(TLS_with_buffers_method());
SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_3_VERSION);
SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_3_VERSION);
