grpc 1.12.0 → 1.13.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +314 -23
- data/include/grpc/impl/codegen/fork.h +4 -4
- data/include/grpc/impl/codegen/grpc_types.h +1 -1
- data/include/grpc/impl/codegen/port_platform.h +3 -0
- data/src/boringssl/err_data.c +256 -246
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +1 -1
- data/src/core/ext/filters/client_channel/client_channel.cc +367 -272
- data/src/core/ext/filters/client_channel/lb_policy.h +1 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +11 -9
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +42 -32
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +36 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +36 -102
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +37 -32
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +22 -19
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver.h +1 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +3 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +0 -1
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +4 -4
- data/src/core/ext/filters/client_channel/subchannel.cc +3 -3
- data/src/core/ext/filters/http/client_authority_filter.cc +5 -4
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +4 -4
- data/src/core/ext/filters/http/server/http_server_filter.cc +123 -131
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +1 -1
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +9 -8
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +19 -19
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +10 -6
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +4 -3
- data/src/core/ext/transport/chttp2/transport/parsing.cc +14 -12
- data/src/core/ext/transport/chttp2/transport/writing.cc +6 -6
- data/src/core/lib/channel/channel_stack.cc +0 -5
- data/src/core/lib/channel/channel_stack.h +1 -1
- data/src/core/lib/channel/channel_stack_builder.cc +0 -3
- data/src/core/lib/channel/channel_stack_builder.h +0 -2
- data/src/core/lib/channel/channel_trace.cc +3 -3
- data/src/core/lib/channel/channelz_registry.cc +77 -0
- data/src/core/lib/channel/channelz_registry.h +99 -0
- data/src/core/lib/channel/handshaker.cc +20 -1
- data/src/core/lib/debug/stats.h +7 -0
- data/src/core/lib/debug/stats_data.cc +5 -0
- data/src/core/lib/debug/stats_data.h +120 -0
- data/src/core/lib/debug/trace.h +11 -9
- data/src/core/lib/gprpp/fork.cc +260 -0
- data/src/core/lib/gprpp/fork.h +79 -0
- data/src/core/lib/gprpp/memory.h +12 -0
- data/src/core/lib/gprpp/orphanable.h +2 -6
- data/src/core/lib/gprpp/ref_counted.h +2 -6
- data/src/core/lib/gprpp/thd.h +0 -3
- data/src/core/lib/gprpp/thd_posix.cc +4 -53
- data/src/core/lib/gprpp/thd_windows.cc +0 -7
- data/src/core/lib/http/httpcli_security_connector.cc +1 -3
- data/src/core/lib/iomgr/combiner.cc +19 -2
- data/src/core/lib/iomgr/combiner.h +1 -1
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +2 -2
- data/src/core/lib/iomgr/ev_epollex_linux.cc +59 -3
- data/src/core/lib/iomgr/ev_epollsig_linux.cc +1 -1
- data/src/core/lib/iomgr/ev_poll_posix.cc +2 -2
- data/src/core/lib/iomgr/ev_posix.cc +11 -4
- data/src/core/lib/iomgr/ev_posix.h +6 -0
- data/src/core/lib/iomgr/exec_ctx.cc +9 -9
- data/src/core/lib/iomgr/exec_ctx.h +39 -20
- data/src/core/lib/iomgr/fork_posix.cc +30 -18
- data/src/core/lib/iomgr/iomgr_posix.cc +2 -2
- data/src/core/lib/iomgr/polling_entity.cc +11 -2
- data/src/core/lib/iomgr/pollset_custom.cc +2 -2
- data/src/core/lib/iomgr/port.h +38 -1
- data/src/core/lib/iomgr/resolve_address.h +1 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +1 -1
- data/src/core/lib/iomgr/resource_quota.cc +1 -1
- data/src/core/lib/iomgr/sockaddr_posix.h +1 -1
- data/src/core/lib/iomgr/socket_factory_posix.cc +1 -1
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +1 -1
- data/src/core/lib/iomgr/tcp_client_custom.cc +3 -3
- data/src/core/lib/iomgr/tcp_client_posix.cc +3 -2
- data/src/core/lib/iomgr/tcp_custom.cc +1 -1
- data/src/core/lib/iomgr/tcp_posix.cc +18 -10
- data/src/core/lib/iomgr/tcp_server_posix.cc +9 -8
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +1 -1
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +16 -4
- data/src/core/lib/iomgr/timer.h +1 -1
- data/src/core/lib/iomgr/timer_generic.cc +113 -41
- data/src/core/lib/iomgr/timer_manager.cc +1 -1
- data/src/core/lib/security/credentials/credentials.h +1 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +88 -115
- data/src/core/lib/security/credentials/google_default/google_default_credentials.h +16 -0
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -6
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
- data/src/core/lib/security/security_connector/alts_security_connector.cc +2 -1
- data/src/core/lib/security/security_connector/security_connector.cc +7 -7
- data/src/core/lib/security/transport/security_handshaker.cc +1 -0
- data/src/core/lib/security/util/json_util.cc +4 -0
- data/src/core/lib/slice/slice_buffer.cc +15 -3
- data/src/core/lib/surface/call.cc +31 -17
- data/src/core/lib/surface/call.h +5 -0
- data/src/core/lib/surface/channel.cc +2 -5
- data/src/core/lib/surface/completion_queue.cc +1 -3
- data/src/core/lib/surface/completion_queue.h +0 -1
- data/src/core/lib/surface/init.cc +7 -8
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/byte_stream.cc +1 -1
- data/src/core/lib/transport/transport.cc +2 -1
- data/src/core/lib/transport/transport.h +4 -8
- data/src/core/lib/transport/transport_op_string.cc +1 -1
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +19 -7
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +10 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +28 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +3 -0
- data/src/core/tsi/fake_transport_security.cc +1 -0
- data/src/core/tsi/ssl_transport_security.cc +238 -110
- data/src/core/tsi/transport_security.cc +14 -0
- data/src/core/tsi/transport_security.h +2 -0
- data/src/core/tsi/transport_security_interface.h +11 -1
- data/src/ruby/bin/math_client.rb +17 -9
- data/src/ruby/lib/grpc/generic/rpc_server.rb +2 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +4 -1
- data/third_party/boringssl/crypto/asn1/a_int.c +33 -28
- data/third_party/boringssl/crypto/asn1/a_mbstr.c +24 -22
- data/third_party/boringssl/crypto/asn1/a_utf8.c +13 -11
- data/third_party/boringssl/crypto/asn1/asn1_locl.h +3 -0
- data/third_party/boringssl/crypto/bio/fd.c +1 -0
- data/third_party/boringssl/crypto/bio/file.c +2 -0
- data/third_party/boringssl/crypto/bn_extra/convert.c +6 -5
- data/third_party/boringssl/crypto/bytestring/ber.c +1 -4
- data/third_party/boringssl/crypto/bytestring/cbb.c +116 -16
- data/third_party/boringssl/crypto/bytestring/cbs.c +150 -20
- data/third_party/boringssl/crypto/cipher_extra/e_aesccm.c +171 -0
- data/third_party/boringssl/crypto/cipher_extra/e_rc2.c +2 -0
- data/third_party/boringssl/crypto/cipher_extra/e_tls.c +1 -2
- data/third_party/boringssl/crypto/cpu-aarch64-fuchsia.c +55 -0
- data/third_party/boringssl/crypto/cpu-aarch64-linux.c +2 -1
- data/third_party/boringssl/crypto/dsa/dsa.c +16 -54
- data/third_party/boringssl/crypto/fipsmodule/bcm.c +11 -542
- data/third_party/boringssl/crypto/fipsmodule/bn/add.c +33 -64
- data/third_party/boringssl/crypto/fipsmodule/bn/asm/x86_64-gcc.c +4 -3
- data/third_party/boringssl/crypto/fipsmodule/bn/bn.c +122 -70
- data/third_party/boringssl/crypto/fipsmodule/bn/bytes.c +32 -71
- data/third_party/boringssl/crypto/fipsmodule/bn/cmp.c +58 -112
- data/third_party/boringssl/crypto/fipsmodule/bn/div.c +198 -122
- data/third_party/boringssl/crypto/fipsmodule/bn/exponentiation.c +31 -65
- data/third_party/boringssl/crypto/fipsmodule/bn/generic.c +2 -1
- data/third_party/boringssl/crypto/fipsmodule/bn/internal.h +98 -15
- data/third_party/boringssl/crypto/fipsmodule/bn/jacobi.c +1 -1
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery.c +124 -81
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery_inv.c +8 -30
- data/third_party/boringssl/crypto/fipsmodule/bn/mul.c +303 -347
- data/third_party/boringssl/crypto/fipsmodule/bn/prime.c +2 -3
- data/third_party/boringssl/crypto/fipsmodule/bn/random.c +3 -4
- data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.c +199 -222
- data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.h +27 -47
- data/third_party/boringssl/crypto/fipsmodule/bn/shift.c +45 -28
- data/third_party/boringssl/crypto/fipsmodule/bn/sqrt.c +1 -1
- data/third_party/boringssl/crypto/fipsmodule/cipher/e_aes.c +10 -10
- data/third_party/boringssl/crypto/fipsmodule/des/internal.h +2 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/ec.c +78 -47
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_key.c +35 -54
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_montgomery.c +3 -10
- data/third_party/boringssl/crypto/fipsmodule/ec/internal.h +36 -22
- data/third_party/boringssl/crypto/fipsmodule/ec/oct.c +59 -90
- data/third_party/boringssl/crypto/fipsmodule/ec/p224-64.c +29 -48
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.c +17 -26
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.h +15 -11
- data/third_party/boringssl/crypto/fipsmodule/ec/simple.c +45 -51
- data/third_party/boringssl/crypto/fipsmodule/ec/{util-64.c → util.c} +0 -5
- data/third_party/boringssl/crypto/fipsmodule/ec/wnaf.c +144 -264
- data/third_party/boringssl/crypto/fipsmodule/ecdsa/ecdsa.c +78 -56
- data/third_party/boringssl/crypto/fipsmodule/modes/ccm.c +256 -0
- data/third_party/boringssl/crypto/fipsmodule/modes/internal.h +36 -32
- data/third_party/boringssl/crypto/fipsmodule/rand/ctrdrbg.c +9 -7
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa.c +16 -10
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa_impl.c +255 -102
- data/third_party/boringssl/crypto/fipsmodule/self_check/self_check.c +581 -0
- data/third_party/boringssl/crypto/fipsmodule/tls/internal.h +39 -0
- data/third_party/boringssl/crypto/fipsmodule/tls/kdf.c +165 -0
- data/third_party/boringssl/crypto/internal.h +65 -2
- data/third_party/boringssl/crypto/mem.c +0 -2
- data/third_party/boringssl/crypto/obj/obj.c +6 -73
- data/third_party/boringssl/crypto/thread_pthread.c +35 -5
- data/third_party/boringssl/crypto/x509/a_strex.c +11 -11
- data/third_party/boringssl/crypto/x509/x_name.c +13 -0
- data/third_party/boringssl/include/openssl/aead.h +4 -0
- data/third_party/boringssl/include/openssl/asn1.h +1 -3
- data/third_party/boringssl/include/openssl/base.h +1 -14
- data/third_party/boringssl/include/openssl/bio.h +1 -1
- data/third_party/boringssl/include/openssl/bn.h +49 -15
- data/third_party/boringssl/include/openssl/bytestring.h +49 -24
- data/third_party/boringssl/include/openssl/crypto.h +4 -0
- data/third_party/boringssl/include/openssl/ec_key.h +7 -3
- data/third_party/boringssl/include/openssl/err.h +9 -9
- data/third_party/boringssl/include/openssl/evp.h +1 -1
- data/third_party/boringssl/include/openssl/rsa.h +34 -10
- data/third_party/boringssl/include/openssl/ssl.h +160 -17
- data/third_party/boringssl/include/openssl/stack.h +1 -1
- data/third_party/boringssl/include/openssl/tls1.h +10 -2
- data/third_party/boringssl/include/openssl/x509.h +3 -0
- data/third_party/boringssl/ssl/d1_both.cc +16 -2
- data/third_party/boringssl/ssl/dtls_method.cc +1 -1
- data/third_party/boringssl/ssl/handoff.cc +285 -0
- data/third_party/boringssl/ssl/handshake.cc +26 -12
- data/third_party/boringssl/ssl/handshake_client.cc +65 -31
- data/third_party/boringssl/ssl/handshake_server.cc +14 -2
- data/third_party/boringssl/ssl/internal.h +132 -79
- data/third_party/boringssl/ssl/s3_both.cc +2 -2
- data/third_party/boringssl/ssl/s3_lib.cc +3 -1
- data/third_party/boringssl/ssl/s3_pkt.cc +0 -18
- data/third_party/boringssl/ssl/ssl_aead_ctx.cc +1 -4
- data/third_party/boringssl/ssl/ssl_asn1.cc +47 -43
- data/third_party/boringssl/ssl/ssl_cipher.cc +8 -8
- data/third_party/boringssl/ssl/ssl_key_share.cc +3 -1
- data/third_party/boringssl/ssl/ssl_lib.cc +83 -14
- data/third_party/boringssl/ssl/ssl_privkey.cc +6 -0
- data/third_party/boringssl/ssl/ssl_stat.cc +6 -6
- data/third_party/boringssl/ssl/ssl_versions.cc +12 -85
- data/third_party/boringssl/ssl/ssl_x509.cc +59 -61
- data/third_party/boringssl/ssl/t1_enc.cc +73 -124
- data/third_party/boringssl/ssl/t1_lib.cc +367 -41
- data/third_party/boringssl/ssl/tls13_both.cc +8 -0
- data/third_party/boringssl/ssl/tls13_client.cc +98 -184
- data/third_party/boringssl/ssl/tls13_enc.cc +88 -158
- data/third_party/boringssl/ssl/tls13_server.cc +91 -137
- data/third_party/boringssl/ssl/tls_method.cc +0 -17
- data/third_party/boringssl/ssl/tls_record.cc +1 -10
- data/third_party/boringssl/third_party/fiat/curve25519.c +921 -2753
- data/third_party/boringssl/third_party/fiat/curve25519_tables.h +7880 -0
- data/third_party/boringssl/third_party/fiat/internal.h +32 -20
- data/third_party/boringssl/third_party/fiat/p256.c +1824 -0
- metadata +64 -64
- data/src/core/lib/channel/channel_trace_registry.cc +0 -80
- data/src/core/lib/channel/channel_trace_registry.h +0 -43
- data/src/core/lib/gpr/fork.cc +0 -78
- data/src/core/lib/gpr/fork.h +0 -35
- data/src/core/tsi/transport_security_adapter.cc +0 -235
- data/src/core/tsi/transport_security_adapter.h +0 -41
- data/src/ruby/bin/apis/google/protobuf/empty.rb +0 -29
- data/src/ruby/bin/apis/pubsub_demo.rb +0 -241
- data/src/ruby/bin/apis/tech/pubsub/proto/pubsub.rb +0 -159
- data/src/ruby/bin/apis/tech/pubsub/proto/pubsub_services.rb +0 -88
- data/src/ruby/pb/test/client.rb +0 -764
- data/src/ruby/pb/test/server.rb +0 -252
- data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +0 -247
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-64.c +0 -1674
@@ -19,9 +19,6 @@
|
|
19
19
|
|
20
20
|
#include <openssl/base.h>
|
21
21
|
|
22
|
-
#if defined(OPENSSL_64_BIT) && !defined(OPENSSL_WINDOWS) && \
|
23
|
-
!defined(OPENSSL_SMALL)
|
24
|
-
|
25
22
|
#include <openssl/bn.h>
|
26
23
|
#include <openssl/ec.h>
|
27
24
|
#include <openssl/err.h>
|
@@ -34,6 +31,8 @@
|
|
34
31
|
#include "../../internal.h"
|
35
32
|
|
36
33
|
|
34
|
+
#if defined(BORINGSSL_HAS_UINT128) && !defined(OPENSSL_SMALL)
|
35
|
+
|
37
36
|
// Field elements are represented as a_0 + 2^56*a_1 + 2^112*a_2 + 2^168*a_3
|
38
37
|
// using 64-bit coefficients called 'limbs', and sometimes (for multiplication
|
39
38
|
// results) as b_0 + 2^56*b_1 + 2^112*b_2 + 2^168*b_3 + 2^224*b_4 + 2^280*b_5 +
|
@@ -1016,22 +1015,27 @@ static int ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP *group,
|
|
1016
1015
|
p224_felem_inv(z2, z1);
|
1017
1016
|
p224_felem_square(tmp, z2);
|
1018
1017
|
p224_felem_reduce(z1, tmp);
|
1019
|
-
|
1020
|
-
|
1021
|
-
|
1022
|
-
|
1023
|
-
|
1024
|
-
|
1018
|
+
|
1019
|
+
if (x != NULL) {
|
1020
|
+
p224_felem_mul(tmp, x_in, z1);
|
1021
|
+
p224_felem_reduce(x_in, tmp);
|
1022
|
+
p224_felem_contract(x_out, x_in);
|
1023
|
+
if (!p224_felem_to_BN(x, x_out)) {
|
1024
|
+
OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);
|
1025
|
+
return 0;
|
1026
|
+
}
|
1025
1027
|
}
|
1026
1028
|
|
1027
|
-
|
1028
|
-
|
1029
|
-
|
1030
|
-
|
1031
|
-
|
1032
|
-
|
1033
|
-
|
1034
|
-
|
1029
|
+
if (y != NULL) {
|
1030
|
+
p224_felem_mul(tmp, z1, z2);
|
1031
|
+
p224_felem_reduce(z1, tmp);
|
1032
|
+
p224_felem_mul(tmp, y_in, z1);
|
1033
|
+
p224_felem_reduce(y_in, tmp);
|
1034
|
+
p224_felem_contract(y_out, y_in);
|
1035
|
+
if (!p224_felem_to_BN(y, y_out)) {
|
1036
|
+
OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);
|
1037
|
+
return 0;
|
1038
|
+
}
|
1035
1039
|
}
|
1036
1040
|
|
1037
1041
|
return 1;
|
@@ -1041,28 +1045,9 @@ static int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
|
|
1041
1045
|
const EC_SCALAR *g_scalar,
|
1042
1046
|
const EC_POINT *p,
|
1043
1047
|
const EC_SCALAR *p_scalar, BN_CTX *ctx) {
|
1044
|
-
int ret = 0;
|
1045
|
-
BN_CTX *new_ctx = NULL;
|
1046
|
-
BIGNUM *x, *y, *z, *tmp_scalar;
|
1047
1048
|
p224_felem p_pre_comp[17][3];
|
1048
1049
|
p224_felem x_in, y_in, z_in, x_out, y_out, z_out;
|
1049
1050
|
|
1050
|
-
if (ctx == NULL) {
|
1051
|
-
ctx = BN_CTX_new();
|
1052
|
-
new_ctx = ctx;
|
1053
|
-
if (ctx == NULL) {
|
1054
|
-
return 0;
|
1055
|
-
}
|
1056
|
-
}
|
1057
|
-
|
1058
|
-
BN_CTX_start(ctx);
|
1059
|
-
if ((x = BN_CTX_get(ctx)) == NULL ||
|
1060
|
-
(y = BN_CTX_get(ctx)) == NULL ||
|
1061
|
-
(z = BN_CTX_get(ctx)) == NULL ||
|
1062
|
-
(tmp_scalar = BN_CTX_get(ctx)) == NULL) {
|
1063
|
-
goto err;
|
1064
|
-
}
|
1065
|
-
|
1066
1051
|
if (p != NULL && p_scalar != NULL) {
|
1067
1052
|
// We treat NULL scalars as 0, and NULL points as points at infinity, i.e.,
|
1068
1053
|
// they contribute nothing to the linear combination.
|
@@ -1071,7 +1056,7 @@ static int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
|
|
1071
1056
|
if (!p224_BN_to_felem(x_out, &p->X) ||
|
1072
1057
|
!p224_BN_to_felem(y_out, &p->Y) ||
|
1073
1058
|
!p224_BN_to_felem(z_out, &p->Z)) {
|
1074
|
-
|
1059
|
+
return 0;
|
1075
1060
|
}
|
1076
1061
|
|
1077
1062
|
p224_felem_assign(p_pre_comp[1][0], x_out);
|
@@ -1101,18 +1086,13 @@ static int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
|
|
1101
1086
|
p224_felem_contract(x_in, x_out);
|
1102
1087
|
p224_felem_contract(y_in, y_out);
|
1103
1088
|
p224_felem_contract(z_in, z_out);
|
1104
|
-
if (!p224_felem_to_BN(
|
1105
|
-
!p224_felem_to_BN(
|
1106
|
-
!p224_felem_to_BN(
|
1089
|
+
if (!p224_felem_to_BN(&r->X, x_in) ||
|
1090
|
+
!p224_felem_to_BN(&r->Y, y_in) ||
|
1091
|
+
!p224_felem_to_BN(&r->Z, z_in)) {
|
1107
1092
|
OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);
|
1108
|
-
|
1093
|
+
return 0;
|
1109
1094
|
}
|
1110
|
-
|
1111
|
-
|
1112
|
-
err:
|
1113
|
-
BN_CTX_end(ctx);
|
1114
|
-
BN_CTX_free(new_ctx);
|
1115
|
-
return ret;
|
1095
|
+
return 1;
|
1116
1096
|
}
|
1117
1097
|
|
1118
1098
|
DEFINE_METHOD_FUNCTION(EC_METHOD, EC_GFp_nistp224_method) {
|
@@ -1122,10 +1102,11 @@ DEFINE_METHOD_FUNCTION(EC_METHOD, EC_GFp_nistp224_method) {
|
|
1122
1102
|
out->point_get_affine_coordinates =
|
1123
1103
|
ec_GFp_nistp224_point_get_affine_coordinates;
|
1124
1104
|
out->mul = ec_GFp_nistp224_points_mul;
|
1105
|
+
out->mul_public = ec_GFp_nistp224_points_mul;
|
1125
1106
|
out->field_mul = ec_GFp_simple_field_mul;
|
1126
1107
|
out->field_sqr = ec_GFp_simple_field_sqr;
|
1127
1108
|
out->field_encode = NULL;
|
1128
1109
|
out->field_decode = NULL;
|
1129
1110
|
};
|
1130
1111
|
|
1131
|
-
#endif //
|
1112
|
+
#endif // BORINGSSL_HAS_UINT128 && !SMALL
|
@@ -1,24 +1,20 @@
|
|
1
|
-
/*
|
1
|
+
/*
|
2
|
+
* Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
|
3
|
+
* Copyright (c) 2014, Intel Corporation. All Rights Reserved.
|
2
4
|
*
|
3
|
-
*
|
4
|
-
*
|
5
|
-
*
|
5
|
+
* Licensed under the OpenSSL license (the "License"). You may not use
|
6
|
+
* this file except in compliance with the License. You can obtain a copy
|
7
|
+
* in the file LICENSE in the source distribution or at
|
8
|
+
* https://www.openssl.org/source/license.html
|
6
9
|
*
|
7
|
-
*
|
8
|
-
*
|
9
|
-
*
|
10
|
-
*
|
11
|
-
*
|
12
|
-
*
|
13
|
-
*
|
14
|
-
|
15
|
-
// Developers and authors:
|
16
|
-
// Shay Gueron (1, 2), and Vlad Krasnov (1)
|
17
|
-
// (1) Intel Corporation, Israel Development Center
|
18
|
-
// (2) University of Haifa
|
19
|
-
// Reference:
|
20
|
-
// S.Gueron and V.Krasnov, "Fast Prime Field Elliptic Curve Cryptography with
|
21
|
-
// 256 Bit Primes"
|
10
|
+
* Originally written by Shay Gueron (1, 2), and Vlad Krasnov (1)
|
11
|
+
* (1) Intel Corporation, Israel Development Center, Haifa, Israel
|
12
|
+
* (2) University of Haifa, Israel
|
13
|
+
*
|
14
|
+
* Reference:
|
15
|
+
* S.Gueron and V.Krasnov, "Fast Prime Field Elliptic Curve Cryptography with
|
16
|
+
* 256 Bit Primes"
|
17
|
+
*/
|
22
18
|
|
23
19
|
#include <openssl/ec.h>
|
24
20
|
|
@@ -205,13 +201,7 @@ static void ecp_nistz256_mod_inverse_mont(BN_ULONG r[P256_LIMBS],
|
|
205
201
|
// returns one if it fits. Otherwise it returns zero.
|
206
202
|
static int ecp_nistz256_bignum_to_field_elem(BN_ULONG out[P256_LIMBS],
|
207
203
|
const BIGNUM *in) {
|
208
|
-
|
209
|
-
return 0;
|
210
|
-
}
|
211
|
-
|
212
|
-
OPENSSL_memset(out, 0, sizeof(BN_ULONG) * P256_LIMBS);
|
213
|
-
OPENSSL_memcpy(out, in->d, sizeof(BN_ULONG) * in->top);
|
214
|
-
return 1;
|
204
|
+
return bn_copy_words(out, P256_LIMBS, in);
|
215
205
|
}
|
216
206
|
|
217
207
|
// r = p * p_scalar
|
@@ -446,6 +436,7 @@ DEFINE_METHOD_FUNCTION(EC_METHOD, EC_GFp_nistz256_method) {
|
|
446
436
|
out->group_set_curve = ec_GFp_mont_group_set_curve;
|
447
437
|
out->point_get_affine_coordinates = ecp_nistz256_get_affine;
|
448
438
|
out->mul = ecp_nistz256_points_mul;
|
439
|
+
out->mul_public = ecp_nistz256_points_mul;
|
449
440
|
out->field_mul = ec_GFp_mont_field_mul;
|
450
441
|
out->field_sqr = ec_GFp_mont_field_sqr;
|
451
442
|
out->field_encode = ec_GFp_mont_field_encode;
|
@@ -1,16 +1,20 @@
|
|
1
|
-
/*
|
1
|
+
/*
|
2
|
+
* Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
|
3
|
+
* Copyright (c) 2014, Intel Corporation. All Rights Reserved.
|
2
4
|
*
|
3
|
-
*
|
4
|
-
*
|
5
|
-
*
|
5
|
+
* Licensed under the OpenSSL license (the "License"). You may not use
|
6
|
+
* this file except in compliance with the License. You can obtain a copy
|
7
|
+
* in the file LICENSE in the source distribution or at
|
8
|
+
* https://www.openssl.org/source/license.html
|
6
9
|
*
|
7
|
-
*
|
8
|
-
*
|
9
|
-
*
|
10
|
-
*
|
11
|
-
*
|
12
|
-
*
|
13
|
-
*
|
10
|
+
* Originally written by Shay Gueron (1, 2), and Vlad Krasnov (1)
|
11
|
+
* (1) Intel Corporation, Israel Development Center, Haifa, Israel
|
12
|
+
* (2) University of Haifa, Israel
|
13
|
+
*
|
14
|
+
* Reference:
|
15
|
+
* S.Gueron and V.Krasnov, "Fast Prime Field Elliptic Curve Cryptography with
|
16
|
+
* 256 Bit Primes"
|
17
|
+
*/
|
14
18
|
|
15
19
|
#ifndef OPENSSL_HEADER_EC_P256_X86_64_H
|
16
20
|
#define OPENSSL_HEADER_EC_P256_X86_64_H
|
@@ -135,9 +135,11 @@ int ec_GFp_simple_group_set_curve(EC_GROUP *group, const BIGNUM *p,
|
|
135
135
|
goto err;
|
136
136
|
}
|
137
137
|
BN_set_negative(&group->field, 0);
|
138
|
+
// Store the field in minimal form, so it can be used with |BN_ULONG| arrays.
|
139
|
+
bn_set_minimal_width(&group->field);
|
138
140
|
|
139
141
|
// group->a
|
140
|
-
if (!BN_nnmod(tmp_a, a,
|
142
|
+
if (!BN_nnmod(tmp_a, a, &group->field, ctx)) {
|
141
143
|
goto err;
|
142
144
|
}
|
143
145
|
if (group->meth->field_encode) {
|
@@ -149,7 +151,7 @@ int ec_GFp_simple_group_set_curve(EC_GROUP *group, const BIGNUM *p,
|
|
149
151
|
}
|
150
152
|
|
151
153
|
// group->b
|
152
|
-
if (!BN_nnmod(&group->b, b,
|
154
|
+
if (!BN_nnmod(&group->b, b, &group->field, ctx)) {
|
153
155
|
goto err;
|
154
156
|
}
|
155
157
|
if (group->meth->field_encode &&
|
@@ -269,9 +271,14 @@ static int set_Jprojective_coordinate_GFp(const EC_GROUP *group, BIGNUM *out,
|
|
269
271
|
return BN_copy(out, in) != NULL;
|
270
272
|
}
|
271
273
|
|
272
|
-
int
|
273
|
-
|
274
|
-
|
274
|
+
int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *group,
|
275
|
+
EC_POINT *point, const BIGNUM *x,
|
276
|
+
const BIGNUM *y, BN_CTX *ctx) {
|
277
|
+
if (x == NULL || y == NULL) {
|
278
|
+
OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);
|
279
|
+
return 0;
|
280
|
+
}
|
281
|
+
|
275
282
|
BN_CTX *new_ctx = NULL;
|
276
283
|
int ret = 0;
|
277
284
|
|
@@ -284,7 +291,7 @@ int ec_GFp_simple_set_Jprojective_coordinates_GFp(
|
|
284
291
|
|
285
292
|
if (!set_Jprojective_coordinate_GFp(group, &point->X, x, ctx) ||
|
286
293
|
!set_Jprojective_coordinate_GFp(group, &point->Y, y, ctx) ||
|
287
|
-
!
|
294
|
+
!BN_copy(&point->Z, &group->one)) {
|
288
295
|
goto err;
|
289
296
|
}
|
290
297
|
|
@@ -295,19 +302,6 @@ err:
|
|
295
302
|
return ret;
|
296
303
|
}
|
297
304
|
|
298
|
-
int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *group,
|
299
|
-
EC_POINT *point, const BIGNUM *x,
|
300
|
-
const BIGNUM *y, BN_CTX *ctx) {
|
301
|
-
if (x == NULL || y == NULL) {
|
302
|
-
// unlike for projective coordinates, we do not tolerate this
|
303
|
-
OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);
|
304
|
-
return 0;
|
305
|
-
}
|
306
|
-
|
307
|
-
return ec_point_set_Jprojective_coordinates_GFp(group, point, x, y,
|
308
|
-
BN_value_one(), ctx);
|
309
|
-
}
|
310
|
-
|
311
305
|
int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
|
312
306
|
const EC_POINT *b, BN_CTX *ctx) {
|
313
307
|
int (*field_mul)(const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *,
|
@@ -401,8 +395,8 @@ int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
|
|
401
395
|
}
|
402
396
|
|
403
397
|
// n5, n6
|
404
|
-
if (!
|
405
|
-
!
|
398
|
+
if (!bn_mod_sub_quick_ctx(n5, n1, n3, p, ctx) ||
|
399
|
+
!bn_mod_sub_quick_ctx(n6, n2, n4, p, ctx)) {
|
406
400
|
goto end;
|
407
401
|
}
|
408
402
|
// n5 = n1 - n3
|
@@ -424,8 +418,8 @@ int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
|
|
424
418
|
}
|
425
419
|
|
426
420
|
// 'n7', 'n8'
|
427
|
-
if (!
|
428
|
-
!
|
421
|
+
if (!bn_mod_add_quick_ctx(n1, n1, n3, p, ctx) ||
|
422
|
+
!bn_mod_add_quick_ctx(n2, n2, n4, p, ctx)) {
|
429
423
|
goto end;
|
430
424
|
}
|
431
425
|
// 'n7' = n1 + n3
|
@@ -459,14 +453,14 @@ int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
|
|
459
453
|
if (!field_sqr(group, n0, n6, ctx) ||
|
460
454
|
!field_sqr(group, n4, n5, ctx) ||
|
461
455
|
!field_mul(group, n3, n1, n4, ctx) ||
|
462
|
-
!
|
456
|
+
!bn_mod_sub_quick_ctx(&r->X, n0, n3, p, ctx)) {
|
463
457
|
goto end;
|
464
458
|
}
|
465
459
|
// X_r = n6^2 - n5^2 * 'n7'
|
466
460
|
|
467
461
|
// 'n9'
|
468
|
-
if (!
|
469
|
-
!
|
462
|
+
if (!bn_mod_lshift1_quick_ctx(n0, &r->X, p, ctx) ||
|
463
|
+
!bn_mod_sub_quick_ctx(n0, n3, n0, p, ctx)) {
|
470
464
|
goto end;
|
471
465
|
}
|
472
466
|
// n9 = n5^2 * 'n7' - 2 * X_r
|
@@ -477,7 +471,7 @@ int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
|
|
477
471
|
goto end; // now n5 is n5^3
|
478
472
|
}
|
479
473
|
if (!field_mul(group, n1, n2, n5, ctx) ||
|
480
|
-
!
|
474
|
+
!bn_mod_sub_quick_ctx(n0, n0, n1, p, ctx)) {
|
481
475
|
goto end;
|
482
476
|
}
|
483
477
|
if (BN_is_odd(n0) && !BN_add(n0, n0, p)) {
|
@@ -542,31 +536,31 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
|
|
542
536
|
// n1
|
543
537
|
if (BN_cmp(&a->Z, &group->one) == 0) {
|
544
538
|
if (!field_sqr(group, n0, &a->X, ctx) ||
|
545
|
-
!
|
546
|
-
!
|
547
|
-
!
|
539
|
+
!bn_mod_lshift1_quick_ctx(n1, n0, p, ctx) ||
|
540
|
+
!bn_mod_add_quick_ctx(n0, n0, n1, p, ctx) ||
|
541
|
+
!bn_mod_add_quick_ctx(n1, n0, &group->a, p, ctx)) {
|
548
542
|
goto err;
|
549
543
|
}
|
550
544
|
// n1 = 3 * X_a^2 + a_curve
|
551
545
|
} else if (group->a_is_minus3) {
|
552
546
|
if (!field_sqr(group, n1, &a->Z, ctx) ||
|
553
|
-
!
|
554
|
-
!
|
547
|
+
!bn_mod_add_quick_ctx(n0, &a->X, n1, p, ctx) ||
|
548
|
+
!bn_mod_sub_quick_ctx(n2, &a->X, n1, p, ctx) ||
|
555
549
|
!field_mul(group, n1, n0, n2, ctx) ||
|
556
|
-
!
|
557
|
-
!
|
550
|
+
!bn_mod_lshift1_quick_ctx(n0, n1, p, ctx) ||
|
551
|
+
!bn_mod_add_quick_ctx(n1, n0, n1, p, ctx)) {
|
558
552
|
goto err;
|
559
553
|
}
|
560
554
|
// n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2)
|
561
555
|
// = 3 * X_a^2 - 3 * Z_a^4
|
562
556
|
} else {
|
563
557
|
if (!field_sqr(group, n0, &a->X, ctx) ||
|
564
|
-
!
|
565
|
-
!
|
558
|
+
!bn_mod_lshift1_quick_ctx(n1, n0, p, ctx) ||
|
559
|
+
!bn_mod_add_quick_ctx(n0, n0, n1, p, ctx) ||
|
566
560
|
!field_sqr(group, n1, &a->Z, ctx) ||
|
567
561
|
!field_sqr(group, n1, n1, ctx) ||
|
568
562
|
!field_mul(group, n1, n1, &group->a, ctx) ||
|
569
|
-
!
|
563
|
+
!bn_mod_add_quick_ctx(n1, n1, n0, p, ctx)) {
|
570
564
|
goto err;
|
571
565
|
}
|
572
566
|
// n1 = 3 * X_a^2 + a_curve * Z_a^4
|
@@ -580,7 +574,7 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
|
|
580
574
|
} else if (!field_mul(group, n0, &a->Y, &a->Z, ctx)) {
|
581
575
|
goto err;
|
582
576
|
}
|
583
|
-
if (!
|
577
|
+
if (!bn_mod_lshift1_quick_ctx(&r->Z, n0, p, ctx)) {
|
584
578
|
goto err;
|
585
579
|
}
|
586
580
|
// Z_r = 2 * Y_a * Z_a
|
@@ -588,30 +582,30 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
|
|
588
582
|
// n2
|
589
583
|
if (!field_sqr(group, n3, &a->Y, ctx) ||
|
590
584
|
!field_mul(group, n2, &a->X, n3, ctx) ||
|
591
|
-
!
|
585
|
+
!bn_mod_lshift_quick_ctx(n2, n2, 2, p, ctx)) {
|
592
586
|
goto err;
|
593
587
|
}
|
594
588
|
// n2 = 4 * X_a * Y_a^2
|
595
589
|
|
596
590
|
// X_r
|
597
|
-
if (!
|
591
|
+
if (!bn_mod_lshift1_quick_ctx(n0, n2, p, ctx) ||
|
598
592
|
!field_sqr(group, &r->X, n1, ctx) ||
|
599
|
-
!
|
593
|
+
!bn_mod_sub_quick_ctx(&r->X, &r->X, n0, p, ctx)) {
|
600
594
|
goto err;
|
601
595
|
}
|
602
596
|
// X_r = n1^2 - 2 * n2
|
603
597
|
|
604
598
|
// n3
|
605
599
|
if (!field_sqr(group, n0, n3, ctx) ||
|
606
|
-
!
|
600
|
+
!bn_mod_lshift_quick_ctx(n3, n0, 3, p, ctx)) {
|
607
601
|
goto err;
|
608
602
|
}
|
609
603
|
// n3 = 8 * Y_a^4
|
610
604
|
|
611
605
|
// Y_r
|
612
|
-
if (!
|
606
|
+
if (!bn_mod_sub_quick_ctx(n0, n2, &r->X, p, ctx) ||
|
613
607
|
!field_mul(group, n0, n1, n0, ctx) ||
|
614
|
-
!
|
608
|
+
!bn_mod_sub_quick_ctx(&r->Y, n0, n3, p, ctx)) {
|
615
609
|
goto err;
|
616
610
|
}
|
617
611
|
// Y_r = n1 * (n2 - X_r) - n3
|
@@ -694,15 +688,15 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
|
|
694
688
|
|
695
689
|
// rh := (rh + a*Z^4)*X
|
696
690
|
if (group->a_is_minus3) {
|
697
|
-
if (!
|
698
|
-
!
|
699
|
-
!
|
691
|
+
if (!bn_mod_lshift1_quick_ctx(tmp, Z4, p, ctx) ||
|
692
|
+
!bn_mod_add_quick_ctx(tmp, tmp, Z4, p, ctx) ||
|
693
|
+
!bn_mod_sub_quick_ctx(rh, rh, tmp, p, ctx) ||
|
700
694
|
!field_mul(group, rh, rh, &point->X, ctx)) {
|
701
695
|
goto err;
|
702
696
|
}
|
703
697
|
} else {
|
704
698
|
if (!field_mul(group, tmp, Z4, &group->a, ctx) ||
|
705
|
-
!
|
699
|
+
!bn_mod_add_quick_ctx(rh, rh, tmp, p, ctx) ||
|
706
700
|
!field_mul(group, rh, rh, &point->X, ctx)) {
|
707
701
|
goto err;
|
708
702
|
}
|
@@ -710,17 +704,17 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
|
|
710
704
|
|
711
705
|
// rh := rh + b*Z^6
|
712
706
|
if (!field_mul(group, tmp, &group->b, Z6, ctx) ||
|
713
|
-
!
|
707
|
+
!bn_mod_add_quick_ctx(rh, rh, tmp, p, ctx)) {
|
714
708
|
goto err;
|
715
709
|
}
|
716
710
|
} else {
|
717
711
|
// rh := (rh + a)*X
|
718
|
-
if (!
|
712
|
+
if (!bn_mod_add_quick_ctx(rh, rh, &group->a, p, ctx) ||
|
719
713
|
!field_mul(group, rh, rh, &point->X, ctx)) {
|
720
714
|
goto err;
|
721
715
|
}
|
722
716
|
// rh := rh + b
|
723
|
-
if (!
|
717
|
+
if (!bn_mod_add_quick_ctx(rh, rh, &group->b, p, ctx)) {
|
724
718
|
goto err;
|
725
719
|
}
|
726
720
|
}
|