grpc 1.24.0 → 1.25.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +306 -243
- data/etc/roots.pem +0 -100
- data/include/grpc/grpc_security.h +44 -18
- data/include/grpc/impl/codegen/grpc_types.h +15 -0
- data/include/grpc/impl/codegen/port_platform.h +27 -11
- data/include/grpc/impl/codegen/sync_generic.h +1 -1
- data/src/boringssl/err_data.c +695 -650
- data/src/core/ext/filters/client_channel/client_channel.cc +257 -179
- data/src/core/ext/filters/client_channel/client_channel.h +24 -0
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +2 -3
- data/src/core/ext/filters/client_channel/client_channel_factory.h +1 -5
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +18 -45
- data/src/core/ext/filters/client_channel/health/health_check_client.h +5 -13
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy.cc +2 -3
- data/src/core/ext/filters/client_channel/lb_policy.h +65 -55
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +14 -14
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +113 -36
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +14 -19
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +36 -13
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +3 -10
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +814 -1589
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +2 -5
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +3 -6
- data/src/core/ext/filters/client_channel/resolver.cc +1 -2
- data/src/core/ext/filters/client_channel/resolver.h +8 -16
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +25 -8
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +46 -12
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +10 -17
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +7 -8
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +111 -44
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +22 -14
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +29 -10
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +27 -36
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +7 -10
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +60 -16
- data/src/core/ext/filters/client_channel/resolver_factory.h +4 -8
- data/src/core/ext/filters/client_channel/resolver_registry.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver_registry.h +1 -1
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +7 -10
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +7 -8
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +1 -1
- data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -5
- data/src/core/ext/filters/client_channel/retry_throttle.h +1 -4
- data/src/core/ext/filters/client_channel/service_config.h +8 -8
- data/src/core/ext/filters/client_channel/subchannel.cc +53 -86
- data/src/core/ext/filters/client_channel/subchannel.h +7 -9
- data/src/core/ext/filters/client_channel/subchannel_interface.h +9 -13
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +3 -6
- data/src/core/ext/filters/client_channel/{lb_policy/xds/xds_load_balancer_api.cc → xds/xds_api.cc} +169 -52
- data/src/core/ext/filters/client_channel/xds/xds_api.h +171 -0
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +450 -0
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +99 -0
- data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_channel.h +8 -6
- data/src/core/ext/filters/client_channel/xds/xds_channel_args.h +26 -0
- data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_channel_secure.cc +28 -11
- data/src/core/ext/filters/client_channel/xds/xds_client.cc +1413 -0
- data/src/core/ext/filters/client_channel/xds/xds_client.h +221 -0
- data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_client_stats.cc +1 -5
- data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_client_stats.h +3 -4
- data/src/core/ext/filters/deadline/deadline_filter.cc +20 -20
- data/src/core/ext/filters/http/client/http_client_filter.cc +15 -15
- data/src/core/ext/filters/http/client_authority_filter.cc +14 -14
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +12 -12
- data/src/core/ext/filters/max_age/max_age_filter.cc +59 -50
- data/src/core/ext/filters/message_size/message_size_filter.cc +18 -18
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +15 -14
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +233 -175
- data/src/core/ext/transport/chttp2/transport/flow_control.h +21 -24
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +253 -163
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +24 -12
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +2 -3
- data/src/core/ext/transport/chttp2/transport/internal.h +13 -15
- data/src/core/ext/transport/chttp2/transport/writing.cc +3 -0
- data/src/core/ext/transport/inproc/inproc_transport.cc +20 -13
- data/src/core/lib/channel/channel_args.cc +16 -0
- data/src/core/lib/channel/channel_args.h +22 -0
- data/src/core/lib/channel/channelz.cc +5 -6
- data/src/core/lib/channel/channelz.h +1 -1
- data/src/core/lib/channel/connected_channel.cc +20 -20
- data/src/core/lib/channel/handshaker.h +3 -4
- data/src/core/lib/channel/handshaker_factory.h +1 -3
- data/src/core/lib/debug/trace.h +3 -2
- data/src/core/lib/gprpp/arena.cc +3 -3
- data/src/core/lib/gprpp/arena.h +2 -3
- data/src/core/lib/gprpp/inlined_vector.h +9 -0
- data/src/core/lib/gprpp/map.h +3 -501
- data/src/core/lib/gprpp/memory.h +45 -41
- data/src/core/lib/gprpp/mpscq.cc +108 -0
- data/src/core/lib/gprpp/mpscq.h +98 -0
- data/src/core/lib/gprpp/orphanable.h +6 -11
- data/src/core/lib/gprpp/ref_counted.h +25 -19
- data/src/core/lib/gprpp/set.h +33 -0
- data/src/core/lib/gprpp/thd.h +2 -4
- data/src/core/lib/http/httpcli.cc +1 -1
- data/src/core/lib/http/httpcli_security_connector.cc +15 -11
- data/src/core/lib/http/parser.cc +1 -1
- data/src/core/lib/iomgr/buffer_list.cc +4 -5
- data/src/core/lib/iomgr/buffer_list.h +5 -6
- data/src/core/lib/iomgr/call_combiner.cc +4 -5
- data/src/core/lib/iomgr/call_combiner.h +2 -2
- data/src/core/lib/iomgr/cfstream_handle.h +3 -5
- data/src/core/lib/iomgr/closure.h +8 -3
- data/src/core/lib/iomgr/combiner.cc +45 -82
- data/src/core/lib/iomgr/combiner.h +32 -8
- data/src/core/lib/iomgr/endpoint_cfstream.cc +5 -3
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +19 -15
- data/src/core/lib/iomgr/exec_ctx.h +4 -3
- data/src/core/lib/iomgr/executor.cc +4 -2
- data/src/core/lib/iomgr/executor.h +3 -0
- data/src/core/lib/iomgr/executor/mpmcqueue.h +3 -6
- data/src/core/lib/iomgr/executor/threadpool.cc +1 -2
- data/src/core/lib/iomgr/executor/threadpool.h +7 -11
- data/src/core/lib/iomgr/resource_quota.cc +55 -51
- data/src/core/lib/iomgr/resource_quota.h +13 -9
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +13 -0
- data/src/core/lib/iomgr/socket_utils_posix.h +4 -0
- data/src/core/lib/iomgr/tcp_client_posix.cc +4 -11
- data/src/core/lib/iomgr/tcp_custom.cc +9 -7
- data/src/core/lib/iomgr/tcp_posix.cc +20 -16
- data/src/core/lib/iomgr/tcp_server.h +1 -4
- data/src/core/lib/iomgr/tcp_server_custom.cc +5 -5
- data/src/core/lib/iomgr/tcp_server_posix.cc +1 -1
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +2 -11
- data/src/core/lib/iomgr/timer_custom.cc +2 -2
- data/src/core/lib/iomgr/udp_server.cc +3 -2
- data/src/core/lib/iomgr/udp_server.h +6 -12
- data/src/core/lib/json/json.h +1 -1
- data/src/core/lib/json/json_string.cc +2 -2
- data/src/core/lib/profiling/basic_timers.cc +2 -2
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -2
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +1 -1
- data/src/core/lib/security/credentials/credentials.h +4 -20
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +4 -4
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -3
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +64 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +4 -4
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +9 -7
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +2 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +4 -4
- data/src/core/lib/security/security_connector/security_connector.cc +1 -0
- data/src/core/lib/security/security_connector/security_connector.h +19 -17
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +8 -5
- data/src/core/lib/security/security_connector/ssl_utils.cc +2 -2
- data/src/core/lib/security/security_connector/ssl_utils.h +1 -1
- data/src/core/lib/security/security_connector/tls/spiffe_security_connector.cc +14 -6
- data/src/core/lib/security/security_connector/tls/spiffe_security_connector.h +4 -2
- data/src/core/lib/security/transport/client_auth_filter.cc +17 -17
- data/src/core/lib/security/transport/security_handshaker.cc +29 -13
- data/src/core/lib/security/transport/security_handshaker.h +4 -2
- data/src/core/lib/security/transport/server_auth_filter.cc +14 -14
- data/src/core/lib/slice/slice.cc +2 -10
- data/src/core/lib/slice/slice_hash_table.h +4 -6
- data/src/core/lib/slice/slice_intern.cc +42 -39
- data/src/core/lib/slice/slice_internal.h +3 -3
- data/src/core/lib/slice/slice_utils.h +21 -4
- data/src/core/lib/slice/slice_weak_hash_table.h +4 -6
- data/src/core/lib/surface/call.cc +3 -3
- data/src/core/lib/surface/channel.cc +7 -0
- data/src/core/lib/surface/completion_queue.cc +12 -11
- data/src/core/lib/surface/completion_queue.h +4 -2
- data/src/core/lib/surface/init.cc +1 -0
- data/src/core/lib/surface/lame_client.cc +33 -18
- data/src/core/lib/surface/server.cc +77 -76
- data/src/core/lib/surface/version.cc +1 -1
- data/src/core/lib/transport/byte_stream.h +3 -7
- data/src/core/lib/transport/connectivity_state.cc +112 -98
- data/src/core/lib/transport/connectivity_state.h +100 -50
- data/src/core/lib/transport/static_metadata.cc +276 -288
- data/src/core/lib/transport/static_metadata.h +73 -76
- data/src/core/lib/transport/status_conversion.cc +1 -1
- data/src/core/lib/transport/status_metadata.cc +1 -1
- data/src/core/lib/transport/transport.cc +2 -2
- data/src/core/lib/transport/transport.h +12 -4
- data/src/core/lib/transport/transport_op_string.cc +14 -11
- data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +1 -1
- data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +1 -1
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +5 -5
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +12 -2
- data/src/core/tsi/fake_transport_security.cc +7 -5
- data/src/core/tsi/grpc_shadow_boringssl.h +2918 -2627
- data/src/core/tsi/local_transport_security.cc +8 -6
- data/src/core/tsi/ssl/session_cache/ssl_session.h +1 -3
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +7 -5
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +4 -6
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +1 -2
- data/src/core/tsi/ssl_transport_security.cc +12 -12
- data/src/core/tsi/ssl_transport_security.h +2 -2
- data/src/core/tsi/transport_security_grpc.cc +7 -0
- data/src/core/tsi/transport_security_grpc.h +6 -0
- data/src/ruby/ext/grpc/extconf.rb +1 -0
- data/src/ruby/ext/grpc/rb_call.c +1 -1
- data/src/ruby/ext/grpc/rb_channel.c +1 -1
- data/src/ruby/lib/grpc/generic/bidi_call.rb +1 -1
- data/src/ruby/lib/grpc/generic/rpc_server.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/spec/google_rpc_status_utils_spec.rb +2 -2
- data/third_party/boringssl/crypto/asn1/a_bool.c +18 -5
- data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +17 -221
- data/third_party/boringssl/crypto/asn1/a_dup.c +0 -24
- data/third_party/boringssl/crypto/asn1/a_enum.c +2 -2
- data/third_party/boringssl/crypto/asn1/a_i2d_fp.c +10 -72
- data/third_party/boringssl/crypto/asn1/a_int.c +12 -71
- data/third_party/boringssl/crypto/asn1/a_mbstr.c +110 -216
- data/third_party/boringssl/crypto/asn1/a_object.c +16 -5
- data/third_party/boringssl/crypto/asn1/a_strnid.c +1 -0
- data/third_party/boringssl/crypto/asn1/asn1_lib.c +5 -1
- data/third_party/boringssl/crypto/asn1/tasn_enc.c +3 -1
- data/third_party/boringssl/crypto/base64/base64.c +2 -2
- data/third_party/boringssl/crypto/bio/bio.c +73 -9
- data/third_party/boringssl/crypto/bio/connect.c +4 -0
- data/third_party/boringssl/crypto/bio/fd.c +4 -0
- data/third_party/boringssl/crypto/bio/file.c +5 -2
- data/third_party/boringssl/crypto/bio/socket.c +4 -0
- data/third_party/boringssl/crypto/bio/socket_helper.c +4 -0
- data/third_party/boringssl/crypto/bn_extra/convert.c +11 -7
- data/third_party/boringssl/crypto/bytestring/ber.c +8 -4
- data/third_party/boringssl/crypto/bytestring/cbb.c +19 -7
- data/third_party/boringssl/crypto/bytestring/cbs.c +28 -15
- data/third_party/boringssl/crypto/bytestring/internal.h +28 -7
- data/third_party/boringssl/crypto/bytestring/unicode.c +155 -0
- data/third_party/boringssl/crypto/chacha/chacha.c +36 -19
- data/third_party/boringssl/crypto/chacha/internal.h +45 -0
- data/third_party/boringssl/crypto/cipher_extra/cipher_extra.c +29 -0
- data/third_party/boringssl/crypto/cipher_extra/e_aesccm.c +269 -25
- data/third_party/boringssl/crypto/cipher_extra/e_aesctrhmac.c +16 -14
- data/third_party/boringssl/crypto/cipher_extra/e_aesgcmsiv.c +54 -38
- data/third_party/boringssl/crypto/cipher_extra/e_chacha20poly1305.c +133 -41
- data/third_party/boringssl/crypto/cipher_extra/e_tls.c +23 -15
- data/third_party/boringssl/crypto/cipher_extra/tls_cbc.c +24 -15
- data/third_party/boringssl/crypto/cmac/cmac.c +62 -25
- data/third_party/boringssl/crypto/conf/conf.c +7 -0
- data/third_party/boringssl/crypto/cpu-arm-linux.c +4 -148
- data/third_party/boringssl/crypto/cpu-arm-linux.h +201 -0
- data/third_party/boringssl/crypto/cpu-intel.c +45 -51
- data/third_party/boringssl/crypto/crypto.c +39 -22
- data/third_party/boringssl/crypto/curve25519/spake25519.c +1 -1
- data/third_party/boringssl/crypto/dsa/dsa.c +77 -53
- data/third_party/boringssl/crypto/ec_extra/ec_asn1.c +20 -8
- data/third_party/boringssl/crypto/ec_extra/ec_derive.c +96 -0
- data/third_party/boringssl/crypto/{ecdh/ecdh.c → ecdh_extra/ecdh_extra.c} +20 -58
- data/third_party/boringssl/crypto/ecdsa_extra/ecdsa_asn1.c +1 -9
- data/third_party/boringssl/crypto/engine/engine.c +2 -1
- data/third_party/boringssl/crypto/err/err.c +2 -0
- data/third_party/boringssl/crypto/err/internal.h +2 -2
- data/third_party/boringssl/crypto/evp/evp.c +89 -8
- data/third_party/boringssl/crypto/evp/evp_asn1.c +56 -5
- data/third_party/boringssl/crypto/evp/evp_ctx.c +52 -14
- data/third_party/boringssl/crypto/evp/internal.h +18 -1
- data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +5 -0
- data/third_party/boringssl/crypto/evp/p_ec.c +51 -3
- data/third_party/boringssl/crypto/evp/p_ec_asn1.c +6 -7
- data/third_party/boringssl/crypto/evp/p_ed25519.c +36 -3
- data/third_party/boringssl/crypto/evp/p_ed25519_asn1.c +76 -45
- data/third_party/boringssl/crypto/evp/p_rsa.c +3 -1
- data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +5 -0
- data/third_party/boringssl/crypto/evp/p_x25519.c +110 -0
- data/third_party/boringssl/crypto/evp/p_x25519_asn1.c +249 -0
- data/third_party/boringssl/crypto/evp/scrypt.c +6 -2
- data/third_party/boringssl/crypto/fipsmodule/aes/aes.c +34 -274
- data/third_party/boringssl/crypto/fipsmodule/aes/internal.h +161 -21
- data/third_party/boringssl/crypto/fipsmodule/aes/key_wrap.c +111 -13
- data/third_party/boringssl/crypto/fipsmodule/aes/mode_wrappers.c +17 -21
- data/third_party/boringssl/crypto/fipsmodule/bcm.c +119 -7
- data/third_party/boringssl/crypto/fipsmodule/bn/bn.c +19 -2
- data/third_party/boringssl/crypto/fipsmodule/bn/cmp.c +2 -2
- data/third_party/boringssl/crypto/fipsmodule/bn/ctx.c +93 -160
- data/third_party/boringssl/crypto/fipsmodule/bn/div.c +48 -57
- data/third_party/boringssl/crypto/fipsmodule/bn/div_extra.c +87 -0
- data/third_party/boringssl/crypto/fipsmodule/bn/exponentiation.c +143 -211
- data/third_party/boringssl/crypto/fipsmodule/bn/gcd.c +0 -305
- data/third_party/boringssl/crypto/fipsmodule/bn/gcd_extra.c +325 -0
- data/third_party/boringssl/crypto/fipsmodule/bn/internal.h +168 -50
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery.c +68 -92
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery_inv.c +7 -6
- data/third_party/boringssl/crypto/fipsmodule/bn/mul.c +11 -14
- data/third_party/boringssl/crypto/fipsmodule/bn/prime.c +358 -443
- data/third_party/boringssl/crypto/fipsmodule/bn/random.c +25 -35
- data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.c +20 -25
- data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.h +76 -5
- data/third_party/boringssl/crypto/fipsmodule/bn/shift.c +14 -14
- data/third_party/boringssl/crypto/fipsmodule/cipher/cipher.c +7 -2
- data/third_party/boringssl/crypto/fipsmodule/cipher/e_aes.c +383 -516
- data/third_party/boringssl/crypto/fipsmodule/cipher/e_des.c +4 -0
- data/third_party/boringssl/crypto/fipsmodule/cipher/internal.h +3 -4
- data/third_party/boringssl/crypto/fipsmodule/delocate.h +3 -2
- data/third_party/boringssl/crypto/fipsmodule/digest/digest.c +32 -17
- data/third_party/boringssl/crypto/fipsmodule/digest/md32_common.h +3 -3
- data/third_party/boringssl/crypto/fipsmodule/ec/ec.c +228 -122
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_key.c +34 -8
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_montgomery.c +311 -98
- data/third_party/boringssl/crypto/fipsmodule/ec/felem.c +82 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/internal.h +263 -97
- data/third_party/boringssl/crypto/fipsmodule/ec/oct.c +22 -59
- data/third_party/boringssl/crypto/fipsmodule/ec/p224-64.c +317 -234
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64-table.h +9473 -9475
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.c +313 -109
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.h +36 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/scalar.c +96 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/simple.c +126 -792
- data/third_party/boringssl/crypto/fipsmodule/ec/simple_mul.c +84 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/util.c +163 -12
- data/third_party/boringssl/crypto/fipsmodule/ec/wnaf.c +84 -211
- data/third_party/boringssl/crypto/fipsmodule/ecdh/ecdh.c +122 -0
- data/third_party/boringssl/crypto/fipsmodule/ecdsa/ecdsa.c +60 -205
- data/third_party/boringssl/crypto/fipsmodule/fips_shared_support.c +32 -0
- data/third_party/boringssl/crypto/fipsmodule/is_fips.c +2 -0
- data/third_party/boringssl/crypto/fipsmodule/md4/md4.c +3 -1
- data/third_party/boringssl/crypto/fipsmodule/md5/internal.h +37 -0
- data/third_party/boringssl/crypto/fipsmodule/md5/md5.c +11 -8
- data/third_party/boringssl/crypto/fipsmodule/modes/cbc.c +35 -79
- data/third_party/boringssl/crypto/fipsmodule/modes/cfb.c +7 -39
- data/third_party/boringssl/crypto/fipsmodule/modes/ctr.c +7 -27
- data/third_party/boringssl/crypto/fipsmodule/modes/gcm.c +123 -309
- data/third_party/boringssl/crypto/fipsmodule/modes/internal.h +189 -126
- data/third_party/boringssl/crypto/fipsmodule/modes/ofb.c +3 -2
- data/third_party/boringssl/crypto/fipsmodule/rand/ctrdrbg.c +2 -2
- data/third_party/boringssl/crypto/fipsmodule/rand/internal.h +35 -0
- data/third_party/boringssl/crypto/fipsmodule/rand/rand.c +24 -19
- data/third_party/boringssl/crypto/fipsmodule/rand/urandom.c +256 -77
- data/third_party/boringssl/crypto/fipsmodule/rsa/padding.c +10 -7
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa.c +5 -1
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa_impl.c +131 -14
- data/third_party/boringssl/crypto/fipsmodule/self_check/self_check.c +83 -10
- data/third_party/boringssl/crypto/fipsmodule/sha/internal.h +53 -0
- data/third_party/boringssl/crypto/fipsmodule/sha/sha1.c +9 -13
- data/third_party/boringssl/crypto/fipsmodule/sha/sha256.c +18 -12
- data/third_party/boringssl/crypto/fipsmodule/sha/sha512.c +95 -168
- data/third_party/boringssl/crypto/hrss/hrss.c +2201 -0
- data/third_party/boringssl/crypto/hrss/internal.h +62 -0
- data/third_party/boringssl/crypto/internal.h +95 -20
- data/third_party/boringssl/crypto/lhash/lhash.c +45 -33
- data/third_party/boringssl/crypto/mem.c +39 -2
- data/third_party/boringssl/crypto/obj/obj.c +4 -4
- data/third_party/boringssl/crypto/obj/obj_dat.h +6181 -875
- data/third_party/boringssl/crypto/pem/pem_all.c +2 -3
- data/third_party/boringssl/crypto/pem/pem_info.c +144 -162
- data/third_party/boringssl/crypto/pem/pem_lib.c +53 -52
- data/third_party/boringssl/crypto/pem/pem_pkey.c +13 -21
- data/third_party/boringssl/crypto/pkcs7/pkcs7.c +15 -22
- data/third_party/boringssl/crypto/pkcs7/pkcs7_x509.c +168 -16
- data/third_party/boringssl/crypto/pkcs8/internal.h +11 -0
- data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +24 -15
- data/third_party/boringssl/crypto/pkcs8/pkcs8.c +42 -25
- data/third_party/boringssl/crypto/pkcs8/pkcs8_x509.c +559 -43
- data/third_party/boringssl/crypto/pool/internal.h +1 -1
- data/third_party/boringssl/crypto/pool/pool.c +21 -0
- data/third_party/boringssl/crypto/rand_extra/deterministic.c +8 -0
- data/third_party/boringssl/crypto/rand_extra/fuchsia.c +1 -14
- data/third_party/boringssl/crypto/refcount_lock.c +2 -2
- data/third_party/boringssl/crypto/rsa_extra/rsa_print.c +22 -0
- data/third_party/boringssl/crypto/siphash/siphash.c +80 -0
- data/third_party/boringssl/crypto/stack/stack.c +83 -32
- data/third_party/boringssl/crypto/thread_none.c +2 -2
- data/third_party/boringssl/crypto/thread_pthread.c +2 -2
- data/third_party/boringssl/crypto/thread_win.c +38 -19
- data/third_party/boringssl/crypto/x509/a_strex.c +22 -2
- data/third_party/boringssl/crypto/x509/asn1_gen.c +2 -1
- data/third_party/boringssl/crypto/x509/by_dir.c +7 -0
- data/third_party/boringssl/crypto/x509/by_file.c +12 -10
- data/third_party/boringssl/crypto/x509/t_crl.c +5 -8
- data/third_party/boringssl/crypto/x509/t_req.c +1 -3
- data/third_party/boringssl/crypto/x509/t_x509.c +5 -8
- data/third_party/boringssl/crypto/x509/x509_cmp.c +1 -1
- data/third_party/boringssl/crypto/x509/x509_def.c +1 -1
- data/third_party/boringssl/crypto/x509/x509_lu.c +114 -5
- data/third_party/boringssl/crypto/x509/x509_req.c +20 -0
- data/third_party/boringssl/crypto/x509/x509_set.c +5 -0
- data/third_party/boringssl/crypto/x509/x509_trs.c +1 -0
- data/third_party/boringssl/crypto/x509/x509_txt.c +4 -5
- data/third_party/boringssl/crypto/x509/x509_vfy.c +145 -138
- data/third_party/boringssl/crypto/x509/x509_vpm.c +2 -0
- data/third_party/boringssl/crypto/x509/x509cset.c +40 -0
- data/third_party/boringssl/crypto/x509/x509name.c +2 -3
- data/third_party/boringssl/crypto/x509/x_all.c +109 -210
- data/third_party/boringssl/crypto/x509/x_x509.c +6 -0
- data/third_party/boringssl/crypto/x509v3/ext_dat.h +1 -3
- data/third_party/boringssl/crypto/x509v3/internal.h +56 -0
- data/third_party/boringssl/crypto/x509v3/pcy_cache.c +2 -0
- data/third_party/boringssl/crypto/x509v3/pcy_node.c +1 -0
- data/third_party/boringssl/crypto/x509v3/pcy_tree.c +4 -2
- data/third_party/boringssl/crypto/x509v3/v3_akey.c +5 -2
- data/third_party/boringssl/crypto/x509v3/v3_alt.c +19 -13
- data/third_party/boringssl/crypto/x509v3/v3_conf.c +2 -1
- data/third_party/boringssl/crypto/x509v3/v3_cpols.c +3 -2
- data/third_party/boringssl/crypto/x509v3/v3_genn.c +1 -6
- data/third_party/boringssl/crypto/x509v3/v3_lib.c +1 -0
- data/third_party/boringssl/crypto/x509v3/v3_ocsp.c +68 -0
- data/third_party/boringssl/crypto/x509v3/v3_pci.c +2 -1
- data/third_party/boringssl/crypto/x509v3/v3_purp.c +47 -69
- data/third_party/boringssl/crypto/x509v3/v3_skey.c +5 -2
- data/third_party/boringssl/crypto/x509v3/v3_utl.c +69 -25
- data/third_party/boringssl/include/openssl/aead.h +45 -19
- data/third_party/boringssl/include/openssl/aes.h +32 -7
- data/third_party/boringssl/include/openssl/asn1.h +7 -77
- data/third_party/boringssl/include/openssl/base.h +120 -6
- data/third_party/boringssl/include/openssl/base64.h +4 -1
- data/third_party/boringssl/include/openssl/bio.h +112 -81
- data/third_party/boringssl/include/openssl/blowfish.h +3 -3
- data/third_party/boringssl/include/openssl/bn.h +55 -29
- data/third_party/boringssl/include/openssl/buf.h +2 -2
- data/third_party/boringssl/include/openssl/bytestring.h +54 -32
- data/third_party/boringssl/include/openssl/cast.h +2 -2
- data/third_party/boringssl/include/openssl/cipher.h +46 -16
- data/third_party/boringssl/include/openssl/cmac.h +6 -2
- data/third_party/boringssl/include/openssl/conf.h +3 -6
- data/third_party/boringssl/include/openssl/cpu.h +25 -9
- data/third_party/boringssl/include/openssl/crypto.h +32 -10
- data/third_party/boringssl/include/openssl/curve25519.h +4 -4
- data/third_party/boringssl/include/openssl/dh.h +3 -2
- data/third_party/boringssl/include/openssl/digest.h +21 -7
- data/third_party/boringssl/include/openssl/dsa.h +8 -2
- data/third_party/boringssl/include/openssl/e_os2.h +18 -0
- data/third_party/boringssl/include/openssl/ec.h +25 -21
- data/third_party/boringssl/include/openssl/ec_key.h +36 -8
- data/third_party/boringssl/include/openssl/ecdh.h +17 -0
- data/third_party/boringssl/include/openssl/ecdsa.h +3 -3
- data/third_party/boringssl/include/openssl/engine.h +4 -4
- data/third_party/boringssl/include/openssl/err.h +3 -0
- data/third_party/boringssl/include/openssl/evp.h +199 -42
- data/third_party/boringssl/include/openssl/hmac.h +4 -4
- data/third_party/boringssl/include/openssl/hrss.h +100 -0
- data/third_party/boringssl/include/openssl/lhash.h +131 -23
- data/third_party/boringssl/include/openssl/md4.h +6 -4
- data/third_party/boringssl/include/openssl/md5.h +6 -4
- data/third_party/boringssl/include/openssl/mem.h +6 -2
- data/third_party/boringssl/include/openssl/nid.h +3 -0
- data/third_party/boringssl/include/openssl/obj.h +3 -0
- data/third_party/boringssl/include/openssl/pem.h +102 -64
- data/third_party/boringssl/include/openssl/pkcs7.h +136 -3
- data/third_party/boringssl/include/openssl/pkcs8.h +42 -3
- data/third_party/boringssl/include/openssl/pool.h +13 -2
- data/third_party/boringssl/include/openssl/ripemd.h +5 -4
- data/third_party/boringssl/include/openssl/rsa.h +46 -15
- data/third_party/boringssl/include/openssl/sha.h +40 -28
- data/third_party/boringssl/include/openssl/siphash.h +37 -0
- data/third_party/boringssl/include/openssl/span.h +17 -9
- data/third_party/boringssl/include/openssl/ssl.h +766 -393
- data/third_party/boringssl/include/openssl/ssl3.h +4 -3
- data/third_party/boringssl/include/openssl/stack.h +134 -77
- data/third_party/boringssl/include/openssl/thread.h +1 -1
- data/third_party/boringssl/include/openssl/tls1.h +25 -9
- data/third_party/boringssl/include/openssl/type_check.h +14 -15
- data/third_party/boringssl/include/openssl/x509.h +28 -3
- data/third_party/boringssl/include/openssl/x509_vfy.h +98 -32
- data/third_party/boringssl/include/openssl/x509v3.h +17 -13
- data/third_party/boringssl/ssl/d1_both.cc +9 -18
- data/third_party/boringssl/ssl/d1_lib.cc +4 -3
- data/third_party/boringssl/ssl/d1_pkt.cc +4 -4
- data/third_party/boringssl/ssl/d1_srtp.cc +15 -15
- data/third_party/boringssl/ssl/dtls_method.cc +0 -1
- data/third_party/boringssl/ssl/dtls_record.cc +28 -28
- data/third_party/boringssl/ssl/handoff.cc +295 -91
- data/third_party/boringssl/ssl/handshake.cc +133 -72
- data/third_party/boringssl/ssl/handshake_client.cc +218 -189
- data/third_party/boringssl/ssl/handshake_server.cc +399 -272
- data/third_party/boringssl/ssl/internal.h +1413 -928
- data/third_party/boringssl/ssl/s3_both.cc +175 -36
- data/third_party/boringssl/ssl/s3_lib.cc +9 -13
- data/third_party/boringssl/ssl/s3_pkt.cc +63 -29
- data/third_party/boringssl/ssl/ssl_aead_ctx.cc +55 -35
- data/third_party/boringssl/ssl/ssl_asn1.cc +57 -73
- data/third_party/boringssl/ssl/ssl_buffer.cc +13 -12
- data/third_party/boringssl/ssl/ssl_cert.cc +313 -210
- data/third_party/boringssl/ssl/ssl_cipher.cc +159 -221
- data/third_party/boringssl/ssl/ssl_file.cc +2 -0
- data/third_party/boringssl/ssl/ssl_key_share.cc +164 -19
- data/third_party/boringssl/ssl/ssl_lib.cc +847 -555
- data/third_party/boringssl/ssl/ssl_privkey.cc +441 -111
- data/third_party/boringssl/ssl/ssl_session.cc +230 -178
- data/third_party/boringssl/ssl/ssl_transcript.cc +21 -142
- data/third_party/boringssl/ssl/ssl_versions.cc +88 -93
- data/third_party/boringssl/ssl/ssl_x509.cc +279 -218
- data/third_party/boringssl/ssl/t1_enc.cc +5 -96
- data/third_party/boringssl/ssl/t1_lib.cc +931 -678
- data/third_party/boringssl/ssl/tls13_both.cc +251 -121
- data/third_party/boringssl/ssl/tls13_client.cc +129 -73
- data/third_party/boringssl/ssl/tls13_enc.cc +350 -282
- data/third_party/boringssl/ssl/tls13_server.cc +259 -192
- data/third_party/boringssl/ssl/tls_method.cc +26 -21
- data/third_party/boringssl/ssl/tls_record.cc +42 -47
- data/third_party/boringssl/third_party/fiat/curve25519.c +261 -1324
- data/third_party/boringssl/third_party/fiat/curve25519_32.h +911 -0
- data/third_party/boringssl/third_party/fiat/curve25519_64.h +559 -0
- data/third_party/boringssl/third_party/fiat/p256.c +238 -999
- data/third_party/boringssl/third_party/fiat/p256_32.h +3226 -0
- data/third_party/boringssl/third_party/fiat/p256_64.h +1217 -0
- data/third_party/upb/upb/port_def.inc +1 -1
- data/third_party/upb/upb/table.c +2 -1
- metadata +71 -43
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_load_balancer_api.h +0 -127
- data/src/core/lib/gpr/mpscq.cc +0 -117
- data/src/core/lib/gpr/mpscq.h +0 -88
- data/src/core/lib/gprpp/abstract.h +0 -47
- data/src/core/lib/gprpp/pair.h +0 -38
- data/third_party/boringssl/crypto/cipher_extra/e_ssl3.c +0 -460
- data/third_party/boringssl/crypto/fipsmodule/modes/ccm.c +0 -256
- data/third_party/boringssl/include/openssl/lhash_macros.h +0 -174
- data/third_party/boringssl/ssl/custom_extensions.cc +0 -265
@@ -46,6 +46,10 @@ OPENSSL_EXPORT CMAC_CTX *CMAC_CTX_new(void);
|
|
46
46
|
// CMAC_CTX_free frees a |CMAC_CTX|.
|
47
47
|
OPENSSL_EXPORT void CMAC_CTX_free(CMAC_CTX *ctx);
|
48
48
|
|
49
|
+
// CMAC_CTX_copy sets |out| to be a duplicate of the current state |in|. It
|
50
|
+
// returns one on success and zero on error.
|
51
|
+
OPENSSL_EXPORT int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
|
52
|
+
|
49
53
|
// CMAC_Init configures |ctx| to use the given |key| and |cipher|. The CMAC RFC
|
50
54
|
// only specifies the use of AES-128 thus |key_len| should be 16 and |cipher|
|
51
55
|
// should be |EVP_aes_128_cbc()|. However, this implementation also supports
|
@@ -74,11 +78,11 @@ OPENSSL_EXPORT int CMAC_Final(CMAC_CTX *ctx, uint8_t *out, size_t *out_len);
|
|
74
78
|
|
75
79
|
extern "C++" {
|
76
80
|
|
77
|
-
|
81
|
+
BSSL_NAMESPACE_BEGIN
|
78
82
|
|
79
83
|
BORINGSSL_MAKE_DELETER(CMAC_CTX, CMAC_CTX_free)
|
80
84
|
|
81
|
-
|
85
|
+
BSSL_NAMESPACE_END
|
82
86
|
|
83
87
|
} // extern C++
|
84
88
|
|
@@ -85,11 +85,8 @@ struct conf_value_st {
|
|
85
85
|
char *value;
|
86
86
|
};
|
87
87
|
|
88
|
-
struct conf_st {
|
89
|
-
LHASH_OF(CONF_VALUE) *data;
|
90
|
-
};
|
91
|
-
|
92
88
|
DEFINE_STACK_OF(CONF_VALUE)
|
89
|
+
DECLARE_LHASH_OF(CONF_VALUE)
|
93
90
|
|
94
91
|
|
95
92
|
// NCONF_new returns a fresh, empty |CONF|, or NULL on error. The |method|
|
@@ -162,11 +159,11 @@ OPENSSL_EXPORT void OPENSSL_no_config(void);
|
|
162
159
|
|
163
160
|
extern "C++" {
|
164
161
|
|
165
|
-
|
162
|
+
BSSL_NAMESPACE_BEGIN
|
166
163
|
|
167
164
|
BORINGSSL_MAKE_DELETER(CONF, NCONF_free)
|
168
165
|
|
169
|
-
|
166
|
+
BSSL_NAMESPACE_END
|
170
167
|
|
171
168
|
} // extern C++
|
172
169
|
|
@@ -86,16 +86,17 @@ extern "C" {
|
|
86
86
|
// Bit 11 is used to indicate AMD XOP support, not SDBG
|
87
87
|
// Index 2:
|
88
88
|
// EBX for CPUID where EAX = 7
|
89
|
-
// Index 3
|
89
|
+
// Index 3:
|
90
|
+
// ECX for CPUID where EAX = 7
|
90
91
|
//
|
91
92
|
// Note: the CPUID bits are pre-adjusted for the OSXSAVE bit and the YMM and XMM
|
92
93
|
// bits in XCR0, so it is not necessary to check those.
|
93
94
|
extern uint32_t OPENSSL_ia32cap_P[4];
|
94
95
|
|
95
|
-
#if defined(BORINGSSL_FIPS)
|
96
|
+
#if defined(BORINGSSL_FIPS) && !defined(BORINGSSL_SHARED_LIBRARY)
|
96
97
|
const uint32_t *OPENSSL_ia32cap_get(void);
|
97
98
|
#else
|
98
|
-
|
99
|
+
OPENSSL_INLINE const uint32_t *OPENSSL_ia32cap_get(void) {
|
99
100
|
return OPENSSL_ia32cap_P;
|
100
101
|
}
|
101
102
|
#endif
|
@@ -118,13 +119,13 @@ OPENSSL_EXPORT char CRYPTO_is_NEON_capable_at_runtime(void);
|
|
118
119
|
|
119
120
|
// CRYPTO_is_NEON_capable returns true if the current CPU has a NEON unit. If
|
120
121
|
// this is known statically then it returns one immediately.
|
121
|
-
|
122
|
+
OPENSSL_INLINE int CRYPTO_is_NEON_capable(void) {
|
122
123
|
// Only statically skip the runtime lookup on aarch64. On arm, one CPU is
|
123
124
|
// known to have a broken NEON unit which is known to fail with on some
|
124
125
|
// hand-written NEON assembly. For now, continue to apply the workaround even
|
125
126
|
// when the compiler is instructed to freely emit NEON code. See
|
126
127
|
// https://crbug.com/341598 and https://crbug.com/606629.
|
127
|
-
#if defined(__ARM_NEON__) && !defined(OPENSSL_ARM)
|
128
|
+
#if (defined(__ARM_NEON__) || defined(__ARM_NEON)) && !defined(OPENSSL_ARM)
|
128
129
|
return 1;
|
129
130
|
#else
|
130
131
|
return CRYPTO_is_NEON_capable_at_runtime();
|
@@ -151,15 +152,16 @@ int CRYPTO_is_ARMv8_PMULL_capable(void);
|
|
151
152
|
|
152
153
|
#else
|
153
154
|
|
154
|
-
|
155
|
-
#if defined(OPENSSL_STATIC_ARMCAP_NEON) ||
|
155
|
+
OPENSSL_INLINE int CRYPTO_is_NEON_capable(void) {
|
156
|
+
#if defined(OPENSSL_STATIC_ARMCAP_NEON) || \
|
157
|
+
(defined(__ARM_NEON__) || defined(__ARM_NEON))
|
156
158
|
return 1;
|
157
159
|
#else
|
158
160
|
return 0;
|
159
161
|
#endif
|
160
162
|
}
|
161
163
|
|
162
|
-
|
164
|
+
OPENSSL_INLINE int CRYPTO_is_ARMv8_AES_capable(void) {
|
163
165
|
#if defined(OPENSSL_STATIC_ARMCAP_AES) || defined(__ARM_FEATURE_CRYPTO)
|
164
166
|
return 1;
|
165
167
|
#else
|
@@ -167,7 +169,7 @@ static inline int CRYPTO_is_ARMv8_AES_capable(void) {
|
|
167
169
|
#endif
|
168
170
|
}
|
169
171
|
|
170
|
-
|
172
|
+
OPENSSL_INLINE int CRYPTO_is_ARMv8_PMULL_capable(void) {
|
171
173
|
#if defined(OPENSSL_STATIC_ARMCAP_PMULL) || defined(__ARM_FEATURE_CRYPTO)
|
172
174
|
return 1;
|
173
175
|
#else
|
@@ -188,6 +190,20 @@ extern unsigned long OPENSSL_ppc64le_hwcap2;
|
|
188
190
|
|
189
191
|
#endif // OPENSSL_PPC64LE
|
190
192
|
|
193
|
+
#if defined(BORINGSSL_DISPATCH_TEST)
|
194
|
+
// Runtime CPU dispatch testing support
|
195
|
+
|
196
|
+
// BORINGSSL_function_hit is an array of flags. The following functions will
|
197
|
+
// set these flags if BORINGSSL_DISPATCH_TEST is defined.
|
198
|
+
// 0: aes_hw_ctr32_encrypt_blocks
|
199
|
+
// 1: aes_hw_encrypt
|
200
|
+
// 2: aesni_gcm_encrypt
|
201
|
+
// 3: aes_hw_set_encrypt_key
|
202
|
+
// 4: vpaes_encrypt
|
203
|
+
// 5: vpaes_set_encrypt_key
|
204
|
+
extern uint8_t BORINGSSL_function_hit[7];
|
205
|
+
#endif // BORINGSSL_DISPATCH_TEST
|
206
|
+
|
191
207
|
|
192
208
|
#if defined(__cplusplus)
|
193
209
|
} // extern C
|
@@ -16,6 +16,7 @@
|
|
16
16
|
#define OPENSSL_HEADER_CRYPTO_H
|
17
17
|
|
18
18
|
#include <openssl/base.h>
|
19
|
+
#include <openssl/sha.h>
|
19
20
|
|
20
21
|
// Upstream OpenSSL defines |OPENSSL_malloc|, etc., in crypto.h rather than
|
21
22
|
// mem.h.
|
@@ -58,8 +59,11 @@ OPENSSL_EXPORT int CRYPTO_has_asm(void);
|
|
58
59
|
// which case it returns one.
|
59
60
|
OPENSSL_EXPORT int FIPS_mode(void);
|
60
61
|
|
61
|
-
// BORINGSSL_self_test triggers the FIPS KAT-based self tests. It returns one
|
62
|
-
//
|
62
|
+
// BORINGSSL_self_test triggers the FIPS KAT-based self tests. It returns one on
|
63
|
+
// success and zero on error. The argument is the integrity hash of the FIPS
|
64
|
+
// module and may be used to check and write flag files to suppress duplicate
|
65
|
+
// self-tests. If it is all zeros, no flag file will be checked nor written and
|
66
|
+
// tests will always be run.
|
63
67
|
OPENSSL_EXPORT int BORINGSSL_self_test(void);
|
64
68
|
|
65
69
|
|
@@ -69,17 +73,25 @@ OPENSSL_EXPORT int BORINGSSL_self_test(void);
|
|
69
73
|
// “OpenSSL”. node.js requires a version number in this text.
|
70
74
|
#define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0 (compatible; BoringSSL)"
|
71
75
|
|
72
|
-
#define SSLEAY_VERSION 0
|
73
|
-
|
74
|
-
// SSLeay_version is a compatibility function that returns the string
|
75
|
-
// "BoringSSL".
|
76
|
-
OPENSSL_EXPORT const char *SSLeay_version(int unused);
|
77
|
-
|
78
76
|
#define OPENSSL_VERSION 0
|
77
|
+
#define OPENSSL_CFLAGS 1
|
78
|
+
#define OPENSSL_BUILT_ON 2
|
79
|
+
#define OPENSSL_PLATFORM 3
|
80
|
+
#define OPENSSL_DIR 4
|
79
81
|
|
80
82
|
// OpenSSL_version is a compatibility function that returns the string
|
81
|
-
// "BoringSSL"
|
82
|
-
|
83
|
+
// "BoringSSL" if |which| is |OPENSSL_VERSION| and placeholder strings
|
84
|
+
// otherwise.
|
85
|
+
OPENSSL_EXPORT const char *OpenSSL_version(int which);
|
86
|
+
|
87
|
+
#define SSLEAY_VERSION OPENSSL_VERSION
|
88
|
+
#define SSLEAY_CFLAGS OPENSSL_CFLAGS
|
89
|
+
#define SSLEAY_BUILT_ON OPENSSL_BUILT_ON
|
90
|
+
#define SSLEAY_PLATFORM OPENSSL_PLATFORM
|
91
|
+
#define SSLEAY_DIR OPENSSL_DIR
|
92
|
+
|
93
|
+
// SSLeay_version calls |OpenSSL_version|.
|
94
|
+
OPENSSL_EXPORT const char *SSLeay_version(int which);
|
83
95
|
|
84
96
|
// SSLeay is a compatibility function that returns OPENSSL_VERSION_NUMBER from
|
85
97
|
// base.h.
|
@@ -92,6 +104,9 @@ OPENSSL_EXPORT unsigned long OpenSSL_version_num(void);
|
|
92
104
|
// CRYPTO_malloc_init returns one.
|
93
105
|
OPENSSL_EXPORT int CRYPTO_malloc_init(void);
|
94
106
|
|
107
|
+
// OPENSSL_malloc_init returns one.
|
108
|
+
OPENSSL_EXPORT int OPENSSL_malloc_init(void);
|
109
|
+
|
95
110
|
// ENGINE_load_builtin_engines does nothing.
|
96
111
|
OPENSSL_EXPORT void ENGINE_load_builtin_engines(void);
|
97
112
|
|
@@ -114,6 +129,13 @@ OPENSSL_EXPORT void OPENSSL_load_builtin_modules(void);
|
|
114
129
|
OPENSSL_EXPORT int OPENSSL_init_crypto(uint64_t opts,
|
115
130
|
const OPENSSL_INIT_SETTINGS *settings);
|
116
131
|
|
132
|
+
// OPENSSL_cleanup does nothing.
|
133
|
+
OPENSSL_EXPORT void OPENSSL_cleanup(void);
|
134
|
+
|
135
|
+
// FIPS_mode_set returns one if |on| matches whether BoringSSL was built with
|
136
|
+
// |BORINGSSL_FIPS| and zero otherwise.
|
137
|
+
OPENSSL_EXPORT int FIPS_mode_set(int on);
|
138
|
+
|
117
139
|
|
118
140
|
#if defined(__cplusplus)
|
119
141
|
} // extern C
|
@@ -65,7 +65,7 @@ OPENSSL_EXPORT void X25519_public_from_private(uint8_t out_public_value[32],
|
|
65
65
|
//
|
66
66
|
// Note that, unlike RFC 8032's formulation, our private key representation
|
67
67
|
// includes a public key suffix to make multiple key signing operations with the
|
68
|
-
// same key more efficient. The RFC 8032
|
68
|
+
// same key more efficient. The RFC 8032 private key is referred to in this
|
69
69
|
// implementation as the "seed" and is the first 32 bytes of our private key.
|
70
70
|
|
71
71
|
#define ED25519_PRIVATE_KEY_LEN 64
|
@@ -79,7 +79,7 @@ OPENSSL_EXPORT void ED25519_keypair(uint8_t out_public_key[32],
|
|
79
79
|
|
80
80
|
// ED25519_sign sets |out_sig| to be a signature of |message_len| bytes from
|
81
81
|
// |message| using |private_key|. It returns one on success or zero on
|
82
|
-
//
|
82
|
+
// allocation failure.
|
83
83
|
OPENSSL_EXPORT int ED25519_sign(uint8_t out_sig[64], const uint8_t *message,
|
84
84
|
size_t message_len,
|
85
85
|
const uint8_t private_key[64]);
|
@@ -188,11 +188,11 @@ OPENSSL_EXPORT int SPAKE2_process_msg(SPAKE2_CTX *ctx, uint8_t *out_key,
|
|
188
188
|
|
189
189
|
extern "C++" {
|
190
190
|
|
191
|
-
|
191
|
+
BSSL_NAMESPACE_BEGIN
|
192
192
|
|
193
193
|
BORINGSSL_MAKE_DELETER(SPAKE2_CTX, SPAKE2_CTX_free)
|
194
194
|
|
195
|
-
|
195
|
+
BSSL_NAMESPACE_END
|
196
196
|
|
197
197
|
} // extern C++
|
198
198
|
|
@@ -278,11 +278,12 @@ struct dh_st {
|
|
278
278
|
|
279
279
|
extern "C++" {
|
280
280
|
|
281
|
-
|
281
|
+
BSSL_NAMESPACE_BEGIN
|
282
282
|
|
283
283
|
BORINGSSL_MAKE_DELETER(DH, DH_free)
|
284
|
+
BORINGSSL_MAKE_UP_REF(DH, DH_up_ref)
|
284
285
|
|
285
|
-
|
286
|
+
BSSL_NAMESPACE_END
|
286
287
|
|
287
288
|
} // extern C++
|
288
289
|
|
@@ -119,18 +119,19 @@ OPENSSL_EXPORT int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
|
|
119
119
|
OPENSSL_EXPORT void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
|
120
120
|
|
121
121
|
// EVP_MD_CTX_copy_ex sets |out|, which must already be initialised, to be a
|
122
|
-
// copy of |in|. It returns one on success and zero on
|
122
|
+
// copy of |in|. It returns one on success and zero on allocation failure.
|
123
123
|
OPENSSL_EXPORT int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
|
124
124
|
|
125
|
-
// EVP_MD_CTX_reset calls |EVP_MD_CTX_cleanup| followed by |EVP_MD_CTX_init|.
|
126
|
-
|
125
|
+
// EVP_MD_CTX_reset calls |EVP_MD_CTX_cleanup| followed by |EVP_MD_CTX_init|. It
|
126
|
+
// returns one.
|
127
|
+
OPENSSL_EXPORT int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
|
127
128
|
|
128
129
|
|
129
130
|
// Digest operations.
|
130
131
|
|
131
132
|
// EVP_DigestInit_ex configures |ctx|, which must already have been
|
132
133
|
// initialised, for a fresh hashing operation using |type|. It returns one on
|
133
|
-
// success and zero
|
134
|
+
// success and zero on allocation failure.
|
134
135
|
OPENSSL_EXPORT int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type,
|
135
136
|
ENGINE *engine);
|
136
137
|
|
@@ -194,7 +195,7 @@ OPENSSL_EXPORT size_t EVP_MD_size(const EVP_MD *md);
|
|
194
195
|
// EVP_MD_block_size returns the native block-size of |md|, in bytes.
|
195
196
|
OPENSSL_EXPORT size_t EVP_MD_block_size(const EVP_MD *md);
|
196
197
|
|
197
|
-
// EVP_MD_FLAG_PKEY_DIGEST indicates
|
198
|
+
// EVP_MD_FLAG_PKEY_DIGEST indicates that the digest function is used with a
|
198
199
|
// specific public key in order to verify signatures. (For example,
|
199
200
|
// EVP_dss1.)
|
200
201
|
#define EVP_MD_FLAG_PKEY_DIGEST 1
|
@@ -204,6 +205,11 @@ OPENSSL_EXPORT size_t EVP_MD_block_size(const EVP_MD *md);
|
|
204
205
|
// undefined rather than NULL.
|
205
206
|
#define EVP_MD_FLAG_DIGALGID_ABSENT 2
|
206
207
|
|
208
|
+
// EVP_MD_FLAG_XOF indicates that the digest is an extensible-output function
|
209
|
+
// (XOF). This flag is defined for compatibility and will never be set in any
|
210
|
+
// |EVP_MD| in BoringSSL.
|
211
|
+
#define EVP_MD_FLAG_XOF 4
|
212
|
+
|
207
213
|
|
208
214
|
// Digest operation accessors.
|
209
215
|
|
@@ -268,6 +274,14 @@ OPENSSL_EXPORT EVP_MD_CTX *EVP_MD_CTX_create(void);
|
|
268
274
|
// EVP_MD_CTX_destroy calls |EVP_MD_CTX_free|.
|
269
275
|
OPENSSL_EXPORT void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
|
270
276
|
|
277
|
+
// EVP_DigestFinalXOF returns zero and adds an error to the error queue.
|
278
|
+
// BoringSSL does not support any XOF digests.
|
279
|
+
OPENSSL_EXPORT int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, uint8_t *out,
|
280
|
+
size_t len);
|
281
|
+
|
282
|
+
// EVP_MD_meth_get_flags calls |EVP_MD_flags|.
|
283
|
+
OPENSSL_EXPORT uint32_t EVP_MD_meth_get_flags(const EVP_MD *md);
|
284
|
+
|
271
285
|
|
272
286
|
struct evp_md_pctx_ops;
|
273
287
|
|
@@ -294,7 +308,7 @@ struct env_md_ctx_st {
|
|
294
308
|
#if !defined(BORINGSSL_NO_CXX)
|
295
309
|
extern "C++" {
|
296
310
|
|
297
|
-
|
311
|
+
BSSL_NAMESPACE_BEGIN
|
298
312
|
|
299
313
|
BORINGSSL_MAKE_DELETER(EVP_MD_CTX, EVP_MD_CTX_free)
|
300
314
|
|
@@ -302,7 +316,7 @@ using ScopedEVP_MD_CTX =
|
|
302
316
|
internal::StackAllocated<EVP_MD_CTX, int, EVP_MD_CTX_init,
|
303
317
|
EVP_MD_CTX_cleanup>;
|
304
318
|
|
305
|
-
|
319
|
+
BSSL_NAMESPACE_END
|
306
320
|
|
307
321
|
} // extern C++
|
308
322
|
#endif
|
@@ -73,6 +73,10 @@ extern "C" {
|
|
73
73
|
|
74
74
|
// DSA contains functions for signing and verifying with the Digital Signature
|
75
75
|
// Algorithm.
|
76
|
+
//
|
77
|
+
// This module is deprecated and retained for legacy reasons only. It is not
|
78
|
+
// considered a priority for performance or hardening work. Do not use it in
|
79
|
+
// new code. Use Ed25519, ECDSA with P-256, or RSA instead.
|
76
80
|
|
77
81
|
|
78
82
|
// Allocation and destruction.
|
@@ -413,12 +417,13 @@ struct dsa_st {
|
|
413
417
|
|
414
418
|
extern "C++" {
|
415
419
|
|
416
|
-
|
420
|
+
BSSL_NAMESPACE_BEGIN
|
417
421
|
|
418
422
|
BORINGSSL_MAKE_DELETER(DSA, DSA_free)
|
423
|
+
BORINGSSL_MAKE_UP_REF(DSA, DSA_up_ref)
|
419
424
|
BORINGSSL_MAKE_DELETER(DSA_SIG, DSA_SIG_free)
|
420
425
|
|
421
|
-
|
426
|
+
BSSL_NAMESPACE_END
|
422
427
|
|
423
428
|
} // extern C++
|
424
429
|
|
@@ -431,5 +436,6 @@ BORINGSSL_MAKE_DELETER(DSA_SIG, DSA_SIG_free)
|
|
431
436
|
#define DSA_R_BAD_VERSION 104
|
432
437
|
#define DSA_R_DECODE_ERROR 105
|
433
438
|
#define DSA_R_ENCODE_ERROR 106
|
439
|
+
#define DSA_R_INVALID_PARAMETERS 107
|
434
440
|
|
435
441
|
#endif // OPENSSL_HEADER_DSA_H
|
@@ -0,0 +1,18 @@
|
|
1
|
+
/* Copyright (c) 2018, Google Inc.
|
2
|
+
*
|
3
|
+
* Permission to use, copy, modify, and/or distribute this software for any
|
4
|
+
* purpose with or without fee is hereby granted, provided that the above
|
5
|
+
* copyright notice and this permission notice appear in all copies.
|
6
|
+
*
|
7
|
+
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
8
|
+
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
9
|
+
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
|
10
|
+
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
11
|
+
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
|
12
|
+
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
13
|
+
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
|
14
|
+
|
15
|
+
/* This header is provided in order to make compiling against code that expects
|
16
|
+
OpenSSL easier. */
|
17
|
+
|
18
|
+
#include <openssl/base.h>
|
@@ -102,7 +102,7 @@ typedef enum {
|
|
102
102
|
// Elliptic curve groups.
|
103
103
|
|
104
104
|
// EC_GROUP_new_by_curve_name returns a fresh EC_GROUP object for the elliptic
|
105
|
-
// curve specified by |nid|, or NULL on
|
105
|
+
// curve specified by |nid|, or NULL on unsupported NID or allocation failure.
|
106
106
|
//
|
107
107
|
// The supported NIDs are:
|
108
108
|
// NID_secp224r1 (P-224),
|
@@ -114,11 +114,10 @@ typedef enum {
|
|
114
114
|
// more modern primitives.
|
115
115
|
OPENSSL_EXPORT EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
|
116
116
|
|
117
|
-
// EC_GROUP_free
|
117
|
+
// EC_GROUP_free releases a reference to |group|.
|
118
118
|
OPENSSL_EXPORT void EC_GROUP_free(EC_GROUP *group);
|
119
119
|
|
120
|
-
// EC_GROUP_dup
|
121
|
-
// error.
|
120
|
+
// EC_GROUP_dup takes a reference to |a| and returns it.
|
122
121
|
OPENSSL_EXPORT EC_GROUP *EC_GROUP_dup(const EC_GROUP *a);
|
123
122
|
|
124
123
|
// EC_GROUP_cmp returns zero if |a| and |b| are the same group and non-zero
|
@@ -134,6 +133,9 @@ OPENSSL_EXPORT const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
|
|
134
133
|
// |group| that specifies the order of the group.
|
135
134
|
OPENSSL_EXPORT const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
|
136
135
|
|
136
|
+
// EC_GROUP_order_bits returns the number of bits of the order of |group|.
|
137
|
+
OPENSSL_EXPORT int EC_GROUP_order_bits(const EC_GROUP *group);
|
138
|
+
|
137
139
|
// EC_GROUP_get_cofactor sets |*cofactor| to the cofactor of |group| using
|
138
140
|
// |ctx|, if it's not NULL. It returns one on success and zero otherwise.
|
139
141
|
OPENSSL_EXPORT int EC_GROUP_get_cofactor(const EC_GROUP *group,
|
@@ -155,6 +157,16 @@ OPENSSL_EXPORT int EC_GROUP_get_curve_name(const EC_GROUP *group);
|
|
155
157
|
// element of the field underlying |group|.
|
156
158
|
OPENSSL_EXPORT unsigned EC_GROUP_get_degree(const EC_GROUP *group);
|
157
159
|
|
160
|
+
// EC_curve_nid2nist returns the NIST name of the elliptic curve specified by
|
161
|
+
// |nid|, or NULL if |nid| is not a NIST curve. For example, it returns "P-256"
|
162
|
+
// for |NID_X9_62_prime256v1|.
|
163
|
+
OPENSSL_EXPORT const char *EC_curve_nid2nist(int nid);
|
164
|
+
|
165
|
+
// EC_curve_nist2nid returns the NID of the elliptic curve specified by the NIST
|
166
|
+
// name |name|, or |NID_undef| if |name| is not a recognized name. For example,
|
167
|
+
// it returns |NID_X9_62_prime256v1| for "P-256".
|
168
|
+
OPENSSL_EXPORT int EC_curve_nist2nid(const char *name);
|
169
|
+
|
158
170
|
|
159
171
|
// Points on elliptic curves.
|
160
172
|
|
@@ -195,17 +207,6 @@ OPENSSL_EXPORT int EC_POINT_is_on_curve(const EC_GROUP *group,
|
|
195
207
|
OPENSSL_EXPORT int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a,
|
196
208
|
const EC_POINT *b, BN_CTX *ctx);
|
197
209
|
|
198
|
-
// EC_POINT_make_affine converts |point| to affine form, internally. It returns
|
199
|
-
// one on success and zero otherwise. If |ctx| is not NULL, it may be used.
|
200
|
-
OPENSSL_EXPORT int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point,
|
201
|
-
BN_CTX *ctx);
|
202
|
-
|
203
|
-
// EC_POINTs_make_affine converts |num| points from |points| to affine form,
|
204
|
-
// internally. It returns one on success and zero otherwise. If |ctx| is not
|
205
|
-
// NULL, it may be used.
|
206
|
-
OPENSSL_EXPORT int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
|
207
|
-
EC_POINT *points[], BN_CTX *ctx);
|
208
|
-
|
209
210
|
|
210
211
|
// Point conversion.
|
211
212
|
|
@@ -324,10 +325,11 @@ OPENSSL_EXPORT int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order,
|
|
324
325
|
OPENSSL_EXPORT void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
|
325
326
|
|
326
327
|
#define OPENSSL_EC_NAMED_CURVE 0
|
328
|
+
#define OPENSSL_EC_EXPLICIT_CURVE 1
|
327
329
|
|
328
330
|
typedef struct ec_method_st EC_METHOD;
|
329
331
|
|
330
|
-
// EC_GROUP_method_of returns NULL.
|
332
|
+
// EC_GROUP_method_of returns a dummy non-NULL pointer.
|
331
333
|
OPENSSL_EXPORT const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
|
332
334
|
|
333
335
|
// EC_METHOD_get_field_type returns NID_X9_62_prime_field.
|
@@ -355,21 +357,23 @@ OPENSSL_EXPORT size_t EC_get_builtin_curves(EC_builtin_curve *out_curves,
|
|
355
357
|
// EC_POINT_clear_free calls |EC_POINT_free|.
|
356
358
|
OPENSSL_EXPORT void EC_POINT_clear_free(EC_POINT *point);
|
357
359
|
|
358
|
-
// Old code expects to get EC_KEY from ec.h.
|
359
|
-
#include <openssl/ec_key.h>
|
360
|
-
|
361
360
|
|
362
361
|
#if defined(__cplusplus)
|
363
362
|
} // extern C
|
363
|
+
#endif
|
364
364
|
|
365
|
+
// Old code expects to get EC_KEY from ec.h.
|
366
|
+
#include <openssl/ec_key.h>
|
367
|
+
|
368
|
+
#if defined(__cplusplus)
|
365
369
|
extern "C++" {
|
366
370
|
|
367
|
-
|
371
|
+
BSSL_NAMESPACE_BEGIN
|
368
372
|
|
369
373
|
BORINGSSL_MAKE_DELETER(EC_POINT, EC_POINT_free)
|
370
374
|
BORINGSSL_MAKE_DELETER(EC_GROUP, EC_GROUP_free)
|
371
375
|
|
372
|
-
|
376
|
+
BSSL_NAMESPACE_END
|
373
377
|
|
374
378
|
} // extern C++
|
375
379
|
|