grpc 1.27.0 → 1.28.0.pre2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (678) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +707 -629
  3. data/include/grpc/impl/codegen/grpc_types.h +5 -0
  4. data/include/grpc/impl/codegen/port_platform.h +7 -0
  5. data/include/grpc/impl/codegen/sync.h +5 -3
  6. data/include/grpc/impl/codegen/sync_abseil.h +36 -0
  7. data/include/grpc/module.modulemap +3 -0
  8. data/include/grpc/support/sync_abseil.h +26 -0
  9. data/src/core/ext/filters/client_channel/client_channel.cc +47 -29
  10. data/src/core/ext/filters/client_channel/client_channel_channelz.cc +31 -47
  11. data/src/core/ext/filters/client_channel/client_channel_channelz.h +1 -3
  12. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +1 -1
  13. data/src/core/ext/filters/client_channel/http_proxy.cc +4 -1
  14. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +21 -28
  15. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +18 -21
  16. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +9 -13
  17. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +46 -72
  18. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +413 -422
  19. data/src/core/ext/filters/client_channel/lb_policy_factory.h +3 -3
  20. data/src/core/ext/filters/client_channel/lb_policy_registry.cc +43 -75
  21. data/src/core/ext/filters/client_channel/lb_policy_registry.h +1 -1
  22. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +57 -70
  23. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +1 -1
  24. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +1 -1
  25. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +1 -1
  26. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +3 -3
  27. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +2 -2
  28. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +1 -1
  29. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +3 -3
  30. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +4 -2
  31. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +228 -286
  32. data/src/core/ext/filters/client_channel/resolver_result_parsing.h +2 -2
  33. data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +13 -14
  34. data/src/core/ext/filters/client_channel/resolving_lb_policy.h +5 -7
  35. data/src/core/ext/filters/client_channel/service_config.cc +91 -160
  36. data/src/core/ext/filters/client_channel/service_config.h +14 -21
  37. data/src/core/ext/filters/client_channel/xds/xds_api.cc +581 -251
  38. data/src/core/ext/filters/client_channel/xds/xds_api.h +189 -151
  39. data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +133 -350
  40. data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +18 -39
  41. data/src/core/ext/filters/client_channel/xds/xds_channel.h +3 -1
  42. data/src/core/ext/filters/client_channel/xds/xds_channel_secure.cc +12 -9
  43. data/src/core/ext/filters/client_channel/xds/xds_client.cc +559 -242
  44. data/src/core/ext/filters/client_channel/xds/xds_client.h +54 -34
  45. data/src/core/ext/filters/client_channel/xds/xds_client_stats.cc +53 -128
  46. data/src/core/ext/filters/client_channel/xds/xds_client_stats.h +105 -132
  47. data/src/core/ext/filters/message_size/message_size_filter.cc +32 -35
  48. data/src/core/ext/filters/message_size/message_size_filter.h +1 -1
  49. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +3 -6
  50. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +4 -6
  51. data/src/core/ext/transport/chttp2/transport/writing.cc +1 -1
  52. data/src/core/ext/transport/inproc/inproc_transport.cc +22 -42
  53. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.c +17 -0
  54. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +30 -0
  55. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +27 -0
  56. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +54 -0
  57. data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +46 -21
  58. data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.h +116 -29
  59. data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.c +4 -362
  60. data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.h +14 -1337
  61. data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.c +390 -0
  62. data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.h +1411 -0
  63. data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +29 -8
  64. data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.h +60 -0
  65. data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.c +1 -0
  66. data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.c +1 -0
  67. data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +5 -3
  68. data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.h +6 -2
  69. data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +48 -5
  70. data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +154 -4
  71. data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +19 -15
  72. data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.h +46 -32
  73. data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +26 -4
  74. data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.h +70 -0
  75. data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +42 -25
  76. data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +83 -25
  77. data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.c +1 -0
  78. data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +43 -7
  79. data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +115 -0
  80. data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +1 -0
  81. data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.c +7 -68
  82. data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.h +14 -201
  83. data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.c +91 -0
  84. data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.h +240 -0
  85. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +1 -71
  86. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.h +3 -228
  87. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.c +88 -0
  88. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.h +258 -0
  89. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +1 -0
  90. data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.c +30 -0
  91. data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.h +53 -0
  92. data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.c +104 -0
  93. data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.h +383 -0
  94. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.c +17 -0
  95. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.h +33 -0
  96. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.c +144 -0
  97. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.h +527 -0
  98. data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.c +42 -0
  99. data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.h +112 -0
  100. data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.c +29 -0
  101. data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.h +53 -0
  102. data/src/core/ext/upb-generated/envoy/api/v2/route.upb.c +62 -0
  103. data/src/core/ext/upb-generated/envoy/api/v2/route.upb.h +199 -0
  104. data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.c +17 -0
  105. data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.h +33 -0
  106. data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.c +793 -0
  107. data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.h +2936 -0
  108. data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.c +58 -0
  109. data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.h +134 -0
  110. data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.c +27 -0
  111. data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.h +53 -0
  112. data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.c +227 -0
  113. data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.h +725 -0
  114. data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.c +296 -0
  115. data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.h +1072 -0
  116. data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.c +32 -0
  117. data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.h +65 -0
  118. data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.c +47 -0
  119. data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.h +108 -0
  120. data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.c +52 -0
  121. data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.h +133 -0
  122. data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.c +87 -0
  123. data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.h +258 -0
  124. data/src/core/ext/upb-generated/envoy/type/range.upb.c +11 -0
  125. data/src/core/ext/upb-generated/envoy/type/range.upb.h +27 -0
  126. data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.c +28 -0
  127. data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.h +62 -0
  128. data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.c +88 -0
  129. data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.h +249 -0
  130. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +30 -27
  131. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +64 -52
  132. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +48 -0
  133. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +104 -0
  134. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.c +17 -0
  135. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +30 -0
  136. data/src/core/ext/upb-generated/validate/validate.upb.c +38 -34
  137. data/src/core/ext/upb-generated/validate/validate.upb.h +129 -99
  138. data/src/core/lib/channel/channel_trace.cc +32 -41
  139. data/src/core/lib/channel/channel_trace.h +3 -3
  140. data/src/core/lib/channel/channelz.cc +158 -248
  141. data/src/core/lib/channel/channelz.h +12 -15
  142. data/src/core/lib/channel/channelz_registry.cc +47 -74
  143. data/src/core/lib/channel/channelz_registry.h +4 -4
  144. data/src/core/lib/gpr/sync_abseil.cc +114 -0
  145. data/src/core/lib/gpr/sync_posix.cc +8 -5
  146. data/src/core/lib/gpr/sync_windows.cc +4 -2
  147. data/src/core/lib/gprpp/host_port.cc +1 -1
  148. data/src/core/lib/gprpp/inlined_vector.h +1 -210
  149. data/src/core/lib/gprpp/memory.h +2 -6
  150. data/src/core/lib/gprpp/optional.h +0 -41
  151. data/src/core/lib/gprpp/string_view.h +5 -114
  152. data/src/core/lib/iomgr/buffer_list.cc +36 -35
  153. data/src/core/lib/iomgr/error.h +4 -4
  154. data/src/core/lib/iomgr/ev_epollex_linux.cc +12 -4
  155. data/src/core/lib/iomgr/load_file.cc +1 -0
  156. data/src/core/lib/iomgr/tcp_client_posix.cc +17 -17
  157. data/src/core/lib/iomgr/tcp_client_posix.h +6 -6
  158. data/src/core/lib/iomgr/tcp_posix.cc +2 -1
  159. data/src/core/lib/iomgr/work_serializer.cc +155 -0
  160. data/src/core/lib/iomgr/work_serializer.h +65 -0
  161. data/src/core/lib/json/json.h +209 -79
  162. data/src/core/lib/json/json_reader.cc +469 -455
  163. data/src/core/lib/json/json_writer.cc +173 -169
  164. data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
  165. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +10 -8
  166. data/src/core/lib/security/credentials/jwt/json_token.cc +26 -56
  167. data/src/core/lib/security/credentials/jwt/json_token.h +2 -1
  168. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +8 -18
  169. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +149 -159
  170. data/src/core/lib/security/credentials/jwt/jwt_verifier.h +2 -3
  171. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +37 -34
  172. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
  173. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +2 -1
  174. data/src/core/lib/security/security_connector/local/local_security_connector.cc +5 -7
  175. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +3 -15
  176. data/src/core/lib/security/security_connector/ssl_utils.cc +3 -1
  177. data/src/core/lib/security/security_connector/ssl_utils.h +0 -1
  178. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +24 -1
  179. data/src/core/lib/security/security_connector/tls/tls_security_connector.h +5 -1
  180. data/src/core/lib/security/transport/security_handshaker.cc +2 -2
  181. data/src/core/lib/security/util/json_util.cc +22 -15
  182. data/src/core/lib/security/util/json_util.h +2 -2
  183. data/src/core/lib/surface/version.cc +1 -1
  184. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +1 -1
  185. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +1 -1
  186. data/src/core/tsi/grpc_shadow_boringssl.h +1333 -1319
  187. data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
  188. data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +1 -1
  189. data/src/core/tsi/ssl_transport_security.cc +2 -1
  190. data/src/ruby/lib/grpc/version.rb +1 -1
  191. data/third_party/abseil-cpp/absl/base/attributes.h +1 -1
  192. data/third_party/abseil-cpp/absl/base/config.h +10 -4
  193. data/third_party/abseil-cpp/absl/base/internal/atomic_hook.h +30 -9
  194. data/third_party/abseil-cpp/absl/base/internal/errno_saver.h +43 -0
  195. data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +7 -5
  196. data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +2 -1
  197. data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +2 -2
  198. data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +2 -3
  199. data/third_party/abseil-cpp/absl/base/internal/spinlock_posix.inc +3 -3
  200. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +37 -0
  201. data/third_party/abseil-cpp/absl/base/options.h +2 -10
  202. data/third_party/abseil-cpp/absl/strings/charconv.cc +0 -1
  203. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +388 -0
  204. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +432 -0
  205. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +245 -0
  206. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +209 -0
  207. data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +326 -0
  208. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +51 -0
  209. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +415 -0
  210. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +493 -0
  211. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +23 -0
  212. data/third_party/abseil-cpp/absl/strings/internal/str_format/output.cc +72 -0
  213. data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +104 -0
  214. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +334 -0
  215. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +333 -0
  216. data/third_party/abseil-cpp/absl/strings/str_format.h +537 -0
  217. data/third_party/abseil-cpp/absl/strings/string_view.h +19 -11
  218. data/{src/boringssl → third_party/boringssl-with-bazel}/err_data.c +0 -0
  219. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_bitstr.c +0 -0
  220. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_bool.c +0 -0
  221. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_d2i_fp.c +0 -0
  222. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_dup.c +0 -0
  223. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_enum.c +0 -0
  224. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_gentm.c +0 -0
  225. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_i2d_fp.c +0 -0
  226. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_int.c +0 -0
  227. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_mbstr.c +0 -0
  228. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_object.c +0 -0
  229. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_octet.c +0 -0
  230. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_print.c +0 -0
  231. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_strnid.c +0 -0
  232. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_time.c +3 -4
  233. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_type.c +0 -0
  234. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_utctm.c +0 -0
  235. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_utf8.c +0 -0
  236. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn1_lib.c +0 -0
  237. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn1_locl.h +0 -0
  238. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn1_par.c +0 -0
  239. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn_pack.c +0 -0
  240. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/f_enum.c +0 -0
  241. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/f_int.c +0 -0
  242. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/f_string.c +0 -0
  243. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_dec.c +0 -0
  244. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_enc.c +0 -0
  245. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_fre.c +0 -0
  246. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_new.c +0 -0
  247. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_typ.c +0 -0
  248. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_utl.c +0 -0
  249. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/time_support.c +0 -0
  250. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/base64/base64.c +0 -0
  251. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/bio.c +0 -0
  252. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/bio_mem.c +0 -0
  253. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/connect.c +3 -4
  254. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/fd.c +0 -1
  255. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/file.c +5 -6
  256. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/hexdump.c +0 -0
  257. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/internal.h +0 -0
  258. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/pair.c +0 -1
  259. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/printf.c +0 -0
  260. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/socket.c +0 -0
  261. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/socket_helper.c +0 -0
  262. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bn_extra/bn_asn1.c +0 -0
  263. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bn_extra/convert.c +0 -0
  264. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/buf/buf.c +10 -69
  265. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/asn1_compat.c +0 -0
  266. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/ber.c +0 -0
  267. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/cbb.c +41 -2
  268. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/cbs.c +60 -3
  269. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/internal.h +0 -0
  270. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/unicode.c +0 -0
  271. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/chacha/chacha.c +0 -0
  272. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/chacha/internal.h +0 -0
  273. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/cipher_extra.c +0 -0
  274. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/derive_key.c +0 -0
  275. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_aesccm.c +0 -0
  276. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_aesctrhmac.c +0 -0
  277. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_aesgcmsiv.c +8 -0
  278. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_chacha20poly1305.c +0 -0
  279. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_null.c +0 -0
  280. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_rc2.c +0 -0
  281. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_rc4.c +0 -0
  282. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_tls.c +0 -0
  283. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/internal.h +0 -0
  284. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/tls_cbc.c +0 -0
  285. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cmac/cmac.c +0 -0
  286. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/conf/conf.c +0 -0
  287. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/conf/conf_def.h +0 -0
  288. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/conf/internal.h +0 -0
  289. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-aarch64-fuchsia.c +0 -0
  290. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-aarch64-linux.c +0 -0
  291. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-arm-linux.c +0 -1
  292. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-arm-linux.h +0 -0
  293. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-arm.c +0 -0
  294. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-intel.c +0 -0
  295. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-ppc64le.c +0 -0
  296. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/crypto.c +0 -0
  297. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/curve25519/spake25519.c +0 -0
  298. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/check.c +3 -3
  299. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/dh.c +1 -2
  300. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/dh_asn1.c +0 -0
  301. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/params.c +0 -0
  302. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/digest_extra/digest_extra.c +0 -0
  303. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dsa/dsa.c +0 -0
  304. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dsa/dsa_asn1.c +0 -0
  305. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ec_extra/ec_asn1.c +0 -0
  306. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ec_extra/ec_derive.c +2 -3
  307. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ecdh_extra/ecdh_extra.c +0 -0
  308. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ecdsa_extra/ecdsa_asn1.c +0 -0
  309. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/engine/engine.c +0 -0
  310. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/err/err.c +6 -6
  311. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/err/internal.h +0 -0
  312. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/digestsign.c +0 -0
  313. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/evp.c +0 -0
  314. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/evp_asn1.c +0 -0
  315. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/evp_ctx.c +0 -0
  316. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/internal.h +0 -0
  317. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_dsa_asn1.c +0 -0
  318. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ec.c +0 -1
  319. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ec_asn1.c +0 -0
  320. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ed25519.c +0 -0
  321. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ed25519_asn1.c +0 -0
  322. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_rsa.c +14 -2
  323. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_rsa_asn1.c +0 -0
  324. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_x25519.c +0 -0
  325. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_x25519_asn1.c +1 -2
  326. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/pbkdf.c +0 -0
  327. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/print.c +0 -0
  328. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/scrypt.c +0 -0
  329. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/sign.c +0 -0
  330. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ex_data.c +0 -0
  331. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +108 -0
  332. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +1282 -0
  333. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/aes/internal.h +5 -7
  334. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/aes/key_wrap.c +0 -0
  335. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/aes/mode_wrappers.c +0 -2
  336. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bcm.c +2 -0
  337. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/add.c +0 -0
  338. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/asm/x86_64-gcc.c +0 -0
  339. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/bn.c +0 -0
  340. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/bytes.c +0 -0
  341. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/cmp.c +0 -0
  342. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/ctx.c +0 -0
  343. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/div.c +0 -0
  344. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/div_extra.c +0 -0
  345. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/exponentiation.c +0 -0
  346. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/gcd.c +0 -0
  347. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/gcd_extra.c +0 -0
  348. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/generic.c +0 -0
  349. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/internal.h +0 -0
  350. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/jacobi.c +0 -0
  351. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/montgomery.c +0 -0
  352. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/montgomery_inv.c +0 -0
  353. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/mul.c +0 -0
  354. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/prime.c +11 -12
  355. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/random.c +0 -0
  356. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/rsaz_exp.c +0 -0
  357. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/rsaz_exp.h +0 -0
  358. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/shift.c +0 -0
  359. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/sqrt.c +0 -0
  360. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/aead.c +0 -0
  361. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/cipher.c +0 -0
  362. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/e_aes.c +3 -5
  363. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/e_des.c +0 -0
  364. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/internal.h +0 -0
  365. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/delocate.h +0 -0
  366. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/des/des.c +0 -0
  367. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/des/internal.h +0 -0
  368. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/digest.c +0 -0
  369. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/digests.c +0 -0
  370. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/internal.h +0 -0
  371. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/md32_common.h +0 -0
  372. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/ec.c +0 -0
  373. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/ec_key.c +1 -1
  374. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/ec_montgomery.c +0 -0
  375. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/felem.c +0 -0
  376. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/internal.h +0 -0
  377. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/oct.c +0 -0
  378. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/p224-64.c +0 -0
  379. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/p256-x86_64-table.h +0 -0
  380. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/p256-x86_64.c +0 -0
  381. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/p256-x86_64.h +0 -0
  382. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/scalar.c +0 -0
  383. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/simple.c +0 -0
  384. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/simple_mul.c +0 -0
  385. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/util.c +0 -0
  386. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/wnaf.c +0 -0
  387. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ecdh/ecdh.c +0 -0
  388. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ecdsa/ecdsa.c +0 -0
  389. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/fips_shared_support.c +0 -0
  390. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/hmac/hmac.c +0 -0
  391. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/is_fips.c +0 -0
  392. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/md4/md4.c +0 -0
  393. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/md5/internal.h +0 -0
  394. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/md5/md5.c +0 -0
  395. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/cbc.c +0 -0
  396. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/cfb.c +0 -0
  397. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/ctr.c +0 -0
  398. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/gcm.c +45 -193
  399. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +304 -0
  400. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/internal.h +8 -18
  401. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/ofb.c +0 -0
  402. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/polyval.c +0 -0
  403. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/ctrdrbg.c +0 -0
  404. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/internal.h +0 -0
  405. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/rand.c +0 -0
  406. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/urandom.c +0 -0
  407. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/blinding.c +0 -0
  408. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/internal.h +0 -0
  409. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/padding.c +0 -0
  410. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/rsa.c +7 -1
  411. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/rsa_impl.c +60 -51
  412. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/self_check/self_check.c +0 -0
  413. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/internal.h +0 -0
  414. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha1-altivec.c +0 -0
  415. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha1.c +0 -0
  416. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha256.c +0 -0
  417. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha512.c +0 -0
  418. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/tls/internal.h +0 -0
  419. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/tls/kdf.c +0 -0
  420. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/hkdf/hkdf.c +0 -0
  421. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/hrss/hrss.c +210 -311
  422. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/hrss/internal.h +0 -1
  423. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/internal.h +21 -1
  424. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/lhash/lhash.c +0 -0
  425. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/mem.c +70 -0
  426. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/obj/obj.c +16 -21
  427. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/obj/obj_dat.h +27 -6
  428. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/obj/obj_xref.c +0 -0
  429. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_all.c +0 -0
  430. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_info.c +0 -1
  431. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_lib.c +7 -7
  432. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_oth.c +0 -1
  433. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_pk8.c +0 -1
  434. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_pkey.c +0 -1
  435. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_x509.c +0 -0
  436. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_xaux.c +0 -0
  437. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs7/internal.h +0 -0
  438. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs7/pkcs7.c +0 -0
  439. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs7/pkcs7_x509.c +1 -1
  440. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/internal.h +0 -0
  441. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/p5_pbev2.c +0 -0
  442. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/pkcs8.c +0 -0
  443. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/pkcs8_x509.c +0 -0
  444. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/internal.h +0 -0
  445. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/poly1305.c +2 -2
  446. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/poly1305_arm.c +21 -20
  447. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/poly1305_vec.c +34 -17
  448. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pool/internal.h +0 -0
  449. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pool/pool.c +1 -2
  450. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/deterministic.c +0 -0
  451. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/forkunsafe.c +0 -0
  452. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/fuchsia.c +0 -0
  453. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/rand_extra.c +0 -0
  454. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/windows.c +0 -0
  455. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rc4/rc4.c +0 -0
  456. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/refcount_c11.c +0 -0
  457. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/refcount_lock.c +0 -0
  458. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rsa_extra/rsa_asn1.c +0 -0
  459. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rsa_extra/rsa_print.c +0 -0
  460. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/siphash/siphash.c +3 -1
  461. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/stack/stack.c +0 -0
  462. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread.c +0 -0
  463. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread_none.c +0 -0
  464. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread_pthread.c +0 -0
  465. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread_win.c +0 -0
  466. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_digest.c +0 -0
  467. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_sign.c +0 -0
  468. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_strex.c +0 -0
  469. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_verify.c +0 -1
  470. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/algorithm.c +0 -0
  471. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/asn1_gen.c +0 -0
  472. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/by_dir.c +1 -1
  473. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/by_file.c +0 -1
  474. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/charmap.h +0 -0
  475. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/i2d_pr.c +0 -0
  476. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/internal.h +0 -0
  477. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/rsa_pss.c +0 -0
  478. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_crl.c +0 -0
  479. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_req.c +0 -0
  480. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_x509.c +0 -0
  481. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_x509a.c +0 -0
  482. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/vpm_int.h +0 -0
  483. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509.c +0 -0
  484. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_att.c +0 -0
  485. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_cmp.c +0 -1
  486. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_d2.c +0 -0
  487. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_def.c +0 -0
  488. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_ext.c +0 -0
  489. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_lu.c +0 -0
  490. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_obj.c +1 -1
  491. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_r2x.c +0 -1
  492. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_req.c +0 -1
  493. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_set.c +0 -0
  494. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_trs.c +1 -2
  495. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_txt.c +0 -0
  496. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_v3.c +0 -0
  497. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_vfy.c +0 -1
  498. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_vpm.c +3 -4
  499. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509cset.c +0 -0
  500. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509name.c +0 -0
  501. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509rset.c +0 -0
  502. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509spki.c +0 -0
  503. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_algor.c +0 -0
  504. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_all.c +0 -1
  505. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_attrib.c +0 -0
  506. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_crl.c +0 -0
  507. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_exten.c +0 -0
  508. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_info.c +0 -0
  509. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_name.c +0 -0
  510. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_pkey.c +0 -0
  511. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_pubkey.c +0 -0
  512. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_req.c +0 -0
  513. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_sig.c +0 -0
  514. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_spki.c +0 -0
  515. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_val.c +0 -0
  516. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_x509.c +0 -0
  517. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_x509a.c +0 -0
  518. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/ext_dat.h +0 -0
  519. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/internal.h +0 -0
  520. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_cache.c +0 -0
  521. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_data.c +0 -0
  522. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_int.h +0 -0
  523. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_lib.c +0 -0
  524. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_map.c +0 -0
  525. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_node.c +0 -0
  526. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_tree.c +0 -0
  527. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_akey.c +0 -0
  528. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_akeya.c +0 -0
  529. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_alt.c +3 -3
  530. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_bcons.c +0 -0
  531. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_bitst.c +0 -0
  532. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_conf.c +0 -0
  533. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_cpols.c +0 -0
  534. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_crld.c +0 -0
  535. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_enum.c +2 -2
  536. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_extku.c +0 -0
  537. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_genn.c +0 -0
  538. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_ia5.c +0 -0
  539. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_info.c +4 -5
  540. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_int.c +0 -0
  541. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_lib.c +0 -0
  542. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_ncons.c +0 -0
  543. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_ocsp.c +0 -0
  544. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pci.c +0 -0
  545. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pcia.c +0 -0
  546. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pcons.c +0 -0
  547. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pku.c +0 -0
  548. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pmaps.c +0 -0
  549. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_prn.c +0 -0
  550. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_purp.c +2 -3
  551. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_skey.c +0 -0
  552. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_sxnet.c +0 -0
  553. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_utl.c +11 -12
  554. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/aead.h +0 -0
  555. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/aes.h +0 -0
  556. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/arm_arch.h +0 -0
  557. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/asn1.h +0 -0
  558. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/asn1_mac.h +0 -0
  559. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/asn1t.h +0 -0
  560. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/base.h +0 -0
  561. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/base64.h +0 -0
  562. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/bio.h +0 -0
  563. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/blowfish.h +0 -0
  564. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/bn.h +32 -20
  565. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/buf.h +9 -9
  566. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/buffer.h +0 -0
  567. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/bytestring.h +34 -0
  568. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cast.h +0 -0
  569. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/chacha.h +0 -0
  570. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cipher.h +0 -0
  571. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cmac.h +0 -0
  572. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/conf.h +0 -0
  573. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cpu.h +0 -0
  574. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/crypto.h +0 -0
  575. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/curve25519.h +0 -0
  576. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/des.h +0 -0
  577. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/dh.h +0 -0
  578. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/digest.h +0 -0
  579. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/dsa.h +0 -0
  580. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/dtls1.h +0 -0
  581. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/e_os2.h +0 -0
  582. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ec.h +11 -4
  583. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ec_key.h +4 -2
  584. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ecdh.h +0 -0
  585. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ecdsa.h +0 -0
  586. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/engine.h +0 -0
  587. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/err.h +11 -9
  588. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/evp.h +20 -0
  589. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ex_data.h +0 -0
  590. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/hkdf.h +0 -0
  591. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/hmac.h +0 -0
  592. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/hrss.h +0 -0
  593. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/is_boringssl.h +0 -0
  594. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/lhash.h +0 -0
  595. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/md4.h +0 -0
  596. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/md5.h +0 -0
  597. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/mem.h +17 -2
  598. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/nid.h +9 -0
  599. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/obj.h +0 -0
  600. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/obj_mac.h +0 -0
  601. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/objects.h +0 -0
  602. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/opensslconf.h +0 -0
  603. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/opensslv.h +0 -0
  604. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ossl_typ.h +0 -0
  605. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pem.h +0 -0
  606. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pkcs12.h +0 -0
  607. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pkcs7.h +0 -0
  608. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pkcs8.h +0 -0
  609. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/poly1305.h +5 -7
  610. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pool.h +0 -0
  611. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/rand.h +0 -0
  612. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/rc4.h +0 -0
  613. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ripemd.h +0 -0
  614. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/rsa.h +0 -0
  615. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/safestack.h +0 -0
  616. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/sha.h +0 -0
  617. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/siphash.h +0 -0
  618. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/span.h +0 -0
  619. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/srtp.h +0 -0
  620. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ssl.h +10 -20
  621. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ssl3.h +0 -0
  622. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/stack.h +0 -0
  623. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/thread.h +0 -0
  624. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/tls1.h +0 -3
  625. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/type_check.h +0 -0
  626. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/x509.h +0 -0
  627. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/x509_vfy.h +0 -0
  628. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/x509v3.h +0 -0
  629. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/bio_ssl.cc +0 -0
  630. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_both.cc +0 -1
  631. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_lib.cc +0 -0
  632. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_pkt.cc +0 -1
  633. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_srtp.cc +0 -0
  634. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/dtls_method.cc +0 -1
  635. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/dtls_record.cc +0 -0
  636. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handoff.cc +126 -29
  637. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handshake.cc +5 -4
  638. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handshake_client.cc +24 -13
  639. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handshake_server.cc +1 -5
  640. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/internal.h +32 -26
  641. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/s3_both.cc +0 -0
  642. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/s3_lib.cc +2 -3
  643. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/s3_pkt.cc +0 -1
  644. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_aead_ctx.cc +0 -0
  645. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_asn1.cc +1 -2
  646. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_buffer.cc +34 -15
  647. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_cert.cc +0 -1
  648. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_cipher.cc +0 -1
  649. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_file.cc +0 -0
  650. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_key_share.cc +0 -0
  651. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_lib.cc +13 -14
  652. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_privkey.cc +0 -0
  653. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_session.cc +2 -1
  654. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_stat.cc +0 -0
  655. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_transcript.cc +0 -0
  656. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_versions.cc +1 -1
  657. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_x509.cc +0 -0
  658. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/t1_enc.cc +0 -0
  659. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/t1_lib.cc +11 -171
  660. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_both.cc +0 -0
  661. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_client.cc +3 -4
  662. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_enc.cc +5 -1
  663. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_server.cc +78 -101
  664. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls_method.cc +1 -1
  665. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls_record.cc +7 -2
  666. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/curve25519.c +0 -0
  667. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/curve25519_32.h +0 -0
  668. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/curve25519_64.h +0 -0
  669. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/curve25519_tables.h +0 -0
  670. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/internal.h +0 -0
  671. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/p256.c +0 -0
  672. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/p256_32.h +0 -0
  673. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/p256_64.h +0 -0
  674. metadata +562 -491
  675. data/src/core/lib/iomgr/logical_thread.cc +0 -103
  676. data/src/core/lib/iomgr/logical_thread.h +0 -52
  677. data/src/core/lib/json/json.cc +0 -94
  678. data/third_party/boringssl/crypto/fipsmodule/aes/aes.c +0 -860
@@ -24,15 +24,6 @@
24
24
  #include <openssl/mem.h>
25
25
  #include <openssl/sha.h>
26
26
 
27
- #if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
28
- #include <emmintrin.h>
29
- #endif
30
-
31
- #if (defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)) && \
32
- (defined(__ARM_NEON__) || defined(__ARM_NEON))
33
- #include <arm_neon.h>
34
- #endif
35
-
36
27
  #if defined(_MSC_VER)
37
28
  #define RESTRICT
38
29
  #else
@@ -42,6 +33,15 @@
42
33
  #include "../internal.h"
43
34
  #include "internal.h"
44
35
 
36
+ #if defined(OPENSSL_SSE2)
37
+ #include <emmintrin.h>
38
+ #endif
39
+
40
+ #if (defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)) && \
41
+ (defined(__ARM_NEON__) || defined(__ARM_NEON))
42
+ #include <arm_neon.h>
43
+ #endif
44
+
45
45
  // This is an implementation of [HRSS], but with a KEM transformation based on
46
46
  // [SXY]. The primary references are:
47
47
 
@@ -51,8 +51,8 @@
51
51
  // SXY: https://eprint.iacr.org/2017/1005.pdf
52
52
  // NTRUTN14:
53
53
  // https://assets.onboardsecurity.com/static/downloads/NTRU/resources/NTRUTech014.pdf
54
- // NTRUCOMP:
55
- // https://eprint.iacr.org/2018/1174
54
+ // NTRUCOMP: https://eprint.iacr.org/2018/1174
55
+ // SAFEGCD: https://gcd.cr.yp.to/papers.html#safegcd
56
56
 
57
57
 
58
58
  // Vector operations.
@@ -63,22 +63,15 @@
63
63
  // 128-bit vector. The following functions abstract over the differences between
64
64
  // NEON and SSE2 for implementing some vector operations.
65
65
 
66
- // TODO: MSVC can likely also be made to work with vector operations.
67
- #if ((defined(__SSE__) && defined(OPENSSL_X86)) || defined(OPENSSL_X86_64)) && \
68
- (defined(__clang__) || !defined(_MSC_VER))
66
+ // TODO: MSVC can likely also be made to work with vector operations, but ^ must
67
+ // be replaced with _mm_xor_si128, etc.
68
+ #if defined(OPENSSL_SSE2) && (defined(__clang__) || !defined(_MSC_VER))
69
69
 
70
70
  #define HRSS_HAVE_VECTOR_UNIT
71
71
  typedef __m128i vec_t;
72
72
 
73
73
  // vec_capable returns one iff the current platform supports SSE2.
74
- static int vec_capable(void) {
75
- #if defined(__SSE2__)
76
- return 1;
77
- #else
78
- int has_sse2 = (OPENSSL_ia32cap_P[0] & (1 << 26)) != 0;
79
- return has_sse2;
80
- #endif
81
- }
74
+ static int vec_capable(void) { return 1; }
82
75
 
83
76
  // vec_add performs a pair-wise addition of four uint16s from |a| and |b|.
84
77
  static inline vec_t vec_add(vec_t a, vec_t b) { return _mm_add_epi16(a, b); }
@@ -191,13 +184,6 @@ static inline vec_t vec_broadcast_bit(vec_t a) {
191
184
  0b01010101);
192
185
  }
193
186
 
194
- // vec_broadcast_bit15 duplicates the most-significant bit of the first word in
195
- // |a| to all bits in a vector and returns the result.
196
- static inline vec_t vec_broadcast_bit15(vec_t a) {
197
- return _mm_shuffle_epi32(_mm_srai_epi32(_mm_slli_epi64(a, 63 - 15), 31),
198
- 0b01010101);
199
- }
200
-
201
187
  // vec_get_word returns the |i|th uint16_t in |v|. (This is a macro because the
202
188
  // compiler requires that |i| be a compile-time constant.)
203
189
  #define vec_get_word(v, i) _mm_extract_epi16(v, i)
@@ -253,11 +239,6 @@ static inline vec_t vec_broadcast_bit(vec_t a) {
253
239
  return vdupq_lane_u16(vget_low_u16(a), 0);
254
240
  }
255
241
 
256
- static inline vec_t vec_broadcast_bit15(vec_t a) {
257
- a = (vec_t)vshrq_n_s16((int16x8_t)a, 15);
258
- return vdupq_lane_u16(vget_low_u16(a), 0);
259
- }
260
-
261
242
  static inline void poly3_vec_lshift1(vec_t a_s[6], vec_t a_a[6]) {
262
243
  vec_t carry_s = {0};
263
244
  vec_t carry_a = {0};
@@ -331,99 +312,64 @@ static void poly2_zero(struct poly2 *p) {
331
312
  OPENSSL_memset(&p->v[0], 0, sizeof(crypto_word_t) * WORDS_PER_POLY);
332
313
  }
333
314
 
334
- // poly2_cmov sets |out| to |in| iff |mov| is all ones.
335
- static void poly2_cmov(struct poly2 *out, const struct poly2 *in,
336
- crypto_word_t mov) {
337
- for (size_t i = 0; i < WORDS_PER_POLY; i++) {
338
- out->v[i] = (out->v[i] & ~mov) | (in->v[i] & mov);
339
- }
340
- }
341
-
342
- // poly2_rotr_words performs a right-rotate on |in|, writing the result to
343
- // |out|. The shift count, |bits|, must be a non-zero multiple of the word size.
344
- static void poly2_rotr_words(struct poly2 *out, const struct poly2 *in,
345
- size_t bits) {
346
- assert(bits >= BITS_PER_WORD && bits % BITS_PER_WORD == 0);
347
- assert(out != in);
348
-
349
- const size_t start = bits / BITS_PER_WORD;
350
- const size_t n = (N - bits) / BITS_PER_WORD;
351
-
352
- // The rotate is by a whole number of words so the first few words are easy:
353
- // just move them down.
354
- for (size_t i = 0; i < n; i++) {
355
- out->v[i] = in->v[start + i];
356
- }
357
-
358
- // Since the last word is only partially filled, however, the remainder needs
359
- // shifting and merging of words to take care of that.
360
- crypto_word_t carry = in->v[WORDS_PER_POLY - 1];
315
+ // word_reverse returns |in| with the bits in reverse order.
316
+ static crypto_word_t word_reverse(crypto_word_t in) {
317
+ #if defined(OPENSSL_64_BIT)
318
+ static const crypto_word_t kMasks[6] = {
319
+ UINT64_C(0x5555555555555555),
320
+ UINT64_C(0x3333333333333333),
321
+ UINT64_C(0x0f0f0f0f0f0f0f0f),
322
+ UINT64_C(0x00ff00ff00ff00ff),
323
+ UINT64_C(0x0000ffff0000ffff),
324
+ UINT64_C(0x00000000ffffffff),
325
+ };
326
+ #else
327
+ static const crypto_word_t kMasks[5] = {
328
+ 0x55555555,
329
+ 0x33333333,
330
+ 0x0f0f0f0f,
331
+ 0x00ff00ff,
332
+ 0x0000ffff,
333
+ };
334
+ #endif
361
335
 
362
- for (size_t i = 0; i < start; i++) {
363
- out->v[n + i] = carry | in->v[i] << BITS_IN_LAST_WORD;
364
- carry = in->v[i] >> (BITS_PER_WORD - BITS_IN_LAST_WORD);
336
+ for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kMasks); i++) {
337
+ in = ((in >> (1 << i)) & kMasks[i]) | ((in & kMasks[i]) << (1 << i));
365
338
  }
366
339
 
367
- out->v[WORDS_PER_POLY - 1] = carry;
340
+ return in;
368
341
  }
369
342
 
370
- // poly2_rotr_bits performs a right-rotate on |in|, writing the result to |out|.
371
- // The shift count, |bits|, must be a power of two that is less than
372
- // |BITS_PER_WORD|.
373
- static void poly2_rotr_bits(struct poly2 *out, const struct poly2 *in,
374
- size_t bits) {
375
- assert(bits <= BITS_PER_WORD / 2);
376
- assert(bits != 0);
377
- assert((bits & (bits - 1)) == 0);
378
- assert(out != in);
379
-
380
- // BITS_PER_WORD/2 is the greatest legal value of |bits|. If
381
- // |BITS_IN_LAST_WORD| is smaller than this then the code below doesn't work
382
- // because more than the last word needs to carry down in the previous one and
383
- // so on.
384
- OPENSSL_STATIC_ASSERT(
385
- BITS_IN_LAST_WORD >= BITS_PER_WORD / 2,
386
- "there are more carry bits than fit in BITS_IN_LAST_WORD");
387
-
388
- crypto_word_t carry = in->v[WORDS_PER_POLY - 1] << (BITS_PER_WORD - bits);
343
+ // lsb_to_all replicates the least-significant bit of |v| to all bits of the
344
+ // word. This is used in bit-slicing operations to make a vector from a fixed
345
+ // value.
346
+ static crypto_word_t lsb_to_all(crypto_word_t v) { return 0u - (v & 1); }
389
347
 
390
- for (size_t i = WORDS_PER_POLY - 2; i < WORDS_PER_POLY; i--) {
391
- out->v[i] = carry | in->v[i] >> bits;
392
- carry = in->v[i] << (BITS_PER_WORD - bits);
348
+ // poly2_mod_phiN reduces |p| by Φ(N).
349
+ static void poly2_mod_phiN(struct poly2 *p) {
350
+ // m is the term at x^700, replicated to every bit.
351
+ const crypto_word_t m =
352
+ lsb_to_all(p->v[WORDS_PER_POLY - 1] >> (BITS_IN_LAST_WORD - 1));
353
+ for (size_t i = 0; i < WORDS_PER_POLY; i++) {
354
+ p->v[i] ^= m;
393
355
  }
394
-
395
- crypto_word_t last_word = carry >> (BITS_PER_WORD - BITS_IN_LAST_WORD) |
396
- in->v[WORDS_PER_POLY - 1] >> bits;
397
- last_word &= (UINT64_C(1) << BITS_IN_LAST_WORD) - 1;
398
- out->v[WORDS_PER_POLY - 1] = last_word;
356
+ p->v[WORDS_PER_POLY - 1] &= (UINT64_C(1) << (BITS_IN_LAST_WORD - 1)) - 1;
399
357
  }
400
358
 
401
- // HRSS_poly2_rotr_consttime right-rotates |p| by |bits| in constant-time.
402
- void HRSS_poly2_rotr_consttime(struct poly2 *p, size_t bits) {
403
- assert(bits <= N);
404
- assert(p->v[WORDS_PER_POLY-1] >> BITS_IN_LAST_WORD == 0);
405
-
406
- // Constant-time rotation is implemented by calculating the rotations of
407
- // powers-of-two bits and throwing away the unneeded values. 2^9 (i.e. 512) is
408
- // the largest power-of-two shift that we need to consider because 2^10 > N.
409
- #define HRSS_POLY2_MAX_SHIFT 9
410
- size_t shift = HRSS_POLY2_MAX_SHIFT;
411
- OPENSSL_STATIC_ASSERT((1 << (HRSS_POLY2_MAX_SHIFT + 1)) > N,
412
- "maximum shift is too small");
413
- OPENSSL_STATIC_ASSERT((1 << HRSS_POLY2_MAX_SHIFT) <= N,
414
- "maximum shift is too large");
415
- struct poly2 shifted;
416
-
417
- for (; (UINT64_C(1) << shift) >= BITS_PER_WORD; shift--) {
418
- poly2_rotr_words(&shifted, p, UINT64_C(1) << shift);
419
- poly2_cmov(p, &shifted, ~((1 & (bits >> shift)) - 1));
359
+ // poly2_reverse_700 reverses the order of the first 700 bits of |in| and writes
360
+ // the result to |out|.
361
+ static void poly2_reverse_700(struct poly2 *out, const struct poly2 *in) {
362
+ struct poly2 t;
363
+ for (size_t i = 0; i < WORDS_PER_POLY; i++) {
364
+ t.v[i] = word_reverse(in->v[i]);
420
365
  }
421
366
 
422
- for (; shift < HRSS_POLY2_MAX_SHIFT; shift--) {
423
- poly2_rotr_bits(&shifted, p, UINT64_C(1) << shift);
424
- poly2_cmov(p, &shifted, ~((1 & (bits >> shift)) - 1));
367
+ static const size_t shift = BITS_PER_WORD - ((N-1) % BITS_PER_WORD);
368
+ for (size_t i = 0; i < WORDS_PER_POLY-1; i++) {
369
+ out->v[i] = t.v[WORDS_PER_POLY-1-i] >> shift;
370
+ out->v[i] |= t.v[WORDS_PER_POLY-2-i] << (BITS_PER_WORD - shift);
425
371
  }
426
- #undef HRSS_POLY2_MAX_SHIFT
372
+ out->v[WORDS_PER_POLY-1] = t.v[0] >> shift;
427
373
  }
428
374
 
429
375
  // poly2_cswap exchanges the values of |a| and |b| if |swap| is all ones.
@@ -544,7 +490,14 @@ static void poly3_zero(struct poly3 *p) {
544
490
  poly2_zero(&p->a);
545
491
  }
546
492
 
547
- // poly3_word_mul sets (|out_s|, |out_a) to (|s1|, |a1|) × (|s2|, |a2|).
493
+ // poly3_reverse_700 reverses the order of the first 700 terms of |in| and
494
+ // writes them to |out|.
495
+ static void poly3_reverse_700(struct poly3 *out, const struct poly3 *in) {
496
+ poly2_reverse_700(&out->a, &in->a);
497
+ poly2_reverse_700(&out->s, &in->s);
498
+ }
499
+
500
+ // poly3_word_mul sets (|out_s|, |out_a|) to (|s1|, |a1|) × (|s2|, |a2|).
548
501
  static void poly3_word_mul(crypto_word_t *out_s, crypto_word_t *out_a,
549
502
  const crypto_word_t s1, const crypto_word_t a1,
550
503
  const crypto_word_t s2, const crypto_word_t a2) {
@@ -570,11 +523,6 @@ static void poly3_word_sub(crypto_word_t *out_s, crypto_word_t *out_a,
570
523
  *out_a = t | (s1 ^ s2);
571
524
  }
572
525
 
573
- // lsb_to_all replicates the least-significant bit of |v| to all bits of the
574
- // word. This is used in bit-slicing operations to make a vector from a fixed
575
- // value.
576
- static crypto_word_t lsb_to_all(crypto_word_t v) { return 0u - (v & 1); }
577
-
578
526
  // poly3_mul_const sets |p| to |p|×m, where m = (ms, ma).
579
527
  static void poly3_mul_const(struct poly3 *p, crypto_word_t ms,
580
528
  crypto_word_t ma) {
@@ -586,13 +534,6 @@ static void poly3_mul_const(struct poly3 *p, crypto_word_t ms,
586
534
  }
587
535
  }
588
536
 
589
- // poly3_rotr_consttime right-rotates |p| by |bits| in constant-time.
590
- static void poly3_rotr_consttime(struct poly3 *p, size_t bits) {
591
- assert(bits <= N);
592
- HRSS_poly2_rotr_consttime(&p->s, bits);
593
- HRSS_poly2_rotr_consttime(&p->a, bits);
594
- }
595
-
596
537
  // poly3_fmadd sets |out| to |out| - |in|×m, where m is (ms, ma).
597
538
  static void poly3_fmsub(struct poly3 *RESTRICT out,
598
539
  const struct poly3 *RESTRICT in, crypto_word_t ms,
@@ -835,83 +776,64 @@ static inline void poly3_vec_fmsub(vec_t a_s[6], vec_t a_a[6], vec_t b_s[6],
835
776
  // poly3_invert_vec sets |*out| to |in|^-1, i.e. such that |out|×|in| == 1 mod
836
777
  // Φ(N).
837
778
  static void poly3_invert_vec(struct poly3 *out, const struct poly3 *in) {
838
- // See the comment in |HRSS_poly3_invert| about this algorithm. In addition to
839
- // the changes described there, this implementation attempts to use vector
840
- // registers to speed up the computation. Even non-poly3 variables are held in
841
- // vectors where possible to minimise the amount of data movement between
842
- // the vector and general-purpose registers.
843
-
844
- vec_t b_s[6], b_a[6], c_s[6], c_a[6], f_s[6], f_a[6], g_s[6], g_a[6];
779
+ // This algorithm is taken from section 7.1 of [SAFEGCD].
845
780
  const vec_t kZero = {0};
846
781
  const vec_t kOne = {1};
847
- static const uint8_t kOneBytes[sizeof(vec_t)] = {1};
848
782
  static const uint8_t kBottomSixtyOne[sizeof(vec_t)] = {
849
783
  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f};
850
784
 
851
- memset(b_s, 0, sizeof(b_s));
852
- memcpy(b_a, kOneBytes, sizeof(kOneBytes));
853
- memset(&b_a[1], 0, 5 * sizeof(vec_t));
854
-
855
- memset(c_s, 0, sizeof(c_s));
856
- memset(c_a, 0, sizeof(c_a));
857
-
858
- f_s[5] = kZero;
859
- memcpy(f_s, in->s.v, WORDS_PER_POLY * sizeof(crypto_word_t));
860
- f_a[5] = kZero;
861
- memcpy(f_a, in->a.v, WORDS_PER_POLY * sizeof(crypto_word_t));
862
-
863
- // Set g to all ones.
864
- memset(g_s, 0, sizeof(g_s));
865
- memset(g_a, 0xff, 5 * sizeof(vec_t));
866
- memcpy(&g_a[5], kBottomSixtyOne, sizeof(kBottomSixtyOne));
867
-
868
- vec_t deg_f = {N - 1}, deg_g = {N - 1}, rotation = kZero;
869
- vec_t k = kOne;
870
- vec_t f0s = {0}, f0a = {0};
871
- vec_t still_going;
872
- memset(&still_going, 0xff, sizeof(still_going));
873
-
874
- for (unsigned i = 0; i < 2 * (N - 1) - 1; i++) {
875
- const vec_t s_a = vec_broadcast_bit(still_going & (f_a[0] & g_a[0]));
876
- const vec_t s_s =
877
- vec_broadcast_bit(still_going & ((f_s[0] ^ g_s[0]) & s_a));
878
- const vec_t should_swap =
879
- (s_s | s_a) & vec_broadcast_bit15(deg_f - deg_g);
880
-
881
- poly3_vec_cswap(f_s, f_a, g_s, g_a, should_swap);
882
- poly3_vec_fmsub(f_s, f_a, g_s, g_a, s_s, s_a);
883
- poly3_vec_rshift1(f_s, f_a);
884
-
885
- poly3_vec_cswap(b_s, b_a, c_s, c_a, should_swap);
886
- poly3_vec_fmsub(b_s, b_a, c_s, c_a, s_s, s_a);
887
- poly3_vec_lshift1(c_s, c_a);
888
-
889
- const vec_t deg_sum = should_swap & (deg_f ^ deg_g);
890
- deg_f ^= deg_sum;
891
- deg_g ^= deg_sum;
892
-
893
- deg_f -= kOne;
894
- still_going &= ~vec_broadcast_bit15(deg_f - kOne);
895
-
896
- const vec_t f0_is_nonzero = vec_broadcast_bit(f_s[0] | f_a[0]);
897
- // |f0_is_nonzero| implies |still_going|.
898
- rotation ^= f0_is_nonzero & (k ^ rotation);
899
- k += kOne;
900
-
901
- const vec_t f0s_sum = f0_is_nonzero & (f_s[0] ^ f0s);
902
- f0s ^= f0s_sum;
903
- const vec_t f0a_sum = f0_is_nonzero & (f_a[0] ^ f0a);
904
- f0a ^= f0a_sum;
905
- }
906
-
907
- crypto_word_t rotation_word = vec_get_word(rotation, 0);
908
- rotation_word -= N & constant_time_lt_w(N, rotation_word);
909
- memcpy(out->s.v, b_s, WORDS_PER_POLY * sizeof(crypto_word_t));
910
- memcpy(out->a.v, b_a, WORDS_PER_POLY * sizeof(crypto_word_t));
911
- assert(poly3_top_bits_are_clear(out));
912
- poly3_rotr_consttime(out, rotation_word);
913
- poly3_mul_const(out, vec_get_word(f0s, 0), vec_get_word(f0a, 0));
914
- poly3_mod_phiN(out);
785
+ vec_t v_s[6], v_a[6], r_s[6], r_a[6], f_s[6], f_a[6], g_s[6], g_a[6];
786
+ // v = 0
787
+ memset(&v_s, 0, sizeof(v_s));
788
+ memset(&v_a, 0, sizeof(v_a));
789
+ // r = 1
790
+ memset(&r_s, 0, sizeof(r_s));
791
+ memset(&r_a, 0, sizeof(r_a));
792
+ r_a[0] = kOne;
793
+ // f = all ones.
794
+ memset(f_s, 0, sizeof(f_s));
795
+ memset(f_a, 0xff, 5 * sizeof(vec_t));
796
+ memcpy(&f_a[5], kBottomSixtyOne, sizeof(kBottomSixtyOne));
797
+ // g is the reversal of |in|.
798
+ struct poly3 in_reversed;
799
+ poly3_reverse_700(&in_reversed, in);
800
+ g_s[5] = kZero;
801
+ memcpy(&g_s, &in_reversed.s.v, WORDS_PER_POLY * sizeof(crypto_word_t));
802
+ g_a[5] = kZero;
803
+ memcpy(&g_a, &in_reversed.a.v, WORDS_PER_POLY * sizeof(crypto_word_t));
804
+
805
+ int delta = 1;
806
+
807
+ for (size_t i = 0; i < (2*(N-1)) - 1; i++) {
808
+ poly3_vec_lshift1(v_s, v_a);
809
+
810
+ const crypto_word_t delta_sign_bit = (delta >> (sizeof(delta) * 8 - 1)) & 1;
811
+ const crypto_word_t delta_is_non_negative = delta_sign_bit - 1;
812
+ const crypto_word_t delta_is_non_zero = ~constant_time_is_zero_w(delta);
813
+ const vec_t g_has_constant_term = vec_broadcast_bit(g_a[0]);
814
+ const vec_t mask_w =
815
+ {delta_is_non_negative & delta_is_non_zero};
816
+ const vec_t mask = vec_broadcast_bit(mask_w) & g_has_constant_term;
817
+
818
+ const vec_t c_a = vec_broadcast_bit(f_a[0] & g_a[0]);
819
+ const vec_t c_s = vec_broadcast_bit((f_s[0] ^ g_s[0]) & c_a);
820
+
821
+ delta = constant_time_select_int(lsb_to_all(mask[0]), -delta, delta);
822
+ delta++;
823
+
824
+ poly3_vec_cswap(f_s, f_a, g_s, g_a, mask);
825
+ poly3_vec_fmsub(g_s, g_a, f_s, f_a, c_s, c_a);
826
+ poly3_vec_rshift1(g_s, g_a);
827
+
828
+ poly3_vec_cswap(v_s, v_a, r_s, r_a, mask);
829
+ poly3_vec_fmsub(r_s, r_a, v_s, v_a, c_s, c_a);
830
+ }
831
+
832
+ assert(delta == 0);
833
+ memcpy(out->s.v, v_s, WORDS_PER_POLY * sizeof(crypto_word_t));
834
+ memcpy(out->a.v, v_a, WORDS_PER_POLY * sizeof(crypto_word_t));
835
+ poly3_mul_const(out, vec_get_word(f_s[0], 0), vec_get_word(f_a[0], 0));
836
+ poly3_reverse_700(out, out);
915
837
  }
916
838
 
917
839
  #endif // HRSS_HAVE_VECTOR_UNIT
@@ -928,71 +850,50 @@ void HRSS_poly3_invert(struct poly3 *out, const struct poly3 *in) {
928
850
  }
929
851
  #endif
930
852
 
931
- // This algorithm mostly follows algorithm 10 in the paper. Some changes:
932
- // 1) k should start at zero, not one. In the code below k is omitted and
933
- // the loop counter, |i|, is used instead.
934
- // 2) The rotation count is conditionally updated to handle trailing zero
935
- // coefficients.
936
- // The best explanation for why it works is in the "Why it works" section of
937
- // [NTRUTN14].
938
-
939
- struct poly3 c, f, g;
940
- OPENSSL_memcpy(&f, in, sizeof(f));
941
-
942
- // Set g to all ones.
943
- OPENSSL_memset(&g.s, 0, sizeof(struct poly2));
944
- OPENSSL_memset(&g.a, 0xff, sizeof(struct poly2));
945
- g.a.v[WORDS_PER_POLY - 1] >>= BITS_PER_WORD - BITS_IN_LAST_WORD;
946
-
947
- struct poly3 *b = out;
948
- poly3_zero(b);
949
- poly3_zero(&c);
950
- // Set b to one.
951
- b->a.v[0] = 1;
952
-
953
- crypto_word_t deg_f = N - 1, deg_g = N - 1, rotation = 0;
954
- crypto_word_t f0s = 0, f0a = 0;
955
- crypto_word_t still_going = CONSTTIME_TRUE_W;
956
-
957
- for (unsigned i = 0; i < 2 * (N - 1) - 1; i++) {
958
- const crypto_word_t s_a = lsb_to_all(
959
- still_going & (f.a.v[0] & g.a.v[0]));
960
- const crypto_word_t s_s = lsb_to_all(
961
- still_going & ((f.s.v[0] ^ g.s.v[0]) & s_a));
962
- const crypto_word_t should_swap =
963
- (s_s | s_a) & constant_time_lt_w(deg_f, deg_g);
964
-
965
- poly3_cswap(&f, &g, should_swap);
966
- poly3_cswap(b, &c, should_swap);
967
-
968
- const crypto_word_t deg_sum = should_swap & (deg_f ^ deg_g);
969
- deg_f ^= deg_sum;
970
- deg_g ^= deg_sum;
971
- assert(deg_g >= 1);
972
-
973
- poly3_fmsub(&f, &g, s_s, s_a);
974
- poly3_fmsub(b, &c, s_s, s_a);
975
- poly3_rshift1(&f);
976
- poly3_lshift1(&c);
977
-
978
- deg_f--;
979
- const crypto_word_t f0_is_nonzero =
980
- lsb_to_all(f.s.v[0]) | lsb_to_all(f.a.v[0]);
981
- // |f0_is_nonzero| implies |still_going|.
982
- assert(!(f0_is_nonzero && !still_going));
983
- still_going &= ~constant_time_is_zero_w(deg_f);
984
-
985
- rotation = constant_time_select_w(f0_is_nonzero, i, rotation);
986
- f0s = constant_time_select_w(f0_is_nonzero, f.s.v[0], f0s);
987
- f0a = constant_time_select_w(f0_is_nonzero, f.a.v[0], f0a);
988
- }
989
-
990
- rotation++;
991
- rotation -= N & constant_time_lt_w(N, rotation);
992
- assert(poly3_top_bits_are_clear(out));
993
- poly3_rotr_consttime(out, rotation);
994
- poly3_mul_const(out, f0s, f0a);
995
- poly3_mod_phiN(out);
853
+ // This algorithm is taken from section 7.1 of [SAFEGCD].
854
+ struct poly3 v, r, f, g;
855
+ // v = 0
856
+ poly3_zero(&v);
857
+ // r = 1
858
+ poly3_zero(&r);
859
+ r.a.v[0] = 1;
860
+ // f = all ones.
861
+ OPENSSL_memset(&f.s, 0, sizeof(struct poly2));
862
+ OPENSSL_memset(&f.a, 0xff, sizeof(struct poly2));
863
+ f.a.v[WORDS_PER_POLY - 1] >>= BITS_PER_WORD - BITS_IN_LAST_WORD;
864
+ // g is the reversal of |in|.
865
+ poly3_reverse_700(&g, in);
866
+ int delta = 1;
867
+
868
+ for (size_t i = 0; i < (2*(N-1)) - 1; i++) {
869
+ poly3_lshift1(&v);
870
+
871
+ const crypto_word_t delta_sign_bit = (delta >> (sizeof(delta) * 8 - 1)) & 1;
872
+ const crypto_word_t delta_is_non_negative = delta_sign_bit - 1;
873
+ const crypto_word_t delta_is_non_zero = ~constant_time_is_zero_w(delta);
874
+ const crypto_word_t g_has_constant_term = lsb_to_all(g.a.v[0]);
875
+ const crypto_word_t mask =
876
+ g_has_constant_term & delta_is_non_negative & delta_is_non_zero;
877
+
878
+ crypto_word_t c_s, c_a;
879
+ poly3_word_mul(&c_s, &c_a, f.s.v[0], f.a.v[0], g.s.v[0], g.a.v[0]);
880
+ c_s = lsb_to_all(c_s);
881
+ c_a = lsb_to_all(c_a);
882
+
883
+ delta = constant_time_select_int(mask, -delta, delta);
884
+ delta++;
885
+
886
+ poly3_cswap(&f, &g, mask);
887
+ poly3_fmsub(&g, &f, c_s, c_a);
888
+ poly3_rshift1(&g);
889
+
890
+ poly3_cswap(&v, &r, mask);
891
+ poly3_fmsub(&r, &v, c_s, c_a);
892
+ }
893
+
894
+ assert(delta == 0);
895
+ poly3_mul_const(&v, f.s.v[0], f.a.v[0]);
896
+ poly3_reverse_700(out, &v);
996
897
  }
997
898
 
998
899
  // Polynomials in Q.
@@ -1600,52 +1501,50 @@ static void poly_from_poly3(struct poly *out, const struct poly3 *in) {
1600
1501
  // Φ(N)), all mod 2. This isn't useful in itself, but is part of doing inversion
1601
1502
  // mod Q.
1602
1503
  static void poly_invert_mod2(struct poly *out, const struct poly *in) {
1603
- // This algorithm follows algorithm 10 in the paper. (Although, in contrast to
1604
- // the paper, k should start at zero, not one, and the rotation count is needs
1605
- // to handle trailing zero coefficients.) The best explanation for why it
1606
- // works is in the "Why it works" section of [NTRUTN14].
1607
-
1608
- struct poly2 b, c, f, g;
1609
- poly2_from_poly(&f, in);
1610
- OPENSSL_memset(&b, 0, sizeof(b));
1611
- b.v[0] = 1;
1612
- OPENSSL_memset(&c, 0, sizeof(c));
1613
-
1614
- // Set g to all ones.
1615
- OPENSSL_memset(&g, 0xff, sizeof(struct poly2));
1616
- g.v[WORDS_PER_POLY - 1] >>= BITS_PER_WORD - BITS_IN_LAST_WORD;
1617
-
1618
- crypto_word_t deg_f = N - 1, deg_g = N - 1, rotation = 0;
1619
- crypto_word_t still_going = CONSTTIME_TRUE_W;
1620
-
1621
- for (unsigned i = 0; i < 2 * (N - 1) - 1; i++) {
1622
- const crypto_word_t s = still_going & lsb_to_all(f.v[0]);
1623
- const crypto_word_t should_swap = s & constant_time_lt_w(deg_f, deg_g);
1624
- poly2_cswap(&f, &g, should_swap);
1625
- poly2_cswap(&b, &c, should_swap);
1626
- const crypto_word_t deg_sum = should_swap & (deg_f ^ deg_g);
1627
- deg_f ^= deg_sum;
1628
- deg_g ^= deg_sum;
1629
- assert(deg_g >= 1);
1630
- poly2_fmadd(&f, &g, s);
1631
- poly2_fmadd(&b, &c, s);
1632
-
1633
- poly2_rshift1(&f);
1634
- poly2_lshift1(&c);
1635
-
1636
- deg_f--;
1637
- const crypto_word_t f0_is_nonzero = lsb_to_all(f.v[0]);
1638
- // |f0_is_nonzero| implies |still_going|.
1639
- assert(!(f0_is_nonzero && !still_going));
1640
- rotation = constant_time_select_w(f0_is_nonzero, i, rotation);
1641
- still_going &= ~constant_time_is_zero_w(deg_f);
1642
- }
1643
-
1644
- rotation++;
1645
- rotation -= N & constant_time_lt_w(N, rotation);
1646
- assert(poly2_top_bits_are_clear(&b));
1647
- HRSS_poly2_rotr_consttime(&b, rotation);
1648
- poly_from_poly2(out, &b);
1504
+ // This algorithm is taken from section 7.1 of [SAFEGCD].
1505
+ struct poly2 v, r, f, g;
1506
+
1507
+ // v = 0
1508
+ poly2_zero(&v);
1509
+ // r = 1
1510
+ poly2_zero(&r);
1511
+ r.v[0] = 1;
1512
+ // f = all ones.
1513
+ OPENSSL_memset(&f, 0xff, sizeof(struct poly2));
1514
+ f.v[WORDS_PER_POLY - 1] >>= BITS_PER_WORD - BITS_IN_LAST_WORD;
1515
+ // g is the reversal of |in|.
1516
+ poly2_from_poly(&g, in);
1517
+ poly2_mod_phiN(&g);
1518
+ poly2_reverse_700(&g, &g);
1519
+ int delta = 1;
1520
+
1521
+ for (size_t i = 0; i < (2*(N-1)) - 1; i++) {
1522
+ poly2_lshift1(&v);
1523
+
1524
+ const crypto_word_t delta_sign_bit = (delta >> (sizeof(delta) * 8 - 1)) & 1;
1525
+ const crypto_word_t delta_is_non_negative = delta_sign_bit - 1;
1526
+ const crypto_word_t delta_is_non_zero = ~constant_time_is_zero_w(delta);
1527
+ const crypto_word_t g_has_constant_term = lsb_to_all(g.v[0]);
1528
+ const crypto_word_t mask =
1529
+ g_has_constant_term & delta_is_non_negative & delta_is_non_zero;
1530
+
1531
+ const crypto_word_t c = lsb_to_all(f.v[0] & g.v[0]);
1532
+
1533
+ delta = constant_time_select_int(mask, -delta, delta);
1534
+ delta++;
1535
+
1536
+ poly2_cswap(&f, &g, mask);
1537
+ poly2_fmadd(&g, &f, c);
1538
+ poly2_rshift1(&g);
1539
+
1540
+ poly2_cswap(&v, &r, mask);
1541
+ poly2_fmadd(&r, &v, c);
1542
+ }
1543
+
1544
+ assert(delta == 0);
1545
+ assert(f.v[0] & 1);
1546
+ poly2_reverse_700(&v, &v);
1547
+ poly_from_poly2(out, &v);
1649
1548
  }
1650
1549
 
1651
1550
  // poly_invert sets |*out| to |in^-1| (i.e. such that |*out|×|in| = 1 mod Φ(N)).