grpc 1.28.0 → 1.30.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +7694 -11190
- data/include/grpc/grpc.h +2 -2
- data/include/grpc/grpc_security.h +22 -9
- data/include/grpc/grpc_security_constants.h +1 -0
- data/include/grpc/impl/codegen/grpc_types.h +19 -21
- data/include/grpc/impl/codegen/port_platform.h +6 -2
- data/include/grpc/module.modulemap +24 -39
- data/src/core/ext/filters/client_channel/backend_metric.cc +7 -4
- data/src/core/ext/filters/client_channel/client_channel.cc +203 -236
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +3 -2
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +7 -22
- data/src/core/ext/filters/client_channel/health/health_check_client.h +3 -3
- data/src/core/ext/filters/client_channel/http_proxy.cc +17 -10
- data/src/core/ext/filters/client_channel/lb_policy.cc +19 -18
- data/src/core/ext/filters/client_channel/lb_policy.h +42 -33
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +83 -0
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +99 -0
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +10 -4
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +240 -301
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +89 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +40 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +11 -9
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +3 -2
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +871 -0
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +5 -11
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +734 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +84 -37
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +938 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +528 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +834 -0
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +6 -2
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +2 -1
- data/src/core/ext/filters/client_channel/parse_address.cc +22 -21
- data/src/core/ext/filters/client_channel/resolver.cc +5 -8
- data/src/core/ext/filters/client_channel/resolver.h +12 -14
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +73 -59
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +35 -35
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +8 -7
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +16 -20
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +72 -117
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +184 -133
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +5 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +7 -4
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +40 -43
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +93 -102
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +0 -4
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +32 -5
- data/src/core/ext/filters/client_channel/resolver_factory.h +2 -2
- data/src/core/ext/filters/client_channel/resolver_registry.cc +6 -3
- data/src/core/ext/filters/client_channel/resolver_registry.h +8 -8
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +16 -16
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +19 -16
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +20 -31
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +4 -3
- data/src/core/ext/filters/client_channel/server_address.cc +6 -9
- data/src/core/ext/filters/client_channel/server_address.h +6 -12
- data/src/core/ext/filters/client_channel/service_config.cc +104 -144
- data/src/core/ext/filters/client_channel/service_config.h +28 -98
- data/src/core/ext/filters/client_channel/service_config_call_data.h +68 -0
- data/src/core/ext/filters/client_channel/service_config_parser.cc +87 -0
- data/src/core/ext/filters/client_channel/service_config_parser.h +89 -0
- data/src/core/ext/filters/client_channel/subchannel.cc +54 -24
- data/src/core/ext/filters/client_channel/subchannel.h +35 -11
- data/src/core/ext/filters/client_channel/xds/xds_api.cc +348 -221
- data/src/core/ext/filters/client_channel/xds/xds_api.h +37 -37
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +44 -49
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +4 -3
- data/src/core/ext/filters/client_channel/xds/xds_channel_secure.cc +4 -2
- data/src/core/ext/filters/client_channel/xds/xds_client.cc +532 -339
- data/src/core/ext/filters/client_channel/xds/xds_client.h +57 -22
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.cc +11 -12
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.h +31 -19
- data/src/core/ext/filters/http/client/http_client_filter.cc +23 -28
- data/src/core/ext/filters/http/client_authority_filter.cc +4 -4
- data/src/core/ext/filters/http/http_filters_plugin.cc +27 -12
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +258 -221
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +358 -0
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.h +29 -0
- data/src/core/ext/filters/message_size/message_size_filter.cc +7 -10
- data/src/core/ext/filters/message_size/message_size_filter.h +4 -4
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +4 -6
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +23 -22
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +1 -0
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +3 -3
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +29 -16
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +2 -2
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +4 -5
- data/src/core/ext/transport/chttp2/transport/huffsyms.h +2 -3
- data/src/core/ext/transport/chttp2/transport/internal.h +14 -21
- data/src/core/ext/transport/chttp2/transport/stream_map.h +2 -3
- data/src/core/ext/transport/chttp2/transport/writing.cc +15 -8
- data/src/core/ext/transport/inproc/inproc_transport.cc +19 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +4 -229
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.h +5 -875
- data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.c +114 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.h +418 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.c +72 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.h +197 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.c +105 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.h +378 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.c +21 -8
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.h +43 -7
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +2 -1
- data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.h +78 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +47 -26
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +115 -65
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.h +72 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +2 -1
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +24 -20
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +28 -13
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +38 -18
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +88 -6
- data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.h +89 -0
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.c +9 -6
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.c +15 -10
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.h +16 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.c +2 -1
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.c +63 -41
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.h +173 -77
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.c +48 -28
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.h +90 -30
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.c +51 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.h +125 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.c +4 -2
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.h +4 -0
- data/src/core/ext/upb-generated/envoy/type/http.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.c +16 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.h +36 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/percent.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/range.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.c +1 -0
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +9 -8
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +30 -24
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +28 -0
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +65 -0
- data/src/core/ext/upb-generated/validate/validate.upb.c +21 -20
- data/src/core/ext/upb-generated/validate/validate.upb.h +69 -63
- data/src/core/lib/channel/channel_args.cc +15 -14
- data/src/core/lib/channel/channel_args.h +3 -1
- data/src/core/lib/channel/channel_stack.h +20 -13
- data/src/core/lib/channel/channelz.cc +5 -6
- data/src/core/lib/channel/channelz.h +3 -2
- data/src/core/lib/channel/channelz_registry.cc +5 -3
- data/src/core/lib/channel/connected_channel.cc +7 -5
- data/src/core/lib/channel/context.h +1 -1
- data/src/core/lib/channel/handshaker.cc +11 -13
- data/src/core/lib/channel/handshaker.h +4 -2
- data/src/core/lib/channel/handshaker_registry.cc +5 -17
- data/src/core/lib/channel/status_util.cc +2 -3
- data/src/core/lib/compression/message_compress.cc +5 -1
- data/src/core/lib/debug/stats.cc +21 -27
- data/src/core/lib/debug/stats.h +3 -1
- data/src/core/lib/gpr/spinlock.h +2 -3
- data/src/core/lib/gpr/string.cc +2 -26
- data/src/core/lib/gpr/string.h +0 -16
- data/src/core/lib/gpr/sync_abseil.cc +2 -0
- data/src/core/lib/gpr/time.cc +4 -0
- data/src/core/lib/gpr/time_posix.cc +1 -1
- data/src/core/lib/gprpp/atomic.h +6 -6
- data/src/core/lib/gprpp/fork.cc +1 -1
- data/src/core/lib/gprpp/host_port.cc +29 -35
- data/src/core/lib/gprpp/host_port.h +14 -17
- data/src/core/lib/gprpp/map.h +5 -11
- data/src/core/lib/gprpp/ref_counted_ptr.h +5 -0
- data/src/core/lib/http/format_request.cc +46 -65
- data/src/core/lib/http/httpcli.cc +2 -3
- data/src/core/lib/http/httpcli.h +2 -3
- data/src/core/lib/http/httpcli_security_connector.cc +5 -5
- data/src/core/lib/http/parser.h +2 -3
- data/src/core/lib/iomgr/buffer_list.h +22 -21
- data/src/core/lib/iomgr/call_combiner.h +3 -2
- data/src/core/lib/iomgr/cfstream_handle.cc +3 -2
- data/src/core/lib/iomgr/closure.h +2 -3
- data/src/core/lib/iomgr/dualstack_socket_posix.cc +47 -0
- data/src/core/lib/iomgr/endpoint_cfstream.cc +2 -3
- data/src/core/lib/iomgr/endpoint_pair.h +2 -3
- data/src/core/lib/iomgr/error.cc +6 -9
- data/src/core/lib/iomgr/error.h +0 -1
- data/src/core/lib/iomgr/ev_apple.cc +356 -0
- data/src/core/lib/iomgr/ev_apple.h +43 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +20 -23
- data/src/core/lib/iomgr/ev_epollex_linux.cc +2 -3
- data/src/core/lib/iomgr/ev_poll_posix.cc +3 -3
- data/src/core/lib/iomgr/ev_posix.cc +2 -3
- data/src/core/lib/iomgr/exec_ctx.h +14 -2
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +84 -20
- data/src/core/lib/iomgr/pollset_set_custom.cc +10 -10
- data/src/core/lib/{gprpp/optional.h → iomgr/pollset_uv.h} +11 -12
- data/src/core/lib/iomgr/port.h +1 -0
- data/src/core/lib/iomgr/python_util.h +46 -0
- data/src/core/lib/iomgr/resolve_address.h +4 -6
- data/src/core/lib/iomgr/resolve_address_custom.cc +29 -39
- data/src/core/lib/iomgr/resolve_address_custom.h +4 -2
- data/src/core/lib/iomgr/resolve_address_posix.cc +10 -11
- data/src/core/lib/iomgr/resolve_address_windows.cc +8 -17
- data/src/core/lib/iomgr/resource_quota.cc +4 -6
- data/src/core/lib/iomgr/sockaddr_utils.cc +23 -29
- data/src/core/lib/iomgr/sockaddr_utils.h +9 -14
- data/src/core/lib/iomgr/socket_factory_posix.h +2 -3
- data/src/core/lib/iomgr/socket_mutator.h +2 -3
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +7 -26
- data/src/core/lib/iomgr/socket_utils_posix.h +3 -0
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +5 -7
- data/src/core/lib/iomgr/tcp_client_posix.cc +8 -5
- data/src/core/lib/iomgr/tcp_client_windows.cc +2 -3
- data/src/core/lib/iomgr/tcp_custom.cc +2 -3
- data/src/core/lib/iomgr/tcp_server_custom.cc +5 -9
- data/src/core/lib/iomgr/tcp_server_posix.cc +5 -4
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +5 -4
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +8 -11
- data/src/core/lib/iomgr/tcp_uv.cc +3 -2
- data/src/core/lib/iomgr/time_averaged_stats.h +2 -3
- data/src/core/lib/iomgr/timer_generic.cc +2 -3
- data/src/core/lib/{gprpp/inlined_vector.h → iomgr/timer_generic.h} +19 -17
- data/src/core/lib/iomgr/timer_heap.h +2 -3
- data/src/core/lib/iomgr/udp_server.cc +9 -14
- data/src/core/lib/json/json.h +3 -2
- data/src/core/lib/json/json_reader.cc +5 -5
- data/src/core/lib/json/json_writer.cc +13 -12
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +12 -0
- data/src/core/lib/security/credentials/composite/composite_credentials.h +6 -3
- data/src/core/lib/security/credentials/credentials.cc +0 -84
- data/src/core/lib/security/credentials/credentials.h +8 -59
- data/src/core/lib/security/credentials/fake/fake_credentials.h +4 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +3 -8
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +8 -6
- data/src/core/lib/security/credentials/iam/iam_credentials.h +4 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +1 -1
- data/src/core/lib/security/credentials/jwt/json_token.h +2 -5
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +12 -0
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +8 -15
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +2 -3
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +55 -27
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +9 -3
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +13 -0
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +23 -13
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +38 -11
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +21 -6
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +7 -7
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +3 -2
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/security_connector.h +1 -1
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +20 -25
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +4 -6
- data/src/core/lib/security/security_connector/ssl_utils.cc +59 -12
- data/src/core/lib/security/security_connector/ssl_utils.h +12 -10
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +77 -51
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +27 -5
- data/src/core/lib/security/transport/client_auth_filter.cc +1 -2
- data/src/core/lib/slice/slice_intern.cc +2 -3
- data/src/core/lib/slice/slice_internal.h +14 -0
- data/src/core/lib/slice/slice_utils.h +9 -0
- data/src/core/lib/surface/byte_buffer_reader.cc +2 -47
- data/src/core/lib/surface/call.cc +2 -3
- data/src/core/lib/surface/call_log_batch.cc +50 -58
- data/src/core/lib/surface/channel.cc +53 -31
- data/src/core/lib/surface/channel.h +35 -4
- data/src/core/lib/surface/channel_ping.cc +2 -3
- data/src/core/lib/surface/completion_queue.cc +33 -33
- data/src/core/lib/surface/event_string.cc +18 -25
- data/src/core/lib/surface/event_string.h +3 -1
- data/src/core/lib/surface/init_secure.cc +1 -4
- data/src/core/lib/surface/server.cc +570 -369
- data/src/core/lib/surface/server.h +32 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/byte_stream.h +7 -2
- data/src/core/lib/transport/connectivity_state.cc +7 -6
- data/src/core/lib/transport/connectivity_state.h +5 -3
- data/src/core/lib/transport/metadata.cc +3 -3
- data/src/core/lib/transport/metadata_batch.h +2 -3
- data/src/core/lib/transport/static_metadata.h +1 -1
- data/src/core/lib/transport/status_conversion.cc +6 -14
- data/src/core/lib/transport/transport.cc +2 -3
- data/src/core/lib/transport/transport.h +3 -2
- data/src/core/lib/transport/transport_op_string.cc +61 -102
- data/src/core/lib/uri/uri_parser.h +2 -3
- data/src/core/plugin_registry/grpc_plugin_registry.cc +20 -4
- data/src/core/tsi/alts/crypt/aes_gcm.cc +0 -2
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +8 -1
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +8 -4
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +32 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +9 -1
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +2 -3
- data/src/core/tsi/fake_transport_security.cc +10 -15
- data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +0 -2
- data/src/core/tsi/ssl_transport_security.cc +52 -39
- data/src/core/tsi/ssl_transport_security.h +8 -8
- data/src/core/tsi/ssl_types.h +0 -2
- data/src/core/tsi/transport_security.h +6 -9
- data/src/core/tsi/transport_security_grpc.h +2 -3
- data/src/core/tsi/transport_security_interface.h +3 -3
- data/src/ruby/ext/grpc/rb_call.c +9 -1
- data/src/ruby/lib/grpc/errors.rb +103 -42
- data/src/ruby/lib/grpc/generic/active_call.rb +2 -3
- data/src/ruby/lib/grpc/generic/interceptors.rb +4 -4
- data/src/ruby/lib/grpc/generic/rpc_server.rb +9 -10
- data/src/ruby/lib/grpc/generic/service.rb +5 -4
- data/src/ruby/lib/grpc/structs.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/generate_proto_ruby.sh +5 -3
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +11 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +16 -0
- data/src/ruby/spec/debug_message_spec.rb +134 -0
- data/src/ruby/spec/generic/service_spec.rb +2 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_ruby_style.proto +5 -0
- data/src/ruby/spec/pb/codegen/package_option_spec.rb +2 -0
- data/src/ruby/spec/testdata/ca.pem +18 -13
- data/src/ruby/spec/testdata/client.key +26 -14
- data/src/ruby/spec/testdata/client.pem +18 -12
- data/src/ruby/spec/testdata/server1.key +26 -14
- data/src/ruby/spec/testdata/server1.pem +20 -14
- data/third_party/abseil-cpp/absl/time/civil_time.cc +175 -0
- data/third_party/abseil-cpp/absl/time/civil_time.h +538 -0
- data/third_party/abseil-cpp/absl/time/clock.cc +569 -0
- data/third_party/abseil-cpp/absl/time/clock.h +74 -0
- data/third_party/abseil-cpp/absl/time/duration.cc +922 -0
- data/third_party/abseil-cpp/absl/time/format.cc +153 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time.h +332 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +622 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +384 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +102 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/civil_time_detail.cc +94 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +140 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.h +52 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +922 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +45 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.h +76 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +121 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +93 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +958 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +138 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +308 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +55 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +187 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +159 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.h +132 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +122 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +115 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_chrono.inc +31 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_posix.inc +24 -0
- data/third_party/abseil-cpp/absl/time/time.cc +499 -0
- data/third_party/abseil-cpp/absl/time/time.h +1584 -0
- data/third_party/boringssl-with-bazel/err_data.c +329 -297
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +7 -5
- data/third_party/boringssl-with-bazel/src/crypto/cpu-intel.c +13 -4
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +11 -0
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519.c +18 -26
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519_tables.h +13 -21
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/internal.h +14 -22
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/dh/dh.c +15 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +10 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +425 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +78 -0
- data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +33 -32
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +14 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +30 -154
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +289 -117
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +13 -27
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +96 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +25 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +432 -160
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +63 -71
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +5 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64-table.h +9481 -9485
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.c +80 -99
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +736 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +297 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +90 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +125 -148
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +189 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +61 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +20 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +137 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +49 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +64 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +41 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +32 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +24 -114
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +51 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +15 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +44 -35
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +29 -12
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +15 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +6 -10
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +278 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +1474 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +720 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +4 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +5 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +9 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +20 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +16 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +2 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +3 -17
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +31 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +26 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +172 -77
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +291 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +5 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +1 -0
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +0 -4
- data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +3 -3
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +13 -4
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +146 -57
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +14 -3
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +28 -20
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +12 -4
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +64 -47
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +10 -10
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +21 -21
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +29 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +4 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +6 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +13 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +64 -5
- data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +6 -0
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +6 -2
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +47 -53
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +98 -27
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +23 -75
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +50 -20
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +63 -25
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +245 -175
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +135 -75
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1593 -1672
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +512 -503
- metadata +111 -37
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +0 -1754
- data/src/core/lib/gprpp/string_view.h +0 -60
- data/src/core/tsi/grpc_shadow_boringssl.h +0 -3311
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256.c +0 -1063
@@ -0,0 +1,78 @@
|
|
1
|
+
/* Copyright (c) 2020, Google Inc.
|
2
|
+
*
|
3
|
+
* Permission to use, copy, modify, and/or distribute this software for any
|
4
|
+
* purpose with or without fee is hereby granted, provided that the above
|
5
|
+
* copyright notice and this permission notice appear in all copies.
|
6
|
+
*
|
7
|
+
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
8
|
+
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
9
|
+
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
|
10
|
+
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
11
|
+
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
|
12
|
+
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
13
|
+
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
|
14
|
+
|
15
|
+
#ifndef OPENSSL_HEADER_EC_EXTRA_INTERNAL_H
|
16
|
+
#define OPENSSL_HEADER_EC_EXTRA_INTERNAL_H
|
17
|
+
|
18
|
+
#include <openssl/ec.h>
|
19
|
+
|
20
|
+
#include "../fipsmodule/ec/internal.h"
|
21
|
+
|
22
|
+
#if defined(__cplusplus)
|
23
|
+
extern "C" {
|
24
|
+
#endif
|
25
|
+
|
26
|
+
|
27
|
+
// Hash-to-curve.
|
28
|
+
//
|
29
|
+
// The following functions implement primitives from
|
30
|
+
// draft-irtf-cfrg-hash-to-curve. The |dst| parameter in each function is the
|
31
|
+
// domain separation tag and must be unique for each protocol and between the
|
32
|
+
// |hash_to_curve| and |hash_to_scalar| variants. See section 3.1 of the spec
|
33
|
+
// for additional guidance on this parameter.
|
34
|
+
|
35
|
+
// ec_hash_to_curve_p384_xmd_sha512_sswu_draft07 hashes |msg| to a point on
|
36
|
+
// |group| and writes the result to |out|, implementing the
|
37
|
+
// P384_XMD:SHA-512_SSWU_RO_ suite from draft-irtf-cfrg-hash-to-curve-07. It
|
38
|
+
// returns one on success and zero on error.
|
39
|
+
OPENSSL_EXPORT int ec_hash_to_curve_p384_xmd_sha512_sswu_draft07(
|
40
|
+
const EC_GROUP *group, EC_RAW_POINT *out, const uint8_t *dst,
|
41
|
+
size_t dst_len, const uint8_t *msg, size_t msg_len);
|
42
|
+
|
43
|
+
// ec_hash_to_scalar_p384_xmd_sha512_draft07 hashes |msg| to a scalar on |group|
|
44
|
+
// and writes the result to |out|, using the hash_to_field operation from the
|
45
|
+
// P384_XMD:SHA-512_SSWU_RO_ suite from draft-irtf-cfrg-hash-to-curve-07, but
|
46
|
+
// generating a value modulo the group order rather than a field element.
|
47
|
+
OPENSSL_EXPORT int ec_hash_to_scalar_p384_xmd_sha512_draft07(
|
48
|
+
const EC_GROUP *group, EC_SCALAR *out, const uint8_t *dst, size_t dst_len,
|
49
|
+
const uint8_t *msg, size_t msg_len);
|
50
|
+
|
51
|
+
// ec_hash_to_curve_p521_xmd_sha512_sswu_draft06 hashes |msg| to a point on
|
52
|
+
// |group| and writes the result to |out|, implementing the
|
53
|
+
// P521_XMD:SHA-512_SSWU_RO_ suite from draft-irtf-cfrg-hash-to-curve-06. It
|
54
|
+
// returns one on success and zero on error.
|
55
|
+
//
|
56
|
+
// This function implements an older version of the draft and should not be used
|
57
|
+
// in new code.
|
58
|
+
OPENSSL_EXPORT int ec_hash_to_curve_p521_xmd_sha512_sswu_draft06(
|
59
|
+
const EC_GROUP *group, EC_RAW_POINT *out, const uint8_t *dst,
|
60
|
+
size_t dst_len, const uint8_t *msg, size_t msg_len);
|
61
|
+
|
62
|
+
// ec_hash_to_scalar_p521_xmd_sha512_draft06 hashes |msg| to a scalar on |group|
|
63
|
+
// and writes the result to |out|, using the hash_to_field operation from the
|
64
|
+
// P521_XMD:SHA-512_SSWU_RO_ suite from draft-irtf-cfrg-hash-to-curve-06, but
|
65
|
+
// generating a value modulo the group order rather than a field element.
|
66
|
+
//
|
67
|
+
// This function implements an older version of the draft and should not be used
|
68
|
+
// in new code.
|
69
|
+
OPENSSL_EXPORT int ec_hash_to_scalar_p521_xmd_sha512_draft06(
|
70
|
+
const EC_GROUP *group, EC_SCALAR *out, const uint8_t *dst, size_t dst_len,
|
71
|
+
const uint8_t *msg, size_t msg_len);
|
72
|
+
|
73
|
+
|
74
|
+
#if defined(__cplusplus)
|
75
|
+
} // extern C
|
76
|
+
#endif
|
77
|
+
|
78
|
+
#endif // OPENSSL_HEADER_EC_EXTRA_INTERNAL_H
|
@@ -96,8 +96,8 @@ int ECDH_compute_key(void *out, size_t out_len, const EC_POINT *pub_key,
|
|
96
96
|
uint8_t buf[EC_MAX_BYTES];
|
97
97
|
size_t buf_len;
|
98
98
|
if (!ec_point_mul_scalar(group, &shared_point, &pub_key->raw, priv) ||
|
99
|
-
!
|
100
|
-
|
99
|
+
!ec_get_x_coordinate_as_bytes(group, buf, &buf_len, sizeof(buf),
|
100
|
+
&shared_point)) {
|
101
101
|
OPENSSL_PUT_ERROR(ECDH, ECDH_R_POINT_ARITHMETIC_FAILURE);
|
102
102
|
return -1;
|
103
103
|
}
|
@@ -495,38 +495,39 @@ static const char *err_string_lookup(uint32_t lib, uint32_t key,
|
|
495
495
|
|
496
496
|
static const char *const kLibraryNames[ERR_NUM_LIBS] = {
|
497
497
|
"invalid library (0)",
|
498
|
-
"unknown library",
|
499
|
-
"system library",
|
500
|
-
"bignum routines",
|
501
|
-
"RSA routines",
|
502
|
-
"Diffie-Hellman routines",
|
503
|
-
"public key routines",
|
504
|
-
"memory buffer routines",
|
505
|
-
"object identifier routines",
|
506
|
-
"PEM routines",
|
507
|
-
"DSA routines",
|
508
|
-
"X.509 certificate routines",
|
509
|
-
"ASN.1 encoding routines",
|
510
|
-
"configuration file routines",
|
511
|
-
"common libcrypto routines",
|
512
|
-
"elliptic curve routines",
|
513
|
-
"SSL routines",
|
514
|
-
"BIO routines",
|
515
|
-
"PKCS7 routines",
|
516
|
-
"PKCS8 routines",
|
517
|
-
"X509 V3 routines",
|
518
|
-
"random number generator",
|
519
|
-
"ENGINE routines",
|
520
|
-
"OCSP routines",
|
521
|
-
"UI routines",
|
522
|
-
"COMP routines",
|
523
|
-
"ECDSA routines",
|
524
|
-
"ECDH routines",
|
525
|
-
"HMAC routines",
|
526
|
-
"Digest functions",
|
527
|
-
"Cipher functions",
|
528
|
-
"HKDF functions",
|
529
|
-
"
|
498
|
+
"unknown library", // ERR_LIB_NONE
|
499
|
+
"system library", // ERR_LIB_SYS
|
500
|
+
"bignum routines", // ERR_LIB_BN
|
501
|
+
"RSA routines", // ERR_LIB_RSA
|
502
|
+
"Diffie-Hellman routines", // ERR_LIB_DH
|
503
|
+
"public key routines", // ERR_LIB_EVP
|
504
|
+
"memory buffer routines", // ERR_LIB_BUF
|
505
|
+
"object identifier routines", // ERR_LIB_OBJ
|
506
|
+
"PEM routines", // ERR_LIB_PEM
|
507
|
+
"DSA routines", // ERR_LIB_DSA
|
508
|
+
"X.509 certificate routines", // ERR_LIB_X509
|
509
|
+
"ASN.1 encoding routines", // ERR_LIB_ASN1
|
510
|
+
"configuration file routines", // ERR_LIB_CONF
|
511
|
+
"common libcrypto routines", // ERR_LIB_CRYPTO
|
512
|
+
"elliptic curve routines", // ERR_LIB_EC
|
513
|
+
"SSL routines", // ERR_LIB_SSL
|
514
|
+
"BIO routines", // ERR_LIB_BIO
|
515
|
+
"PKCS7 routines", // ERR_LIB_PKCS7
|
516
|
+
"PKCS8 routines", // ERR_LIB_PKCS8
|
517
|
+
"X509 V3 routines", // ERR_LIB_X509V3
|
518
|
+
"random number generator", // ERR_LIB_RAND
|
519
|
+
"ENGINE routines", // ERR_LIB_ENGINE
|
520
|
+
"OCSP routines", // ERR_LIB_OCSP
|
521
|
+
"UI routines", // ERR_LIB_UI
|
522
|
+
"COMP routines", // ERR_LIB_COMP
|
523
|
+
"ECDSA routines", // ERR_LIB_ECDSA
|
524
|
+
"ECDH routines", // ERR_LIB_ECDH
|
525
|
+
"HMAC routines", // ERR_LIB_HMAC
|
526
|
+
"Digest functions", // ERR_LIB_DIGEST
|
527
|
+
"Cipher functions", // ERR_LIB_CIPHER
|
528
|
+
"HKDF functions", // ERR_LIB_HKDF
|
529
|
+
"Trust Token functions", // ERR_LIB_TRUST_TOKEN
|
530
|
+
"User defined functions", // ERR_LIB_USER
|
530
531
|
};
|
531
532
|
|
532
533
|
const char *ERR_lib_error_string(uint32_t packed_error) {
|
@@ -472,7 +472,7 @@ static void aes_nohw_transpose(AES_NOHW_BATCH *batch) {
|
|
472
472
|
// |num_blocks| must be at most |AES_NOHW_BATCH|.
|
473
473
|
static void aes_nohw_to_batch(AES_NOHW_BATCH *out, const uint8_t *in,
|
474
474
|
size_t num_blocks) {
|
475
|
-
// Don't leave unused blocks
|
475
|
+
// Don't leave unused blocks uninitialized.
|
476
476
|
memset(out, 0, sizeof(AES_NOHW_BATCH));
|
477
477
|
assert(num_blocks <= AES_NOHW_BATCH_SIZE);
|
478
478
|
for (size_t i = 0; i < num_blocks; i++) {
|
@@ -70,7 +70,7 @@
|
|
70
70
|
#include "ec/felem.c"
|
71
71
|
#include "ec/oct.c"
|
72
72
|
#include "ec/p224-64.c"
|
73
|
-
#include "
|
73
|
+
#include "ec/p256.c"
|
74
74
|
#include "ec/p256-x86_64.c"
|
75
75
|
#include "ec/scalar.c"
|
76
76
|
#include "ec/simple.c"
|
@@ -88,6 +88,7 @@
|
|
88
88
|
#include "modes/ofb.c"
|
89
89
|
#include "modes/polyval.c"
|
90
90
|
#include "rand/ctrdrbg.c"
|
91
|
+
#include "rand/fork_detect.c"
|
91
92
|
#include "rand/rand.c"
|
92
93
|
#include "rand/urandom.c"
|
93
94
|
#include "rsa/blinding.c"
|
@@ -732,7 +732,7 @@ void bn_mod_exp_mont_small(BN_ULONG *r, const BN_ULONG *a, size_t num,
|
|
732
732
|
num_p--;
|
733
733
|
}
|
734
734
|
if (num_p == 0) {
|
735
|
-
bn_from_montgomery_small(r, mont->RR.d, num, mont);
|
735
|
+
bn_from_montgomery_small(r, num, mont->RR.d, num, mont);
|
736
736
|
return;
|
737
737
|
}
|
738
738
|
unsigned bits = BN_num_bits_word(p[num_p - 1]) + (num_p - 1) * BN_BITS2;
|
@@ -809,8 +809,8 @@ void bn_mod_exp_mont_small(BN_ULONG *r, const BN_ULONG *a, size_t num,
|
|
809
809
|
OPENSSL_cleanse(val, sizeof(val));
|
810
810
|
}
|
811
811
|
|
812
|
-
void
|
813
|
-
|
812
|
+
void bn_mod_inverse0_prime_mont_small(BN_ULONG *r, const BN_ULONG *a,
|
813
|
+
size_t num, const BN_MONT_CTX *mont) {
|
814
814
|
if (num != (size_t)mont->N.width || num > BN_SMALL_MAX_WORDS) {
|
815
815
|
abort();
|
816
816
|
}
|
@@ -647,10 +647,13 @@ void bn_to_montgomery_small(BN_ULONG *r, const BN_ULONG *a, size_t num,
|
|
647
647
|
const BN_MONT_CTX *mont);
|
648
648
|
|
649
649
|
// bn_from_montgomery_small sets |r| to |a| translated out of the Montgomery
|
650
|
-
// domain. |r| and |a| are |
|
651
|
-
// must be
|
652
|
-
|
653
|
-
|
650
|
+
// domain. |r| and |a| are |num_r| and |num_a| words long, respectively. |num_r|
|
651
|
+
// must be |mont->N.width|. |a| must be at most |mont->N|^2 and may alias |r|.
|
652
|
+
//
|
653
|
+
// Unlike most of these functions, only |num_r| is bounded by
|
654
|
+
// |BN_SMALL_MAX_WORDS|. |num_a| may exceed it, but must be at most 2 * |num_r|.
|
655
|
+
void bn_from_montgomery_small(BN_ULONG *r, size_t num_r, const BN_ULONG *a,
|
656
|
+
size_t num_a, const BN_MONT_CTX *mont);
|
654
657
|
|
655
658
|
// bn_mod_mul_montgomery_small sets |r| to |a| * |b| mod |mont->N|. Both inputs
|
656
659
|
// and outputs are in the Montgomery domain. Each array is |num| words long,
|
@@ -675,13 +678,13 @@ void bn_mod_exp_mont_small(BN_ULONG *r, const BN_ULONG *a, size_t num,
|
|
675
678
|
const BN_ULONG *p, size_t num_p,
|
676
679
|
const BN_MONT_CTX *mont);
|
677
680
|
|
678
|
-
//
|
679
|
-
// must be a prime. |r| and |a| are |num|
|
680
|
-
// |mont->N.width| and at most |BN_SMALL_MAX_WORDS|.
|
681
|
-
// and may alias |r|. This function runs in time
|
682
|
-
// |mont->N| is a public value.
|
683
|
-
void
|
684
|
-
|
681
|
+
// bn_mod_inverse0_prime_mont_small sets |r| to |a|^-1 mod |mont->N|. If |a| is
|
682
|
+
// zero, |r| is set to zero. |mont->N| must be a prime. |r| and |a| are |num|
|
683
|
+
// words long, which must be |mont->N.width| and at most |BN_SMALL_MAX_WORDS|.
|
684
|
+
// |a| must be fully-reduced and may alias |r|. This function runs in time
|
685
|
+
// independent of |a|, but |mont->N| is a public value.
|
686
|
+
void bn_mod_inverse0_prime_mont_small(BN_ULONG *r, const BN_ULONG *a,
|
687
|
+
size_t num, const BN_MONT_CTX *mont);
|
685
688
|
|
686
689
|
|
687
690
|
#if defined(__cplusplus)
|
@@ -455,18 +455,18 @@ void bn_to_montgomery_small(BN_ULONG *r, const BN_ULONG *a, size_t num,
|
|
455
455
|
bn_mod_mul_montgomery_small(r, a, mont->RR.d, num, mont);
|
456
456
|
}
|
457
457
|
|
458
|
-
void bn_from_montgomery_small(BN_ULONG *r, const BN_ULONG *a,
|
459
|
-
const BN_MONT_CTX *mont) {
|
460
|
-
if (
|
458
|
+
void bn_from_montgomery_small(BN_ULONG *r, size_t num_r, const BN_ULONG *a,
|
459
|
+
size_t num_a, const BN_MONT_CTX *mont) {
|
460
|
+
if (num_r != (size_t)mont->N.width || num_r > BN_SMALL_MAX_WORDS ||
|
461
|
+
num_a > 2 * num_r) {
|
461
462
|
abort();
|
462
463
|
}
|
463
|
-
BN_ULONG tmp[BN_SMALL_MAX_WORDS * 2];
|
464
|
-
OPENSSL_memcpy(tmp, a,
|
465
|
-
|
466
|
-
if (!bn_from_montgomery_in_place(r, num, tmp, 2 * num, mont)) {
|
464
|
+
BN_ULONG tmp[BN_SMALL_MAX_WORDS * 2] = {0};
|
465
|
+
OPENSSL_memcpy(tmp, a, num_a * sizeof(BN_ULONG));
|
466
|
+
if (!bn_from_montgomery_in_place(r, num_r, tmp, 2 * num_r, mont)) {
|
467
467
|
abort();
|
468
468
|
}
|
469
|
-
OPENSSL_cleanse(tmp, 2 *
|
469
|
+
OPENSSL_cleanse(tmp, 2 * num_r * sizeof(BN_ULONG));
|
470
470
|
}
|
471
471
|
|
472
472
|
void bn_mod_mul_montgomery_small(BN_ULONG *r, const BN_ULONG *a,
|
@@ -119,26 +119,20 @@ static void bn_mul_normal(BN_ULONG *r, const BN_ULONG *a, size_t na,
|
|
119
119
|
}
|
120
120
|
}
|
121
121
|
|
122
|
-
|
123
|
-
//
|
124
|
-
//
|
125
|
-
//
|
126
|
-
//
|
127
|
-
//
|
128
|
-
//
|
129
|
-
//
|
130
|
-
// in bn_asm.c as soon as there are assembler counterparts for the systems that
|
131
|
-
// use assembler files.
|
132
|
-
|
122
|
+
// bn_sub_part_words sets |r| to |a| - |b|. It returns the borrow bit, which is
|
123
|
+
// one if the operation underflowed and zero otherwise. |cl| is the common
|
124
|
+
// length, that is, the shorter of len(a) or len(b). |dl| is the delta length,
|
125
|
+
// that is, len(a) - len(b). |r|'s length matches the larger of |a| and |b|, or
|
126
|
+
// cl + abs(dl).
|
127
|
+
//
|
128
|
+
// TODO(davidben): Make this take |size_t|. The |cl| + |dl| calling convention
|
129
|
+
// is confusing.
|
133
130
|
static BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a,
|
134
131
|
const BN_ULONG *b, int cl, int dl) {
|
135
|
-
BN_ULONG c, t;
|
136
|
-
|
137
132
|
assert(cl >= 0);
|
138
|
-
|
139
|
-
|
133
|
+
BN_ULONG borrow = bn_sub_words(r, a, b, cl);
|
140
134
|
if (dl == 0) {
|
141
|
-
return
|
135
|
+
return borrow;
|
142
136
|
}
|
143
137
|
|
144
138
|
r += cl;
|
@@ -146,147 +140,26 @@ static BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a,
|
|
146
140
|
b += cl;
|
147
141
|
|
148
142
|
if (dl < 0) {
|
149
|
-
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
if (++dl >= 0) {
|
156
|
-
break;
|
157
|
-
}
|
158
|
-
|
159
|
-
t = b[1];
|
160
|
-
r[1] = 0 - t - c;
|
161
|
-
if (t != 0) {
|
162
|
-
c = 1;
|
163
|
-
}
|
164
|
-
if (++dl >= 0) {
|
165
|
-
break;
|
166
|
-
}
|
167
|
-
|
168
|
-
t = b[2];
|
169
|
-
r[2] = 0 - t - c;
|
170
|
-
if (t != 0) {
|
171
|
-
c = 1;
|
172
|
-
}
|
173
|
-
if (++dl >= 0) {
|
174
|
-
break;
|
175
|
-
}
|
176
|
-
|
177
|
-
t = b[3];
|
178
|
-
r[3] = 0 - t - c;
|
179
|
-
if (t != 0) {
|
180
|
-
c = 1;
|
181
|
-
}
|
182
|
-
if (++dl >= 0) {
|
183
|
-
break;
|
184
|
-
}
|
185
|
-
|
186
|
-
b += 4;
|
187
|
-
r += 4;
|
143
|
+
// |a| is shorter than |b|. Complete the subtraction as if the excess words
|
144
|
+
// in |a| were zeros.
|
145
|
+
dl = -dl;
|
146
|
+
for (int i = 0; i < dl; i++) {
|
147
|
+
r[i] = 0u - b[i] - borrow;
|
148
|
+
borrow |= r[i] != 0;
|
188
149
|
}
|
189
150
|
} else {
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
r
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
if (--dl <= 0) {
|
198
|
-
break;
|
199
|
-
}
|
200
|
-
|
201
|
-
t = a[1];
|
202
|
-
r[1] = t - c;
|
203
|
-
if (t != 0) {
|
204
|
-
c = 0;
|
205
|
-
}
|
206
|
-
if (--dl <= 0) {
|
207
|
-
break;
|
208
|
-
}
|
209
|
-
|
210
|
-
t = a[2];
|
211
|
-
r[2] = t - c;
|
212
|
-
if (t != 0) {
|
213
|
-
c = 0;
|
214
|
-
}
|
215
|
-
if (--dl <= 0) {
|
216
|
-
break;
|
217
|
-
}
|
218
|
-
|
219
|
-
t = a[3];
|
220
|
-
r[3] = t - c;
|
221
|
-
if (t != 0) {
|
222
|
-
c = 0;
|
223
|
-
}
|
224
|
-
if (--dl <= 0) {
|
225
|
-
break;
|
226
|
-
}
|
227
|
-
|
228
|
-
save_dl = dl;
|
229
|
-
a += 4;
|
230
|
-
r += 4;
|
231
|
-
}
|
232
|
-
if (dl > 0) {
|
233
|
-
if (save_dl > dl) {
|
234
|
-
switch (save_dl - dl) {
|
235
|
-
case 1:
|
236
|
-
r[1] = a[1];
|
237
|
-
if (--dl <= 0) {
|
238
|
-
break;
|
239
|
-
}
|
240
|
-
OPENSSL_FALLTHROUGH;
|
241
|
-
case 2:
|
242
|
-
r[2] = a[2];
|
243
|
-
if (--dl <= 0) {
|
244
|
-
break;
|
245
|
-
}
|
246
|
-
OPENSSL_FALLTHROUGH;
|
247
|
-
case 3:
|
248
|
-
r[3] = a[3];
|
249
|
-
if (--dl <= 0) {
|
250
|
-
break;
|
251
|
-
}
|
252
|
-
}
|
253
|
-
a += 4;
|
254
|
-
r += 4;
|
255
|
-
}
|
256
|
-
}
|
257
|
-
|
258
|
-
if (dl > 0) {
|
259
|
-
for (;;) {
|
260
|
-
r[0] = a[0];
|
261
|
-
if (--dl <= 0) {
|
262
|
-
break;
|
263
|
-
}
|
264
|
-
r[1] = a[1];
|
265
|
-
if (--dl <= 0) {
|
266
|
-
break;
|
267
|
-
}
|
268
|
-
r[2] = a[2];
|
269
|
-
if (--dl <= 0) {
|
270
|
-
break;
|
271
|
-
}
|
272
|
-
r[3] = a[3];
|
273
|
-
if (--dl <= 0) {
|
274
|
-
break;
|
275
|
-
}
|
276
|
-
|
277
|
-
a += 4;
|
278
|
-
r += 4;
|
279
|
-
}
|
151
|
+
// |b| is shorter than |a|. Complete the subtraction as if the excess words
|
152
|
+
// in |b| were zeros.
|
153
|
+
for (int i = 0; i < dl; i++) {
|
154
|
+
// |r| and |a| may alias, so use a temporary.
|
155
|
+
BN_ULONG tmp = a[i];
|
156
|
+
r[i] = a[i] - borrow;
|
157
|
+
borrow = tmp < r[i];
|
280
158
|
}
|
281
159
|
}
|
282
160
|
|
283
|
-
return
|
161
|
+
return borrow;
|
284
162
|
}
|
285
|
-
#else
|
286
|
-
// On other platforms the function is defined in asm.
|
287
|
-
BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
|
288
|
-
int cl, int dl);
|
289
|
-
#endif
|
290
163
|
|
291
164
|
// bn_abs_sub_part_words computes |r| = |a| - |b|, storing the absolute value
|
292
165
|
// and returning a mask of all ones if the result was negative and all zeros if
|
@@ -294,8 +167,7 @@ BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
|
|
294
167
|
// convention.
|
295
168
|
//
|
296
169
|
// TODO(davidben): Make this take |size_t|. The |cl| + |dl| calling convention
|
297
|
-
// is confusing.
|
298
|
-
// assembly, but we can probably just delete it?
|
170
|
+
// is confusing.
|
299
171
|
static BN_ULONG bn_abs_sub_part_words(BN_ULONG *r, const BN_ULONG *a,
|
300
172
|
const BN_ULONG *b, int cl, int dl,
|
301
173
|
BN_ULONG *tmp) {
|
@@ -583,7 +455,7 @@ static int bn_mul_impl(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
|
583
455
|
static const int kMulNormalSize = 16;
|
584
456
|
if (al >= kMulNormalSize && bl >= kMulNormalSize) {
|
585
457
|
if (-1 <= i && i <= 1) {
|
586
|
-
// Find the
|
458
|
+
// Find the largest power of two less than or equal to the larger length.
|
587
459
|
int j;
|
588
460
|
if (i >= 0) {
|
589
461
|
j = BN_num_bits_word((BN_ULONG)al);
|
@@ -599,6 +471,10 @@ static int bn_mul_impl(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
|
599
471
|
if (al > j || bl > j) {
|
600
472
|
// We know |al| and |bl| are at most one from each other, so if al > j,
|
601
473
|
// bl >= j, and vice versa. Thus we can use |bn_mul_part_recursive|.
|
474
|
+
//
|
475
|
+
// TODO(davidben): This codepath is almost unused in standard
|
476
|
+
// algorithms. Is this optimization necessary? See notes in
|
477
|
+
// https://boringssl-review.googlesource.com/q/I0bd604e2cd6a75c266f64476c23a730ca1721ea6
|
602
478
|
assert(al >= j && bl >= j);
|
603
479
|
if (!bn_wexpand(t, j * 8) ||
|
604
480
|
!bn_wexpand(rr, j * 4)) {
|