grpc 1.28.0 → 1.30.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (497) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +7694 -11190
  3. data/include/grpc/grpc.h +2 -2
  4. data/include/grpc/grpc_security.h +22 -9
  5. data/include/grpc/grpc_security_constants.h +1 -0
  6. data/include/grpc/impl/codegen/grpc_types.h +19 -21
  7. data/include/grpc/impl/codegen/port_platform.h +6 -2
  8. data/include/grpc/module.modulemap +24 -39
  9. data/src/core/ext/filters/client_channel/backend_metric.cc +7 -4
  10. data/src/core/ext/filters/client_channel/client_channel.cc +203 -236
  11. data/src/core/ext/filters/client_channel/client_channel_plugin.cc +3 -2
  12. data/src/core/ext/filters/client_channel/health/health_check_client.cc +7 -22
  13. data/src/core/ext/filters/client_channel/health/health_check_client.h +3 -3
  14. data/src/core/ext/filters/client_channel/http_proxy.cc +17 -10
  15. data/src/core/ext/filters/client_channel/lb_policy.cc +19 -18
  16. data/src/core/ext/filters/client_channel/lb_policy.h +42 -33
  17. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +83 -0
  18. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +99 -0
  19. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +10 -4
  20. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +240 -301
  21. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +89 -0
  22. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +40 -0
  23. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +11 -9
  24. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +3 -2
  25. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +871 -0
  26. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +1 -1
  27. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +5 -11
  28. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +734 -0
  29. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +84 -37
  30. data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +938 -0
  31. data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +528 -0
  32. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +1 -2
  33. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +834 -0
  34. data/src/core/ext/filters/client_channel/lb_policy_registry.cc +6 -2
  35. data/src/core/ext/filters/client_channel/local_subchannel_pool.h +2 -1
  36. data/src/core/ext/filters/client_channel/parse_address.cc +22 -21
  37. data/src/core/ext/filters/client_channel/resolver.cc +5 -8
  38. data/src/core/ext/filters/client_channel/resolver.h +12 -14
  39. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +73 -59
  40. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +35 -35
  41. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +8 -7
  42. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +16 -20
  43. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -4
  44. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +72 -117
  45. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +184 -133
  46. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +5 -3
  47. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +7 -4
  48. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +40 -43
  49. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +93 -102
  50. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +0 -4
  51. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +2 -2
  52. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +32 -5
  53. data/src/core/ext/filters/client_channel/resolver_factory.h +2 -2
  54. data/src/core/ext/filters/client_channel/resolver_registry.cc +6 -3
  55. data/src/core/ext/filters/client_channel/resolver_registry.h +8 -8
  56. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +16 -16
  57. data/src/core/ext/filters/client_channel/resolver_result_parsing.h +19 -16
  58. data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +20 -31
  59. data/src/core/ext/filters/client_channel/resolving_lb_policy.h +4 -3
  60. data/src/core/ext/filters/client_channel/server_address.cc +6 -9
  61. data/src/core/ext/filters/client_channel/server_address.h +6 -12
  62. data/src/core/ext/filters/client_channel/service_config.cc +104 -144
  63. data/src/core/ext/filters/client_channel/service_config.h +28 -98
  64. data/src/core/ext/filters/client_channel/service_config_call_data.h +68 -0
  65. data/src/core/ext/filters/client_channel/service_config_parser.cc +87 -0
  66. data/src/core/ext/filters/client_channel/service_config_parser.h +89 -0
  67. data/src/core/ext/filters/client_channel/subchannel.cc +54 -24
  68. data/src/core/ext/filters/client_channel/subchannel.h +35 -11
  69. data/src/core/ext/filters/client_channel/xds/xds_api.cc +348 -221
  70. data/src/core/ext/filters/client_channel/xds/xds_api.h +37 -37
  71. data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +44 -49
  72. data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +4 -3
  73. data/src/core/ext/filters/client_channel/xds/xds_channel_secure.cc +4 -2
  74. data/src/core/ext/filters/client_channel/xds/xds_client.cc +532 -339
  75. data/src/core/ext/filters/client_channel/xds/xds_client.h +57 -22
  76. data/src/core/ext/filters/client_channel/xds/xds_client_stats.cc +11 -12
  77. data/src/core/ext/filters/client_channel/xds/xds_client_stats.h +31 -19
  78. data/src/core/ext/filters/http/client/http_client_filter.cc +23 -28
  79. data/src/core/ext/filters/http/client_authority_filter.cc +4 -4
  80. data/src/core/ext/filters/http/http_filters_plugin.cc +27 -12
  81. data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +258 -221
  82. data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +358 -0
  83. data/src/core/ext/filters/http/message_compress/message_decompress_filter.h +29 -0
  84. data/src/core/ext/filters/message_size/message_size_filter.cc +7 -10
  85. data/src/core/ext/filters/message_size/message_size_filter.h +4 -4
  86. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +4 -4
  87. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +4 -6
  88. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +23 -22
  89. data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +1 -0
  90. data/src/core/ext/transport/chttp2/transport/flow_control.cc +3 -3
  91. data/src/core/ext/transport/chttp2/transport/frame_goaway.h +2 -3
  92. data/src/core/ext/transport/chttp2/transport/frame_ping.h +2 -3
  93. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +2 -3
  94. data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -3
  95. data/src/core/ext/transport/chttp2/transport/frame_window_update.h +2 -3
  96. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +29 -16
  97. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +2 -3
  98. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +2 -3
  99. data/src/core/ext/transport/chttp2/transport/hpack_table.h +2 -2
  100. data/src/core/ext/transport/chttp2/transport/http2_settings.h +4 -5
  101. data/src/core/ext/transport/chttp2/transport/huffsyms.h +2 -3
  102. data/src/core/ext/transport/chttp2/transport/internal.h +14 -21
  103. data/src/core/ext/transport/chttp2/transport/stream_map.h +2 -3
  104. data/src/core/ext/transport/chttp2/transport/writing.cc +15 -8
  105. data/src/core/ext/transport/inproc/inproc_transport.cc +19 -0
  106. data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +4 -229
  107. data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.h +5 -875
  108. data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.c +114 -0
  109. data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.h +418 -0
  110. data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.c +72 -0
  111. data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.h +197 -0
  112. data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.c +105 -0
  113. data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.h +378 -0
  114. data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.c +1 -0
  115. data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.c +21 -8
  116. data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.h +43 -7
  117. data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +1 -0
  118. data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.c +1 -0
  119. data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.c +1 -0
  120. data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +2 -1
  121. data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.c +35 -0
  122. data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.h +78 -0
  123. data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +47 -26
  124. data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +115 -65
  125. data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +1 -0
  126. data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.c +34 -0
  127. data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.h +72 -0
  128. data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +2 -1
  129. data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +24 -20
  130. data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +28 -13
  131. data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.c +1 -0
  132. data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +38 -18
  133. data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +88 -6
  134. data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.c +34 -0
  135. data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.h +89 -0
  136. data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +1 -0
  137. data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.c +1 -0
  138. data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.c +1 -0
  139. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +1 -0
  140. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.c +9 -6
  141. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.h +12 -4
  142. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +1 -0
  143. data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.c +1 -0
  144. data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.c +15 -10
  145. data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.h +16 -0
  146. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.c +1 -0
  147. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.c +2 -1
  148. data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.c +1 -0
  149. data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.c +1 -0
  150. data/src/core/ext/upb-generated/envoy/api/v2/route.upb.c +1 -0
  151. data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.c +1 -0
  152. data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.c +63 -41
  153. data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.h +173 -77
  154. data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.c +1 -0
  155. data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.c +1 -0
  156. data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.c +1 -0
  157. data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.c +48 -28
  158. data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.h +90 -30
  159. data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.c +1 -0
  160. data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.c +51 -0
  161. data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.h +125 -0
  162. data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.c +1 -0
  163. data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.c +4 -2
  164. data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.h +4 -0
  165. data/src/core/ext/upb-generated/envoy/type/http.upb.c +1 -0
  166. data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.c +16 -0
  167. data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.h +36 -0
  168. data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.c +1 -0
  169. data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.c +1 -0
  170. data/src/core/ext/upb-generated/envoy/type/percent.upb.c +1 -0
  171. data/src/core/ext/upb-generated/envoy/type/range.upb.c +1 -0
  172. data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.c +1 -0
  173. data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.c +1 -0
  174. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +9 -8
  175. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +30 -24
  176. data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +28 -0
  177. data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +65 -0
  178. data/src/core/ext/upb-generated/validate/validate.upb.c +21 -20
  179. data/src/core/ext/upb-generated/validate/validate.upb.h +69 -63
  180. data/src/core/lib/channel/channel_args.cc +15 -14
  181. data/src/core/lib/channel/channel_args.h +3 -1
  182. data/src/core/lib/channel/channel_stack.h +20 -13
  183. data/src/core/lib/channel/channelz.cc +5 -6
  184. data/src/core/lib/channel/channelz.h +3 -2
  185. data/src/core/lib/channel/channelz_registry.cc +5 -3
  186. data/src/core/lib/channel/connected_channel.cc +7 -5
  187. data/src/core/lib/channel/context.h +1 -1
  188. data/src/core/lib/channel/handshaker.cc +11 -13
  189. data/src/core/lib/channel/handshaker.h +4 -2
  190. data/src/core/lib/channel/handshaker_registry.cc +5 -17
  191. data/src/core/lib/channel/status_util.cc +2 -3
  192. data/src/core/lib/compression/message_compress.cc +5 -1
  193. data/src/core/lib/debug/stats.cc +21 -27
  194. data/src/core/lib/debug/stats.h +3 -1
  195. data/src/core/lib/gpr/spinlock.h +2 -3
  196. data/src/core/lib/gpr/string.cc +2 -26
  197. data/src/core/lib/gpr/string.h +0 -16
  198. data/src/core/lib/gpr/sync_abseil.cc +2 -0
  199. data/src/core/lib/gpr/time.cc +4 -0
  200. data/src/core/lib/gpr/time_posix.cc +1 -1
  201. data/src/core/lib/gprpp/atomic.h +6 -6
  202. data/src/core/lib/gprpp/fork.cc +1 -1
  203. data/src/core/lib/gprpp/host_port.cc +29 -35
  204. data/src/core/lib/gprpp/host_port.h +14 -17
  205. data/src/core/lib/gprpp/map.h +5 -11
  206. data/src/core/lib/gprpp/ref_counted_ptr.h +5 -0
  207. data/src/core/lib/http/format_request.cc +46 -65
  208. data/src/core/lib/http/httpcli.cc +2 -3
  209. data/src/core/lib/http/httpcli.h +2 -3
  210. data/src/core/lib/http/httpcli_security_connector.cc +5 -5
  211. data/src/core/lib/http/parser.h +2 -3
  212. data/src/core/lib/iomgr/buffer_list.h +22 -21
  213. data/src/core/lib/iomgr/call_combiner.h +3 -2
  214. data/src/core/lib/iomgr/cfstream_handle.cc +3 -2
  215. data/src/core/lib/iomgr/closure.h +2 -3
  216. data/src/core/lib/iomgr/dualstack_socket_posix.cc +47 -0
  217. data/src/core/lib/iomgr/endpoint_cfstream.cc +2 -3
  218. data/src/core/lib/iomgr/endpoint_pair.h +2 -3
  219. data/src/core/lib/iomgr/error.cc +6 -9
  220. data/src/core/lib/iomgr/error.h +0 -1
  221. data/src/core/lib/iomgr/ev_apple.cc +356 -0
  222. data/src/core/lib/iomgr/ev_apple.h +43 -0
  223. data/src/core/lib/iomgr/ev_epoll1_linux.cc +20 -23
  224. data/src/core/lib/iomgr/ev_epollex_linux.cc +2 -3
  225. data/src/core/lib/iomgr/ev_poll_posix.cc +3 -3
  226. data/src/core/lib/iomgr/ev_posix.cc +2 -3
  227. data/src/core/lib/iomgr/exec_ctx.h +14 -2
  228. data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +84 -20
  229. data/src/core/lib/iomgr/pollset_set_custom.cc +10 -10
  230. data/src/core/lib/{gprpp/optional.h → iomgr/pollset_uv.h} +11 -12
  231. data/src/core/lib/iomgr/port.h +1 -0
  232. data/src/core/lib/iomgr/python_util.h +46 -0
  233. data/src/core/lib/iomgr/resolve_address.h +4 -6
  234. data/src/core/lib/iomgr/resolve_address_custom.cc +29 -39
  235. data/src/core/lib/iomgr/resolve_address_custom.h +4 -2
  236. data/src/core/lib/iomgr/resolve_address_posix.cc +10 -11
  237. data/src/core/lib/iomgr/resolve_address_windows.cc +8 -17
  238. data/src/core/lib/iomgr/resource_quota.cc +4 -6
  239. data/src/core/lib/iomgr/sockaddr_utils.cc +23 -29
  240. data/src/core/lib/iomgr/sockaddr_utils.h +9 -14
  241. data/src/core/lib/iomgr/socket_factory_posix.h +2 -3
  242. data/src/core/lib/iomgr/socket_mutator.h +2 -3
  243. data/src/core/lib/iomgr/socket_utils_common_posix.cc +7 -26
  244. data/src/core/lib/iomgr/socket_utils_posix.h +3 -0
  245. data/src/core/lib/iomgr/tcp_client_cfstream.cc +5 -7
  246. data/src/core/lib/iomgr/tcp_client_posix.cc +8 -5
  247. data/src/core/lib/iomgr/tcp_client_windows.cc +2 -3
  248. data/src/core/lib/iomgr/tcp_custom.cc +2 -3
  249. data/src/core/lib/iomgr/tcp_server_custom.cc +5 -9
  250. data/src/core/lib/iomgr/tcp_server_posix.cc +5 -4
  251. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +5 -4
  252. data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +8 -11
  253. data/src/core/lib/iomgr/tcp_uv.cc +3 -2
  254. data/src/core/lib/iomgr/time_averaged_stats.h +2 -3
  255. data/src/core/lib/iomgr/timer_generic.cc +2 -3
  256. data/src/core/lib/{gprpp/inlined_vector.h → iomgr/timer_generic.h} +19 -17
  257. data/src/core/lib/iomgr/timer_heap.h +2 -3
  258. data/src/core/lib/iomgr/udp_server.cc +9 -14
  259. data/src/core/lib/json/json.h +3 -2
  260. data/src/core/lib/json/json_reader.cc +5 -5
  261. data/src/core/lib/json/json_writer.cc +13 -12
  262. data/src/core/lib/security/credentials/composite/composite_credentials.cc +12 -0
  263. data/src/core/lib/security/credentials/composite/composite_credentials.h +6 -3
  264. data/src/core/lib/security/credentials/credentials.cc +0 -84
  265. data/src/core/lib/security/credentials/credentials.h +8 -59
  266. data/src/core/lib/security/credentials/fake/fake_credentials.h +4 -0
  267. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +3 -8
  268. data/src/core/lib/security/credentials/iam/iam_credentials.cc +8 -6
  269. data/src/core/lib/security/credentials/iam/iam_credentials.h +4 -0
  270. data/src/core/lib/security/credentials/jwt/json_token.cc +1 -1
  271. data/src/core/lib/security/credentials/jwt/json_token.h +2 -5
  272. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +12 -0
  273. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +8 -15
  274. data/src/core/lib/security/credentials/jwt/jwt_verifier.h +2 -3
  275. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +55 -27
  276. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +9 -3
  277. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +13 -0
  278. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -0
  279. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +23 -13
  280. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +38 -11
  281. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +21 -6
  282. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +7 -7
  283. data/src/core/lib/security/security_connector/load_system_roots_linux.cc +3 -2
  284. data/src/core/lib/security/security_connector/local/local_security_connector.cc +1 -1
  285. data/src/core/lib/security/security_connector/security_connector.h +1 -1
  286. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +20 -25
  287. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +4 -6
  288. data/src/core/lib/security/security_connector/ssl_utils.cc +59 -12
  289. data/src/core/lib/security/security_connector/ssl_utils.h +12 -10
  290. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +77 -51
  291. data/src/core/lib/security/security_connector/tls/tls_security_connector.h +27 -5
  292. data/src/core/lib/security/transport/client_auth_filter.cc +1 -2
  293. data/src/core/lib/slice/slice_intern.cc +2 -3
  294. data/src/core/lib/slice/slice_internal.h +14 -0
  295. data/src/core/lib/slice/slice_utils.h +9 -0
  296. data/src/core/lib/surface/byte_buffer_reader.cc +2 -47
  297. data/src/core/lib/surface/call.cc +2 -3
  298. data/src/core/lib/surface/call_log_batch.cc +50 -58
  299. data/src/core/lib/surface/channel.cc +53 -31
  300. data/src/core/lib/surface/channel.h +35 -4
  301. data/src/core/lib/surface/channel_ping.cc +2 -3
  302. data/src/core/lib/surface/completion_queue.cc +33 -33
  303. data/src/core/lib/surface/event_string.cc +18 -25
  304. data/src/core/lib/surface/event_string.h +3 -1
  305. data/src/core/lib/surface/init_secure.cc +1 -4
  306. data/src/core/lib/surface/server.cc +570 -369
  307. data/src/core/lib/surface/server.h +32 -0
  308. data/src/core/lib/surface/version.cc +2 -2
  309. data/src/core/lib/transport/byte_stream.h +7 -2
  310. data/src/core/lib/transport/connectivity_state.cc +7 -6
  311. data/src/core/lib/transport/connectivity_state.h +5 -3
  312. data/src/core/lib/transport/metadata.cc +3 -3
  313. data/src/core/lib/transport/metadata_batch.h +2 -3
  314. data/src/core/lib/transport/static_metadata.h +1 -1
  315. data/src/core/lib/transport/status_conversion.cc +6 -14
  316. data/src/core/lib/transport/transport.cc +2 -3
  317. data/src/core/lib/transport/transport.h +3 -2
  318. data/src/core/lib/transport/transport_op_string.cc +61 -102
  319. data/src/core/lib/uri/uri_parser.h +2 -3
  320. data/src/core/plugin_registry/grpc_plugin_registry.cc +20 -4
  321. data/src/core/tsi/alts/crypt/aes_gcm.cc +0 -2
  322. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +8 -1
  323. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +8 -4
  324. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +32 -2
  325. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +9 -1
  326. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +2 -3
  327. data/src/core/tsi/fake_transport_security.cc +10 -15
  328. data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -2
  329. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +0 -2
  330. data/src/core/tsi/ssl_transport_security.cc +52 -39
  331. data/src/core/tsi/ssl_transport_security.h +8 -8
  332. data/src/core/tsi/ssl_types.h +0 -2
  333. data/src/core/tsi/transport_security.h +6 -9
  334. data/src/core/tsi/transport_security_grpc.h +2 -3
  335. data/src/core/tsi/transport_security_interface.h +3 -3
  336. data/src/ruby/ext/grpc/rb_call.c +9 -1
  337. data/src/ruby/lib/grpc/errors.rb +103 -42
  338. data/src/ruby/lib/grpc/generic/active_call.rb +2 -3
  339. data/src/ruby/lib/grpc/generic/interceptors.rb +4 -4
  340. data/src/ruby/lib/grpc/generic/rpc_server.rb +9 -10
  341. data/src/ruby/lib/grpc/generic/service.rb +5 -4
  342. data/src/ruby/lib/grpc/structs.rb +1 -1
  343. data/src/ruby/lib/grpc/version.rb +1 -1
  344. data/src/ruby/pb/generate_proto_ruby.sh +5 -3
  345. data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +11 -0
  346. data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +16 -0
  347. data/src/ruby/spec/debug_message_spec.rb +134 -0
  348. data/src/ruby/spec/generic/service_spec.rb +2 -0
  349. data/src/ruby/spec/pb/codegen/grpc/testing/package_options_ruby_style.proto +5 -0
  350. data/src/ruby/spec/pb/codegen/package_option_spec.rb +2 -0
  351. data/src/ruby/spec/testdata/ca.pem +18 -13
  352. data/src/ruby/spec/testdata/client.key +26 -14
  353. data/src/ruby/spec/testdata/client.pem +18 -12
  354. data/src/ruby/spec/testdata/server1.key +26 -14
  355. data/src/ruby/spec/testdata/server1.pem +20 -14
  356. data/third_party/abseil-cpp/absl/time/civil_time.cc +175 -0
  357. data/third_party/abseil-cpp/absl/time/civil_time.h +538 -0
  358. data/third_party/abseil-cpp/absl/time/clock.cc +569 -0
  359. data/third_party/abseil-cpp/absl/time/clock.h +74 -0
  360. data/third_party/abseil-cpp/absl/time/duration.cc +922 -0
  361. data/third_party/abseil-cpp/absl/time/format.cc +153 -0
  362. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time.h +332 -0
  363. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +622 -0
  364. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +384 -0
  365. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +102 -0
  366. data/third_party/abseil-cpp/absl/time/internal/cctz/src/civil_time_detail.cc +94 -0
  367. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +140 -0
  368. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.h +52 -0
  369. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +922 -0
  370. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +45 -0
  371. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.h +76 -0
  372. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +121 -0
  373. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +93 -0
  374. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +958 -0
  375. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +138 -0
  376. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +308 -0
  377. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +55 -0
  378. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +187 -0
  379. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +159 -0
  380. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.h +132 -0
  381. data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +122 -0
  382. data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +115 -0
  383. data/third_party/abseil-cpp/absl/time/internal/get_current_time_chrono.inc +31 -0
  384. data/third_party/abseil-cpp/absl/time/internal/get_current_time_posix.inc +24 -0
  385. data/third_party/abseil-cpp/absl/time/time.cc +499 -0
  386. data/third_party/abseil-cpp/absl/time/time.h +1584 -0
  387. data/third_party/boringssl-with-bazel/err_data.c +329 -297
  388. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +1 -1
  389. data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +7 -5
  390. data/third_party/boringssl-with-bazel/src/crypto/cpu-intel.c +13 -4
  391. data/third_party/boringssl-with-bazel/src/crypto/crypto.c +11 -0
  392. data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519.c +18 -26
  393. data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519_tables.h +13 -21
  394. data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/internal.h +14 -22
  395. data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +1 -1
  396. data/third_party/boringssl-with-bazel/src/crypto/dh/dh.c +15 -0
  397. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +10 -0
  398. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +425 -0
  399. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +78 -0
  400. data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +2 -2
  401. data/third_party/boringssl-with-bazel/src/crypto/err/err.c +33 -32
  402. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +1 -1
  403. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +2 -1
  404. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +3 -3
  405. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +14 -11
  406. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +8 -8
  407. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +30 -154
  408. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +16 -0
  409. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +289 -117
  410. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +13 -27
  411. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +96 -55
  412. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +25 -7
  413. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +432 -160
  414. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +63 -71
  415. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +5 -14
  416. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64-table.h +9481 -9485
  417. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.c +80 -99
  418. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +736 -0
  419. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +297 -0
  420. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +90 -11
  421. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +125 -148
  422. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +189 -3
  423. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +61 -18
  424. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +2 -2
  425. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +20 -5
  426. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +137 -0
  427. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +49 -0
  428. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +64 -0
  429. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +41 -5
  430. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +32 -17
  431. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +24 -114
  432. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +4 -0
  433. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +1 -0
  434. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +51 -38
  435. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +15 -1
  436. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +44 -35
  437. data/third_party/boringssl-with-bazel/src/crypto/mem.c +29 -12
  438. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +15 -1
  439. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +6 -10
  440. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +16 -0
  441. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +4 -0
  442. data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +4 -0
  443. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +278 -0
  444. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +1474 -0
  445. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +720 -0
  446. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +16 -0
  447. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +5 -0
  448. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +4 -3
  449. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +5 -1
  450. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +9 -4
  451. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +20 -0
  452. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +1 -0
  453. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +16 -0
  454. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +6 -0
  455. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +2 -0
  456. data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +5 -0
  457. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +3 -17
  458. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +31 -0
  459. data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +26 -0
  460. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +172 -77
  461. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +1 -0
  462. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +291 -0
  463. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +5 -3
  464. data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +1 -0
  465. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +0 -4
  466. data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +3 -3
  467. data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +13 -4
  468. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +146 -57
  469. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +14 -3
  470. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +28 -20
  471. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +12 -4
  472. data/third_party/boringssl-with-bazel/src/ssl/internal.h +64 -47
  473. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +10 -10
  474. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
  475. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +21 -21
  476. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +29 -0
  477. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +4 -0
  478. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +6 -1
  479. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +13 -2
  480. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +64 -5
  481. data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +6 -0
  482. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +6 -2
  483. data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +47 -53
  484. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +1 -1
  485. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +98 -27
  486. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +23 -75
  487. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +50 -20
  488. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +63 -25
  489. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +245 -175
  490. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +135 -75
  491. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1593 -1672
  492. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +512 -503
  493. metadata +111 -37
  494. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +0 -1754
  495. data/src/core/lib/gprpp/string_view.h +0 -60
  496. data/src/core/tsi/grpc_shadow_boringssl.h +0 -3311
  497. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256.c +0 -1063
@@ -179,6 +179,7 @@ extern "C" {
179
179
  #define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
180
180
  #define TLS1_AD_UNKNOWN_PSK_IDENTITY 115
181
181
  #define TLS1_AD_CERTIFICATE_REQUIRED 116
182
+ #define TLS1_AD_NO_APPLICATION_PROTOCOL 120
182
183
 
183
184
  // ExtensionType values from RFC6066
184
185
  #define TLSEXT_TYPE_server_name 0
@@ -0,0 +1,291 @@
1
+ /* Copyright (c) 2020, Google Inc.
2
+ *
3
+ * Permission to use, copy, modify, and/or distribute this software for any
4
+ * purpose with or without fee is hereby granted, provided that the above
5
+ * copyright notice and this permission notice appear in all copies.
6
+ *
7
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14
+
15
+ #ifndef OPENSSL_HEADER_TRUST_TOKEN_H
16
+ #define OPENSSL_HEADER_TRUST_TOKEN_H
17
+
18
+ #include <openssl/base.h>
19
+ #include <openssl/stack.h>
20
+
21
+ #if defined(__cplusplus)
22
+ extern "C" {
23
+ #endif
24
+
25
+
26
+ // Trust Token implementation.
27
+ //
28
+ // Trust Token is an implementation of an experimental mechanism similar to
29
+ // Privacy Pass which allows issuance and redemption of anonymized tokens with
30
+ // limited private metadata.
31
+ //
32
+ // References:
33
+ // https://eprint.iacr.org/2020/072.pdf
34
+ // https://github.com/alxdavids/privacy-pass-ietf/tree/master/drafts
35
+ // https://github.com/WICG/trust-token-api/blob/master/README.md
36
+ //
37
+ // WARNING: This API is unstable and subject to change.
38
+
39
+ // TRUST_TOKEN_experiment_v0 is an experimental Trust Tokens protocol using
40
+ // PMBTokens and P-521.
41
+ OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v0(void);
42
+
43
+ // TRUST_TOKEN_experiment_v1 is an experimental Trust Tokens protocol using
44
+ // PMBTokens and P-384. This version is still under developement and should not
45
+ // be used yet.
46
+ OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v1(void);
47
+
48
+ // trust_token_st represents a single-use token for the Trust Token protocol.
49
+ // For the client, this is the token and its corresponding signature. For the
50
+ // issuer, this is the token itself.
51
+ struct trust_token_st {
52
+ uint8_t *data;
53
+ size_t len;
54
+ };
55
+
56
+ DEFINE_STACK_OF(TRUST_TOKEN)
57
+
58
+ // TRUST_TOKEN_new creates a newly-allocated |TRUST_TOKEN| with value |data| or
59
+ // NULL on allocation failure.
60
+ OPENSSL_EXPORT TRUST_TOKEN *TRUST_TOKEN_new(const uint8_t *data, size_t len);
61
+
62
+ // TRUST_TOKEN_free releases memory associated with |token|.
63
+ OPENSSL_EXPORT void TRUST_TOKEN_free(TRUST_TOKEN *token);
64
+
65
+ #define TRUST_TOKEN_MAX_PRIVATE_KEY_SIZE 512
66
+ #define TRUST_TOKEN_MAX_PUBLIC_KEY_SIZE 512
67
+
68
+ // TRUST_TOKEN_generate_key creates a new Trust Token keypair labeled with |id|
69
+ // and serializes the private and public keys, writing the private key to
70
+ // |out_priv_key| and setting |*out_priv_key_len| to the number of bytes
71
+ // written, and writing the public key to |out_pub_key| and setting
72
+ // |*out_pub_key_len| to the number of bytes written.
73
+ //
74
+ // At most |max_priv_key_len| and |max_pub_key_len| bytes are written. In order
75
+ // to ensure success, these should be at least
76
+ // |TRUST_TOKEN_MAX_PRIVATE_KEY_SIZE| and |TRUST_TOKEN_MAX_PUBLIC_KEY_SIZE|.
77
+ //
78
+ // WARNING: This API is unstable and the serializations of these keys are
79
+ // subject to change. Keys generated with this function may not be persisted.
80
+ //
81
+ // This function returns one on success or zero on error.
82
+ OPENSSL_EXPORT int TRUST_TOKEN_generate_key(
83
+ const TRUST_TOKEN_METHOD *method, uint8_t *out_priv_key,
84
+ size_t *out_priv_key_len, size_t max_priv_key_len, uint8_t *out_pub_key,
85
+ size_t *out_pub_key_len, size_t max_pub_key_len, uint32_t id);
86
+
87
+
88
+ // Trust Token client implementation.
89
+ //
90
+ // These functions implements the client half of the Trust Token protocol. A
91
+ // single |TRUST_TOKEN_CLIENT| can perform a single protocol operation.
92
+
93
+ // TRUST_TOKEN_CLIENT_new returns a newly-allocated |TRUST_TOKEN_CLIENT|
94
+ // configured to use a max batchsize of |max_batchsize| or NULL on error.
95
+ // Issuance requests must be made in batches smaller than |max_batchsize|. This
96
+ // function will return an error if |max_batchsize| is too large for Trust
97
+ // Tokens.
98
+ OPENSSL_EXPORT TRUST_TOKEN_CLIENT *TRUST_TOKEN_CLIENT_new(
99
+ const TRUST_TOKEN_METHOD *method, size_t max_batchsize);
100
+
101
+ // TRUST_TOKEN_CLIENT_free releases memory associated with |ctx|.
102
+ OPENSSL_EXPORT void TRUST_TOKEN_CLIENT_free(TRUST_TOKEN_CLIENT *ctx);
103
+
104
+ // TRUST_TOKEN_CLIENT_add_key configures the |ctx| to support the public key
105
+ // |key|. It sets |*out_key_index| to the index this key has been configured to.
106
+ // It returns one on success or zero on error if the |key| can't be parsed or
107
+ // too many keys have been configured.
108
+ OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_add_key(TRUST_TOKEN_CLIENT *ctx,
109
+ size_t *out_key_index,
110
+ const uint8_t *key,
111
+ size_t key_len);
112
+
113
+ // TRUST_TOKEN_CLIENT_set_srr_key sets the public key used to verify the SRR. It
114
+ // returns one on success and zero on error.
115
+ OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_set_srr_key(TRUST_TOKEN_CLIENT *ctx,
116
+ EVP_PKEY *key);
117
+
118
+ // TRUST_TOKEN_CLIENT_begin_issuance produces a request for |count| trust tokens
119
+ // and serializes the request into a newly-allocated buffer, setting |*out| to
120
+ // that buffer and |*out_len| to its length. The caller takes ownership of the
121
+ // buffer and must call |OPENSSL_free| when done. It returns one on success and
122
+ // zero on error.
123
+ OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_begin_issuance(TRUST_TOKEN_CLIENT *ctx,
124
+ uint8_t **out,
125
+ size_t *out_len,
126
+ size_t count);
127
+
128
+ // TRUST_TOKEN_CLIENT_finish_issuance consumes |response| from the issuer and
129
+ // extracts the tokens, returning a list of tokens and the index of the key used
130
+ // to sign the tokens in |*out_key_index|. The caller can use this to determine
131
+ // what key was used in an issuance and to drop tokens if a new key commitment
132
+ // arrives without the specified key present. The caller takes ownership of the
133
+ // list and must call |sk_TRUST_TOKEN_pop_free| when done. The list is empty if
134
+ // issuance fails.
135
+ OPENSSL_EXPORT STACK_OF(TRUST_TOKEN) *
136
+ TRUST_TOKEN_CLIENT_finish_issuance(TRUST_TOKEN_CLIENT *ctx,
137
+ size_t *out_key_index,
138
+ const uint8_t *response,
139
+ size_t response_len);
140
+
141
+
142
+ // TRUST_TOKEN_CLIENT_begin_redemption produces a request to redeem a token
143
+ // |token| and receive a signature over |data| and serializes the request into
144
+ // a newly-allocated buffer, setting |*out| to that buffer and |*out_len| to
145
+ // its length. |time| is the number of seconds since the UNIX epoch and used to
146
+ // verify the validity of the issuer's response. The caller takes ownership of
147
+ // the buffer and must call |OPENSSL_free| when done. It returns one on success
148
+ // or zero on error.
149
+ OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_begin_redemption(
150
+ TRUST_TOKEN_CLIENT *ctx, uint8_t **out, size_t *out_len,
151
+ const TRUST_TOKEN *token, const uint8_t *data, size_t data_len,
152
+ uint64_t time);
153
+
154
+ // TRUST_TOKEN_CLIENT_finish_redemption consumes |response| from the issuer and
155
+ // verifies the SRR. If valid, it returns one and sets |*out_srr| and
156
+ // |*out_srr_len| (respectively, |*out_sig| and |*out_sig_len|) to a
157
+ // newly-allocated buffer containing the SRR (respectively, the SRR signature).
158
+ // Otherwise, it returns zero.
159
+ OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_finish_redemption(
160
+ TRUST_TOKEN_CLIENT *ctx, uint8_t **out_srr, size_t *out_srr_len,
161
+ uint8_t **out_sig, size_t *out_sig_len, const uint8_t *response,
162
+ size_t response_len);
163
+
164
+
165
+ // Trust Token issuer implementation.
166
+ //
167
+ // These functions implement the issuer half of the Trust Token protocol. A
168
+ // |TRUST_TOKEN_ISSUER| can be reused across multiple protocol operations. It
169
+ // may be used concurrently on multiple threads by non-mutating functions,
170
+ // provided no other thread is concurrently calling a mutating function.
171
+ // Functions which take a |const| pointer are non-mutating and functions which
172
+ // take a non-|const| pointer are mutating.
173
+
174
+ // TRUST_TOKEN_ISSUER_new returns a newly-allocated |TRUST_TOKEN_ISSUER|
175
+ // configured to use a max batchsize of |max_batchsize| or NULL on error.
176
+ // Issuance requests must be made in batches smaller than |max_batchsize|. This
177
+ // function will return an error if |max_batchsize| is too large for Trust
178
+ // Tokens.
179
+ OPENSSL_EXPORT TRUST_TOKEN_ISSUER *TRUST_TOKEN_ISSUER_new(
180
+ const TRUST_TOKEN_METHOD *method, size_t max_batchsize);
181
+
182
+ // TRUST_TOKEN_ISSUER_free releases memory associated with |ctx|.
183
+ OPENSSL_EXPORT void TRUST_TOKEN_ISSUER_free(TRUST_TOKEN_ISSUER *ctx);
184
+
185
+ // TRUST_TOKEN_ISSUER_add_key configures the |ctx| to support the private key
186
+ // |key|. It must be a private key returned by |TRUST_TOKEN_generate_key|. It
187
+ // returns one on success or zero on error. This function may fail if the |key|
188
+ // can't be parsed or too many keys have been configured.
189
+ OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_add_key(TRUST_TOKEN_ISSUER *ctx,
190
+ const uint8_t *key,
191
+ size_t key_len);
192
+
193
+ // TRUST_TOKEN_ISSUER_set_srr_key sets the private key used to sign the SRR. It
194
+ // returns one on success and zero on error.
195
+ OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_set_srr_key(TRUST_TOKEN_ISSUER *ctx,
196
+ EVP_PKEY *key);
197
+
198
+ // TRUST_TOKEN_ISSUER_set_metadata_key sets the key used to encrypt the private
199
+ // metadata. The key is a randomly generated bytestring of at least 32 bytes
200
+ // used to encode the private metadata bit in the SRR. It returns one on success
201
+ // and zero on error.
202
+ OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_set_metadata_key(TRUST_TOKEN_ISSUER *ctx,
203
+ const uint8_t *key,
204
+ size_t len);
205
+
206
+ // TRUST_TOKEN_ISSUER_issue ingests |request| for token issuance
207
+ // and generates up to |max_issuance| valid tokens, producing a list of blinded
208
+ // tokens and storing the response into a newly-allocated buffer and setting
209
+ // |*out| to that buffer, |*out_len| to its length, and |*out_tokens_issued| to
210
+ // the number of tokens issued. The tokens are issued with public metadata of
211
+ // |public_metadata| and a private metadata value of |private_metadata|.
212
+ // |public_metadata| must be one of the previously configured key IDs.
213
+ // |private_metadata| must be 0 or 1. The caller takes ownership of the buffer
214
+ // and must call |OPENSSL_free| when done. It returns one on success or zero on
215
+ // error.
216
+ OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_issue(
217
+ const TRUST_TOKEN_ISSUER *ctx, uint8_t **out, size_t *out_len,
218
+ size_t *out_tokens_issued, const uint8_t *request, size_t request_len,
219
+ uint32_t public_metadata, uint8_t private_metadata, size_t max_issuance);
220
+
221
+ // TRUST_TOKEN_ISSUER_redeem ingests a |request| for token redemption and
222
+ // verifies the token. If the token is valid, a SRR is produced with a lifetime
223
+ // of |lifetime| (in seconds), signing over the requested data from the request
224
+ // and the value of the token, storing the result into a newly-allocated buffer
225
+ // and setting |*out| to that buffer and |*out_len| to its length. The extracted
226
+ // |TRUST_TOKEN| is stored into a newly-allocated buffer and stored in
227
+ // |*out_token|. The extracted client data is stored into a newly-allocated
228
+ // buffer and stored in |*out_client_data|. The extracted redemption time is
229
+ // stored in |*out_redemption_time|. The caller takes ownership of each output
230
+ // buffer and must call |OPENSSL_free| when done. It returns one on success or
231
+ // zero on error.
232
+ //
233
+ // The caller must keep track of all values of |*out_token| seen globally before
234
+ // returning the SRR to the client. If the value has been reused, the caller
235
+ // must discard the SRR and report an error to the caller. Returning an SRR with
236
+ // replayed values allows an attacker to double-spend tokens.
237
+ //
238
+ // The private metadata construction in |TRUST_TOKEN_experiment_v0| does not
239
+ // keep the value secret and should not be used when secrecy is required.
240
+ OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem(
241
+ const TRUST_TOKEN_ISSUER *ctx, uint8_t **out, size_t *out_len,
242
+ TRUST_TOKEN **out_token, uint8_t **out_client_data,
243
+ size_t *out_client_data_len, uint64_t *out_redemption_time,
244
+ const uint8_t *request, size_t request_len, uint64_t lifetime);
245
+
246
+ // TRUST_TOKEN_decode_private_metadata decodes |encrypted_bit| using the
247
+ // private metadata key specified by a |key| buffer of length |key_len| and the
248
+ // nonce by a |nonce| buffer of length |nonce_len|. The nonce in
249
+ // |TRUST_TOKEN_experiment_v0| is the client-data field of the SRR. The nonce in
250
+ // |TRUST_TOKEN_experiment_v1| is the token-hash field of the SRR. |*out_value|
251
+ // is set to the decrypted value, either zero or one. It returns one on success
252
+ // and zero on error.
253
+ OPENSSL_EXPORT int TRUST_TOKEN_decode_private_metadata(
254
+ const TRUST_TOKEN_METHOD *method, uint8_t *out_value, const uint8_t *key,
255
+ size_t key_len, const uint8_t *nonce, size_t nonce_len,
256
+ uint8_t encrypted_bit);
257
+
258
+
259
+ #if defined(__cplusplus)
260
+ } // extern C
261
+
262
+ extern "C++" {
263
+
264
+ BSSL_NAMESPACE_BEGIN
265
+
266
+ BORINGSSL_MAKE_DELETER(TRUST_TOKEN, TRUST_TOKEN_free)
267
+ BORINGSSL_MAKE_DELETER(TRUST_TOKEN_CLIENT, TRUST_TOKEN_CLIENT_free)
268
+ BORINGSSL_MAKE_DELETER(TRUST_TOKEN_ISSUER, TRUST_TOKEN_ISSUER_free)
269
+
270
+ BSSL_NAMESPACE_END
271
+
272
+ } // extern C++
273
+ #endif
274
+
275
+ #define TRUST_TOKEN_R_KEYGEN_FAILURE 100
276
+ #define TRUST_TOKEN_R_BUFFER_TOO_SMALL 101
277
+ #define TRUST_TOKEN_R_OVER_BATCHSIZE 102
278
+ #define TRUST_TOKEN_R_DECODE_ERROR 103
279
+ #define TRUST_TOKEN_R_SRR_SIGNATURE_ERROR 104
280
+ #define TRUST_TOKEN_R_DECODE_FAILURE 105
281
+ #define TRUST_TOKEN_R_INVALID_METADATA 106
282
+ #define TRUST_TOKEN_R_TOO_MANY_KEYS 107
283
+ #define TRUST_TOKEN_R_NO_KEYS_CONFIGURED 108
284
+ #define TRUST_TOKEN_R_INVALID_KEY_ID 109
285
+ #define TRUST_TOKEN_R_INVALID_TOKEN 110
286
+ #define TRUST_TOKEN_R_BAD_VALIDITY_CHECK 111
287
+ #define TRUST_TOKEN_R_NO_SRR_KEY_CONFIGURED 112
288
+ #define TRUST_TOKEN_R_INVALID_METADATA_KEY 113
289
+ #define TRUST_TOKEN_R_INVALID_PROOF 114
290
+
291
+ #endif // OPENSSL_HEADER_TRUST_TOKEN_H
@@ -829,8 +829,10 @@ OPENSSL_EXPORT int X509_set_subject_name(X509 *x, X509_NAME *name);
829
829
  OPENSSL_EXPORT X509_NAME * X509_get_subject_name(X509 *a);
830
830
  OPENSSL_EXPORT int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
831
831
  OPENSSL_EXPORT const ASN1_TIME *X509_get0_notBefore(const X509 *x);
832
+ OPENSSL_EXPORT ASN1_TIME *X509_getm_notBefore(X509 *x);
832
833
  OPENSSL_EXPORT int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
833
834
  OPENSSL_EXPORT const ASN1_TIME *X509_get0_notAfter(const X509 *x);
835
+ OPENSSL_EXPORT ASN1_TIME *X509_getm_notAfter(X509 *x);
834
836
  OPENSSL_EXPORT int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
835
837
  OPENSSL_EXPORT EVP_PKEY * X509_get_pubkey(X509 *x);
836
838
  OPENSSL_EXPORT ASN1_BIT_STRING * X509_get0_pubkey_bitstr(const X509 *x);
@@ -957,13 +959,13 @@ OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc)
957
959
  OPENSSL_EXPORT int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne,
958
960
  int loc, int set);
959
961
  OPENSSL_EXPORT int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
960
- unsigned char *bytes, int len, int loc, int set);
962
+ const unsigned char *bytes, int len, int loc, int set);
961
963
  OPENSSL_EXPORT int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
962
- unsigned char *bytes, int len, int loc, int set);
964
+ const unsigned char *bytes, int len, int loc, int set);
963
965
  OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
964
966
  const char *field, int type, const unsigned char *bytes, int len);
965
967
  OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
966
- int type,unsigned char *bytes, int len);
968
+ int type, const unsigned char *bytes, int len);
967
969
  OPENSSL_EXPORT int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
968
970
  const unsigned char *bytes, int len, int loc, int set);
969
971
  OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
@@ -578,6 +578,7 @@ OPENSSL_EXPORT X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
578
578
  OPENSSL_EXPORT X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
579
579
  OPENSSL_EXPORT X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
580
580
  OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
581
+ OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get0_chain(X509_STORE_CTX *ctx);
581
582
  OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
582
583
  OPENSSL_EXPORT void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
583
584
  OPENSSL_EXPORT void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk);
@@ -437,10 +437,6 @@ void dtls1_next_message(SSL *ssl) {
437
437
  }
438
438
 
439
439
  bool dtls_has_unprocessed_handshake_data(const SSL *ssl) {
440
- if (ssl->d1->has_change_cipher_spec) {
441
- return true;
442
- }
443
-
444
440
  size_t current = ssl->d1->handshake_read_seq % SSL_MAX_HANDSHAKE_FLIGHT;
445
441
  for (size_t i = 0; i < SSL_MAX_HANDSHAKE_FLIGHT; i++) {
446
442
  // Skip the current message.
@@ -86,12 +86,12 @@ DTLS1_STATE::DTLS1_STATE()
86
86
  DTLS1_STATE::~DTLS1_STATE() {}
87
87
 
88
88
  bool dtls1_new(SSL *ssl) {
89
- if (!ssl3_new(ssl)) {
89
+ if (!tls_new(ssl)) {
90
90
  return false;
91
91
  }
92
92
  UniquePtr<DTLS1_STATE> d1 = MakeUnique<DTLS1_STATE>();
93
93
  if (!d1) {
94
- ssl3_free(ssl);
94
+ tls_free(ssl);
95
95
  return false;
96
96
  }
97
97
 
@@ -107,7 +107,7 @@ bool dtls1_new(SSL *ssl) {
107
107
  }
108
108
 
109
109
  void dtls1_free(SSL *ssl) {
110
- ssl3_free(ssl);
110
+ tls_free(ssl);
111
111
 
112
112
  if (ssl == NULL) {
113
113
  return;
@@ -77,10 +77,13 @@ static void dtls1_on_handshake_complete(SSL *ssl) {
77
77
  }
78
78
  }
79
79
 
80
- static bool dtls1_set_read_state(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx) {
80
+ static bool dtls1_set_read_state(SSL *ssl, ssl_encryption_level_t level,
81
+ UniquePtr<SSLAEADContext> aead_ctx,
82
+ Span<const uint8_t> secret_for_quic) {
83
+ assert(secret_for_quic.empty()); // QUIC does not use DTLS.
81
84
  // Cipher changes are forbidden if the current epoch has leftover data.
82
85
  if (dtls_has_unprocessed_handshake_data(ssl)) {
83
- OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFERED_MESSAGES_ON_CIPHER_CHANGE);
86
+ OPENSSL_PUT_ERROR(SSL, SSL_R_EXCESS_HANDSHAKE_DATA);
84
87
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
85
88
  return false;
86
89
  }
@@ -90,11 +93,15 @@ static bool dtls1_set_read_state(SSL *ssl, UniquePtr aead_ctx) {
90
93
  OPENSSL_memset(ssl->s3->read_sequence, 0, sizeof(ssl->s3->read_sequence));
91
94
 
92
95
  ssl->s3->aead_read_ctx = std::move(aead_ctx);
96
+ ssl->s3->read_level = level;
97
+ ssl->d1->has_change_cipher_spec = 0;
93
98
  return true;
94
99
  }
95
100
 
96
- static bool dtls1_set_write_state(SSL *ssl,
97
- UniquePtr<SSLAEADContext> aead_ctx) {
101
+ static bool dtls1_set_write_state(SSL *ssl, ssl_encryption_level_t level,
102
+ UniquePtr<SSLAEADContext> aead_ctx,
103
+ Span<const uint8_t> secret_for_quic) {
104
+ assert(secret_for_quic.empty()); // QUIC does not use DTLS.
98
105
  ssl->d1->w_epoch++;
99
106
  OPENSSL_memcpy(ssl->d1->last_write_sequence, ssl->s3->write_sequence,
100
107
  sizeof(ssl->s3->write_sequence));
@@ -102,6 +109,7 @@ static bool dtls1_set_write_state(SSL *ssl,
102
109
 
103
110
  ssl->d1->last_aead_write_ctx = std::move(ssl->s3->aead_write_ctx);
104
111
  ssl->s3->aead_write_ctx = std::move(aead_ctx);
112
+ ssl->s3->write_level = level;
105
113
  return true;
106
114
  }
107
115
 
@@ -111,6 +119,7 @@ static const SSL_PROTOCOL_METHOD kDTLSProtocolMethod = {
111
119
  dtls1_free,
112
120
  dtls1_get_message,
113
121
  dtls1_next_message,
122
+ dtls_has_unprocessed_handshake_data,
114
123
  dtls1_open_handshake,
115
124
  dtls1_open_change_cipher_spec,
116
125
  dtls1_open_app_data,
@@ -24,6 +24,17 @@ BSSL_NAMESPACE_BEGIN
24
24
  constexpr int kHandoffVersion = 0;
25
25
  constexpr int kHandbackVersion = 0;
26
26
 
27
+ // early_data_t represents the state of early data in a more compact way than
28
+ // the 3 bits used by the implementation.
29
+ enum early_data_t {
30
+ early_data_not_offered = 0,
31
+ early_data_accepted = 1,
32
+ early_data_rejected_hrr = 2,
33
+ early_data_skipped = 3,
34
+
35
+ early_data_max_value = early_data_skipped,
36
+ };
37
+
27
38
  // serialize_features adds a description of features supported by this binary to
28
39
  // |out|. Returns true on success and false on error.
29
40
  static bool serialize_features(CBB *out) {
@@ -246,9 +257,10 @@ bool SSL_serialize_handback(const SSL *ssl, CBB *out) {
246
257
  case state12_finish_server_handshake:
247
258
  type = handback_after_handshake;
248
259
  break;
249
- // The outer state machine is always in |state12_tls13| for a TLS 1.3
250
- // handshake as TLS 1.3 uses |tls13_state|.
251
260
  case state12_tls13:
261
+ if (hs->tls13_state != state13_send_half_rtt_ticket) {
262
+ return false;
263
+ }
252
264
  type = handback_tls13;
253
265
  break;
254
266
  default:
@@ -261,8 +273,7 @@ bool SSL_serialize_handback(const SSL *ssl, CBB *out) {
261
273
  }
262
274
 
263
275
  Span<const uint8_t> transcript;
264
- if (type == handback_after_ecdhe ||
265
- type == handback_after_session_resumption || type == handback_tls13) {
276
+ if (type != handback_after_handshake) {
266
277
  transcript = s3->hs->transcript.buffer();
267
278
  }
268
279
  size_t write_iv_len = 0;
@@ -332,6 +343,27 @@ bool SSL_serialize_handback(const SSL *ssl, CBB *out) {
332
343
  return false;
333
344
  }
334
345
  if (type == handback_tls13) {
346
+ early_data_t early_data;
347
+ // Check early data invariants.
348
+ if (ssl->enable_early_data ==
349
+ (s3->early_data_reason == ssl_early_data_disabled)) {
350
+ return false;
351
+ }
352
+ if (hs->early_data_offered) {
353
+ if (s3->early_data_accepted && !s3->skip_early_data) {
354
+ early_data = early_data_accepted;
355
+ } else if (!s3->early_data_accepted && !s3->skip_early_data) {
356
+ early_data = early_data_rejected_hrr;
357
+ } else if (!s3->early_data_accepted && s3->skip_early_data) {
358
+ early_data = early_data_skipped;
359
+ } else {
360
+ return false;
361
+ }
362
+ } else if (!s3->early_data_accepted && !s3->skip_early_data) {
363
+ early_data = early_data_not_offered;
364
+ } else {
365
+ return false;
366
+ }
335
367
  if (!CBB_add_asn1_octet_string(&seq, hs->client_traffic_secret_0().data(),
336
368
  hs->client_traffic_secret_0().size()) ||
337
369
  !CBB_add_asn1_octet_string(&seq, hs->server_traffic_secret_0().data(),
@@ -346,13 +378,28 @@ bool SSL_serialize_handback(const SSL *ssl, CBB *out) {
346
378
  s3->exporter_secret_len) ||
347
379
  !CBB_add_asn1_bool(&seq, s3->used_hello_retry_request) ||
348
380
  !CBB_add_asn1_bool(&seq, hs->accept_psk_mode) ||
349
- !CBB_add_asn1_int64(&seq, s3->ticket_age_skew)) {
381
+ !CBB_add_asn1_int64(&seq, s3->ticket_age_skew) ||
382
+ !CBB_add_asn1_uint64(&seq, s3->early_data_reason) ||
383
+ !CBB_add_asn1_uint64(&seq, early_data)) {
384
+ return false;
385
+ }
386
+ if (early_data == early_data_accepted &&
387
+ !CBB_add_asn1_octet_string(&seq, hs->early_traffic_secret().data(),
388
+ hs->early_traffic_secret().size())) {
350
389
  return false;
351
390
  }
352
391
  }
353
392
  return CBB_flush(out);
354
393
  }
355
394
 
395
+ static bool CopyExact(Span<uint8_t> out, const CBS *in) {
396
+ if (CBS_len(in) != out.size()) {
397
+ return false;
398
+ }
399
+ OPENSSL_memcpy(out.data(), CBS_data(in), out.size());
400
+ return true;
401
+ }
402
+
356
403
  bool SSL_apply_handback(SSL *ssl, Span<const uint8_t> handback) {
357
404
  if (ssl->do_handshake != nullptr ||
358
405
  ssl->method->is_dtls) {
@@ -360,7 +407,7 @@ bool SSL_apply_handback(SSL *ssl, Span handback) {
360
407
  }
361
408
 
362
409
  SSL3_STATE *const s3 = ssl->s3;
363
- uint64_t handback_version, negotiated_token_binding_param, cipher, type;
410
+ uint64_t handback_version, negotiated_token_binding_param, cipher, type_u64;
364
411
 
365
412
  CBS seq, read_seq, write_seq, server_rand, client_rand, read_iv, write_iv,
366
413
  next_proto, alpn, hostname, channel_id, transcript, key_share;
@@ -372,10 +419,12 @@ bool SSL_apply_handback(SSL *ssl, Span handback) {
372
419
  if (!CBS_get_asn1(&handback_cbs, &seq, CBS_ASN1_SEQUENCE) ||
373
420
  !CBS_get_asn1_uint64(&seq, &handback_version) ||
374
421
  handback_version != kHandbackVersion ||
375
- !CBS_get_asn1_uint64(&seq, &type)) {
422
+ !CBS_get_asn1_uint64(&seq, &type_u64) ||
423
+ type_u64 > handback_max_value) {
376
424
  return false;
377
425
  }
378
426
 
427
+ handback_t type = static_cast<handback_t>(type_u64);
379
428
  if (!CBS_get_asn1(&seq, &read_seq, CBS_ASN1_OCTETSTRING) ||
380
429
  CBS_len(&read_seq) != sizeof(s3->read_sequence) ||
381
430
  !CBS_get_asn1(&seq, &write_seq, CBS_ASN1_OCTETSTRING) ||
@@ -432,9 +481,10 @@ bool SSL_apply_handback(SSL *ssl, Span handback) {
432
481
  return false;
433
482
  }
434
483
  CBS client_handshake_secret, server_handshake_secret, client_traffic_secret_0,
435
- server_traffic_secret_0, secret, exporter_secret;
484
+ server_traffic_secret_0, secret, exporter_secret, early_traffic_secret;
436
485
  if (type == handback_tls13) {
437
486
  int used_hello_retry_request, accept_psk_mode;
487
+ uint64_t early_data, early_data_reason;
438
488
  int64_t ticket_age_skew;
439
489
  if (!CBS_get_asn1(&seq, &client_traffic_secret_0, CBS_ASN1_OCTETSTRING) ||
440
490
  !CBS_get_asn1(&seq, &server_traffic_secret_0, CBS_ASN1_OCTETSTRING) ||
@@ -444,7 +494,16 @@ bool SSL_apply_handback(SSL *ssl, Span handback) {
444
494
  !CBS_get_asn1(&seq, &exporter_secret, CBS_ASN1_OCTETSTRING) ||
445
495
  !CBS_get_asn1_bool(&seq, &used_hello_retry_request) ||
446
496
  !CBS_get_asn1_bool(&seq, &accept_psk_mode) ||
447
- !CBS_get_asn1_int64(&seq, &ticket_age_skew)) {
497
+ !CBS_get_asn1_int64(&seq, &ticket_age_skew) ||
498
+ !CBS_get_asn1_uint64(&seq, &early_data_reason) ||
499
+ early_data_reason > ssl_early_data_reason_max_value ||
500
+ !CBS_get_asn1_uint64(&seq, &early_data) ||
501
+ early_data > early_data_max_value) {
502
+ return false;
503
+ }
504
+ early_data_t early_data_type = static_cast<early_data_t>(early_data);
505
+ if (early_data_type == early_data_accepted &&
506
+ !CBS_get_asn1(&seq, &early_traffic_secret, CBS_ASN1_OCTETSTRING)) {
448
507
  return false;
449
508
  }
450
509
  if (ticket_age_skew > std::numeric_limits<int32_t>::max() ||
@@ -454,6 +513,35 @@ bool SSL_apply_handback(SSL *ssl, Span handback) {
454
513
  s3->ticket_age_skew = static_cast<int32_t>(ticket_age_skew);
455
514
  s3->used_hello_retry_request = used_hello_retry_request;
456
515
  hs->accept_psk_mode = accept_psk_mode;
516
+
517
+ s3->early_data_reason =
518
+ static_cast<ssl_early_data_reason_t>(early_data_reason);
519
+ ssl->enable_early_data = s3->early_data_reason != ssl_early_data_disabled;
520
+ s3->skip_early_data = false;
521
+ s3->early_data_accepted = false;
522
+ hs->early_data_offered = false;
523
+ switch (early_data_type) {
524
+ case early_data_not_offered:
525
+ break;
526
+ case early_data_accepted:
527
+ s3->early_data_accepted = true;
528
+ hs->early_data_offered = true;
529
+ hs->can_early_write = true;
530
+ hs->can_early_read = true;
531
+ hs->in_early_data = true;
532
+ break;
533
+ case early_data_rejected_hrr:
534
+ hs->early_data_offered = true;
535
+ break;
536
+ case early_data_skipped:
537
+ s3->skip_early_data = true;
538
+ hs->early_data_offered = true;
539
+ break;
540
+ default:
541
+ return false;
542
+ }
543
+ } else {
544
+ s3->early_data_reason = ssl_early_data_protocol_version;
457
545
  }
458
546
 
459
547
  ssl->version = session->ssl_version;
@@ -484,7 +572,7 @@ bool SSL_apply_handback(SSL *ssl, Span handback) {
484
572
  break;
485
573
  case handback_tls13:
486
574
  hs->state = state12_tls13;
487
- hs->tls13_state = state13_read_client_certificate;
575
+ hs->tls13_state = state13_send_half_rtt_ticket;
488
576
  break;
489
577
  default:
490
578
  return false;
@@ -515,72 +603,73 @@ bool SSL_apply_handback(SSL *ssl, Span handback) {
515
603
  s3->aead_write_ctx->SetVersionIfNullCipher(ssl->version);
516
604
  hs->cert_request = cert_request;
517
605
 
518
- // TODO(davidben): When handoff for TLS 1.3 is added, serialize
519
- // |early_data_reason| and stabilize the constants.
520
- s3->early_data_reason = ssl_early_data_protocol_version;
521
-
522
- if ((type == handback_after_ecdhe ||
523
- type == handback_after_session_resumption || type == handback_tls13) &&
606
+ if (type != handback_after_handshake &&
524
607
  (!hs->transcript.Init() ||
525
608
  !hs->transcript.InitHash(ssl_protocol_version(ssl), hs->new_cipher) ||
526
609
  !hs->transcript.Update(transcript))) {
527
610
  return false;
528
611
  }
529
612
  if (type == handback_tls13) {
530
- const size_t digest_len = hs->transcript.DigestLen();
531
- if (digest_len != CBS_len(&client_traffic_secret_0) ||
532
- digest_len != CBS_len(&server_traffic_secret_0) ||
533
- digest_len != CBS_len(&client_handshake_secret) ||
534
- digest_len != CBS_len(&server_handshake_secret) ||
535
- digest_len != CBS_len(&secret)) {
613
+ hs->ResizeSecrets(hs->transcript.DigestLen());
614
+ if (!CopyExact(hs->client_traffic_secret_0(), &client_traffic_secret_0) ||
615
+ !CopyExact(hs->server_traffic_secret_0(), &server_traffic_secret_0) ||
616
+ !CopyExact(hs->client_handshake_secret(), &client_handshake_secret) ||
617
+ !CopyExact(hs->server_handshake_secret(), &server_handshake_secret) ||
618
+ !CopyExact(hs->secret(), &secret) ||
619
+ !CopyExact({s3->exporter_secret, hs->transcript.DigestLen()},
620
+ &exporter_secret)) {
536
621
  return false;
537
622
  }
538
- hs->ResizeSecrets(digest_len);
539
- memcpy(hs->client_traffic_secret_0().data(),
540
- CBS_data(&client_traffic_secret_0), digest_len);
541
- memcpy(hs->server_traffic_secret_0().data(),
542
- CBS_data(&server_traffic_secret_0), digest_len);
543
- memcpy(hs->client_handshake_secret().data(),
544
- CBS_data(&client_handshake_secret), digest_len);
545
- memcpy(hs->server_handshake_secret().data(),
546
- CBS_data(&server_handshake_secret), digest_len);
547
- memcpy(hs->secret().data(), CBS_data(&secret), digest_len);
548
-
549
- if (digest_len != CBS_len(&exporter_secret)) {
623
+ s3->exporter_secret_len = CBS_len(&exporter_secret);
624
+
625
+ if (s3->early_data_accepted &&
626
+ !CopyExact(hs->early_traffic_secret(), &early_traffic_secret)) {
550
627
  return false;
551
628
  }
552
- memcpy(s3->exporter_secret, CBS_data(&exporter_secret), digest_len);
553
- s3->exporter_secret_len = digest_len;
554
629
  }
555
630
  Array<uint8_t> key_block;
556
- if ((type == handback_after_session_resumption ||
557
- type == handback_after_handshake) &&
558
- (!tls1_configure_aead(ssl, evp_aead_seal, &key_block, session->cipher,
559
- write_iv) ||
560
- !CBS_copy_bytes(&write_seq, s3->write_sequence,
561
- sizeof(s3->write_sequence)))) {
562
- return false;
563
- }
564
- if (type == handback_after_handshake &&
565
- (!tls1_configure_aead(ssl, evp_aead_open, &key_block, session->cipher,
566
- read_iv) ||
567
- !CBS_copy_bytes(&read_seq, s3->read_sequence,
568
- sizeof(s3->read_sequence)))) {
569
- return false;
631
+ switch (type) {
632
+ case handback_after_session_resumption:
633
+ // The write keys are installed after server Finished, but the client
634
+ // keys must wait for ChangeCipherSpec.
635
+ if (!tls1_configure_aead(ssl, evp_aead_seal, &key_block, session->cipher,
636
+ write_iv)) {
637
+ return false;
638
+ }
639
+ break;
640
+ case handback_after_ecdhe:
641
+ // The premaster secret is not yet computed, so install no keys.
642
+ break;
643
+ case handback_after_handshake:
644
+ // The handshake is complete, so both keys are installed.
645
+ if (!tls1_configure_aead(ssl, evp_aead_seal, &key_block, session->cipher,
646
+ write_iv) ||
647
+ !tls1_configure_aead(ssl, evp_aead_open, &key_block, session->cipher,
648
+ read_iv)) {
649
+ return false;
650
+ }
651
+ break;
652
+ case handback_tls13:
653
+ // After server Finished, the application write keys are installed, but
654
+ // none of the read keys. The read keys are installed in the state machine
655
+ // immediately after processing handback.
656
+ if (!tls13_set_traffic_key(ssl, ssl_encryption_application, evp_aead_seal,
657
+ hs->new_session.get(),
658
+ hs->server_traffic_secret_0())) {
659
+ return false;
660
+ }
661
+ break;
570
662
  }
571
- if (type == handback_tls13 &&
572
- (!tls13_set_traffic_key(ssl, ssl_encryption_handshake, evp_aead_open,
573
- hs->client_handshake_secret()) ||
574
- !tls13_set_traffic_key(ssl, ssl_encryption_application, evp_aead_seal,
575
- hs->server_traffic_secret_0()))) {
663
+ if (!CopyExact({s3->read_sequence, sizeof(s3->read_sequence)}, &read_seq) ||
664
+ !CopyExact({s3->write_sequence, sizeof(s3->write_sequence)},
665
+ &write_seq)) {
576
666
  return false;
577
667
  }
578
668
  if (type == handback_after_ecdhe &&
579
669
  (hs->key_shares[0] = SSLKeyShare::Create(&key_share)) == nullptr) {
580
670
  return false;
581
671
  }
582
-
583
- return CBS_len(&seq) == 0;
672
+ return true; // Trailing data allowed for extensibility.
584
673
  }
585
674
 
586
675
  BSSL_NAMESPACE_END