grpc 1.30.0 → 1.46.3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +1497 -18376
- data/etc/roots.pem +592 -899
- data/include/grpc/byte_buffer.h +1 -1
- data/include/grpc/byte_buffer_reader.h +1 -1
- data/include/grpc/compression.h +1 -1
- data/include/grpc/event_engine/README.md +38 -0
- data/include/grpc/event_engine/endpoint_config.h +43 -0
- data/include/grpc/event_engine/event_engine.h +399 -0
- data/include/grpc/event_engine/internal/memory_allocator_impl.h +68 -0
- data/include/grpc/event_engine/memory_allocator.h +226 -0
- data/include/grpc/event_engine/memory_request.h +57 -0
- data/include/grpc/event_engine/port.h +39 -0
- data/include/grpc/fork.h +1 -1
- data/include/grpc/grpc.h +90 -25
- data/include/grpc/grpc_posix.h +22 -18
- data/include/grpc/grpc_security.h +563 -315
- data/include/grpc/grpc_security_constants.h +20 -14
- data/include/grpc/impl/codegen/README.md +22 -0
- data/include/grpc/impl/codegen/atm.h +5 -3
- data/include/grpc/impl/codegen/atm_gcc_atomic.h +2 -0
- data/include/grpc/impl/codegen/atm_gcc_sync.h +2 -0
- data/include/grpc/impl/codegen/atm_windows.h +6 -0
- data/include/grpc/impl/codegen/byte_buffer.h +3 -1
- data/include/grpc/impl/codegen/byte_buffer_reader.h +2 -0
- data/include/grpc/impl/codegen/compression_types.h +2 -2
- data/include/grpc/impl/codegen/connectivity_state.h +2 -0
- data/include/grpc/impl/codegen/fork.h +2 -0
- data/include/grpc/impl/codegen/gpr_slice.h +2 -0
- data/include/grpc/impl/codegen/gpr_types.h +2 -0
- data/include/grpc/impl/codegen/grpc_types.h +84 -53
- data/include/grpc/impl/codegen/log.h +2 -2
- data/include/grpc/impl/codegen/port_platform.h +100 -97
- data/include/grpc/impl/codegen/propagation_bits.h +2 -0
- data/include/grpc/impl/codegen/slice.h +6 -1
- data/include/grpc/impl/codegen/status.h +2 -0
- data/include/grpc/impl/codegen/sync.h +8 -5
- data/include/grpc/impl/codegen/sync_abseil.h +2 -0
- data/include/grpc/impl/codegen/sync_custom.h +2 -0
- data/include/grpc/impl/codegen/sync_generic.h +3 -0
- data/include/grpc/impl/codegen/sync_posix.h +4 -2
- data/include/grpc/impl/codegen/sync_windows.h +6 -0
- data/include/grpc/module.modulemap +14 -14
- data/include/grpc/slice.h +1 -12
- data/include/grpc/slice_buffer.h +3 -3
- data/include/grpc/status.h +1 -1
- data/include/grpc/support/atm.h +1 -1
- data/include/grpc/support/atm_gcc_atomic.h +1 -1
- data/include/grpc/support/atm_gcc_sync.h +1 -1
- data/include/grpc/support/atm_windows.h +1 -1
- data/include/grpc/support/log.h +1 -1
- data/include/grpc/support/port_platform.h +1 -1
- data/include/grpc/support/sync.h +4 -4
- data/include/grpc/support/sync_abseil.h +1 -1
- data/include/grpc/support/sync_custom.h +1 -1
- data/include/grpc/support/sync_generic.h +1 -1
- data/include/grpc/support/sync_posix.h +1 -1
- data/include/grpc/support/sync_windows.h +1 -1
- data/include/grpc/support/time.h +9 -9
- data/src/core/ext/filters/census/grpc_context.cc +1 -0
- data/src/core/ext/filters/channel_idle/channel_idle_filter.cc +309 -0
- data/src/core/ext/filters/channel_idle/channel_idle_filter.h +122 -0
- data/src/core/ext/filters/channel_idle/idle_filter_state.cc +96 -0
- data/src/core/ext/filters/channel_idle/idle_filter_state.h +66 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +33 -35
- data/src/core/ext/filters/client_channel/backend_metric.h +4 -3
- data/src/core/ext/filters/client_channel/backup_poller.cc +20 -14
- data/src/core/ext/filters/client_channel/backup_poller.h +1 -0
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +158 -202
- data/src/core/ext/filters/client_channel/client_channel.cc +2284 -3096
- data/src/core/ext/filters/client_channel/client_channel.h +566 -63
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +6 -5
- data/src/core/ext/filters/client_channel/client_channel_channelz.h +2 -5
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +2 -1
- data/src/core/ext/filters/client_channel/client_channel_factory.h +18 -19
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +19 -22
- data/src/core/ext/filters/client_channel/config_selector.cc +59 -0
- data/src/core/ext/filters/client_channel/config_selector.h +145 -0
- data/src/core/ext/filters/client_channel/connector.h +20 -20
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +189 -0
- data/src/core/ext/filters/client_channel/dynamic_filters.h +99 -0
- data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +27 -143
- data/src/core/ext/filters/client_channel/global_subchannel_pool.h +16 -24
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +129 -572
- data/src/core/ext/filters/client_channel/health/health_check_client.h +24 -158
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +60 -62
- data/src/core/ext/filters/client_channel/http_connect_handshaker.h +10 -2
- data/src/core/ext/filters/client_channel/http_proxy.cc +113 -117
- data/src/core/ext/filters/client_channel/http_proxy.h +17 -0
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +52 -38
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +12 -9
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +16 -9
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +12 -24
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +519 -388
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +3 -6
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +1 -14
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +1 -4
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +4 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +6 -5
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +20 -21
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +4 -4
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +106 -75
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +307 -211
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +804 -0
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +37 -0
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2542 -0
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +84 -84
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +32 -49
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +138 -96
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +443 -156
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +52 -24
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +29 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +872 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +710 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +1215 -0
- data/src/core/ext/filters/client_channel/lb_policy.cc +23 -29
- data/src/core/ext/filters/client_channel/lb_policy.h +178 -142
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +2 -1
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +13 -10
- data/src/core/ext/filters/client_channel/lb_policy_registry.h +1 -1
- data/src/core/ext/filters/client_channel/local_subchannel_pool.cc +27 -67
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +10 -9
- data/src/core/ext/filters/client_channel/resolver/binder/binder_resolver.cc +133 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +304 -339
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +22 -42
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_event_engine.cc +31 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +31 -24
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +58 -72
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +524 -230
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +44 -26
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_event_engine.cc +28 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +98 -247
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +60 -62
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +10 -7
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +400 -0
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +201 -0
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +106 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +71 -63
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +983 -101
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +28 -0
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +57 -314
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +40 -62
- data/src/core/ext/filters/client_channel/retry_filter.cc +2655 -0
- data/src/core/ext/filters/client_channel/retry_filter.h +30 -0
- data/src/core/ext/filters/client_channel/retry_service_config.cc +314 -0
- data/src/core/ext/filters/client_channel/retry_service_config.h +102 -0
- data/src/core/ext/filters/client_channel/retry_throttle.cc +17 -60
- data/src/core/ext/filters/client_channel/retry_throttle.h +15 -7
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +157 -0
- data/src/core/ext/filters/client_channel/subchannel.cc +284 -397
- data/src/core/ext/filters/client_channel/subchannel.h +116 -161
- data/src/core/ext/filters/client_channel/subchannel_interface.h +41 -5
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +38 -9
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +27 -12
- data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +544 -0
- data/src/core/ext/filters/client_channel/subchannel_stream_client.h +214 -0
- data/src/core/ext/filters/deadline/deadline_filter.cc +120 -114
- data/src/core/ext/filters/deadline/deadline_filter.h +9 -12
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +258 -0
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +62 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.cc +179 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.h +91 -0
- data/src/core/ext/filters/http/client/http_client_filter.cc +84 -539
- data/src/core/ext/filters/http/client/http_client_filter.h +21 -4
- data/src/core/ext/filters/http/client_authority_filter.cc +39 -103
- data/src/core/ext/filters/http/client_authority_filter.h +24 -5
- data/src/core/ext/filters/http/http_filters_plugin.cc +55 -69
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +67 -157
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +103 -75
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.h +3 -1
- data/src/core/ext/filters/http/server/http_server_filter.cc +89 -295
- data/src/core/ext/filters/message_size/message_size_filter.cc +101 -130
- data/src/core/ext/filters/message_size/message_size_filter.h +17 -3
- data/src/core/ext/filters/rbac/rbac_filter.cc +162 -0
- data/src/core/ext/filters/rbac/rbac_filter.h +76 -0
- data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +606 -0
- data/src/core/ext/filters/rbac/rbac_service_config_parser.h +75 -0
- data/src/core/ext/filters/server_config_selector/server_config_selector.cc +61 -0
- data/src/core/ext/filters/server_config_selector/server_config_selector.h +71 -0
- data/src/core/ext/filters/server_config_selector/server_config_selector_filter.cc +143 -0
- data/src/core/ext/filters/server_config_selector/server_config_selector_filter.h +32 -0
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +2 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +335 -46
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +22 -5
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +1005 -355
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +16 -2
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +11 -9
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +2 -1
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +1 -0
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +807 -778
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +24 -5
- data/src/core/ext/transport/chttp2/transport/context_list.cc +4 -6
- data/src/core/ext/transport/chttp2/transport/context_list.h +4 -6
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +89 -67
- data/src/core/ext/transport/chttp2/transport/flow_control.h +52 -38
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +30 -30
- data/src/core/ext/transport/chttp2/transport/frame_data.h +11 -10
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +25 -25
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +7 -6
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +19 -20
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +8 -6
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +23 -22
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +7 -6
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +55 -22
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +9 -7
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +25 -25
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +5 -6
- data/src/core/ext/transport/chttp2/transport/hpack_constants.h +41 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +516 -749
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +183 -71
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +86 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +71 -0
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +814 -1196
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +101 -83
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +239 -0
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +115 -0
- data/src/core/ext/transport/chttp2/transport/internal.h +79 -78
- data/src/core/ext/transport/chttp2/transport/parsing.cc +177 -327
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/varint.cc +13 -7
- data/src/core/ext/transport/chttp2/transport/varint.h +39 -28
- data/src/core/ext/transport/chttp2/transport/writing.cc +145 -190
- data/src/core/ext/transport/inproc/inproc_plugin.cc +0 -4
- data/src/core/ext/transport/inproc/inproc_transport.cc +262 -237
- data/src/core/ext/transport/inproc/inproc_transport.h +1 -4
- data/src/core/ext/upb-generated/envoy/admin/v3/certs.upb.c +117 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/certs.upb.h +482 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/clusters.upb.c +121 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/clusters.upb.h +553 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +444 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +2156 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/init_dump.upb.c +56 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/init_dump.upb.h +151 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/listeners.upb.c +62 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/listeners.upb.h +160 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/memory.upb.c +46 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/memory.upb.h +124 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/metrics.upb.c +43 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/metrics.upb.h +102 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/mutex_stats.upb.c +43 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/mutex_stats.upb.h +97 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/server_info.upb.c +106 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/server_info.upb.h +605 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/tap.upb.c +48 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/tap.upb.h +103 -0
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.c +44 -1
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +53 -2
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +31 -5
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +59 -14
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +270 -0
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +1240 -0
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +411 -0
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +2161 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +95 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +382 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +543 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +2961 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +48 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +103 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +89 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +545 -0
- data/src/core/ext/upb-generated/envoy/config/common/matcher/v3/matcher.upb.c +299 -0
- data/src/core/ext/upb-generated/envoy/config/common/matcher/v3/matcher.upb.h +1381 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +145 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +636 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +49 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +116 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +419 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +1783 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +163 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +778 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +47 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +100 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +47 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +103 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_method_list.upb.c +58 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_method_list.upb.h +151 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +269 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +1277 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +220 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +1219 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +49 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +122 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +322 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +1686 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +40 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +84 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.c +60 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.h +169 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +47 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +144 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +56 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +178 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.c +48 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.h +118 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +106 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +348 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +144 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +623 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +129 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +568 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +46 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +94 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +165 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +886 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +186 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +941 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +63 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +234 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +56 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +154 -0
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/metrics_service.upb.c +53 -0
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/metrics_service.upb.h +136 -0
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +165 -0
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +716 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +174 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +721 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +209 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +1008 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +101 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +443 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +1051 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +5956 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +79 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +255 -0
- data/src/core/ext/upb-generated/envoy/config/tap/v3/common.upb.c +222 -0
- data/src/core/ext/upb-generated/envoy/config/tap/v3/common.upb.h +1052 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/datadog.upb.c +44 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/datadog.upb.h +88 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/dynamic_ot.upb.c +49 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/dynamic_ot.upb.h +103 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +63 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +167 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/lightstep.upb.c +52 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/lightstep.upb.h +134 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opencensus.upb.c +63 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opencensus.upb.h +250 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/service.upb.c +47 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/service.upb.h +94 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/skywalking.upb.c +69 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/skywalking.upb.h +213 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/trace.upb.c +32 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/trace.upb.h +42 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/xray.upb.c +71 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/xray.upb.h +218 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/zipkin.upb.c +54 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/zipkin.upb.h +146 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +42 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +85 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +96 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +375 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +94 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +433 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/rbac/v3/rbac.upb.c +64 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/rbac/v3/rbac.upb.h +183 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +55 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +168 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +463 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +2606 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +28 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +38 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +175 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +880 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +88 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +308 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +191 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +1035 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.c +62 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.h +160 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +38 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +70 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +165 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +755 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +68 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +210 -0
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +138 -0
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +631 -0
- data/src/core/ext/upb-generated/envoy/type/http/v3/cookie.upb.c +48 -0
- data/src/core/ext/upb-generated/envoy/type/http/v3/cookie.upb.h +112 -0
- data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.c +76 -0
- data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.h +249 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +74 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +214 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +62 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +188 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +49 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +117 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +48 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +113 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +47 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +100 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +80 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +234 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +67 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +218 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +60 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +170 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +78 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +294 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +107 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +429 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +107 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +419 -0
- data/src/core/ext/upb-generated/envoy/type/v3/hash_policy.upb.c +66 -0
- data/src/core/ext/upb-generated/envoy/type/v3/hash_policy.upb.h +201 -0
- data/src/core/ext/upb-generated/envoy/type/v3/http.upb.c +26 -0
- data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +39 -0
- data/src/core/ext/upb-generated/envoy/type/v3/http_status.upb.c +42 -0
- data/src/core/ext/upb-generated/envoy/type/v3/http_status.upb.h +139 -0
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +54 -0
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +139 -0
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +66 -0
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +196 -0
- data/src/core/ext/upb-generated/envoy/type/v3/ratelimit_unit.upb.c +26 -0
- data/src/core/ext/upb-generated/envoy/type/v3/ratelimit_unit.upb.h +41 -0
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +43 -0
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +97 -0
- data/src/core/ext/upb-generated/envoy/type/v3/token_bucket.upb.c +51 -0
- data/src/core/ext/upb-generated/envoy/type/v3/token_bucket.upb.h +127 -0
- data/src/core/ext/upb-generated/google/api/annotations.upb.c +23 -1
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +25 -2
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +271 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +1236 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +283 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +1338 -0
- data/src/core/ext/upb-generated/google/api/http.upb.c +44 -29
- data/src/core/ext/upb-generated/google/api/http.upb.h +241 -100
- data/src/core/ext/upb-generated/google/api/httpbody.upb.c +46 -0
- data/src/core/ext/upb-generated/google/api/httpbody.upb.h +111 -0
- data/src/core/ext/upb-generated/google/protobuf/any.upb.c +19 -6
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +48 -18
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +374 -283
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +2368 -969
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +19 -6
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +46 -16
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +16 -3
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +31 -11
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +48 -32
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +203 -101
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +19 -6
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +46 -16
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +58 -37
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +313 -112
- data/src/core/ext/upb-generated/google/rpc/status.upb.c +22 -9
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +63 -26
- data/src/core/ext/upb-generated/opencensus/proto/trace/v1/trace_config.upb.c +84 -0
- data/src/core/ext/upb-generated/opencensus/proto/trace/v1/trace_config.upb.h +319 -0
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +33 -19
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +118 -60
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +136 -108
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +777 -337
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +28 -13
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +99 -34
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +23 -9
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +74 -27
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +82 -62
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +460 -184
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.c +70 -0
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.h +208 -0
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls_config.upb.c +175 -0
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls_config.upb.h +764 -0
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +76 -14
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +217 -43
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +55 -0
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +108 -0
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.c +22 -1
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +18 -2
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +32 -6
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +66 -16
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +53 -0
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +99 -0
- data/src/core/ext/upb-generated/validate/validate.upb.c +407 -295
- data/src/core/ext/upb-generated/validate/validate.upb.h +3024 -1084
- data/src/core/ext/upb-generated/xds/annotations/v3/migrate.upb.c +110 -0
- data/src/core/ext/upb-generated/xds/annotations/v3/migrate.upb.h +278 -0
- data/src/core/ext/upb-generated/xds/annotations/v3/security.upb.c +55 -0
- data/src/core/ext/upb-generated/xds/annotations/v3/security.upb.h +108 -0
- data/src/core/ext/upb-generated/xds/annotations/v3/sensitive.upb.c +38 -0
- data/src/core/ext/upb-generated/xds/annotations/v3/sensitive.upb.h +46 -0
- data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.c +105 -0
- data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.h +290 -0
- data/src/core/ext/upb-generated/xds/annotations/v3/versioning.upb.c +53 -0
- data/src/core/ext/upb-generated/xds/annotations/v3/versioning.upb.h +99 -0
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.c +41 -0
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +79 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +66 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +200 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +56 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +115 -0
- data/src/core/ext/upb-generated/xds/core/v3/extension.upb.c +46 -0
- data/src/core/ext/upb-generated/xds/core/v3/extension.upb.h +103 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +49 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +127 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +68 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +240 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +49 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +121 -0
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +73 -0
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +187 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/matcher.upb.c +207 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/matcher.upb.h +878 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/regex.upb.c +52 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/regex.upb.h +143 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/string.upb.c +65 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/string.upb.h +218 -0
- data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.c +46 -0
- data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.h +103 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/certs.upbdefs.c +84 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/certs.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/clusters.upbdefs.c +127 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/clusters.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.c +309 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.h +140 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/init_dump.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/init_dump.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/listeners.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/listeners.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/memory.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/memory.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/metrics.upbdefs.c +46 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/metrics.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/mutex_stats.upbdefs.c +46 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/mutex_stats.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/server_info.upbdefs.c +142 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/server_info.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/tap.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/tap.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +48 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +38 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +222 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +105 -0
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +393 -0
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +120 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +98 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +557 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +155 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +138 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/common/matcher/v3/matcher.upbdefs.c +206 -0
- data/src/core/ext/upbdefs-generated/envoy/config/common/matcher/v3/matcher.upbdefs.h +105 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +112 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +267 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +150 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +168 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +47 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_method_list.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_method_list.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +235 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +228 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +75 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +298 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +110 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +41 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/resolver.upbdefs.c +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/resolver.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +57 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/udp_socket_config.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/udp_socket_config.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +99 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +128 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +136 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +48 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +197 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +190 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +88 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +63 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/metrics_service.upbdefs.c +69 -0
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/metrics_service.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.c +125 -0
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +134 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +75 -0
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +190 -0
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +115 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +896 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +295 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +77 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/tap/v3/common.upbdefs.c +188 -0
- data/src/core/ext/upbdefs-generated/envoy/config/tap/v3/common.upbdefs.h +85 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/datadog.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/datadog.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/dynamic_ot.upbdefs.c +57 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/dynamic_ot.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +57 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/lightstep.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/lightstep.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opencensus.upbdefs.c +99 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opencensus.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/service.upbdefs.c +52 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/service.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/skywalking.upbdefs.c +71 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/skywalking.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/trace.upbdefs.c +57 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/trace.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/xray.upbdefs.c +75 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/xray.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/zipkin.upbdefs.c +77 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/zipkin.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +92 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +117 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +78 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +551 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +130 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +48 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +210 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +91 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +254 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.c +58 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +58 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +128 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +76 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +153 -0
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/type/http/v3/cookie.upbdefs.c +46 -0
- data/src/core/ext/upbdefs-generated/envoy/type/http/v3/cookie.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/http/v3/path_transformation.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/type/http/v3/path_transformation.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +52 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +52 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +70 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +65 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.c +58 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +75 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +78 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +85 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/hash_policy.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/hash_policy.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +36 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http_status.upbdefs.c +94 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http_status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +48 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/ratelimit_unit.upbdefs.c +38 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/ratelimit_unit.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +44 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/token_bucket.upbdefs.c +57 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/token_bucket.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/google/api/expr/v1alpha1/checked.upbdefs.c +154 -0
- data/src/core/ext/upbdefs-generated/google/api/expr/v1alpha1/checked.upbdefs.h +95 -0
- data/src/core/ext/upbdefs-generated/google/api/expr/v1alpha1/syntax.upbdefs.c +153 -0
- data/src/core/ext/upbdefs-generated/google/api/expr/v1alpha1/syntax.upbdefs.h +100 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +52 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/google/api/httpbody.upbdefs.c +39 -0
- data/src/core/ext/upbdefs-generated/google/api/httpbody.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +34 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +329 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +165 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +32 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +75 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +37 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/opencensus/proto/trace/v1/trace_config.upbdefs.c +67 -0
- data/src/core/ext/upbdefs-generated/opencensus/proto/trace/v1/trace_config.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/src/proto/grpc/lookup/v1/rls_config.upbdefs.c +99 -0
- data/src/core/ext/upbdefs-generated/src/proto/grpc/lookup/v1/rls_config.upbdefs.h +75 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +47 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +34 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +46 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +39 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +283 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +145 -0
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/migrate.upbdefs.c +63 -0
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/migrate.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/security.upbdefs.c +47 -0
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/security.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/sensitive.upbdefs.c +35 -0
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/sensitive.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/status.upbdefs.c +64 -0
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/status.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/versioning.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/versioning.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +38 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +39 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/extension.upbdefs.c +41 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/extension.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +46 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/matcher.upbdefs.c +126 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/matcher.upbdefs.h +80 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.c +52 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.h +35 -0
- data/src/core/ext/xds/certificate_provider_factory.h +61 -0
- data/src/core/ext/xds/certificate_provider_registry.cc +103 -0
- data/src/core/ext/xds/certificate_provider_registry.h +57 -0
- data/src/core/ext/xds/certificate_provider_store.cc +95 -0
- data/src/core/ext/xds/certificate_provider_store.h +121 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +144 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +69 -0
- data/src/core/ext/xds/upb_utils.h +67 -0
- data/src/core/ext/xds/xds_api.cc +730 -0
- data/src/core/ext/xds/xds_api.h +191 -0
- data/src/core/ext/xds/xds_bootstrap.cc +570 -0
- data/src/core/ext/xds/xds_bootstrap.h +143 -0
- data/src/core/ext/xds/xds_certificate_provider.cc +407 -0
- data/src/core/ext/xds/xds_certificate_provider.h +159 -0
- data/src/core/ext/xds/xds_channel_args.h +32 -0
- data/src/core/ext/xds/xds_channel_stack_modifier.cc +109 -0
- data/src/core/ext/xds/xds_channel_stack_modifier.h +53 -0
- data/src/core/ext/xds/xds_client.cc +2512 -0
- data/src/core/ext/xds/xds_client.h +348 -0
- data/src/core/ext/xds/xds_client_stats.cc +160 -0
- data/src/core/ext/xds/xds_client_stats.h +241 -0
- data/src/core/ext/xds/xds_cluster.cc +453 -0
- data/src/core/ext/xds/xds_cluster.h +108 -0
- data/src/core/ext/xds/xds_cluster_specifier_plugin.cc +142 -0
- data/src/core/ext/xds/xds_cluster_specifier_plugin.h +79 -0
- data/src/core/ext/xds/xds_common_types.cc +388 -0
- data/src/core/ext/xds/xds_common_types.h +95 -0
- data/src/core/ext/xds/xds_endpoint.cc +371 -0
- data/src/core/ext/xds/xds_endpoint.h +135 -0
- data/src/core/ext/xds/xds_http_fault_filter.cc +227 -0
- data/src/core/ext/xds/xds_http_fault_filter.h +64 -0
- data/src/core/ext/xds/xds_http_filters.cc +122 -0
- data/src/core/ext/xds/xds_http_filters.h +133 -0
- data/src/core/ext/xds/xds_http_rbac_filter.cc +563 -0
- data/src/core/ext/xds/xds_http_rbac_filter.h +54 -0
- data/src/core/ext/xds/xds_listener.cc +1039 -0
- data/src/core/ext/xds/xds_listener.h +220 -0
- data/src/core/ext/xds/xds_resource_type.cc +33 -0
- data/src/core/ext/xds/xds_resource_type.h +98 -0
- data/src/core/ext/xds/xds_resource_type_impl.h +87 -0
- data/src/core/ext/xds/xds_route_config.cc +1122 -0
- data/src/core/ext/xds/xds_route_config.h +218 -0
- data/src/core/ext/xds/xds_routing.cc +250 -0
- data/src/core/ext/xds/xds_routing.h +101 -0
- data/src/core/ext/xds/xds_server_config_fetcher.cc +1314 -0
- data/src/core/lib/address_utils/parse_address.cc +340 -0
- data/src/core/lib/address_utils/parse_address.h +82 -0
- data/src/core/lib/address_utils/sockaddr_utils.cc +409 -0
- data/src/core/lib/address_utils/sockaddr_utils.h +95 -0
- data/src/core/lib/avl/avl.h +452 -88
- data/src/core/lib/backoff/backoff.cc +9 -38
- data/src/core/lib/backoff/backoff.h +11 -11
- data/src/core/lib/channel/call_finalization.h +86 -0
- data/src/core/lib/channel/call_tracer.h +88 -0
- data/src/core/lib/channel/channel_args.cc +182 -24
- data/src/core/lib/channel/channel_args.h +214 -2
- data/src/core/lib/channel/channel_args_preconditioning.cc +42 -0
- data/src/core/lib/channel/channel_args_preconditioning.h +61 -0
- data/src/core/lib/channel/channel_stack.cc +37 -15
- data/src/core/lib/channel/channel_stack.h +57 -16
- data/src/core/lib/channel/channel_stack_builder.cc +24 -283
- data/src/core/lib/channel/channel_stack_builder.h +118 -157
- data/src/core/lib/channel/channel_stack_builder_impl.cc +102 -0
- data/src/core/lib/channel/channel_stack_builder_impl.h +48 -0
- data/src/core/lib/channel/channel_trace.cc +14 -18
- data/src/core/lib/channel/channel_trace.h +3 -2
- data/src/core/lib/channel/channelz.cc +191 -137
- data/src/core/lib/channel/channelz.h +76 -53
- data/src/core/lib/channel/channelz_registry.cc +37 -19
- data/src/core/lib/channel/channelz_registry.h +4 -2
- data/src/core/lib/channel/connected_channel.cc +14 -10
- data/src/core/lib/channel/connected_channel.h +2 -2
- data/src/core/lib/channel/context.h +14 -0
- data/src/core/lib/channel/handshaker.cc +14 -54
- data/src/core/lib/channel/handshaker.h +10 -28
- data/src/core/lib/channel/handshaker_factory.h +10 -2
- data/src/core/lib/channel/handshaker_registry.cc +15 -70
- data/src/core/lib/channel/handshaker_registry.h +29 -12
- data/src/core/lib/channel/promise_based_filter.cc +1002 -0
- data/src/core/lib/channel/promise_based_filter.h +437 -0
- data/src/core/lib/channel/status_util.cc +12 -2
- data/src/core/lib/channel/status_util.h +11 -2
- data/src/core/lib/compression/compression.cc +22 -110
- data/src/core/lib/compression/compression_internal.cc +139 -202
- data/src/core/lib/compression/compression_internal.h +67 -71
- data/src/core/lib/compression/message_compress.cc +13 -13
- data/src/core/lib/compression/message_compress.h +2 -2
- data/src/core/lib/config/core_configuration.cc +104 -0
- data/src/core/lib/config/core_configuration.h +196 -0
- data/src/core/lib/debug/stats.cc +1 -1
- data/src/core/lib/debug/stats.h +4 -3
- data/src/core/lib/debug/stats_data.cc +17 -19
- data/src/core/lib/debug/stats_data.h +6 -8
- data/src/core/lib/debug/trace.cc +1 -0
- data/src/core/lib/debug/trace.h +4 -3
- data/src/core/lib/event_engine/channel_args_endpoint_config.cc +46 -0
- data/src/core/lib/event_engine/channel_args_endpoint_config.h +42 -0
- data/src/core/lib/event_engine/default_event_engine_factory.cc +27 -0
- data/src/core/lib/event_engine/event_engine.cc +52 -0
- data/src/core/lib/event_engine/event_engine_factory.h +36 -0
- data/src/core/lib/event_engine/memory_allocator.cc +66 -0
- data/src/core/lib/event_engine/resolved_address.cc +39 -0
- data/src/core/lib/event_engine/sockaddr.cc +40 -0
- data/src/core/lib/event_engine/sockaddr.h +44 -0
- data/src/core/lib/gpr/alloc.cc +7 -5
- data/src/core/lib/gpr/atm.cc +1 -1
- data/src/core/lib/gpr/cpu_iphone.cc +10 -2
- data/src/core/lib/gpr/cpu_posix.cc +1 -1
- data/src/core/lib/gpr/env_linux.cc +1 -2
- data/src/core/lib/gpr/env_posix.cc +2 -3
- data/src/core/lib/gpr/log.cc +61 -19
- data/src/core/lib/gpr/log_android.cc +3 -2
- data/src/core/lib/gpr/log_linux.cc +30 -13
- data/src/core/lib/gpr/log_posix.cc +25 -10
- data/src/core/lib/gpr/log_windows.cc +18 -4
- data/src/core/lib/gpr/murmur_hash.cc +5 -3
- data/src/core/lib/gpr/spinlock.h +10 -2
- data/src/core/lib/gpr/string.cc +35 -33
- data/src/core/lib/gpr/string.h +11 -10
- data/src/core/lib/gpr/sync.cc +6 -6
- data/src/core/lib/gpr/sync_abseil.cc +10 -12
- data/src/core/lib/gpr/sync_posix.cc +6 -11
- data/src/core/lib/gpr/sync_windows.cc +2 -2
- data/src/core/lib/gpr/time.cc +17 -15
- data/src/core/lib/gpr/time_precise.cc +5 -2
- data/src/core/lib/gpr/time_precise.h +6 -2
- data/src/core/lib/gpr/time_windows.cc +3 -2
- data/src/core/lib/gpr/tls.h +126 -36
- data/src/core/lib/gpr/tmpfile_posix.cc +1 -2
- data/src/core/lib/gpr/useful.h +97 -31
- data/src/core/lib/gpr/wrap_memcpy.cc +2 -1
- data/src/core/lib/gprpp/atomic_utils.h +47 -0
- data/src/core/lib/gprpp/bitset.h +207 -0
- data/src/core/lib/gprpp/capture.h +76 -0
- data/src/core/lib/gprpp/chunked_vector.h +253 -0
- data/src/core/lib/gprpp/construct_destruct.h +39 -0
- data/src/core/lib/gprpp/cpp_impl_of.h +49 -0
- data/src/core/lib/gprpp/debug_location.h +2 -0
- data/src/core/lib/gprpp/dual_ref_counted.h +330 -0
- data/src/core/lib/gprpp/examine_stack.cc +43 -0
- data/src/core/lib/gprpp/examine_stack.h +46 -0
- data/src/core/lib/gprpp/fork.cc +16 -14
- data/src/core/lib/gprpp/fork.h +4 -4
- data/src/core/lib/gprpp/global_config.h +1 -2
- data/src/core/lib/gprpp/global_config_env.cc +18 -16
- data/src/core/lib/gprpp/global_config_env.h +2 -2
- data/src/core/lib/gprpp/global_config_generic.h +2 -2
- data/src/core/lib/gprpp/manual_constructor.h +12 -10
- data/src/core/lib/gprpp/match.h +73 -0
- data/src/core/lib/gprpp/memory.h +9 -3
- data/src/core/lib/gprpp/mpscq.cc +9 -9
- data/src/core/lib/gprpp/mpscq.h +6 -5
- data/src/core/lib/gprpp/orphanable.h +11 -15
- data/src/core/lib/gprpp/overload.h +59 -0
- data/src/core/lib/gprpp/ref_counted.h +125 -86
- data/src/core/lib/gprpp/ref_counted_ptr.h +166 -7
- data/src/core/lib/gprpp/single_set_ptr.h +87 -0
- data/src/core/lib/gprpp/stat.h +38 -0
- data/src/core/lib/gprpp/stat_posix.cc +49 -0
- data/src/core/lib/gprpp/stat_windows.cc +48 -0
- data/src/core/lib/gprpp/status_helper.cc +435 -0
- data/src/core/lib/gprpp/status_helper.h +181 -0
- data/src/core/lib/gprpp/sync.h +106 -43
- data/src/core/lib/gprpp/table.h +434 -0
- data/src/core/lib/gprpp/thd.h +3 -3
- data/src/core/lib/gprpp/thd_posix.cc +47 -42
- data/src/core/lib/gprpp/thd_windows.cc +7 -12
- data/src/core/lib/gprpp/time.cc +198 -0
- data/src/core/lib/gprpp/time.h +292 -0
- data/src/core/lib/gprpp/time_util.cc +77 -0
- data/src/core/lib/gprpp/time_util.h +42 -0
- data/src/core/lib/http/format_request.cc +29 -25
- data/src/core/lib/http/format_request.h +8 -6
- data/src/core/lib/http/httpcli.cc +304 -211
- data/src/core/lib/http/httpcli.h +183 -86
- data/src/core/lib/http/httpcli_security_connector.cc +75 -85
- data/src/core/lib/http/httpcli_ssl_credentials.h +37 -0
- data/src/core/lib/http/parser.cc +145 -54
- data/src/core/lib/http/parser.h +20 -6
- data/src/core/lib/iomgr/buffer_list.cc +16 -17
- data/src/core/lib/iomgr/buffer_list.h +23 -25
- data/src/core/lib/iomgr/call_combiner.cc +60 -25
- data/src/core/lib/iomgr/call_combiner.h +12 -14
- data/src/core/lib/iomgr/cfstream_handle.cc +7 -6
- data/src/core/lib/iomgr/cfstream_handle.h +1 -1
- data/src/core/lib/iomgr/closure.h +33 -12
- data/src/core/lib/iomgr/combiner.cc +48 -37
- data/src/core/lib/iomgr/combiner.h +3 -2
- data/src/core/lib/iomgr/dualstack_socket_posix.cc +1 -0
- data/src/core/lib/iomgr/endpoint.cc +6 -6
- data/src/core/lib/iomgr/endpoint.h +10 -9
- data/src/core/lib/iomgr/endpoint_cfstream.cc +56 -60
- data/src/core/lib/iomgr/endpoint_cfstream.h +4 -4
- data/src/core/lib/iomgr/endpoint_pair.h +1 -0
- data/src/core/lib/iomgr/endpoint_pair_event_engine.cc +32 -0
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +19 -17
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +5 -6
- data/src/core/lib/iomgr/error.cc +287 -111
- data/src/core/lib/iomgr/error.h +278 -114
- data/src/core/lib/iomgr/error_cfstream.cc +17 -10
- data/src/core/lib/iomgr/error_cfstream.h +2 -2
- data/src/core/lib/iomgr/error_internal.h +7 -2
- data/src/core/lib/iomgr/ev_apple.cc +19 -15
- data/src/core/lib/iomgr/ev_apple.h +1 -1
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +64 -64
- data/src/core/lib/iomgr/ev_poll_posix.cc +82 -79
- data/src/core/lib/iomgr/ev_posix.cc +21 -22
- data/src/core/lib/iomgr/ev_posix.h +9 -9
- data/src/core/lib/iomgr/event_engine/closure.cc +77 -0
- data/src/core/lib/iomgr/event_engine/closure.h +42 -0
- data/src/core/lib/iomgr/event_engine/endpoint.cc +172 -0
- data/src/core/lib/iomgr/event_engine/endpoint.h +52 -0
- data/src/core/lib/iomgr/event_engine/iomgr.cc +85 -0
- data/src/core/lib/iomgr/event_engine/pollset.cc +87 -0
- data/src/core/lib/iomgr/event_engine/pollset.h +25 -0
- data/src/core/lib/iomgr/event_engine/promise.h +51 -0
- data/src/core/lib/iomgr/event_engine/resolved_address_internal.cc +47 -0
- data/src/core/lib/iomgr/event_engine/resolved_address_internal.h +37 -0
- data/src/core/lib/iomgr/event_engine/resolver.cc +133 -0
- data/src/core/lib/iomgr/event_engine/resolver.h +56 -0
- data/src/core/lib/iomgr/event_engine/tcp.cc +296 -0
- data/src/core/lib/iomgr/event_engine/timer.cc +62 -0
- data/src/core/lib/iomgr/exec_ctx.cc +30 -99
- data/src/core/lib/iomgr/exec_ctx.h +42 -63
- data/src/core/lib/iomgr/executor/mpmcqueue.cc +15 -16
- data/src/core/lib/iomgr/executor/mpmcqueue.h +11 -15
- data/src/core/lib/iomgr/executor/threadpool.cc +4 -5
- data/src/core/lib/iomgr/executor/threadpool.h +8 -7
- data/src/core/lib/iomgr/executor.cc +37 -45
- data/src/core/lib/iomgr/executor.h +4 -4
- data/src/core/lib/iomgr/fork_posix.cc +2 -1
- data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +2 -2
- data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +2 -2
- data/src/core/lib/iomgr/internal_errqueue.cc +3 -2
- data/src/core/lib/iomgr/iocp_windows.cc +10 -9
- data/src/core/lib/iomgr/iocp_windows.h +1 -1
- data/src/core/lib/iomgr/iomgr.cc +6 -4
- data/src/core/lib/iomgr/iomgr.h +3 -3
- data/src/core/lib/iomgr/iomgr_internal.cc +8 -12
- data/src/core/lib/iomgr/iomgr_internal.h +6 -5
- data/src/core/lib/iomgr/iomgr_posix.cc +5 -4
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +44 -15
- data/src/core/lib/iomgr/iomgr_windows.cc +4 -5
- data/src/core/lib/iomgr/load_file.cc +6 -6
- data/src/core/lib/iomgr/load_file.h +2 -2
- data/src/core/lib/iomgr/lockfree_event.cc +38 -15
- data/src/core/lib/iomgr/lockfree_event.h +2 -2
- data/src/core/lib/iomgr/polling_entity.cc +2 -2
- data/src/core/lib/iomgr/polling_entity.h +6 -0
- data/src/core/lib/iomgr/pollset.cc +5 -5
- data/src/core/lib/iomgr/pollset.h +9 -9
- data/src/core/lib/iomgr/pollset_set_windows.cc +1 -0
- data/src/core/lib/iomgr/pollset_windows.cc +6 -6
- data/src/core/lib/iomgr/port.h +9 -37
- data/src/core/lib/iomgr/python_util.h +6 -5
- data/src/core/lib/iomgr/resolve_address.cc +10 -24
- data/src/core/lib/iomgr/resolve_address.h +48 -43
- data/src/core/lib/iomgr/resolve_address_impl.h +59 -0
- data/src/core/lib/iomgr/resolve_address_posix.cc +91 -83
- data/src/core/lib/iomgr/resolve_address_posix.h +47 -0
- data/src/core/lib/iomgr/resolve_address_windows.cc +106 -89
- data/src/core/lib/iomgr/resolve_address_windows.h +47 -0
- data/src/core/lib/iomgr/resolved_address.h +39 -0
- data/src/core/lib/iomgr/sockaddr.h +2 -1
- data/src/core/lib/iomgr/sockaddr_utils_posix.cc +62 -0
- data/src/core/lib/iomgr/socket_factory_posix.cc +8 -7
- data/src/core/lib/iomgr/socket_factory_posix.h +1 -0
- data/src/core/lib/iomgr/socket_mutator.cc +20 -6
- data/src/core/lib/iomgr/socket_mutator.h +27 -3
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +124 -99
- data/src/core/lib/iomgr/socket_utils_linux.cc +4 -4
- data/src/core/lib/iomgr/socket_utils_posix.cc +2 -2
- data/src/core/lib/iomgr/socket_utils_posix.h +22 -22
- data/src/core/lib/iomgr/socket_utils_windows.cc +2 -2
- data/src/core/lib/iomgr/socket_windows.cc +4 -5
- data/src/core/lib/iomgr/tcp_client.cc +4 -4
- data/src/core/lib/iomgr/tcp_client.h +5 -2
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +19 -37
- data/src/core/lib/iomgr/tcp_client_posix.cc +51 -67
- data/src/core/lib/iomgr/tcp_client_posix.h +7 -6
- data/src/core/lib/iomgr/tcp_client_windows.cc +21 -21
- data/src/core/lib/iomgr/tcp_posix.cc +256 -209
- data/src/core/lib/iomgr/tcp_posix.h +17 -12
- data/src/core/lib/iomgr/tcp_server.cc +9 -10
- data/src/core/lib/iomgr/tcp_server.h +21 -17
- data/src/core/lib/iomgr/tcp_server_posix.cc +98 -86
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +36 -32
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +28 -27
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +14 -19
- data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +4 -4
- data/src/core/lib/iomgr/tcp_server_windows.cc +38 -41
- data/src/core/lib/iomgr/tcp_windows.cc +56 -57
- data/src/core/lib/iomgr/tcp_windows.h +3 -3
- data/src/core/lib/iomgr/timer.cc +3 -2
- data/src/core/lib/iomgr/timer.h +17 -8
- data/src/core/lib/iomgr/timer_generic.cc +129 -139
- data/src/core/lib/iomgr/timer_generic.h +1 -0
- data/src/core/lib/iomgr/timer_heap.cc +2 -3
- data/src/core/lib/iomgr/timer_manager.cc +19 -18
- data/src/core/lib/iomgr/unix_sockets_posix.cc +33 -41
- data/src/core/lib/iomgr/unix_sockets_posix.h +9 -6
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +15 -11
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +3 -3
- data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +2 -1
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +8 -9
- data/src/core/lib/iomgr/wakeup_fd_posix.cc +4 -3
- data/src/core/lib/iomgr/wakeup_fd_posix.h +8 -6
- data/src/core/lib/iomgr/work_serializer.cc +120 -44
- data/src/core/lib/iomgr/work_serializer.h +33 -5
- data/src/core/lib/json/json.h +13 -3
- data/src/core/lib/json/json_reader.cc +112 -70
- data/src/core/lib/json/json_util.cc +126 -0
- data/src/core/lib/json/json_util.h +154 -0
- data/src/core/lib/json/json_writer.cc +2 -4
- data/src/core/lib/matchers/matchers.cc +327 -0
- data/src/core/lib/matchers/matchers.h +160 -0
- data/src/core/lib/profiling/basic_timers.cc +8 -6
- data/src/core/lib/profiling/stap_timers.cc +2 -2
- data/src/core/lib/promise/activity.cc +121 -0
- data/src/core/lib/promise/activity.h +540 -0
- data/src/core/lib/promise/arena_promise.h +188 -0
- data/src/core/lib/promise/call_push_pull.h +144 -0
- data/src/core/lib/promise/context.h +86 -0
- data/src/core/lib/promise/detail/basic_seq.h +496 -0
- data/src/core/lib/promise/detail/promise_factory.h +189 -0
- data/src/core/lib/promise/detail/promise_like.h +85 -0
- data/src/core/lib/promise/detail/status.h +50 -0
- data/src/core/lib/promise/detail/switch.h +1455 -0
- data/src/core/lib/promise/exec_ctx_wakeup_scheduler.h +48 -0
- data/src/core/lib/promise/intra_activity_waiter.h +49 -0
- data/src/core/lib/promise/latch.h +104 -0
- data/src/core/lib/promise/loop.h +134 -0
- data/src/core/lib/promise/map.h +88 -0
- data/src/core/lib/promise/poll.h +66 -0
- data/src/core/lib/promise/promise.h +95 -0
- data/src/core/lib/promise/race.h +84 -0
- data/src/core/lib/promise/seq.h +89 -0
- data/src/core/lib/promise/sleep.cc +74 -0
- data/src/core/lib/promise/sleep.h +66 -0
- data/src/core/lib/promise/try_seq.h +157 -0
- data/src/core/lib/resolver/resolver.cc +79 -0
- data/src/core/lib/resolver/resolver.h +135 -0
- data/src/core/lib/resolver/resolver_factory.h +76 -0
- data/src/core/lib/resolver/resolver_registry.cc +156 -0
- data/src/core/lib/resolver/resolver_registry.h +113 -0
- data/src/core/lib/resolver/server_address.cc +170 -0
- data/src/core/lib/resolver/server_address.h +144 -0
- data/src/core/lib/resource_quota/api.cc +83 -0
- data/src/core/lib/resource_quota/api.h +40 -0
- data/src/core/lib/resource_quota/arena.cc +107 -0
- data/src/core/lib/resource_quota/arena.h +142 -0
- data/src/core/lib/resource_quota/memory_quota.cc +478 -0
- data/src/core/lib/resource_quota/memory_quota.h +457 -0
- data/src/core/lib/resource_quota/resource_quota.cc +33 -0
- data/src/core/lib/resource_quota/resource_quota.h +66 -0
- data/src/core/lib/resource_quota/thread_quota.cc +43 -0
- data/src/core/lib/resource_quota/thread_quota.h +57 -0
- data/src/core/lib/resource_quota/trace.cc +19 -0
- data/src/core/lib/resource_quota/trace.h +24 -0
- data/src/core/lib/security/authorization/authorization_engine.h +44 -0
- data/src/core/lib/security/authorization/authorization_policy_provider.h +40 -0
- data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +46 -0
- data/src/core/lib/security/authorization/evaluate_args.cc +212 -0
- data/src/core/lib/security/authorization/evaluate_args.h +92 -0
- data/src/core/lib/security/authorization/grpc_authorization_engine.cc +60 -0
- data/src/core/lib/security/authorization/grpc_authorization_engine.h +62 -0
- data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +106 -0
- data/src/core/lib/security/authorization/grpc_server_authz_filter.h +50 -0
- data/src/core/lib/security/authorization/matchers.cc +227 -0
- data/src/core/lib/security/authorization/matchers.h +211 -0
- data/src/core/lib/security/authorization/rbac_policy.cc +442 -0
- data/src/core/lib/security/authorization/rbac_policy.h +171 -0
- data/src/core/lib/security/context/security_context.cc +19 -13
- data/src/core/lib/security/context/security_context.h +12 -3
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +8 -6
- data/src/core/lib/security/credentials/alts/alts_credentials.h +11 -1
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
- data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +2 -2
- data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +2 -2
- data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +2 -2
- data/src/core/lib/security/credentials/call_creds_util.cc +87 -0
- data/src/core/lib/security/credentials/call_creds_util.h +42 -0
- data/src/core/lib/security/credentials/channel_creds_registry.h +97 -0
- data/src/core/lib/security/credentials/channel_creds_registry_init.cc +70 -0
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +28 -86
- data/src/core/lib/security/credentials/composite/composite_credentials.h +23 -10
- data/src/core/lib/security/credentials/credentials.cc +18 -17
- data/src/core/lib/security/credentials/credentials.h +92 -90
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +419 -0
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +82 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +214 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.h +72 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +544 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.h +118 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +135 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +49 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +230 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +61 -0
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +26 -29
- data/src/core/lib/security/credentials/fake/fake_credentials.h +22 -21
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +8 -7
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +169 -82
- data/src/core/lib/security/credentials/google_default/google_default_credentials.h +9 -3
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +23 -29
- data/src/core/lib/security/credentials/iam/iam_credentials.h +15 -9
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +63 -0
- data/src/core/lib/security/credentials/insecure/insecure_credentials.h +57 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +10 -12
- data/src/core/lib/security/credentials/jwt/json_token.h +2 -1
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +61 -53
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +31 -18
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +70 -62
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +4 -4
- data/src/core/lib/security/credentials/local/local_credentials.cc +8 -7
- data/src/core/lib/security/credentials/local/local_credentials.h +11 -1
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +216 -251
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +67 -38
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +100 -158
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +56 -27
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +36 -22
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +26 -6
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +348 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +217 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +454 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +195 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc +209 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h +145 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +62 -184
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +98 -294
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +40 -21
- data/src/core/lib/security/credentials/tls/tls_credentials.h +9 -3
- data/src/core/lib/security/credentials/tls/tls_utils.cc +123 -0
- data/src/core/lib/security/credentials/tls/tls_utils.h +51 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +237 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.h +100 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +23 -19
- data/src/core/lib/security/security_connector/alts/alts_security_connector.h +3 -3
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +37 -43
- data/src/core/lib/security/security_connector/fake/fake_security_connector.h +0 -2
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +111 -0
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +92 -0
- data/src/core/lib/security/security_connector/load_system_roots.h +4 -0
- data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +1 -0
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +5 -6
- data/src/core/lib/security/security_connector/load_system_roots_linux.h +2 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +35 -27
- data/src/core/lib/security/security_connector/security_connector.cc +14 -18
- data/src/core/lib/security/security_connector/security_connector.h +38 -27
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +43 -32
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +6 -2
- data/src/core/lib/security/security_connector/ssl_utils.cc +119 -65
- data/src/core/lib/security/security_connector/ssl_utils.h +40 -40
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +646 -423
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +187 -104
- data/src/core/lib/security/transport/auth_filters.h +37 -8
- data/src/core/lib/security/transport/client_auth_filter.cc +102 -358
- data/src/core/lib/security/transport/secure_endpoint.cc +214 -149
- data/src/core/lib/security/transport/secure_endpoint.h +2 -1
- data/src/core/lib/security/transport/security_handshaker.cc +172 -94
- data/src/core/lib/security/transport/security_handshaker.h +2 -1
- data/src/core/lib/security/transport/server_auth_filter.cc +58 -47
- data/src/core/lib/security/transport/tsi_error.cc +5 -6
- data/src/core/lib/security/transport/tsi_error.h +2 -1
- data/src/core/lib/security/util/json_util.cc +10 -13
- data/src/core/lib/security/util/json_util.h +2 -1
- data/src/core/lib/service_config/service_config.h +82 -0
- data/src/core/lib/service_config/service_config_call_data.h +72 -0
- data/src/core/lib/service_config/service_config_impl.cc +230 -0
- data/src/core/lib/service_config/service_config_impl.h +125 -0
- data/src/core/lib/service_config/service_config_parser.cc +93 -0
- data/src/core/lib/service_config/service_config_parser.h +106 -0
- data/src/core/lib/slice/percent_encoding.cc +84 -97
- data/src/core/lib/slice/percent_encoding.h +23 -28
- data/src/core/lib/slice/slice.cc +111 -181
- data/src/core/lib/slice/slice.h +384 -0
- data/src/core/lib/slice/slice_api.cc +39 -0
- data/src/core/lib/slice/slice_buffer.cc +12 -8
- data/src/core/lib/slice/slice_internal.h +17 -277
- data/src/core/lib/slice/slice_refcount.cc +35 -0
- data/src/core/lib/slice/slice_refcount.h +46 -0
- data/src/core/lib/slice/slice_refcount_base.h +61 -0
- data/src/core/lib/slice/slice_split.cc +100 -0
- data/src/core/lib/slice/slice_split.h +40 -0
- data/src/core/lib/slice/slice_string_helpers.cc +0 -83
- data/src/core/lib/slice/slice_string_helpers.h +0 -11
- data/src/core/lib/surface/api_trace.cc +2 -1
- data/src/core/lib/surface/api_trace.h +1 -0
- data/src/core/lib/surface/builtins.cc +49 -0
- data/src/core/lib/surface/builtins.h +26 -0
- data/src/core/lib/surface/byte_buffer_reader.cc +1 -1
- data/src/core/lib/surface/call.cc +1171 -1248
- data/src/core/lib/surface/call.h +16 -24
- data/src/core/lib/surface/call_details.cc +10 -10
- data/src/core/lib/surface/call_log_batch.cc +2 -2
- data/src/core/lib/surface/channel.cc +96 -135
- data/src/core/lib/surface/channel.h +31 -22
- data/src/core/lib/surface/channel_init.cc +22 -76
- data/src/core/lib/surface/channel_init.h +44 -40
- data/src/core/lib/surface/channel_ping.cc +2 -3
- data/src/core/lib/surface/channel_stack_type.cc +2 -1
- data/src/core/lib/surface/completion_queue.cc +154 -162
- data/src/core/lib/surface/completion_queue.h +18 -17
- data/src/core/lib/surface/completion_queue_factory.cc +3 -3
- data/src/core/lib/surface/completion_queue_factory.h +1 -0
- data/src/core/lib/surface/event_string.cc +1 -0
- data/src/core/lib/surface/init.cc +121 -83
- data/src/core/lib/surface/init.h +10 -4
- data/src/core/lib/surface/lame_client.cc +80 -72
- data/src/core/lib/surface/lame_client.h +5 -0
- data/src/core/lib/surface/metadata_array.cc +2 -2
- data/src/core/lib/surface/server.cc +1142 -1373
- data/src/core/lib/surface/server.h +467 -71
- data/src/core/lib/surface/validate_metadata.cc +55 -24
- data/src/core/lib/surface/validate_metadata.h +6 -2
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/bdp_estimator.cc +11 -12
- data/src/core/lib/transport/bdp_estimator.h +4 -3
- data/src/core/lib/transport/byte_stream.cc +11 -5
- data/src/core/lib/transport/byte_stream.h +12 -11
- data/src/core/lib/transport/connectivity_state.cc +27 -19
- data/src/core/lib/transport/connectivity_state.h +28 -14
- data/src/core/lib/transport/error_utils.cc +73 -21
- data/src/core/lib/transport/error_utils.h +17 -4
- data/src/core/lib/transport/metadata_batch.h +1355 -152
- data/src/core/lib/transport/parsed_metadata.cc +37 -0
- data/src/core/lib/transport/parsed_metadata.h +401 -0
- data/src/core/lib/transport/pid_controller.cc +4 -4
- data/src/core/lib/transport/status_conversion.cc +2 -2
- data/src/core/lib/transport/status_conversion.h +1 -1
- data/src/core/lib/transport/timeout_encoding.cc +208 -71
- data/src/core/lib/transport/timeout_encoding.h +40 -10
- data/src/core/lib/transport/transport.cc +18 -36
- data/src/core/lib/transport/transport.h +129 -15
- data/src/core/lib/transport/transport_impl.h +14 -0
- data/src/core/lib/transport/transport_op_string.cc +13 -35
- data/src/core/lib/uri/uri_parser.cc +305 -254
- data/src/core/lib/uri/uri_parser.h +92 -38
- data/src/core/plugin_registry/grpc_plugin_registry.cc +76 -68
- data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +85 -0
- data/src/core/tsi/alts/crypt/aes_gcm.cc +6 -3
- data/src/core/tsi/alts/crypt/gsec.cc +5 -4
- data/src/core/tsi/alts/crypt/gsec.h +5 -0
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +13 -12
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +18 -17
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +77 -68
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +2 -3
- data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +9 -1
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +103 -64
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +1 -1
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +2 -1
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +2 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.h +1 -1
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +5 -5
- data/src/core/tsi/alts/handshaker/transport_security_common_api.h +2 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +2 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +1 -1
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +8 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +6 -6
- data/src/core/tsi/fake_transport_security.cc +32 -12
- data/src/core/tsi/local_transport_security.cc +46 -87
- data/src/core/tsi/local_transport_security.h +6 -10
- data/src/core/tsi/ssl/key_logging/ssl_key_logging.cc +141 -0
- data/src/core/tsi/ssl/key_logging/ssl_key_logging.h +81 -0
- data/src/core/tsi/ssl/session_cache/ssl_session.h +2 -4
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +20 -55
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +9 -9
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +2 -2
- data/src/core/tsi/ssl_transport_security.cc +422 -129
- data/src/core/tsi/ssl_transport_security.h +68 -16
- data/src/core/tsi/transport_security.cc +25 -11
- data/src/core/tsi/transport_security.h +16 -1
- data/src/core/tsi/transport_security_grpc.h +1 -0
- data/src/core/tsi/transport_security_interface.h +34 -1
- data/src/ruby/bin/math_services_pb.rb +5 -5
- data/src/ruby/ext/grpc/extconf.rb +34 -11
- data/src/ruby/ext/grpc/rb_byte_buffer.c +2 -1
- data/src/ruby/ext/grpc/rb_call.c +8 -7
- data/src/ruby/ext/grpc/rb_call.h +4 -0
- data/src/ruby/ext/grpc/rb_call_credentials.c +62 -17
- data/src/ruby/ext/grpc/rb_channel.c +24 -10
- data/src/ruby/ext/grpc/rb_channel_args.c +2 -2
- data/src/ruby/ext/grpc/rb_channel_credentials.c +24 -5
- data/src/ruby/ext/grpc/rb_channel_credentials.h +5 -0
- data/src/ruby/ext/grpc/rb_completion_queue.c +3 -2
- data/src/ruby/ext/grpc/rb_compression_options.c +6 -5
- data/src/ruby/ext/grpc/rb_enable_cpp.cc +1 -1
- data/src/ruby/ext/grpc/rb_event_thread.c +4 -2
- data/src/ruby/ext/grpc/rb_grpc.c +9 -4
- data/src/ruby/ext/grpc/rb_grpc.h +1 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +76 -48
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +130 -88
- data/src/ruby/ext/grpc/rb_server.c +26 -10
- data/src/ruby/ext/grpc/rb_server_credentials.c +22 -6
- data/src/ruby/ext/grpc/rb_server_credentials.h +5 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +218 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +37 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +170 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.h +37 -0
- data/src/ruby/lib/grpc/generic/active_call.rb +7 -1
- data/src/ruby/lib/grpc/generic/client_stub.rb +5 -3
- data/src/ruby/lib/grpc/generic/interceptors.rb +1 -1
- data/src/ruby/lib/grpc/grpc.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/generate_proto_ruby.sh +1 -0
- data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +3 -3
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +40 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_pb.rb +1 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +50 -16
- data/src/ruby/pb/test/client.rb +769 -0
- data/src/ruby/pb/test/server.rb +252 -0
- data/src/ruby/pb/test/xds_client.rb +415 -0
- data/src/ruby/spec/call_spec.rb +1 -1
- data/src/ruby/spec/channel_credentials_spec.rb +42 -0
- data/src/ruby/spec/channel_spec.rb +17 -6
- data/src/ruby/spec/client_auth_spec.rb +27 -1
- data/src/ruby/spec/client_server_spec.rb +1 -1
- data/src/ruby/spec/errors_spec.rb +1 -1
- data/src/ruby/spec/generic/active_call_spec.rb +21 -10
- data/src/ruby/spec/generic/client_stub_spec.rb +4 -4
- data/src/ruby/spec/generic/rpc_server_spec.rb +1 -1
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_import2.proto +23 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_ruby_style.proto +2 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/same_package_service_name.proto +27 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/same_ruby_package_service_name.proto +29 -0
- data/src/ruby/spec/pb/codegen/package_option_spec.rb +27 -7
- data/src/ruby/spec/server_credentials_spec.rb +25 -0
- data/src/ruby/spec/server_spec.rb +22 -0
- data/src/ruby/spec/support/services.rb +10 -4
- data/src/ruby/spec/user_agent_spec.rb +74 -0
- data/third_party/abseil-cpp/absl/algorithm/container.h +1774 -0
- data/third_party/abseil-cpp/absl/base/attributes.h +169 -55
- data/third_party/abseil-cpp/absl/base/call_once.h +3 -10
- data/third_party/abseil-cpp/absl/base/casts.h +9 -6
- data/third_party/abseil-cpp/absl/base/config.h +150 -49
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +417 -335
- data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +169 -0
- data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +398 -0
- data/third_party/abseil-cpp/absl/base/internal/endian.h +61 -0
- data/third_party/abseil-cpp/absl/base/internal/fast_type_id.h +48 -0
- data/third_party/abseil-cpp/absl/base/internal/invoke.h +4 -4
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +620 -0
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.h +126 -0
- data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +31 -4
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +35 -33
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +17 -5
- data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +36 -40
- data/third_party/abseil-cpp/absl/base/internal/spinlock.h +36 -31
- data/third_party/abseil-cpp/absl/base/internal/spinlock_akaros.inc +2 -2
- data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +11 -3
- data/third_party/abseil-cpp/absl/base/internal/spinlock_posix.inc +2 -2
- data/third_party/abseil-cpp/absl/base/internal/spinlock_wait.h +13 -11
- data/third_party/abseil-cpp/absl/base/internal/spinlock_win32.inc +5 -5
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +97 -5
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +8 -0
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.cc +9 -6
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +58 -52
- data/third_party/abseil-cpp/absl/base/internal/throw_delegate.cc +111 -7
- data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +3 -1
- data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +0 -76
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +17 -3
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +7 -7
- data/third_party/abseil-cpp/absl/base/log_severity.h +4 -4
- data/third_party/abseil-cpp/absl/base/macros.h +47 -109
- data/third_party/abseil-cpp/absl/base/optimization.h +69 -6
- data/third_party/abseil-cpp/absl/base/options.h +31 -4
- data/third_party/abseil-cpp/absl/base/policy_checks.h +1 -1
- data/third_party/abseil-cpp/absl/base/port.h +0 -1
- data/third_party/abseil-cpp/absl/base/thread_annotations.h +95 -40
- data/third_party/abseil-cpp/absl/container/fixed_array.h +527 -0
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +606 -0
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +141 -134
- data/third_party/abseil-cpp/absl/container/internal/common.h +206 -0
- data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +34 -9
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +460 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +163 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +208 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtable_debug_hooks.h +85 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +190 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +281 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler_force_weak_definition.cc +31 -0
- data/third_party/abseil-cpp/absl/container/internal/have_sse.h +50 -0
- data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +469 -429
- data/third_party/abseil-cpp/absl/container/internal/layout.h +743 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +198 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +67 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +2034 -0
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +139 -0
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.h +32 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +1959 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.h +71 -0
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.cc +383 -0
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +138 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +199 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +134 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +87 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_emscripten-inl.inc +110 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +108 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_powerpc-inl.inc +253 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_riscv-inl.inc +234 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_unimplemented-inl.inc +24 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +93 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_x86-inl.inc +364 -0
- data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +153 -0
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +191 -0
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.h +158 -0
- data/third_party/abseil-cpp/absl/debugging/stacktrace.cc +142 -0
- data/third_party/abseil-cpp/absl/debugging/stacktrace.h +231 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +38 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize.h +99 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +101 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +1574 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_emscripten.inc +72 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_unimplemented.inc +40 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_win32.inc +81 -0
- data/third_party/abseil-cpp/absl/functional/bind_front.h +184 -0
- data/third_party/abseil-cpp/absl/functional/function_ref.h +142 -0
- data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +95 -0
- data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +106 -0
- data/third_party/abseil-cpp/absl/hash/hash.h +347 -0
- data/third_party/abseil-cpp/absl/hash/internal/city.cc +349 -0
- data/third_party/abseil-cpp/absl/hash/internal/city.h +78 -0
- data/third_party/abseil-cpp/absl/hash/internal/hash.cc +69 -0
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +1096 -0
- data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.cc +123 -0
- data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.h +50 -0
- data/third_party/abseil-cpp/absl/memory/memory.h +4 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +49 -11
- data/third_party/abseil-cpp/absl/numeric/bits.h +177 -0
- data/third_party/abseil-cpp/absl/numeric/int128.cc +16 -37
- data/third_party/abseil-cpp/absl/numeric/int128.h +159 -85
- data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +19 -25
- data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +73 -70
- data/third_party/abseil-cpp/absl/numeric/internal/bits.h +358 -0
- data/third_party/abseil-cpp/absl/numeric/internal/representation.h +55 -0
- data/third_party/abseil-cpp/absl/profiling/internal/exponential_biased.cc +93 -0
- data/third_party/abseil-cpp/absl/profiling/internal/exponential_biased.h +130 -0
- data/third_party/abseil-cpp/absl/profiling/internal/sample_recorder.h +230 -0
- data/third_party/abseil-cpp/absl/random/bernoulli_distribution.h +200 -0
- data/third_party/abseil-cpp/absl/random/beta_distribution.h +427 -0
- data/third_party/abseil-cpp/absl/random/discrete_distribution.cc +98 -0
- data/third_party/abseil-cpp/absl/random/discrete_distribution.h +247 -0
- data/third_party/abseil-cpp/absl/random/distributions.h +452 -0
- data/third_party/abseil-cpp/absl/random/exponential_distribution.h +165 -0
- data/third_party/abseil-cpp/absl/random/gaussian_distribution.cc +104 -0
- data/third_party/abseil-cpp/absl/random/gaussian_distribution.h +275 -0
- data/third_party/abseil-cpp/absl/random/internal/distribution_caller.h +92 -0
- data/third_party/abseil-cpp/absl/random/internal/fast_uniform_bits.h +268 -0
- data/third_party/abseil-cpp/absl/random/internal/fastmath.h +57 -0
- data/third_party/abseil-cpp/absl/random/internal/generate_real.h +144 -0
- data/third_party/abseil-cpp/absl/random/internal/iostream_state_saver.h +245 -0
- data/third_party/abseil-cpp/absl/random/internal/nonsecure_base.h +150 -0
- data/third_party/abseil-cpp/absl/random/internal/pcg_engine.h +308 -0
- data/third_party/abseil-cpp/absl/random/internal/platform.h +171 -0
- data/third_party/abseil-cpp/absl/random/internal/pool_urbg.cc +253 -0
- data/third_party/abseil-cpp/absl/random/internal/pool_urbg.h +131 -0
- data/third_party/abseil-cpp/absl/random/internal/randen.cc +91 -0
- data/third_party/abseil-cpp/absl/random/internal/randen.h +102 -0
- data/third_party/abseil-cpp/absl/random/internal/randen_detect.cc +221 -0
- data/third_party/abseil-cpp/absl/random/internal/randen_detect.h +33 -0
- data/third_party/abseil-cpp/absl/random/internal/randen_engine.h +239 -0
- data/third_party/abseil-cpp/absl/random/internal/randen_hwaes.cc +526 -0
- data/third_party/abseil-cpp/absl/random/internal/randen_hwaes.h +50 -0
- data/third_party/abseil-cpp/absl/random/internal/randen_round_keys.cc +462 -0
- data/third_party/abseil-cpp/absl/random/internal/randen_slow.cc +471 -0
- data/third_party/abseil-cpp/absl/random/internal/randen_slow.h +40 -0
- data/third_party/abseil-cpp/absl/random/internal/randen_traits.h +88 -0
- data/third_party/abseil-cpp/absl/random/internal/salted_seed_seq.h +167 -0
- data/third_party/abseil-cpp/absl/random/internal/seed_material.cc +267 -0
- data/third_party/abseil-cpp/absl/random/internal/seed_material.h +104 -0
- data/third_party/abseil-cpp/absl/random/internal/traits.h +101 -0
- data/third_party/abseil-cpp/absl/random/internal/uniform_helper.h +244 -0
- data/third_party/abseil-cpp/absl/random/internal/wide_multiply.h +111 -0
- data/third_party/abseil-cpp/absl/random/log_uniform_int_distribution.h +257 -0
- data/third_party/abseil-cpp/absl/random/poisson_distribution.h +258 -0
- data/third_party/abseil-cpp/absl/random/random.h +189 -0
- data/third_party/abseil-cpp/absl/random/seed_gen_exception.cc +46 -0
- data/third_party/abseil-cpp/absl/random/seed_gen_exception.h +55 -0
- data/third_party/abseil-cpp/absl/random/seed_sequences.cc +29 -0
- data/third_party/abseil-cpp/absl/random/seed_sequences.h +110 -0
- data/third_party/abseil-cpp/absl/random/uniform_int_distribution.h +275 -0
- data/third_party/abseil-cpp/absl/random/uniform_real_distribution.h +202 -0
- data/third_party/abseil-cpp/absl/random/zipf_distribution.h +271 -0
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +69 -0
- data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +396 -0
- data/third_party/abseil-cpp/absl/status/status.cc +444 -0
- data/third_party/abseil-cpp/absl/status/status.h +882 -0
- data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +38 -0
- data/third_party/abseil-cpp/absl/status/status_payload_printer.h +51 -0
- data/third_party/abseil-cpp/absl/status/statusor.cc +103 -0
- data/third_party/abseil-cpp/absl/status/statusor.h +770 -0
- data/third_party/abseil-cpp/absl/strings/charconv.cc +10 -10
- data/third_party/abseil-cpp/absl/strings/charconv.h +3 -2
- data/third_party/abseil-cpp/absl/strings/cord.cc +2047 -0
- data/third_party/abseil-cpp/absl/strings/cord.h +1521 -0
- data/third_party/abseil-cpp/absl/strings/escaping.cc +13 -13
- data/third_party/abseil-cpp/absl/strings/internal/char_map.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +9 -9
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.cc +89 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +620 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree.cc +1128 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree.h +939 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree_navigator.cc +185 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree_navigator.h +265 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree_reader.cc +68 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree_reader.h +211 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_consume.cc +129 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_consume.h +50 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_flat.h +146 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring.cc +771 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring.h +607 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring_reader.h +118 -0
- data/third_party/abseil-cpp/absl/strings/internal/cordz_functions.cc +96 -0
- data/third_party/abseil-cpp/absl/strings/internal/cordz_functions.h +85 -0
- data/third_party/abseil-cpp/absl/strings/internal/cordz_handle.cc +139 -0
- data/third_party/abseil-cpp/absl/strings/internal/cordz_handle.h +131 -0
- data/third_party/abseil-cpp/absl/strings/internal/cordz_info.cc +445 -0
- data/third_party/abseil-cpp/absl/strings/internal/cordz_info.h +298 -0
- data/third_party/abseil-cpp/absl/strings/internal/cordz_statistics.h +87 -0
- data/third_party/abseil-cpp/absl/strings/internal/cordz_update_scope.h +71 -0
- data/third_party/abseil-cpp/absl/strings/internal/cordz_update_tracker.h +121 -0
- data/third_party/abseil-cpp/absl/strings/internal/resize_uninitialized.h +48 -2
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +236 -136
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +158 -64
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +19 -6
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +30 -22
- data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +21 -14
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +37 -13
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +183 -153
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +1017 -87
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +17 -3
- data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +4 -12
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +82 -77
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +51 -27
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +49 -74
- data/third_party/abseil-cpp/absl/strings/internal/string_constant.h +64 -0
- data/third_party/abseil-cpp/absl/strings/match.cc +6 -3
- data/third_party/abseil-cpp/absl/strings/match.h +16 -6
- data/third_party/abseil-cpp/absl/strings/numbers.cc +133 -5
- data/third_party/abseil-cpp/absl/strings/numbers.h +44 -10
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +8 -8
- data/third_party/abseil-cpp/absl/strings/str_cat.h +1 -1
- data/third_party/abseil-cpp/absl/strings/str_format.h +290 -15
- data/third_party/abseil-cpp/absl/strings/str_join.h +1 -1
- data/third_party/abseil-cpp/absl/strings/str_split.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/str_split.h +39 -4
- data/third_party/abseil-cpp/absl/strings/string_view.cc +16 -21
- data/third_party/abseil-cpp/absl/strings/string_view.h +143 -55
- data/third_party/abseil-cpp/absl/strings/substitute.cc +7 -6
- data/third_party/abseil-cpp/absl/strings/substitute.h +109 -81
- data/third_party/abseil-cpp/absl/synchronization/barrier.cc +52 -0
- data/third_party/abseil-cpp/absl/synchronization/barrier.h +79 -0
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.cc +67 -0
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.h +101 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +140 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.h +60 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/futex.h +154 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +698 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.h +141 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +156 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.cc +106 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +115 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +428 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +155 -0
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +2751 -0
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +1082 -0
- data/third_party/abseil-cpp/absl/synchronization/notification.cc +78 -0
- data/third_party/abseil-cpp/absl/synchronization/notification.h +123 -0
- data/third_party/abseil-cpp/absl/time/civil_time.cc +9 -11
- data/third_party/abseil-cpp/absl/time/clock.cc +146 -130
- data/third_party/abseil-cpp/absl/time/clock.h +2 -2
- data/third_party/abseil-cpp/absl/time/duration.cc +93 -61
- data/third_party/abseil-cpp/absl/time/format.cc +43 -36
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +33 -27
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +97 -22
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +136 -29
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.h +2 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +13 -21
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +219 -150
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +4 -5
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +15 -8
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +49 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +3 -3
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +1 -1
- data/third_party/abseil-cpp/absl/time/time.cc +4 -3
- data/third_party/abseil-cpp/absl/time/time.h +107 -75
- data/third_party/abseil-cpp/absl/types/bad_optional_access.h +1 -1
- data/third_party/abseil-cpp/absl/types/bad_variant_access.cc +64 -0
- data/third_party/abseil-cpp/absl/types/bad_variant_access.h +82 -0
- data/third_party/abseil-cpp/absl/types/internal/variant.h +1646 -0
- data/third_party/abseil-cpp/absl/types/optional.h +9 -9
- data/third_party/abseil-cpp/absl/types/span.h +51 -38
- data/third_party/abseil-cpp/absl/types/variant.h +866 -0
- data/third_party/abseil-cpp/absl/utility/utility.h +2 -2
- data/third_party/address_sorting/address_sorting_posix.c +1 -0
- data/third_party/address_sorting/include/address_sorting/address_sorting.h +2 -0
- data/third_party/boringssl-with-bazel/err_data.c +775 -721
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +72 -59
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +22 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +6 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +16 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +70 -57
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +19 -29
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +650 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +106 -153
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +23 -11
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +3 -42
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +74 -68
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +25 -29
- data/third_party/boringssl-with-bazel/src/crypto/{x509 → asn1}/charmap.h +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +6 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +224 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +79 -354
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +327 -281
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +15 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +20 -75
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +24 -8
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +1 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +0 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +1 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -17
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +156 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +11 -10
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +9 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +68 -45
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +38 -47
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +49 -65
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +6 -81
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +1 -88
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +101 -3
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +120 -273
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +14 -3
- data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +11 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/dh_asn1.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +272 -0
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +31 -3
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +30 -43
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +55 -4
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +2 -17
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +12 -52
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +0 -22
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +87 -80
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +13 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +161 -2
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +6 -2
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +32 -34
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +17 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +4 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +28 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +26 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +0 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +5 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +44 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +208 -37
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/des/des.c +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/des/internal.h +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/check.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +456 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +11 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +10 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +87 -160
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +9 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +2 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.c +24 -23
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +20 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +105 -95
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +39 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/md4.c +56 -72
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/md5.c +56 -73
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +33 -22
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +17 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +1 -22
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +30 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +123 -44
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +30 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +80 -43
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +120 -62
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +79 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +238 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +93 -107
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +91 -113
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +50 -86
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +618 -0
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +219 -121
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +9 -2
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +125 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +253 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.c +28 -23
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +75 -24
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +10 -6
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +0 -9
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +0 -8
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +0 -4
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +16 -7
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.c +38 -4
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +156 -15
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +7 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +132 -54
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +11 -8
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +59 -22
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/fuchsia.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_asn1.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +7 -13
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +0 -28
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +110 -70
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +348 -423
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +217 -79
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +766 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +15 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +11 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +5 -21
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +351 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +246 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +20 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +13 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +1 -180
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +7 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +0 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +24 -47
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +24 -39
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +29 -23
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +52 -89
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +67 -12
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +9 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +67 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +29 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +82 -113
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +54 -74
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +99 -25
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +11 -12
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +21 -19
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +13 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +21 -34
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +52 -28
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +49 -59
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +21 -172
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +5 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +25 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +75 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +5 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +244 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +7 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +5 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +27 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +43 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +6 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +33 -28
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +7 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +42 -22
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +48 -40
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +112 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +15 -14
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +128 -42
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +86 -44
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +25 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +16 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +119 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +1801 -673
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +5 -179
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +67 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/base64.h +8 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +7 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +62 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +3 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +32 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +42 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +8 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +22 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +25 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +66 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +19 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +27 -41
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +20 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +12 -27
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +41 -10
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +3 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +108 -75
- data/third_party/boringssl-with-bazel/src/include/openssl/evp_errors.h +99 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +350 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +14 -12
- data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +4 -205
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +12 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +26 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +194 -146
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +42 -18
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +15 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +7 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +5 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +128 -91
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +39 -16
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +570 -144
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +53 -38
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +43 -24
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +2041 -829
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +16 -679
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +642 -452
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +18 -5
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +16 -18
- data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +1084 -0
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +4325 -0
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +336 -25
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +108 -53
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +317 -221
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +187 -36
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +554 -173
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +9 -3
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +0 -2
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +14 -19
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +55 -15
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +7 -12
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +10 -11
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +34 -31
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +167 -110
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +2 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +147 -138
- data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +3 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +12 -17
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +16 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +28 -23
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +47 -28
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +80 -36
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +316 -211
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +160 -91
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +398 -145
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +4 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +5 -3
- data/third_party/cares/cares/include/ares.h +742 -0
- data/third_party/cares/cares/include/ares_dns.h +112 -0
- data/third_party/cares/cares/{ares_rules.h → include/ares_rules.h} +0 -0
- data/third_party/cares/cares/include/ares_version.h +24 -0
- data/third_party/cares/cares/src/lib/ares__close_sockets.c +61 -0
- data/third_party/cares/cares/src/lib/ares__get_hostent.c +260 -0
- data/third_party/cares/cares/src/lib/ares__parse_into_addrinfo.c +260 -0
- data/third_party/cares/cares/{ares__read_line.c → src/lib/ares__read_line.c} +0 -0
- data/third_party/cares/cares/src/lib/ares__readaddrinfo.c +264 -0
- data/third_party/cares/cares/src/lib/ares__sortaddrinfo.c +499 -0
- data/third_party/cares/cares/{ares__timeval.c → src/lib/ares__timeval.c} +0 -0
- data/third_party/cares/cares/src/lib/ares_android.c +444 -0
- data/third_party/cares/cares/src/lib/ares_android.h +27 -0
- data/third_party/cares/cares/{ares_cancel.c → src/lib/ares_cancel.c} +0 -0
- data/third_party/cares/cares/src/lib/ares_create_query.c +197 -0
- data/third_party/cares/cares/src/lib/ares_data.c +240 -0
- data/third_party/cares/cares/src/lib/ares_data.h +74 -0
- data/third_party/cares/cares/{ares_destroy.c → src/lib/ares_destroy.c} +0 -0
- data/third_party/cares/cares/src/lib/ares_expand_name.c +300 -0
- data/third_party/cares/cares/src/lib/ares_expand_string.c +67 -0
- data/third_party/cares/cares/{ares_fds.c → src/lib/ares_fds.c} +0 -0
- data/third_party/cares/cares/src/lib/ares_free_hostent.c +43 -0
- data/third_party/cares/cares/{ares_free_string.c → src/lib/ares_free_string.c} +0 -0
- data/third_party/cares/cares/src/lib/ares_freeaddrinfo.c +59 -0
- data/third_party/cares/cares/src/lib/ares_getaddrinfo.c +772 -0
- data/third_party/cares/cares/src/lib/ares_getenv.c +28 -0
- data/third_party/cares/cares/{ares_getenv.h → src/lib/ares_getenv.h} +0 -0
- data/third_party/cares/cares/src/lib/ares_gethostbyaddr.c +287 -0
- data/third_party/cares/cares/src/lib/ares_gethostbyname.c +534 -0
- data/third_party/cares/cares/src/lib/ares_getnameinfo.c +447 -0
- data/third_party/cares/cares/{ares_getsock.c → src/lib/ares_getsock.c} +0 -0
- data/third_party/cares/cares/{ares_inet_net_pton.h → src/lib/ares_inet_net_pton.h} +0 -0
- data/third_party/cares/cares/src/lib/ares_init.c +2654 -0
- data/third_party/cares/cares/{ares_iphlpapi.h → src/lib/ares_iphlpapi.h} +0 -0
- data/third_party/cares/cares/src/lib/ares_ipv6.h +85 -0
- data/third_party/cares/cares/src/lib/ares_library_init.c +200 -0
- data/third_party/cares/cares/src/lib/ares_library_init.h +43 -0
- data/third_party/cares/cares/{ares_llist.c → src/lib/ares_llist.c} +0 -0
- data/third_party/cares/cares/{ares_llist.h → src/lib/ares_llist.h} +0 -0
- data/third_party/cares/cares/{ares_mkquery.c → src/lib/ares_mkquery.c} +0 -0
- data/third_party/cares/cares/src/lib/ares_nameser.h +482 -0
- data/third_party/cares/cares/{ares_nowarn.c → src/lib/ares_nowarn.c} +0 -0
- data/third_party/cares/cares/{ares_nowarn.h → src/lib/ares_nowarn.h} +0 -0
- data/third_party/cares/cares/{ares_options.c → src/lib/ares_options.c} +0 -0
- data/third_party/cares/cares/src/lib/ares_parse_a_reply.c +209 -0
- data/third_party/cares/cares/src/lib/ares_parse_aaaa_reply.c +212 -0
- data/third_party/cares/cares/src/lib/ares_parse_caa_reply.c +199 -0
- data/third_party/cares/cares/src/lib/ares_parse_mx_reply.c +164 -0
- data/third_party/cares/cares/src/lib/ares_parse_naptr_reply.c +183 -0
- data/third_party/cares/cares/src/lib/ares_parse_ns_reply.c +177 -0
- data/third_party/cares/cares/src/lib/ares_parse_ptr_reply.c +228 -0
- data/third_party/cares/cares/src/lib/ares_parse_soa_reply.c +179 -0
- data/third_party/cares/cares/src/lib/ares_parse_srv_reply.c +168 -0
- data/third_party/cares/cares/src/lib/ares_parse_txt_reply.c +214 -0
- data/third_party/cares/cares/{ares_platform.c → src/lib/ares_platform.c} +0 -0
- data/third_party/cares/cares/{ares_platform.h → src/lib/ares_platform.h} +0 -0
- data/third_party/cares/cares/src/lib/ares_private.h +423 -0
- data/third_party/cares/cares/src/lib/ares_process.c +1548 -0
- data/third_party/cares/cares/src/lib/ares_query.c +180 -0
- data/third_party/cares/cares/src/lib/ares_search.c +321 -0
- data/third_party/cares/cares/src/lib/ares_send.c +131 -0
- data/third_party/cares/cares/src/lib/ares_setup.h +220 -0
- data/third_party/cares/cares/{ares_strcasecmp.c → src/lib/ares_strcasecmp.c} +0 -0
- data/third_party/cares/cares/{ares_strcasecmp.h → src/lib/ares_strcasecmp.h} +0 -0
- data/third_party/cares/cares/{ares_strdup.c → src/lib/ares_strdup.c} +0 -0
- data/third_party/cares/cares/{ares_strdup.h → src/lib/ares_strdup.h} +0 -0
- data/third_party/cares/cares/{ares_strerror.c → src/lib/ares_strerror.c} +0 -0
- data/third_party/cares/cares/src/lib/ares_strsplit.c +178 -0
- data/third_party/cares/cares/{ares_strsplit.h → src/lib/ares_strsplit.h} +0 -0
- data/third_party/cares/cares/{ares_timeout.c → src/lib/ares_timeout.c} +0 -0
- data/third_party/cares/cares/{ares_version.c → src/lib/ares_version.c} +0 -0
- data/third_party/cares/cares/{ares_writev.c → src/lib/ares_writev.c} +0 -0
- data/third_party/cares/cares/src/lib/ares_writev.h +36 -0
- data/third_party/cares/cares/{bitncmp.c → src/lib/bitncmp.c} +0 -0
- data/third_party/cares/cares/{bitncmp.h → src/lib/bitncmp.h} +0 -0
- data/third_party/cares/cares/src/lib/config-dos.h +115 -0
- data/third_party/cares/cares/{config-win32.h → src/lib/config-win32.h} +0 -0
- data/third_party/cares/cares/src/lib/inet_net_pton.c +444 -0
- data/third_party/cares/cares/src/lib/inet_ntop.c +201 -0
- data/third_party/cares/cares/{setup_once.h → src/lib/setup_once.h} +0 -0
- data/third_party/cares/cares/{windows_port.c → src/lib/windows_port.c} +0 -0
- data/third_party/re2/re2/bitmap256.h +117 -0
- data/third_party/re2/re2/bitstate.cc +385 -0
- data/third_party/re2/re2/compile.cc +1261 -0
- data/third_party/re2/re2/dfa.cc +2118 -0
- data/third_party/re2/re2/filtered_re2.cc +137 -0
- data/third_party/re2/re2/filtered_re2.h +114 -0
- data/third_party/re2/re2/mimics_pcre.cc +197 -0
- data/third_party/re2/re2/nfa.cc +713 -0
- data/third_party/re2/re2/onepass.cc +623 -0
- data/third_party/re2/re2/parse.cc +2483 -0
- data/third_party/re2/re2/perl_groups.cc +119 -0
- data/third_party/re2/re2/pod_array.h +55 -0
- data/third_party/re2/re2/prefilter.cc +711 -0
- data/third_party/re2/re2/prefilter.h +108 -0
- data/third_party/re2/re2/prefilter_tree.cc +407 -0
- data/third_party/re2/re2/prefilter_tree.h +139 -0
- data/third_party/re2/re2/prog.cc +1166 -0
- data/third_party/re2/re2/prog.h +455 -0
- data/third_party/re2/re2/re2.cc +1331 -0
- data/third_party/re2/re2/re2.h +1017 -0
- data/third_party/re2/re2/regexp.cc +987 -0
- data/third_party/re2/re2/regexp.h +665 -0
- data/third_party/re2/re2/set.cc +176 -0
- data/third_party/re2/re2/set.h +85 -0
- data/third_party/re2/re2/simplify.cc +665 -0
- data/third_party/re2/re2/sparse_array.h +392 -0
- data/third_party/re2/re2/sparse_set.h +264 -0
- data/third_party/re2/re2/stringpiece.cc +65 -0
- data/third_party/re2/re2/stringpiece.h +210 -0
- data/third_party/re2/re2/tostring.cc +351 -0
- data/third_party/re2/re2/unicode_casefold.cc +582 -0
- data/third_party/re2/re2/unicode_casefold.h +78 -0
- data/third_party/re2/re2/unicode_groups.cc +6269 -0
- data/third_party/re2/re2/unicode_groups.h +67 -0
- data/third_party/re2/re2/walker-inl.h +246 -0
- data/third_party/re2/util/benchmark.h +156 -0
- data/third_party/re2/util/flags.h +26 -0
- data/third_party/re2/util/logging.h +109 -0
- data/third_party/re2/util/malloc_counter.h +19 -0
- data/third_party/re2/util/mix.h +41 -0
- data/third_party/re2/util/mutex.h +148 -0
- data/third_party/re2/util/pcre.cc +1025 -0
- data/third_party/re2/util/pcre.h +681 -0
- data/third_party/re2/util/rune.cc +260 -0
- data/third_party/re2/util/strutil.cc +149 -0
- data/third_party/re2/util/strutil.h +21 -0
- data/third_party/re2/util/test.h +50 -0
- data/third_party/re2/util/utf.h +44 -0
- data/third_party/re2/util/util.h +42 -0
- data/third_party/upb/third_party/utf8_range/naive.c +92 -0
- data/third_party/upb/third_party/utf8_range/range2-neon.c +157 -0
- data/third_party/upb/third_party/utf8_range/range2-sse.c +170 -0
- data/third_party/upb/third_party/utf8_range/utf8_range.h +9 -0
- data/third_party/upb/upb/decode.c +997 -481
- data/third_party/upb/upb/decode.h +79 -6
- data/third_party/upb/upb/decode_fast.c +1055 -0
- data/third_party/upb/upb/decode_fast.h +153 -0
- data/third_party/upb/upb/decode_internal.h +211 -0
- data/third_party/upb/upb/def.c +3261 -0
- data/third_party/upb/upb/def.h +409 -0
- data/third_party/upb/upb/def.hpp +438 -0
- data/third_party/upb/upb/encode.c +459 -233
- data/third_party/upb/upb/encode.h +56 -6
- data/third_party/upb/upb/json_encode.c +776 -0
- data/third_party/upb/upb/json_encode.h +62 -0
- data/third_party/upb/upb/msg.c +387 -70
- data/third_party/upb/upb/msg.h +90 -45
- data/third_party/upb/upb/msg_internal.h +831 -0
- data/third_party/upb/upb/port_def.inc +195 -84
- data/third_party/upb/upb/port_undef.inc +48 -7
- data/third_party/upb/upb/reflection.c +480 -0
- data/third_party/upb/upb/reflection.h +220 -0
- data/third_party/upb/upb/reflection.hpp +37 -0
- data/third_party/upb/upb/table.c +441 -428
- data/third_party/upb/upb/table_internal.h +385 -0
- data/third_party/upb/upb/text_encode.c +472 -0
- data/third_party/upb/upb/text_encode.h +64 -0
- data/third_party/upb/upb/upb.c +255 -154
- data/third_party/upb/upb/upb.h +235 -226
- data/third_party/upb/upb/upb.hpp +115 -0
- data/third_party/upb/upb/upb_internal.h +68 -0
- data/third_party/xxhash/xxhash.h +5580 -0
- data/third_party/zlib/crc32.c +966 -292
- data/third_party/zlib/crc32.h +9441 -436
- data/third_party/zlib/deflate.c +78 -30
- data/third_party/zlib/deflate.h +12 -15
- data/third_party/zlib/gzguts.h +3 -2
- data/third_party/zlib/gzlib.c +5 -3
- data/third_party/zlib/gzread.c +5 -7
- data/third_party/zlib/gzwrite.c +25 -13
- data/third_party/zlib/infback.c +2 -1
- data/third_party/zlib/inffast.c +14 -14
- data/third_party/zlib/inflate.c +39 -8
- data/third_party/zlib/inflate.h +3 -2
- data/third_party/zlib/inftrees.c +3 -3
- data/third_party/zlib/trees.c +27 -48
- data/third_party/zlib/zlib.h +123 -100
- data/third_party/zlib/zutil.c +2 -2
- data/third_party/zlib/zutil.h +12 -9
- metadata +1175 -359
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +0 -45
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +0 -121
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +0 -938
- data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +0 -528
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +0 -834
- data/src/core/ext/filters/client_channel/parse_address.cc +0 -238
- data/src/core/ext/filters/client_channel/parse_address.h +0 -53
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +0 -484
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +0 -177
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +0 -68
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_libuv.cc +0 -38
- data/src/core/ext/filters/client_channel/resolver.cc +0 -85
- data/src/core/ext/filters/client_channel/resolver.h +0 -144
- data/src/core/ext/filters/client_channel/resolver_factory.h +0 -73
- data/src/core/ext/filters/client_channel/resolver_registry.cc +0 -197
- data/src/core/ext/filters/client_channel/resolver_registry.h +0 -89
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +0 -348
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +0 -123
- data/src/core/ext/filters/client_channel/server_address.cc +0 -48
- data/src/core/ext/filters/client_channel/server_address.h +0 -90
- data/src/core/ext/filters/client_channel/service_config.cc +0 -221
- data/src/core/ext/filters/client_channel/service_config.h +0 -123
- data/src/core/ext/filters/client_channel/service_config_call_data.h +0 -68
- data/src/core/ext/filters/client_channel/service_config_parser.cc +0 -87
- data/src/core/ext/filters/client_channel/service_config_parser.h +0 -89
- data/src/core/ext/filters/client_channel/xds/xds_api.cc +0 -1906
- data/src/core/ext/filters/client_channel/xds/xds_api.h +0 -280
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +0 -342
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +0 -88
- data/src/core/ext/filters/client_channel/xds/xds_channel.h +0 -46
- data/src/core/ext/filters/client_channel/xds/xds_channel_args.h +0 -26
- data/src/core/ext/filters/client_channel/xds/xds_channel_secure.cc +0 -106
- data/src/core/ext/filters/client_channel/xds/xds_client.cc +0 -2367
- data/src/core/ext/filters/client_channel/xds/xds_client.h +0 -309
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.cc +0 -115
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.h +0 -211
- data/src/core/ext/filters/client_idle/client_idle_filter.cc +0 -440
- data/src/core/ext/filters/max_age/max_age_filter.cc +0 -556
- data/src/core/ext/filters/max_age/max_age_filter.h +0 -26
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +0 -210
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.h +0 -27
- data/src/core/ext/filters/workarounds/workaround_utils.cc +0 -53
- data/src/core/ext/filters/workarounds/workaround_utils.h +0 -39
- data/src/core/ext/transport/chttp2/client/authority.cc +0 -42
- data/src/core/ext/transport/chttp2/client/authority.h +0 -36
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +0 -112
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +0 -79
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +0 -225
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +0 -45
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +0 -75
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +0 -86
- data/src/core/ext/transport/chttp2/transport/chttp2_plugin.cc +0 -37
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +0 -246
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +0 -148
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +0 -66
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +0 -58
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +0 -21
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.h +0 -35
- data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.c +0 -114
- data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.h +0 -418
- data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.c +0 -72
- data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.h +0 -197
- data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.c +0 -105
- data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.h +0 -378
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.c +0 -28
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +0 -74
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.h +0 -218
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.c +0 -35
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.h +0 -69
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.c +0 -55
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.h +0 -305
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.c +0 -403
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.h +0 -1447
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +0 -112
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.h +0 -328
- data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.c +0 -35
- data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.h +0 -78
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +0 -313
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +0 -897
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +0 -96
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.h +0 -322
- data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.c +0 -34
- data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.h +0 -72
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +0 -197
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.h +0 -642
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +0 -172
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +0 -673
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.c +0 -36
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.h +0 -80
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +0 -152
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +0 -518
- data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.c +0 -34
- data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.h +0 -89
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +0 -129
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.h +0 -392
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.c +0 -31
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +0 -18
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.h +0 -33
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.c +0 -91
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.h +0 -266
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +0 -112
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.h +0 -324
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.c +0 -92
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.h +0 -240
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.c +0 -31
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.c +0 -18
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.h +0 -33
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.c +0 -145
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.h +0 -527
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.c +0 -43
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.h +0 -112
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.c +0 -109
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.h +0 -399
- data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.c +0 -30
- data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.c +0 -18
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.h +0 -33
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.c +0 -815
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.h +0 -3032
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.c +0 -63
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.h +0 -199
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.c +0 -59
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.h +0 -134
- data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.c +0 -28
- data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.c +0 -228
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.h +0 -725
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.c +0 -316
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.h +0 -1132
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.c +0 -33
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.h +0 -65
- data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.c +0 -51
- data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.h +0 -125
- data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.c +0 -24
- data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.h +0 -50
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.c +0 -54
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.h +0 -134
- data/src/core/ext/upb-generated/envoy/type/http.upb.c +0 -17
- data/src/core/ext/upb-generated/envoy/type/http.upb.h +0 -36
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.c +0 -63
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.h +0 -144
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.c +0 -53
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.h +0 -133
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.c +0 -88
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.h +0 -258
- data/src/core/ext/upb-generated/envoy/type/percent.upb.c +0 -39
- data/src/core/ext/upb-generated/envoy/type/percent.upb.h +0 -87
- data/src/core/ext/upb-generated/envoy/type/range.upb.c +0 -50
- data/src/core/ext/upb-generated/envoy/type/range.upb.h +0 -112
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.c +0 -29
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.h +0 -62
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.c +0 -89
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.h +0 -249
- data/src/core/ext/upb-generated/gogoproto/gogo.upb.c +0 -17
- data/src/core/ext/upb-generated/gogoproto/gogo.upb.h +0 -30
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +0 -58
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +0 -144
- data/src/core/lib/avl/avl.cc +0 -306
- data/src/core/lib/compression/algorithm_metadata.h +0 -61
- data/src/core/lib/compression/compression_args.cc +0 -134
- data/src/core/lib/compression/compression_args.h +0 -56
- data/src/core/lib/compression/stream_compression.cc +0 -80
- data/src/core/lib/compression/stream_compression.h +0 -116
- data/src/core/lib/compression/stream_compression_gzip.cc +0 -230
- data/src/core/lib/compression/stream_compression_gzip.h +0 -28
- data/src/core/lib/compression/stream_compression_identity.cc +0 -92
- data/src/core/lib/compression/stream_compression_identity.h +0 -29
- data/src/core/lib/gpr/arena.h +0 -47
- data/src/core/lib/gpr/tls_gcc.h +0 -52
- data/src/core/lib/gpr/tls_msvc.h +0 -52
- data/src/core/lib/gpr/tls_pthread.cc +0 -30
- data/src/core/lib/gpr/tls_pthread.h +0 -56
- data/src/core/lib/gprpp/arena.cc +0 -103
- data/src/core/lib/gprpp/arena.h +0 -120
- data/src/core/lib/gprpp/atomic.h +0 -104
- data/src/core/lib/gprpp/map.h +0 -53
- data/src/core/lib/iomgr/endpoint_pair_uv.cc +0 -40
- data/src/core/lib/iomgr/ev_epollex_linux.cc +0 -1656
- data/src/core/lib/iomgr/ev_epollex_linux.h +0 -30
- data/src/core/lib/iomgr/iomgr_custom.cc +0 -79
- data/src/core/lib/iomgr/iomgr_custom.h +0 -49
- data/src/core/lib/iomgr/iomgr_posix.h +0 -26
- data/src/core/lib/iomgr/iomgr_uv.cc +0 -43
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +0 -105
- data/src/core/lib/iomgr/is_epollexclusive_available.h +0 -36
- data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +0 -87
- data/src/core/lib/iomgr/poller/eventmanager_libuv.h +0 -88
- data/src/core/lib/iomgr/pollset_custom.cc +0 -106
- data/src/core/lib/iomgr/pollset_custom.h +0 -35
- data/src/core/lib/iomgr/pollset_set_custom.cc +0 -48
- data/src/core/lib/iomgr/pollset_set_custom.h +0 -26
- data/src/core/lib/iomgr/pollset_uv.cc +0 -93
- data/src/core/lib/iomgr/pollset_uv.h +0 -32
- data/src/core/lib/iomgr/resolve_address_custom.cc +0 -173
- data/src/core/lib/iomgr/resolve_address_custom.h +0 -45
- data/src/core/lib/iomgr/resource_quota.cc +0 -1013
- data/src/core/lib/iomgr/resource_quota.h +0 -177
- data/src/core/lib/iomgr/sockaddr_custom.h +0 -54
- data/src/core/lib/iomgr/sockaddr_utils.cc +0 -293
- data/src/core/lib/iomgr/sockaddr_utils.h +0 -79
- data/src/core/lib/iomgr/socket_utils_uv.cc +0 -49
- data/src/core/lib/iomgr/sys_epoll_wrapper.h +0 -30
- data/src/core/lib/iomgr/tcp_client_custom.cc +0 -163
- data/src/core/lib/iomgr/tcp_custom.cc +0 -370
- data/src/core/lib/iomgr/tcp_custom.h +0 -84
- data/src/core/lib/iomgr/tcp_server_custom.cc +0 -485
- data/src/core/lib/iomgr/tcp_uv.cc +0 -419
- data/src/core/lib/iomgr/timer_custom.cc +0 -95
- data/src/core/lib/iomgr/timer_custom.h +0 -43
- data/src/core/lib/iomgr/timer_uv.cc +0 -66
- data/src/core/lib/iomgr/udp_server.cc +0 -747
- data/src/core/lib/iomgr/udp_server.h +0 -101
- data/src/core/lib/security/credentials/credentials_metadata.cc +0 -62
- data/src/core/lib/security/transport/target_authority_table.cc +0 -75
- data/src/core/lib/security/transport/target_authority_table.h +0 -40
- data/src/core/lib/slice/slice_hash_table.h +0 -199
- data/src/core/lib/slice/slice_intern.cc +0 -375
- data/src/core/lib/slice/slice_utils.h +0 -200
- data/src/core/lib/slice/slice_weak_hash_table.h +0 -102
- data/src/core/lib/surface/init_secure.cc +0 -81
- data/src/core/lib/transport/metadata.cc +0 -679
- data/src/core/lib/transport/metadata.h +0 -446
- data/src/core/lib/transport/metadata_batch.cc +0 -392
- data/src/core/lib/transport/static_metadata.cc +0 -1230
- data/src/core/lib/transport/static_metadata.h +0 -597
- data/src/core/lib/transport/status_metadata.cc +0 -61
- data/src/core/lib/transport/status_metadata.h +0 -48
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +0 -129
- data/third_party/abseil-cpp/absl/base/internal/bits.h +0 -218
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_locl.h +0 -104
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_enum.c +0 -93
- data/third_party/boringssl-with-bazel/src/crypto/dh/dh.c +0 -533
- data/third_party/boringssl-with-bazel/src/crypto/dh/params.c +0 -93
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/is_fips.c +0 -29
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_strex.c +0 -653
- data/third_party/boringssl-with-bazel/src/crypto/x509/vpm_int.h +0 -71
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_r2x.c +0 -116
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_int.h +0 -217
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pku.c +0 -110
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_sxnet.c +0 -274
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +0 -3870
- data/third_party/cares/cares/ares.h +0 -670
- data/third_party/cares/cares/ares__close_sockets.c +0 -61
- data/third_party/cares/cares/ares__get_hostent.c +0 -261
- data/third_party/cares/cares/ares_create_query.c +0 -206
- data/third_party/cares/cares/ares_data.c +0 -222
- data/third_party/cares/cares/ares_data.h +0 -72
- data/third_party/cares/cares/ares_dns.h +0 -103
- data/third_party/cares/cares/ares_expand_name.c +0 -209
- data/third_party/cares/cares/ares_expand_string.c +0 -70
- data/third_party/cares/cares/ares_free_hostent.c +0 -41
- data/third_party/cares/cares/ares_getenv.c +0 -30
- data/third_party/cares/cares/ares_gethostbyaddr.c +0 -294
- data/third_party/cares/cares/ares_gethostbyname.c +0 -529
- data/third_party/cares/cares/ares_getnameinfo.c +0 -453
- data/third_party/cares/cares/ares_getopt.c +0 -122
- data/third_party/cares/cares/ares_getopt.h +0 -53
- data/third_party/cares/cares/ares_init.c +0 -2615
- data/third_party/cares/cares/ares_ipv6.h +0 -78
- data/third_party/cares/cares/ares_library_init.c +0 -195
- data/third_party/cares/cares/ares_library_init.h +0 -43
- data/third_party/cares/cares/ares_parse_a_reply.c +0 -264
- data/third_party/cares/cares/ares_parse_aaaa_reply.c +0 -264
- data/third_party/cares/cares/ares_parse_mx_reply.c +0 -170
- data/third_party/cares/cares/ares_parse_naptr_reply.c +0 -194
- data/third_party/cares/cares/ares_parse_ns_reply.c +0 -183
- data/third_party/cares/cares/ares_parse_ptr_reply.c +0 -221
- data/third_party/cares/cares/ares_parse_soa_reply.c +0 -133
- data/third_party/cares/cares/ares_parse_srv_reply.c +0 -179
- data/third_party/cares/cares/ares_parse_txt_reply.c +0 -220
- data/third_party/cares/cares/ares_private.h +0 -382
- data/third_party/cares/cares/ares_process.c +0 -1473
- data/third_party/cares/cares/ares_query.c +0 -186
- data/third_party/cares/cares/ares_search.c +0 -323
- data/third_party/cares/cares/ares_send.c +0 -137
- data/third_party/cares/cares/ares_setup.h +0 -217
- data/third_party/cares/cares/ares_strsplit.c +0 -174
- data/third_party/cares/cares/ares_version.h +0 -24
- data/third_party/cares/cares/inet_net_pton.c +0 -450
- data/third_party/cares/cares/inet_ntop.c +0 -207
- data/third_party/upb/upb/generated_util.h +0 -105
- data/third_party/upb/upb/port.c +0 -26
- data/third_party/upb/upb/table.int.h +0 -507
|
@@ -4,21 +4,21 @@
|
|
|
4
4
|
* This package is an SSL implementation written
|
|
5
5
|
* by Eric Young (eay@cryptsoft.com).
|
|
6
6
|
* The implementation was written so as to conform with Netscapes SSL.
|
|
7
|
-
*
|
|
7
|
+
*
|
|
8
8
|
* This library is free for commercial and non-commercial use as long as
|
|
9
9
|
* the following conditions are aheared to. The following conditions
|
|
10
10
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
11
11
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
12
12
|
* included with this distribution is covered by the same copyright terms
|
|
13
13
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
14
|
-
*
|
|
14
|
+
*
|
|
15
15
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
16
16
|
* the code are not to be removed.
|
|
17
17
|
* If this package is used in a product, Eric Young should be given attribution
|
|
18
18
|
* as the author of the parts of the library used.
|
|
19
19
|
* This can be in the form of a textual message at program startup or
|
|
20
20
|
* in documentation (online or textual) provided with the package.
|
|
21
|
-
*
|
|
21
|
+
*
|
|
22
22
|
* Redistribution and use in source and binary forms, with or without
|
|
23
23
|
* modification, are permitted provided that the following conditions
|
|
24
24
|
* are met:
|
|
@@ -33,10 +33,10 @@
|
|
|
33
33
|
* Eric Young (eay@cryptsoft.com)"
|
|
34
34
|
* The word 'cryptographic' can be left out if the rouines from the library
|
|
35
35
|
* being used are not cryptographic related :-).
|
|
36
|
-
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
36
|
+
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
37
37
|
* the apps directory (application code) you must include an acknowledgement:
|
|
38
38
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
39
|
-
*
|
|
39
|
+
*
|
|
40
40
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
41
41
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
42
42
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
@@ -48,7 +48,7 @@
|
|
|
48
48
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
49
49
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
50
50
|
* SUCH DAMAGE.
|
|
51
|
-
*
|
|
51
|
+
*
|
|
52
52
|
* The licence and distribution terms for any publically available version or
|
|
53
53
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
54
54
|
* copied and put under another distribution licence
|
|
@@ -56,25 +56,22 @@
|
|
|
56
56
|
*/
|
|
57
57
|
/* ====================================================================
|
|
58
58
|
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
|
59
|
-
* ECDH support in OpenSSL originally developed by
|
|
59
|
+
* ECDH support in OpenSSL originally developed by
|
|
60
60
|
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
|
|
61
61
|
*/
|
|
62
62
|
|
|
63
63
|
#ifndef HEADER_X509_H
|
|
64
64
|
#define HEADER_X509_H
|
|
65
65
|
|
|
66
|
-
#include <openssl/base.h>
|
|
67
|
-
|
|
68
|
-
#include <time.h>
|
|
69
|
-
|
|
70
66
|
#include <openssl/asn1.h>
|
|
67
|
+
#include <openssl/base.h>
|
|
71
68
|
#include <openssl/bio.h>
|
|
72
69
|
#include <openssl/cipher.h>
|
|
73
70
|
#include <openssl/dh.h>
|
|
74
71
|
#include <openssl/dsa.h>
|
|
72
|
+
#include <openssl/ec.h>
|
|
75
73
|
#include <openssl/ecdh.h>
|
|
76
74
|
#include <openssl/ecdsa.h>
|
|
77
|
-
#include <openssl/ec.h>
|
|
78
75
|
#include <openssl/evp.h>
|
|
79
76
|
#include <openssl/obj.h>
|
|
80
77
|
#include <openssl/pkcs7.h>
|
|
@@ -83,542 +80,599 @@
|
|
|
83
80
|
#include <openssl/sha.h>
|
|
84
81
|
#include <openssl/stack.h>
|
|
85
82
|
#include <openssl/thread.h>
|
|
83
|
+
#include <time.h>
|
|
86
84
|
|
|
87
|
-
#
|
|
85
|
+
#if defined(__cplusplus)
|
|
88
86
|
extern "C" {
|
|
89
87
|
#endif
|
|
90
88
|
|
|
91
89
|
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
#define X509_FILETYPE_PEM
|
|
101
|
-
#define X509_FILETYPE_ASN1
|
|
102
|
-
#define X509_FILETYPE_DEFAULT
|
|
103
|
-
|
|
104
|
-
#define X509v3_KU_DIGITAL_SIGNATURE
|
|
105
|
-
#define X509v3_KU_NON_REPUDIATION
|
|
106
|
-
#define X509v3_KU_KEY_ENCIPHERMENT
|
|
107
|
-
#define X509v3_KU_DATA_ENCIPHERMENT
|
|
108
|
-
#define X509v3_KU_KEY_AGREEMENT
|
|
109
|
-
#define X509v3_KU_KEY_CERT_SIGN
|
|
110
|
-
#define X509v3_KU_CRL_SIGN
|
|
111
|
-
#define X509v3_KU_ENCIPHER_ONLY
|
|
112
|
-
#define X509v3_KU_DECIPHER_ONLY
|
|
113
|
-
#define X509v3_KU_UNDEF
|
|
90
|
+
// Legacy X.509 library.
|
|
91
|
+
//
|
|
92
|
+
// This header is part of OpenSSL's X.509 implementation. It is retained for
|
|
93
|
+
// compatibility but otherwise underdocumented and not actively maintained. In
|
|
94
|
+
// the future, a replacement library will be available. Meanwhile, minimize
|
|
95
|
+
// dependencies on this header where possible.
|
|
96
|
+
|
|
97
|
+
|
|
98
|
+
#define X509_FILETYPE_PEM 1
|
|
99
|
+
#define X509_FILETYPE_ASN1 2
|
|
100
|
+
#define X509_FILETYPE_DEFAULT 3
|
|
101
|
+
|
|
102
|
+
#define X509v3_KU_DIGITAL_SIGNATURE 0x0080
|
|
103
|
+
#define X509v3_KU_NON_REPUDIATION 0x0040
|
|
104
|
+
#define X509v3_KU_KEY_ENCIPHERMENT 0x0020
|
|
105
|
+
#define X509v3_KU_DATA_ENCIPHERMENT 0x0010
|
|
106
|
+
#define X509v3_KU_KEY_AGREEMENT 0x0008
|
|
107
|
+
#define X509v3_KU_KEY_CERT_SIGN 0x0004
|
|
108
|
+
#define X509v3_KU_CRL_SIGN 0x0002
|
|
109
|
+
#define X509v3_KU_ENCIPHER_ONLY 0x0001
|
|
110
|
+
#define X509v3_KU_DECIPHER_ONLY 0x8000
|
|
111
|
+
#define X509v3_KU_UNDEF 0xffff
|
|
112
|
+
|
|
113
|
+
struct X509_algor_st {
|
|
114
|
+
ASN1_OBJECT *algorithm;
|
|
115
|
+
ASN1_TYPE *parameter;
|
|
116
|
+
} /* X509_ALGOR */;
|
|
117
|
+
|
|
118
|
+
DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
|
|
114
119
|
|
|
115
120
|
DEFINE_STACK_OF(X509_ALGOR)
|
|
116
|
-
DECLARE_ASN1_SET_OF(X509_ALGOR)
|
|
117
121
|
|
|
118
122
|
typedef STACK_OF(X509_ALGOR) X509_ALGORS;
|
|
119
123
|
|
|
120
|
-
struct X509_val_st
|
|
121
|
-
{
|
|
122
|
-
ASN1_TIME *notBefore;
|
|
123
|
-
ASN1_TIME *notAfter;
|
|
124
|
-
} /* X509_VAL */;
|
|
125
|
-
|
|
126
|
-
struct X509_pubkey_st
|
|
127
|
-
{
|
|
128
|
-
X509_ALGOR *algor;
|
|
129
|
-
ASN1_BIT_STRING *public_key;
|
|
130
|
-
EVP_PKEY *pkey;
|
|
131
|
-
};
|
|
132
|
-
|
|
133
|
-
struct X509_sig_st
|
|
134
|
-
{
|
|
135
|
-
X509_ALGOR *algor;
|
|
136
|
-
ASN1_OCTET_STRING *digest;
|
|
137
|
-
} /* X509_SIG */;
|
|
138
|
-
|
|
139
|
-
struct X509_name_entry_st
|
|
140
|
-
{
|
|
141
|
-
ASN1_OBJECT *object;
|
|
142
|
-
ASN1_STRING *value;
|
|
143
|
-
int set;
|
|
144
|
-
int size; /* temp variable */
|
|
145
|
-
} /* X509_NAME_ENTRY */;
|
|
146
|
-
|
|
147
124
|
DEFINE_STACK_OF(X509_NAME_ENTRY)
|
|
148
|
-
DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
|
|
149
|
-
|
|
150
|
-
/* we always keep X509_NAMEs in 2 forms. */
|
|
151
|
-
struct X509_name_st
|
|
152
|
-
{
|
|
153
|
-
STACK_OF(X509_NAME_ENTRY) *entries;
|
|
154
|
-
int modified; /* true if 'bytes' needs to be built */
|
|
155
|
-
BUF_MEM *bytes;
|
|
156
|
-
/* unsigned long hash; Keep the hash around for lookups */
|
|
157
|
-
unsigned char *canon_enc;
|
|
158
|
-
int canon_enclen;
|
|
159
|
-
} /* X509_NAME */;
|
|
160
125
|
|
|
161
126
|
DEFINE_STACK_OF(X509_NAME)
|
|
162
127
|
|
|
163
|
-
struct X509_extension_st
|
|
164
|
-
{
|
|
165
|
-
ASN1_OBJECT *object;
|
|
166
|
-
ASN1_BOOLEAN critical;
|
|
167
|
-
ASN1_OCTET_STRING *value;
|
|
168
|
-
} /* X509_EXTENSION */;
|
|
169
|
-
|
|
170
128
|
typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
|
|
171
129
|
|
|
172
130
|
DEFINE_STACK_OF(X509_EXTENSION)
|
|
173
|
-
DECLARE_ASN1_SET_OF(X509_EXTENSION)
|
|
174
|
-
|
|
175
|
-
/* a sequence of these are used */
|
|
176
|
-
struct x509_attributes_st
|
|
177
|
-
{
|
|
178
|
-
ASN1_OBJECT *object;
|
|
179
|
-
int single; /* 0 for a set, 1 for a single item (which is wrong) */
|
|
180
|
-
union {
|
|
181
|
-
char *ptr;
|
|
182
|
-
/* 0 */ STACK_OF(ASN1_TYPE) *set;
|
|
183
|
-
/* 1 */ ASN1_TYPE *single;
|
|
184
|
-
} value;
|
|
185
|
-
} /* X509_ATTRIBUTE */;
|
|
186
131
|
|
|
187
132
|
DEFINE_STACK_OF(X509_ATTRIBUTE)
|
|
188
|
-
DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
struct X509_req_info_st
|
|
192
|
-
{
|
|
193
|
-
ASN1_ENCODING enc;
|
|
194
|
-
ASN1_INTEGER *version;
|
|
195
|
-
X509_NAME *subject;
|
|
196
|
-
X509_PUBKEY *pubkey;
|
|
197
|
-
/* d=2 hl=2 l= 0 cons: cont: 00 */
|
|
198
|
-
STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
|
|
199
|
-
} /* X509_REQ_INFO */;
|
|
200
|
-
|
|
201
|
-
struct X509_req_st
|
|
202
|
-
{
|
|
203
|
-
X509_REQ_INFO *req_info;
|
|
204
|
-
X509_ALGOR *sig_alg;
|
|
205
|
-
ASN1_BIT_STRING *signature;
|
|
206
|
-
CRYPTO_refcount_t references;
|
|
207
|
-
} /* X509_REQ */;
|
|
208
|
-
|
|
209
|
-
struct x509_cinf_st
|
|
210
|
-
{
|
|
211
|
-
ASN1_INTEGER *version; /* [ 0 ] default of v1 */
|
|
212
|
-
ASN1_INTEGER *serialNumber;
|
|
213
|
-
X509_ALGOR *signature;
|
|
214
|
-
X509_NAME *issuer;
|
|
215
|
-
X509_VAL *validity;
|
|
216
|
-
X509_NAME *subject;
|
|
217
|
-
X509_PUBKEY *key;
|
|
218
|
-
ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
|
|
219
|
-
ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
|
|
220
|
-
STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
|
|
221
|
-
ASN1_ENCODING enc;
|
|
222
|
-
} /* X509_CINF */;
|
|
223
|
-
|
|
224
|
-
/* This stuff is certificate "auxiliary info"
|
|
225
|
-
* it contains details which are useful in certificate
|
|
226
|
-
* stores and databases. When used this is tagged onto
|
|
227
|
-
* the end of the certificate itself
|
|
228
|
-
*/
|
|
229
133
|
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
ASN1_UTF8STRING *alias; /* "friendly name" */
|
|
235
|
-
ASN1_OCTET_STRING *keyid; /* key id of private key */
|
|
236
|
-
STACK_OF(X509_ALGOR) *other; /* other unspecified info */
|
|
237
|
-
} /* X509_CERT_AUX */;
|
|
134
|
+
// This stuff is certificate "auxiliary info"
|
|
135
|
+
// it contains details which are useful in certificate
|
|
136
|
+
// stores and databases. When used this is tagged onto
|
|
137
|
+
// the end of the certificate itself
|
|
238
138
|
|
|
239
139
|
DECLARE_STACK_OF(DIST_POINT)
|
|
240
140
|
DECLARE_STACK_OF(GENERAL_NAME)
|
|
241
141
|
|
|
242
|
-
struct x509_st
|
|
243
|
-
{
|
|
244
|
-
X509_CINF *cert_info;
|
|
245
|
-
X509_ALGOR *sig_alg;
|
|
246
|
-
ASN1_BIT_STRING *signature;
|
|
247
|
-
CRYPTO_refcount_t references;
|
|
248
|
-
char *name;
|
|
249
|
-
CRYPTO_EX_DATA ex_data;
|
|
250
|
-
/* These contain copies of various extension values */
|
|
251
|
-
long ex_pathlen;
|
|
252
|
-
long ex_pcpathlen;
|
|
253
|
-
unsigned long ex_flags;
|
|
254
|
-
unsigned long ex_kusage;
|
|
255
|
-
unsigned long ex_xkusage;
|
|
256
|
-
unsigned long ex_nscert;
|
|
257
|
-
ASN1_OCTET_STRING *skid;
|
|
258
|
-
AUTHORITY_KEYID *akid;
|
|
259
|
-
X509_POLICY_CACHE *policy_cache;
|
|
260
|
-
STACK_OF(DIST_POINT) *crldp;
|
|
261
|
-
STACK_OF(GENERAL_NAME) *altname;
|
|
262
|
-
NAME_CONSTRAINTS *nc;
|
|
263
|
-
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
|
|
264
|
-
X509_CERT_AUX *aux;
|
|
265
|
-
CRYPTO_BUFFER *buf;
|
|
266
|
-
CRYPTO_MUTEX lock;
|
|
267
|
-
} /* X509 */;
|
|
268
|
-
|
|
269
142
|
DEFINE_STACK_OF(X509)
|
|
270
|
-
DECLARE_ASN1_SET_OF(X509)
|
|
271
143
|
|
|
272
|
-
|
|
144
|
+
// This is used for a table of trust checking functions
|
|
273
145
|
|
|
274
146
|
struct x509_trust_st {
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
|
|
280
|
-
|
|
147
|
+
int trust;
|
|
148
|
+
int flags;
|
|
149
|
+
int (*check_trust)(struct x509_trust_st *, X509 *, int);
|
|
150
|
+
char *name;
|
|
151
|
+
int arg1;
|
|
152
|
+
void *arg2;
|
|
281
153
|
} /* X509_TRUST */;
|
|
282
154
|
|
|
283
155
|
DEFINE_STACK_OF(X509_TRUST)
|
|
284
156
|
|
|
285
|
-
|
|
157
|
+
// standard trust ids
|
|
286
158
|
|
|
287
|
-
#define X509_TRUST_DEFAULT
|
|
159
|
+
#define X509_TRUST_DEFAULT (-1) // Only valid in purpose settings
|
|
288
160
|
|
|
289
|
-
#define X509_TRUST_COMPAT
|
|
290
|
-
#define X509_TRUST_SSL_CLIENT
|
|
291
|
-
#define X509_TRUST_SSL_SERVER
|
|
292
|
-
#define X509_TRUST_EMAIL
|
|
293
|
-
#define X509_TRUST_OBJECT_SIGN
|
|
294
|
-
#define X509_TRUST_OCSP_SIGN
|
|
295
|
-
#define X509_TRUST_OCSP_REQUEST
|
|
296
|
-
#define X509_TRUST_TSA
|
|
161
|
+
#define X509_TRUST_COMPAT 1
|
|
162
|
+
#define X509_TRUST_SSL_CLIENT 2
|
|
163
|
+
#define X509_TRUST_SSL_SERVER 3
|
|
164
|
+
#define X509_TRUST_EMAIL 4
|
|
165
|
+
#define X509_TRUST_OBJECT_SIGN 5
|
|
166
|
+
#define X509_TRUST_OCSP_SIGN 6
|
|
167
|
+
#define X509_TRUST_OCSP_REQUEST 7
|
|
168
|
+
#define X509_TRUST_TSA 8
|
|
297
169
|
|
|
298
|
-
|
|
299
|
-
#define X509_TRUST_MIN
|
|
300
|
-
#define X509_TRUST_MAX
|
|
170
|
+
// Keep these up to date!
|
|
171
|
+
#define X509_TRUST_MIN 1
|
|
172
|
+
#define X509_TRUST_MAX 8
|
|
301
173
|
|
|
302
174
|
|
|
303
|
-
|
|
304
|
-
#define
|
|
305
|
-
#define
|
|
175
|
+
// trust_flags values
|
|
176
|
+
#define X509_TRUST_DYNAMIC 1
|
|
177
|
+
#define X509_TRUST_DYNAMIC_NAME 2
|
|
306
178
|
|
|
307
|
-
|
|
179
|
+
// check_trust return codes
|
|
308
180
|
|
|
309
|
-
#define X509_TRUST_TRUSTED
|
|
310
|
-
#define X509_TRUST_REJECTED
|
|
311
|
-
#define X509_TRUST_UNTRUSTED
|
|
181
|
+
#define X509_TRUST_TRUSTED 1
|
|
182
|
+
#define X509_TRUST_REJECTED 2
|
|
183
|
+
#define X509_TRUST_UNTRUSTED 3
|
|
312
184
|
|
|
313
|
-
|
|
185
|
+
// Flags for X509_print_ex()
|
|
314
186
|
|
|
315
|
-
#define
|
|
316
|
-
#define
|
|
317
|
-
#define
|
|
318
|
-
#define
|
|
319
|
-
#define
|
|
320
|
-
#define
|
|
321
|
-
#define
|
|
322
|
-
#define
|
|
323
|
-
#define
|
|
324
|
-
#define
|
|
325
|
-
#define
|
|
326
|
-
#define
|
|
327
|
-
#define
|
|
328
|
-
#define
|
|
187
|
+
#define X509_FLAG_COMPAT 0
|
|
188
|
+
#define X509_FLAG_NO_HEADER 1L
|
|
189
|
+
#define X509_FLAG_NO_VERSION (1L << 1)
|
|
190
|
+
#define X509_FLAG_NO_SERIAL (1L << 2)
|
|
191
|
+
#define X509_FLAG_NO_SIGNAME (1L << 3)
|
|
192
|
+
#define X509_FLAG_NO_ISSUER (1L << 4)
|
|
193
|
+
#define X509_FLAG_NO_VALIDITY (1L << 5)
|
|
194
|
+
#define X509_FLAG_NO_SUBJECT (1L << 6)
|
|
195
|
+
#define X509_FLAG_NO_PUBKEY (1L << 7)
|
|
196
|
+
#define X509_FLAG_NO_EXTENSIONS (1L << 8)
|
|
197
|
+
#define X509_FLAG_NO_SIGDUMP (1L << 9)
|
|
198
|
+
#define X509_FLAG_NO_AUX (1L << 10)
|
|
199
|
+
#define X509_FLAG_NO_ATTRIBUTES (1L << 11)
|
|
200
|
+
#define X509_FLAG_NO_IDS (1L << 12)
|
|
329
201
|
|
|
330
|
-
|
|
202
|
+
// Flags specific to X509_NAME_print_ex()
|
|
331
203
|
|
|
332
|
-
|
|
204
|
+
// The field separator information
|
|
333
205
|
|
|
334
|
-
#define XN_FLAG_SEP_MASK
|
|
206
|
+
#define XN_FLAG_SEP_MASK (0xf << 16)
|
|
335
207
|
|
|
336
|
-
#define XN_FLAG_COMPAT
|
|
337
|
-
#define XN_FLAG_SEP_COMMA_PLUS
|
|
338
|
-
#define XN_FLAG_SEP_CPLUS_SPC
|
|
339
|
-
#define XN_FLAG_SEP_SPLUS_SPC
|
|
340
|
-
#define XN_FLAG_SEP_MULTILINE
|
|
208
|
+
#define XN_FLAG_COMPAT 0 // Traditional SSLeay: use old X509_NAME_print
|
|
209
|
+
#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) // RFC 2253 ,+
|
|
210
|
+
#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) // ,+ spaced: more readable
|
|
211
|
+
#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) // ;+ spaced
|
|
212
|
+
#define XN_FLAG_SEP_MULTILINE (4 << 16) // One line per field
|
|
341
213
|
|
|
342
|
-
#define XN_FLAG_DN_REV
|
|
214
|
+
#define XN_FLAG_DN_REV (1 << 20) // Reverse DN order
|
|
343
215
|
|
|
344
|
-
|
|
216
|
+
// How the field name is shown
|
|
345
217
|
|
|
346
|
-
#define XN_FLAG_FN_MASK
|
|
218
|
+
#define XN_FLAG_FN_MASK (0x3 << 21)
|
|
347
219
|
|
|
348
|
-
#define XN_FLAG_FN_SN
|
|
349
|
-
#define XN_FLAG_FN_LN
|
|
350
|
-
#define XN_FLAG_FN_OID
|
|
351
|
-
#define XN_FLAG_FN_NONE
|
|
220
|
+
#define XN_FLAG_FN_SN 0 // Object short name
|
|
221
|
+
#define XN_FLAG_FN_LN (1 << 21) // Object long name
|
|
222
|
+
#define XN_FLAG_FN_OID (2 << 21) // Always use OIDs
|
|
223
|
+
#define XN_FLAG_FN_NONE (3 << 21) // No field names
|
|
352
224
|
|
|
353
|
-
#define XN_FLAG_SPC_EQ
|
|
225
|
+
#define XN_FLAG_SPC_EQ (1 << 23) // Put spaces round '='
|
|
354
226
|
|
|
355
|
-
|
|
356
|
-
|
|
357
|
-
*/
|
|
227
|
+
// This determines if we dump fields we don't recognise:
|
|
228
|
+
// RFC 2253 requires this.
|
|
358
229
|
|
|
359
230
|
#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
|
|
360
231
|
|
|
361
|
-
#define XN_FLAG_FN_ALIGN
|
|
362
|
-
|
|
363
|
-
|
|
364
|
-
|
|
365
|
-
#define XN_FLAG_RFC2253
|
|
366
|
-
|
|
367
|
-
|
|
368
|
-
|
|
369
|
-
|
|
370
|
-
|
|
371
|
-
|
|
372
|
-
|
|
373
|
-
|
|
374
|
-
|
|
375
|
-
|
|
376
|
-
|
|
377
|
-
|
|
378
|
-
|
|
379
|
-
|
|
380
|
-
|
|
381
|
-
|
|
382
|
-
|
|
383
|
-
|
|
384
|
-
|
|
385
|
-
|
|
386
|
-
|
|
387
|
-
|
|
388
|
-
|
|
389
|
-
|
|
390
|
-
|
|
391
|
-
ASN1_TIME *revocationDate;
|
|
392
|
-
STACK_OF(X509_EXTENSION) /* optional */ *extensions;
|
|
393
|
-
/* Set up if indirect CRL */
|
|
394
|
-
STACK_OF(GENERAL_NAME) *issuer;
|
|
395
|
-
/* Revocation reason */
|
|
396
|
-
int reason;
|
|
397
|
-
int sequence; /* load sequence */
|
|
398
|
-
};
|
|
232
|
+
#define XN_FLAG_FN_ALIGN (1 << 25) // Align field names to 20 characters
|
|
233
|
+
|
|
234
|
+
// Complete set of RFC 2253 flags
|
|
235
|
+
|
|
236
|
+
#define XN_FLAG_RFC2253 \
|
|
237
|
+
(ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | \
|
|
238
|
+
XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS)
|
|
239
|
+
|
|
240
|
+
// readable oneline form
|
|
241
|
+
|
|
242
|
+
#define XN_FLAG_ONELINE \
|
|
243
|
+
(ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | \
|
|
244
|
+
XN_FLAG_SPC_EQ | XN_FLAG_FN_SN)
|
|
245
|
+
|
|
246
|
+
// readable multiline form
|
|
247
|
+
|
|
248
|
+
#define XN_FLAG_MULTILINE \
|
|
249
|
+
(ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | \
|
|
250
|
+
XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN)
|
|
251
|
+
|
|
252
|
+
struct x509_revoked_st {
|
|
253
|
+
ASN1_INTEGER *serialNumber;
|
|
254
|
+
ASN1_TIME *revocationDate;
|
|
255
|
+
STACK_OF(X509_EXTENSION) /* optional */ *extensions;
|
|
256
|
+
// Set up if indirect CRL
|
|
257
|
+
STACK_OF(GENERAL_NAME) *issuer;
|
|
258
|
+
// Revocation reason
|
|
259
|
+
int reason;
|
|
260
|
+
int sequence; // load sequence
|
|
261
|
+
};
|
|
399
262
|
|
|
400
263
|
DEFINE_STACK_OF(X509_REVOKED)
|
|
401
|
-
DECLARE_ASN1_SET_OF(X509_REVOKED)
|
|
402
|
-
|
|
403
|
-
struct X509_crl_info_st
|
|
404
|
-
{
|
|
405
|
-
ASN1_INTEGER *version;
|
|
406
|
-
X509_ALGOR *sig_alg;
|
|
407
|
-
X509_NAME *issuer;
|
|
408
|
-
ASN1_TIME *lastUpdate;
|
|
409
|
-
ASN1_TIME *nextUpdate;
|
|
410
|
-
STACK_OF(X509_REVOKED) *revoked;
|
|
411
|
-
STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
|
|
412
|
-
ASN1_ENCODING enc;
|
|
413
|
-
} /* X509_CRL_INFO */;
|
|
414
264
|
|
|
415
265
|
DECLARE_STACK_OF(GENERAL_NAMES)
|
|
416
266
|
|
|
417
|
-
struct X509_crl_st
|
|
418
|
-
{
|
|
419
|
-
/* actual signature */
|
|
420
|
-
X509_CRL_INFO *crl;
|
|
421
|
-
X509_ALGOR *sig_alg;
|
|
422
|
-
ASN1_BIT_STRING *signature;
|
|
423
|
-
CRYPTO_refcount_t references;
|
|
424
|
-
int flags;
|
|
425
|
-
/* Copies of various extensions */
|
|
426
|
-
AUTHORITY_KEYID *akid;
|
|
427
|
-
ISSUING_DIST_POINT *idp;
|
|
428
|
-
/* Convenient breakdown of IDP */
|
|
429
|
-
int idp_flags;
|
|
430
|
-
int idp_reasons;
|
|
431
|
-
/* CRL and base CRL numbers for delta processing */
|
|
432
|
-
ASN1_INTEGER *crl_number;
|
|
433
|
-
ASN1_INTEGER *base_crl_number;
|
|
434
|
-
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
|
|
435
|
-
STACK_OF(GENERAL_NAMES) *issuers;
|
|
436
|
-
const X509_CRL_METHOD *meth;
|
|
437
|
-
void *meth_data;
|
|
438
|
-
} /* X509_CRL */;
|
|
439
|
-
|
|
440
267
|
DEFINE_STACK_OF(X509_CRL)
|
|
441
|
-
DECLARE_ASN1_SET_OF(X509_CRL)
|
|
442
268
|
|
|
443
|
-
struct private_key_st
|
|
444
|
-
|
|
445
|
-
|
|
446
|
-
|
|
447
|
-
|
|
448
|
-
ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */
|
|
269
|
+
struct private_key_st {
|
|
270
|
+
int version;
|
|
271
|
+
// The PKCS#8 data types
|
|
272
|
+
X509_ALGOR *enc_algor;
|
|
273
|
+
ASN1_OCTET_STRING *enc_pkey; // encrypted pub key
|
|
449
274
|
|
|
450
|
-
|
|
451
|
-
|
|
275
|
+
// When decrypted, the following will not be NULL
|
|
276
|
+
EVP_PKEY *dec_pkey;
|
|
452
277
|
|
|
453
|
-
|
|
454
|
-
|
|
455
|
-
|
|
456
|
-
|
|
278
|
+
// used to encrypt and decrypt
|
|
279
|
+
int key_length;
|
|
280
|
+
char *key_data;
|
|
281
|
+
int key_free; // true if we should auto free key_data
|
|
457
282
|
|
|
458
|
-
|
|
459
|
-
|
|
460
|
-
|
|
283
|
+
// expanded version of 'enc_algor'
|
|
284
|
+
EVP_CIPHER_INFO cipher;
|
|
285
|
+
} /* X509_PKEY */;
|
|
461
286
|
|
|
462
|
-
|
|
463
|
-
|
|
464
|
-
|
|
465
|
-
|
|
466
|
-
X509_CRL *crl;
|
|
467
|
-
X509_PKEY *x_pkey;
|
|
287
|
+
struct X509_info_st {
|
|
288
|
+
X509 *x509;
|
|
289
|
+
X509_CRL *crl;
|
|
290
|
+
X509_PKEY *x_pkey;
|
|
468
291
|
|
|
469
|
-
|
|
470
|
-
|
|
471
|
-
|
|
292
|
+
EVP_CIPHER_INFO enc_cipher;
|
|
293
|
+
int enc_len;
|
|
294
|
+
char *enc_data;
|
|
472
295
|
|
|
473
|
-
|
|
296
|
+
} /* X509_INFO */;
|
|
474
297
|
|
|
475
298
|
DEFINE_STACK_OF(X509_INFO)
|
|
476
|
-
#endif
|
|
477
|
-
|
|
478
|
-
/* The next 2 structures and their 8 routines were sent to me by
|
|
479
|
-
* Pat Richard <patr@x509.com> and are used to manipulate
|
|
480
|
-
* Netscapes spki structures - useful if you are writing a CA web page
|
|
481
|
-
*/
|
|
482
|
-
struct Netscape_spkac_st
|
|
483
|
-
{
|
|
484
|
-
X509_PUBKEY *pubkey;
|
|
485
|
-
ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */
|
|
486
|
-
} /* NETSCAPE_SPKAC */;
|
|
487
|
-
|
|
488
|
-
struct Netscape_spki_st
|
|
489
|
-
{
|
|
490
|
-
NETSCAPE_SPKAC *spkac; /* signed public key and challenge */
|
|
491
|
-
X509_ALGOR *sig_algor;
|
|
492
|
-
ASN1_BIT_STRING *signature;
|
|
493
|
-
} /* NETSCAPE_SPKI */;
|
|
494
|
-
|
|
495
|
-
/* PKCS#8 private key info structure */
|
|
496
|
-
|
|
497
|
-
struct pkcs8_priv_key_info_st
|
|
498
|
-
{
|
|
499
|
-
int broken; /* Flag for various broken formats */
|
|
500
|
-
#define PKCS8_OK 0
|
|
501
|
-
#define PKCS8_NO_OCTET 1
|
|
502
|
-
#define PKCS8_EMBEDDED_PARAM 2
|
|
503
|
-
#define PKCS8_NS_DB 3
|
|
504
|
-
#define PKCS8_NEG_PRIVKEY 4
|
|
505
|
-
ASN1_INTEGER *version;
|
|
506
|
-
X509_ALGOR *pkeyalg;
|
|
507
|
-
ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */
|
|
508
|
-
STACK_OF(X509_ATTRIBUTE) *attributes;
|
|
509
|
-
};
|
|
510
|
-
|
|
511
|
-
#ifdef __cplusplus
|
|
512
|
-
}
|
|
513
|
-
#endif
|
|
514
|
-
|
|
515
|
-
#include <openssl/x509_vfy.h>
|
|
516
299
|
|
|
517
|
-
|
|
518
|
-
|
|
519
|
-
|
|
300
|
+
// The next 2 structures and their 8 routines were sent to me by
|
|
301
|
+
// Pat Richard <patr@x509.com> and are used to manipulate
|
|
302
|
+
// Netscapes spki structures - useful if you are writing a CA web page
|
|
303
|
+
struct Netscape_spkac_st {
|
|
304
|
+
X509_PUBKEY *pubkey;
|
|
305
|
+
ASN1_IA5STRING *challenge; // challenge sent in atlas >= PR2
|
|
306
|
+
} /* NETSCAPE_SPKAC */;
|
|
307
|
+
|
|
308
|
+
struct Netscape_spki_st {
|
|
309
|
+
NETSCAPE_SPKAC *spkac; // signed public key and challenge
|
|
310
|
+
X509_ALGOR *sig_algor;
|
|
311
|
+
ASN1_BIT_STRING *signature;
|
|
312
|
+
} /* NETSCAPE_SPKI */;
|
|
313
|
+
|
|
314
|
+
// TODO(davidben): Document remaining functions, reorganize them, and define
|
|
315
|
+
// supported patterns for using |X509| objects in general. In particular, when
|
|
316
|
+
// it is safe to call mutating functions is a little tricky due to various
|
|
317
|
+
// internal caches.
|
|
318
|
+
|
|
319
|
+
// X509_VERSION_* are X.509 version numbers. Note the numerical values of all
|
|
320
|
+
// defined X.509 versions are one less than the named version.
|
|
321
|
+
#define X509_VERSION_1 0
|
|
322
|
+
#define X509_VERSION_2 1
|
|
323
|
+
#define X509_VERSION_3 2
|
|
324
|
+
|
|
325
|
+
// X509_get_version returns the numerical value of |x509|'s version. Callers may
|
|
326
|
+
// compare the result to the |X509_VERSION_*| constants. Unknown versions are
|
|
327
|
+
// rejected by the parser, but a manually-created |X509| object may encode
|
|
328
|
+
// invalid versions. In that case, the function will return the invalid version,
|
|
329
|
+
// or -1 on overflow.
|
|
330
|
+
OPENSSL_EXPORT long X509_get_version(const X509 *x509);
|
|
331
|
+
|
|
332
|
+
// X509_set_version sets |x509|'s version to |version|, which should be one of
|
|
333
|
+
// the |X509V_VERSION_*| constants. It returns one on success and zero on error.
|
|
334
|
+
//
|
|
335
|
+
// If unsure, use |X509_VERSION_3|.
|
|
336
|
+
OPENSSL_EXPORT int X509_set_version(X509 *x509, long version);
|
|
337
|
+
|
|
338
|
+
// X509_get0_serialNumber returns |x509|'s serial number.
|
|
339
|
+
OPENSSL_EXPORT const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x509);
|
|
340
|
+
|
|
341
|
+
// X509_set_serialNumber sets |x509|'s serial number to |serial|. It returns one
|
|
342
|
+
// on success and zero on error.
|
|
343
|
+
OPENSSL_EXPORT int X509_set_serialNumber(X509 *x509,
|
|
344
|
+
const ASN1_INTEGER *serial);
|
|
345
|
+
|
|
346
|
+
// X509_get0_notBefore returns |x509|'s notBefore time.
|
|
347
|
+
OPENSSL_EXPORT const ASN1_TIME *X509_get0_notBefore(const X509 *x509);
|
|
348
|
+
|
|
349
|
+
// X509_get0_notAfter returns |x509|'s notAfter time.
|
|
350
|
+
OPENSSL_EXPORT const ASN1_TIME *X509_get0_notAfter(const X509 *x509);
|
|
351
|
+
|
|
352
|
+
// X509_set1_notBefore sets |x509|'s notBefore time to |tm|. It returns one on
|
|
353
|
+
// success and zero on error.
|
|
354
|
+
OPENSSL_EXPORT int X509_set1_notBefore(X509 *x509, const ASN1_TIME *tm);
|
|
355
|
+
|
|
356
|
+
// X509_set1_notAfter sets |x509|'s notAfter time to |tm|. it returns one on
|
|
357
|
+
// success and zero on error.
|
|
358
|
+
OPENSSL_EXPORT int X509_set1_notAfter(X509 *x509, const ASN1_TIME *tm);
|
|
359
|
+
|
|
360
|
+
// X509_getm_notBefore returns a mutable pointer to |x509|'s notBefore time.
|
|
361
|
+
OPENSSL_EXPORT ASN1_TIME *X509_getm_notBefore(X509 *x509);
|
|
362
|
+
|
|
363
|
+
// X509_getm_notAfter returns a mutable pointer to |x509|'s notAfter time.
|
|
364
|
+
OPENSSL_EXPORT ASN1_TIME *X509_getm_notAfter(X509 *x);
|
|
520
365
|
|
|
521
|
-
|
|
522
|
-
|
|
523
|
-
|
|
524
|
-
|
|
525
|
-
|
|
526
|
-
|
|
527
|
-
|
|
528
|
-
|
|
529
|
-
|
|
530
|
-
|
|
531
|
-
|
|
532
|
-
|
|
533
|
-
|
|
534
|
-
|
|
535
|
-
|
|
536
|
-
|
|
537
|
-
|
|
538
|
-
|
|
539
|
-
|
|
540
|
-
|
|
541
|
-
|
|
542
|
-
|
|
543
|
-
|
|
544
|
-
|
|
366
|
+
// X509_get_notBefore returns |x509|'s notBefore time. Note this function is not
|
|
367
|
+
// const-correct for legacy reasons. Use |X509_get0_notBefore| or
|
|
368
|
+
// |X509_getm_notBefore| instead.
|
|
369
|
+
OPENSSL_EXPORT ASN1_TIME *X509_get_notBefore(const X509 *x509);
|
|
370
|
+
|
|
371
|
+
// X509_get_notAfter returns |x509|'s notAfter time. Note this function is not
|
|
372
|
+
// const-correct for legacy reasons. Use |X509_get0_notAfter| or
|
|
373
|
+
// |X509_getm_notAfter| instead.
|
|
374
|
+
OPENSSL_EXPORT ASN1_TIME *X509_get_notAfter(const X509 *x509);
|
|
375
|
+
|
|
376
|
+
// X509_set_notBefore calls |X509_set1_notBefore|. Use |X509_set1_notBefore|
|
|
377
|
+
// instead.
|
|
378
|
+
OPENSSL_EXPORT int X509_set_notBefore(X509 *x509, const ASN1_TIME *tm);
|
|
379
|
+
|
|
380
|
+
// X509_set_notAfter calls |X509_set1_notAfter|. Use |X509_set1_notAfter|
|
|
381
|
+
// instead.
|
|
382
|
+
OPENSSL_EXPORT int X509_set_notAfter(X509 *x509, const ASN1_TIME *tm);
|
|
383
|
+
|
|
384
|
+
// X509_get0_uids sets |*out_issuer_uid| to a non-owning pointer to the
|
|
385
|
+
// issuerUID field of |x509|, or NULL if |x509| has no issuerUID. It similarly
|
|
386
|
+
// outputs |x509|'s subjectUID field to |*out_subject_uid|.
|
|
387
|
+
//
|
|
388
|
+
// Callers may pass NULL to either |out_issuer_uid| or |out_subject_uid| to
|
|
389
|
+
// ignore the corresponding field.
|
|
390
|
+
OPENSSL_EXPORT void X509_get0_uids(const X509 *x509,
|
|
391
|
+
const ASN1_BIT_STRING **out_issuer_uid,
|
|
392
|
+
const ASN1_BIT_STRING **out_subject_uid);
|
|
393
|
+
|
|
394
|
+
// X509_extract_key is a legacy alias to |X509_get_pubkey|. Use
|
|
395
|
+
// |X509_get_pubkey| instead.
|
|
396
|
+
#define X509_extract_key(x) X509_get_pubkey(x)
|
|
397
|
+
|
|
398
|
+
// X509_get_pathlen returns path length constraint from the basic constraints
|
|
399
|
+
// extension in |x509|. (See RFC 5280, section 4.2.1.9.) It returns -1 if the
|
|
400
|
+
// constraint is not present, or if some extension in |x509| was invalid.
|
|
401
|
+
//
|
|
402
|
+
// Note that decoding an |X509| object will not check for invalid extensions. To
|
|
403
|
+
// detect the error case, call |X509_get_extensions_flags| and check the
|
|
404
|
+
// |EXFLAG_INVALID| bit.
|
|
405
|
+
OPENSSL_EXPORT long X509_get_pathlen(X509 *x509);
|
|
406
|
+
|
|
407
|
+
// X509_REQ_VERSION_1 is the version constant for |X509_REQ| objects. Note no
|
|
408
|
+
// other versions are defined.
|
|
409
|
+
#define X509_REQ_VERSION_1 0
|
|
410
|
+
|
|
411
|
+
// X509_REQ_get_version returns the numerical value of |req|'s version. This
|
|
412
|
+
// will be |X509_REQ_VERSION_1| for valid certificate requests. If |req| is
|
|
413
|
+
// invalid, it may return another value, or -1 on overflow.
|
|
414
|
+
//
|
|
415
|
+
// TODO(davidben): Enforce the version number in the parser.
|
|
416
|
+
OPENSSL_EXPORT long X509_REQ_get_version(const X509_REQ *req);
|
|
417
|
+
|
|
418
|
+
// X509_REQ_get_subject_name returns |req|'s subject name. Note this function is
|
|
419
|
+
// not const-correct for legacy reasons.
|
|
420
|
+
OPENSSL_EXPORT X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
|
|
421
|
+
|
|
422
|
+
// X509_REQ_extract_key is a legacy alias for |X509_REQ_get_pubkey|.
|
|
423
|
+
#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
|
|
424
|
+
|
|
425
|
+
// X509_name_cmp is a legacy alias for |X509_NAME_cmp|.
|
|
426
|
+
#define X509_name_cmp(a, b) X509_NAME_cmp((a), (b))
|
|
427
|
+
|
|
428
|
+
#define X509_CRL_VERSION_1 0
|
|
429
|
+
#define X509_CRL_VERSION_2 1
|
|
430
|
+
|
|
431
|
+
// X509_CRL_get_version returns the numerical value of |crl|'s version. Callers
|
|
432
|
+
// may compare the result to |X509_CRL_VERSION_*| constants. If |crl| is
|
|
433
|
+
// invalid, it may return another value, or -1 on overflow.
|
|
434
|
+
//
|
|
435
|
+
// TODO(davidben): Enforce the version number in the parser.
|
|
436
|
+
OPENSSL_EXPORT long X509_CRL_get_version(const X509_CRL *crl);
|
|
437
|
+
|
|
438
|
+
// X509_CRL_get0_lastUpdate returns |crl|'s lastUpdate time.
|
|
439
|
+
OPENSSL_EXPORT const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
|
|
440
|
+
|
|
441
|
+
// X509_CRL_get0_nextUpdate returns |crl|'s nextUpdate time, or NULL if |crl|
|
|
442
|
+
// has none.
|
|
443
|
+
OPENSSL_EXPORT const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
|
|
444
|
+
|
|
445
|
+
// X509_CRL_set1_lastUpdate sets |crl|'s lastUpdate time to |tm|. It returns one
|
|
446
|
+
// on success and zero on error.
|
|
447
|
+
OPENSSL_EXPORT int X509_CRL_set1_lastUpdate(X509_CRL *crl, const ASN1_TIME *tm);
|
|
448
|
+
|
|
449
|
+
// X509_CRL_set1_nextUpdate sets |crl|'s nextUpdate time to |tm|. It returns one
|
|
450
|
+
// on success and zero on error.
|
|
451
|
+
OPENSSL_EXPORT int X509_CRL_set1_nextUpdate(X509_CRL *crl, const ASN1_TIME *tm);
|
|
452
|
+
|
|
453
|
+
// The following symbols are deprecated aliases to |X509_CRL_set1_*|.
|
|
454
|
+
#define X509_CRL_set_lastUpdate X509_CRL_set1_lastUpdate
|
|
455
|
+
#define X509_CRL_set_nextUpdate X509_CRL_set1_nextUpdate
|
|
456
|
+
|
|
457
|
+
// X509_CRL_get_lastUpdate returns a mutable pointer to |crl|'s lastUpdate time.
|
|
458
|
+
// Use |X509_CRL_get0_lastUpdate| or |X509_CRL_set1_lastUpdate| instead.
|
|
459
|
+
OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl);
|
|
460
|
+
|
|
461
|
+
// X509_CRL_get_nextUpdate returns a mutable pointer to |crl|'s nextUpdate time,
|
|
462
|
+
// or NULL if |crl| has none. Use |X509_CRL_get0_nextUpdate| or
|
|
463
|
+
// |X509_CRL_set1_nextUpdate| instead.
|
|
464
|
+
OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl);
|
|
465
|
+
|
|
466
|
+
// X509_CRL_get_issuer returns |crl|'s issuer name. Note this function is not
|
|
467
|
+
// const-correct for legacy reasons.
|
|
468
|
+
OPENSSL_EXPORT X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
|
|
469
|
+
|
|
470
|
+
// X509_CRL_get_REVOKED returns the list of revoked certificates in |crl|, or
|
|
471
|
+
// NULL if |crl| omits it.
|
|
472
|
+
//
|
|
473
|
+
// TOOD(davidben): This function was originally a macro, without clear const
|
|
474
|
+
// semantics. It should take a const input and give const output, but the latter
|
|
475
|
+
// would break existing callers. For now, we match upstream.
|
|
476
|
+
OPENSSL_EXPORT STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
|
|
477
|
+
|
|
478
|
+
// X509_CRL_get0_extensions returns |crl|'s extension list, or NULL if |crl|
|
|
479
|
+
// omits it.
|
|
480
|
+
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(
|
|
481
|
+
const X509_CRL *crl);
|
|
482
|
+
|
|
483
|
+
// X509_SIG_get0 sets |*out_alg| and |*out_digest| to non-owning pointers to
|
|
484
|
+
// |sig|'s algorithm and digest fields, respectively. Either |out_alg| and
|
|
485
|
+
// |out_digest| may be NULL to skip those fields.
|
|
486
|
+
OPENSSL_EXPORT void X509_SIG_get0(const X509_SIG *sig,
|
|
487
|
+
const X509_ALGOR **out_alg,
|
|
488
|
+
const ASN1_OCTET_STRING **out_digest);
|
|
489
|
+
|
|
490
|
+
// X509_SIG_getm behaves like |X509_SIG_get0| but returns mutable pointers.
|
|
491
|
+
OPENSSL_EXPORT void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **out_alg,
|
|
492
|
+
ASN1_OCTET_STRING **out_digest);
|
|
545
493
|
|
|
546
494
|
OPENSSL_EXPORT void X509_CRL_set_default_method(const X509_CRL_METHOD *meth);
|
|
547
495
|
OPENSSL_EXPORT X509_CRL_METHOD *X509_CRL_METHOD_new(
|
|
548
|
-
|
|
549
|
-
|
|
550
|
-
|
|
551
|
-
|
|
552
|
-
int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk));
|
|
496
|
+
int (*crl_init)(X509_CRL *crl), int (*crl_free)(X509_CRL *crl),
|
|
497
|
+
int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret, ASN1_INTEGER *ser,
|
|
498
|
+
X509_NAME *issuer),
|
|
499
|
+
int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk));
|
|
553
500
|
OPENSSL_EXPORT void X509_CRL_METHOD_free(X509_CRL_METHOD *m);
|
|
554
501
|
|
|
555
502
|
OPENSSL_EXPORT void X509_CRL_set_meth_data(X509_CRL *crl, void *dat);
|
|
556
503
|
OPENSSL_EXPORT void *X509_CRL_get_meth_data(X509_CRL *crl);
|
|
557
504
|
|
|
558
|
-
|
|
559
|
-
|
|
560
|
-
|
|
561
|
-
|
|
562
|
-
|
|
563
|
-
|
|
564
|
-
|
|
565
|
-
|
|
566
|
-
OPENSSL_EXPORT
|
|
567
|
-
|
|
568
|
-
|
|
569
|
-
|
|
570
|
-
|
|
571
|
-
|
|
572
|
-
OPENSSL_EXPORT
|
|
573
|
-
|
|
574
|
-
|
|
575
|
-
|
|
576
|
-
|
|
577
|
-
|
|
578
|
-
|
|
579
|
-
|
|
580
|
-
OPENSSL_EXPORT int
|
|
505
|
+
// X509_get_X509_PUBKEY returns the public key of |x509|. Note this function is
|
|
506
|
+
// not const-correct for legacy reasons. Callers should not modify the returned
|
|
507
|
+
// object.
|
|
508
|
+
OPENSSL_EXPORT X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x509);
|
|
509
|
+
|
|
510
|
+
// X509_verify_cert_error_string returns |err| as a human-readable string, where
|
|
511
|
+
// |err| should be one of the |X509_V_*| values. If |err| is unknown, it returns
|
|
512
|
+
// a default description.
|
|
513
|
+
OPENSSL_EXPORT const char *X509_verify_cert_error_string(long err);
|
|
514
|
+
|
|
515
|
+
// X509_verify checks that |x509| has a valid signature by |pkey|. It returns
|
|
516
|
+
// one if the signature is valid and zero otherwise. Note this function only
|
|
517
|
+
// checks the signature itself and does not perform a full certificate
|
|
518
|
+
// validation.
|
|
519
|
+
OPENSSL_EXPORT int X509_verify(X509 *x509, EVP_PKEY *pkey);
|
|
520
|
+
|
|
521
|
+
// X509_REQ_verify checks that |req| has a valid signature by |pkey|. It returns
|
|
522
|
+
// one if the signature is valid and zero otherwise.
|
|
523
|
+
OPENSSL_EXPORT int X509_REQ_verify(X509_REQ *req, EVP_PKEY *pkey);
|
|
524
|
+
|
|
525
|
+
// X509_CRL_verify checks that |crl| has a valid signature by |pkey|. It returns
|
|
526
|
+
// one if the signature is valid and zero otherwise.
|
|
527
|
+
OPENSSL_EXPORT int X509_CRL_verify(X509_CRL *crl, EVP_PKEY *pkey);
|
|
528
|
+
|
|
529
|
+
// NETSCAPE_SPKI_verify checks that |spki| has a valid signature by |pkey|. It
|
|
530
|
+
// returns one if the signature is valid and zero otherwise.
|
|
531
|
+
OPENSSL_EXPORT int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *spki, EVP_PKEY *pkey);
|
|
532
|
+
|
|
533
|
+
// NETSCAPE_SPKI_b64_decode decodes |len| bytes from |str| as a base64-encoded
|
|
534
|
+
// Netscape signed public key and challenge (SPKAC) structure. It returns a
|
|
535
|
+
// newly-allocated |NETSCAPE_SPKI| structure with the result, or NULL on error.
|
|
536
|
+
// If |len| is 0 or negative, the length is calculated with |strlen| and |str|
|
|
537
|
+
// must be a NUL-terminated C string.
|
|
538
|
+
OPENSSL_EXPORT NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str,
|
|
539
|
+
int len);
|
|
540
|
+
|
|
541
|
+
// NETSCAPE_SPKI_b64_encode encodes |spki| as a base64-encoded Netscape signed
|
|
542
|
+
// public key and challenge (SPKAC) structure. It returns a newly-allocated
|
|
543
|
+
// NUL-terminated C string with the result, or NULL on error. The caller must
|
|
544
|
+
// release the memory with |OPENSSL_free| when done.
|
|
545
|
+
OPENSSL_EXPORT char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki);
|
|
546
|
+
|
|
547
|
+
// NETSCAPE_SPKI_get_pubkey decodes and returns the public key in |spki| as an
|
|
548
|
+
// |EVP_PKEY|, or NULL on error. The caller takes ownership of the resulting
|
|
549
|
+
// pointer and must call |EVP_PKEY_free| when done.
|
|
550
|
+
OPENSSL_EXPORT EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *spki);
|
|
551
|
+
|
|
552
|
+
// NETSCAPE_SPKI_set_pubkey sets |spki|'s public key to |pkey|. It returns one
|
|
553
|
+
// on success or zero on error. This function does not take ownership of |pkey|,
|
|
554
|
+
// so the caller may continue to manage its lifetime independently of |spki|.
|
|
555
|
+
OPENSSL_EXPORT int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *spki,
|
|
556
|
+
EVP_PKEY *pkey);
|
|
557
|
+
|
|
558
|
+
// X509_signature_dump writes a human-readable representation of |sig| to |bio|,
|
|
559
|
+
// indented with |indent| spaces. It returns one on success and zero on error.
|
|
560
|
+
OPENSSL_EXPORT int X509_signature_dump(BIO *bio, const ASN1_STRING *sig,
|
|
561
|
+
int indent);
|
|
562
|
+
|
|
563
|
+
// X509_signature_print writes a human-readable representation of |alg| and
|
|
564
|
+
// |sig| to |bio|. It returns one on success and zero on error.
|
|
565
|
+
OPENSSL_EXPORT int X509_signature_print(BIO *bio, const X509_ALGOR *alg,
|
|
581
566
|
const ASN1_STRING *sig);
|
|
582
567
|
|
|
583
|
-
|
|
584
|
-
|
|
585
|
-
|
|
586
|
-
|
|
587
|
-
OPENSSL_EXPORT int
|
|
588
|
-
|
|
589
|
-
|
|
590
|
-
|
|
591
|
-
|
|
592
|
-
|
|
593
|
-
|
|
594
|
-
|
|
595
|
-
|
|
596
|
-
|
|
597
|
-
|
|
598
|
-
|
|
599
|
-
|
|
600
|
-
|
|
601
|
-
|
|
602
|
-
|
|
603
|
-
|
|
604
|
-
|
|
605
|
-
|
|
606
|
-
|
|
568
|
+
// X509_sign signs |x509| with |pkey| and replaces the signature algorithm and
|
|
569
|
+
// signature fields. It returns one on success and zero on error. This function
|
|
570
|
+
// uses digest algorithm |md|, or |pkey|'s default if NULL. Other signing
|
|
571
|
+
// parameters use |pkey|'s defaults. To customize them, use |X509_sign_ctx|.
|
|
572
|
+
OPENSSL_EXPORT int X509_sign(X509 *x509, EVP_PKEY *pkey, const EVP_MD *md);
|
|
573
|
+
|
|
574
|
+
// X509_sign_ctx signs |x509| with |ctx| and replaces the signature algorithm
|
|
575
|
+
// and signature fields. It returns one on success and zero on error. The
|
|
576
|
+
// signature algorithm and parameters come from |ctx|, which must have been
|
|
577
|
+
// initialized with |EVP_DigestSignInit|. The caller should configure the
|
|
578
|
+
// corresponding |EVP_PKEY_CTX| before calling this function.
|
|
579
|
+
OPENSSL_EXPORT int X509_sign_ctx(X509 *x509, EVP_MD_CTX *ctx);
|
|
580
|
+
|
|
581
|
+
// X509_REQ_sign signs |req| with |pkey| and replaces the signature algorithm
|
|
582
|
+
// and signature fields. It returns one on success and zero on error. This
|
|
583
|
+
// function uses digest algorithm |md|, or |pkey|'s default if NULL. Other
|
|
584
|
+
// signing parameters use |pkey|'s defaults. To customize them, use
|
|
585
|
+
// |X509_REQ_sign_ctx|.
|
|
586
|
+
OPENSSL_EXPORT int X509_REQ_sign(X509_REQ *req, EVP_PKEY *pkey,
|
|
587
|
+
const EVP_MD *md);
|
|
588
|
+
|
|
589
|
+
// X509_REQ_sign_ctx signs |req| with |ctx| and replaces the signature algorithm
|
|
590
|
+
// and signature fields. It returns one on success and zero on error. The
|
|
591
|
+
// signature algorithm and parameters come from |ctx|, which must have been
|
|
592
|
+
// initialized with |EVP_DigestSignInit|. The caller should configure the
|
|
593
|
+
// corresponding |EVP_PKEY_CTX| before calling this function.
|
|
594
|
+
OPENSSL_EXPORT int X509_REQ_sign_ctx(X509_REQ *req, EVP_MD_CTX *ctx);
|
|
595
|
+
|
|
596
|
+
// X509_CRL_sign signs |crl| with |pkey| and replaces the signature algorithm
|
|
597
|
+
// and signature fields. It returns one on success and zero on error. This
|
|
598
|
+
// function uses digest algorithm |md|, or |pkey|'s default if NULL. Other
|
|
599
|
+
// signing parameters use |pkey|'s defaults. To customize them, use
|
|
600
|
+
// |X509_CRL_sign_ctx|.
|
|
601
|
+
OPENSSL_EXPORT int X509_CRL_sign(X509_CRL *crl, EVP_PKEY *pkey,
|
|
602
|
+
const EVP_MD *md);
|
|
603
|
+
|
|
604
|
+
// X509_CRL_sign_ctx signs |crl| with |ctx| and replaces the signature algorithm
|
|
605
|
+
// and signature fields. It returns one on success and zero on error. The
|
|
606
|
+
// signature algorithm and parameters come from |ctx|, which must have been
|
|
607
|
+
// initialized with |EVP_DigestSignInit|. The caller should configure the
|
|
608
|
+
// corresponding |EVP_PKEY_CTX| before calling this function.
|
|
609
|
+
OPENSSL_EXPORT int X509_CRL_sign_ctx(X509_CRL *crl, EVP_MD_CTX *ctx);
|
|
610
|
+
|
|
611
|
+
// NETSCAPE_SPKI_sign signs |spki| with |pkey| and replaces the signature
|
|
612
|
+
// algorithm and signature fields. It returns one on success and zero on error.
|
|
613
|
+
// This function uses digest algorithm |md|, or |pkey|'s default if NULL. Other
|
|
614
|
+
// signing parameters use |pkey|'s defaults.
|
|
615
|
+
OPENSSL_EXPORT int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *spki, EVP_PKEY *pkey,
|
|
616
|
+
const EVP_MD *md);
|
|
617
|
+
|
|
618
|
+
// X509_pubkey_digest hashes the DER encoding of |x509|'s subjectPublicKeyInfo
|
|
619
|
+
// field with |md| and writes the result to |out|. |EVP_MD_CTX_size| bytes are
|
|
620
|
+
// written, which is at most |EVP_MAX_MD_SIZE|. If |out_len| is not NULL,
|
|
621
|
+
// |*out_len| is set to the number of bytes written. This function returns one
|
|
622
|
+
// on success and zero on error.
|
|
623
|
+
OPENSSL_EXPORT int X509_pubkey_digest(const X509 *x509, const EVP_MD *md,
|
|
624
|
+
uint8_t *out, unsigned *out_len);
|
|
625
|
+
|
|
626
|
+
// X509_digest hashes |x509|'s DER encoding with |md| and writes the result to
|
|
627
|
+
// |out|. |EVP_MD_CTX_size| bytes are written, which is at most
|
|
628
|
+
// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
|
|
629
|
+
// of bytes written. This function returns one on success and zero on error.
|
|
630
|
+
// Note this digest covers the entire certificate, not just the signed portion.
|
|
631
|
+
OPENSSL_EXPORT int X509_digest(const X509 *x509, const EVP_MD *md, uint8_t *out,
|
|
632
|
+
unsigned *out_len);
|
|
633
|
+
|
|
634
|
+
// X509_CRL_digest hashes |crl|'s DER encoding with |md| and writes the result
|
|
635
|
+
// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
|
|
636
|
+
// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
|
|
637
|
+
// of bytes written. This function returns one on success and zero on error.
|
|
638
|
+
// Note this digest covers the entire CRL, not just the signed portion.
|
|
639
|
+
OPENSSL_EXPORT int X509_CRL_digest(const X509_CRL *crl, const EVP_MD *md,
|
|
640
|
+
uint8_t *out, unsigned *out_len);
|
|
641
|
+
|
|
642
|
+
// X509_REQ_digest hashes |req|'s DER encoding with |md| and writes the result
|
|
643
|
+
// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
|
|
644
|
+
// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
|
|
645
|
+
// of bytes written. This function returns one on success and zero on error.
|
|
646
|
+
// Note this digest covers the entire certificate request, not just the signed
|
|
647
|
+
// portion.
|
|
648
|
+
OPENSSL_EXPORT int X509_REQ_digest(const X509_REQ *req, const EVP_MD *md,
|
|
649
|
+
uint8_t *out, unsigned *out_len);
|
|
650
|
+
|
|
651
|
+
// X509_NAME_digest hashes |name|'s DER encoding with |md| and writes the result
|
|
652
|
+
// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
|
|
653
|
+
// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
|
|
654
|
+
// of bytes written. This function returns one on success and zero on error.
|
|
655
|
+
OPENSSL_EXPORT int X509_NAME_digest(const X509_NAME *name, const EVP_MD *md,
|
|
656
|
+
uint8_t *out, unsigned *out_len);
|
|
657
|
+
|
|
658
|
+
// X509_parse_from_buffer parses an X.509 structure from |buf| and returns a
|
|
659
|
+
// fresh X509 or NULL on error. There must not be any trailing data in |buf|.
|
|
660
|
+
// The returned structure (if any) holds a reference to |buf| rather than
|
|
661
|
+
// copying parts of it as a normal |d2i_X509| call would do.
|
|
607
662
|
OPENSSL_EXPORT X509 *X509_parse_from_buffer(CRYPTO_BUFFER *buf);
|
|
608
663
|
|
|
609
|
-
#ifndef OPENSSL_NO_FP_API
|
|
610
664
|
OPENSSL_EXPORT X509 *d2i_X509_fp(FILE *fp, X509 **x509);
|
|
611
|
-
OPENSSL_EXPORT int i2d_X509_fp(FILE *fp,X509 *x509);
|
|
612
|
-
OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl);
|
|
613
|
-
OPENSSL_EXPORT int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl);
|
|
614
|
-
OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req);
|
|
615
|
-
OPENSSL_EXPORT int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req);
|
|
616
|
-
OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa);
|
|
617
|
-
OPENSSL_EXPORT int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa);
|
|
618
|
-
OPENSSL_EXPORT RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa);
|
|
619
|
-
OPENSSL_EXPORT int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa);
|
|
620
|
-
OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_fp(FILE *fp,RSA **rsa);
|
|
621
|
-
OPENSSL_EXPORT int i2d_RSA_PUBKEY_fp(FILE *fp,RSA *rsa);
|
|
665
|
+
OPENSSL_EXPORT int i2d_X509_fp(FILE *fp, X509 *x509);
|
|
666
|
+
OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
|
|
667
|
+
OPENSSL_EXPORT int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl);
|
|
668
|
+
OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
|
|
669
|
+
OPENSSL_EXPORT int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req);
|
|
670
|
+
OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
|
|
671
|
+
OPENSSL_EXPORT int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa);
|
|
672
|
+
OPENSSL_EXPORT RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
|
|
673
|
+
OPENSSL_EXPORT int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa);
|
|
674
|
+
OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
|
|
675
|
+
OPENSSL_EXPORT int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa);
|
|
622
676
|
#ifndef OPENSSL_NO_DSA
|
|
623
677
|
OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
|
|
624
678
|
OPENSSL_EXPORT int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
|
|
@@ -626,33 +680,33 @@ OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
|
|
|
626
680
|
OPENSSL_EXPORT int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
|
|
627
681
|
#endif
|
|
628
682
|
OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
|
|
629
|
-
OPENSSL_EXPORT int
|
|
683
|
+
OPENSSL_EXPORT int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
|
|
630
684
|
OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
|
|
631
|
-
OPENSSL_EXPORT int
|
|
632
|
-
OPENSSL_EXPORT X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8);
|
|
633
|
-
OPENSSL_EXPORT int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8);
|
|
634
|
-
OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(
|
|
635
|
-
|
|
636
|
-
OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
|
|
685
|
+
OPENSSL_EXPORT int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
|
|
686
|
+
OPENSSL_EXPORT X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
|
|
687
|
+
OPENSSL_EXPORT int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8);
|
|
688
|
+
OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(
|
|
689
|
+
FILE *fp, PKCS8_PRIV_KEY_INFO **p8inf);
|
|
690
|
+
OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
|
|
691
|
+
PKCS8_PRIV_KEY_INFO *p8inf);
|
|
637
692
|
OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
|
|
638
693
|
OPENSSL_EXPORT int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
|
|
639
694
|
OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
|
|
640
695
|
OPENSSL_EXPORT int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
|
|
641
696
|
OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
|
|
642
|
-
#endif
|
|
643
697
|
|
|
644
|
-
OPENSSL_EXPORT X509 *d2i_X509_bio(BIO *bp,X509 **x509);
|
|
645
|
-
OPENSSL_EXPORT int i2d_X509_bio(BIO *bp,X509 *x509);
|
|
646
|
-
OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl);
|
|
647
|
-
OPENSSL_EXPORT int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl);
|
|
648
|
-
OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req);
|
|
649
|
-
OPENSSL_EXPORT int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req);
|
|
650
|
-
OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa);
|
|
651
|
-
OPENSSL_EXPORT int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa);
|
|
652
|
-
OPENSSL_EXPORT RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa);
|
|
653
|
-
OPENSSL_EXPORT int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa);
|
|
654
|
-
OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_bio(BIO *bp,RSA **rsa);
|
|
655
|
-
OPENSSL_EXPORT int i2d_RSA_PUBKEY_bio(BIO *bp,RSA *rsa);
|
|
698
|
+
OPENSSL_EXPORT X509 *d2i_X509_bio(BIO *bp, X509 **x509);
|
|
699
|
+
OPENSSL_EXPORT int i2d_X509_bio(BIO *bp, X509 *x509);
|
|
700
|
+
OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl);
|
|
701
|
+
OPENSSL_EXPORT int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl);
|
|
702
|
+
OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req);
|
|
703
|
+
OPENSSL_EXPORT int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req);
|
|
704
|
+
OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa);
|
|
705
|
+
OPENSSL_EXPORT int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa);
|
|
706
|
+
OPENSSL_EXPORT RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa);
|
|
707
|
+
OPENSSL_EXPORT int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa);
|
|
708
|
+
OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa);
|
|
709
|
+
OPENSSL_EXPORT int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa);
|
|
656
710
|
#ifndef OPENSSL_NO_DSA
|
|
657
711
|
OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
|
|
658
712
|
OPENSSL_EXPORT int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
|
|
@@ -660,14 +714,15 @@ OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
|
|
|
660
714
|
OPENSSL_EXPORT int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
|
|
661
715
|
#endif
|
|
662
716
|
OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
|
|
663
|
-
OPENSSL_EXPORT int
|
|
717
|
+
OPENSSL_EXPORT int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey);
|
|
664
718
|
OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
|
|
665
|
-
OPENSSL_EXPORT int
|
|
666
|
-
OPENSSL_EXPORT X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8);
|
|
667
|
-
OPENSSL_EXPORT int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8);
|
|
668
|
-
OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(
|
|
669
|
-
|
|
670
|
-
OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
|
|
719
|
+
OPENSSL_EXPORT int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey);
|
|
720
|
+
OPENSSL_EXPORT X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8);
|
|
721
|
+
OPENSSL_EXPORT int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8);
|
|
722
|
+
OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(
|
|
723
|
+
BIO *bp, PKCS8_PRIV_KEY_INFO **p8inf);
|
|
724
|
+
OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
|
|
725
|
+
PKCS8_PRIV_KEY_INFO *p8inf);
|
|
671
726
|
OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key);
|
|
672
727
|
OPENSSL_EXPORT int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey);
|
|
673
728
|
OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
|
|
@@ -683,11 +738,54 @@ OPENSSL_EXPORT X509_CRL *X509_CRL_dup(X509_CRL *crl);
|
|
|
683
738
|
OPENSSL_EXPORT X509_REVOKED *X509_REVOKED_dup(X509_REVOKED *rev);
|
|
684
739
|
OPENSSL_EXPORT X509_REQ *X509_REQ_dup(X509_REQ *req);
|
|
685
740
|
OPENSSL_EXPORT X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
|
|
686
|
-
|
|
687
|
-
|
|
688
|
-
|
|
689
|
-
|
|
741
|
+
|
|
742
|
+
// X509_ALGOR_set0 sets |alg| to an AlgorithmIdentifier with algorithm |obj| and
|
|
743
|
+
// parameter determined by |param_type| and |param_value|. It returns one on
|
|
744
|
+
// success and zero on error. This function takes ownership of |obj| and
|
|
745
|
+
// |param_value| on success.
|
|
746
|
+
//
|
|
747
|
+
// If |param_type| is |V_ASN1_UNDEF|, the parameter is omitted. If |param_type|
|
|
748
|
+
// is zero, the parameter is left unchanged. Otherwise, |param_type| and
|
|
749
|
+
// |param_value| are interpreted as in |ASN1_TYPE_set|.
|
|
750
|
+
//
|
|
751
|
+
// Note omitting the parameter (|V_ASN1_UNDEF|) and encoding an explicit NULL
|
|
752
|
+
// value (|V_ASN1_NULL|) are different. Some algorithms require one and some the
|
|
753
|
+
// other. Consult the relevant specification before calling this function. The
|
|
754
|
+
// correct parameter for an RSASSA-PKCS1-v1_5 signature is |V_ASN1_NULL|. The
|
|
755
|
+
// correct one for an ECDSA or Ed25519 signature is |V_ASN1_UNDEF|.
|
|
756
|
+
OPENSSL_EXPORT int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *obj,
|
|
757
|
+
int param_type, void *param_value);
|
|
758
|
+
|
|
759
|
+
// X509_ALGOR_get0 sets |*out_obj| to the |alg|'s algorithm. If |alg|'s
|
|
760
|
+
// parameter is omitted, it sets |*out_param_type| and |*out_param_value| to
|
|
761
|
+
// |V_ASN1_UNDEF| and NULL. Otherwise, it sets |*out_param_type| and
|
|
762
|
+
// |*out_param_value| to the parameter, using the same representation as
|
|
763
|
+
// |ASN1_TYPE_set0|. See |ASN1_TYPE_set0| and |ASN1_TYPE| for details.
|
|
764
|
+
//
|
|
765
|
+
// Callers that require the parameter in serialized form should, after checking
|
|
766
|
+
// for |V_ASN1_UNDEF|, use |ASN1_TYPE_set1| and |d2i_ASN1_TYPE|, rather than
|
|
767
|
+
// inspecting |*out_param_value|.
|
|
768
|
+
//
|
|
769
|
+
// Each of |out_obj|, |out_param_type|, and |out_param_value| may be NULL to
|
|
770
|
+
// ignore the output. If |out_param_type| is NULL, |out_param_value| is ignored.
|
|
771
|
+
//
|
|
772
|
+
// WARNING: If |*out_param_type| is set to |V_ASN1_UNDEF|, OpenSSL and older
|
|
773
|
+
// revisions of BoringSSL leave |*out_param_value| unset rather than setting it
|
|
774
|
+
// to NULL. Callers that support both OpenSSL and BoringSSL should not assume
|
|
775
|
+
// |*out_param_value| is uniformly initialized.
|
|
776
|
+
OPENSSL_EXPORT void X509_ALGOR_get0(const ASN1_OBJECT **out_obj,
|
|
777
|
+
int *out_param_type,
|
|
778
|
+
const void **out_param_value,
|
|
779
|
+
const X509_ALGOR *alg);
|
|
780
|
+
|
|
781
|
+
// X509_ALGOR_set_md sets |alg| to the hash function |md|. Note this
|
|
782
|
+
// AlgorithmIdentifier represents the hash function itself, not a signature
|
|
783
|
+
// algorithm that uses |md|.
|
|
690
784
|
OPENSSL_EXPORT void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
|
|
785
|
+
|
|
786
|
+
// X509_ALGOR_cmp returns zero if |a| and |b| are equal, and some non-zero value
|
|
787
|
+
// otherwise. Note this function can only be used for equality checks, not an
|
|
788
|
+
// ordering.
|
|
691
789
|
OPENSSL_EXPORT int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
|
|
692
790
|
|
|
693
791
|
OPENSSL_EXPORT X509_NAME *X509_NAME_dup(X509_NAME *xn);
|
|
@@ -697,50 +795,67 @@ OPENSSL_EXPORT int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne);
|
|
|
697
795
|
OPENSSL_EXPORT int X509_NAME_get0_der(X509_NAME *nm, const unsigned char **pder,
|
|
698
796
|
size_t *pderlen);
|
|
699
797
|
|
|
700
|
-
|
|
701
|
-
|
|
702
|
-
|
|
703
|
-
|
|
704
|
-
|
|
705
|
-
|
|
706
|
-
OPENSSL_EXPORT const
|
|
707
|
-
|
|
708
|
-
|
|
709
|
-
|
|
710
|
-
OPENSSL_EXPORT const
|
|
711
|
-
|
|
712
|
-
|
|
713
|
-
OPENSSL_EXPORT
|
|
714
|
-
|
|
798
|
+
// X509_cmp_time compares |s| against |*t|. On success, it returns a negative
|
|
799
|
+
// number if |s| <= |*t| and a positive number if |s| > |*t|. On error, it
|
|
800
|
+
// returns zero. If |t| is NULL, it uses the current time instead of |*t|.
|
|
801
|
+
//
|
|
802
|
+
// WARNING: Unlike most comparison functions, this function returns zero on
|
|
803
|
+
// error, not equality.
|
|
804
|
+
OPENSSL_EXPORT int X509_cmp_time(const ASN1_TIME *s, time_t *t);
|
|
805
|
+
|
|
806
|
+
// X509_cmp_current_time behaves like |X509_cmp_time| but compares |s| against
|
|
807
|
+
// the current time.
|
|
808
|
+
OPENSSL_EXPORT int X509_cmp_current_time(const ASN1_TIME *s);
|
|
809
|
+
|
|
810
|
+
// X509_time_adj calls |X509_time_adj_ex| with |offset_day| equal to zero.
|
|
811
|
+
OPENSSL_EXPORT ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec,
|
|
812
|
+
time_t *t);
|
|
813
|
+
|
|
814
|
+
// X509_time_adj_ex behaves like |ASN1_TIME_adj|, but adds an offset to |*t|. If
|
|
815
|
+
// |t| is NULL, it uses the current time instead of |*t|.
|
|
816
|
+
OPENSSL_EXPORT ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s, int offset_day,
|
|
817
|
+
long offset_sec, time_t *t);
|
|
818
|
+
|
|
819
|
+
// X509_gmtime_adj behaves like |X509_time_adj_ex| but adds |offset_sec| to the
|
|
820
|
+
// current time.
|
|
821
|
+
OPENSSL_EXPORT ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long offset_sec);
|
|
822
|
+
|
|
823
|
+
OPENSSL_EXPORT const char *X509_get_default_cert_area(void);
|
|
824
|
+
OPENSSL_EXPORT const char *X509_get_default_cert_dir(void);
|
|
825
|
+
OPENSSL_EXPORT const char *X509_get_default_cert_file(void);
|
|
826
|
+
OPENSSL_EXPORT const char *X509_get_default_cert_dir_env(void);
|
|
827
|
+
OPENSSL_EXPORT const char *X509_get_default_cert_file_env(void);
|
|
828
|
+
OPENSSL_EXPORT const char *X509_get_default_private_dir(void);
|
|
829
|
+
|
|
830
|
+
OPENSSL_EXPORT X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey,
|
|
831
|
+
const EVP_MD *md);
|
|
715
832
|
|
|
716
833
|
DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
|
|
717
|
-
DECLARE_ASN1_FUNCTIONS(X509_VAL)
|
|
718
834
|
|
|
719
835
|
DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
|
|
720
836
|
|
|
721
|
-
|
|
722
|
-
|
|
723
|
-
|
|
724
|
-
OPENSSL_EXPORT
|
|
725
|
-
|
|
726
|
-
|
|
727
|
-
|
|
728
|
-
|
|
729
|
-
|
|
730
|
-
OPENSSL_EXPORT
|
|
731
|
-
OPENSSL_EXPORT DSA * d2i_DSA_PUBKEY(DSA **a,const unsigned char **pp,
|
|
732
|
-
long length);
|
|
733
|
-
#endif
|
|
734
|
-
OPENSSL_EXPORT int i2d_EC_PUBKEY(const EC_KEY *a, unsigned char **pp);
|
|
735
|
-
OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp,
|
|
736
|
-
long length);
|
|
837
|
+
// X509_PUBKEY_set serializes |pkey| into a newly-allocated |X509_PUBKEY|
|
|
838
|
+
// structure. On success, it frees |*x|, sets |*x| to the new object, and
|
|
839
|
+
// returns one. Otherwise, it returns zero.
|
|
840
|
+
OPENSSL_EXPORT int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
|
|
841
|
+
|
|
842
|
+
// X509_PUBKEY_get decodes the public key in |key| and returns an |EVP_PKEY| on
|
|
843
|
+
// success, or NULL on error. The caller must release the result with
|
|
844
|
+
// |EVP_PKEY_free| when done. The |EVP_PKEY| is cached in |key|, so callers must
|
|
845
|
+
// not mutate the result.
|
|
846
|
+
OPENSSL_EXPORT EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
|
|
737
847
|
|
|
738
848
|
DECLARE_ASN1_FUNCTIONS(X509_SIG)
|
|
739
|
-
DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
|
|
740
849
|
DECLARE_ASN1_FUNCTIONS(X509_REQ)
|
|
741
850
|
|
|
742
851
|
DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
|
|
743
|
-
|
|
852
|
+
|
|
853
|
+
// X509_ATTRIBUTE_create returns a newly-allocated |X509_ATTRIBUTE|, or NULL on
|
|
854
|
+
// error. The attribute has type |nid| and contains a single value determined by
|
|
855
|
+
// |attrtype| and |value|, which are interpreted as in |ASN1_TYPE_set|. Note
|
|
856
|
+
// this function takes ownership of |value|.
|
|
857
|
+
OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int attrtype,
|
|
858
|
+
void *value);
|
|
744
859
|
|
|
745
860
|
DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
|
|
746
861
|
DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
|
|
@@ -749,34 +864,84 @@ DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
|
|
|
749
864
|
|
|
750
865
|
DECLARE_ASN1_FUNCTIONS(X509_NAME)
|
|
751
866
|
|
|
752
|
-
|
|
753
|
-
|
|
754
|
-
|
|
867
|
+
// X509_NAME_set makes a copy of |name|. On success, it frees |*xn|, sets |*xn|
|
|
868
|
+
// to the copy, and returns one. Otherwise, it returns zero.
|
|
869
|
+
OPENSSL_EXPORT int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
|
|
755
870
|
|
|
756
871
|
DECLARE_ASN1_FUNCTIONS(X509)
|
|
757
872
|
DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
|
|
758
873
|
|
|
759
|
-
|
|
760
|
-
OPENSSL_EXPORT int X509_up_ref(X509 *
|
|
874
|
+
// X509_up_ref adds one to the reference count of |x509| and returns one.
|
|
875
|
+
OPENSSL_EXPORT int X509_up_ref(X509 *x509);
|
|
761
876
|
|
|
762
|
-
OPENSSL_EXPORT int X509_get_ex_new_index(long argl, void *argp,
|
|
763
|
-
|
|
877
|
+
OPENSSL_EXPORT int X509_get_ex_new_index(long argl, void *argp,
|
|
878
|
+
CRYPTO_EX_unused *unused,
|
|
879
|
+
CRYPTO_EX_dup *dup_unused,
|
|
880
|
+
CRYPTO_EX_free *free_func);
|
|
764
881
|
OPENSSL_EXPORT int X509_set_ex_data(X509 *r, int idx, void *arg);
|
|
765
882
|
OPENSSL_EXPORT void *X509_get_ex_data(X509 *r, int idx);
|
|
766
|
-
OPENSSL_EXPORT int
|
|
767
|
-
OPENSSL_EXPORT X509 *
|
|
768
|
-
|
|
769
|
-
|
|
770
|
-
|
|
771
|
-
|
|
772
|
-
|
|
773
|
-
|
|
774
|
-
|
|
775
|
-
|
|
776
|
-
OPENSSL_EXPORT int
|
|
777
|
-
|
|
778
|
-
|
|
779
|
-
|
|
883
|
+
OPENSSL_EXPORT int i2d_X509_AUX(X509 *a, unsigned char **pp);
|
|
884
|
+
OPENSSL_EXPORT X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp,
|
|
885
|
+
long length);
|
|
886
|
+
|
|
887
|
+
// i2d_re_X509_tbs serializes the TBSCertificate portion of |x509|, as described
|
|
888
|
+
// in |i2d_SAMPLE|.
|
|
889
|
+
//
|
|
890
|
+
// This function re-encodes the TBSCertificate and may not reflect |x509|'s
|
|
891
|
+
// original encoding. It may be used to manually generate a signature for a new
|
|
892
|
+
// certificate. To verify certificates, use |i2d_X509_tbs| instead.
|
|
893
|
+
OPENSSL_EXPORT int i2d_re_X509_tbs(X509 *x509, unsigned char **outp);
|
|
894
|
+
|
|
895
|
+
// i2d_X509_tbs serializes the TBSCertificate portion of |x509|, as described in
|
|
896
|
+
// |i2d_SAMPLE|.
|
|
897
|
+
//
|
|
898
|
+
// This function preserves the original encoding of the TBSCertificate and may
|
|
899
|
+
// not reflect modifications made to |x509|. It may be used to manually verify
|
|
900
|
+
// the signature of an existing certificate. To generate certificates, use
|
|
901
|
+
// |i2d_re_X509_tbs| instead.
|
|
902
|
+
OPENSSL_EXPORT int i2d_X509_tbs(X509 *x509, unsigned char **outp);
|
|
903
|
+
|
|
904
|
+
// X509_set1_signature_algo sets |x509|'s signature algorithm to |algo| and
|
|
905
|
+
// returns one on success or zero on error. It updates both the signature field
|
|
906
|
+
// of the TBSCertificate structure, and the signatureAlgorithm field of the
|
|
907
|
+
// Certificate.
|
|
908
|
+
OPENSSL_EXPORT int X509_set1_signature_algo(X509 *x509, const X509_ALGOR *algo);
|
|
909
|
+
|
|
910
|
+
// X509_set1_signature_value sets |x509|'s signature to a copy of the |sig_len|
|
|
911
|
+
// bytes pointed by |sig|. It returns one on success and zero on error.
|
|
912
|
+
//
|
|
913
|
+
// Due to a specification error, X.509 certificates store signatures in ASN.1
|
|
914
|
+
// BIT STRINGs, but signature algorithms return byte strings rather than bit
|
|
915
|
+
// strings. This function creates a BIT STRING containing a whole number of
|
|
916
|
+
// bytes, with the bit order matching the DER encoding. This matches the
|
|
917
|
+
// encoding used by all X.509 signature algorithms.
|
|
918
|
+
OPENSSL_EXPORT int X509_set1_signature_value(X509 *x509, const uint8_t *sig,
|
|
919
|
+
size_t sig_len);
|
|
920
|
+
|
|
921
|
+
// X509_get0_signature sets |*out_sig| and |*out_alg| to the signature and
|
|
922
|
+
// signature algorithm of |x509|, respectively. Either output pointer may be
|
|
923
|
+
// NULL to ignore the value.
|
|
924
|
+
//
|
|
925
|
+
// This function outputs the outer signature algorithm. For the one in the
|
|
926
|
+
// TBSCertificate, see |X509_get0_tbs_sigalg|. Certificates with mismatched
|
|
927
|
+
// signature algorithms will successfully parse, but they will be rejected when
|
|
928
|
+
// verifying.
|
|
929
|
+
OPENSSL_EXPORT void X509_get0_signature(const ASN1_BIT_STRING **out_sig,
|
|
930
|
+
const X509_ALGOR **out_alg,
|
|
931
|
+
const X509 *x509);
|
|
932
|
+
|
|
933
|
+
// X509_get_signature_nid returns the NID corresponding to |x509|'s signature
|
|
934
|
+
// algorithm, or |NID_undef| if the signature algorithm does not correspond to
|
|
935
|
+
// a known NID.
|
|
936
|
+
OPENSSL_EXPORT int X509_get_signature_nid(const X509 *x509);
|
|
937
|
+
|
|
938
|
+
OPENSSL_EXPORT int X509_alias_set1(X509 *x, const unsigned char *name, int len);
|
|
939
|
+
OPENSSL_EXPORT int X509_keyid_set1(X509 *x, const unsigned char *id, int len);
|
|
940
|
+
OPENSSL_EXPORT unsigned char *X509_alias_get0(X509 *x, int *len);
|
|
941
|
+
OPENSSL_EXPORT unsigned char *X509_keyid_get0(X509 *x, int *len);
|
|
942
|
+
OPENSSL_EXPORT int (*X509_TRUST_set_default(int (*trust)(int, X509 *,
|
|
943
|
+
int)))(int, X509 *,
|
|
944
|
+
int);
|
|
780
945
|
OPENSSL_EXPORT int X509_TRUST_set(int *t, int trust);
|
|
781
946
|
OPENSSL_EXPORT int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
|
|
782
947
|
OPENSSL_EXPORT int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
|
|
@@ -784,348 +949,1394 @@ OPENSSL_EXPORT void X509_trust_clear(X509 *x);
|
|
|
784
949
|
OPENSSL_EXPORT void X509_reject_clear(X509 *x);
|
|
785
950
|
|
|
786
951
|
DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
|
|
787
|
-
DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
|
|
788
952
|
DECLARE_ASN1_FUNCTIONS(X509_CRL)
|
|
789
953
|
|
|
790
954
|
OPENSSL_EXPORT int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
|
|
791
|
-
OPENSSL_EXPORT int X509_CRL_get0_by_serial(X509_CRL *crl,
|
|
792
|
-
|
|
793
|
-
OPENSSL_EXPORT int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret,
|
|
955
|
+
OPENSSL_EXPORT int X509_CRL_get0_by_serial(X509_CRL *crl, X509_REVOKED **ret,
|
|
956
|
+
ASN1_INTEGER *serial);
|
|
957
|
+
OPENSSL_EXPORT int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret,
|
|
958
|
+
X509 *x);
|
|
794
959
|
|
|
795
|
-
OPENSSL_EXPORT X509_PKEY *
|
|
796
|
-
OPENSSL_EXPORT void
|
|
960
|
+
OPENSSL_EXPORT X509_PKEY *X509_PKEY_new(void);
|
|
961
|
+
OPENSSL_EXPORT void X509_PKEY_free(X509_PKEY *a);
|
|
797
962
|
|
|
798
963
|
DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
|
|
799
964
|
DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
|
|
800
965
|
|
|
801
|
-
|
|
802
|
-
OPENSSL_EXPORT X509_INFO *
|
|
803
|
-
OPENSSL_EXPORT
|
|
804
|
-
|
|
966
|
+
OPENSSL_EXPORT X509_INFO *X509_INFO_new(void);
|
|
967
|
+
OPENSSL_EXPORT void X509_INFO_free(X509_INFO *a);
|
|
968
|
+
OPENSSL_EXPORT char *X509_NAME_oneline(const X509_NAME *a, char *buf, int size);
|
|
969
|
+
|
|
970
|
+
OPENSSL_EXPORT int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
|
|
971
|
+
unsigned char *md, unsigned int *len);
|
|
972
|
+
|
|
973
|
+
OPENSSL_EXPORT int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type,
|
|
974
|
+
void *data, unsigned char *md,
|
|
975
|
+
unsigned int *len);
|
|
976
|
+
|
|
977
|
+
OPENSSL_EXPORT int ASN1_item_verify(const ASN1_ITEM *it,
|
|
978
|
+
const X509_ALGOR *algor1,
|
|
979
|
+
const ASN1_BIT_STRING *signature,
|
|
980
|
+
void *data, EVP_PKEY *pkey);
|
|
981
|
+
|
|
982
|
+
OPENSSL_EXPORT int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
|
|
983
|
+
X509_ALGOR *algor2,
|
|
984
|
+
ASN1_BIT_STRING *signature, void *data,
|
|
985
|
+
EVP_PKEY *pkey, const EVP_MD *type);
|
|
986
|
+
OPENSSL_EXPORT int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
|
|
987
|
+
X509_ALGOR *algor2,
|
|
988
|
+
ASN1_BIT_STRING *signature, void *asn,
|
|
989
|
+
EVP_MD_CTX *ctx);
|
|
990
|
+
|
|
991
|
+
// X509_get_serialNumber returns a mutable pointer to |x509|'s serial number.
|
|
992
|
+
// Prefer |X509_get0_serialNumber|.
|
|
993
|
+
OPENSSL_EXPORT ASN1_INTEGER *X509_get_serialNumber(X509 *x509);
|
|
994
|
+
|
|
995
|
+
// X509_set_issuer_name sets |x509|'s issuer to a copy of |name|. It returns one
|
|
996
|
+
// on success and zero on error.
|
|
997
|
+
OPENSSL_EXPORT int X509_set_issuer_name(X509 *x509, X509_NAME *name);
|
|
998
|
+
|
|
999
|
+
// X509_get_issuer_name returns |x509|'s issuer.
|
|
1000
|
+
OPENSSL_EXPORT X509_NAME *X509_get_issuer_name(const X509 *x509);
|
|
1001
|
+
|
|
1002
|
+
// X509_set_subject_name sets |x509|'s subject to a copy of |name|. It returns
|
|
1003
|
+
// one on success and zero on error.
|
|
1004
|
+
OPENSSL_EXPORT int X509_set_subject_name(X509 *x509, X509_NAME *name);
|
|
1005
|
+
|
|
1006
|
+
// X509_get_issuer_name returns |x509|'s subject.
|
|
1007
|
+
OPENSSL_EXPORT X509_NAME *X509_get_subject_name(const X509 *x509);
|
|
1008
|
+
|
|
1009
|
+
// X509_set_pubkey sets |x509|'s public key to |pkey|. It returns one on success
|
|
1010
|
+
// and zero on error. This function does not take ownership of |pkey| and
|
|
1011
|
+
// internally copies and updates reference counts as needed.
|
|
1012
|
+
OPENSSL_EXPORT int X509_set_pubkey(X509 *x509, EVP_PKEY *pkey);
|
|
1013
|
+
|
|
1014
|
+
// X509_get_pubkey returns |x509|'s public key as an |EVP_PKEY|, or NULL if the
|
|
1015
|
+
// public key was unsupported or could not be decoded. This function returns a
|
|
1016
|
+
// reference to the |EVP_PKEY|. The caller must release the result with
|
|
1017
|
+
// |EVP_PKEY_free| when done.
|
|
1018
|
+
OPENSSL_EXPORT EVP_PKEY *X509_get_pubkey(X509 *x509);
|
|
1019
|
+
|
|
1020
|
+
// X509_get0_pubkey_bitstr returns the BIT STRING portion of |x509|'s public
|
|
1021
|
+
// key. Note this does not contain the AlgorithmIdentifier portion.
|
|
1022
|
+
//
|
|
1023
|
+
// WARNING: This function returns a non-const pointer for OpenSSL compatibility,
|
|
1024
|
+
// but the caller must not modify the resulting object. Doing so will break
|
|
1025
|
+
// internal invariants in |x509|.
|
|
1026
|
+
OPENSSL_EXPORT ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x509);
|
|
1027
|
+
|
|
1028
|
+
// X509_get0_extensions returns |x509|'s extension list, or NULL if |x509| omits
|
|
1029
|
+
// it.
|
|
1030
|
+
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_get0_extensions(
|
|
1031
|
+
const X509 *x509);
|
|
1032
|
+
|
|
1033
|
+
// X509_get0_tbs_sigalg returns the signature algorithm in |x509|'s
|
|
1034
|
+
// TBSCertificate. For the outer signature algorithm, see |X509_get0_signature|.
|
|
1035
|
+
//
|
|
1036
|
+
// Certificates with mismatched signature algorithms will successfully parse,
|
|
1037
|
+
// but they will be rejected when verifying.
|
|
1038
|
+
OPENSSL_EXPORT const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x509);
|
|
1039
|
+
|
|
1040
|
+
// X509_REQ_set_version sets |req|'s version to |version|, which should be
|
|
1041
|
+
// |X509_REQ_VERSION_1|. It returns one on success and zero on error.
|
|
1042
|
+
//
|
|
1043
|
+
// Note no versions other than |X509_REQ_VERSION_1| are defined for CSRs.
|
|
1044
|
+
OPENSSL_EXPORT int X509_REQ_set_version(X509_REQ *req, long version);
|
|
1045
|
+
|
|
1046
|
+
// X509_REQ_set_subject_name sets |req|'s subject to a copy of |name|. It
|
|
1047
|
+
// returns one on success and zero on error.
|
|
1048
|
+
OPENSSL_EXPORT int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
|
|
1049
|
+
|
|
1050
|
+
// X509_REQ_get0_signature sets |*out_sig| and |*out_alg| to the signature and
|
|
1051
|
+
// signature algorithm of |req|, respectively. Either output pointer may be NULL
|
|
1052
|
+
// to ignore the value.
|
|
1053
|
+
OPENSSL_EXPORT void X509_REQ_get0_signature(const X509_REQ *req,
|
|
1054
|
+
const ASN1_BIT_STRING **out_sig,
|
|
1055
|
+
const X509_ALGOR **out_alg);
|
|
805
1056
|
|
|
806
|
-
|
|
807
|
-
|
|
1057
|
+
// X509_REQ_get_signature_nid returns the NID corresponding to |req|'s signature
|
|
1058
|
+
// algorithm, or |NID_undef| if the signature algorithm does not correspond to
|
|
1059
|
+
// a known NID.
|
|
1060
|
+
OPENSSL_EXPORT int X509_REQ_get_signature_nid(const X509_REQ *req);
|
|
808
1061
|
|
|
809
|
-
|
|
810
|
-
|
|
1062
|
+
// i2d_re_X509_REQ_tbs serializes the CertificationRequestInfo (see RFC 2986)
|
|
1063
|
+
// portion of |req|, as described in |i2d_SAMPLE|.
|
|
1064
|
+
//
|
|
1065
|
+
// This function re-encodes the CertificationRequestInfo and may not reflect
|
|
1066
|
+
// |req|'s original encoding. It may be used to manually generate a signature
|
|
1067
|
+
// for a new certificate request.
|
|
1068
|
+
OPENSSL_EXPORT int i2d_re_X509_REQ_tbs(X509_REQ *req, uint8_t **outp);
|
|
1069
|
+
|
|
1070
|
+
// X509_REQ_set_pubkey sets |req|'s public key to |pkey|. It returns one on
|
|
1071
|
+
// success and zero on error. This function does not take ownership of |pkey|
|
|
1072
|
+
// and internally copies and updates reference counts as needed.
|
|
1073
|
+
OPENSSL_EXPORT int X509_REQ_set_pubkey(X509_REQ *req, EVP_PKEY *pkey);
|
|
1074
|
+
|
|
1075
|
+
// X509_REQ_get_pubkey returns |req|'s public key as an |EVP_PKEY|, or NULL if
|
|
1076
|
+
// the public key was unsupported or could not be decoded. This function returns
|
|
1077
|
+
// a reference to the |EVP_PKEY|. The caller must release the result with
|
|
1078
|
+
// |EVP_PKEY_free| when done.
|
|
1079
|
+
OPENSSL_EXPORT EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
|
|
1080
|
+
|
|
1081
|
+
// X509_REQ_extension_nid returns one if |nid| is a supported CSR attribute type
|
|
1082
|
+
// for carrying extensions and zero otherwise. The supported types are
|
|
1083
|
+
// |NID_ext_req| (pkcs-9-at-extensionRequest from RFC 2985) and |NID_ms_ext_req|
|
|
1084
|
+
// (a Microsoft szOID_CERT_EXTENSIONS variant).
|
|
1085
|
+
OPENSSL_EXPORT int X509_REQ_extension_nid(int nid);
|
|
1086
|
+
|
|
1087
|
+
// X509_REQ_get_extensions decodes the list of requested extensions in |req| and
|
|
1088
|
+
// returns a newly-allocated |STACK_OF(X509_EXTENSION)| containing the result.
|
|
1089
|
+
// It returns NULL on error, or if |req| did not request extensions.
|
|
1090
|
+
//
|
|
1091
|
+
// This function supports both pkcs-9-at-extensionRequest from RFC 2985 and the
|
|
1092
|
+
// Microsoft szOID_CERT_EXTENSIONS variant.
|
|
1093
|
+
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
|
|
811
1094
|
|
|
812
|
-
|
|
813
|
-
|
|
1095
|
+
// X509_REQ_add_extensions_nid adds an attribute to |req| of type |nid|, to
|
|
1096
|
+
// request the certificate extensions in |exts|. It returns one on success and
|
|
1097
|
+
// zero on error. |nid| should be |NID_ext_req| or |NID_ms_ext_req|.
|
|
1098
|
+
OPENSSL_EXPORT int X509_REQ_add_extensions_nid(
|
|
1099
|
+
X509_REQ *req, const STACK_OF(X509_EXTENSION) *exts, int nid);
|
|
814
1100
|
|
|
815
|
-
|
|
816
|
-
|
|
817
|
-
|
|
818
|
-
|
|
819
|
-
X509_ALGOR *algor1, X509_ALGOR *algor2,
|
|
820
|
-
ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx);
|
|
821
|
-
#endif
|
|
1101
|
+
// X509_REQ_add_extensions behaves like |X509_REQ_add_extensions_nid|, using the
|
|
1102
|
+
// standard |NID_ext_req| for the attribute type.
|
|
1103
|
+
OPENSSL_EXPORT int X509_REQ_add_extensions(
|
|
1104
|
+
X509_REQ *req, const STACK_OF(X509_EXTENSION) *exts);
|
|
822
1105
|
|
|
823
|
-
|
|
824
|
-
OPENSSL_EXPORT int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
|
|
825
|
-
OPENSSL_EXPORT ASN1_INTEGER * X509_get_serialNumber(X509 *x);
|
|
826
|
-
OPENSSL_EXPORT int X509_set_issuer_name(X509 *x, X509_NAME *name);
|
|
827
|
-
OPENSSL_EXPORT X509_NAME * X509_get_issuer_name(X509 *a);
|
|
828
|
-
OPENSSL_EXPORT int X509_set_subject_name(X509 *x, X509_NAME *name);
|
|
829
|
-
OPENSSL_EXPORT X509_NAME * X509_get_subject_name(X509 *a);
|
|
830
|
-
OPENSSL_EXPORT int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
|
|
831
|
-
OPENSSL_EXPORT const ASN1_TIME *X509_get0_notBefore(const X509 *x);
|
|
832
|
-
OPENSSL_EXPORT ASN1_TIME *X509_getm_notBefore(X509 *x);
|
|
833
|
-
OPENSSL_EXPORT int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
|
|
834
|
-
OPENSSL_EXPORT const ASN1_TIME *X509_get0_notAfter(const X509 *x);
|
|
835
|
-
OPENSSL_EXPORT ASN1_TIME *X509_getm_notAfter(X509 *x);
|
|
836
|
-
OPENSSL_EXPORT int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
|
|
837
|
-
OPENSSL_EXPORT EVP_PKEY * X509_get_pubkey(X509 *x);
|
|
838
|
-
OPENSSL_EXPORT ASN1_BIT_STRING * X509_get0_pubkey_bitstr(const X509 *x);
|
|
839
|
-
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
|
|
840
|
-
OPENSSL_EXPORT const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
|
|
841
|
-
|
|
842
|
-
OPENSSL_EXPORT int X509_REQ_set_version(X509_REQ *x,long version);
|
|
843
|
-
OPENSSL_EXPORT int X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name);
|
|
844
|
-
OPENSSL_EXPORT void X509_REQ_get0_signature(const X509_REQ *req,
|
|
845
|
-
const ASN1_BIT_STRING **psig,
|
|
846
|
-
const X509_ALGOR **palg);
|
|
847
|
-
OPENSSL_EXPORT int X509_REQ_get_signature_nid(const X509_REQ *req);
|
|
848
|
-
OPENSSL_EXPORT int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp);
|
|
849
|
-
OPENSSL_EXPORT int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
|
|
850
|
-
OPENSSL_EXPORT EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req);
|
|
851
|
-
OPENSSL_EXPORT int X509_REQ_extension_nid(int nid);
|
|
852
|
-
OPENSSL_EXPORT const int * X509_REQ_get_extension_nids(void);
|
|
853
|
-
OPENSSL_EXPORT void X509_REQ_set_extension_nids(const int *nids);
|
|
854
|
-
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
|
|
855
|
-
OPENSSL_EXPORT int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
|
|
856
|
-
int nid);
|
|
857
|
-
OPENSSL_EXPORT int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
|
|
1106
|
+
// X509_REQ_get_attr_count returns the number of attributes in |req|.
|
|
858
1107
|
OPENSSL_EXPORT int X509_REQ_get_attr_count(const X509_REQ *req);
|
|
1108
|
+
|
|
1109
|
+
// X509_REQ_get_attr_by_NID returns the index of the attribute in |req| of type
|
|
1110
|
+
// |nid|, or a negative number if not found. If found, callers can use
|
|
1111
|
+
// |X509_REQ_get_attr| to look up the attribute by index.
|
|
1112
|
+
//
|
|
1113
|
+
// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
|
|
1114
|
+
// can thus loop over all matching attributes by first passing -1 and then
|
|
1115
|
+
// passing the previously-returned value until no match is returned.
|
|
859
1116
|
OPENSSL_EXPORT int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
|
|
860
|
-
|
|
861
|
-
|
|
862
|
-
|
|
1117
|
+
int lastpos);
|
|
1118
|
+
|
|
1119
|
+
// X509_REQ_get_attr_by_OBJ behaves like |X509_REQ_get_attr_by_NID| but looks
|
|
1120
|
+
// for attributes of type |obj|.
|
|
1121
|
+
OPENSSL_EXPORT int X509_REQ_get_attr_by_OBJ(const X509_REQ *req,
|
|
1122
|
+
const ASN1_OBJECT *obj,
|
|
1123
|
+
int lastpos);
|
|
1124
|
+
|
|
1125
|
+
// X509_REQ_get_attr returns the attribute at index |loc| in |req|, or NULL if
|
|
1126
|
+
// out of bounds.
|
|
863
1127
|
OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
|
|
1128
|
+
|
|
1129
|
+
// X509_REQ_delete_attr removes the attribute at index |loc| in |req|. It
|
|
1130
|
+
// returns the removed attribute to the caller, or NULL if |loc| was out of
|
|
1131
|
+
// bounds. If non-NULL, the caller must release the result with
|
|
1132
|
+
// |X509_ATTRIBUTE_free| when done. It is also safe, but not necessary, to call
|
|
1133
|
+
// |X509_ATTRIBUTE_free| if the result is NULL.
|
|
864
1134
|
OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
|
|
1135
|
+
|
|
1136
|
+
// X509_REQ_add1_attr appends a copy of |attr| to |req|'s list of attributes. It
|
|
1137
|
+
// returns one on success and zero on error.
|
|
1138
|
+
//
|
|
1139
|
+
// TODO(https://crbug.com/boringssl/407): |attr| should be const.
|
|
865
1140
|
OPENSSL_EXPORT int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
|
|
1141
|
+
|
|
1142
|
+
// X509_REQ_add1_attr_by_OBJ appends a new attribute to |req| with type |obj|.
|
|
1143
|
+
// It returns one on success and zero on error. The value is determined by
|
|
1144
|
+
// |X509_ATTRIBUTE_set1_data|.
|
|
1145
|
+
//
|
|
1146
|
+
// WARNING: The interpretation of |attrtype|, |data|, and |len| is complex and
|
|
1147
|
+
// error-prone. See |X509_ATTRIBUTE_set1_data| for details.
|
|
866
1148
|
OPENSSL_EXPORT int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
|
|
867
|
-
|
|
868
|
-
|
|
869
|
-
|
|
870
|
-
|
|
871
|
-
|
|
1149
|
+
const ASN1_OBJECT *obj,
|
|
1150
|
+
int attrtype,
|
|
1151
|
+
const unsigned char *data,
|
|
1152
|
+
int len);
|
|
1153
|
+
|
|
1154
|
+
// X509_REQ_add1_attr_by_NID behaves like |X509_REQ_add1_attr_by_OBJ| except the
|
|
1155
|
+
// attribute type is determined by |nid|.
|
|
1156
|
+
OPENSSL_EXPORT int X509_REQ_add1_attr_by_NID(X509_REQ *req, int nid,
|
|
1157
|
+
int attrtype,
|
|
1158
|
+
const unsigned char *data,
|
|
1159
|
+
int len);
|
|
1160
|
+
|
|
1161
|
+
// X509_REQ_add1_attr_by_txt behaves like |X509_REQ_add1_attr_by_OBJ| except the
|
|
1162
|
+
// attribute type is determined by calling |OBJ_txt2obj| with |attrname|.
|
|
872
1163
|
OPENSSL_EXPORT int X509_REQ_add1_attr_by_txt(X509_REQ *req,
|
|
873
|
-
|
|
874
|
-
|
|
1164
|
+
const char *attrname, int attrtype,
|
|
1165
|
+
const unsigned char *data,
|
|
1166
|
+
int len);
|
|
1167
|
+
|
|
1168
|
+
// X509_CRL_set_version sets |crl|'s version to |version|, which should be one
|
|
1169
|
+
// of the |X509_CRL_VERSION_*| constants. It returns one on success and zero on
|
|
1170
|
+
// error.
|
|
1171
|
+
//
|
|
1172
|
+
// If unsure, use |X509_CRL_VERSION_2|. Note that, unlike certificates, CRL
|
|
1173
|
+
// versions are only defined up to v2. Callers should not use |X509_VERSION_3|.
|
|
1174
|
+
OPENSSL_EXPORT int X509_CRL_set_version(X509_CRL *crl, long version);
|
|
1175
|
+
|
|
1176
|
+
// X509_CRL_set_issuer_name sets |crl|'s issuer to a copy of |name|. It returns
|
|
1177
|
+
// one on success and zero on error.
|
|
1178
|
+
OPENSSL_EXPORT int X509_CRL_set_issuer_name(X509_CRL *crl, X509_NAME *name);
|
|
875
1179
|
|
|
876
|
-
OPENSSL_EXPORT int X509_CRL_set_version(X509_CRL *x, long version);
|
|
877
|
-
OPENSSL_EXPORT int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
|
|
878
|
-
OPENSSL_EXPORT int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
|
|
879
|
-
OPENSSL_EXPORT int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
|
|
880
1180
|
OPENSSL_EXPORT int X509_CRL_sort(X509_CRL *crl);
|
|
1181
|
+
|
|
1182
|
+
// X509_CRL_up_ref adds one to the reference count of |crl| and returns one.
|
|
881
1183
|
OPENSSL_EXPORT int X509_CRL_up_ref(X509_CRL *crl);
|
|
882
1184
|
|
|
1185
|
+
// X509_CRL_get0_signature sets |*out_sig| and |*out_alg| to the signature and
|
|
1186
|
+
// signature algorithm of |crl|, respectively. Either output pointer may be NULL
|
|
1187
|
+
// to ignore the value.
|
|
1188
|
+
//
|
|
1189
|
+
// This function outputs the outer signature algorithm, not the one in the
|
|
1190
|
+
// TBSCertList. CRLs with mismatched signature algorithms will successfully
|
|
1191
|
+
// parse, but they will be rejected when verifying.
|
|
883
1192
|
OPENSSL_EXPORT void X509_CRL_get0_signature(const X509_CRL *crl,
|
|
884
|
-
const ASN1_BIT_STRING **
|
|
885
|
-
const X509_ALGOR **
|
|
1193
|
+
const ASN1_BIT_STRING **out_sig,
|
|
1194
|
+
const X509_ALGOR **out_alg);
|
|
1195
|
+
|
|
1196
|
+
// X509_CRL_get_signature_nid returns the NID corresponding to |crl|'s signature
|
|
1197
|
+
// algorithm, or |NID_undef| if the signature algorithm does not correspond to
|
|
1198
|
+
// a known NID.
|
|
886
1199
|
OPENSSL_EXPORT int X509_CRL_get_signature_nid(const X509_CRL *crl);
|
|
887
|
-
OPENSSL_EXPORT int i2d_re_X509_CRL_tbs(X509_CRL *req, unsigned char **pp);
|
|
888
1200
|
|
|
1201
|
+
// i2d_re_X509_CRL_tbs serializes the TBSCertList portion of |crl|, as described
|
|
1202
|
+
// in |i2d_SAMPLE|.
|
|
1203
|
+
//
|
|
1204
|
+
// This function re-encodes the TBSCertList and may not reflect |crl|'s original
|
|
1205
|
+
// encoding. It may be used to manually generate a signature for a new CRL. To
|
|
1206
|
+
// verify CRLs, use |i2d_X509_CRL_tbs| instead.
|
|
1207
|
+
OPENSSL_EXPORT int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp);
|
|
1208
|
+
|
|
1209
|
+
// i2d_X509_CRL_tbs serializes the TBSCertList portion of |crl|, as described in
|
|
1210
|
+
// |i2d_SAMPLE|.
|
|
1211
|
+
//
|
|
1212
|
+
// This function preserves the original encoding of the TBSCertList and may not
|
|
1213
|
+
// reflect modifications made to |crl|. It may be used to manually verify the
|
|
1214
|
+
// signature of an existing CRL. To generate CRLs, use |i2d_re_X509_CRL_tbs|
|
|
1215
|
+
// instead.
|
|
1216
|
+
OPENSSL_EXPORT int i2d_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp);
|
|
1217
|
+
|
|
1218
|
+
// X509_CRL_set1_signature_algo sets |crl|'s signature algorithm to |algo| and
|
|
1219
|
+
// returns one on success or zero on error. It updates both the signature field
|
|
1220
|
+
// of the TBSCertList structure, and the signatureAlgorithm field of the CRL.
|
|
1221
|
+
OPENSSL_EXPORT int X509_CRL_set1_signature_algo(X509_CRL *crl,
|
|
1222
|
+
const X509_ALGOR *algo);
|
|
1223
|
+
|
|
1224
|
+
// X509_CRL_set1_signature_value sets |crl|'s signature to a copy of the
|
|
1225
|
+
// |sig_len| bytes pointed by |sig|. It returns one on success and zero on
|
|
1226
|
+
// error.
|
|
1227
|
+
//
|
|
1228
|
+
// Due to a specification error, X.509 CRLs store signatures in ASN.1 BIT
|
|
1229
|
+
// STRINGs, but signature algorithms return byte strings rather than bit
|
|
1230
|
+
// strings. This function creates a BIT STRING containing a whole number of
|
|
1231
|
+
// bytes, with the bit order matching the DER encoding. This matches the
|
|
1232
|
+
// encoding used by all X.509 signature algorithms.
|
|
1233
|
+
OPENSSL_EXPORT int X509_CRL_set1_signature_value(X509_CRL *crl,
|
|
1234
|
+
const uint8_t *sig,
|
|
1235
|
+
size_t sig_len);
|
|
1236
|
+
|
|
1237
|
+
// X509_REVOKED_get0_serialNumber returns the serial number of the certificate
|
|
1238
|
+
// revoked by |revoked|.
|
|
889
1239
|
OPENSSL_EXPORT const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(
|
|
890
|
-
const X509_REVOKED *
|
|
891
|
-
|
|
1240
|
+
const X509_REVOKED *revoked);
|
|
1241
|
+
|
|
1242
|
+
// X509_REVOKED_set_serialNumber sets |revoked|'s serial number to |serial|. It
|
|
1243
|
+
// returns one on success or zero on error.
|
|
1244
|
+
OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *revoked,
|
|
1245
|
+
const ASN1_INTEGER *serial);
|
|
1246
|
+
|
|
1247
|
+
// X509_REVOKED_get0_revocationDate returns the revocation time of the
|
|
1248
|
+
// certificate revoked by |revoked|.
|
|
892
1249
|
OPENSSL_EXPORT const ASN1_TIME *X509_REVOKED_get0_revocationDate(
|
|
893
|
-
const X509_REVOKED *
|
|
894
|
-
OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
|
|
1250
|
+
const X509_REVOKED *revoked);
|
|
895
1251
|
|
|
896
|
-
|
|
897
|
-
|
|
1252
|
+
// X509_REVOKED_set_revocationDate sets |revoked|'s revocation time to |tm|. It
|
|
1253
|
+
// returns one on success or zero on error.
|
|
1254
|
+
OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *revoked,
|
|
1255
|
+
const ASN1_TIME *tm);
|
|
898
1256
|
|
|
899
|
-
|
|
1257
|
+
// X509_REVOKED_get0_extensions returns |r|'s extensions list, or NULL if |r|
|
|
1258
|
+
// omits it.
|
|
1259
|
+
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(
|
|
1260
|
+
const X509_REVOKED *r);
|
|
900
1261
|
|
|
901
|
-
OPENSSL_EXPORT
|
|
902
|
-
|
|
903
|
-
|
|
904
|
-
|
|
905
|
-
OPENSSL_EXPORT int
|
|
906
|
-
|
|
1262
|
+
OPENSSL_EXPORT X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
|
|
1263
|
+
EVP_PKEY *skey, const EVP_MD *md,
|
|
1264
|
+
unsigned int flags);
|
|
1265
|
+
|
|
1266
|
+
OPENSSL_EXPORT int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
|
|
1267
|
+
|
|
1268
|
+
OPENSSL_EXPORT int X509_check_private_key(X509 *x509, const EVP_PKEY *pkey);
|
|
1269
|
+
OPENSSL_EXPORT int X509_chain_check_suiteb(int *perror_depth, X509 *x,
|
|
1270
|
+
STACK_OF(X509) *chain,
|
|
1271
|
+
unsigned long flags);
|
|
1272
|
+
OPENSSL_EXPORT int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk,
|
|
1273
|
+
unsigned long flags);
|
|
1274
|
+
|
|
1275
|
+
// X509_chain_up_ref returns a newly-allocated |STACK_OF(X509)| containing a
|
|
1276
|
+
// shallow copy of |chain|, or NULL on error. That is, the return value has the
|
|
1277
|
+
// same contents as |chain|, and each |X509|'s reference count is incremented by
|
|
1278
|
+
// one.
|
|
907
1279
|
OPENSSL_EXPORT STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
|
|
908
1280
|
|
|
909
|
-
OPENSSL_EXPORT int
|
|
910
|
-
|
|
1281
|
+
OPENSSL_EXPORT int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
|
|
1282
|
+
|
|
1283
|
+
OPENSSL_EXPORT int X509_issuer_name_cmp(const X509 *a, const X509 *b);
|
|
1284
|
+
OPENSSL_EXPORT unsigned long X509_issuer_name_hash(X509 *a);
|
|
1285
|
+
|
|
1286
|
+
OPENSSL_EXPORT int X509_subject_name_cmp(const X509 *a, const X509 *b);
|
|
1287
|
+
OPENSSL_EXPORT unsigned long X509_subject_name_hash(X509 *x);
|
|
1288
|
+
|
|
1289
|
+
OPENSSL_EXPORT unsigned long X509_issuer_name_hash_old(X509 *a);
|
|
1290
|
+
OPENSSL_EXPORT unsigned long X509_subject_name_hash_old(X509 *x);
|
|
1291
|
+
|
|
1292
|
+
OPENSSL_EXPORT int X509_cmp(const X509 *a, const X509 *b);
|
|
1293
|
+
OPENSSL_EXPORT int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
|
|
1294
|
+
OPENSSL_EXPORT unsigned long X509_NAME_hash(X509_NAME *x);
|
|
1295
|
+
OPENSSL_EXPORT unsigned long X509_NAME_hash_old(X509_NAME *x);
|
|
1296
|
+
|
|
1297
|
+
OPENSSL_EXPORT int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
|
|
1298
|
+
OPENSSL_EXPORT int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
|
|
1299
|
+
OPENSSL_EXPORT int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag,
|
|
1300
|
+
unsigned long cflag);
|
|
1301
|
+
OPENSSL_EXPORT int X509_print_fp(FILE *bp, X509 *x);
|
|
1302
|
+
OPENSSL_EXPORT int X509_CRL_print_fp(FILE *bp, X509_CRL *x);
|
|
1303
|
+
OPENSSL_EXPORT int X509_REQ_print_fp(FILE *bp, X509_REQ *req);
|
|
1304
|
+
OPENSSL_EXPORT int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm,
|
|
1305
|
+
int indent, unsigned long flags);
|
|
1306
|
+
|
|
1307
|
+
OPENSSL_EXPORT int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase);
|
|
1308
|
+
OPENSSL_EXPORT int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent,
|
|
1309
|
+
unsigned long flags);
|
|
1310
|
+
OPENSSL_EXPORT int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag,
|
|
1311
|
+
unsigned long cflag);
|
|
1312
|
+
OPENSSL_EXPORT int X509_print(BIO *bp, X509 *x);
|
|
1313
|
+
OPENSSL_EXPORT int X509_ocspid_print(BIO *bp, X509 *x);
|
|
1314
|
+
OPENSSL_EXPORT int X509_CERT_AUX_print(BIO *bp, X509_CERT_AUX *x, int indent);
|
|
1315
|
+
OPENSSL_EXPORT int X509_CRL_print(BIO *bp, X509_CRL *x);
|
|
1316
|
+
OPENSSL_EXPORT int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag,
|
|
1317
|
+
unsigned long cflag);
|
|
1318
|
+
OPENSSL_EXPORT int X509_REQ_print(BIO *bp, X509_REQ *req);
|
|
1319
|
+
|
|
1320
|
+
OPENSSL_EXPORT int X509_NAME_entry_count(const X509_NAME *name);
|
|
1321
|
+
OPENSSL_EXPORT int X509_NAME_get_text_by_NID(const X509_NAME *name, int nid,
|
|
1322
|
+
char *buf, int len);
|
|
1323
|
+
OPENSSL_EXPORT int X509_NAME_get_text_by_OBJ(const X509_NAME *name,
|
|
1324
|
+
const ASN1_OBJECT *obj, char *buf,
|
|
1325
|
+
int len);
|
|
1326
|
+
|
|
1327
|
+
// NOTE: you should be passsing -1, not 0 as lastpos. The functions that use
|
|
1328
|
+
// lastpos, search after that position on.
|
|
1329
|
+
OPENSSL_EXPORT int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid,
|
|
1330
|
+
int lastpos);
|
|
1331
|
+
OPENSSL_EXPORT int X509_NAME_get_index_by_OBJ(const X509_NAME *name,
|
|
1332
|
+
const ASN1_OBJECT *obj,
|
|
1333
|
+
int lastpos);
|
|
1334
|
+
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name,
|
|
1335
|
+
int loc);
|
|
1336
|
+
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name,
|
|
1337
|
+
int loc);
|
|
1338
|
+
OPENSSL_EXPORT int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne,
|
|
1339
|
+
int loc, int set);
|
|
1340
|
+
OPENSSL_EXPORT int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
|
|
1341
|
+
int type,
|
|
1342
|
+
const unsigned char *bytes,
|
|
1343
|
+
int len, int loc, int set);
|
|
1344
|
+
OPENSSL_EXPORT int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid,
|
|
1345
|
+
int type,
|
|
1346
|
+
const unsigned char *bytes,
|
|
1347
|
+
int len, int loc, int set);
|
|
1348
|
+
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(
|
|
1349
|
+
X509_NAME_ENTRY **ne, const char *field, int type,
|
|
1350
|
+
const unsigned char *bytes, int len);
|
|
1351
|
+
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(
|
|
1352
|
+
X509_NAME_ENTRY **ne, int nid, int type, const unsigned char *bytes,
|
|
1353
|
+
int len);
|
|
1354
|
+
OPENSSL_EXPORT int X509_NAME_add_entry_by_txt(X509_NAME *name,
|
|
1355
|
+
const char *field, int type,
|
|
1356
|
+
const unsigned char *bytes,
|
|
1357
|
+
int len, int loc, int set);
|
|
1358
|
+
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(
|
|
1359
|
+
X509_NAME_ENTRY **ne, const ASN1_OBJECT *obj, int type,
|
|
1360
|
+
const unsigned char *bytes, int len);
|
|
1361
|
+
OPENSSL_EXPORT int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne,
|
|
1362
|
+
const ASN1_OBJECT *obj);
|
|
1363
|
+
OPENSSL_EXPORT int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
|
|
1364
|
+
const unsigned char *bytes,
|
|
1365
|
+
int len);
|
|
1366
|
+
OPENSSL_EXPORT ASN1_OBJECT *X509_NAME_ENTRY_get_object(
|
|
1367
|
+
const X509_NAME_ENTRY *ne);
|
|
1368
|
+
OPENSSL_EXPORT ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
|
|
1369
|
+
|
|
1370
|
+
// X509v3_get_ext_count returns the number of extensions in |x|.
|
|
1371
|
+
OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
|
|
1372
|
+
|
|
1373
|
+
// X509v3_get_ext_by_NID returns the index of the first extension in |x| with
|
|
1374
|
+
// type |nid|, or a negative number if not found. If found, callers can use
|
|
1375
|
+
// |X509v3_get_ext| to look up the extension by index.
|
|
1376
|
+
//
|
|
1377
|
+
// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
|
|
1378
|
+
// can thus loop over all matching extensions by first passing -1 and then
|
|
1379
|
+
// passing the previously-returned value until no match is returned.
|
|
1380
|
+
OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
|
|
1381
|
+
int nid, int lastpos);
|
|
1382
|
+
|
|
1383
|
+
// X509v3_get_ext_by_OBJ behaves like |X509v3_get_ext_by_NID| but looks for
|
|
1384
|
+
// extensions matching |obj|.
|
|
1385
|
+
OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
|
|
1386
|
+
const ASN1_OBJECT *obj, int lastpos);
|
|
1387
|
+
|
|
1388
|
+
// X509v3_get_ext_by_critical returns the index of the first extension in |x|
|
|
1389
|
+
// whose critical bit matches |crit|, or a negative number if no such extension
|
|
1390
|
+
// was found.
|
|
1391
|
+
//
|
|
1392
|
+
// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
|
|
1393
|
+
// can thus loop over all matching extensions by first passing -1 and then
|
|
1394
|
+
// passing the previously-returned value until no match is returned.
|
|
1395
|
+
OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
|
|
1396
|
+
int crit, int lastpos);
|
|
1397
|
+
|
|
1398
|
+
// X509v3_get_ext returns the extension in |x| at index |loc|, or NULL if |loc|
|
|
1399
|
+
// is out of bounds.
|
|
1400
|
+
OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x,
|
|
1401
|
+
int loc);
|
|
1402
|
+
|
|
1403
|
+
// X509v3_delete_ext removes the extension in |x| at index |loc| and returns the
|
|
1404
|
+
// removed extension, or NULL if |loc| was out of bounds. If an extension was
|
|
1405
|
+
// returned, the caller must release it with |X509_EXTENSION_free|.
|
|
1406
|
+
OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x,
|
|
1407
|
+
int loc);
|
|
1408
|
+
|
|
1409
|
+
// X509v3_add_ext adds a copy of |ex| to the extension list in |*x|. If |*x| is
|
|
1410
|
+
// NULL, it allocates a new |STACK_OF(X509_EXTENSION)| to hold the copy and sets
|
|
1411
|
+
// |*x| to the new list. It returns |*x| on success and NULL on error. The
|
|
1412
|
+
// caller retains ownership of |ex| and can release it independently of |*x|.
|
|
1413
|
+
//
|
|
1414
|
+
// The new extension is inserted at index |loc|, shifting extensions to the
|
|
1415
|
+
// right. If |loc| is -1 or out of bounds, the new extension is appended to the
|
|
1416
|
+
// list.
|
|
1417
|
+
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509v3_add_ext(
|
|
1418
|
+
STACK_OF(X509_EXTENSION) **x, X509_EXTENSION *ex, int loc);
|
|
1419
|
+
|
|
1420
|
+
// X509_get_ext_count returns the number of extensions in |x|.
|
|
1421
|
+
OPENSSL_EXPORT int X509_get_ext_count(const X509 *x);
|
|
1422
|
+
|
|
1423
|
+
// X509_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for
|
|
1424
|
+
// extensions in |x|.
|
|
1425
|
+
OPENSSL_EXPORT int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
|
|
1426
|
+
|
|
1427
|
+
// X509_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for
|
|
1428
|
+
// extensions in |x|.
|
|
1429
|
+
OPENSSL_EXPORT int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj,
|
|
1430
|
+
int lastpos);
|
|
1431
|
+
|
|
1432
|
+
// X509_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but
|
|
1433
|
+
// searches for extensions in |x|.
|
|
1434
|
+
OPENSSL_EXPORT int X509_get_ext_by_critical(const X509 *x, int crit,
|
|
1435
|
+
int lastpos);
|
|
1436
|
+
|
|
1437
|
+
// X509_get_ext returns the extension in |x| at index |loc|, or NULL if |loc| is
|
|
1438
|
+
// out of bounds.
|
|
1439
|
+
OPENSSL_EXPORT X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
|
|
1440
|
+
|
|
1441
|
+
// X509_delete_ext removes the extension in |x| at index |loc| and returns the
|
|
1442
|
+
// removed extension, or NULL if |loc| was out of bounds. If non-NULL, the
|
|
1443
|
+
// caller must release the result with |X509_EXTENSION_free|. It is also safe,
|
|
1444
|
+
// but not necessary, to call |X509_EXTENSION_free| if the result is NULL.
|
|
1445
|
+
OPENSSL_EXPORT X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
|
|
911
1446
|
|
|
912
|
-
|
|
913
|
-
|
|
1447
|
+
// X509_add_ext adds a copy of |ex| to |x|. It returns one on success and zero
|
|
1448
|
+
// on failure. The caller retains ownership of |ex| and can release it
|
|
1449
|
+
// independently of |x|.
|
|
1450
|
+
//
|
|
1451
|
+
// The new extension is inserted at index |loc|, shifting extensions to the
|
|
1452
|
+
// right. If |loc| is -1 or out of bounds, the new extension is appended to the
|
|
1453
|
+
// list.
|
|
1454
|
+
OPENSSL_EXPORT int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
|
|
1455
|
+
|
|
1456
|
+
// X509_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the extension in
|
|
1457
|
+
// |x509|'s extension list.
|
|
1458
|
+
//
|
|
1459
|
+
// WARNING: This function is difficult to use correctly. See the documentation
|
|
1460
|
+
// for |X509V3_get_d2i| for details.
|
|
1461
|
+
OPENSSL_EXPORT void *X509_get_ext_d2i(const X509 *x509, int nid,
|
|
1462
|
+
int *out_critical, int *out_idx);
|
|
1463
|
+
|
|
1464
|
+
// X509_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension to
|
|
1465
|
+
// |x|'s extension list.
|
|
1466
|
+
//
|
|
1467
|
+
// WARNING: This function may return zero or -1 on error. The caller must also
|
|
1468
|
+
// ensure |value|'s type matches |nid|. See the documentation for
|
|
1469
|
+
// |X509V3_add1_i2d| for details.
|
|
1470
|
+
OPENSSL_EXPORT int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
|
|
1471
|
+
unsigned long flags);
|
|
1472
|
+
|
|
1473
|
+
// X509_CRL_get_ext_count returns the number of extensions in |x|.
|
|
1474
|
+
OPENSSL_EXPORT int X509_CRL_get_ext_count(const X509_CRL *x);
|
|
1475
|
+
|
|
1476
|
+
// X509_CRL_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for
|
|
1477
|
+
// extensions in |x|.
|
|
1478
|
+
OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid,
|
|
1479
|
+
int lastpos);
|
|
1480
|
+
|
|
1481
|
+
// X509_CRL_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for
|
|
1482
|
+
// extensions in |x|.
|
|
1483
|
+
OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(const X509_CRL *x,
|
|
1484
|
+
const ASN1_OBJECT *obj, int lastpos);
|
|
1485
|
+
|
|
1486
|
+
// X509_CRL_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but
|
|
1487
|
+
// searches for extensions in |x|.
|
|
1488
|
+
OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit,
|
|
1489
|
+
int lastpos);
|
|
1490
|
+
|
|
1491
|
+
// X509_CRL_get_ext returns the extension in |x| at index |loc|, or NULL if
|
|
1492
|
+
// |loc| is out of bounds.
|
|
1493
|
+
OPENSSL_EXPORT X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
|
|
1494
|
+
|
|
1495
|
+
// X509_CRL_delete_ext removes the extension in |x| at index |loc| and returns
|
|
1496
|
+
// the removed extension, or NULL if |loc| was out of bounds. If non-NULL, the
|
|
1497
|
+
// caller must release the result with |X509_EXTENSION_free|. It is also safe,
|
|
1498
|
+
// but not necessary, to call |X509_EXTENSION_free| if the result is NULL.
|
|
1499
|
+
OPENSSL_EXPORT X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
|
|
914
1500
|
|
|
915
|
-
|
|
916
|
-
|
|
1501
|
+
// X509_CRL_add_ext adds a copy of |ex| to |x|. It returns one on success and
|
|
1502
|
+
// zero on failure. The caller retains ownership of |ex| and can release it
|
|
1503
|
+
// independently of |x|.
|
|
1504
|
+
//
|
|
1505
|
+
// The new extension is inserted at index |loc|, shifting extensions to the
|
|
1506
|
+
// right. If |loc| is -1 or out of bounds, the new extension is appended to the
|
|
1507
|
+
// list.
|
|
1508
|
+
OPENSSL_EXPORT int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
|
|
1509
|
+
|
|
1510
|
+
// X509_CRL_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
|
|
1511
|
+
// extension in |crl|'s extension list.
|
|
1512
|
+
//
|
|
1513
|
+
// WARNING: This function is difficult to use correctly. See the documentation
|
|
1514
|
+
// for |X509V3_get_d2i| for details.
|
|
1515
|
+
OPENSSL_EXPORT void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid,
|
|
1516
|
+
int *out_critical, int *out_idx);
|
|
1517
|
+
|
|
1518
|
+
// X509_CRL_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension
|
|
1519
|
+
// to |x|'s extension list.
|
|
1520
|
+
//
|
|
1521
|
+
// WARNING: This function may return zero or -1 on error. The caller must also
|
|
1522
|
+
// ensure |value|'s type matches |nid|. See the documentation for
|
|
1523
|
+
// |X509V3_add1_i2d| for details.
|
|
1524
|
+
OPENSSL_EXPORT int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value,
|
|
1525
|
+
int crit, unsigned long flags);
|
|
1526
|
+
|
|
1527
|
+
// X509_REVOKED_get_ext_count returns the number of extensions in |x|.
|
|
1528
|
+
OPENSSL_EXPORT int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
|
|
1529
|
+
|
|
1530
|
+
// X509_REVOKED_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches
|
|
1531
|
+
// for extensions in |x|.
|
|
1532
|
+
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid,
|
|
1533
|
+
int lastpos);
|
|
1534
|
+
|
|
1535
|
+
// X509_REVOKED_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches
|
|
1536
|
+
// for extensions in |x|.
|
|
1537
|
+
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x,
|
|
1538
|
+
const ASN1_OBJECT *obj,
|
|
1539
|
+
int lastpos);
|
|
1540
|
+
|
|
1541
|
+
// X509_REVOKED_get_ext_by_critical behaves like |X509v3_get_ext_by_critical|
|
|
1542
|
+
// but searches for extensions in |x|.
|
|
1543
|
+
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x,
|
|
1544
|
+
int crit, int lastpos);
|
|
1545
|
+
|
|
1546
|
+
// X509_REVOKED_get_ext returns the extension in |x| at index |loc|, or NULL if
|
|
1547
|
+
// |loc| is out of bounds.
|
|
1548
|
+
OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x,
|
|
1549
|
+
int loc);
|
|
1550
|
+
|
|
1551
|
+
// X509_REVOKED_delete_ext removes the extension in |x| at index |loc| and
|
|
1552
|
+
// returns the removed extension, or NULL if |loc| was out of bounds. If
|
|
1553
|
+
// non-NULL, the caller must release the result with |X509_EXTENSION_free|. It
|
|
1554
|
+
// is also safe, but not necessary, to call |X509_EXTENSION_free| if the result
|
|
1555
|
+
// is NULL.
|
|
1556
|
+
OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x,
|
|
1557
|
+
int loc);
|
|
1558
|
+
|
|
1559
|
+
// X509_REVOKED_add_ext adds a copy of |ex| to |x|. It returns one on success
|
|
1560
|
+
// and zero on failure. The caller retains ownership of |ex| and can release it
|
|
1561
|
+
// independently of |x|.
|
|
1562
|
+
//
|
|
1563
|
+
// The new extension is inserted at index |loc|, shifting extensions to the
|
|
1564
|
+
// right. If |loc| is -1 or out of bounds, the new extension is appended to the
|
|
1565
|
+
// list.
|
|
1566
|
+
OPENSSL_EXPORT int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex,
|
|
1567
|
+
int loc);
|
|
1568
|
+
|
|
1569
|
+
// X509_REVOKED_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
|
|
1570
|
+
// extension in |revoked|'s extension list.
|
|
1571
|
+
//
|
|
1572
|
+
// WARNING: This function is difficult to use correctly. See the documentation
|
|
1573
|
+
// for |X509V3_get_d2i| for details.
|
|
1574
|
+
OPENSSL_EXPORT void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *revoked,
|
|
1575
|
+
int nid, int *out_critical,
|
|
1576
|
+
int *out_idx);
|
|
1577
|
+
|
|
1578
|
+
// X509_REVOKED_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the
|
|
1579
|
+
// extension to |x|'s extension list.
|
|
1580
|
+
//
|
|
1581
|
+
// WARNING: This function may return zero or -1 on error. The caller must also
|
|
1582
|
+
// ensure |value|'s type matches |nid|. See the documentation for
|
|
1583
|
+
// |X509V3_add1_i2d| for details.
|
|
1584
|
+
OPENSSL_EXPORT int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid,
|
|
1585
|
+
void *value, int crit,
|
|
1586
|
+
unsigned long flags);
|
|
1587
|
+
|
|
1588
|
+
// X509_EXTENSION_create_by_NID creates a new |X509_EXTENSION| with type |nid|,
|
|
1589
|
+
// value |data|, and critical bit |crit|. It returns the newly-allocated
|
|
1590
|
+
// |X509_EXTENSION| on success, and false on error. |nid| should be a |NID_*|
|
|
1591
|
+
// constant.
|
|
1592
|
+
//
|
|
1593
|
+
// If |ex| and |*ex| are both non-NULL, it modifies and returns |*ex| instead of
|
|
1594
|
+
// creating a new object. If |ex| is non-NULL, but |*ex| is NULL, it sets |*ex|
|
|
1595
|
+
// to the new |X509_EXTENSION|, in addition to returning the result.
|
|
1596
|
+
OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_NID(
|
|
1597
|
+
X509_EXTENSION **ex, int nid, int crit, const ASN1_OCTET_STRING *data);
|
|
1598
|
+
|
|
1599
|
+
// X509_EXTENSION_create_by_OBJ behaves like |X509_EXTENSION_create_by_NID|, but
|
|
1600
|
+
// the extension type is determined by an |ASN1_OBJECT|.
|
|
1601
|
+
OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_OBJ(
|
|
1602
|
+
X509_EXTENSION **ex, const ASN1_OBJECT *obj, int crit,
|
|
1603
|
+
const ASN1_OCTET_STRING *data);
|
|
1604
|
+
|
|
1605
|
+
// X509_EXTENSION_set_object sets |ex|'s extension type to |obj|. It returns one
|
|
1606
|
+
// on success and zero on error.
|
|
1607
|
+
OPENSSL_EXPORT int X509_EXTENSION_set_object(X509_EXTENSION *ex,
|
|
1608
|
+
const ASN1_OBJECT *obj);
|
|
1609
|
+
|
|
1610
|
+
// X509_EXTENSION_set_critical sets |ex| to critical if |crit| is non-zero and
|
|
1611
|
+
// to non-critical if |crit| is zero.
|
|
1612
|
+
OPENSSL_EXPORT int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
|
|
1613
|
+
|
|
1614
|
+
// X509_EXTENSION_set_data set's |ex|'s extension value to a copy of |data|. It
|
|
1615
|
+
// returns one on success and zero on error.
|
|
1616
|
+
OPENSSL_EXPORT int X509_EXTENSION_set_data(X509_EXTENSION *ex,
|
|
1617
|
+
const ASN1_OCTET_STRING *data);
|
|
1618
|
+
|
|
1619
|
+
// X509_EXTENSION_get_object returns |ex|'s extension type.
|
|
1620
|
+
OPENSSL_EXPORT ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
|
|
1621
|
+
|
|
1622
|
+
// X509_EXTENSION_get_data returns |ne|'s extension value.
|
|
1623
|
+
OPENSSL_EXPORT ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
|
|
917
1624
|
|
|
918
|
-
|
|
919
|
-
|
|
1625
|
+
// X509_EXTENSION_get_critical returns one if |ex| is critical and zero
|
|
1626
|
+
// otherwise.
|
|
1627
|
+
OPENSSL_EXPORT int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
|
|
920
1628
|
|
|
921
|
-
|
|
922
|
-
OPENSSL_EXPORT int
|
|
923
|
-
OPENSSL_EXPORT unsigned long X509_NAME_hash(X509_NAME *x);
|
|
924
|
-
OPENSSL_EXPORT unsigned long X509_NAME_hash_old(X509_NAME *x);
|
|
1629
|
+
// X509at_get_attr_count returns the number of attributes in |x|.
|
|
1630
|
+
OPENSSL_EXPORT int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
|
|
925
1631
|
|
|
926
|
-
|
|
927
|
-
|
|
928
|
-
|
|
929
|
-
|
|
930
|
-
|
|
931
|
-
|
|
932
|
-
|
|
933
|
-
OPENSSL_EXPORT int
|
|
934
|
-
|
|
1632
|
+
// X509at_get_attr_by_NID returns the index of the attribute in |x| of type
|
|
1633
|
+
// |nid|, or a negative number if not found. If found, callers can use
|
|
1634
|
+
// |X509at_get_attr| to look up the attribute by index.
|
|
1635
|
+
//
|
|
1636
|
+
// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
|
|
1637
|
+
// can thus loop over all matching attributes by first passing -1 and then
|
|
1638
|
+
// passing the previously-returned value until no match is returned.
|
|
1639
|
+
OPENSSL_EXPORT int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x,
|
|
1640
|
+
int nid, int lastpos);
|
|
1641
|
+
|
|
1642
|
+
// X509at_get_attr_by_OBJ behaves like |X509at_get_attr_by_NID| but looks for
|
|
1643
|
+
// attributes of type |obj|.
|
|
1644
|
+
OPENSSL_EXPORT int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
|
|
1645
|
+
const ASN1_OBJECT *obj, int lastpos);
|
|
1646
|
+
|
|
1647
|
+
// X509at_get_attr returns the attribute at index |loc| in |x|, or NULL if
|
|
1648
|
+
// out of bounds.
|
|
1649
|
+
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_get_attr(
|
|
1650
|
+
const STACK_OF(X509_ATTRIBUTE) *x, int loc);
|
|
1651
|
+
|
|
1652
|
+
// X509at_delete_attr removes the attribute at index |loc| in |x|. It returns
|
|
1653
|
+
// the removed attribute to the caller, or NULL if |loc| was out of bounds. If
|
|
1654
|
+
// non-NULL, the caller must release the result with |X509_ATTRIBUTE_free| when
|
|
1655
|
+
// done. It is also safe, but not necessary, to call |X509_ATTRIBUTE_free| if
|
|
1656
|
+
// the result is NULL.
|
|
1657
|
+
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x,
|
|
1658
|
+
int loc);
|
|
1659
|
+
|
|
1660
|
+
// X509at_add1_attr appends a copy of |attr| to the attribute list in |*x|. If
|
|
1661
|
+
// |*x| is NULL, it allocates a new |STACK_OF(X509_ATTRIBUTE)| to hold the copy
|
|
1662
|
+
// and sets |*x| to the new list. It returns |*x| on success and NULL on error.
|
|
1663
|
+
// The caller retains ownership of |attr| and can release it independently of
|
|
1664
|
+
// |*x|.
|
|
1665
|
+
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(
|
|
1666
|
+
STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr);
|
|
1667
|
+
|
|
1668
|
+
// X509at_add1_attr_by_OBJ behaves like |X509at_add1_attr|, but adds an
|
|
1669
|
+
// attribute created by |X509_ATTRIBUTE_create_by_OBJ|.
|
|
1670
|
+
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(
|
|
1671
|
+
STACK_OF(X509_ATTRIBUTE) **x, const ASN1_OBJECT *obj, int type,
|
|
1672
|
+
const unsigned char *bytes, int len);
|
|
1673
|
+
|
|
1674
|
+
// X509at_add1_attr_by_NID behaves like |X509at_add1_attr|, but adds an
|
|
1675
|
+
// attribute created by |X509_ATTRIBUTE_create_by_NID|.
|
|
1676
|
+
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(
|
|
1677
|
+
STACK_OF(X509_ATTRIBUTE) **x, int nid, int type, const unsigned char *bytes,
|
|
1678
|
+
int len);
|
|
1679
|
+
|
|
1680
|
+
// X509at_add1_attr_by_txt behaves like |X509at_add1_attr|, but adds an
|
|
1681
|
+
// attribute created by |X509_ATTRIBUTE_create_by_txt|.
|
|
1682
|
+
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(
|
|
1683
|
+
STACK_OF(X509_ATTRIBUTE) **x, const char *attrname, int type,
|
|
1684
|
+
const unsigned char *bytes, int len);
|
|
1685
|
+
|
|
1686
|
+
// X509_ATTRIBUTE_create_by_NID returns a newly-allocated |X509_ATTRIBUTE| of
|
|
1687
|
+
// type |nid|, or NULL on error. The value is determined as in
|
|
1688
|
+
// |X509_ATTRIBUTE_set1_data|.
|
|
1689
|
+
//
|
|
1690
|
+
// If |attr| is non-NULL, the resulting |X509_ATTRIBUTE| is also written to
|
|
1691
|
+
// |*attr|. If |*attr| was non-NULL when the function was called, |*attr| is
|
|
1692
|
+
// reused instead of creating a new object.
|
|
1693
|
+
//
|
|
1694
|
+
// WARNING: The interpretation of |attrtype|, |data|, and |len| is complex and
|
|
1695
|
+
// error-prone. See |X509_ATTRIBUTE_set1_data| for details.
|
|
1696
|
+
//
|
|
1697
|
+
// WARNING: The object reuse form is deprecated and may be removed in the
|
|
1698
|
+
// future. It also currently incorrectly appends to the reused object's value
|
|
1699
|
+
// set rather than overwriting it.
|
|
1700
|
+
OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(
|
|
1701
|
+
X509_ATTRIBUTE **attr, int nid, int attrtype, const void *data, int len);
|
|
1702
|
+
|
|
1703
|
+
// X509_ATTRIBUTE_create_by_OBJ behaves like |X509_ATTRIBUTE_create_by_NID|
|
|
1704
|
+
// except the attribute's type is determined by |obj|.
|
|
1705
|
+
OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(
|
|
1706
|
+
X509_ATTRIBUTE **attr, const ASN1_OBJECT *obj, int attrtype,
|
|
1707
|
+
const void *data, int len);
|
|
1708
|
+
|
|
1709
|
+
// X509_ATTRIBUTE_create_by_txt behaves like |X509_ATTRIBUTE_create_by_NID|
|
|
1710
|
+
// except the attribute's type is determined by calling |OBJ_txt2obj| with
|
|
1711
|
+
// |attrname|.
|
|
1712
|
+
OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(
|
|
1713
|
+
X509_ATTRIBUTE **attr, const char *attrname, int type,
|
|
1714
|
+
const unsigned char *bytes, int len);
|
|
1715
|
+
|
|
1716
|
+
// X509_ATTRIBUTE_set1_object sets |attr|'s type to |obj|. It returns one on
|
|
1717
|
+
// success and zero on error.
|
|
1718
|
+
OPENSSL_EXPORT int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr,
|
|
1719
|
+
const ASN1_OBJECT *obj);
|
|
1720
|
+
|
|
1721
|
+
// X509_ATTRIBUTE_set1_data appends a value to |attr|'s value set and returns
|
|
1722
|
+
// one on success or zero on error. The value is determined as follows:
|
|
1723
|
+
//
|
|
1724
|
+
// If |attrtype| is a |MBSTRING_*| constant, the value is an ASN.1 string. The
|
|
1725
|
+
// string is determined by decoding |len| bytes from |data| in the encoding
|
|
1726
|
+
// specified by |attrtype|, and then re-encoding it in a form appropriate for
|
|
1727
|
+
// |attr|'s type. If |len| is -1, |strlen(data)| is used instead. See
|
|
1728
|
+
// |ASN1_STRING_set_by_NID| for details.
|
|
1729
|
+
//
|
|
1730
|
+
// TODO(davidben): Document |ASN1_STRING_set_by_NID| so the reference is useful.
|
|
1731
|
+
//
|
|
1732
|
+
// Otherwise, if |len| is not -1, the value is an ASN.1 string. |attrtype| is an
|
|
1733
|
+
// |ASN1_STRING| type value and the |len| bytes from |data| are copied as the
|
|
1734
|
+
// type-specific representation of |ASN1_STRING|. See |ASN1_STRING| for details.
|
|
1735
|
+
//
|
|
1736
|
+
// WARNING: If this form is used to construct a negative INTEGER or ENUMERATED,
|
|
1737
|
+
// |attrtype| includes the |V_ASN1_NEG| flag for |ASN1_STRING|, but the function
|
|
1738
|
+
// forgets to clear the flag for |ASN1_TYPE|. This matches OpenSSL but is
|
|
1739
|
+
// probably a bug. For now, do not use this form with negative values.
|
|
1740
|
+
//
|
|
1741
|
+
// Otherwise, if |len| is -1, the value is constructed by passing |attrtype| and
|
|
1742
|
+
// |data| to |ASN1_TYPE_set1|. That is, |attrtype| is an |ASN1_TYPE| type value,
|
|
1743
|
+
// and |data| is cast to the corresponding pointer type.
|
|
1744
|
+
//
|
|
1745
|
+
// WARNING: Despite the name, this function appends to |attr|'s value set,
|
|
1746
|
+
// rather than overwriting it. To overwrite the value set, create a new
|
|
1747
|
+
// |X509_ATTRIBUTE| with |X509_ATTRIBUTE_new|.
|
|
1748
|
+
//
|
|
1749
|
+
// WARNING: If using the |MBSTRING_*| form, pass a length rather than relying on
|
|
1750
|
+
// |strlen|. In particular, |strlen| will not behave correctly if the input is
|
|
1751
|
+
// |MBSTRING_BMP| or |MBSTRING_UNIV|.
|
|
1752
|
+
//
|
|
1753
|
+
// WARNING: This function currently misinterprets |V_ASN1_OTHER| as an
|
|
1754
|
+
// |MBSTRING_*| constant. This matches OpenSSL but means it is impossible to
|
|
1755
|
+
// construct a value with a non-universal tag.
|
|
1756
|
+
OPENSSL_EXPORT int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
|
|
1757
|
+
const void *data, int len);
|
|
1758
|
+
|
|
1759
|
+
// X509_ATTRIBUTE_get0_data returns the |idx|th value of |attr| in a
|
|
1760
|
+
// type-specific representation to |attrtype|, or NULL if out of bounds or the
|
|
1761
|
+
// type does not match. |attrtype| is one of the type values in |ASN1_TYPE|. On
|
|
1762
|
+
// match, the return value uses the same representation as |ASN1_TYPE_set0|. See
|
|
1763
|
+
// |ASN1_TYPE| for details.
|
|
1764
|
+
OPENSSL_EXPORT void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
|
|
1765
|
+
int attrtype, void *unused);
|
|
935
1766
|
|
|
936
|
-
|
|
937
|
-
OPENSSL_EXPORT int
|
|
938
|
-
OPENSSL_EXPORT int X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag);
|
|
939
|
-
OPENSSL_EXPORT int X509_print(BIO *bp,X509 *x);
|
|
940
|
-
OPENSSL_EXPORT int X509_ocspid_print(BIO *bp,X509 *x);
|
|
941
|
-
OPENSSL_EXPORT int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent);
|
|
942
|
-
OPENSSL_EXPORT int X509_CRL_print(BIO *bp,X509_CRL *x);
|
|
943
|
-
OPENSSL_EXPORT int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, unsigned long cflag);
|
|
944
|
-
OPENSSL_EXPORT int X509_REQ_print(BIO *bp,X509_REQ *req);
|
|
945
|
-
|
|
946
|
-
OPENSSL_EXPORT int X509_NAME_entry_count(X509_NAME *name);
|
|
947
|
-
OPENSSL_EXPORT int X509_NAME_get_text_by_NID(X509_NAME *name, int nid,
|
|
948
|
-
char *buf,int len);
|
|
949
|
-
OPENSSL_EXPORT int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj,
|
|
950
|
-
char *buf,int len);
|
|
951
|
-
|
|
952
|
-
/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use
|
|
953
|
-
* lastpos, search after that position on. */
|
|
954
|
-
OPENSSL_EXPORT int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
|
|
955
|
-
OPENSSL_EXPORT int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj,
|
|
956
|
-
int lastpos);
|
|
957
|
-
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
|
|
958
|
-
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
|
|
959
|
-
OPENSSL_EXPORT int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne,
|
|
960
|
-
int loc, int set);
|
|
961
|
-
OPENSSL_EXPORT int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
|
|
962
|
-
const unsigned char *bytes, int len, int loc, int set);
|
|
963
|
-
OPENSSL_EXPORT int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
|
|
964
|
-
const unsigned char *bytes, int len, int loc, int set);
|
|
965
|
-
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
|
|
966
|
-
const char *field, int type, const unsigned char *bytes, int len);
|
|
967
|
-
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
|
|
968
|
-
int type, const unsigned char *bytes, int len);
|
|
969
|
-
OPENSSL_EXPORT int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
|
|
970
|
-
const unsigned char *bytes, int len, int loc, int set);
|
|
971
|
-
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
|
|
972
|
-
const ASN1_OBJECT *obj, int type,const unsigned char *bytes,
|
|
973
|
-
int len);
|
|
974
|
-
OPENSSL_EXPORT int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne,
|
|
975
|
-
const ASN1_OBJECT *obj);
|
|
976
|
-
OPENSSL_EXPORT int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
|
|
977
|
-
const unsigned char *bytes, int len);
|
|
978
|
-
OPENSSL_EXPORT ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
|
|
979
|
-
OPENSSL_EXPORT ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
|
|
980
|
-
|
|
981
|
-
OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
|
|
982
|
-
OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
|
|
983
|
-
int nid, int lastpos);
|
|
984
|
-
OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
|
|
985
|
-
const ASN1_OBJECT *obj,int lastpos);
|
|
986
|
-
OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
|
|
987
|
-
int crit, int lastpos);
|
|
988
|
-
OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
|
|
989
|
-
OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
|
|
990
|
-
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
|
|
991
|
-
X509_EXTENSION *ex, int loc);
|
|
992
|
-
|
|
993
|
-
OPENSSL_EXPORT int X509_get_ext_count(X509 *x);
|
|
994
|
-
OPENSSL_EXPORT int X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
|
|
995
|
-
OPENSSL_EXPORT int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos);
|
|
996
|
-
OPENSSL_EXPORT int X509_get_ext_by_critical(X509 *x, int crit, int lastpos);
|
|
997
|
-
OPENSSL_EXPORT X509_EXTENSION *X509_get_ext(X509 *x, int loc);
|
|
998
|
-
OPENSSL_EXPORT X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
|
|
999
|
-
OPENSSL_EXPORT int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
|
|
1000
|
-
OPENSSL_EXPORT void * X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
|
|
1001
|
-
OPENSSL_EXPORT int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
|
|
1002
|
-
unsigned long flags);
|
|
1003
|
-
|
|
1004
|
-
OPENSSL_EXPORT int X509_CRL_get_ext_count(X509_CRL *x);
|
|
1005
|
-
OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos);
|
|
1006
|
-
OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int lastpos);
|
|
1007
|
-
OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos);
|
|
1008
|
-
OPENSSL_EXPORT X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
|
|
1009
|
-
OPENSSL_EXPORT X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
|
|
1010
|
-
OPENSSL_EXPORT int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
|
|
1011
|
-
OPENSSL_EXPORT void * X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
|
|
1012
|
-
OPENSSL_EXPORT int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
|
|
1013
|
-
unsigned long flags);
|
|
1014
|
-
|
|
1015
|
-
OPENSSL_EXPORT int X509_REVOKED_get_ext_count(X509_REVOKED *x);
|
|
1016
|
-
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos);
|
|
1017
|
-
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos);
|
|
1018
|
-
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos);
|
|
1019
|
-
OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
|
|
1020
|
-
OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
|
|
1021
|
-
OPENSSL_EXPORT int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
|
|
1022
|
-
OPENSSL_EXPORT void * X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
|
|
1023
|
-
OPENSSL_EXPORT int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
|
|
1024
|
-
unsigned long flags);
|
|
1025
|
-
|
|
1026
|
-
OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
|
|
1027
|
-
int nid, int crit, ASN1_OCTET_STRING *data);
|
|
1028
|
-
OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
|
|
1029
|
-
const ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data);
|
|
1030
|
-
OPENSSL_EXPORT int X509_EXTENSION_set_object(X509_EXTENSION *ex,const ASN1_OBJECT *obj);
|
|
1031
|
-
OPENSSL_EXPORT int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
|
|
1032
|
-
OPENSSL_EXPORT int X509_EXTENSION_set_data(X509_EXTENSION *ex,
|
|
1033
|
-
ASN1_OCTET_STRING *data);
|
|
1034
|
-
OPENSSL_EXPORT ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex);
|
|
1035
|
-
OPENSSL_EXPORT ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
|
|
1036
|
-
OPENSSL_EXPORT int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
|
|
1767
|
+
// X509_ATTRIBUTE_count returns the number of values in |attr|.
|
|
1768
|
+
OPENSSL_EXPORT int X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr);
|
|
1037
1769
|
|
|
1038
|
-
|
|
1039
|
-
OPENSSL_EXPORT int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
|
|
1040
|
-
int lastpos);
|
|
1041
|
-
OPENSSL_EXPORT int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, const ASN1_OBJECT *obj,
|
|
1042
|
-
int lastpos);
|
|
1043
|
-
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
|
|
1044
|
-
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
|
|
1045
|
-
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
|
|
1046
|
-
X509_ATTRIBUTE *attr);
|
|
1047
|
-
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
|
|
1048
|
-
const ASN1_OBJECT *obj, int type,
|
|
1049
|
-
const unsigned char *bytes, int len);
|
|
1050
|
-
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
|
|
1051
|
-
int nid, int type,
|
|
1052
|
-
const unsigned char *bytes, int len);
|
|
1053
|
-
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
|
|
1054
|
-
const char *attrname, int type,
|
|
1055
|
-
const unsigned char *bytes, int len);
|
|
1056
|
-
OPENSSL_EXPORT void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
|
|
1057
|
-
ASN1_OBJECT *obj, int lastpos, int type);
|
|
1058
|
-
OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
|
|
1059
|
-
int atrtype, const void *data, int len);
|
|
1060
|
-
OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
|
|
1061
|
-
const ASN1_OBJECT *obj, int atrtype, const void *data, int len);
|
|
1062
|
-
OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
|
|
1063
|
-
const char *atrname, int type, const unsigned char *bytes, int len);
|
|
1064
|
-
OPENSSL_EXPORT int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj);
|
|
1065
|
-
OPENSSL_EXPORT int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len);
|
|
1066
|
-
OPENSSL_EXPORT void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
|
|
1067
|
-
int atrtype, void *data);
|
|
1068
|
-
OPENSSL_EXPORT int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
|
|
1770
|
+
// X509_ATTRIBUTE_get0_object returns the type of |attr|.
|
|
1069
1771
|
OPENSSL_EXPORT ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
|
|
1070
|
-
OPENSSL_EXPORT ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
|
|
1071
1772
|
|
|
1072
|
-
|
|
1773
|
+
// X509_ATTRIBUTE_get0_type returns the |idx|th value in |attr|, or NULL if out
|
|
1774
|
+
// of bounds. Note this function returns one of |attr|'s values, not the type.
|
|
1775
|
+
OPENSSL_EXPORT ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr,
|
|
1776
|
+
int idx);
|
|
1777
|
+
|
|
1778
|
+
OPENSSL_EXPORT int X509_verify_cert(X509_STORE_CTX *ctx);
|
|
1073
1779
|
|
|
1074
|
-
|
|
1075
|
-
OPENSSL_EXPORT X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,
|
|
1076
|
-
|
|
1077
|
-
|
|
1780
|
+
// lookup a cert from a X509 STACK
|
|
1781
|
+
OPENSSL_EXPORT X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,
|
|
1782
|
+
X509_NAME *name,
|
|
1783
|
+
ASN1_INTEGER *serial);
|
|
1784
|
+
OPENSSL_EXPORT X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name);
|
|
1078
1785
|
|
|
1079
|
-
|
|
1786
|
+
// PKCS#8 utilities
|
|
1080
1787
|
|
|
1081
1788
|
DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
|
|
1082
1789
|
|
|
1083
1790
|
OPENSSL_EXPORT EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
|
|
1084
1791
|
OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
|
|
1085
|
-
OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken);
|
|
1086
|
-
OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
|
|
1087
1792
|
|
|
1088
1793
|
OPENSSL_EXPORT int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
|
|
1089
|
-
|
|
1090
|
-
|
|
1794
|
+
int version, int ptype, void *pval,
|
|
1795
|
+
unsigned char *penc, int penclen);
|
|
1091
1796
|
OPENSSL_EXPORT int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
|
|
1092
|
-
|
|
1093
|
-
|
|
1094
|
-
|
|
1095
|
-
|
|
1096
|
-
|
|
1097
|
-
|
|
1098
|
-
|
|
1099
|
-
|
|
1100
|
-
|
|
1101
|
-
|
|
1102
|
-
|
|
1797
|
+
const unsigned char **pk, int *ppklen,
|
|
1798
|
+
X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8);
|
|
1799
|
+
|
|
1800
|
+
// X509_PUBKEY_set0_param sets |pub| to a key with AlgorithmIdentifier
|
|
1801
|
+
// determined by |obj|, |param_type|, and |param_value|, and an encoded
|
|
1802
|
+
// public key of |key|. On success, it takes ownership of all its parameters and
|
|
1803
|
+
// returns one. Otherwise, it returns zero. |key| must have been allocated by
|
|
1804
|
+
// |OPENSSL_malloc|.
|
|
1805
|
+
//
|
|
1806
|
+
// |obj|, |param_type|, and |param_value| are interpreted as in
|
|
1807
|
+
// |X509_ALGOR_set0|. See |X509_ALGOR_set0| for details.
|
|
1808
|
+
OPENSSL_EXPORT int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *obj,
|
|
1809
|
+
int param_type, void *param_value,
|
|
1810
|
+
uint8_t *key, int key_len);
|
|
1811
|
+
|
|
1812
|
+
// X509_PUBKEY_get0_param outputs fields of |pub| and returns one. If |out_obj|
|
|
1813
|
+
// is not NULL, it sets |*out_obj| to AlgorithmIdentifier's OID. If |out_key|
|
|
1814
|
+
// is not NULL, it sets |*out_key| and |*out_key_len| to the encoded public key.
|
|
1815
|
+
// If |out_alg| is not NULL, it sets |*out_alg| to the AlgorithmIdentifier.
|
|
1816
|
+
//
|
|
1817
|
+
// Note: X.509 SubjectPublicKeyInfo structures store the encoded public key as a
|
|
1818
|
+
// BIT STRING. |*out_key| and |*out_key_len| will silently pad the key with zero
|
|
1819
|
+
// bits if |pub| did not contain a whole number of bytes. Use
|
|
1820
|
+
// |X509_PUBKEY_get0_public_key| to preserve this information.
|
|
1821
|
+
OPENSSL_EXPORT int X509_PUBKEY_get0_param(ASN1_OBJECT **out_obj,
|
|
1822
|
+
const uint8_t **out_key,
|
|
1823
|
+
int *out_key_len,
|
|
1824
|
+
X509_ALGOR **out_alg,
|
|
1825
|
+
X509_PUBKEY *pub);
|
|
1826
|
+
|
|
1827
|
+
// X509_PUBKEY_get0_public_key returns |pub|'s encoded public key.
|
|
1828
|
+
OPENSSL_EXPORT const ASN1_BIT_STRING *X509_PUBKEY_get0_public_key(
|
|
1829
|
+
const X509_PUBKEY *pub);
|
|
1103
1830
|
|
|
1104
1831
|
OPENSSL_EXPORT int X509_check_trust(X509 *x, int id, int flags);
|
|
1105
1832
|
OPENSSL_EXPORT int X509_TRUST_get_count(void);
|
|
1106
|
-
OPENSSL_EXPORT X509_TRUST *
|
|
1833
|
+
OPENSSL_EXPORT X509_TRUST *X509_TRUST_get0(int idx);
|
|
1107
1834
|
OPENSSL_EXPORT int X509_TRUST_get_by_id(int id);
|
|
1108
|
-
OPENSSL_EXPORT int X509_TRUST_add(int id, int flags,
|
|
1109
|
-
|
|
1835
|
+
OPENSSL_EXPORT int X509_TRUST_add(int id, int flags,
|
|
1836
|
+
int (*ck)(X509_TRUST *, X509 *, int),
|
|
1837
|
+
char *name, int arg1, void *arg2);
|
|
1110
1838
|
OPENSSL_EXPORT void X509_TRUST_cleanup(void);
|
|
1111
|
-
OPENSSL_EXPORT int X509_TRUST_get_flags(X509_TRUST *xp);
|
|
1112
|
-
OPENSSL_EXPORT char *X509_TRUST_get0_name(X509_TRUST *xp);
|
|
1113
|
-
OPENSSL_EXPORT int X509_TRUST_get_trust(X509_TRUST *xp);
|
|
1839
|
+
OPENSSL_EXPORT int X509_TRUST_get_flags(const X509_TRUST *xp);
|
|
1840
|
+
OPENSSL_EXPORT char *X509_TRUST_get0_name(const X509_TRUST *xp);
|
|
1841
|
+
OPENSSL_EXPORT int X509_TRUST_get_trust(const X509_TRUST *xp);
|
|
1114
1842
|
|
|
1115
1843
|
|
|
1116
|
-
|
|
1844
|
+
struct rsa_pss_params_st {
|
|
1117
1845
|
X509_ALGOR *hashAlgorithm;
|
|
1118
1846
|
X509_ALGOR *maskGenAlgorithm;
|
|
1119
1847
|
ASN1_INTEGER *saltLength;
|
|
1120
1848
|
ASN1_INTEGER *trailerField;
|
|
1121
|
-
|
|
1849
|
+
// OpenSSL caches the MGF hash on |RSA_PSS_PARAMS| in some cases. None of the
|
|
1850
|
+
// cases apply to BoringSSL, so this is always NULL, but Node expects the
|
|
1851
|
+
// field to be present.
|
|
1852
|
+
X509_ALGOR *maskHash;
|
|
1853
|
+
} /* RSA_PSS_PARAMS */;
|
|
1122
1854
|
|
|
1123
1855
|
DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
|
|
1124
1856
|
|
|
1857
|
+
/*
|
|
1858
|
+
SSL_CTX -> X509_STORE
|
|
1859
|
+
-> X509_LOOKUP
|
|
1860
|
+
->X509_LOOKUP_METHOD
|
|
1861
|
+
-> X509_LOOKUP
|
|
1862
|
+
->X509_LOOKUP_METHOD
|
|
1863
|
+
|
|
1864
|
+
SSL -> X509_STORE_CTX
|
|
1865
|
+
->X509_STORE
|
|
1866
|
+
|
|
1867
|
+
The X509_STORE holds the tables etc for verification stuff.
|
|
1868
|
+
A X509_STORE_CTX is used while validating a single certificate.
|
|
1869
|
+
The X509_STORE has X509_LOOKUPs for looking up certs.
|
|
1870
|
+
The X509_STORE then calls a function to actually verify the
|
|
1871
|
+
certificate chain.
|
|
1872
|
+
*/
|
|
1873
|
+
|
|
1874
|
+
#define X509_LU_X509 1
|
|
1875
|
+
#define X509_LU_CRL 2
|
|
1876
|
+
#define X509_LU_PKEY 3
|
|
1877
|
+
|
|
1878
|
+
DEFINE_STACK_OF(X509_LOOKUP)
|
|
1879
|
+
DEFINE_STACK_OF(X509_OBJECT)
|
|
1880
|
+
DEFINE_STACK_OF(X509_VERIFY_PARAM)
|
|
1881
|
+
|
|
1882
|
+
typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
|
|
1883
|
+
typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
|
|
1884
|
+
typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer, X509_STORE_CTX *ctx,
|
|
1885
|
+
X509 *x);
|
|
1886
|
+
typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx, X509 *x,
|
|
1887
|
+
X509 *issuer);
|
|
1888
|
+
typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
|
|
1889
|
+
typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx, X509_CRL **crl,
|
|
1890
|
+
X509 *x);
|
|
1891
|
+
typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
|
|
1892
|
+
typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl,
|
|
1893
|
+
X509 *x);
|
|
1894
|
+
typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
|
|
1895
|
+
typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
|
|
1896
|
+
X509_NAME *nm);
|
|
1897
|
+
typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(
|
|
1898
|
+
X509_STORE_CTX *ctx, X509_NAME *nm);
|
|
1899
|
+
typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
|
|
1900
|
+
|
|
1901
|
+
OPENSSL_EXPORT int X509_STORE_set_depth(X509_STORE *store, int depth);
|
|
1902
|
+
|
|
1903
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
|
|
1904
|
+
|
|
1905
|
+
#define X509_STORE_CTX_set_app_data(ctx, data) \
|
|
1906
|
+
X509_STORE_CTX_set_ex_data(ctx, 0, data)
|
|
1907
|
+
#define X509_STORE_CTX_get_app_data(ctx) X509_STORE_CTX_get_ex_data(ctx, 0)
|
|
1908
|
+
|
|
1909
|
+
#define X509_L_FILE_LOAD 1
|
|
1910
|
+
#define X509_L_ADD_DIR 2
|
|
1911
|
+
|
|
1912
|
+
#define X509_LOOKUP_load_file(x, name, type) \
|
|
1913
|
+
X509_LOOKUP_ctrl((x), X509_L_FILE_LOAD, (name), (long)(type), NULL)
|
|
1914
|
+
|
|
1915
|
+
#define X509_LOOKUP_add_dir(x, name, type) \
|
|
1916
|
+
X509_LOOKUP_ctrl((x), X509_L_ADD_DIR, (name), (long)(type), NULL)
|
|
1917
|
+
|
|
1918
|
+
#define X509_V_OK 0
|
|
1919
|
+
#define X509_V_ERR_UNSPECIFIED 1
|
|
1920
|
+
|
|
1921
|
+
#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
|
|
1922
|
+
#define X509_V_ERR_UNABLE_TO_GET_CRL 3
|
|
1923
|
+
#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
|
|
1924
|
+
#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
|
|
1925
|
+
#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
|
|
1926
|
+
#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
|
|
1927
|
+
#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
|
|
1928
|
+
#define X509_V_ERR_CERT_NOT_YET_VALID 9
|
|
1929
|
+
#define X509_V_ERR_CERT_HAS_EXPIRED 10
|
|
1930
|
+
#define X509_V_ERR_CRL_NOT_YET_VALID 11
|
|
1931
|
+
#define X509_V_ERR_CRL_HAS_EXPIRED 12
|
|
1932
|
+
#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
|
|
1933
|
+
#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
|
|
1934
|
+
#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
|
|
1935
|
+
#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
|
|
1936
|
+
#define X509_V_ERR_OUT_OF_MEM 17
|
|
1937
|
+
#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
|
|
1938
|
+
#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
|
|
1939
|
+
#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
|
|
1940
|
+
#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
|
|
1941
|
+
#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
|
|
1942
|
+
#define X509_V_ERR_CERT_REVOKED 23
|
|
1943
|
+
#define X509_V_ERR_INVALID_CA 24
|
|
1944
|
+
#define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
|
|
1945
|
+
#define X509_V_ERR_INVALID_PURPOSE 26
|
|
1946
|
+
#define X509_V_ERR_CERT_UNTRUSTED 27
|
|
1947
|
+
#define X509_V_ERR_CERT_REJECTED 28
|
|
1948
|
+
// These are 'informational' when looking for issuer cert
|
|
1949
|
+
#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
|
|
1950
|
+
#define X509_V_ERR_AKID_SKID_MISMATCH 30
|
|
1951
|
+
#define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
|
|
1952
|
+
#define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
|
|
1953
|
+
|
|
1954
|
+
#define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33
|
|
1955
|
+
#define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
|
|
1956
|
+
#define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
|
|
1957
|
+
#define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
|
|
1958
|
+
#define X509_V_ERR_INVALID_NON_CA 37
|
|
1959
|
+
#define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
|
|
1960
|
+
#define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
|
|
1961
|
+
#define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40
|
|
1962
|
+
|
|
1963
|
+
#define X509_V_ERR_INVALID_EXTENSION 41
|
|
1964
|
+
#define X509_V_ERR_INVALID_POLICY_EXTENSION 42
|
|
1965
|
+
#define X509_V_ERR_NO_EXPLICIT_POLICY 43
|
|
1966
|
+
#define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
|
|
1967
|
+
#define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
|
|
1968
|
+
|
|
1969
|
+
#define X509_V_ERR_UNNESTED_RESOURCE 46
|
|
1970
|
+
|
|
1971
|
+
#define X509_V_ERR_PERMITTED_VIOLATION 47
|
|
1972
|
+
#define X509_V_ERR_EXCLUDED_VIOLATION 48
|
|
1973
|
+
#define X509_V_ERR_SUBTREE_MINMAX 49
|
|
1974
|
+
#define X509_V_ERR_APPLICATION_VERIFICATION 50
|
|
1975
|
+
#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
|
|
1976
|
+
#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
|
|
1977
|
+
#define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
|
|
1978
|
+
#define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
|
|
1979
|
+
|
|
1980
|
+
// Suite B mode algorithm violation
|
|
1981
|
+
#define X509_V_ERR_SUITE_B_INVALID_VERSION 56
|
|
1982
|
+
#define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
|
|
1983
|
+
#define X509_V_ERR_SUITE_B_INVALID_CURVE 58
|
|
1984
|
+
#define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
|
|
1985
|
+
#define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
|
|
1986
|
+
#define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
|
|
1987
|
+
|
|
1988
|
+
// Host, email and IP check errors
|
|
1989
|
+
#define X509_V_ERR_HOSTNAME_MISMATCH 62
|
|
1990
|
+
#define X509_V_ERR_EMAIL_MISMATCH 63
|
|
1991
|
+
#define X509_V_ERR_IP_ADDRESS_MISMATCH 64
|
|
1992
|
+
|
|
1993
|
+
// Caller error
|
|
1994
|
+
#define X509_V_ERR_INVALID_CALL 65
|
|
1995
|
+
// Issuer lookup error
|
|
1996
|
+
#define X509_V_ERR_STORE_LOOKUP 66
|
|
1997
|
+
|
|
1998
|
+
#define X509_V_ERR_NAME_CONSTRAINTS_WITHOUT_SANS 67
|
|
1999
|
+
|
|
2000
|
+
// Certificate verify flags
|
|
2001
|
+
|
|
2002
|
+
// Send issuer+subject checks to verify_cb
|
|
2003
|
+
#define X509_V_FLAG_CB_ISSUER_CHECK 0x1
|
|
2004
|
+
// Use check time instead of current time
|
|
2005
|
+
#define X509_V_FLAG_USE_CHECK_TIME 0x2
|
|
2006
|
+
// Lookup CRLs
|
|
2007
|
+
#define X509_V_FLAG_CRL_CHECK 0x4
|
|
2008
|
+
// Lookup CRLs for whole chain
|
|
2009
|
+
#define X509_V_FLAG_CRL_CHECK_ALL 0x8
|
|
2010
|
+
// Ignore unhandled critical extensions
|
|
2011
|
+
#define X509_V_FLAG_IGNORE_CRITICAL 0x10
|
|
2012
|
+
// Does nothing as its functionality has been enabled by default.
|
|
2013
|
+
#define X509_V_FLAG_X509_STRICT 0x00
|
|
2014
|
+
// Enable proxy certificate validation
|
|
2015
|
+
#define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40
|
|
2016
|
+
// Enable policy checking
|
|
2017
|
+
#define X509_V_FLAG_POLICY_CHECK 0x80
|
|
2018
|
+
// Policy variable require-explicit-policy
|
|
2019
|
+
#define X509_V_FLAG_EXPLICIT_POLICY 0x100
|
|
2020
|
+
// Policy variable inhibit-any-policy
|
|
2021
|
+
#define X509_V_FLAG_INHIBIT_ANY 0x200
|
|
2022
|
+
// Policy variable inhibit-policy-mapping
|
|
2023
|
+
#define X509_V_FLAG_INHIBIT_MAP 0x400
|
|
2024
|
+
// Notify callback that policy is OK
|
|
2025
|
+
#define X509_V_FLAG_NOTIFY_POLICY 0x800
|
|
2026
|
+
// Extended CRL features such as indirect CRLs, alternate CRL signing keys
|
|
2027
|
+
#define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000
|
|
2028
|
+
// Delta CRL support
|
|
2029
|
+
#define X509_V_FLAG_USE_DELTAS 0x2000
|
|
2030
|
+
// Check selfsigned CA signature
|
|
2031
|
+
#define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
|
|
2032
|
+
// Use trusted store first
|
|
2033
|
+
#define X509_V_FLAG_TRUSTED_FIRST 0x8000
|
|
2034
|
+
// Suite B 128 bit only mode: not normally used
|
|
2035
|
+
#define X509_V_FLAG_SUITEB_128_LOS_ONLY 0x10000
|
|
2036
|
+
// Suite B 192 bit only mode
|
|
2037
|
+
#define X509_V_FLAG_SUITEB_192_LOS 0x20000
|
|
2038
|
+
// Suite B 128 bit mode allowing 192 bit algorithms
|
|
2039
|
+
#define X509_V_FLAG_SUITEB_128_LOS 0x30000
|
|
2040
|
+
|
|
2041
|
+
// Allow partial chains if at least one certificate is in trusted store
|
|
2042
|
+
#define X509_V_FLAG_PARTIAL_CHAIN 0x80000
|
|
2043
|
+
|
|
2044
|
+
// If the initial chain is not trusted, do not attempt to build an alternative
|
|
2045
|
+
// chain. Alternate chain checking was introduced in 1.0.2b. Setting this flag
|
|
2046
|
+
// will force the behaviour to match that of previous versions.
|
|
2047
|
+
#define X509_V_FLAG_NO_ALT_CHAINS 0x100000
|
|
2048
|
+
|
|
2049
|
+
#define X509_VP_FLAG_DEFAULT 0x1
|
|
2050
|
+
#define X509_VP_FLAG_OVERWRITE 0x2
|
|
2051
|
+
#define X509_VP_FLAG_RESET_FLAGS 0x4
|
|
2052
|
+
#define X509_VP_FLAG_LOCKED 0x8
|
|
2053
|
+
#define X509_VP_FLAG_ONCE 0x10
|
|
2054
|
+
|
|
2055
|
+
// Internal use: mask of policy related options
|
|
2056
|
+
#define X509_V_FLAG_POLICY_MASK \
|
|
2057
|
+
(X509_V_FLAG_POLICY_CHECK | X509_V_FLAG_EXPLICIT_POLICY | \
|
|
2058
|
+
X509_V_FLAG_INHIBIT_ANY | X509_V_FLAG_INHIBIT_MAP)
|
|
2059
|
+
|
|
2060
|
+
OPENSSL_EXPORT int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h,
|
|
2061
|
+
int type, X509_NAME *name);
|
|
2062
|
+
OPENSSL_EXPORT X509_OBJECT *X509_OBJECT_retrieve_by_subject(
|
|
2063
|
+
STACK_OF(X509_OBJECT) *h, int type, X509_NAME *name);
|
|
2064
|
+
OPENSSL_EXPORT X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
|
|
2065
|
+
X509_OBJECT *x);
|
|
2066
|
+
OPENSSL_EXPORT int X509_OBJECT_up_ref_count(X509_OBJECT *a);
|
|
2067
|
+
OPENSSL_EXPORT void X509_OBJECT_free_contents(X509_OBJECT *a);
|
|
2068
|
+
OPENSSL_EXPORT int X509_OBJECT_get_type(const X509_OBJECT *a);
|
|
2069
|
+
OPENSSL_EXPORT X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a);
|
|
2070
|
+
OPENSSL_EXPORT X509_STORE *X509_STORE_new(void);
|
|
2071
|
+
OPENSSL_EXPORT int X509_STORE_up_ref(X509_STORE *store);
|
|
2072
|
+
OPENSSL_EXPORT void X509_STORE_free(X509_STORE *v);
|
|
2073
|
+
|
|
2074
|
+
OPENSSL_EXPORT STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *st);
|
|
2075
|
+
OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st,
|
|
2076
|
+
X509_NAME *nm);
|
|
2077
|
+
OPENSSL_EXPORT STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st,
|
|
2078
|
+
X509_NAME *nm);
|
|
2079
|
+
OPENSSL_EXPORT int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
|
|
2080
|
+
OPENSSL_EXPORT int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
|
|
2081
|
+
OPENSSL_EXPORT int X509_STORE_set_trust(X509_STORE *ctx, int trust);
|
|
2082
|
+
OPENSSL_EXPORT int X509_STORE_set1_param(X509_STORE *ctx,
|
|
2083
|
+
X509_VERIFY_PARAM *pm);
|
|
2084
|
+
OPENSSL_EXPORT X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx);
|
|
2085
|
+
|
|
2086
|
+
OPENSSL_EXPORT void X509_STORE_set_verify(X509_STORE *ctx,
|
|
2087
|
+
X509_STORE_CTX_verify_fn verify);
|
|
2088
|
+
#define X509_STORE_set_verify_func(ctx, func) \
|
|
2089
|
+
X509_STORE_set_verify((ctx), (func))
|
|
2090
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx,
|
|
2091
|
+
X509_STORE_CTX_verify_fn verify);
|
|
2092
|
+
OPENSSL_EXPORT X509_STORE_CTX_verify_fn X509_STORE_get_verify(X509_STORE *ctx);
|
|
2093
|
+
OPENSSL_EXPORT void X509_STORE_set_verify_cb(
|
|
2094
|
+
X509_STORE *ctx, X509_STORE_CTX_verify_cb verify_cb);
|
|
2095
|
+
#define X509_STORE_set_verify_cb_func(ctx, func) \
|
|
2096
|
+
X509_STORE_set_verify_cb((ctx), (func))
|
|
2097
|
+
OPENSSL_EXPORT X509_STORE_CTX_verify_cb
|
|
2098
|
+
X509_STORE_get_verify_cb(X509_STORE *ctx);
|
|
2099
|
+
OPENSSL_EXPORT void X509_STORE_set_get_issuer(
|
|
2100
|
+
X509_STORE *ctx, X509_STORE_CTX_get_issuer_fn get_issuer);
|
|
2101
|
+
OPENSSL_EXPORT X509_STORE_CTX_get_issuer_fn
|
|
2102
|
+
X509_STORE_get_get_issuer(X509_STORE *ctx);
|
|
2103
|
+
OPENSSL_EXPORT void X509_STORE_set_check_issued(
|
|
2104
|
+
X509_STORE *ctx, X509_STORE_CTX_check_issued_fn check_issued);
|
|
2105
|
+
OPENSSL_EXPORT X509_STORE_CTX_check_issued_fn
|
|
2106
|
+
X509_STORE_get_check_issued(X509_STORE *ctx);
|
|
2107
|
+
OPENSSL_EXPORT void X509_STORE_set_check_revocation(
|
|
2108
|
+
X509_STORE *ctx, X509_STORE_CTX_check_revocation_fn check_revocation);
|
|
2109
|
+
OPENSSL_EXPORT X509_STORE_CTX_check_revocation_fn
|
|
2110
|
+
X509_STORE_get_check_revocation(X509_STORE *ctx);
|
|
2111
|
+
OPENSSL_EXPORT void X509_STORE_set_get_crl(X509_STORE *ctx,
|
|
2112
|
+
X509_STORE_CTX_get_crl_fn get_crl);
|
|
2113
|
+
OPENSSL_EXPORT X509_STORE_CTX_get_crl_fn
|
|
2114
|
+
X509_STORE_get_get_crl(X509_STORE *ctx);
|
|
2115
|
+
OPENSSL_EXPORT void X509_STORE_set_check_crl(
|
|
2116
|
+
X509_STORE *ctx, X509_STORE_CTX_check_crl_fn check_crl);
|
|
2117
|
+
OPENSSL_EXPORT X509_STORE_CTX_check_crl_fn
|
|
2118
|
+
X509_STORE_get_check_crl(X509_STORE *ctx);
|
|
2119
|
+
OPENSSL_EXPORT void X509_STORE_set_cert_crl(
|
|
2120
|
+
X509_STORE *ctx, X509_STORE_CTX_cert_crl_fn cert_crl);
|
|
2121
|
+
OPENSSL_EXPORT X509_STORE_CTX_cert_crl_fn
|
|
2122
|
+
X509_STORE_get_cert_crl(X509_STORE *ctx);
|
|
2123
|
+
OPENSSL_EXPORT void X509_STORE_set_lookup_certs(
|
|
2124
|
+
X509_STORE *ctx, X509_STORE_CTX_lookup_certs_fn lookup_certs);
|
|
2125
|
+
OPENSSL_EXPORT X509_STORE_CTX_lookup_certs_fn
|
|
2126
|
+
X509_STORE_get_lookup_certs(X509_STORE *ctx);
|
|
2127
|
+
OPENSSL_EXPORT void X509_STORE_set_lookup_crls(
|
|
2128
|
+
X509_STORE *ctx, X509_STORE_CTX_lookup_crls_fn lookup_crls);
|
|
2129
|
+
#define X509_STORE_set_lookup_crls_cb(ctx, func) \
|
|
2130
|
+
X509_STORE_set_lookup_crls((ctx), (func))
|
|
2131
|
+
OPENSSL_EXPORT X509_STORE_CTX_lookup_crls_fn
|
|
2132
|
+
X509_STORE_get_lookup_crls(X509_STORE *ctx);
|
|
2133
|
+
OPENSSL_EXPORT void X509_STORE_set_cleanup(X509_STORE *ctx,
|
|
2134
|
+
X509_STORE_CTX_cleanup_fn cleanup);
|
|
2135
|
+
OPENSSL_EXPORT X509_STORE_CTX_cleanup_fn
|
|
2136
|
+
X509_STORE_get_cleanup(X509_STORE *ctx);
|
|
2137
|
+
|
|
2138
|
+
OPENSSL_EXPORT X509_STORE_CTX *X509_STORE_CTX_new(void);
|
|
2139
|
+
|
|
2140
|
+
OPENSSL_EXPORT int X509_STORE_CTX_get1_issuer(X509 **issuer,
|
|
2141
|
+
X509_STORE_CTX *ctx, X509 *x);
|
|
2142
|
+
|
|
2143
|
+
OPENSSL_EXPORT void X509_STORE_CTX_zero(X509_STORE_CTX *ctx);
|
|
2144
|
+
OPENSSL_EXPORT void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
|
|
2145
|
+
OPENSSL_EXPORT int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
|
|
2146
|
+
X509 *x509, STACK_OF(X509) *chain);
|
|
2147
|
+
OPENSSL_EXPORT void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx,
|
|
2148
|
+
STACK_OF(X509) *sk);
|
|
2149
|
+
OPENSSL_EXPORT void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
|
|
2150
|
+
|
|
2151
|
+
OPENSSL_EXPORT X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx);
|
|
2152
|
+
OPENSSL_EXPORT X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
|
|
2153
|
+
|
|
2154
|
+
OPENSSL_EXPORT X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v,
|
|
2155
|
+
X509_LOOKUP_METHOD *m);
|
|
2156
|
+
|
|
2157
|
+
OPENSSL_EXPORT X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
|
|
2158
|
+
OPENSSL_EXPORT X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
|
|
2159
|
+
|
|
2160
|
+
OPENSSL_EXPORT int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
|
|
2161
|
+
OPENSSL_EXPORT int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
|
|
2162
|
+
|
|
2163
|
+
OPENSSL_EXPORT int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type,
|
|
2164
|
+
X509_NAME *name, X509_OBJECT *ret);
|
|
2165
|
+
|
|
2166
|
+
OPENSSL_EXPORT int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
|
|
2167
|
+
long argl, char **ret);
|
|
2168
|
+
|
|
2169
|
+
#ifndef OPENSSL_NO_STDIO
|
|
2170
|
+
OPENSSL_EXPORT int X509_load_cert_file(X509_LOOKUP *ctx, const char *file,
|
|
2171
|
+
int type);
|
|
2172
|
+
OPENSSL_EXPORT int X509_load_crl_file(X509_LOOKUP *ctx, const char *file,
|
|
2173
|
+
int type);
|
|
2174
|
+
OPENSSL_EXPORT int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file,
|
|
2175
|
+
int type);
|
|
2176
|
+
#endif
|
|
1125
2177
|
|
|
2178
|
+
OPENSSL_EXPORT X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
|
|
2179
|
+
OPENSSL_EXPORT void X509_LOOKUP_free(X509_LOOKUP *ctx);
|
|
2180
|
+
OPENSSL_EXPORT int X509_LOOKUP_init(X509_LOOKUP *ctx);
|
|
2181
|
+
OPENSSL_EXPORT int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type,
|
|
2182
|
+
X509_NAME *name, X509_OBJECT *ret);
|
|
2183
|
+
OPENSSL_EXPORT int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type,
|
|
2184
|
+
X509_NAME *name,
|
|
2185
|
+
ASN1_INTEGER *serial,
|
|
2186
|
+
X509_OBJECT *ret);
|
|
2187
|
+
OPENSSL_EXPORT int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
|
|
2188
|
+
unsigned char *bytes, int len,
|
|
2189
|
+
X509_OBJECT *ret);
|
|
2190
|
+
OPENSSL_EXPORT int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str,
|
|
2191
|
+
int len, X509_OBJECT *ret);
|
|
2192
|
+
OPENSSL_EXPORT int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
|
|
2193
|
+
|
|
2194
|
+
#ifndef OPENSSL_NO_STDIO
|
|
2195
|
+
OPENSSL_EXPORT int X509_STORE_load_locations(X509_STORE *ctx, const char *file,
|
|
2196
|
+
const char *dir);
|
|
2197
|
+
OPENSSL_EXPORT int X509_STORE_set_default_paths(X509_STORE *ctx);
|
|
2198
|
+
#endif
|
|
1126
2199
|
|
|
1127
|
-
|
|
1128
|
-
|
|
2200
|
+
OPENSSL_EXPORT int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
|
|
2201
|
+
CRYPTO_EX_unused *unused,
|
|
2202
|
+
CRYPTO_EX_dup *dup_unused,
|
|
2203
|
+
CRYPTO_EX_free *free_func);
|
|
2204
|
+
OPENSSL_EXPORT int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx,
|
|
2205
|
+
void *data);
|
|
2206
|
+
OPENSSL_EXPORT void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
|
|
2207
|
+
OPENSSL_EXPORT int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
|
|
2208
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
|
|
2209
|
+
OPENSSL_EXPORT int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
|
|
2210
|
+
OPENSSL_EXPORT X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
|
|
2211
|
+
OPENSSL_EXPORT X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
|
|
2212
|
+
OPENSSL_EXPORT X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
|
|
2213
|
+
OPENSSL_EXPORT X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(
|
|
2214
|
+
X509_STORE_CTX *ctx);
|
|
2215
|
+
OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
|
|
2216
|
+
OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get0_chain(X509_STORE_CTX *ctx);
|
|
2217
|
+
OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
|
|
2218
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_cert(X509_STORE_CTX *c, X509 *x);
|
|
2219
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,
|
|
2220
|
+
STACK_OF(X509) *sk);
|
|
2221
|
+
OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get0_untrusted(
|
|
2222
|
+
X509_STORE_CTX *ctx);
|
|
2223
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c,
|
|
2224
|
+
STACK_OF(X509_CRL) *sk);
|
|
2225
|
+
OPENSSL_EXPORT int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
|
|
2226
|
+
OPENSSL_EXPORT int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
|
|
2227
|
+
OPENSSL_EXPORT int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx,
|
|
2228
|
+
int def_purpose, int purpose,
|
|
2229
|
+
int trust);
|
|
2230
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx,
|
|
2231
|
+
unsigned long flags);
|
|
2232
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx,
|
|
2233
|
+
unsigned long flags, time_t t);
|
|
2234
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_verify_cb(
|
|
2235
|
+
X509_STORE_CTX *ctx, int (*verify_cb)(int, X509_STORE_CTX *));
|
|
2236
|
+
|
|
2237
|
+
OPENSSL_EXPORT X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(
|
|
2238
|
+
X509_STORE_CTX *ctx);
|
|
2239
|
+
OPENSSL_EXPORT int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
|
|
2240
|
+
|
|
2241
|
+
OPENSSL_EXPORT X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(
|
|
2242
|
+
X509_STORE_CTX *ctx);
|
|
2243
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx,
|
|
2244
|
+
X509_VERIFY_PARAM *param);
|
|
2245
|
+
OPENSSL_EXPORT int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx,
|
|
2246
|
+
const char *name);
|
|
2247
|
+
|
|
2248
|
+
// X509_VERIFY_PARAM functions
|
|
2249
|
+
|
|
2250
|
+
OPENSSL_EXPORT X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void);
|
|
2251
|
+
OPENSSL_EXPORT void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param);
|
|
2252
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to,
|
|
2253
|
+
const X509_VERIFY_PARAM *from);
|
|
2254
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
|
|
2255
|
+
const X509_VERIFY_PARAM *from);
|
|
2256
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param,
|
|
2257
|
+
const char *name);
|
|
2258
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
|
|
2259
|
+
unsigned long flags);
|
|
2260
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
|
|
2261
|
+
unsigned long flags);
|
|
2262
|
+
OPENSSL_EXPORT unsigned long X509_VERIFY_PARAM_get_flags(
|
|
2263
|
+
X509_VERIFY_PARAM *param);
|
|
2264
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param,
|
|
2265
|
+
int purpose);
|
|
2266
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param,
|
|
2267
|
+
int trust);
|
|
2268
|
+
OPENSSL_EXPORT void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param,
|
|
2269
|
+
int depth);
|
|
2270
|
+
OPENSSL_EXPORT void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param,
|
|
2271
|
+
time_t t);
|
|
2272
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
|
|
2273
|
+
ASN1_OBJECT *policy);
|
|
2274
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_policies(
|
|
2275
|
+
X509_VERIFY_PARAM *param, STACK_OF(ASN1_OBJECT) *policies);
|
|
2276
|
+
|
|
2277
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
|
|
2278
|
+
const char *name,
|
|
2279
|
+
size_t namelen);
|
|
2280
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
|
|
2281
|
+
const char *name,
|
|
2282
|
+
size_t namelen);
|
|
2283
|
+
OPENSSL_EXPORT void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
|
|
2284
|
+
unsigned int flags);
|
|
2285
|
+
OPENSSL_EXPORT char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *);
|
|
2286
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
|
|
2287
|
+
const char *email,
|
|
2288
|
+
size_t emaillen);
|
|
2289
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
|
|
2290
|
+
const unsigned char *ip,
|
|
2291
|
+
size_t iplen);
|
|
2292
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param,
|
|
2293
|
+
const char *ipasc);
|
|
2294
|
+
|
|
2295
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
|
|
2296
|
+
OPENSSL_EXPORT const char *X509_VERIFY_PARAM_get0_name(
|
|
2297
|
+
const X509_VERIFY_PARAM *param);
|
|
2298
|
+
|
|
2299
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
|
|
2300
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_get_count(void);
|
|
2301
|
+
OPENSSL_EXPORT const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id);
|
|
2302
|
+
OPENSSL_EXPORT const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(
|
|
2303
|
+
const char *name);
|
|
2304
|
+
OPENSSL_EXPORT void X509_VERIFY_PARAM_table_cleanup(void);
|
|
2305
|
+
|
|
2306
|
+
OPENSSL_EXPORT int X509_policy_check(X509_POLICY_TREE **ptree,
|
|
2307
|
+
int *pexplicit_policy,
|
|
2308
|
+
STACK_OF(X509) *certs,
|
|
2309
|
+
STACK_OF(ASN1_OBJECT) *policy_oids,
|
|
2310
|
+
unsigned int flags);
|
|
2311
|
+
|
|
2312
|
+
OPENSSL_EXPORT void X509_policy_tree_free(X509_POLICY_TREE *tree);
|
|
2313
|
+
|
|
2314
|
+
OPENSSL_EXPORT int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
|
|
2315
|
+
OPENSSL_EXPORT X509_POLICY_LEVEL *X509_policy_tree_get0_level(
|
|
2316
|
+
const X509_POLICY_TREE *tree, int i);
|
|
2317
|
+
|
|
2318
|
+
OPENSSL_EXPORT STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(
|
|
2319
|
+
const X509_POLICY_TREE *tree);
|
|
2320
|
+
|
|
2321
|
+
OPENSSL_EXPORT STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(
|
|
2322
|
+
const X509_POLICY_TREE *tree);
|
|
2323
|
+
|
|
2324
|
+
OPENSSL_EXPORT int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
|
|
2325
|
+
|
|
2326
|
+
OPENSSL_EXPORT X509_POLICY_NODE *X509_policy_level_get0_node(
|
|
2327
|
+
X509_POLICY_LEVEL *level, int i);
|
|
2328
|
+
|
|
2329
|
+
OPENSSL_EXPORT const ASN1_OBJECT *X509_policy_node_get0_policy(
|
|
2330
|
+
const X509_POLICY_NODE *node);
|
|
2331
|
+
|
|
2332
|
+
OPENSSL_EXPORT STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(
|
|
2333
|
+
const X509_POLICY_NODE *node);
|
|
2334
|
+
OPENSSL_EXPORT const X509_POLICY_NODE *X509_policy_node_get0_parent(
|
|
2335
|
+
const X509_POLICY_NODE *node);
|
|
2336
|
+
|
|
2337
|
+
|
|
2338
|
+
#if defined(__cplusplus)
|
|
2339
|
+
} // extern C
|
|
1129
2340
|
#endif
|
|
1130
2341
|
|
|
1131
2342
|
#if !defined(BORINGSSL_NO_CXX)
|
|
@@ -1138,6 +2349,7 @@ BORINGSSL_MAKE_DELETER(RSA_PSS_PARAMS, RSA_PSS_PARAMS_free)
|
|
|
1138
2349
|
BORINGSSL_MAKE_DELETER(X509, X509_free)
|
|
1139
2350
|
BORINGSSL_MAKE_UP_REF(X509, X509_up_ref)
|
|
1140
2351
|
BORINGSSL_MAKE_DELETER(X509_ALGOR, X509_ALGOR_free)
|
|
2352
|
+
BORINGSSL_MAKE_DELETER(X509_ATTRIBUTE, X509_ATTRIBUTE_free)
|
|
1141
2353
|
BORINGSSL_MAKE_DELETER(X509_CRL, X509_CRL_free)
|
|
1142
2354
|
BORINGSSL_MAKE_UP_REF(X509_CRL, X509_CRL_up_ref)
|
|
1143
2355
|
BORINGSSL_MAKE_DELETER(X509_CRL_METHOD, X509_CRL_METHOD_free)
|
|
@@ -1153,17 +2365,14 @@ BORINGSSL_MAKE_DELETER(X509_REQ, X509_REQ_free)
|
|
|
1153
2365
|
BORINGSSL_MAKE_DELETER(X509_REVOKED, X509_REVOKED_free)
|
|
1154
2366
|
BORINGSSL_MAKE_DELETER(X509_SIG, X509_SIG_free)
|
|
1155
2367
|
BORINGSSL_MAKE_DELETER(X509_STORE, X509_STORE_free)
|
|
2368
|
+
BORINGSSL_MAKE_UP_REF(X509_STORE, X509_STORE_up_ref)
|
|
1156
2369
|
BORINGSSL_MAKE_DELETER(X509_STORE_CTX, X509_STORE_CTX_free)
|
|
1157
2370
|
BORINGSSL_MAKE_DELETER(X509_VERIFY_PARAM, X509_VERIFY_PARAM_free)
|
|
1158
2371
|
|
|
1159
|
-
using ScopedX509_STORE_CTX =
|
|
1160
|
-
internal::StackAllocated<X509_STORE_CTX, void, X509_STORE_CTX_zero,
|
|
1161
|
-
X509_STORE_CTX_cleanup>;
|
|
1162
|
-
|
|
1163
2372
|
BSSL_NAMESPACE_END
|
|
1164
2373
|
|
|
1165
|
-
}
|
|
1166
|
-
#endif
|
|
2374
|
+
} // extern C++
|
|
2375
|
+
#endif // !BORINGSSL_NO_CXX
|
|
1167
2376
|
|
|
1168
2377
|
#define X509_R_AKID_MISMATCH 100
|
|
1169
2378
|
#define X509_R_BAD_PKCS7_VERSION 101
|
|
@@ -1203,5 +2412,8 @@ BSSL_NAMESPACE_END
|
|
|
1203
2412
|
#define X509_R_NAME_TOO_LONG 135
|
|
1204
2413
|
#define X509_R_INVALID_PARAMETER 136
|
|
1205
2414
|
#define X509_R_SIGNATURE_ALGORITHM_MISMATCH 137
|
|
2415
|
+
#define X509_R_DELTA_CRL_WITHOUT_CRL_NUMBER 138
|
|
2416
|
+
#define X509_R_INVALID_FIELD_FOR_VERSION 139
|
|
2417
|
+
#define X509_R_INVALID_VERSION 140
|
|
1206
2418
|
|
|
1207
2419
|
#endif
|