grpc 1.35.0.pre1 → 1.37.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +121 -89
- data/include/grpc/grpc.h +15 -1
- data/include/grpc/grpc_security.h +16 -11
- data/include/grpc/impl/codegen/port_platform.h +2 -0
- data/src/core/ext/filters/client_channel/client_channel.cc +359 -331
- data/src/core/ext/filters/client_channel/client_channel.h +0 -2
- data/src/core/ext/filters/client_channel/client_channel_factory.h +2 -1
- data/src/core/ext/filters/client_channel/config_selector.h +9 -1
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +9 -4
- data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +24 -142
- data/src/core/ext/filters/client_channel/global_subchannel_pool.h +15 -10
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy.cc +3 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +3 -5
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +8 -6
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +23 -0
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +27 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +289 -170
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +5 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -25
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +232 -110
- data/src/core/ext/filters/client_channel/local_subchannel_pool.cc +27 -67
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +10 -9
- data/src/core/ext/filters/client_channel/resolver.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver.h +1 -12
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +36 -45
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +3 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +34 -50
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +16 -14
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +18 -15
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +377 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +307 -155
- data/src/core/ext/filters/client_channel/server_address.cc +9 -0
- data/src/core/ext/filters/client_channel/server_address.h +31 -0
- data/src/core/ext/filters/client_channel/subchannel.cc +69 -146
- data/src/core/ext/filters/client_channel/subchannel.h +63 -95
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +16 -2
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +10 -8
- data/src/core/ext/filters/client_idle/client_idle_filter.cc +1 -1
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +500 -0
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +39 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.cc +189 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.h +85 -0
- data/src/core/ext/filters/max_age/max_age_filter.cc +35 -32
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +1 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +2 -2
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +3 -2
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +1 -1
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +3 -2
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +490 -178
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +11 -2
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +11 -1
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +1 -1
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +62 -18
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +39 -7
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +12 -1
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +5 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +1 -1
- data/src/core/ext/transport/chttp2/transport/internal.h +1 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +406 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +1459 -0
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +350 -0
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +1348 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +11 -16
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +42 -59
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +3 -2
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +15 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +25 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +75 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +9 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +28 -13
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +6 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +25 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +41 -7
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -21
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +122 -77
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +13 -9
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +37 -5
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +144 -0
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +488 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +141 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +452 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +11 -9
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +44 -27
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +57 -16
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +150 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +29 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +67 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +79 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +268 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +78 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +281 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +41 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +113 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +19 -21
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +64 -51
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +16 -13
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +50 -18
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +4 -7
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +0 -17
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +30 -23
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +85 -73
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +0 -3
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +0 -3
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +0 -2
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +93 -0
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +323 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +36 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +90 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +46 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +124 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +21 -4
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +29 -0
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.c +33 -0
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.h +77 -0
- data/src/core/ext/upb-generated/{udpa/core/v1 → xds/core/v3}/authority.upb.c +5 -5
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +60 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +52 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +143 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +42 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +84 -0
- data/src/core/ext/upb-generated/{udpa/core/v1 → xds/core/v3}/resource.upb.c +9 -9
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +94 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +54 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +166 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +85 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.c +354 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.h +140 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +168 -171
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +383 -0
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +115 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +405 -420
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +2 -2
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +177 -171
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +10 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +88 -88
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +153 -153
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +10 -7
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +4 -7
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +33 -20
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +56 -59
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +116 -111
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +129 -121
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +21 -24
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.c +141 -0
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +141 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +17 -13
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +753 -724
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +10 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +22 -25
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +102 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +120 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +76 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +371 -377
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +12 -16
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +112 -108
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +45 -53
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +177 -180
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +92 -102
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +32 -42
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +30 -40
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +4 -7
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +38 -44
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +130 -0
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +30 -33
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.c +63 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +8 -7
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +9 -9
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +9 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +8 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +8 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +9 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +8 -8
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.c +44 -0
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +14 -11
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +67 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +35 -0
- data/src/core/ext/xds/xds_api.cc +2149 -666
- data/src/core/ext/xds/xds_api.h +321 -119
- data/src/core/ext/xds/xds_bootstrap.cc +80 -45
- data/src/core/ext/xds/xds_bootstrap.h +17 -5
- data/src/core/ext/xds/xds_certificate_provider.cc +180 -74
- data/src/core/ext/xds/xds_certificate_provider.h +83 -44
- data/src/core/ext/xds/xds_client.cc +181 -34
- data/src/core/ext/xds/xds_client.h +29 -0
- data/src/core/ext/xds/xds_client_stats.cc +2 -1
- data/src/core/ext/xds/xds_client_stats.h +2 -2
- data/src/core/ext/xds/xds_http_fault_filter.cc +226 -0
- data/src/core/ext/xds/xds_http_fault_filter.h +63 -0
- data/src/core/ext/xds/xds_http_filters.cc +114 -0
- data/src/core/ext/xds/xds_http_filters.h +130 -0
- data/src/core/ext/xds/xds_server_config_fetcher.cc +425 -24
- data/src/core/lib/channel/channel_stack.cc +12 -0
- data/src/core/lib/channel/channel_stack.h +7 -0
- data/src/core/lib/channel/channelz.cc +92 -4
- data/src/core/lib/channel/channelz.h +30 -1
- data/src/core/lib/channel/channelz_registry.cc +14 -0
- data/src/core/lib/channel/handshaker.cc +2 -44
- data/src/core/lib/channel/handshaker.h +1 -18
- data/src/core/lib/channel/status_util.cc +12 -2
- data/src/core/lib/channel/status_util.h +5 -0
- data/src/core/lib/gpr/log.cc +6 -1
- data/src/core/lib/gpr/sync_abseil.cc +3 -6
- data/src/core/lib/gpr/sync_windows.cc +2 -2
- data/src/core/lib/gprpp/atomic.h +3 -3
- data/src/core/lib/gprpp/dual_ref_counted.h +3 -3
- data/src/core/lib/gprpp/mpscq.cc +2 -2
- data/src/core/lib/gprpp/ref_counted.h +1 -1
- data/src/core/lib/gprpp/ref_counted_ptr.h +2 -0
- data/src/core/lib/gprpp/sync.h +129 -40
- data/src/core/lib/gprpp/thd.h +1 -1
- data/src/core/lib/gprpp/time_util.cc +77 -0
- data/src/core/lib/gprpp/time_util.h +42 -0
- data/src/core/lib/http/httpcli_security_connector.cc +2 -2
- data/src/core/lib/iomgr/buffer_list.h +1 -1
- data/src/core/lib/iomgr/cfstream_handle.cc +2 -2
- data/src/core/lib/iomgr/error.h +1 -1
- data/src/core/lib/iomgr/ev_apple.cc +11 -8
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +3 -3
- data/src/core/lib/iomgr/ev_epollex_linux.cc +4 -4
- data/src/core/lib/iomgr/ev_posix.cc +3 -3
- data/src/core/lib/iomgr/exec_ctx.cc +6 -2
- data/src/core/lib/iomgr/iomgr_posix.cc +0 -1
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +0 -1
- data/src/core/lib/iomgr/resource_quota.cc +1 -1
- data/src/core/lib/iomgr/sockaddr_utils.cc +121 -1
- data/src/core/lib/iomgr/sockaddr_utils.h +25 -0
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +1 -0
- data/src/core/lib/iomgr/tcp_client_posix.cc +1 -1
- data/src/core/lib/iomgr/tcp_posix.cc +5 -8
- data/src/core/lib/iomgr/tcp_uv.cc +2 -2
- data/src/core/lib/iomgr/timer_generic.cc +2 -2
- data/src/core/lib/iomgr/timer_manager.cc +1 -1
- data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +1 -1
- data/src/core/lib/matchers/matchers.cc +339 -0
- data/src/core/lib/matchers/matchers.h +160 -0
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.h +1 -1
- data/src/core/lib/security/credentials/credentials.h +2 -1
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +1 -1
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +2 -2
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +1 -1
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +1 -1
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +1 -1
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +7 -6
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +2 -2
- data/src/core/lib/security/credentials/jwt/json_token.cc +0 -3
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +0 -3
- data/src/core/lib/security/credentials/local/local_credentials.cc +2 -1
- data/src/core/lib/security/credentials/local/local_credentials.h +1 -1
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +2 -1
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +1 -1
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +2 -1
- data/src/core/lib/security/credentials/tls/tls_credentials.h +1 -1
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +128 -59
- data/src/core/lib/security/credentials/xds/xds_credentials.h +3 -3
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +5 -5
- data/src/core/lib/security/security_connector/ssl_utils.cc +9 -4
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +32 -14
- data/src/core/lib/security/transport/security_handshaker.cc +33 -5
- data/src/core/lib/security/transport/server_auth_filter.cc +7 -0
- data/src/core/lib/slice/slice_intern.cc +5 -6
- data/src/core/lib/surface/channel.h +3 -3
- data/src/core/lib/surface/completion_queue.cc +1 -1
- data/src/core/lib/surface/init.cc +13 -15
- data/src/core/lib/surface/lame_client.cc +38 -19
- data/src/core/lib/surface/lame_client.h +4 -3
- data/src/core/lib/surface/server.cc +43 -36
- data/src/core/lib/surface/server.h +76 -14
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/metadata.cc +6 -2
- data/src/core/lib/transport/metadata_batch.cc +27 -0
- data/src/core/lib/transport/metadata_batch.h +14 -0
- data/src/core/plugin_registry/grpc_plugin_registry.cc +12 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +18 -24
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +16 -21
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +1 -1
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +1 -3
- data/src/core/tsi/fake_transport_security.cc +11 -2
- data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -3
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +2 -4
- data/src/core/tsi/ssl_transport_security.cc +0 -3
- data/src/core/tsi/ssl_transport_security.h +0 -3
- data/src/ruby/ext/grpc/extconf.rb +9 -1
- data/src/ruby/ext/grpc/rb_channel.c +10 -1
- data/src/ruby/ext/grpc/rb_channel_credentials.c +11 -1
- data/src/ruby/ext/grpc/rb_channel_credentials.h +4 -0
- data/src/ruby/ext/grpc/rb_compression_options.c +1 -1
- data/src/ruby/ext/grpc/rb_enable_cpp.cc +1 -1
- data/src/ruby/ext/grpc/rb_grpc.c +4 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +2 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +4 -1
- data/src/ruby/ext/grpc/rb_server.c +13 -1
- data/src/ruby/ext/grpc/rb_server_credentials.c +19 -3
- data/src/ruby/ext/grpc/rb_server_credentials.h +4 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +215 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +35 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +169 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.h +35 -0
- data/src/ruby/lib/grpc/generic/client_stub.rb +4 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +7 -0
- data/src/ruby/spec/call_spec.rb +1 -1
- data/src/ruby/spec/channel_credentials_spec.rb +32 -0
- data/src/ruby/spec/channel_spec.rb +17 -6
- data/src/ruby/spec/client_auth_spec.rb +27 -1
- data/src/ruby/spec/errors_spec.rb +1 -1
- data/src/ruby/spec/generic/active_call_spec.rb +2 -2
- data/src/ruby/spec/generic/client_stub_spec.rb +4 -4
- data/src/ruby/spec/generic/rpc_server_spec.rb +1 -1
- data/src/ruby/spec/server_credentials_spec.rb +25 -0
- data/src/ruby/spec/server_spec.rb +22 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +1 -0
- data/third_party/boringssl-with-bazel/err_data.c +715 -713
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +15 -14
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_locl.h +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +28 -79
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +39 -85
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +5 -16
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +10 -61
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +158 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +8 -9
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +60 -45
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +6 -81
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +11 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/dh_asn1.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/params.c +179 -0
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +25 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +2 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +21 -13
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/check.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/dh.c +136 -213
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +12 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +28 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +135 -43
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +0 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +51 -32
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +147 -0
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +18 -29
- data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +13 -4
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +7 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +1 -29
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_r2x.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +29 -23
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +22 -17
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +39 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +11 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +25 -25
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +40 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +25 -36
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +6 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +3 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +652 -545
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +0 -167
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +10 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +62 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +22 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +19 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +22 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +56 -26
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +15 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +12 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +2 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +67 -33
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +27 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +287 -99
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +139 -36
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +4 -3
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +11 -20
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +10 -5
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +37 -16
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +0 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +7 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +20 -14
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +7 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +5 -7
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +362 -50
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +48 -15
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +66 -24
- data/third_party/xxhash/xxhash.h +5443 -0
- metadata +140 -84
- data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.h +0 -60
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.c +0 -52
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.h +0 -143
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.c +0 -42
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.h +0 -84
- data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.h +0 -94
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.c +0 -54
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.h +0 -173
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.c +0 -36
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.h +0 -92
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.c +0 -42
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.h +0 -35
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.c +0 -62
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.h +0 -40
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.c +0 -45
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.h +0 -40
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.c +0 -49
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.h +0 -35
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.c +0 -68
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.h +0 -40
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.c +0 -51
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.h +0 -35
- data/src/core/lib/iomgr/iomgr_posix.h +0 -26
- data/src/core/lib/security/authorization/authorization_engine.cc +0 -177
- data/src/core/lib/security/authorization/authorization_engine.h +0 -84
- data/src/core/lib/security/authorization/evaluate_args.cc +0 -148
- data/src/core/lib/security/authorization/evaluate_args.h +0 -59
- data/src/core/lib/security/authorization/mock_cel/activation.h +0 -57
- data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +0 -44
- data/src/core/lib/security/authorization/mock_cel/cel_expression.h +0 -69
- data/src/core/lib/security/authorization/mock_cel/cel_value.h +0 -97
- data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +0 -67
- data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +0 -57
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +0 -504
- data/third_party/upb/upb/json_decode.c +0 -1443
- data/third_party/upb/upb/json_decode.h +0 -23
- data/third_party/upb/upb/json_encode.c +0 -713
- data/third_party/upb/upb/json_encode.h +0 -36
@@ -21,6 +21,8 @@
|
|
21
21
|
#include <openssl/aes.h>
|
22
22
|
#include <openssl/bn.h>
|
23
23
|
#include <openssl/des.h>
|
24
|
+
#include <openssl/dh.h>
|
25
|
+
#include <openssl/digest.h>
|
24
26
|
#include <openssl/ec.h>
|
25
27
|
#include <openssl/ecdsa.h>
|
26
28
|
#include <openssl/ec_key.h>
|
@@ -31,6 +33,7 @@
|
|
31
33
|
#include "../../internal.h"
|
32
34
|
#include "../ec/internal.h"
|
33
35
|
#include "../rand/internal.h"
|
36
|
+
#include "../tls/internal.h"
|
34
37
|
|
35
38
|
|
36
39
|
// MSVC wants to put a NUL byte at the end of non-char arrays and so cannot
|
@@ -244,6 +247,41 @@ static EC_KEY *self_test_ecdsa_key(void) {
|
|
244
247
|
return ec_key;
|
245
248
|
}
|
246
249
|
|
250
|
+
static DH *self_test_dh(void) {
|
251
|
+
DH *dh = DH_get_rfc7919_2048();
|
252
|
+
if (!dh) {
|
253
|
+
return NULL;
|
254
|
+
}
|
255
|
+
|
256
|
+
BIGNUM *priv = BN_new();
|
257
|
+
if (!priv) {
|
258
|
+
goto err;
|
259
|
+
}
|
260
|
+
|
261
|
+
// kFFDHE2048PrivateKeyData is a 225-bit value. (225 because that's the
|
262
|
+
// minimum private key size in
|
263
|
+
// https://tools.ietf.org/html/rfc7919#appendix-A.1.)
|
264
|
+
static const BN_ULONG kFFDHE2048PrivateKeyData[] = {
|
265
|
+
TOBN(0x187be36b, 0xd38a4fa1),
|
266
|
+
TOBN(0x0a152f39, 0x6458f3b8),
|
267
|
+
TOBN(0x0570187e, 0xc422eeb7),
|
268
|
+
TOBN(0x00000001, 0x91173f2a),
|
269
|
+
};
|
270
|
+
|
271
|
+
bn_set_static_words(priv, kFFDHE2048PrivateKeyData,
|
272
|
+
OPENSSL_ARRAY_SIZE(kFFDHE2048PrivateKeyData));
|
273
|
+
|
274
|
+
if (!DH_set0_key(dh, NULL, priv)) {
|
275
|
+
goto err;
|
276
|
+
}
|
277
|
+
return dh;
|
278
|
+
|
279
|
+
err:
|
280
|
+
BN_free(priv);
|
281
|
+
DH_free(dh);
|
282
|
+
return NULL;
|
283
|
+
}
|
284
|
+
|
247
285
|
#if defined(OPENSSL_ANDROID)
|
248
286
|
static const size_t kModuleDigestSize = SHA256_DIGEST_LENGTH;
|
249
287
|
#else
|
@@ -460,6 +498,81 @@ int boringssl_fips_self_test(
|
|
460
498
|
0x00,
|
461
499
|
#endif
|
462
500
|
};
|
501
|
+
const uint8_t kTLSOutput[32] = {
|
502
|
+
0x67, 0x85, 0xde, 0x60, 0xfc, 0x0a, 0x83, 0xe9, 0xa2, 0x2a, 0xb3,
|
503
|
+
0xf0, 0x27, 0x0c, 0xba, 0xf7, 0xfa, 0x82, 0x3d, 0x14, 0x77, 0x1d,
|
504
|
+
0x86, 0x29, 0x79, 0x39, 0x77, 0x8a, 0xd5, 0x0e, 0x9d,
|
505
|
+
#if !defined(BORINGSSL_FIPS_BREAK_TLS_KDF)
|
506
|
+
0x32,
|
507
|
+
#else
|
508
|
+
0x00,
|
509
|
+
#endif
|
510
|
+
};
|
511
|
+
const uint8_t kTLSSecret[32] = {
|
512
|
+
0xbf, 0xe4, 0xb7, 0xe0, 0x26, 0x55, 0x5f, 0x6a, 0xdf, 0x5d, 0x27,
|
513
|
+
0xd6, 0x89, 0x99, 0x2a, 0xd6, 0xf7, 0x65, 0x66, 0x07, 0x4b, 0x55,
|
514
|
+
0x5f, 0x64, 0x55, 0xcd, 0xd5, 0x77, 0xa4, 0xc7, 0x09, 0x61,
|
515
|
+
};
|
516
|
+
const char kTLSLabel[] = "FIPS self test";
|
517
|
+
const uint8_t kTLSSeed1[16] = {
|
518
|
+
0x8f, 0x0d, 0xe8, 0xb6, 0x90, 0x8f, 0xb1, 0xd2,
|
519
|
+
0x6d, 0x51, 0xf4, 0x79, 0x18, 0x63, 0x51, 0x65,
|
520
|
+
};
|
521
|
+
const uint8_t kTLSSeed2[16] = {
|
522
|
+
0x7d, 0x24, 0x1a, 0x9d, 0x3c, 0x59, 0xbf, 0x3c,
|
523
|
+
0x31, 0x1e, 0x2b, 0x21, 0x41, 0x8d, 0x32, 0x81,
|
524
|
+
};
|
525
|
+
|
526
|
+
// kFFDHE2048PublicValueData is an arbitrary public value, mod
|
527
|
+
// kFFDHE2048Data. (The private key happens to be 4096.)
|
528
|
+
static const BN_ULONG kFFDHE2048PublicValueData[] = {
|
529
|
+
TOBN(0x187be36b, 0xd38a4fa1), TOBN(0x0a152f39, 0x6458f3b8),
|
530
|
+
TOBN(0x0570187e, 0xc422eeb7), TOBN(0x18af7482, 0x91173f2a),
|
531
|
+
TOBN(0xe9fdac6a, 0xcff4eaaa), TOBN(0xf6afebb7, 0x6e589d6c),
|
532
|
+
TOBN(0xf92f8e9a, 0xb7e33fb0), TOBN(0x70acf2aa, 0x4cf36ddd),
|
533
|
+
TOBN(0x561ab426, 0xd07137fd), TOBN(0x5f57d037, 0x430ee91e),
|
534
|
+
TOBN(0xe3e768c8, 0x60d10b8a), TOBN(0xb14884d8, 0xa18af8ce),
|
535
|
+
TOBN(0xf8a98014, 0xa12b74e4), TOBN(0x748d407c, 0x3437b7a8),
|
536
|
+
TOBN(0x627588c4, 0x9875d5a7), TOBN(0xdd24a127, 0x53c8f09d),
|
537
|
+
TOBN(0x85a997d5, 0x0cd51aec), TOBN(0x44f0c619, 0xce348458),
|
538
|
+
TOBN(0x9b894b24, 0x5f6b69a1), TOBN(0xae1302f2, 0xf6d4777e),
|
539
|
+
TOBN(0xe6678eeb, 0x375db18e), TOBN(0x2674e1d6, 0x4fbcbdc8),
|
540
|
+
TOBN(0xb297a823, 0x6fa93d28), TOBN(0x6a12fb70, 0x7c8c0510),
|
541
|
+
TOBN(0x5c6d1aeb, 0xdb06f65b), TOBN(0xe8c2954e, 0x4c1804ca),
|
542
|
+
TOBN(0x06bdeac1, 0xf5500fa7), TOBN(0x6a315604, 0x189cd76b),
|
543
|
+
TOBN(0xbae7b0b3, 0x6e362dc0), TOBN(0xa57c73bd, 0xdc70fb82),
|
544
|
+
TOBN(0xfaff50d2, 0x9d573457), TOBN(0x352bd399, 0xbe84058e),
|
545
|
+
};
|
546
|
+
|
547
|
+
const uint8_t kDHOutput[2048 / 8] = {
|
548
|
+
0x2a, 0xe6, 0xd3, 0xa6, 0x13, 0x58, 0x8e, 0xce, 0x53, 0xaa, 0xf6, 0x5d,
|
549
|
+
0x9a, 0xae, 0x02, 0x12, 0xf5, 0x80, 0x3d, 0x06, 0x09, 0x76, 0xac, 0x57,
|
550
|
+
0x37, 0x9e, 0xab, 0x38, 0x62, 0x25, 0x05, 0x1d, 0xf3, 0xa9, 0x39, 0x60,
|
551
|
+
0xf6, 0xae, 0x90, 0xed, 0x1e, 0xad, 0x6e, 0xe9, 0xe3, 0xba, 0x27, 0xf6,
|
552
|
+
0xdb, 0x54, 0xdf, 0xe2, 0xbd, 0xbb, 0x7f, 0xf1, 0x81, 0xac, 0x1a, 0xfa,
|
553
|
+
0xdb, 0x87, 0x07, 0x98, 0x76, 0x90, 0x21, 0xf2, 0xae, 0xda, 0x0d, 0x84,
|
554
|
+
0x97, 0x64, 0x0b, 0xbf, 0xb8, 0x8d, 0x10, 0x46, 0xe2, 0xd5, 0xca, 0x1b,
|
555
|
+
0xbb, 0xe5, 0x37, 0xb2, 0x3b, 0x35, 0xd3, 0x1b, 0x65, 0xea, 0xae, 0xf2,
|
556
|
+
0x03, 0xe2, 0xb6, 0xde, 0x22, 0xb7, 0x86, 0x49, 0x79, 0xfe, 0xd7, 0x16,
|
557
|
+
0xf7, 0xdc, 0x9c, 0x59, 0xf5, 0xb7, 0x70, 0xc0, 0x53, 0x42, 0x6f, 0xb1,
|
558
|
+
0xd2, 0x4e, 0x00, 0x25, 0x4b, 0x2d, 0x5a, 0x9b, 0xd0, 0xe9, 0x27, 0x43,
|
559
|
+
0xcc, 0x00, 0x66, 0xea, 0x94, 0x7a, 0x0b, 0xb9, 0x89, 0x0c, 0x5e, 0x94,
|
560
|
+
0xb8, 0x3a, 0x78, 0x9c, 0x4d, 0x84, 0xe6, 0x32, 0x2c, 0x38, 0x7c, 0xf7,
|
561
|
+
0x43, 0x9c, 0xd8, 0xb8, 0x1c, 0xce, 0x24, 0x91, 0x20, 0x67, 0x7a, 0x54,
|
562
|
+
0x1f, 0x7e, 0x86, 0x7f, 0xa1, 0xc1, 0x03, 0x4e, 0x2c, 0x26, 0x71, 0xb2,
|
563
|
+
0x06, 0x30, 0xb3, 0x6c, 0x15, 0xcc, 0xac, 0x25, 0xe5, 0x37, 0x3f, 0x24,
|
564
|
+
0x8f, 0x2a, 0x89, 0x5e, 0x3d, 0x43, 0x94, 0xc9, 0x36, 0xae, 0x40, 0x00,
|
565
|
+
0x6a, 0x0d, 0xb0, 0x6e, 0x8b, 0x2e, 0x70, 0x57, 0xe1, 0x88, 0x53, 0xd6,
|
566
|
+
0x06, 0x80, 0x2a, 0x4e, 0x5a, 0xf0, 0x1e, 0xaa, 0xcb, 0xab, 0x06, 0x0e,
|
567
|
+
0x27, 0x0f, 0xd9, 0x88, 0xd9, 0x01, 0xe3, 0x07, 0xeb, 0xdf, 0xc3, 0x12,
|
568
|
+
0xe3, 0x40, 0x88, 0x7b, 0x5f, 0x59, 0x78, 0x6e, 0x26, 0x20, 0xc3, 0xdf,
|
569
|
+
0xc8, 0xe4, 0x5e,
|
570
|
+
#if !defined(BORINGSSL_FIPS_BREAK_FFC_DH)
|
571
|
+
0xb8,
|
572
|
+
#else
|
573
|
+
0x00,
|
574
|
+
#endif
|
575
|
+
};
|
463
576
|
|
464
577
|
EVP_AEAD_CTX aead_ctx;
|
465
578
|
EVP_AEAD_CTX_zero(&aead_ctx);
|
@@ -666,6 +779,29 @@ int boringssl_fips_self_test(
|
|
666
779
|
goto err;
|
667
780
|
}
|
668
781
|
|
782
|
+
// FFC Diffie-Hellman KAT
|
783
|
+
|
784
|
+
BIGNUM *const ffdhe2048_value = BN_new();
|
785
|
+
DH *const dh = self_test_dh();
|
786
|
+
int dh_ok = 0;
|
787
|
+
if (ffdhe2048_value && dh) {
|
788
|
+
bn_set_static_words(ffdhe2048_value, kFFDHE2048PublicValueData,
|
789
|
+
OPENSSL_ARRAY_SIZE(kFFDHE2048PublicValueData));
|
790
|
+
|
791
|
+
uint8_t dh_out[sizeof(kDHOutput)];
|
792
|
+
dh_ok =
|
793
|
+
sizeof(dh_out) == DH_size(dh) &&
|
794
|
+
DH_compute_key_padded(dh_out, ffdhe2048_value, dh) == sizeof(dh_out) &&
|
795
|
+
check_test(kDHOutput, dh_out, sizeof(dh_out), "FFC DH");
|
796
|
+
}
|
797
|
+
|
798
|
+
BN_free(ffdhe2048_value);
|
799
|
+
DH_free(dh);
|
800
|
+
if (!dh_ok) {
|
801
|
+
fprintf(stderr, "FFDH failed.\n");
|
802
|
+
goto err;
|
803
|
+
}
|
804
|
+
|
669
805
|
// DBRG KAT
|
670
806
|
CTR_DRBG_STATE drbg;
|
671
807
|
if (!CTR_DRBG_init(&drbg, kDRBGEntropy, kDRBGPersonalization,
|
@@ -690,6 +826,17 @@ int boringssl_fips_self_test(
|
|
690
826
|
goto err;
|
691
827
|
}
|
692
828
|
|
829
|
+
// TLS KDF KAT
|
830
|
+
uint8_t tls_output[sizeof(kTLSOutput)];
|
831
|
+
if (!CRYPTO_tls1_prf(EVP_sha256(), tls_output, sizeof(tls_output), kTLSSecret,
|
832
|
+
sizeof(kTLSSecret), kTLSLabel, sizeof(kTLSLabel),
|
833
|
+
kTLSSeed1, sizeof(kTLSSeed1), kTLSSeed2,
|
834
|
+
sizeof(kTLSSeed2)) ||
|
835
|
+
!check_test(kTLSOutput, tls_output, sizeof(kTLSOutput), "TLS KDF KAT")) {
|
836
|
+
fprintf(stderr, "TLS KDF failed.\n");
|
837
|
+
goto err;
|
838
|
+
}
|
839
|
+
|
693
840
|
ret = 1;
|
694
841
|
|
695
842
|
#if defined(BORINGSSL_FIPS_SELF_TEST_FLAG_FILE)
|
@@ -27,7 +27,7 @@
|
|
27
27
|
#include "internal.h"
|
28
28
|
|
29
29
|
|
30
|
-
// This file implements draft-irtf-cfrg-hpke-
|
30
|
+
// This file implements draft-irtf-cfrg-hpke-07.
|
31
31
|
|
32
32
|
#define KEM_CONTEXT_LEN (2 * X25519_PUBLIC_VALUE_LEN)
|
33
33
|
|
@@ -40,7 +40,7 @@
|
|
40
40
|
#define HPKE_MODE_BASE 0
|
41
41
|
#define HPKE_MODE_PSK 1
|
42
42
|
|
43
|
-
static const char kHpkeRfcId[] = "HPKE-
|
43
|
+
static const char kHpkeRfcId[] = "HPKE-07";
|
44
44
|
|
45
45
|
static int add_label_string(CBB *cbb, const char *label) {
|
46
46
|
return CBB_add_bytes(cbb, (const uint8_t *)label, strlen(label));
|
@@ -125,7 +125,7 @@ static int hpke_extract_and_expand(const EVP_MD *hkdf_md, uint8_t *out_key,
|
|
125
125
|
return 1;
|
126
126
|
}
|
127
127
|
|
128
|
-
|
128
|
+
const EVP_AEAD *EVP_HPKE_get_aead(uint16_t aead_id) {
|
129
129
|
switch (aead_id) {
|
130
130
|
case EVP_HPKE_AEAD_AES_GCM_128:
|
131
131
|
return EVP_aead_aes_128_gcm();
|
@@ -138,7 +138,7 @@ static const EVP_AEAD *hpke_get_aead(uint16_t aead_id) {
|
|
138
138
|
return NULL;
|
139
139
|
}
|
140
140
|
|
141
|
-
|
141
|
+
const EVP_MD *EVP_HPKE_get_hkdf_md(uint16_t kdf_id) {
|
142
142
|
switch (kdf_id) {
|
143
143
|
case EVP_HPKE_HKDF_SHA256:
|
144
144
|
return EVP_sha256();
|
@@ -174,7 +174,7 @@ static int hpke_key_schedule(EVP_HPKE_CTX *hpke, uint8_t mode,
|
|
174
174
|
}
|
175
175
|
|
176
176
|
// Attempt to get an EVP_AEAD*.
|
177
|
-
const EVP_AEAD *aead =
|
177
|
+
const EVP_AEAD *aead = EVP_HPKE_get_aead(hpke->aead_id);
|
178
178
|
if (aead == NULL) {
|
179
179
|
return 0;
|
180
180
|
}
|
@@ -216,24 +216,13 @@ static int hpke_key_schedule(EVP_HPKE_CTX *hpke, uint8_t mode,
|
|
216
216
|
return 0;
|
217
217
|
}
|
218
218
|
|
219
|
-
//
|
220
|
-
static const char kPskHashLabel[] = "psk_hash";
|
221
|
-
uint8_t psk_hash[EVP_MAX_MD_SIZE];
|
222
|
-
size_t psk_hash_len;
|
223
|
-
if (!hpke_labeled_extract(hpke->hkdf_md, psk_hash, &psk_hash_len, NULL, 0,
|
224
|
-
suite_id, sizeof(suite_id), kPskHashLabel, psk,
|
225
|
-
psk_len)) {
|
226
|
-
return 0;
|
227
|
-
}
|
228
|
-
|
229
|
-
// secret = LabeledExtract(psk_hash, "secret", shared_secret)
|
219
|
+
// secret = LabeledExtract(shared_secret, "secret", psk)
|
230
220
|
static const char kSecretExtractLabel[] = "secret";
|
231
221
|
uint8_t secret[EVP_MAX_MD_SIZE];
|
232
222
|
size_t secret_len;
|
233
|
-
if (!hpke_labeled_extract(hpke->hkdf_md, secret, &secret_len,
|
234
|
-
|
235
|
-
kSecretExtractLabel,
|
236
|
-
shared_secret_len)) {
|
223
|
+
if (!hpke_labeled_extract(hpke->hkdf_md, secret, &secret_len, shared_secret,
|
224
|
+
shared_secret_len, suite_id, sizeof(suite_id),
|
225
|
+
kSecretExtractLabel, psk, psk_len)) {
|
237
226
|
return 0;
|
238
227
|
}
|
239
228
|
|
@@ -252,9 +241,9 @@ static int hpke_key_schedule(EVP_HPKE_CTX *hpke, uint8_t mode,
|
|
252
241
|
return 0;
|
253
242
|
}
|
254
243
|
|
255
|
-
//
|
256
|
-
static const char kNonceExpandLabel[] = "
|
257
|
-
if (!hpke_labeled_expand(hpke->hkdf_md, hpke->
|
244
|
+
// base_nonce = LabeledExpand(secret, "base_nonce", key_schedule_context, Nn)
|
245
|
+
static const char kNonceExpandLabel[] = "base_nonce";
|
246
|
+
if (!hpke_labeled_expand(hpke->hkdf_md, hpke->base_nonce,
|
258
247
|
EVP_AEAD_nonce_length(aead), secret, secret_len,
|
259
248
|
suite_id, sizeof(suite_id), kNonceExpandLabel,
|
260
249
|
context, context_len)) {
|
@@ -351,7 +340,7 @@ int EVP_HPKE_CTX_setup_base_s_x25519_for_test(
|
|
351
340
|
hpke->is_sender = 1;
|
352
341
|
hpke->kdf_id = kdf_id;
|
353
342
|
hpke->aead_id = aead_id;
|
354
|
-
hpke->hkdf_md =
|
343
|
+
hpke->hkdf_md = EVP_HPKE_get_hkdf_md(kdf_id);
|
355
344
|
if (hpke->hkdf_md == NULL) {
|
356
345
|
return 0;
|
357
346
|
}
|
@@ -375,7 +364,7 @@ int EVP_HPKE_CTX_setup_base_r_x25519(
|
|
375
364
|
hpke->is_sender = 0;
|
376
365
|
hpke->kdf_id = kdf_id;
|
377
366
|
hpke->aead_id = aead_id;
|
378
|
-
hpke->hkdf_md =
|
367
|
+
hpke->hkdf_md = EVP_HPKE_get_hkdf_md(kdf_id);
|
379
368
|
if (hpke->hkdf_md == NULL) {
|
380
369
|
return 0;
|
381
370
|
}
|
@@ -415,7 +404,7 @@ int EVP_HPKE_CTX_setup_psk_s_x25519_for_test(
|
|
415
404
|
hpke->is_sender = 1;
|
416
405
|
hpke->kdf_id = kdf_id;
|
417
406
|
hpke->aead_id = aead_id;
|
418
|
-
hpke->hkdf_md =
|
407
|
+
hpke->hkdf_md = EVP_HPKE_get_hkdf_md(kdf_id);
|
419
408
|
if (hpke->hkdf_md == NULL) {
|
420
409
|
return 0;
|
421
410
|
}
|
@@ -440,7 +429,7 @@ int EVP_HPKE_CTX_setup_psk_r_x25519(
|
|
440
429
|
hpke->is_sender = 0;
|
441
430
|
hpke->kdf_id = kdf_id;
|
442
431
|
hpke->aead_id = aead_id;
|
443
|
-
hpke->hkdf_md =
|
432
|
+
hpke->hkdf_md = EVP_HPKE_get_hkdf_md(kdf_id);
|
444
433
|
if (hpke->hkdf_md == NULL) {
|
445
434
|
return 0;
|
446
435
|
}
|
@@ -466,9 +455,9 @@ static void hpke_nonce(const EVP_HPKE_CTX *hpke, uint8_t *out_nonce,
|
|
466
455
|
seq_copy >>= 8;
|
467
456
|
}
|
468
457
|
|
469
|
-
// XOR the encoded sequence with the |hpke->
|
458
|
+
// XOR the encoded sequence with the |hpke->base_nonce|.
|
470
459
|
for (size_t i = 0; i < nonce_len; i++) {
|
471
|
-
out_nonce[i] ^= hpke->
|
460
|
+
out_nonce[i] ^= hpke->base_nonce[i];
|
472
461
|
}
|
473
462
|
}
|
474
463
|
|
@@ -18,6 +18,7 @@
|
|
18
18
|
#include <openssl/aead.h>
|
19
19
|
#include <openssl/base.h>
|
20
20
|
#include <openssl/curve25519.h>
|
21
|
+
#include <openssl/digest.h>
|
21
22
|
|
22
23
|
#if defined(__cplusplus)
|
23
24
|
extern "C" {
|
@@ -30,7 +31,7 @@ extern "C" {
|
|
30
31
|
// receiver with a public key. Optionally, the sender may authenticate its
|
31
32
|
// possession of a pre-shared key to the recipient.
|
32
33
|
//
|
33
|
-
// See https://tools.ietf.org/html/draft-irtf-cfrg-hpke-
|
34
|
+
// See https://tools.ietf.org/html/draft-irtf-cfrg-hpke-07.
|
34
35
|
|
35
36
|
// EVP_HPKE_AEAD_* are AEAD identifiers.
|
36
37
|
#define EVP_HPKE_AEAD_AES_GCM_128 0x0001
|
@@ -55,7 +56,7 @@ typedef struct evp_hpke_ctx_st {
|
|
55
56
|
EVP_AEAD_CTX aead_ctx;
|
56
57
|
uint16_t kdf_id;
|
57
58
|
uint16_t aead_id;
|
58
|
-
uint8_t
|
59
|
+
uint8_t base_nonce[EVP_AEAD_MAX_NONCE_LENGTH];
|
59
60
|
uint8_t exporter_secret[EVP_MAX_MD_SIZE];
|
60
61
|
uint64_t seq;
|
61
62
|
int is_sender;
|
@@ -77,8 +78,8 @@ OPENSSL_EXPORT void EVP_HPKE_CTX_cleanup(EVP_HPKE_CTX *ctx);
|
|
77
78
|
// In each of the following functions, |hpke| must have been initialized with
|
78
79
|
// |EVP_HPKE_CTX_init|. |kdf_id| selects the KDF for non-KEM HPKE operations and
|
79
80
|
// must be one of the |EVP_HPKE_HKDF_*| constants. |aead_id| selects the AEAD
|
80
|
-
// for the "open" and "seal" operations and must be one of the |EVP_HPKE_AEAD_
|
81
|
-
// constants.
|
81
|
+
// for the "open" and "seal" operations and must be one of the |EVP_HPKE_AEAD_*|
|
82
|
+
// constants.
|
82
83
|
|
83
84
|
// EVP_HPKE_CTX_setup_base_s_x25519 sets up |hpke| as a sender context that can
|
84
85
|
// encrypt for the private key corresponding to |peer_public_value| (the
|
@@ -215,6 +216,14 @@ OPENSSL_EXPORT int EVP_HPKE_CTX_export(const EVP_HPKE_CTX *hpke, uint8_t *out,
|
|
215
216
|
// set up as a sender.
|
216
217
|
OPENSSL_EXPORT size_t EVP_HPKE_CTX_max_overhead(const EVP_HPKE_CTX *hpke);
|
217
218
|
|
219
|
+
// EVP_HPKE_get_aead returns the AEAD corresponding to |aead_id|, or NULL if
|
220
|
+
// |aead_id| is not a known AEAD identifier.
|
221
|
+
OPENSSL_EXPORT const EVP_AEAD *EVP_HPKE_get_aead(uint16_t aead_id);
|
222
|
+
|
223
|
+
// EVP_HPKE_get_hkdf_md returns the hash function associated with |kdf_id|, or
|
224
|
+
// NULL if |kdf_id| is not a known KDF identifier that uses HKDF.
|
225
|
+
OPENSSL_EXPORT const EVP_MD *EVP_HPKE_get_hkdf_md(uint16_t kdf_id);
|
226
|
+
|
218
227
|
|
219
228
|
#if defined(__cplusplus)
|
220
229
|
} // extern C
|
@@ -46,10 +46,14 @@ struct poly1305_state_st {
|
|
46
46
|
uint32_t s1, s2, s3, s4;
|
47
47
|
uint32_t h0, h1, h2, h3, h4;
|
48
48
|
uint8_t buf[16];
|
49
|
-
|
49
|
+
size_t buf_used;
|
50
50
|
uint8_t key[16];
|
51
51
|
};
|
52
52
|
|
53
|
+
OPENSSL_STATIC_ASSERT(
|
54
|
+
sizeof(struct poly1305_state_st) + 63 <= sizeof(poly1305_state),
|
55
|
+
"poly1305_state isn't large enough to hold aligned poly1305_state_st");
|
56
|
+
|
53
57
|
static inline struct poly1305_state_st *poly1305_aligned_state(
|
54
58
|
poly1305_state *state) {
|
55
59
|
return (struct poly1305_state_st *)(((uintptr_t)state + 63) & ~63);
|
@@ -200,7 +204,6 @@ void CRYPTO_poly1305_init(poly1305_state *statep, const uint8_t key[32]) {
|
|
200
204
|
|
201
205
|
void CRYPTO_poly1305_update(poly1305_state *statep, const uint8_t *in,
|
202
206
|
size_t in_len) {
|
203
|
-
unsigned int i;
|
204
207
|
struct poly1305_state_st *state = poly1305_aligned_state(statep);
|
205
208
|
|
206
209
|
#if defined(OPENSSL_POLY1305_NEON)
|
@@ -211,11 +214,11 @@ void CRYPTO_poly1305_update(poly1305_state *statep, const uint8_t *in,
|
|
211
214
|
#endif
|
212
215
|
|
213
216
|
if (state->buf_used) {
|
214
|
-
|
217
|
+
size_t todo = 16 - state->buf_used;
|
215
218
|
if (todo > in_len) {
|
216
|
-
todo =
|
219
|
+
todo = in_len;
|
217
220
|
}
|
218
|
-
for (i = 0; i < todo; i++) {
|
221
|
+
for (size_t i = 0; i < todo; i++) {
|
219
222
|
state->buf[state->buf_used + i] = in[i];
|
220
223
|
}
|
221
224
|
state->buf_used += todo;
|
@@ -236,10 +239,10 @@ void CRYPTO_poly1305_update(poly1305_state *statep, const uint8_t *in,
|
|
236
239
|
}
|
237
240
|
|
238
241
|
if (in_len) {
|
239
|
-
for (i = 0; i < in_len; i++) {
|
242
|
+
for (size_t i = 0; i < in_len; i++) {
|
240
243
|
state->buf[i] = in[i];
|
241
244
|
}
|
242
|
-
state->buf_used =
|
245
|
+
state->buf_used = in_len;
|
243
246
|
}
|
244
247
|
}
|
245
248
|
|
@@ -36,7 +36,7 @@ extern void addmulmod(fe1305x2 *r, const fe1305x2 *x, const fe1305x2 *y,
|
|
36
36
|
const fe1305x2 *c);
|
37
37
|
|
38
38
|
extern int blocks(fe1305x2 *h, const fe1305x2 *precomp, const uint8_t *in,
|
39
|
-
|
39
|
+
size_t inlen);
|
40
40
|
|
41
41
|
static void freeze(fe1305x2 *r) {
|
42
42
|
int i;
|
@@ -136,7 +136,7 @@ static void fe1305x2_tobytearray(uint8_t r[16], fe1305x2 *x) {
|
|
136
136
|
}
|
137
137
|
|
138
138
|
static void fe1305x2_frombytearray(fe1305x2 *r, const uint8_t *x, size_t xlen) {
|
139
|
-
|
139
|
+
size_t i;
|
140
140
|
uint8_t t[17];
|
141
141
|
|
142
142
|
for (i = 0; (i < 16) && (i < xlen); i++) {
|
@@ -179,17 +179,20 @@ static const alignas(16) fe1305x2 zero;
|
|
179
179
|
struct poly1305_state_st {
|
180
180
|
uint8_t data[sizeof(fe1305x2[5]) + 128];
|
181
181
|
uint8_t buf[32];
|
182
|
-
|
182
|
+
size_t buf_used;
|
183
183
|
uint8_t key[16];
|
184
184
|
};
|
185
185
|
|
186
|
+
OPENSSL_STATIC_ASSERT(
|
187
|
+
sizeof(struct poly1305_state_st) + 63 <= sizeof(poly1305_state),
|
188
|
+
"poly1305_state isn't large enough to hold aligned poly1305_state_st.");
|
189
|
+
|
186
190
|
void CRYPTO_poly1305_init_neon(poly1305_state *state, const uint8_t key[32]) {
|
187
191
|
struct poly1305_state_st *st = (struct poly1305_state_st *)(state);
|
188
192
|
fe1305x2 *const r = (fe1305x2 *)(st->data + (15 & (-(int)st->data)));
|
189
193
|
fe1305x2 *const h = r + 1;
|
190
194
|
fe1305x2 *const c = h + 1;
|
191
195
|
fe1305x2 *const precomp = c + 1;
|
192
|
-
unsigned int j;
|
193
196
|
|
194
197
|
r->v[1] = r->v[0] = 0x3ffffff & load32(key);
|
195
198
|
r->v[3] = r->v[2] = 0x3ffff03 & (load32(key + 3) >> 2);
|
@@ -197,7 +200,7 @@ void CRYPTO_poly1305_init_neon(poly1305_state *state, const uint8_t key[32]) {
|
|
197
200
|
r->v[7] = r->v[6] = 0x3f03fff & (load32(key + 9) >> 6);
|
198
201
|
r->v[9] = r->v[8] = 0x00fffff & (load32(key + 12) >> 8);
|
199
202
|
|
200
|
-
for (j = 0; j < 10; j++) {
|
203
|
+
for (size_t j = 0; j < 10; j++) {
|
201
204
|
h->v[j] = 0; // XXX: should fast-forward a bit
|
202
205
|
}
|
203
206
|
|
@@ -215,14 +218,13 @@ void CRYPTO_poly1305_update_neon(poly1305_state *state, const uint8_t *in,
|
|
215
218
|
fe1305x2 *const h = r + 1;
|
216
219
|
fe1305x2 *const c = h + 1;
|
217
220
|
fe1305x2 *const precomp = c + 1;
|
218
|
-
unsigned int i;
|
219
221
|
|
220
222
|
if (st->buf_used) {
|
221
|
-
|
223
|
+
size_t todo = 32 - st->buf_used;
|
222
224
|
if (todo > in_len) {
|
223
225
|
todo = in_len;
|
224
226
|
}
|
225
|
-
for (i = 0; i < todo; i++) {
|
227
|
+
for (size_t i = 0; i < todo; i++) {
|
226
228
|
st->buf[st->buf_used + i] = in[i];
|
227
229
|
}
|
228
230
|
st->buf_used += todo;
|
@@ -232,7 +234,7 @@ void CRYPTO_poly1305_update_neon(poly1305_state *state, const uint8_t *in,
|
|
232
234
|
if (st->buf_used == sizeof(st->buf) && in_len) {
|
233
235
|
addmulmod(h, h, precomp, &zero);
|
234
236
|
fe1305x2_frombytearray(c, st->buf, sizeof(st->buf));
|
235
|
-
for (i = 0; i < 10; i++) {
|
237
|
+
for (size_t i = 0; i < 10; i++) {
|
236
238
|
h->v[i] += c->v[i];
|
237
239
|
}
|
238
240
|
st->buf_used = 0;
|
@@ -240,7 +242,7 @@ void CRYPTO_poly1305_update_neon(poly1305_state *state, const uint8_t *in,
|
|
240
242
|
}
|
241
243
|
|
242
244
|
while (in_len > 32) {
|
243
|
-
|
245
|
+
size_t tlen = 1048576;
|
244
246
|
if (in_len < tlen) {
|
245
247
|
tlen = in_len;
|
246
248
|
}
|
@@ -250,7 +252,7 @@ void CRYPTO_poly1305_update_neon(poly1305_state *state, const uint8_t *in,
|
|
250
252
|
}
|
251
253
|
|
252
254
|
if (in_len) {
|
253
|
-
for (i = 0; i < in_len; i++) {
|
255
|
+
for (size_t i = 0; i < in_len; i++) {
|
254
256
|
st->buf[i] = in[i];
|
255
257
|
}
|
256
258
|
st->buf_used = in_len;
|