grpc 1.35.0 → 1.36.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of grpc might be problematic. Click here for more details.

Files changed (335) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +60 -57
  3. data/include/grpc/grpc_security.h +16 -11
  4. data/src/core/ext/filters/client_channel/client_channel.cc +32 -26
  5. data/src/core/ext/filters/client_channel/client_channel.h +0 -2
  6. data/src/core/ext/filters/client_channel/config_selector.h +1 -1
  7. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +2 -2
  8. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +3 -5
  9. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -2
  10. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -2
  11. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +1 -1
  12. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +8 -6
  13. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +289 -170
  14. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +5 -0
  15. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +1 -3
  16. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +231 -109
  17. data/src/core/ext/filters/client_channel/resolver.cc +2 -5
  18. data/src/core/ext/filters/client_channel/resolver.h +1 -12
  19. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +36 -45
  20. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +29 -41
  21. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +16 -14
  22. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +18 -15
  23. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +362 -0
  24. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +4 -4
  25. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +22 -74
  26. data/src/core/ext/filters/client_channel/server_address.cc +6 -0
  27. data/src/core/ext/filters/client_channel/server_address.h +31 -0
  28. data/src/core/ext/filters/client_channel/subchannel.cc +2 -2
  29. data/src/core/ext/filters/max_age/max_age_filter.cc +35 -32
  30. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +1 -1
  31. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +47 -22
  32. data/src/core/ext/transport/chttp2/server/chttp2_server.h +11 -2
  33. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +11 -1
  34. data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +62 -18
  35. data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +0 -1
  36. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +11 -16
  37. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +42 -59
  38. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +3 -2
  39. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +15 -0
  40. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +25 -1
  41. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +75 -0
  42. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +2 -2
  43. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +9 -9
  44. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +7 -7
  45. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +28 -13
  46. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +0 -1
  47. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +11 -5
  48. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +41 -7
  49. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +0 -1
  50. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -21
  51. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +122 -77
  52. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +13 -9
  53. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +37 -5
  54. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +0 -1
  55. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +11 -9
  56. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +44 -27
  57. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +42 -16
  58. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +106 -0
  59. data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +0 -1
  60. data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +29 -0
  61. data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +67 -0
  62. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +13 -16
  63. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +51 -42
  64. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +0 -1
  65. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +16 -13
  66. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +50 -18
  67. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +4 -7
  68. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +0 -17
  69. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +0 -1
  70. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +30 -23
  71. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +85 -73
  72. data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +0 -3
  73. data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +0 -3
  74. data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +0 -1
  75. data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +0 -2
  76. data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +0 -1
  77. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +21 -4
  78. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +29 -0
  79. data/src/core/ext/upb-generated/{udpa/core/v1 → xds/core/v3}/authority.upb.c +5 -5
  80. data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +60 -0
  81. data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +52 -0
  82. data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +143 -0
  83. data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +42 -0
  84. data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +84 -0
  85. data/src/core/ext/upb-generated/{udpa/core/v1 → xds/core/v3}/resource.upb.c +9 -9
  86. data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +94 -0
  87. data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +54 -0
  88. data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +166 -0
  89. data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +36 -0
  90. data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +85 -0
  91. data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +168 -171
  92. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +405 -420
  93. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +2 -2
  94. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +12 -9
  95. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +177 -171
  96. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +10 -0
  97. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +88 -88
  98. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +153 -153
  99. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +4 -7
  100. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +33 -20
  101. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +56 -59
  102. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +116 -111
  103. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +129 -121
  104. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +21 -24
  105. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +17 -13
  106. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +747 -724
  107. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +5 -0
  108. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +22 -25
  109. data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +51 -0
  110. data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +35 -0
  111. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +369 -376
  112. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +12 -16
  113. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +112 -108
  114. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +45 -53
  115. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +177 -180
  116. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +92 -102
  117. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +5 -0
  118. data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +32 -42
  119. data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +30 -40
  120. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +4 -7
  121. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +38 -44
  122. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +30 -33
  123. data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +14 -11
  124. data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +42 -0
  125. data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +35 -0
  126. data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +62 -0
  127. data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +40 -0
  128. data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +45 -0
  129. data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +40 -0
  130. data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +49 -0
  131. data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +35 -0
  132. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +67 -0
  133. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +40 -0
  134. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +50 -0
  135. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +35 -0
  136. data/src/core/ext/xds/xds_api.cc +738 -567
  137. data/src/core/ext/xds/xds_api.h +46 -84
  138. data/src/core/ext/xds/xds_bootstrap.cc +59 -40
  139. data/src/core/ext/xds/xds_bootstrap.h +12 -4
  140. data/src/core/ext/xds/xds_certificate_provider.cc +180 -74
  141. data/src/core/ext/xds/xds_certificate_provider.h +83 -44
  142. data/src/core/ext/xds/xds_client.cc +13 -11
  143. data/src/core/ext/xds/xds_client.h +3 -0
  144. data/src/core/ext/xds/xds_client_stats.cc +2 -1
  145. data/src/core/ext/xds/xds_server_config_fetcher.cc +147 -11
  146. data/src/core/lib/channel/handshaker.cc +2 -5
  147. data/src/core/lib/channel/handshaker.h +1 -1
  148. data/src/core/lib/gpr/log.cc +6 -1
  149. data/src/core/lib/gprpp/mpscq.cc +2 -2
  150. data/src/core/lib/gprpp/ref_counted.h +1 -1
  151. data/src/core/lib/gprpp/sync.h +129 -40
  152. data/src/core/lib/gprpp/time_util.cc +77 -0
  153. data/src/core/lib/gprpp/time_util.h +42 -0
  154. data/src/core/lib/http/httpcli_security_connector.cc +2 -2
  155. data/src/core/lib/iomgr/ev_apple.cc +10 -7
  156. data/src/core/lib/iomgr/ev_epollex_linux.cc +4 -4
  157. data/src/core/lib/iomgr/iomgr_posix.cc +0 -1
  158. data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +0 -1
  159. data/src/core/lib/iomgr/sockaddr_utils.cc +1 -1
  160. data/src/core/lib/iomgr/socket_utils_common_posix.cc +1 -0
  161. data/src/core/lib/iomgr/tcp_client_posix.cc +1 -1
  162. data/src/core/lib/iomgr/tcp_posix.cc +4 -4
  163. data/src/core/lib/security/authorization/matchers.cc +339 -0
  164. data/src/core/lib/security/authorization/matchers.h +158 -0
  165. data/src/core/lib/security/authorization/mock_cel/activation.h +1 -1
  166. data/src/core/lib/security/authorization/mock_cel/cel_value.h +9 -7
  167. data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -1
  168. data/src/core/lib/security/credentials/alts/alts_credentials.h +1 -1
  169. data/src/core/lib/security/credentials/credentials.h +2 -1
  170. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +1 -1
  171. data/src/core/lib/security/credentials/external/external_account_credentials.cc +2 -2
  172. data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +1 -1
  173. data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +1 -1
  174. data/src/core/lib/security/credentials/fake/fake_credentials.cc +1 -1
  175. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +7 -6
  176. data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +2 -2
  177. data/src/core/lib/security/credentials/jwt/json_token.cc +0 -3
  178. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +0 -3
  179. data/src/core/lib/security/credentials/local/local_credentials.cc +2 -1
  180. data/src/core/lib/security/credentials/local/local_credentials.h +1 -1
  181. data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +2 -1
  182. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +1 -1
  183. data/src/core/lib/security/credentials/tls/tls_credentials.cc +2 -1
  184. data/src/core/lib/security/credentials/tls/tls_credentials.h +1 -1
  185. data/src/core/lib/security/credentials/xds/xds_credentials.cc +128 -59
  186. data/src/core/lib/security/credentials/xds/xds_credentials.h +3 -3
  187. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +5 -5
  188. data/src/core/lib/security/security_connector/ssl_utils.cc +3 -0
  189. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +26 -14
  190. data/src/core/lib/security/transport/security_handshaker.cc +1 -3
  191. data/src/core/lib/slice/slice_intern.cc +1 -1
  192. data/src/core/lib/surface/init.cc +13 -15
  193. data/src/core/lib/surface/server.cc +3 -3
  194. data/src/core/lib/surface/server.h +3 -0
  195. data/src/core/lib/surface/version.cc +2 -2
  196. data/src/core/lib/transport/metadata.cc +6 -2
  197. data/src/core/plugin_registry/grpc_plugin_registry.cc +6 -0
  198. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +17 -20
  199. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +16 -21
  200. data/src/core/tsi/fake_transport_security.cc +1 -1
  201. data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -3
  202. data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +0 -2
  203. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +2 -4
  204. data/src/core/tsi/ssl_transport_security.cc +0 -3
  205. data/src/core/tsi/ssl_transport_security.h +0 -3
  206. data/src/ruby/lib/grpc/version.rb +1 -1
  207. data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +7 -0
  208. data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +1 -0
  209. data/third_party/boringssl-with-bazel/err_data.c +725 -723
  210. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +3 -3
  211. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +2 -2
  212. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +5 -5
  213. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +3 -10
  214. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +3 -3
  215. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +4 -2
  216. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +2 -2
  217. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +15 -14
  218. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_locl.h +30 -0
  219. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +28 -79
  220. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +39 -85
  221. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +5 -16
  222. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +10 -61
  223. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -2
  224. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +2 -2
  225. data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +4 -0
  226. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +158 -0
  227. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +3 -10
  228. data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +8 -9
  229. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +60 -45
  230. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +6 -81
  231. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +87 -0
  232. data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +41 -0
  233. data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/dh_asn1.c +0 -0
  234. data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/params.c +179 -0
  235. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +25 -0
  236. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +2 -17
  237. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +3 -1
  238. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +13 -20
  239. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +2 -3
  240. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +9 -1
  241. data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/check.c +0 -0
  242. data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/dh.c +136 -213
  243. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +12 -0
  244. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +9 -1
  245. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +28 -0
  246. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +128 -38
  247. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +0 -7
  248. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +51 -32
  249. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +147 -0
  250. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +18 -29
  251. data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +13 -4
  252. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +10 -7
  253. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +13 -11
  254. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +4 -0
  255. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +34 -0
  256. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +4 -0
  257. data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +7 -13
  258. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +5 -1
  259. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +1 -1
  260. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +10 -7
  261. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_r2x.c +1 -1
  262. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +8 -8
  263. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +1 -1
  264. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +29 -23
  265. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +1 -2
  266. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +2 -2
  267. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +39 -6
  268. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +2 -2
  269. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +3 -3
  270. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +11 -10
  271. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -3
  272. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +25 -25
  273. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +2 -2
  274. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +2 -1
  275. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +40 -20
  276. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +3 -4
  277. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +25 -36
  278. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +1 -1
  279. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +6 -6
  280. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +6 -6
  281. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +3 -3
  282. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +652 -545
  283. data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +0 -167
  284. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +10 -5
  285. data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +62 -0
  286. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +22 -7
  287. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +15 -0
  288. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +56 -26
  289. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +1 -0
  290. data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +15 -0
  291. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +12 -2
  292. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +3 -0
  293. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +2 -1
  294. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +42 -24
  295. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +27 -8
  296. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +287 -98
  297. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +139 -36
  298. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +4 -3
  299. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +11 -20
  300. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +10 -5
  301. data/third_party/boringssl-with-bazel/src/ssl/internal.h +37 -16
  302. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +0 -1
  303. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +7 -8
  304. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +20 -14
  305. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +7 -8
  306. data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +2 -2
  307. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +5 -7
  308. data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +329 -31
  309. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +2 -2
  310. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +48 -15
  311. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +66 -24
  312. metadata +77 -65
  313. data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.h +0 -60
  314. data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.c +0 -52
  315. data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.h +0 -143
  316. data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.c +0 -42
  317. data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.h +0 -84
  318. data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.h +0 -94
  319. data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.c +0 -54
  320. data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.h +0 -173
  321. data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.c +0 -36
  322. data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.h +0 -92
  323. data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.c +0 -42
  324. data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.h +0 -35
  325. data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.c +0 -62
  326. data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.h +0 -40
  327. data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.c +0 -45
  328. data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.h +0 -40
  329. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.c +0 -49
  330. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.h +0 -35
  331. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.c +0 -68
  332. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.h +0 -40
  333. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.c +0 -51
  334. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.h +0 -35
  335. data/src/core/lib/iomgr/iomgr_posix.h +0 -26
data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c CHANGED
@@ -59,10 +59,12 @@
59
59
  #include <string.h>
60
60
 
61
61
  #include <openssl/asn1.h>
62
+ #include <openssl/blake2.h>
62
63
  #include <openssl/bytestring.h>
63
64
  #include <openssl/nid.h>
64
65
 
65
66
  #include "../internal.h"
67
+ #include "../fipsmodule/digest/internal.h"
66
68
 
67
69
 
68
70
  struct nid_to_digest {
@@ -238,3 +240,26 @@ const EVP_MD *EVP_get_digestbyname(const char *name) {
238
240
 
239
241
  return NULL;
240
242
  }
243
+
244
+ static void blake2b256_init(EVP_MD_CTX *ctx) { BLAKE2B256_Init(ctx->md_data); }
245
+
246
+ static void blake2b256_update(EVP_MD_CTX *ctx, const void *data, size_t len) {
247
+ BLAKE2B256_Update(ctx->md_data, data, len);
248
+ }
249
+
250
+ static void blake2b256_final(EVP_MD_CTX *ctx, uint8_t *md) {
251
+ BLAKE2B256_Final(md, ctx->md_data);
252
+ }
253
+
254
+ static const EVP_MD evp_md_blake2b256 = {
255
+ NID_undef,
256
+ BLAKE2B256_DIGEST_LENGTH,
257
+ 0,
258
+ blake2b256_init,
259
+ blake2b256_update,
260
+ blake2b256_final,
261
+ BLAKE2B_CBLOCK,
262
+ sizeof(BLAKE2B_CTX),
263
+ };
264
+
265
+ const EVP_MD *EVP_blake2b256(void) { return &evp_md_blake2b256; }
data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c CHANGED
@@ -241,21 +241,6 @@ int EC_KEY_marshal_private_key(CBB *cbb, const EC_KEY *key,
241
241
  return 1;
242
242
  }
243
243
 
244
- // is_unsigned_integer returns one if |cbs| is a valid unsigned DER INTEGER and
245
- // zero otherwise.
246
- static int is_unsigned_integer(const CBS *cbs) {
247
- if (CBS_len(cbs) == 0) {
248
- return 0;
249
- }
250
- uint8_t byte = CBS_data(cbs)[0];
251
- if ((byte & 0x80) ||
252
- (byte == 0 && CBS_len(cbs) > 1 && (CBS_data(cbs)[1] & 0x80) == 0)) {
253
- // Negative or not minimally-encoded.
254
- return 0;
255
- }
256
- return 1;
257
- }
258
-
259
244
  // kPrimeFieldOID is the encoding of 1.2.840.10045.1.1.
260
245
  static const uint8_t kPrimeField[] = {0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01};
261
246
 
@@ -276,7 +261,7 @@ static int parse_explicit_prime_curve(CBS *in, CBS *out_prime, CBS *out_a,
276
261
  OPENSSL_memcmp(CBS_data(&field_type), kPrimeField, sizeof(kPrimeField)) !=
277
262
  0 ||
278
263
  !CBS_get_asn1(&field_id, out_prime, CBS_ASN1_INTEGER) ||
279
- !is_unsigned_integer(out_prime) ||
264
+ !CBS_is_unsigned_asn1_integer(out_prime) ||
280
265
  CBS_len(&field_id) != 0 ||
281
266
  !CBS_get_asn1(&params, &curve, CBS_ASN1_SEQUENCE) ||
282
267
  !CBS_get_asn1(&curve, out_a, CBS_ASN1_OCTETSTRING) ||
@@ -286,7 +271,7 @@ static int parse_explicit_prime_curve(CBS *in, CBS *out_prime, CBS *out_a,
286
271
  CBS_len(&curve) != 0 ||
287
272
  !CBS_get_asn1(&params, &base, CBS_ASN1_OCTETSTRING) ||
288
273
  !CBS_get_asn1(&params, out_order, CBS_ASN1_INTEGER) ||
289
- !is_unsigned_integer(out_order) ||
274
+ !CBS_is_unsigned_asn1_integer(out_order) ||
290
275
  !CBS_get_optional_asn1(&params, &cofactor, &has_cofactor,
291
276
  CBS_ASN1_INTEGER) ||
292
277
  CBS_len(&params) != 0) {
data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c CHANGED
@@ -60,6 +60,8 @@
60
60
  #include "cipher/e_aes.c"
61
61
  #include "cipher/e_des.c"
62
62
  #include "des/des.c"
63
+ #include "dh/check.c"
64
+ #include "dh/dh.c"
63
65
  #include "digest/digest.c"
64
66
  #include "digest/digests.c"
65
67
  #include "ecdh/ecdh.c"
@@ -193,7 +195,7 @@ BORINGSSL_bcm_power_on_self_test(void) {
193
195
  assert_within(rodata_start, kP256Params, rodata_end);
194
196
  assert_within(rodata_start, kPKCS1SigPrefixes, rodata_end);
195
197
 
196
- #if defined(OPENSSL_ANDROID)
198
+ #if defined(OPENSSL_AARCH64) || defined(OPENSSL_ANDROID)
197
199
  uint8_t result[SHA256_DIGEST_LENGTH];
198
200
  const EVP_MD *const kHashFunction = EVP_sha256();
199
201
  #else
data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c CHANGED
@@ -101,26 +101,7 @@ void BN_free(BIGNUM *bn) {
101
101
  }
102
102
 
103
103
  void BN_clear_free(BIGNUM *bn) {
104
- char should_free;
105
-
106
- if (bn == NULL) {
107
- return;
108
- }
109
-
110
- if (bn->d != NULL) {
111
- if ((bn->flags & BN_FLG_STATIC_DATA) == 0) {
112
- OPENSSL_free(bn->d);
113
- } else {
114
- OPENSSL_cleanse(bn->d, bn->dmax * sizeof(bn->d[0]));
115
- }
116
- }
117
-
118
- should_free = (bn->flags & BN_FLG_MALLOCED) != 0;
119
- if (should_free) {
120
- OPENSSL_free(bn);
121
- } else {
122
- OPENSSL_cleanse(bn, sizeof(BIGNUM));
123
- }
104
+ BN_free(bn);
124
105
  }
125
106
 
126
107
  BIGNUM *BN_dup(const BIGNUM *src) {
@@ -302,6 +283,18 @@ int bn_set_words(BIGNUM *bn, const BN_ULONG *words, size_t num) {
302
283
  return 1;
303
284
  }
304
285
 
286
+ void bn_set_static_words(BIGNUM *bn, const BN_ULONG *words, size_t num) {
287
+ if ((bn->flags & BN_FLG_STATIC_DATA) == 0) {
288
+ OPENSSL_free(bn->d);
289
+ }
290
+ bn->d = (BN_ULONG *)words;
291
+
292
+ bn->width = num;
293
+ bn->dmax = num;
294
+ bn->neg = 0;
295
+ bn->flags |= BN_FLG_STATIC_DATA;
296
+ }
297
+
305
298
  int bn_fits_in_words(const BIGNUM *bn, size_t num) {
306
299
  // All words beyond |num| must be zero.
307
300
  BN_ULONG mask = 0;
data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c CHANGED
@@ -64,10 +64,10 @@
64
64
  #include "internal.h"
65
65
 
66
66
 
67
- #if !defined(BN_CAN_DIVIDE_ULLONG) && !defined(BN_CAN_USE_INLINE_ASM)
68
67
  // bn_div_words divides a double-width |h|,|l| by |d| and returns the result,
69
68
  // which must fit in a |BN_ULONG|.
70
- static BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d) {
69
+ OPENSSL_UNUSED static BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l,
70
+ BN_ULONG d) {
71
71
  BN_ULONG dh, dl, q, ret = 0, th, tl, t;
72
72
  int i, count = 2;
73
73
 
@@ -135,7 +135,6 @@ static BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d) {
135
135
  ret |= q;
136
136
  return ret;
137
137
  }
138
- #endif // !defined(BN_CAN_DIVIDE_ULLONG) && !defined(BN_CAN_USE_INLINE_ASM)
139
138
 
140
139
  static inline void bn_div_rem_words(BN_ULONG *quotient_out, BN_ULONG *rem_out,
141
140
  BN_ULONG n0, BN_ULONG n1, BN_ULONG d0) {
data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h CHANGED
@@ -123,7 +123,7 @@
123
123
  #ifndef OPENSSL_HEADER_BN_INTERNAL_H
124
124
  #define OPENSSL_HEADER_BN_INTERNAL_H
125
125
 
126
- #include <openssl/base.h>
126
+ #include <openssl/bn.h>
127
127
 
128
128
  #if defined(OPENSSL_X86_64) && defined(_MSC_VER)
129
129
  OPENSSL_MSVC_PRAGMA(warning(push, 3))
@@ -241,6 +241,14 @@ void bn_select_words(BN_ULONG *r, BN_ULONG mask, const BN_ULONG *a,
241
241
  // least significant word first.
242
242
  int bn_set_words(BIGNUM *bn, const BN_ULONG *words, size_t num);
243
243
 
244
+ // bn_set_static_words acts like |bn_set_words|, but doesn't copy the data. A
245
+ // flag is set on |bn| so that |BN_free| won't attempt to free the data.
246
+ //
247
+ // The |STATIC_BIGNUM| macro is probably a better solution for this outside of
248
+ // the FIPS module. Inside of the FIPS module that macro generates rel.ro data,
249
+ // which doesn't work with FIPS requirements.
250
+ void bn_set_static_words(BIGNUM *bn, const BN_ULONG *words, size_t num);
251
+
244
252
  // bn_fits_in_words returns one if |bn| may be represented in |num| words, plus
245
253
  // a sign bit, and zero otherwise.
246
254
  int bn_fits_in_words(const BIGNUM *bn, size_t num);
data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/dh.c RENAMED
@@ -60,17 +60,16 @@
60
60
 
61
61
  #include <openssl/bn.h>
62
62
  #include <openssl/err.h>
63
- #include <openssl/ex_data.h>
63
+ #include <openssl/digest.h>
64
64
  #include <openssl/mem.h>
65
65
  #include <openssl/thread.h>
66
66
 
67
- #include "../internal.h"
67
+ #include "../../internal.h"
68
+ #include "../bn/internal.h"
68
69
 
69
70
 
70
71
  #define OPENSSL_DH_MAX_MODULUS_BITS 10000
71
72
 
72
- static CRYPTO_EX_DATA_CLASS g_ex_data_class = CRYPTO_EX_DATA_CLASS_INIT;
73
-
74
73
  DH *DH_new(void) {
75
74
  DH *dh = OPENSSL_malloc(sizeof(DH));
76
75
  if (dh == NULL) {
@@ -83,7 +82,6 @@ DH *DH_new(void) {
83
82
  CRYPTO_MUTEX_init(&dh->method_mont_p_lock);
84
83
 
85
84
  dh->references = 1;
86
- CRYPTO_new_ex_data(&dh->ex_data);
87
85
 
88
86
  return dh;
89
87
  }
@@ -97,8 +95,6 @@ void DH_free(DH *dh) {
97
95
  return;
98
96
  }
99
97
 
100
- CRYPTO_free_ex_data(&g_ex_data_class, dh, &dh->ex_data);
101
-
102
98
  BN_MONT_CTX_free(dh->method_mont_p);
103
99
  BN_clear_free(dh->p);
104
100
  BN_clear_free(dh->g);
@@ -189,120 +185,6 @@ int DH_set_length(DH *dh, unsigned priv_length) {
189
185
  return 1;
190
186
  }
191
187
 
192
- int DH_generate_parameters_ex(DH *dh, int prime_bits, int generator, BN_GENCB *cb) {
193
- // We generate DH parameters as follows
194
- // find a prime q which is prime_bits/2 bits long.
195
- // p=(2*q)+1 or (p-1)/2 = q
196
- // For this case, g is a generator if
197
- // g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
198
- // Since the factors of p-1 are q and 2, we just need to check
199
- // g^2 mod p != 1 and g^q mod p != 1.
200
- //
201
- // Having said all that,
202
- // there is another special case method for the generators 2, 3 and 5.
203
- // for 2, p mod 24 == 11
204
- // for 3, p mod 12 == 5 <<<<< does not work for safe primes.
205
- // for 5, p mod 10 == 3 or 7
206
- //
207
- // Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
208
- // special generators and for answering some of my questions.
209
- //
210
- // I've implemented the second simple method :-).
211
- // Since DH should be using a safe prime (both p and q are prime),
212
- // this generator function can take a very very long time to run.
213
-
214
- // Actually there is no reason to insist that 'generator' be a generator.
215
- // It's just as OK (and in some sense better) to use a generator of the
216
- // order-q subgroup.
217
-
218
- BIGNUM *t1, *t2;
219
- int g, ok = 0;
220
- BN_CTX *ctx = NULL;
221
-
222
- ctx = BN_CTX_new();
223
- if (ctx == NULL) {
224
- goto err;
225
- }
226
- BN_CTX_start(ctx);
227
- t1 = BN_CTX_get(ctx);
228
- t2 = BN_CTX_get(ctx);
229
- if (t1 == NULL || t2 == NULL) {
230
- goto err;
231
- }
232
-
233
- // Make sure |dh| has the necessary elements
234
- if (dh->p == NULL) {
235
- dh->p = BN_new();
236
- if (dh->p == NULL) {
237
- goto err;
238
- }
239
- }
240
- if (dh->g == NULL) {
241
- dh->g = BN_new();
242
- if (dh->g == NULL) {
243
- goto err;
244
- }
245
- }
246
-
247
- if (generator <= 1) {
248
- OPENSSL_PUT_ERROR(DH, DH_R_BAD_GENERATOR);
249
- goto err;
250
- }
251
- if (generator == DH_GENERATOR_2) {
252
- if (!BN_set_word(t1, 24)) {
253
- goto err;
254
- }
255
- if (!BN_set_word(t2, 11)) {
256
- goto err;
257
- }
258
- g = 2;
259
- } else if (generator == DH_GENERATOR_5) {
260
- if (!BN_set_word(t1, 10)) {
261
- goto err;
262
- }
263
- if (!BN_set_word(t2, 3)) {
264
- goto err;
265
- }
266
- // BN_set_word(t3,7); just have to miss
267
- // out on these ones :-(
268
- g = 5;
269
- } else {
270
- // in the general case, don't worry if 'generator' is a
271
- // generator or not: since we are using safe primes,
272
- // it will generate either an order-q or an order-2q group,
273
- // which both is OK
274
- if (!BN_set_word(t1, 2)) {
275
- goto err;
276
- }
277
- if (!BN_set_word(t2, 1)) {
278
- goto err;
279
- }
280
- g = generator;
281
- }
282
-
283
- if (!BN_generate_prime_ex(dh->p, prime_bits, 1, t1, t2, cb)) {
284
- goto err;
285
- }
286
- if (!BN_GENCB_call(cb, 3, 0)) {
287
- goto err;
288
- }
289
- if (!BN_set_word(dh->g, g)) {
290
- goto err;
291
- }
292
- ok = 1;
293
-
294
- err:
295
- if (!ok) {
296
- OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB);
297
- }
298
-
299
- if (ctx != NULL) {
300
- BN_CTX_end(ctx);
301
- BN_CTX_free(ctx);
302
- }
303
- return ok;
304
- }
305
-
306
188
  int DH_generate_key(DH *dh) {
307
189
  int ok = 0;
308
190
  int generate_new_key = 0;
@@ -390,144 +272,185 @@ err:
390
272
  return ok;
391
273
  }
392
274
 
393
- int DH_compute_key(unsigned char *out, const BIGNUM *peers_key, DH *dh) {
394
- BN_CTX *ctx = NULL;
395
- BIGNUM *shared_key;
396
- int ret = -1;
397
- int check_result;
398
-
275
+ static int dh_compute_key(DH *dh, BIGNUM *out_shared_key,
276
+ const BIGNUM *peers_key, BN_CTX *ctx) {
399
277
  if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
400
278
  OPENSSL_PUT_ERROR(DH, DH_R_MODULUS_TOO_LARGE);
401
- goto err;
402
- }
403
-
404
- ctx = BN_CTX_new();
405
- if (ctx == NULL) {
406
- goto err;
407
- }
408
- BN_CTX_start(ctx);
409
- shared_key = BN_CTX_get(ctx);
410
- if (shared_key == NULL) {
411
- goto err;
279
+ return 0;
412
280
  }
413
281
 
414
282
  if (dh->priv_key == NULL) {
415
283
  OPENSSL_PUT_ERROR(DH, DH_R_NO_PRIVATE_VALUE);
416
- goto err;
417
- }
418
-
419
- if (!BN_MONT_CTX_set_locked(&dh->method_mont_p, &dh->method_mont_p_lock,
420
- dh->p, ctx)) {
421
- goto err;
284
+ return 0;
422
285
  }
423
286
 
287
+ int check_result;
424
288
  if (!DH_check_pub_key(dh, peers_key, &check_result) || check_result) {
425
289
  OPENSSL_PUT_ERROR(DH, DH_R_INVALID_PUBKEY);
290
+ return 0;
291
+ }
292
+
293
+ int ret = 0;
294
+ BN_CTX_start(ctx);
295
+ BIGNUM *p_minus_1 = BN_CTX_get(ctx);
296
+
297
+ if (!p_minus_1 ||
298
+ !BN_MONT_CTX_set_locked(&dh->method_mont_p, &dh->method_mont_p_lock,
299
+ dh->p, ctx)) {
426
300
  goto err;
427
301
  }
428
302
 
429
- if (!BN_mod_exp_mont_consttime(shared_key, peers_key, dh->priv_key, dh->p,
430
- ctx, dh->method_mont_p)) {
303
+ if (!BN_mod_exp_mont_consttime(out_shared_key, peers_key, dh->priv_key, dh->p,
304
+ ctx, dh->method_mont_p) ||
305
+ !BN_copy(p_minus_1, dh->p) ||
306
+ !BN_sub_word(p_minus_1, 1)) {
431
307
  OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB);
432
308
  goto err;
433
309
  }
434
310
 
435
- ret = BN_bn2bin(shared_key, out);
436
-
437
- err:
438
- if (ctx != NULL) {
439
- BN_CTX_end(ctx);
440
- BN_CTX_free(ctx);
311
+ // This performs the check required by SP 800-56Ar3 section 5.7.1.1 step two.
312
+ if (BN_cmp_word(out_shared_key, 1) <= 0 ||
313
+ BN_cmp(out_shared_key, p_minus_1) == 0) {
314
+ OPENSSL_PUT_ERROR(DH, DH_R_INVALID_PUBKEY);
315
+ goto err;
441
316
  }
442
317
 
318
+ ret = 1;
319
+
320
+ err:
321
+ BN_CTX_end(ctx);
443
322
  return ret;
444
323
  }
445
324
 
446
- int DH_size(const DH *dh) { return BN_num_bytes(dh->p); }
325
+ int DH_compute_key_padded(unsigned char *out, const BIGNUM *peers_key, DH *dh) {
326
+ BN_CTX *ctx = BN_CTX_new();
327
+ if (ctx == NULL) {
328
+ return -1;
329
+ }
330
+ BN_CTX_start(ctx);
447
331
 
448
- unsigned DH_num_bits(const DH *dh) { return BN_num_bits(dh->p); }
332
+ int dh_size = DH_size(dh);
333
+ int ret = -1;
334
+ BIGNUM *shared_key = BN_CTX_get(ctx);
335
+ if (shared_key &&
336
+ dh_compute_key(dh, shared_key, peers_key, ctx) &&
337
+ BN_bn2bin_padded(out, dh_size, shared_key)) {
338
+ ret = dh_size;
339
+ }
449
340
 
450
- int DH_up_ref(DH *dh) {
451
- CRYPTO_refcount_inc(&dh->references);
452
- return 1;
341
+ BN_CTX_end(ctx);
342
+ BN_CTX_free(ctx);
343
+ return ret;
453
344
  }
454
345
 
455
- static int int_dh_bn_cpy(BIGNUM **dst, const BIGNUM *src) {
456
- BIGNUM *a = NULL;
346
+ int DH_compute_key(unsigned char *out, const BIGNUM *peers_key, DH *dh) {
347
+ BN_CTX *ctx = BN_CTX_new();
348
+ if (ctx == NULL) {
349
+ return -1;
350
+ }
351
+ BN_CTX_start(ctx);
457
352
 
458
- if (src) {
459
- a = BN_dup(src);
460
- if (!a) {
461
- return 0;
462
- }
353
+ int ret = -1;
354
+ BIGNUM *shared_key = BN_CTX_get(ctx);
355
+ if (shared_key && dh_compute_key(dh, shared_key, peers_key, ctx)) {
356
+ ret = BN_bn2bin(shared_key, out);
463
357
  }
464
358
 
465
- BN_free(*dst);
466
- *dst = a;
467
- return 1;
359
+ BN_CTX_end(ctx);
360
+ BN_CTX_free(ctx);
361
+ return ret;
468
362
  }
469
363
 
470
- static int int_dh_param_copy(DH *to, const DH *from, int is_x942) {
471
- if (is_x942 == -1) {
472
- is_x942 = !!from->q;
473
- }
474
- if (!int_dh_bn_cpy(&to->p, from->p) ||
475
- !int_dh_bn_cpy(&to->g, from->g)) {
364
+ int DH_compute_key_hashed(DH *dh, uint8_t *out, size_t *out_len,
365
+ size_t max_out_len, const BIGNUM *peers_key,
366
+ const EVP_MD *digest) {
367
+ *out_len = (size_t)-1;
368
+
369
+ const size_t digest_len = EVP_MD_size(digest);
370
+ if (digest_len > max_out_len) {
476
371
  return 0;
477
372
  }
478
373
 
479
- if (!is_x942) {
480
- return 1;
374
+ int ret = 0;
375
+ const size_t dh_len = DH_size(dh);
376
+ uint8_t *shared_bytes = OPENSSL_malloc(dh_len);
377
+ unsigned out_len_unsigned;
378
+ if (!shared_bytes ||
379
+ // SP 800-56A is ambiguous about whether the output should be padded prior
380
+ // to revision three. But revision three, section C.1, awkwardly specifies
381
+ // padding to the length of p.
382
+ //
383
+ // Also, padded output avoids side-channels, so is always strongly
384
+ // advisable.
385
+ DH_compute_key_padded(shared_bytes, peers_key, dh) != (int)dh_len ||
386
+ !EVP_Digest(shared_bytes, dh_len, out, &out_len_unsigned, digest, NULL) ||
387
+ out_len_unsigned != digest_len) {
388
+ goto err;
481
389
  }
482
390
 
483
- if (!int_dh_bn_cpy(&to->q, from->q) ||
484
- !int_dh_bn_cpy(&to->j, from->j)) {
485
- return 0;
486
- }
391
+ *out_len = digest_len;
392
+ ret = 1;
487
393
 
488
- OPENSSL_free(to->seed);
489
- to->seed = NULL;
490
- to->seedlen = 0;
394
+ err:
395
+ OPENSSL_free(shared_bytes);
396
+ return ret;
397
+ }
491
398
 
492
- if (from->seed) {
493
- to->seed = OPENSSL_memdup(from->seed, from->seedlen);
494
- if (!to->seed) {
495
- return 0;
496
- }
497
- to->seedlen = from->seedlen;
498
- }
399
+ int DH_size(const DH *dh) { return BN_num_bytes(dh->p); }
499
400
 
401
+ unsigned DH_num_bits(const DH *dh) { return BN_num_bits(dh->p); }
402
+
403
+ int DH_up_ref(DH *dh) {
404
+ CRYPTO_refcount_inc(&dh->references);
500
405
  return 1;
501
406
  }
502
407
 
503
- DH *DHparams_dup(const DH *dh) {
504
- DH *ret = DH_new();
505
- if (!ret) {
506
- return NULL;
408
+ DH *DH_get_rfc7919_2048(void) {
409
+ // This is the prime from https://tools.ietf.org/html/rfc7919#appendix-A.1,
410
+ // which is specifically approved for FIPS in appendix D of SP 800-56Ar3.
411
+ static const BN_ULONG kFFDHE2048Data[] = {
412
+ TOBN(0xffffffff, 0xffffffff), TOBN(0x886b4238, 0x61285c97),
413
+ TOBN(0xc6f34a26, 0xc1b2effa), TOBN(0xc58ef183, 0x7d1683b2),
414
+ TOBN(0x3bb5fcbc, 0x2ec22005), TOBN(0xc3fe3b1b, 0x4c6fad73),
415
+ TOBN(0x8e4f1232, 0xeef28183), TOBN(0x9172fe9c, 0xe98583ff),
416
+ TOBN(0xc03404cd, 0x28342f61), TOBN(0x9e02fce1, 0xcdf7e2ec),
417
+ TOBN(0x0b07a7c8, 0xee0a6d70), TOBN(0xae56ede7, 0x6372bb19),
418
+ TOBN(0x1d4f42a3, 0xde394df4), TOBN(0xb96adab7, 0x60d7f468),
419
+ TOBN(0xd108a94b, 0xb2c8e3fb), TOBN(0xbc0ab182, 0xb324fb61),
420
+ TOBN(0x30acca4f, 0x483a797a), TOBN(0x1df158a1, 0x36ade735),
421
+ TOBN(0xe2a689da, 0xf3efe872), TOBN(0x984f0c70, 0xe0e68b77),
422
+ TOBN(0xb557135e, 0x7f57c935), TOBN(0x85636555, 0x3ded1af3),
423
+ TOBN(0x2433f51f, 0x5f066ed0), TOBN(0xd3df1ed5, 0xd5fd6561),
424
+ TOBN(0xf681b202, 0xaec4617a), TOBN(0x7d2fe363, 0x630c75d8),
425
+ TOBN(0xcc939dce, 0x249b3ef9), TOBN(0xa9e13641, 0x146433fb),
426
+ TOBN(0xd8b9c583, 0xce2d3695), TOBN(0xafdc5620, 0x273d3cf1),
427
+ TOBN(0xadf85458, 0xa2bb4a9a), TOBN(0xffffffff, 0xffffffff),
428
+ };
429
+
430
+ BIGNUM *const ffdhe2048_p = BN_new();
431
+ BIGNUM *const ffdhe2048_q = BN_new();
432
+ BIGNUM *const ffdhe2048_g = BN_new();
433
+ DH *const dh = DH_new();
434
+
435
+ if (!ffdhe2048_p || !ffdhe2048_q || !ffdhe2048_g || !dh) {
436
+ goto err;
507
437
  }
508
438
 
509
- if (!int_dh_param_copy(ret, dh, -1)) {
510
- DH_free(ret);
511
- return NULL;
512
- }
439
+ bn_set_static_words(ffdhe2048_p, kFFDHE2048Data,
440
+ OPENSSL_ARRAY_SIZE(kFFDHE2048Data));
513
441
 
514
- return ret;
515
- }
516
-
517
- int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_unused *unused,
518
- CRYPTO_EX_dup *dup_unused, CRYPTO_EX_free *free_func) {
519
- int index;
520
- if (!CRYPTO_get_ex_new_index(&g_ex_data_class, &index, argl, argp,
521
- free_func)) {
522
- return -1;
442
+ if (!BN_rshift1(ffdhe2048_q, ffdhe2048_p) ||
443
+ !BN_set_word(ffdhe2048_g, 2) ||
444
+ !DH_set0_pqg(dh, ffdhe2048_p, ffdhe2048_q, ffdhe2048_g)) {
445
+ goto err;
523
446
  }
524
- return index;
525
- }
526
447
 
527
- int DH_set_ex_data(DH *d, int idx, void *arg) {
528
- return CRYPTO_set_ex_data(&d->ex_data, idx, arg);
529
- }
448
+ return dh;
530
449
 
531
- void *DH_get_ex_data(DH *d, int idx) {
532
- return CRYPTO_get_ex_data(&d->ex_data, idx);
450
+ err:
451
+ BN_free(ffdhe2048_p);
452
+ BN_free(ffdhe2048_q);
453
+ BN_free(ffdhe2048_g);
454
+ DH_free(dh);
455
+ return NULL;
533
456
  }