grpc 1.4.5 → 1.6.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +1235 -1100
- data/etc/roots.pem +0 -412
- data/include/grpc/byte_buffer.h +10 -25
- data/include/grpc/byte_buffer_reader.h +10 -25
- data/include/grpc/census.h +10 -25
- data/include/grpc/compression.h +10 -25
- data/include/grpc/grpc.h +15 -26
- data/include/grpc/grpc_cronet.h +10 -25
- data/include/grpc/grpc_posix.h +10 -25
- data/include/grpc/grpc_security.h +10 -25
- data/include/grpc/grpc_security_constants.h +10 -25
- data/include/grpc/impl/codegen/atm.h +11 -25
- data/include/grpc/impl/codegen/atm_gcc_atomic.h +10 -25
- data/include/grpc/impl/codegen/atm_gcc_sync.h +10 -25
- data/include/grpc/impl/codegen/atm_windows.h +10 -25
- data/include/grpc/impl/codegen/byte_buffer_reader.h +11 -26
- data/include/grpc/impl/codegen/compression_types.h +12 -27
- data/include/grpc/impl/codegen/connectivity_state.h +10 -25
- data/include/grpc/impl/codegen/exec_ctx_fwd.h +10 -25
- data/include/grpc/impl/codegen/gpr_slice.h +10 -25
- data/include/grpc/impl/codegen/gpr_types.h +10 -25
- data/include/grpc/impl/codegen/grpc_types.h +42 -43
- data/include/grpc/impl/codegen/port_platform.h +10 -25
- data/include/grpc/impl/codegen/propagation_bits.h +10 -25
- data/include/grpc/impl/codegen/slice.h +13 -28
- data/include/grpc/impl/codegen/status.h +10 -25
- data/include/grpc/impl/codegen/sync.h +10 -25
- data/include/grpc/impl/codegen/sync_generic.h +10 -25
- data/include/grpc/impl/codegen/sync_posix.h +10 -25
- data/include/grpc/impl/codegen/sync_windows.h +10 -25
- data/include/grpc/load_reporting.h +10 -25
- data/include/grpc/slice.h +10 -25
- data/include/grpc/slice_buffer.h +10 -25
- data/include/grpc/status.h +10 -25
- data/include/grpc/support/alloc.h +10 -25
- data/include/grpc/support/atm.h +10 -25
- data/include/grpc/support/atm_gcc_atomic.h +10 -25
- data/include/grpc/support/atm_gcc_sync.h +10 -25
- data/include/grpc/support/atm_windows.h +10 -25
- data/include/grpc/support/avl.h +46 -49
- data/include/grpc/support/cmdline.h +10 -25
- data/include/grpc/support/cpu.h +10 -25
- data/include/grpc/support/histogram.h +10 -25
- data/include/grpc/support/host_port.h +10 -25
- data/include/grpc/support/log.h +10 -25
- data/include/grpc/support/log_windows.h +10 -25
- data/include/grpc/support/port_platform.h +10 -25
- data/include/grpc/support/string_util.h +10 -25
- data/include/grpc/support/subprocess.h +10 -25
- data/include/grpc/support/sync.h +10 -25
- data/include/grpc/support/sync_generic.h +10 -25
- data/include/grpc/support/sync_posix.h +10 -25
- data/include/grpc/support/sync_windows.h +10 -25
- data/include/grpc/support/thd.h +10 -25
- data/include/grpc/support/time.h +10 -25
- data/include/grpc/support/tls.h +10 -25
- data/include/grpc/support/tls_gcc.h +10 -25
- data/include/grpc/support/tls_msvc.h +10 -25
- data/include/grpc/support/tls_pthread.h +10 -25
- data/include/grpc/support/useful.h +10 -25
- data/include/grpc/support/workaround_list.h +11 -26
- data/src/boringssl/err_data.c +277 -259
- data/src/core/ext/census/aggregation.h +10 -25
- data/src/core/ext/census/base_resources.c +10 -25
- data/src/core/ext/census/base_resources.h +10 -25
- data/src/core/ext/census/census_interface.h +10 -25
- data/src/core/ext/census/census_rpc_stats.h +10 -25
- data/src/core/ext/census/context.c +10 -25
- data/src/core/ext/census/gen/census.pb.c +10 -25
- data/src/core/ext/census/gen/census.pb.h +10 -25
- data/src/core/ext/census/gen/trace_context.pb.c +10 -25
- data/src/core/ext/census/gen/trace_context.pb.h +10 -25
- data/src/core/ext/census/grpc_context.c +10 -25
- data/src/core/ext/census/grpc_filter.c +11 -26
- data/src/core/ext/census/grpc_filter.h +10 -25
- data/src/core/ext/census/grpc_plugin.c +10 -25
- data/src/core/ext/census/initialize.c +10 -25
- data/src/core/ext/census/intrusive_hash_map.c +10 -25
- data/src/core/ext/census/intrusive_hash_map.h +10 -25
- data/src/core/ext/census/intrusive_hash_map_internal.h +10 -25
- data/src/core/ext/census/mlog.c +10 -25
- data/src/core/ext/census/mlog.h +10 -25
- data/src/core/ext/census/operation.c +10 -25
- data/src/core/ext/census/placeholders.c +10 -25
- data/src/core/ext/census/resource.c +10 -25
- data/src/core/ext/census/resource.h +10 -25
- data/src/core/ext/census/rpc_metric_id.h +10 -25
- data/src/core/ext/census/trace_context.c +10 -25
- data/src/core/ext/census/trace_context.h +10 -25
- data/src/core/ext/census/trace_label.h +10 -25
- data/src/core/ext/census/trace_propagation.h +10 -25
- data/src/core/ext/census/trace_status.h +10 -25
- data/src/core/ext/census/trace_string.h +10 -25
- data/src/core/ext/census/tracing.c +10 -26
- data/src/core/ext/census/tracing.h +10 -25
- data/src/core/ext/filters/client_channel/channel_connectivity.c +20 -33
- data/src/core/ext/filters/client_channel/client_channel.c +617 -520
- data/src/core/ext/filters/client_channel/client_channel.h +15 -28
- data/src/core/ext/filters/client_channel/client_channel_factory.c +13 -31
- data/src/core/ext/filters/client_channel/client_channel_factory.h +10 -25
- data/src/core/ext/filters/client_channel/client_channel_plugin.c +16 -29
- data/src/core/ext/filters/client_channel/connector.c +10 -25
- data/src/core/ext/filters/client_channel/connector.h +10 -25
- data/src/core/ext/filters/client_channel/http_connect_handshaker.c +15 -30
- data/src/core/ext/filters/client_channel/http_connect_handshaker.h +10 -25
- data/src/core/ext/filters/client_channel/http_proxy.c +112 -38
- data/src/core/ext/filters/client_channel/http_proxy.h +10 -25
- data/src/core/ext/filters/client_channel/lb_policy.c +32 -36
- data/src/core/ext/filters/client_channel/lb_policy.h +24 -27
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.c +14 -30
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h +10 -25
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.c +464 -279
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +10 -25
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +15 -28
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.c +40 -48
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.c +65 -49
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +31 -31
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.c +47 -32
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +11 -26
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c +13 -9
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h +27 -21
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.c +373 -136
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.c +504 -279
- data/src/core/ext/filters/client_channel/lb_policy_factory.c +12 -31
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +12 -27
- data/src/core/ext/filters/client_channel/lb_policy_registry.c +10 -25
- data/src/core/ext/filters/client_channel/lb_policy_registry.h +10 -25
- data/src/core/ext/filters/client_channel/parse_address.c +10 -25
- data/src/core/ext/filters/client_channel/parse_address.h +10 -25
- data/src/core/ext/filters/client_channel/proxy_mapper.c +10 -25
- data/src/core/ext/filters/client_channel/proxy_mapper.h +10 -25
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.c +10 -25
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.h +10 -25
- data/src/core/ext/filters/client_channel/resolver.c +33 -38
- data/src/core/ext/filters/client_channel/resolver.h +19 -30
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.c +153 -50
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +14 -27
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.c +33 -30
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.c +326 -116
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +35 -36
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.c +60 -0
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.c +19 -34
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.c +254 -0
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +60 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.c +16 -28
- data/src/core/ext/filters/client_channel/resolver_factory.c +10 -25
- data/src/core/ext/filters/client_channel/resolver_factory.h +10 -25
- data/src/core/ext/filters/client_channel/resolver_registry.c +10 -25
- data/src/core/ext/filters/client_channel/resolver_registry.h +10 -25
- data/src/core/ext/filters/client_channel/retry_throttle.c +23 -34
- data/src/core/ext/filters/client_channel/retry_throttle.h +10 -25
- data/src/core/ext/filters/client_channel/subchannel.c +33 -55
- data/src/core/ext/filters/client_channel/subchannel.h +16 -26
- data/src/core/ext/filters/client_channel/subchannel_index.c +55 -92
- data/src/core/ext/filters/client_channel/subchannel_index.h +26 -29
- data/src/core/ext/filters/client_channel/uri_parser.c +10 -25
- data/src/core/ext/filters/client_channel/uri_parser.h +10 -25
- data/src/core/ext/filters/deadline/deadline_filter.c +30 -45
- data/src/core/ext/filters/deadline/deadline_filter.h +10 -25
- data/src/core/ext/filters/http/client/http_client_filter.c +255 -294
- data/src/core/ext/filters/http/client/http_client_filter.h +10 -25
- data/src/core/ext/filters/http/http_filters_plugin.c +11 -26
- data/src/core/ext/filters/http/message_compress/message_compress_filter.c +133 -105
- data/src/core/ext/filters/http/message_compress/message_compress_filter.h +10 -25
- data/src/core/ext/filters/http/server/http_server_filter.c +17 -32
- data/src/core/ext/filters/http/server/http_server_filter.h +10 -25
- data/src/core/ext/filters/load_reporting/load_reporting.c +11 -30
- data/src/core/ext/filters/load_reporting/load_reporting.h +10 -25
- data/src/core/ext/filters/load_reporting/load_reporting_filter.c +11 -26
- data/src/core/ext/filters/load_reporting/load_reporting_filter.h +10 -25
- data/src/core/ext/filters/max_age/max_age_filter.c +28 -43
- data/src/core/ext/filters/max_age/max_age_filter.h +10 -25
- data/src/core/ext/filters/message_size/message_size_filter.c +24 -37
- data/src/core/ext/filters/message_size/message_size_filter.h +10 -25
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.c +16 -31
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.h +10 -25
- data/src/core/ext/filters/workarounds/workaround_utils.c +12 -26
- data/src/core/ext/filters/workarounds/workaround_utils.h +11 -26
- data/src/core/ext/transport/chttp2/alpn/alpn.c +10 -25
- data/src/core/ext/transport/chttp2/alpn/alpn.h +10 -25
- data/src/core/ext/transport/chttp2/client/chttp2_connector.c +13 -28
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +10 -25
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.c +13 -30
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.c +12 -29
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.c +13 -30
- data/src/core/ext/transport/chttp2/server/chttp2_server.c +11 -26
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +10 -25
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.c +10 -25
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.c +10 -25
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.c +10 -25
- data/src/core/ext/transport/chttp2/transport/bin_decoder.c +11 -25
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +10 -25
- data/src/core/ext/transport/chttp2/transport/bin_encoder.c +10 -25
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +10 -25
- data/src/core/ext/transport/chttp2/transport/chttp2_plugin.c +15 -27
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.c +421 -443
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +14 -25
- data/src/core/ext/transport/chttp2/transport/flow_control.c +500 -0
- data/src/core/ext/transport/chttp2/transport/frame.h +10 -25
- data/src/core/ext/transport/chttp2/transport/frame_data.c +20 -28
- data/src/core/ext/transport/chttp2/transport/frame_data.h +10 -25
- data/src/core/ext/transport/chttp2/transport/frame_goaway.c +10 -25
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +10 -25
- data/src/core/ext/transport/chttp2/transport/frame_ping.c +11 -26
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +10 -25
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.c +11 -26
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +10 -25
- data/src/core/ext/transport/chttp2/transport/frame_settings.c +16 -29
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +10 -25
- data/src/core/ext/transport/chttp2/transport/frame_window_update.c +17 -33
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +10 -25
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.c +18 -31
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +12 -25
- data/src/core/ext/transport/chttp2/transport/hpack_parser.c +15 -30
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +10 -25
- data/src/core/ext/transport/chttp2/transport/hpack_table.c +10 -25
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +10 -25
- data/src/core/ext/transport/chttp2/transport/http2_settings.c +10 -25
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +10 -25
- data/src/core/ext/transport/chttp2/transport/huffsyms.c +10 -25
- data/src/core/ext/transport/chttp2/transport/huffsyms.h +10 -25
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.c +10 -25
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +10 -25
- data/src/core/ext/transport/chttp2/transport/internal.h +191 -179
- data/src/core/ext/transport/chttp2/transport/parsing.c +33 -102
- data/src/core/ext/transport/chttp2/transport/stream_lists.c +26 -28
- data/src/core/ext/transport/chttp2/transport/stream_map.c +10 -25
- data/src/core/ext/transport/chttp2/transport/stream_map.h +10 -25
- data/src/core/ext/transport/chttp2/transport/varint.c +14 -25
- data/src/core/ext/transport/chttp2/transport/varint.h +10 -25
- data/src/core/ext/transport/chttp2/transport/writing.c +164 -106
- data/src/core/ext/transport/inproc/inproc_plugin.c +29 -0
- data/src/core/ext/transport/inproc/inproc_transport.c +1303 -0
- data/src/core/ext/transport/inproc/inproc_transport.h +41 -0
- data/src/core/lib/channel/channel_args.c +52 -27
- data/src/core/lib/channel/channel_args.h +18 -27
- data/src/core/lib/channel/channel_stack.c +11 -26
- data/src/core/lib/channel/channel_stack.h +12 -27
- data/src/core/lib/channel/channel_stack_builder.c +11 -26
- data/src/core/lib/channel/channel_stack_builder.h +10 -25
- data/src/core/lib/channel/connected_channel.c +10 -25
- data/src/core/lib/channel/connected_channel.h +10 -25
- data/src/core/lib/channel/context.h +10 -25
- data/src/core/lib/channel/handshaker.c +14 -29
- data/src/core/lib/channel/handshaker.h +10 -25
- data/src/core/lib/channel/handshaker_factory.c +10 -25
- data/src/core/lib/channel/handshaker_factory.h +10 -25
- data/src/core/lib/channel/handshaker_registry.c +10 -25
- data/src/core/lib/channel/handshaker_registry.h +10 -25
- data/src/core/lib/compression/algorithm_metadata.h +10 -25
- data/src/core/lib/compression/compression.c +10 -25
- data/src/core/lib/compression/message_compress.c +10 -25
- data/src/core/lib/compression/message_compress.h +10 -25
- data/src/core/lib/compression/stream_compression.c +191 -0
- data/src/core/lib/compression/stream_compression.h +90 -0
- data/src/core/lib/debug/trace.c +28 -29
- data/src/core/lib/debug/trace.h +16 -30
- data/src/core/lib/http/format_request.c +10 -25
- data/src/core/lib/http/format_request.h +10 -25
- data/src/core/lib/http/httpcli.c +19 -35
- data/src/core/lib/http/httpcli.h +10 -25
- data/src/core/lib/http/httpcli_security_connector.c +17 -30
- data/src/core/lib/http/parser.c +11 -26
- data/src/core/lib/http/parser.h +10 -25
- data/src/core/lib/iomgr/closure.c +62 -25
- data/src/core/lib/iomgr/closure.h +81 -26
- data/src/core/lib/iomgr/combiner.c +103 -200
- data/src/core/lib/iomgr/combiner.h +14 -32
- data/src/core/lib/iomgr/endpoint.c +10 -29
- data/src/core/lib/iomgr/endpoint.h +10 -29
- data/src/core/lib/iomgr/endpoint_pair.h +10 -25
- data/src/core/lib/iomgr/endpoint_pair_posix.c +10 -25
- data/src/core/lib/iomgr/endpoint_pair_uv.c +10 -25
- data/src/core/lib/iomgr/endpoint_pair_windows.c +10 -25
- data/src/core/lib/iomgr/error.c +45 -46
- data/src/core/lib/iomgr/error.h +21 -34
- data/src/core/lib/iomgr/error_internal.h +10 -25
- data/src/core/lib/iomgr/ev_epoll1_linux.c +279 -179
- data/src/core/lib/iomgr/ev_epoll1_linux.h +10 -25
- data/src/core/lib/iomgr/ev_epoll_limited_pollers_linux.c +75 -264
- data/src/core/lib/iomgr/ev_epoll_limited_pollers_linux.h +10 -25
- data/src/core/lib/iomgr/ev_epoll_thread_pool_linux.c +44 -199
- data/src/core/lib/iomgr/ev_epoll_thread_pool_linux.h +10 -25
- data/src/core/lib/iomgr/ev_epollex_linux.c +184 -247
- data/src/core/lib/iomgr/ev_epollex_linux.h +10 -25
- data/src/core/lib/iomgr/ev_epollsig_linux.c +116 -323
- data/src/core/lib/iomgr/ev_epollsig_linux.h +10 -25
- data/src/core/lib/iomgr/ev_poll_posix.c +328 -184
- data/src/core/lib/iomgr/ev_poll_posix.h +10 -25
- data/src/core/lib/iomgr/ev_posix.c +25 -56
- data/src/core/lib/iomgr/ev_posix.h +15 -44
- data/src/core/lib/iomgr/ev_windows.c +11 -26
- data/src/core/lib/iomgr/exec_ctx.c +36 -45
- data/src/core/lib/iomgr/exec_ctx.h +10 -25
- data/src/core/lib/iomgr/executor.c +152 -127
- data/src/core/lib/iomgr/executor.h +18 -26
- data/src/core/lib/iomgr/gethostname.h +26 -0
- data/src/core/lib/iomgr/gethostname_fallback.c +27 -0
- data/src/core/lib/iomgr/gethostname_host_name_max.c +37 -0
- data/src/core/lib/iomgr/gethostname_sysconf.c +37 -0
- data/src/core/lib/iomgr/iocp_windows.c +10 -25
- data/src/core/lib/iomgr/iocp_windows.h +10 -25
- data/src/core/lib/iomgr/iomgr.c +17 -28
- data/src/core/lib/iomgr/iomgr.h +12 -27
- data/src/core/lib/iomgr/iomgr_internal.h +10 -25
- data/src/core/lib/iomgr/iomgr_posix.c +11 -26
- data/src/core/lib/iomgr/iomgr_posix.h +10 -25
- data/src/core/lib/iomgr/iomgr_uv.c +19 -26
- data/src/core/lib/iomgr/iomgr_uv.h +37 -0
- data/src/core/lib/iomgr/iomgr_windows.c +10 -25
- data/src/core/lib/iomgr/is_epollexclusive_available.c +10 -25
- data/src/core/lib/iomgr/is_epollexclusive_available.h +10 -25
- data/src/core/lib/iomgr/load_file.c +10 -25
- data/src/core/lib/iomgr/load_file.h +10 -25
- data/src/core/lib/iomgr/lockfree_event.c +22 -35
- data/src/core/lib/iomgr/lockfree_event.h +13 -27
- data/src/core/lib/iomgr/nameser.h +104 -0
- data/src/core/lib/iomgr/network_status_tracker.c +10 -25
- data/src/core/lib/iomgr/network_status_tracker.h +10 -25
- data/src/core/lib/iomgr/polling_entity.c +10 -25
- data/src/core/lib/iomgr/polling_entity.h +14 -34
- data/src/core/lib/iomgr/pollset.h +14 -25
- data/src/core/lib/iomgr/pollset_set.h +10 -25
- data/src/core/lib/iomgr/pollset_set_uv.c +10 -25
- data/src/core/lib/iomgr/pollset_set_windows.c +10 -25
- data/src/core/lib/iomgr/pollset_set_windows.h +10 -25
- data/src/core/lib/iomgr/pollset_uv.c +25 -26
- data/src/core/lib/iomgr/pollset_uv.h +10 -25
- data/src/core/lib/iomgr/pollset_windows.c +17 -27
- data/src/core/lib/iomgr/pollset_windows.h +10 -25
- data/src/core/lib/iomgr/port.h +24 -25
- data/src/core/lib/iomgr/resolve_address.h +10 -25
- data/src/core/lib/iomgr/resolve_address_posix.c +13 -28
- data/src/core/lib/iomgr/resolve_address_uv.c +31 -35
- data/src/core/lib/iomgr/resolve_address_windows.c +13 -28
- data/src/core/lib/iomgr/resource_quota.c +52 -67
- data/src/core/lib/iomgr/resource_quota.h +10 -25
- data/src/core/lib/iomgr/sockaddr.h +10 -25
- data/src/core/lib/iomgr/sockaddr_posix.h +10 -25
- data/src/core/lib/iomgr/sockaddr_utils.c +15 -25
- data/src/core/lib/iomgr/sockaddr_utils.h +12 -25
- data/src/core/lib/iomgr/sockaddr_windows.h +10 -25
- data/src/core/lib/iomgr/socket_factory_posix.c +13 -31
- data/src/core/lib/iomgr/socket_factory_posix.h +10 -25
- data/src/core/lib/iomgr/socket_mutator.c +14 -31
- data/src/core/lib/iomgr/socket_mutator.h +10 -25
- data/src/core/lib/iomgr/socket_utils.h +10 -25
- data/src/core/lib/iomgr/socket_utils_common_posix.c +10 -25
- data/src/core/lib/iomgr/socket_utils_linux.c +10 -25
- data/src/core/lib/iomgr/socket_utils_posix.c +10 -25
- data/src/core/lib/iomgr/socket_utils_posix.h +10 -25
- data/src/core/lib/iomgr/socket_utils_uv.c +10 -25
- data/src/core/lib/iomgr/socket_utils_windows.c +10 -25
- data/src/core/lib/iomgr/socket_windows.c +12 -27
- data/src/core/lib/iomgr/socket_windows.h +10 -25
- data/src/core/lib/iomgr/sys_epoll_wrapper.h +10 -25
- data/src/core/lib/iomgr/tcp_client.h +10 -25
- data/src/core/lib/iomgr/tcp_client_posix.c +21 -34
- data/src/core/lib/iomgr/tcp_client_posix.h +10 -25
- data/src/core/lib/iomgr/tcp_client_uv.c +18 -27
- data/src/core/lib/iomgr/tcp_client_windows.c +14 -29
- data/src/core/lib/iomgr/tcp_posix.c +36 -55
- data/src/core/lib/iomgr/tcp_posix.h +10 -25
- data/src/core/lib/iomgr/tcp_server.h +10 -25
- data/src/core/lib/iomgr/tcp_server_posix.c +16 -31
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +10 -25
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.c +11 -26
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.c +10 -25
- data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.c +10 -25
- data/src/core/lib/iomgr/tcp_server_uv.c +103 -64
- data/src/core/lib/iomgr/tcp_server_windows.c +14 -29
- data/src/core/lib/iomgr/tcp_uv.c +41 -45
- data/src/core/lib/iomgr/tcp_uv.h +10 -25
- data/src/core/lib/iomgr/tcp_windows.c +39 -53
- data/src/core/lib/iomgr/tcp_windows.h +10 -25
- data/src/core/lib/iomgr/time_averaged_stats.c +10 -25
- data/src/core/lib/iomgr/time_averaged_stats.h +10 -25
- data/src/core/lib/iomgr/timer.h +18 -27
- data/src/core/lib/iomgr/timer_generic.c +91 -87
- data/src/core/lib/iomgr/timer_generic.h +10 -25
- data/src/core/lib/iomgr/timer_heap.c +10 -25
- data/src/core/lib/iomgr/timer_heap.h +10 -25
- data/src/core/lib/iomgr/timer_manager.c +178 -100
- data/src/core/lib/iomgr/timer_manager.h +10 -25
- data/src/core/lib/iomgr/timer_uv.c +23 -33
- data/src/core/lib/iomgr/timer_uv.h +10 -25
- data/src/core/lib/iomgr/udp_server.c +17 -32
- data/src/core/lib/iomgr/udp_server.h +10 -25
- data/src/core/lib/iomgr/unix_sockets_posix.c +10 -25
- data/src/core/lib/iomgr/unix_sockets_posix.h +10 -25
- data/src/core/lib/iomgr/unix_sockets_posix_noop.c +10 -25
- data/src/core/lib/iomgr/wakeup_fd_cv.c +10 -25
- data/src/core/lib/iomgr/wakeup_fd_cv.h +13 -28
- data/src/core/lib/iomgr/wakeup_fd_eventfd.c +10 -25
- data/src/core/lib/iomgr/wakeup_fd_nospecial.c +10 -25
- data/src/core/lib/iomgr/wakeup_fd_pipe.c +10 -25
- data/src/core/lib/iomgr/wakeup_fd_pipe.h +10 -25
- data/src/core/lib/iomgr/wakeup_fd_posix.c +10 -25
- data/src/core/lib/iomgr/wakeup_fd_posix.h +10 -25
- data/src/core/lib/json/json.c +10 -25
- data/src/core/lib/json/json.h +10 -25
- data/src/core/lib/json/json_common.h +10 -25
- data/src/core/lib/json/json_reader.c +11 -25
- data/src/core/lib/json/json_reader.h +10 -25
- data/src/core/lib/json/json_string.c +10 -25
- data/src/core/lib/json/json_writer.c +10 -25
- data/src/core/lib/json/json_writer.h +10 -25
- data/src/core/lib/profiling/basic_timers.c +10 -25
- data/src/core/lib/profiling/stap_timers.c +10 -25
- data/src/core/lib/profiling/timers.h +10 -25
- data/src/core/lib/security/context/security_context.c +32 -40
- data/src/core/lib/security/context/security_context.h +15 -26
- data/src/core/lib/security/credentials/composite/composite_credentials.c +76 -81
- data/src/core/lib/security/credentials/composite/composite_credentials.h +10 -25
- data/src/core/lib/security/credentials/credentials.c +29 -49
- data/src/core/lib/security/credentials/credentials.h +48 -61
- data/src/core/lib/security/credentials/credentials_metadata.c +34 -78
- data/src/core/lib/security/credentials/fake/fake_credentials.c +33 -56
- data/src/core/lib/security/credentials/fake/fake_credentials.h +12 -27
- data/src/core/lib/security/credentials/google_default/credentials_generic.c +10 -25
- data/src/core/lib/security/credentials/google_default/google_default_credentials.c +12 -27
- data/src/core/lib/security/credentials/google_default/google_default_credentials.h +10 -25
- data/src/core/lib/security/credentials/iam/iam_credentials.c +40 -40
- data/src/core/lib/security/credentials/iam/iam_credentials.h +11 -26
- data/src/core/lib/security/credentials/jwt/json_token.c +10 -25
- data/src/core/lib/security/credentials/jwt/json_token.h +10 -25
- data/src/core/lib/security/credentials/jwt/jwt_credentials.c +45 -48
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +11 -26
- data/src/core/lib/security/credentials/jwt/jwt_verifier.c +53 -33
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +10 -25
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.c +155 -87
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +24 -28
- data/src/core/lib/security/credentials/plugin/plugin_credentials.c +118 -82
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +24 -27
- data/src/core/lib/security/credentials/ssl/ssl_credentials.c +13 -32
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +10 -25
- data/src/core/lib/security/transport/auth_filters.h +10 -25
- data/src/core/lib/security/transport/client_auth_filter.c +217 -112
- data/src/core/lib/security/transport/lb_targets_info.c +16 -32
- data/src/core/lib/security/transport/lb_targets_info.h +10 -25
- data/src/core/lib/security/transport/secure_endpoint.c +29 -43
- data/src/core/lib/security/transport/secure_endpoint.h +10 -25
- data/src/core/lib/security/transport/security_connector.c +80 -61
- data/src/core/lib/security/transport/security_connector.h +35 -35
- data/src/core/lib/security/transport/security_handshaker.c +18 -33
- data/src/core/lib/security/transport/security_handshaker.h +10 -25
- data/src/core/lib/security/transport/server_auth_filter.c +62 -116
- data/src/core/lib/security/transport/tsi_error.c +10 -25
- data/src/core/lib/security/transport/tsi_error.h +10 -25
- data/src/core/lib/security/util/json_util.c +10 -25
- data/src/core/lib/security/util/json_util.h +10 -25
- data/src/core/lib/slice/b64.c +10 -25
- data/src/core/lib/slice/b64.h +10 -25
- data/src/core/lib/slice/percent_encoding.c +10 -25
- data/src/core/lib/slice/percent_encoding.h +10 -25
- data/src/core/lib/slice/slice.c +10 -25
- data/src/core/lib/slice/slice_buffer.c +10 -25
- data/src/core/lib/slice/slice_hash_table.c +48 -26
- data/src/core/lib/slice/slice_hash_table.h +26 -28
- data/src/core/lib/slice/slice_intern.c +10 -25
- data/src/core/lib/slice/slice_internal.h +10 -25
- data/src/core/lib/slice/slice_string_helpers.c +10 -25
- data/src/core/lib/slice/slice_string_helpers.h +10 -25
- data/src/core/lib/support/alloc.c +10 -25
- data/src/core/lib/support/arena.c +12 -27
- data/src/core/lib/support/arena.h +10 -25
- data/src/core/lib/support/atm.c +17 -32
- data/src/core/lib/support/atomic.h +10 -25
- data/src/core/lib/support/atomic_with_atm.h +10 -25
- data/src/core/lib/support/atomic_with_std.h +10 -25
- data/src/core/lib/support/avl.c +101 -101
- data/src/core/lib/support/backoff.c +10 -25
- data/src/core/lib/support/backoff.h +10 -25
- data/src/core/lib/support/block_annotate.h +10 -25
- data/src/core/lib/support/cmdline.c +10 -25
- data/src/core/lib/support/cpu_iphone.c +10 -25
- data/src/core/lib/support/cpu_linux.c +10 -25
- data/src/core/lib/support/cpu_posix.c +10 -25
- data/src/core/lib/support/cpu_windows.c +10 -25
- data/src/core/lib/support/env.h +16 -25
- data/src/core/lib/support/env_linux.c +30 -37
- data/src/core/lib/support/env_posix.c +15 -25
- data/src/core/lib/support/env_windows.c +15 -25
- data/src/core/lib/support/histogram.c +10 -25
- data/src/core/lib/support/host_port.c +10 -25
- data/src/core/lib/support/log.c +20 -29
- data/src/core/lib/support/log_android.c +10 -25
- data/src/core/lib/support/log_linux.c +13 -26
- data/src/core/lib/support/log_posix.c +10 -25
- data/src/core/lib/support/log_windows.c +10 -25
- data/src/core/lib/support/memory.h +10 -25
- data/src/core/lib/support/mpscq.c +11 -49
- data/src/core/lib/support/mpscq.h +11 -50
- data/src/core/lib/support/murmur_hash.c +12 -25
- data/src/core/lib/support/murmur_hash.h +10 -25
- data/src/core/lib/support/spinlock.h +10 -25
- data/src/core/lib/support/stack_lockfree.c +10 -25
- data/src/core/lib/support/stack_lockfree.h +10 -25
- data/src/core/lib/support/string.c +10 -25
- data/src/core/lib/support/string.h +10 -25
- data/src/core/lib/support/string_posix.c +10 -25
- data/src/core/lib/support/string_util_windows.c +10 -25
- data/src/core/lib/support/string_windows.c +10 -25
- data/src/core/lib/support/string_windows.h +10 -25
- data/src/core/lib/support/subprocess_posix.c +10 -25
- data/src/core/lib/support/subprocess_windows.c +10 -25
- data/src/core/lib/support/sync.c +10 -25
- data/src/core/lib/support/sync_posix.c +10 -25
- data/src/core/lib/support/sync_windows.c +10 -25
- data/src/core/lib/support/thd.c +10 -25
- data/src/core/lib/support/thd_internal.h +10 -25
- data/src/core/lib/support/thd_posix.c +10 -25
- data/src/core/lib/support/thd_windows.c +10 -25
- data/src/core/lib/support/time.c +10 -25
- data/src/core/lib/support/time_posix.c +10 -25
- data/src/core/lib/support/time_precise.c +18 -33
- data/src/core/lib/support/time_precise.h +10 -25
- data/src/core/lib/support/time_windows.c +10 -25
- data/src/core/lib/support/tls_pthread.c +10 -25
- data/src/core/lib/support/tmpfile.h +10 -25
- data/src/core/lib/support/tmpfile_msys.c +10 -25
- data/src/core/lib/support/tmpfile_posix.c +10 -25
- data/src/core/lib/support/tmpfile_windows.c +10 -25
- data/src/core/lib/support/wrap_memcpy.c +10 -25
- data/src/core/lib/surface/alarm.c +78 -35
- data/src/core/lib/surface/alarm_internal.h +40 -0
- data/src/core/lib/surface/api_trace.c +11 -26
- data/src/core/lib/surface/api_trace.h +10 -25
- data/src/core/lib/surface/byte_buffer.c +10 -25
- data/src/core/lib/surface/byte_buffer_reader.c +10 -25
- data/src/core/lib/surface/call.c +64 -84
- data/src/core/lib/surface/call.h +11 -26
- data/src/core/lib/surface/call_details.c +10 -25
- data/src/core/lib/surface/call_log_batch.c +10 -25
- data/src/core/lib/surface/call_test_only.h +10 -25
- data/src/core/lib/surface/channel.c +11 -26
- data/src/core/lib/surface/channel.h +11 -26
- data/src/core/lib/surface/channel_init.c +10 -25
- data/src/core/lib/surface/channel_init.h +10 -25
- data/src/core/lib/surface/channel_ping.c +12 -27
- data/src/core/lib/surface/channel_stack_type.c +10 -25
- data/src/core/lib/surface/channel_stack_type.h +10 -25
- data/src/core/lib/surface/completion_queue.c +442 -331
- data/src/core/lib/surface/completion_queue.h +16 -33
- data/src/core/lib/surface/completion_queue_factory.c +10 -25
- data/src/core/lib/surface/completion_queue_factory.h +10 -25
- data/src/core/lib/surface/event_string.c +10 -25
- data/src/core/lib/surface/event_string.h +10 -25
- data/src/core/lib/surface/init.c +38 -47
- data/src/core/lib/surface/init.h +10 -25
- data/src/core/lib/surface/init_secure.c +20 -27
- data/src/core/lib/surface/lame_client.cc +14 -29
- data/src/core/lib/surface/lame_client.h +10 -25
- data/src/core/lib/surface/metadata_array.c +10 -25
- data/src/core/lib/surface/server.c +128 -81
- data/src/core/lib/surface/server.h +10 -25
- data/src/core/lib/surface/validate_metadata.c +10 -25
- data/src/core/lib/surface/validate_metadata.h +10 -25
- data/src/core/lib/surface/version.c +11 -26
- data/src/core/lib/transport/bdp_estimator.c +19 -29
- data/src/core/lib/transport/bdp_estimator.h +16 -29
- data/src/core/lib/transport/byte_stream.c +127 -36
- data/src/core/lib/transport/byte_stream.h +88 -46
- data/src/core/lib/transport/connectivity_state.c +17 -31
- data/src/core/lib/transport/connectivity_state.h +10 -25
- data/src/core/lib/transport/error_utils.c +10 -25
- data/src/core/lib/transport/error_utils.h +10 -25
- data/src/core/lib/transport/http2_errors.h +10 -25
- data/src/core/lib/transport/metadata.c +87 -85
- data/src/core/lib/transport/metadata.h +15 -28
- data/src/core/lib/transport/metadata_batch.c +10 -25
- data/src/core/lib/transport/metadata_batch.h +10 -25
- data/src/core/lib/transport/pid_controller.c +10 -25
- data/src/core/lib/transport/pid_controller.h +10 -25
- data/src/core/lib/transport/service_config.c +11 -26
- data/src/core/lib/transport/service_config.h +10 -25
- data/src/core/lib/transport/static_metadata.c +12 -26
- data/src/core/lib/transport/static_metadata.h +10 -25
- data/src/core/lib/transport/status_conversion.c +10 -25
- data/src/core/lib/transport/status_conversion.h +10 -25
- data/src/core/lib/transport/timeout_encoding.c +10 -25
- data/src/core/lib/transport/timeout_encoding.h +10 -25
- data/src/core/lib/transport/transport.c +60 -53
- data/src/core/lib/transport/transport.h +36 -34
- data/src/core/lib/transport/transport_impl.h +10 -25
- data/src/core/lib/transport/transport_op_string.c +10 -28
- data/src/core/plugin_registry/grpc_plugin_registry.c +22 -25
- data/src/core/tsi/fake_transport_security.c +199 -94
- data/src/core/tsi/fake_transport_security.h +11 -26
- data/src/core/tsi/gts_transport_security.c +40 -0
- data/src/core/tsi/gts_transport_security.h +37 -0
- data/src/core/tsi/ssl_transport_security.c +13 -32
- data/src/core/tsi/ssl_transport_security.h +10 -25
- data/src/core/tsi/ssl_types.h +10 -25
- data/src/core/tsi/transport_security.c +48 -78
- data/src/core/tsi/transport_security.h +18 -27
- data/src/core/tsi/transport_security_adapter.c +17 -29
- data/src/core/tsi/transport_security_adapter.h +10 -25
- data/src/core/tsi/transport_security_grpc.c +64 -0
- data/src/core/tsi/transport_security_grpc.h +80 -0
- data/src/core/tsi/transport_security_interface.h +21 -27
- data/src/ruby/bin/apis/google/protobuf/empty.rb +10 -25
- data/src/ruby/bin/apis/pubsub_demo.rb +10 -25
- data/src/ruby/bin/apis/tech/pubsub/proto/pubsub.rb +10 -25
- data/src/ruby/bin/apis/tech/pubsub/proto/pubsub_services.rb +10 -25
- data/src/ruby/bin/math_client.rb +10 -25
- data/src/ruby/bin/math_server.rb +10 -25
- data/src/ruby/bin/math_services_pb.rb +10 -25
- data/src/ruby/bin/noproto_client.rb +10 -25
- data/src/ruby/bin/noproto_server.rb +10 -25
- data/src/ruby/ext/grpc/extconf.rb +10 -25
- data/src/ruby/ext/grpc/rb_byte_buffer.c +10 -25
- data/src/ruby/ext/grpc/rb_byte_buffer.h +10 -25
- data/src/ruby/ext/grpc/rb_call.c +44 -25
- data/src/ruby/ext/grpc/rb_call.h +10 -25
- data/src/ruby/ext/grpc/rb_call_credentials.c +10 -25
- data/src/ruby/ext/grpc/rb_call_credentials.h +10 -25
- data/src/ruby/ext/grpc/rb_channel.c +10 -25
- data/src/ruby/ext/grpc/rb_channel.h +10 -25
- data/src/ruby/ext/grpc/rb_channel_args.c +10 -25
- data/src/ruby/ext/grpc/rb_channel_args.h +10 -25
- data/src/ruby/ext/grpc/rb_channel_credentials.c +10 -25
- data/src/ruby/ext/grpc/rb_channel_credentials.h +10 -25
- data/src/ruby/ext/grpc/rb_completion_queue.c +10 -25
- data/src/ruby/ext/grpc/rb_completion_queue.h +10 -25
- data/src/ruby/ext/grpc/rb_compression_options.c +10 -25
- data/src/ruby/ext/grpc/rb_compression_options.h +10 -25
- data/src/ruby/ext/grpc/rb_event_thread.c +10 -25
- data/src/ruby/ext/grpc/rb_event_thread.h +10 -25
- data/src/ruby/ext/grpc/rb_grpc.c +10 -25
- data/src/ruby/ext/grpc/rb_grpc.h +10 -25
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +10 -25
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +16 -31
- data/src/ruby/ext/grpc/rb_loader.c +10 -25
- data/src/ruby/ext/grpc/rb_loader.h +10 -25
- data/src/ruby/ext/grpc/rb_server.c +10 -25
- data/src/ruby/ext/grpc/rb_server.h +10 -25
- data/src/ruby/ext/grpc/rb_server_credentials.c +10 -25
- data/src/ruby/ext/grpc/rb_server_credentials.h +10 -25
- data/src/ruby/lib/grpc.rb +10 -25
- data/src/ruby/lib/grpc/core/time_consts.rb +10 -25
- data/src/ruby/lib/grpc/errors.rb +16 -30
- data/src/ruby/lib/grpc/generic/active_call.rb +25 -27
- data/src/ruby/lib/grpc/generic/bidi_call.rb +17 -27
- data/src/ruby/lib/grpc/generic/client_stub.rb +10 -25
- data/src/ruby/lib/grpc/generic/rpc_desc.rb +10 -25
- data/src/ruby/lib/grpc/generic/rpc_server.rb +10 -25
- data/src/ruby/lib/grpc/generic/service.rb +10 -25
- data/src/ruby/lib/grpc/grpc.rb +10 -25
- data/src/ruby/lib/grpc/logconfig.rb +10 -25
- data/src/ruby/lib/grpc/notifier.rb +10 -25
- data/src/ruby/lib/grpc/version.rb +11 -26
- data/src/ruby/pb/generate_proto_ruby.sh +10 -25
- data/src/ruby/pb/grpc/health/checker.rb +10 -25
- data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +10 -25
- data/src/ruby/pb/grpc/testing/duplicate/echo_duplicate_services_pb.rb +10 -25
- data/src/ruby/pb/grpc/testing/metrics_services_pb.rb +10 -25
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +10 -25
- data/src/ruby/pb/test/client.rb +10 -25
- data/src/ruby/pb/test/server.rb +10 -25
- data/src/ruby/spec/call_credentials_spec.rb +10 -25
- data/src/ruby/spec/call_spec.rb +43 -25
- data/src/ruby/spec/channel_connection_spec.rb +10 -25
- data/src/ruby/spec/channel_credentials_spec.rb +11 -26
- data/src/ruby/spec/channel_spec.rb +10 -25
- data/src/ruby/spec/client_auth_spec.rb +10 -25
- data/src/ruby/spec/client_server_spec.rb +66 -25
- data/src/ruby/spec/compression_options_spec.rb +10 -25
- data/src/ruby/spec/error_sanity_spec.rb +10 -25
- data/src/ruby/spec/generic/active_call_spec.rb +10 -25
- data/src/ruby/spec/generic/client_stub_spec.rb +146 -35
- data/src/ruby/spec/generic/rpc_desc_spec.rb +10 -25
- data/src/ruby/spec/generic/rpc_server_pool_spec.rb +10 -25
- data/src/ruby/spec/generic/rpc_server_spec.rb +124 -34
- data/src/ruby/spec/generic/service_spec.rb +10 -25
- data/src/ruby/spec/pb/duplicate/codegen_spec.rb +10 -25
- data/src/ruby/spec/pb/health/checker_spec.rb +10 -25
- data/src/ruby/spec/server_credentials_spec.rb +10 -25
- data/src/ruby/spec/server_spec.rb +10 -25
- data/src/ruby/spec/spec_helper.rb +10 -25
- data/src/ruby/spec/time_consts_spec.rb +10 -25
- data/third_party/boringssl/crypto/aes/key_wrap.c +138 -0
- data/third_party/boringssl/crypto/asn1/a_bitstr.c +6 -3
- data/third_party/boringssl/crypto/asn1/a_enum.c +4 -1
- data/third_party/boringssl/crypto/asn1/a_gentm.c +20 -15
- data/third_party/boringssl/crypto/asn1/a_int.c +7 -4
- data/third_party/boringssl/crypto/asn1/a_object.c +5 -2
- data/third_party/boringssl/crypto/asn1/a_time.c +0 -1
- data/third_party/boringssl/crypto/asn1/a_utctm.c +1 -2
- data/third_party/boringssl/crypto/asn1/asn1_lib.c +5 -2
- data/third_party/boringssl/crypto/asn1/asn1_locl.h +35 -0
- data/third_party/boringssl/crypto/asn1/tasn_dec.c +3 -1
- data/third_party/boringssl/crypto/asn1/tasn_enc.c +6 -3
- data/third_party/boringssl/crypto/asn1/tasn_new.c +12 -7
- data/third_party/boringssl/crypto/asn1/tasn_utl.c +22 -8
- data/third_party/boringssl/crypto/{time_support.c → asn1/time_support.c} +1 -1
- data/third_party/boringssl/crypto/asn1/x_long.c +5 -2
- data/third_party/boringssl/crypto/base64/base64.c +7 -5
- data/third_party/boringssl/crypto/bio/bio.c +24 -10
- data/third_party/boringssl/crypto/bio/bio_mem.c +12 -10
- data/third_party/boringssl/crypto/bio/connect.c +7 -18
- data/third_party/boringssl/crypto/bio/fd.c +3 -6
- data/third_party/boringssl/crypto/bio/file.c +6 -6
- data/third_party/boringssl/crypto/bio/hexdump.c +4 -2
- data/third_party/boringssl/crypto/bio/pair.c +30 -344
- data/third_party/boringssl/crypto/bio/socket.c +6 -7
- data/third_party/boringssl/crypto/bio/socket_helper.c +4 -3
- data/third_party/boringssl/crypto/bn/add.c +1 -1
- data/third_party/boringssl/crypto/bn/asm/x86_64-gcc.c +11 -10
- data/third_party/boringssl/crypto/bn/bn.c +6 -20
- data/third_party/boringssl/crypto/bn/cmp.c +14 -0
- data/third_party/boringssl/crypto/bn/convert.c +73 -2
- data/third_party/boringssl/crypto/bn/ctx.c +3 -1
- data/third_party/boringssl/crypto/bn/div.c +108 -51
- data/third_party/boringssl/crypto/bn/exponentiation.c +15 -33
- data/third_party/boringssl/crypto/bn/gcd.c +29 -22
- data/third_party/boringssl/crypto/bn/generic.c +71 -67
- data/third_party/boringssl/crypto/bn/internal.h +19 -6
- data/third_party/boringssl/crypto/bn/kronecker.c +1 -0
- data/third_party/boringssl/crypto/bn/montgomery.c +9 -10
- data/third_party/boringssl/crypto/bn/montgomery_inv.c +47 -0
- data/third_party/boringssl/crypto/bn/mul.c +11 -9
- data/third_party/boringssl/crypto/bn/random.c +6 -3
- data/third_party/boringssl/crypto/bn/rsaz_exp.c +0 -65
- data/third_party/boringssl/crypto/bn/rsaz_exp.h +0 -3
- data/third_party/boringssl/crypto/bn/shift.c +9 -1
- data/third_party/boringssl/crypto/bn/sqrt.c +3 -1
- data/third_party/boringssl/crypto/buf/buf.c +6 -4
- data/third_party/boringssl/crypto/bytestring/asn1_compat.c +2 -1
- data/third_party/boringssl/crypto/bytestring/ber.c +2 -1
- data/third_party/boringssl/crypto/bytestring/cbb.c +9 -7
- data/third_party/boringssl/crypto/bytestring/cbs.c +54 -2
- data/third_party/boringssl/crypto/chacha/chacha.c +1 -1
- data/third_party/boringssl/crypto/cipher/aead.c +3 -3
- data/third_party/boringssl/crypto/cipher/cipher.c +18 -13
- data/third_party/boringssl/crypto/cipher/e_aes.c +335 -281
- data/third_party/boringssl/crypto/cipher/e_chacha20poly1305.c +113 -137
- data/third_party/boringssl/crypto/cipher/e_null.c +2 -1
- data/third_party/boringssl/crypto/cipher/e_rc2.c +54 -49
- data/third_party/boringssl/crypto/cipher/e_ssl3.c +4 -3
- data/third_party/boringssl/crypto/cipher/e_tls.c +5 -5
- data/third_party/boringssl/crypto/cipher/tls_cbc.c +41 -112
- data/third_party/boringssl/crypto/cmac/cmac.c +6 -4
- data/third_party/boringssl/crypto/conf/conf.c +6 -3
- data/third_party/boringssl/crypto/cpu-arm-linux.c +2 -2
- data/third_party/boringssl/crypto/curve25519/curve25519.c +28 -34
- data/third_party/boringssl/crypto/curve25519/spake25519.c +7 -6
- data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +2 -1
- data/third_party/boringssl/crypto/des/des.c +1 -1
- data/third_party/boringssl/crypto/des/internal.h +58 -46
- data/third_party/boringssl/crypto/dh/dh.c +4 -8
- data/third_party/boringssl/crypto/digest/digest.c +5 -2
- data/third_party/boringssl/crypto/digest/digests.c +70 -33
- data/third_party/boringssl/crypto/digest/md32_common.h +39 -27
- data/third_party/boringssl/crypto/dsa/dsa.c +11 -19
- data/third_party/boringssl/crypto/ec/ec.c +1 -1
- data/third_party/boringssl/crypto/ec/ec_asn1.c +3 -2
- data/third_party/boringssl/crypto/ec/ec_key.c +1 -1
- data/third_party/boringssl/crypto/ec/ec_montgomery.c +6 -11
- data/third_party/boringssl/crypto/ec/oct.c +2 -14
- data/third_party/boringssl/crypto/ec/p224-64.c +78 -122
- data/third_party/boringssl/crypto/ec/p256-64.c +93 -133
- data/third_party/boringssl/crypto/ec/p256-x86_64.c +48 -61
- data/third_party/boringssl/crypto/ec/p256-x86_64.h +113 -0
- data/third_party/boringssl/crypto/ec/simple.c +2 -1
- data/third_party/boringssl/crypto/ec/wnaf.c +52 -43
- data/third_party/boringssl/crypto/ecdh/ecdh.c +4 -2
- data/third_party/boringssl/crypto/ecdsa/ecdsa.c +17 -16
- data/third_party/boringssl/crypto/engine/engine.c +3 -1
- data/third_party/boringssl/crypto/err/err.c +5 -5
- data/third_party/boringssl/crypto/evp/evp.c +1 -1
- data/third_party/boringssl/crypto/evp/evp_asn1.c +1 -1
- data/third_party/boringssl/crypto/evp/evp_ctx.c +23 -29
- data/third_party/boringssl/crypto/evp/p_ec.c +2 -1
- data/third_party/boringssl/crypto/evp/p_rsa.c +9 -3
- data/third_party/boringssl/crypto/evp/pbkdf.c +3 -1
- data/third_party/boringssl/crypto/hkdf/hkdf.c +3 -1
- data/third_party/boringssl/crypto/hmac/hmac.c +4 -2
- data/third_party/boringssl/crypto/internal.h +81 -0
- data/third_party/boringssl/crypto/lhash/lhash.c +7 -13
- data/third_party/boringssl/crypto/md4/md4.c +20 -18
- data/third_party/boringssl/crypto/md5/md5.c +31 -21
- data/third_party/boringssl/crypto/mem.c +4 -10
- data/third_party/boringssl/crypto/modes/cbc.c +2 -6
- data/third_party/boringssl/crypto/modes/cfb.c +2 -2
- data/third_party/boringssl/crypto/modes/ctr.c +1 -1
- data/third_party/boringssl/crypto/modes/gcm.c +117 -334
- data/third_party/boringssl/crypto/modes/internal.h +107 -84
- data/third_party/boringssl/crypto/modes/ofb.c +3 -3
- data/third_party/boringssl/crypto/modes/polyval.c +94 -0
- data/third_party/boringssl/crypto/obj/obj.c +13 -8
- data/third_party/boringssl/crypto/obj/obj_dat.h +6109 -5187
- data/third_party/boringssl/crypto/obj/obj_xref.c +55 -57
- data/third_party/boringssl/crypto/pem/pem_lib.c +6 -3
- data/third_party/boringssl/crypto/pkcs8/internal.h +27 -8
- data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +137 -352
- data/third_party/boringssl/crypto/pkcs8/pkcs8.c +371 -364
- data/third_party/boringssl/crypto/poly1305/poly1305.c +12 -18
- data/third_party/boringssl/crypto/poly1305/poly1305_arm.c +2 -2
- data/third_party/boringssl/crypto/{newhope/reduce.c → pool/internal.h} +24 -21
- data/third_party/boringssl/crypto/pool/pool.c +200 -0
- data/third_party/boringssl/crypto/rand/deterministic.c +6 -5
- data/third_party/boringssl/crypto/rand/fuchsia.c +43 -0
- data/third_party/boringssl/crypto/rand/rand.c +7 -7
- data/third_party/boringssl/crypto/rand/urandom.c +136 -22
- data/third_party/boringssl/crypto/rand/windows.c +2 -2
- data/third_party/boringssl/crypto/rsa/blinding.c +2 -1
- data/third_party/boringssl/crypto/rsa/padding.c +11 -11
- data/third_party/boringssl/crypto/rsa/rsa.c +4 -4
- data/third_party/boringssl/crypto/rsa/rsa_asn1.c +7 -1
- data/third_party/boringssl/crypto/rsa/rsa_impl.c +41 -80
- data/third_party/boringssl/crypto/sha/sha1-altivec.c +346 -0
- data/third_party/boringssl/crypto/sha/sha1.c +60 -42
- data/third_party/boringssl/crypto/sha/sha256.c +4 -2
- data/third_party/boringssl/crypto/sha/sha512.c +9 -7
- data/third_party/boringssl/crypto/stack/stack.c +10 -7
- data/third_party/boringssl/crypto/thread_pthread.c +2 -2
- data/third_party/boringssl/crypto/thread_win.c +2 -2
- data/third_party/boringssl/crypto/x509/a_verify.c +1 -1
- data/third_party/boringssl/crypto/x509/asn1_gen.c +1 -1
- data/third_party/boringssl/crypto/x509/by_dir.c +1 -1
- data/third_party/boringssl/crypto/x509/t_x509.c +78 -38
- data/third_party/boringssl/crypto/x509/x509_cmp.c +8 -5
- data/third_party/boringssl/crypto/x509/x509_lu.c +6 -1
- data/third_party/boringssl/crypto/x509/x509_obj.c +4 -1
- data/third_party/boringssl/crypto/x509/x509_vfy.c +42 -8
- data/third_party/boringssl/crypto/x509/x509_vpm.c +8 -6
- data/third_party/boringssl/crypto/x509/x509name.c +4 -1
- data/third_party/boringssl/crypto/x509/x_crl.c +4 -2
- data/third_party/boringssl/crypto/x509/x_name.c +23 -13
- data/third_party/boringssl/crypto/x509/x_pkey.c +4 -1
- data/third_party/boringssl/crypto/x509/x_x509.c +42 -3
- data/third_party/boringssl/crypto/x509v3/pcy_int.h +2 -2
- data/third_party/boringssl/crypto/x509v3/pcy_tree.c +2 -1
- data/third_party/boringssl/crypto/x509v3/v3_cpols.c +1 -1
- data/third_party/boringssl/crypto/x509v3/v3_ia5.c +4 -1
- data/third_party/boringssl/crypto/x509v3/v3_ncons.c +4 -1
- data/third_party/boringssl/crypto/x509v3/v3_pci.c +6 -3
- data/third_party/boringssl/crypto/x509v3/v3_purp.c +13 -21
- data/third_party/boringssl/crypto/x509v3/v3_utl.c +19 -33
- data/third_party/boringssl/include/openssl/aead.h +9 -20
- data/third_party/boringssl/include/openssl/aes.h +21 -9
- data/third_party/boringssl/include/openssl/asn1.h +9 -1
- data/third_party/boringssl/include/openssl/base.h +33 -6
- data/third_party/boringssl/include/openssl/bio.h +10 -103
- data/third_party/boringssl/include/openssl/bn.h +58 -42
- data/third_party/boringssl/include/openssl/bytestring.h +17 -0
- data/third_party/boringssl/include/openssl/cipher.h +4 -3
- data/third_party/boringssl/include/openssl/conf.h +4 -1
- data/third_party/boringssl/include/openssl/curve25519.h +13 -0
- data/third_party/boringssl/include/openssl/digest.h +5 -3
- data/third_party/boringssl/include/openssl/dsa.h +5 -5
- data/third_party/boringssl/include/openssl/ec.h +2 -2
- data/third_party/boringssl/include/openssl/ecdh.h +3 -4
- data/third_party/boringssl/include/openssl/ecdsa.h +10 -10
- data/third_party/boringssl/include/openssl/err.h +5 -5
- data/third_party/boringssl/include/openssl/evp.h +11 -7
- data/third_party/boringssl/include/openssl/lhash.h +2 -3
- data/third_party/boringssl/include/openssl/lhash_macros.h +56 -14
- data/third_party/boringssl/include/openssl/nid.h +2949 -2916
- data/third_party/boringssl/include/openssl/obj.h +1 -1
- data/third_party/boringssl/include/openssl/pkcs8.h +21 -42
- data/third_party/boringssl/include/openssl/pool.h +87 -0
- data/third_party/boringssl/include/openssl/rand.h +1 -1
- data/third_party/boringssl/include/openssl/rsa.h +4 -2
- data/third_party/boringssl/include/openssl/sha.h +0 -4
- data/third_party/boringssl/include/openssl/ssl.h +327 -662
- data/third_party/boringssl/include/openssl/ssl3.h +1 -21
- data/third_party/boringssl/include/openssl/stack.h +1 -0
- data/third_party/boringssl/include/openssl/stack_macros.h +85 -0
- data/third_party/boringssl/include/openssl/tls1.h +23 -52
- data/third_party/boringssl/include/openssl/type_check.h +4 -0
- data/third_party/boringssl/include/openssl/x509.h +10 -59
- data/third_party/boringssl/include/openssl/x509_vfy.h +7 -1
- data/third_party/boringssl/include/openssl/x509v3.h +4 -4
- data/third_party/boringssl/ssl/bio_ssl.c +175 -0
- data/third_party/boringssl/ssl/custom_extensions.c +24 -21
- data/third_party/boringssl/ssl/d1_both.c +259 -289
- data/third_party/boringssl/ssl/d1_lib.c +8 -20
- data/third_party/boringssl/ssl/d1_pkt.c +6 -15
- data/third_party/boringssl/ssl/dtls_method.c +22 -8
- data/third_party/boringssl/ssl/dtls_record.c +27 -2
- data/third_party/boringssl/ssl/handshake_client.c +460 -579
- data/third_party/boringssl/ssl/handshake_server.c +662 -644
- data/third_party/boringssl/ssl/internal.h +1009 -375
- data/third_party/boringssl/ssl/s3_both.c +312 -162
- data/third_party/boringssl/ssl/s3_lib.c +12 -128
- data/third_party/boringssl/ssl/s3_pkt.c +22 -30
- data/third_party/boringssl/ssl/ssl_aead_ctx.c +28 -22
- data/third_party/boringssl/ssl/ssl_asn1.c +210 -114
- data/third_party/boringssl/ssl/ssl_buffer.c +2 -1
- data/third_party/boringssl/ssl/ssl_cert.c +417 -219
- data/third_party/boringssl/ssl/ssl_cipher.c +191 -393
- data/third_party/boringssl/ssl/ssl_ecdh.c +19 -164
- data/third_party/boringssl/ssl/ssl_file.c +0 -11
- data/third_party/boringssl/ssl/ssl_lib.c +325 -652
- data/third_party/boringssl/ssl/{ssl_rsa.c → ssl_privkey.c} +21 -131
- data/third_party/boringssl/ssl/ssl_privkey_cc.cc +76 -0
- data/third_party/boringssl/ssl/ssl_session.c +206 -95
- data/third_party/boringssl/ssl/ssl_stat.c +18 -84
- data/third_party/boringssl/ssl/{s3_enc.c → ssl_transcript.c} +150 -157
- data/third_party/boringssl/ssl/ssl_x509.c +815 -0
- data/third_party/boringssl/ssl/t1_enc.c +188 -174
- data/third_party/boringssl/ssl/t1_lib.c +1064 -764
- data/third_party/boringssl/ssl/tls13_both.c +290 -96
- data/third_party/boringssl/ssl/tls13_client.c +344 -314
- data/third_party/boringssl/ssl/tls13_enc.c +239 -200
- data/third_party/boringssl/ssl/tls13_server.c +374 -366
- data/third_party/boringssl/ssl/tls_method.c +40 -5
- data/third_party/boringssl/ssl/tls_record.c +166 -71
- metadata +39 -25
- data/src/core/lib/iomgr/workqueue.h +0 -87
- data/src/core/lib/iomgr/workqueue_uv.c +0 -65
- data/src/core/lib/iomgr/workqueue_uv.h +0 -37
- data/src/core/lib/iomgr/workqueue_windows.c +0 -63
- data/src/core/lib/iomgr/workqueue_windows.h +0 -37
- data/third_party/boringssl/crypto/bio/buffer.c +0 -496
- data/third_party/boringssl/crypto/newhope/error_correction.c +0 -131
- data/third_party/boringssl/crypto/newhope/internal.h +0 -71
- data/third_party/boringssl/crypto/newhope/newhope.c +0 -174
- data/third_party/boringssl/crypto/newhope/ntt.c +0 -148
- data/third_party/boringssl/crypto/newhope/poly.c +0 -183
- data/third_party/boringssl/crypto/newhope/precomp.c +0 -306
- data/third_party/boringssl/crypto/obj/obj_xref.h +0 -96
- data/third_party/boringssl/crypto/pkcs8/p5_pbe.c +0 -151
- data/third_party/boringssl/include/openssl/newhope.h +0 -158
- data/third_party/boringssl/include/openssl/time_support.h +0 -91
|
@@ -12,16 +12,26 @@
|
|
|
12
12
|
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
|
13
13
|
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
|
|
14
14
|
|
|
15
|
+
#if !defined(_GNU_SOURCE)
|
|
16
|
+
#define _GNU_SOURCE /* needed for syscall() on Linux. */
|
|
17
|
+
#endif
|
|
18
|
+
|
|
15
19
|
#include <openssl/rand.h>
|
|
16
20
|
|
|
17
|
-
#if !defined(OPENSSL_WINDOWS) && !defined(
|
|
21
|
+
#if !defined(OPENSSL_WINDOWS) && !defined(OPENSSL_FUCHSIA) && \
|
|
22
|
+
!defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE)
|
|
18
23
|
|
|
19
24
|
#include <assert.h>
|
|
20
25
|
#include <errno.h>
|
|
21
26
|
#include <fcntl.h>
|
|
27
|
+
#include <stdio.h>
|
|
22
28
|
#include <string.h>
|
|
23
29
|
#include <unistd.h>
|
|
24
30
|
|
|
31
|
+
#if defined(OPENSSL_LINUX)
|
|
32
|
+
#include <sys/syscall.h>
|
|
33
|
+
#endif
|
|
34
|
+
|
|
25
35
|
#include <openssl/thread.h>
|
|
26
36
|
#include <openssl/mem.h>
|
|
27
37
|
|
|
@@ -29,6 +39,43 @@
|
|
|
29
39
|
#include "../internal.h"
|
|
30
40
|
|
|
31
41
|
|
|
42
|
+
#if defined(OPENSSL_LINUX)
|
|
43
|
+
|
|
44
|
+
#if defined(OPENSSL_X86_64)
|
|
45
|
+
#define EXPECTED_SYS_getrandom 318
|
|
46
|
+
#elif defined(OPENSSL_X86)
|
|
47
|
+
#define EXPECTED_SYS_getrandom 355
|
|
48
|
+
#elif defined(OPENSSL_AARCH64)
|
|
49
|
+
#define EXPECTED_SYS_getrandom 278
|
|
50
|
+
#elif defined(OPENSSL_ARM)
|
|
51
|
+
#define EXPECTED_SYS_getrandom 384
|
|
52
|
+
#elif defined(OPENSSL_PPC64LE)
|
|
53
|
+
#define EXPECTED_SYS_getrandom 359
|
|
54
|
+
#endif
|
|
55
|
+
|
|
56
|
+
#if defined(EXPECTED_SYS_getrandom)
|
|
57
|
+
#define USE_SYS_getrandom
|
|
58
|
+
|
|
59
|
+
#if defined(SYS_getrandom)
|
|
60
|
+
|
|
61
|
+
#if SYS_getrandom != EXPECTED_SYS_getrandom
|
|
62
|
+
#error "system call number for getrandom is not the expected value"
|
|
63
|
+
#endif
|
|
64
|
+
|
|
65
|
+
#else /* SYS_getrandom */
|
|
66
|
+
|
|
67
|
+
#define SYS_getrandom EXPECTED_SYS_getrandom
|
|
68
|
+
|
|
69
|
+
#endif /* SYS_getrandom */
|
|
70
|
+
|
|
71
|
+
#endif /* EXPECTED_SYS_getrandom */
|
|
72
|
+
|
|
73
|
+
#if !defined(GRND_NONBLOCK)
|
|
74
|
+
#define GRND_NONBLOCK 1
|
|
75
|
+
#endif
|
|
76
|
+
|
|
77
|
+
#endif /* OPENSSL_LINUX */
|
|
78
|
+
|
|
32
79
|
/* This file implements a PRNG by reading from /dev/urandom, optionally with a
|
|
33
80
|
* buffer, which is unsafe across |fork|. */
|
|
34
81
|
|
|
@@ -44,12 +91,16 @@ struct rand_buffer {
|
|
|
44
91
|
/* requested_lock is used to protect the |*_requested| variables. */
|
|
45
92
|
static struct CRYPTO_STATIC_MUTEX requested_lock = CRYPTO_STATIC_MUTEX_INIT;
|
|
46
93
|
|
|
47
|
-
/*
|
|
94
|
+
/* The following constants are magic values of |urandom_fd|. */
|
|
95
|
+
static const int kUnset = -2;
|
|
96
|
+
static const int kHaveGetrandom = -3;
|
|
97
|
+
|
|
98
|
+
/* urandom_fd_requested is set by |RAND_set_urandom_fd|. It's protected by
|
|
48
99
|
* |requested_lock|. */
|
|
49
|
-
static int urandom_fd_requested = -2
|
|
100
|
+
static int urandom_fd_requested = -2 /* kUnset */;
|
|
50
101
|
|
|
51
102
|
/* urandom_fd is a file descriptor to /dev/urandom. It's protected by |once|. */
|
|
52
|
-
static int urandom_fd = -2
|
|
103
|
+
static int urandom_fd = -2 /* kUnset */;
|
|
53
104
|
|
|
54
105
|
/* urandom_buffering_requested is set by |RAND_enable_fork_unsafe_buffering|.
|
|
55
106
|
* It's protected by |requested_lock|. */
|
|
@@ -71,7 +122,32 @@ static void init_once(void) {
|
|
|
71
122
|
int fd = urandom_fd_requested;
|
|
72
123
|
CRYPTO_STATIC_MUTEX_unlock_read(&requested_lock);
|
|
73
124
|
|
|
74
|
-
|
|
125
|
+
#if defined(USE_SYS_getrandom)
|
|
126
|
+
uint8_t dummy;
|
|
127
|
+
long getrandom_ret =
|
|
128
|
+
syscall(SYS_getrandom, &dummy, sizeof(dummy), GRND_NONBLOCK);
|
|
129
|
+
|
|
130
|
+
if (getrandom_ret == 1) {
|
|
131
|
+
urandom_fd = kHaveGetrandom;
|
|
132
|
+
return;
|
|
133
|
+
} else if (getrandom_ret == -1 && errno == EAGAIN) {
|
|
134
|
+
fprintf(stderr,
|
|
135
|
+
"getrandom indicates that the entropy pool has not been "
|
|
136
|
+
"initialized. Rather than continue with poor entropy, this process "
|
|
137
|
+
"will block until entropy is available.\n");
|
|
138
|
+
do {
|
|
139
|
+
getrandom_ret =
|
|
140
|
+
syscall(SYS_getrandom, &dummy, sizeof(dummy), 0 /* no flags */);
|
|
141
|
+
} while (getrandom_ret == -1 && errno == EINTR);
|
|
142
|
+
|
|
143
|
+
if (getrandom_ret == 1) {
|
|
144
|
+
urandom_fd = kHaveGetrandom;
|
|
145
|
+
return;
|
|
146
|
+
}
|
|
147
|
+
}
|
|
148
|
+
#endif /* USE_SYS_getrandom */
|
|
149
|
+
|
|
150
|
+
if (fd == kUnset) {
|
|
75
151
|
do {
|
|
76
152
|
fd = open("/dev/urandom", O_RDONLY);
|
|
77
153
|
} while (fd == -1 && errno == EINTR);
|
|
@@ -107,7 +183,9 @@ void RAND_set_urandom_fd(int fd) {
|
|
|
107
183
|
CRYPTO_STATIC_MUTEX_unlock_write(&requested_lock);
|
|
108
184
|
|
|
109
185
|
CRYPTO_once(&once, init_once);
|
|
110
|
-
if (urandom_fd
|
|
186
|
+
if (urandom_fd == kHaveGetrandom) {
|
|
187
|
+
close(fd);
|
|
188
|
+
} else if (urandom_fd != fd) {
|
|
111
189
|
abort(); // Already initialized.
|
|
112
190
|
}
|
|
113
191
|
}
|
|
@@ -119,7 +197,7 @@ void RAND_enable_fork_unsafe_buffering(int fd) {
|
|
|
119
197
|
abort();
|
|
120
198
|
}
|
|
121
199
|
} else {
|
|
122
|
-
fd =
|
|
200
|
+
fd = kUnset;
|
|
123
201
|
}
|
|
124
202
|
|
|
125
203
|
CRYPTO_STATIC_MUTEX_lock_write(&requested_lock);
|
|
@@ -128,8 +206,16 @@ void RAND_enable_fork_unsafe_buffering(int fd) {
|
|
|
128
206
|
CRYPTO_STATIC_MUTEX_unlock_write(&requested_lock);
|
|
129
207
|
|
|
130
208
|
CRYPTO_once(&once, init_once);
|
|
131
|
-
if (urandom_buffering != 1
|
|
132
|
-
abort(); // Already initialized
|
|
209
|
+
if (urandom_buffering != 1) {
|
|
210
|
+
abort(); // Already initialized
|
|
211
|
+
}
|
|
212
|
+
|
|
213
|
+
if (fd >= 0) {
|
|
214
|
+
if (urandom_fd == kHaveGetrandom) {
|
|
215
|
+
close(fd);
|
|
216
|
+
} else if (urandom_fd != fd) {
|
|
217
|
+
abort(); // Already initialized.
|
|
218
|
+
}
|
|
133
219
|
}
|
|
134
220
|
}
|
|
135
221
|
|
|
@@ -144,7 +230,7 @@ static struct rand_buffer *get_thread_local_buffer(void) {
|
|
|
144
230
|
if (buf == NULL) {
|
|
145
231
|
return NULL;
|
|
146
232
|
}
|
|
147
|
-
buf->used = BUF_SIZE; /* To trigger a |
|
|
233
|
+
buf->used = BUF_SIZE; /* To trigger a |fill_with_entropy| on first use. */
|
|
148
234
|
if (!CRYPTO_set_thread_local(OPENSSL_THREAD_LOCAL_URANDOM_BUF, buf,
|
|
149
235
|
OPENSSL_free)) {
|
|
150
236
|
OPENSSL_free(buf);
|
|
@@ -154,15 +240,42 @@ static struct rand_buffer *get_thread_local_buffer(void) {
|
|
|
154
240
|
return buf;
|
|
155
241
|
}
|
|
156
242
|
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
243
|
+
#if defined(USE_SYS_getrandom) && defined(__has_feature)
|
|
244
|
+
#if __has_feature(memory_sanitizer)
|
|
245
|
+
void __msan_unpoison(void *, size_t);
|
|
246
|
+
#endif
|
|
247
|
+
#endif
|
|
161
248
|
|
|
249
|
+
/* fill_with_entropy writes |len| bytes of entropy into |out|. It returns one
|
|
250
|
+
* on success and zero on error. */
|
|
251
|
+
static char fill_with_entropy(uint8_t *out, size_t len) {
|
|
162
252
|
while (len > 0) {
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
253
|
+
ssize_t r;
|
|
254
|
+
|
|
255
|
+
if (urandom_fd == kHaveGetrandom) {
|
|
256
|
+
#if defined(USE_SYS_getrandom)
|
|
257
|
+
do {
|
|
258
|
+
r = syscall(SYS_getrandom, out, len, 0 /* no flags */);
|
|
259
|
+
} while (r == -1 && errno == EINTR);
|
|
260
|
+
|
|
261
|
+
#if defined(__has_feature)
|
|
262
|
+
#if __has_feature(memory_sanitizer)
|
|
263
|
+
if (r > 0) {
|
|
264
|
+
/* MSAN doesn't recognise |syscall| and thus doesn't notice that we
|
|
265
|
+
* have initialised the output buffer. */
|
|
266
|
+
__msan_unpoison(out, r);
|
|
267
|
+
}
|
|
268
|
+
#endif /* memory_sanitizer */
|
|
269
|
+
#endif /*__has_feature */
|
|
270
|
+
|
|
271
|
+
#else /* USE_SYS_getrandom */
|
|
272
|
+
abort();
|
|
273
|
+
#endif
|
|
274
|
+
} else {
|
|
275
|
+
do {
|
|
276
|
+
r = read(urandom_fd, out, len);
|
|
277
|
+
} while (r == -1 && errno == EINTR);
|
|
278
|
+
}
|
|
166
279
|
|
|
167
280
|
if (r <= 0) {
|
|
168
281
|
return 0;
|
|
@@ -181,12 +294,12 @@ static void read_from_buffer(struct rand_buffer *buf,
|
|
|
181
294
|
size_t remaining = BUF_SIZE - buf->used;
|
|
182
295
|
|
|
183
296
|
while (requested > remaining) {
|
|
184
|
-
|
|
297
|
+
OPENSSL_memcpy(out, &buf->rand[buf->used], remaining);
|
|
185
298
|
buf->used += remaining;
|
|
186
299
|
out += remaining;
|
|
187
300
|
requested -= remaining;
|
|
188
301
|
|
|
189
|
-
if (!
|
|
302
|
+
if (!fill_with_entropy(buf->rand, BUF_SIZE)) {
|
|
190
303
|
abort();
|
|
191
304
|
return;
|
|
192
305
|
}
|
|
@@ -194,7 +307,7 @@ static void read_from_buffer(struct rand_buffer *buf,
|
|
|
194
307
|
remaining = BUF_SIZE;
|
|
195
308
|
}
|
|
196
309
|
|
|
197
|
-
|
|
310
|
+
OPENSSL_memcpy(out, &buf->rand[buf->used], requested);
|
|
198
311
|
buf->used += requested;
|
|
199
312
|
}
|
|
200
313
|
|
|
@@ -213,9 +326,10 @@ void CRYPTO_sysrand(uint8_t *out, size_t requested) {
|
|
|
213
326
|
}
|
|
214
327
|
}
|
|
215
328
|
|
|
216
|
-
if (!
|
|
329
|
+
if (!fill_with_entropy(out, requested)) {
|
|
217
330
|
abort();
|
|
218
331
|
}
|
|
219
332
|
}
|
|
220
333
|
|
|
221
|
-
#endif
|
|
334
|
+
#endif /* !OPENSSL_WINDOWS && !defined(OPENSSL_FUCHSIA) && \
|
|
335
|
+
!BORINGSSL_UNSAFE_DETERMINISTIC_MODE */
|
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
|
|
15
15
|
#include <openssl/rand.h>
|
|
16
16
|
|
|
17
|
-
#if defined(OPENSSL_WINDOWS) && !defined(
|
|
17
|
+
#if defined(OPENSSL_WINDOWS) && !defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE)
|
|
18
18
|
|
|
19
19
|
#include <limits.h>
|
|
20
20
|
#include <stdlib.h>
|
|
@@ -50,4 +50,4 @@ void CRYPTO_sysrand(uint8_t *out, size_t requested) {
|
|
|
50
50
|
return;
|
|
51
51
|
}
|
|
52
52
|
|
|
53
|
-
#endif /* OPENSSL_WINDOWS && !
|
|
53
|
+
#endif /* OPENSSL_WINDOWS && !BORINGSSL_UNSAFE_DETERMINISTIC_MODE */
|
|
@@ -115,6 +115,7 @@
|
|
|
115
115
|
#include <openssl/err.h>
|
|
116
116
|
|
|
117
117
|
#include "internal.h"
|
|
118
|
+
#include "../internal.h"
|
|
118
119
|
|
|
119
120
|
|
|
120
121
|
#define BN_BLINDING_COUNTER 32
|
|
@@ -134,7 +135,7 @@ BN_BLINDING *BN_BLINDING_new(void) {
|
|
|
134
135
|
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
|
|
135
136
|
return NULL;
|
|
136
137
|
}
|
|
137
|
-
|
|
138
|
+
OPENSSL_memset(ret, 0, sizeof(BN_BLINDING));
|
|
138
139
|
|
|
139
140
|
ret->A = BN_new();
|
|
140
141
|
if (ret->A == NULL) {
|
|
@@ -92,10 +92,10 @@ int RSA_padding_add_PKCS1_type_1(uint8_t *to, unsigned to_len,
|
|
|
92
92
|
|
|
93
93
|
/* pad out with 0xff data */
|
|
94
94
|
j = to_len - 3 - from_len;
|
|
95
|
-
|
|
95
|
+
OPENSSL_memset(p, 0xff, j);
|
|
96
96
|
p += j;
|
|
97
97
|
*(p++) = 0;
|
|
98
|
-
|
|
98
|
+
OPENSSL_memcpy(p, from, from_len);
|
|
99
99
|
return 1;
|
|
100
100
|
}
|
|
101
101
|
|
|
@@ -146,7 +146,7 @@ int RSA_padding_check_PKCS1_type_1(uint8_t *to, unsigned to_len,
|
|
|
146
146
|
OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE);
|
|
147
147
|
return -1;
|
|
148
148
|
}
|
|
149
|
-
|
|
149
|
+
OPENSSL_memcpy(to, p, j);
|
|
150
150
|
|
|
151
151
|
return j;
|
|
152
152
|
}
|
|
@@ -188,7 +188,7 @@ int RSA_padding_add_PKCS1_type_2(uint8_t *to, unsigned to_len,
|
|
|
188
188
|
|
|
189
189
|
*(p++) = 0;
|
|
190
190
|
|
|
191
|
-
|
|
191
|
+
OPENSSL_memcpy(p, from, from_len);
|
|
192
192
|
return 1;
|
|
193
193
|
}
|
|
194
194
|
|
|
@@ -254,7 +254,7 @@ int RSA_padding_check_PKCS1_type_2(uint8_t *to, unsigned to_len,
|
|
|
254
254
|
return -1;
|
|
255
255
|
}
|
|
256
256
|
|
|
257
|
-
|
|
257
|
+
OPENSSL_memcpy(to, &from[zero_index], msg_len);
|
|
258
258
|
return (int)msg_len;
|
|
259
259
|
}
|
|
260
260
|
|
|
@@ -270,7 +270,7 @@ int RSA_padding_add_none(uint8_t *to, unsigned to_len, const uint8_t *from,
|
|
|
270
270
|
return 0;
|
|
271
271
|
}
|
|
272
272
|
|
|
273
|
-
|
|
273
|
+
OPENSSL_memcpy(to, from, from_len);
|
|
274
274
|
return 1;
|
|
275
275
|
}
|
|
276
276
|
|
|
@@ -305,7 +305,7 @@ static int PKCS1_MGF1(uint8_t *out, size_t len, const uint8_t *seed,
|
|
|
305
305
|
if (!EVP_DigestFinal_ex(&ctx, digest, NULL)) {
|
|
306
306
|
goto err;
|
|
307
307
|
}
|
|
308
|
-
|
|
308
|
+
OPENSSL_memcpy(out, digest, len);
|
|
309
309
|
len = 0;
|
|
310
310
|
}
|
|
311
311
|
}
|
|
@@ -358,9 +358,9 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(uint8_t *to, unsigned to_len,
|
|
|
358
358
|
if (!EVP_Digest(param, param_len, db, NULL, md, NULL)) {
|
|
359
359
|
return 0;
|
|
360
360
|
}
|
|
361
|
-
|
|
361
|
+
OPENSSL_memset(db + mdlen, 0, emlen - from_len - 2 * mdlen - 1);
|
|
362
362
|
db[emlen - from_len - mdlen - 1] = 0x01;
|
|
363
|
-
|
|
363
|
+
OPENSSL_memcpy(db + emlen - from_len - mdlen, from, from_len);
|
|
364
364
|
if (!RAND_bytes(seed, mdlen)) {
|
|
365
365
|
return 0;
|
|
366
366
|
}
|
|
@@ -471,7 +471,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *to, unsigned to_len,
|
|
|
471
471
|
OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE);
|
|
472
472
|
mlen = -1;
|
|
473
473
|
} else {
|
|
474
|
-
|
|
474
|
+
OPENSSL_memcpy(to, db + one_index, mlen);
|
|
475
475
|
}
|
|
476
476
|
|
|
477
477
|
OPENSSL_free(db);
|
|
@@ -579,7 +579,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash,
|
|
|
579
579
|
if (!EVP_DigestFinal_ex(&ctx, H_, NULL)) {
|
|
580
580
|
goto err;
|
|
581
581
|
}
|
|
582
|
-
if (
|
|
582
|
+
if (OPENSSL_memcmp(H_, H, hLen)) {
|
|
583
583
|
OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE);
|
|
584
584
|
ret = 0;
|
|
585
585
|
} else {
|
|
@@ -82,7 +82,7 @@ RSA *RSA_new_method(const ENGINE *engine) {
|
|
|
82
82
|
return NULL;
|
|
83
83
|
}
|
|
84
84
|
|
|
85
|
-
|
|
85
|
+
OPENSSL_memset(rsa, 0, sizeof(RSA));
|
|
86
86
|
|
|
87
87
|
if (engine) {
|
|
88
88
|
rsa->meth = ENGINE_get_RSA_method(engine);
|
|
@@ -446,8 +446,8 @@ int RSA_add_pkcs1_prefix(uint8_t **out_msg, size_t *out_msg_len,
|
|
|
446
446
|
return 0;
|
|
447
447
|
}
|
|
448
448
|
|
|
449
|
-
|
|
450
|
-
|
|
449
|
+
OPENSSL_memcpy(signed_msg, prefix, prefix_len);
|
|
450
|
+
OPENSSL_memcpy(signed_msg + prefix_len, msg, msg_len);
|
|
451
451
|
|
|
452
452
|
*out_msg = signed_msg;
|
|
453
453
|
*out_msg_len = signed_msg_len;
|
|
@@ -532,7 +532,7 @@ int RSA_verify(int hash_nid, const uint8_t *msg, size_t msg_len,
|
|
|
532
532
|
goto out;
|
|
533
533
|
}
|
|
534
534
|
|
|
535
|
-
if (len != signed_msg_len ||
|
|
535
|
+
if (len != signed_msg_len || OPENSSL_memcmp(buf, signed_msg, len) != 0) {
|
|
536
536
|
OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE);
|
|
537
537
|
goto out;
|
|
538
538
|
}
|
|
@@ -66,6 +66,7 @@
|
|
|
66
66
|
|
|
67
67
|
#include "internal.h"
|
|
68
68
|
#include "../bytestring/internal.h"
|
|
69
|
+
#include "../internal.h"
|
|
69
70
|
|
|
70
71
|
|
|
71
72
|
static int parse_integer_buggy(CBS *cbs, BIGNUM **out, int buggy) {
|
|
@@ -183,7 +184,7 @@ static RSA_additional_prime *rsa_parse_additional_prime(CBS *cbs) {
|
|
|
183
184
|
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
|
|
184
185
|
return 0;
|
|
185
186
|
}
|
|
186
|
-
|
|
187
|
+
OPENSSL_memset(ret, 0, sizeof(RSA_additional_prime));
|
|
187
188
|
|
|
188
189
|
CBS child;
|
|
189
190
|
if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) ||
|
|
@@ -280,6 +281,11 @@ RSA *RSA_parse_private_key(CBS *cbs) {
|
|
|
280
281
|
goto err;
|
|
281
282
|
}
|
|
282
283
|
|
|
284
|
+
if (!RSA_check_key(ret)) {
|
|
285
|
+
OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_RSA_PARAMETERS);
|
|
286
|
+
goto err;
|
|
287
|
+
}
|
|
288
|
+
|
|
283
289
|
BN_CTX_free(ctx);
|
|
284
290
|
BN_free(product_of_primes_so_far);
|
|
285
291
|
return ret;
|
|
@@ -65,6 +65,7 @@
|
|
|
65
65
|
#include <openssl/thread.h>
|
|
66
66
|
|
|
67
67
|
#include "internal.h"
|
|
68
|
+
#include "../bn/internal.h"
|
|
68
69
|
#include "../internal.h"
|
|
69
70
|
|
|
70
71
|
|
|
@@ -263,7 +264,7 @@ static BN_BLINDING *rsa_blinding_get(RSA *rsa, unsigned *index_used,
|
|
|
263
264
|
if (new_blindings == NULL) {
|
|
264
265
|
goto err1;
|
|
265
266
|
}
|
|
266
|
-
|
|
267
|
+
OPENSSL_memcpy(new_blindings, rsa->blindings,
|
|
267
268
|
sizeof(BN_BLINDING *) * rsa->num_blindings);
|
|
268
269
|
new_blindings[rsa->num_blindings] = ret;
|
|
269
270
|
|
|
@@ -271,7 +272,7 @@ static BN_BLINDING *rsa_blinding_get(RSA *rsa, unsigned *index_used,
|
|
|
271
272
|
if (new_blindings_inuse == NULL) {
|
|
272
273
|
goto err2;
|
|
273
274
|
}
|
|
274
|
-
|
|
275
|
+
OPENSSL_memcpy(new_blindings_inuse, rsa->blindings_inuse, rsa->num_blindings);
|
|
275
276
|
new_blindings_inuse[rsa->num_blindings] = 1;
|
|
276
277
|
*index_used = rsa->num_blindings;
|
|
277
278
|
|
|
@@ -590,17 +591,9 @@ int rsa_default_private_transform(RSA *rsa, uint8_t *out, const uint8_t *in,
|
|
|
590
591
|
if (!mod_exp(result, f, rsa, ctx)) {
|
|
591
592
|
goto err;
|
|
592
593
|
}
|
|
593
|
-
} else
|
|
594
|
-
|
|
595
|
-
|
|
596
|
-
|
|
597
|
-
BN_init(&local_d);
|
|
598
|
-
d = &local_d;
|
|
599
|
-
BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
|
|
600
|
-
|
|
601
|
-
if (!BN_mod_exp_mont_consttime(result, f, d, rsa->n, ctx, rsa->mont_n)) {
|
|
602
|
-
goto err;
|
|
603
|
-
}
|
|
594
|
+
} else if (!BN_mod_exp_mont_consttime(result, f, rsa->d, rsa->n, ctx,
|
|
595
|
+
rsa->mont_n)) {
|
|
596
|
+
goto err;
|
|
604
597
|
}
|
|
605
598
|
|
|
606
599
|
/* Verify the result to protect against fault attacks as described in the
|
|
@@ -658,8 +651,6 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) {
|
|
|
658
651
|
assert(rsa->iqmp != NULL);
|
|
659
652
|
|
|
660
653
|
BIGNUM *r1, *m1, *vrfy;
|
|
661
|
-
BIGNUM local_dmp1, local_dmq1, local_c, local_r1;
|
|
662
|
-
BIGNUM *dmp1, *dmq1, *c, *pr1;
|
|
663
654
|
int ret = 0;
|
|
664
655
|
size_t i, num_additional_primes = 0;
|
|
665
656
|
|
|
@@ -677,23 +668,9 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) {
|
|
|
677
668
|
goto err;
|
|
678
669
|
}
|
|
679
670
|
|
|
680
|
-
|
|
681
|
-
|
|
682
|
-
|
|
683
|
-
|
|
684
|
-
/* Make sure BN_mod in Montgomery initialization uses BN_FLG_CONSTTIME. */
|
|
685
|
-
BN_init(&local_p);
|
|
686
|
-
p = &local_p;
|
|
687
|
-
BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
|
|
688
|
-
|
|
689
|
-
BN_init(&local_q);
|
|
690
|
-
q = &local_q;
|
|
691
|
-
BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME);
|
|
692
|
-
|
|
693
|
-
if (!BN_MONT_CTX_set_locked(&rsa->mont_p, &rsa->lock, p, ctx) ||
|
|
694
|
-
!BN_MONT_CTX_set_locked(&rsa->mont_q, &rsa->lock, q, ctx)) {
|
|
695
|
-
goto err;
|
|
696
|
-
}
|
|
671
|
+
if (!BN_MONT_CTX_set_locked(&rsa->mont_p, &rsa->lock, rsa->p, ctx) ||
|
|
672
|
+
!BN_MONT_CTX_set_locked(&rsa->mont_q, &rsa->lock, rsa->q, ctx)) {
|
|
673
|
+
goto err;
|
|
697
674
|
}
|
|
698
675
|
|
|
699
676
|
if (!BN_MONT_CTX_set_locked(&rsa->mont_n, &rsa->lock, rsa->n, ctx)) {
|
|
@@ -701,30 +678,22 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) {
|
|
|
701
678
|
}
|
|
702
679
|
|
|
703
680
|
/* compute I mod q */
|
|
704
|
-
|
|
705
|
-
BN_with_flags(c, I, BN_FLG_CONSTTIME);
|
|
706
|
-
if (!BN_mod(r1, c, rsa->q, ctx)) {
|
|
681
|
+
if (!BN_mod(r1, I, rsa->q, ctx)) {
|
|
707
682
|
goto err;
|
|
708
683
|
}
|
|
709
684
|
|
|
710
685
|
/* compute r1^dmq1 mod q */
|
|
711
|
-
dmq1
|
|
712
|
-
BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
|
|
713
|
-
if (!BN_mod_exp_mont_consttime(m1, r1, dmq1, rsa->q, ctx, rsa->mont_q)) {
|
|
686
|
+
if (!BN_mod_exp_mont_consttime(m1, r1, rsa->dmq1, rsa->q, ctx, rsa->mont_q)) {
|
|
714
687
|
goto err;
|
|
715
688
|
}
|
|
716
689
|
|
|
717
690
|
/* compute I mod p */
|
|
718
|
-
|
|
719
|
-
BN_with_flags(c, I, BN_FLG_CONSTTIME);
|
|
720
|
-
if (!BN_mod(r1, c, rsa->p, ctx)) {
|
|
691
|
+
if (!BN_mod(r1, I, rsa->p, ctx)) {
|
|
721
692
|
goto err;
|
|
722
693
|
}
|
|
723
694
|
|
|
724
695
|
/* compute r1^dmp1 mod p */
|
|
725
|
-
dmp1
|
|
726
|
-
BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
|
|
727
|
-
if (!BN_mod_exp_mont_consttime(r0, r1, dmp1, rsa->p, ctx, rsa->mont_p)) {
|
|
696
|
+
if (!BN_mod_exp_mont_consttime(r0, r1, rsa->dmp1, rsa->p, ctx, rsa->mont_p)) {
|
|
728
697
|
goto err;
|
|
729
698
|
}
|
|
730
699
|
|
|
@@ -743,11 +712,7 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) {
|
|
|
743
712
|
goto err;
|
|
744
713
|
}
|
|
745
714
|
|
|
746
|
-
|
|
747
|
-
pr1 = &local_r1;
|
|
748
|
-
BN_with_flags(pr1, r1, BN_FLG_CONSTTIME);
|
|
749
|
-
|
|
750
|
-
if (!BN_mod(r0, pr1, rsa->p, ctx)) {
|
|
715
|
+
if (!BN_mod(r0, r1, rsa->p, ctx)) {
|
|
751
716
|
goto err;
|
|
752
717
|
}
|
|
753
718
|
|
|
@@ -771,30 +736,23 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) {
|
|
|
771
736
|
|
|
772
737
|
for (i = 0; i < num_additional_primes; i++) {
|
|
773
738
|
/* multi-prime RSA. */
|
|
774
|
-
BIGNUM local_exp, local_prime;
|
|
775
|
-
BIGNUM *exp = &local_exp, *prime = &local_prime;
|
|
776
739
|
RSA_additional_prime *ap =
|
|
777
740
|
sk_RSA_additional_prime_value(rsa->additional_primes, i);
|
|
778
741
|
|
|
779
|
-
BN_with_flags(exp, ap->exp, BN_FLG_CONSTTIME);
|
|
780
|
-
BN_with_flags(prime, ap->prime, BN_FLG_CONSTTIME);
|
|
781
|
-
|
|
782
742
|
/* c will already point to a BIGNUM with the correct flags. */
|
|
783
|
-
if (!BN_mod(r1,
|
|
743
|
+
if (!BN_mod(r1, I, ap->prime, ctx)) {
|
|
784
744
|
goto err;
|
|
785
745
|
}
|
|
786
746
|
|
|
787
|
-
if (!BN_MONT_CTX_set_locked(&ap->mont, &rsa->lock, prime, ctx) ||
|
|
788
|
-
!BN_mod_exp_mont_consttime(m1, r1, exp, prime, ctx, ap->mont)) {
|
|
747
|
+
if (!BN_MONT_CTX_set_locked(&ap->mont, &rsa->lock, ap->prime, ctx) ||
|
|
748
|
+
!BN_mod_exp_mont_consttime(m1, r1, ap->exp, ap->prime, ctx, ap->mont)) {
|
|
789
749
|
goto err;
|
|
790
750
|
}
|
|
791
751
|
|
|
792
|
-
BN_set_flags(m1, BN_FLG_CONSTTIME);
|
|
793
|
-
|
|
794
752
|
if (!BN_sub(m1, m1, r0) ||
|
|
795
753
|
!BN_mul(m1, m1, ap->coeff, ctx) ||
|
|
796
|
-
!BN_mod(m1, m1, prime, ctx) ||
|
|
797
|
-
(BN_is_negative(m1) && !BN_add(m1, m1, prime)) ||
|
|
754
|
+
!BN_mod(m1, m1, ap->prime, ctx) ||
|
|
755
|
+
(BN_is_negative(m1) && !BN_add(m1, m1, ap->prime)) ||
|
|
798
756
|
!BN_mul(m1, m1, ap->r, ctx) ||
|
|
799
757
|
!BN_add(r0, r0, m1)) {
|
|
800
758
|
goto err;
|
|
@@ -811,8 +769,6 @@ err:
|
|
|
811
769
|
int rsa_default_multi_prime_keygen(RSA *rsa, int bits, int num_primes,
|
|
812
770
|
BIGNUM *e_value, BN_GENCB *cb) {
|
|
813
771
|
BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp;
|
|
814
|
-
BIGNUM local_r0, local_d, local_p;
|
|
815
|
-
BIGNUM *pr0, *d, *p;
|
|
816
772
|
int prime_bits, ok = -1, n = 0, i, j;
|
|
817
773
|
BN_CTX *ctx = NULL;
|
|
818
774
|
STACK_OF(RSA_additional_prime) *additional_primes = NULL;
|
|
@@ -848,7 +804,7 @@ int rsa_default_multi_prime_keygen(RSA *rsa, int bits, int num_primes,
|
|
|
848
804
|
if (ap == NULL) {
|
|
849
805
|
goto err;
|
|
850
806
|
}
|
|
851
|
-
|
|
807
|
+
OPENSSL_memset(ap, 0, sizeof(RSA_additional_prime));
|
|
852
808
|
ap->prime = BN_new();
|
|
853
809
|
ap->exp = BN_new();
|
|
854
810
|
ap->coeff = BN_new();
|
|
@@ -1041,31 +997,27 @@ int rsa_default_multi_prime_keygen(RSA *rsa, int bits, int num_primes,
|
|
|
1041
997
|
goto err;
|
|
1042
998
|
}
|
|
1043
999
|
}
|
|
1044
|
-
|
|
1045
|
-
BN_with_flags(pr0, r0, BN_FLG_CONSTTIME);
|
|
1046
|
-
if (!BN_mod_inverse(rsa->d, rsa->e, pr0, ctx)) {
|
|
1000
|
+
if (!BN_mod_inverse(rsa->d, rsa->e, r0, ctx)) {
|
|
1047
1001
|
goto err; /* d */
|
|
1048
1002
|
}
|
|
1049
1003
|
|
|
1050
|
-
/* set up d for correct BN_FLG_CONSTTIME flag */
|
|
1051
|
-
d = &local_d;
|
|
1052
|
-
BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
|
|
1053
|
-
|
|
1054
1004
|
/* calculate d mod (p-1) */
|
|
1055
|
-
if (!BN_mod(rsa->dmp1, d, r1, ctx)) {
|
|
1005
|
+
if (!BN_mod(rsa->dmp1, rsa->d, r1, ctx)) {
|
|
1056
1006
|
goto err;
|
|
1057
1007
|
}
|
|
1058
1008
|
|
|
1059
1009
|
/* calculate d mod (q-1) */
|
|
1060
|
-
if (!BN_mod(rsa->dmq1, d, r2, ctx)) {
|
|
1010
|
+
if (!BN_mod(rsa->dmq1, rsa->d, r2, ctx)) {
|
|
1061
1011
|
goto err;
|
|
1062
1012
|
}
|
|
1063
1013
|
|
|
1064
|
-
/*
|
|
1065
|
-
|
|
1066
|
-
|
|
1067
|
-
|
|
1068
|
-
if (!
|
|
1014
|
+
/* Calculate inverse of q mod p. Note that although RSA key generation is far
|
|
1015
|
+
* from constant-time, |bn_mod_inverse_secret_prime| uses the same modular
|
|
1016
|
+
* exponentation logic as in RSA private key operations and, if the RSAZ-1024
|
|
1017
|
+
* code is enabled, will be optimized for common RSA prime sizes. */
|
|
1018
|
+
if (!BN_MONT_CTX_set_locked(&rsa->mont_p, &rsa->lock, rsa->p, ctx) ||
|
|
1019
|
+
!bn_mod_inverse_secret_prime(rsa->iqmp, rsa->q, rsa->p, ctx,
|
|
1020
|
+
rsa->mont_p)) {
|
|
1069
1021
|
goto err;
|
|
1070
1022
|
}
|
|
1071
1023
|
|
|
@@ -1074,15 +1026,24 @@ int rsa_default_multi_prime_keygen(RSA *rsa, int bits, int num_primes,
|
|
|
1074
1026
|
sk_RSA_additional_prime_value(additional_primes, i - 2);
|
|
1075
1027
|
if (!BN_sub(ap->exp, ap->prime, BN_value_one()) ||
|
|
1076
1028
|
!BN_mod(ap->exp, rsa->d, ap->exp, ctx) ||
|
|
1077
|
-
!
|
|
1029
|
+
!BN_MONT_CTX_set_locked(&ap->mont, &rsa->lock, ap->prime, ctx) ||
|
|
1030
|
+
!bn_mod_inverse_secret_prime(ap->coeff, ap->r, ap->prime, ctx,
|
|
1031
|
+
ap->mont)) {
|
|
1078
1032
|
goto err;
|
|
1079
1033
|
}
|
|
1080
1034
|
}
|
|
1081
1035
|
|
|
1082
|
-
ok = 1;
|
|
1083
1036
|
rsa->additional_primes = additional_primes;
|
|
1084
1037
|
additional_primes = NULL;
|
|
1085
1038
|
|
|
1039
|
+
/* The key generation process is complex and thus error-prone. It could be
|
|
1040
|
+
* disastrous to generate and then use a bad key so double-check that the key
|
|
1041
|
+
* makes sense. */
|
|
1042
|
+
ok = RSA_check_key(rsa);
|
|
1043
|
+
if (!ok) {
|
|
1044
|
+
OPENSSL_PUT_ERROR(RSA, RSA_R_INTERNAL_ERROR);
|
|
1045
|
+
}
|
|
1046
|
+
|
|
1086
1047
|
err:
|
|
1087
1048
|
if (ok == -1) {
|
|
1088
1049
|
OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
|