grpc 1.40.0 → 1.41.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of grpc might be problematic. Click here for more details.

Files changed (827) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +27 -36
  3. data/include/grpc/byte_buffer.h +1 -1
  4. data/include/grpc/byte_buffer_reader.h +1 -1
  5. data/include/grpc/event_engine/endpoint_config.h +6 -11
  6. data/include/grpc/event_engine/event_engine.h +63 -58
  7. data/include/grpc/event_engine/port.h +1 -3
  8. data/include/grpc/event_engine/slice_allocator.h +6 -1
  9. data/include/grpc/fork.h +1 -1
  10. data/include/grpc/grpc.h +10 -4
  11. data/include/grpc/grpc_posix.h +5 -2
  12. data/include/grpc/impl/codegen/atm.h +5 -3
  13. data/include/grpc/impl/codegen/atm_gcc_atomic.h +2 -0
  14. data/include/grpc/impl/codegen/atm_gcc_sync.h +2 -0
  15. data/include/grpc/impl/codegen/atm_windows.h +2 -0
  16. data/include/grpc/impl/codegen/byte_buffer.h +2 -0
  17. data/include/grpc/impl/codegen/byte_buffer_reader.h +2 -0
  18. data/include/grpc/impl/codegen/compression_types.h +2 -0
  19. data/include/grpc/impl/codegen/connectivity_state.h +2 -0
  20. data/include/grpc/impl/codegen/fork.h +2 -0
  21. data/include/grpc/impl/codegen/gpr_slice.h +2 -0
  22. data/include/grpc/impl/codegen/gpr_types.h +2 -0
  23. data/include/grpc/impl/codegen/grpc_types.h +4 -5
  24. data/include/grpc/impl/codegen/log.h +2 -0
  25. data/include/grpc/impl/codegen/port_platform.h +26 -22
  26. data/include/grpc/impl/codegen/propagation_bits.h +2 -0
  27. data/include/grpc/impl/codegen/slice.h +2 -0
  28. data/include/grpc/impl/codegen/status.h +2 -0
  29. data/include/grpc/impl/codegen/sync.h +8 -5
  30. data/include/grpc/impl/codegen/sync_abseil.h +2 -0
  31. data/include/grpc/impl/codegen/sync_custom.h +2 -0
  32. data/include/grpc/impl/codegen/sync_generic.h +3 -0
  33. data/include/grpc/impl/codegen/sync_posix.h +4 -2
  34. data/include/grpc/impl/codegen/sync_windows.h +2 -0
  35. data/include/grpc/slice.h +1 -1
  36. data/include/grpc/status.h +1 -1
  37. data/include/grpc/support/atm.h +1 -1
  38. data/include/grpc/support/atm_gcc_atomic.h +1 -1
  39. data/include/grpc/support/atm_gcc_sync.h +1 -1
  40. data/include/grpc/support/atm_windows.h +1 -1
  41. data/include/grpc/support/log.h +1 -1
  42. data/include/grpc/support/port_platform.h +1 -1
  43. data/include/grpc/support/sync.h +1 -1
  44. data/include/grpc/support/sync_abseil.h +1 -1
  45. data/include/grpc/support/sync_custom.h +1 -1
  46. data/include/grpc/support/sync_generic.h +1 -1
  47. data/include/grpc/support/sync_posix.h +1 -1
  48. data/include/grpc/support/sync_windows.h +1 -1
  49. data/include/grpc/support/time.h +2 -2
  50. data/src/core/ext/filters/census/grpc_context.cc +1 -0
  51. data/src/core/ext/filters/client_channel/backend_metric.cc +0 -1
  52. data/src/core/ext/filters/client_channel/backup_poller.h +1 -0
  53. data/src/core/ext/filters/client_channel/channel_connectivity.cc +1 -2
  54. data/src/core/ext/filters/client_channel/client_channel.cc +24 -52
  55. data/src/core/ext/filters/client_channel/client_channel.h +3 -3
  56. data/src/core/ext/filters/client_channel/client_channel_channelz.cc +6 -5
  57. data/src/core/ext/filters/client_channel/client_channel_channelz.h +1 -1
  58. data/src/core/ext/filters/client_channel/client_channel_factory.cc +1 -0
  59. data/src/core/ext/filters/client_channel/client_channel_plugin.cc +8 -1
  60. data/src/core/ext/filters/client_channel/config_selector.cc +1 -0
  61. data/src/core/ext/filters/client_channel/health/health_check_client.cc +7 -6
  62. data/src/core/ext/filters/client_channel/health/health_check_client.h +4 -3
  63. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +8 -7
  64. data/src/core/ext/filters/client_channel/http_connect_handshaker.h +10 -2
  65. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +2 -2
  66. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +2 -8
  67. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -2
  68. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +2 -2
  69. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +2 -2
  70. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +2 -1
  71. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +14 -23
  72. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +1 -0
  73. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +2 -2
  74. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +2 -8
  75. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +15 -18
  76. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +10 -7
  77. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -8
  78. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +2 -3
  79. data/src/core/ext/filters/client_channel/lb_policy.h +11 -44
  80. data/src/core/ext/filters/client_channel/lb_policy_registry.cc +4 -7
  81. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +2 -10
  82. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +1 -0
  83. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -3
  84. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +6 -5
  85. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +14 -19
  86. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +1 -0
  87. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +2 -2
  88. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +5 -5
  89. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +5 -8
  90. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +2 -3
  91. data/src/core/ext/filters/client_idle/client_idle_filter.cc +36 -30
  92. data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +8 -6
  93. data/src/core/ext/filters/fault_injection/service_config_parser.cc +6 -13
  94. data/src/core/ext/filters/http/client/http_client_filter.cc +3 -2
  95. data/src/core/ext/filters/http/client_authority_filter.cc +2 -1
  96. data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +2 -1
  97. data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +7 -8
  98. data/src/core/ext/filters/http/server/http_server_filter.cc +5 -3
  99. data/src/core/ext/filters/message_size/message_size_filter.cc +9 -13
  100. data/src/core/ext/transport/chttp2/alpn/alpn.cc +2 -1
  101. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +29 -12
  102. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +2 -0
  103. data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +2 -3
  104. data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +10 -6
  105. data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +2 -3
  106. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +60 -37
  107. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +0 -1
  108. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +12 -6
  109. data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +5 -9
  110. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +3 -1
  111. data/src/core/ext/transport/chttp2/transport/bin_decoder.h +2 -1
  112. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +1 -0
  113. data/src/core/ext/transport/chttp2/transport/chttp2_slice_allocator.cc +4 -3
  114. data/src/core/ext/transport/chttp2/transport/chttp2_slice_allocator.h +2 -2
  115. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +24 -30
  116. data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +4 -1
  117. data/src/core/ext/transport/chttp2/transport/context_list.h +1 -2
  118. data/src/core/ext/transport/chttp2/transport/flow_control.cc +39 -23
  119. data/src/core/ext/transport/chttp2/transport/flow_control.h +9 -3
  120. data/src/core/ext/transport/chttp2/transport/frame_data.cc +7 -7
  121. data/src/core/ext/transport/chttp2/transport/frame_data.h +1 -0
  122. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +4 -3
  123. data/src/core/ext/transport/chttp2/transport/frame_goaway.h +1 -0
  124. data/src/core/ext/transport/chttp2/transport/frame_ping.cc +4 -4
  125. data/src/core/ext/transport/chttp2/transport/frame_ping.h +1 -0
  126. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +3 -5
  127. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +1 -0
  128. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +36 -5
  129. data/src/core/ext/transport/chttp2/transport/frame_settings.h +1 -0
  130. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +12 -7
  131. data/src/core/ext/transport/chttp2/transport/frame_window_update.h +1 -0
  132. data/src/core/ext/transport/chttp2/transport/hpack_constants.h +41 -0
  133. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +272 -666
  134. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +236 -70
  135. data/src/core/ext/transport/chttp2/transport/hpack_encoder_index.h +107 -0
  136. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +86 -0
  137. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +69 -0
  138. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +776 -1037
  139. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +48 -169
  140. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +159 -0
  141. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +130 -0
  142. data/src/core/ext/transport/chttp2/transport/hpack_utils.cc +46 -0
  143. data/src/core/ext/transport/chttp2/transport/hpack_utils.h +30 -0
  144. data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +2 -2
  145. data/src/core/ext/transport/chttp2/transport/internal.h +2 -2
  146. data/src/core/ext/transport/chttp2/transport/parsing.cc +20 -30
  147. data/src/core/ext/transport/chttp2/transport/popularity_count.h +60 -0
  148. data/src/core/ext/transport/chttp2/transport/stream_lists.cc +2 -2
  149. data/src/core/ext/transport/chttp2/transport/varint.cc +7 -3
  150. data/src/core/ext/transport/chttp2/transport/varint.h +39 -28
  151. data/src/core/ext/transport/chttp2/transport/writing.cc +32 -28
  152. data/src/core/ext/transport/inproc/inproc_transport.cc +6 -4
  153. data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +96 -96
  154. data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +221 -89
  155. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.c +1 -1
  156. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +1 -1
  157. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +3 -3
  158. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +11 -5
  159. data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +48 -48
  160. data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +151 -61
  161. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +99 -99
  162. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +171 -69
  163. data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +15 -15
  164. data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +31 -13
  165. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +126 -127
  166. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +229 -101
  167. data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +4 -4
  168. data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +11 -5
  169. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +23 -23
  170. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +11 -5
  171. data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +28 -28
  172. data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +71 -29
  173. data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +4 -4
  174. data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +11 -5
  175. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +82 -82
  176. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +201 -81
  177. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +24 -24
  178. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +51 -21
  179. data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +3 -3
  180. data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +11 -5
  181. data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +9 -9
  182. data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +21 -9
  183. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +62 -62
  184. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +131 -53
  185. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +51 -51
  186. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +81 -33
  187. data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +5 -5
  188. data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +11 -5
  189. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +62 -62
  190. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +141 -57
  191. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +3 -3
  192. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +11 -5
  193. data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.c +7 -7
  194. data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.h +21 -9
  195. data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +8 -8
  196. data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +11 -5
  197. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +8 -8
  198. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +11 -5
  199. data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.c +4 -4
  200. data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.h +11 -5
  201. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +16 -16
  202. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +31 -13
  203. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +57 -22
  204. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +174 -17
  205. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +32 -32
  206. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +51 -21
  207. data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +3 -3
  208. data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +11 -5
  209. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +37 -37
  210. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +61 -25
  211. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +40 -40
  212. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +71 -29
  213. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +9 -9
  214. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +11 -5
  215. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +5 -5
  216. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +21 -9
  217. data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +30 -30
  218. data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +81 -33
  219. data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +41 -29
  220. data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +141 -43
  221. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +46 -43
  222. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +88 -29
  223. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +18 -18
  224. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +31 -13
  225. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +281 -277
  226. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +569 -248
  227. data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +10 -10
  228. data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +31 -13
  229. data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +6 -6
  230. data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +21 -9
  231. data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +3 -3
  232. data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +11 -5
  233. data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +13 -13
  234. data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +51 -21
  235. data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +23 -23
  236. data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +31 -13
  237. data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +9 -9
  238. data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +11 -5
  239. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +115 -116
  240. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +191 -77
  241. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +1 -1
  242. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +1 -1
  243. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +46 -32
  244. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +118 -34
  245. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +12 -12
  246. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +31 -13
  247. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +44 -42
  248. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +108 -55
  249. data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.c +2 -2
  250. data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +11 -5
  251. data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +2 -2
  252. data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +11 -5
  253. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +42 -42
  254. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +61 -25
  255. data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +2 -2
  256. data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +11 -5
  257. data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +2 -2
  258. data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +11 -5
  259. data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +9 -9
  260. data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +21 -9
  261. data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +2 -2
  262. data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +11 -5
  263. data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.c +2 -2
  264. data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +11 -5
  265. data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +28 -28
  266. data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +51 -21
  267. data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.c +8 -8
  268. data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.h +41 -17
  269. data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +9 -8
  270. data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +25 -9
  271. data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +4 -4
  272. data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +11 -5
  273. data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +4 -4
  274. data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +11 -5
  275. data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +3 -3
  276. data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +11 -5
  277. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +9 -9
  278. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +31 -13
  279. data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +10 -10
  280. data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +21 -9
  281. data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +6 -6
  282. data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +21 -9
  283. data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +11 -11
  284. data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +31 -13
  285. data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +15 -15
  286. data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +71 -29
  287. data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +19 -19
  288. data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +51 -21
  289. data/src/core/ext/upb-generated/envoy/type/v3/http.upb.c +1 -1
  290. data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +1 -1
  291. data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +6 -6
  292. data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +21 -9
  293. data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +10 -10
  294. data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +31 -13
  295. data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +5 -5
  296. data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +11 -5
  297. data/src/core/ext/upb-generated/google/api/annotations.upb.c +1 -1
  298. data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -1
  299. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +58 -58
  300. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +111 -45
  301. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +68 -68
  302. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +121 -49
  303. data/src/core/ext/upb-generated/google/api/http.upb.c +18 -18
  304. data/src/core/ext/upb-generated/google/api/http.upb.h +31 -13
  305. data/src/core/ext/upb-generated/google/protobuf/any.upb.c +4 -4
  306. data/src/core/ext/upb-generated/google/protobuf/any.upb.h +11 -5
  307. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +153 -153
  308. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +271 -109
  309. data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +4 -4
  310. data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +11 -5
  311. data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +2 -2
  312. data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +11 -5
  313. data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +15 -15
  314. data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +31 -13
  315. data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +4 -4
  316. data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +11 -5
  317. data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +19 -19
  318. data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +91 -37
  319. data/src/core/ext/upb-generated/google/rpc/status.upb.c +5 -5
  320. data/src/core/ext/upb-generated/google/rpc/status.upb.h +11 -5
  321. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +12 -12
  322. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +11 -5
  323. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +60 -60
  324. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +101 -41
  325. data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +7 -7
  326. data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +21 -9
  327. data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +5 -5
  328. data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +21 -9
  329. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +31 -31
  330. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +91 -37
  331. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +8 -8
  332. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +31 -13
  333. data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +4 -4
  334. data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +11 -5
  335. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.c +1 -1
  336. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +1 -1
  337. data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +4 -4
  338. data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +11 -5
  339. data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +3 -3
  340. data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +11 -5
  341. data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +13 -13
  342. data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +11 -5
  343. data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.c +4 -4
  344. data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.h +11 -5
  345. data/src/core/ext/upb-generated/validate/validate.upb.c +220 -220
  346. data/src/core/ext/upb-generated/validate/validate.upb.h +231 -93
  347. data/src/core/ext/upb-generated/xds/core/v3/authority.upb.c +3 -3
  348. data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +11 -5
  349. data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +8 -8
  350. data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +21 -9
  351. data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +6 -6
  352. data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +11 -5
  353. data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +5 -5
  354. data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +11 -5
  355. data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +11 -11
  356. data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +21 -9
  357. data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +6 -6
  358. data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +11 -5
  359. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +384 -382
  360. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +94 -63
  361. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +10 -0
  362. data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +30 -19
  363. data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +5 -0
  364. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +791 -780
  365. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +96 -100
  366. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +133 -115
  367. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +5 -0
  368. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +178 -173
  369. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +14 -13
  370. data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +103 -103
  371. data/src/core/ext/xds/certificate_provider_registry.cc +2 -2
  372. data/src/core/ext/xds/xds_api.cc +788 -910
  373. data/src/core/ext/xds/xds_api.h +16 -33
  374. data/src/core/ext/xds/xds_bootstrap.cc +27 -52
  375. data/src/core/ext/xds/xds_client.cc +69 -30
  376. data/src/core/ext/xds/xds_client_stats.cc +16 -15
  377. data/src/core/ext/xds/xds_client_stats.h +6 -6
  378. data/src/core/ext/xds/xds_http_fault_filter.cc +4 -3
  379. data/src/core/ext/xds/xds_http_fault_filter.h +3 -2
  380. data/src/core/ext/xds/xds_http_filters.cc +1 -0
  381. data/src/core/ext/xds/xds_server_config_fetcher.cc +10 -10
  382. data/src/core/lib/address_utils/parse_address.cc +4 -8
  383. data/src/core/lib/address_utils/sockaddr_utils.cc +2 -2
  384. data/src/core/lib/channel/channel_args.cc +2 -1
  385. data/src/core/lib/channel/channel_stack.cc +5 -3
  386. data/src/core/lib/channel/channel_stack_builder.cc +1 -11
  387. data/src/core/lib/channel/channel_stack_builder.h +0 -8
  388. data/src/core/lib/channel/channel_trace.cc +4 -3
  389. data/src/core/lib/channel/channel_trace.h +1 -0
  390. data/src/core/lib/channel/channelz.cc +40 -36
  391. data/src/core/lib/channel/channelz.h +27 -27
  392. data/src/core/lib/channel/channelz_registry.cc +7 -6
  393. data/src/core/lib/channel/connected_channel.cc +1 -0
  394. data/src/core/lib/channel/handshaker.cc +2 -1
  395. data/src/core/lib/channel/handshaker.h +1 -2
  396. data/src/core/lib/channel/handshaker_factory.h +10 -2
  397. data/src/core/lib/channel/handshaker_registry.cc +15 -70
  398. data/src/core/lib/channel/handshaker_registry.h +29 -12
  399. data/src/core/lib/channel/status_util.h +2 -2
  400. data/src/core/lib/compression/algorithm_metadata.h +1 -0
  401. data/src/core/lib/compression/compression_args.cc +2 -1
  402. data/src/core/lib/compression/compression_internal.cc +2 -4
  403. data/src/core/lib/compression/message_compress.cc +2 -2
  404. data/src/core/lib/compression/stream_compression.cc +2 -1
  405. data/src/core/lib/compression/stream_compression.h +2 -1
  406. data/src/core/lib/compression/stream_compression_gzip.cc +2 -1
  407. data/src/core/lib/compression/stream_compression_identity.cc +2 -1
  408. data/src/core/lib/config/core_configuration.cc +54 -0
  409. data/src/core/lib/config/core_configuration.h +108 -0
  410. data/src/core/lib/debug/stats.h +1 -0
  411. data/src/core/lib/debug/stats_data.cc +2 -1
  412. data/src/core/lib/debug/stats_data.h +1 -0
  413. data/src/core/lib/debug/trace.cc +1 -0
  414. data/src/core/lib/debug/trace.h +2 -1
  415. data/src/core/lib/event_engine/endpoint_config.cc +0 -1
  416. data/src/core/lib/event_engine/event_engine.cc +3 -3
  417. data/src/core/lib/event_engine/sockaddr.cc +3 -3
  418. data/src/core/lib/gpr/alloc.cc +4 -3
  419. data/src/core/lib/gpr/env_linux.cc +1 -2
  420. data/src/core/lib/gpr/env_posix.cc +2 -3
  421. data/src/core/lib/gpr/log.cc +3 -3
  422. data/src/core/lib/gpr/log_android.cc +3 -2
  423. data/src/core/lib/gpr/log_linux.cc +7 -4
  424. data/src/core/lib/gpr/log_posix.cc +6 -3
  425. data/src/core/lib/gpr/string.h +2 -2
  426. data/src/core/lib/gpr/sync.cc +2 -2
  427. data/src/core/lib/gpr/sync_abseil.cc +7 -6
  428. data/src/core/lib/gpr/sync_posix.cc +3 -3
  429. data/src/core/lib/gpr/time.cc +3 -2
  430. data/src/core/lib/gpr/time_windows.cc +3 -2
  431. data/src/core/lib/gpr/tls.h +120 -41
  432. data/src/core/lib/gpr/tmpfile_posix.cc +1 -2
  433. data/src/core/lib/gprpp/arena.cc +2 -1
  434. data/src/core/lib/gprpp/arena.h +5 -5
  435. data/src/core/lib/gprpp/atomic_utils.h +47 -0
  436. data/src/core/lib/gprpp/bitset.h +166 -0
  437. data/src/core/lib/gprpp/construct_destruct.h +39 -0
  438. data/src/core/lib/gprpp/dual_ref_counted.h +25 -26
  439. data/src/core/lib/gprpp/fork.cc +14 -12
  440. data/src/core/lib/gprpp/fork.h +4 -4
  441. data/src/core/lib/gprpp/global_config.h +1 -2
  442. data/src/core/lib/gprpp/global_config_env.cc +7 -7
  443. data/src/core/lib/gprpp/global_config_generic.h +2 -2
  444. data/src/core/lib/gprpp/manual_constructor.h +8 -5
  445. data/src/core/lib/gprpp/match.h +73 -0
  446. data/src/core/lib/gprpp/memory.h +3 -3
  447. data/src/core/lib/gprpp/mpscq.cc +7 -7
  448. data/src/core/lib/gprpp/mpscq.h +6 -5
  449. data/src/core/lib/gprpp/orphanable.h +3 -3
  450. data/src/core/lib/gprpp/overload.h +59 -0
  451. data/src/core/lib/gprpp/ref_counted.h +18 -18
  452. data/src/core/lib/gprpp/status_helper.cc +4 -4
  453. data/src/core/lib/gprpp/sync.h +3 -1
  454. data/src/core/lib/gprpp/thd_posix.cc +5 -5
  455. data/src/core/lib/gprpp/thd_windows.cc +4 -11
  456. data/src/core/lib/gprpp/time_util.cc +2 -2
  457. data/src/core/lib/gprpp/time_util.h +2 -2
  458. data/src/core/lib/http/format_request.cc +1 -0
  459. data/src/core/lib/http/format_request.h +1 -0
  460. data/src/core/lib/http/httpcli.cc +9 -9
  461. data/src/core/lib/http/httpcli.h +3 -0
  462. data/src/core/lib/http/httpcli_security_connector.cc +5 -8
  463. data/src/core/lib/http/parser.h +1 -0
  464. data/src/core/lib/iomgr/buffer_list.cc +2 -1
  465. data/src/core/lib/iomgr/buffer_list.h +1 -2
  466. data/src/core/lib/iomgr/call_combiner.cc +1 -0
  467. data/src/core/lib/iomgr/cfstream_handle.cc +1 -1
  468. data/src/core/lib/iomgr/combiner.cc +3 -2
  469. data/src/core/lib/iomgr/combiner.h +1 -0
  470. data/src/core/lib/iomgr/dualstack_socket_posix.cc +1 -0
  471. data/src/core/lib/iomgr/endpoint.cc +0 -4
  472. data/src/core/lib/iomgr/endpoint.h +1 -3
  473. data/src/core/lib/iomgr/endpoint_cfstream.cc +9 -20
  474. data/src/core/lib/iomgr/endpoint_cfstream.h +1 -1
  475. data/src/core/lib/iomgr/endpoint_pair.h +1 -0
  476. data/src/core/lib/iomgr/endpoint_pair_event_engine.cc +1 -2
  477. data/src/core/lib/iomgr/endpoint_pair_posix.cc +15 -11
  478. data/src/core/lib/iomgr/endpoint_pair_windows.cc +17 -9
  479. data/src/core/lib/iomgr/error.h +23 -9
  480. data/src/core/lib/iomgr/error_cfstream.cc +2 -2
  481. data/src/core/lib/iomgr/error_internal.h +1 -0
  482. data/src/core/lib/iomgr/ev_epoll1_linux.cc +14 -22
  483. data/src/core/lib/iomgr/ev_epollex_linux.cc +15 -22
  484. data/src/core/lib/iomgr/ev_poll_posix.cc +13 -25
  485. data/src/core/lib/iomgr/ev_posix.cc +1 -2
  486. data/src/core/lib/iomgr/event_engine/endpoint.cc +3 -22
  487. data/src/core/lib/iomgr/event_engine/endpoint.h +1 -2
  488. data/src/core/lib/iomgr/event_engine/iomgr.cc +17 -18
  489. data/src/core/lib/iomgr/event_engine/iomgr.h +20 -2
  490. data/src/core/lib/iomgr/event_engine/resolver.cc +2 -1
  491. data/src/core/lib/iomgr/event_engine/tcp.cc +53 -24
  492. data/src/core/lib/iomgr/exec_ctx.cc +3 -4
  493. data/src/core/lib/iomgr/exec_ctx.h +11 -19
  494. data/src/core/lib/iomgr/executor/mpmcqueue.cc +10 -9
  495. data/src/core/lib/iomgr/executor/mpmcqueue.h +4 -3
  496. data/src/core/lib/iomgr/executor/threadpool.cc +2 -2
  497. data/src/core/lib/iomgr/executor/threadpool.h +2 -1
  498. data/src/core/lib/iomgr/executor.cc +5 -6
  499. data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +2 -2
  500. data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +2 -2
  501. data/src/core/lib/iomgr/internal_errqueue.cc +3 -2
  502. data/src/core/lib/iomgr/iocp_windows.cc +1 -0
  503. data/src/core/lib/iomgr/iomgr.h +2 -2
  504. data/src/core/lib/iomgr/iomgr_custom.cc +2 -2
  505. data/src/core/lib/iomgr/iomgr_custom.h +2 -2
  506. data/src/core/lib/iomgr/iomgr_internal.cc +2 -1
  507. data/src/core/lib/iomgr/iomgr_windows.cc +1 -2
  508. data/src/core/lib/iomgr/is_epollexclusive_available.cc +4 -4
  509. data/src/core/lib/iomgr/polling_entity.cc +2 -2
  510. data/src/core/lib/iomgr/pollset_custom.cc +3 -4
  511. data/src/core/lib/iomgr/pollset_custom.h +2 -2
  512. data/src/core/lib/iomgr/pollset_set_custom.cc +1 -2
  513. data/src/core/lib/iomgr/pollset_set_windows.cc +1 -0
  514. data/src/core/lib/iomgr/port.h +0 -5
  515. data/src/core/lib/iomgr/python_util.h +1 -0
  516. data/src/core/lib/iomgr/resolve_address.cc +2 -1
  517. data/src/core/lib/iomgr/resolve_address.h +0 -4
  518. data/src/core/lib/iomgr/resolve_address_custom.cc +4 -4
  519. data/src/core/lib/iomgr/resolve_address_custom.h +0 -1
  520. data/src/core/lib/iomgr/resolve_address_posix.cc +2 -4
  521. data/src/core/lib/iomgr/resolve_address_windows.cc +6 -8
  522. data/src/core/lib/iomgr/resource_quota.cc +127 -42
  523. data/src/core/lib/iomgr/resource_quota.h +66 -17
  524. data/src/core/lib/iomgr/sockaddr.h +1 -1
  525. data/src/core/lib/iomgr/socket_factory_posix.cc +3 -3
  526. data/src/core/lib/iomgr/socket_factory_posix.h +1 -0
  527. data/src/core/lib/iomgr/socket_mutator.h +2 -2
  528. data/src/core/lib/iomgr/socket_utils_common_posix.cc +3 -3
  529. data/src/core/lib/iomgr/socket_utils_linux.cc +4 -4
  530. data/src/core/lib/iomgr/socket_utils_posix.cc +2 -2
  531. data/src/core/lib/iomgr/socket_utils_posix.h +2 -2
  532. data/src/core/lib/iomgr/socket_utils_windows.cc +2 -2
  533. data/src/core/lib/iomgr/tcp_client.cc +4 -2
  534. data/src/core/lib/iomgr/tcp_client.h +4 -0
  535. data/src/core/lib/iomgr/tcp_client_cfstream.cc +9 -19
  536. data/src/core/lib/iomgr/tcp_client_custom.cc +9 -17
  537. data/src/core/lib/iomgr/tcp_client_posix.cc +24 -9
  538. data/src/core/lib/iomgr/tcp_client_posix.h +5 -2
  539. data/src/core/lib/iomgr/tcp_client_windows.cc +14 -6
  540. data/src/core/lib/iomgr/tcp_custom.cc +11 -23
  541. data/src/core/lib/iomgr/tcp_custom.h +2 -1
  542. data/src/core/lib/iomgr/tcp_posix.cc +29 -59
  543. data/src/core/lib/iomgr/tcp_posix.h +11 -12
  544. data/src/core/lib/iomgr/tcp_server.cc +6 -4
  545. data/src/core/lib/iomgr/tcp_server.h +12 -9
  546. data/src/core/lib/iomgr/tcp_server_custom.cc +15 -33
  547. data/src/core/lib/iomgr/tcp_server_posix.cc +20 -13
  548. data/src/core/lib/iomgr/tcp_server_utils_posix.h +3 -0
  549. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +1 -2
  550. data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +3 -4
  551. data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +4 -4
  552. data/src/core/lib/iomgr/tcp_server_windows.cc +13 -9
  553. data/src/core/lib/iomgr/tcp_windows.cc +6 -25
  554. data/src/core/lib/iomgr/tcp_windows.h +2 -1
  555. data/src/core/lib/iomgr/timer.cc +1 -0
  556. data/src/core/lib/iomgr/timer.h +1 -2
  557. data/src/core/lib/iomgr/timer_custom.cc +2 -2
  558. data/src/core/lib/iomgr/timer_generic.cc +8 -38
  559. data/src/core/lib/iomgr/timer_generic.h +1 -0
  560. data/src/core/lib/iomgr/timer_heap.cc +1 -2
  561. data/src/core/lib/iomgr/udp_server.cc +1 -2
  562. data/src/core/lib/iomgr/unix_sockets_posix.cc +3 -5
  563. data/src/core/lib/iomgr/unix_sockets_posix.h +2 -3
  564. data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +1 -0
  565. data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -3
  566. data/src/core/lib/iomgr/wakeup_fd_posix.cc +1 -0
  567. data/src/core/lib/iomgr/work_serializer.cc +4 -4
  568. data/src/core/lib/iomgr/work_serializer.h +1 -1
  569. data/src/core/lib/json/json_reader.cc +9 -17
  570. data/src/core/lib/json/json_util.h +18 -26
  571. data/src/core/lib/matchers/matchers.h +0 -1
  572. data/src/core/lib/profiling/basic_timers.cc +8 -6
  573. data/src/core/lib/profiling/stap_timers.cc +2 -2
  574. data/src/core/lib/security/authorization/authorization_policy_provider.h +5 -4
  575. data/src/core/lib/security/authorization/evaluate_args.cc +2 -0
  576. data/src/core/lib/security/authorization/sdk_server_authz_filter.cc +159 -0
  577. data/src/core/lib/security/authorization/sdk_server_authz_filter.h +67 -0
  578. data/src/core/lib/security/context/security_context.cc +7 -6
  579. data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +2 -2
  580. data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +2 -2
  581. data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +2 -2
  582. data/src/core/lib/security/credentials/composite/composite_credentials.cc +4 -3
  583. data/src/core/lib/security/credentials/credentials.cc +6 -6
  584. data/src/core/lib/security/credentials/credentials.h +1 -1
  585. data/src/core/lib/security/credentials/credentials_metadata.cc +2 -3
  586. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +13 -26
  587. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -2
  588. data/src/core/lib/security/credentials/external/aws_request_signer.cc +3 -3
  589. data/src/core/lib/security/credentials/external/external_account_credentials.cc +13 -22
  590. data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +2 -4
  591. data/src/core/lib/security/credentials/google_default/credentials_generic.cc +1 -2
  592. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +55 -3
  593. data/src/core/lib/security/credentials/iam/iam_credentials.cc +2 -1
  594. data/src/core/lib/security/credentials/jwt/json_token.cc +1 -1
  595. data/src/core/lib/security/credentials/jwt/json_token.h +2 -1
  596. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +31 -14
  597. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +11 -3
  598. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +0 -2
  599. data/src/core/lib/security/credentials/jwt/jwt_verifier.h +3 -3
  600. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +3 -7
  601. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -0
  602. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +2 -4
  603. data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +4 -4
  604. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +0 -1
  605. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +3 -2
  606. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +10 -6
  607. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +2 -1
  608. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +7 -5
  609. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +2 -2
  610. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +4 -6
  611. data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +1 -0
  612. data/src/core/lib/security/security_connector/load_system_roots_linux.cc +3 -3
  613. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +4 -7
  614. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +1 -2
  615. data/src/core/lib/security/security_connector/ssl_utils.cc +2 -3
  616. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +9 -14
  617. data/src/core/lib/security/transport/auth_filters.h +1 -0
  618. data/src/core/lib/security/transport/client_auth_filter.cc +4 -6
  619. data/src/core/lib/security/transport/secure_endpoint.cc +4 -14
  620. data/src/core/lib/security/transport/secure_endpoint.h +1 -0
  621. data/src/core/lib/security/transport/security_handshaker.cc +5 -4
  622. data/src/core/lib/security/transport/security_handshaker.h +2 -1
  623. data/src/core/lib/security/util/json_util.cc +6 -8
  624. data/src/core/lib/slice/percent_encoding.cc +73 -30
  625. data/src/core/lib/slice/percent_encoding.h +29 -28
  626. data/src/core/lib/slice/slice.cc +2 -3
  627. data/src/core/lib/slice/slice_buffer.cc +1 -2
  628. data/src/core/lib/slice/slice_intern.cc +2 -3
  629. data/src/core/lib/slice/slice_internal.h +2 -2
  630. data/src/core/lib/surface/api_trace.cc +2 -1
  631. data/src/core/lib/surface/api_trace.h +1 -0
  632. data/src/core/lib/surface/byte_buffer_reader.cc +1 -1
  633. data/src/core/lib/surface/call.cc +9 -8
  634. data/src/core/lib/surface/call.h +3 -3
  635. data/src/core/lib/surface/call_details.cc +2 -2
  636. data/src/core/lib/surface/call_log_batch.cc +2 -2
  637. data/src/core/lib/surface/channel.cc +22 -9
  638. data/src/core/lib/surface/channel.h +14 -2
  639. data/src/core/lib/surface/channel_ping.cc +1 -2
  640. data/src/core/lib/surface/channel_stack_type.cc +2 -1
  641. data/src/core/lib/surface/completion_queue.cc +54 -64
  642. data/src/core/lib/surface/completion_queue_factory.cc +2 -1
  643. data/src/core/lib/surface/completion_queue_factory.h +1 -0
  644. data/src/core/lib/surface/event_string.cc +1 -0
  645. data/src/core/lib/surface/init.cc +4 -9
  646. data/src/core/lib/surface/init.h +0 -1
  647. data/src/core/lib/surface/init_secure.cc +23 -4
  648. data/src/core/lib/surface/lame_client.cc +6 -5
  649. data/src/core/lib/surface/metadata_array.cc +2 -2
  650. data/src/core/lib/surface/server.cc +17 -33
  651. data/src/core/lib/surface/server.h +11 -13
  652. data/src/core/lib/surface/validate_metadata.cc +44 -16
  653. data/src/core/lib/surface/version.cc +2 -2
  654. data/src/core/lib/transport/byte_stream.h +1 -0
  655. data/src/core/lib/transport/connectivity_state.cc +8 -5
  656. data/src/core/lib/transport/connectivity_state.h +2 -2
  657. data/src/core/lib/transport/error_utils.cc +1 -0
  658. data/src/core/lib/transport/metadata.cc +10 -10
  659. data/src/core/lib/transport/metadata.h +13 -11
  660. data/src/core/lib/transport/metadata_batch.h +8 -0
  661. data/src/core/lib/transport/transport_op_string.cc +2 -2
  662. data/src/core/plugin_registry/grpc_plugin_registry.cc +14 -0
  663. data/src/core/tsi/alts/crypt/aes_gcm.cc +3 -2
  664. data/src/core/tsi/alts/crypt/gsec.h +2 -3
  665. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +2 -2
  666. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +2 -3
  667. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +2 -2
  668. data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +4 -3
  669. data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +2 -2
  670. data/src/core/tsi/ssl_transport_security.cc +11 -9
  671. data/src/core/tsi/ssl_transport_security.h +3 -1
  672. data/src/core/tsi/transport_security.cc +3 -3
  673. data/src/core/tsi/transport_security_grpc.h +1 -0
  674. data/src/ruby/ext/grpc/extconf.rb +1 -1
  675. data/src/ruby/ext/grpc/rb_byte_buffer.c +2 -1
  676. data/src/ruby/ext/grpc/rb_call.c +5 -5
  677. data/src/ruby/ext/grpc/rb_call_credentials.c +5 -5
  678. data/src/ruby/ext/grpc/rb_channel.c +10 -8
  679. data/src/ruby/ext/grpc/rb_channel_args.c +2 -2
  680. data/src/ruby/ext/grpc/rb_channel_credentials.c +4 -4
  681. data/src/ruby/ext/grpc/rb_channel_credentials.h +1 -0
  682. data/src/ruby/ext/grpc/rb_completion_queue.c +3 -2
  683. data/src/ruby/ext/grpc/rb_compression_options.c +5 -4
  684. data/src/ruby/ext/grpc/rb_event_thread.c +4 -4
  685. data/src/ruby/ext/grpc/rb_grpc.c +5 -4
  686. data/src/ruby/ext/grpc/rb_grpc.h +1 -0
  687. data/src/ruby/ext/grpc/rb_server.c +6 -5
  688. data/src/ruby/ext/grpc/rb_server_credentials.c +3 -3
  689. data/src/ruby/ext/grpc/rb_server_credentials.h +1 -0
  690. data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +8 -5
  691. data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +3 -1
  692. data/src/ruby/ext/grpc/rb_xds_server_credentials.c +6 -5
  693. data/src/ruby/ext/grpc/rb_xds_server_credentials.h +3 -1
  694. data/src/ruby/lib/grpc/version.rb +1 -1
  695. data/third_party/boringssl-with-bazel/err_data.c +294 -292
  696. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +52 -47
  697. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +1 -1
  698. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +1 -1
  699. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +1 -0
  700. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +1 -1
  701. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +1 -1
  702. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +1 -1
  703. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +1 -1
  704. data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn1_locl.h → internal.h} +20 -1
  705. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +1 -1
  706. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +1 -1
  707. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +1 -1
  708. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +1 -1
  709. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +1 -1
  710. data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +1 -1
  711. data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +14 -3
  712. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +5 -3
  713. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +5 -6
  714. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +2 -0
  715. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +5 -9
  716. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +1 -1
  717. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +4 -6
  718. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +34 -0
  719. data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +219 -121
  720. data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +9 -2
  721. data/third_party/boringssl-with-bazel/src/crypto/internal.h +23 -2
  722. data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +253 -0
  723. data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.c +28 -23
  724. data/third_party/boringssl-with-bazel/src/crypto/mem.c +2 -0
  725. data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +7 -3
  726. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +1 -1
  727. data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +1 -0
  728. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +4 -0
  729. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/fuchsia.c +4 -0
  730. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +4 -0
  731. data/third_party/boringssl-with-bazel/src/crypto/x509/a_strex.c +2 -2
  732. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +15 -11
  733. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +1 -1
  734. data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +1 -0
  735. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +45 -2
  736. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +4 -2
  737. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +10 -3
  738. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +6 -23
  739. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +2 -2
  740. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +1 -0
  741. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +25 -22
  742. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +0 -4
  743. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +1 -0
  744. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +1 -3
  745. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +9 -11
  746. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +2 -0
  747. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +1 -3
  748. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +1 -3
  749. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +1 -0
  750. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +0 -2
  751. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +2 -0
  752. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +14 -11
  753. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +5 -5
  754. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +160 -74
  755. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +0 -1
  756. data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +8 -5
  757. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +3 -0
  758. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +6 -0
  759. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +25 -0
  760. data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +14 -12
  761. data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +4 -205
  762. data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +3 -0
  763. data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +5 -4
  764. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +58 -6
  765. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +184 -55
  766. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +0 -5
  767. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +9 -16
  768. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +44 -2
  769. data/third_party/boringssl-with-bazel/src/ssl/{t1_lib.cc → extensions.cc} +24 -11
  770. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +9 -0
  771. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +75 -68
  772. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +17 -9
  773. data/third_party/boringssl-with-bazel/src/ssl/internal.h +25 -6
  774. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +1 -2
  775. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +11 -5
  776. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +0 -49
  777. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +121 -65
  778. data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +14 -6
  779. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +9 -11
  780. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +2 -2
  781. data/third_party/upb/upb/decode.c +129 -60
  782. data/third_party/upb/upb/decode.h +32 -4
  783. data/third_party/upb/upb/decode_fast.c +513 -500
  784. data/third_party/upb/upb/decode_fast.h +27 -0
  785. data/third_party/upb/upb/{decode.int.h → decode_internal.h} +38 -8
  786. data/third_party/upb/upb/def.c +171 -181
  787. data/third_party/upb/upb/def.h +41 -19
  788. data/third_party/upb/upb/def.hpp +29 -0
  789. data/third_party/upb/upb/encode.c +49 -16
  790. data/third_party/upb/upb/encode.h +29 -2
  791. data/third_party/upb/upb/msg.c +169 -28
  792. data/third_party/upb/upb/msg.h +75 -580
  793. data/third_party/upb/upb/msg_internal.h +687 -0
  794. data/third_party/upb/upb/port_def.inc +85 -24
  795. data/third_party/upb/upb/port_undef.inc +38 -1
  796. data/third_party/upb/upb/reflection.c +29 -37
  797. data/third_party/upb/upb/reflection.h +36 -8
  798. data/third_party/upb/upb/reflection.hpp +37 -0
  799. data/third_party/upb/upb/table.c +211 -86
  800. data/third_party/upb/upb/{table.int.h → table_internal.h} +56 -180
  801. data/third_party/upb/upb/text_encode.c +32 -4
  802. data/third_party/upb/upb/text_encode.h +26 -0
  803. data/third_party/upb/upb/upb.c +59 -8
  804. data/third_party/upb/upb/upb.h +36 -6
  805. data/third_party/upb/upb/upb.hpp +24 -0
  806. data/third_party/upb/upb/upb_internal.h +58 -0
  807. metadata +58 -56
  808. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +0 -179
  809. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_libuv.cc +0 -38
  810. data/src/core/ext/transport/chttp2/transport/hpack_table.cc +0 -243
  811. data/src/core/ext/transport/chttp2/transport/hpack_table.h +0 -148
  812. data/src/core/lib/gpr/tls_gcc.h +0 -52
  813. data/src/core/lib/gpr/tls_msvc.h +0 -54
  814. data/src/core/lib/gpr/tls_pthread.cc +0 -30
  815. data/src/core/lib/gpr/tls_pthread.h +0 -56
  816. data/src/core/lib/gpr/tls_stdcpp.h +0 -48
  817. data/src/core/lib/gprpp/atomic.h +0 -104
  818. data/src/core/lib/iomgr/endpoint_pair_uv.cc +0 -40
  819. data/src/core/lib/iomgr/iomgr_uv.cc +0 -43
  820. data/src/core/lib/iomgr/pollset_uv.cc +0 -95
  821. data/src/core/lib/iomgr/pollset_uv.h +0 -36
  822. data/src/core/lib/iomgr/sockaddr_custom.h +0 -54
  823. data/src/core/lib/iomgr/socket_utils_uv.cc +0 -49
  824. data/src/core/lib/iomgr/tcp_uv.cc +0 -421
  825. data/src/core/lib/iomgr/timer_uv.cc +0 -66
  826. data/third_party/upb/third_party/wyhash/wyhash.h +0 -145
  827. data/third_party/upb/upb/upb.int.h +0 -29
data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c CHANGED
@@ -22,6 +22,7 @@
22
22
  #include <openssl/cpu.h>
23
23
  #include <openssl/hmac.h>
24
24
  #include <openssl/mem.h>
25
+ #include <openssl/rand.h>
25
26
  #include <openssl/sha.h>
26
27
 
27
28
  #if defined(_MSC_VER)
@@ -939,6 +940,34 @@ OPENSSL_UNUSED static void poly_print(const struct poly *p) {
939
940
  printf("]\n");
940
941
  }
941
942
 
943
+ // POLY_MUL_SCRATCH contains space for the working variables needed by
944
+ // |poly_mul|. The contents afterwards may be discarded, but the object may also
945
+ // be reused with future |poly_mul| calls to save heap allocations.
946
+ //
947
+ // This object must have 32-byte alignment.
948
+ struct POLY_MUL_SCRATCH {
949
+ union {
950
+ // This is used by |poly_mul_novec|.
951
+ struct {
952
+ uint16_t prod[2 * N];
953
+ uint16_t scratch[1318];
954
+ } novec;
955
+
956
+ #if defined(HRSS_HAVE_VECTOR_UNIT)
957
+ // This is used by |poly_mul_vec|.
958
+ struct {
959
+ vec_t prod[VECS_PER_POLY * 2];
960
+ vec_t scratch[172];
961
+ } vec;
962
+ #endif
963
+
964
+ #if defined(POLY_RQ_MUL_ASM)
965
+ // This is the space used by |poly_Rq_mul|.
966
+ uint8_t rq[POLY_MUL_RQ_SCRATCH_SPACE];
967
+ #endif
968
+ } u;
969
+ };
970
+
942
971
  #if defined(HRSS_HAVE_VECTOR_UNIT)
943
972
 
944
973
  // poly_mul_vec_aux is a recursive function that multiplies |n| words from |a|
@@ -1184,8 +1213,8 @@ static void poly_mul_vec_aux(vec_t *restrict out, vec_t *restrict scratch,
1184
1213
  }
1185
1214
 
1186
1215
  // poly_mul_vec sets |*out| to |x|×|y| mod (𝑥^n - 1).
1187
- static void poly_mul_vec(struct poly *out, const struct poly *x,
1188
- const struct poly *y) {
1216
+ static void poly_mul_vec(struct POLY_MUL_SCRATCH *scratch, struct poly *out,
1217
+ const struct poly *x, const struct poly *y) {
1189
1218
  OPENSSL_memset((uint16_t *)&x->v[N], 0, 3 * sizeof(uint16_t));
1190
1219
  OPENSSL_memset((uint16_t *)&y->v[N], 0, 3 * sizeof(uint16_t));
1191
1220
 
@@ -1194,9 +1223,9 @@ static void poly_mul_vec(struct poly *out, const struct poly *x,
1194
1223
  OPENSSL_STATIC_ASSERT(alignof(struct poly) == alignof(vec_t),
1195
1224
  "struct poly has incorrect alignment");
1196
1225
 
1197
- vec_t prod[VECS_PER_POLY * 2];
1198
- vec_t scratch[172];
1199
- poly_mul_vec_aux(prod, scratch, x->vectors, y->vectors, VECS_PER_POLY);
1226
+ vec_t *const prod = scratch->u.vec.prod;
1227
+ vec_t *const aux_scratch = scratch->u.vec.scratch;
1228
+ poly_mul_vec_aux(prod, aux_scratch, x->vectors, y->vectors, VECS_PER_POLY);
1200
1229
 
1201
1230
  // |prod| needs to be reduced mod (𝑥^n - 1), which just involves adding the
1202
1231
  // upper-half to the lower-half. However, N is 701, which isn't a multiple of
@@ -1273,11 +1302,11 @@ static void poly_mul_novec_aux(uint16_t *out, uint16_t *scratch,
1273
1302
  }
1274
1303
 
1275
1304
  // poly_mul_novec sets |*out| to |x|×|y| mod (𝑥^n - 1).
1276
- static void poly_mul_novec(struct poly *out, const struct poly *x,
1277
- const struct poly *y) {
1278
- uint16_t prod[2 * N];
1279
- uint16_t scratch[1318];
1280
- poly_mul_novec_aux(prod, scratch, x->v, y->v, N);
1305
+ static void poly_mul_novec(struct POLY_MUL_SCRATCH *scratch, struct poly *out,
1306
+ const struct poly *x, const struct poly *y) {
1307
+ uint16_t *const prod = scratch->u.novec.prod;
1308
+ uint16_t *const aux_scratch = scratch->u.novec.scratch;
1309
+ poly_mul_novec_aux(prod, aux_scratch, x->v, y->v, N);
1281
1310
 
1282
1311
  for (size_t i = 0; i < N; i++) {
1283
1312
  out->v[i] = prod[i] + prod[i + N];
@@ -1285,25 +1314,25 @@ static void poly_mul_novec(struct poly *out, const struct poly *x,
1285
1314
  OPENSSL_memset(&out->v[N], 0, 3 * sizeof(uint16_t));
1286
1315
  }
1287
1316
 
1288
- static void poly_mul(struct poly *r, const struct poly *a,
1289
- const struct poly *b) {
1317
+ static void poly_mul(struct POLY_MUL_SCRATCH *scratch, struct poly *r,
1318
+ const struct poly *a, const struct poly *b) {
1290
1319
  #if defined(POLY_RQ_MUL_ASM)
1291
1320
  const int has_avx2 = (OPENSSL_ia32cap_P[2] & (1 << 5)) != 0;
1292
1321
  if (has_avx2) {
1293
- poly_Rq_mul(r->v, a->v, b->v);
1322
+ poly_Rq_mul(r->v, a->v, b->v, scratch->u.rq);
1294
1323
  return;
1295
1324
  }
1296
1325
  #endif
1297
1326
 
1298
1327
  #if defined(HRSS_HAVE_VECTOR_UNIT)
1299
1328
  if (vec_capable()) {
1300
- poly_mul_vec(r, a, b);
1329
+ poly_mul_vec(scratch, r, a, b);
1301
1330
  return;
1302
1331
  }
1303
1332
  #endif
1304
1333
 
1305
1334
  // Fallback, non-vector case.
1306
- poly_mul_novec(r, a, b);
1335
+ poly_mul_novec(scratch, r, a, b);
1307
1336
  }
1308
1337
 
1309
1338
  // poly_mul_x_minus_1 sets |p| to |p|×(𝑥 - 1) mod (𝑥^n - 1).
@@ -1548,7 +1577,8 @@ static void poly_invert_mod2(struct poly *out, const struct poly *in) {
1548
1577
  }
1549
1578
 
1550
1579
  // poly_invert sets |*out| to |in^-1| (i.e. such that |*out|×|in| = 1 mod Φ(N)).
1551
- static void poly_invert(struct poly *out, const struct poly *in) {
1580
+ static void poly_invert(struct POLY_MUL_SCRATCH *scratch, struct poly *out,
1581
+ const struct poly *in) {
1552
1582
  // Inversion mod Q, which is done based on the result of inverting mod
1553
1583
  // 2. See [NTRUTN14] paper, bottom of page two.
1554
1584
  struct poly a, *b, tmp;
@@ -1565,9 +1595,9 @@ static void poly_invert(struct poly *out, const struct poly *in) {
1565
1595
  // We are working mod Q=2**13 and we need to iterate ceil(log_2(13))
1566
1596
  // times, which is four.
1567
1597
  for (unsigned i = 0; i < 4; i++) {
1568
- poly_mul(&tmp, &a, b);
1598
+ poly_mul(scratch, &tmp, &a, b);
1569
1599
  tmp.v[0] += 2;
1570
- poly_mul(b, b, &tmp);
1600
+ poly_mul(scratch, b, b, &tmp);
1571
1601
  }
1572
1602
  }
1573
1603
 
@@ -1871,9 +1901,7 @@ static struct public_key *public_key_from_external(
1871
1901
  sizeof(struct HRSS_public_key) >= sizeof(struct public_key) + 15,
1872
1902
  "HRSS public key too small");
1873
1903
 
1874
- uintptr_t p = (uintptr_t)ext;
1875
- p = (p + 15) & ~15;
1876
- return (struct public_key *)p;
1904
+ return align_pointer(ext->opaque, 16);
1877
1905
  }
1878
1906
 
1879
1907
  // private_key_from_external does the same thing as |public_key_from_external|,
@@ -1885,151 +1913,219 @@ static struct private_key *private_key_from_external(
1885
1913
  sizeof(struct HRSS_private_key) >= sizeof(struct private_key) + 15,
1886
1914
  "HRSS private key too small");
1887
1915
 
1888
- uintptr_t p = (uintptr_t)ext;
1889
- p = (p + 15) & ~15;
1890
- return (struct private_key *)p;
1916
+ return align_pointer(ext->opaque, 16);
1891
1917
  }
1892
1918
 
1893
- void HRSS_generate_key(
1919
+ // malloc_align32 returns a pointer to |size| bytes of 32-byte-aligned heap and
1920
+ // sets |*out_ptr| to a value that can be passed to |OPENSSL_free| to release
1921
+ // it. It returns NULL if out of memory.
1922
+ static void *malloc_align32(void **out_ptr, size_t size) {
1923
+ void *ptr = OPENSSL_malloc(size + 31);
1924
+ if (!ptr) {
1925
+ *out_ptr = NULL;
1926
+ return NULL;
1927
+ }
1928
+
1929
+ *out_ptr = ptr;
1930
+ return align_pointer(ptr, 32);
1931
+ }
1932
+
1933
+ int HRSS_generate_key(
1894
1934
  struct HRSS_public_key *out_pub, struct HRSS_private_key *out_priv,
1895
1935
  const uint8_t in[HRSS_SAMPLE_BYTES + HRSS_SAMPLE_BYTES + 32]) {
1896
1936
  struct public_key *pub = public_key_from_external(out_pub);
1897
1937
  struct private_key *priv = private_key_from_external(out_priv);
1898
1938
 
1939
+ struct vars {
1940
+ struct POLY_MUL_SCRATCH scratch;
1941
+ struct poly f;
1942
+ struct poly pg_phi1;
1943
+ struct poly pfg_phi1;
1944
+ struct poly pfg_phi1_inverse;
1945
+ };
1946
+
1947
+ void *malloc_ptr;
1948
+ struct vars *const vars = malloc_align32(&malloc_ptr, sizeof(struct vars));
1949
+ if (!vars) {
1950
+ // If the caller ignores the return value the output will still be safe.
1951
+ // The private key output is randomised in case it's later passed to
1952
+ // |HRSS_encap|.
1953
+ memset(out_pub, 0, sizeof(struct HRSS_public_key));
1954
+ RAND_bytes((uint8_t*) out_priv, sizeof(struct HRSS_private_key));
1955
+ return 0;
1956
+ }
1957
+
1899
1958
  OPENSSL_memcpy(priv->hmac_key, in + 2 * HRSS_SAMPLE_BYTES,
1900
1959
  sizeof(priv->hmac_key));
1901
1960
 
1902
- struct poly f;
1903
- poly_short_sample_plus(&f, in);
1904
- poly3_from_poly(&priv->f, &f);
1961
+ poly_short_sample_plus(&vars->f, in);
1962
+ poly3_from_poly(&priv->f, &vars->f);
1905
1963
  HRSS_poly3_invert(&priv->f_inverse, &priv->f);
1906
1964
 
1907
1965
  // pg_phi1 is p (i.e. 3) × g × Φ(1) (i.e. 𝑥-1).
1908
- struct poly pg_phi1;
1909
- poly_short_sample_plus(&pg_phi1, in + HRSS_SAMPLE_BYTES);
1966
+ poly_short_sample_plus(&vars->pg_phi1, in + HRSS_SAMPLE_BYTES);
1910
1967
  for (unsigned i = 0; i < N; i++) {
1911
- pg_phi1.v[i] *= 3;
1968
+ vars->pg_phi1.v[i] *= 3;
1912
1969
  }
1913
- poly_mul_x_minus_1(&pg_phi1);
1970
+ poly_mul_x_minus_1(&vars->pg_phi1);
1914
1971
 
1915
- struct poly pfg_phi1;
1916
- poly_mul(&pfg_phi1, &f, &pg_phi1);
1972
+ poly_mul(&vars->scratch, &vars->pfg_phi1, &vars->f, &vars->pg_phi1);
1917
1973
 
1918
- struct poly pfg_phi1_inverse;
1919
- poly_invert(&pfg_phi1_inverse, &pfg_phi1);
1974
+ poly_invert(&vars->scratch, &vars->pfg_phi1_inverse, &vars->pfg_phi1);
1920
1975
 
1921
- poly_mul(&pub->ph, &pfg_phi1_inverse, &pg_phi1);
1922
- poly_mul(&pub->ph, &pub->ph, &pg_phi1);
1976
+ poly_mul(&vars->scratch, &pub->ph, &vars->pfg_phi1_inverse, &vars->pg_phi1);
1977
+ poly_mul(&vars->scratch, &pub->ph, &pub->ph, &vars->pg_phi1);
1923
1978
  poly_clamp(&pub->ph);
1924
1979
 
1925
- poly_mul(&priv->ph_inverse, &pfg_phi1_inverse, &f);
1926
- poly_mul(&priv->ph_inverse, &priv->ph_inverse, &f);
1980
+ poly_mul(&vars->scratch, &priv->ph_inverse, &vars->pfg_phi1_inverse,
1981
+ &vars->f);
1982
+ poly_mul(&vars->scratch, &priv->ph_inverse, &priv->ph_inverse, &vars->f);
1927
1983
  poly_clamp(&priv->ph_inverse);
1984
+
1985
+ OPENSSL_free(malloc_ptr);
1986
+ return 1;
1928
1987
  }
1929
1988
 
1930
1989
  static const char kSharedKey[] = "shared key";
1931
1990
 
1932
- void HRSS_encap(uint8_t out_ciphertext[POLY_BYTES],
1933
- uint8_t out_shared_key[32],
1934
- const struct HRSS_public_key *in_pub,
1935
- const uint8_t in[HRSS_SAMPLE_BYTES + HRSS_SAMPLE_BYTES]) {
1991
+ int HRSS_encap(uint8_t out_ciphertext[POLY_BYTES], uint8_t out_shared_key[32],
1992
+ const struct HRSS_public_key *in_pub,
1993
+ const uint8_t in[HRSS_SAMPLE_BYTES + HRSS_SAMPLE_BYTES]) {
1936
1994
  const struct public_key *pub =
1937
1995
  public_key_from_external((struct HRSS_public_key *)in_pub);
1938
- struct poly m, r, m_lifted;
1939
- poly_short_sample(&m, in);
1940
- poly_short_sample(&r, in + HRSS_SAMPLE_BYTES);
1941
- poly_lift(&m_lifted, &m);
1942
1996
 
1943
- struct poly prh_plus_m;
1944
- poly_mul(&prh_plus_m, &r, &pub->ph);
1997
+ struct vars {
1998
+ struct POLY_MUL_SCRATCH scratch;
1999
+ struct poly m, r, m_lifted;
2000
+ struct poly prh_plus_m;
2001
+ SHA256_CTX hash_ctx;
2002
+ uint8_t m_bytes[HRSS_POLY3_BYTES];
2003
+ uint8_t r_bytes[HRSS_POLY3_BYTES];
2004
+ };
2005
+
2006
+ void *malloc_ptr;
2007
+ struct vars *const vars = malloc_align32(&malloc_ptr, sizeof(struct vars));
2008
+ if (!vars) {
2009
+ // If the caller ignores the return value the output will still be safe.
2010
+ // The private key output is randomised in case it's used to encrypt and
2011
+ // transmit something.
2012
+ memset(out_ciphertext, 0, POLY_BYTES);
2013
+ RAND_bytes(out_shared_key, 32);
2014
+ return 0;
2015
+ }
2016
+
2017
+ poly_short_sample(&vars->m, in);
2018
+ poly_short_sample(&vars->r, in + HRSS_SAMPLE_BYTES);
2019
+ poly_lift(&vars->m_lifted, &vars->m);
2020
+
2021
+ poly_mul(&vars->scratch, &vars->prh_plus_m, &vars->r, &pub->ph);
1945
2022
  for (unsigned i = 0; i < N; i++) {
1946
- prh_plus_m.v[i] += m_lifted.v[i];
2023
+ vars->prh_plus_m.v[i] += vars->m_lifted.v[i];
1947
2024
  }
1948
2025
 
1949
- poly_marshal(out_ciphertext, &prh_plus_m);
2026
+ poly_marshal(out_ciphertext, &vars->prh_plus_m);
2027
+
2028
+ poly_marshal_mod3(vars->m_bytes, &vars->m);
2029
+ poly_marshal_mod3(vars->r_bytes, &vars->r);
1950
2030
 
1951
- uint8_t m_bytes[HRSS_POLY3_BYTES], r_bytes[HRSS_POLY3_BYTES];
1952
- poly_marshal_mod3(m_bytes, &m);
1953
- poly_marshal_mod3(r_bytes, &r);
2031
+ SHA256_Init(&vars->hash_ctx);
2032
+ SHA256_Update(&vars->hash_ctx, kSharedKey, sizeof(kSharedKey));
2033
+ SHA256_Update(&vars->hash_ctx, vars->m_bytes, sizeof(vars->m_bytes));
2034
+ SHA256_Update(&vars->hash_ctx, vars->r_bytes, sizeof(vars->r_bytes));
2035
+ SHA256_Update(&vars->hash_ctx, out_ciphertext, POLY_BYTES);
2036
+ SHA256_Final(out_shared_key, &vars->hash_ctx);
1954
2037
 
1955
- SHA256_CTX hash_ctx;
1956
- SHA256_Init(&hash_ctx);
1957
- SHA256_Update(&hash_ctx, kSharedKey, sizeof(kSharedKey));
1958
- SHA256_Update(&hash_ctx, m_bytes, sizeof(m_bytes));
1959
- SHA256_Update(&hash_ctx, r_bytes, sizeof(r_bytes));
1960
- SHA256_Update(&hash_ctx, out_ciphertext, POLY_BYTES);
1961
- SHA256_Final(out_shared_key, &hash_ctx);
2038
+ OPENSSL_free(malloc_ptr);
2039
+ return 1;
1962
2040
  }
1963
2041
 
1964
- void HRSS_decap(uint8_t out_shared_key[HRSS_KEY_BYTES],
2042
+ int HRSS_decap(uint8_t out_shared_key[HRSS_KEY_BYTES],
1965
2043
  const struct HRSS_private_key *in_priv,
1966
2044
  const uint8_t *ciphertext, size_t ciphertext_len) {
1967
2045
  const struct private_key *priv =
1968
2046
  private_key_from_external((struct HRSS_private_key *)in_priv);
1969
2047
 
2048
+ struct vars {
2049
+ struct POLY_MUL_SCRATCH scratch;
2050
+ uint8_t masked_key[SHA256_CBLOCK];
2051
+ SHA256_CTX hash_ctx;
2052
+ struct poly c;
2053
+ struct poly f, cf;
2054
+ struct poly3 cf3, m3;
2055
+ struct poly m, m_lifted;
2056
+ struct poly r;
2057
+ struct poly3 r3;
2058
+ uint8_t expected_ciphertext[HRSS_CIPHERTEXT_BYTES];
2059
+ uint8_t m_bytes[HRSS_POLY3_BYTES];
2060
+ uint8_t r_bytes[HRSS_POLY3_BYTES];
2061
+ uint8_t shared_key[32];
2062
+ };
2063
+
2064
+ void *malloc_ptr;
2065
+ struct vars *const vars = malloc_align32(&malloc_ptr, sizeof(struct vars));
2066
+ if (!vars) {
2067
+ // If the caller ignores the return value the output will still be safe.
2068
+ // The private key output is randomised in case it's used to encrypt and
2069
+ // transmit something.
2070
+ RAND_bytes(out_shared_key, HRSS_KEY_BYTES);
2071
+ return 0;
2072
+ }
2073
+
1970
2074
  // This is HMAC, expanded inline rather than using the |HMAC| function so that
1971
2075
  // we can avoid dealing with possible allocation failures and so keep this
1972
2076
  // function infallible.
1973
- uint8_t masked_key[SHA256_CBLOCK];
1974
- OPENSSL_STATIC_ASSERT(sizeof(priv->hmac_key) <= sizeof(masked_key),
2077
+ OPENSSL_STATIC_ASSERT(sizeof(priv->hmac_key) <= sizeof(vars->masked_key),
1975
2078
  "HRSS HMAC key larger than SHA-256 block size");
1976
2079
  for (size_t i = 0; i < sizeof(priv->hmac_key); i++) {
1977
- masked_key[i] = priv->hmac_key[i] ^ 0x36;
2080
+ vars->masked_key[i] = priv->hmac_key[i] ^ 0x36;
1978
2081
  }
1979
- OPENSSL_memset(masked_key + sizeof(priv->hmac_key), 0x36,
1980
- sizeof(masked_key) - sizeof(priv->hmac_key));
2082
+ OPENSSL_memset(vars->masked_key + sizeof(priv->hmac_key), 0x36,
2083
+ sizeof(vars->masked_key) - sizeof(priv->hmac_key));
1981
2084
 
1982
- SHA256_CTX hash_ctx;
1983
- SHA256_Init(&hash_ctx);
1984
- SHA256_Update(&hash_ctx, masked_key, sizeof(masked_key));
1985
- SHA256_Update(&hash_ctx, ciphertext, ciphertext_len);
2085
+ SHA256_Init(&vars->hash_ctx);
2086
+ SHA256_Update(&vars->hash_ctx, vars->masked_key, sizeof(vars->masked_key));
2087
+ SHA256_Update(&vars->hash_ctx, ciphertext, ciphertext_len);
1986
2088
  uint8_t inner_digest[SHA256_DIGEST_LENGTH];
1987
- SHA256_Final(inner_digest, &hash_ctx);
2089
+ SHA256_Final(inner_digest, &vars->hash_ctx);
1988
2090
 
1989
2091
  for (size_t i = 0; i < sizeof(priv->hmac_key); i++) {
1990
- masked_key[i] ^= (0x5c ^ 0x36);
2092
+ vars->masked_key[i] ^= (0x5c ^ 0x36);
1991
2093
  }
1992
- OPENSSL_memset(masked_key + sizeof(priv->hmac_key), 0x5c,
1993
- sizeof(masked_key) - sizeof(priv->hmac_key));
2094
+ OPENSSL_memset(vars->masked_key + sizeof(priv->hmac_key), 0x5c,
2095
+ sizeof(vars->masked_key) - sizeof(priv->hmac_key));
1994
2096
 
1995
- SHA256_Init(&hash_ctx);
1996
- SHA256_Update(&hash_ctx, masked_key, sizeof(masked_key));
1997
- SHA256_Update(&hash_ctx, inner_digest, sizeof(inner_digest));
2097
+ SHA256_Init(&vars->hash_ctx);
2098
+ SHA256_Update(&vars->hash_ctx, vars->masked_key, sizeof(vars->masked_key));
2099
+ SHA256_Update(&vars->hash_ctx, inner_digest, sizeof(inner_digest));
1998
2100
  OPENSSL_STATIC_ASSERT(HRSS_KEY_BYTES == SHA256_DIGEST_LENGTH,
1999
2101
  "HRSS shared key length incorrect");
2000
- SHA256_Final(out_shared_key, &hash_ctx);
2102
+ SHA256_Final(out_shared_key, &vars->hash_ctx);
2001
2103
 
2002
- struct poly c;
2003
2104
  // If the ciphertext is publicly invalid then a random shared key is still
2004
2105
  // returned to simply the logic of the caller, but this path is not constant
2005
2106
  // time.
2006
2107
  if (ciphertext_len != HRSS_CIPHERTEXT_BYTES ||
2007
- !poly_unmarshal(&c, ciphertext)) {
2008
- return;
2108
+ !poly_unmarshal(&vars->c, ciphertext)) {
2109
+ goto out;
2009
2110
  }
2010
2111
 
2011
- struct poly f, cf;
2012
- struct poly3 cf3, m3;
2013
- poly_from_poly3(&f, &priv->f);
2014
- poly_mul(&cf, &c, &f);
2015
- poly3_from_poly(&cf3, &cf);
2112
+ poly_from_poly3(&vars->f, &priv->f);
2113
+ poly_mul(&vars->scratch, &vars->cf, &vars->c, &vars->f);
2114
+ poly3_from_poly(&vars->cf3, &vars->cf);
2016
2115
  // Note that cf3 is not reduced mod Φ(N). That reduction is deferred.
2017
- HRSS_poly3_mul(&m3, &cf3, &priv->f_inverse);
2116
+ HRSS_poly3_mul(&vars->m3, &vars->cf3, &priv->f_inverse);
2018
2117
 
2019
- struct poly m, m_lifted;
2020
- poly_from_poly3(&m, &m3);
2021
- poly_lift(&m_lifted, &m);
2118
+ poly_from_poly3(&vars->m, &vars->m3);
2119
+ poly_lift(&vars->m_lifted, &vars->m);
2022
2120
 
2023
- struct poly r;
2024
2121
  for (unsigned i = 0; i < N; i++) {
2025
- r.v[i] = c.v[i] - m_lifted.v[i];
2122
+ vars->r.v[i] = vars->c.v[i] - vars->m_lifted.v[i];
2026
2123
  }
2027
- poly_mul(&r, &r, &priv->ph_inverse);
2028
- poly_mod_phiN(&r);
2029
- poly_clamp(&r);
2124
+ poly_mul(&vars->scratch, &vars->r, &vars->r, &priv->ph_inverse);
2125
+ poly_mod_phiN(&vars->r);
2126
+ poly_clamp(&vars->r);
2030
2127
 
2031
- struct poly3 r3;
2032
- crypto_word_t ok = poly3_from_poly_checked(&r3, &r);
2128
+ crypto_word_t ok = poly3_from_poly_checked(&vars->r3, &vars->r);
2033
2129
 
2034
2130
  // [NTRUCOMP] section 5.1 includes ReEnc2 and a proof that it's valid. Rather
2035
2131
  // than do an expensive |poly_mul|, it rebuilds |c'| from |c - lift(m)|
@@ -2054,32 +2150,34 @@ void HRSS_decap(uint8_t out_shared_key[HRSS_KEY_BYTES],
2054
2150
  // The |poly_marshal| here then is just confirming that |poly_unmarshal| is
2055
2151
  // strict and could be omitted.
2056
2152
 
2057
- uint8_t expected_ciphertext[HRSS_CIPHERTEXT_BYTES];
2058
2153
  OPENSSL_STATIC_ASSERT(HRSS_CIPHERTEXT_BYTES == POLY_BYTES,
2059
2154
  "ciphertext is the wrong size");
2060
- assert(ciphertext_len == sizeof(expected_ciphertext));
2061
- poly_marshal(expected_ciphertext, &c);
2062
-
2063
- uint8_t m_bytes[HRSS_POLY3_BYTES];
2064
- uint8_t r_bytes[HRSS_POLY3_BYTES];
2065
- poly_marshal_mod3(m_bytes, &m);
2066
- poly_marshal_mod3(r_bytes, &r);
2067
-
2068
- ok &= constant_time_is_zero_w(CRYPTO_memcmp(ciphertext, expected_ciphertext,
2069
- sizeof(expected_ciphertext)));
2070
-
2071
- uint8_t shared_key[32];
2072
- SHA256_Init(&hash_ctx);
2073
- SHA256_Update(&hash_ctx, kSharedKey, sizeof(kSharedKey));
2074
- SHA256_Update(&hash_ctx, m_bytes, sizeof(m_bytes));
2075
- SHA256_Update(&hash_ctx, r_bytes, sizeof(r_bytes));
2076
- SHA256_Update(&hash_ctx, expected_ciphertext, sizeof(expected_ciphertext));
2077
- SHA256_Final(shared_key, &hash_ctx);
2078
-
2079
- for (unsigned i = 0; i < sizeof(shared_key); i++) {
2155
+ assert(ciphertext_len == sizeof(vars->expected_ciphertext));
2156
+ poly_marshal(vars->expected_ciphertext, &vars->c);
2157
+
2158
+ poly_marshal_mod3(vars->m_bytes, &vars->m);
2159
+ poly_marshal_mod3(vars->r_bytes, &vars->r);
2160
+
2161
+ ok &= constant_time_is_zero_w(
2162
+ CRYPTO_memcmp(ciphertext, vars->expected_ciphertext,
2163
+ sizeof(vars->expected_ciphertext)));
2164
+
2165
+ SHA256_Init(&vars->hash_ctx);
2166
+ SHA256_Update(&vars->hash_ctx, kSharedKey, sizeof(kSharedKey));
2167
+ SHA256_Update(&vars->hash_ctx, vars->m_bytes, sizeof(vars->m_bytes));
2168
+ SHA256_Update(&vars->hash_ctx, vars->r_bytes, sizeof(vars->r_bytes));
2169
+ SHA256_Update(&vars->hash_ctx, vars->expected_ciphertext,
2170
+ sizeof(vars->expected_ciphertext));
2171
+ SHA256_Final(vars->shared_key, &vars->hash_ctx);
2172
+
2173
+ for (unsigned i = 0; i < sizeof(vars->shared_key); i++) {
2080
2174
  out_shared_key[i] =
2081
- constant_time_select_8(ok, shared_key[i], out_shared_key[i]);
2175
+ constant_time_select_8(ok, vars->shared_key[i], out_shared_key[i]);
2082
2176
  }
2177
+
2178
+ out:
2179
+ OPENSSL_free(malloc_ptr);
2180
+ return 1;
2083
2181
  }
2084
2182
 
2085
2183
  void HRSS_marshal_public_key(uint8_t out[HRSS_PUBLIC_KEY_BYTES],
data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h CHANGED
@@ -47,10 +47,17 @@ OPENSSL_EXPORT void HRSS_poly3_invert(struct poly3 *out,
47
47
  #if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_SMALL) && \
48
48
  defined(OPENSSL_X86_64) && defined(OPENSSL_LINUX)
49
49
  #define POLY_RQ_MUL_ASM
50
+ // POLY_MUL_RQ_SCRATCH_SPACE is the number of bytes of scratch space needed
51
+ // by the assembly function poly_Rq_mul.
52
+ #define POLY_MUL_RQ_SCRATCH_SPACE (6144 + 6144 + 12288 + 512 + 9408 + 32)
53
+
50
54
  // poly_Rq_mul is defined in assembly. Inputs and outputs must be 16-byte-
51
55
  // aligned.
52
- extern void poly_Rq_mul(uint16_t r[N + 3], const uint16_t a[N + 3],
53
- const uint16_t b[N + 3]);
56
+ extern void poly_Rq_mul(
57
+ uint16_t r[N + 3], const uint16_t a[N + 3], const uint16_t b[N + 3],
58
+ // The following should be `scratch[POLY_MUL_RQ_SCRATCH_SPACE]` but
59
+ // GCC 11.1 has a bug with unions that breaks that.
60
+ uint8_t scratch[]);
54
61
  #endif
55
62
 
56
63
 
data/third_party/boringssl-with-bazel/src/crypto/internal.h CHANGED
@@ -209,6 +209,9 @@ typedef __uint128_t uint128_t;
209
209
  #define OPENSSL_SSE2
210
210
  #endif
211
211
 
212
+
213
+ // Pointer utility functions.
214
+
212
215
  // buffers_alias returns one if |a| and |b| alias and zero otherwise.
213
216
  static inline int buffers_alias(const uint8_t *a, size_t a_len,
214
217
  const uint8_t *b, size_t b_len) {
@@ -221,6 +224,23 @@ static inline int buffers_alias(const uint8_t *a, size_t a_len,
221
224
  return a_u + a_len > b_u && b_u + b_len > a_u;
222
225
  }
223
226
 
227
+ // align_pointer returns |ptr|, advanced to |alignment|. |alignment| must be a
228
+ // power of two, and |ptr| must have at least |alignment - 1| bytes of scratch
229
+ // space.
230
+ static inline void *align_pointer(void *ptr, size_t alignment) {
231
+ // |alignment| must be a power of two.
232
+ assert(alignment != 0 && (alignment & (alignment - 1)) == 0);
233
+ // Instead of aligning |ptr| as a |uintptr_t| and casting back, compute the
234
+ // offset and advance in pointer space. C guarantees that casting from pointer
235
+ // to |uintptr_t| and back gives the same pointer, but general
236
+ // integer-to-pointer conversions are implementation-defined. GCC does define
237
+ // it in the useful way, but this makes fewer assumptions.
238
+ uintptr_t offset = (0u - (uintptr_t)ptr) & (alignment - 1);
239
+ ptr = (char *)ptr + offset;
240
+ assert(((uintptr_t)ptr & (alignment - 1)) == 0);
241
+ return ptr;
242
+ }
243
+
224
244
 
225
245
  // Constant-time utility functions.
226
246
  //
@@ -472,8 +492,9 @@ OPENSSL_EXPORT void CRYPTO_once(CRYPTO_once_t *once, void (*init)(void));
472
492
  // Reference counting.
473
493
 
474
494
  // Automatically enable C11 atomics if implemented.
475
- #if !defined(OPENSSL_C11_ATOMIC) && !defined(__STDC_NO_ATOMICS__) && \
476
- defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
495
+ #if !defined(OPENSSL_C11_ATOMIC) && defined(OPENSSL_THREADS) && \
496
+ !defined(__STDC_NO_ATOMICS__) && defined(__STDC_VERSION__) && \
497
+ __STDC_VERSION__ >= 201112L
477
498
  #define OPENSSL_C11_ATOMIC
478
499
  #endif
479
500