grpc 1.41.0 → 1.41.1

data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c

@@ -1262,12 +1262,14 @@ static int rsa_generate_key_impl(RSA *rsa, int bits, const BIGNUM *e_value,
     // values for d.
   } while (BN_cmp(rsa->d, pow2_prime_bits) <= 0);
 
+  assert(BN_num_bits(pm1) == (unsigned)prime_bits);
+  assert(BN_num_bits(qm1) == (unsigned)prime_bits);
   if (// Calculate n.
       !bn_mul_consttime(rsa->n, rsa->p, rsa->q, ctx) ||
       // Calculate d mod (p-1).
-      !bn_div_consttime(NULL, rsa->dmp1, rsa->d, pm1, ctx) ||
+      !bn_div_consttime(NULL, rsa->dmp1, rsa->d, pm1, prime_bits, ctx) ||
       // Calculate d mod (q-1)
-      !bn_div_consttime(NULL, rsa->dmq1, rsa->d, qm1, ctx)) {
+      !bn_div_consttime(NULL, rsa->dmq1, rsa->d, qm1, prime_bits, ctx)) {
     goto bn_err;
   }
   bn_set_minimal_width(rsa->n);

data/third_party/boringssl-with-bazel/src/crypto/mem.c

@@ -324,22 +324,15 @@ int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) {
 }
 
 char *OPENSSL_strndup(const char *str, size_t size) {
-  char *ret;
-  size_t alloc_size;
-
-  if (str == NULL) {
-    return NULL;
-  }
-
   size = OPENSSL_strnlen(str, size);
 
-  alloc_size = size + 1;
+  size_t alloc_size = size + 1;
   if (alloc_size < size) {
     // overflow
     OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE);
     return NULL;
   }
-  ret = OPENSSL_malloc(alloc_size);
+  char *ret = OPENSSL_malloc(alloc_size);
   if (ret == NULL) {
     OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE);
     return NULL;
@@ -387,3 +380,13 @@ void *OPENSSL_memdup(const void *data, size_t size) {
   OPENSSL_memcpy(ret, data, size);
   return ret;
 }
+
+void *CRYPTO_malloc(size_t size, const char *file, int line) {
+  return OPENSSL_malloc(size);
+}
+
+void *CRYPTO_realloc(void *ptr, size_t new_size, const char *file, int line) {
+  return OPENSSL_realloc(ptr, new_size);
+}
+
+void CRYPTO_free(void *ptr, const char *file, int line) { OPENSSL_free(ptr); }

data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c

@@ -157,8 +157,6 @@ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb,
     return pkey_get_rsa(pktmp, rsa);
 }
 
-#ifndef OPENSSL_NO_FP_API
-
 RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u)
 {
     EVP_PKEY *pktmp;
@@ -166,8 +164,6 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u)
     return pkey_get_rsa(pktmp, rsa);
 }
 
-#endif
-
 IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA,
                              RSAPrivateKey)
 
@@ -205,7 +201,6 @@ IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA,
                              DSAPrivateKey)
 
     IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
-# ifndef OPENSSL_NO_FP_API
 DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, void *u)
 {
     EVP_PKEY *pktmp;
@@ -213,8 +208,6 @@ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, void *u)
     return pkey_get_dsa(pktmp, dsa); /* will free pktmp */
 }
 
-# endif
-
 IMPLEMENT_PEM_rw_const(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams)
 #endif
 static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey)
@@ -245,7 +238,6 @@ IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY,
                        ECPrivateKey)
 
     IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY)
-#ifndef OPENSSL_NO_FP_API
 EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb,
                               void *u)
 {
@@ -254,7 +246,6 @@ EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb,
     return pkey_get_eckey(pktmp, eckey); /* will free pktmp */
 }
 
-#endif
 
 IMPLEMENT_PEM_write_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
 

data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c

@@ -70,7 +70,6 @@
 #include <openssl/rsa.h>
 #include <openssl/x509.h>
 
-#ifndef OPENSSL_NO_FP_API
 STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
                                         pem_password_cb *cb, void *u)
 {
@@ -83,7 +82,6 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
     BIO_free(b);
     return ret;
 }
-#endif
 
 enum parse_result_t {
     parse_ok,

data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c

@@ -117,7 +117,6 @@ void PEM_dek_info(char *buf, const char *type, int len, char *str)
     buf[j + i * 2 + 1] = '\0';
 }
 
-#ifndef OPENSSL_NO_FP_API
 void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
                     pem_password_cb *cb, void *u)
 {
@@ -130,7 +129,6 @@ void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
     BIO_free(b);
     return ret;
 }
-#endif
 
 static int check_pem(const char *nm, const char *name)
 {
@@ -252,7 +250,6 @@ int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
     return ret;
 }
 
-#ifndef OPENSSL_NO_FP_API
 int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
                    void *x, const EVP_CIPHER *enc, unsigned char *kstr,
                    int klen, pem_password_cb *callback, void *u)
@@ -266,7 +263,6 @@ int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
     BIO_free(b);
     return ret;
 }
-#endif
 
 int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
                        void *x, const EVP_CIPHER *enc, unsigned char *kstr,
@@ -507,7 +503,6 @@ static int load_iv(char **fromp, unsigned char *to, int num)
     return (1);
 }
 
-#ifndef OPENSSL_NO_FP_API
 int PEM_write(FILE *fp, const char *name, const char *header,
               const unsigned char *data, long len)
 {
@@ -520,7 +515,6 @@ int PEM_write(FILE *fp, const char *name, const char *header,
     BIO_free(b);
     return (ret);
 }
-#endif
 
 int PEM_write_bio(BIO *bp, const char *name, const char *header,
                   const unsigned char *data, long len)
@@ -578,7 +572,6 @@ int PEM_write_bio(BIO *bp, const char *name, const char *header,
     return (0);
 }
 
-#ifndef OPENSSL_NO_FP_API
 int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,
              long *len)
 {
@@ -591,7 +584,6 @@ int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,
     BIO_free(b);
     return (ret);
 }
-#endif
 
 int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
                  long *len)

data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c

@@ -190,7 +190,6 @@ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
     return ret;
 }
 
-#ifndef OPENSSL_NO_FP_API
 
 int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
                            char *kstr, int klen, pem_password_cb *cb, void *u)
@@ -248,7 +247,6 @@ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
     return ret;
 }
 
-#endif
 
 IMPLEMENT_PEM_rw(PKCS8, X509_SIG, PEM_STRING_PKCS8, X509_SIG)
 

data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c

@@ -150,7 +150,6 @@ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
     return PEM_write_bio_PKCS8PrivateKey(bp, x, enc, (char *)kstr, klen, cb, u);
 }
 
-#ifndef OPENSSL_NO_FP_API
 EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
                               void *u)
 {
@@ -178,7 +177,6 @@ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
     return ret;
 }
 
-#endif
 
 /* Transparently read in PKCS#3 or X9.42 DH parameters */
 
@@ -203,7 +201,6 @@ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u)
     return ret;
 }
 
-#ifndef OPENSSL_NO_FP_API
 DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u)
 {
     BIO *b = BIO_new_fp(fp, BIO_NOCLOSE);
@@ -215,4 +212,3 @@ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u)
     BIO_free(b);
     return ret;
 }
-#endif

data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h

@@ -32,14 +32,23 @@ extern "C" {
 // NULL.
 int pkcs7_parse_header(uint8_t **der_bytes, CBS *out, CBS *cbs);
 
-// pkcs7_bundle writes a PKCS#7, SignedData structure to |out| and then calls
-// |cb| with a CBB to which certificate or CRL data can be written, and the
-// opaque context pointer, |arg|. The callback can return zero to indicate an
-// error.
+// pkcs7_add_signed_data writes a PKCS#7, SignedData structure to |out|. While
+// doing so it makes callbacks to let the caller fill in parts of the structure.
+// All callbacks are ignored if NULL and return one on success or zero on error.
 //
-// pkcs7_bundle returns one on success or zero on error.
-int pkcs7_bundle(CBB *out, int (*cb)(CBB *out, const void *arg),
-                 const void *arg);
+//   digest_algos_cb: may write AlgorithmIdentifiers into the given CBB, which
+//       is a SET of digest algorithms.
+//   cert_crl_cb: may write the |certificates| or |crls| fields.
+//       (See https://datatracker.ietf.org/doc/html/rfc2315#section-9.1)
+//   signer_infos_cb: may write the contents of the |signerInfos| field.
+//       (See https://datatracker.ietf.org/doc/html/rfc2315#section-9.1)
+//
+// pkcs7_add_signed_data returns one on success or zero on error.
+int pkcs7_add_signed_data(CBB *out,
+                          int (*digest_algos_cb)(CBB *out, const void *arg),
+                          int (*cert_crl_cb)(CBB *out, const void *arg),
+                          int (*signer_infos_cb)(CBB *out, const void *arg),
+                          const void *arg);
 
 
 #if defined(__cplusplus)

data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.c

@@ -131,8 +131,11 @@ err:
   return ret;
 }
 
-int pkcs7_bundle(CBB *out, int (*cb)(CBB *out, const void *arg),
-                 const void *arg) {
+int pkcs7_add_signed_data(CBB *out,
+                          int (*digest_algos_cb)(CBB *out, const void *arg),
+                          int (*cert_crl_cb)(CBB *out, const void *arg),
+                          int (*signer_infos_cb)(CBB *out, const void *arg),
+                          const void *arg) {
   CBB outer_seq, oid, wrapped_seq, seq, version_bytes, digest_algos_set,
       content_info, signer_infos;
 
@@ -147,11 +150,13 @@ int pkcs7_bundle(CBB *out, int (*cb)(CBB *out, const void *arg),
       !CBB_add_asn1(&seq, &version_bytes, CBS_ASN1_INTEGER) ||
       !CBB_add_u8(&version_bytes, 1) ||
       !CBB_add_asn1(&seq, &digest_algos_set, CBS_ASN1_SET) ||
+      (digest_algos_cb != NULL && !digest_algos_cb(&digest_algos_set, arg)) ||
       !CBB_add_asn1(&seq, &content_info, CBS_ASN1_SEQUENCE) ||
       !CBB_add_asn1(&content_info, &oid, CBS_ASN1_OBJECT) ||
       !CBB_add_bytes(&oid, kPKCS7Data, sizeof(kPKCS7Data)) ||
-      !cb(&seq, arg) ||
-      !CBB_add_asn1(&seq, &signer_infos, CBS_ASN1_SET)) {
+      (cert_crl_cb != NULL && !cert_crl_cb(&seq, arg)) ||
+      !CBB_add_asn1(&seq, &signer_infos, CBS_ASN1_SET) ||
+      (signer_infos_cb != NULL && !signer_infos_cb(&signer_infos, arg))) {
     return 0;
   }
 

data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c

@@ -20,6 +20,7 @@
 #include <openssl/bytestring.h>
 #include <openssl/err.h>
 #include <openssl/mem.h>
+#include <openssl/obj.h>
 #include <openssl/pem.h>
 #include <openssl/pool.h>
 #include <openssl/stack.h>
@@ -197,7 +198,9 @@ static int pkcs7_bundle_certificates_cb(CBB *out, const void *arg) {
 }
 
 int PKCS7_bundle_certificates(CBB *out, const STACK_OF(X509) *certs) {
-  return pkcs7_bundle(out, pkcs7_bundle_certificates_cb, certs);
+  return pkcs7_add_signed_data(out, /*digest_algos_cb=*/NULL,
+                               pkcs7_bundle_certificates_cb,
+                               /*signer_infos_cb=*/NULL, certs);
 }
 
 static int pkcs7_bundle_crls_cb(CBB *out, const void *arg) {
@@ -228,7 +231,9 @@ static int pkcs7_bundle_crls_cb(CBB *out, const void *arg) {
 }
 
 int PKCS7_bundle_CRLs(CBB *out, const STACK_OF(X509_CRL) *crls) {
-  return pkcs7_bundle(out, pkcs7_bundle_crls_cb, crls);
+  return pkcs7_add_signed_data(out, /*digest_algos_cb=*/NULL,
+                               pkcs7_bundle_crls_cb,
+                               /*signer_infos_cb=*/NULL, crls);
 }
 
 static PKCS7 *pkcs7_new(CBS *cbs) {
@@ -362,26 +367,160 @@ int PKCS7_type_is_enveloped(const PKCS7 *p7) { return 0; }
 int PKCS7_type_is_signed(const PKCS7 *p7) { return 1; }
 int PKCS7_type_is_signedAndEnveloped(const PKCS7 *p7) { return 0; }
 
+// write_sha256_ai writes an AlgorithmIdentifier for SHA-256 to
+// |digest_algos_set|.
+static int write_sha256_ai(CBB *digest_algos_set, const void *arg) {
+  CBB seq;
+  return CBB_add_asn1(digest_algos_set, &seq, CBS_ASN1_SEQUENCE) &&
+         OBJ_nid2cbb(&seq, NID_sha256) &&  //
+         // https://datatracker.ietf.org/doc/html/rfc5754#section-2
+         // "Implementations MUST generate SHA2 AlgorithmIdentifiers with absent
+         //  parameters."
+         CBB_flush(digest_algos_set);
+}
+
+// sign_sha256 writes at most |max_out_sig| bytes of the signature of |data| by
+// |pkey| to |out_sig| and sets |*out_sig_len| to the number of bytes written.
+// It returns one on success or zero on error.
+static int sign_sha256(uint8_t *out_sig, size_t *out_sig_len,
+                       size_t max_out_sig, EVP_PKEY *pkey, BIO *data) {
+  static const size_t kBufSize = 4096;
+  uint8_t *buffer = OPENSSL_malloc(kBufSize);
+  if (!buffer) {
+    return 0;
+  }
+
+  EVP_MD_CTX ctx;
+  EVP_MD_CTX_init(&ctx);
+
+  int ret = 0;
+  if (!EVP_DigestSignInit(&ctx, NULL, EVP_sha256(), NULL, pkey)) {
+    goto out;
+  }
+
+  for (;;) {
+    const int n = BIO_read(data, buffer, kBufSize);
+    if (n == 0) {
+      break;
+    } else if (n < 0 || !EVP_DigestSignUpdate(&ctx, buffer, n)) {
+      goto out;
+    }
+  }
+
+  *out_sig_len = max_out_sig;
+  if (!EVP_DigestSignFinal(&ctx, out_sig, out_sig_len)) {
+    goto out;
+  }
+
+  ret = 1;
+
+out:
+  EVP_MD_CTX_cleanup(&ctx);
+  OPENSSL_free(buffer);
+  return ret;
+}
+
+struct signer_info_data {
+  const X509 *sign_cert;
+  uint8_t *signature;
+  size_t signature_len;
+};
+
+// write_signer_info writes the SignerInfo structure from
+// https://datatracker.ietf.org/doc/html/rfc2315#section-9.2 to |out|. It
+// returns one on success or zero on error.
+static int write_signer_info(CBB *out, const void *arg) {
+  const struct signer_info_data *const si_data = arg;
+
+  int ret = 0;
+  uint8_t *subject_bytes = NULL;
+  uint8_t *serial_bytes = NULL;
+
+  const int subject_len =
+      i2d_X509_NAME(X509_get_subject_name(si_data->sign_cert), &subject_bytes);
+  const int serial_len = i2d_ASN1_INTEGER(
+      (ASN1_INTEGER *)X509_get0_serialNumber(si_data->sign_cert),
+      &serial_bytes);
+
+  CBB seq, issuer_and_serial, signing_algo, null, signature;
+  if (subject_len < 0 ||
+      serial_len < 0 ||
+      !CBB_add_asn1(out, &seq, CBS_ASN1_SEQUENCE) ||
+      // version
+      !CBB_add_asn1_uint64(&seq, 1) ||
+      !CBB_add_asn1(&seq, &issuer_and_serial, CBS_ASN1_SEQUENCE) ||
+      !CBB_add_bytes(&issuer_and_serial, subject_bytes, subject_len) ||
+      !CBB_add_bytes(&issuer_and_serial, serial_bytes, serial_len) ||
+      !write_sha256_ai(&seq, NULL) ||
+      !CBB_add_asn1(&seq, &signing_algo, CBS_ASN1_SEQUENCE) ||
+      !OBJ_nid2cbb(&signing_algo, NID_rsaEncryption) ||
+      !CBB_add_asn1(&signing_algo, &null, CBS_ASN1_NULL) ||
+      !CBB_add_asn1(&seq, &signature, CBS_ASN1_OCTETSTRING) ||
+      !CBB_add_bytes(&signature, si_data->signature, si_data->signature_len) ||
+      !CBB_flush(out)) {
+    goto out;
+  }
+
+  ret = 1;
+
+out:
+  OPENSSL_free(subject_bytes);
+  OPENSSL_free(serial_bytes);
+  return ret;
+}
+
 PKCS7 *PKCS7_sign(X509 *sign_cert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
                   BIO *data, int flags) {
-  if (sign_cert != NULL || pkey != NULL || flags != PKCS7_DETACHED) {
-    OPENSSL_PUT_ERROR(PKCS7, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+  CBB cbb;
+  if (!CBB_init(&cbb, 2048)) {
     return NULL;
   }
 
-  uint8_t *der;
+  uint8_t *der = NULL;
   size_t len;
-  CBB cbb;
-  if (!CBB_init(&cbb, 2048) ||
-      !PKCS7_bundle_certificates(&cbb, certs) ||
-      !CBB_finish(&cbb, &der, &len)) {
-    CBB_cleanup(&cbb);
-    return NULL;
+  PKCS7 *ret = NULL;
+
+  if (sign_cert == NULL && pkey == NULL && flags == PKCS7_DETACHED) {
+    // Caller just wants to bundle certificates.
+    if (!PKCS7_bundle_certificates(&cbb, certs)) {
+      goto out;
+    }
+  } else if (sign_cert != NULL && pkey != NULL && certs == NULL &&
+             data != NULL &&
+             flags == (PKCS7_NOATTR | PKCS7_BINARY | PKCS7_NOCERTS |
+                       PKCS7_DETACHED) &&
+             EVP_PKEY_id(pkey) == NID_rsaEncryption) {
+    // sign-file.c from the Linux kernel.
+    const size_t signature_max_len = EVP_PKEY_size(pkey);
+    struct signer_info_data si_data = {
+      .sign_cert = sign_cert,
+      .signature = OPENSSL_malloc(signature_max_len),
+    };
+
+    if (!si_data.signature ||
+        !sign_sha256(si_data.signature, &si_data.signature_len,
+                     signature_max_len, pkey, data) ||
+        !pkcs7_add_signed_data(&cbb, write_sha256_ai, /*cert_crl_cb=*/NULL,
+                               write_signer_info, &si_data)) {
+      OPENSSL_free(si_data.signature);
+      goto out;
+    }
+    OPENSSL_free(si_data.signature);
+  } else {
+    OPENSSL_PUT_ERROR(PKCS7, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+    goto out;
+  }
+
+  if (!CBB_finish(&cbb, &der, &len)) {
+    goto out;
   }
 
   CBS cbs;
   CBS_init(&cbs, der, len);
-  PKCS7 *ret = pkcs7_new(&cbs);
+  ret = pkcs7_new(&cbs);
+
+out:
+  CBB_cleanup(&cbb);
   OPENSSL_free(der);
   return ret;
 }

data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c

@@ -1180,7 +1180,7 @@ PKCS12 *PKCS12_create(const char *password, const char *name,
   }
 
   // PKCS#12 is a very confusing recursive data format, built out of another
-  // recursive data format. Section 5.1 of RFC7292 describes the encoding
+  // recursive data format. Section 5.1 of RFC 7292 describes the encoding
   // algorithm, but there is no clear overview. A quick summary:
   //
   // PKCS#7 defines a ContentInfo structure, which is a overgeneralized typed

data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c

@@ -61,6 +61,8 @@
 #include <openssl/pem.h>
 #include <openssl/thread.h>
 
+#include "internal.h"
+
 #ifndef OPENSSL_NO_STDIO
 
 static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,