grpc 1.53.1 → 1.54.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +78 -66
- data/include/grpc/event_engine/event_engine.h +30 -14
- data/include/grpc/grpc_security.h +4 -0
- data/include/grpc/support/port_platform.h +4 -4
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +11 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +6 -0
- data/src/core/ext/filters/client_channel/backup_poller.cc +2 -11
- data/src/core/ext/filters/client_channel/backup_poller.h +0 -3
- data/src/core/ext/filters/client_channel/client_channel.cc +848 -813
- data/src/core/ext/filters/client_channel/client_channel.h +131 -173
- data/src/core/ext/filters/client_channel/client_channel_internal.h +114 -0
- data/src/core/ext/filters/client_channel/config_selector.h +4 -3
- data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +6 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +17 -18
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +134 -151
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2 -16
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +14 -10
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +68 -30
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +11 -3
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -5
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +30 -38
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +20 -26
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +31 -179
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +1 -2
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -2
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +4 -2
- data/src/core/ext/filters/client_channel/retry_filter.cc +95 -102
- data/src/core/ext/filters/client_channel/subchannel.cc +2 -4
- data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +26 -27
- data/src/core/ext/filters/client_channel/subchannel_stream_client.h +8 -5
- data/src/core/ext/filters/http/client/http_client_filter.cc +3 -3
- data/src/core/ext/filters/http/http_filters_plugin.cc +1 -12
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +27 -11
- data/src/core/ext/filters/message_size/message_size_filter.cc +141 -224
- data/src/core/ext/filters/message_size/message_size_filter.h +48 -3
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +7 -6
- data/src/core/ext/gcp/metadata_query.cc +142 -0
- data/src/core/ext/gcp/metadata_query.h +82 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +70 -55
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +8 -12
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -5
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +116 -58
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +5 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +4 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +222 -118
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +113 -295
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +0 -2
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +0 -2
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +277 -451
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +1 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +12 -14
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +1 -9
- data/src/core/ext/transport/chttp2/transport/internal.h +16 -3
- data/src/core/ext/transport/chttp2/transport/parsing.cc +3 -2
- data/src/core/ext/transport/chttp2/transport/writing.cc +10 -5
- data/src/core/ext/transport/inproc/inproc_transport.cc +20 -14
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +23 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +94 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -2
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +120 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +6 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +24 -6
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +111 -12
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +9 -7
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +27 -9
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +11 -7
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +56 -12
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +24 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +24 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +13 -2
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +49 -0
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +24 -9
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +66 -12
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +191 -187
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +139 -136
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +31 -15
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +15 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +54 -45
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +135 -119
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +100 -97
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +15 -18
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +272 -264
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +117 -117
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -0
- data/src/core/ext/xds/xds_channel_stack_modifier.cc +1 -2
- data/src/core/ext/xds/xds_client_stats.cc +29 -15
- data/src/core/ext/xds/xds_client_stats.h +24 -20
- data/src/core/ext/xds/xds_endpoint.cc +5 -2
- data/src/core/ext/xds/xds_endpoint.h +9 -1
- data/src/core/ext/xds/xds_http_rbac_filter.cc +1 -1
- data/src/core/ext/xds/xds_lb_policy_registry.cc +13 -0
- data/src/core/ext/xds/xds_transport_grpc.cc +1 -1
- data/src/core/lib/channel/call_finalization.h +1 -1
- data/src/core/lib/channel/call_tracer.cc +51 -0
- data/src/core/lib/channel/call_tracer.h +101 -38
- data/src/core/lib/channel/connected_channel.cc +483 -1050
- data/src/core/lib/channel/context.h +8 -1
- data/src/core/lib/channel/promise_based_filter.cc +106 -42
- data/src/core/lib/channel/promise_based_filter.h +27 -13
- data/src/core/lib/channel/server_call_tracer_filter.cc +110 -0
- data/src/core/lib/config/config_vars.cc +151 -0
- data/src/core/lib/config/config_vars.h +127 -0
- data/src/core/lib/config/config_vars_non_generated.cc +51 -0
- data/src/core/lib/config/load_config.cc +66 -0
- data/src/core/lib/config/load_config.h +49 -0
- data/src/core/lib/debug/trace.cc +5 -6
- data/src/core/lib/debug/trace.h +0 -5
- data/src/core/lib/event_engine/event_engine.cc +37 -2
- data/src/core/lib/event_engine/handle_containers.h +7 -22
- data/src/core/lib/event_engine/memory_allocator_factory.h +47 -0
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -4
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +3 -9
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +48 -15
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +8 -8
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +6 -5
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +6 -3
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +27 -18
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +0 -3
- data/src/core/lib/event_engine/resolved_address.cc +2 -1
- data/src/core/lib/event_engine/windows/win_socket.cc +0 -1
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +129 -82
- data/src/core/lib/event_engine/windows/windows_endpoint.h +21 -5
- data/src/core/lib/event_engine/windows/windows_engine.cc +39 -18
- data/src/core/lib/event_engine/windows/windows_engine.h +2 -1
- data/src/core/lib/event_engine/windows/windows_listener.cc +370 -0
- data/src/core/lib/event_engine/windows/windows_listener.h +155 -0
- data/src/core/lib/experiments/config.cc +3 -10
- data/src/core/lib/experiments/experiments.cc +7 -0
- data/src/core/lib/experiments/experiments.h +9 -1
- data/src/core/lib/gpr/log.cc +15 -28
- data/src/core/lib/gprpp/fork.cc +8 -14
- data/src/core/lib/gprpp/orphanable.h +4 -3
- data/src/core/lib/gprpp/per_cpu.h +9 -3
- data/src/core/lib/gprpp/{thd_posix.cc → posix/thd.cc} +49 -37
- data/src/core/lib/gprpp/ref_counted.h +33 -34
- data/src/core/lib/gprpp/thd.h +16 -0
- data/src/core/lib/gprpp/time.cc +1 -0
- data/src/core/lib/gprpp/time.h +4 -4
- data/src/core/lib/gprpp/{thd_windows.cc → windows/thd.cc} +2 -2
- data/src/core/lib/iomgr/call_combiner.h +2 -2
- data/src/core/lib/iomgr/endpoint_cfstream.cc +4 -2
- data/src/core/lib/iomgr/ev_posix.cc +13 -53
- data/src/core/lib/iomgr/ev_posix.h +0 -3
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +103 -76
- data/src/core/lib/iomgr/iomgr.cc +4 -8
- data/src/core/lib/iomgr/iomgr_windows.cc +8 -2
- data/src/core/lib/iomgr/pollset_set_windows.cc +9 -9
- data/src/core/lib/iomgr/pollset_windows.cc +1 -1
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +16 -3
- data/src/core/lib/iomgr/tcp_client_windows.cc +2 -2
- data/src/core/lib/iomgr/tcp_posix.cc +0 -1
- data/src/core/lib/iomgr/tcp_server_posix.cc +5 -16
- data/src/core/lib/iomgr/tcp_server_windows.cc +176 -9
- data/src/core/lib/iomgr/tcp_windows.cc +12 -8
- data/src/core/lib/load_balancing/lb_policy.cc +9 -13
- data/src/core/lib/load_balancing/lb_policy.h +4 -2
- data/src/core/lib/promise/activity.cc +22 -6
- data/src/core/lib/promise/activity.h +61 -24
- data/src/core/lib/promise/cancel_callback.h +77 -0
- data/src/core/lib/promise/detail/basic_seq.h +1 -1
- data/src/core/lib/promise/detail/promise_factory.h +4 -0
- data/src/core/lib/promise/for_each.h +176 -0
- data/src/core/lib/promise/if.h +9 -0
- data/src/core/lib/promise/interceptor_list.h +23 -2
- data/src/core/lib/promise/latch.h +89 -3
- data/src/core/lib/promise/loop.h +13 -9
- data/src/core/lib/promise/map.h +7 -0
- data/src/core/lib/promise/party.cc +286 -0
- data/src/core/lib/promise/party.h +499 -0
- data/src/core/lib/promise/pipe.h +197 -57
- data/src/core/lib/promise/poll.h +48 -0
- data/src/core/lib/promise/promise.h +2 -2
- data/src/core/lib/resource_quota/arena.cc +19 -3
- data/src/core/lib/resource_quota/arena.h +119 -5
- data/src/core/lib/resource_quota/memory_quota.cc +1 -1
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +12 -35
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -59
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -5
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +13 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +2 -0
- data/src/core/lib/security/security_connector/load_system_roots_supported.cc +5 -9
- data/src/core/lib/security/security_connector/ssl_utils.cc +11 -25
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +12 -0
- data/src/core/lib/security/transport/secure_endpoint.cc +4 -2
- data/src/core/lib/security/transport/server_auth_filter.cc +20 -2
- data/src/core/lib/slice/slice.cc +1 -1
- data/src/core/lib/surface/builtins.cc +2 -0
- data/src/core/lib/surface/call.cc +926 -1024
- data/src/core/lib/surface/call.h +10 -0
- data/src/core/lib/surface/lame_client.cc +1 -0
- data/src/core/lib/surface/validate_metadata.cc +42 -43
- data/src/core/lib/surface/validate_metadata.h +0 -9
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/batch_builder.cc +179 -0
- data/src/core/lib/transport/batch_builder.h +468 -0
- data/src/core/lib/transport/bdp_estimator.cc +7 -7
- data/src/core/lib/transport/bdp_estimator.h +10 -6
- data/src/core/lib/transport/custom_metadata.h +30 -0
- data/src/core/lib/transport/metadata_batch.cc +5 -2
- data/src/core/lib/transport/metadata_batch.h +17 -113
- data/src/core/lib/transport/parsed_metadata.h +6 -16
- data/src/core/lib/transport/timeout_encoding.cc +6 -1
- data/src/core/lib/transport/transport.cc +30 -2
- data/src/core/lib/transport/transport.h +70 -14
- data/src/core/lib/transport/transport_impl.h +7 -0
- data/src/core/lib/transport/transport_op_string.cc +52 -42
- data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -2
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +21 -4
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +5 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +1 -1
- data/src/core/tsi/ssl_transport_security.cc +4 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/abseil-cpp/absl/base/config.h +1 -1
- data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +34 -0
- data/third_party/abseil-cpp/absl/flags/commandlineflag.h +200 -0
- data/third_party/abseil-cpp/absl/flags/config.h +68 -0
- data/third_party/abseil-cpp/absl/flags/declare.h +73 -0
- data/third_party/abseil-cpp/absl/flags/flag.cc +38 -0
- data/third_party/abseil-cpp/absl/flags/flag.h +310 -0
- data/{src/core/lib/gprpp/global_config_custom.h → third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc} +11 -14
- data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.h +68 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.cc +615 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +800 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +116 -0
- data/third_party/abseil-cpp/absl/flags/internal/path_util.h +62 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +65 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +61 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +60 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.h +50 -0
- data/third_party/abseil-cpp/absl/flags/internal/registry.h +97 -0
- data/third_party/abseil-cpp/absl/flags/internal/sequence_lock.h +187 -0
- data/third_party/abseil-cpp/absl/flags/marshalling.cc +241 -0
- data/third_party/abseil-cpp/absl/flags/marshalling.h +356 -0
- data/third_party/abseil-cpp/absl/flags/reflection.cc +354 -0
- data/third_party/abseil-cpp/absl/flags/reflection.h +90 -0
- data/third_party/abseil-cpp/absl/flags/usage_config.cc +165 -0
- data/third_party/abseil-cpp/absl/flags/usage_config.h +135 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +12 -8
- data/third_party/boringssl-with-bazel/err_data.c +728 -712
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +177 -177
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +28 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +21 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +20 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +66 -185
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +18 -21
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +356 -311
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +174 -194
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +146 -210
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +6 -9
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +346 -526
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +110 -131
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +130 -116
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +93 -60
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +93 -181
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +242 -305
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +41 -18
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +30 -33
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +36 -33
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +29 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +133 -88
- data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +230 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +791 -791
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +526 -526
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +114 -135
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +201 -207
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +21 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +55 -68
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +11 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +15 -9
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +17 -10
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -13
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +9 -5
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +10 -23
- data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +2 -6
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +29 -28
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +161 -201
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +254 -39
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +37 -75
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +8 -10
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/cipher → cipher_extra}/e_des.c +100 -78
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +6 -12
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +14 -11
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +6 -10
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +12 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +74 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +62 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-fuchsia.c → cpu_aarch64_fuchsia.c} +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-linux.c → cpu_aarch64_linux.c} +6 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-win.c → cpu_aarch64_win.c} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm.c → cpu_arm.c} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +55 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.c → cpu_arm_linux.c} +11 -90
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.h → cpu_arm_linux.h} +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-intel.c → cpu_intel.c} +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +25 -20
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +16 -27
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +17 -32
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/des.c +232 -232
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +232 -29
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +39 -16
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +37 -7
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +11 -36
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +214 -99
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +21 -5
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +83 -60
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +46 -12
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +25 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +43 -9
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +75 -44
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +19 -25
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +96 -45
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +26 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +233 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +42 -25
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +35 -47
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +135 -244
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +15 -10
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +29 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +13 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +3 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +13 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +9 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +35 -27
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +16 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +88 -60
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +99 -113
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +112 -168
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +86 -31
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +11 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +13 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +13 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +19 -108
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +19 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +15 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +22 -21
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +79 -19
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +102 -99
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → fipsmodule/cipher}/e_aesccm.c +52 -46
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +39 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cmac → fipsmodule/cmac}/cmac.c +55 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +21 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +56 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/{evp → fipsmodule/digestsign}/digestsign.c +51 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +25 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +91 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +34 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +54 -23
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +44 -60
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64-table.h → p256-nistz-table.h} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.c → p256-nistz.c} +60 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.h → p256-nistz.h} +5 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +48 -36
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +2 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +2 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +42 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +6 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +52 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +9 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +71 -43
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +14 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +31 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +16 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +9 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +73 -59
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -45
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +22 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +63 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +107 -62
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +58 -31
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +523 -422
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +89 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +334 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +3 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +12 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +14 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +19 -6
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +32 -14
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +65 -29
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +373 -18
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +61 -0
- data/third_party/boringssl-with-bazel/src/crypto/kyber/keccak.c +205 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +13 -1
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +220 -13
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -7
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +13 -1
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +81 -90
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +150 -245
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +629 -613
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +17 -17
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +142 -149
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +99 -131
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -66
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +31 -38
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +18 -31
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +8 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +129 -5
- data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +8 -11
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +61 -27
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +66 -34
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +190 -77
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +81 -284
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +109 -42
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +22 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +54 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +32 -34
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +32 -16
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +465 -704
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +284 -331
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +183 -178
- data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +67 -50
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +153 -150
- data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +786 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +95 -102
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +72 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +12 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +227 -252
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +52 -47
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +230 -224
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +161 -327
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +37 -33
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +14 -31
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +55 -85
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +534 -618
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +129 -122
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +116 -182
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +132 -132
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +181 -202
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +64 -79
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +175 -160
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1865 -2050
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +433 -462
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +156 -163
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +267 -263
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +40 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +59 -63
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +63 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +114 -144
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +25 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +326 -415
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +30 -28
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +354 -370
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +37 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +116 -119
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +36 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +419 -261
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +113 -105
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +78 -170
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +126 -131
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +465 -469
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +56 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +46 -49
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +309 -346
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +341 -365
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +429 -393
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +29 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +65 -59
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +125 -121
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +43 -42
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +122 -125
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +50 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +247 -253
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +386 -389
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +45 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +57 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +63 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +143 -136
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +664 -707
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +83 -75
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1062 -1146
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +8 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +28 -48
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +211 -187
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +26 -78
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +19 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +21 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +49 -17
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +99 -29
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +49 -60
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +2 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +16 -200
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +34 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +82 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +32 -30
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +7 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +48 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +37 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +33 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +22 -30
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +7 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +41 -16
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +91 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +74 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +13 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +11 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +8 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +12 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +7 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +96 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +13 -21
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +139 -75
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +384 -286
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +5 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/time.h +41 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +18 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +49 -23
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +0 -11
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1592 -1074
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +202 -205
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +6 -13
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +17 -18
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +4 -5
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +25 -33
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +34 -20
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +65 -34
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +198 -54
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +5 -5
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +32 -28
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +76 -44
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +130 -98
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +27 -11
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +91 -75
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +8 -10
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +39 -65
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +5 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +30 -33
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +77 -100
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +120 -107
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +164 -30
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +150 -60
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +22 -11
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +22 -6
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +15 -13
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +5 -43
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +7 -4
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +22 -34
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +16 -98
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +1241 -657
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +751 -398
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3551 -1938
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1272 -487
- metadata +103 -70
- data/src/core/ext/filters/client_channel/lb_call_state_internal.h +0 -39
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +0 -30
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +0 -29
- data/src/core/lib/gprpp/global_config.h +0 -93
- data/src/core/lib/gprpp/global_config_env.cc +0 -140
- data/src/core/lib/gprpp/global_config_env.h +0 -133
- data/src/core/lib/gprpp/global_config_generic.h +0 -40
- data/src/core/lib/promise/intra_activity_waiter.h +0 -55
- data/src/core/lib/security/security_connector/ssl_utils_config.cc +0 -32
- data/src/core/lib/security/security_connector/ssl_utils_config.h +0 -29
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +0 -195
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +0 -83
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +0 -236
- data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +0 -15
- data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +0 -206
- data/third_party/boringssl-with-bazel/src/crypto/cpu-ppc64le.c +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +0 -361
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +0 -287
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +0 -132
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +0 -155
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +0 -131
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +0 -189
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +0 -843
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +0 -289
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +0 -57
- /data/src/core/lib/gpr/{log_android.cc → android/log.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_iphone.cc → iphone/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_linux.cc → linux/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_linux.cc → linux/log.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_msys.cc → msys/tmpfile.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_posix.cc → posix/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_posix.cc → posix/log.cc} +0 -0
- /data/src/core/lib/gpr/{string_posix.cc → posix/string.cc} +0 -0
- /data/src/core/lib/gpr/{sync_posix.cc → posix/sync.cc} +0 -0
- /data/src/core/lib/gpr/{time_posix.cc → posix/time.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_posix.cc → posix/tmpfile.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_windows.cc → windows/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_windows.cc → windows/log.cc} +0 -0
- /data/src/core/lib/gpr/{string_windows.cc → windows/string.cc} +0 -0
- /data/src/core/lib/gpr/{string_util_windows.cc → windows/string_util.cc} +0 -0
- /data/src/core/lib/gpr/{sync_windows.cc → windows/sync.cc} +0 -0
- /data/src/core/lib/gpr/{time_windows.cc → windows/time.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_windows.cc → windows/tmpfile.cc} +0 -0
- /data/src/core/lib/gprpp/{env_linux.cc → linux/env.cc} +0 -0
- /data/src/core/lib/gprpp/{env_posix.cc → posix/env.cc} +0 -0
- /data/src/core/lib/gprpp/{stat_posix.cc → posix/stat.cc} +0 -0
- /data/src/core/lib/gprpp/{env_windows.cc → windows/env.cc} +0 -0
- /data/src/core/lib/gprpp/{stat_windows.cc → windows/stat.cc} +0 -0
|
@@ -0,0 +1,205 @@
|
|
|
1
|
+
/* Copyright (c) 2023, Google Inc.
|
|
2
|
+
*
|
|
3
|
+
* Permission to use, copy, modify, and/or distribute this software for any
|
|
4
|
+
* purpose with or without fee is hereby granted, provided that the above
|
|
5
|
+
* copyright notice and this permission notice appear in all copies.
|
|
6
|
+
*
|
|
7
|
+
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
8
|
+
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
9
|
+
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
|
|
10
|
+
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
11
|
+
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
|
|
12
|
+
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
|
13
|
+
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
|
|
14
|
+
|
|
15
|
+
#include <openssl/base.h>
|
|
16
|
+
|
|
17
|
+
#include <assert.h>
|
|
18
|
+
#include <stdlib.h>
|
|
19
|
+
|
|
20
|
+
#include "../internal.h"
|
|
21
|
+
#include "./internal.h"
|
|
22
|
+
|
|
23
|
+
|
|
24
|
+
// keccak_f implements the Keccak-1600 permutation as described at
|
|
25
|
+
// https://keccak.team/keccak_specs_summary.html. Each lane is represented as a
|
|
26
|
+
// 64-bit value and the 5×5 lanes are stored as an array in row-major order.
|
|
27
|
+
static void keccak_f(uint64_t state[25]) {
|
|
28
|
+
static const int kNumRounds = 24;
|
|
29
|
+
for (int round = 0; round < kNumRounds; round++) {
|
|
30
|
+
// θ step
|
|
31
|
+
uint64_t c[5];
|
|
32
|
+
for (int x = 0; x < 5; x++) {
|
|
33
|
+
c[x] = state[x] ^ state[x + 5] ^ state[x + 10] ^ state[x + 15] ^
|
|
34
|
+
state[x + 20];
|
|
35
|
+
}
|
|
36
|
+
|
|
37
|
+
for (int x = 0; x < 5; x++) {
|
|
38
|
+
const uint64_t d = c[(x + 4) % 5] ^ CRYPTO_rotl_u64(c[(x + 1) % 5], 1);
|
|
39
|
+
for (int y = 0; y < 5; y++) {
|
|
40
|
+
state[y * 5 + x] ^= d;
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
|
|
44
|
+
// ρ and π steps.
|
|
45
|
+
//
|
|
46
|
+
// These steps involve a mapping of the state matrix. Each input point,
|
|
47
|
+
// (x,y), is rotated and written to the point (y, 2x + 3y). In the Keccak
|
|
48
|
+
// pseudo-code a separate array is used because an in-place operation would
|
|
49
|
+
// overwrite some values that are subsequently needed. However, the mapping
|
|
50
|
+
// forms a trail through 24 of the 25 values so we can do it in place with
|
|
51
|
+
// only a single temporary variable.
|
|
52
|
+
//
|
|
53
|
+
// Start with (1, 0). The value here will be mapped and end up at (0, 2).
|
|
54
|
+
// That value will end up at (2, 1), then (1, 2), and so on. After 24
|
|
55
|
+
// steps, 24 of the 25 values have been hit (as this mapping is injective)
|
|
56
|
+
// and the sequence will repeat. All that remains is to handle the element
|
|
57
|
+
// at (0, 0), but the rotation for that element is zero, and it goes to (0,
|
|
58
|
+
// 0), so we can ignore it.
|
|
59
|
+
int pi_x = 1, pi_y = 0;
|
|
60
|
+
uint64_t prev_value = state[1];
|
|
61
|
+
int pi_rot = 1;
|
|
62
|
+
for (int i = 1; i < 25; i++) {
|
|
63
|
+
const int out_x = pi_y;
|
|
64
|
+
const int out_y = (2 * pi_x + 3 * pi_y) % 5;
|
|
65
|
+
const int index = out_y * 5 + out_x;
|
|
66
|
+
const uint64_t t = state[index];
|
|
67
|
+
state[index] = CRYPTO_rotl_u64(prev_value, pi_rot);
|
|
68
|
+
pi_rot = (pi_rot + i + 1) % 64;
|
|
69
|
+
prev_value = t;
|
|
70
|
+
pi_x = out_x;
|
|
71
|
+
pi_y = out_y;
|
|
72
|
+
}
|
|
73
|
+
|
|
74
|
+
// χ step
|
|
75
|
+
for (int y = 0; y < 5; y++) {
|
|
76
|
+
const int row_index = 5 * y;
|
|
77
|
+
const uint64_t orig_x0 = state[row_index];
|
|
78
|
+
const uint64_t orig_x1 = state[row_index + 1];
|
|
79
|
+
state[row_index] ^= ~orig_x1 & state[row_index + 2];
|
|
80
|
+
state[row_index + 1] ^= ~state[row_index + 2] & state[row_index + 3];
|
|
81
|
+
state[row_index + 2] ^= ~state[row_index + 3] & state[row_index + 4];
|
|
82
|
+
state[row_index + 3] ^= ~state[row_index + 4] & orig_x0;
|
|
83
|
+
state[row_index + 4] ^= ~orig_x0 & orig_x1;
|
|
84
|
+
}
|
|
85
|
+
|
|
86
|
+
// ι step
|
|
87
|
+
//
|
|
88
|
+
// From https://keccak.team/files/Keccak-reference-3.0.pdf, section
|
|
89
|
+
// 1.2, the round constants are based on the output of a LFSR. Thus, as
|
|
90
|
+
// suggested in the appendix of of
|
|
91
|
+
// https://keccak.team/keccak_specs_summary.html, the values are
|
|
92
|
+
// simply encoded here.
|
|
93
|
+
static const uint64_t kRoundConstants[24] = {
|
|
94
|
+
0x0000000000000001, 0x0000000000008082, 0x800000000000808a,
|
|
95
|
+
0x8000000080008000, 0x000000000000808b, 0x0000000080000001,
|
|
96
|
+
0x8000000080008081, 0x8000000000008009, 0x000000000000008a,
|
|
97
|
+
0x0000000000000088, 0x0000000080008009, 0x000000008000000a,
|
|
98
|
+
0x000000008000808b, 0x800000000000008b, 0x8000000000008089,
|
|
99
|
+
0x8000000000008003, 0x8000000000008002, 0x8000000000000080,
|
|
100
|
+
0x000000000000800a, 0x800000008000000a, 0x8000000080008081,
|
|
101
|
+
0x8000000000008080, 0x0000000080000001, 0x8000000080008008,
|
|
102
|
+
};
|
|
103
|
+
|
|
104
|
+
state[0] ^= kRoundConstants[round];
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
|
|
108
|
+
static void keccak_init(struct BORINGSSL_keccak_st *ctx,
|
|
109
|
+
size_t *out_required_out_len, const uint8_t *in,
|
|
110
|
+
size_t in_len, enum boringssl_keccak_config_t config) {
|
|
111
|
+
size_t capacity_bytes;
|
|
112
|
+
uint8_t terminator;
|
|
113
|
+
switch (config) {
|
|
114
|
+
case boringssl_sha3_256:
|
|
115
|
+
capacity_bytes = 512 / 8;
|
|
116
|
+
*out_required_out_len = 32;
|
|
117
|
+
terminator = 0x06;
|
|
118
|
+
break;
|
|
119
|
+
case boringssl_sha3_512:
|
|
120
|
+
capacity_bytes = 1024 / 8;
|
|
121
|
+
*out_required_out_len = 64;
|
|
122
|
+
terminator = 0x06;
|
|
123
|
+
break;
|
|
124
|
+
case boringssl_shake128:
|
|
125
|
+
capacity_bytes = 256 / 8;
|
|
126
|
+
*out_required_out_len = 0;
|
|
127
|
+
terminator = 0x1f;
|
|
128
|
+
break;
|
|
129
|
+
case boringssl_shake256:
|
|
130
|
+
capacity_bytes = 512 / 8;
|
|
131
|
+
*out_required_out_len = 0;
|
|
132
|
+
terminator = 0x1f;
|
|
133
|
+
break;
|
|
134
|
+
default:
|
|
135
|
+
abort();
|
|
136
|
+
}
|
|
137
|
+
|
|
138
|
+
OPENSSL_memset(ctx, 0, sizeof(*ctx));
|
|
139
|
+
ctx->rate_bytes = 200 - capacity_bytes;
|
|
140
|
+
assert(ctx->rate_bytes % 8 == 0);
|
|
141
|
+
const size_t rate_words = ctx->rate_bytes / 8;
|
|
142
|
+
|
|
143
|
+
while (in_len >= ctx->rate_bytes) {
|
|
144
|
+
for (size_t i = 0; i < rate_words; i++) {
|
|
145
|
+
ctx->state[i] ^= CRYPTO_load_u64_le(in + 8 * i);
|
|
146
|
+
}
|
|
147
|
+
keccak_f(ctx->state);
|
|
148
|
+
in += ctx->rate_bytes;
|
|
149
|
+
in_len -= ctx->rate_bytes;
|
|
150
|
+
}
|
|
151
|
+
|
|
152
|
+
// XOR the final block. Accessing |ctx->state| as a |uint8_t*| is allowed by
|
|
153
|
+
// strict aliasing because we require |uint8_t| to be a character type.
|
|
154
|
+
uint8_t *state_bytes = (uint8_t *)ctx->state;
|
|
155
|
+
assert(in_len < ctx->rate_bytes);
|
|
156
|
+
for (size_t i = 0; i < in_len; i++) {
|
|
157
|
+
state_bytes[i] ^= in[i];
|
|
158
|
+
}
|
|
159
|
+
state_bytes[in_len] ^= terminator;
|
|
160
|
+
state_bytes[ctx->rate_bytes - 1] ^= 0x80;
|
|
161
|
+
keccak_f(ctx->state);
|
|
162
|
+
}
|
|
163
|
+
|
|
164
|
+
void BORINGSSL_keccak(uint8_t *out, size_t out_len, const uint8_t *in,
|
|
165
|
+
size_t in_len, enum boringssl_keccak_config_t config) {
|
|
166
|
+
struct BORINGSSL_keccak_st ctx;
|
|
167
|
+
size_t required_out_len;
|
|
168
|
+
keccak_init(&ctx, &required_out_len, in, in_len, config);
|
|
169
|
+
if (required_out_len != 0 && out_len != required_out_len) {
|
|
170
|
+
abort();
|
|
171
|
+
}
|
|
172
|
+
BORINGSSL_keccak_squeeze(&ctx, out, out_len);
|
|
173
|
+
}
|
|
174
|
+
|
|
175
|
+
void BORINGSSL_keccak_init(struct BORINGSSL_keccak_st *ctx, const uint8_t *in,
|
|
176
|
+
size_t in_len,
|
|
177
|
+
enum boringssl_keccak_config_t config) {
|
|
178
|
+
size_t required_out_len;
|
|
179
|
+
keccak_init(ctx, &required_out_len, in, in_len, config);
|
|
180
|
+
if (required_out_len != 0) {
|
|
181
|
+
abort();
|
|
182
|
+
}
|
|
183
|
+
}
|
|
184
|
+
|
|
185
|
+
void BORINGSSL_keccak_squeeze(struct BORINGSSL_keccak_st *ctx, uint8_t *out,
|
|
186
|
+
size_t out_len) {
|
|
187
|
+
// Accessing |ctx->state| as a |uint8_t*| is allowed by strict aliasing
|
|
188
|
+
// because we require |uint8_t| to be a character type.
|
|
189
|
+
const uint8_t *state_bytes = (const uint8_t *)ctx->state;
|
|
190
|
+
while (out_len) {
|
|
191
|
+
size_t remaining = ctx->rate_bytes - ctx->offset;
|
|
192
|
+
size_t todo = out_len;
|
|
193
|
+
if (todo > remaining) {
|
|
194
|
+
todo = remaining;
|
|
195
|
+
}
|
|
196
|
+
OPENSSL_memcpy(out, &state_bytes[ctx->offset], todo);
|
|
197
|
+
out += todo;
|
|
198
|
+
out_len -= todo;
|
|
199
|
+
ctx->offset += todo;
|
|
200
|
+
if (ctx->offset == ctx->rate_bytes) {
|
|
201
|
+
keccak_f(ctx->state);
|
|
202
|
+
ctx->offset = 0;
|
|
203
|
+
}
|
|
204
|
+
}
|
|
205
|
+
}
|
|
@@ -157,6 +157,16 @@ OPENSSL_EXPORT void OPENSSL_lh_doall_arg(_LHASH *lh,
|
|
|
157
157
|
void *arg);
|
|
158
158
|
|
|
159
159
|
#define DEFINE_LHASH_OF(type) \
|
|
160
|
+
/* We disable MSVC C4191 in this macro, which warns when pointers are cast \
|
|
161
|
+
* to the wrong type. While the cast itself is valid, it is often a bug \
|
|
162
|
+
* because calling it through the cast is UB. However, we never actually \
|
|
163
|
+
* call functions as |lhash_cmp_func|. The type is just a type-erased \
|
|
164
|
+
* function pointer. (C does not guarantee function pointers fit in \
|
|
165
|
+
* |void*|, and GCC will warn on this.) Thus we just disable the false \
|
|
166
|
+
* positive warning. */ \
|
|
167
|
+
OPENSSL_MSVC_PRAGMA(warning(push)) \
|
|
168
|
+
OPENSSL_MSVC_PRAGMA(warning(disable : 4191)) \
|
|
169
|
+
\
|
|
160
170
|
DECLARE_LHASH_OF(type) \
|
|
161
171
|
\
|
|
162
172
|
typedef int (*lhash_##type##_cmp_func)(const type *, const type *); \
|
|
@@ -243,7 +253,9 @@ OPENSSL_EXPORT void OPENSSL_lh_doall_arg(_LHASH *lh,
|
|
|
243
253
|
LHASH_OF(type) *lh, void (*func)(type *, void *), void *arg) { \
|
|
244
254
|
LHASH_DOALL_##type cb = {func, arg}; \
|
|
245
255
|
OPENSSL_lh_doall_arg((_LHASH *)lh, lh_##type##_call_doall_arg, &cb); \
|
|
246
|
-
}
|
|
256
|
+
} \
|
|
257
|
+
\
|
|
258
|
+
OPENSSL_MSVC_PRAGMA(warning(pop))
|
|
247
259
|
|
|
248
260
|
|
|
249
261
|
#if defined(__cplusplus)
|
|
@@ -57,8 +57,11 @@
|
|
|
57
57
|
#include <openssl/mem.h>
|
|
58
58
|
|
|
59
59
|
#include <assert.h>
|
|
60
|
+
#include <errno.h>
|
|
61
|
+
#include <limits.h>
|
|
60
62
|
#include <stdarg.h>
|
|
61
63
|
#include <stdio.h>
|
|
64
|
+
#include <stdlib.h>
|
|
62
65
|
|
|
63
66
|
#include <openssl/err.h>
|
|
64
67
|
|
|
@@ -68,12 +71,17 @@ OPENSSL_MSVC_PRAGMA(warning(push, 3))
|
|
|
68
71
|
OPENSSL_MSVC_PRAGMA(warning(pop))
|
|
69
72
|
#endif
|
|
70
73
|
|
|
74
|
+
#if defined(BORINGSSL_MALLOC_FAILURE_TESTING)
|
|
75
|
+
#include <errno.h>
|
|
76
|
+
#include <signal.h>
|
|
77
|
+
#include <unistd.h>
|
|
78
|
+
#endif
|
|
79
|
+
|
|
71
80
|
#include "internal.h"
|
|
72
81
|
|
|
73
82
|
|
|
74
83
|
#define OPENSSL_MALLOC_PREFIX 8
|
|
75
|
-
|
|
76
|
-
"size_t too large");
|
|
84
|
+
static_assert(OPENSSL_MALLOC_PREFIX >= sizeof(size_t), "size_t too large");
|
|
77
85
|
|
|
78
86
|
#if defined(OPENSSL_ASAN)
|
|
79
87
|
void __asan_poison_memory_region(const volatile void *addr, size_t size);
|
|
@@ -121,7 +129,7 @@ WEAK_SYMBOL_FUNC(void, sdallocx, (void *ptr, size_t size, int flags));
|
|
|
121
129
|
// primitives used must tolerate every other synchronization primitive linked
|
|
122
130
|
// into the process, including pthreads locks. Failing to meet these constraints
|
|
123
131
|
// may result in deadlocks, crashes, or memory corruption.
|
|
124
|
-
WEAK_SYMBOL_FUNC(void*, OPENSSL_memory_alloc, (size_t size));
|
|
132
|
+
WEAK_SYMBOL_FUNC(void *, OPENSSL_memory_alloc, (size_t size));
|
|
125
133
|
WEAK_SYMBOL_FUNC(void, OPENSSL_memory_free, (void *ptr));
|
|
126
134
|
WEAK_SYMBOL_FUNC(size_t, OPENSSL_memory_get_size, (void *ptr));
|
|
127
135
|
|
|
@@ -129,17 +137,107 @@ WEAK_SYMBOL_FUNC(size_t, OPENSSL_memory_get_size, (void *ptr));
|
|
|
129
137
|
// are linking in BoringSSL and, roughly, what version they are using.
|
|
130
138
|
static const uint8_t kBoringSSLBinaryTag[18] = {
|
|
131
139
|
// 16 bytes of magic tag.
|
|
132
|
-
0x8c,
|
|
133
|
-
|
|
140
|
+
0x8c,
|
|
141
|
+
0x62,
|
|
142
|
+
0x20,
|
|
143
|
+
0x0b,
|
|
144
|
+
0xd2,
|
|
145
|
+
0xa0,
|
|
146
|
+
0x72,
|
|
147
|
+
0x58,
|
|
148
|
+
0x44,
|
|
149
|
+
0xa8,
|
|
150
|
+
0x96,
|
|
151
|
+
0x69,
|
|
152
|
+
0xad,
|
|
153
|
+
0x55,
|
|
154
|
+
0x7e,
|
|
155
|
+
0xec,
|
|
134
156
|
// Current source iteration. Incremented ~monthly.
|
|
135
|
-
|
|
157
|
+
3,
|
|
158
|
+
0,
|
|
136
159
|
};
|
|
137
160
|
|
|
161
|
+
#if defined(BORINGSSL_MALLOC_FAILURE_TESTING)
|
|
162
|
+
static struct CRYPTO_STATIC_MUTEX malloc_failure_lock =
|
|
163
|
+
CRYPTO_STATIC_MUTEX_INIT;
|
|
164
|
+
static uint64_t current_malloc_count = 0;
|
|
165
|
+
static uint64_t malloc_number_to_fail = 0;
|
|
166
|
+
static int malloc_failure_enabled = 0, break_on_malloc_fail = 0,
|
|
167
|
+
any_malloc_failed = 0;
|
|
168
|
+
|
|
169
|
+
static void malloc_exit_handler(void) {
|
|
170
|
+
CRYPTO_STATIC_MUTEX_lock_read(&malloc_failure_lock);
|
|
171
|
+
if (any_malloc_failed) {
|
|
172
|
+
// Signal to the test driver that some allocation failed, so it knows to
|
|
173
|
+
// increment the counter and continue.
|
|
174
|
+
_exit(88);
|
|
175
|
+
}
|
|
176
|
+
CRYPTO_STATIC_MUTEX_unlock_read(&malloc_failure_lock);
|
|
177
|
+
}
|
|
178
|
+
|
|
179
|
+
static void init_malloc_failure(void) {
|
|
180
|
+
const char *env = getenv("MALLOC_NUMBER_TO_FAIL");
|
|
181
|
+
if (env != NULL && env[0] != 0) {
|
|
182
|
+
char *endptr;
|
|
183
|
+
malloc_number_to_fail = strtoull(env, &endptr, 10);
|
|
184
|
+
if (*endptr == 0) {
|
|
185
|
+
malloc_failure_enabled = 1;
|
|
186
|
+
atexit(malloc_exit_handler);
|
|
187
|
+
}
|
|
188
|
+
}
|
|
189
|
+
break_on_malloc_fail = getenv("MALLOC_BREAK_ON_FAIL") != NULL;
|
|
190
|
+
}
|
|
191
|
+
|
|
192
|
+
// should_fail_allocation returns one if the current allocation should fail and
|
|
193
|
+
// zero otherwise.
|
|
194
|
+
static int should_fail_allocation() {
|
|
195
|
+
static CRYPTO_once_t once = CRYPTO_ONCE_INIT;
|
|
196
|
+
CRYPTO_once(&once, init_malloc_failure);
|
|
197
|
+
if (!malloc_failure_enabled) {
|
|
198
|
+
return 0;
|
|
199
|
+
}
|
|
200
|
+
|
|
201
|
+
// We lock just so multi-threaded tests are still correct, but we won't test
|
|
202
|
+
// every malloc exhaustively.
|
|
203
|
+
CRYPTO_STATIC_MUTEX_lock_write(&malloc_failure_lock);
|
|
204
|
+
int should_fail = current_malloc_count == malloc_number_to_fail;
|
|
205
|
+
current_malloc_count++;
|
|
206
|
+
any_malloc_failed = any_malloc_failed || should_fail;
|
|
207
|
+
CRYPTO_STATIC_MUTEX_unlock_write(&malloc_failure_lock);
|
|
208
|
+
|
|
209
|
+
if (should_fail && break_on_malloc_fail) {
|
|
210
|
+
raise(SIGTRAP);
|
|
211
|
+
}
|
|
212
|
+
if (should_fail) {
|
|
213
|
+
errno = ENOMEM;
|
|
214
|
+
}
|
|
215
|
+
return should_fail;
|
|
216
|
+
}
|
|
217
|
+
|
|
218
|
+
void OPENSSL_reset_malloc_counter_for_testing(void) {
|
|
219
|
+
CRYPTO_STATIC_MUTEX_lock_write(&malloc_failure_lock);
|
|
220
|
+
current_malloc_count = 0;
|
|
221
|
+
CRYPTO_STATIC_MUTEX_unlock_write(&malloc_failure_lock);
|
|
222
|
+
}
|
|
223
|
+
|
|
224
|
+
#else
|
|
225
|
+
static int should_fail_allocation(void) { return 0; }
|
|
226
|
+
#endif
|
|
227
|
+
|
|
138
228
|
void *OPENSSL_malloc(size_t size) {
|
|
229
|
+
if (should_fail_allocation()) {
|
|
230
|
+
goto err;
|
|
231
|
+
}
|
|
232
|
+
|
|
139
233
|
if (OPENSSL_memory_alloc != NULL) {
|
|
140
234
|
assert(OPENSSL_memory_free != NULL);
|
|
141
235
|
assert(OPENSSL_memory_get_size != NULL);
|
|
142
|
-
|
|
236
|
+
void *ptr = OPENSSL_memory_alloc(size);
|
|
237
|
+
if (ptr == NULL && size != 0) {
|
|
238
|
+
goto err;
|
|
239
|
+
}
|
|
240
|
+
return ptr;
|
|
143
241
|
}
|
|
144
242
|
|
|
145
243
|
if (size + OPENSSL_MALLOC_PREFIX < size) {
|
|
@@ -151,18 +249,23 @@ void *OPENSSL_malloc(size_t size) {
|
|
|
151
249
|
// rare code path.
|
|
152
250
|
uint8_t unused = *(volatile uint8_t *)kBoringSSLBinaryTag;
|
|
153
251
|
(void) unused;
|
|
154
|
-
|
|
252
|
+
goto err;
|
|
155
253
|
}
|
|
156
254
|
|
|
157
255
|
void *ptr = malloc(size + OPENSSL_MALLOC_PREFIX);
|
|
158
256
|
if (ptr == NULL) {
|
|
159
|
-
|
|
257
|
+
goto err;
|
|
160
258
|
}
|
|
161
259
|
|
|
162
260
|
*(size_t *)ptr = size;
|
|
163
261
|
|
|
164
262
|
__asan_poison_memory_region(ptr, OPENSSL_MALLOC_PREFIX);
|
|
165
263
|
return ((uint8_t *)ptr) + OPENSSL_MALLOC_PREFIX;
|
|
264
|
+
|
|
265
|
+
err:
|
|
266
|
+
// This only works because ERR does not call OPENSSL_malloc.
|
|
267
|
+
OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE);
|
|
268
|
+
return NULL;
|
|
166
269
|
}
|
|
167
270
|
|
|
168
271
|
void OPENSSL_free(void *orig_ptr) {
|
|
@@ -180,11 +283,18 @@ void OPENSSL_free(void *orig_ptr) {
|
|
|
180
283
|
|
|
181
284
|
size_t size = *(size_t *)ptr;
|
|
182
285
|
OPENSSL_cleanse(ptr, size + OPENSSL_MALLOC_PREFIX);
|
|
286
|
+
|
|
287
|
+
// ASan knows to intercept malloc and free, but not sdallocx.
|
|
288
|
+
#if defined(OPENSSL_ASAN)
|
|
289
|
+
(void)sdallocx;
|
|
290
|
+
free(ptr);
|
|
291
|
+
#else
|
|
183
292
|
if (sdallocx) {
|
|
184
293
|
sdallocx(ptr, size + OPENSSL_MALLOC_PREFIX, 0 /* flags */);
|
|
185
294
|
} else {
|
|
186
295
|
free(ptr);
|
|
187
296
|
}
|
|
297
|
+
#endif
|
|
188
298
|
}
|
|
189
299
|
|
|
190
300
|
void *OPENSSL_realloc(void *orig_ptr, size_t new_size) {
|
|
@@ -233,8 +343,18 @@ void OPENSSL_cleanse(void *ptr, size_t len) {
|
|
|
233
343
|
#endif // !OPENSSL_NO_ASM
|
|
234
344
|
}
|
|
235
345
|
|
|
236
|
-
void OPENSSL_clear_free(void *ptr, size_t unused) {
|
|
237
|
-
|
|
346
|
+
void OPENSSL_clear_free(void *ptr, size_t unused) { OPENSSL_free(ptr); }
|
|
347
|
+
|
|
348
|
+
int CRYPTO_secure_malloc_init(size_t size, size_t min_size) { return 0; }
|
|
349
|
+
|
|
350
|
+
int CRYPTO_secure_malloc_initialized(void) { return 0; }
|
|
351
|
+
|
|
352
|
+
size_t CRYPTO_secure_used(void) { return 0; }
|
|
353
|
+
|
|
354
|
+
void *OPENSSL_secure_malloc(size_t size) { return OPENSSL_malloc(size); }
|
|
355
|
+
|
|
356
|
+
void OPENSSL_secure_clear_free(void *ptr, size_t len) {
|
|
357
|
+
OPENSSL_clear_free(ptr, len);
|
|
238
358
|
}
|
|
239
359
|
|
|
240
360
|
int CRYPTO_memcmp(const void *in_a, const void *in_b, size_t len) {
|
|
@@ -290,6 +410,34 @@ char *OPENSSL_strdup(const char *s) {
|
|
|
290
410
|
return ret;
|
|
291
411
|
}
|
|
292
412
|
|
|
413
|
+
int OPENSSL_isalpha(int c) {
|
|
414
|
+
return (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z');
|
|
415
|
+
}
|
|
416
|
+
|
|
417
|
+
int OPENSSL_isdigit(int c) { return c >= '0' && c <= '9'; }
|
|
418
|
+
|
|
419
|
+
int OPENSSL_isxdigit(int c) {
|
|
420
|
+
return OPENSSL_isdigit(c) || (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F');
|
|
421
|
+
}
|
|
422
|
+
|
|
423
|
+
int OPENSSL_fromxdigit(uint8_t *out, int c) {
|
|
424
|
+
if (OPENSSL_isdigit(c)) {
|
|
425
|
+
*out = c - '0';
|
|
426
|
+
return 1;
|
|
427
|
+
}
|
|
428
|
+
if ('a' <= c && c <= 'f') {
|
|
429
|
+
*out = c - 'a' + 10;
|
|
430
|
+
return 1;
|
|
431
|
+
}
|
|
432
|
+
if ('A' <= c && c <= 'F') {
|
|
433
|
+
*out = c - 'A' + 10;
|
|
434
|
+
return 1;
|
|
435
|
+
}
|
|
436
|
+
return 0;
|
|
437
|
+
}
|
|
438
|
+
|
|
439
|
+
int OPENSSL_isalnum(int c) { return OPENSSL_isalpha(c) || OPENSSL_isdigit(c); }
|
|
440
|
+
|
|
293
441
|
int OPENSSL_tolower(int c) {
|
|
294
442
|
if (c >= 'A' && c <= 'Z') {
|
|
295
443
|
return c + ('a' - 'A');
|
|
@@ -297,6 +445,11 @@ int OPENSSL_tolower(int c) {
|
|
|
297
445
|
return c;
|
|
298
446
|
}
|
|
299
447
|
|
|
448
|
+
int OPENSSL_isspace(int c) {
|
|
449
|
+
return c == '\t' || c == '\n' || c == '\v' || c == '\f' || c == '\r' ||
|
|
450
|
+
c == ' ';
|
|
451
|
+
}
|
|
452
|
+
|
|
300
453
|
int OPENSSL_strcasecmp(const char *a, const char *b) {
|
|
301
454
|
for (size_t i = 0;; i++) {
|
|
302
455
|
const int aa = OPENSSL_tolower(a[i]);
|
|
@@ -341,6 +494,62 @@ int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) {
|
|
|
341
494
|
return vsnprintf(buf, n, format, args);
|
|
342
495
|
}
|
|
343
496
|
|
|
497
|
+
int OPENSSL_vasprintf_internal(char **str, const char *format, va_list args,
|
|
498
|
+
int system_malloc) {
|
|
499
|
+
void *(*allocate)(size_t) = system_malloc ? malloc : OPENSSL_malloc;
|
|
500
|
+
void (*deallocate)(void *) = system_malloc ? free : OPENSSL_free;
|
|
501
|
+
void *(*reallocate)(void *, size_t) =
|
|
502
|
+
system_malloc ? realloc : OPENSSL_realloc;
|
|
503
|
+
char *candidate = NULL;
|
|
504
|
+
size_t candidate_len = 64; // TODO(bbe) what's the best initial size?
|
|
505
|
+
|
|
506
|
+
if ((candidate = allocate(candidate_len)) == NULL) {
|
|
507
|
+
goto err;
|
|
508
|
+
}
|
|
509
|
+
va_list args_copy;
|
|
510
|
+
va_copy(args_copy, args);
|
|
511
|
+
int ret = vsnprintf(candidate, candidate_len, format, args_copy);
|
|
512
|
+
va_end(args_copy);
|
|
513
|
+
if (ret < 0) {
|
|
514
|
+
goto err;
|
|
515
|
+
}
|
|
516
|
+
if ((size_t)ret >= candidate_len) {
|
|
517
|
+
// Too big to fit in allocation.
|
|
518
|
+
char *tmp;
|
|
519
|
+
|
|
520
|
+
candidate_len = (size_t)ret + 1;
|
|
521
|
+
if ((tmp = reallocate(candidate, candidate_len)) == NULL) {
|
|
522
|
+
goto err;
|
|
523
|
+
}
|
|
524
|
+
candidate = tmp;
|
|
525
|
+
ret = vsnprintf(candidate, candidate_len, format, args);
|
|
526
|
+
}
|
|
527
|
+
// At this point this should not happen unless vsnprintf is insane.
|
|
528
|
+
if (ret < 0 || (size_t)ret >= candidate_len) {
|
|
529
|
+
goto err;
|
|
530
|
+
}
|
|
531
|
+
*str = candidate;
|
|
532
|
+
return ret;
|
|
533
|
+
|
|
534
|
+
err:
|
|
535
|
+
deallocate(candidate);
|
|
536
|
+
*str = NULL;
|
|
537
|
+
errno = ENOMEM;
|
|
538
|
+
return -1;
|
|
539
|
+
}
|
|
540
|
+
|
|
541
|
+
int OPENSSL_vasprintf(char **str, const char *format, va_list args) {
|
|
542
|
+
return OPENSSL_vasprintf_internal(str, format, args, /*system_malloc=*/0);
|
|
543
|
+
}
|
|
544
|
+
|
|
545
|
+
int OPENSSL_asprintf(char **str, const char *format, ...) {
|
|
546
|
+
va_list args;
|
|
547
|
+
va_start(args, format);
|
|
548
|
+
int ret = OPENSSL_vasprintf(str, format, args);
|
|
549
|
+
va_end(args);
|
|
550
|
+
return ret;
|
|
551
|
+
}
|
|
552
|
+
|
|
344
553
|
char *OPENSSL_strndup(const char *str, size_t size) {
|
|
345
554
|
size = OPENSSL_strnlen(str, size);
|
|
346
555
|
|
|
@@ -352,7 +561,6 @@ char *OPENSSL_strndup(const char *str, size_t size) {
|
|
|
352
561
|
}
|
|
353
562
|
char *ret = OPENSSL_malloc(alloc_size);
|
|
354
563
|
if (ret == NULL) {
|
|
355
|
-
OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE);
|
|
356
564
|
return NULL;
|
|
357
565
|
}
|
|
358
566
|
|
|
@@ -391,7 +599,6 @@ void *OPENSSL_memdup(const void *data, size_t size) {
|
|
|
391
599
|
|
|
392
600
|
void *ret = OPENSSL_malloc(size);
|
|
393
601
|
if (ret == NULL) {
|
|
394
|
-
OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE);
|
|
395
602
|
return NULL;
|
|
396
603
|
}
|
|
397
604
|
|
|
@@ -155,7 +155,6 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) {
|
|
|
155
155
|
return r;
|
|
156
156
|
|
|
157
157
|
err:
|
|
158
|
-
OPENSSL_PUT_ERROR(OBJ, ERR_R_MALLOC_FAILURE);
|
|
159
158
|
OPENSSL_free(ln);
|
|
160
159
|
OPENSSL_free(sn);
|
|
161
160
|
OPENSSL_free(data);
|
|
@@ -506,25 +505,37 @@ static int cmp_long_name(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
|
|
|
506
505
|
// obj_add_object inserts |obj| into the various global hashes for run-time
|
|
507
506
|
// added objects. It returns one on success or zero otherwise.
|
|
508
507
|
static int obj_add_object(ASN1_OBJECT *obj) {
|
|
509
|
-
int ok;
|
|
510
|
-
ASN1_OBJECT *old_object;
|
|
511
|
-
|
|
512
508
|
obj->flags &= ~(ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
|
|
513
509
|
ASN1_OBJECT_FLAG_DYNAMIC_DATA);
|
|
514
510
|
|
|
515
511
|
CRYPTO_STATIC_MUTEX_lock_write(&global_added_lock);
|
|
516
512
|
if (global_added_by_nid == NULL) {
|
|
517
513
|
global_added_by_nid = lh_ASN1_OBJECT_new(hash_nid, cmp_nid);
|
|
514
|
+
}
|
|
515
|
+
if (global_added_by_data == NULL) {
|
|
518
516
|
global_added_by_data = lh_ASN1_OBJECT_new(hash_data, cmp_data);
|
|
519
|
-
|
|
517
|
+
}
|
|
518
|
+
if (global_added_by_short_name == NULL) {
|
|
519
|
+
global_added_by_short_name =
|
|
520
|
+
lh_ASN1_OBJECT_new(hash_short_name, cmp_short_name);
|
|
521
|
+
}
|
|
522
|
+
if (global_added_by_long_name == NULL) {
|
|
520
523
|
global_added_by_long_name = lh_ASN1_OBJECT_new(hash_long_name, cmp_long_name);
|
|
521
524
|
}
|
|
522
525
|
|
|
526
|
+
int ok = 0;
|
|
527
|
+
if (global_added_by_nid == NULL ||
|
|
528
|
+
global_added_by_data == NULL ||
|
|
529
|
+
global_added_by_short_name == NULL ||
|
|
530
|
+
global_added_by_long_name == NULL) {
|
|
531
|
+
goto err;
|
|
532
|
+
}
|
|
533
|
+
|
|
523
534
|
// We don't pay attention to |old_object| (which contains any previous object
|
|
524
535
|
// that was evicted from the hashes) because we don't have a reference count
|
|
525
536
|
// on ASN1_OBJECT values. Also, we should never have duplicates nids and so
|
|
526
537
|
// should always have objects in |global_added_by_nid|.
|
|
527
|
-
|
|
538
|
+
ASN1_OBJECT *old_object;
|
|
528
539
|
ok = lh_ASN1_OBJECT_insert(global_added_by_nid, &old_object, obj);
|
|
529
540
|
if (obj->length != 0 && obj->data != NULL) {
|
|
530
541
|
ok &= lh_ASN1_OBJECT_insert(global_added_by_data, &old_object, obj);
|
|
@@ -535,8 +546,9 @@ static int obj_add_object(ASN1_OBJECT *obj) {
|
|
|
535
546
|
if (obj->ln != NULL) {
|
|
536
547
|
ok &= lh_ASN1_OBJECT_insert(global_added_by_long_name, &old_object, obj);
|
|
537
548
|
}
|
|
538
|
-
CRYPTO_STATIC_MUTEX_unlock_write(&global_added_lock);
|
|
539
549
|
|
|
550
|
+
err:
|
|
551
|
+
CRYPTO_STATIC_MUTEX_unlock_write(&global_added_lock);
|
|
540
552
|
return ok;
|
|
541
553
|
}
|
|
542
554
|
|
|
@@ -57,7 +57,7 @@
|
|
|
57
57
|
/* This file is generated by crypto/obj/objects.go. */
|
|
58
58
|
|
|
59
59
|
|
|
60
|
-
#define NUM_NID
|
|
60
|
+
#define NUM_NID 967
|
|
61
61
|
|
|
62
62
|
static const uint8_t kObjectData[] = {
|
|
63
63
|
/* NID_rsadsi */
|
|
@@ -8781,6 +8781,10 @@ static const ASN1_OBJECT kObjects[NUM_NID] = {
|
|
|
8781
8781
|
{"ED448", "ED448", NID_ED448, 3, &kObjectData[6181], 0},
|
|
8782
8782
|
{"X448", "X448", NID_X448, 3, &kObjectData[6184], 0},
|
|
8783
8783
|
{"SHA512-256", "sha512-256", NID_sha512_256, 9, &kObjectData[6187], 0},
|
|
8784
|
+
{"HKDF", "hkdf", NID_hkdf, 0, NULL, 0},
|
|
8785
|
+
{"X25519Kyber768", "X25519Kyber768", NID_X25519Kyber768, 0, NULL, 0},
|
|
8786
|
+
{"P256Kyber768", "P256Kyber768", NID_P256Kyber768, 0, NULL, 0},
|
|
8787
|
+
{"P384Kyber768", "P384Kyber768", NID_P384Kyber768, 0, NULL, 0},
|
|
8784
8788
|
};
|
|
8785
8789
|
|
|
8786
8790
|
static const uint16_t kNIDsInShortNameOrder[] = {
|
|
@@ -8878,6 +8882,7 @@ static const uint16_t kNIDsInShortNameOrder[] = {
|
|
|
8878
8882
|
949 /* ED25519 */,
|
|
8879
8883
|
960 /* ED448 */,
|
|
8880
8884
|
99 /* GN */,
|
|
8885
|
+
963 /* HKDF */,
|
|
8881
8886
|
855 /* HMAC */,
|
|
8882
8887
|
780 /* HMAC-MD5 */,
|
|
8883
8888
|
781 /* HMAC-SHA1 */,
|
|
@@ -8913,6 +8918,8 @@ static const uint16_t kNIDsInShortNameOrder[] = {
|
|
|
8913
8918
|
18 /* OU */,
|
|
8914
8919
|
749 /* Oakley-EC2N-3 */,
|
|
8915
8920
|
750 /* Oakley-EC2N-4 */,
|
|
8921
|
+
965 /* P256Kyber768 */,
|
|
8922
|
+
966 /* P384Kyber768 */,
|
|
8916
8923
|
9 /* PBE-MD2-DES */,
|
|
8917
8924
|
168 /* PBE-MD2-RC2-64 */,
|
|
8918
8925
|
10 /* PBE-MD5-DES */,
|
|
@@ -8979,6 +8986,7 @@ static const uint16_t kNIDsInShortNameOrder[] = {
|
|
|
8979
8986
|
458 /* UID */,
|
|
8980
8987
|
0 /* UNDEF */,
|
|
8981
8988
|
948 /* X25519 */,
|
|
8989
|
+
964 /* X25519Kyber768 */,
|
|
8982
8990
|
961 /* X448 */,
|
|
8983
8991
|
11 /* X500 */,
|
|
8984
8992
|
378 /* X500algorithms */,
|
|
@@ -9826,6 +9834,8 @@ static const uint16_t kNIDsInLongNameOrder[] = {
|
|
|
9826
9834
|
366 /* OCSP Nonce */,
|
|
9827
9835
|
371 /* OCSP Service Locator */,
|
|
9828
9836
|
180 /* OCSP Signing */,
|
|
9837
|
+
965 /* P256Kyber768 */,
|
|
9838
|
+
966 /* P384Kyber768 */,
|
|
9829
9839
|
161 /* PBES2 */,
|
|
9830
9840
|
69 /* PBKDF2 */,
|
|
9831
9841
|
162 /* PBMAC1 */,
|
|
@@ -9850,6 +9860,7 @@ static const uint16_t kNIDsInLongNameOrder[] = {
|
|
|
9850
9860
|
133 /* Time Stamping */,
|
|
9851
9861
|
375 /* Trust Root */,
|
|
9852
9862
|
948 /* X25519 */,
|
|
9863
|
+
964 /* X25519Kyber768 */,
|
|
9853
9864
|
961 /* X448 */,
|
|
9854
9865
|
12 /* X509 */,
|
|
9855
9866
|
402 /* X509v3 AC Targeting */,
|
|
@@ -10096,6 +10107,7 @@ static const uint16_t kNIDsInLongNameOrder[] = {
|
|
|
10096
10107
|
601 /* generic cryptogram */,
|
|
10097
10108
|
99 /* givenName */,
|
|
10098
10109
|
814 /* gost89-cnt */,
|
|
10110
|
+
963 /* hkdf */,
|
|
10099
10111
|
855 /* hmac */,
|
|
10100
10112
|
780 /* hmac-md5 */,
|
|
10101
10113
|
781 /* hmac-sha1 */,
|