grpc 1.53.1 → 1.54.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +78 -66
- data/include/grpc/event_engine/event_engine.h +30 -14
- data/include/grpc/grpc_security.h +4 -0
- data/include/grpc/support/port_platform.h +4 -4
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +11 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +6 -0
- data/src/core/ext/filters/client_channel/backup_poller.cc +2 -11
- data/src/core/ext/filters/client_channel/backup_poller.h +0 -3
- data/src/core/ext/filters/client_channel/client_channel.cc +848 -813
- data/src/core/ext/filters/client_channel/client_channel.h +131 -173
- data/src/core/ext/filters/client_channel/client_channel_internal.h +114 -0
- data/src/core/ext/filters/client_channel/config_selector.h +4 -3
- data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +6 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +17 -18
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +134 -151
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2 -16
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +14 -10
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +68 -30
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +11 -3
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -5
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +30 -38
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +20 -26
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +31 -179
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +1 -2
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -2
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +4 -2
- data/src/core/ext/filters/client_channel/retry_filter.cc +95 -102
- data/src/core/ext/filters/client_channel/subchannel.cc +2 -4
- data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +26 -27
- data/src/core/ext/filters/client_channel/subchannel_stream_client.h +8 -5
- data/src/core/ext/filters/http/client/http_client_filter.cc +3 -3
- data/src/core/ext/filters/http/http_filters_plugin.cc +1 -12
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +27 -11
- data/src/core/ext/filters/message_size/message_size_filter.cc +141 -224
- data/src/core/ext/filters/message_size/message_size_filter.h +48 -3
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +7 -6
- data/src/core/ext/gcp/metadata_query.cc +142 -0
- data/src/core/ext/gcp/metadata_query.h +82 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +70 -55
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +8 -12
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -5
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +116 -58
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +5 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +4 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +222 -118
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +113 -295
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +0 -2
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +0 -2
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +277 -451
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +1 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +12 -14
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +1 -9
- data/src/core/ext/transport/chttp2/transport/internal.h +16 -3
- data/src/core/ext/transport/chttp2/transport/parsing.cc +3 -2
- data/src/core/ext/transport/chttp2/transport/writing.cc +10 -5
- data/src/core/ext/transport/inproc/inproc_transport.cc +20 -14
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +23 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +94 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -2
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +120 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +6 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +24 -6
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +111 -12
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +9 -7
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +27 -9
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +11 -7
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +56 -12
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +24 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +24 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +13 -2
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +49 -0
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +24 -9
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +66 -12
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +191 -187
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +139 -136
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +31 -15
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +15 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +54 -45
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +135 -119
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +100 -97
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +15 -18
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +272 -264
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +117 -117
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -0
- data/src/core/ext/xds/xds_channel_stack_modifier.cc +1 -2
- data/src/core/ext/xds/xds_client_stats.cc +29 -15
- data/src/core/ext/xds/xds_client_stats.h +24 -20
- data/src/core/ext/xds/xds_endpoint.cc +5 -2
- data/src/core/ext/xds/xds_endpoint.h +9 -1
- data/src/core/ext/xds/xds_http_rbac_filter.cc +1 -1
- data/src/core/ext/xds/xds_lb_policy_registry.cc +13 -0
- data/src/core/ext/xds/xds_transport_grpc.cc +1 -1
- data/src/core/lib/channel/call_finalization.h +1 -1
- data/src/core/lib/channel/call_tracer.cc +51 -0
- data/src/core/lib/channel/call_tracer.h +101 -38
- data/src/core/lib/channel/connected_channel.cc +483 -1050
- data/src/core/lib/channel/context.h +8 -1
- data/src/core/lib/channel/promise_based_filter.cc +106 -42
- data/src/core/lib/channel/promise_based_filter.h +27 -13
- data/src/core/lib/channel/server_call_tracer_filter.cc +110 -0
- data/src/core/lib/config/config_vars.cc +151 -0
- data/src/core/lib/config/config_vars.h +127 -0
- data/src/core/lib/config/config_vars_non_generated.cc +51 -0
- data/src/core/lib/config/load_config.cc +66 -0
- data/src/core/lib/config/load_config.h +49 -0
- data/src/core/lib/debug/trace.cc +5 -6
- data/src/core/lib/debug/trace.h +0 -5
- data/src/core/lib/event_engine/event_engine.cc +37 -2
- data/src/core/lib/event_engine/handle_containers.h +7 -22
- data/src/core/lib/event_engine/memory_allocator_factory.h +47 -0
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -4
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +3 -9
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +48 -15
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +8 -8
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +6 -5
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +6 -3
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +27 -18
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +0 -3
- data/src/core/lib/event_engine/resolved_address.cc +2 -1
- data/src/core/lib/event_engine/windows/win_socket.cc +0 -1
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +129 -82
- data/src/core/lib/event_engine/windows/windows_endpoint.h +21 -5
- data/src/core/lib/event_engine/windows/windows_engine.cc +39 -18
- data/src/core/lib/event_engine/windows/windows_engine.h +2 -1
- data/src/core/lib/event_engine/windows/windows_listener.cc +370 -0
- data/src/core/lib/event_engine/windows/windows_listener.h +155 -0
- data/src/core/lib/experiments/config.cc +3 -10
- data/src/core/lib/experiments/experiments.cc +7 -0
- data/src/core/lib/experiments/experiments.h +9 -1
- data/src/core/lib/gpr/log.cc +15 -28
- data/src/core/lib/gprpp/fork.cc +8 -14
- data/src/core/lib/gprpp/orphanable.h +4 -3
- data/src/core/lib/gprpp/per_cpu.h +9 -3
- data/src/core/lib/gprpp/{thd_posix.cc → posix/thd.cc} +49 -37
- data/src/core/lib/gprpp/ref_counted.h +33 -34
- data/src/core/lib/gprpp/thd.h +16 -0
- data/src/core/lib/gprpp/time.cc +1 -0
- data/src/core/lib/gprpp/time.h +4 -4
- data/src/core/lib/gprpp/{thd_windows.cc → windows/thd.cc} +2 -2
- data/src/core/lib/iomgr/call_combiner.h +2 -2
- data/src/core/lib/iomgr/endpoint_cfstream.cc +4 -2
- data/src/core/lib/iomgr/ev_posix.cc +13 -53
- data/src/core/lib/iomgr/ev_posix.h +0 -3
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +103 -76
- data/src/core/lib/iomgr/iomgr.cc +4 -8
- data/src/core/lib/iomgr/iomgr_windows.cc +8 -2
- data/src/core/lib/iomgr/pollset_set_windows.cc +9 -9
- data/src/core/lib/iomgr/pollset_windows.cc +1 -1
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +16 -3
- data/src/core/lib/iomgr/tcp_client_windows.cc +2 -2
- data/src/core/lib/iomgr/tcp_posix.cc +0 -1
- data/src/core/lib/iomgr/tcp_server_posix.cc +5 -16
- data/src/core/lib/iomgr/tcp_server_windows.cc +176 -9
- data/src/core/lib/iomgr/tcp_windows.cc +12 -8
- data/src/core/lib/load_balancing/lb_policy.cc +9 -13
- data/src/core/lib/load_balancing/lb_policy.h +4 -2
- data/src/core/lib/promise/activity.cc +22 -6
- data/src/core/lib/promise/activity.h +61 -24
- data/src/core/lib/promise/cancel_callback.h +77 -0
- data/src/core/lib/promise/detail/basic_seq.h +1 -1
- data/src/core/lib/promise/detail/promise_factory.h +4 -0
- data/src/core/lib/promise/for_each.h +176 -0
- data/src/core/lib/promise/if.h +9 -0
- data/src/core/lib/promise/interceptor_list.h +23 -2
- data/src/core/lib/promise/latch.h +89 -3
- data/src/core/lib/promise/loop.h +13 -9
- data/src/core/lib/promise/map.h +7 -0
- data/src/core/lib/promise/party.cc +286 -0
- data/src/core/lib/promise/party.h +499 -0
- data/src/core/lib/promise/pipe.h +197 -57
- data/src/core/lib/promise/poll.h +48 -0
- data/src/core/lib/promise/promise.h +2 -2
- data/src/core/lib/resource_quota/arena.cc +19 -3
- data/src/core/lib/resource_quota/arena.h +119 -5
- data/src/core/lib/resource_quota/memory_quota.cc +1 -1
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +12 -35
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -59
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -5
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +13 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +2 -0
- data/src/core/lib/security/security_connector/load_system_roots_supported.cc +5 -9
- data/src/core/lib/security/security_connector/ssl_utils.cc +11 -25
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +12 -0
- data/src/core/lib/security/transport/secure_endpoint.cc +4 -2
- data/src/core/lib/security/transport/server_auth_filter.cc +20 -2
- data/src/core/lib/slice/slice.cc +1 -1
- data/src/core/lib/surface/builtins.cc +2 -0
- data/src/core/lib/surface/call.cc +926 -1024
- data/src/core/lib/surface/call.h +10 -0
- data/src/core/lib/surface/lame_client.cc +1 -0
- data/src/core/lib/surface/validate_metadata.cc +42 -43
- data/src/core/lib/surface/validate_metadata.h +0 -9
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/batch_builder.cc +179 -0
- data/src/core/lib/transport/batch_builder.h +468 -0
- data/src/core/lib/transport/bdp_estimator.cc +7 -7
- data/src/core/lib/transport/bdp_estimator.h +10 -6
- data/src/core/lib/transport/custom_metadata.h +30 -0
- data/src/core/lib/transport/metadata_batch.cc +5 -2
- data/src/core/lib/transport/metadata_batch.h +17 -113
- data/src/core/lib/transport/parsed_metadata.h +6 -16
- data/src/core/lib/transport/timeout_encoding.cc +6 -1
- data/src/core/lib/transport/transport.cc +30 -2
- data/src/core/lib/transport/transport.h +70 -14
- data/src/core/lib/transport/transport_impl.h +7 -0
- data/src/core/lib/transport/transport_op_string.cc +52 -42
- data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -2
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +21 -4
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +5 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +1 -1
- data/src/core/tsi/ssl_transport_security.cc +4 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/abseil-cpp/absl/base/config.h +1 -1
- data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +34 -0
- data/third_party/abseil-cpp/absl/flags/commandlineflag.h +200 -0
- data/third_party/abseil-cpp/absl/flags/config.h +68 -0
- data/third_party/abseil-cpp/absl/flags/declare.h +73 -0
- data/third_party/abseil-cpp/absl/flags/flag.cc +38 -0
- data/third_party/abseil-cpp/absl/flags/flag.h +310 -0
- data/{src/core/lib/gprpp/global_config_custom.h → third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc} +11 -14
- data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.h +68 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.cc +615 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +800 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +116 -0
- data/third_party/abseil-cpp/absl/flags/internal/path_util.h +62 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +65 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +61 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +60 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.h +50 -0
- data/third_party/abseil-cpp/absl/flags/internal/registry.h +97 -0
- data/third_party/abseil-cpp/absl/flags/internal/sequence_lock.h +187 -0
- data/third_party/abseil-cpp/absl/flags/marshalling.cc +241 -0
- data/third_party/abseil-cpp/absl/flags/marshalling.h +356 -0
- data/third_party/abseil-cpp/absl/flags/reflection.cc +354 -0
- data/third_party/abseil-cpp/absl/flags/reflection.h +90 -0
- data/third_party/abseil-cpp/absl/flags/usage_config.cc +165 -0
- data/third_party/abseil-cpp/absl/flags/usage_config.h +135 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +12 -8
- data/third_party/boringssl-with-bazel/err_data.c +728 -712
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +177 -177
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +28 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +21 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +20 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +66 -185
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +18 -21
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +356 -311
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +174 -194
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +146 -210
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +6 -9
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +346 -526
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +110 -131
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +130 -116
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +93 -60
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +93 -181
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +242 -305
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +41 -18
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +30 -33
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +36 -33
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +29 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +133 -88
- data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +230 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +791 -791
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +526 -526
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +114 -135
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +201 -207
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +21 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +55 -68
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +11 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +15 -9
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +17 -10
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -13
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +9 -5
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +10 -23
- data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +2 -6
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +29 -28
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +161 -201
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +254 -39
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +37 -75
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +8 -10
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/cipher → cipher_extra}/e_des.c +100 -78
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +6 -12
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +14 -11
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +6 -10
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +12 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +74 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +62 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-fuchsia.c → cpu_aarch64_fuchsia.c} +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-linux.c → cpu_aarch64_linux.c} +6 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-win.c → cpu_aarch64_win.c} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm.c → cpu_arm.c} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +55 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.c → cpu_arm_linux.c} +11 -90
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.h → cpu_arm_linux.h} +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-intel.c → cpu_intel.c} +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +25 -20
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +16 -27
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +17 -32
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/des.c +232 -232
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +232 -29
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +39 -16
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +37 -7
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +11 -36
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +214 -99
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +21 -5
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +83 -60
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +46 -12
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +25 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +43 -9
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +75 -44
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +19 -25
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +96 -45
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +26 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +233 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +42 -25
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +35 -47
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +135 -244
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +15 -10
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +29 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +13 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +3 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +13 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +9 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +35 -27
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +16 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +88 -60
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +99 -113
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +112 -168
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +86 -31
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +11 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +13 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +13 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +19 -108
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +19 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +15 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +22 -21
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +79 -19
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +102 -99
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → fipsmodule/cipher}/e_aesccm.c +52 -46
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +39 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cmac → fipsmodule/cmac}/cmac.c +55 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +21 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +56 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/{evp → fipsmodule/digestsign}/digestsign.c +51 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +25 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +91 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +34 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +54 -23
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +44 -60
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64-table.h → p256-nistz-table.h} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.c → p256-nistz.c} +60 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.h → p256-nistz.h} +5 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +48 -36
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +2 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +2 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +42 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +6 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +52 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +9 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +71 -43
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +14 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +31 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +16 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +9 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +73 -59
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -45
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +22 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +63 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +107 -62
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +58 -31
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +523 -422
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +89 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +334 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +3 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +12 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +14 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +19 -6
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +32 -14
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +65 -29
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +373 -18
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +61 -0
- data/third_party/boringssl-with-bazel/src/crypto/kyber/keccak.c +205 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +13 -1
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +220 -13
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -7
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +13 -1
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +81 -90
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +150 -245
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +629 -613
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +17 -17
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +142 -149
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +99 -131
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -66
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +31 -38
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +18 -31
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +8 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +129 -5
- data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +8 -11
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +61 -27
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +66 -34
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +190 -77
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +81 -284
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +109 -42
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +22 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +54 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +32 -34
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +32 -16
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +465 -704
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +284 -331
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +183 -178
- data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +67 -50
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +153 -150
- data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +786 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +95 -102
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +72 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +12 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +227 -252
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +52 -47
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +230 -224
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +161 -327
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +37 -33
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +14 -31
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +55 -85
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +534 -618
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +129 -122
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +116 -182
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +132 -132
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +181 -202
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +64 -79
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +175 -160
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1865 -2050
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +433 -462
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +156 -163
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +267 -263
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +40 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +59 -63
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +63 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +114 -144
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +25 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +326 -415
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +30 -28
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +354 -370
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +37 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +116 -119
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +36 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +419 -261
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +113 -105
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +78 -170
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +126 -131
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +465 -469
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +56 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +46 -49
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +309 -346
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +341 -365
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +429 -393
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +29 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +65 -59
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +125 -121
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +43 -42
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +122 -125
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +50 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +247 -253
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +386 -389
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +45 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +57 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +63 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +143 -136
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +664 -707
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +83 -75
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1062 -1146
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +8 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +28 -48
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +211 -187
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +26 -78
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +19 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +21 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +49 -17
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +99 -29
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +49 -60
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +2 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +16 -200
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +34 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +82 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +32 -30
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +7 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +48 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +37 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +33 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +22 -30
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +7 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +41 -16
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +91 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +74 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +13 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +11 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +8 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +12 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +7 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +96 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +13 -21
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +139 -75
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +384 -286
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +5 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/time.h +41 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +18 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +49 -23
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +0 -11
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1592 -1074
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +202 -205
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +6 -13
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +17 -18
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +4 -5
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +25 -33
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +34 -20
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +65 -34
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +198 -54
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +5 -5
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +32 -28
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +76 -44
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +130 -98
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +27 -11
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +91 -75
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +8 -10
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +39 -65
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +5 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +30 -33
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +77 -100
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +120 -107
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +164 -30
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +150 -60
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +22 -11
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +22 -6
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +15 -13
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +5 -43
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +7 -4
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +22 -34
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +16 -98
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +1241 -657
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +751 -398
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3551 -1938
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1272 -487
- metadata +103 -70
- data/src/core/ext/filters/client_channel/lb_call_state_internal.h +0 -39
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +0 -30
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +0 -29
- data/src/core/lib/gprpp/global_config.h +0 -93
- data/src/core/lib/gprpp/global_config_env.cc +0 -140
- data/src/core/lib/gprpp/global_config_env.h +0 -133
- data/src/core/lib/gprpp/global_config_generic.h +0 -40
- data/src/core/lib/promise/intra_activity_waiter.h +0 -55
- data/src/core/lib/security/security_connector/ssl_utils_config.cc +0 -32
- data/src/core/lib/security/security_connector/ssl_utils_config.h +0 -29
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +0 -195
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +0 -83
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +0 -236
- data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +0 -15
- data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +0 -206
- data/third_party/boringssl-with-bazel/src/crypto/cpu-ppc64le.c +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +0 -361
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +0 -287
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +0 -132
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +0 -155
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +0 -131
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +0 -189
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +0 -843
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +0 -289
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +0 -57
- /data/src/core/lib/gpr/{log_android.cc → android/log.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_iphone.cc → iphone/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_linux.cc → linux/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_linux.cc → linux/log.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_msys.cc → msys/tmpfile.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_posix.cc → posix/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_posix.cc → posix/log.cc} +0 -0
- /data/src/core/lib/gpr/{string_posix.cc → posix/string.cc} +0 -0
- /data/src/core/lib/gpr/{sync_posix.cc → posix/sync.cc} +0 -0
- /data/src/core/lib/gpr/{time_posix.cc → posix/time.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_posix.cc → posix/tmpfile.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_windows.cc → windows/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_windows.cc → windows/log.cc} +0 -0
- /data/src/core/lib/gpr/{string_windows.cc → windows/string.cc} +0 -0
- /data/src/core/lib/gpr/{string_util_windows.cc → windows/string_util.cc} +0 -0
- /data/src/core/lib/gpr/{sync_windows.cc → windows/sync.cc} +0 -0
- /data/src/core/lib/gpr/{time_windows.cc → windows/time.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_windows.cc → windows/tmpfile.cc} +0 -0
- /data/src/core/lib/gprpp/{env_linux.cc → linux/env.cc} +0 -0
- /data/src/core/lib/gprpp/{env_posix.cc → posix/env.cc} +0 -0
- /data/src/core/lib/gprpp/{stat_posix.cc → posix/stat.cc} +0 -0
- /data/src/core/lib/gprpp/{env_windows.cc → windows/env.cc} +0 -0
- /data/src/core/lib/gprpp/{stat_windows.cc → windows/stat.cc} +0 -0
@@ -106,11 +106,15 @@
|
|
106
106
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
107
107
|
* Hudson (tjh@cryptsoft.com). */
|
108
108
|
|
109
|
+
// Ensure we can't call OPENSSL_malloc circularly.
|
110
|
+
#define _BORINGSSL_PROHIBIT_OPENSSL_MALLOC
|
109
111
|
#include <openssl/err.h>
|
110
112
|
|
111
113
|
#include <assert.h>
|
112
114
|
#include <errno.h>
|
113
115
|
#include <inttypes.h>
|
116
|
+
#include <limits.h>
|
117
|
+
#include <stdarg.h>
|
114
118
|
#include <string.h>
|
115
119
|
|
116
120
|
#if defined(OPENSSL_WINDOWS)
|
@@ -129,8 +133,8 @@ OPENSSL_MSVC_PRAGMA(warning(pop))
|
|
129
133
|
struct err_error_st {
|
130
134
|
// file contains the filename where the error occurred.
|
131
135
|
const char *file;
|
132
|
-
// data contains a NUL-terminated string with optional data. It
|
133
|
-
// with |OPENSSL_free
|
136
|
+
// data contains a NUL-terminated string with optional data. It is allocated
|
137
|
+
// with system |malloc| and must be freed with |free| (not |OPENSSL_free|)
|
134
138
|
char *data;
|
135
139
|
// packed contains the error library and reason, as packed by ERR_PACK.
|
136
140
|
uint32_t packed;
|
@@ -162,7 +166,7 @@ extern const char kOpenSSLReasonStringData[];
|
|
162
166
|
|
163
167
|
// err_clear clears the given queued error.
|
164
168
|
static void err_clear(struct err_error_st *error) {
|
165
|
-
|
169
|
+
free(error->data);
|
166
170
|
OPENSSL_memset(error, 0, sizeof(struct err_error_st));
|
167
171
|
}
|
168
172
|
|
@@ -170,12 +174,19 @@ static void err_copy(struct err_error_st *dst, const struct err_error_st *src) {
|
|
170
174
|
err_clear(dst);
|
171
175
|
dst->file = src->file;
|
172
176
|
if (src->data != NULL) {
|
173
|
-
|
177
|
+
// Disable deprecated functions on msvc so it doesn't complain about strdup.
|
178
|
+
OPENSSL_MSVC_PRAGMA(warning(push))
|
179
|
+
OPENSSL_MSVC_PRAGMA(warning(disable : 4996))
|
180
|
+
// We can't use OPENSSL_strdup because we don't want to call OPENSSL_malloc,
|
181
|
+
// which can affect the error stack.
|
182
|
+
dst->data = strdup(src->data);
|
183
|
+
OPENSSL_MSVC_PRAGMA(warning(pop))
|
174
184
|
}
|
175
185
|
dst->packed = src->packed;
|
176
186
|
dst->line = src->line;
|
177
187
|
}
|
178
188
|
|
189
|
+
|
179
190
|
// global_next_library contains the next custom library value to return.
|
180
191
|
static int global_next_library = ERR_NUM_LIBS;
|
181
192
|
|
@@ -194,15 +205,15 @@ static void err_state_free(void *statep) {
|
|
194
205
|
for (unsigned i = 0; i < ERR_NUM_ERRORS; i++) {
|
195
206
|
err_clear(&state->errors[i]);
|
196
207
|
}
|
197
|
-
|
198
|
-
|
208
|
+
free(state->to_free);
|
209
|
+
free(state);
|
199
210
|
}
|
200
211
|
|
201
212
|
// err_get_state gets the ERR_STATE object for the current thread.
|
202
213
|
static ERR_STATE *err_get_state(void) {
|
203
214
|
ERR_STATE *state = CRYPTO_get_thread_local(OPENSSL_THREAD_LOCAL_ERR);
|
204
215
|
if (state == NULL) {
|
205
|
-
state =
|
216
|
+
state = malloc(sizeof(ERR_STATE));
|
206
217
|
if (state == NULL) {
|
207
218
|
return NULL;
|
208
219
|
}
|
@@ -258,7 +269,10 @@ static uint32_t get_error_values(int inc, int top, const char **file, int *line,
|
|
258
269
|
} else {
|
259
270
|
*data = error->data;
|
260
271
|
if (flags != NULL) {
|
261
|
-
|
272
|
+
// Without |ERR_FLAG_MALLOCED|, rust-openssl assumes the string has a
|
273
|
+
// static lifetime. In both cases, we retain ownership of the string,
|
274
|
+
// and the caller is not expected to free it.
|
275
|
+
*flags = ERR_FLAG_STRING | ERR_FLAG_MALLOCED;
|
262
276
|
}
|
263
277
|
// If this error is being removed, take ownership of data from
|
264
278
|
// the error. The semantics are such that the caller doesn't
|
@@ -267,7 +281,7 @@ static uint32_t get_error_values(int inc, int top, const char **file, int *line,
|
|
267
281
|
// error queue.
|
268
282
|
if (inc) {
|
269
283
|
if (error->data != NULL) {
|
270
|
-
|
284
|
+
free(state->to_free);
|
271
285
|
state->to_free = error->data;
|
272
286
|
}
|
273
287
|
error->data = NULL;
|
@@ -335,7 +349,7 @@ void ERR_clear_error(void) {
|
|
335
349
|
for (i = 0; i < ERR_NUM_ERRORS; i++) {
|
336
350
|
err_clear(&state->errors[i]);
|
337
351
|
}
|
338
|
-
|
352
|
+
free(state->to_free);
|
339
353
|
state->to_free = NULL;
|
340
354
|
|
341
355
|
state->top = state->bottom = 0;
|
@@ -629,13 +643,13 @@ static void err_set_error_data(char *data) {
|
|
629
643
|
struct err_error_st *error;
|
630
644
|
|
631
645
|
if (state == NULL || state->top == state->bottom) {
|
632
|
-
|
646
|
+
free(data);
|
633
647
|
return;
|
634
648
|
}
|
635
649
|
|
636
650
|
error = &state->errors[state->top];
|
637
651
|
|
638
|
-
|
652
|
+
free(error->data);
|
639
653
|
error->data = data;
|
640
654
|
}
|
641
655
|
|
@@ -672,48 +686,42 @@ void ERR_put_error(int library, int unused, int reason, const char *file,
|
|
672
686
|
// concatenates them and sets the result as the data on the most recent
|
673
687
|
// error.
|
674
688
|
static void err_add_error_vdata(unsigned num, va_list args) {
|
675
|
-
size_t
|
676
|
-
char *buf;
|
689
|
+
size_t total_size = 0;
|
677
690
|
const char *substr;
|
678
|
-
|
691
|
+
char *buf;
|
679
692
|
|
680
|
-
|
681
|
-
|
682
|
-
|
693
|
+
va_list args_copy;
|
694
|
+
va_copy(args_copy, args);
|
695
|
+
for (size_t i = 0; i < num; i++) {
|
696
|
+
substr = va_arg(args_copy, const char *);
|
697
|
+
if (substr == NULL) {
|
698
|
+
continue;
|
699
|
+
}
|
700
|
+
size_t substr_len = strlen(substr);
|
701
|
+
if (SIZE_MAX - total_size < substr_len) {
|
702
|
+
return; // Would overflow.
|
703
|
+
}
|
704
|
+
total_size += substr_len;
|
705
|
+
}
|
706
|
+
va_end(args_copy);
|
707
|
+
if (total_size == SIZE_MAX) {
|
708
|
+
return; // Would overflow.
|
709
|
+
}
|
710
|
+
total_size += 1; // NUL terminator.
|
711
|
+
if ((buf = malloc(total_size)) == NULL) {
|
683
712
|
return;
|
684
713
|
}
|
685
|
-
|
686
|
-
for (i = 0; i < num; i++) {
|
714
|
+
buf[0] = '\0';
|
715
|
+
for (size_t i = 0; i < num; i++) {
|
687
716
|
substr = va_arg(args, const char *);
|
688
717
|
if (substr == NULL) {
|
689
718
|
continue;
|
690
719
|
}
|
691
|
-
|
692
|
-
|
693
|
-
new_len = len + substr_len;
|
694
|
-
if (new_len > alloced) {
|
695
|
-
char *new_buf;
|
696
|
-
|
697
|
-
if (alloced + 20 + 1 < alloced) {
|
698
|
-
// overflow.
|
699
|
-
OPENSSL_free(buf);
|
700
|
-
return;
|
701
|
-
}
|
702
|
-
|
703
|
-
alloced = new_len + 20;
|
704
|
-
new_buf = OPENSSL_realloc(buf, alloced + 1);
|
705
|
-
if (new_buf == NULL) {
|
706
|
-
OPENSSL_free(buf);
|
707
|
-
return;
|
708
|
-
}
|
709
|
-
buf = new_buf;
|
720
|
+
if (OPENSSL_strlcat(buf, substr, total_size) >= total_size) {
|
721
|
+
assert(0); // should not be possible.
|
710
722
|
}
|
711
|
-
|
712
|
-
OPENSSL_memcpy(buf + len, substr, substr_len);
|
713
|
-
len = new_len;
|
714
723
|
}
|
715
|
-
|
716
|
-
buf[len] = 0;
|
724
|
+
va_end(args);
|
717
725
|
err_set_error_data(buf);
|
718
726
|
}
|
719
727
|
|
@@ -725,26 +733,41 @@ void ERR_add_error_data(unsigned count, ...) {
|
|
725
733
|
}
|
726
734
|
|
727
735
|
void ERR_add_error_dataf(const char *format, ...) {
|
736
|
+
char *buf = NULL;
|
728
737
|
va_list ap;
|
729
|
-
char *buf;
|
730
|
-
static const unsigned buf_len = 256;
|
731
738
|
|
732
|
-
|
733
|
-
|
734
|
-
// C99.
|
735
|
-
buf = OPENSSL_malloc(buf_len + 1);
|
736
|
-
if (buf == NULL) {
|
739
|
+
va_start(ap, format);
|
740
|
+
if (OPENSSL_vasprintf_internal(&buf, format, ap, /*system_malloc=*/1) == -1) {
|
737
741
|
return;
|
738
742
|
}
|
739
|
-
|
740
|
-
va_start(ap, format);
|
741
|
-
BIO_vsnprintf(buf, buf_len, format, ap);
|
742
|
-
buf[buf_len] = 0;
|
743
743
|
va_end(ap);
|
744
744
|
|
745
745
|
err_set_error_data(buf);
|
746
746
|
}
|
747
747
|
|
748
|
+
void ERR_set_error_data(char *data, int flags) {
|
749
|
+
if (!(flags & ERR_FLAG_STRING)) {
|
750
|
+
// We do not support non-string error data.
|
751
|
+
assert(0);
|
752
|
+
return;
|
753
|
+
}
|
754
|
+
// Disable deprecated functions on msvc so it doesn't complain about strdup.
|
755
|
+
OPENSSL_MSVC_PRAGMA(warning(push))
|
756
|
+
OPENSSL_MSVC_PRAGMA(warning(disable : 4996))
|
757
|
+
// We can not use OPENSSL_strdup because we don't want to call OPENSSL_malloc,
|
758
|
+
// which can affect the error stack.
|
759
|
+
char *copy = strdup(data);
|
760
|
+
OPENSSL_MSVC_PRAGMA(warning(pop))
|
761
|
+
if (copy != NULL) {
|
762
|
+
err_set_error_data(copy);
|
763
|
+
}
|
764
|
+
if (flags & ERR_FLAG_MALLOCED) {
|
765
|
+
// We can not take ownership of |data| directly because it is allocated with
|
766
|
+
// |OPENSSL_malloc| and we will free it with system |free| later.
|
767
|
+
OPENSSL_free(data);
|
768
|
+
}
|
769
|
+
}
|
770
|
+
|
748
771
|
int ERR_set_mark(void) {
|
749
772
|
ERR_STATE *const state = err_get_state();
|
750
773
|
|
@@ -803,8 +826,8 @@ void ERR_SAVE_STATE_free(ERR_SAVE_STATE *state) {
|
|
803
826
|
for (size_t i = 0; i < state->num_errors; i++) {
|
804
827
|
err_clear(&state->errors[i]);
|
805
828
|
}
|
806
|
-
|
807
|
-
|
829
|
+
free(state->errors);
|
830
|
+
free(state);
|
808
831
|
}
|
809
832
|
|
810
833
|
ERR_SAVE_STATE *ERR_save_state(void) {
|
@@ -813,7 +836,7 @@ ERR_SAVE_STATE *ERR_save_state(void) {
|
|
813
836
|
return NULL;
|
814
837
|
}
|
815
838
|
|
816
|
-
ERR_SAVE_STATE *ret =
|
839
|
+
ERR_SAVE_STATE *ret = malloc(sizeof(ERR_SAVE_STATE));
|
817
840
|
if (ret == NULL) {
|
818
841
|
return NULL;
|
819
842
|
}
|
@@ -823,9 +846,9 @@ ERR_SAVE_STATE *ERR_save_state(void) {
|
|
823
846
|
? state->top - state->bottom
|
824
847
|
: ERR_NUM_ERRORS + state->top - state->bottom;
|
825
848
|
assert(num_errors < ERR_NUM_ERRORS);
|
826
|
-
ret->errors =
|
849
|
+
ret->errors = malloc(num_errors * sizeof(struct err_error_st));
|
827
850
|
if (ret->errors == NULL) {
|
828
|
-
|
851
|
+
free(ret);
|
829
852
|
return NULL;
|
830
853
|
}
|
831
854
|
OPENSSL_memset(ret->errors, 0, num_errors * sizeof(struct err_error_st));
|
@@ -85,7 +85,6 @@ EVP_PKEY *EVP_PKEY_new(void) {
|
|
85
85
|
|
86
86
|
ret = OPENSSL_malloc(sizeof(EVP_PKEY));
|
87
87
|
if (ret == NULL) {
|
88
|
-
OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE);
|
89
88
|
return NULL;
|
90
89
|
}
|
91
90
|
|
@@ -99,7 +98,7 @@ EVP_PKEY *EVP_PKEY_new(void) {
|
|
99
98
|
static void free_it(EVP_PKEY *pkey) {
|
100
99
|
if (pkey->ameth && pkey->ameth->pkey_free) {
|
101
100
|
pkey->ameth->pkey_free(pkey);
|
102
|
-
pkey->pkey
|
101
|
+
pkey->pkey = NULL;
|
103
102
|
pkey->type = EVP_PKEY_NONE;
|
104
103
|
}
|
105
104
|
}
|
@@ -153,21 +152,35 @@ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) {
|
|
153
152
|
}
|
154
153
|
|
155
154
|
int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) {
|
156
|
-
if (to->type
|
155
|
+
if (to->type == EVP_PKEY_NONE) {
|
156
|
+
if (!EVP_PKEY_set_type(to, from->type)) {
|
157
|
+
return 0;
|
158
|
+
}
|
159
|
+
} else if (to->type != from->type) {
|
157
160
|
OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES);
|
158
|
-
|
161
|
+
return 0;
|
159
162
|
}
|
160
163
|
|
161
164
|
if (EVP_PKEY_missing_parameters(from)) {
|
162
165
|
OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS);
|
163
|
-
|
166
|
+
return 0;
|
167
|
+
}
|
168
|
+
|
169
|
+
// Once set, parameters may not change.
|
170
|
+
if (!EVP_PKEY_missing_parameters(to)) {
|
171
|
+
if (EVP_PKEY_cmp_parameters(to, from) == 1) {
|
172
|
+
return 1;
|
173
|
+
}
|
174
|
+
OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_PARAMETERS);
|
175
|
+
return 0;
|
164
176
|
}
|
165
177
|
|
166
178
|
if (from->ameth && from->ameth->param_copy) {
|
167
179
|
return from->ameth->param_copy(to, from);
|
168
180
|
}
|
169
181
|
|
170
|
-
|
182
|
+
// TODO(https://crbug.com/boringssl/536): If the algorithm takes no
|
183
|
+
// parameters, copying them should vacuously succeed.
|
171
184
|
return 0;
|
172
185
|
}
|
173
186
|
|
@@ -241,7 +254,7 @@ RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey) {
|
|
241
254
|
OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_RSA_KEY);
|
242
255
|
return NULL;
|
243
256
|
}
|
244
|
-
return pkey->pkey
|
257
|
+
return pkey->pkey;
|
245
258
|
}
|
246
259
|
|
247
260
|
RSA *EVP_PKEY_get1_RSA(const EVP_PKEY *pkey) {
|
@@ -269,7 +282,7 @@ DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey) {
|
|
269
282
|
OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_A_DSA_KEY);
|
270
283
|
return NULL;
|
271
284
|
}
|
272
|
-
return pkey->pkey
|
285
|
+
return pkey->pkey;
|
273
286
|
}
|
274
287
|
|
275
288
|
DSA *EVP_PKEY_get1_DSA(const EVP_PKEY *pkey) {
|
@@ -297,7 +310,7 @@ EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey) {
|
|
297
310
|
OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_EC_KEY_KEY);
|
298
311
|
return NULL;
|
299
312
|
}
|
300
|
-
return pkey->pkey
|
313
|
+
return pkey->pkey;
|
301
314
|
}
|
302
315
|
|
303
316
|
EC_KEY *EVP_PKEY_get1_EC_KEY(const EVP_PKEY *pkey) {
|
@@ -315,14 +328,14 @@ int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) {
|
|
315
328
|
if (!EVP_PKEY_set_type(pkey, type)) {
|
316
329
|
return 0;
|
317
330
|
}
|
318
|
-
pkey->pkey
|
331
|
+
pkey->pkey = key;
|
319
332
|
return key != NULL;
|
320
333
|
}
|
321
334
|
|
322
335
|
int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) {
|
323
336
|
const EVP_PKEY_ASN1_METHOD *ameth;
|
324
337
|
|
325
|
-
if (pkey && pkey->pkey
|
338
|
+
if (pkey && pkey->pkey) {
|
326
339
|
free_it(pkey);
|
327
340
|
}
|
328
341
|
|
@@ -416,6 +429,8 @@ int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) {
|
|
416
429
|
if (a->ameth && a->ameth->param_cmp) {
|
417
430
|
return a->ameth->param_cmp(a, b);
|
418
431
|
}
|
432
|
+
// TODO(https://crbug.com/boringssl/536): If the algorithm doesn't use
|
433
|
+
// parameters, they should compare as vacuously equal.
|
419
434
|
return -2;
|
420
435
|
}
|
421
436
|
|
@@ -432,7 +447,7 @@ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **out_md) {
|
|
432
447
|
void *EVP_PKEY_get0(const EVP_PKEY *pkey) {
|
433
448
|
// Node references, but never calls this function, so for now we return NULL.
|
434
449
|
// If other projects require complete support, call |EVP_PKEY_get0_RSA|, etc.,
|
435
|
-
// rather than reading |pkey->pkey
|
450
|
+
// rather than reading |pkey->pkey| directly. This avoids problems if our
|
436
451
|
// internal representation does not match the type the caller expects from
|
437
452
|
// OpenSSL.
|
438
453
|
return NULL;
|
@@ -448,6 +463,25 @@ void OpenSSL_add_all_digests(void) {}
|
|
448
463
|
|
449
464
|
void EVP_cleanup(void) {}
|
450
465
|
|
466
|
+
int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey, const uint8_t *in,
|
467
|
+
size_t len) {
|
468
|
+
if (pkey->ameth->set1_tls_encodedpoint == NULL) {
|
469
|
+
OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
|
470
|
+
return 0;
|
471
|
+
}
|
472
|
+
|
473
|
+
return pkey->ameth->set1_tls_encodedpoint(pkey, in, len);
|
474
|
+
}
|
475
|
+
|
476
|
+
size_t EVP_PKEY_get1_tls_encodedpoint(const EVP_PKEY *pkey, uint8_t **out_ptr) {
|
477
|
+
if (pkey->ameth->get1_tls_encodedpoint == NULL) {
|
478
|
+
OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
|
479
|
+
return 0;
|
480
|
+
}
|
481
|
+
|
482
|
+
return pkey->ameth->get1_tls_encodedpoint(pkey, out_ptr);
|
483
|
+
}
|
484
|
+
|
451
485
|
int EVP_PKEY_base_id(const EVP_PKEY *pkey) {
|
452
486
|
// OpenSSL has two notions of key type because it supports multiple OIDs for
|
453
487
|
// the same algorithm: NID_rsa vs NID_rsaEncryption and five distinct spelling
|
@@ -336,11 +336,11 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, long len) {
|
|
336
336
|
int i2d_PublicKey(const EVP_PKEY *key, uint8_t **outp) {
|
337
337
|
switch (key->type) {
|
338
338
|
case EVP_PKEY_RSA:
|
339
|
-
return i2d_RSAPublicKey(key
|
339
|
+
return i2d_RSAPublicKey(EVP_PKEY_get0_RSA(key), outp);
|
340
340
|
case EVP_PKEY_DSA:
|
341
|
-
return i2d_DSAPublicKey(key
|
341
|
+
return i2d_DSAPublicKey(EVP_PKEY_get0_DSA(key), outp);
|
342
342
|
case EVP_PKEY_EC:
|
343
|
-
return i2o_ECPublicKey(key
|
343
|
+
return i2o_ECPublicKey(EVP_PKEY_get0_EC_KEY(key), outp);
|
344
344
|
default:
|
345
345
|
OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
|
346
346
|
return -1;
|
@@ -71,6 +71,7 @@ static const EVP_PKEY_METHOD *const evp_methods[] = {
|
|
71
71
|
&ec_pkey_meth,
|
72
72
|
&ed25519_pkey_meth,
|
73
73
|
&x25519_pkey_meth,
|
74
|
+
&hkdf_pkey_meth,
|
74
75
|
};
|
75
76
|
|
76
77
|
static const EVP_PKEY_METHOD *evp_pkey_meth_find(int type) {
|
@@ -83,28 +84,10 @@ static const EVP_PKEY_METHOD *evp_pkey_meth_find(int type) {
|
|
83
84
|
return NULL;
|
84
85
|
}
|
85
86
|
|
86
|
-
static EVP_PKEY_CTX *evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *e,
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
if (id == -1) {
|
91
|
-
if (!pkey || !pkey->ameth) {
|
92
|
-
return NULL;
|
93
|
-
}
|
94
|
-
id = pkey->ameth->pkey_id;
|
95
|
-
}
|
96
|
-
|
97
|
-
pmeth = evp_pkey_meth_find(id);
|
98
|
-
|
99
|
-
if (pmeth == NULL) {
|
100
|
-
OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);
|
101
|
-
ERR_add_error_dataf("algorithm %d", id);
|
102
|
-
return NULL;
|
103
|
-
}
|
104
|
-
|
105
|
-
ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
|
87
|
+
static EVP_PKEY_CTX *evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *e,
|
88
|
+
const EVP_PKEY_METHOD *pmeth) {
|
89
|
+
EVP_PKEY_CTX *ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
|
106
90
|
if (!ret) {
|
107
|
-
OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE);
|
108
91
|
return NULL;
|
109
92
|
}
|
110
93
|
OPENSSL_memset(ret, 0, sizeof(EVP_PKEY_CTX));
|
@@ -130,11 +113,30 @@ static EVP_PKEY_CTX *evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) {
|
|
130
113
|
}
|
131
114
|
|
132
115
|
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e) {
|
133
|
-
|
116
|
+
if (pkey == NULL || pkey->ameth == NULL) {
|
117
|
+
OPENSSL_PUT_ERROR(EVP, ERR_R_PASSED_NULL_PARAMETER);
|
118
|
+
return NULL;
|
119
|
+
}
|
120
|
+
|
121
|
+
const EVP_PKEY_METHOD *pkey_method = pkey->ameth->pkey_method;
|
122
|
+
if (pkey_method == NULL) {
|
123
|
+
OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);
|
124
|
+
ERR_add_error_dataf("algorithm %d", pkey->ameth->pkey_id);
|
125
|
+
return NULL;
|
126
|
+
}
|
127
|
+
|
128
|
+
return evp_pkey_ctx_new(pkey, e, pkey_method);
|
134
129
|
}
|
135
130
|
|
136
131
|
EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e) {
|
137
|
-
|
132
|
+
const EVP_PKEY_METHOD *pkey_method = evp_pkey_meth_find(id);
|
133
|
+
if (pkey_method == NULL) {
|
134
|
+
OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);
|
135
|
+
ERR_add_error_dataf("algorithm %d", id);
|
136
|
+
return NULL;
|
137
|
+
}
|
138
|
+
|
139
|
+
return evp_pkey_ctx_new(NULL, e, pkey_method);
|
138
140
|
}
|
139
141
|
|
140
142
|
void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx) {
|
@@ -66,11 +66,16 @@ extern "C" {
|
|
66
66
|
#endif
|
67
67
|
|
68
68
|
|
69
|
+
typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
|
70
|
+
typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
|
71
|
+
|
69
72
|
struct evp_pkey_asn1_method_st {
|
70
73
|
int pkey_id;
|
71
74
|
uint8_t oid[9];
|
72
75
|
uint8_t oid_len;
|
73
76
|
|
77
|
+
const EVP_PKEY_METHOD *pkey_method;
|
78
|
+
|
74
79
|
// pub_decode decodes |params| and |key| as a SubjectPublicKeyInfo
|
75
80
|
// and writes the result into |out|. It returns one on success and zero on
|
76
81
|
// error. |params| is the AlgorithmIdentifier after the OBJECT IDENTIFIER
|
@@ -101,6 +106,17 @@ struct evp_pkey_asn1_method_st {
|
|
101
106
|
int (*get_priv_raw)(const EVP_PKEY *pkey, uint8_t *out, size_t *out_len);
|
102
107
|
int (*get_pub_raw)(const EVP_PKEY *pkey, uint8_t *out, size_t *out_len);
|
103
108
|
|
109
|
+
// TODO(davidben): Can these be merged with the functions above? OpenSSL does
|
110
|
+
// not implement |EVP_PKEY_get_raw_public_key|, etc., for |EVP_PKEY_EC|, but
|
111
|
+
// the distinction seems unimportant. OpenSSL 3.0 has since renamed
|
112
|
+
// |EVP_PKEY_get1_tls_encodedpoint| to |EVP_PKEY_get1_encoded_public_key|, and
|
113
|
+
// what is the difference between "raw" and an "encoded" public key.
|
114
|
+
//
|
115
|
+
// One nuisance is the notion of "raw" is slightly ambiguous for EC keys. Is
|
116
|
+
// it a DER ECPrivateKey or just the scalar?
|
117
|
+
int (*set1_tls_encodedpoint)(EVP_PKEY *pkey, const uint8_t *in, size_t len);
|
118
|
+
size_t (*get1_tls_encodedpoint)(const EVP_PKEY *pkey, uint8_t **out_ptr);
|
119
|
+
|
104
120
|
// pkey_opaque returns 1 if the |pk| is opaque. Opaque keys are backed by
|
105
121
|
// custom implementations which do not expose key material and parameters.
|
106
122
|
int (*pkey_opaque)(const EVP_PKEY *pk);
|
@@ -115,6 +131,20 @@ struct evp_pkey_asn1_method_st {
|
|
115
131
|
void (*pkey_free)(EVP_PKEY *pkey);
|
116
132
|
} /* EVP_PKEY_ASN1_METHOD */;
|
117
133
|
|
134
|
+
struct evp_pkey_st {
|
135
|
+
CRYPTO_refcount_t references;
|
136
|
+
|
137
|
+
// type contains one of the EVP_PKEY_* values or NID_undef and determines
|
138
|
+
// the type of |pkey|.
|
139
|
+
int type;
|
140
|
+
|
141
|
+
// pkey contains a pointer to a structure dependent on |type|.
|
142
|
+
void *pkey;
|
143
|
+
|
144
|
+
// ameth contains a pointer to a method table that contains many ASN.1
|
145
|
+
// methods for the key type.
|
146
|
+
const EVP_PKEY_ASN1_METHOD *ameth;
|
147
|
+
} /* EVP_PKEY */;
|
118
148
|
|
119
149
|
#define EVP_PKEY_OP_UNDEFINED 0
|
120
150
|
#define EVP_PKEY_OP_KEYGEN (1 << 2)
|
@@ -178,6 +208,11 @@ OPENSSL_EXPORT int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
|
|
178
208
|
#define EVP_PKEY_CTRL_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 11)
|
179
209
|
#define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12)
|
180
210
|
#define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 13)
|
211
|
+
#define EVP_PKEY_CTRL_HKDF_MODE (EVP_PKEY_ALG_CTRL + 14)
|
212
|
+
#define EVP_PKEY_CTRL_HKDF_MD (EVP_PKEY_ALG_CTRL + 15)
|
213
|
+
#define EVP_PKEY_CTRL_HKDF_KEY (EVP_PKEY_ALG_CTRL + 16)
|
214
|
+
#define EVP_PKEY_CTRL_HKDF_SALT (EVP_PKEY_ALG_CTRL + 17)
|
215
|
+
#define EVP_PKEY_CTRL_HKDF_INFO (EVP_PKEY_ALG_CTRL + 18)
|
181
216
|
|
182
217
|
struct evp_pkey_ctx_st {
|
183
218
|
// Method associated with this operation
|
@@ -232,18 +267,16 @@ struct evp_pkey_method_st {
|
|
232
267
|
} /* EVP_PKEY_METHOD */;
|
233
268
|
|
234
269
|
typedef struct {
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
|
239
|
-
|
240
|
-
uint8_t pad[32];
|
241
|
-
uint8_t value[32];
|
242
|
-
} pub;
|
243
|
-
} key;
|
270
|
+
// key is the concatenation of the private seed and public key. It is stored
|
271
|
+
// as a single 64-bit array to allow passing to |ED25519_sign|. If
|
272
|
+
// |has_private| is false, the first 32 bytes are uninitialized and the public
|
273
|
+
// key is in the last 32 bytes.
|
274
|
+
uint8_t key[64];
|
244
275
|
char has_private;
|
245
276
|
} ED25519_KEY;
|
246
277
|
|
278
|
+
#define ED25519_PUBLIC_KEY_OFFSET 32
|
279
|
+
|
247
280
|
typedef struct {
|
248
281
|
uint8_t pub[32];
|
249
282
|
uint8_t priv[32];
|
@@ -260,6 +293,7 @@ extern const EVP_PKEY_METHOD rsa_pkey_meth;
|
|
260
293
|
extern const EVP_PKEY_METHOD ec_pkey_meth;
|
261
294
|
extern const EVP_PKEY_METHOD ed25519_pkey_meth;
|
262
295
|
extern const EVP_PKEY_METHOD x25519_pkey_meth;
|
296
|
+
extern const EVP_PKEY_METHOD hkdf_pkey_meth;
|
263
297
|
|
264
298
|
|
265
299
|
#if defined(__cplusplus)
|