grpc 1.53.1 → 1.54.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (689) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +78 -66
  3. data/include/grpc/event_engine/event_engine.h +30 -14
  4. data/include/grpc/grpc_security.h +4 -0
  5. data/include/grpc/support/port_platform.h +4 -4
  6. data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +11 -0
  7. data/src/core/ext/filters/client_channel/backend_metric.cc +6 -0
  8. data/src/core/ext/filters/client_channel/backup_poller.cc +2 -11
  9. data/src/core/ext/filters/client_channel/backup_poller.h +0 -3
  10. data/src/core/ext/filters/client_channel/client_channel.cc +848 -813
  11. data/src/core/ext/filters/client_channel/client_channel.h +131 -173
  12. data/src/core/ext/filters/client_channel/client_channel_internal.h +114 -0
  13. data/src/core/ext/filters/client_channel/config_selector.h +4 -3
  14. data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +6 -1
  15. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +17 -18
  16. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +134 -151
  17. data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2 -16
  18. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +14 -10
  19. data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +68 -30
  20. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +11 -3
  21. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -1
  22. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -5
  23. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +2 -2
  24. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +30 -38
  25. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +4 -4
  26. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +20 -26
  27. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +31 -179
  28. data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +1 -2
  29. data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -2
  30. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +4 -2
  31. data/src/core/ext/filters/client_channel/retry_filter.cc +95 -102
  32. data/src/core/ext/filters/client_channel/subchannel.cc +2 -4
  33. data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +26 -27
  34. data/src/core/ext/filters/client_channel/subchannel_stream_client.h +8 -5
  35. data/src/core/ext/filters/http/client/http_client_filter.cc +3 -3
  36. data/src/core/ext/filters/http/http_filters_plugin.cc +1 -12
  37. data/src/core/ext/filters/http/message_compress/compression_filter.cc +27 -11
  38. data/src/core/ext/filters/message_size/message_size_filter.cc +141 -224
  39. data/src/core/ext/filters/message_size/message_size_filter.h +48 -3
  40. data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +7 -6
  41. data/src/core/ext/gcp/metadata_query.cc +142 -0
  42. data/src/core/ext/gcp/metadata_query.h +82 -0
  43. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +70 -55
  44. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +8 -12
  45. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -5
  46. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +116 -58
  47. data/src/core/ext/transport/chttp2/transport/flow_control.cc +5 -2
  48. data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -1
  49. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +4 -1
  50. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +222 -118
  51. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +113 -295
  52. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +0 -2
  53. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +0 -2
  54. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +277 -451
  55. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +1 -3
  56. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +12 -14
  57. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +1 -9
  58. data/src/core/ext/transport/chttp2/transport/internal.h +16 -3
  59. data/src/core/ext/transport/chttp2/transport/parsing.cc +3 -2
  60. data/src/core/ext/transport/chttp2/transport/writing.cc +10 -5
  61. data/src/core/ext/transport/inproc/inproc_transport.cc +20 -14
  62. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +5 -3
  63. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +22 -0
  64. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +5 -3
  65. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +22 -0
  66. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +23 -5
  67. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +94 -3
  68. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -2
  69. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +120 -0
  70. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +6 -3
  71. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +22 -0
  72. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +24 -6
  73. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +111 -12
  74. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +9 -7
  75. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +27 -9
  76. data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +0 -1
  77. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +11 -7
  78. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +56 -12
  79. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +5 -3
  80. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +24 -0
  81. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +5 -3
  82. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +24 -0
  83. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +13 -2
  84. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +49 -0
  85. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +24 -9
  86. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +66 -12
  87. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +191 -187
  88. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +139 -136
  89. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +31 -15
  90. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -0
  91. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +12 -9
  92. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +15 -0
  93. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +54 -45
  94. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +135 -119
  95. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
  96. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +100 -97
  97. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +15 -18
  98. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +272 -264
  99. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +117 -117
  100. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +5 -5
  101. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +5 -5
  102. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +5 -5
  103. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +12 -9
  104. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -0
  105. data/src/core/ext/xds/xds_channel_stack_modifier.cc +1 -2
  106. data/src/core/ext/xds/xds_client_stats.cc +29 -15
  107. data/src/core/ext/xds/xds_client_stats.h +24 -20
  108. data/src/core/ext/xds/xds_endpoint.cc +5 -2
  109. data/src/core/ext/xds/xds_endpoint.h +9 -1
  110. data/src/core/ext/xds/xds_http_rbac_filter.cc +1 -1
  111. data/src/core/ext/xds/xds_lb_policy_registry.cc +13 -0
  112. data/src/core/ext/xds/xds_transport_grpc.cc +1 -1
  113. data/src/core/lib/channel/call_finalization.h +1 -1
  114. data/src/core/lib/channel/call_tracer.cc +51 -0
  115. data/src/core/lib/channel/call_tracer.h +101 -38
  116. data/src/core/lib/channel/connected_channel.cc +483 -1050
  117. data/src/core/lib/channel/context.h +8 -1
  118. data/src/core/lib/channel/promise_based_filter.cc +106 -42
  119. data/src/core/lib/channel/promise_based_filter.h +27 -13
  120. data/src/core/lib/channel/server_call_tracer_filter.cc +110 -0
  121. data/src/core/lib/config/config_vars.cc +151 -0
  122. data/src/core/lib/config/config_vars.h +127 -0
  123. data/src/core/lib/config/config_vars_non_generated.cc +51 -0
  124. data/src/core/lib/config/load_config.cc +66 -0
  125. data/src/core/lib/config/load_config.h +49 -0
  126. data/src/core/lib/debug/trace.cc +5 -6
  127. data/src/core/lib/debug/trace.h +0 -5
  128. data/src/core/lib/event_engine/event_engine.cc +37 -2
  129. data/src/core/lib/event_engine/handle_containers.h +7 -22
  130. data/src/core/lib/event_engine/memory_allocator_factory.h +47 -0
  131. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -4
  132. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +3 -9
  133. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +48 -15
  134. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +8 -8
  135. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +6 -5
  136. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +6 -3
  137. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +27 -18
  138. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +0 -3
  139. data/src/core/lib/event_engine/resolved_address.cc +2 -1
  140. data/src/core/lib/event_engine/windows/win_socket.cc +0 -1
  141. data/src/core/lib/event_engine/windows/windows_endpoint.cc +129 -82
  142. data/src/core/lib/event_engine/windows/windows_endpoint.h +21 -5
  143. data/src/core/lib/event_engine/windows/windows_engine.cc +39 -18
  144. data/src/core/lib/event_engine/windows/windows_engine.h +2 -1
  145. data/src/core/lib/event_engine/windows/windows_listener.cc +370 -0
  146. data/src/core/lib/event_engine/windows/windows_listener.h +155 -0
  147. data/src/core/lib/experiments/config.cc +3 -10
  148. data/src/core/lib/experiments/experiments.cc +7 -0
  149. data/src/core/lib/experiments/experiments.h +9 -1
  150. data/src/core/lib/gpr/log.cc +15 -28
  151. data/src/core/lib/gprpp/fork.cc +8 -14
  152. data/src/core/lib/gprpp/orphanable.h +4 -3
  153. data/src/core/lib/gprpp/per_cpu.h +9 -3
  154. data/src/core/lib/gprpp/{thd_posix.cc → posix/thd.cc} +49 -37
  155. data/src/core/lib/gprpp/ref_counted.h +33 -34
  156. data/src/core/lib/gprpp/thd.h +16 -0
  157. data/src/core/lib/gprpp/time.cc +1 -0
  158. data/src/core/lib/gprpp/time.h +4 -4
  159. data/src/core/lib/gprpp/{thd_windows.cc → windows/thd.cc} +2 -2
  160. data/src/core/lib/iomgr/call_combiner.h +2 -2
  161. data/src/core/lib/iomgr/endpoint_cfstream.cc +4 -2
  162. data/src/core/lib/iomgr/ev_posix.cc +13 -53
  163. data/src/core/lib/iomgr/ev_posix.h +0 -3
  164. data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +103 -76
  165. data/src/core/lib/iomgr/iomgr.cc +4 -8
  166. data/src/core/lib/iomgr/iomgr_windows.cc +8 -2
  167. data/src/core/lib/iomgr/pollset_set_windows.cc +9 -9
  168. data/src/core/lib/iomgr/pollset_windows.cc +1 -1
  169. data/src/core/lib/iomgr/socket_utils_common_posix.cc +16 -3
  170. data/src/core/lib/iomgr/tcp_client_windows.cc +2 -2
  171. data/src/core/lib/iomgr/tcp_posix.cc +0 -1
  172. data/src/core/lib/iomgr/tcp_server_posix.cc +5 -16
  173. data/src/core/lib/iomgr/tcp_server_windows.cc +176 -9
  174. data/src/core/lib/iomgr/tcp_windows.cc +12 -8
  175. data/src/core/lib/load_balancing/lb_policy.cc +9 -13
  176. data/src/core/lib/load_balancing/lb_policy.h +4 -2
  177. data/src/core/lib/promise/activity.cc +22 -6
  178. data/src/core/lib/promise/activity.h +61 -24
  179. data/src/core/lib/promise/cancel_callback.h +77 -0
  180. data/src/core/lib/promise/detail/basic_seq.h +1 -1
  181. data/src/core/lib/promise/detail/promise_factory.h +4 -0
  182. data/src/core/lib/promise/for_each.h +176 -0
  183. data/src/core/lib/promise/if.h +9 -0
  184. data/src/core/lib/promise/interceptor_list.h +23 -2
  185. data/src/core/lib/promise/latch.h +89 -3
  186. data/src/core/lib/promise/loop.h +13 -9
  187. data/src/core/lib/promise/map.h +7 -0
  188. data/src/core/lib/promise/party.cc +286 -0
  189. data/src/core/lib/promise/party.h +499 -0
  190. data/src/core/lib/promise/pipe.h +197 -57
  191. data/src/core/lib/promise/poll.h +48 -0
  192. data/src/core/lib/promise/promise.h +2 -2
  193. data/src/core/lib/resource_quota/arena.cc +19 -3
  194. data/src/core/lib/resource_quota/arena.h +119 -5
  195. data/src/core/lib/resource_quota/memory_quota.cc +1 -1
  196. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +12 -35
  197. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -0
  198. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -59
  199. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -5
  200. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
  201. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +13 -0
  202. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +2 -0
  203. data/src/core/lib/security/security_connector/load_system_roots_supported.cc +5 -9
  204. data/src/core/lib/security/security_connector/ssl_utils.cc +11 -25
  205. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +12 -0
  206. data/src/core/lib/security/transport/secure_endpoint.cc +4 -2
  207. data/src/core/lib/security/transport/server_auth_filter.cc +20 -2
  208. data/src/core/lib/slice/slice.cc +1 -1
  209. data/src/core/lib/surface/builtins.cc +2 -0
  210. data/src/core/lib/surface/call.cc +926 -1024
  211. data/src/core/lib/surface/call.h +10 -0
  212. data/src/core/lib/surface/lame_client.cc +1 -0
  213. data/src/core/lib/surface/validate_metadata.cc +42 -43
  214. data/src/core/lib/surface/validate_metadata.h +0 -9
  215. data/src/core/lib/surface/version.cc +2 -2
  216. data/src/core/lib/transport/batch_builder.cc +179 -0
  217. data/src/core/lib/transport/batch_builder.h +468 -0
  218. data/src/core/lib/transport/bdp_estimator.cc +7 -7
  219. data/src/core/lib/transport/bdp_estimator.h +10 -6
  220. data/src/core/lib/transport/custom_metadata.h +30 -0
  221. data/src/core/lib/transport/metadata_batch.cc +5 -2
  222. data/src/core/lib/transport/metadata_batch.h +17 -113
  223. data/src/core/lib/transport/parsed_metadata.h +6 -16
  224. data/src/core/lib/transport/timeout_encoding.cc +6 -1
  225. data/src/core/lib/transport/transport.cc +30 -2
  226. data/src/core/lib/transport/transport.h +70 -14
  227. data/src/core/lib/transport/transport_impl.h +7 -0
  228. data/src/core/lib/transport/transport_op_string.cc +52 -42
  229. data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -2
  230. data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -0
  231. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +21 -4
  232. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +5 -0
  233. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +1 -1
  234. data/src/core/tsi/ssl_transport_security.cc +4 -2
  235. data/src/ruby/lib/grpc/version.rb +1 -1
  236. data/third_party/abseil-cpp/absl/base/config.h +1 -1
  237. data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +34 -0
  238. data/third_party/abseil-cpp/absl/flags/commandlineflag.h +200 -0
  239. data/third_party/abseil-cpp/absl/flags/config.h +68 -0
  240. data/third_party/abseil-cpp/absl/flags/declare.h +73 -0
  241. data/third_party/abseil-cpp/absl/flags/flag.cc +38 -0
  242. data/third_party/abseil-cpp/absl/flags/flag.h +310 -0
  243. data/{src/core/lib/gprpp/global_config_custom.h → third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc} +11 -14
  244. data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.h +68 -0
  245. data/third_party/abseil-cpp/absl/flags/internal/flag.cc +615 -0
  246. data/third_party/abseil-cpp/absl/flags/internal/flag.h +800 -0
  247. data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +116 -0
  248. data/third_party/abseil-cpp/absl/flags/internal/path_util.h +62 -0
  249. data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +65 -0
  250. data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +61 -0
  251. data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +60 -0
  252. data/third_party/abseil-cpp/absl/flags/internal/program_name.h +50 -0
  253. data/third_party/abseil-cpp/absl/flags/internal/registry.h +97 -0
  254. data/third_party/abseil-cpp/absl/flags/internal/sequence_lock.h +187 -0
  255. data/third_party/abseil-cpp/absl/flags/marshalling.cc +241 -0
  256. data/third_party/abseil-cpp/absl/flags/marshalling.h +356 -0
  257. data/third_party/abseil-cpp/absl/flags/reflection.cc +354 -0
  258. data/third_party/abseil-cpp/absl/flags/reflection.h +90 -0
  259. data/third_party/abseil-cpp/absl/flags/usage_config.cc +165 -0
  260. data/third_party/abseil-cpp/absl/flags/usage_config.h +135 -0
  261. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +12 -8
  262. data/third_party/boringssl-with-bazel/err_data.c +728 -712
  263. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +177 -177
  264. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +28 -55
  265. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +21 -23
  266. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +20 -23
  267. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +66 -185
  268. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +18 -21
  269. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +356 -311
  270. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +174 -194
  271. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +146 -210
  272. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +6 -9
  273. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +346 -526
  274. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +110 -131
  275. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +130 -116
  276. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +93 -60
  277. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +93 -181
  278. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +242 -305
  279. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +41 -18
  280. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +30 -33
  281. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +36 -33
  282. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +29 -26
  283. data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +133 -88
  284. data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +230 -0
  285. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +791 -791
  286. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +526 -526
  287. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +114 -135
  288. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +201 -207
  289. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +21 -26
  290. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +55 -68
  291. data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +2 -4
  292. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +11 -7
  293. data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +4 -4
  294. data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +15 -9
  295. data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +4 -4
  296. data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +17 -10
  297. data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -3
  298. data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -13
  299. data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -6
  300. data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -0
  301. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +9 -5
  302. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +10 -23
  303. data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +2 -6
  304. data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +2 -1
  305. data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +29 -28
  306. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +161 -201
  307. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +254 -39
  308. data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +2 -2
  309. data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -2
  310. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +4 -4
  311. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +9 -8
  312. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +37 -75
  313. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +8 -10
  314. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/cipher → cipher_extra}/e_des.c +100 -78
  315. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +1 -0
  316. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +1 -0
  317. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +2 -0
  318. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +6 -12
  319. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +14 -11
  320. data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +6 -10
  321. data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -1
  322. data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +12 -0
  323. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +74 -0
  324. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +62 -0
  325. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-fuchsia.c → cpu_aarch64_fuchsia.c} +8 -7
  326. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-linux.c → cpu_aarch64_linux.c} +6 -4
  327. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-win.c → cpu_aarch64_win.c} +4 -4
  328. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm.c → cpu_arm.c} +1 -1
  329. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +55 -0
  330. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.c → cpu_arm_linux.c} +11 -90
  331. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.h → cpu_arm_linux.h} +0 -38
  332. data/third_party/boringssl-with-bazel/src/crypto/{cpu-intel.c → cpu_intel.c} +1 -2
  333. data/third_party/boringssl-with-bazel/src/crypto/crypto.c +25 -20
  334. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +16 -27
  335. data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +17 -32
  336. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/des.c +232 -232
  337. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/internal.h +1 -1
  338. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +1 -0
  339. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +232 -29
  340. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -3
  341. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +39 -16
  342. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +37 -7
  343. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
  344. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +11 -36
  345. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +214 -99
  346. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +21 -5
  347. data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +2 -4
  348. data/third_party/boringssl-with-bazel/src/crypto/err/err.c +83 -60
  349. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +46 -12
  350. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +3 -3
  351. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +25 -23
  352. data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +43 -9
  353. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +75 -44
  354. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +19 -25
  355. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +96 -45
  356. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +7 -8
  357. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +26 -23
  358. data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +233 -0
  359. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +5 -5
  360. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +42 -25
  361. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +4 -5
  362. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +35 -47
  363. data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +135 -244
  364. data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +2 -4
  365. data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +15 -10
  366. data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +29 -15
  367. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -2
  368. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +13 -14
  369. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +3 -13
  370. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +13 -7
  371. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +9 -7
  372. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +35 -27
  373. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +16 -26
  374. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +88 -60
  375. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +4 -3
  376. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -2
  377. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +1 -1
  378. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
  379. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +99 -113
  380. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -1
  381. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +5 -3
  382. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +112 -168
  383. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +86 -31
  384. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +11 -6
  385. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +4 -5
  386. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +4 -5
  387. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +13 -0
  388. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +13 -5
  389. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +19 -108
  390. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +19 -15
  391. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +15 -16
  392. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +22 -21
  393. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +3 -0
  394. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +79 -19
  395. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +102 -99
  396. data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → fipsmodule/cipher}/e_aesccm.c +52 -46
  397. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +39 -0
  398. data/third_party/boringssl-with-bazel/src/crypto/{cmac → fipsmodule/cmac}/cmac.c +55 -11
  399. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +2 -3
  400. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +21 -6
  401. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +56 -0
  402. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +5 -3
  403. data/third_party/boringssl-with-bazel/src/crypto/{evp → fipsmodule/digestsign}/digestsign.c +51 -15
  404. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +25 -25
  405. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +91 -17
  406. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +5 -5
  407. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +34 -12
  408. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +54 -23
  409. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +44 -60
  410. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64-table.h → p256-nistz-table.h} +1 -1
  411. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.c → p256-nistz.c} +60 -53
  412. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.h → p256-nistz.h} +5 -13
  413. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +48 -36
  414. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +2 -8
  415. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +2 -7
  416. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +2 -3
  417. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -1
  418. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +8 -0
  419. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +42 -14
  420. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +6 -0
  421. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +52 -24
  422. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +9 -15
  423. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +1 -4
  424. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +2 -4
  425. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +71 -43
  426. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +14 -16
  427. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -4
  428. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +31 -13
  429. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +16 -8
  430. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +3 -2
  431. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +2 -2
  432. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +9 -38
  433. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +73 -59
  434. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -45
  435. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -1
  436. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +22 -0
  437. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +63 -52
  438. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +107 -62
  439. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +58 -31
  440. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +41 -0
  441. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +523 -422
  442. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +89 -0
  443. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +334 -0
  444. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +3 -12
  445. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +2 -0
  446. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +12 -8
  447. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +14 -12
  448. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +19 -6
  449. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +32 -14
  450. data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +65 -29
  451. data/third_party/boringssl-with-bazel/src/crypto/internal.h +373 -18
  452. data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +61 -0
  453. data/third_party/boringssl-with-bazel/src/crypto/kyber/keccak.c +205 -0
  454. data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +13 -1
  455. data/third_party/boringssl-with-bazel/src/crypto/mem.c +220 -13
  456. data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -7
  457. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +13 -1
  458. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +81 -90
  459. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +150 -245
  460. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +629 -613
  461. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +17 -17
  462. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +142 -149
  463. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +99 -131
  464. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -1
  465. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -1
  466. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -1
  467. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -3
  468. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -66
  469. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +31 -38
  470. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +2 -1
  471. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +18 -31
  472. data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
  473. data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +8 -1
  474. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +129 -5
  475. data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +0 -2
  476. data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +3 -4
  477. data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +8 -11
  478. data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +61 -27
  479. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +10 -13
  480. data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +10 -13
  481. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +66 -34
  482. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +190 -77
  483. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +81 -284
  484. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +109 -42
  485. data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +22 -24
  486. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +54 -55
  487. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +32 -34
  488. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +32 -16
  489. data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +465 -704
  490. data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +284 -331
  491. data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +183 -178
  492. data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +11 -15
  493. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +67 -50
  494. data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +153 -150
  495. data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +786 -0
  496. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +95 -102
  497. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +72 -57
  498. data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +12 -10
  499. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +227 -252
  500. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +52 -47
  501. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +3 -4
  502. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +230 -224
  503. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +161 -327
  504. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +37 -33
  505. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +14 -31
  506. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +55 -85
  507. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +534 -618
  508. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +129 -122
  509. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +116 -182
  510. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +132 -132
  511. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +181 -202
  512. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +64 -79
  513. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +175 -160
  514. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1865 -2050
  515. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +433 -462
  516. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +156 -163
  517. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +267 -263
  518. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +40 -15
  519. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +59 -63
  520. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +63 -67
  521. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +114 -144
  522. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +25 -26
  523. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +326 -415
  524. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +8 -7
  525. data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +30 -28
  526. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +354 -370
  527. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +37 -32
  528. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +116 -119
  529. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +36 -26
  530. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +3 -4
  531. data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +10 -13
  532. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +3 -4
  533. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +419 -261
  534. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +113 -105
  535. data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +11 -15
  536. data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +78 -170
  537. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +126 -131
  538. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +3 -4
  539. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +465 -469
  540. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +56 -54
  541. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +46 -49
  542. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +309 -346
  543. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +341 -365
  544. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +429 -393
  545. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +29 -24
  546. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +65 -59
  547. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +125 -121
  548. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +43 -42
  549. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +122 -125
  550. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +50 -20
  551. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +247 -253
  552. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +386 -389
  553. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +45 -32
  554. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +57 -54
  555. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +63 -67
  556. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +143 -136
  557. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +664 -707
  558. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +83 -75
  559. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1062 -1146
  560. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +8 -4
  561. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +28 -48
  562. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +211 -187
  563. data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +26 -78
  564. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +19 -14
  565. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +21 -2
  566. data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +49 -17
  567. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +99 -29
  568. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +49 -60
  569. data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +2 -15
  570. data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +16 -200
  571. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +34 -0
  572. data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +82 -0
  573. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +32 -30
  574. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +7 -0
  575. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
  576. data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +48 -5
  577. data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +37 -8
  578. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -0
  579. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +33 -5
  580. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +22 -30
  581. data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
  582. data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +7 -0
  583. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +41 -16
  584. data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +91 -0
  585. data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +74 -8
  586. data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +13 -0
  587. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -0
  588. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +11 -15
  589. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +8 -0
  590. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +12 -1
  591. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +7 -4
  592. data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +96 -0
  593. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +13 -21
  594. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +139 -75
  595. data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -6
  596. data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +384 -286
  597. data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +5 -6
  598. data/third_party/boringssl-with-bazel/src/include/openssl/time.h +41 -0
  599. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +18 -7
  600. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +49 -23
  601. data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +0 -11
  602. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1592 -1074
  603. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +202 -205
  604. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -2
  605. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +6 -13
  606. data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +17 -18
  607. data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +4 -5
  608. data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +25 -33
  609. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +34 -20
  610. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +65 -34
  611. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +198 -54
  612. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +5 -5
  613. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +32 -28
  614. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +76 -44
  615. data/third_party/boringssl-with-bazel/src/ssl/internal.h +130 -98
  616. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +27 -11
  617. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
  618. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +91 -75
  619. data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +8 -10
  620. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +39 -65
  621. data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -0
  622. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +5 -9
  623. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +30 -33
  624. data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +77 -100
  625. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +120 -107
  626. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +164 -30
  627. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +150 -60
  628. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +22 -11
  629. data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +22 -6
  630. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +15 -13
  631. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +5 -43
  632. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +7 -4
  633. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +2 -2
  634. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +22 -34
  635. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +2 -2
  636. data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +16 -98
  637. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +1241 -657
  638. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +751 -398
  639. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3551 -1938
  640. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1272 -487
  641. metadata +103 -70
  642. data/src/core/ext/filters/client_channel/lb_call_state_internal.h +0 -39
  643. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +0 -30
  644. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +0 -29
  645. data/src/core/lib/gprpp/global_config.h +0 -93
  646. data/src/core/lib/gprpp/global_config_env.cc +0 -140
  647. data/src/core/lib/gprpp/global_config_env.h +0 -133
  648. data/src/core/lib/gprpp/global_config_generic.h +0 -40
  649. data/src/core/lib/promise/intra_activity_waiter.h +0 -55
  650. data/src/core/lib/security/security_connector/ssl_utils_config.cc +0 -32
  651. data/src/core/lib/security/security_connector/ssl_utils_config.h +0 -29
  652. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +0 -195
  653. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +0 -83
  654. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +0 -236
  655. data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +0 -15
  656. data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +0 -206
  657. data/third_party/boringssl-with-bazel/src/crypto/cpu-ppc64le.c +0 -38
  658. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +0 -361
  659. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +0 -287
  660. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +0 -132
  661. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +0 -155
  662. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +0 -131
  663. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +0 -189
  664. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +0 -843
  665. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +0 -289
  666. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +0 -57
  667. /data/src/core/lib/gpr/{log_android.cc → android/log.cc} +0 -0
  668. /data/src/core/lib/gpr/{cpu_iphone.cc → iphone/cpu.cc} +0 -0
  669. /data/src/core/lib/gpr/{cpu_linux.cc → linux/cpu.cc} +0 -0
  670. /data/src/core/lib/gpr/{log_linux.cc → linux/log.cc} +0 -0
  671. /data/src/core/lib/gpr/{tmpfile_msys.cc → msys/tmpfile.cc} +0 -0
  672. /data/src/core/lib/gpr/{cpu_posix.cc → posix/cpu.cc} +0 -0
  673. /data/src/core/lib/gpr/{log_posix.cc → posix/log.cc} +0 -0
  674. /data/src/core/lib/gpr/{string_posix.cc → posix/string.cc} +0 -0
  675. /data/src/core/lib/gpr/{sync_posix.cc → posix/sync.cc} +0 -0
  676. /data/src/core/lib/gpr/{time_posix.cc → posix/time.cc} +0 -0
  677. /data/src/core/lib/gpr/{tmpfile_posix.cc → posix/tmpfile.cc} +0 -0
  678. /data/src/core/lib/gpr/{cpu_windows.cc → windows/cpu.cc} +0 -0
  679. /data/src/core/lib/gpr/{log_windows.cc → windows/log.cc} +0 -0
  680. /data/src/core/lib/gpr/{string_windows.cc → windows/string.cc} +0 -0
  681. /data/src/core/lib/gpr/{string_util_windows.cc → windows/string_util.cc} +0 -0
  682. /data/src/core/lib/gpr/{sync_windows.cc → windows/sync.cc} +0 -0
  683. /data/src/core/lib/gpr/{time_windows.cc → windows/time.cc} +0 -0
  684. /data/src/core/lib/gpr/{tmpfile_windows.cc → windows/tmpfile.cc} +0 -0
  685. /data/src/core/lib/gprpp/{env_linux.cc → linux/env.cc} +0 -0
  686. /data/src/core/lib/gprpp/{env_posix.cc → posix/env.cc} +0 -0
  687. /data/src/core/lib/gprpp/{stat_posix.cc → posix/stat.cc} +0 -0
  688. /data/src/core/lib/gprpp/{env_windows.cc → windows/env.cc} +0 -0
  689. /data/src/core/lib/gprpp/{stat_windows.cc → windows/stat.cc} +0 -0
@@ -52,7 +52,6 @@
52
52
  #include <string.h>
53
53
 
54
54
  #include <openssl/mem.h>
55
- #include <openssl/cpu.h>
56
55
 
57
56
  #include "internal.h"
58
57
  #include "../../internal.h"
@@ -133,81 +132,107 @@ void gcm_init_ssse3(u128 Htable[16], const uint64_t H[2]) {
133
132
  (*gcm_ghash_p)((ctx)->Xi.u, (ctx)->gcm_key.Htable, in, len)
134
133
  #endif // GCM_FUNCREF
135
134
 
135
+ #if defined(HW_GCM) && defined(OPENSSL_X86_64)
136
+ static size_t hw_gcm_encrypt(const uint8_t *in, uint8_t *out, size_t len,
137
+ const AES_KEY *key, uint8_t ivec[16],
138
+ uint64_t *Xi) {
139
+ return aesni_gcm_encrypt(in, out, len, key, ivec, Xi);
140
+ }
141
+
142
+ static size_t hw_gcm_decrypt(const uint8_t *in, uint8_t *out, size_t len,
143
+ const AES_KEY *key, uint8_t ivec[16],
144
+ uint64_t *Xi) {
145
+ return aesni_gcm_decrypt(in, out, len, key, ivec, Xi);
146
+ }
147
+ #endif // HW_GCM && X86_64
148
+
149
+ #if defined(HW_GCM) && defined(OPENSSL_AARCH64)
150
+
151
+ static size_t hw_gcm_encrypt(const uint8_t *in, uint8_t *out, size_t len,
152
+ const AES_KEY *key, uint8_t ivec[16],
153
+ uint64_t *Xi) {
154
+ const size_t len_blocks = len & kSizeTWithoutLower4Bits;
155
+ if (!len_blocks) {
156
+ return 0;
157
+ }
158
+ aes_gcm_enc_kernel(in, len_blocks * 8, out, Xi, ivec, key);
159
+ return len_blocks;
160
+ }
161
+
162
+ static size_t hw_gcm_decrypt(const uint8_t *in, uint8_t *out, size_t len,
163
+ const AES_KEY *key, uint8_t ivec[16],
164
+ uint64_t *Xi) {
165
+ const size_t len_blocks = len & kSizeTWithoutLower4Bits;
166
+ if (!len_blocks) {
167
+ return 0;
168
+ }
169
+ aes_gcm_dec_kernel(in, len_blocks * 8, out, Xi, ivec, key);
170
+ return len_blocks;
171
+ }
172
+
173
+ #endif // HW_GCM && AARCH64
174
+
136
175
  void CRYPTO_ghash_init(gmult_func *out_mult, ghash_func *out_hash,
137
176
  u128 *out_key, u128 out_table[16], int *out_is_avx,
138
177
  const uint8_t gcm_key[16]) {
139
178
  *out_is_avx = 0;
140
179
 
141
- union {
142
- uint64_t u[2];
143
- uint8_t c[16];
144
- } H;
145
-
146
- OPENSSL_memcpy(H.c, gcm_key, 16);
147
-
148
- // H is stored in host byte order
149
- H.u[0] = CRYPTO_bswap8(H.u[0]);
150
- H.u[1] = CRYPTO_bswap8(H.u[1]);
151
-
152
- OPENSSL_memcpy(out_key, H.c, 16);
180
+ // H is stored in host byte order.
181
+ uint64_t H[2] = {CRYPTO_load_u64_be(gcm_key),
182
+ CRYPTO_load_u64_be(gcm_key + 8)};
183
+ out_key->hi = H[0];
184
+ out_key->lo = H[1];
153
185
 
154
186
  #if defined(GHASH_ASM_X86_64)
155
187
  if (crypto_gcm_clmul_enabled()) {
156
- if (((OPENSSL_ia32cap_get()[1] >> 22) & 0x41) == 0x41) { // AVX+MOVBE
157
- gcm_init_avx(out_table, H.u);
188
+ if (CRYPTO_is_AVX_capable() && CRYPTO_is_MOVBE_capable()) {
189
+ gcm_init_avx(out_table, H);
158
190
  *out_mult = gcm_gmult_avx;
159
191
  *out_hash = gcm_ghash_avx;
160
192
  *out_is_avx = 1;
161
193
  return;
162
194
  }
163
- gcm_init_clmul(out_table, H.u);
195
+ gcm_init_clmul(out_table, H);
164
196
  *out_mult = gcm_gmult_clmul;
165
197
  *out_hash = gcm_ghash_clmul;
166
198
  return;
167
199
  }
168
- if (gcm_ssse3_capable()) {
169
- gcm_init_ssse3(out_table, H.u);
200
+ if (CRYPTO_is_SSSE3_capable()) {
201
+ gcm_init_ssse3(out_table, H);
170
202
  *out_mult = gcm_gmult_ssse3;
171
203
  *out_hash = gcm_ghash_ssse3;
172
204
  return;
173
205
  }
174
206
  #elif defined(GHASH_ASM_X86)
175
207
  if (crypto_gcm_clmul_enabled()) {
176
- gcm_init_clmul(out_table, H.u);
208
+ gcm_init_clmul(out_table, H);
177
209
  *out_mult = gcm_gmult_clmul;
178
210
  *out_hash = gcm_ghash_clmul;
179
211
  return;
180
212
  }
181
- if (gcm_ssse3_capable()) {
182
- gcm_init_ssse3(out_table, H.u);
213
+ if (CRYPTO_is_SSSE3_capable()) {
214
+ gcm_init_ssse3(out_table, H);
183
215
  *out_mult = gcm_gmult_ssse3;
184
216
  *out_hash = gcm_ghash_ssse3;
185
217
  return;
186
218
  }
187
219
  #elif defined(GHASH_ASM_ARM)
188
220
  if (gcm_pmull_capable()) {
189
- gcm_init_v8(out_table, H.u);
221
+ gcm_init_v8(out_table, H);
190
222
  *out_mult = gcm_gmult_v8;
191
223
  *out_hash = gcm_ghash_v8;
192
224
  return;
193
225
  }
194
226
 
195
227
  if (gcm_neon_capable()) {
196
- gcm_init_neon(out_table, H.u);
228
+ gcm_init_neon(out_table, H);
197
229
  *out_mult = gcm_gmult_neon;
198
230
  *out_hash = gcm_ghash_neon;
199
231
  return;
200
232
  }
201
- #elif defined(GHASH_ASM_PPC64LE)
202
- if (CRYPTO_is_PPC64LE_vcrypto_capable()) {
203
- gcm_init_p8(out_table, H.u);
204
- *out_mult = gcm_gmult_p8;
205
- *out_hash = gcm_ghash_p8;
206
- return;
207
- }
208
233
  #endif
209
234
 
210
- gcm_init_nohw(out_table, H.u);
235
+ gcm_init_nohw(out_table, H);
211
236
  *out_mult = gcm_gmult_nohw;
212
237
  *out_hash = gcm_ghash_nohw;
213
238
  }
@@ -225,7 +250,12 @@ void CRYPTO_gcm128_init_key(GCM128_KEY *gcm_key, const AES_KEY *aes_key,
225
250
  CRYPTO_ghash_init(&gcm_key->gmult, &gcm_key->ghash, &gcm_key->H,
226
251
  gcm_key->Htable, &is_avx, ghash_key);
227
252
 
228
- gcm_key->use_aesni_gcm_crypt = (is_avx && block_is_hwaes) ? 1 : 0;
253
+ #if defined(OPENSSL_AARCH64) && !defined(OPENSSL_NO_ASM)
254
+ gcm_key->use_hw_gcm_crypt = (gcm_pmull_capable() && block_is_hwaes) ? 1 :
255
+ 0;
256
+ #else
257
+ gcm_key->use_hw_gcm_crypt = (is_avx && block_is_hwaes) ? 1 : 0;
258
+ #endif
229
259
  }
230
260
 
231
261
  void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const AES_KEY *key,
@@ -552,12 +582,12 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, const AES_KEY *key,
552
582
  }
553
583
  }
554
584
 
555
- #if defined(AESNI_GCM)
585
+ #if defined(HW_GCM)
556
586
  // Check |len| to work around a C language bug. See https://crbug.com/1019588.
557
- if (ctx->gcm_key.use_aesni_gcm_crypt && len > 0) {
558
- // |aesni_gcm_encrypt| may not process all the input given to it. It may
587
+ if (ctx->gcm_key.use_hw_gcm_crypt && len > 0) {
588
+ // |hw_gcm_encrypt| may not process all the input given to it. It may
559
589
  // not process *any* of its input if it is deemed too small.
560
- size_t bulk = aesni_gcm_encrypt(in, out, len, key, ctx->Yi.c, ctx->Xi.u);
590
+ size_t bulk = hw_gcm_encrypt(in, out, len, key, ctx->Yi.c, ctx->Xi.u);
561
591
  in += bulk;
562
592
  out += bulk;
563
593
  len -= bulk;
@@ -640,12 +670,12 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, const AES_KEY *key,
640
670
  }
641
671
  }
642
672
 
643
- #if defined(AESNI_GCM)
673
+ #if defined(HW_GCM)
644
674
  // Check |len| to work around a C language bug. See https://crbug.com/1019588.
645
- if (ctx->gcm_key.use_aesni_gcm_crypt && len > 0) {
646
- // |aesni_gcm_decrypt| may not process all the input given to it. It may
675
+ if (ctx->gcm_key.use_hw_gcm_crypt && len > 0) {
676
+ // |hw_gcm_decrypt| may not process all the input given to it. It may
647
677
  // not process *any* of its input if it is deemed too small.
648
- size_t bulk = aesni_gcm_decrypt(in, out, len, key, ctx->Yi.c, ctx->Xi.u);
678
+ size_t bulk = hw_gcm_decrypt(in, out, len, key, ctx->Yi.c, ctx->Xi.u);
649
679
  in += bulk;
650
680
  out += bulk;
651
681
  len -= bulk;
@@ -723,9 +753,7 @@ void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len) {
723
753
  #if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
724
754
  int crypto_gcm_clmul_enabled(void) {
725
755
  #if defined(GHASH_ASM_X86) || defined(GHASH_ASM_X86_64)
726
- const uint32_t *ia32cap = OPENSSL_ia32cap_get();
727
- return (ia32cap[0] & (1 << 24)) && // check FXSR bit
728
- (ia32cap[1] & (1 << 1)); // check PCLMULQDQ bit
756
+ return CRYPTO_is_FXSR_capable() && CRYPTO_is_PCLMUL_capable();
729
757
  #else
730
758
  return 0;
731
759
  #endif
@@ -52,7 +52,6 @@
52
52
  #include <openssl/base.h>
53
53
 
54
54
  #include <openssl/aes.h>
55
- #include <openssl/cpu.h>
56
55
 
57
56
  #include <stdlib.h>
58
57
  #include <string.h>
@@ -137,9 +136,9 @@ typedef struct gcm128_key_st {
137
136
 
138
137
  block128_f block;
139
138
 
140
- // use_aesni_gcm_crypt is true if this context should use the assembly
141
- // functions |aesni_gcm_encrypt| and |aesni_gcm_decrypt| to process data.
142
- unsigned use_aesni_gcm_crypt:1;
139
+ // use_hw_gcm_crypt is true if this context should use platform-specific
140
+ // assembly to process GCM data.
141
+ unsigned use_hw_gcm_crypt:1;
143
142
  } GCM128_KEY;
144
143
 
145
144
  // GCM128_CONTEXT contains state for a single GCM operation. The structure
@@ -254,10 +253,6 @@ void gcm_gmult_clmul(uint64_t Xi[2], const u128 Htable[16]);
254
253
  void gcm_ghash_clmul(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp,
255
254
  size_t len);
256
255
 
257
- OPENSSL_INLINE char gcm_ssse3_capable(void) {
258
- return (OPENSSL_ia32cap_get()[1] & (1 << (41 - 32))) != 0;
259
- }
260
-
261
256
  // |gcm_gmult_ssse3| and |gcm_ghash_ssse3| require |Htable| to be
262
257
  // 16-byte-aligned, but |gcm_init_ssse3| does not.
263
258
  void gcm_init_ssse3(u128 Htable[16], const uint64_t Xi[2]);
@@ -272,7 +267,7 @@ void gcm_gmult_avx(uint64_t Xi[2], const u128 Htable[16]);
272
267
  void gcm_ghash_avx(uint64_t Xi[2], const u128 Htable[16], const uint8_t *in,
273
268
  size_t len);
274
269
 
275
- #define AESNI_GCM
270
+ #define HW_GCM
276
271
  size_t aesni_gcm_encrypt(const uint8_t *in, uint8_t *out, size_t len,
277
272
  const AES_KEY *key, uint8_t ivec[16], uint64_t *Xi);
278
273
  size_t aesni_gcm_decrypt(const uint8_t *in, uint8_t *out, size_t len,
@@ -284,6 +279,7 @@ size_t aesni_gcm_decrypt(const uint8_t *in, uint8_t *out, size_t len,
284
279
  #endif // OPENSSL_X86
285
280
 
286
281
  #elif defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)
282
+
287
283
  #define GHASH_ASM_ARM
288
284
  #define GCM_FUNCREF
289
285
 
@@ -303,13 +299,15 @@ void gcm_gmult_neon(uint64_t Xi[2], const u128 Htable[16]);
303
299
  void gcm_ghash_neon(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp,
304
300
  size_t len);
305
301
 
306
- #elif defined(OPENSSL_PPC64LE)
307
- #define GHASH_ASM_PPC64LE
308
- #define GCM_FUNCREF
309
- void gcm_init_p8(u128 Htable[16], const uint64_t Xi[2]);
310
- void gcm_gmult_p8(uint64_t Xi[2], const u128 Htable[16]);
311
- void gcm_ghash_p8(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp,
312
- size_t len);
302
+ #if defined(OPENSSL_AARCH64)
303
+ #define HW_GCM
304
+ // These functions are defined in aesv8-gcm-armv8.pl.
305
+ void aes_gcm_enc_kernel(const uint8_t *in, uint64_t in_bits, void *out,
306
+ void *Xi, uint8_t *ivec, const AES_KEY *key);
307
+ void aes_gcm_dec_kernel(const uint8_t *in, uint64_t in_bits, void *out,
308
+ void *Xi, uint8_t *ivec, const AES_KEY *key);
309
+ #endif
310
+
313
311
  #endif
314
312
  #endif // OPENSSL_NO_ASM
315
313
 
@@ -46,16 +46,13 @@
46
46
  * OF THE POSSIBILITY OF SUCH DAMAGE.
47
47
  * ==================================================================== */
48
48
 
49
- #include <openssl/type_check.h>
50
-
51
49
  #include <assert.h>
52
50
  #include <string.h>
53
51
 
54
52
  #include "internal.h"
55
53
 
56
54
 
57
- OPENSSL_STATIC_ASSERT(16 % sizeof(size_t) == 0,
58
- "block cannot be divided into size_t");
55
+ static_assert(16 % sizeof(size_t) == 0, "block cannot be divided into size_t");
59
56
 
60
57
  void CRYPTO_ofb128_encrypt(const uint8_t *in, uint8_t *out, size_t len,
61
58
  const AES_KEY *key, uint8_t ivec[16], unsigned *num,
@@ -12,13 +12,15 @@
12
12
  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13
13
  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14
14
 
15
- #include <openssl/rand.h>
15
+ #include <openssl/ctrdrbg.h>
16
+
17
+ #include <assert.h>
16
18
 
17
- #include <openssl/type_check.h>
18
19
  #include <openssl/mem.h>
19
20
 
20
21
  #include "internal.h"
21
22
  #include "../cipher/internal.h"
23
+ #include "../service_indicator/internal.h"
22
24
 
23
25
 
24
26
  // Section references in this file refer to SP 800-90Ar1:
@@ -27,6 +29,21 @@
27
29
  // See table 3.
28
30
  static const uint64_t kMaxReseedCount = UINT64_C(1) << 48;
29
31
 
32
+ CTR_DRBG_STATE *CTR_DRBG_new(const uint8_t entropy[CTR_DRBG_ENTROPY_LEN],
33
+ const uint8_t *personalization,
34
+ size_t personalization_len) {
35
+ CTR_DRBG_STATE *drbg = OPENSSL_malloc(sizeof(CTR_DRBG_STATE));
36
+ if (drbg == NULL ||
37
+ !CTR_DRBG_init(drbg, entropy, personalization, personalization_len)) {
38
+ CTR_DRBG_free(drbg);
39
+ return NULL;
40
+ }
41
+
42
+ return drbg;
43
+ }
44
+
45
+ void CTR_DRBG_free(CTR_DRBG_STATE *state) { OPENSSL_free(state); }
46
+
30
47
  int CTR_DRBG_init(CTR_DRBG_STATE *drbg,
31
48
  const uint8_t entropy[CTR_DRBG_ENTROPY_LEN],
32
49
  const uint8_t *personalization, size_t personalization_len) {
@@ -58,20 +75,20 @@ int CTR_DRBG_init(CTR_DRBG_STATE *drbg,
58
75
  }
59
76
 
60
77
  drbg->ctr = aes_ctr_set_key(&drbg->ks, NULL, &drbg->block, seed_material, 32);
61
- OPENSSL_memcpy(drbg->counter.bytes, seed_material + 32, 16);
78
+ OPENSSL_memcpy(drbg->counter, seed_material + 32, 16);
62
79
  drbg->reseed_counter = 1;
63
80
 
64
81
  return 1;
65
82
  }
66
83
 
67
- OPENSSL_STATIC_ASSERT(CTR_DRBG_ENTROPY_LEN % AES_BLOCK_SIZE == 0,
68
- "not a multiple of AES block size");
84
+ static_assert(CTR_DRBG_ENTROPY_LEN % AES_BLOCK_SIZE == 0,
85
+ "not a multiple of AES block size");
69
86
 
70
87
  // ctr_inc adds |n| to the last four bytes of |drbg->counter|, treated as a
71
88
  // big-endian number.
72
89
  static void ctr32_add(CTR_DRBG_STATE *drbg, uint32_t n) {
73
- drbg->counter.words[3] =
74
- CRYPTO_bswap4(CRYPTO_bswap4(drbg->counter.words[3]) + n);
90
+ uint32_t ctr = CRYPTO_load_u32_be(drbg->counter + 12);
91
+ CRYPTO_store_u32_be(drbg->counter + 12, ctr + n);
75
92
  }
76
93
 
77
94
  static int ctr_drbg_update(CTR_DRBG_STATE *drbg, const uint8_t *data,
@@ -86,7 +103,7 @@ static int ctr_drbg_update(CTR_DRBG_STATE *drbg, const uint8_t *data,
86
103
  uint8_t temp[CTR_DRBG_ENTROPY_LEN];
87
104
  for (size_t i = 0; i < CTR_DRBG_ENTROPY_LEN; i += AES_BLOCK_SIZE) {
88
105
  ctr32_add(drbg, 1);
89
- drbg->block(drbg->counter.bytes, temp + i, &drbg->ks);
106
+ drbg->block(drbg->counter, temp + i, &drbg->ks);
90
107
  }
91
108
 
92
109
  for (size_t i = 0; i < data_len; i++) {
@@ -94,7 +111,7 @@ static int ctr_drbg_update(CTR_DRBG_STATE *drbg, const uint8_t *data,
94
111
  }
95
112
 
96
113
  drbg->ctr = aes_ctr_set_key(&drbg->ks, NULL, &drbg->block, temp, 32);
97
- OPENSSL_memcpy(drbg->counter.bytes, temp + 32, 16);
114
+ OPENSSL_memcpy(drbg->counter, temp + 32, 16);
98
115
 
99
116
  return 1;
100
117
  }
@@ -166,12 +183,12 @@ int CTR_DRBG_generate(CTR_DRBG_STATE *drbg, uint8_t *out, size_t out_len,
166
183
  if (drbg->ctr) {
167
184
  OPENSSL_memset(out, 0, todo);
168
185
  ctr32_add(drbg, 1);
169
- drbg->ctr(out, out, num_blocks, &drbg->ks, drbg->counter.bytes);
170
- ctr32_add(drbg, num_blocks - 1);
186
+ drbg->ctr(out, out, num_blocks, &drbg->ks, drbg->counter);
187
+ ctr32_add(drbg, (uint32_t)(num_blocks - 1));
171
188
  } else {
172
189
  for (size_t i = 0; i < todo; i += AES_BLOCK_SIZE) {
173
190
  ctr32_add(drbg, 1);
174
- drbg->block(drbg->counter.bytes, out + i, &drbg->ks);
191
+ drbg->block(drbg->counter, out + i, &drbg->ks);
175
192
  }
176
193
  }
177
194
 
@@ -182,7 +199,7 @@ int CTR_DRBG_generate(CTR_DRBG_STATE *drbg, uint8_t *out, size_t out_len,
182
199
  if (out_len > 0) {
183
200
  uint8_t block[AES_BLOCK_SIZE];
184
201
  ctr32_add(drbg, 1);
185
- drbg->block(drbg->counter.bytes, block, &drbg->ks);
202
+ drbg->block(drbg->counter, block, &drbg->ks);
186
203
 
187
204
  OPENSSL_memcpy(out, block, out_len);
188
205
  }
@@ -194,6 +211,7 @@ int CTR_DRBG_generate(CTR_DRBG_STATE *drbg, uint8_t *out, size_t out_len,
194
211
  }
195
212
 
196
213
  drbg->reseed_counter++;
214
+ FIPS_service_indicator_update_state();
197
215
  return 1;
198
216
  }
199
217
 
@@ -21,18 +21,17 @@
21
21
  #include "fork_detect.h"
22
22
 
23
23
  #if defined(OPENSSL_LINUX)
24
+ #include <assert.h>
24
25
  #include <sys/mman.h>
25
26
  #include <unistd.h>
26
27
  #include <stdlib.h>
27
28
 
28
- #include <openssl/type_check.h>
29
-
30
29
  #include "../delocate.h"
31
30
  #include "../../internal.h"
32
31
 
33
32
 
34
33
  #if defined(MADV_WIPEONFORK)
35
- OPENSSL_STATIC_ASSERT(MADV_WIPEONFORK == 18, "MADV_WIPEONFORK is not 18");
34
+ static_assert(MADV_WIPEONFORK == 18, "MADV_WIPEONFORK is not 18");
36
35
  #else
37
36
  #define MADV_WIPEONFORK 18
38
37
  #endif
@@ -41,10 +40,11 @@ DEFINE_STATIC_ONCE(g_fork_detect_once);
41
40
  DEFINE_STATIC_MUTEX(g_fork_detect_lock);
42
41
  DEFINE_BSS_GET(volatile char *, g_fork_detect_addr);
43
42
  DEFINE_BSS_GET(uint64_t, g_fork_generation);
44
- DEFINE_BSS_GET(int, g_ignore_madv_wipeonfork);
43
+ DEFINE_BSS_GET(int, g_force_madv_wipeonfork);
44
+ DEFINE_BSS_GET(int, g_force_madv_wipeonfork_enabled);
45
45
 
46
46
  static void init_fork_detect(void) {
47
- if (*g_ignore_madv_wipeonfork_bss_get()) {
47
+ if (*g_force_madv_wipeonfork_bss_get()) {
48
48
  return;
49
49
  }
50
50
 
@@ -94,7 +94,14 @@ uint64_t CRYPTO_get_fork_generation(void) {
94
94
  // not assume that it has exclusive access to it.
95
95
  volatile char *const flag_ptr = *g_fork_detect_addr_bss_get();
96
96
  if (flag_ptr == NULL) {
97
- // Our kernel is too old to support |MADV_WIPEONFORK|.
97
+ // Our kernel is too old to support |MADV_WIPEONFORK| or
98
+ // |g_force_madv_wipeonfork| is set.
99
+ if (*g_force_madv_wipeonfork_bss_get() &&
100
+ *g_force_madv_wipeonfork_enabled_bss_get()) {
101
+ // A constant generation number to simulate support, even if the kernel
102
+ // doesn't support it.
103
+ return 42;
104
+ }
98
105
  return 0;
99
106
  }
100
107
 
@@ -126,8 +133,9 @@ uint64_t CRYPTO_get_fork_generation(void) {
126
133
  return current_generation;
127
134
  }
128
135
 
129
- void CRYPTO_fork_detect_ignore_madv_wipeonfork_for_testing(void) {
130
- *g_ignore_madv_wipeonfork_bss_get() = 1;
136
+ void CRYPTO_fork_detect_force_madv_wipeonfork_for_testing(int on) {
137
+ *g_force_madv_wipeonfork_bss_get() = 1;
138
+ *g_force_madv_wipeonfork_enabled_bss_get() = on;
131
139
  }
132
140
 
133
141
  #else // !OPENSSL_LINUX
@@ -38,9 +38,10 @@ extern "C" {
38
38
  // should only be used as a hardening measure.
39
39
  OPENSSL_EXPORT uint64_t CRYPTO_get_fork_generation(void);
40
40
 
41
- // CRYPTO_fork_detect_ignore_madv_wipeonfork_for_testing is an internal detail
41
+ // CRYPTO_fork_detect_force_madv_wipeonfork_for_testing is an internal detail
42
42
  // used for testing purposes.
43
- OPENSSL_EXPORT void CRYPTO_fork_detect_ignore_madv_wipeonfork_for_testing(void);
43
+ OPENSSL_EXPORT void CRYPTO_fork_detect_force_madv_wipeonfork_for_testing(
44
+ int on);
44
45
 
45
46
  #if defined(__cplusplus)
46
47
  } // extern C
@@ -30,8 +30,8 @@
30
30
  #define EXPECTED_NR_getrandom 278
31
31
  #elif defined(OPENSSL_ARM)
32
32
  #define EXPECTED_NR_getrandom 384
33
- #elif defined(OPENSSL_PPC64LE)
34
- #define EXPECTED_NR_getrandom 359
33
+ #elif defined(OPENSSL_RISCV64)
34
+ #define EXPECTED_NR_getrandom 278
35
35
  #endif
36
36
 
37
37
  #if defined(EXPECTED_NR_getrandom)
@@ -16,7 +16,7 @@
16
16
  #define OPENSSL_HEADER_CRYPTO_RAND_INTERNAL_H
17
17
 
18
18
  #include <openssl/aes.h>
19
- #include <openssl/cpu.h>
19
+ #include <openssl/ctrdrbg.h>
20
20
 
21
21
  #include "../../internal.h"
22
22
  #include "../modes/internal.h"
@@ -50,10 +50,10 @@ void CRYPTO_get_seed_entropy(uint8_t *out_entropy, size_t out_entropy_len,
50
50
  int *out_used_cpu);
51
51
 
52
52
  // RAND_load_entropy supplies |entropy_len| bytes of entropy to the module. The
53
- // |from_cpu| parameter is true iff the entropy was obtained directly from the
54
- // CPU.
53
+ // |want_additional_input| parameter is true iff the entropy was obtained from
54
+ // a source other than the system, e.g. directly from the CPU.
55
55
  void RAND_load_entropy(const uint8_t *entropy, size_t entropy_len,
56
- int from_cpu);
56
+ int want_additional_input);
57
57
 
58
58
  // RAND_need_entropy is implemented outside of the FIPS module and is called
59
59
  // when the module has stopped because it has run out of entropy.
@@ -96,20 +96,13 @@ int rand_fork_unsafe_buffering_enabled(void);
96
96
 
97
97
  // CTR_DRBG_STATE contains the state of a CTR_DRBG based on AES-256. See SP
98
98
  // 800-90Ar1.
99
- typedef struct {
99
+ struct ctr_drbg_state_st {
100
100
  AES_KEY ks;
101
101
  block128_f block;
102
102
  ctr128_f ctr;
103
- union {
104
- uint8_t bytes[16];
105
- uint32_t words[4];
106
- } counter;
103
+ uint8_t counter[16];
107
104
  uint64_t reseed_counter;
108
- } CTR_DRBG_STATE;
109
-
110
- // See SP 800-90Ar1, table 3.
111
- #define CTR_DRBG_ENTROPY_LEN 48
112
- #define CTR_DRBG_MAX_GENERATE_LENGTH 65536
105
+ };
113
106
 
114
107
  // CTR_DRBG_init initialises |*drbg| given |CTR_DRBG_ENTROPY_LEN| bytes of
115
108
  // entropy in |entropy| and, optionally, a personalization string up to
@@ -120,39 +113,17 @@ OPENSSL_EXPORT int CTR_DRBG_init(CTR_DRBG_STATE *drbg,
120
113
  const uint8_t *personalization,
121
114
  size_t personalization_len);
122
115
 
123
- // CTR_DRBG_reseed reseeds |drbg| given |CTR_DRBG_ENTROPY_LEN| bytes of entropy
124
- // in |entropy| and, optionally, up to |CTR_DRBG_ENTROPY_LEN| bytes of
125
- // additional data. It returns one on success or zero on error.
126
- OPENSSL_EXPORT int CTR_DRBG_reseed(CTR_DRBG_STATE *drbg,
127
- const uint8_t entropy[CTR_DRBG_ENTROPY_LEN],
128
- const uint8_t *additional_data,
129
- size_t additional_data_len);
130
-
131
- // CTR_DRBG_generate processes to up |CTR_DRBG_ENTROPY_LEN| bytes of additional
132
- // data (if any) and then writes |out_len| random bytes to |out|, where
133
- // |out_len| <= |CTR_DRBG_MAX_GENERATE_LENGTH|. It returns one on success or
134
- // zero on error.
135
- OPENSSL_EXPORT int CTR_DRBG_generate(CTR_DRBG_STATE *drbg, uint8_t *out,
136
- size_t out_len,
137
- const uint8_t *additional_data,
138
- size_t additional_data_len);
139
-
140
- // CTR_DRBG_clear zeroises the state of |drbg|.
141
- OPENSSL_EXPORT void CTR_DRBG_clear(CTR_DRBG_STATE *drbg);
142
-
143
-
144
116
  #if defined(OPENSSL_X86_64) && !defined(OPENSSL_NO_ASM)
145
117
 
146
118
  OPENSSL_INLINE int have_rdrand(void) {
147
- return (OPENSSL_ia32cap_get()[1] & (1u << 30)) != 0;
119
+ return CRYPTO_is_RDRAND_capable();
148
120
  }
149
121
 
150
122
  // have_fast_rdrand returns true if RDRAND is supported and it's reasonably
151
123
  // fast. Concretely the latter is defined by whether the chip is Intel (fast) or
152
124
  // not (assumed slow).
153
125
  OPENSSL_INLINE int have_fast_rdrand(void) {
154
- const uint32_t *const ia32cap = OPENSSL_ia32cap_get();
155
- return (ia32cap[1] & (1u << 30)) && (ia32cap[0] & (1u << 30));
126
+ return CRYPTO_is_RDRAND_capable() && CRYPTO_is_intel_cpu();
156
127
  }
157
128
 
158
129
  // CRYPTO_rdrand writes eight bytes of random data from the hardware RNG to