grpc 1.53.1 → 1.54.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +78 -66
- data/include/grpc/event_engine/event_engine.h +30 -14
- data/include/grpc/grpc_security.h +4 -0
- data/include/grpc/support/port_platform.h +4 -4
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +11 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +6 -0
- data/src/core/ext/filters/client_channel/backup_poller.cc +2 -11
- data/src/core/ext/filters/client_channel/backup_poller.h +0 -3
- data/src/core/ext/filters/client_channel/client_channel.cc +848 -813
- data/src/core/ext/filters/client_channel/client_channel.h +131 -173
- data/src/core/ext/filters/client_channel/client_channel_internal.h +114 -0
- data/src/core/ext/filters/client_channel/config_selector.h +4 -3
- data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +6 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +17 -18
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +134 -151
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2 -16
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +14 -10
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +68 -30
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +11 -3
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -5
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +30 -38
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +20 -26
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +31 -179
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +1 -2
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -2
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +4 -2
- data/src/core/ext/filters/client_channel/retry_filter.cc +95 -102
- data/src/core/ext/filters/client_channel/subchannel.cc +2 -4
- data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +26 -27
- data/src/core/ext/filters/client_channel/subchannel_stream_client.h +8 -5
- data/src/core/ext/filters/http/client/http_client_filter.cc +3 -3
- data/src/core/ext/filters/http/http_filters_plugin.cc +1 -12
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +27 -11
- data/src/core/ext/filters/message_size/message_size_filter.cc +141 -224
- data/src/core/ext/filters/message_size/message_size_filter.h +48 -3
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +7 -6
- data/src/core/ext/gcp/metadata_query.cc +142 -0
- data/src/core/ext/gcp/metadata_query.h +82 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +70 -55
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +8 -12
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -5
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +116 -58
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +5 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +4 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +222 -118
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +113 -295
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +0 -2
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +0 -2
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +277 -451
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +1 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +12 -14
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +1 -9
- data/src/core/ext/transport/chttp2/transport/internal.h +16 -3
- data/src/core/ext/transport/chttp2/transport/parsing.cc +3 -2
- data/src/core/ext/transport/chttp2/transport/writing.cc +10 -5
- data/src/core/ext/transport/inproc/inproc_transport.cc +20 -14
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +23 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +94 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -2
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +120 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +6 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +24 -6
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +111 -12
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +9 -7
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +27 -9
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +11 -7
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +56 -12
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +24 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +24 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +13 -2
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +49 -0
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +24 -9
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +66 -12
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +191 -187
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +139 -136
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +31 -15
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +15 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +54 -45
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +135 -119
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +100 -97
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +15 -18
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +272 -264
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +117 -117
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -0
- data/src/core/ext/xds/xds_channel_stack_modifier.cc +1 -2
- data/src/core/ext/xds/xds_client_stats.cc +29 -15
- data/src/core/ext/xds/xds_client_stats.h +24 -20
- data/src/core/ext/xds/xds_endpoint.cc +5 -2
- data/src/core/ext/xds/xds_endpoint.h +9 -1
- data/src/core/ext/xds/xds_http_rbac_filter.cc +1 -1
- data/src/core/ext/xds/xds_lb_policy_registry.cc +13 -0
- data/src/core/ext/xds/xds_transport_grpc.cc +1 -1
- data/src/core/lib/channel/call_finalization.h +1 -1
- data/src/core/lib/channel/call_tracer.cc +51 -0
- data/src/core/lib/channel/call_tracer.h +101 -38
- data/src/core/lib/channel/connected_channel.cc +483 -1050
- data/src/core/lib/channel/context.h +8 -1
- data/src/core/lib/channel/promise_based_filter.cc +106 -42
- data/src/core/lib/channel/promise_based_filter.h +27 -13
- data/src/core/lib/channel/server_call_tracer_filter.cc +110 -0
- data/src/core/lib/config/config_vars.cc +151 -0
- data/src/core/lib/config/config_vars.h +127 -0
- data/src/core/lib/config/config_vars_non_generated.cc +51 -0
- data/src/core/lib/config/load_config.cc +66 -0
- data/src/core/lib/config/load_config.h +49 -0
- data/src/core/lib/debug/trace.cc +5 -6
- data/src/core/lib/debug/trace.h +0 -5
- data/src/core/lib/event_engine/event_engine.cc +37 -2
- data/src/core/lib/event_engine/handle_containers.h +7 -22
- data/src/core/lib/event_engine/memory_allocator_factory.h +47 -0
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -4
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +3 -9
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +48 -15
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +8 -8
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +6 -5
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +6 -3
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +27 -18
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +0 -3
- data/src/core/lib/event_engine/resolved_address.cc +2 -1
- data/src/core/lib/event_engine/windows/win_socket.cc +0 -1
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +129 -82
- data/src/core/lib/event_engine/windows/windows_endpoint.h +21 -5
- data/src/core/lib/event_engine/windows/windows_engine.cc +39 -18
- data/src/core/lib/event_engine/windows/windows_engine.h +2 -1
- data/src/core/lib/event_engine/windows/windows_listener.cc +370 -0
- data/src/core/lib/event_engine/windows/windows_listener.h +155 -0
- data/src/core/lib/experiments/config.cc +3 -10
- data/src/core/lib/experiments/experiments.cc +7 -0
- data/src/core/lib/experiments/experiments.h +9 -1
- data/src/core/lib/gpr/log.cc +15 -28
- data/src/core/lib/gprpp/fork.cc +8 -14
- data/src/core/lib/gprpp/orphanable.h +4 -3
- data/src/core/lib/gprpp/per_cpu.h +9 -3
- data/src/core/lib/gprpp/{thd_posix.cc → posix/thd.cc} +49 -37
- data/src/core/lib/gprpp/ref_counted.h +33 -34
- data/src/core/lib/gprpp/thd.h +16 -0
- data/src/core/lib/gprpp/time.cc +1 -0
- data/src/core/lib/gprpp/time.h +4 -4
- data/src/core/lib/gprpp/{thd_windows.cc → windows/thd.cc} +2 -2
- data/src/core/lib/iomgr/call_combiner.h +2 -2
- data/src/core/lib/iomgr/endpoint_cfstream.cc +4 -2
- data/src/core/lib/iomgr/ev_posix.cc +13 -53
- data/src/core/lib/iomgr/ev_posix.h +0 -3
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +103 -76
- data/src/core/lib/iomgr/iomgr.cc +4 -8
- data/src/core/lib/iomgr/iomgr_windows.cc +8 -2
- data/src/core/lib/iomgr/pollset_set_windows.cc +9 -9
- data/src/core/lib/iomgr/pollset_windows.cc +1 -1
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +16 -3
- data/src/core/lib/iomgr/tcp_client_windows.cc +2 -2
- data/src/core/lib/iomgr/tcp_posix.cc +0 -1
- data/src/core/lib/iomgr/tcp_server_posix.cc +5 -16
- data/src/core/lib/iomgr/tcp_server_windows.cc +176 -9
- data/src/core/lib/iomgr/tcp_windows.cc +12 -8
- data/src/core/lib/load_balancing/lb_policy.cc +9 -13
- data/src/core/lib/load_balancing/lb_policy.h +4 -2
- data/src/core/lib/promise/activity.cc +22 -6
- data/src/core/lib/promise/activity.h +61 -24
- data/src/core/lib/promise/cancel_callback.h +77 -0
- data/src/core/lib/promise/detail/basic_seq.h +1 -1
- data/src/core/lib/promise/detail/promise_factory.h +4 -0
- data/src/core/lib/promise/for_each.h +176 -0
- data/src/core/lib/promise/if.h +9 -0
- data/src/core/lib/promise/interceptor_list.h +23 -2
- data/src/core/lib/promise/latch.h +89 -3
- data/src/core/lib/promise/loop.h +13 -9
- data/src/core/lib/promise/map.h +7 -0
- data/src/core/lib/promise/party.cc +286 -0
- data/src/core/lib/promise/party.h +499 -0
- data/src/core/lib/promise/pipe.h +197 -57
- data/src/core/lib/promise/poll.h +48 -0
- data/src/core/lib/promise/promise.h +2 -2
- data/src/core/lib/resource_quota/arena.cc +19 -3
- data/src/core/lib/resource_quota/arena.h +119 -5
- data/src/core/lib/resource_quota/memory_quota.cc +1 -1
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +12 -35
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -59
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -5
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +13 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +2 -0
- data/src/core/lib/security/security_connector/load_system_roots_supported.cc +5 -9
- data/src/core/lib/security/security_connector/ssl_utils.cc +11 -25
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +12 -0
- data/src/core/lib/security/transport/secure_endpoint.cc +4 -2
- data/src/core/lib/security/transport/server_auth_filter.cc +20 -2
- data/src/core/lib/slice/slice.cc +1 -1
- data/src/core/lib/surface/builtins.cc +2 -0
- data/src/core/lib/surface/call.cc +926 -1024
- data/src/core/lib/surface/call.h +10 -0
- data/src/core/lib/surface/lame_client.cc +1 -0
- data/src/core/lib/surface/validate_metadata.cc +42 -43
- data/src/core/lib/surface/validate_metadata.h +0 -9
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/batch_builder.cc +179 -0
- data/src/core/lib/transport/batch_builder.h +468 -0
- data/src/core/lib/transport/bdp_estimator.cc +7 -7
- data/src/core/lib/transport/bdp_estimator.h +10 -6
- data/src/core/lib/transport/custom_metadata.h +30 -0
- data/src/core/lib/transport/metadata_batch.cc +5 -2
- data/src/core/lib/transport/metadata_batch.h +17 -113
- data/src/core/lib/transport/parsed_metadata.h +6 -16
- data/src/core/lib/transport/timeout_encoding.cc +6 -1
- data/src/core/lib/transport/transport.cc +30 -2
- data/src/core/lib/transport/transport.h +70 -14
- data/src/core/lib/transport/transport_impl.h +7 -0
- data/src/core/lib/transport/transport_op_string.cc +52 -42
- data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -2
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +21 -4
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +5 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +1 -1
- data/src/core/tsi/ssl_transport_security.cc +4 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/abseil-cpp/absl/base/config.h +1 -1
- data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +34 -0
- data/third_party/abseil-cpp/absl/flags/commandlineflag.h +200 -0
- data/third_party/abseil-cpp/absl/flags/config.h +68 -0
- data/third_party/abseil-cpp/absl/flags/declare.h +73 -0
- data/third_party/abseil-cpp/absl/flags/flag.cc +38 -0
- data/third_party/abseil-cpp/absl/flags/flag.h +310 -0
- data/{src/core/lib/gprpp/global_config_custom.h → third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc} +11 -14
- data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.h +68 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.cc +615 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +800 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +116 -0
- data/third_party/abseil-cpp/absl/flags/internal/path_util.h +62 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +65 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +61 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +60 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.h +50 -0
- data/third_party/abseil-cpp/absl/flags/internal/registry.h +97 -0
- data/third_party/abseil-cpp/absl/flags/internal/sequence_lock.h +187 -0
- data/third_party/abseil-cpp/absl/flags/marshalling.cc +241 -0
- data/third_party/abseil-cpp/absl/flags/marshalling.h +356 -0
- data/third_party/abseil-cpp/absl/flags/reflection.cc +354 -0
- data/third_party/abseil-cpp/absl/flags/reflection.h +90 -0
- data/third_party/abseil-cpp/absl/flags/usage_config.cc +165 -0
- data/third_party/abseil-cpp/absl/flags/usage_config.h +135 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +12 -8
- data/third_party/boringssl-with-bazel/err_data.c +728 -712
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +177 -177
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +28 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +21 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +20 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +66 -185
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +18 -21
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +356 -311
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +174 -194
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +146 -210
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +6 -9
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +346 -526
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +110 -131
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +130 -116
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +93 -60
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +93 -181
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +242 -305
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +41 -18
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +30 -33
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +36 -33
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +29 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +133 -88
- data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +230 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +791 -791
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +526 -526
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +114 -135
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +201 -207
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +21 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +55 -68
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +11 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +15 -9
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +17 -10
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -13
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +9 -5
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +10 -23
- data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +2 -6
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +29 -28
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +161 -201
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +254 -39
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +37 -75
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +8 -10
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/cipher → cipher_extra}/e_des.c +100 -78
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +6 -12
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +14 -11
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +6 -10
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +12 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +74 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +62 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-fuchsia.c → cpu_aarch64_fuchsia.c} +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-linux.c → cpu_aarch64_linux.c} +6 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-win.c → cpu_aarch64_win.c} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm.c → cpu_arm.c} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +55 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.c → cpu_arm_linux.c} +11 -90
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.h → cpu_arm_linux.h} +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-intel.c → cpu_intel.c} +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +25 -20
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +16 -27
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +17 -32
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/des.c +232 -232
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +232 -29
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +39 -16
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +37 -7
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +11 -36
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +214 -99
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +21 -5
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +83 -60
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +46 -12
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +25 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +43 -9
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +75 -44
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +19 -25
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +96 -45
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +26 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +233 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +42 -25
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +35 -47
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +135 -244
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +15 -10
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +29 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +13 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +3 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +13 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +9 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +35 -27
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +16 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +88 -60
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +99 -113
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +112 -168
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +86 -31
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +11 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +13 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +13 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +19 -108
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +19 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +15 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +22 -21
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +79 -19
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +102 -99
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → fipsmodule/cipher}/e_aesccm.c +52 -46
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +39 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cmac → fipsmodule/cmac}/cmac.c +55 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +21 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +56 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/{evp → fipsmodule/digestsign}/digestsign.c +51 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +25 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +91 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +34 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +54 -23
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +44 -60
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64-table.h → p256-nistz-table.h} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.c → p256-nistz.c} +60 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.h → p256-nistz.h} +5 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +48 -36
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +2 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +2 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +42 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +6 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +52 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +9 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +71 -43
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +14 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +31 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +16 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +9 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +73 -59
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -45
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +22 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +63 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +107 -62
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +58 -31
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +523 -422
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +89 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +334 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +3 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +12 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +14 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +19 -6
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +32 -14
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +65 -29
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +373 -18
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +61 -0
- data/third_party/boringssl-with-bazel/src/crypto/kyber/keccak.c +205 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +13 -1
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +220 -13
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -7
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +13 -1
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +81 -90
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +150 -245
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +629 -613
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +17 -17
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +142 -149
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +99 -131
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -66
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +31 -38
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +18 -31
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +8 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +129 -5
- data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +8 -11
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +61 -27
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +66 -34
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +190 -77
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +81 -284
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +109 -42
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +22 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +54 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +32 -34
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +32 -16
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +465 -704
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +284 -331
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +183 -178
- data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +67 -50
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +153 -150
- data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +786 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +95 -102
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +72 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +12 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +227 -252
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +52 -47
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +230 -224
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +161 -327
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +37 -33
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +14 -31
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +55 -85
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +534 -618
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +129 -122
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +116 -182
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +132 -132
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +181 -202
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +64 -79
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +175 -160
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1865 -2050
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +433 -462
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +156 -163
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +267 -263
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +40 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +59 -63
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +63 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +114 -144
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +25 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +326 -415
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +30 -28
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +354 -370
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +37 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +116 -119
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +36 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +419 -261
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +113 -105
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +78 -170
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +126 -131
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +465 -469
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +56 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +46 -49
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +309 -346
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +341 -365
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +429 -393
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +29 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +65 -59
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +125 -121
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +43 -42
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +122 -125
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +50 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +247 -253
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +386 -389
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +45 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +57 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +63 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +143 -136
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +664 -707
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +83 -75
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1062 -1146
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +8 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +28 -48
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +211 -187
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +26 -78
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +19 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +21 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +49 -17
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +99 -29
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +49 -60
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +2 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +16 -200
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +34 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +82 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +32 -30
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +7 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +48 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +37 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +33 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +22 -30
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +7 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +41 -16
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +91 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +74 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +13 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +11 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +8 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +12 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +7 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +96 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +13 -21
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +139 -75
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +384 -286
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +5 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/time.h +41 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +18 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +49 -23
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +0 -11
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1592 -1074
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +202 -205
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +6 -13
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +17 -18
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +4 -5
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +25 -33
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +34 -20
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +65 -34
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +198 -54
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +5 -5
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +32 -28
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +76 -44
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +130 -98
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +27 -11
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +91 -75
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +8 -10
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +39 -65
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +5 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +30 -33
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +77 -100
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +120 -107
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +164 -30
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +150 -60
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +22 -11
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +22 -6
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +15 -13
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +5 -43
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +7 -4
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +22 -34
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +16 -98
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +1241 -657
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +751 -398
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3551 -1938
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1272 -487
- metadata +103 -70
- data/src/core/ext/filters/client_channel/lb_call_state_internal.h +0 -39
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +0 -30
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +0 -29
- data/src/core/lib/gprpp/global_config.h +0 -93
- data/src/core/lib/gprpp/global_config_env.cc +0 -140
- data/src/core/lib/gprpp/global_config_env.h +0 -133
- data/src/core/lib/gprpp/global_config_generic.h +0 -40
- data/src/core/lib/promise/intra_activity_waiter.h +0 -55
- data/src/core/lib/security/security_connector/ssl_utils_config.cc +0 -32
- data/src/core/lib/security/security_connector/ssl_utils_config.h +0 -29
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +0 -195
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +0 -83
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +0 -236
- data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +0 -15
- data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +0 -206
- data/third_party/boringssl-with-bazel/src/crypto/cpu-ppc64le.c +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +0 -361
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +0 -287
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +0 -132
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +0 -155
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +0 -131
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +0 -189
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +0 -843
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +0 -289
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +0 -57
- /data/src/core/lib/gpr/{log_android.cc → android/log.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_iphone.cc → iphone/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_linux.cc → linux/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_linux.cc → linux/log.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_msys.cc → msys/tmpfile.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_posix.cc → posix/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_posix.cc → posix/log.cc} +0 -0
- /data/src/core/lib/gpr/{string_posix.cc → posix/string.cc} +0 -0
- /data/src/core/lib/gpr/{sync_posix.cc → posix/sync.cc} +0 -0
- /data/src/core/lib/gpr/{time_posix.cc → posix/time.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_posix.cc → posix/tmpfile.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_windows.cc → windows/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_windows.cc → windows/log.cc} +0 -0
- /data/src/core/lib/gpr/{string_windows.cc → windows/string.cc} +0 -0
- /data/src/core/lib/gpr/{string_util_windows.cc → windows/string_util.cc} +0 -0
- /data/src/core/lib/gpr/{sync_windows.cc → windows/sync.cc} +0 -0
- /data/src/core/lib/gpr/{time_windows.cc → windows/time.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_windows.cc → windows/tmpfile.cc} +0 -0
- /data/src/core/lib/gprpp/{env_linux.cc → linux/env.cc} +0 -0
- /data/src/core/lib/gprpp/{env_posix.cc → posix/env.cc} +0 -0
- /data/src/core/lib/gprpp/{stat_posix.cc → posix/stat.cc} +0 -0
- /data/src/core/lib/gprpp/{env_windows.cc → windows/env.cc} +0 -0
- /data/src/core/lib/gprpp/{stat_windows.cc → windows/stat.cc} +0 -0
@@ -67,6 +67,7 @@
|
|
67
67
|
#include <openssl/sha.h>
|
68
68
|
|
69
69
|
#include "internal.h"
|
70
|
+
#include "../service_indicator/internal.h"
|
70
71
|
#include "../../internal.h"
|
71
72
|
|
72
73
|
|
@@ -145,20 +146,17 @@ int RSA_padding_check_PKCS1_type_1(uint8_t *out, size_t *out_len,
|
|
145
146
|
return 1;
|
146
147
|
}
|
147
148
|
|
148
|
-
static
|
149
|
-
|
150
|
-
|
151
|
-
}
|
149
|
+
static void rand_nonzero(uint8_t *out, size_t len) {
|
150
|
+
FIPS_service_indicator_lock_state();
|
151
|
+
RAND_bytes(out, len);
|
152
152
|
|
153
153
|
for (size_t i = 0; i < len; i++) {
|
154
154
|
while (out[i] == 0) {
|
155
|
-
|
156
|
-
return 0;
|
157
|
-
}
|
155
|
+
RAND_bytes(out + i, 1);
|
158
156
|
}
|
159
157
|
}
|
160
158
|
|
161
|
-
|
159
|
+
FIPS_service_indicator_unlock_state();
|
162
160
|
}
|
163
161
|
|
164
162
|
int RSA_padding_add_PKCS1_type_2(uint8_t *to, size_t to_len,
|
@@ -178,10 +176,7 @@ int RSA_padding_add_PKCS1_type_2(uint8_t *to, size_t to_len,
|
|
178
176
|
to[1] = 2;
|
179
177
|
|
180
178
|
size_t padding_len = to_len - 3 - from_len;
|
181
|
-
|
182
|
-
return 0;
|
183
|
-
}
|
184
|
-
|
179
|
+
rand_nonzero(to + 2, padding_len);
|
185
180
|
to[2 + padding_len] = 0;
|
186
181
|
OPENSSL_memcpy(to + to_len - from_len, from, from_len);
|
187
182
|
return 1;
|
@@ -275,6 +270,7 @@ static int PKCS1_MGF1(uint8_t *out, size_t len, const uint8_t *seed,
|
|
275
270
|
int ret = 0;
|
276
271
|
EVP_MD_CTX ctx;
|
277
272
|
EVP_MD_CTX_init(&ctx);
|
273
|
+
FIPS_service_indicator_lock_state();
|
278
274
|
|
279
275
|
size_t md_len = EVP_MD_size(md);
|
280
276
|
|
@@ -310,6 +306,7 @@ static int PKCS1_MGF1(uint8_t *out, size_t len, const uint8_t *seed,
|
|
310
306
|
|
311
307
|
err:
|
312
308
|
EVP_MD_CTX_cleanup(&ctx);
|
309
|
+
FIPS_service_indicator_unlock_state();
|
313
310
|
return ret;
|
314
311
|
}
|
315
312
|
|
@@ -346,23 +343,24 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(uint8_t *to, size_t to_len,
|
|
346
343
|
uint8_t *seed = to + 1;
|
347
344
|
uint8_t *db = to + mdlen + 1;
|
348
345
|
|
346
|
+
uint8_t *dbmask = NULL;
|
347
|
+
int ret = 0;
|
348
|
+
FIPS_service_indicator_lock_state();
|
349
349
|
if (!EVP_Digest(param, param_len, db, NULL, md, NULL)) {
|
350
|
-
|
350
|
+
goto out;
|
351
351
|
}
|
352
352
|
OPENSSL_memset(db + mdlen, 0, emlen - from_len - 2 * mdlen - 1);
|
353
353
|
db[emlen - from_len - mdlen - 1] = 0x01;
|
354
354
|
OPENSSL_memcpy(db + emlen - from_len - mdlen, from, from_len);
|
355
355
|
if (!RAND_bytes(seed, mdlen)) {
|
356
|
-
|
356
|
+
goto out;
|
357
357
|
}
|
358
358
|
|
359
|
-
|
359
|
+
dbmask = OPENSSL_malloc(emlen - mdlen);
|
360
360
|
if (dbmask == NULL) {
|
361
|
-
|
362
|
-
return 0;
|
361
|
+
goto out;
|
363
362
|
}
|
364
363
|
|
365
|
-
int ret = 0;
|
366
364
|
if (!PKCS1_MGF1(dbmask, emlen - mdlen, seed, mdlen, mgf1md)) {
|
367
365
|
goto out;
|
368
366
|
}
|
@@ -381,6 +379,7 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(uint8_t *to, size_t to_len,
|
|
381
379
|
|
382
380
|
out:
|
383
381
|
OPENSSL_free(dbmask);
|
382
|
+
FIPS_service_indicator_unlock_state();
|
384
383
|
return ret;
|
385
384
|
}
|
386
385
|
|
@@ -410,9 +409,9 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *out, size_t *out_len,
|
|
410
409
|
}
|
411
410
|
|
412
411
|
size_t dblen = from_len - mdlen - 1;
|
412
|
+
FIPS_service_indicator_lock_state();
|
413
413
|
db = OPENSSL_malloc(dblen);
|
414
414
|
if (db == NULL) {
|
415
|
-
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
|
416
415
|
goto err;
|
417
416
|
}
|
418
417
|
|
@@ -456,10 +455,16 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *out, size_t *out_len,
|
|
456
455
|
|
457
456
|
bad |= looking_for_one_byte;
|
458
457
|
|
459
|
-
|
458
|
+
// Whether the overall padding was valid or not in OAEP is public.
|
459
|
+
if (constant_time_declassify_w(bad)) {
|
460
460
|
goto decoding_err;
|
461
461
|
}
|
462
462
|
|
463
|
+
// Once the padding is known to be valid, the output length is also public.
|
464
|
+
static_assert(sizeof(size_t) <= sizeof(crypto_word_t),
|
465
|
+
"size_t does not fit in crypto_word_t");
|
466
|
+
one_index = constant_time_declassify_w(one_index);
|
467
|
+
|
463
468
|
one_index++;
|
464
469
|
size_t mlen = dblen - one_index;
|
465
470
|
if (max_out < mlen) {
|
@@ -470,14 +475,16 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *out, size_t *out_len,
|
|
470
475
|
OPENSSL_memcpy(out, db + one_index, mlen);
|
471
476
|
*out_len = mlen;
|
472
477
|
OPENSSL_free(db);
|
478
|
+
FIPS_service_indicator_unlock_state();
|
473
479
|
return 1;
|
474
480
|
|
475
481
|
decoding_err:
|
476
|
-
//
|
477
|
-
// which kind of decoding error happened
|
482
|
+
// To avoid chosen ciphertext attacks, the error message should not reveal
|
483
|
+
// which kind of decoding error happened.
|
478
484
|
OPENSSL_PUT_ERROR(RSA, RSA_R_OAEP_DECODING_ERROR);
|
479
485
|
err:
|
480
486
|
OPENSSL_free(db);
|
487
|
+
FIPS_service_indicator_unlock_state();
|
481
488
|
return 0;
|
482
489
|
}
|
483
490
|
|
@@ -486,28 +493,23 @@ static const uint8_t kPSSZeroes[] = {0, 0, 0, 0, 0, 0, 0, 0};
|
|
486
493
|
int RSA_verify_PKCS1_PSS_mgf1(const RSA *rsa, const uint8_t *mHash,
|
487
494
|
const EVP_MD *Hash, const EVP_MD *mgf1Hash,
|
488
495
|
const uint8_t *EM, int sLen) {
|
489
|
-
int i;
|
490
|
-
int ret = 0;
|
491
|
-
int maskedDBLen, MSBits, emLen;
|
492
|
-
size_t hLen;
|
493
|
-
const uint8_t *H;
|
494
|
-
uint8_t *DB = NULL;
|
495
|
-
EVP_MD_CTX ctx;
|
496
|
-
uint8_t H_[EVP_MAX_MD_SIZE];
|
497
|
-
EVP_MD_CTX_init(&ctx);
|
498
|
-
|
499
496
|
if (mgf1Hash == NULL) {
|
500
497
|
mgf1Hash = Hash;
|
501
498
|
}
|
502
499
|
|
503
|
-
|
500
|
+
int ret = 0;
|
501
|
+
uint8_t *DB = NULL;
|
502
|
+
EVP_MD_CTX ctx;
|
503
|
+
EVP_MD_CTX_init(&ctx);
|
504
|
+
FIPS_service_indicator_lock_state();
|
504
505
|
|
505
506
|
// Negative sLen has special meanings:
|
506
507
|
// -1 sLen == hLen
|
507
508
|
// -2 salt length is autorecovered from signature
|
508
509
|
// -N reserved
|
510
|
+
size_t hLen = EVP_MD_size(Hash);
|
509
511
|
if (sLen == -1) {
|
510
|
-
sLen = hLen;
|
512
|
+
sLen = (int)hLen;
|
511
513
|
} else if (sLen == -2) {
|
512
514
|
sLen = -2;
|
513
515
|
} else if (sLen < -2) {
|
@@ -515,8 +517,8 @@ int RSA_verify_PKCS1_PSS_mgf1(const RSA *rsa, const uint8_t *mHash,
|
|
515
517
|
goto err;
|
516
518
|
}
|
517
519
|
|
518
|
-
MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;
|
519
|
-
emLen = RSA_size(rsa);
|
520
|
+
unsigned MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;
|
521
|
+
size_t emLen = RSA_size(rsa);
|
520
522
|
if (EM[0] & (0xFF << MSBits)) {
|
521
523
|
OPENSSL_PUT_ERROR(RSA, RSA_R_FIRST_OCTET_INVALID);
|
522
524
|
goto err;
|
@@ -525,8 +527,9 @@ int RSA_verify_PKCS1_PSS_mgf1(const RSA *rsa, const uint8_t *mHash,
|
|
525
527
|
EM++;
|
526
528
|
emLen--;
|
527
529
|
}
|
528
|
-
|
529
|
-
|
530
|
+
// |sLen| may be -2 for the non-standard salt length recovery mode.
|
531
|
+
if (emLen < hLen + 2 ||
|
532
|
+
(sLen >= 0 && emLen < hLen + (size_t)sLen + 2)) {
|
530
533
|
OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE);
|
531
534
|
goto err;
|
532
535
|
}
|
@@ -534,51 +537,58 @@ int RSA_verify_PKCS1_PSS_mgf1(const RSA *rsa, const uint8_t *mHash,
|
|
534
537
|
OPENSSL_PUT_ERROR(RSA, RSA_R_LAST_OCTET_INVALID);
|
535
538
|
goto err;
|
536
539
|
}
|
537
|
-
maskedDBLen = emLen - hLen - 1;
|
538
|
-
H = EM + maskedDBLen;
|
540
|
+
size_t maskedDBLen = emLen - hLen - 1;
|
541
|
+
const uint8_t *H = EM + maskedDBLen;
|
539
542
|
DB = OPENSSL_malloc(maskedDBLen);
|
540
543
|
if (!DB) {
|
541
|
-
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
|
542
544
|
goto err;
|
543
545
|
}
|
544
546
|
if (!PKCS1_MGF1(DB, maskedDBLen, H, hLen, mgf1Hash)) {
|
545
547
|
goto err;
|
546
548
|
}
|
547
|
-
for (i = 0; i < maskedDBLen; i++) {
|
549
|
+
for (size_t i = 0; i < maskedDBLen; i++) {
|
548
550
|
DB[i] ^= EM[i];
|
549
551
|
}
|
550
552
|
if (MSBits) {
|
551
553
|
DB[0] &= 0xFF >> (8 - MSBits);
|
552
554
|
}
|
553
|
-
|
555
|
+
// This step differs slightly from EMSA-PSS-VERIFY (RFC 8017) step 10 because
|
556
|
+
// it accepts a non-standard salt recovery flow. DB should be some number of
|
557
|
+
// zeros, a one, then the salt.
|
558
|
+
size_t salt_start;
|
559
|
+
for (salt_start = 0; DB[salt_start] == 0 && salt_start < maskedDBLen - 1;
|
560
|
+
salt_start++) {
|
554
561
|
;
|
555
562
|
}
|
556
|
-
if (DB[
|
563
|
+
if (DB[salt_start] != 0x1) {
|
557
564
|
OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_RECOVERY_FAILED);
|
558
565
|
goto err;
|
559
566
|
}
|
560
|
-
|
567
|
+
salt_start++;
|
568
|
+
// If a salt length was specified, check it matches.
|
569
|
+
if (sLen >= 0 && maskedDBLen - salt_start != (size_t)sLen) {
|
561
570
|
OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_CHECK_FAILED);
|
562
571
|
goto err;
|
563
572
|
}
|
573
|
+
uint8_t H_[EVP_MAX_MD_SIZE];
|
564
574
|
if (!EVP_DigestInit_ex(&ctx, Hash, NULL) ||
|
565
575
|
!EVP_DigestUpdate(&ctx, kPSSZeroes, sizeof(kPSSZeroes)) ||
|
566
576
|
!EVP_DigestUpdate(&ctx, mHash, hLen) ||
|
567
|
-
!EVP_DigestUpdate(&ctx, DB +
|
577
|
+
!EVP_DigestUpdate(&ctx, DB + salt_start, maskedDBLen - salt_start) ||
|
568
578
|
!EVP_DigestFinal_ex(&ctx, H_, NULL)) {
|
569
579
|
goto err;
|
570
580
|
}
|
571
|
-
if (OPENSSL_memcmp(H_, H, hLen)) {
|
581
|
+
if (OPENSSL_memcmp(H_, H, hLen) != 0) {
|
572
582
|
OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE);
|
573
|
-
|
574
|
-
} else {
|
575
|
-
ret = 1;
|
583
|
+
goto err;
|
576
584
|
}
|
577
585
|
|
586
|
+
ret = 1;
|
587
|
+
|
578
588
|
err:
|
579
589
|
OPENSSL_free(DB);
|
580
590
|
EVP_MD_CTX_cleanup(&ctx);
|
581
|
-
|
591
|
+
FIPS_service_indicator_unlock_state();
|
582
592
|
return ret;
|
583
593
|
}
|
584
594
|
|
@@ -595,6 +605,7 @@ int RSA_padding_add_PKCS1_PSS_mgf1(const RSA *rsa, unsigned char *EM,
|
|
595
605
|
mgf1Hash = Hash;
|
596
606
|
}
|
597
607
|
|
608
|
+
FIPS_service_indicator_lock_state();
|
598
609
|
hLen = EVP_MD_size(Hash);
|
599
610
|
|
600
611
|
if (BN_is_zero(rsa->n)) {
|
@@ -639,7 +650,6 @@ int RSA_padding_add_PKCS1_PSS_mgf1(const RSA *rsa, unsigned char *EM,
|
|
639
650
|
if (sLen > 0) {
|
640
651
|
salt = OPENSSL_malloc(sLen);
|
641
652
|
if (!salt) {
|
642
|
-
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
|
643
653
|
goto err;
|
644
654
|
}
|
645
655
|
if (!RAND_bytes(salt, sLen)) {
|
@@ -690,6 +700,7 @@ int RSA_padding_add_PKCS1_PSS_mgf1(const RSA *rsa, unsigned char *EM,
|
|
690
700
|
|
691
701
|
err:
|
692
702
|
OPENSSL_free(salt);
|
703
|
+
FIPS_service_indicator_unlock_state();
|
693
704
|
|
694
705
|
return ret;
|
695
706
|
}
|
@@ -56,6 +56,7 @@
|
|
56
56
|
|
57
57
|
#include <openssl/rsa.h>
|
58
58
|
|
59
|
+
#include <assert.h>
|
59
60
|
#include <limits.h>
|
60
61
|
#include <string.h>
|
61
62
|
|
@@ -87,7 +88,6 @@ RSA *RSA_new(void) { return RSA_new_method(NULL); }
|
|
87
88
|
RSA *RSA_new_method(const ENGINE *engine) {
|
88
89
|
RSA *rsa = OPENSSL_malloc(sizeof(RSA));
|
89
90
|
if (rsa == NULL) {
|
90
|
-
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
|
91
91
|
return NULL;
|
92
92
|
}
|
93
93
|
|
@@ -300,11 +300,12 @@ int RSA_public_encrypt(size_t flen, const uint8_t *from, uint8_t *to, RSA *rsa,
|
|
300
300
|
OPENSSL_PUT_ERROR(RSA, ERR_R_OVERFLOW);
|
301
301
|
return -1;
|
302
302
|
}
|
303
|
-
return out_len;
|
303
|
+
return (int)out_len;
|
304
304
|
}
|
305
305
|
|
306
|
-
int
|
307
|
-
|
306
|
+
static int rsa_sign_raw_no_self_test(RSA *rsa, size_t *out_len, uint8_t *out,
|
307
|
+
size_t max_out, const uint8_t *in,
|
308
|
+
size_t in_len, int padding) {
|
308
309
|
if (rsa->meth->sign_raw) {
|
309
310
|
return rsa->meth->sign_raw(rsa, out_len, out, max_out, in, in_len, padding);
|
310
311
|
}
|
@@ -312,6 +313,13 @@ int RSA_sign_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
|
|
312
313
|
return rsa_default_sign_raw(rsa, out_len, out, max_out, in, in_len, padding);
|
313
314
|
}
|
314
315
|
|
316
|
+
int RSA_sign_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
|
317
|
+
const uint8_t *in, size_t in_len, int padding) {
|
318
|
+
boringssl_ensure_rsa_self_test();
|
319
|
+
return rsa_sign_raw_no_self_test(rsa, out_len, out, max_out, in, in_len,
|
320
|
+
padding);
|
321
|
+
}
|
322
|
+
|
315
323
|
int RSA_private_encrypt(size_t flen, const uint8_t *from, uint8_t *to, RSA *rsa,
|
316
324
|
int padding) {
|
317
325
|
size_t out_len;
|
@@ -324,7 +332,7 @@ int RSA_private_encrypt(size_t flen, const uint8_t *from, uint8_t *to, RSA *rsa,
|
|
324
332
|
OPENSSL_PUT_ERROR(RSA, ERR_R_OVERFLOW);
|
325
333
|
return -1;
|
326
334
|
}
|
327
|
-
return out_len;
|
335
|
+
return (int)out_len;
|
328
336
|
}
|
329
337
|
|
330
338
|
int RSA_decrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
|
@@ -339,7 +347,6 @@ int RSA_decrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
|
|
339
347
|
int RSA_private_decrypt(size_t flen, const uint8_t *from, uint8_t *to, RSA *rsa,
|
340
348
|
int padding) {
|
341
349
|
size_t out_len;
|
342
|
-
|
343
350
|
if (!RSA_decrypt(rsa, &out_len, to, RSA_size(rsa), from, flen, padding)) {
|
344
351
|
return -1;
|
345
352
|
}
|
@@ -348,13 +355,12 @@ int RSA_private_decrypt(size_t flen, const uint8_t *from, uint8_t *to, RSA *rsa,
|
|
348
355
|
OPENSSL_PUT_ERROR(RSA, ERR_R_OVERFLOW);
|
349
356
|
return -1;
|
350
357
|
}
|
351
|
-
return out_len;
|
358
|
+
return (int)out_len;
|
352
359
|
}
|
353
360
|
|
354
361
|
int RSA_public_decrypt(size_t flen, const uint8_t *from, uint8_t *to, RSA *rsa,
|
355
362
|
int padding) {
|
356
363
|
size_t out_len;
|
357
|
-
|
358
364
|
if (!RSA_verify_raw(rsa, &out_len, to, RSA_size(rsa), from, flen, padding)) {
|
359
365
|
return -1;
|
360
366
|
}
|
@@ -363,15 +369,16 @@ int RSA_public_decrypt(size_t flen, const uint8_t *from, uint8_t *to, RSA *rsa,
|
|
363
369
|
OPENSSL_PUT_ERROR(RSA, ERR_R_OVERFLOW);
|
364
370
|
return -1;
|
365
371
|
}
|
366
|
-
return out_len;
|
372
|
+
return (int)out_len;
|
367
373
|
}
|
368
374
|
|
369
375
|
unsigned RSA_size(const RSA *rsa) {
|
370
|
-
|
371
|
-
|
372
|
-
|
373
|
-
|
374
|
-
|
376
|
+
size_t ret = rsa->meth->size ? rsa->meth->size(rsa) : rsa_default_size(rsa);
|
377
|
+
// RSA modulus sizes are bounded by |BIGNUM|, which must fit in |unsigned|.
|
378
|
+
//
|
379
|
+
// TODO(https://crbug.com/boringssl/516): Should we make this return |size_t|?
|
380
|
+
assert(ret < UINT_MAX);
|
381
|
+
return (unsigned)ret;
|
375
382
|
}
|
376
383
|
|
377
384
|
int RSA_is_opaque(const RSA *rsa) {
|
@@ -463,49 +470,65 @@ static const struct pkcs1_sig_prefix kPKCS1SigPrefixes[] = {
|
|
463
470
|
},
|
464
471
|
};
|
465
472
|
|
466
|
-
int
|
467
|
-
int *is_alloced, int hash_nid, const uint8_t *digest,
|
468
|
-
size_t digest_len) {
|
469
|
-
unsigned i;
|
470
|
-
|
473
|
+
static int rsa_check_digest_size(int hash_nid, size_t digest_len) {
|
471
474
|
if (hash_nid == NID_md5_sha1) {
|
472
|
-
// Special case: SSL signature, just check the length.
|
473
475
|
if (digest_len != SSL_SIG_LENGTH) {
|
474
476
|
OPENSSL_PUT_ERROR(RSA, RSA_R_INVALID_MESSAGE_LENGTH);
|
475
477
|
return 0;
|
476
478
|
}
|
479
|
+
return 1;
|
480
|
+
}
|
481
|
+
|
482
|
+
for (size_t i = 0; kPKCS1SigPrefixes[i].nid != NID_undef; i++) {
|
483
|
+
const struct pkcs1_sig_prefix *sig_prefix = &kPKCS1SigPrefixes[i];
|
484
|
+
if (sig_prefix->nid == hash_nid) {
|
485
|
+
if (digest_len != sig_prefix->hash_len) {
|
486
|
+
OPENSSL_PUT_ERROR(RSA, RSA_R_INVALID_MESSAGE_LENGTH);
|
487
|
+
return 0;
|
488
|
+
}
|
489
|
+
return 1;
|
490
|
+
}
|
491
|
+
}
|
477
492
|
|
493
|
+
OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_ALGORITHM_TYPE);
|
494
|
+
return 0;
|
495
|
+
|
496
|
+
}
|
497
|
+
|
498
|
+
int RSA_add_pkcs1_prefix(uint8_t **out_msg, size_t *out_msg_len,
|
499
|
+
int *is_alloced, int hash_nid, const uint8_t *digest,
|
500
|
+
size_t digest_len) {
|
501
|
+
if (!rsa_check_digest_size(hash_nid, digest_len)) {
|
502
|
+
return 0;
|
503
|
+
}
|
504
|
+
|
505
|
+
if (hash_nid == NID_md5_sha1) {
|
506
|
+
// The length should already have been checked.
|
507
|
+
assert(digest_len == SSL_SIG_LENGTH);
|
478
508
|
*out_msg = (uint8_t *)digest;
|
479
|
-
*out_msg_len =
|
509
|
+
*out_msg_len = digest_len;
|
480
510
|
*is_alloced = 0;
|
481
511
|
return 1;
|
482
512
|
}
|
483
513
|
|
484
|
-
for (i = 0; kPKCS1SigPrefixes[i].nid != NID_undef; i++) {
|
514
|
+
for (size_t i = 0; kPKCS1SigPrefixes[i].nid != NID_undef; i++) {
|
485
515
|
const struct pkcs1_sig_prefix *sig_prefix = &kPKCS1SigPrefixes[i];
|
486
516
|
if (sig_prefix->nid != hash_nid) {
|
487
517
|
continue;
|
488
518
|
}
|
489
519
|
|
490
|
-
|
491
|
-
|
492
|
-
return 0;
|
493
|
-
}
|
494
|
-
|
520
|
+
// The length should already have been checked.
|
521
|
+
assert(digest_len == sig_prefix->hash_len);
|
495
522
|
const uint8_t* prefix = sig_prefix->bytes;
|
496
|
-
|
497
|
-
|
498
|
-
uint8_t *signed_msg;
|
499
|
-
|
500
|
-
signed_msg_len = prefix_len + digest_len;
|
523
|
+
size_t prefix_len = sig_prefix->len;
|
524
|
+
size_t signed_msg_len = prefix_len + digest_len;
|
501
525
|
if (signed_msg_len < prefix_len) {
|
502
526
|
OPENSSL_PUT_ERROR(RSA, RSA_R_TOO_LONG);
|
503
527
|
return 0;
|
504
528
|
}
|
505
529
|
|
506
|
-
signed_msg = OPENSSL_malloc(signed_msg_len);
|
530
|
+
uint8_t *signed_msg = OPENSSL_malloc(signed_msg_len);
|
507
531
|
if (!signed_msg) {
|
508
|
-
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
|
509
532
|
return 0;
|
510
533
|
}
|
511
534
|
|
@@ -523,28 +546,41 @@ int RSA_add_pkcs1_prefix(uint8_t **out_msg, size_t *out_msg_len,
|
|
523
546
|
return 0;
|
524
547
|
}
|
525
548
|
|
526
|
-
int
|
527
|
-
|
549
|
+
int rsa_sign_no_self_test(int hash_nid, const uint8_t *digest,
|
550
|
+
size_t digest_len, uint8_t *out, unsigned *out_len,
|
551
|
+
RSA *rsa) {
|
552
|
+
if (rsa->meth->sign) {
|
553
|
+
if (!rsa_check_digest_size(hash_nid, digest_len)) {
|
554
|
+
return 0;
|
555
|
+
}
|
556
|
+
// All supported digest lengths fit in |unsigned|.
|
557
|
+
assert(digest_len <= EVP_MAX_MD_SIZE);
|
558
|
+
static_assert(EVP_MAX_MD_SIZE <= UINT_MAX, "digest too long");
|
559
|
+
return rsa->meth->sign(hash_nid, digest, (unsigned)digest_len, out, out_len,
|
560
|
+
rsa);
|
561
|
+
}
|
562
|
+
|
528
563
|
const unsigned rsa_size = RSA_size(rsa);
|
529
564
|
int ret = 0;
|
530
565
|
uint8_t *signed_msg = NULL;
|
531
566
|
size_t signed_msg_len = 0;
|
532
567
|
int signed_msg_is_alloced = 0;
|
533
568
|
size_t size_t_out_len;
|
534
|
-
|
535
|
-
if (rsa->meth->sign) {
|
536
|
-
return rsa->meth->sign(hash_nid, digest, digest_len, out, out_len, rsa);
|
537
|
-
}
|
538
|
-
|
539
569
|
if (!RSA_add_pkcs1_prefix(&signed_msg, &signed_msg_len,
|
540
570
|
&signed_msg_is_alloced, hash_nid, digest,
|
541
571
|
digest_len) ||
|
542
|
-
!
|
543
|
-
|
572
|
+
!rsa_sign_raw_no_self_test(rsa, &size_t_out_len, out, rsa_size,
|
573
|
+
signed_msg, signed_msg_len,
|
574
|
+
RSA_PKCS1_PADDING)) {
|
575
|
+
goto err;
|
576
|
+
}
|
577
|
+
|
578
|
+
if (size_t_out_len > UINT_MAX) {
|
579
|
+
OPENSSL_PUT_ERROR(RSA, ERR_R_OVERFLOW);
|
544
580
|
goto err;
|
545
581
|
}
|
546
582
|
|
547
|
-
*out_len = size_t_out_len;
|
583
|
+
*out_len = (unsigned)size_t_out_len;
|
548
584
|
ret = 1;
|
549
585
|
|
550
586
|
err:
|
@@ -554,6 +590,13 @@ err:
|
|
554
590
|
return ret;
|
555
591
|
}
|
556
592
|
|
593
|
+
int RSA_sign(int hash_nid, const uint8_t *digest, size_t digest_len,
|
594
|
+
uint8_t *out, unsigned *out_len, RSA *rsa) {
|
595
|
+
boringssl_ensure_rsa_self_test();
|
596
|
+
|
597
|
+
return rsa_sign_no_self_test(hash_nid, digest, digest_len, out, out_len, rsa);
|
598
|
+
}
|
599
|
+
|
557
600
|
int RSA_sign_pss_mgf1(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
|
558
601
|
const uint8_t *digest, size_t digest_len,
|
559
602
|
const EVP_MD *md, const EVP_MD *mgf1_md, int salt_len) {
|
@@ -565,7 +608,6 @@ int RSA_sign_pss_mgf1(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
|
|
565
608
|
size_t padded_len = RSA_size(rsa);
|
566
609
|
uint8_t *padded = OPENSSL_malloc(padded_len);
|
567
610
|
if (padded == NULL) {
|
568
|
-
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
|
569
611
|
return 0;
|
570
612
|
}
|
571
613
|
|
@@ -577,8 +619,9 @@ int RSA_sign_pss_mgf1(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
|
|
577
619
|
return ret;
|
578
620
|
}
|
579
621
|
|
580
|
-
int
|
581
|
-
|
622
|
+
int rsa_verify_no_self_test(int hash_nid, const uint8_t *digest,
|
623
|
+
size_t digest_len, const uint8_t *sig,
|
624
|
+
size_t sig_len, RSA *rsa) {
|
582
625
|
if (rsa->n == NULL || rsa->e == NULL) {
|
583
626
|
OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING);
|
584
627
|
return 0;
|
@@ -598,16 +641,12 @@ int RSA_verify(int hash_nid, const uint8_t *digest, size_t digest_len,
|
|
598
641
|
|
599
642
|
buf = OPENSSL_malloc(rsa_size);
|
600
643
|
if (!buf) {
|
601
|
-
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
|
602
644
|
return 0;
|
603
645
|
}
|
604
646
|
|
605
|
-
if (!
|
606
|
-
|
607
|
-
|
608
|
-
}
|
609
|
-
|
610
|
-
if (!RSA_add_pkcs1_prefix(&signed_msg, &signed_msg_len,
|
647
|
+
if (!rsa_verify_raw_no_self_test(rsa, &len, buf, rsa_size, sig, sig_len,
|
648
|
+
RSA_PKCS1_PADDING) ||
|
649
|
+
!RSA_add_pkcs1_prefix(&signed_msg, &signed_msg_len,
|
611
650
|
&signed_msg_is_alloced, hash_nid, digest,
|
612
651
|
digest_len)) {
|
613
652
|
goto out;
|
@@ -630,6 +669,13 @@ out:
|
|
630
669
|
return ret;
|
631
670
|
}
|
632
671
|
|
672
|
+
int RSA_verify(int hash_nid, const uint8_t *digest, size_t digest_len,
|
673
|
+
const uint8_t *sig, size_t sig_len, RSA *rsa) {
|
674
|
+
boringssl_ensure_rsa_self_test();
|
675
|
+
return rsa_verify_no_self_test(hash_nid, digest, digest_len, sig, sig_len,
|
676
|
+
rsa);
|
677
|
+
}
|
678
|
+
|
633
679
|
int RSA_verify_pss_mgf1(RSA *rsa, const uint8_t *digest, size_t digest_len,
|
634
680
|
const EVP_MD *md, const EVP_MD *mgf1_md, int salt_len,
|
635
681
|
const uint8_t *sig, size_t sig_len) {
|
@@ -641,7 +687,6 @@ int RSA_verify_pss_mgf1(RSA *rsa, const uint8_t *digest, size_t digest_len,
|
|
641
687
|
size_t em_len = RSA_size(rsa);
|
642
688
|
uint8_t *em = OPENSSL_malloc(em_len);
|
643
689
|
if (em == NULL) {
|
644
|
-
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
|
645
690
|
return 0;
|
646
691
|
}
|
647
692
|
|
@@ -722,7 +767,6 @@ int RSA_check_key(const RSA *key) {
|
|
722
767
|
|
723
768
|
BN_CTX *ctx = BN_CTX_new();
|
724
769
|
if (ctx == NULL) {
|
725
|
-
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
|
726
770
|
return 0;
|
727
771
|
}
|
728
772
|
|
@@ -737,7 +781,8 @@ int RSA_check_key(const RSA *key) {
|
|
737
781
|
|
738
782
|
// Check that p * q == n. Before we multiply, we check that p and q are in
|
739
783
|
// bounds, to avoid a DoS vector in |bn_mul_consttime| below. Note that
|
740
|
-
// n was bound by |rsa_check_public_key|.
|
784
|
+
// n was bound by |rsa_check_public_key|. This also implicitly checks p and q
|
785
|
+
// are odd, which is a necessary condition for Montgomery reduction.
|
741
786
|
if (BN_is_negative(key->p) || BN_cmp(key->p, key->n) >= 0 ||
|
742
787
|
BN_is_negative(key->q) || BN_cmp(key->q, key->n) >= 0) {
|
743
788
|
OPENSSL_PUT_ERROR(RSA, RSA_R_N_NOT_EQUAL_P_Q);
|
@@ -849,7 +894,6 @@ int RSA_check_fips(RSA *key) {
|
|
849
894
|
|
850
895
|
BN_CTX *ctx = BN_CTX_new();
|
851
896
|
if (ctx == NULL) {
|
852
|
-
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
|
853
897
|
return 0;
|
854
898
|
}
|
855
899
|
|
@@ -896,7 +940,6 @@ int RSA_check_fips(RSA *key) {
|
|
896
940
|
unsigned sig_len = RSA_size(key);
|
897
941
|
uint8_t *sig = OPENSSL_malloc(sig_len);
|
898
942
|
if (sig == NULL) {
|
899
|
-
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
|
900
943
|
return 0;
|
901
944
|
}
|
902
945
|
|
@@ -905,9 +948,9 @@ int RSA_check_fips(RSA *key) {
|
|
905
948
|
ret = 0;
|
906
949
|
goto cleanup;
|
907
950
|
}
|
908
|
-
|
909
|
-
|
910
|
-
|
951
|
+
if (boringssl_fips_break_test("RSA_PWCT")) {
|
952
|
+
data[0] = ~data[0];
|
953
|
+
}
|
911
954
|
if (!RSA_verify(NID_sha256, data, sizeof(data), sig, sig_len, key)) {
|
912
955
|
OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
|
913
956
|
ret = 0;
|
@@ -930,6 +973,8 @@ int RSA_private_transform(RSA *rsa, uint8_t *out, const uint8_t *in,
|
|
930
973
|
|
931
974
|
int RSA_flags(const RSA *rsa) { return rsa->flags; }
|
932
975
|
|
976
|
+
int RSA_test_flags(const RSA *rsa, int flags) { return rsa->flags & flags; }
|
977
|
+
|
933
978
|
int RSA_blinding_on(RSA *rsa, BN_CTX *ctx) {
|
934
979
|
return 1;
|
935
980
|
}
|