grpc 1.53.2 → 1.54.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +78 -66
- data/include/grpc/event_engine/event_engine.h +30 -14
- data/include/grpc/grpc_security.h +4 -0
- data/include/grpc/support/port_platform.h +4 -4
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +11 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +6 -0
- data/src/core/ext/filters/client_channel/backup_poller.cc +2 -11
- data/src/core/ext/filters/client_channel/backup_poller.h +0 -3
- data/src/core/ext/filters/client_channel/client_channel.cc +848 -813
- data/src/core/ext/filters/client_channel/client_channel.h +131 -173
- data/src/core/ext/filters/client_channel/client_channel_internal.h +114 -0
- data/src/core/ext/filters/client_channel/config_selector.h +4 -3
- data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +6 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +17 -18
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +134 -151
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2 -16
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +14 -10
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +68 -30
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +11 -3
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -5
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +30 -38
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +20 -26
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +31 -179
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +1 -2
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -2
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +4 -2
- data/src/core/ext/filters/client_channel/retry_filter.cc +95 -102
- data/src/core/ext/filters/client_channel/subchannel.cc +2 -4
- data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +26 -27
- data/src/core/ext/filters/client_channel/subchannel_stream_client.h +8 -5
- data/src/core/ext/filters/http/client/http_client_filter.cc +3 -3
- data/src/core/ext/filters/http/http_filters_plugin.cc +1 -12
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +27 -11
- data/src/core/ext/filters/message_size/message_size_filter.cc +141 -224
- data/src/core/ext/filters/message_size/message_size_filter.h +48 -3
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +7 -6
- data/src/core/ext/gcp/metadata_query.cc +142 -0
- data/src/core/ext/gcp/metadata_query.h +82 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +70 -55
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +8 -12
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -5
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +116 -58
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +5 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +4 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +222 -118
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +113 -295
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +0 -2
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +0 -2
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +277 -451
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +1 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +12 -14
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +1 -9
- data/src/core/ext/transport/chttp2/transport/internal.h +16 -3
- data/src/core/ext/transport/chttp2/transport/parsing.cc +3 -2
- data/src/core/ext/transport/chttp2/transport/writing.cc +10 -5
- data/src/core/ext/transport/inproc/inproc_transport.cc +20 -14
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +23 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +94 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -2
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +120 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +6 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +24 -6
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +111 -12
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +9 -7
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +27 -9
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +11 -7
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +56 -12
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +24 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +24 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +13 -2
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +49 -0
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +24 -9
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +66 -12
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +191 -187
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +139 -136
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +31 -15
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +15 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +54 -45
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +135 -119
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +100 -97
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +15 -18
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +272 -264
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +117 -117
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -0
- data/src/core/ext/xds/xds_channel_stack_modifier.cc +1 -2
- data/src/core/ext/xds/xds_client_stats.cc +29 -15
- data/src/core/ext/xds/xds_client_stats.h +24 -20
- data/src/core/ext/xds/xds_endpoint.cc +5 -2
- data/src/core/ext/xds/xds_endpoint.h +9 -1
- data/src/core/ext/xds/xds_http_rbac_filter.cc +1 -1
- data/src/core/ext/xds/xds_lb_policy_registry.cc +13 -0
- data/src/core/ext/xds/xds_transport_grpc.cc +1 -1
- data/src/core/lib/channel/call_finalization.h +1 -1
- data/src/core/lib/channel/call_tracer.cc +51 -0
- data/src/core/lib/channel/call_tracer.h +101 -38
- data/src/core/lib/channel/connected_channel.cc +483 -1050
- data/src/core/lib/channel/context.h +8 -1
- data/src/core/lib/channel/promise_based_filter.cc +106 -42
- data/src/core/lib/channel/promise_based_filter.h +27 -13
- data/src/core/lib/channel/server_call_tracer_filter.cc +110 -0
- data/src/core/lib/config/config_vars.cc +151 -0
- data/src/core/lib/config/config_vars.h +127 -0
- data/src/core/lib/config/config_vars_non_generated.cc +51 -0
- data/src/core/lib/config/load_config.cc +66 -0
- data/src/core/lib/config/load_config.h +49 -0
- data/src/core/lib/debug/trace.cc +5 -6
- data/src/core/lib/debug/trace.h +0 -5
- data/src/core/lib/event_engine/event_engine.cc +37 -2
- data/src/core/lib/event_engine/handle_containers.h +7 -22
- data/src/core/lib/event_engine/memory_allocator_factory.h +47 -0
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -4
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +3 -9
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +48 -15
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +8 -8
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +6 -5
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +0 -1
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +6 -32
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +0 -3
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +27 -18
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +0 -3
- data/src/core/lib/event_engine/resolved_address.cc +2 -1
- data/src/core/lib/event_engine/windows/win_socket.cc +0 -1
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +129 -82
- data/src/core/lib/event_engine/windows/windows_endpoint.h +21 -5
- data/src/core/lib/event_engine/windows/windows_engine.cc +39 -18
- data/src/core/lib/event_engine/windows/windows_engine.h +2 -1
- data/src/core/lib/event_engine/windows/windows_listener.cc +370 -0
- data/src/core/lib/event_engine/windows/windows_listener.h +155 -0
- data/src/core/lib/experiments/config.cc +3 -10
- data/src/core/lib/experiments/experiments.cc +7 -0
- data/src/core/lib/experiments/experiments.h +9 -1
- data/src/core/lib/gpr/log.cc +15 -28
- data/src/core/lib/gprpp/fork.cc +8 -14
- data/src/core/lib/gprpp/orphanable.h +4 -3
- data/src/core/lib/gprpp/per_cpu.h +9 -3
- data/src/core/lib/gprpp/{thd_posix.cc → posix/thd.cc} +49 -37
- data/src/core/lib/gprpp/ref_counted.h +33 -34
- data/src/core/lib/gprpp/thd.h +16 -0
- data/src/core/lib/gprpp/time.cc +1 -0
- data/src/core/lib/gprpp/time.h +4 -4
- data/src/core/lib/gprpp/{thd_windows.cc → windows/thd.cc} +2 -2
- data/src/core/lib/iomgr/call_combiner.h +2 -2
- data/src/core/lib/iomgr/endpoint_cfstream.cc +4 -2
- data/src/core/lib/iomgr/ev_posix.cc +13 -53
- data/src/core/lib/iomgr/ev_posix.h +0 -3
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +103 -76
- data/src/core/lib/iomgr/iomgr.cc +4 -8
- data/src/core/lib/iomgr/iomgr_windows.cc +8 -2
- data/src/core/lib/iomgr/pollset_set_windows.cc +9 -9
- data/src/core/lib/iomgr/pollset_windows.cc +1 -1
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +16 -3
- data/src/core/lib/iomgr/tcp_client_windows.cc +2 -2
- data/src/core/lib/iomgr/tcp_posix.cc +0 -1
- data/src/core/lib/iomgr/tcp_server_posix.cc +19 -55
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +0 -12
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +0 -21
- data/src/core/lib/iomgr/tcp_server_windows.cc +176 -9
- data/src/core/lib/iomgr/tcp_windows.cc +12 -8
- data/src/core/lib/load_balancing/lb_policy.cc +9 -13
- data/src/core/lib/load_balancing/lb_policy.h +4 -2
- data/src/core/lib/promise/activity.cc +22 -6
- data/src/core/lib/promise/activity.h +61 -24
- data/src/core/lib/promise/cancel_callback.h +77 -0
- data/src/core/lib/promise/detail/basic_seq.h +1 -1
- data/src/core/lib/promise/detail/promise_factory.h +4 -0
- data/src/core/lib/promise/for_each.h +176 -0
- data/src/core/lib/promise/if.h +9 -0
- data/src/core/lib/promise/interceptor_list.h +23 -2
- data/src/core/lib/promise/latch.h +89 -3
- data/src/core/lib/promise/loop.h +13 -9
- data/src/core/lib/promise/map.h +7 -0
- data/src/core/lib/promise/party.cc +286 -0
- data/src/core/lib/promise/party.h +499 -0
- data/src/core/lib/promise/pipe.h +197 -57
- data/src/core/lib/promise/poll.h +48 -0
- data/src/core/lib/promise/promise.h +2 -2
- data/src/core/lib/resource_quota/arena.cc +19 -3
- data/src/core/lib/resource_quota/arena.h +119 -5
- data/src/core/lib/resource_quota/memory_quota.cc +1 -1
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +12 -35
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -59
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -5
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +13 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +2 -0
- data/src/core/lib/security/security_connector/load_system_roots_supported.cc +5 -9
- data/src/core/lib/security/security_connector/ssl_utils.cc +11 -25
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +12 -0
- data/src/core/lib/security/transport/secure_endpoint.cc +4 -2
- data/src/core/lib/security/transport/server_auth_filter.cc +20 -2
- data/src/core/lib/slice/slice.cc +1 -1
- data/src/core/lib/surface/builtins.cc +2 -0
- data/src/core/lib/surface/call.cc +926 -1024
- data/src/core/lib/surface/call.h +10 -0
- data/src/core/lib/surface/lame_client.cc +1 -0
- data/src/core/lib/surface/validate_metadata.cc +42 -43
- data/src/core/lib/surface/validate_metadata.h +0 -9
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/batch_builder.cc +179 -0
- data/src/core/lib/transport/batch_builder.h +468 -0
- data/src/core/lib/transport/bdp_estimator.cc +7 -7
- data/src/core/lib/transport/bdp_estimator.h +10 -6
- data/src/core/lib/transport/custom_metadata.h +30 -0
- data/src/core/lib/transport/metadata_batch.cc +5 -2
- data/src/core/lib/transport/metadata_batch.h +17 -113
- data/src/core/lib/transport/parsed_metadata.h +6 -16
- data/src/core/lib/transport/timeout_encoding.cc +6 -1
- data/src/core/lib/transport/transport.cc +30 -2
- data/src/core/lib/transport/transport.h +70 -14
- data/src/core/lib/transport/transport_impl.h +7 -0
- data/src/core/lib/transport/transport_op_string.cc +52 -42
- data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -2
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +21 -4
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +5 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +1 -1
- data/src/core/tsi/ssl_transport_security.cc +4 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/abseil-cpp/absl/base/config.h +1 -1
- data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +34 -0
- data/third_party/abseil-cpp/absl/flags/commandlineflag.h +200 -0
- data/third_party/abseil-cpp/absl/flags/config.h +68 -0
- data/third_party/abseil-cpp/absl/flags/declare.h +73 -0
- data/third_party/abseil-cpp/absl/flags/flag.cc +38 -0
- data/third_party/abseil-cpp/absl/flags/flag.h +310 -0
- data/{src/core/lib/gprpp/global_config_custom.h → third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc} +11 -14
- data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.h +68 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.cc +615 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +800 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +116 -0
- data/third_party/abseil-cpp/absl/flags/internal/path_util.h +62 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +65 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +61 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +60 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.h +50 -0
- data/third_party/abseil-cpp/absl/flags/internal/registry.h +97 -0
- data/third_party/abseil-cpp/absl/flags/internal/sequence_lock.h +187 -0
- data/third_party/abseil-cpp/absl/flags/marshalling.cc +241 -0
- data/third_party/abseil-cpp/absl/flags/marshalling.h +356 -0
- data/third_party/abseil-cpp/absl/flags/reflection.cc +354 -0
- data/third_party/abseil-cpp/absl/flags/reflection.h +90 -0
- data/third_party/abseil-cpp/absl/flags/usage_config.cc +165 -0
- data/third_party/abseil-cpp/absl/flags/usage_config.h +135 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +12 -8
- data/third_party/boringssl-with-bazel/err_data.c +728 -712
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +177 -177
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +28 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +21 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +20 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +66 -185
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +18 -21
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +356 -311
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +174 -194
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +146 -210
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +6 -9
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +346 -526
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +110 -131
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +130 -116
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +93 -60
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +93 -181
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +242 -305
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +41 -18
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +30 -33
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +36 -33
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +29 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +133 -88
- data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +230 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +791 -791
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +526 -526
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +114 -135
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +201 -207
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +21 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +55 -68
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +11 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +15 -9
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +17 -10
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -13
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +9 -5
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +10 -23
- data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +2 -6
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +29 -28
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +161 -201
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +254 -39
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +37 -75
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +8 -10
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/cipher → cipher_extra}/e_des.c +100 -78
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +6 -12
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +14 -11
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +6 -10
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +12 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +74 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +62 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-fuchsia.c → cpu_aarch64_fuchsia.c} +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-linux.c → cpu_aarch64_linux.c} +6 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-win.c → cpu_aarch64_win.c} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm.c → cpu_arm.c} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +55 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.c → cpu_arm_linux.c} +11 -90
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.h → cpu_arm_linux.h} +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-intel.c → cpu_intel.c} +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +25 -20
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +16 -27
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +17 -32
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/des.c +232 -232
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +232 -29
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +39 -16
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +37 -7
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +11 -36
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +214 -99
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +21 -5
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +83 -60
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +46 -12
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +25 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +43 -9
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +75 -44
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +19 -25
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +96 -45
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +26 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +233 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +42 -25
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +35 -47
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +135 -244
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +15 -10
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +29 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +13 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +3 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +13 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +9 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +35 -27
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +16 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +88 -60
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +99 -113
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +112 -168
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +86 -31
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +11 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +13 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +13 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +19 -108
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +19 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +15 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +22 -21
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +79 -19
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +102 -99
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → fipsmodule/cipher}/e_aesccm.c +52 -46
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +39 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cmac → fipsmodule/cmac}/cmac.c +55 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +21 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +56 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/{evp → fipsmodule/digestsign}/digestsign.c +51 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +25 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +91 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +34 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +54 -23
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +44 -60
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64-table.h → p256-nistz-table.h} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.c → p256-nistz.c} +60 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.h → p256-nistz.h} +5 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +48 -36
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +2 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +2 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +42 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +6 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +52 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +9 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +71 -43
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +14 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +31 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +16 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +9 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +73 -59
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -45
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +22 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +63 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +107 -62
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +58 -31
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +523 -422
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +89 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +334 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +3 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +12 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +14 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +19 -6
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +32 -14
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +65 -29
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +373 -18
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +61 -0
- data/third_party/boringssl-with-bazel/src/crypto/kyber/keccak.c +205 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +13 -1
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +220 -13
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -7
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +13 -1
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +81 -90
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +150 -245
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +629 -613
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +17 -17
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +142 -149
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +99 -131
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -66
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +31 -38
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +18 -31
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +8 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +129 -5
- data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +8 -11
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +61 -27
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +66 -34
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +190 -77
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +81 -284
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +109 -42
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +22 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +54 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +32 -34
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +32 -16
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +465 -704
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +284 -331
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +183 -178
- data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +67 -50
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +153 -150
- data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +786 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +95 -102
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +72 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +12 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +227 -252
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +52 -47
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +230 -224
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +161 -327
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +37 -33
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +14 -31
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +55 -85
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +534 -618
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +129 -122
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +116 -182
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +132 -132
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +181 -202
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +64 -79
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +175 -160
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1865 -2050
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +433 -462
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +156 -163
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +267 -263
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +40 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +59 -63
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +63 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +114 -144
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +25 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +326 -415
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +30 -28
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +354 -370
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +37 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +116 -119
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +36 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +419 -261
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +113 -105
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +78 -170
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +126 -131
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +465 -469
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +56 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +46 -49
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +309 -346
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +341 -365
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +429 -393
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +29 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +65 -59
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +125 -121
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +43 -42
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +122 -125
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +50 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +247 -253
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +386 -389
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +45 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +57 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +63 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +143 -136
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +664 -707
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +83 -75
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1062 -1146
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +8 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +28 -48
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +211 -187
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +26 -78
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +19 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +21 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +49 -17
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +99 -29
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +49 -60
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +2 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +16 -200
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +34 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +82 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +32 -30
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +7 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +48 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +37 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +33 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +22 -30
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +7 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +41 -16
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +91 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +74 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +13 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +11 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +8 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +12 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +7 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +96 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +13 -21
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +139 -75
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +384 -286
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +5 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/time.h +41 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +18 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +49 -23
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +0 -11
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1592 -1074
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +202 -205
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +6 -13
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +17 -18
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +4 -5
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +25 -33
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +34 -20
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +65 -34
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +198 -54
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +5 -5
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +32 -28
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +76 -44
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +130 -98
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +27 -11
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +91 -75
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +8 -10
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +39 -65
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +5 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +30 -33
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +77 -100
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +120 -107
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +164 -30
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +150 -60
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +22 -11
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +22 -6
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +15 -13
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +5 -43
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +7 -4
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +22 -34
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +16 -98
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +1241 -657
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +751 -398
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3551 -1938
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1272 -487
- metadata +103 -70
- data/src/core/ext/filters/client_channel/lb_call_state_internal.h +0 -39
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +0 -30
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +0 -29
- data/src/core/lib/gprpp/global_config.h +0 -93
- data/src/core/lib/gprpp/global_config_env.cc +0 -140
- data/src/core/lib/gprpp/global_config_env.h +0 -133
- data/src/core/lib/gprpp/global_config_generic.h +0 -40
- data/src/core/lib/promise/intra_activity_waiter.h +0 -55
- data/src/core/lib/security/security_connector/ssl_utils_config.cc +0 -32
- data/src/core/lib/security/security_connector/ssl_utils_config.h +0 -29
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +0 -195
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +0 -83
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +0 -236
- data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +0 -15
- data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +0 -206
- data/third_party/boringssl-with-bazel/src/crypto/cpu-ppc64le.c +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +0 -361
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +0 -287
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +0 -132
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +0 -155
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +0 -131
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +0 -189
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +0 -843
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +0 -289
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +0 -57
- /data/src/core/lib/gpr/{log_android.cc → android/log.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_iphone.cc → iphone/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_linux.cc → linux/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_linux.cc → linux/log.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_msys.cc → msys/tmpfile.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_posix.cc → posix/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_posix.cc → posix/log.cc} +0 -0
- /data/src/core/lib/gpr/{string_posix.cc → posix/string.cc} +0 -0
- /data/src/core/lib/gpr/{sync_posix.cc → posix/sync.cc} +0 -0
- /data/src/core/lib/gpr/{time_posix.cc → posix/time.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_posix.cc → posix/tmpfile.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_windows.cc → windows/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_windows.cc → windows/log.cc} +0 -0
- /data/src/core/lib/gpr/{string_windows.cc → windows/string.cc} +0 -0
- /data/src/core/lib/gpr/{string_util_windows.cc → windows/string_util.cc} +0 -0
- /data/src/core/lib/gpr/{sync_windows.cc → windows/sync.cc} +0 -0
- /data/src/core/lib/gpr/{time_windows.cc → windows/time.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_windows.cc → windows/tmpfile.cc} +0 -0
- /data/src/core/lib/gprpp/{env_linux.cc → linux/env.cc} +0 -0
- /data/src/core/lib/gprpp/{env_posix.cc → posix/env.cc} +0 -0
- /data/src/core/lib/gprpp/{stat_posix.cc → posix/stat.cc} +0 -0
- /data/src/core/lib/gprpp/{env_windows.cc → windows/env.cc} +0 -0
- /data/src/core/lib/gprpp/{stat_windows.cc → windows/stat.cc} +0 -0
|
@@ -121,12 +121,28 @@
|
|
|
121
121
|
#include <valgrind/memcheck.h>
|
|
122
122
|
#endif
|
|
123
123
|
|
|
124
|
+
#if defined(BORINGSSL_FIPS_BREAK_TESTS)
|
|
125
|
+
#include <stdlib.h>
|
|
126
|
+
#endif
|
|
127
|
+
|
|
124
128
|
#if !defined(__cplusplus)
|
|
125
|
-
#if defined(
|
|
129
|
+
#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
|
|
130
|
+
#include <stdalign.h>
|
|
131
|
+
#elif defined(_MSC_VER) && !defined(__clang__)
|
|
126
132
|
#define alignas(x) __declspec(align(x))
|
|
127
133
|
#define alignof __alignof
|
|
128
134
|
#else
|
|
129
|
-
|
|
135
|
+
// With the exception of MSVC, we require C11 to build the library. C11 is a
|
|
136
|
+
// prerequisite for improved refcounting performance. All our supported C
|
|
137
|
+
// compilers have long implemented C11 and made it default. The most likely
|
|
138
|
+
// cause of pre-C11 modes is stale -std=c99 or -std=gnu99 flags in build
|
|
139
|
+
// configuration. Such flags can be removed.
|
|
140
|
+
//
|
|
141
|
+
// TODO(davidben): In MSVC 2019 16.8 or higher (_MSC_VER >= 1928),
|
|
142
|
+
// |__STDC_VERSION__| will be 201112 when passed /std:c11 and unset otherwise.
|
|
143
|
+
// C11 alignas and alignof are only implemented in C11 mode. Can we mandate C11
|
|
144
|
+
// mode for those versions?
|
|
145
|
+
#error "BoringSSL must be built in C11 mode or higher."
|
|
130
146
|
#endif
|
|
131
147
|
#endif
|
|
132
148
|
|
|
@@ -150,7 +166,7 @@ extern "C" {
|
|
|
150
166
|
|
|
151
167
|
|
|
152
168
|
#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || defined(OPENSSL_ARM) || \
|
|
153
|
-
defined(OPENSSL_AARCH64)
|
|
169
|
+
defined(OPENSSL_AARCH64)
|
|
154
170
|
// OPENSSL_cpuid_setup initializes the platform-specific feature cache.
|
|
155
171
|
void OPENSSL_cpuid_setup(void);
|
|
156
172
|
#endif
|
|
@@ -209,6 +225,16 @@ typedef __uint128_t uint128_t;
|
|
|
209
225
|
#define OPENSSL_SSE2
|
|
210
226
|
#endif
|
|
211
227
|
|
|
228
|
+
#if defined(BORINGSSL_MALLOC_FAILURE_TESTING)
|
|
229
|
+
// OPENSSL_reset_malloc_counter_for_testing, when malloc testing is enabled,
|
|
230
|
+
// resets the internal malloc counter, to simulate further malloc failures. This
|
|
231
|
+
// should be called in between independent tests, at a point where failure from
|
|
232
|
+
// a previous test will not impact subsequent ones.
|
|
233
|
+
OPENSSL_EXPORT void OPENSSL_reset_malloc_counter_for_testing(void);
|
|
234
|
+
#else
|
|
235
|
+
OPENSSL_INLINE void OPENSSL_reset_malloc_counter_for_testing(void) {}
|
|
236
|
+
#endif
|
|
237
|
+
|
|
212
238
|
|
|
213
239
|
// Pointer utility functions.
|
|
214
240
|
|
|
@@ -286,7 +312,7 @@ typedef uint32_t crypto_word_t;
|
|
|
286
312
|
// always has the same output for a given input. This allows it to eliminate
|
|
287
313
|
// dead code, move computations across loops, and vectorize.
|
|
288
314
|
static inline crypto_word_t value_barrier_w(crypto_word_t a) {
|
|
289
|
-
#if
|
|
315
|
+
#if defined(__GNUC__) || defined(__clang__)
|
|
290
316
|
__asm__("" : "+r"(a) : /* no inputs */);
|
|
291
317
|
#endif
|
|
292
318
|
return a;
|
|
@@ -294,7 +320,7 @@ static inline crypto_word_t value_barrier_w(crypto_word_t a) {
|
|
|
294
320
|
|
|
295
321
|
// value_barrier_u32 behaves like |value_barrier_w| but takes a |uint32_t|.
|
|
296
322
|
static inline uint32_t value_barrier_u32(uint32_t a) {
|
|
297
|
-
#if
|
|
323
|
+
#if defined(__GNUC__) || defined(__clang__)
|
|
298
324
|
__asm__("" : "+r"(a) : /* no inputs */);
|
|
299
325
|
#endif
|
|
300
326
|
return a;
|
|
@@ -302,7 +328,7 @@ static inline uint32_t value_barrier_u32(uint32_t a) {
|
|
|
302
328
|
|
|
303
329
|
// value_barrier_u64 behaves like |value_barrier_w| but takes a |uint64_t|.
|
|
304
330
|
static inline uint64_t value_barrier_u64(uint64_t a) {
|
|
305
|
-
#if
|
|
331
|
+
#if defined(__GNUC__) || defined(__clang__)
|
|
306
332
|
__asm__("" : "+r"(a) : /* no inputs */);
|
|
307
333
|
#endif
|
|
308
334
|
return a;
|
|
@@ -449,20 +475,44 @@ static inline int constant_time_select_int(crypto_word_t mask, int a, int b) {
|
|
|
449
475
|
// of memory as secret. Secret data is tracked as it flows to registers and
|
|
450
476
|
// other parts of a memory. If secret data is used as a condition for a branch,
|
|
451
477
|
// or as a memory index, it will trigger warnings in valgrind.
|
|
452
|
-
#define CONSTTIME_SECRET(
|
|
478
|
+
#define CONSTTIME_SECRET(ptr, len) VALGRIND_MAKE_MEM_UNDEFINED(ptr, len)
|
|
453
479
|
|
|
454
480
|
// CONSTTIME_DECLASSIFY takes a pointer and a number of bytes and marks that
|
|
455
481
|
// region of memory as public. Public data is not subject to constant-time
|
|
456
482
|
// rules.
|
|
457
|
-
#define CONSTTIME_DECLASSIFY(
|
|
483
|
+
#define CONSTTIME_DECLASSIFY(ptr, len) VALGRIND_MAKE_MEM_DEFINED(ptr, len)
|
|
458
484
|
|
|
459
485
|
#else
|
|
460
486
|
|
|
461
|
-
#define CONSTTIME_SECRET(
|
|
462
|
-
#define CONSTTIME_DECLASSIFY(
|
|
487
|
+
#define CONSTTIME_SECRET(ptr, len)
|
|
488
|
+
#define CONSTTIME_DECLASSIFY(ptr, len)
|
|
463
489
|
|
|
464
490
|
#endif // BORINGSSL_CONSTANT_TIME_VALIDATION
|
|
465
491
|
|
|
492
|
+
static inline crypto_word_t constant_time_declassify_w(crypto_word_t v) {
|
|
493
|
+
// Return |v| through a value barrier to be safe. Valgrind-based constant-time
|
|
494
|
+
// validation is partly to check the compiler has not undone any constant-time
|
|
495
|
+
// work. Any place |BORINGSSL_CONSTANT_TIME_VALIDATION| influences
|
|
496
|
+
// optimizations, this validation is inaccurate.
|
|
497
|
+
//
|
|
498
|
+
// However, by sending pointers through valgrind, we likely inhibit escape
|
|
499
|
+
// analysis. On local variables, particularly booleans, we likely
|
|
500
|
+
// significantly impact optimizations.
|
|
501
|
+
//
|
|
502
|
+
// Thus, to be safe, stick a value barrier, in hopes of comparably inhibiting
|
|
503
|
+
// compiler analysis.
|
|
504
|
+
CONSTTIME_DECLASSIFY(&v, sizeof(v));
|
|
505
|
+
return value_barrier_w(v);
|
|
506
|
+
}
|
|
507
|
+
|
|
508
|
+
static inline int constant_time_declassify_int(int v) {
|
|
509
|
+
static_assert(sizeof(uint32_t) == sizeof(int),
|
|
510
|
+
"int is not the same size as uint32_t");
|
|
511
|
+
// See comment above.
|
|
512
|
+
CONSTTIME_DECLASSIFY(&v, sizeof(v));
|
|
513
|
+
return value_barrier_u32(v);
|
|
514
|
+
}
|
|
515
|
+
|
|
466
516
|
|
|
467
517
|
// Thread-safe initialisation.
|
|
468
518
|
|
|
@@ -636,6 +686,7 @@ typedef enum {
|
|
|
636
686
|
OPENSSL_THREAD_LOCAL_ERR = 0,
|
|
637
687
|
OPENSSL_THREAD_LOCAL_RAND,
|
|
638
688
|
OPENSSL_THREAD_LOCAL_FIPS_COUNTERS,
|
|
689
|
+
OPENSSL_THREAD_LOCAL_FIPS_SERVICE_INDICATOR_STATE,
|
|
639
690
|
OPENSSL_THREAD_LOCAL_TEST,
|
|
640
691
|
NUM_OPENSSL_THREAD_LOCALS,
|
|
641
692
|
} thread_local_data_t;
|
|
@@ -868,6 +919,16 @@ static inline void CRYPTO_store_u32_be(void *out, uint32_t v) {
|
|
|
868
919
|
OPENSSL_memcpy(out, &v, sizeof(v));
|
|
869
920
|
}
|
|
870
921
|
|
|
922
|
+
static inline uint64_t CRYPTO_load_u64_le(const void *in) {
|
|
923
|
+
uint64_t v;
|
|
924
|
+
OPENSSL_memcpy(&v, in, sizeof(v));
|
|
925
|
+
return v;
|
|
926
|
+
}
|
|
927
|
+
|
|
928
|
+
static inline void CRYPTO_store_u64_le(void *out, uint64_t v) {
|
|
929
|
+
OPENSSL_memcpy(out, &v, sizeof(v));
|
|
930
|
+
}
|
|
931
|
+
|
|
871
932
|
static inline uint64_t CRYPTO_load_u64_be(const void *ptr) {
|
|
872
933
|
uint64_t ret;
|
|
873
934
|
OPENSSL_memcpy(&ret, ptr, sizeof(ret));
|
|
@@ -889,6 +950,18 @@ static inline void CRYPTO_store_word_le(void *out, crypto_word_t v) {
|
|
|
889
950
|
OPENSSL_memcpy(out, &v, sizeof(v));
|
|
890
951
|
}
|
|
891
952
|
|
|
953
|
+
static inline crypto_word_t CRYPTO_load_word_be(const void *in) {
|
|
954
|
+
crypto_word_t v;
|
|
955
|
+
OPENSSL_memcpy(&v, in, sizeof(v));
|
|
956
|
+
#if defined(OPENSSL_64_BIT)
|
|
957
|
+
static_assert(sizeof(v) == 8, "crypto_word_t has unexpected size");
|
|
958
|
+
return CRYPTO_bswap8(v);
|
|
959
|
+
#else
|
|
960
|
+
static_assert(sizeof(v) == 4, "crypto_word_t has unexpected size");
|
|
961
|
+
return CRYPTO_bswap4(v);
|
|
962
|
+
#endif
|
|
963
|
+
}
|
|
964
|
+
|
|
892
965
|
|
|
893
966
|
// Bit rotation functions.
|
|
894
967
|
//
|
|
@@ -932,19 +1005,50 @@ static inline uint64_t CRYPTO_rotr_u64(uint64_t value, int shift) {
|
|
|
932
1005
|
// FIPS functions.
|
|
933
1006
|
|
|
934
1007
|
#if defined(BORINGSSL_FIPS)
|
|
1008
|
+
|
|
935
1009
|
// BORINGSSL_FIPS_abort is called when a FIPS power-on or continuous test
|
|
936
1010
|
// fails. It prevents any further cryptographic operations by the current
|
|
937
1011
|
// process.
|
|
938
1012
|
void BORINGSSL_FIPS_abort(void) __attribute__((noreturn));
|
|
939
|
-
#endif
|
|
940
1013
|
|
|
941
|
-
//
|
|
942
|
-
//
|
|
943
|
-
//
|
|
944
|
-
|
|
945
|
-
|
|
946
|
-
|
|
947
|
-
|
|
1014
|
+
// boringssl_self_test_startup runs all startup self tests and returns one on
|
|
1015
|
+
// success or zero on error. Startup self tests do not include lazy tests.
|
|
1016
|
+
// Call |BORINGSSL_self_test| to run every self test.
|
|
1017
|
+
int boringssl_self_test_startup(void);
|
|
1018
|
+
|
|
1019
|
+
// boringssl_ensure_rsa_self_test checks whether the RSA self-test has been run
|
|
1020
|
+
// in this address space. If not, it runs it and crashes the address space if
|
|
1021
|
+
// unsuccessful.
|
|
1022
|
+
void boringssl_ensure_rsa_self_test(void);
|
|
1023
|
+
|
|
1024
|
+
// boringssl_ensure_ecc_self_test checks whether the ECDSA and ECDH self-test
|
|
1025
|
+
// has been run in this address space. If not, it runs it and crashes the
|
|
1026
|
+
// address space if unsuccessful.
|
|
1027
|
+
void boringssl_ensure_ecc_self_test(void);
|
|
1028
|
+
|
|
1029
|
+
// boringssl_ensure_ffdh_self_test checks whether the FFDH self-test has been
|
|
1030
|
+
// run in this address space. If not, it runs it and crashes the address space
|
|
1031
|
+
// if unsuccessful.
|
|
1032
|
+
void boringssl_ensure_ffdh_self_test(void);
|
|
1033
|
+
|
|
1034
|
+
#else
|
|
1035
|
+
|
|
1036
|
+
// Outside of FIPS mode, the lazy tests are no-ops.
|
|
1037
|
+
|
|
1038
|
+
OPENSSL_INLINE void boringssl_ensure_rsa_self_test(void) {}
|
|
1039
|
+
OPENSSL_INLINE void boringssl_ensure_ecc_self_test(void) {}
|
|
1040
|
+
OPENSSL_INLINE void boringssl_ensure_ffdh_self_test(void) {}
|
|
1041
|
+
|
|
1042
|
+
#endif // FIPS
|
|
1043
|
+
|
|
1044
|
+
// boringssl_self_test_sha256 performs a SHA-256 KAT.
|
|
1045
|
+
int boringssl_self_test_sha256(void);
|
|
1046
|
+
|
|
1047
|
+
// boringssl_self_test_sha512 performs a SHA-512 KAT.
|
|
1048
|
+
int boringssl_self_test_sha512(void);
|
|
1049
|
+
|
|
1050
|
+
// boringssl_self_test_hmac_sha256 performs an HMAC-SHA-256 KAT.
|
|
1051
|
+
int boringssl_self_test_hmac_sha256(void);
|
|
948
1052
|
|
|
949
1053
|
#if defined(BORINGSSL_FIPS_COUNTERS)
|
|
950
1054
|
void boringssl_fips_inc_counter(enum fips_counter_t counter);
|
|
@@ -952,6 +1056,257 @@ void boringssl_fips_inc_counter(enum fips_counter_t counter);
|
|
|
952
1056
|
OPENSSL_INLINE void boringssl_fips_inc_counter(enum fips_counter_t counter) {}
|
|
953
1057
|
#endif
|
|
954
1058
|
|
|
1059
|
+
#if defined(BORINGSSL_FIPS_BREAK_TESTS)
|
|
1060
|
+
OPENSSL_INLINE int boringssl_fips_break_test(const char *test) {
|
|
1061
|
+
const char *const value = getenv("BORINGSSL_FIPS_BREAK_TEST");
|
|
1062
|
+
return value != NULL && strcmp(value, test) == 0;
|
|
1063
|
+
}
|
|
1064
|
+
#else
|
|
1065
|
+
OPENSSL_INLINE int boringssl_fips_break_test(const char *test) {
|
|
1066
|
+
return 0;
|
|
1067
|
+
}
|
|
1068
|
+
#endif // BORINGSSL_FIPS_BREAK_TESTS
|
|
1069
|
+
|
|
1070
|
+
|
|
1071
|
+
// Runtime CPU feature support
|
|
1072
|
+
|
|
1073
|
+
#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
|
|
1074
|
+
// OPENSSL_ia32cap_P contains the Intel CPUID bits when running on an x86 or
|
|
1075
|
+
// x86-64 system.
|
|
1076
|
+
//
|
|
1077
|
+
// Index 0:
|
|
1078
|
+
// EDX for CPUID where EAX = 1
|
|
1079
|
+
// Bit 20 is always zero
|
|
1080
|
+
// Bit 28 is adjusted to reflect whether the data cache is shared between
|
|
1081
|
+
// multiple logical cores
|
|
1082
|
+
// Bit 30 is used to indicate an Intel CPU
|
|
1083
|
+
// Index 1:
|
|
1084
|
+
// ECX for CPUID where EAX = 1
|
|
1085
|
+
// Bit 11 is used to indicate AMD XOP support, not SDBG
|
|
1086
|
+
// Index 2:
|
|
1087
|
+
// EBX for CPUID where EAX = 7
|
|
1088
|
+
// Index 3:
|
|
1089
|
+
// ECX for CPUID where EAX = 7
|
|
1090
|
+
//
|
|
1091
|
+
// Note: the CPUID bits are pre-adjusted for the OSXSAVE bit and the YMM and XMM
|
|
1092
|
+
// bits in XCR0, so it is not necessary to check those.
|
|
1093
|
+
extern uint32_t OPENSSL_ia32cap_P[4];
|
|
1094
|
+
|
|
1095
|
+
#if defined(BORINGSSL_FIPS) && !defined(BORINGSSL_SHARED_LIBRARY)
|
|
1096
|
+
// The FIPS module, as a static library, requires an out-of-line version of
|
|
1097
|
+
// |OPENSSL_ia32cap_get| so accesses can be rewritten by delocate. Mark the
|
|
1098
|
+
// function const so multiple accesses can be optimized together.
|
|
1099
|
+
const uint32_t *OPENSSL_ia32cap_get(void) __attribute__((const));
|
|
1100
|
+
#else
|
|
1101
|
+
OPENSSL_INLINE const uint32_t *OPENSSL_ia32cap_get(void) {
|
|
1102
|
+
return OPENSSL_ia32cap_P;
|
|
1103
|
+
}
|
|
1104
|
+
#endif
|
|
1105
|
+
|
|
1106
|
+
// See Intel manual, volume 2A, table 3-11.
|
|
1107
|
+
|
|
1108
|
+
OPENSSL_INLINE int CRYPTO_is_FXSR_capable(void) {
|
|
1109
|
+
#if defined(__FXSR__)
|
|
1110
|
+
return 1;
|
|
1111
|
+
#else
|
|
1112
|
+
return (OPENSSL_ia32cap_get()[0] & (1 << 24)) != 0;
|
|
1113
|
+
#endif
|
|
1114
|
+
}
|
|
1115
|
+
|
|
1116
|
+
OPENSSL_INLINE int CRYPTO_is_intel_cpu(void) {
|
|
1117
|
+
// The reserved bit 30 is used to indicate an Intel CPU.
|
|
1118
|
+
return (OPENSSL_ia32cap_get()[0] & (1 << 30)) != 0;
|
|
1119
|
+
}
|
|
1120
|
+
|
|
1121
|
+
// See Intel manual, volume 2A, table 3-10.
|
|
1122
|
+
|
|
1123
|
+
OPENSSL_INLINE int CRYPTO_is_PCLMUL_capable(void) {
|
|
1124
|
+
#if defined(__PCLMUL__)
|
|
1125
|
+
return 1;
|
|
1126
|
+
#else
|
|
1127
|
+
return (OPENSSL_ia32cap_get()[1] & (1 << 1)) != 0;
|
|
1128
|
+
#endif
|
|
1129
|
+
}
|
|
1130
|
+
|
|
1131
|
+
OPENSSL_INLINE int CRYPTO_is_SSSE3_capable(void) {
|
|
1132
|
+
#if defined(__SSSE3__)
|
|
1133
|
+
return 1;
|
|
1134
|
+
#else
|
|
1135
|
+
return (OPENSSL_ia32cap_get()[1] & (1 << 9)) != 0;
|
|
1136
|
+
#endif
|
|
1137
|
+
}
|
|
1138
|
+
|
|
1139
|
+
OPENSSL_INLINE int CRYPTO_is_SSE4_1_capable(void) {
|
|
1140
|
+
#if defined(__SSE4_1__)
|
|
1141
|
+
return 1;
|
|
1142
|
+
#else
|
|
1143
|
+
return (OPENSSL_ia32cap_P[1] & (1 << 19)) != 0;
|
|
1144
|
+
#endif
|
|
1145
|
+
}
|
|
1146
|
+
|
|
1147
|
+
OPENSSL_INLINE int CRYPTO_is_MOVBE_capable(void) {
|
|
1148
|
+
#if defined(__MOVBE__)
|
|
1149
|
+
return 1;
|
|
1150
|
+
#else
|
|
1151
|
+
return (OPENSSL_ia32cap_get()[1] & (1 << 22)) != 0;
|
|
1152
|
+
#endif
|
|
1153
|
+
}
|
|
1154
|
+
|
|
1155
|
+
OPENSSL_INLINE int CRYPTO_is_AESNI_capable(void) {
|
|
1156
|
+
#if defined(__AES__)
|
|
1157
|
+
return 1;
|
|
1158
|
+
#else
|
|
1159
|
+
return (OPENSSL_ia32cap_get()[1] & (1 << 25)) != 0;
|
|
1160
|
+
#endif
|
|
1161
|
+
}
|
|
1162
|
+
|
|
1163
|
+
OPENSSL_INLINE int CRYPTO_is_AVX_capable(void) {
|
|
1164
|
+
#if defined(__AVX__)
|
|
1165
|
+
return 1;
|
|
1166
|
+
#else
|
|
1167
|
+
return (OPENSSL_ia32cap_get()[1] & (1 << 28)) != 0;
|
|
1168
|
+
#endif
|
|
1169
|
+
}
|
|
1170
|
+
|
|
1171
|
+
OPENSSL_INLINE int CRYPTO_is_RDRAND_capable(void) {
|
|
1172
|
+
// The GCC/Clang feature name and preprocessor symbol for RDRAND are "rdrnd"
|
|
1173
|
+
// and |__RDRND__|, respectively.
|
|
1174
|
+
#if defined(__RDRND__)
|
|
1175
|
+
return 1;
|
|
1176
|
+
#else
|
|
1177
|
+
return (OPENSSL_ia32cap_get()[1] & (1u << 30)) != 0;
|
|
1178
|
+
#endif
|
|
1179
|
+
}
|
|
1180
|
+
|
|
1181
|
+
// See Intel manual, volume 2A, table 3-8.
|
|
1182
|
+
|
|
1183
|
+
OPENSSL_INLINE int CRYPTO_is_BMI1_capable(void) {
|
|
1184
|
+
#if defined(__BMI1__)
|
|
1185
|
+
return 1;
|
|
1186
|
+
#else
|
|
1187
|
+
return (OPENSSL_ia32cap_get()[2] & (1 << 3)) != 0;
|
|
1188
|
+
#endif
|
|
1189
|
+
}
|
|
1190
|
+
|
|
1191
|
+
OPENSSL_INLINE int CRYPTO_is_AVX2_capable(void) {
|
|
1192
|
+
#if defined(__AVX2__)
|
|
1193
|
+
return 1;
|
|
1194
|
+
#else
|
|
1195
|
+
return (OPENSSL_ia32cap_get()[2] & (1 << 5)) != 0;
|
|
1196
|
+
#endif
|
|
1197
|
+
}
|
|
1198
|
+
|
|
1199
|
+
OPENSSL_INLINE int CRYPTO_is_BMI2_capable(void) {
|
|
1200
|
+
#if defined(__BMI2__)
|
|
1201
|
+
return 1;
|
|
1202
|
+
#else
|
|
1203
|
+
return (OPENSSL_ia32cap_get()[2] & (1 << 8)) != 0;
|
|
1204
|
+
#endif
|
|
1205
|
+
}
|
|
1206
|
+
|
|
1207
|
+
OPENSSL_INLINE int CRYPTO_is_ADX_capable(void) {
|
|
1208
|
+
#if defined(__ADX__)
|
|
1209
|
+
return 1;
|
|
1210
|
+
#else
|
|
1211
|
+
return (OPENSSL_ia32cap_get()[2] & (1 << 19)) != 0;
|
|
1212
|
+
#endif
|
|
1213
|
+
}
|
|
1214
|
+
|
|
1215
|
+
#endif // OPENSSL_X86 || OPENSSL_X86_64
|
|
1216
|
+
|
|
1217
|
+
#if defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)
|
|
1218
|
+
|
|
1219
|
+
#if defined(OPENSSL_APPLE) && defined(OPENSSL_ARM)
|
|
1220
|
+
// We do not detect any features at runtime for Apple's 32-bit ARM platforms. On
|
|
1221
|
+
// 64-bit ARM, we detect some post-ARMv8.0 features.
|
|
1222
|
+
#define OPENSSL_STATIC_ARMCAP
|
|
1223
|
+
#endif
|
|
1224
|
+
|
|
1225
|
+
// Normalize some older feature flags to their modern ACLE values.
|
|
1226
|
+
// https://developer.arm.com/architectures/system-architectures/software-standards/acle
|
|
1227
|
+
#if defined(__ARM_NEON__) && !defined(__ARM_NEON)
|
|
1228
|
+
#define __ARM_NEON 1
|
|
1229
|
+
#endif
|
|
1230
|
+
#if defined(__ARM_FEATURE_CRYPTO)
|
|
1231
|
+
#if !defined(__ARM_FEATURE_AES)
|
|
1232
|
+
#define __ARM_FEATURE_AES 1
|
|
1233
|
+
#endif
|
|
1234
|
+
#if !defined(__ARM_FEATURE_SHA2)
|
|
1235
|
+
#define __ARM_FEATURE_SHA2 1
|
|
1236
|
+
#endif
|
|
1237
|
+
#endif
|
|
1238
|
+
|
|
1239
|
+
#if !defined(OPENSSL_STATIC_ARMCAP)
|
|
1240
|
+
// CRYPTO_is_NEON_capable_at_runtime returns true if the current CPU has a NEON
|
|
1241
|
+
// unit. Note that |OPENSSL_armcap_P| also exists and contains the same
|
|
1242
|
+
// information in a form that's easier for assembly to use.
|
|
1243
|
+
OPENSSL_EXPORT int CRYPTO_is_NEON_capable_at_runtime(void);
|
|
1244
|
+
|
|
1245
|
+
// CRYPTO_is_ARMv8_AES_capable_at_runtime returns true if the current CPU
|
|
1246
|
+
// supports the ARMv8 AES instruction.
|
|
1247
|
+
int CRYPTO_is_ARMv8_AES_capable_at_runtime(void);
|
|
1248
|
+
|
|
1249
|
+
// CRYPTO_is_ARMv8_PMULL_capable_at_runtime returns true if the current CPU
|
|
1250
|
+
// supports the ARMv8 PMULL instruction.
|
|
1251
|
+
int CRYPTO_is_ARMv8_PMULL_capable_at_runtime(void);
|
|
1252
|
+
#endif // !OPENSSL_STATIC_ARMCAP
|
|
1253
|
+
|
|
1254
|
+
// CRYPTO_is_NEON_capable returns true if the current CPU has a NEON unit. If
|
|
1255
|
+
// this is known statically, it is a constant inline function.
|
|
1256
|
+
OPENSSL_INLINE int CRYPTO_is_NEON_capable(void) {
|
|
1257
|
+
#if defined(OPENSSL_STATIC_ARMCAP_NEON) || defined(__ARM_NEON)
|
|
1258
|
+
return 1;
|
|
1259
|
+
#elif defined(OPENSSL_STATIC_ARMCAP)
|
|
1260
|
+
return 0;
|
|
1261
|
+
#else
|
|
1262
|
+
return CRYPTO_is_NEON_capable_at_runtime();
|
|
1263
|
+
#endif
|
|
1264
|
+
}
|
|
1265
|
+
|
|
1266
|
+
OPENSSL_INLINE int CRYPTO_is_ARMv8_AES_capable(void) {
|
|
1267
|
+
#if defined(OPENSSL_STATIC_ARMCAP_AES) || defined(__ARM_FEATURE_AES)
|
|
1268
|
+
return 1;
|
|
1269
|
+
#elif defined(OPENSSL_STATIC_ARMCAP)
|
|
1270
|
+
return 0;
|
|
1271
|
+
#else
|
|
1272
|
+
return CRYPTO_is_ARMv8_AES_capable_at_runtime();
|
|
1273
|
+
#endif
|
|
1274
|
+
}
|
|
1275
|
+
|
|
1276
|
+
OPENSSL_INLINE int CRYPTO_is_ARMv8_PMULL_capable(void) {
|
|
1277
|
+
#if defined(OPENSSL_STATIC_ARMCAP_PMULL) || defined(__ARM_FEATURE_AES)
|
|
1278
|
+
return 1;
|
|
1279
|
+
#elif defined(OPENSSL_STATIC_ARMCAP)
|
|
1280
|
+
return 0;
|
|
1281
|
+
#else
|
|
1282
|
+
return CRYPTO_is_ARMv8_PMULL_capable_at_runtime();
|
|
1283
|
+
#endif
|
|
1284
|
+
}
|
|
1285
|
+
|
|
1286
|
+
#endif // OPENSSL_ARM || OPENSSL_AARCH64
|
|
1287
|
+
|
|
1288
|
+
#if defined(BORINGSSL_DISPATCH_TEST)
|
|
1289
|
+
// Runtime CPU dispatch testing support
|
|
1290
|
+
|
|
1291
|
+
// BORINGSSL_function_hit is an array of flags. The following functions will
|
|
1292
|
+
// set these flags if BORINGSSL_DISPATCH_TEST is defined.
|
|
1293
|
+
// 0: aes_hw_ctr32_encrypt_blocks
|
|
1294
|
+
// 1: aes_hw_encrypt
|
|
1295
|
+
// 2: aesni_gcm_encrypt
|
|
1296
|
+
// 3: aes_hw_set_encrypt_key
|
|
1297
|
+
// 4: vpaes_encrypt
|
|
1298
|
+
// 5: vpaes_set_encrypt_key
|
|
1299
|
+
extern uint8_t BORINGSSL_function_hit[7];
|
|
1300
|
+
#endif // BORINGSSL_DISPATCH_TEST
|
|
1301
|
+
|
|
1302
|
+
// OPENSSL_vasprintf_internal is just like |vasprintf(3)|. If |system_malloc| is
|
|
1303
|
+
// 0, memory will be allocated with |OPENSSL_malloc| and must be freed with
|
|
1304
|
+
// |OPENSSL_free|. Otherwise the system |malloc| function is used and the memory
|
|
1305
|
+
// must be freed with the system |free| function.
|
|
1306
|
+
OPENSSL_EXPORT int OPENSSL_vasprintf_internal(char **str, const char *format,
|
|
1307
|
+
va_list args, int system_malloc)
|
|
1308
|
+
OPENSSL_PRINTF_FORMAT_FUNC(2, 0);
|
|
1309
|
+
|
|
955
1310
|
#if defined(__cplusplus)
|
|
956
1311
|
} // extern C
|
|
957
1312
|
#endif
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
/* Copyright (c) 2023, Google Inc.
|
|
2
|
+
*
|
|
3
|
+
* Permission to use, copy, modify, and/or distribute this software for any
|
|
4
|
+
* purpose with or without fee is hereby granted, provided that the above
|
|
5
|
+
* copyright notice and this permission notice appear in all copies.
|
|
6
|
+
*
|
|
7
|
+
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
8
|
+
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
9
|
+
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
|
|
10
|
+
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
11
|
+
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
|
|
12
|
+
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
|
13
|
+
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
|
|
14
|
+
|
|
15
|
+
#ifndef OPENSSL_HEADER_CRYPTO_KYBER_INTERNAL_H
|
|
16
|
+
#define OPENSSL_HEADER_CRYPTO_KYBER_INTERNAL_H
|
|
17
|
+
|
|
18
|
+
#include <openssl/base.h>
|
|
19
|
+
|
|
20
|
+
#if defined(__cplusplus)
|
|
21
|
+
extern "C" {
|
|
22
|
+
#endif
|
|
23
|
+
|
|
24
|
+
|
|
25
|
+
struct BORINGSSL_keccak_st {
|
|
26
|
+
uint64_t state[25];
|
|
27
|
+
size_t rate_bytes;
|
|
28
|
+
size_t offset;
|
|
29
|
+
};
|
|
30
|
+
|
|
31
|
+
enum boringssl_keccak_config_t {
|
|
32
|
+
boringssl_sha3_256,
|
|
33
|
+
boringssl_sha3_512,
|
|
34
|
+
boringssl_shake128,
|
|
35
|
+
boringssl_shake256,
|
|
36
|
+
};
|
|
37
|
+
|
|
38
|
+
// BORINGSSL_keccak hashes |in_len| bytes from |in| and writes |out_len| bytes
|
|
39
|
+
// of output to |out|. If the |config| specifies a fixed-output function, like
|
|
40
|
+
// SHA3-256, then |out_len| must be the correct length for that function.
|
|
41
|
+
OPENSSL_EXPORT void BORINGSSL_keccak(uint8_t *out, size_t out_len,
|
|
42
|
+
const uint8_t *in, size_t in_len,
|
|
43
|
+
enum boringssl_keccak_config_t config);
|
|
44
|
+
|
|
45
|
+
// BORINGSSL_keccak_init absorbs |in_len| bytes from |in| and sets up |ctx| for
|
|
46
|
+
// squeezing. The |config| must specify a SHAKE variant, otherwise callers
|
|
47
|
+
// should use |BORINGSSL_keccak|.
|
|
48
|
+
OPENSSL_EXPORT void BORINGSSL_keccak_init(
|
|
49
|
+
struct BORINGSSL_keccak_st *ctx, const uint8_t *in, size_t in_len,
|
|
50
|
+
enum boringssl_keccak_config_t config);
|
|
51
|
+
|
|
52
|
+
// BORINGSSL_keccak_squeeze writes |out_len| bytes to |out| from |ctx|.
|
|
53
|
+
OPENSSL_EXPORT void BORINGSSL_keccak_squeeze(
|
|
54
|
+
struct BORINGSSL_keccak_st *ctx, uint8_t *out, size_t out_len);
|
|
55
|
+
|
|
56
|
+
|
|
57
|
+
#if defined(__cplusplus)
|
|
58
|
+
}
|
|
59
|
+
#endif
|
|
60
|
+
|
|
61
|
+
#endif // OPENSSL_HEADER_CRYPTO_KYBER_INTERNAL_H
|