grpc 1.53.2 → 1.54.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (693) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +78 -66
  3. data/include/grpc/event_engine/event_engine.h +30 -14
  4. data/include/grpc/grpc_security.h +4 -0
  5. data/include/grpc/support/port_platform.h +4 -4
  6. data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +11 -0
  7. data/src/core/ext/filters/client_channel/backend_metric.cc +6 -0
  8. data/src/core/ext/filters/client_channel/backup_poller.cc +2 -11
  9. data/src/core/ext/filters/client_channel/backup_poller.h +0 -3
  10. data/src/core/ext/filters/client_channel/client_channel.cc +848 -813
  11. data/src/core/ext/filters/client_channel/client_channel.h +131 -173
  12. data/src/core/ext/filters/client_channel/client_channel_internal.h +114 -0
  13. data/src/core/ext/filters/client_channel/config_selector.h +4 -3
  14. data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +6 -1
  15. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +17 -18
  16. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +134 -151
  17. data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2 -16
  18. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +14 -10
  19. data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +68 -30
  20. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +11 -3
  21. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -1
  22. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -5
  23. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +2 -2
  24. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +30 -38
  25. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +4 -4
  26. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +20 -26
  27. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +31 -179
  28. data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +1 -2
  29. data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -2
  30. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +4 -2
  31. data/src/core/ext/filters/client_channel/retry_filter.cc +95 -102
  32. data/src/core/ext/filters/client_channel/subchannel.cc +2 -4
  33. data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +26 -27
  34. data/src/core/ext/filters/client_channel/subchannel_stream_client.h +8 -5
  35. data/src/core/ext/filters/http/client/http_client_filter.cc +3 -3
  36. data/src/core/ext/filters/http/http_filters_plugin.cc +1 -12
  37. data/src/core/ext/filters/http/message_compress/compression_filter.cc +27 -11
  38. data/src/core/ext/filters/message_size/message_size_filter.cc +141 -224
  39. data/src/core/ext/filters/message_size/message_size_filter.h +48 -3
  40. data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +7 -6
  41. data/src/core/ext/gcp/metadata_query.cc +142 -0
  42. data/src/core/ext/gcp/metadata_query.h +82 -0
  43. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +70 -55
  44. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +8 -12
  45. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -5
  46. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +116 -58
  47. data/src/core/ext/transport/chttp2/transport/flow_control.cc +5 -2
  48. data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -1
  49. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +4 -1
  50. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +222 -118
  51. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +113 -295
  52. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +0 -2
  53. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +0 -2
  54. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +277 -451
  55. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +1 -3
  56. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +12 -14
  57. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +1 -9
  58. data/src/core/ext/transport/chttp2/transport/internal.h +16 -3
  59. data/src/core/ext/transport/chttp2/transport/parsing.cc +3 -2
  60. data/src/core/ext/transport/chttp2/transport/writing.cc +10 -5
  61. data/src/core/ext/transport/inproc/inproc_transport.cc +20 -14
  62. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +5 -3
  63. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +22 -0
  64. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +5 -3
  65. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +22 -0
  66. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +23 -5
  67. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +94 -3
  68. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -2
  69. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +120 -0
  70. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +6 -3
  71. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +22 -0
  72. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +24 -6
  73. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +111 -12
  74. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +9 -7
  75. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +27 -9
  76. data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +0 -1
  77. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +11 -7
  78. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +56 -12
  79. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +5 -3
  80. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +24 -0
  81. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +5 -3
  82. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +24 -0
  83. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +13 -2
  84. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +49 -0
  85. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +24 -9
  86. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +66 -12
  87. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +191 -187
  88. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +139 -136
  89. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +31 -15
  90. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -0
  91. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +12 -9
  92. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +15 -0
  93. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +54 -45
  94. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +135 -119
  95. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
  96. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +100 -97
  97. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +15 -18
  98. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +272 -264
  99. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +117 -117
  100. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +5 -5
  101. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +5 -5
  102. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +5 -5
  103. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +12 -9
  104. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -0
  105. data/src/core/ext/xds/xds_channel_stack_modifier.cc +1 -2
  106. data/src/core/ext/xds/xds_client_stats.cc +29 -15
  107. data/src/core/ext/xds/xds_client_stats.h +24 -20
  108. data/src/core/ext/xds/xds_endpoint.cc +5 -2
  109. data/src/core/ext/xds/xds_endpoint.h +9 -1
  110. data/src/core/ext/xds/xds_http_rbac_filter.cc +1 -1
  111. data/src/core/ext/xds/xds_lb_policy_registry.cc +13 -0
  112. data/src/core/ext/xds/xds_transport_grpc.cc +1 -1
  113. data/src/core/lib/channel/call_finalization.h +1 -1
  114. data/src/core/lib/channel/call_tracer.cc +51 -0
  115. data/src/core/lib/channel/call_tracer.h +101 -38
  116. data/src/core/lib/channel/connected_channel.cc +483 -1050
  117. data/src/core/lib/channel/context.h +8 -1
  118. data/src/core/lib/channel/promise_based_filter.cc +106 -42
  119. data/src/core/lib/channel/promise_based_filter.h +27 -13
  120. data/src/core/lib/channel/server_call_tracer_filter.cc +110 -0
  121. data/src/core/lib/config/config_vars.cc +151 -0
  122. data/src/core/lib/config/config_vars.h +127 -0
  123. data/src/core/lib/config/config_vars_non_generated.cc +51 -0
  124. data/src/core/lib/config/load_config.cc +66 -0
  125. data/src/core/lib/config/load_config.h +49 -0
  126. data/src/core/lib/debug/trace.cc +5 -6
  127. data/src/core/lib/debug/trace.h +0 -5
  128. data/src/core/lib/event_engine/event_engine.cc +37 -2
  129. data/src/core/lib/event_engine/handle_containers.h +7 -22
  130. data/src/core/lib/event_engine/memory_allocator_factory.h +47 -0
  131. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -4
  132. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +3 -9
  133. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +48 -15
  134. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +8 -8
  135. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +6 -5
  136. data/src/core/lib/event_engine/posix_engine/posix_engine.h +0 -1
  137. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +6 -32
  138. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +0 -3
  139. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +27 -18
  140. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +0 -3
  141. data/src/core/lib/event_engine/resolved_address.cc +2 -1
  142. data/src/core/lib/event_engine/windows/win_socket.cc +0 -1
  143. data/src/core/lib/event_engine/windows/windows_endpoint.cc +129 -82
  144. data/src/core/lib/event_engine/windows/windows_endpoint.h +21 -5
  145. data/src/core/lib/event_engine/windows/windows_engine.cc +39 -18
  146. data/src/core/lib/event_engine/windows/windows_engine.h +2 -1
  147. data/src/core/lib/event_engine/windows/windows_listener.cc +370 -0
  148. data/src/core/lib/event_engine/windows/windows_listener.h +155 -0
  149. data/src/core/lib/experiments/config.cc +3 -10
  150. data/src/core/lib/experiments/experiments.cc +7 -0
  151. data/src/core/lib/experiments/experiments.h +9 -1
  152. data/src/core/lib/gpr/log.cc +15 -28
  153. data/src/core/lib/gprpp/fork.cc +8 -14
  154. data/src/core/lib/gprpp/orphanable.h +4 -3
  155. data/src/core/lib/gprpp/per_cpu.h +9 -3
  156. data/src/core/lib/gprpp/{thd_posix.cc → posix/thd.cc} +49 -37
  157. data/src/core/lib/gprpp/ref_counted.h +33 -34
  158. data/src/core/lib/gprpp/thd.h +16 -0
  159. data/src/core/lib/gprpp/time.cc +1 -0
  160. data/src/core/lib/gprpp/time.h +4 -4
  161. data/src/core/lib/gprpp/{thd_windows.cc → windows/thd.cc} +2 -2
  162. data/src/core/lib/iomgr/call_combiner.h +2 -2
  163. data/src/core/lib/iomgr/endpoint_cfstream.cc +4 -2
  164. data/src/core/lib/iomgr/ev_posix.cc +13 -53
  165. data/src/core/lib/iomgr/ev_posix.h +0 -3
  166. data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +103 -76
  167. data/src/core/lib/iomgr/iomgr.cc +4 -8
  168. data/src/core/lib/iomgr/iomgr_windows.cc +8 -2
  169. data/src/core/lib/iomgr/pollset_set_windows.cc +9 -9
  170. data/src/core/lib/iomgr/pollset_windows.cc +1 -1
  171. data/src/core/lib/iomgr/socket_utils_common_posix.cc +16 -3
  172. data/src/core/lib/iomgr/tcp_client_windows.cc +2 -2
  173. data/src/core/lib/iomgr/tcp_posix.cc +0 -1
  174. data/src/core/lib/iomgr/tcp_server_posix.cc +19 -55
  175. data/src/core/lib/iomgr/tcp_server_utils_posix.h +0 -12
  176. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +0 -21
  177. data/src/core/lib/iomgr/tcp_server_windows.cc +176 -9
  178. data/src/core/lib/iomgr/tcp_windows.cc +12 -8
  179. data/src/core/lib/load_balancing/lb_policy.cc +9 -13
  180. data/src/core/lib/load_balancing/lb_policy.h +4 -2
  181. data/src/core/lib/promise/activity.cc +22 -6
  182. data/src/core/lib/promise/activity.h +61 -24
  183. data/src/core/lib/promise/cancel_callback.h +77 -0
  184. data/src/core/lib/promise/detail/basic_seq.h +1 -1
  185. data/src/core/lib/promise/detail/promise_factory.h +4 -0
  186. data/src/core/lib/promise/for_each.h +176 -0
  187. data/src/core/lib/promise/if.h +9 -0
  188. data/src/core/lib/promise/interceptor_list.h +23 -2
  189. data/src/core/lib/promise/latch.h +89 -3
  190. data/src/core/lib/promise/loop.h +13 -9
  191. data/src/core/lib/promise/map.h +7 -0
  192. data/src/core/lib/promise/party.cc +286 -0
  193. data/src/core/lib/promise/party.h +499 -0
  194. data/src/core/lib/promise/pipe.h +197 -57
  195. data/src/core/lib/promise/poll.h +48 -0
  196. data/src/core/lib/promise/promise.h +2 -2
  197. data/src/core/lib/resource_quota/arena.cc +19 -3
  198. data/src/core/lib/resource_quota/arena.h +119 -5
  199. data/src/core/lib/resource_quota/memory_quota.cc +1 -1
  200. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +12 -35
  201. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -0
  202. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -59
  203. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -5
  204. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
  205. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +13 -0
  206. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +2 -0
  207. data/src/core/lib/security/security_connector/load_system_roots_supported.cc +5 -9
  208. data/src/core/lib/security/security_connector/ssl_utils.cc +11 -25
  209. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +12 -0
  210. data/src/core/lib/security/transport/secure_endpoint.cc +4 -2
  211. data/src/core/lib/security/transport/server_auth_filter.cc +20 -2
  212. data/src/core/lib/slice/slice.cc +1 -1
  213. data/src/core/lib/surface/builtins.cc +2 -0
  214. data/src/core/lib/surface/call.cc +926 -1024
  215. data/src/core/lib/surface/call.h +10 -0
  216. data/src/core/lib/surface/lame_client.cc +1 -0
  217. data/src/core/lib/surface/validate_metadata.cc +42 -43
  218. data/src/core/lib/surface/validate_metadata.h +0 -9
  219. data/src/core/lib/surface/version.cc +2 -2
  220. data/src/core/lib/transport/batch_builder.cc +179 -0
  221. data/src/core/lib/transport/batch_builder.h +468 -0
  222. data/src/core/lib/transport/bdp_estimator.cc +7 -7
  223. data/src/core/lib/transport/bdp_estimator.h +10 -6
  224. data/src/core/lib/transport/custom_metadata.h +30 -0
  225. data/src/core/lib/transport/metadata_batch.cc +5 -2
  226. data/src/core/lib/transport/metadata_batch.h +17 -113
  227. data/src/core/lib/transport/parsed_metadata.h +6 -16
  228. data/src/core/lib/transport/timeout_encoding.cc +6 -1
  229. data/src/core/lib/transport/transport.cc +30 -2
  230. data/src/core/lib/transport/transport.h +70 -14
  231. data/src/core/lib/transport/transport_impl.h +7 -0
  232. data/src/core/lib/transport/transport_op_string.cc +52 -42
  233. data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -2
  234. data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -0
  235. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +21 -4
  236. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +5 -0
  237. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +1 -1
  238. data/src/core/tsi/ssl_transport_security.cc +4 -2
  239. data/src/ruby/lib/grpc/version.rb +1 -1
  240. data/third_party/abseil-cpp/absl/base/config.h +1 -1
  241. data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +34 -0
  242. data/third_party/abseil-cpp/absl/flags/commandlineflag.h +200 -0
  243. data/third_party/abseil-cpp/absl/flags/config.h +68 -0
  244. data/third_party/abseil-cpp/absl/flags/declare.h +73 -0
  245. data/third_party/abseil-cpp/absl/flags/flag.cc +38 -0
  246. data/third_party/abseil-cpp/absl/flags/flag.h +310 -0
  247. data/{src/core/lib/gprpp/global_config_custom.h → third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc} +11 -14
  248. data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.h +68 -0
  249. data/third_party/abseil-cpp/absl/flags/internal/flag.cc +615 -0
  250. data/third_party/abseil-cpp/absl/flags/internal/flag.h +800 -0
  251. data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +116 -0
  252. data/third_party/abseil-cpp/absl/flags/internal/path_util.h +62 -0
  253. data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +65 -0
  254. data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +61 -0
  255. data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +60 -0
  256. data/third_party/abseil-cpp/absl/flags/internal/program_name.h +50 -0
  257. data/third_party/abseil-cpp/absl/flags/internal/registry.h +97 -0
  258. data/third_party/abseil-cpp/absl/flags/internal/sequence_lock.h +187 -0
  259. data/third_party/abseil-cpp/absl/flags/marshalling.cc +241 -0
  260. data/third_party/abseil-cpp/absl/flags/marshalling.h +356 -0
  261. data/third_party/abseil-cpp/absl/flags/reflection.cc +354 -0
  262. data/third_party/abseil-cpp/absl/flags/reflection.h +90 -0
  263. data/third_party/abseil-cpp/absl/flags/usage_config.cc +165 -0
  264. data/third_party/abseil-cpp/absl/flags/usage_config.h +135 -0
  265. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +12 -8
  266. data/third_party/boringssl-with-bazel/err_data.c +728 -712
  267. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +177 -177
  268. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +28 -55
  269. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +21 -23
  270. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +20 -23
  271. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +66 -185
  272. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +18 -21
  273. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +356 -311
  274. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +174 -194
  275. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +146 -210
  276. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +6 -9
  277. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +346 -526
  278. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +110 -131
  279. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +130 -116
  280. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +93 -60
  281. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +93 -181
  282. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +242 -305
  283. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +41 -18
  284. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +30 -33
  285. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +36 -33
  286. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +29 -26
  287. data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +133 -88
  288. data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +230 -0
  289. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +791 -791
  290. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +526 -526
  291. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +114 -135
  292. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +201 -207
  293. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +21 -26
  294. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +55 -68
  295. data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +2 -4
  296. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +11 -7
  297. data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +4 -4
  298. data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +15 -9
  299. data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +4 -4
  300. data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +17 -10
  301. data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -3
  302. data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -13
  303. data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -6
  304. data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -0
  305. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +9 -5
  306. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +10 -23
  307. data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +2 -6
  308. data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +2 -1
  309. data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +29 -28
  310. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +161 -201
  311. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +254 -39
  312. data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +2 -2
  313. data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -2
  314. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +4 -4
  315. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +9 -8
  316. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +37 -75
  317. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +8 -10
  318. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/cipher → cipher_extra}/e_des.c +100 -78
  319. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +1 -0
  320. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +1 -0
  321. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +2 -0
  322. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +6 -12
  323. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +14 -11
  324. data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +6 -10
  325. data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -1
  326. data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +12 -0
  327. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +74 -0
  328. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +62 -0
  329. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-fuchsia.c → cpu_aarch64_fuchsia.c} +8 -7
  330. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-linux.c → cpu_aarch64_linux.c} +6 -4
  331. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-win.c → cpu_aarch64_win.c} +4 -4
  332. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm.c → cpu_arm.c} +1 -1
  333. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +55 -0
  334. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.c → cpu_arm_linux.c} +11 -90
  335. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.h → cpu_arm_linux.h} +0 -38
  336. data/third_party/boringssl-with-bazel/src/crypto/{cpu-intel.c → cpu_intel.c} +1 -2
  337. data/third_party/boringssl-with-bazel/src/crypto/crypto.c +25 -20
  338. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +16 -27
  339. data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +17 -32
  340. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/des.c +232 -232
  341. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/internal.h +1 -1
  342. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +1 -0
  343. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +232 -29
  344. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -3
  345. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +39 -16
  346. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +37 -7
  347. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
  348. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +11 -36
  349. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +214 -99
  350. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +21 -5
  351. data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +2 -4
  352. data/third_party/boringssl-with-bazel/src/crypto/err/err.c +83 -60
  353. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +46 -12
  354. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +3 -3
  355. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +25 -23
  356. data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +43 -9
  357. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +75 -44
  358. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +19 -25
  359. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +96 -45
  360. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +7 -8
  361. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +26 -23
  362. data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +233 -0
  363. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +5 -5
  364. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +42 -25
  365. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +4 -5
  366. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +35 -47
  367. data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +135 -244
  368. data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +2 -4
  369. data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +15 -10
  370. data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +29 -15
  371. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -2
  372. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +13 -14
  373. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +3 -13
  374. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +13 -7
  375. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +9 -7
  376. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +35 -27
  377. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +16 -26
  378. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +88 -60
  379. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +4 -3
  380. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -2
  381. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +1 -1
  382. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
  383. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +99 -113
  384. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -1
  385. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +5 -3
  386. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +112 -168
  387. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +86 -31
  388. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +11 -6
  389. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +4 -5
  390. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +4 -5
  391. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +13 -0
  392. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +13 -5
  393. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +19 -108
  394. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +19 -15
  395. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +15 -16
  396. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +22 -21
  397. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +3 -0
  398. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +79 -19
  399. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +102 -99
  400. data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → fipsmodule/cipher}/e_aesccm.c +52 -46
  401. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +39 -0
  402. data/third_party/boringssl-with-bazel/src/crypto/{cmac → fipsmodule/cmac}/cmac.c +55 -11
  403. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +2 -3
  404. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +21 -6
  405. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +56 -0
  406. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +5 -3
  407. data/third_party/boringssl-with-bazel/src/crypto/{evp → fipsmodule/digestsign}/digestsign.c +51 -15
  408. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +25 -25
  409. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +91 -17
  410. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +5 -5
  411. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +34 -12
  412. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +54 -23
  413. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +44 -60
  414. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64-table.h → p256-nistz-table.h} +1 -1
  415. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.c → p256-nistz.c} +60 -53
  416. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.h → p256-nistz.h} +5 -13
  417. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +48 -36
  418. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +2 -8
  419. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +2 -7
  420. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +2 -3
  421. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -1
  422. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +8 -0
  423. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +42 -14
  424. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +6 -0
  425. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +52 -24
  426. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +9 -15
  427. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +1 -4
  428. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +2 -4
  429. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +71 -43
  430. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +14 -16
  431. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -4
  432. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +31 -13
  433. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +16 -8
  434. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +3 -2
  435. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +2 -2
  436. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +9 -38
  437. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +73 -59
  438. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -45
  439. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -1
  440. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +22 -0
  441. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +63 -52
  442. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +107 -62
  443. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +58 -31
  444. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +41 -0
  445. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +523 -422
  446. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +89 -0
  447. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +334 -0
  448. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +3 -12
  449. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +2 -0
  450. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +12 -8
  451. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +14 -12
  452. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +19 -6
  453. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +32 -14
  454. data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +65 -29
  455. data/third_party/boringssl-with-bazel/src/crypto/internal.h +373 -18
  456. data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +61 -0
  457. data/third_party/boringssl-with-bazel/src/crypto/kyber/keccak.c +205 -0
  458. data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +13 -1
  459. data/third_party/boringssl-with-bazel/src/crypto/mem.c +220 -13
  460. data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -7
  461. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +13 -1
  462. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +81 -90
  463. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +150 -245
  464. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +629 -613
  465. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +17 -17
  466. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +142 -149
  467. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +99 -131
  468. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -1
  469. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -1
  470. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -1
  471. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -3
  472. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -66
  473. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +31 -38
  474. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +2 -1
  475. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +18 -31
  476. data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
  477. data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +8 -1
  478. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +129 -5
  479. data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +0 -2
  480. data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +3 -4
  481. data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +8 -11
  482. data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +61 -27
  483. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +10 -13
  484. data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +10 -13
  485. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +66 -34
  486. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +190 -77
  487. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +81 -284
  488. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +109 -42
  489. data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +22 -24
  490. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +54 -55
  491. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +32 -34
  492. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +32 -16
  493. data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +465 -704
  494. data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +284 -331
  495. data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +183 -178
  496. data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +11 -15
  497. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +67 -50
  498. data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +153 -150
  499. data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +786 -0
  500. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +95 -102
  501. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +72 -57
  502. data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +12 -10
  503. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +227 -252
  504. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +52 -47
  505. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +3 -4
  506. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +230 -224
  507. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +161 -327
  508. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +37 -33
  509. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +14 -31
  510. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +55 -85
  511. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +534 -618
  512. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +129 -122
  513. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +116 -182
  514. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +132 -132
  515. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +181 -202
  516. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +64 -79
  517. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +175 -160
  518. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1865 -2050
  519. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +433 -462
  520. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +156 -163
  521. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +267 -263
  522. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +40 -15
  523. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +59 -63
  524. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +63 -67
  525. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +114 -144
  526. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +25 -26
  527. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +326 -415
  528. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +8 -7
  529. data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +30 -28
  530. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +354 -370
  531. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +37 -32
  532. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +116 -119
  533. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +36 -26
  534. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +3 -4
  535. data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +10 -13
  536. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +3 -4
  537. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +419 -261
  538. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +113 -105
  539. data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +11 -15
  540. data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +78 -170
  541. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +126 -131
  542. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +3 -4
  543. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +465 -469
  544. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +56 -54
  545. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +46 -49
  546. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +309 -346
  547. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +341 -365
  548. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +429 -393
  549. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +29 -24
  550. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +65 -59
  551. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +125 -121
  552. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +43 -42
  553. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +122 -125
  554. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +50 -20
  555. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +247 -253
  556. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +386 -389
  557. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +45 -32
  558. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +57 -54
  559. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +63 -67
  560. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +143 -136
  561. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +664 -707
  562. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +83 -75
  563. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1062 -1146
  564. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +8 -4
  565. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +28 -48
  566. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +211 -187
  567. data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +26 -78
  568. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +19 -14
  569. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +21 -2
  570. data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +49 -17
  571. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +99 -29
  572. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +49 -60
  573. data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +2 -15
  574. data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +16 -200
  575. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +34 -0
  576. data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +82 -0
  577. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +32 -30
  578. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +7 -0
  579. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
  580. data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +48 -5
  581. data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +37 -8
  582. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -0
  583. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +33 -5
  584. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +22 -30
  585. data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
  586. data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +7 -0
  587. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +41 -16
  588. data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +91 -0
  589. data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +74 -8
  590. data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +13 -0
  591. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -0
  592. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +11 -15
  593. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +8 -0
  594. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +12 -1
  595. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +7 -4
  596. data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +96 -0
  597. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +13 -21
  598. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +139 -75
  599. data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -6
  600. data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +384 -286
  601. data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +5 -6
  602. data/third_party/boringssl-with-bazel/src/include/openssl/time.h +41 -0
  603. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +18 -7
  604. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +49 -23
  605. data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +0 -11
  606. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1592 -1074
  607. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +202 -205
  608. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -2
  609. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +6 -13
  610. data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +17 -18
  611. data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +4 -5
  612. data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +25 -33
  613. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +34 -20
  614. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +65 -34
  615. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +198 -54
  616. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +5 -5
  617. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +32 -28
  618. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +76 -44
  619. data/third_party/boringssl-with-bazel/src/ssl/internal.h +130 -98
  620. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +27 -11
  621. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
  622. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +91 -75
  623. data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +8 -10
  624. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +39 -65
  625. data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -0
  626. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +5 -9
  627. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +30 -33
  628. data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +77 -100
  629. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +120 -107
  630. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +164 -30
  631. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +150 -60
  632. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +22 -11
  633. data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +22 -6
  634. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +15 -13
  635. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +5 -43
  636. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +7 -4
  637. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +2 -2
  638. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +22 -34
  639. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +2 -2
  640. data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +16 -98
  641. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +1241 -657
  642. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +751 -398
  643. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3551 -1938
  644. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1272 -487
  645. metadata +103 -70
  646. data/src/core/ext/filters/client_channel/lb_call_state_internal.h +0 -39
  647. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +0 -30
  648. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +0 -29
  649. data/src/core/lib/gprpp/global_config.h +0 -93
  650. data/src/core/lib/gprpp/global_config_env.cc +0 -140
  651. data/src/core/lib/gprpp/global_config_env.h +0 -133
  652. data/src/core/lib/gprpp/global_config_generic.h +0 -40
  653. data/src/core/lib/promise/intra_activity_waiter.h +0 -55
  654. data/src/core/lib/security/security_connector/ssl_utils_config.cc +0 -32
  655. data/src/core/lib/security/security_connector/ssl_utils_config.h +0 -29
  656. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +0 -195
  657. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +0 -83
  658. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +0 -236
  659. data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +0 -15
  660. data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +0 -206
  661. data/third_party/boringssl-with-bazel/src/crypto/cpu-ppc64le.c +0 -38
  662. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +0 -361
  663. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +0 -287
  664. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +0 -132
  665. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +0 -155
  666. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +0 -131
  667. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +0 -189
  668. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +0 -843
  669. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +0 -289
  670. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +0 -57
  671. /data/src/core/lib/gpr/{log_android.cc → android/log.cc} +0 -0
  672. /data/src/core/lib/gpr/{cpu_iphone.cc → iphone/cpu.cc} +0 -0
  673. /data/src/core/lib/gpr/{cpu_linux.cc → linux/cpu.cc} +0 -0
  674. /data/src/core/lib/gpr/{log_linux.cc → linux/log.cc} +0 -0
  675. /data/src/core/lib/gpr/{tmpfile_msys.cc → msys/tmpfile.cc} +0 -0
  676. /data/src/core/lib/gpr/{cpu_posix.cc → posix/cpu.cc} +0 -0
  677. /data/src/core/lib/gpr/{log_posix.cc → posix/log.cc} +0 -0
  678. /data/src/core/lib/gpr/{string_posix.cc → posix/string.cc} +0 -0
  679. /data/src/core/lib/gpr/{sync_posix.cc → posix/sync.cc} +0 -0
  680. /data/src/core/lib/gpr/{time_posix.cc → posix/time.cc} +0 -0
  681. /data/src/core/lib/gpr/{tmpfile_posix.cc → posix/tmpfile.cc} +0 -0
  682. /data/src/core/lib/gpr/{cpu_windows.cc → windows/cpu.cc} +0 -0
  683. /data/src/core/lib/gpr/{log_windows.cc → windows/log.cc} +0 -0
  684. /data/src/core/lib/gpr/{string_windows.cc → windows/string.cc} +0 -0
  685. /data/src/core/lib/gpr/{string_util_windows.cc → windows/string_util.cc} +0 -0
  686. /data/src/core/lib/gpr/{sync_windows.cc → windows/sync.cc} +0 -0
  687. /data/src/core/lib/gpr/{time_windows.cc → windows/time.cc} +0 -0
  688. /data/src/core/lib/gpr/{tmpfile_windows.cc → windows/tmpfile.cc} +0 -0
  689. /data/src/core/lib/gprpp/{env_linux.cc → linux/env.cc} +0 -0
  690. /data/src/core/lib/gprpp/{env_posix.cc → posix/env.cc} +0 -0
  691. /data/src/core/lib/gprpp/{stat_posix.cc → posix/stat.cc} +0 -0
  692. /data/src/core/lib/gprpp/{env_windows.cc → windows/env.cc} +0 -0
  693. /data/src/core/lib/gprpp/{stat_windows.cc → windows/stat.cc} +0 -0
@@ -1,4 +1,3 @@
1
- /* crypto/asn1/x_x509.c */
2
1
  /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3
2
  * All rights reserved.
4
3
  *
@@ -68,327 +67,486 @@
68
67
  #include <openssl/x509.h>
69
68
  #include <openssl/x509v3.h>
70
69
 
70
+ #include "../asn1/internal.h"
71
+ #include "../bytestring/internal.h"
71
72
  #include "../internal.h"
72
73
  #include "internal.h"
73
74
 
74
75
  static CRYPTO_EX_DATA_CLASS g_ex_data_class = CRYPTO_EX_DATA_CLASS_INIT;
75
76
 
76
77
  ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = {
77
- ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
78
- ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
79
- ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
80
- ASN1_SIMPLE(X509_CINF, issuer, X509_NAME),
81
- ASN1_SIMPLE(X509_CINF, validity, X509_VAL),
82
- ASN1_SIMPLE(X509_CINF, subject, X509_NAME),
83
- ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY),
84
- ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
85
- ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
86
- ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
78
+ ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
79
+ ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
80
+ ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
81
+ ASN1_SIMPLE(X509_CINF, issuer, X509_NAME),
82
+ ASN1_SIMPLE(X509_CINF, validity, X509_VAL),
83
+ ASN1_SIMPLE(X509_CINF, subject, X509_NAME),
84
+ ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY),
85
+ ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
86
+ ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
87
+ ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3),
87
88
  } ASN1_SEQUENCE_END_enc(X509_CINF, X509_CINF)
88
89
 
89
90
  IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
90
- /* X509 top level structure needs a bit of customisation */
91
-
92
- extern void policy_cache_free(X509_POLICY_CACHE *cache);
93
-
94
- static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
95
- void *exarg)
96
- {
97
- X509 *ret = (X509 *)*pval;
98
-
99
- switch (operation) {
100
-
101
- case ASN1_OP_NEW_POST:
102
- ret->ex_flags = 0;
103
- ret->ex_pathlen = -1;
104
- ret->skid = NULL;
105
- ret->akid = NULL;
106
- ret->aux = NULL;
107
- ret->crldp = NULL;
108
- ret->buf = NULL;
109
- CRYPTO_new_ex_data(&ret->ex_data);
110
- CRYPTO_MUTEX_init(&ret->lock);
111
- break;
112
-
113
- case ASN1_OP_D2I_PRE:
114
- CRYPTO_BUFFER_free(ret->buf);
115
- ret->buf = NULL;
116
- break;
117
-
118
- case ASN1_OP_D2I_POST: {
119
- /* The version must be one of v1(0), v2(1), or v3(2). */
120
- long version = 0;
121
- if (ret->cert_info->version != NULL) {
122
- version = ASN1_INTEGER_get(ret->cert_info->version);
123
- /* TODO(https://crbug.com/boringssl/364): |version| = 0 should also
124
- * be rejected. This means an explicitly-encoded X.509v1 version.
125
- * v1 is DEFAULT, so DER requires it be omitted. */
126
- if (version < 0 || version > 2) {
127
- OPENSSL_PUT_ERROR(X509, X509_R_INVALID_VERSION);
128
- return 0;
129
- }
130
- }
131
-
132
- /* Per RFC 5280, section 4.1.2.8, these fields require v2 or v3. */
133
- if (version == 0 && (ret->cert_info->issuerUID != NULL ||
134
- ret->cert_info->subjectUID != NULL)) {
135
- OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_FOR_VERSION);
136
- return 0;
137
- }
138
-
139
- /* Per RFC 5280, section 4.1.2.9, extensions require v3. */
140
- if (version != 2 && ret->cert_info->extensions != NULL) {
141
- OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_FOR_VERSION);
142
- return 0;
143
- }
144
-
145
- break;
146
- }
147
91
 
148
- case ASN1_OP_FREE_POST:
149
- CRYPTO_MUTEX_cleanup(&ret->lock);
150
- CRYPTO_free_ex_data(&g_ex_data_class, ret, &ret->ex_data);
151
- X509_CERT_AUX_free(ret->aux);
152
- ASN1_OCTET_STRING_free(ret->skid);
153
- AUTHORITY_KEYID_free(ret->akid);
154
- CRL_DIST_POINTS_free(ret->crldp);
155
- policy_cache_free(ret->policy_cache);
156
- GENERAL_NAMES_free(ret->altname);
157
- NAME_CONSTRAINTS_free(ret->nc);
158
- CRYPTO_BUFFER_free(ret->buf);
159
- break;
92
+ // x509_new_null returns a new |X509| object where the |cert_info|, |sig_alg|,
93
+ // and |signature| fields are not yet filled in.
94
+ static X509 *x509_new_null(void) {
95
+ X509 *ret = OPENSSL_malloc(sizeof(X509));
96
+ if (ret == NULL) {
97
+ return NULL;
98
+ }
99
+ OPENSSL_memset(ret, 0, sizeof(X509));
100
+
101
+ ret->references = 1;
102
+ ret->ex_pathlen = -1;
103
+ CRYPTO_new_ex_data(&ret->ex_data);
104
+ CRYPTO_MUTEX_init(&ret->lock);
105
+ return ret;
106
+ }
107
+
108
+ X509 *X509_new(void) {
109
+ X509 *ret = x509_new_null();
110
+ if (ret == NULL) {
111
+ return NULL;
112
+ }
113
+
114
+ ret->cert_info = X509_CINF_new();
115
+ ret->sig_alg = X509_ALGOR_new();
116
+ ret->signature = ASN1_BIT_STRING_new();
117
+ if (ret->cert_info == NULL || ret->sig_alg == NULL ||
118
+ ret->signature == NULL) {
119
+ X509_free(ret);
120
+ return NULL;
121
+ }
122
+
123
+ return ret;
124
+ }
125
+
126
+ void X509_free(X509 *x509) {
127
+ if (x509 == NULL || !CRYPTO_refcount_dec_and_test_zero(&x509->references)) {
128
+ return;
129
+ }
130
+
131
+ CRYPTO_free_ex_data(&g_ex_data_class, x509, &x509->ex_data);
132
+
133
+ X509_CINF_free(x509->cert_info);
134
+ X509_ALGOR_free(x509->sig_alg);
135
+ ASN1_BIT_STRING_free(x509->signature);
136
+ ASN1_OCTET_STRING_free(x509->skid);
137
+ AUTHORITY_KEYID_free(x509->akid);
138
+ CRL_DIST_POINTS_free(x509->crldp);
139
+ GENERAL_NAMES_free(x509->altname);
140
+ NAME_CONSTRAINTS_free(x509->nc);
141
+ X509_CERT_AUX_free(x509->aux);
142
+ CRYPTO_MUTEX_cleanup(&x509->lock);
143
+
144
+ OPENSSL_free(x509);
145
+ }
146
+
147
+ static X509 *x509_parse(CBS *cbs, CRYPTO_BUFFER *buf) {
148
+ CBS cert, tbs, sigalg, sig;
149
+ if (!CBS_get_asn1(cbs, &cert, CBS_ASN1_SEQUENCE) ||
150
+ // Bound the length to comfortably fit in an int. Lengths in this
151
+ // module often omit overflow checks.
152
+ CBS_len(&cert) > INT_MAX / 2 ||
153
+ !CBS_get_asn1_element(&cert, &tbs, CBS_ASN1_SEQUENCE) ||
154
+ !CBS_get_asn1_element(&cert, &sigalg, CBS_ASN1_SEQUENCE)) {
155
+ OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR);
156
+ return NULL;
157
+ }
158
+
159
+ // For just the signature field, we accept non-minimal BER lengths, though not
160
+ // indefinite-length encoding. See b/18228011.
161
+ //
162
+ // TODO(crbug.com/boringssl/354): Switch the affected callers to convert the
163
+ // certificate before parsing and then remove this workaround.
164
+ CBS_ASN1_TAG tag;
165
+ size_t header_len;
166
+ int indefinite;
167
+ if (!CBS_get_any_ber_asn1_element(&cert, &sig, &tag, &header_len,
168
+ /*out_ber_found=*/NULL,
169
+ &indefinite) ||
170
+ tag != CBS_ASN1_BITSTRING || indefinite || //
171
+ !CBS_skip(&sig, header_len) || //
172
+ CBS_len(&cert) != 0) {
173
+ OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR);
174
+ return NULL;
175
+ }
176
+
177
+ X509 *ret = x509_new_null();
178
+ if (ret == NULL) {
179
+ return NULL;
180
+ }
181
+
182
+ // TODO(crbug.com/boringssl/443): When the rest of the library is decoupled
183
+ // from the tasn_*.c implementation, replace this with |CBS|-based functions.
184
+ const uint8_t *inp = CBS_data(&tbs);
185
+ if (ASN1_item_ex_d2i((ASN1_VALUE **)&ret->cert_info, &inp, CBS_len(&tbs),
186
+ ASN1_ITEM_rptr(X509_CINF), /*tag=*/-1,
187
+ /*aclass=*/0, /*opt=*/0, buf) <= 0 ||
188
+ inp != CBS_data(&tbs) + CBS_len(&tbs)) {
189
+ goto err;
190
+ }
191
+
192
+ inp = CBS_data(&sigalg);
193
+ ret->sig_alg = d2i_X509_ALGOR(NULL, &inp, CBS_len(&sigalg));
194
+ if (ret->sig_alg == NULL || inp != CBS_data(&sigalg) + CBS_len(&sigalg)) {
195
+ goto err;
196
+ }
197
+
198
+ inp = CBS_data(&sig);
199
+ ret->signature = c2i_ASN1_BIT_STRING(NULL, &inp, CBS_len(&sig));
200
+ if (ret->signature == NULL || inp != CBS_data(&sig) + CBS_len(&sig)) {
201
+ goto err;
202
+ }
160
203
 
204
+ // The version must be one of v1(0), v2(1), or v3(2).
205
+ long version = X509_VERSION_1;
206
+ if (ret->cert_info->version != NULL) {
207
+ version = ASN1_INTEGER_get(ret->cert_info->version);
208
+ // TODO(https://crbug.com/boringssl/364): |X509_VERSION_1| should
209
+ // also be rejected here. This means an explicitly-encoded X.509v1
210
+ // version. v1 is DEFAULT, so DER requires it be omitted.
211
+ if (version < X509_VERSION_1 || version > X509_VERSION_3) {
212
+ OPENSSL_PUT_ERROR(X509, X509_R_INVALID_VERSION);
213
+ goto err;
161
214
  }
215
+ }
162
216
 
163
- return 1;
217
+ // Per RFC 5280, section 4.1.2.8, these fields require v2 or v3.
218
+ if (version == X509_VERSION_1 && (ret->cert_info->issuerUID != NULL ||
219
+ ret->cert_info->subjectUID != NULL)) {
220
+ OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_FOR_VERSION);
221
+ goto err;
222
+ }
223
+
224
+ // Per RFC 5280, section 4.1.2.9, extensions require v3.
225
+ if (version != X509_VERSION_3 && ret->cert_info->extensions != NULL) {
226
+ OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_FOR_VERSION);
227
+ goto err;
228
+ }
164
229
 
230
+ return ret;
231
+
232
+ err:
233
+ X509_free(ret);
234
+ return NULL;
165
235
  }
166
236
 
167
- ASN1_SEQUENCE_ref(X509, x509_cb) = {
168
- ASN1_SIMPLE(X509, cert_info, X509_CINF),
169
- ASN1_SIMPLE(X509, sig_alg, X509_ALGOR),
170
- ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING)
171
- } ASN1_SEQUENCE_END_ref(X509, X509)
237
+ X509 *d2i_X509(X509 **out, const uint8_t **inp, long len) {
238
+ X509 *ret = NULL;
239
+ if (len < 0) {
240
+ OPENSSL_PUT_ERROR(ASN1, ASN1_R_BUFFER_TOO_SMALL);
241
+ goto err;
242
+ }
172
243
 
173
- IMPLEMENT_ASN1_FUNCTIONS(X509)
244
+ CBS cbs;
245
+ CBS_init(&cbs, *inp, (size_t)len);
246
+ ret = x509_parse(&cbs, NULL);
247
+ if (ret == NULL) {
248
+ goto err;
249
+ }
174
250
 
175
- IMPLEMENT_ASN1_DUP_FUNCTION(X509)
251
+ *inp = CBS_data(&cbs);
176
252
 
177
- X509 *X509_parse_from_buffer(CRYPTO_BUFFER *buf) {
178
- if (CRYPTO_BUFFER_len(buf) > LONG_MAX) {
179
- OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
180
- return 0;
253
+ err:
254
+ if (out != NULL) {
255
+ X509_free(*out);
256
+ *out = ret;
181
257
  }
258
+ return ret;
259
+ }
182
260
 
183
- X509 *x509 = X509_new();
261
+ int i2d_X509(X509 *x509, uint8_t **outp) {
184
262
  if (x509 == NULL) {
185
- return NULL;
263
+ OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_VALUE);
264
+ return -1;
265
+ }
266
+
267
+ CBB cbb, cert;
268
+ if (!CBB_init(&cbb, 64) || //
269
+ !CBB_add_asn1(&cbb, &cert, CBS_ASN1_SEQUENCE)) {
270
+ goto err;
271
+ }
272
+
273
+ // TODO(crbug.com/boringssl/443): When the rest of the library is decoupled
274
+ // from the tasn_*.c implementation, replace this with |CBS|-based functions.
275
+ uint8_t *out;
276
+ int len = i2d_X509_CINF(x509->cert_info, NULL);
277
+ if (len < 0 || //
278
+ !CBB_add_space(&cert, &out, (size_t)len) ||
279
+ i2d_X509_CINF(x509->cert_info, &out) != len) {
280
+ goto err;
281
+ }
282
+
283
+ len = i2d_X509_ALGOR(x509->sig_alg, NULL);
284
+ if (len < 0 || //
285
+ !CBB_add_space(&cert, &out, (size_t)len) ||
286
+ i2d_X509_ALGOR(x509->sig_alg, &out) != len) {
287
+ goto err;
288
+ }
289
+
290
+ len = i2d_ASN1_BIT_STRING(x509->signature, NULL);
291
+ if (len < 0 || //
292
+ !CBB_add_space(&cert, &out, (size_t)len) ||
293
+ i2d_ASN1_BIT_STRING(x509->signature, &out) != len) {
294
+ goto err;
295
+ }
296
+
297
+ return CBB_finish_i2d(&cbb, outp);
298
+
299
+ err:
300
+ CBB_cleanup(&cbb);
301
+ return -1;
302
+ }
303
+
304
+ static int x509_new_cb(ASN1_VALUE **pval, const ASN1_ITEM *it) {
305
+ *pval = (ASN1_VALUE *)X509_new();
306
+ return *pval != NULL;
307
+ }
308
+
309
+ static void x509_free_cb(ASN1_VALUE **pval, const ASN1_ITEM *it) {
310
+ X509_free((X509 *)*pval);
311
+ *pval = NULL;
312
+ }
313
+
314
+ static int x509_d2i_cb(ASN1_VALUE **pval, const unsigned char **in, long len,
315
+ const ASN1_ITEM *it, int opt, ASN1_TLC *ctx) {
316
+ if (len < 0) {
317
+ OPENSSL_PUT_ERROR(ASN1, ASN1_R_BUFFER_TOO_SMALL);
318
+ return 0;
319
+ }
320
+
321
+ CBS cbs;
322
+ CBS_init(&cbs, *in, len);
323
+ if (opt && !CBS_peek_asn1_tag(&cbs, CBS_ASN1_SEQUENCE)) {
324
+ return -1;
186
325
  }
187
326
 
188
- x509->cert_info->enc.alias_only_on_next_parse = 1;
327
+ X509 *ret = x509_parse(&cbs, NULL);
328
+ if (ret == NULL) {
329
+ return 0;
330
+ }
331
+
332
+ *in = CBS_data(&cbs);
333
+ X509_free((X509 *)*pval);
334
+ *pval = (ASN1_VALUE *)ret;
335
+ return 1;
336
+ }
189
337
 
190
- const uint8_t *inp = CRYPTO_BUFFER_data(buf);
191
- X509 *x509p = x509;
192
- X509 *ret = d2i_X509(&x509p, &inp, CRYPTO_BUFFER_len(buf));
193
- if (ret == NULL ||
194
- inp - CRYPTO_BUFFER_data(buf) != (ptrdiff_t)CRYPTO_BUFFER_len(buf)) {
195
- X509_free(x509p);
338
+ static int x509_i2d_cb(ASN1_VALUE **pval, unsigned char **out,
339
+ const ASN1_ITEM *it) {
340
+ return i2d_X509((X509 *)*pval, out);
341
+ }
342
+
343
+ static const ASN1_EXTERN_FUNCS x509_extern_funcs = {
344
+ x509_new_cb,
345
+ x509_free_cb,
346
+ /*asn1_ex_clear=*/NULL,
347
+ x509_d2i_cb,
348
+ x509_i2d_cb,
349
+ };
350
+
351
+ IMPLEMENT_EXTERN_ASN1(X509, V_ASN1_SEQUENCE, x509_extern_funcs)
352
+
353
+ X509 *X509_dup(X509 *x509) {
354
+ uint8_t *der = NULL;
355
+ int len = i2d_X509(x509, &der);
356
+ if (len < 0) {
196
357
  return NULL;
197
358
  }
198
- assert(x509p == x509);
199
- assert(ret == x509);
200
359
 
201
- CRYPTO_BUFFER_up_ref(buf);
202
- ret->buf = buf;
360
+ const uint8_t *inp = der;
361
+ X509 *ret = d2i_X509(NULL, &inp, len);
362
+ OPENSSL_free(der);
363
+ return ret;
364
+ }
365
+
366
+ X509 *X509_parse_from_buffer(CRYPTO_BUFFER *buf) {
367
+ CBS cbs;
368
+ CBS_init(&cbs, CRYPTO_BUFFER_data(buf), CRYPTO_BUFFER_len(buf));
369
+ X509 *ret = x509_parse(&cbs, buf);
370
+ if (ret == NULL || CBS_len(&cbs) != 0) {
371
+ X509_free(ret);
372
+ return NULL;
373
+ }
203
374
 
204
375
  return ret;
205
376
  }
206
377
 
207
- int X509_up_ref(X509 *x)
208
- {
209
- CRYPTO_refcount_inc(&x->references);
210
- return 1;
378
+ int X509_up_ref(X509 *x) {
379
+ CRYPTO_refcount_inc(&x->references);
380
+ return 1;
211
381
  }
212
382
 
213
- int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_unused * unused,
214
- CRYPTO_EX_dup *dup_unused, CRYPTO_EX_free *free_func)
215
- {
216
- int index;
217
- if (!CRYPTO_get_ex_new_index(&g_ex_data_class, &index, argl, argp,
218
- free_func)) {
219
- return -1;
220
- }
221
- return index;
383
+ int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_unused *unused,
384
+ CRYPTO_EX_dup *dup_unused,
385
+ CRYPTO_EX_free *free_func) {
386
+ int index;
387
+ if (!CRYPTO_get_ex_new_index(&g_ex_data_class, &index, argl, argp,
388
+ free_func)) {
389
+ return -1;
390
+ }
391
+ return index;
222
392
  }
223
393
 
224
- int X509_set_ex_data(X509 *r, int idx, void *arg)
225
- {
226
- return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
394
+ int X509_set_ex_data(X509 *r, int idx, void *arg) {
395
+ return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
227
396
  }
228
397
 
229
- void *X509_get_ex_data(X509 *r, int idx)
230
- {
231
- return (CRYPTO_get_ex_data(&r->ex_data, idx));
398
+ void *X509_get_ex_data(X509 *r, int idx) {
399
+ return (CRYPTO_get_ex_data(&r->ex_data, idx));
232
400
  }
233
401
 
234
- /*
235
- * X509_AUX ASN1 routines. X509_AUX is the name given to a certificate with
236
- * extra info tagged on the end. Since these functions set how a certificate
237
- * is trusted they should only be used when the certificate comes from a
238
- * reliable source such as local storage.
239
- */
240
-
241
- X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
242
- {
243
- const unsigned char *q = *pp;
244
- X509 *ret;
245
- int freeret = 0;
246
-
247
- if (!a || *a == NULL)
248
- freeret = 1;
249
- ret = d2i_X509(a, &q, length);
250
- /* If certificate unreadable then forget it */
251
- if (!ret)
252
- return NULL;
253
- /* update length */
254
- length -= q - *pp;
255
- /* Parse auxiliary information if there is any. */
256
- if (length > 0 && !d2i_X509_CERT_AUX(&ret->aux, &q, length))
257
- goto err;
258
- *pp = q;
259
- return ret;
260
- err:
261
- if (freeret) {
262
- X509_free(ret);
263
- if (a)
264
- *a = NULL;
265
- }
402
+ // X509_AUX ASN1 routines. X509_AUX is the name given to a certificate with
403
+ // extra info tagged on the end. Since these functions set how a certificate
404
+ // is trusted they should only be used when the certificate comes from a
405
+ // reliable source such as local storage.
406
+
407
+ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length) {
408
+ const unsigned char *q = *pp;
409
+ X509 *ret;
410
+ int freeret = 0;
411
+
412
+ if (!a || *a == NULL) {
413
+ freeret = 1;
414
+ }
415
+ ret = d2i_X509(a, &q, length);
416
+ // If certificate unreadable then forget it
417
+ if (!ret) {
266
418
  return NULL;
419
+ }
420
+ // update length
421
+ length -= q - *pp;
422
+ // Parse auxiliary information if there is any.
423
+ if (length > 0 && !d2i_X509_CERT_AUX(&ret->aux, &q, length)) {
424
+ goto err;
425
+ }
426
+ *pp = q;
427
+ return ret;
428
+ err:
429
+ if (freeret) {
430
+ X509_free(ret);
431
+ if (a) {
432
+ *a = NULL;
433
+ }
434
+ }
435
+ return NULL;
267
436
  }
268
437
 
269
- /*
270
- * Serialize trusted certificate to *pp or just return the required buffer
271
- * length if pp == NULL. We ultimately want to avoid modifying *pp in the
272
- * error path, but that depends on similar hygiene in lower-level functions.
273
- * Here we avoid compounding the problem.
274
- */
275
- static int i2d_x509_aux_internal(X509 *a, unsigned char **pp)
276
- {
277
- int length, tmplen;
278
- unsigned char *start = pp != NULL ? *pp : NULL;
279
-
280
- assert(pp == NULL || *pp != NULL);
281
-
282
- /*
283
- * This might perturb *pp on error, but fixing that belongs in i2d_X509()
284
- * not here. It should be that if a == NULL length is zero, but we check
285
- * both just in case.
286
- */
287
- length = i2d_X509(a, pp);
288
- if (length <= 0 || a == NULL) {
289
- return length;
290
- }
438
+ // Serialize trusted certificate to *pp or just return the required buffer
439
+ // length if pp == NULL. We ultimately want to avoid modifying *pp in the
440
+ // error path, but that depends on similar hygiene in lower-level functions.
441
+ // Here we avoid compounding the problem.
442
+ static int i2d_x509_aux_internal(X509 *a, unsigned char **pp) {
443
+ int length, tmplen;
444
+ unsigned char *start = pp != NULL ? *pp : NULL;
445
+
446
+ assert(pp == NULL || *pp != NULL);
447
+
448
+ // This might perturb *pp on error, but fixing that belongs in i2d_X509()
449
+ // not here. It should be that if a == NULL length is zero, but we check
450
+ // both just in case.
451
+ length = i2d_X509(a, pp);
452
+ if (length <= 0 || a == NULL) {
453
+ return length;
454
+ }
291
455
 
292
- if (a->aux != NULL) {
293
- tmplen = i2d_X509_CERT_AUX(a->aux, pp);
294
- if (tmplen < 0) {
295
- if (start != NULL)
296
- *pp = start;
297
- return tmplen;
298
- }
299
- length += tmplen;
456
+ if (a->aux != NULL) {
457
+ tmplen = i2d_X509_CERT_AUX(a->aux, pp);
458
+ if (tmplen < 0) {
459
+ if (start != NULL) {
460
+ *pp = start;
461
+ }
462
+ return tmplen;
300
463
  }
464
+ length += tmplen;
465
+ }
301
466
 
302
- return length;
467
+ return length;
303
468
  }
304
469
 
305
- /*
306
- * Serialize trusted certificate to *pp, or just return the required buffer
307
- * length if pp == NULL.
308
- *
309
- * When pp is not NULL, but *pp == NULL, we allocate the buffer, but since
310
- * we're writing two ASN.1 objects back to back, we can't have i2d_X509() do
311
- * the allocation, nor can we allow i2d_X509_CERT_AUX() to increment the
312
- * allocated buffer.
313
- */
314
- int i2d_X509_AUX(X509 *a, unsigned char **pp)
315
- {
316
- int length;
317
- unsigned char *tmp;
318
-
319
- /* Buffer provided by caller */
320
- if (pp == NULL || *pp != NULL)
321
- return i2d_x509_aux_internal(a, pp);
322
-
323
- /* Obtain the combined length */
324
- if ((length = i2d_x509_aux_internal(a, NULL)) <= 0)
325
- return length;
326
-
327
- /* Allocate requisite combined storage */
328
- *pp = tmp = OPENSSL_malloc(length);
329
- if (tmp == NULL)
330
- return -1; /* Push error onto error stack? */
331
-
332
- /* Encode, but keep *pp at the originally malloced pointer */
333
- length = i2d_x509_aux_internal(a, &tmp);
334
- if (length <= 0) {
335
- OPENSSL_free(*pp);
336
- *pp = NULL;
337
- }
470
+ // Serialize trusted certificate to *pp, or just return the required buffer
471
+ // length if pp == NULL.
472
+ //
473
+ // When pp is not NULL, but *pp == NULL, we allocate the buffer, but since
474
+ // we're writing two ASN.1 objects back to back, we can't have i2d_X509() do
475
+ // the allocation, nor can we allow i2d_X509_CERT_AUX() to increment the
476
+ // allocated buffer.
477
+ int i2d_X509_AUX(X509 *a, unsigned char **pp) {
478
+ int length;
479
+ unsigned char *tmp;
480
+
481
+ // Buffer provided by caller
482
+ if (pp == NULL || *pp != NULL) {
483
+ return i2d_x509_aux_internal(a, pp);
484
+ }
485
+
486
+ // Obtain the combined length
487
+ if ((length = i2d_x509_aux_internal(a, NULL)) <= 0) {
338
488
  return length;
489
+ }
490
+
491
+ // Allocate requisite combined storage
492
+ *pp = tmp = OPENSSL_malloc(length);
493
+ if (tmp == NULL) {
494
+ return -1; // Push error onto error stack?
495
+ }
496
+
497
+ // Encode, but keep *pp at the originally malloced pointer
498
+ length = i2d_x509_aux_internal(a, &tmp);
499
+ if (length <= 0) {
500
+ OPENSSL_free(*pp);
501
+ *pp = NULL;
502
+ }
503
+ return length;
339
504
  }
340
505
 
341
- int i2d_re_X509_tbs(X509 *x509, unsigned char **outp)
342
- {
343
- x509->cert_info->enc.modified = 1;
344
- return i2d_X509_CINF(x509->cert_info, outp);
506
+ int i2d_re_X509_tbs(X509 *x509, unsigned char **outp) {
507
+ asn1_encoding_clear(&x509->cert_info->enc);
508
+ return i2d_X509_CINF(x509->cert_info, outp);
345
509
  }
346
510
 
347
- int i2d_X509_tbs(X509 *x509, unsigned char **outp)
348
- {
349
- return i2d_X509_CINF(x509->cert_info, outp);
511
+ int i2d_X509_tbs(X509 *x509, unsigned char **outp) {
512
+ return i2d_X509_CINF(x509->cert_info, outp);
350
513
  }
351
514
 
352
- int X509_set1_signature_algo(X509 *x509, const X509_ALGOR *algo)
353
- {
354
- /* TODO(davidben): Const-correct generated ASN.1 dup functions.
355
- * Alternatively, when the types are hidden and we can embed required fields
356
- * directly in structs, import |X509_ALGOR_copy| from upstream. */
357
- X509_ALGOR *copy1 = X509_ALGOR_dup((X509_ALGOR *)algo);
358
- X509_ALGOR *copy2 = X509_ALGOR_dup((X509_ALGOR *)algo);
359
- if (copy1 == NULL || copy2 == NULL) {
360
- X509_ALGOR_free(copy1);
361
- X509_ALGOR_free(copy2);
362
- return 0;
363
- }
515
+ int X509_set1_signature_algo(X509 *x509, const X509_ALGOR *algo) {
516
+ X509_ALGOR *copy1 = X509_ALGOR_dup(algo);
517
+ X509_ALGOR *copy2 = X509_ALGOR_dup(algo);
518
+ if (copy1 == NULL || copy2 == NULL) {
519
+ X509_ALGOR_free(copy1);
520
+ X509_ALGOR_free(copy2);
521
+ return 0;
522
+ }
364
523
 
365
- X509_ALGOR_free(x509->sig_alg);
366
- x509->sig_alg = copy1;
367
- X509_ALGOR_free(x509->cert_info->signature);
368
- x509->cert_info->signature = copy2;
369
- return 1;
524
+ X509_ALGOR_free(x509->sig_alg);
525
+ x509->sig_alg = copy1;
526
+ X509_ALGOR_free(x509->cert_info->signature);
527
+ x509->cert_info->signature = copy2;
528
+ return 1;
370
529
  }
371
530
 
372
- int X509_set1_signature_value(X509 *x509, const uint8_t *sig, size_t sig_len)
373
- {
374
- if (!ASN1_STRING_set(x509->signature, sig, sig_len)) {
375
- return 0;
376
- }
377
- x509->signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
378
- x509->signature->flags |= ASN1_STRING_FLAG_BITS_LEFT;
379
- return 1;
531
+ int X509_set1_signature_value(X509 *x509, const uint8_t *sig, size_t sig_len) {
532
+ if (!ASN1_STRING_set(x509->signature, sig, sig_len)) {
533
+ return 0;
534
+ }
535
+ x509->signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
536
+ x509->signature->flags |= ASN1_STRING_FLAG_BITS_LEFT;
537
+ return 1;
380
538
  }
381
539
 
382
540
  void X509_get0_signature(const ASN1_BIT_STRING **psig, const X509_ALGOR **palg,
383
- const X509 *x)
384
- {
385
- if (psig)
386
- *psig = x->signature;
387
- if (palg)
388
- *palg = x->sig_alg;
541
+ const X509 *x) {
542
+ if (psig) {
543
+ *psig = x->signature;
544
+ }
545
+ if (palg) {
546
+ *palg = x->sig_alg;
547
+ }
389
548
  }
390
549
 
391
- int X509_get_signature_nid(const X509 *x)
392
- {
393
- return OBJ_obj2nid(x->sig_alg->algorithm);
550
+ int X509_get_signature_nid(const X509 *x) {
551
+ return OBJ_obj2nid(x->sig_alg->algorithm);
394
552
  }