grpc 1.53.2 → 1.54.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (693) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +78 -66
  3. data/include/grpc/event_engine/event_engine.h +30 -14
  4. data/include/grpc/grpc_security.h +4 -0
  5. data/include/grpc/support/port_platform.h +4 -4
  6. data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +11 -0
  7. data/src/core/ext/filters/client_channel/backend_metric.cc +6 -0
  8. data/src/core/ext/filters/client_channel/backup_poller.cc +2 -11
  9. data/src/core/ext/filters/client_channel/backup_poller.h +0 -3
  10. data/src/core/ext/filters/client_channel/client_channel.cc +848 -813
  11. data/src/core/ext/filters/client_channel/client_channel.h +131 -173
  12. data/src/core/ext/filters/client_channel/client_channel_internal.h +114 -0
  13. data/src/core/ext/filters/client_channel/config_selector.h +4 -3
  14. data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +6 -1
  15. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +17 -18
  16. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +134 -151
  17. data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2 -16
  18. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +14 -10
  19. data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +68 -30
  20. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +11 -3
  21. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -1
  22. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -5
  23. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +2 -2
  24. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +30 -38
  25. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +4 -4
  26. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +20 -26
  27. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +31 -179
  28. data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +1 -2
  29. data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -2
  30. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +4 -2
  31. data/src/core/ext/filters/client_channel/retry_filter.cc +95 -102
  32. data/src/core/ext/filters/client_channel/subchannel.cc +2 -4
  33. data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +26 -27
  34. data/src/core/ext/filters/client_channel/subchannel_stream_client.h +8 -5
  35. data/src/core/ext/filters/http/client/http_client_filter.cc +3 -3
  36. data/src/core/ext/filters/http/http_filters_plugin.cc +1 -12
  37. data/src/core/ext/filters/http/message_compress/compression_filter.cc +27 -11
  38. data/src/core/ext/filters/message_size/message_size_filter.cc +141 -224
  39. data/src/core/ext/filters/message_size/message_size_filter.h +48 -3
  40. data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +7 -6
  41. data/src/core/ext/gcp/metadata_query.cc +142 -0
  42. data/src/core/ext/gcp/metadata_query.h +82 -0
  43. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +70 -55
  44. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +8 -12
  45. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -5
  46. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +116 -58
  47. data/src/core/ext/transport/chttp2/transport/flow_control.cc +5 -2
  48. data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -1
  49. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +4 -1
  50. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +222 -118
  51. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +113 -295
  52. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +0 -2
  53. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +0 -2
  54. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +277 -451
  55. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +1 -3
  56. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +12 -14
  57. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +1 -9
  58. data/src/core/ext/transport/chttp2/transport/internal.h +16 -3
  59. data/src/core/ext/transport/chttp2/transport/parsing.cc +3 -2
  60. data/src/core/ext/transport/chttp2/transport/writing.cc +10 -5
  61. data/src/core/ext/transport/inproc/inproc_transport.cc +20 -14
  62. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +5 -3
  63. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +22 -0
  64. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +5 -3
  65. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +22 -0
  66. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +23 -5
  67. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +94 -3
  68. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -2
  69. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +120 -0
  70. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +6 -3
  71. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +22 -0
  72. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +24 -6
  73. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +111 -12
  74. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +9 -7
  75. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +27 -9
  76. data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +0 -1
  77. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +11 -7
  78. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +56 -12
  79. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +5 -3
  80. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +24 -0
  81. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +5 -3
  82. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +24 -0
  83. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +13 -2
  84. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +49 -0
  85. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +24 -9
  86. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +66 -12
  87. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +191 -187
  88. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +139 -136
  89. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +31 -15
  90. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -0
  91. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +12 -9
  92. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +15 -0
  93. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +54 -45
  94. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +135 -119
  95. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
  96. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +100 -97
  97. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +15 -18
  98. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +272 -264
  99. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +117 -117
  100. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +5 -5
  101. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +5 -5
  102. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +5 -5
  103. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +12 -9
  104. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -0
  105. data/src/core/ext/xds/xds_channel_stack_modifier.cc +1 -2
  106. data/src/core/ext/xds/xds_client_stats.cc +29 -15
  107. data/src/core/ext/xds/xds_client_stats.h +24 -20
  108. data/src/core/ext/xds/xds_endpoint.cc +5 -2
  109. data/src/core/ext/xds/xds_endpoint.h +9 -1
  110. data/src/core/ext/xds/xds_http_rbac_filter.cc +1 -1
  111. data/src/core/ext/xds/xds_lb_policy_registry.cc +13 -0
  112. data/src/core/ext/xds/xds_transport_grpc.cc +1 -1
  113. data/src/core/lib/channel/call_finalization.h +1 -1
  114. data/src/core/lib/channel/call_tracer.cc +51 -0
  115. data/src/core/lib/channel/call_tracer.h +101 -38
  116. data/src/core/lib/channel/connected_channel.cc +483 -1050
  117. data/src/core/lib/channel/context.h +8 -1
  118. data/src/core/lib/channel/promise_based_filter.cc +106 -42
  119. data/src/core/lib/channel/promise_based_filter.h +27 -13
  120. data/src/core/lib/channel/server_call_tracer_filter.cc +110 -0
  121. data/src/core/lib/config/config_vars.cc +151 -0
  122. data/src/core/lib/config/config_vars.h +127 -0
  123. data/src/core/lib/config/config_vars_non_generated.cc +51 -0
  124. data/src/core/lib/config/load_config.cc +66 -0
  125. data/src/core/lib/config/load_config.h +49 -0
  126. data/src/core/lib/debug/trace.cc +5 -6
  127. data/src/core/lib/debug/trace.h +0 -5
  128. data/src/core/lib/event_engine/event_engine.cc +37 -2
  129. data/src/core/lib/event_engine/handle_containers.h +7 -22
  130. data/src/core/lib/event_engine/memory_allocator_factory.h +47 -0
  131. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -4
  132. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +3 -9
  133. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +48 -15
  134. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +8 -8
  135. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +6 -5
  136. data/src/core/lib/event_engine/posix_engine/posix_engine.h +0 -1
  137. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +6 -32
  138. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +0 -3
  139. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +27 -18
  140. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +0 -3
  141. data/src/core/lib/event_engine/resolved_address.cc +2 -1
  142. data/src/core/lib/event_engine/windows/win_socket.cc +0 -1
  143. data/src/core/lib/event_engine/windows/windows_endpoint.cc +129 -82
  144. data/src/core/lib/event_engine/windows/windows_endpoint.h +21 -5
  145. data/src/core/lib/event_engine/windows/windows_engine.cc +39 -18
  146. data/src/core/lib/event_engine/windows/windows_engine.h +2 -1
  147. data/src/core/lib/event_engine/windows/windows_listener.cc +370 -0
  148. data/src/core/lib/event_engine/windows/windows_listener.h +155 -0
  149. data/src/core/lib/experiments/config.cc +3 -10
  150. data/src/core/lib/experiments/experiments.cc +7 -0
  151. data/src/core/lib/experiments/experiments.h +9 -1
  152. data/src/core/lib/gpr/log.cc +15 -28
  153. data/src/core/lib/gprpp/fork.cc +8 -14
  154. data/src/core/lib/gprpp/orphanable.h +4 -3
  155. data/src/core/lib/gprpp/per_cpu.h +9 -3
  156. data/src/core/lib/gprpp/{thd_posix.cc → posix/thd.cc} +49 -37
  157. data/src/core/lib/gprpp/ref_counted.h +33 -34
  158. data/src/core/lib/gprpp/thd.h +16 -0
  159. data/src/core/lib/gprpp/time.cc +1 -0
  160. data/src/core/lib/gprpp/time.h +4 -4
  161. data/src/core/lib/gprpp/{thd_windows.cc → windows/thd.cc} +2 -2
  162. data/src/core/lib/iomgr/call_combiner.h +2 -2
  163. data/src/core/lib/iomgr/endpoint_cfstream.cc +4 -2
  164. data/src/core/lib/iomgr/ev_posix.cc +13 -53
  165. data/src/core/lib/iomgr/ev_posix.h +0 -3
  166. data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +103 -76
  167. data/src/core/lib/iomgr/iomgr.cc +4 -8
  168. data/src/core/lib/iomgr/iomgr_windows.cc +8 -2
  169. data/src/core/lib/iomgr/pollset_set_windows.cc +9 -9
  170. data/src/core/lib/iomgr/pollset_windows.cc +1 -1
  171. data/src/core/lib/iomgr/socket_utils_common_posix.cc +16 -3
  172. data/src/core/lib/iomgr/tcp_client_windows.cc +2 -2
  173. data/src/core/lib/iomgr/tcp_posix.cc +0 -1
  174. data/src/core/lib/iomgr/tcp_server_posix.cc +19 -55
  175. data/src/core/lib/iomgr/tcp_server_utils_posix.h +0 -12
  176. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +0 -21
  177. data/src/core/lib/iomgr/tcp_server_windows.cc +176 -9
  178. data/src/core/lib/iomgr/tcp_windows.cc +12 -8
  179. data/src/core/lib/load_balancing/lb_policy.cc +9 -13
  180. data/src/core/lib/load_balancing/lb_policy.h +4 -2
  181. data/src/core/lib/promise/activity.cc +22 -6
  182. data/src/core/lib/promise/activity.h +61 -24
  183. data/src/core/lib/promise/cancel_callback.h +77 -0
  184. data/src/core/lib/promise/detail/basic_seq.h +1 -1
  185. data/src/core/lib/promise/detail/promise_factory.h +4 -0
  186. data/src/core/lib/promise/for_each.h +176 -0
  187. data/src/core/lib/promise/if.h +9 -0
  188. data/src/core/lib/promise/interceptor_list.h +23 -2
  189. data/src/core/lib/promise/latch.h +89 -3
  190. data/src/core/lib/promise/loop.h +13 -9
  191. data/src/core/lib/promise/map.h +7 -0
  192. data/src/core/lib/promise/party.cc +286 -0
  193. data/src/core/lib/promise/party.h +499 -0
  194. data/src/core/lib/promise/pipe.h +197 -57
  195. data/src/core/lib/promise/poll.h +48 -0
  196. data/src/core/lib/promise/promise.h +2 -2
  197. data/src/core/lib/resource_quota/arena.cc +19 -3
  198. data/src/core/lib/resource_quota/arena.h +119 -5
  199. data/src/core/lib/resource_quota/memory_quota.cc +1 -1
  200. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +12 -35
  201. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -0
  202. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -59
  203. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -5
  204. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
  205. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +13 -0
  206. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +2 -0
  207. data/src/core/lib/security/security_connector/load_system_roots_supported.cc +5 -9
  208. data/src/core/lib/security/security_connector/ssl_utils.cc +11 -25
  209. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +12 -0
  210. data/src/core/lib/security/transport/secure_endpoint.cc +4 -2
  211. data/src/core/lib/security/transport/server_auth_filter.cc +20 -2
  212. data/src/core/lib/slice/slice.cc +1 -1
  213. data/src/core/lib/surface/builtins.cc +2 -0
  214. data/src/core/lib/surface/call.cc +926 -1024
  215. data/src/core/lib/surface/call.h +10 -0
  216. data/src/core/lib/surface/lame_client.cc +1 -0
  217. data/src/core/lib/surface/validate_metadata.cc +42 -43
  218. data/src/core/lib/surface/validate_metadata.h +0 -9
  219. data/src/core/lib/surface/version.cc +2 -2
  220. data/src/core/lib/transport/batch_builder.cc +179 -0
  221. data/src/core/lib/transport/batch_builder.h +468 -0
  222. data/src/core/lib/transport/bdp_estimator.cc +7 -7
  223. data/src/core/lib/transport/bdp_estimator.h +10 -6
  224. data/src/core/lib/transport/custom_metadata.h +30 -0
  225. data/src/core/lib/transport/metadata_batch.cc +5 -2
  226. data/src/core/lib/transport/metadata_batch.h +17 -113
  227. data/src/core/lib/transport/parsed_metadata.h +6 -16
  228. data/src/core/lib/transport/timeout_encoding.cc +6 -1
  229. data/src/core/lib/transport/transport.cc +30 -2
  230. data/src/core/lib/transport/transport.h +70 -14
  231. data/src/core/lib/transport/transport_impl.h +7 -0
  232. data/src/core/lib/transport/transport_op_string.cc +52 -42
  233. data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -2
  234. data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -0
  235. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +21 -4
  236. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +5 -0
  237. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +1 -1
  238. data/src/core/tsi/ssl_transport_security.cc +4 -2
  239. data/src/ruby/lib/grpc/version.rb +1 -1
  240. data/third_party/abseil-cpp/absl/base/config.h +1 -1
  241. data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +34 -0
  242. data/third_party/abseil-cpp/absl/flags/commandlineflag.h +200 -0
  243. data/third_party/abseil-cpp/absl/flags/config.h +68 -0
  244. data/third_party/abseil-cpp/absl/flags/declare.h +73 -0
  245. data/third_party/abseil-cpp/absl/flags/flag.cc +38 -0
  246. data/third_party/abseil-cpp/absl/flags/flag.h +310 -0
  247. data/{src/core/lib/gprpp/global_config_custom.h → third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc} +11 -14
  248. data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.h +68 -0
  249. data/third_party/abseil-cpp/absl/flags/internal/flag.cc +615 -0
  250. data/third_party/abseil-cpp/absl/flags/internal/flag.h +800 -0
  251. data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +116 -0
  252. data/third_party/abseil-cpp/absl/flags/internal/path_util.h +62 -0
  253. data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +65 -0
  254. data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +61 -0
  255. data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +60 -0
  256. data/third_party/abseil-cpp/absl/flags/internal/program_name.h +50 -0
  257. data/third_party/abseil-cpp/absl/flags/internal/registry.h +97 -0
  258. data/third_party/abseil-cpp/absl/flags/internal/sequence_lock.h +187 -0
  259. data/third_party/abseil-cpp/absl/flags/marshalling.cc +241 -0
  260. data/third_party/abseil-cpp/absl/flags/marshalling.h +356 -0
  261. data/third_party/abseil-cpp/absl/flags/reflection.cc +354 -0
  262. data/third_party/abseil-cpp/absl/flags/reflection.h +90 -0
  263. data/third_party/abseil-cpp/absl/flags/usage_config.cc +165 -0
  264. data/third_party/abseil-cpp/absl/flags/usage_config.h +135 -0
  265. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +12 -8
  266. data/third_party/boringssl-with-bazel/err_data.c +728 -712
  267. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +177 -177
  268. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +28 -55
  269. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +21 -23
  270. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +20 -23
  271. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +66 -185
  272. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +18 -21
  273. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +356 -311
  274. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +174 -194
  275. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +146 -210
  276. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +6 -9
  277. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +346 -526
  278. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +110 -131
  279. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +130 -116
  280. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +93 -60
  281. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +93 -181
  282. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +242 -305
  283. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +41 -18
  284. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +30 -33
  285. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +36 -33
  286. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +29 -26
  287. data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +133 -88
  288. data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +230 -0
  289. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +791 -791
  290. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +526 -526
  291. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +114 -135
  292. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +201 -207
  293. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +21 -26
  294. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +55 -68
  295. data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +2 -4
  296. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +11 -7
  297. data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +4 -4
  298. data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +15 -9
  299. data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +4 -4
  300. data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +17 -10
  301. data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -3
  302. data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -13
  303. data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -6
  304. data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -0
  305. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +9 -5
  306. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +10 -23
  307. data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +2 -6
  308. data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +2 -1
  309. data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +29 -28
  310. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +161 -201
  311. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +254 -39
  312. data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +2 -2
  313. data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -2
  314. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +4 -4
  315. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +9 -8
  316. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +37 -75
  317. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +8 -10
  318. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/cipher → cipher_extra}/e_des.c +100 -78
  319. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +1 -0
  320. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +1 -0
  321. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +2 -0
  322. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +6 -12
  323. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +14 -11
  324. data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +6 -10
  325. data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -1
  326. data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +12 -0
  327. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +74 -0
  328. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +62 -0
  329. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-fuchsia.c → cpu_aarch64_fuchsia.c} +8 -7
  330. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-linux.c → cpu_aarch64_linux.c} +6 -4
  331. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-win.c → cpu_aarch64_win.c} +4 -4
  332. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm.c → cpu_arm.c} +1 -1
  333. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +55 -0
  334. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.c → cpu_arm_linux.c} +11 -90
  335. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.h → cpu_arm_linux.h} +0 -38
  336. data/third_party/boringssl-with-bazel/src/crypto/{cpu-intel.c → cpu_intel.c} +1 -2
  337. data/third_party/boringssl-with-bazel/src/crypto/crypto.c +25 -20
  338. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +16 -27
  339. data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +17 -32
  340. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/des.c +232 -232
  341. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/internal.h +1 -1
  342. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +1 -0
  343. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +232 -29
  344. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -3
  345. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +39 -16
  346. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +37 -7
  347. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
  348. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +11 -36
  349. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +214 -99
  350. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +21 -5
  351. data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +2 -4
  352. data/third_party/boringssl-with-bazel/src/crypto/err/err.c +83 -60
  353. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +46 -12
  354. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +3 -3
  355. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +25 -23
  356. data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +43 -9
  357. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +75 -44
  358. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +19 -25
  359. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +96 -45
  360. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +7 -8
  361. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +26 -23
  362. data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +233 -0
  363. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +5 -5
  364. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +42 -25
  365. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +4 -5
  366. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +35 -47
  367. data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +135 -244
  368. data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +2 -4
  369. data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +15 -10
  370. data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +29 -15
  371. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -2
  372. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +13 -14
  373. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +3 -13
  374. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +13 -7
  375. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +9 -7
  376. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +35 -27
  377. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +16 -26
  378. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +88 -60
  379. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +4 -3
  380. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -2
  381. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +1 -1
  382. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
  383. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +99 -113
  384. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -1
  385. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +5 -3
  386. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +112 -168
  387. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +86 -31
  388. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +11 -6
  389. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +4 -5
  390. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +4 -5
  391. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +13 -0
  392. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +13 -5
  393. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +19 -108
  394. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +19 -15
  395. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +15 -16
  396. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +22 -21
  397. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +3 -0
  398. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +79 -19
  399. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +102 -99
  400. data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → fipsmodule/cipher}/e_aesccm.c +52 -46
  401. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +39 -0
  402. data/third_party/boringssl-with-bazel/src/crypto/{cmac → fipsmodule/cmac}/cmac.c +55 -11
  403. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +2 -3
  404. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +21 -6
  405. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +56 -0
  406. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +5 -3
  407. data/third_party/boringssl-with-bazel/src/crypto/{evp → fipsmodule/digestsign}/digestsign.c +51 -15
  408. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +25 -25
  409. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +91 -17
  410. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +5 -5
  411. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +34 -12
  412. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +54 -23
  413. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +44 -60
  414. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64-table.h → p256-nistz-table.h} +1 -1
  415. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.c → p256-nistz.c} +60 -53
  416. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.h → p256-nistz.h} +5 -13
  417. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +48 -36
  418. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +2 -8
  419. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +2 -7
  420. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +2 -3
  421. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -1
  422. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +8 -0
  423. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +42 -14
  424. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +6 -0
  425. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +52 -24
  426. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +9 -15
  427. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +1 -4
  428. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +2 -4
  429. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +71 -43
  430. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +14 -16
  431. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -4
  432. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +31 -13
  433. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +16 -8
  434. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +3 -2
  435. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +2 -2
  436. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +9 -38
  437. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +73 -59
  438. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -45
  439. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -1
  440. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +22 -0
  441. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +63 -52
  442. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +107 -62
  443. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +58 -31
  444. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +41 -0
  445. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +523 -422
  446. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +89 -0
  447. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +334 -0
  448. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +3 -12
  449. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +2 -0
  450. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +12 -8
  451. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +14 -12
  452. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +19 -6
  453. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +32 -14
  454. data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +65 -29
  455. data/third_party/boringssl-with-bazel/src/crypto/internal.h +373 -18
  456. data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +61 -0
  457. data/third_party/boringssl-with-bazel/src/crypto/kyber/keccak.c +205 -0
  458. data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +13 -1
  459. data/third_party/boringssl-with-bazel/src/crypto/mem.c +220 -13
  460. data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -7
  461. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +13 -1
  462. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +81 -90
  463. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +150 -245
  464. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +629 -613
  465. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +17 -17
  466. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +142 -149
  467. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +99 -131
  468. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -1
  469. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -1
  470. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -1
  471. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -3
  472. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -66
  473. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +31 -38
  474. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +2 -1
  475. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +18 -31
  476. data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
  477. data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +8 -1
  478. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +129 -5
  479. data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +0 -2
  480. data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +3 -4
  481. data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +8 -11
  482. data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +61 -27
  483. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +10 -13
  484. data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +10 -13
  485. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +66 -34
  486. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +190 -77
  487. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +81 -284
  488. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +109 -42
  489. data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +22 -24
  490. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +54 -55
  491. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +32 -34
  492. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +32 -16
  493. data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +465 -704
  494. data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +284 -331
  495. data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +183 -178
  496. data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +11 -15
  497. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +67 -50
  498. data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +153 -150
  499. data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +786 -0
  500. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +95 -102
  501. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +72 -57
  502. data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +12 -10
  503. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +227 -252
  504. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +52 -47
  505. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +3 -4
  506. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +230 -224
  507. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +161 -327
  508. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +37 -33
  509. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +14 -31
  510. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +55 -85
  511. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +534 -618
  512. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +129 -122
  513. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +116 -182
  514. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +132 -132
  515. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +181 -202
  516. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +64 -79
  517. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +175 -160
  518. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1865 -2050
  519. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +433 -462
  520. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +156 -163
  521. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +267 -263
  522. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +40 -15
  523. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +59 -63
  524. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +63 -67
  525. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +114 -144
  526. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +25 -26
  527. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +326 -415
  528. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +8 -7
  529. data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +30 -28
  530. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +354 -370
  531. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +37 -32
  532. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +116 -119
  533. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +36 -26
  534. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +3 -4
  535. data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +10 -13
  536. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +3 -4
  537. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +419 -261
  538. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +113 -105
  539. data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +11 -15
  540. data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +78 -170
  541. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +126 -131
  542. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +3 -4
  543. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +465 -469
  544. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +56 -54
  545. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +46 -49
  546. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +309 -346
  547. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +341 -365
  548. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +429 -393
  549. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +29 -24
  550. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +65 -59
  551. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +125 -121
  552. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +43 -42
  553. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +122 -125
  554. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +50 -20
  555. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +247 -253
  556. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +386 -389
  557. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +45 -32
  558. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +57 -54
  559. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +63 -67
  560. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +143 -136
  561. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +664 -707
  562. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +83 -75
  563. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1062 -1146
  564. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +8 -4
  565. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +28 -48
  566. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +211 -187
  567. data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +26 -78
  568. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +19 -14
  569. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +21 -2
  570. data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +49 -17
  571. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +99 -29
  572. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +49 -60
  573. data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +2 -15
  574. data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +16 -200
  575. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +34 -0
  576. data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +82 -0
  577. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +32 -30
  578. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +7 -0
  579. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
  580. data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +48 -5
  581. data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +37 -8
  582. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -0
  583. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +33 -5
  584. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +22 -30
  585. data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
  586. data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +7 -0
  587. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +41 -16
  588. data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +91 -0
  589. data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +74 -8
  590. data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +13 -0
  591. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -0
  592. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +11 -15
  593. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +8 -0
  594. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +12 -1
  595. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +7 -4
  596. data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +96 -0
  597. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +13 -21
  598. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +139 -75
  599. data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -6
  600. data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +384 -286
  601. data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +5 -6
  602. data/third_party/boringssl-with-bazel/src/include/openssl/time.h +41 -0
  603. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +18 -7
  604. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +49 -23
  605. data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +0 -11
  606. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1592 -1074
  607. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +202 -205
  608. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -2
  609. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +6 -13
  610. data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +17 -18
  611. data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +4 -5
  612. data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +25 -33
  613. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +34 -20
  614. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +65 -34
  615. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +198 -54
  616. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +5 -5
  617. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +32 -28
  618. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +76 -44
  619. data/third_party/boringssl-with-bazel/src/ssl/internal.h +130 -98
  620. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +27 -11
  621. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
  622. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +91 -75
  623. data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +8 -10
  624. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +39 -65
  625. data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -0
  626. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +5 -9
  627. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +30 -33
  628. data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +77 -100
  629. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +120 -107
  630. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +164 -30
  631. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +150 -60
  632. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +22 -11
  633. data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +22 -6
  634. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +15 -13
  635. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +5 -43
  636. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +7 -4
  637. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +2 -2
  638. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +22 -34
  639. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +2 -2
  640. data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +16 -98
  641. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +1241 -657
  642. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +751 -398
  643. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3551 -1938
  644. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1272 -487
  645. metadata +103 -70
  646. data/src/core/ext/filters/client_channel/lb_call_state_internal.h +0 -39
  647. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +0 -30
  648. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +0 -29
  649. data/src/core/lib/gprpp/global_config.h +0 -93
  650. data/src/core/lib/gprpp/global_config_env.cc +0 -140
  651. data/src/core/lib/gprpp/global_config_env.h +0 -133
  652. data/src/core/lib/gprpp/global_config_generic.h +0 -40
  653. data/src/core/lib/promise/intra_activity_waiter.h +0 -55
  654. data/src/core/lib/security/security_connector/ssl_utils_config.cc +0 -32
  655. data/src/core/lib/security/security_connector/ssl_utils_config.h +0 -29
  656. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +0 -195
  657. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +0 -83
  658. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +0 -236
  659. data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +0 -15
  660. data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +0 -206
  661. data/third_party/boringssl-with-bazel/src/crypto/cpu-ppc64le.c +0 -38
  662. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +0 -361
  663. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +0 -287
  664. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +0 -132
  665. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +0 -155
  666. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +0 -131
  667. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +0 -189
  668. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +0 -843
  669. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +0 -289
  670. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +0 -57
  671. /data/src/core/lib/gpr/{log_android.cc → android/log.cc} +0 -0
  672. /data/src/core/lib/gpr/{cpu_iphone.cc → iphone/cpu.cc} +0 -0
  673. /data/src/core/lib/gpr/{cpu_linux.cc → linux/cpu.cc} +0 -0
  674. /data/src/core/lib/gpr/{log_linux.cc → linux/log.cc} +0 -0
  675. /data/src/core/lib/gpr/{tmpfile_msys.cc → msys/tmpfile.cc} +0 -0
  676. /data/src/core/lib/gpr/{cpu_posix.cc → posix/cpu.cc} +0 -0
  677. /data/src/core/lib/gpr/{log_posix.cc → posix/log.cc} +0 -0
  678. /data/src/core/lib/gpr/{string_posix.cc → posix/string.cc} +0 -0
  679. /data/src/core/lib/gpr/{sync_posix.cc → posix/sync.cc} +0 -0
  680. /data/src/core/lib/gpr/{time_posix.cc → posix/time.cc} +0 -0
  681. /data/src/core/lib/gpr/{tmpfile_posix.cc → posix/tmpfile.cc} +0 -0
  682. /data/src/core/lib/gpr/{cpu_windows.cc → windows/cpu.cc} +0 -0
  683. /data/src/core/lib/gpr/{log_windows.cc → windows/log.cc} +0 -0
  684. /data/src/core/lib/gpr/{string_windows.cc → windows/string.cc} +0 -0
  685. /data/src/core/lib/gpr/{string_util_windows.cc → windows/string_util.cc} +0 -0
  686. /data/src/core/lib/gpr/{sync_windows.cc → windows/sync.cc} +0 -0
  687. /data/src/core/lib/gpr/{time_windows.cc → windows/time.cc} +0 -0
  688. /data/src/core/lib/gpr/{tmpfile_windows.cc → windows/tmpfile.cc} +0 -0
  689. /data/src/core/lib/gprpp/{env_linux.cc → linux/env.cc} +0 -0
  690. /data/src/core/lib/gprpp/{env_posix.cc → posix/env.cc} +0 -0
  691. /data/src/core/lib/gprpp/{stat_posix.cc → posix/stat.cc} +0 -0
  692. /data/src/core/lib/gprpp/{env_windows.cc → windows/env.cc} +0 -0
  693. /data/src/core/lib/gprpp/{stat_windows.cc → windows/stat.cc} +0 -0
@@ -56,595 +56,415 @@
56
56
 
57
57
  #include <openssl/asn1.h>
58
58
 
59
+ #include <assert.h>
59
60
  #include <ctype.h>
60
61
  #include <inttypes.h>
62
+ #include <limits.h>
61
63
  #include <string.h>
64
+ #include <time.h>
62
65
 
63
66
  #include <openssl/bio.h>
67
+ #include <openssl/bytestring.h>
64
68
  #include <openssl/mem.h>
65
69
 
66
- #include "charmap.h"
70
+ #include "../bytestring/internal.h"
67
71
  #include "internal.h"
68
72
 
69
73
 
70
- // These flags must be distinct from |ESC_FLAGS| and fit in a byte.
74
+ #define ESC_FLAGS \
75
+ (ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_QUOTE | ASN1_STRFLGS_ESC_CTRL | \
76
+ ASN1_STRFLGS_ESC_MSB)
71
77
 
72
- // Character is a valid PrintableString character
73
- #define CHARTYPE_PRINTABLESTRING 0x10
74
- // Character needs escaping if it is the first character
75
- #define CHARTYPE_FIRST_ESC_2253 0x20
76
- // Character needs escaping if it is the last character
77
- #define CHARTYPE_LAST_ESC_2253 0x40
78
-
79
- #define CHARTYPE_BS_ESC (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253)
80
-
81
- #define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
82
- ASN1_STRFLGS_ESC_QUOTE | \
83
- ASN1_STRFLGS_ESC_CTRL | \
84
- ASN1_STRFLGS_ESC_MSB)
85
-
86
- static int maybe_write(BIO *out, const void *buf, int len)
87
- {
88
- /* If |out| is NULL, ignore the output but report the length. */
89
- return out == NULL || BIO_write(out, buf, len) == len;
78
+ static int maybe_write(BIO *out, const void *buf, int len) {
79
+ // If |out| is NULL, ignore the output but report the length.
80
+ return out == NULL || BIO_write(out, buf, len) == len;
90
81
  }
91
82
 
92
- /*
93
- * This function handles display of strings, one character at a time. It is
94
- * passed an unsigned long for each character because it could come from 2 or
95
- * even 4 byte forms.
96
- */
97
-
98
- #define HEX_SIZE(type) (sizeof(type)*2)
99
-
100
- static int do_esc_char(uint32_t c, unsigned char flags, char *do_quotes,
101
- BIO *out)
102
- {
103
- unsigned char chflgs, chtmp;
104
- char tmphex[HEX_SIZE(uint32_t) + 3];
105
-
106
- if (c > 0xffff) {
107
- BIO_snprintf(tmphex, sizeof tmphex, "\\W%08" PRIX32, c);
108
- if (!maybe_write(out, tmphex, 10))
109
- return -1;
110
- return 10;
111
- }
112
- if (c > 0xff) {
113
- BIO_snprintf(tmphex, sizeof tmphex, "\\U%04" PRIX32, c);
114
- if (!maybe_write(out, tmphex, 6))
115
- return -1;
116
- return 6;
117
- }
118
- chtmp = (unsigned char)c;
119
- if (chtmp > 0x7f)
120
- chflgs = flags & ASN1_STRFLGS_ESC_MSB;
121
- else
122
- chflgs = char_type[chtmp] & flags;
123
- if (chflgs & CHARTYPE_BS_ESC) {
124
- /* If we don't escape with quotes, signal we need quotes */
125
- if (chflgs & ASN1_STRFLGS_ESC_QUOTE) {
126
- if (do_quotes)
127
- *do_quotes = 1;
128
- if (!maybe_write(out, &chtmp, 1))
129
- return -1;
130
- return 1;
83
+ static int is_control_character(unsigned char c) { return c < 32 || c == 127; }
84
+
85
+ static int do_esc_char(uint32_t c, unsigned long flags, char *do_quotes,
86
+ BIO *out, int is_first, int is_last) {
87
+ // |c| is a |uint32_t| because, depending on |ASN1_STRFLGS_UTF8_CONVERT|,
88
+ // we may be escaping bytes or Unicode codepoints.
89
+ char buf[16]; // Large enough for "\\W01234567".
90
+ unsigned char u8 = (unsigned char)c;
91
+ if (c > 0xffff) {
92
+ BIO_snprintf(buf, sizeof(buf), "\\W%08" PRIX32, c);
93
+ } else if (c > 0xff) {
94
+ BIO_snprintf(buf, sizeof(buf), "\\U%04" PRIX32, c);
95
+ } else if ((flags & ASN1_STRFLGS_ESC_MSB) && c > 0x7f) {
96
+ BIO_snprintf(buf, sizeof(buf), "\\%02X", c);
97
+ } else if ((flags & ASN1_STRFLGS_ESC_CTRL) && is_control_character(c)) {
98
+ BIO_snprintf(buf, sizeof(buf), "\\%02X", c);
99
+ } else if (flags & ASN1_STRFLGS_ESC_2253) {
100
+ // See RFC 2253, sections 2.4 and 4.
101
+ if (c == '\\' || c == '"') {
102
+ // Quotes and backslashes are always escaped, quoted or not.
103
+ BIO_snprintf(buf, sizeof(buf), "\\%c", (int)c);
104
+ } else if (c == ',' || c == '+' || c == '<' || c == '>' || c == ';' ||
105
+ (is_first && (c == ' ' || c == '#')) ||
106
+ (is_last && (c == ' '))) {
107
+ if (flags & ASN1_STRFLGS_ESC_QUOTE) {
108
+ // No need to escape, just tell the caller to quote.
109
+ if (do_quotes != NULL) {
110
+ *do_quotes = 1;
131
111
  }
132
- if (!maybe_write(out, "\\", 1))
133
- return -1;
134
- if (!maybe_write(out, &chtmp, 1))
135
- return -1;
136
- return 2;
137
- }
138
- if (chflgs & (ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB)) {
139
- BIO_snprintf(tmphex, 11, "\\%02X", chtmp);
140
- if (!maybe_write(out, tmphex, 3))
141
- return -1;
142
- return 3;
143
- }
144
- /*
145
- * If we get this far and do any escaping at all must escape the escape
146
- * character itself: backslash.
147
- */
148
- if (chtmp == '\\' && flags & ESC_FLAGS) {
149
- if (!maybe_write(out, "\\\\", 2))
150
- return -1;
151
- return 2;
112
+ return maybe_write(out, &u8, 1) ? 1 : -1;
113
+ }
114
+ BIO_snprintf(buf, sizeof(buf), "\\%c", (int)c);
115
+ } else {
116
+ return maybe_write(out, &u8, 1) ? 1 : -1;
152
117
  }
153
- if (!maybe_write(out, &chtmp, 1))
154
- return -1;
155
- return 1;
156
- }
157
-
158
- #define BUF_TYPE_WIDTH_MASK 0x7
159
- #define BUF_TYPE_CONVUTF8 0x8
118
+ } else if ((flags & ESC_FLAGS) && c == '\\') {
119
+ // If any escape flags are set, also escape backslashes.
120
+ BIO_snprintf(buf, sizeof(buf), "\\%c", (int)c);
121
+ } else {
122
+ return maybe_write(out, &u8, 1) ? 1 : -1;
123
+ }
160
124
 
161
- /*
162
- * This function sends each character in a buffer to do_esc_char(). It
163
- * interprets the content formats and converts to or from UTF8 as
164
- * appropriate.
165
- */
125
+ static_assert(sizeof(buf) < INT_MAX, "len may not fit in int");
126
+ int len = (int)strlen(buf);
127
+ return maybe_write(out, buf, len) ? len : -1;
128
+ }
166
129
 
167
- static int do_buf(unsigned char *buf, int buflen,
168
- int type, unsigned char flags, char *quotes, BIO *out)
169
- {
170
- int i, outlen, len, charwidth;
171
- unsigned char orflags, *p, *q;
172
- uint32_t c;
173
- p = buf;
174
- q = buf + buflen;
175
- outlen = 0;
176
- charwidth = type & BUF_TYPE_WIDTH_MASK;
177
-
178
- switch (charwidth) {
179
- case 4:
180
- if (buflen & 3) {
181
- OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_UNIVERSALSTRING);
182
- return -1;
183
- }
184
- break;
185
- case 2:
186
- if (buflen & 1) {
187
- OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_BMPSTRING);
188
- return -1;
189
- }
190
- break;
130
+ // This function sends each character in a buffer to do_esc_char(). It
131
+ // interprets the content formats and converts to or from UTF8 as
132
+ // appropriate.
133
+
134
+ static int do_buf(const unsigned char *buf, int buflen, int encoding,
135
+ unsigned long flags, char *quotes, BIO *out) {
136
+ int (*get_char)(CBS *cbs, uint32_t *out);
137
+ int get_char_error;
138
+ switch (encoding) {
139
+ case MBSTRING_UNIV:
140
+ get_char = cbs_get_utf32_be;
141
+ get_char_error = ASN1_R_INVALID_UNIVERSALSTRING;
142
+ break;
143
+ case MBSTRING_BMP:
144
+ get_char = cbs_get_ucs2_be;
145
+ get_char_error = ASN1_R_INVALID_BMPSTRING;
146
+ break;
147
+ case MBSTRING_ASC:
148
+ get_char = cbs_get_latin1;
149
+ get_char_error = ERR_R_INTERNAL_ERROR; // Should not be possible.
150
+ break;
151
+ case MBSTRING_UTF8:
152
+ get_char = cbs_get_utf8;
153
+ get_char_error = ASN1_R_INVALID_UTF8STRING;
154
+ break;
191
155
  default:
192
- break;
193
- }
156
+ assert(0);
157
+ return -1;
158
+ }
194
159
 
195
- while (p != q) {
196
- if (p == buf && flags & ASN1_STRFLGS_ESC_2253)
197
- orflags = CHARTYPE_FIRST_ESC_2253;
198
- else
199
- orflags = 0;
200
- /* TODO(davidben): Replace this with |cbs_get_ucs2_be|, etc., to check
201
- * for invalid codepoints. */
202
- switch (charwidth) {
203
- case 4:
204
- c = ((uint32_t)*p++) << 24;
205
- c |= ((uint32_t)*p++) << 16;
206
- c |= ((uint32_t)*p++) << 8;
207
- c |= *p++;
208
- break;
209
-
210
- case 2:
211
- c = ((uint32_t)*p++) << 8;
212
- c |= *p++;
213
- break;
214
-
215
- case 1:
216
- c = *p++;
217
- break;
218
-
219
- case 0:
220
- i = UTF8_getc(p, buflen, &c);
221
- if (i < 0)
222
- return -1; /* Invalid UTF8String */
223
- buflen -= i;
224
- p += i;
225
- break;
226
- default:
227
- return -1; /* invalid width */
228
- }
229
- if (p == q && flags & ASN1_STRFLGS_ESC_2253)
230
- orflags = CHARTYPE_LAST_ESC_2253;
231
- if (type & BUF_TYPE_CONVUTF8) {
232
- unsigned char utfbuf[6];
233
- int utflen;
234
- utflen = UTF8_putc(utfbuf, sizeof utfbuf, c);
235
- for (i = 0; i < utflen; i++) {
236
- /*
237
- * We don't need to worry about setting orflags correctly
238
- * because if utflen==1 its value will be correct anyway
239
- * otherwise each character will be > 0x7f and so the
240
- * character will never be escaped on first and last.
241
- */
242
- len = do_esc_char(utfbuf[i], (unsigned char)(flags | orflags),
243
- quotes, out);
244
- if (len < 0)
245
- return -1;
246
- outlen += len;
247
- }
248
- } else {
249
- len = do_esc_char(c, (unsigned char)(flags | orflags), quotes, out);
250
- if (len < 0)
251
- return -1;
252
- outlen += len;
253
- }
160
+ CBS cbs;
161
+ CBS_init(&cbs, buf, buflen);
162
+ int outlen = 0;
163
+ while (CBS_len(&cbs) != 0) {
164
+ const int is_first = CBS_data(&cbs) == buf;
165
+ uint32_t c;
166
+ if (!get_char(&cbs, &c)) {
167
+ OPENSSL_PUT_ERROR(ASN1, get_char_error);
168
+ return -1;
254
169
  }
255
- return outlen;
256
- }
257
-
258
- /* This function hex dumps a buffer of characters */
259
-
260
- static int do_hex_dump(BIO *out, unsigned char *buf, int buflen)
261
- {
262
- static const char hexdig[] = "0123456789ABCDEF";
263
- unsigned char *p, *q;
264
- char hextmp[2];
265
- if (out) {
266
- p = buf;
267
- q = buf + buflen;
268
- while (p != q) {
269
- hextmp[0] = hexdig[*p >> 4];
270
- hextmp[1] = hexdig[*p & 0xf];
271
- if (!maybe_write(out, hextmp, 2))
272
- return -1;
273
- p++;
170
+ const int is_last = CBS_len(&cbs) == 0;
171
+ if (flags & ASN1_STRFLGS_UTF8_CONVERT) {
172
+ uint8_t utf8_buf[6];
173
+ CBB utf8_cbb;
174
+ CBB_init_fixed(&utf8_cbb, utf8_buf, sizeof(utf8_buf));
175
+ if (!cbb_add_utf8(&utf8_cbb, c)) {
176
+ OPENSSL_PUT_ERROR(ASN1, ERR_R_INTERNAL_ERROR);
177
+ return 1;
178
+ }
179
+ size_t utf8_len = CBB_len(&utf8_cbb);
180
+ for (size_t i = 0; i < utf8_len; i++) {
181
+ int len = do_esc_char(utf8_buf[i], flags, quotes, out,
182
+ is_first && i == 0, is_last && i == utf8_len - 1);
183
+ if (len < 0) {
184
+ return -1;
274
185
  }
186
+ outlen += len;
187
+ }
188
+ } else {
189
+ int len = do_esc_char(c, flags, quotes, out, is_first, is_last);
190
+ if (len < 0) {
191
+ return -1;
192
+ }
193
+ outlen += len;
275
194
  }
276
- return buflen << 1;
195
+ }
196
+ return outlen;
277
197
  }
278
198
 
279
- /*
280
- * "dump" a string. This is done when the type is unknown, or the flags
281
- * request it. We can either dump the content octets or the entire DER
282
- * encoding. This uses the RFC 2253 #01234 format.
283
- */
199
+ // This function hex dumps a buffer of characters
284
200
 
285
- static int do_dump(unsigned long lflags, BIO *out, const ASN1_STRING *str)
286
- {
287
- if (!maybe_write(out, "#", 1)) {
201
+ static int do_hex_dump(BIO *out, unsigned char *buf, int buflen) {
202
+ static const char hexdig[] = "0123456789ABCDEF";
203
+ unsigned char *p, *q;
204
+ char hextmp[2];
205
+ if (out) {
206
+ p = buf;
207
+ q = buf + buflen;
208
+ while (p != q) {
209
+ hextmp[0] = hexdig[*p >> 4];
210
+ hextmp[1] = hexdig[*p & 0xf];
211
+ if (!maybe_write(out, hextmp, 2)) {
288
212
  return -1;
213
+ }
214
+ p++;
289
215
  }
216
+ }
217
+ return buflen << 1;
218
+ }
290
219
 
291
- /* If we don't dump DER encoding just dump content octets */
292
- if (!(lflags & ASN1_STRFLGS_DUMP_DER)) {
293
- int outlen = do_hex_dump(out, str->data, str->length);
294
- if (outlen < 0) {
295
- return -1;
296
- }
297
- return outlen + 1;
298
- }
220
+ // "dump" a string. This is done when the type is unknown, or the flags
221
+ // request it. We can either dump the content octets or the entire DER
222
+ // encoding. This uses the RFC 2253 #01234 format.
299
223
 
300
- /*
301
- * Placing the ASN1_STRING in a temporary ASN1_TYPE allows the DER encoding
302
- * to readily obtained.
303
- */
304
- ASN1_TYPE t;
305
- t.type = str->type;
306
- /* Negative INTEGER and ENUMERATED values are the only case where
307
- * |ASN1_STRING| and |ASN1_TYPE| types do not match.
308
- *
309
- * TODO(davidben): There are also some type fields which, in |ASN1_TYPE|, do
310
- * not correspond to |ASN1_STRING|. It is unclear whether those are allowed
311
- * in |ASN1_STRING| at all, or what the space of allowed types is.
312
- * |ASN1_item_ex_d2i| will never produce such a value so, for now, we say
313
- * this is an invalid input. But this corner of the library in general
314
- * should be more robust. */
315
- if (t.type == V_ASN1_NEG_INTEGER) {
316
- t.type = V_ASN1_INTEGER;
317
- } else if (t.type == V_ASN1_NEG_ENUMERATED) {
318
- t.type = V_ASN1_ENUMERATED;
319
- }
320
- t.value.asn1_string = (ASN1_STRING *)str;
321
- unsigned char *der_buf = NULL;
322
- int der_len = i2d_ASN1_TYPE(&t, &der_buf);
323
- if (der_len < 0) {
324
- return -1;
325
- }
326
- int outlen = do_hex_dump(out, der_buf, der_len);
327
- OPENSSL_free(der_buf);
224
+ static int do_dump(unsigned long flags, BIO *out, const ASN1_STRING *str) {
225
+ if (!maybe_write(out, "#", 1)) {
226
+ return -1;
227
+ }
228
+
229
+ // If we don't dump DER encoding just dump content octets
230
+ if (!(flags & ASN1_STRFLGS_DUMP_DER)) {
231
+ int outlen = do_hex_dump(out, str->data, str->length);
328
232
  if (outlen < 0) {
329
- return -1;
233
+ return -1;
330
234
  }
331
235
  return outlen + 1;
236
+ }
237
+
238
+ // Placing the ASN1_STRING in a temporary ASN1_TYPE allows the DER encoding
239
+ // to readily obtained.
240
+ ASN1_TYPE t;
241
+ t.type = str->type;
242
+ // Negative INTEGER and ENUMERATED values are the only case where
243
+ // |ASN1_STRING| and |ASN1_TYPE| types do not match.
244
+ //
245
+ // TODO(davidben): There are also some type fields which, in |ASN1_TYPE|, do
246
+ // not correspond to |ASN1_STRING|. It is unclear whether those are allowed
247
+ // in |ASN1_STRING| at all, or what the space of allowed types is.
248
+ // |ASN1_item_ex_d2i| will never produce such a value so, for now, we say
249
+ // this is an invalid input. But this corner of the library in general
250
+ // should be more robust.
251
+ if (t.type == V_ASN1_NEG_INTEGER) {
252
+ t.type = V_ASN1_INTEGER;
253
+ } else if (t.type == V_ASN1_NEG_ENUMERATED) {
254
+ t.type = V_ASN1_ENUMERATED;
255
+ }
256
+ t.value.asn1_string = (ASN1_STRING *)str;
257
+ unsigned char *der_buf = NULL;
258
+ int der_len = i2d_ASN1_TYPE(&t, &der_buf);
259
+ if (der_len < 0) {
260
+ return -1;
261
+ }
262
+ int outlen = do_hex_dump(out, der_buf, der_len);
263
+ OPENSSL_free(der_buf);
264
+ if (outlen < 0) {
265
+ return -1;
266
+ }
267
+ return outlen + 1;
332
268
  }
333
269
 
334
- /*
335
- * Lookup table to convert tags to character widths, 0 = UTF8 encoded, -1 is
336
- * used for non string types otherwise it is the number of bytes per
337
- * character
338
- */
339
-
340
- static const signed char tag2nbyte[] = {
341
- -1, -1, -1, -1, -1, /* 0-4 */
342
- -1, -1, -1, -1, -1, /* 5-9 */
343
- -1, -1, 0, -1, /* 10-13 */
344
- -1, -1, -1, -1, /* 15-17 */
345
- 1, 1, 1, /* 18-20 */
346
- -1, 1, 1, 1, /* 21-24 */
347
- -1, 1, -1, /* 25-27 */
348
- 4, -1, 2 /* 28-30 */
349
- };
350
-
351
- /*
352
- * This is the main function, print out an ASN1_STRING taking note of various
353
- * escape and display options. Returns number of characters written or -1 if
354
- * an error occurred.
355
- */
356
-
357
- int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long lflags)
358
- {
359
- int outlen, len;
360
- int type;
361
- char quotes;
362
- unsigned char flags;
363
- quotes = 0;
364
- /* Keep a copy of escape flags */
365
- flags = (unsigned char)(lflags & ESC_FLAGS);
366
-
367
- type = str->type;
368
-
369
- outlen = 0;
370
-
371
- if (lflags & ASN1_STRFLGS_SHOW_TYPE) {
372
- const char *tagname;
373
- tagname = ASN1_tag2str(type);
374
- outlen += strlen(tagname);
375
- if (!maybe_write(out, tagname, outlen) || !maybe_write(out, ":", 1))
376
- return -1;
377
- outlen++;
378
- }
270
+ // string_type_to_encoding returns the |MBSTRING_*| constant for the encoding
271
+ // used by the |ASN1_STRING| type |type|, or -1 if |tag| is not a string
272
+ // type.
273
+ static int string_type_to_encoding(int type) {
274
+ // This function is sometimes passed ASN.1 universal types and sometimes
275
+ // passed |ASN1_STRING| type values
276
+ switch (type) {
277
+ case V_ASN1_UTF8STRING:
278
+ return MBSTRING_UTF8;
279
+ case V_ASN1_NUMERICSTRING:
280
+ case V_ASN1_PRINTABLESTRING:
281
+ case V_ASN1_T61STRING:
282
+ case V_ASN1_IA5STRING:
283
+ case V_ASN1_UTCTIME:
284
+ case V_ASN1_GENERALIZEDTIME:
285
+ case V_ASN1_ISO64STRING:
286
+ // |MBSTRING_ASC| refers to Latin-1, not ASCII.
287
+ return MBSTRING_ASC;
288
+ case V_ASN1_UNIVERSALSTRING:
289
+ return MBSTRING_UNIV;
290
+ case V_ASN1_BMPSTRING:
291
+ return MBSTRING_BMP;
292
+ }
293
+ return -1;
294
+ }
379
295
 
380
- /* Decide what to do with type, either dump content or display it */
381
-
382
- /* Dump everything */
383
- if (lflags & ASN1_STRFLGS_DUMP_ALL)
384
- type = -1;
385
- /* Ignore the string type */
386
- else if (lflags & ASN1_STRFLGS_IGNORE_TYPE)
387
- type = 1;
388
- else {
389
- /* Else determine width based on type */
390
- if ((type > 0) && (type < 31))
391
- type = tag2nbyte[type];
392
- else
393
- type = -1;
394
- if ((type == -1) && !(lflags & ASN1_STRFLGS_DUMP_UNKNOWN))
395
- type = 1;
296
+ // This is the main function, print out an ASN1_STRING taking note of various
297
+ // escape and display options. Returns number of characters written or -1 if
298
+ // an error occurred.
299
+
300
+ int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str,
301
+ unsigned long flags) {
302
+ int type = str->type;
303
+ int outlen = 0;
304
+ if (flags & ASN1_STRFLGS_SHOW_TYPE) {
305
+ const char *tagname = ASN1_tag2str(type);
306
+ outlen += strlen(tagname);
307
+ if (!maybe_write(out, tagname, outlen) || !maybe_write(out, ":", 1)) {
308
+ return -1;
396
309
  }
310
+ outlen++;
311
+ }
397
312
 
398
- if (type == -1) {
399
- len = do_dump(lflags, out, str);
400
- if (len < 0)
401
- return -1;
402
- outlen += len;
403
- return outlen;
313
+ // Decide what to do with |str|, either dump the contents or display it.
314
+ int encoding;
315
+ if (flags & ASN1_STRFLGS_DUMP_ALL) {
316
+ // Dump everything.
317
+ encoding = -1;
318
+ } else if (flags & ASN1_STRFLGS_IGNORE_TYPE) {
319
+ // Ignore the string type and interpret the contents as Latin-1.
320
+ encoding = MBSTRING_ASC;
321
+ } else {
322
+ encoding = string_type_to_encoding(type);
323
+ if (encoding == -1 && (flags & ASN1_STRFLGS_DUMP_UNKNOWN) == 0) {
324
+ encoding = MBSTRING_ASC;
404
325
  }
326
+ }
405
327
 
406
- if (lflags & ASN1_STRFLGS_UTF8_CONVERT) {
407
- /*
408
- * Note: if string is UTF8 and we want to convert to UTF8 then we
409
- * just interpret it as 1 byte per character to avoid converting
410
- * twice.
411
- */
412
- if (!type)
413
- type = 1;
414
- else
415
- type |= BUF_TYPE_CONVUTF8;
328
+ if (encoding == -1) {
329
+ int len = do_dump(flags, out, str);
330
+ if (len < 0) {
331
+ return -1;
416
332
  }
417
-
418
- len = do_buf(str->data, str->length, type, flags, &quotes, NULL);
419
- if (len < 0)
420
- return -1;
421
333
  outlen += len;
422
- if (quotes)
423
- outlen += 2;
424
- if (!out)
425
- return outlen;
426
- if (quotes && !maybe_write(out, "\"", 1))
427
- return -1;
428
- if (do_buf(str->data, str->length, type, flags, NULL, out) < 0)
429
- return -1;
430
- if (quotes && !maybe_write(out, "\"", 1))
431
- return -1;
432
334
  return outlen;
433
- }
335
+ }
434
336
 
435
- int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str,
436
- unsigned long flags)
437
- {
438
- BIO *bio = NULL;
439
- if (fp != NULL) {
440
- /* If |fp| is NULL, this function returns the number of bytes without
441
- * writing. */
442
- bio = BIO_new_fp(fp, BIO_NOCLOSE);
443
- if (bio == NULL) {
444
- return -1;
445
- }
446
- }
447
- int ret = ASN1_STRING_print_ex(bio, str, flags);
448
- BIO_free(bio);
449
- return ret;
450
- }
337
+ // Measure the length.
338
+ char quotes = 0;
339
+ int len = do_buf(str->data, str->length, encoding, flags, &quotes, NULL);
340
+ if (len < 0) {
341
+ return -1;
342
+ }
343
+ outlen += len;
344
+ if (quotes) {
345
+ outlen += 2;
346
+ }
347
+ if (!out) {
348
+ return outlen;
349
+ }
451
350
 
452
- int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in)
453
- {
454
- ASN1_STRING stmp, *str = &stmp;
455
- int mbflag, type, ret;
456
- if (!in)
457
- return -1;
458
- type = in->type;
459
- if ((type < 0) || (type > 30))
460
- return -1;
461
- mbflag = tag2nbyte[type];
462
- if (mbflag == -1)
463
- return -1;
464
- mbflag |= MBSTRING_FLAG;
465
- stmp.data = NULL;
466
- stmp.length = 0;
467
- stmp.flags = 0;
468
- ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag,
469
- B_ASN1_UTF8STRING);
470
- if (ret < 0)
471
- return ret;
472
- *out = stmp.data;
473
- return stmp.length;
351
+ // Encode the value.
352
+ if ((quotes && !maybe_write(out, "\"", 1)) ||
353
+ do_buf(str->data, str->length, encoding, flags, NULL, out) < 0 ||
354
+ (quotes && !maybe_write(out, "\"", 1))) {
355
+ return -1;
356
+ }
357
+ return outlen;
474
358
  }
475
359
 
476
- int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v)
477
- {
478
- int i, n;
479
- char buf[80];
480
- const char *p;
481
-
482
- if (v == NULL)
483
- return (0);
484
- n = 0;
485
- p = (const char *)v->data;
486
- for (i = 0; i < v->length; i++) {
487
- if ((p[i] > '~') || ((p[i] < ' ') &&
488
- (p[i] != '\n') && (p[i] != '\r')))
489
- buf[n] = '.';
490
- else
491
- buf[n] = p[i];
492
- n++;
493
- if (n >= 80) {
494
- if (BIO_write(bp, buf, n) <= 0)
495
- return (0);
496
- n = 0;
497
- }
360
+ int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str,
361
+ unsigned long flags) {
362
+ BIO *bio = NULL;
363
+ if (fp != NULL) {
364
+ // If |fp| is NULL, this function returns the number of bytes without
365
+ // writing.
366
+ bio = BIO_new_fp(fp, BIO_NOCLOSE);
367
+ if (bio == NULL) {
368
+ return -1;
498
369
  }
499
- if (n > 0)
500
- if (BIO_write(bp, buf, n) <= 0)
501
- return (0);
502
- return (1);
370
+ }
371
+ int ret = ASN1_STRING_print_ex(bio, str, flags);
372
+ BIO_free(bio);
373
+ return ret;
503
374
  }
504
375
 
505
- int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
506
- {
507
- if (tm->type == V_ASN1_UTCTIME)
508
- return ASN1_UTCTIME_print(bp, tm);
509
- if (tm->type == V_ASN1_GENERALIZEDTIME)
510
- return ASN1_GENERALIZEDTIME_print(bp, tm);
511
- BIO_write(bp, "Bad time value", 14);
512
- return (0);
376
+ int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in) {
377
+ if (!in) {
378
+ return -1;
379
+ }
380
+ int mbflag = string_type_to_encoding(in->type);
381
+ if (mbflag == -1) {
382
+ OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_TAG);
383
+ return -1;
384
+ }
385
+ ASN1_STRING stmp, *str = &stmp;
386
+ stmp.data = NULL;
387
+ stmp.length = 0;
388
+ stmp.flags = 0;
389
+ int ret =
390
+ ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING);
391
+ if (ret < 0) {
392
+ return ret;
393
+ }
394
+ *out = stmp.data;
395
+ return stmp.length;
513
396
  }
514
397
 
515
- static const char *const mon[12] = {
516
- "Jan", "Feb", "Mar", "Apr", "May", "Jun",
517
- "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
518
- };
519
-
520
- int ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm)
521
- {
522
- char *v;
523
- int gmt = 0;
524
- int i;
525
- int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0;
526
- char *f = NULL;
527
- int f_len = 0;
528
-
529
- i = tm->length;
530
- v = (char *)tm->data;
531
-
532
- if (i < 12)
533
- goto err;
534
- if (v[i - 1] == 'Z')
535
- gmt = 1;
536
- for (i = 0; i < 12; i++)
537
- if ((v[i] > '9') || (v[i] < '0'))
538
- goto err;
539
- y = (v[0] - '0') * 1000 + (v[1] - '0') * 100 + (v[2] - '0') * 10 + (v[3] -
540
- '0');
541
- M = (v[4] - '0') * 10 + (v[5] - '0');
542
- if ((M > 12) || (M < 1))
543
- goto err;
544
- d = (v[6] - '0') * 10 + (v[7] - '0');
545
- h = (v[8] - '0') * 10 + (v[9] - '0');
546
- m = (v[10] - '0') * 10 + (v[11] - '0');
547
- if (tm->length >= 14 &&
548
- (v[12] >= '0') && (v[12] <= '9') &&
549
- (v[13] >= '0') && (v[13] <= '9')) {
550
- s = (v[12] - '0') * 10 + (v[13] - '0');
551
- /* Check for fractions of seconds. */
552
- if (tm->length >= 15 && v[14] == '.') {
553
- int l = tm->length;
554
- f = &v[14]; /* The decimal point. */
555
- f_len = 1;
556
- while (14 + f_len < l && f[f_len] >= '0' && f[f_len] <= '9')
557
- ++f_len;
558
- }
559
- }
560
-
561
- if (BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s",
562
- mon[M - 1], d, h, m, s, f_len, f, y,
563
- (gmt) ? " GMT" : "") <= 0)
564
- return (0);
565
- else
566
- return (1);
567
- err:
568
- BIO_write(bp, "Bad time value", 14);
569
- return (0);
570
- }
398
+ int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v) {
399
+ int i, n;
400
+ char buf[80];
401
+ const char *p;
571
402
 
572
- // consume_two_digits is a helper function for ASN1_UTCTIME_print. If |*v|,
573
- // assumed to be |*len| bytes long, has two leading digits, updates |*out| with
574
- // their value, updates |v| and |len|, and returns one. Otherwise, returns
575
- // zero.
576
- static int consume_two_digits(int* out, const char **v, int *len) {
577
- if (*len < 2|| !isdigit((*v)[0]) || !isdigit((*v)[1])) {
403
+ if (v == NULL) {
578
404
  return 0;
579
405
  }
580
- *out = ((*v)[0] - '0') * 10 + ((*v)[1] - '0');
581
- *len -= 2;
582
- *v += 2;
583
- return 1;
584
- }
585
-
586
- // consume_zulu_timezone is a helper function for ASN1_UTCTIME_print. If |*v|,
587
- // assumed to be |*len| bytes long, starts with "Z" then it updates |*v| and
588
- // |*len| and returns one. Otherwise returns zero.
589
- static int consume_zulu_timezone(const char **v, int *len) {
590
- if (*len == 0 || (*v)[0] != 'Z') {
591
- return 0;
406
+ n = 0;
407
+ p = (const char *)v->data;
408
+ for (i = 0; i < v->length; i++) {
409
+ if ((p[i] > '~') || ((p[i] < ' ') && (p[i] != '\n') && (p[i] != '\r'))) {
410
+ buf[n] = '.';
411
+ } else {
412
+ buf[n] = p[i];
413
+ }
414
+ n++;
415
+ if (n >= 80) {
416
+ if (BIO_write(bp, buf, n) <= 0) {
417
+ return 0;
418
+ }
419
+ n = 0;
420
+ }
421
+ }
422
+ if (n > 0) {
423
+ if (BIO_write(bp, buf, n) <= 0) {
424
+ return 0;
425
+ }
592
426
  }
593
-
594
- *len -= 1;
595
- *v += 1;
596
427
  return 1;
597
428
  }
598
429
 
599
- int ASN1_UTCTIME_print(BIO *bp, const ASN1_UTCTIME *tm) {
600
- const char *v = (const char *)tm->data;
601
- int len = tm->length;
602
- int Y = 0, M = 0, D = 0, h = 0, m = 0, s = 0;
603
-
604
- // YYMMDDhhmm are required to be present.
605
- if (!consume_two_digits(&Y, &v, &len) ||
606
- !consume_two_digits(&M, &v, &len) ||
607
- !consume_two_digits(&D, &v, &len) ||
608
- !consume_two_digits(&h, &v, &len) ||
609
- !consume_two_digits(&m, &v, &len)) {
610
- goto err;
430
+ int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm) {
431
+ if (tm->type == V_ASN1_UTCTIME) {
432
+ return ASN1_UTCTIME_print(bp, tm);
611
433
  }
612
- // https://tools.ietf.org/html/rfc5280, section 4.1.2.5.1, requires seconds
613
- // to be present, but historically this code has forgiven its absence.
614
- consume_two_digits(&s, &v, &len);
615
-
616
- // https://tools.ietf.org/html/rfc5280, section 4.1.2.5.1, specifies this
617
- // interpretation of the year.
618
- if (Y < 50) {
619
- Y += 2000;
620
- } else {
621
- Y += 1900;
622
- }
623
- if (M > 12 || M == 0) {
624
- goto err;
625
- }
626
- if (D > 31 || D == 0) {
627
- goto err;
628
- }
629
- if (h > 23 || m > 59 || s > 60) {
630
- goto err;
434
+ if (tm->type == V_ASN1_GENERALIZEDTIME) {
435
+ return ASN1_GENERALIZEDTIME_print(bp, tm);
631
436
  }
437
+ BIO_puts(bp, "Bad time value");
438
+ return 0;
439
+ }
632
440
 
633
- // https://tools.ietf.org/html/rfc5280, section 4.1.2.5.1, requires the "Z"
634
- // to be present, but historically this code has forgiven its absence.
635
- const int is_gmt = consume_zulu_timezone(&v, &len);
441
+ static const char *const mon[12] = {"Jan", "Feb", "Mar", "Apr", "May", "Jun",
442
+ "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"};
636
443
 
637
- // https://tools.ietf.org/html/rfc5280, section 4.1.2.5.1, does not permit
638
- // the specification of timezones using the +hhmm / -hhmm syntax, which is
639
- // the only other thing that might legitimately be found at the end.
640
- if (len) {
641
- goto err;
444
+ int ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm) {
445
+ CBS cbs;
446
+ CBS_init(&cbs, tm->data, tm->length);
447
+ struct tm utc;
448
+ if (!CBS_parse_generalized_time(&cbs, &utc, /*allow_timezone_offset=*/0)) {
449
+ BIO_puts(bp, "Bad time value");
450
+ return 0;
642
451
  }
643
452
 
644
- return BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s", mon[M - 1], D, h, m, s, Y,
645
- is_gmt ? " GMT" : "") > 0;
453
+ return BIO_printf(bp, "%s %2d %02d:%02d:%02d %d GMT", mon[utc.tm_mon],
454
+ utc.tm_mday, utc.tm_hour, utc.tm_min, utc.tm_sec,
455
+ utc.tm_year + 1900) > 0;
456
+ }
646
457
 
647
- err:
648
- BIO_write(bp, "Bad time value", 14);
649
- return 0;
458
+ int ASN1_UTCTIME_print(BIO *bp, const ASN1_UTCTIME *tm) {
459
+ CBS cbs;
460
+ CBS_init(&cbs, tm->data, tm->length);
461
+ struct tm utc;
462
+ if (!CBS_parse_utc_time(&cbs, &utc, /*allow_timezone_offset=*/0)) {
463
+ BIO_puts(bp, "Bad time value");
464
+ return 0;
465
+ }
466
+
467
+ return BIO_printf(bp, "%s %2d %02d:%02d:%02d %d GMT", mon[utc.tm_mon],
468
+ utc.tm_mday, utc.tm_hour, utc.tm_min, utc.tm_sec,
469
+ utc.tm_year + 1900) > 0;
650
470
  }