grpc 1.53.2 → 1.54.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (693) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +78 -66
  3. data/include/grpc/event_engine/event_engine.h +30 -14
  4. data/include/grpc/grpc_security.h +4 -0
  5. data/include/grpc/support/port_platform.h +4 -4
  6. data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +11 -0
  7. data/src/core/ext/filters/client_channel/backend_metric.cc +6 -0
  8. data/src/core/ext/filters/client_channel/backup_poller.cc +2 -11
  9. data/src/core/ext/filters/client_channel/backup_poller.h +0 -3
  10. data/src/core/ext/filters/client_channel/client_channel.cc +848 -813
  11. data/src/core/ext/filters/client_channel/client_channel.h +131 -173
  12. data/src/core/ext/filters/client_channel/client_channel_internal.h +114 -0
  13. data/src/core/ext/filters/client_channel/config_selector.h +4 -3
  14. data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +6 -1
  15. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +17 -18
  16. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +134 -151
  17. data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2 -16
  18. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +14 -10
  19. data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +68 -30
  20. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +11 -3
  21. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -1
  22. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -5
  23. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +2 -2
  24. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +30 -38
  25. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +4 -4
  26. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +20 -26
  27. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +31 -179
  28. data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +1 -2
  29. data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -2
  30. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +4 -2
  31. data/src/core/ext/filters/client_channel/retry_filter.cc +95 -102
  32. data/src/core/ext/filters/client_channel/subchannel.cc +2 -4
  33. data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +26 -27
  34. data/src/core/ext/filters/client_channel/subchannel_stream_client.h +8 -5
  35. data/src/core/ext/filters/http/client/http_client_filter.cc +3 -3
  36. data/src/core/ext/filters/http/http_filters_plugin.cc +1 -12
  37. data/src/core/ext/filters/http/message_compress/compression_filter.cc +27 -11
  38. data/src/core/ext/filters/message_size/message_size_filter.cc +141 -224
  39. data/src/core/ext/filters/message_size/message_size_filter.h +48 -3
  40. data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +7 -6
  41. data/src/core/ext/gcp/metadata_query.cc +142 -0
  42. data/src/core/ext/gcp/metadata_query.h +82 -0
  43. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +70 -55
  44. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +8 -12
  45. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -5
  46. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +116 -58
  47. data/src/core/ext/transport/chttp2/transport/flow_control.cc +5 -2
  48. data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -1
  49. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +4 -1
  50. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +222 -118
  51. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +113 -295
  52. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +0 -2
  53. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +0 -2
  54. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +277 -451
  55. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +1 -3
  56. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +12 -14
  57. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +1 -9
  58. data/src/core/ext/transport/chttp2/transport/internal.h +16 -3
  59. data/src/core/ext/transport/chttp2/transport/parsing.cc +3 -2
  60. data/src/core/ext/transport/chttp2/transport/writing.cc +10 -5
  61. data/src/core/ext/transport/inproc/inproc_transport.cc +20 -14
  62. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +5 -3
  63. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +22 -0
  64. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +5 -3
  65. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +22 -0
  66. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +23 -5
  67. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +94 -3
  68. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -2
  69. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +120 -0
  70. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +6 -3
  71. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +22 -0
  72. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +24 -6
  73. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +111 -12
  74. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +9 -7
  75. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +27 -9
  76. data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +0 -1
  77. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +11 -7
  78. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +56 -12
  79. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +5 -3
  80. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +24 -0
  81. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +5 -3
  82. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +24 -0
  83. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +13 -2
  84. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +49 -0
  85. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +24 -9
  86. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +66 -12
  87. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +191 -187
  88. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +139 -136
  89. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +31 -15
  90. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -0
  91. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +12 -9
  92. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +15 -0
  93. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +54 -45
  94. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +135 -119
  95. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
  96. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +100 -97
  97. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +15 -18
  98. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +272 -264
  99. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +117 -117
  100. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +5 -5
  101. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +5 -5
  102. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +5 -5
  103. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +12 -9
  104. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -0
  105. data/src/core/ext/xds/xds_channel_stack_modifier.cc +1 -2
  106. data/src/core/ext/xds/xds_client_stats.cc +29 -15
  107. data/src/core/ext/xds/xds_client_stats.h +24 -20
  108. data/src/core/ext/xds/xds_endpoint.cc +5 -2
  109. data/src/core/ext/xds/xds_endpoint.h +9 -1
  110. data/src/core/ext/xds/xds_http_rbac_filter.cc +1 -1
  111. data/src/core/ext/xds/xds_lb_policy_registry.cc +13 -0
  112. data/src/core/ext/xds/xds_transport_grpc.cc +1 -1
  113. data/src/core/lib/channel/call_finalization.h +1 -1
  114. data/src/core/lib/channel/call_tracer.cc +51 -0
  115. data/src/core/lib/channel/call_tracer.h +101 -38
  116. data/src/core/lib/channel/connected_channel.cc +483 -1050
  117. data/src/core/lib/channel/context.h +8 -1
  118. data/src/core/lib/channel/promise_based_filter.cc +106 -42
  119. data/src/core/lib/channel/promise_based_filter.h +27 -13
  120. data/src/core/lib/channel/server_call_tracer_filter.cc +110 -0
  121. data/src/core/lib/config/config_vars.cc +151 -0
  122. data/src/core/lib/config/config_vars.h +127 -0
  123. data/src/core/lib/config/config_vars_non_generated.cc +51 -0
  124. data/src/core/lib/config/load_config.cc +66 -0
  125. data/src/core/lib/config/load_config.h +49 -0
  126. data/src/core/lib/debug/trace.cc +5 -6
  127. data/src/core/lib/debug/trace.h +0 -5
  128. data/src/core/lib/event_engine/event_engine.cc +37 -2
  129. data/src/core/lib/event_engine/handle_containers.h +7 -22
  130. data/src/core/lib/event_engine/memory_allocator_factory.h +47 -0
  131. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -4
  132. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +3 -9
  133. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +48 -15
  134. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +8 -8
  135. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +6 -5
  136. data/src/core/lib/event_engine/posix_engine/posix_engine.h +0 -1
  137. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +6 -32
  138. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +0 -3
  139. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +27 -18
  140. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +0 -3
  141. data/src/core/lib/event_engine/resolved_address.cc +2 -1
  142. data/src/core/lib/event_engine/windows/win_socket.cc +0 -1
  143. data/src/core/lib/event_engine/windows/windows_endpoint.cc +129 -82
  144. data/src/core/lib/event_engine/windows/windows_endpoint.h +21 -5
  145. data/src/core/lib/event_engine/windows/windows_engine.cc +39 -18
  146. data/src/core/lib/event_engine/windows/windows_engine.h +2 -1
  147. data/src/core/lib/event_engine/windows/windows_listener.cc +370 -0
  148. data/src/core/lib/event_engine/windows/windows_listener.h +155 -0
  149. data/src/core/lib/experiments/config.cc +3 -10
  150. data/src/core/lib/experiments/experiments.cc +7 -0
  151. data/src/core/lib/experiments/experiments.h +9 -1
  152. data/src/core/lib/gpr/log.cc +15 -28
  153. data/src/core/lib/gprpp/fork.cc +8 -14
  154. data/src/core/lib/gprpp/orphanable.h +4 -3
  155. data/src/core/lib/gprpp/per_cpu.h +9 -3
  156. data/src/core/lib/gprpp/{thd_posix.cc → posix/thd.cc} +49 -37
  157. data/src/core/lib/gprpp/ref_counted.h +33 -34
  158. data/src/core/lib/gprpp/thd.h +16 -0
  159. data/src/core/lib/gprpp/time.cc +1 -0
  160. data/src/core/lib/gprpp/time.h +4 -4
  161. data/src/core/lib/gprpp/{thd_windows.cc → windows/thd.cc} +2 -2
  162. data/src/core/lib/iomgr/call_combiner.h +2 -2
  163. data/src/core/lib/iomgr/endpoint_cfstream.cc +4 -2
  164. data/src/core/lib/iomgr/ev_posix.cc +13 -53
  165. data/src/core/lib/iomgr/ev_posix.h +0 -3
  166. data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +103 -76
  167. data/src/core/lib/iomgr/iomgr.cc +4 -8
  168. data/src/core/lib/iomgr/iomgr_windows.cc +8 -2
  169. data/src/core/lib/iomgr/pollset_set_windows.cc +9 -9
  170. data/src/core/lib/iomgr/pollset_windows.cc +1 -1
  171. data/src/core/lib/iomgr/socket_utils_common_posix.cc +16 -3
  172. data/src/core/lib/iomgr/tcp_client_windows.cc +2 -2
  173. data/src/core/lib/iomgr/tcp_posix.cc +0 -1
  174. data/src/core/lib/iomgr/tcp_server_posix.cc +19 -55
  175. data/src/core/lib/iomgr/tcp_server_utils_posix.h +0 -12
  176. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +0 -21
  177. data/src/core/lib/iomgr/tcp_server_windows.cc +176 -9
  178. data/src/core/lib/iomgr/tcp_windows.cc +12 -8
  179. data/src/core/lib/load_balancing/lb_policy.cc +9 -13
  180. data/src/core/lib/load_balancing/lb_policy.h +4 -2
  181. data/src/core/lib/promise/activity.cc +22 -6
  182. data/src/core/lib/promise/activity.h +61 -24
  183. data/src/core/lib/promise/cancel_callback.h +77 -0
  184. data/src/core/lib/promise/detail/basic_seq.h +1 -1
  185. data/src/core/lib/promise/detail/promise_factory.h +4 -0
  186. data/src/core/lib/promise/for_each.h +176 -0
  187. data/src/core/lib/promise/if.h +9 -0
  188. data/src/core/lib/promise/interceptor_list.h +23 -2
  189. data/src/core/lib/promise/latch.h +89 -3
  190. data/src/core/lib/promise/loop.h +13 -9
  191. data/src/core/lib/promise/map.h +7 -0
  192. data/src/core/lib/promise/party.cc +286 -0
  193. data/src/core/lib/promise/party.h +499 -0
  194. data/src/core/lib/promise/pipe.h +197 -57
  195. data/src/core/lib/promise/poll.h +48 -0
  196. data/src/core/lib/promise/promise.h +2 -2
  197. data/src/core/lib/resource_quota/arena.cc +19 -3
  198. data/src/core/lib/resource_quota/arena.h +119 -5
  199. data/src/core/lib/resource_quota/memory_quota.cc +1 -1
  200. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +12 -35
  201. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -0
  202. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -59
  203. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -5
  204. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
  205. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +13 -0
  206. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +2 -0
  207. data/src/core/lib/security/security_connector/load_system_roots_supported.cc +5 -9
  208. data/src/core/lib/security/security_connector/ssl_utils.cc +11 -25
  209. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +12 -0
  210. data/src/core/lib/security/transport/secure_endpoint.cc +4 -2
  211. data/src/core/lib/security/transport/server_auth_filter.cc +20 -2
  212. data/src/core/lib/slice/slice.cc +1 -1
  213. data/src/core/lib/surface/builtins.cc +2 -0
  214. data/src/core/lib/surface/call.cc +926 -1024
  215. data/src/core/lib/surface/call.h +10 -0
  216. data/src/core/lib/surface/lame_client.cc +1 -0
  217. data/src/core/lib/surface/validate_metadata.cc +42 -43
  218. data/src/core/lib/surface/validate_metadata.h +0 -9
  219. data/src/core/lib/surface/version.cc +2 -2
  220. data/src/core/lib/transport/batch_builder.cc +179 -0
  221. data/src/core/lib/transport/batch_builder.h +468 -0
  222. data/src/core/lib/transport/bdp_estimator.cc +7 -7
  223. data/src/core/lib/transport/bdp_estimator.h +10 -6
  224. data/src/core/lib/transport/custom_metadata.h +30 -0
  225. data/src/core/lib/transport/metadata_batch.cc +5 -2
  226. data/src/core/lib/transport/metadata_batch.h +17 -113
  227. data/src/core/lib/transport/parsed_metadata.h +6 -16
  228. data/src/core/lib/transport/timeout_encoding.cc +6 -1
  229. data/src/core/lib/transport/transport.cc +30 -2
  230. data/src/core/lib/transport/transport.h +70 -14
  231. data/src/core/lib/transport/transport_impl.h +7 -0
  232. data/src/core/lib/transport/transport_op_string.cc +52 -42
  233. data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -2
  234. data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -0
  235. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +21 -4
  236. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +5 -0
  237. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +1 -1
  238. data/src/core/tsi/ssl_transport_security.cc +4 -2
  239. data/src/ruby/lib/grpc/version.rb +1 -1
  240. data/third_party/abseil-cpp/absl/base/config.h +1 -1
  241. data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +34 -0
  242. data/third_party/abseil-cpp/absl/flags/commandlineflag.h +200 -0
  243. data/third_party/abseil-cpp/absl/flags/config.h +68 -0
  244. data/third_party/abseil-cpp/absl/flags/declare.h +73 -0
  245. data/third_party/abseil-cpp/absl/flags/flag.cc +38 -0
  246. data/third_party/abseil-cpp/absl/flags/flag.h +310 -0
  247. data/{src/core/lib/gprpp/global_config_custom.h → third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc} +11 -14
  248. data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.h +68 -0
  249. data/third_party/abseil-cpp/absl/flags/internal/flag.cc +615 -0
  250. data/third_party/abseil-cpp/absl/flags/internal/flag.h +800 -0
  251. data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +116 -0
  252. data/third_party/abseil-cpp/absl/flags/internal/path_util.h +62 -0
  253. data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +65 -0
  254. data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +61 -0
  255. data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +60 -0
  256. data/third_party/abseil-cpp/absl/flags/internal/program_name.h +50 -0
  257. data/third_party/abseil-cpp/absl/flags/internal/registry.h +97 -0
  258. data/third_party/abseil-cpp/absl/flags/internal/sequence_lock.h +187 -0
  259. data/third_party/abseil-cpp/absl/flags/marshalling.cc +241 -0
  260. data/third_party/abseil-cpp/absl/flags/marshalling.h +356 -0
  261. data/third_party/abseil-cpp/absl/flags/reflection.cc +354 -0
  262. data/third_party/abseil-cpp/absl/flags/reflection.h +90 -0
  263. data/third_party/abseil-cpp/absl/flags/usage_config.cc +165 -0
  264. data/third_party/abseil-cpp/absl/flags/usage_config.h +135 -0
  265. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +12 -8
  266. data/third_party/boringssl-with-bazel/err_data.c +728 -712
  267. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +177 -177
  268. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +28 -55
  269. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +21 -23
  270. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +20 -23
  271. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +66 -185
  272. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +18 -21
  273. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +356 -311
  274. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +174 -194
  275. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +146 -210
  276. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +6 -9
  277. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +346 -526
  278. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +110 -131
  279. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +130 -116
  280. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +93 -60
  281. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +93 -181
  282. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +242 -305
  283. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +41 -18
  284. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +30 -33
  285. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +36 -33
  286. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +29 -26
  287. data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +133 -88
  288. data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +230 -0
  289. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +791 -791
  290. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +526 -526
  291. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +114 -135
  292. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +201 -207
  293. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +21 -26
  294. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +55 -68
  295. data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +2 -4
  296. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +11 -7
  297. data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +4 -4
  298. data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +15 -9
  299. data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +4 -4
  300. data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +17 -10
  301. data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -3
  302. data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -13
  303. data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -6
  304. data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -0
  305. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +9 -5
  306. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +10 -23
  307. data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +2 -6
  308. data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +2 -1
  309. data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +29 -28
  310. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +161 -201
  311. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +254 -39
  312. data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +2 -2
  313. data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -2
  314. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +4 -4
  315. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +9 -8
  316. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +37 -75
  317. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +8 -10
  318. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/cipher → cipher_extra}/e_des.c +100 -78
  319. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +1 -0
  320. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +1 -0
  321. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +2 -0
  322. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +6 -12
  323. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +14 -11
  324. data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +6 -10
  325. data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -1
  326. data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +12 -0
  327. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +74 -0
  328. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +62 -0
  329. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-fuchsia.c → cpu_aarch64_fuchsia.c} +8 -7
  330. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-linux.c → cpu_aarch64_linux.c} +6 -4
  331. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-win.c → cpu_aarch64_win.c} +4 -4
  332. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm.c → cpu_arm.c} +1 -1
  333. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +55 -0
  334. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.c → cpu_arm_linux.c} +11 -90
  335. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.h → cpu_arm_linux.h} +0 -38
  336. data/third_party/boringssl-with-bazel/src/crypto/{cpu-intel.c → cpu_intel.c} +1 -2
  337. data/third_party/boringssl-with-bazel/src/crypto/crypto.c +25 -20
  338. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +16 -27
  339. data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +17 -32
  340. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/des.c +232 -232
  341. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/internal.h +1 -1
  342. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +1 -0
  343. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +232 -29
  344. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -3
  345. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +39 -16
  346. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +37 -7
  347. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
  348. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +11 -36
  349. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +214 -99
  350. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +21 -5
  351. data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +2 -4
  352. data/third_party/boringssl-with-bazel/src/crypto/err/err.c +83 -60
  353. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +46 -12
  354. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +3 -3
  355. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +25 -23
  356. data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +43 -9
  357. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +75 -44
  358. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +19 -25
  359. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +96 -45
  360. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +7 -8
  361. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +26 -23
  362. data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +233 -0
  363. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +5 -5
  364. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +42 -25
  365. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +4 -5
  366. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +35 -47
  367. data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +135 -244
  368. data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +2 -4
  369. data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +15 -10
  370. data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +29 -15
  371. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -2
  372. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +13 -14
  373. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +3 -13
  374. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +13 -7
  375. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +9 -7
  376. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +35 -27
  377. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +16 -26
  378. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +88 -60
  379. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +4 -3
  380. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -2
  381. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +1 -1
  382. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
  383. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +99 -113
  384. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -1
  385. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +5 -3
  386. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +112 -168
  387. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +86 -31
  388. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +11 -6
  389. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +4 -5
  390. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +4 -5
  391. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +13 -0
  392. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +13 -5
  393. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +19 -108
  394. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +19 -15
  395. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +15 -16
  396. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +22 -21
  397. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +3 -0
  398. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +79 -19
  399. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +102 -99
  400. data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → fipsmodule/cipher}/e_aesccm.c +52 -46
  401. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +39 -0
  402. data/third_party/boringssl-with-bazel/src/crypto/{cmac → fipsmodule/cmac}/cmac.c +55 -11
  403. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +2 -3
  404. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +21 -6
  405. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +56 -0
  406. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +5 -3
  407. data/third_party/boringssl-with-bazel/src/crypto/{evp → fipsmodule/digestsign}/digestsign.c +51 -15
  408. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +25 -25
  409. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +91 -17
  410. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +5 -5
  411. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +34 -12
  412. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +54 -23
  413. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +44 -60
  414. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64-table.h → p256-nistz-table.h} +1 -1
  415. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.c → p256-nistz.c} +60 -53
  416. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.h → p256-nistz.h} +5 -13
  417. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +48 -36
  418. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +2 -8
  419. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +2 -7
  420. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +2 -3
  421. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -1
  422. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +8 -0
  423. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +42 -14
  424. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +6 -0
  425. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +52 -24
  426. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +9 -15
  427. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +1 -4
  428. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +2 -4
  429. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +71 -43
  430. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +14 -16
  431. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -4
  432. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +31 -13
  433. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +16 -8
  434. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +3 -2
  435. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +2 -2
  436. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +9 -38
  437. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +73 -59
  438. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -45
  439. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -1
  440. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +22 -0
  441. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +63 -52
  442. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +107 -62
  443. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +58 -31
  444. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +41 -0
  445. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +523 -422
  446. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +89 -0
  447. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +334 -0
  448. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +3 -12
  449. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +2 -0
  450. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +12 -8
  451. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +14 -12
  452. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +19 -6
  453. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +32 -14
  454. data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +65 -29
  455. data/third_party/boringssl-with-bazel/src/crypto/internal.h +373 -18
  456. data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +61 -0
  457. data/third_party/boringssl-with-bazel/src/crypto/kyber/keccak.c +205 -0
  458. data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +13 -1
  459. data/third_party/boringssl-with-bazel/src/crypto/mem.c +220 -13
  460. data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -7
  461. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +13 -1
  462. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +81 -90
  463. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +150 -245
  464. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +629 -613
  465. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +17 -17
  466. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +142 -149
  467. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +99 -131
  468. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -1
  469. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -1
  470. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -1
  471. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -3
  472. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -66
  473. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +31 -38
  474. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +2 -1
  475. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +18 -31
  476. data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
  477. data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +8 -1
  478. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +129 -5
  479. data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +0 -2
  480. data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +3 -4
  481. data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +8 -11
  482. data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +61 -27
  483. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +10 -13
  484. data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +10 -13
  485. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +66 -34
  486. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +190 -77
  487. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +81 -284
  488. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +109 -42
  489. data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +22 -24
  490. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +54 -55
  491. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +32 -34
  492. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +32 -16
  493. data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +465 -704
  494. data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +284 -331
  495. data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +183 -178
  496. data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +11 -15
  497. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +67 -50
  498. data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +153 -150
  499. data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +786 -0
  500. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +95 -102
  501. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +72 -57
  502. data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +12 -10
  503. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +227 -252
  504. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +52 -47
  505. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +3 -4
  506. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +230 -224
  507. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +161 -327
  508. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +37 -33
  509. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +14 -31
  510. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +55 -85
  511. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +534 -618
  512. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +129 -122
  513. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +116 -182
  514. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +132 -132
  515. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +181 -202
  516. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +64 -79
  517. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +175 -160
  518. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1865 -2050
  519. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +433 -462
  520. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +156 -163
  521. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +267 -263
  522. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +40 -15
  523. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +59 -63
  524. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +63 -67
  525. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +114 -144
  526. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +25 -26
  527. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +326 -415
  528. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +8 -7
  529. data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +30 -28
  530. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +354 -370
  531. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +37 -32
  532. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +116 -119
  533. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +36 -26
  534. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +3 -4
  535. data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +10 -13
  536. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +3 -4
  537. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +419 -261
  538. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +113 -105
  539. data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +11 -15
  540. data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +78 -170
  541. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +126 -131
  542. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +3 -4
  543. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +465 -469
  544. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +56 -54
  545. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +46 -49
  546. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +309 -346
  547. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +341 -365
  548. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +429 -393
  549. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +29 -24
  550. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +65 -59
  551. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +125 -121
  552. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +43 -42
  553. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +122 -125
  554. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +50 -20
  555. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +247 -253
  556. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +386 -389
  557. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +45 -32
  558. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +57 -54
  559. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +63 -67
  560. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +143 -136
  561. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +664 -707
  562. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +83 -75
  563. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1062 -1146
  564. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +8 -4
  565. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +28 -48
  566. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +211 -187
  567. data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +26 -78
  568. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +19 -14
  569. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +21 -2
  570. data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +49 -17
  571. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +99 -29
  572. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +49 -60
  573. data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +2 -15
  574. data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +16 -200
  575. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +34 -0
  576. data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +82 -0
  577. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +32 -30
  578. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +7 -0
  579. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
  580. data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +48 -5
  581. data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +37 -8
  582. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -0
  583. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +33 -5
  584. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +22 -30
  585. data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
  586. data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +7 -0
  587. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +41 -16
  588. data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +91 -0
  589. data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +74 -8
  590. data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +13 -0
  591. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -0
  592. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +11 -15
  593. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +8 -0
  594. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +12 -1
  595. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +7 -4
  596. data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +96 -0
  597. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +13 -21
  598. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +139 -75
  599. data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -6
  600. data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +384 -286
  601. data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +5 -6
  602. data/third_party/boringssl-with-bazel/src/include/openssl/time.h +41 -0
  603. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +18 -7
  604. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +49 -23
  605. data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +0 -11
  606. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1592 -1074
  607. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +202 -205
  608. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -2
  609. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +6 -13
  610. data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +17 -18
  611. data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +4 -5
  612. data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +25 -33
  613. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +34 -20
  614. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +65 -34
  615. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +198 -54
  616. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +5 -5
  617. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +32 -28
  618. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +76 -44
  619. data/third_party/boringssl-with-bazel/src/ssl/internal.h +130 -98
  620. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +27 -11
  621. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
  622. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +91 -75
  623. data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +8 -10
  624. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +39 -65
  625. data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -0
  626. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +5 -9
  627. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +30 -33
  628. data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +77 -100
  629. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +120 -107
  630. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +164 -30
  631. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +150 -60
  632. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +22 -11
  633. data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +22 -6
  634. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +15 -13
  635. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +5 -43
  636. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +7 -4
  637. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +2 -2
  638. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +22 -34
  639. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +2 -2
  640. data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +16 -98
  641. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +1241 -657
  642. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +751 -398
  643. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3551 -1938
  644. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1272 -487
  645. metadata +103 -70
  646. data/src/core/ext/filters/client_channel/lb_call_state_internal.h +0 -39
  647. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +0 -30
  648. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +0 -29
  649. data/src/core/lib/gprpp/global_config.h +0 -93
  650. data/src/core/lib/gprpp/global_config_env.cc +0 -140
  651. data/src/core/lib/gprpp/global_config_env.h +0 -133
  652. data/src/core/lib/gprpp/global_config_generic.h +0 -40
  653. data/src/core/lib/promise/intra_activity_waiter.h +0 -55
  654. data/src/core/lib/security/security_connector/ssl_utils_config.cc +0 -32
  655. data/src/core/lib/security/security_connector/ssl_utils_config.h +0 -29
  656. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +0 -195
  657. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +0 -83
  658. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +0 -236
  659. data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +0 -15
  660. data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +0 -206
  661. data/third_party/boringssl-with-bazel/src/crypto/cpu-ppc64le.c +0 -38
  662. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +0 -361
  663. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +0 -287
  664. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +0 -132
  665. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +0 -155
  666. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +0 -131
  667. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +0 -189
  668. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +0 -843
  669. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +0 -289
  670. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +0 -57
  671. /data/src/core/lib/gpr/{log_android.cc → android/log.cc} +0 -0
  672. /data/src/core/lib/gpr/{cpu_iphone.cc → iphone/cpu.cc} +0 -0
  673. /data/src/core/lib/gpr/{cpu_linux.cc → linux/cpu.cc} +0 -0
  674. /data/src/core/lib/gpr/{log_linux.cc → linux/log.cc} +0 -0
  675. /data/src/core/lib/gpr/{tmpfile_msys.cc → msys/tmpfile.cc} +0 -0
  676. /data/src/core/lib/gpr/{cpu_posix.cc → posix/cpu.cc} +0 -0
  677. /data/src/core/lib/gpr/{log_posix.cc → posix/log.cc} +0 -0
  678. /data/src/core/lib/gpr/{string_posix.cc → posix/string.cc} +0 -0
  679. /data/src/core/lib/gpr/{sync_posix.cc → posix/sync.cc} +0 -0
  680. /data/src/core/lib/gpr/{time_posix.cc → posix/time.cc} +0 -0
  681. /data/src/core/lib/gpr/{tmpfile_posix.cc → posix/tmpfile.cc} +0 -0
  682. /data/src/core/lib/gpr/{cpu_windows.cc → windows/cpu.cc} +0 -0
  683. /data/src/core/lib/gpr/{log_windows.cc → windows/log.cc} +0 -0
  684. /data/src/core/lib/gpr/{string_windows.cc → windows/string.cc} +0 -0
  685. /data/src/core/lib/gpr/{string_util_windows.cc → windows/string_util.cc} +0 -0
  686. /data/src/core/lib/gpr/{sync_windows.cc → windows/sync.cc} +0 -0
  687. /data/src/core/lib/gpr/{time_windows.cc → windows/time.cc} +0 -0
  688. /data/src/core/lib/gpr/{tmpfile_windows.cc → windows/tmpfile.cc} +0 -0
  689. /data/src/core/lib/gprpp/{env_linux.cc → linux/env.cc} +0 -0
  690. /data/src/core/lib/gprpp/{env_posix.cc → posix/env.cc} +0 -0
  691. /data/src/core/lib/gprpp/{stat_posix.cc → posix/stat.cc} +0 -0
  692. /data/src/core/lib/gprpp/{env_windows.cc → windows/env.cc} +0 -0
  693. /data/src/core/lib/gprpp/{stat_windows.cc → windows/stat.cc} +0 -0
@@ -57,8 +57,10 @@
57
57
 
58
58
  #include <openssl/err.h>
59
59
 
60
- #include "internal.h"
61
- #include "../fipsmodule/digest/internal.h"
60
+ #include "../../evp/internal.h"
61
+ #include "../delocate.h"
62
+ #include "../digest/internal.h"
63
+ #include "../service_indicator/internal.h"
62
64
 
63
65
 
64
66
  enum evp_sign_verify_t {
@@ -66,9 +68,9 @@ enum evp_sign_verify_t {
66
68
  evp_verify,
67
69
  };
68
70
 
69
- static const struct evp_md_pctx_ops md_pctx_ops = {
70
- EVP_PKEY_CTX_free,
71
- EVP_PKEY_CTX_dup,
71
+ DEFINE_LOCAL_DATA(struct evp_md_pctx_ops, md_pctx_ops) {
72
+ out->free = EVP_PKEY_CTX_free;
73
+ out->dup = EVP_PKEY_CTX_dup;
72
74
  };
73
75
 
74
76
  static int uses_prehash(EVP_MD_CTX *ctx, enum evp_sign_verify_t op) {
@@ -85,7 +87,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
85
87
  if (ctx->pctx == NULL) {
86
88
  return 0;
87
89
  }
88
- ctx->pctx_ops = &md_pctx_ops;
90
+ ctx->pctx_ops = md_pctx_ops();
89
91
 
90
92
  if (op == evp_verify) {
91
93
  if (!EVP_PKEY_verify_init(ctx->pctx)) {
@@ -159,11 +161,17 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, uint8_t *out_sig,
159
161
  uint8_t md[EVP_MAX_MD_SIZE];
160
162
  unsigned int mdlen;
161
163
 
164
+ FIPS_service_indicator_lock_state();
162
165
  EVP_MD_CTX_init(&tmp_ctx);
163
166
  ret = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) &&
164
167
  EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen) &&
165
168
  EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, md, mdlen);
166
169
  EVP_MD_CTX_cleanup(&tmp_ctx);
170
+ FIPS_service_indicator_unlock_state();
171
+
172
+ if (ret) {
173
+ EVP_DigestSign_verify_service_indicator(ctx);
174
+ }
167
175
 
168
176
  return ret;
169
177
  } else {
@@ -184,48 +192,76 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const uint8_t *sig,
184
192
  uint8_t md[EVP_MAX_MD_SIZE];
185
193
  unsigned int mdlen;
186
194
 
195
+ FIPS_service_indicator_lock_state();
187
196
  EVP_MD_CTX_init(&tmp_ctx);
188
197
  ret = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) &&
189
198
  EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen) &&
190
199
  EVP_PKEY_verify(ctx->pctx, sig, sig_len, md, mdlen);
200
+ FIPS_service_indicator_unlock_state();
191
201
  EVP_MD_CTX_cleanup(&tmp_ctx);
192
202
 
203
+ if (ret) {
204
+ EVP_DigestVerify_verify_service_indicator(ctx);
205
+ }
206
+
193
207
  return ret;
194
208
  }
195
209
 
196
210
  int EVP_DigestSign(EVP_MD_CTX *ctx, uint8_t *out_sig, size_t *out_sig_len,
197
211
  const uint8_t *data, size_t data_len) {
212
+ FIPS_service_indicator_lock_state();
213
+ int ret = 0;
214
+
198
215
  if (uses_prehash(ctx, evp_sign)) {
199
216
  // If |out_sig| is NULL, the caller is only querying the maximum output
200
217
  // length. |data| should only be incorporated in the final call.
201
218
  if (out_sig != NULL &&
202
219
  !EVP_DigestSignUpdate(ctx, data, data_len)) {
203
- return 0;
220
+ goto end;
204
221
  }
205
222
 
206
- return EVP_DigestSignFinal(ctx, out_sig, out_sig_len);
223
+ ret = EVP_DigestSignFinal(ctx, out_sig, out_sig_len);
224
+ goto end;
207
225
  }
208
226
 
209
227
  if (ctx->pctx->pmeth->sign_message == NULL) {
210
228
  OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
211
- return 0;
229
+ goto end;
212
230
  }
213
231
 
214
- return ctx->pctx->pmeth->sign_message(ctx->pctx, out_sig, out_sig_len, data,
215
- data_len);
232
+ ret = ctx->pctx->pmeth->sign_message(ctx->pctx, out_sig, out_sig_len, data,
233
+ data_len);
234
+
235
+ end:
236
+ FIPS_service_indicator_unlock_state();
237
+ if (ret) {
238
+ EVP_DigestSign_verify_service_indicator(ctx);
239
+ }
240
+ return ret;
216
241
  }
217
242
 
218
243
  int EVP_DigestVerify(EVP_MD_CTX *ctx, const uint8_t *sig, size_t sig_len,
219
244
  const uint8_t *data, size_t len) {
245
+ FIPS_service_indicator_lock_state();
246
+ int ret = 0;
247
+
220
248
  if (uses_prehash(ctx, evp_verify)) {
221
- return EVP_DigestVerifyUpdate(ctx, data, len) &&
222
- EVP_DigestVerifyFinal(ctx, sig, sig_len);
249
+ ret = EVP_DigestVerifyUpdate(ctx, data, len) &&
250
+ EVP_DigestVerifyFinal(ctx, sig, sig_len);
251
+ goto end;
223
252
  }
224
253
 
225
254
  if (ctx->pctx->pmeth->verify_message == NULL) {
226
255
  OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
227
- return 0;
256
+ goto end;
228
257
  }
229
258
 
230
- return ctx->pctx->pmeth->verify_message(ctx->pctx, sig, sig_len, data, len);
259
+ ret = ctx->pctx->pmeth->verify_message(ctx->pctx, sig, sig_len, data, len);
260
+
261
+ end:
262
+ FIPS_service_indicator_unlock_state();
263
+ if (ret) {
264
+ EVP_DigestVerify_verify_service_indicator(ctx);
265
+ }
266
+ return ret;
231
267
  }
@@ -246,7 +246,8 @@ DEFINE_METHOD_FUNCTION(struct built_in_curves, OPENSSL_built_in_curves) {
246
246
  out->curves[2].param_len = 32;
247
247
  out->curves[2].params = kP256Params;
248
248
  out->curves[2].method =
249
- #if !defined(OPENSSL_NO_ASM) && defined(OPENSSL_X86_64) && \
249
+ #if !defined(OPENSSL_NO_ASM) && \
250
+ (defined(OPENSSL_X86_64) || defined(OPENSSL_AARCH64)) && \
250
251
  !defined(OPENSSL_SMALL)
251
252
  EC_GFp_nistz256_method();
252
253
  #else
@@ -284,7 +285,6 @@ EC_GROUP *ec_group_new(const EC_METHOD *meth) {
284
285
 
285
286
  ret = OPENSSL_malloc(sizeof(EC_GROUP));
286
287
  if (ret == NULL) {
287
- OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
288
288
  return NULL;
289
289
  }
290
290
  OPENSSL_memset(ret, 0, sizeof(EC_GROUP));
@@ -446,7 +446,6 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) {
446
446
 
447
447
  BN_CTX *ctx = BN_CTX_new();
448
448
  if (ctx == NULL) {
449
- OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
450
449
  goto err;
451
450
  }
452
451
 
@@ -685,7 +684,6 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group) {
685
684
 
686
685
  EC_POINT *ret = OPENSSL_malloc(sizeof *ret);
687
686
  if (ret == NULL) {
688
- OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
689
687
  return NULL;
690
688
  }
691
689
 
@@ -943,8 +941,9 @@ static int arbitrary_bignum_to_scalar(const EC_GROUP *group, EC_SCALAR *out,
943
941
  return ok;
944
942
  }
945
943
 
946
- int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar,
947
- const EC_POINT *p, const BIGNUM *p_scalar, BN_CTX *ctx) {
944
+ int ec_point_mul_no_self_test(const EC_GROUP *group, EC_POINT *r,
945
+ const BIGNUM *g_scalar, const EC_POINT *p,
946
+ const BIGNUM *p_scalar, BN_CTX *ctx) {
948
947
  // Previously, this function set |r| to the point at infinity if there was
949
948
  // nothing to multiply. But, nobody should be calling this function with
950
949
  // nothing to multiply in the first place.
@@ -1010,6 +1009,13 @@ err:
1010
1009
  return ret;
1011
1010
  }
1012
1011
 
1012
+ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar,
1013
+ const EC_POINT *p, const BIGNUM *p_scalar, BN_CTX *ctx) {
1014
+ boringssl_ensure_ecc_self_test();
1015
+
1016
+ return ec_point_mul_no_self_test(group, r, g_scalar, p, p_scalar, ctx);
1017
+ }
1018
+
1013
1019
  int ec_point_mul_scalar_public(const EC_GROUP *group, EC_RAW_POINT *r,
1014
1020
  const EC_SCALAR *g_scalar, const EC_RAW_POINT *p,
1015
1021
  const EC_SCALAR *p_scalar) {
@@ -1146,8 +1152,8 @@ void ec_affine_select(const EC_GROUP *group, EC_AFFINE *out, BN_ULONG mask,
1146
1152
 
1147
1153
  void ec_precomp_select(const EC_GROUP *group, EC_PRECOMP *out, BN_ULONG mask,
1148
1154
  const EC_PRECOMP *a, const EC_PRECOMP *b) {
1149
- OPENSSL_STATIC_ASSERT(sizeof(out->comb) == sizeof(*out),
1150
- "out->comb does not span the entire structure");
1155
+ static_assert(sizeof(out->comb) == sizeof(*out),
1156
+ "out->comb does not span the entire structure");
1151
1157
  for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(out->comb); i++) {
1152
1158
  ec_affine_select(group, &out->comb[i], mask, &a->comb[i], &b->comb[i]);
1153
1159
  }
@@ -1166,15 +1172,12 @@ int ec_get_x_coordinate_as_scalar(const EC_GROUP *group, EC_SCALAR *out,
1166
1172
  return 0;
1167
1173
  }
1168
1174
 
1169
- // For simplicity, in case of width mismatches between |group->field| and
1170
- // |group->order|, zero any untouched words in |out|.
1171
- OPENSSL_memset(out, 0, sizeof(EC_SCALAR));
1172
- for (size_t i = 0; i < len; i++) {
1173
- out->bytes[len - i - 1] = bytes[i];
1174
- }
1175
-
1176
- // We must have p < 2×order, assuming p is not tiny (p >= 17). Thus rather we
1177
- // can reduce by performing at most one subtraction.
1175
+ // The x-coordinate is bounded by p, but we need a scalar, bounded by the
1176
+ // order. These may not have the same size. However, we must have p < 2×order,
1177
+ // assuming p is not tiny (p >= 17).
1178
+ //
1179
+ // Thus |bytes| will fit in |order.width + 1| words, and we can reduce by
1180
+ // performing at most one subtraction.
1178
1181
  //
1179
1182
  // Proof: We only work with prime order curves, so the number of points on
1180
1183
  // the curve is the order. Thus Hasse's theorem gives:
@@ -1188,14 +1191,11 @@ int ec_get_x_coordinate_as_scalar(const EC_GROUP *group, EC_SCALAR *out,
1188
1191
  //
1189
1192
  // Additionally, one can manually check this property for built-in curves. It
1190
1193
  // is enforced for legacy custom curves in |EC_GROUP_set_generator|.
1191
-
1192
- // The above does not guarantee |group->field| is not one word larger than
1193
- // |group->order|, so read one extra carry word.
1194
- BN_ULONG tmp[EC_MAX_WORDS];
1195
- BN_ULONG carry =
1196
- group->order.width < EC_MAX_WORDS ? out->words[group->order.width] : 0;
1197
- bn_reduce_once_in_place(out->words, carry, group->order.d, tmp,
1198
- group->order.width);
1194
+ const BIGNUM *order = &group->order;
1195
+ BN_ULONG words[EC_MAX_WORDS + 1] = {0};
1196
+ bn_big_endian_to_words(words, order->width + 1, bytes, len);
1197
+ bn_reduce_once(out->words, words, /*carry=*/words[order->width], order->d,
1198
+ order->width);
1199
1199
  return 1;
1200
1200
  }
1201
1201
 
@@ -79,6 +79,7 @@
79
79
 
80
80
  #include "internal.h"
81
81
  #include "../delocate.h"
82
+ #include "../service_indicator/internal.h"
82
83
  #include "../../internal.h"
83
84
 
84
85
 
@@ -87,7 +88,6 @@ DEFINE_STATIC_EX_DATA_CLASS(g_ec_ex_data_class)
87
88
  static EC_WRAPPED_SCALAR *ec_wrapped_scalar_new(const EC_GROUP *group) {
88
89
  EC_WRAPPED_SCALAR *wrapped = OPENSSL_malloc(sizeof(EC_WRAPPED_SCALAR));
89
90
  if (wrapped == NULL) {
90
- OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
91
91
  return NULL;
92
92
  }
93
93
 
@@ -108,7 +108,6 @@ EC_KEY *EC_KEY_new(void) { return EC_KEY_new_method(NULL); }
108
108
  EC_KEY *EC_KEY_new_method(const ENGINE *engine) {
109
109
  EC_KEY *ret = OPENSSL_malloc(sizeof(EC_KEY));
110
110
  if (ret == NULL) {
111
- OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
112
111
  return NULL;
113
112
  }
114
113
 
@@ -141,7 +140,6 @@ EC_KEY *EC_KEY_new_method(const ENGINE *engine) {
141
140
  EC_KEY *EC_KEY_new_by_curve_name(int nid) {
142
141
  EC_KEY *ret = EC_KEY_new();
143
142
  if (ret == NULL) {
144
- OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
145
143
  return NULL;
146
144
  }
147
145
  ret->group = EC_GROUP_new_by_curve_name(nid);
@@ -246,8 +244,9 @@ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key) {
246
244
  if (scalar == NULL) {
247
245
  return 0;
248
246
  }
249
- if (!ec_bignum_to_scalar(key->group, &scalar->scalar, priv_key)) {
250
- OPENSSL_PUT_ERROR(EC, EC_R_WRONG_ORDER);
247
+ if (!ec_bignum_to_scalar(key->group, &scalar->scalar, priv_key) ||
248
+ ec_scalar_is_zero(key->group, &scalar->scalar)) {
249
+ OPENSSL_PUT_ERROR(EC, EC_R_INVALID_PRIVATE_KEY);
251
250
  ec_wrapped_scalar_free(scalar);
252
251
  return 0;
253
252
  }
@@ -308,6 +307,9 @@ int EC_KEY_check_key(const EC_KEY *eckey) {
308
307
  }
309
308
 
310
309
  // Check the public and private keys match.
310
+ //
311
+ // NOTE: this is a FIPS pair-wise consistency check for the ECDH case. See SP
312
+ // 800-56Ar3, page 36.
311
313
  if (eckey->priv_key != NULL) {
312
314
  EC_RAW_POINT point;
313
315
  if (!ec_point_mul_scalar_base(eckey->group, &point,
@@ -326,32 +328,43 @@ int EC_KEY_check_key(const EC_KEY *eckey) {
326
328
  }
327
329
 
328
330
  int EC_KEY_check_fips(const EC_KEY *key) {
331
+ int ret = 0;
332
+ FIPS_service_indicator_lock_state();
333
+
329
334
  if (EC_KEY_is_opaque(key)) {
330
335
  // Opaque keys can't be checked.
331
336
  OPENSSL_PUT_ERROR(EC, EC_R_PUBLIC_KEY_VALIDATION_FAILED);
332
- return 0;
337
+ goto end;
333
338
  }
334
339
 
335
340
  if (!EC_KEY_check_key(key)) {
336
- return 0;
341
+ goto end;
337
342
  }
338
343
 
339
344
  if (key->priv_key) {
340
345
  uint8_t data[16] = {0};
341
346
  ECDSA_SIG *sig = ECDSA_do_sign(data, sizeof(data), key);
342
- #if defined(BORINGSSL_FIPS_BREAK_ECDSA_PWCT)
343
- data[0] = ~data[0];
344
- #endif
347
+ if (boringssl_fips_break_test("ECDSA_PWCT")) {
348
+ data[0] = ~data[0];
349
+ }
345
350
  int ok = sig != NULL &&
346
351
  ECDSA_do_verify(data, sizeof(data), sig, key);
347
352
  ECDSA_SIG_free(sig);
348
353
  if (!ok) {
349
354
  OPENSSL_PUT_ERROR(EC, EC_R_PUBLIC_KEY_VALIDATION_FAILED);
350
- return 0;
355
+ goto end;
351
356
  }
352
357
  }
353
358
 
354
- return 1;
359
+ ret = 1;
360
+
361
+ end:
362
+ FIPS_service_indicator_unlock_state();
363
+ if (ret) {
364
+ EC_KEY_keygen_verify_service_indicator(key);
365
+ }
366
+
367
+ return ret;
355
368
  }
356
369
 
357
370
  int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, const BIGNUM *x,
@@ -379,14 +392,73 @@ err:
379
392
  return ok;
380
393
  }
381
394
 
395
+ int EC_KEY_oct2key(EC_KEY *key, const uint8_t *in, size_t len, BN_CTX *ctx) {
396
+ if (key->group == NULL) {
397
+ OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PARAMETERS);
398
+ return 0;
399
+ }
400
+
401
+ EC_POINT *point = EC_POINT_new(key->group);
402
+ int ok = point != NULL &&
403
+ EC_POINT_oct2point(key->group, point, in, len, ctx) &&
404
+ EC_KEY_set_public_key(key, point);
405
+ EC_POINT_free(point);
406
+ return ok;
407
+ }
408
+
382
409
  size_t EC_KEY_key2buf(const EC_KEY *key, point_conversion_form_t form,
383
- unsigned char **out_buf, BN_CTX *ctx) {
410
+ uint8_t **out_buf, BN_CTX *ctx) {
384
411
  if (key == NULL || key->pub_key == NULL || key->group == NULL) {
412
+ OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PARAMETERS);
385
413
  return 0;
386
414
  }
387
415
 
388
- const size_t len =
389
- EC_POINT_point2oct(key->group, key->pub_key, form, NULL, 0, ctx);
416
+ return EC_POINT_point2buf(key->group, key->pub_key, form, out_buf, ctx);
417
+ }
418
+
419
+ int EC_KEY_oct2priv(EC_KEY *key, const uint8_t *in, size_t len) {
420
+ if (key->group == NULL) {
421
+ OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PARAMETERS);
422
+ return 0;
423
+ }
424
+
425
+ if (len != BN_num_bytes(EC_GROUP_get0_order(key->group))) {
426
+ OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR);
427
+ return 0;
428
+ }
429
+
430
+ BIGNUM *priv_key = BN_bin2bn(in, len, NULL);
431
+ int ok = priv_key != NULL && //
432
+ EC_KEY_set_private_key(key, priv_key);
433
+ BN_free(priv_key);
434
+ return ok;
435
+ }
436
+
437
+ size_t EC_KEY_priv2oct(const EC_KEY *key, uint8_t *out, size_t max_out) {
438
+ if (key->group == NULL || key->priv_key == NULL) {
439
+ OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PARAMETERS);
440
+ return 0;
441
+ }
442
+
443
+ size_t len = BN_num_bytes(EC_GROUP_get0_order(key->group));
444
+ if (out == NULL) {
445
+ return len;
446
+ }
447
+
448
+ if (max_out < len) {
449
+ OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL);
450
+ return 0;
451
+ }
452
+
453
+ size_t bytes_written;
454
+ ec_scalar_to_bytes(key->group, out, &bytes_written, &key->priv_key->scalar);
455
+ assert(bytes_written == len);
456
+ return len;
457
+ }
458
+
459
+ size_t EC_KEY_priv2buf(const EC_KEY *key, uint8_t **out_buf) {
460
+ *out_buf = NULL;
461
+ size_t len = EC_KEY_priv2oct(key, NULL, 0);
390
462
  if (len == 0) {
391
463
  return 0;
392
464
  }
@@ -396,8 +468,8 @@ size_t EC_KEY_key2buf(const EC_KEY *key, point_conversion_form_t form,
396
468
  return 0;
397
469
  }
398
470
 
399
- if (EC_POINT_point2oct(key->group, key->pub_key, form, buf, len, ctx) !=
400
- len) {
471
+ len = EC_KEY_priv2oct(key, buf, len);
472
+ if (len == 0) {
401
473
  OPENSSL_free(buf);
402
474
  return 0;
403
475
  }
@@ -439,6 +511,8 @@ int EC_KEY_generate_key(EC_KEY *key) {
439
511
  }
440
512
 
441
513
  int EC_KEY_generate_key_fips(EC_KEY *eckey) {
514
+ boringssl_ensure_ecc_self_test();
515
+
442
516
  if (EC_KEY_generate_key(eckey) && EC_KEY_check_fips(eckey)) {
443
517
  return 1;
444
518
  }
@@ -156,8 +156,8 @@ int ec_GFp_mont_felem_from_bytes(const EC_GROUP *group, EC_FELEM *out,
156
156
  return 1;
157
157
  }
158
158
 
159
- static void ec_GFp_mont_felem_reduce(const EC_GROUP *group, EC_FELEM *out,
160
- const BN_ULONG *words, size_t num) {
159
+ void ec_GFp_mont_felem_reduce(const EC_GROUP *group, EC_FELEM *out,
160
+ const BN_ULONG *words, size_t num) {
161
161
  // Convert "from" Montgomery form so the value is reduced mod p.
162
162
  bn_from_montgomery_small(out->words, group->field.width, words, num,
163
163
  group->mont);
@@ -167,9 +167,9 @@ static void ec_GFp_mont_felem_reduce(const EC_GROUP *group, EC_FELEM *out,
167
167
  ec_GFp_mont_felem_to_montgomery(group, out, out);
168
168
  }
169
169
 
170
- static void ec_GFp_mont_felem_exp(const EC_GROUP *group, EC_FELEM *out,
171
- const EC_FELEM *a, const BN_ULONG *exp,
172
- size_t num_exp) {
170
+ void ec_GFp_mont_felem_exp(const EC_GROUP *group, EC_FELEM *out,
171
+ const EC_FELEM *a, const BN_ULONG *exp,
172
+ size_t num_exp) {
173
173
  bn_mod_exp_mont_small(out->words, a->words, group->field.width, exp, num_exp,
174
174
  group->mont);
175
175
  }
@@ -70,10 +70,11 @@
70
70
 
71
71
  #include <openssl/base.h>
72
72
 
73
+ #include <assert.h>
74
+
73
75
  #include <openssl/bn.h>
74
76
  #include <openssl/ec.h>
75
77
  #include <openssl/ex_data.h>
76
- #include <openssl/type_check.h>
77
78
 
78
79
  #include "../bn/internal.h"
79
80
 
@@ -91,8 +92,8 @@ extern "C" {
91
92
  #define EC_MAX_BYTES 66
92
93
  #define EC_MAX_WORDS ((EC_MAX_BYTES + BN_BYTES - 1) / BN_BYTES)
93
94
 
94
- OPENSSL_STATIC_ASSERT(EC_MAX_WORDS <= BN_SMALL_MAX_WORDS,
95
- "bn_*_small functions not usable");
95
+ static_assert(EC_MAX_WORDS <= BN_SMALL_MAX_WORDS,
96
+ "bn_*_small functions not usable");
96
97
 
97
98
 
98
99
  // Scalars.
@@ -100,9 +101,7 @@ OPENSSL_STATIC_ASSERT(EC_MAX_WORDS <= BN_SMALL_MAX_WORDS,
100
101
  // An EC_SCALAR is an integer fully reduced modulo the order. Only the first
101
102
  // |order->width| words are used. An |EC_SCALAR| is specific to an |EC_GROUP|
102
103
  // and must not be mixed between groups.
103
- typedef union {
104
- // bytes is the representation of the scalar in little-endian order.
105
- uint8_t bytes[EC_MAX_BYTES];
104
+ typedef struct {
106
105
  BN_ULONG words[EC_MAX_WORDS];
107
106
  } EC_SCALAR;
108
107
 
@@ -192,9 +191,7 @@ void ec_scalar_select(const EC_GROUP *group, EC_SCALAR *out, BN_ULONG mask,
192
191
  // are used. An |EC_FELEM| is specific to an |EC_GROUP| and must not be mixed
193
192
  // between groups. Additionally, the representation (whether or not elements are
194
193
  // represented in Montgomery-form) may vary between |EC_METHOD|s.
195
- typedef union {
196
- // bytes is the representation of the field element in little-endian order.
197
- uint8_t bytes[EC_MAX_BYTES];
194
+ typedef struct {
198
195
  BN_ULONG words[EC_MAX_WORDS];
199
196
  } EC_FELEM;
200
197
 
@@ -301,6 +298,13 @@ int ec_jacobian_to_affine_batch(const EC_GROUP *group, EC_AFFINE *out,
301
298
  int ec_point_set_affine_coordinates(const EC_GROUP *group, EC_AFFINE *out,
302
299
  const EC_FELEM *x, const EC_FELEM *y);
303
300
 
301
+ // ec_point_mul_no_self_test does the same as |EC_POINT_mul|, but doesn't try to
302
+ // run the self-test first. This is for use in the self tests themselves, to
303
+ // prevent an infinite loop.
304
+ int ec_point_mul_no_self_test(const EC_GROUP *group, EC_POINT *r,
305
+ const BIGNUM *g_scalar, const EC_POINT *p,
306
+ const BIGNUM *p_scalar, BN_CTX *ctx);
307
+
304
308
  // ec_point_mul_scalar sets |r| to |p| * |scalar|. Both inputs are considered
305
309
  // secret.
306
310
  int ec_point_mul_scalar(const EC_GROUP *group, EC_RAW_POINT *r,
@@ -435,11 +439,18 @@ int ec_get_x_coordinate_as_bytes(const EC_GROUP *group, uint8_t *out,
435
439
  size_t *out_len, size_t max_out,
436
440
  const EC_RAW_POINT *p);
437
441
 
438
- // ec_point_to_bytes behaves like |EC_POINT_point2oct| but takes an
439
- // |EC_AFFINE|.
442
+ // ec_point_byte_len returns the number of bytes in the byte representation of
443
+ // a non-infinity point in |group|, encoded according to |form|, or zero if
444
+ // |form| is invalid.
445
+ size_t ec_point_byte_len(const EC_GROUP *group, point_conversion_form_t form);
446
+
447
+ // ec_point_to_bytes encodes |point| according to |form| and writes the result
448
+ // |buf|. It returns the size of the output on success or zero on error. At most
449
+ // |max_out| bytes will be written. The buffer should be at least
450
+ // |ec_point_byte_len| long to guarantee success.
440
451
  size_t ec_point_to_bytes(const EC_GROUP *group, const EC_AFFINE *point,
441
452
  point_conversion_form_t form, uint8_t *buf,
442
- size_t len);
453
+ size_t max_out);
443
454
 
444
455
  // ec_point_from_uncompressed parses |in| as a point in uncompressed form and
445
456
  // sets the result to |out|. It returns one on success and zero if the input was
@@ -549,6 +560,12 @@ struct ec_method_st {
549
560
  //
550
561
  // This function is used in hash-to-curve and may be NULL in curves not used
551
562
  // with hash-to-curve.
563
+ //
564
+ // TODO(https://crbug.com/boringssl/567): hash-to-curve uses this as part of
565
+ // computing a square root, which is what compressed coordinates ultimately
566
+ // needs to avoid |BIGNUM|. Can we unify this a bit? By generalizing to
567
+ // arbitrary exponentiation, we also miss an opportunity to use a specialized
568
+ // addition chain.
552
569
  void (*felem_exp)(const EC_GROUP *group, EC_FELEM *out, const EC_FELEM *a,
553
570
  const BN_ULONG *exp, size_t num_exp);
554
571
 
@@ -639,6 +656,11 @@ void ec_GFp_mont_mul_precomp(const EC_GROUP *group, EC_RAW_POINT *r,
639
656
  const EC_PRECOMP *p0, const EC_SCALAR *scalar0,
640
657
  const EC_PRECOMP *p1, const EC_SCALAR *scalar1,
641
658
  const EC_PRECOMP *p2, const EC_SCALAR *scalar2);
659
+ void ec_GFp_mont_felem_reduce(const EC_GROUP *group, EC_FELEM *out,
660
+ const BN_ULONG *words, size_t num);
661
+ void ec_GFp_mont_felem_exp(const EC_GROUP *group, EC_FELEM *out,
662
+ const EC_FELEM *a, const BN_ULONG *exp,
663
+ size_t num_exp);
642
664
 
643
665
  // ec_compute_wNAF writes the modified width-(w+1) Non-Adjacent Form (wNAF) of
644
666
  // |scalar| to |out|. |out| must have room for |bits| + 1 elements, each of