grpc 1.55.0 → 1.56.0.pre3

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (374) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +100 -68
  3. data/include/grpc/event_engine/event_engine.h +4 -3
  4. data/include/grpc/grpc_audit_logging.h +96 -0
  5. data/include/grpc/module.modulemap +2 -0
  6. data/include/grpc/support/json.h +218 -0
  7. data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +5 -0
  8. data/src/core/ext/filters/client_channel/backend_metric.cc +2 -0
  9. data/src/core/ext/filters/client_channel/channel_connectivity.cc +4 -4
  10. data/src/core/ext/filters/client_channel/client_channel.cc +86 -104
  11. data/src/core/ext/filters/client_channel/client_channel.h +6 -0
  12. data/src/core/ext/filters/client_channel/client_channel_channelz.cc +19 -18
  13. data/src/core/ext/filters/client_channel/client_channel_internal.h +16 -21
  14. data/src/core/ext/filters/client_channel/config_selector.h +9 -24
  15. data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +3 -0
  16. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +5 -4
  17. data/src/core/ext/filters/client_channel/lb_policy/health_check_client.cc +455 -0
  18. data/src/core/ext/filters/client_channel/lb_policy/health_check_client.h +54 -0
  19. data/src/core/ext/filters/client_channel/lb_policy/health_check_client_internal.h +186 -0
  20. data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.cc +2 -7
  21. data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.cc +52 -20
  22. data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.h +23 -2
  23. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +19 -6
  24. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +1 -9
  25. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +16 -7
  26. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +18 -1
  27. data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +12 -9
  28. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +6 -4
  29. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +36 -13
  30. data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/static_stride_scheduler.cc +76 -6
  31. data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +32 -39
  32. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +4 -10
  33. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +52 -47
  34. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +1 -9
  35. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +14 -16
  36. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +40 -43
  37. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +7 -12
  38. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_wrr_locality.cc +12 -19
  39. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +35 -33
  40. data/src/core/ext/filters/client_channel/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +29 -4
  41. data/src/core/ext/filters/client_channel/resolver/dns/event_engine/service_config_helper.cc +1 -1
  42. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +28 -27
  43. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +163 -46
  44. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +16 -1
  45. data/src/core/ext/filters/client_channel/retry_service_config.cc +1 -0
  46. data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +10 -40
  47. data/src/core/ext/filters/client_channel/subchannel.cc +10 -196
  48. data/src/core/ext/filters/client_channel/subchannel.h +3 -43
  49. data/src/core/ext/filters/http/message_compress/compression_filter.cc +5 -5
  50. data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +100 -6
  51. data/src/core/ext/filters/server_config_selector/server_config_selector_filter.cc +6 -8
  52. data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +3 -3
  53. data/src/core/ext/filters/stateful_session/stateful_session_filter.h +16 -1
  54. data/src/core/ext/transport/chttp2/transport/flow_control.cc +46 -95
  55. data/src/core/ext/transport/chttp2/transport/internal.h +1 -15
  56. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +11 -2
  57. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +15 -0
  58. data/src/core/ext/xds/certificate_provider_store.cc +4 -9
  59. data/src/core/ext/xds/certificate_provider_store.h +1 -1
  60. data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +30 -42
  61. data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +14 -9
  62. data/src/core/ext/xds/xds_api.cc +9 -6
  63. data/src/core/ext/xds/xds_api.h +3 -2
  64. data/src/core/ext/xds/xds_audit_logger_registry.cc +122 -0
  65. data/src/core/ext/xds/xds_audit_logger_registry.h +68 -0
  66. data/src/core/ext/xds/xds_bootstrap_grpc.cc +21 -9
  67. data/src/core/ext/xds/xds_bootstrap_grpc.h +5 -0
  68. data/src/core/ext/xds/xds_client.cc +5 -4
  69. data/src/core/ext/xds/xds_client_stats.h +1 -1
  70. data/src/core/ext/xds/xds_cluster.cc +20 -19
  71. data/src/core/ext/xds/xds_cluster_specifier_plugin.cc +11 -8
  72. data/src/core/ext/xds/xds_common_types.cc +3 -1
  73. data/src/core/ext/xds/xds_http_fault_filter.cc +16 -13
  74. data/src/core/ext/xds/xds_http_fault_filter.h +2 -1
  75. data/src/core/ext/xds/xds_http_filters.h +4 -2
  76. data/src/core/ext/xds/xds_http_rbac_filter.cc +154 -67
  77. data/src/core/ext/xds/xds_http_rbac_filter.h +2 -1
  78. data/src/core/ext/xds/xds_http_stateful_session_filter.cc +15 -11
  79. data/src/core/ext/xds/xds_http_stateful_session_filter.h +2 -1
  80. data/src/core/ext/xds/xds_lb_policy_registry.cc +22 -16
  81. data/src/core/ext/xds/xds_listener.cc +1 -0
  82. data/src/core/ext/xds/xds_route_config.cc +40 -3
  83. data/src/core/ext/xds/xds_routing.cc +2 -2
  84. data/src/core/ext/xds/xds_transport_grpc.cc +3 -1
  85. data/src/core/lib/avl/avl.h +5 -0
  86. data/src/core/lib/channel/channel_args.cc +80 -22
  87. data/src/core/lib/channel/channel_args.h +34 -1
  88. data/src/core/lib/channel/channel_trace.cc +16 -12
  89. data/src/core/lib/channel/channelz.cc +159 -132
  90. data/src/core/lib/channel/channelz.h +42 -35
  91. data/src/core/lib/channel/channelz_registry.cc +23 -20
  92. data/src/core/lib/channel/connected_channel.cc +17 -6
  93. data/src/core/lib/channel/promise_based_filter.cc +0 -4
  94. data/src/core/lib/channel/promise_based_filter.h +2 -0
  95. data/src/core/lib/compression/compression_internal.cc +2 -5
  96. data/src/core/lib/config/config_vars.cc +20 -18
  97. data/src/core/lib/config/config_vars.h +4 -4
  98. data/src/core/lib/config/load_config.cc +13 -0
  99. data/src/core/lib/config/load_config.h +6 -0
  100. data/src/core/lib/debug/event_log.h +1 -1
  101. data/src/core/lib/debug/stats_data.h +1 -1
  102. data/src/core/lib/debug/trace.cc +24 -55
  103. data/src/core/lib/debug/trace.h +3 -1
  104. data/src/core/lib/event_engine/cf_engine/cf_engine.cc +211 -0
  105. data/src/core/lib/event_engine/cf_engine/cf_engine.h +86 -0
  106. data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +354 -0
  107. data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.h +146 -0
  108. data/src/core/lib/event_engine/cf_engine/cftype_unique_ref.h +79 -0
  109. data/src/core/lib/event_engine/default_event_engine.cc +13 -1
  110. data/src/core/lib/event_engine/default_event_engine_factory.cc +14 -2
  111. data/src/core/lib/event_engine/poller.h +2 -2
  112. data/src/core/lib/event_engine/posix.h +4 -0
  113. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +1 -1
  114. data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +7 -18
  115. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +9 -0
  116. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +33 -19
  117. data/src/core/lib/event_engine/posix_engine/posix_engine.h +1 -1
  118. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +4 -4
  119. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +7 -8
  120. data/src/core/lib/event_engine/posix_engine/timer_manager.h +1 -1
  121. data/src/core/lib/event_engine/shim.cc +7 -1
  122. data/src/core/lib/event_engine/{thread_pool.cc → thread_pool/original_thread_pool.cc} +28 -25
  123. data/src/core/lib/event_engine/{thread_pool.h → thread_pool/original_thread_pool.h} +11 -15
  124. data/src/core/lib/event_engine/thread_pool/thread_pool.h +50 -0
  125. data/src/core/lib/event_engine/{executor/executor.h → thread_pool/thread_pool_factory.cc} +17 -15
  126. data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +489 -0
  127. data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +249 -0
  128. data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +166 -0
  129. data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +108 -0
  130. data/src/core/lib/event_engine/windows/iocp.cc +4 -3
  131. data/src/core/lib/event_engine/windows/iocp.h +3 -3
  132. data/src/core/lib/event_engine/windows/win_socket.cc +6 -6
  133. data/src/core/lib/event_engine/windows/win_socket.h +4 -4
  134. data/src/core/lib/event_engine/windows/windows_endpoint.cc +11 -10
  135. data/src/core/lib/event_engine/windows/windows_endpoint.h +3 -2
  136. data/src/core/lib/event_engine/windows/windows_engine.cc +19 -17
  137. data/src/core/lib/event_engine/windows/windows_engine.h +6 -6
  138. data/src/core/lib/event_engine/windows/windows_listener.cc +3 -3
  139. data/src/core/lib/event_engine/windows/windows_listener.h +3 -2
  140. data/src/core/lib/event_engine/work_queue/basic_work_queue.cc +63 -0
  141. data/src/core/lib/event_engine/work_queue/basic_work_queue.h +71 -0
  142. data/src/core/lib/event_engine/work_queue/work_queue.h +62 -0
  143. data/src/core/lib/experiments/config.cc +38 -7
  144. data/src/core/lib/experiments/config.h +16 -0
  145. data/src/core/lib/experiments/experiments.cc +67 -20
  146. data/src/core/lib/experiments/experiments.h +27 -21
  147. data/src/core/lib/gpr/log_internal.h +55 -0
  148. data/src/core/lib/gprpp/crash.cc +10 -0
  149. data/src/core/lib/gprpp/crash.h +3 -0
  150. data/src/core/lib/gprpp/per_cpu.cc +33 -0
  151. data/src/core/lib/gprpp/per_cpu.h +29 -6
  152. data/src/core/lib/gprpp/time.cc +1 -0
  153. data/src/core/lib/iomgr/cfstream_handle.cc +1 -1
  154. data/src/core/lib/iomgr/endpoint_cfstream.cc +10 -8
  155. data/src/core/lib/iomgr/ev_apple.cc +12 -12
  156. data/src/core/lib/iomgr/ev_epoll1_linux.cc +10 -3
  157. data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +15 -1
  158. data/src/core/lib/iomgr/iocp_windows.cc +24 -3
  159. data/src/core/lib/iomgr/iocp_windows.h +11 -0
  160. data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +1 -1
  161. data/src/core/lib/iomgr/socket_utils_common_posix.cc +4 -2
  162. data/src/core/lib/iomgr/socket_windows.cc +61 -7
  163. data/src/core/lib/iomgr/socket_windows.h +9 -2
  164. data/src/core/lib/iomgr/tcp_client_cfstream.cc +14 -3
  165. data/src/core/lib/iomgr/tcp_server_posix.cc +148 -107
  166. data/src/core/lib/iomgr/tcp_server_utils_posix.h +1 -1
  167. data/src/core/lib/iomgr/tcp_server_windows.cc +1 -1
  168. data/src/core/lib/json/json.h +2 -166
  169. data/src/core/lib/json/json_object_loader.cc +8 -9
  170. data/src/core/lib/json/json_object_loader.h +25 -18
  171. data/src/core/lib/json/json_reader.cc +13 -6
  172. data/src/core/lib/json/json_util.cc +6 -11
  173. data/src/core/lib/json/json_writer.cc +7 -8
  174. data/src/core/lib/load_balancing/lb_policy.h +13 -0
  175. data/src/core/lib/load_balancing/lb_policy_registry.cc +2 -1
  176. data/src/core/lib/matchers/matchers.cc +3 -4
  177. data/src/core/lib/matchers/matchers.h +2 -1
  178. data/src/core/lib/promise/activity.cc +5 -0
  179. data/src/core/lib/promise/activity.h +10 -0
  180. data/src/core/lib/promise/detail/promise_factory.h +1 -1
  181. data/src/core/lib/promise/party.cc +31 -13
  182. data/src/core/lib/promise/party.h +11 -2
  183. data/src/core/lib/promise/pipe.h +9 -2
  184. data/src/core/lib/promise/prioritized_race.h +95 -0
  185. data/src/core/lib/promise/sleep.cc +2 -1
  186. data/src/core/lib/resolver/server_address.cc +0 -8
  187. data/src/core/lib/resolver/server_address.h +0 -6
  188. data/src/core/lib/resource_quota/memory_quota.cc +7 -7
  189. data/src/core/lib/resource_quota/memory_quota.h +1 -2
  190. data/src/core/lib/security/authorization/audit_logging.cc +98 -0
  191. data/src/core/lib/security/authorization/audit_logging.h +73 -0
  192. data/src/core/lib/security/authorization/grpc_authorization_engine.cc +47 -2
  193. data/src/core/lib/security/authorization/grpc_authorization_engine.h +18 -1
  194. data/src/core/lib/security/authorization/rbac_policy.cc +36 -4
  195. data/src/core/lib/security/authorization/rbac_policy.h +19 -2
  196. data/src/core/lib/security/authorization/stdout_logger.cc +75 -0
  197. data/src/core/lib/security/authorization/stdout_logger.h +61 -0
  198. data/src/core/lib/security/certificate_provider/certificate_provider_factory.h +8 -4
  199. data/src/core/lib/security/certificate_provider/certificate_provider_registry.cc +8 -18
  200. data/src/core/lib/security/certificate_provider/certificate_provider_registry.h +14 -8
  201. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +19 -12
  202. data/src/core/lib/security/credentials/external/external_account_credentials.cc +4 -2
  203. data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +1 -0
  204. data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +1 -0
  205. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +1 -0
  206. data/src/core/lib/security/credentials/jwt/json_token.cc +15 -14
  207. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +4 -2
  208. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +1 -0
  209. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +1 -0
  210. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -5
  211. data/src/core/lib/security/util/json_util.cc +1 -0
  212. data/src/core/lib/service_config/service_config_call_data.h +49 -20
  213. data/src/core/lib/service_config/service_config_impl.cc +2 -1
  214. data/src/core/lib/surface/call.cc +38 -23
  215. data/src/core/lib/surface/completion_queue.cc +6 -2
  216. data/src/core/lib/surface/version.cc +2 -2
  217. data/src/core/lib/transport/batch_builder.cc +15 -12
  218. data/src/core/lib/transport/batch_builder.h +39 -35
  219. data/src/core/plugin_registry/grpc_plugin_registry.cc +0 -2
  220. data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +2 -0
  221. data/src/ruby/ext/grpc/extconf.rb +8 -9
  222. data/src/ruby/lib/grpc/version.rb +1 -1
  223. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +9 -8
  224. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +1 -1
  225. data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +3 -3
  226. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +10 -6
  227. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +7 -4
  228. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +6 -4
  229. data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +2 -1
  230. data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +5 -9
  231. data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +4 -2
  232. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +31 -22
  233. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +29 -26
  234. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +8 -0
  235. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +189 -13
  236. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.c +62 -0
  237. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_openbsd.c +31 -0
  238. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +6 -4
  239. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +795 -795
  240. data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +1 -5
  241. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +4 -0
  242. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +18 -6
  243. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +15 -7
  244. data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +1 -1
  245. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +1 -1
  246. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +1 -0
  247. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +3 -0
  248. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +24 -24
  249. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +1 -1
  250. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +7 -7
  251. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +74 -74
  252. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +1 -2
  253. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +11 -11
  254. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.c +12 -12
  255. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +14 -15
  256. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +1 -1
  257. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +10 -10
  258. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +23 -23
  259. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +13 -13
  260. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +1 -1
  261. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +2 -2
  262. data/third_party/boringssl-with-bazel/src/crypto/{hkdf → fipsmodule/hkdf}/hkdf.c +1 -1
  263. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +2 -10
  264. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +1 -4
  265. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +115 -133
  266. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +12 -14
  267. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +57 -47
  268. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -8
  269. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/polyval.c +27 -28
  270. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -23
  271. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +21 -16
  272. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +5 -288
  273. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +143 -83
  274. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +95 -183
  275. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +71 -0
  276. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +8 -0
  277. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +33 -0
  278. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +162 -6
  279. data/third_party/boringssl-with-bazel/src/crypto/internal.h +18 -0
  280. data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +18 -11
  281. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +6 -13
  282. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +18 -14
  283. data/third_party/boringssl-with-bazel/src/crypto/{refcount_lock.c → refcount_no_threads.c} +3 -13
  284. data/third_party/boringssl-with-bazel/src/crypto/refcount_win.c +89 -0
  285. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/internal.h +77 -0
  286. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_crypt.c +568 -0
  287. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +62 -0
  288. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +218 -44
  289. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +35 -0
  290. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +588 -39
  291. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +27 -18
  292. data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +1 -1
  293. data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +17 -39
  294. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +39 -48
  295. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +0 -140
  296. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +72 -23
  297. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +11 -14
  298. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +1 -1
  299. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +2 -2
  300. data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +1 -1
  301. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +33 -46
  302. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +1 -0
  303. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +3 -5
  304. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +14 -46
  305. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +14 -26
  306. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +17 -10
  307. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1 -1
  308. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +5 -7
  309. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +6 -4
  310. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +32 -1
  311. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +0 -4
  312. data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +1 -4
  313. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +3 -3
  314. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +28 -0
  315. data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +2 -11
  316. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +0 -3
  317. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +91 -1
  318. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +5 -0
  319. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +149 -20
  320. data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +4 -0
  321. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +4 -0
  322. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +8 -0
  323. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +774 -615
  324. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +42 -10
  325. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +11 -6
  326. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +2 -4
  327. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +24 -16
  328. data/third_party/boringssl-with-bazel/src/ssl/internal.h +65 -18
  329. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +37 -18
  330. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +187 -193
  331. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +13 -129
  332. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +85 -10
  333. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +17 -4
  334. data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +27 -19
  335. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +1 -1
  336. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +5 -21
  337. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +5 -2
  338. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_msvc.h +1281 -0
  339. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64_msvc.h +2002 -0
  340. data/third_party/cares/cares/include/ares.h +23 -1
  341. data/third_party/cares/cares/{src/lib → include}/ares_nameser.h +9 -7
  342. data/third_party/cares/cares/include/ares_rules.h +2 -2
  343. data/third_party/cares/cares/include/ares_version.h +3 -3
  344. data/third_party/cares/cares/src/lib/ares__addrinfo2hostent.c +266 -0
  345. data/third_party/cares/cares/src/lib/ares__addrinfo_localhost.c +240 -0
  346. data/third_party/cares/cares/src/lib/ares__parse_into_addrinfo.c +49 -80
  347. data/third_party/cares/cares/src/lib/ares__readaddrinfo.c +37 -43
  348. data/third_party/cares/cares/src/lib/ares__sortaddrinfo.c +12 -4
  349. data/third_party/cares/cares/src/lib/ares_data.c +16 -0
  350. data/third_party/cares/cares/src/lib/ares_data.h +7 -0
  351. data/third_party/cares/cares/src/lib/ares_destroy.c +8 -0
  352. data/third_party/cares/cares/src/lib/ares_expand_name.c +17 -6
  353. data/third_party/cares/cares/src/lib/ares_freeaddrinfo.c +1 -0
  354. data/third_party/cares/cares/src/lib/ares_getaddrinfo.c +156 -78
  355. data/third_party/cares/cares/src/lib/ares_gethostbyname.c +130 -326
  356. data/third_party/cares/cares/src/lib/ares_init.c +97 -485
  357. data/third_party/cares/cares/src/lib/ares_library_init.c +2 -89
  358. data/third_party/cares/cares/src/lib/ares_parse_a_reply.c +23 -142
  359. data/third_party/cares/cares/src/lib/ares_parse_aaaa_reply.c +22 -142
  360. data/third_party/cares/cares/src/lib/ares_parse_uri_reply.c +184 -0
  361. data/third_party/cares/cares/src/lib/ares_private.h +30 -16
  362. data/third_party/cares/cares/src/lib/ares_process.c +55 -16
  363. data/third_party/cares/cares/src/lib/ares_query.c +1 -35
  364. data/third_party/cares/cares/src/lib/ares_rand.c +279 -0
  365. data/third_party/cares/cares/src/lib/ares_send.c +5 -7
  366. data/third_party/cares/cares/src/lib/ares_strdup.c +12 -19
  367. data/third_party/cares/cares/src/lib/ares_strsplit.c +44 -128
  368. data/third_party/cares/cares/src/lib/ares_strsplit.h +9 -10
  369. data/third_party/cares/cares/src/lib/inet_net_pton.c +78 -116
  370. data/third_party/cares/cares/src/tools/ares_getopt.h +53 -0
  371. metadata +50 -14
  372. data/src/core/ext/filters/client_channel/health/health_check_client.cc +0 -175
  373. data/src/core/ext/filters/client_channel/health/health_check_client.h +0 -43
  374. data/third_party/cares/cares/src/lib/ares_library_init.h +0 -43
@@ -62,9 +62,9 @@
62
62
  static const size_t kSizeTWithoutLower4Bits = (size_t) -16;
63
63
 
64
64
 
65
- #define GCM_MUL(ctx, Xi) gcm_gmult_nohw((ctx)->Xi.u, (ctx)->gcm_key.Htable)
65
+ #define GCM_MUL(ctx, Xi) gcm_gmult_nohw((ctx)->Xi, (ctx)->gcm_key.Htable)
66
66
  #define GHASH(ctx, in, len) \
67
- gcm_ghash_nohw((ctx)->Xi.u, (ctx)->gcm_key.Htable, in, len)
67
+ gcm_ghash_nohw((ctx)->Xi, (ctx)->gcm_key.Htable, in, len)
68
68
  // GHASH_CHUNK is "stride parameter" missioned to mitigate cache
69
69
  // trashing effect. In other words idea is to hash data while it's
70
70
  // still in L1 cache after encryption pass...
@@ -126,23 +126,23 @@ void gcm_init_ssse3(u128 Htable[16], const uint64_t H[2]) {
126
126
 
127
127
  #ifdef GCM_FUNCREF
128
128
  #undef GCM_MUL
129
- #define GCM_MUL(ctx, Xi) (*gcm_gmult_p)((ctx)->Xi.u, (ctx)->gcm_key.Htable)
129
+ #define GCM_MUL(ctx, Xi) (*gcm_gmult_p)((ctx)->Xi, (ctx)->gcm_key.Htable)
130
130
  #undef GHASH
131
131
  #define GHASH(ctx, in, len) \
132
- (*gcm_ghash_p)((ctx)->Xi.u, (ctx)->gcm_key.Htable, in, len)
132
+ (*gcm_ghash_p)((ctx)->Xi, (ctx)->gcm_key.Htable, in, len)
133
133
  #endif // GCM_FUNCREF
134
134
 
135
135
  #if defined(HW_GCM) && defined(OPENSSL_X86_64)
136
136
  static size_t hw_gcm_encrypt(const uint8_t *in, uint8_t *out, size_t len,
137
137
  const AES_KEY *key, uint8_t ivec[16],
138
- uint64_t *Xi) {
139
- return aesni_gcm_encrypt(in, out, len, key, ivec, Xi);
138
+ uint8_t Xi[16], const u128 Htable[16]) {
139
+ return aesni_gcm_encrypt(in, out, len, key, ivec, Htable, Xi);
140
140
  }
141
141
 
142
142
  static size_t hw_gcm_decrypt(const uint8_t *in, uint8_t *out, size_t len,
143
143
  const AES_KEY *key, uint8_t ivec[16],
144
- uint64_t *Xi) {
145
- return aesni_gcm_decrypt(in, out, len, key, ivec, Xi);
144
+ uint8_t Xi[16], const u128 Htable[16]) {
145
+ return aesni_gcm_decrypt(in, out, len, key, ivec, Htable, Xi);
146
146
  }
147
147
  #endif // HW_GCM && X86_64
148
148
 
@@ -150,38 +150,36 @@ static size_t hw_gcm_decrypt(const uint8_t *in, uint8_t *out, size_t len,
150
150
 
151
151
  static size_t hw_gcm_encrypt(const uint8_t *in, uint8_t *out, size_t len,
152
152
  const AES_KEY *key, uint8_t ivec[16],
153
- uint64_t *Xi) {
153
+ uint8_t Xi[16], const u128 Htable[16]) {
154
154
  const size_t len_blocks = len & kSizeTWithoutLower4Bits;
155
155
  if (!len_blocks) {
156
156
  return 0;
157
157
  }
158
- aes_gcm_enc_kernel(in, len_blocks * 8, out, Xi, ivec, key);
158
+ aes_gcm_enc_kernel(in, len_blocks * 8, out, Xi, ivec, key, Htable);
159
159
  return len_blocks;
160
160
  }
161
161
 
162
162
  static size_t hw_gcm_decrypt(const uint8_t *in, uint8_t *out, size_t len,
163
163
  const AES_KEY *key, uint8_t ivec[16],
164
- uint64_t *Xi) {
164
+ uint8_t Xi[16], const u128 Htable[16]) {
165
165
  const size_t len_blocks = len & kSizeTWithoutLower4Bits;
166
166
  if (!len_blocks) {
167
167
  return 0;
168
168
  }
169
- aes_gcm_dec_kernel(in, len_blocks * 8, out, Xi, ivec, key);
169
+ aes_gcm_dec_kernel(in, len_blocks * 8, out, Xi, ivec, key, Htable);
170
170
  return len_blocks;
171
171
  }
172
172
 
173
173
  #endif // HW_GCM && AARCH64
174
174
 
175
175
  void CRYPTO_ghash_init(gmult_func *out_mult, ghash_func *out_hash,
176
- u128 *out_key, u128 out_table[16], int *out_is_avx,
176
+ u128 out_table[16], int *out_is_avx,
177
177
  const uint8_t gcm_key[16]) {
178
178
  *out_is_avx = 0;
179
179
 
180
- // H is stored in host byte order.
180
+ // H is passed to |gcm_init_*| as a pair of byte-swapped, 64-bit values.
181
181
  uint64_t H[2] = {CRYPTO_load_u64_be(gcm_key),
182
182
  CRYPTO_load_u64_be(gcm_key + 8)};
183
- out_key->hi = H[0];
184
- out_key->lo = H[1];
185
183
 
186
184
  #if defined(GHASH_ASM_X86_64)
187
185
  if (crypto_gcm_clmul_enabled()) {
@@ -247,89 +245,88 @@ void CRYPTO_gcm128_init_key(GCM128_KEY *gcm_key, const AES_KEY *aes_key,
247
245
  (*block)(ghash_key, ghash_key, aes_key);
248
246
 
249
247
  int is_avx;
250
- CRYPTO_ghash_init(&gcm_key->gmult, &gcm_key->ghash, &gcm_key->H,
251
- gcm_key->Htable, &is_avx, ghash_key);
248
+ CRYPTO_ghash_init(&gcm_key->gmult, &gcm_key->ghash, gcm_key->Htable, &is_avx,
249
+ ghash_key);
252
250
 
253
251
  #if defined(OPENSSL_AARCH64) && !defined(OPENSSL_NO_ASM)
254
- gcm_key->use_hw_gcm_crypt = (gcm_pmull_capable() && block_is_hwaes) ? 1 :
255
- 0;
252
+ gcm_key->use_hw_gcm_crypt = (gcm_pmull_capable() && block_is_hwaes) ? 1 : 0;
256
253
  #else
257
- gcm_key->use_hw_gcm_crypt = (is_avx && block_is_hwaes) ? 1 : 0;
254
+ gcm_key->use_hw_gcm_crypt = (is_avx && block_is_hwaes) ? 1 : 0;
258
255
  #endif
259
256
  }
260
257
 
261
258
  void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const AES_KEY *key,
262
259
  const uint8_t *iv, size_t len) {
263
260
  #ifdef GCM_FUNCREF
264
- void (*gcm_gmult_p)(uint64_t Xi[2], const u128 Htable[16]) =
261
+ void (*gcm_gmult_p)(uint8_t Xi[16], const u128 Htable[16]) =
265
262
  ctx->gcm_key.gmult;
266
263
  #endif
267
264
 
268
- ctx->Yi.u[0] = 0;
269
- ctx->Yi.u[1] = 0;
270
- ctx->Xi.u[0] = 0;
271
- ctx->Xi.u[1] = 0;
272
- ctx->len.u[0] = 0; // AAD length
273
- ctx->len.u[1] = 0; // message length
265
+ OPENSSL_memset(&ctx->Yi, 0, sizeof(ctx->Yi));
266
+ OPENSSL_memset(&ctx->Xi, 0, sizeof(ctx->Xi));
267
+ ctx->len.aad = 0;
268
+ ctx->len.msg = 0;
274
269
  ctx->ares = 0;
275
270
  ctx->mres = 0;
276
271
 
277
272
  uint32_t ctr;
278
273
  if (len == 12) {
279
- OPENSSL_memcpy(ctx->Yi.c, iv, 12);
280
- ctx->Yi.c[15] = 1;
274
+ OPENSSL_memcpy(ctx->Yi, iv, 12);
275
+ ctx->Yi[15] = 1;
281
276
  ctr = 1;
282
277
  } else {
283
278
  uint64_t len0 = len;
284
279
 
285
280
  while (len >= 16) {
286
- for (size_t i = 0; i < 16; ++i) {
287
- ctx->Yi.c[i] ^= iv[i];
288
- }
281
+ CRYPTO_xor16(ctx->Yi, ctx->Yi, iv);
289
282
  GCM_MUL(ctx, Yi);
290
283
  iv += 16;
291
284
  len -= 16;
292
285
  }
293
286
  if (len) {
294
287
  for (size_t i = 0; i < len; ++i) {
295
- ctx->Yi.c[i] ^= iv[i];
288
+ ctx->Yi[i] ^= iv[i];
296
289
  }
297
290
  GCM_MUL(ctx, Yi);
298
291
  }
299
- len0 <<= 3;
300
- ctx->Yi.u[1] ^= CRYPTO_bswap8(len0);
292
+
293
+ uint8_t len_block[16];
294
+ OPENSSL_memset(len_block, 0, 8);
295
+ CRYPTO_store_u64_be(len_block + 8, len0 << 3);
296
+ CRYPTO_xor16(ctx->Yi, ctx->Yi, len_block);
301
297
 
302
298
  GCM_MUL(ctx, Yi);
303
- ctr = CRYPTO_bswap4(ctx->Yi.d[3]);
299
+ ctr = CRYPTO_load_u32_be(ctx->Yi + 12);
304
300
  }
305
301
 
306
- (*ctx->gcm_key.block)(ctx->Yi.c, ctx->EK0.c, key);
302
+ (*ctx->gcm_key.block)(ctx->Yi, ctx->EK0, key);
307
303
  ++ctr;
308
- ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
304
+ CRYPTO_store_u32_be(ctx->Yi + 12, ctr);
309
305
  }
310
306
 
311
307
  int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const uint8_t *aad, size_t len) {
312
308
  #ifdef GCM_FUNCREF
313
- void (*gcm_gmult_p)(uint64_t Xi[2], const u128 Htable[16]) =
309
+ void (*gcm_gmult_p)(uint8_t Xi[16], const u128 Htable[16]) =
314
310
  ctx->gcm_key.gmult;
315
- void (*gcm_ghash_p)(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp,
311
+ void (*gcm_ghash_p)(uint8_t Xi[16], const u128 Htable[16], const uint8_t *inp,
316
312
  size_t len) = ctx->gcm_key.ghash;
317
313
  #endif
318
314
 
319
- if (ctx->len.u[1]) {
315
+ if (ctx->len.msg != 0) {
316
+ // The caller must have finished the AAD before providing other input.
320
317
  return 0;
321
318
  }
322
319
 
323
- uint64_t alen = ctx->len.u[0] + len;
320
+ uint64_t alen = ctx->len.aad + len;
324
321
  if (alen > (UINT64_C(1) << 61) || (sizeof(len) == 8 && alen < len)) {
325
322
  return 0;
326
323
  }
327
- ctx->len.u[0] = alen;
324
+ ctx->len.aad = alen;
328
325
 
329
326
  unsigned n = ctx->ares;
330
327
  if (n) {
331
328
  while (n && len) {
332
- ctx->Xi.c[n] ^= *(aad++);
329
+ ctx->Xi[n] ^= *(aad++);
333
330
  --len;
334
331
  n = (n + 1) % 16;
335
332
  }
@@ -353,7 +350,7 @@ int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const uint8_t *aad, size_t len) {
353
350
  if (len != 0) {
354
351
  n = (unsigned int)len;
355
352
  for (size_t i = 0; i < len; ++i) {
356
- ctx->Xi.c[i] ^= aad[i];
353
+ ctx->Xi[i] ^= aad[i];
357
354
  }
358
355
  }
359
356
 
@@ -365,18 +362,18 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, const AES_KEY *key,
365
362
  const uint8_t *in, uint8_t *out, size_t len) {
366
363
  block128_f block = ctx->gcm_key.block;
367
364
  #ifdef GCM_FUNCREF
368
- void (*gcm_gmult_p)(uint64_t Xi[2], const u128 Htable[16]) =
365
+ void (*gcm_gmult_p)(uint8_t Xi[16], const u128 Htable[16]) =
369
366
  ctx->gcm_key.gmult;
370
- void (*gcm_ghash_p)(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp,
367
+ void (*gcm_ghash_p)(uint8_t Xi[16], const u128 Htable[16], const uint8_t *inp,
371
368
  size_t len) = ctx->gcm_key.ghash;
372
369
  #endif
373
370
 
374
- uint64_t mlen = ctx->len.u[1] + len;
371
+ uint64_t mlen = ctx->len.msg + len;
375
372
  if (mlen > ((UINT64_C(1) << 36) - 32) ||
376
373
  (sizeof(len) == 8 && mlen < len)) {
377
374
  return 0;
378
375
  }
379
- ctx->len.u[1] = mlen;
376
+ ctx->len.msg = mlen;
380
377
 
381
378
  if (ctx->ares) {
382
379
  // First call to encrypt finalizes GHASH(AAD)
@@ -387,7 +384,7 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, const AES_KEY *key,
387
384
  unsigned n = ctx->mres;
388
385
  if (n) {
389
386
  while (n && len) {
390
- ctx->Xi.c[n] ^= *(out++) = *(in++) ^ ctx->EKi.c[n];
387
+ ctx->Xi[n] ^= *(out++) = *(in++) ^ ctx->EKi[n];
391
388
  --len;
392
389
  n = (n + 1) % 16;
393
390
  }
@@ -399,19 +396,15 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, const AES_KEY *key,
399
396
  }
400
397
  }
401
398
 
402
- uint32_t ctr = CRYPTO_bswap4(ctx->Yi.d[3]);
399
+ uint32_t ctr = CRYPTO_load_u32_be(ctx->Yi + 12);
403
400
  while (len >= GHASH_CHUNK) {
404
401
  size_t j = GHASH_CHUNK;
405
402
 
406
403
  while (j) {
407
- (*block)(ctx->Yi.c, ctx->EKi.c, key);
404
+ (*block)(ctx->Yi, ctx->EKi, key);
408
405
  ++ctr;
409
- ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
410
- for (size_t i = 0; i < 16; i += sizeof(crypto_word_t)) {
411
- CRYPTO_store_word_le(out + i,
412
- CRYPTO_load_word_le(in + i) ^
413
- ctx->EKi.t[i / sizeof(crypto_word_t)]);
414
- }
406
+ CRYPTO_store_u32_be(ctx->Yi + 12, ctr);
407
+ CRYPTO_xor16(out, in, ctx->EKi);
415
408
  out += 16;
416
409
  in += 16;
417
410
  j -= 16;
@@ -422,14 +415,10 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, const AES_KEY *key,
422
415
  size_t len_blocks = len & kSizeTWithoutLower4Bits;
423
416
  if (len_blocks != 0) {
424
417
  while (len >= 16) {
425
- (*block)(ctx->Yi.c, ctx->EKi.c, key);
418
+ (*block)(ctx->Yi, ctx->EKi, key);
426
419
  ++ctr;
427
- ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
428
- for (size_t i = 0; i < 16; i += sizeof(crypto_word_t)) {
429
- CRYPTO_store_word_le(out + i,
430
- CRYPTO_load_word_le(in + i) ^
431
- ctx->EKi.t[i / sizeof(crypto_word_t)]);
432
- }
420
+ CRYPTO_store_u32_be(ctx->Yi + 12, ctr);
421
+ CRYPTO_xor16(out, in, ctx->EKi);
433
422
  out += 16;
434
423
  in += 16;
435
424
  len -= 16;
@@ -437,11 +426,11 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, const AES_KEY *key,
437
426
  GHASH(ctx, out - len_blocks, len_blocks);
438
427
  }
439
428
  if (len) {
440
- (*block)(ctx->Yi.c, ctx->EKi.c, key);
429
+ (*block)(ctx->Yi, ctx->EKi, key);
441
430
  ++ctr;
442
- ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
431
+ CRYPTO_store_u32_be(ctx->Yi + 12, ctr);
443
432
  while (len--) {
444
- ctx->Xi.c[n] ^= out[n] = in[n] ^ ctx->EKi.c[n];
433
+ ctx->Xi[n] ^= out[n] = in[n] ^ ctx->EKi[n];
445
434
  ++n;
446
435
  }
447
436
  }
@@ -455,18 +444,18 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, const AES_KEY *key,
455
444
  size_t len) {
456
445
  block128_f block = ctx->gcm_key.block;
457
446
  #ifdef GCM_FUNCREF
458
- void (*gcm_gmult_p)(uint64_t Xi[2], const u128 Htable[16]) =
447
+ void (*gcm_gmult_p)(uint8_t Xi[16], const u128 Htable[16]) =
459
448
  ctx->gcm_key.gmult;
460
- void (*gcm_ghash_p)(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp,
449
+ void (*gcm_ghash_p)(uint8_t Xi[16], const u128 Htable[16], const uint8_t *inp,
461
450
  size_t len) = ctx->gcm_key.ghash;
462
451
  #endif
463
452
 
464
- uint64_t mlen = ctx->len.u[1] + len;
453
+ uint64_t mlen = ctx->len.msg + len;
465
454
  if (mlen > ((UINT64_C(1) << 36) - 32) ||
466
455
  (sizeof(len) == 8 && mlen < len)) {
467
456
  return 0;
468
457
  }
469
- ctx->len.u[1] = mlen;
458
+ ctx->len.msg = mlen;
470
459
 
471
460
  if (ctx->ares) {
472
461
  // First call to decrypt finalizes GHASH(AAD)
@@ -478,8 +467,8 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, const AES_KEY *key,
478
467
  if (n) {
479
468
  while (n && len) {
480
469
  uint8_t c = *(in++);
481
- *(out++) = c ^ ctx->EKi.c[n];
482
- ctx->Xi.c[n] ^= c;
470
+ *(out++) = c ^ ctx->EKi[n];
471
+ ctx->Xi[n] ^= c;
483
472
  --len;
484
473
  n = (n + 1) % 16;
485
474
  }
@@ -491,20 +480,16 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, const AES_KEY *key,
491
480
  }
492
481
  }
493
482
 
494
- uint32_t ctr = CRYPTO_bswap4(ctx->Yi.d[3]);
483
+ uint32_t ctr = CRYPTO_load_u32_be(ctx->Yi + 12);
495
484
  while (len >= GHASH_CHUNK) {
496
485
  size_t j = GHASH_CHUNK;
497
486
 
498
487
  GHASH(ctx, in, GHASH_CHUNK);
499
488
  while (j) {
500
- (*block)(ctx->Yi.c, ctx->EKi.c, key);
489
+ (*block)(ctx->Yi, ctx->EKi, key);
501
490
  ++ctr;
502
- ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
503
- for (size_t i = 0; i < 16; i += sizeof(crypto_word_t)) {
504
- CRYPTO_store_word_le(out + i,
505
- CRYPTO_load_word_le(in + i) ^
506
- ctx->EKi.t[i / sizeof(crypto_word_t)]);
507
- }
491
+ CRYPTO_store_u32_be(ctx->Yi + 12, ctr);
492
+ CRYPTO_xor16(out, in, ctx->EKi);
508
493
  out += 16;
509
494
  in += 16;
510
495
  j -= 16;
@@ -515,27 +500,23 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, const AES_KEY *key,
515
500
  if (len_blocks != 0) {
516
501
  GHASH(ctx, in, len_blocks);
517
502
  while (len >= 16) {
518
- (*block)(ctx->Yi.c, ctx->EKi.c, key);
503
+ (*block)(ctx->Yi, ctx->EKi, key);
519
504
  ++ctr;
520
- ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
521
- for (size_t i = 0; i < 16; i += sizeof(crypto_word_t)) {
522
- CRYPTO_store_word_le(out + i,
523
- CRYPTO_load_word_le(in + i) ^
524
- ctx->EKi.t[i / sizeof(crypto_word_t)]);
525
- }
505
+ CRYPTO_store_u32_be(ctx->Yi + 12, ctr);
506
+ CRYPTO_xor16(out, in, ctx->EKi);
526
507
  out += 16;
527
508
  in += 16;
528
509
  len -= 16;
529
510
  }
530
511
  }
531
512
  if (len) {
532
- (*block)(ctx->Yi.c, ctx->EKi.c, key);
513
+ (*block)(ctx->Yi, ctx->EKi, key);
533
514
  ++ctr;
534
- ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
515
+ CRYPTO_store_u32_be(ctx->Yi + 12, ctr);
535
516
  while (len--) {
536
517
  uint8_t c = in[n];
537
- ctx->Xi.c[n] ^= c;
538
- out[n] = c ^ ctx->EKi.c[n];
518
+ ctx->Xi[n] ^= c;
519
+ out[n] = c ^ ctx->EKi[n];
539
520
  ++n;
540
521
  }
541
522
  }
@@ -548,18 +529,18 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, const AES_KEY *key,
548
529
  const uint8_t *in, uint8_t *out, size_t len,
549
530
  ctr128_f stream) {
550
531
  #ifdef GCM_FUNCREF
551
- void (*gcm_gmult_p)(uint64_t Xi[2], const u128 Htable[16]) =
532
+ void (*gcm_gmult_p)(uint8_t Xi[16], const u128 Htable[16]) =
552
533
  ctx->gcm_key.gmult;
553
- void (*gcm_ghash_p)(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp,
534
+ void (*gcm_ghash_p)(uint8_t Xi[16], const u128 Htable[16], const uint8_t *inp,
554
535
  size_t len) = ctx->gcm_key.ghash;
555
536
  #endif
556
537
 
557
- uint64_t mlen = ctx->len.u[1] + len;
538
+ uint64_t mlen = ctx->len.msg + len;
558
539
  if (mlen > ((UINT64_C(1) << 36) - 32) ||
559
540
  (sizeof(len) == 8 && mlen < len)) {
560
541
  return 0;
561
542
  }
562
- ctx->len.u[1] = mlen;
543
+ ctx->len.msg = mlen;
563
544
 
564
545
  if (ctx->ares) {
565
546
  // First call to encrypt finalizes GHASH(AAD)
@@ -570,7 +551,7 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, const AES_KEY *key,
570
551
  unsigned n = ctx->mres;
571
552
  if (n) {
572
553
  while (n && len) {
573
- ctx->Xi.c[n] ^= *(out++) = *(in++) ^ ctx->EKi.c[n];
554
+ ctx->Xi[n] ^= *(out++) = *(in++) ^ ctx->EKi[n];
574
555
  --len;
575
556
  n = (n + 1) % 16;
576
557
  }
@@ -587,18 +568,19 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, const AES_KEY *key,
587
568
  if (ctx->gcm_key.use_hw_gcm_crypt && len > 0) {
588
569
  // |hw_gcm_encrypt| may not process all the input given to it. It may
589
570
  // not process *any* of its input if it is deemed too small.
590
- size_t bulk = hw_gcm_encrypt(in, out, len, key, ctx->Yi.c, ctx->Xi.u);
571
+ size_t bulk = hw_gcm_encrypt(in, out, len, key, ctx->Yi, ctx->Xi,
572
+ ctx->gcm_key.Htable);
591
573
  in += bulk;
592
574
  out += bulk;
593
575
  len -= bulk;
594
576
  }
595
577
  #endif
596
578
 
597
- uint32_t ctr = CRYPTO_bswap4(ctx->Yi.d[3]);
579
+ uint32_t ctr = CRYPTO_load_u32_be(ctx->Yi + 12);
598
580
  while (len >= GHASH_CHUNK) {
599
- (*stream)(in, out, GHASH_CHUNK / 16, key, ctx->Yi.c);
581
+ (*stream)(in, out, GHASH_CHUNK / 16, key, ctx->Yi);
600
582
  ctr += GHASH_CHUNK / 16;
601
- ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
583
+ CRYPTO_store_u32_be(ctx->Yi + 12, ctr);
602
584
  GHASH(ctx, out, GHASH_CHUNK);
603
585
  out += GHASH_CHUNK;
604
586
  in += GHASH_CHUNK;
@@ -608,20 +590,20 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, const AES_KEY *key,
608
590
  if (len_blocks != 0) {
609
591
  size_t j = len_blocks / 16;
610
592
 
611
- (*stream)(in, out, j, key, ctx->Yi.c);
593
+ (*stream)(in, out, j, key, ctx->Yi);
612
594
  ctr += (unsigned int)j;
613
- ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
595
+ CRYPTO_store_u32_be(ctx->Yi + 12, ctr);
614
596
  in += len_blocks;
615
597
  len -= len_blocks;
616
598
  GHASH(ctx, out, len_blocks);
617
599
  out += len_blocks;
618
600
  }
619
601
  if (len) {
620
- (*ctx->gcm_key.block)(ctx->Yi.c, ctx->EKi.c, key);
602
+ (*ctx->gcm_key.block)(ctx->Yi, ctx->EKi, key);
621
603
  ++ctr;
622
- ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
604
+ CRYPTO_store_u32_be(ctx->Yi + 12, ctr);
623
605
  while (len--) {
624
- ctx->Xi.c[n] ^= out[n] = in[n] ^ ctx->EKi.c[n];
606
+ ctx->Xi[n] ^= out[n] = in[n] ^ ctx->EKi[n];
625
607
  ++n;
626
608
  }
627
609
  }
@@ -634,18 +616,18 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, const AES_KEY *key,
634
616
  const uint8_t *in, uint8_t *out, size_t len,
635
617
  ctr128_f stream) {
636
618
  #ifdef GCM_FUNCREF
637
- void (*gcm_gmult_p)(uint64_t Xi[2], const u128 Htable[16]) =
619
+ void (*gcm_gmult_p)(uint8_t Xi[16], const u128 Htable[16]) =
638
620
  ctx->gcm_key.gmult;
639
- void (*gcm_ghash_p)(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp,
621
+ void (*gcm_ghash_p)(uint8_t Xi[16], const u128 Htable[16], const uint8_t *inp,
640
622
  size_t len) = ctx->gcm_key.ghash;
641
623
  #endif
642
624
 
643
- uint64_t mlen = ctx->len.u[1] + len;
625
+ uint64_t mlen = ctx->len.msg + len;
644
626
  if (mlen > ((UINT64_C(1) << 36) - 32) ||
645
627
  (sizeof(len) == 8 && mlen < len)) {
646
628
  return 0;
647
629
  }
648
- ctx->len.u[1] = mlen;
630
+ ctx->len.msg = mlen;
649
631
 
650
632
  if (ctx->ares) {
651
633
  // First call to decrypt finalizes GHASH(AAD)
@@ -657,8 +639,8 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, const AES_KEY *key,
657
639
  if (n) {
658
640
  while (n && len) {
659
641
  uint8_t c = *(in++);
660
- *(out++) = c ^ ctx->EKi.c[n];
661
- ctx->Xi.c[n] ^= c;
642
+ *(out++) = c ^ ctx->EKi[n];
643
+ ctx->Xi[n] ^= c;
662
644
  --len;
663
645
  n = (n + 1) % 16;
664
646
  }
@@ -675,19 +657,20 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, const AES_KEY *key,
675
657
  if (ctx->gcm_key.use_hw_gcm_crypt && len > 0) {
676
658
  // |hw_gcm_decrypt| may not process all the input given to it. It may
677
659
  // not process *any* of its input if it is deemed too small.
678
- size_t bulk = hw_gcm_decrypt(in, out, len, key, ctx->Yi.c, ctx->Xi.u);
660
+ size_t bulk = hw_gcm_decrypt(in, out, len, key, ctx->Yi, ctx->Xi,
661
+ ctx->gcm_key.Htable);
679
662
  in += bulk;
680
663
  out += bulk;
681
664
  len -= bulk;
682
665
  }
683
666
  #endif
684
667
 
685
- uint32_t ctr = CRYPTO_bswap4(ctx->Yi.d[3]);
668
+ uint32_t ctr = CRYPTO_load_u32_be(ctx->Yi + 12);
686
669
  while (len >= GHASH_CHUNK) {
687
670
  GHASH(ctx, in, GHASH_CHUNK);
688
- (*stream)(in, out, GHASH_CHUNK / 16, key, ctx->Yi.c);
671
+ (*stream)(in, out, GHASH_CHUNK / 16, key, ctx->Yi);
689
672
  ctr += GHASH_CHUNK / 16;
690
- ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
673
+ CRYPTO_store_u32_be(ctx->Yi + 12, ctr);
691
674
  out += GHASH_CHUNK;
692
675
  in += GHASH_CHUNK;
693
676
  len -= GHASH_CHUNK;
@@ -697,21 +680,21 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, const AES_KEY *key,
697
680
  size_t j = len_blocks / 16;
698
681
 
699
682
  GHASH(ctx, in, len_blocks);
700
- (*stream)(in, out, j, key, ctx->Yi.c);
683
+ (*stream)(in, out, j, key, ctx->Yi);
701
684
  ctr += (unsigned int)j;
702
- ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
685
+ CRYPTO_store_u32_be(ctx->Yi + 12, ctr);
703
686
  out += len_blocks;
704
687
  in += len_blocks;
705
688
  len -= len_blocks;
706
689
  }
707
690
  if (len) {
708
- (*ctx->gcm_key.block)(ctx->Yi.c, ctx->EKi.c, key);
691
+ (*ctx->gcm_key.block)(ctx->Yi, ctx->EKi, key);
709
692
  ++ctr;
710
- ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
693
+ CRYPTO_store_u32_be(ctx->Yi + 12, ctr);
711
694
  while (len--) {
712
695
  uint8_t c = in[n];
713
- ctx->Xi.c[n] ^= c;
714
- out[n] = c ^ ctx->EKi.c[n];
696
+ ctx->Xi[n] ^= c;
697
+ out[n] = c ^ ctx->EKi[n];
715
698
  ++n;
716
699
  }
717
700
  }
@@ -722,7 +705,7 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, const AES_KEY *key,
722
705
 
723
706
  int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const uint8_t *tag, size_t len) {
724
707
  #ifdef GCM_FUNCREF
725
- void (*gcm_gmult_p)(uint64_t Xi[2], const u128 Htable[16]) =
708
+ void (*gcm_gmult_p)(uint8_t Xi[16], const u128 Htable[16]) =
726
709
  ctx->gcm_key.gmult;
727
710
  #endif
728
711
 
@@ -730,15 +713,15 @@ int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const uint8_t *tag, size_t len) {
730
713
  GCM_MUL(ctx, Xi);
731
714
  }
732
715
 
733
- ctx->Xi.u[0] ^= CRYPTO_bswap8(ctx->len.u[0] << 3);
734
- ctx->Xi.u[1] ^= CRYPTO_bswap8(ctx->len.u[1] << 3);
716
+ uint8_t len_block[16];
717
+ CRYPTO_store_u64_be(len_block, ctx->len.aad << 3);
718
+ CRYPTO_store_u64_be(len_block + 8, ctx->len.msg << 3);
719
+ CRYPTO_xor16(ctx->Xi, ctx->Xi, len_block);
735
720
  GCM_MUL(ctx, Xi);
736
-
737
- ctx->Xi.u[0] ^= ctx->EK0.u[0];
738
- ctx->Xi.u[1] ^= ctx->EK0.u[1];
721
+ CRYPTO_xor16(ctx->Xi, ctx->Xi, ctx->EK0);
739
722
 
740
723
  if (tag && len <= sizeof(ctx->Xi)) {
741
- return CRYPTO_memcmp(ctx->Xi.c, tag, len) == 0;
724
+ return CRYPTO_memcmp(ctx->Xi, tag, len) == 0;
742
725
  } else {
743
726
  return 0;
744
727
  }
@@ -746,8 +729,7 @@ int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const uint8_t *tag, size_t len) {
746
729
 
747
730
  void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len) {
748
731
  CRYPTO_gcm128_finish(ctx, NULL, 0);
749
- OPENSSL_memcpy(tag, ctx->Xi.c,
750
- len <= sizeof(ctx->Xi.c) ? len : sizeof(ctx->Xi.c));
732
+ OPENSSL_memcpy(tag, ctx->Xi, len <= sizeof(ctx->Xi) ? len : sizeof(ctx->Xi));
751
733
  }
752
734
 
753
735
  #if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
@@ -274,31 +274,29 @@ static void gcm_polyval_nohw(uint64_t Xi[2], const u128 *H) {
274
274
  Xi[1] = r3;
275
275
  }
276
276
 
277
- void gcm_gmult_nohw(uint64_t Xi[2], const u128 Htable[16]) {
277
+ void gcm_gmult_nohw(uint8_t Xi[16], const u128 Htable[16]) {
278
278
  uint64_t swapped[2];
279
- swapped[0] = CRYPTO_bswap8(Xi[1]);
280
- swapped[1] = CRYPTO_bswap8(Xi[0]);
279
+ swapped[0] = CRYPTO_load_u64_be(Xi + 8);
280
+ swapped[1] = CRYPTO_load_u64_be(Xi);
281
281
  gcm_polyval_nohw(swapped, &Htable[0]);
282
- Xi[0] = CRYPTO_bswap8(swapped[1]);
283
- Xi[1] = CRYPTO_bswap8(swapped[0]);
282
+ CRYPTO_store_u64_be(Xi, swapped[1]);
283
+ CRYPTO_store_u64_be(Xi + 8, swapped[0]);
284
284
  }
285
285
 
286
- void gcm_ghash_nohw(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp,
286
+ void gcm_ghash_nohw(uint8_t Xi[16], const u128 Htable[16], const uint8_t *inp,
287
287
  size_t len) {
288
288
  uint64_t swapped[2];
289
- swapped[0] = CRYPTO_bswap8(Xi[1]);
290
- swapped[1] = CRYPTO_bswap8(Xi[0]);
289
+ swapped[0] = CRYPTO_load_u64_be(Xi + 8);
290
+ swapped[1] = CRYPTO_load_u64_be(Xi);
291
291
 
292
292
  while (len >= 16) {
293
- uint64_t block[2];
294
- OPENSSL_memcpy(block, inp, 16);
295
- swapped[0] ^= CRYPTO_bswap8(block[1]);
296
- swapped[1] ^= CRYPTO_bswap8(block[0]);
293
+ swapped[0] ^= CRYPTO_load_u64_be(inp + 8);
294
+ swapped[1] ^= CRYPTO_load_u64_be(inp);
297
295
  gcm_polyval_nohw(swapped, &Htable[0]);
298
296
  inp += 16;
299
297
  len -= 16;
300
298
  }
301
299
 
302
- Xi[0] = CRYPTO_bswap8(swapped[1]);
303
- Xi[1] = CRYPTO_bswap8(swapped[0]);
300
+ CRYPTO_store_u64_be(Xi, swapped[1]);
301
+ CRYPTO_store_u64_be(Xi + 8, swapped[0]);
304
302
  }