grpc 1.55.3 → 1.56.0.pre3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +100 -70
- data/include/grpc/event_engine/event_engine.h +4 -3
- data/include/grpc/grpc_audit_logging.h +96 -0
- data/include/grpc/module.modulemap +2 -0
- data/include/grpc/support/json.h +218 -0
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +5 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +2 -0
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +4 -4
- data/src/core/ext/filters/client_channel/client_channel.cc +82 -98
- data/src/core/ext/filters/client_channel/client_channel.h +4 -0
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +19 -18
- data/src/core/ext/filters/client_channel/client_channel_internal.h +16 -21
- data/src/core/ext/filters/client_channel/config_selector.h +9 -24
- data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +3 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +5 -4
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client.cc +455 -0
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client.h +54 -0
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client_internal.h +186 -0
- data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.cc +2 -7
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.cc +52 -20
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.h +23 -2
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +19 -6
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +1 -9
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +16 -7
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +18 -1
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +12 -9
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +6 -4
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +36 -13
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/static_stride_scheduler.cc +76 -6
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +32 -39
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +4 -10
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +52 -47
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +1 -9
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +14 -16
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +40 -43
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +7 -12
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_wrr_locality.cc +12 -19
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +35 -33
- data/src/core/ext/filters/client_channel/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +29 -4
- data/src/core/ext/filters/client_channel/resolver/dns/event_engine/service_config_helper.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +28 -27
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +163 -46
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +16 -1
- data/src/core/ext/filters/client_channel/retry_service_config.cc +1 -0
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +10 -40
- data/src/core/ext/filters/client_channel/subchannel.cc +10 -196
- data/src/core/ext/filters/client_channel/subchannel.h +3 -43
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +5 -5
- data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +100 -6
- data/src/core/ext/filters/server_config_selector/server_config_selector_filter.cc +6 -8
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +3 -3
- data/src/core/ext/filters/stateful_session/stateful_session_filter.h +16 -1
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +46 -95
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +543 -567
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +9 -150
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +32 -46
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +5 -18
- data/src/core/ext/transport/chttp2/transport/internal.h +1 -15
- data/src/core/ext/transport/chttp2/transport/parsing.cc +12 -12
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +11 -2
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +15 -0
- data/src/core/ext/xds/certificate_provider_store.cc +4 -9
- data/src/core/ext/xds/certificate_provider_store.h +1 -1
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +30 -42
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +14 -9
- data/src/core/ext/xds/xds_api.cc +9 -6
- data/src/core/ext/xds/xds_api.h +3 -2
- data/src/core/ext/xds/xds_audit_logger_registry.cc +122 -0
- data/src/core/ext/xds/xds_audit_logger_registry.h +68 -0
- data/src/core/ext/xds/xds_bootstrap_grpc.cc +21 -9
- data/src/core/ext/xds/xds_bootstrap_grpc.h +5 -0
- data/src/core/ext/xds/xds_client.cc +5 -4
- data/src/core/ext/xds/xds_client_stats.h +1 -1
- data/src/core/ext/xds/xds_cluster.cc +20 -19
- data/src/core/ext/xds/xds_cluster_specifier_plugin.cc +11 -8
- data/src/core/ext/xds/xds_common_types.cc +3 -1
- data/src/core/ext/xds/xds_http_fault_filter.cc +16 -13
- data/src/core/ext/xds/xds_http_fault_filter.h +2 -1
- data/src/core/ext/xds/xds_http_filters.h +4 -2
- data/src/core/ext/xds/xds_http_rbac_filter.cc +154 -67
- data/src/core/ext/xds/xds_http_rbac_filter.h +2 -1
- data/src/core/ext/xds/xds_http_stateful_session_filter.cc +15 -11
- data/src/core/ext/xds/xds_http_stateful_session_filter.h +2 -1
- data/src/core/ext/xds/xds_lb_policy_registry.cc +22 -16
- data/src/core/ext/xds/xds_listener.cc +1 -0
- data/src/core/ext/xds/xds_route_config.cc +40 -3
- data/src/core/ext/xds/xds_routing.cc +2 -2
- data/src/core/ext/xds/xds_transport_grpc.cc +3 -1
- data/src/core/lib/avl/avl.h +5 -0
- data/src/core/lib/backoff/random_early_detection.h +0 -5
- data/src/core/lib/channel/channel_args.cc +80 -22
- data/src/core/lib/channel/channel_args.h +34 -1
- data/src/core/lib/channel/channel_trace.cc +16 -12
- data/src/core/lib/channel/channelz.cc +159 -132
- data/src/core/lib/channel/channelz.h +42 -35
- data/src/core/lib/channel/channelz_registry.cc +23 -20
- data/src/core/lib/channel/connected_channel.cc +17 -6
- data/src/core/lib/channel/promise_based_filter.cc +0 -4
- data/src/core/lib/channel/promise_based_filter.h +2 -0
- data/src/core/lib/compression/compression_internal.cc +2 -5
- data/src/core/lib/config/config_vars.cc +20 -18
- data/src/core/lib/config/config_vars.h +4 -4
- data/src/core/lib/config/load_config.cc +13 -0
- data/src/core/lib/config/load_config.h +6 -0
- data/src/core/lib/debug/event_log.h +1 -1
- data/src/core/lib/debug/stats_data.h +1 -1
- data/src/core/lib/debug/trace.cc +24 -55
- data/src/core/lib/debug/trace.h +3 -1
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +211 -0
- data/src/core/lib/event_engine/cf_engine/cf_engine.h +86 -0
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +354 -0
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.h +146 -0
- data/src/core/lib/event_engine/cf_engine/cftype_unique_ref.h +79 -0
- data/src/core/lib/event_engine/default_event_engine.cc +13 -1
- data/src/core/lib/event_engine/default_event_engine_factory.cc +14 -2
- data/src/core/lib/event_engine/poller.h +2 -2
- data/src/core/lib/event_engine/posix.h +4 -0
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +1 -1
- data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +7 -18
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +9 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +3 -2
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +1 -2
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +4 -33
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +7 -11
- data/src/core/lib/event_engine/posix_engine/timer_manager.h +1 -1
- data/src/core/lib/event_engine/shim.cc +7 -1
- data/src/core/lib/event_engine/{thread_pool.cc → thread_pool/original_thread_pool.cc} +28 -25
- data/src/core/lib/event_engine/{thread_pool.h → thread_pool/original_thread_pool.h} +11 -15
- data/src/core/lib/event_engine/thread_pool/thread_pool.h +50 -0
- data/src/core/lib/event_engine/{executor/executor.h → thread_pool/thread_pool_factory.cc} +17 -15
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +489 -0
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +249 -0
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +166 -0
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +108 -0
- data/src/core/lib/event_engine/windows/iocp.cc +4 -3
- data/src/core/lib/event_engine/windows/iocp.h +3 -3
- data/src/core/lib/event_engine/windows/win_socket.cc +6 -6
- data/src/core/lib/event_engine/windows/win_socket.h +4 -4
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +11 -10
- data/src/core/lib/event_engine/windows/windows_endpoint.h +3 -2
- data/src/core/lib/event_engine/windows/windows_engine.cc +19 -17
- data/src/core/lib/event_engine/windows/windows_engine.h +6 -6
- data/src/core/lib/event_engine/windows/windows_listener.cc +3 -3
- data/src/core/lib/event_engine/windows/windows_listener.h +3 -2
- data/src/core/lib/event_engine/work_queue/basic_work_queue.cc +63 -0
- data/src/core/lib/event_engine/work_queue/basic_work_queue.h +71 -0
- data/src/core/lib/event_engine/work_queue/work_queue.h +62 -0
- data/src/core/lib/experiments/config.cc +38 -7
- data/src/core/lib/experiments/config.h +16 -0
- data/src/core/lib/experiments/experiments.cc +67 -20
- data/src/core/lib/experiments/experiments.h +27 -21
- data/src/core/lib/gpr/log_internal.h +55 -0
- data/src/core/lib/gprpp/crash.cc +10 -0
- data/src/core/lib/gprpp/crash.h +3 -0
- data/src/core/lib/gprpp/per_cpu.cc +33 -0
- data/src/core/lib/gprpp/per_cpu.h +29 -6
- data/src/core/lib/gprpp/time.cc +1 -0
- data/src/core/lib/iomgr/cfstream_handle.cc +1 -1
- data/src/core/lib/iomgr/endpoint_cfstream.cc +10 -8
- data/src/core/lib/iomgr/ev_apple.cc +12 -12
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +10 -3
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +15 -1
- data/src/core/lib/iomgr/iocp_windows.cc +24 -3
- data/src/core/lib/iomgr/iocp_windows.h +11 -0
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +1 -1
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +4 -2
- data/src/core/lib/iomgr/socket_windows.cc +61 -7
- data/src/core/lib/iomgr/socket_windows.h +9 -2
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +14 -3
- data/src/core/lib/iomgr/tcp_server_posix.cc +156 -140
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +1 -13
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +0 -21
- data/src/core/lib/iomgr/tcp_server_windows.cc +1 -1
- data/src/core/lib/json/json.h +2 -166
- data/src/core/lib/json/json_object_loader.cc +8 -9
- data/src/core/lib/json/json_object_loader.h +25 -18
- data/src/core/lib/json/json_reader.cc +13 -6
- data/src/core/lib/json/json_util.cc +6 -11
- data/src/core/lib/json/json_writer.cc +7 -8
- data/src/core/lib/load_balancing/lb_policy.h +13 -0
- data/src/core/lib/load_balancing/lb_policy_registry.cc +2 -1
- data/src/core/lib/matchers/matchers.cc +3 -4
- data/src/core/lib/matchers/matchers.h +2 -1
- data/src/core/lib/promise/activity.cc +5 -0
- data/src/core/lib/promise/activity.h +10 -0
- data/src/core/lib/promise/detail/promise_factory.h +1 -1
- data/src/core/lib/promise/party.cc +31 -13
- data/src/core/lib/promise/party.h +11 -2
- data/src/core/lib/promise/pipe.h +9 -2
- data/src/core/lib/promise/prioritized_race.h +95 -0
- data/src/core/lib/promise/sleep.cc +2 -1
- data/src/core/lib/resolver/server_address.cc +0 -8
- data/src/core/lib/resolver/server_address.h +0 -6
- data/src/core/lib/resource_quota/memory_quota.cc +7 -7
- data/src/core/lib/resource_quota/memory_quota.h +1 -2
- data/src/core/lib/security/authorization/audit_logging.cc +98 -0
- data/src/core/lib/security/authorization/audit_logging.h +73 -0
- data/src/core/lib/security/authorization/grpc_authorization_engine.cc +47 -2
- data/src/core/lib/security/authorization/grpc_authorization_engine.h +18 -1
- data/src/core/lib/security/authorization/rbac_policy.cc +36 -4
- data/src/core/lib/security/authorization/rbac_policy.h +19 -2
- data/src/core/lib/security/authorization/stdout_logger.cc +75 -0
- data/src/core/lib/security/authorization/stdout_logger.h +61 -0
- data/src/core/lib/security/certificate_provider/certificate_provider_factory.h +8 -4
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.cc +8 -18
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.h +14 -8
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +19 -12
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +4 -2
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +1 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +1 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +1 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +15 -14
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +4 -2
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +1 -0
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +1 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -5
- data/src/core/lib/security/util/json_util.cc +1 -0
- data/src/core/lib/service_config/service_config_call_data.h +49 -20
- data/src/core/lib/service_config/service_config_impl.cc +2 -1
- data/src/core/lib/surface/call.cc +38 -23
- data/src/core/lib/surface/completion_queue.cc +6 -2
- data/src/core/lib/surface/validate_metadata.cc +22 -37
- data/src/core/lib/surface/validate_metadata.h +3 -13
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/batch_builder.cc +15 -12
- data/src/core/lib/transport/batch_builder.h +39 -35
- data/src/core/plugin_registry/grpc_plugin_registry.cc +0 -2
- data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +2 -0
- data/src/ruby/ext/grpc/extconf.rb +8 -9
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +10 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +7 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +6 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +5 -9
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +31 -22
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +29 -26
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +189 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.c +62 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_openbsd.c +31 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +6 -4
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +795 -795
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +18 -6
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +15 -7
- data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +24 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +74 -74
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +11 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.c +12 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +14 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +10 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +23 -23
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/{hkdf → fipsmodule/hkdf}/hkdf.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +2 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +115 -133
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +12 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +57 -47
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/polyval.c +27 -28
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -23
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +21 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +5 -288
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +143 -83
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +95 -183
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +71 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +33 -0
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +162 -6
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +18 -0
- data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +18 -11
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +6 -13
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +18 -14
- data/third_party/boringssl-with-bazel/src/crypto/{refcount_lock.c → refcount_no_threads.c} +3 -13
- data/third_party/boringssl-with-bazel/src/crypto/refcount_win.c +89 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/internal.h +77 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_crypt.c +568 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +62 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +218 -44
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +35 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +588 -39
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +27 -18
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +17 -39
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +39 -48
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +0 -140
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +72 -23
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +11 -14
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +33 -46
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +3 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +14 -46
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +14 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +17 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +5 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +6 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +32 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +0 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +1 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +3 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +28 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +2 -11
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +0 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +91 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +149 -20
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +8 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +774 -615
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +42 -10
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +11 -6
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +2 -4
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +24 -16
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +65 -18
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +37 -18
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +187 -193
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +13 -129
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +85 -10
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +17 -4
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +27 -19
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +5 -21
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +5 -2
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_msvc.h +1281 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64_msvc.h +2002 -0
- data/third_party/cares/cares/include/ares.h +23 -1
- data/third_party/cares/cares/{src/lib → include}/ares_nameser.h +9 -7
- data/third_party/cares/cares/include/ares_rules.h +2 -2
- data/third_party/cares/cares/include/ares_version.h +3 -3
- data/third_party/cares/cares/src/lib/ares__addrinfo2hostent.c +266 -0
- data/third_party/cares/cares/src/lib/ares__addrinfo_localhost.c +240 -0
- data/third_party/cares/cares/src/lib/ares__parse_into_addrinfo.c +49 -80
- data/third_party/cares/cares/src/lib/ares__readaddrinfo.c +37 -43
- data/third_party/cares/cares/src/lib/ares__sortaddrinfo.c +12 -4
- data/third_party/cares/cares/src/lib/ares_data.c +16 -0
- data/third_party/cares/cares/src/lib/ares_data.h +7 -0
- data/third_party/cares/cares/src/lib/ares_destroy.c +8 -0
- data/third_party/cares/cares/src/lib/ares_expand_name.c +17 -6
- data/third_party/cares/cares/src/lib/ares_freeaddrinfo.c +1 -0
- data/third_party/cares/cares/src/lib/ares_getaddrinfo.c +156 -78
- data/third_party/cares/cares/src/lib/ares_gethostbyname.c +130 -326
- data/third_party/cares/cares/src/lib/ares_init.c +97 -485
- data/third_party/cares/cares/src/lib/ares_library_init.c +2 -89
- data/third_party/cares/cares/src/lib/ares_parse_a_reply.c +23 -142
- data/third_party/cares/cares/src/lib/ares_parse_aaaa_reply.c +22 -142
- data/third_party/cares/cares/src/lib/ares_parse_uri_reply.c +184 -0
- data/third_party/cares/cares/src/lib/ares_private.h +30 -16
- data/third_party/cares/cares/src/lib/ares_process.c +55 -16
- data/third_party/cares/cares/src/lib/ares_query.c +1 -35
- data/third_party/cares/cares/src/lib/ares_rand.c +279 -0
- data/third_party/cares/cares/src/lib/ares_send.c +5 -7
- data/third_party/cares/cares/src/lib/ares_strdup.c +12 -19
- data/third_party/cares/cares/src/lib/ares_strsplit.c +44 -128
- data/third_party/cares/cares/src/lib/ares_strsplit.h +9 -10
- data/third_party/cares/cares/src/lib/inet_net_pton.c +78 -116
- data/third_party/cares/cares/src/tools/ares_getopt.h +53 -0
- metadata +50 -16
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +0 -175
- data/src/core/ext/filters/client_channel/health/health_check_client.h +0 -43
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.cc +0 -176
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +0 -325
- data/third_party/cares/cares/src/lib/ares_library_init.h +0 -43
@@ -91,6 +91,8 @@ extern "C" {
|
|
91
91
|
// be the largest fields anyone plausibly uses.
|
92
92
|
#define EC_MAX_BYTES 66
|
93
93
|
#define EC_MAX_WORDS ((EC_MAX_BYTES + BN_BYTES - 1) / BN_BYTES)
|
94
|
+
#define EC_MAX_COMPRESSED (EC_MAX_BYTES + 1)
|
95
|
+
#define EC_MAX_UNCOMPRESSED (2 * EC_MAX_BYTES + 1)
|
94
96
|
|
95
97
|
static_assert(EC_MAX_WORDS <= BN_SMALL_MAX_WORDS,
|
96
98
|
"bn_*_small functions not usable");
|
@@ -119,8 +121,8 @@ OPENSSL_EXPORT void ec_scalar_to_bytes(const EC_GROUP *group, uint8_t *out,
|
|
119
121
|
// ec_scalar_from_bytes deserializes |in| and stores the resulting scalar over
|
120
122
|
// group |group| to |out|. It returns one on success and zero if |in| is
|
121
123
|
// invalid.
|
122
|
-
int ec_scalar_from_bytes(const EC_GROUP *group, EC_SCALAR *out,
|
123
|
-
|
124
|
+
OPENSSL_EXPORT int ec_scalar_from_bytes(const EC_GROUP *group, EC_SCALAR *out,
|
125
|
+
const uint8_t *in, size_t len);
|
124
126
|
|
125
127
|
// ec_scalar_reduce sets |out| to |words|, reduced modulo the group order.
|
126
128
|
// |words| must be less than order^2. |num| must be at most twice the width of
|
@@ -241,16 +243,14 @@ int ec_felem_equal(const EC_GROUP *group, const EC_FELEM *a, const EC_FELEM *b);
|
|
241
243
|
// Points.
|
242
244
|
//
|
243
245
|
// Points may represented in affine coordinates as |EC_AFFINE| or Jacobian
|
244
|
-
// coordinates as |
|
246
|
+
// coordinates as |EC_JACOBIAN|. Affine coordinates directly represent a
|
245
247
|
// point on the curve, but point addition over affine coordinates requires
|
246
248
|
// costly field inversions, so arithmetic is done in Jacobian coordinates.
|
247
249
|
// Converting from affine to Jacobian is cheap, while converting from Jacobian
|
248
250
|
// to affine costs a field inversion. (Jacobian coordinates amortize the field
|
249
251
|
// inversions needed in a sequence of point operations.)
|
250
|
-
//
|
251
|
-
// TODO(davidben): Rename |EC_RAW_POINT| to |EC_JACOBIAN|.
|
252
252
|
|
253
|
-
// An
|
253
|
+
// An EC_JACOBIAN represents an elliptic curve point in Jacobian coordinates.
|
254
254
|
// Unlike |EC_POINT|, it is a plain struct which can be stack-allocated and
|
255
255
|
// needs no cleanup. It is specific to an |EC_GROUP| and must not be mixed
|
256
256
|
// between groups.
|
@@ -258,7 +258,7 @@ typedef struct {
|
|
258
258
|
// X, Y, and Z are Jacobian projective coordinates. They represent
|
259
259
|
// (X/Z^2, Y/Z^3) if Z != 0 and the point at infinity otherwise.
|
260
260
|
EC_FELEM X, Y, Z;
|
261
|
-
}
|
261
|
+
} EC_JACOBIAN;
|
262
262
|
|
263
263
|
// An EC_AFFINE represents an elliptic curve point in affine coordinates.
|
264
264
|
// coordinates. Note the point at infinity cannot be represented in affine
|
@@ -269,7 +269,7 @@ typedef struct {
|
|
269
269
|
|
270
270
|
// ec_affine_to_jacobian converts |p| to Jacobian form and writes the result to
|
271
271
|
// |*out|. This operation is very cheap and only costs a few copies.
|
272
|
-
void ec_affine_to_jacobian(const EC_GROUP *group,
|
272
|
+
void ec_affine_to_jacobian(const EC_GROUP *group, EC_JACOBIAN *out,
|
273
273
|
const EC_AFFINE *p);
|
274
274
|
|
275
275
|
// ec_jacobian_to_affine converts |p| to affine form and writes the result to
|
@@ -279,8 +279,8 @@ void ec_affine_to_jacobian(const EC_GROUP *group, EC_RAW_POINT *out,
|
|
279
279
|
//
|
280
280
|
// If only extracting the x-coordinate, use |ec_get_x_coordinate_*| which is
|
281
281
|
// slightly faster.
|
282
|
-
int ec_jacobian_to_affine(const EC_GROUP *group, EC_AFFINE *out,
|
283
|
-
|
282
|
+
OPENSSL_EXPORT int ec_jacobian_to_affine(const EC_GROUP *group, EC_AFFINE *out,
|
283
|
+
const EC_JACOBIAN *p);
|
284
284
|
|
285
285
|
// ec_jacobian_to_affine_batch converts |num| points in |in| from Jacobian
|
286
286
|
// coordinates to affine coordinates and writes the results to |out|. It returns
|
@@ -289,7 +289,7 @@ int ec_jacobian_to_affine(const EC_GROUP *group, EC_AFFINE *out,
|
|
289
289
|
// This function is not implemented for all curves. Add implementations as
|
290
290
|
// needed.
|
291
291
|
int ec_jacobian_to_affine_batch(const EC_GROUP *group, EC_AFFINE *out,
|
292
|
-
const
|
292
|
+
const EC_JACOBIAN *in, size_t num);
|
293
293
|
|
294
294
|
// ec_point_set_affine_coordinates sets |out|'s to a point with affine
|
295
295
|
// coordinates |x| and |y|. It returns one if the point is on the curve and
|
@@ -307,12 +307,12 @@ int ec_point_mul_no_self_test(const EC_GROUP *group, EC_POINT *r,
|
|
307
307
|
|
308
308
|
// ec_point_mul_scalar sets |r| to |p| * |scalar|. Both inputs are considered
|
309
309
|
// secret.
|
310
|
-
int ec_point_mul_scalar(const EC_GROUP *group,
|
311
|
-
const
|
310
|
+
int ec_point_mul_scalar(const EC_GROUP *group, EC_JACOBIAN *r,
|
311
|
+
const EC_JACOBIAN *p, const EC_SCALAR *scalar);
|
312
312
|
|
313
313
|
// ec_point_mul_scalar_base sets |r| to generator * |scalar|. |scalar| is
|
314
314
|
// treated as secret.
|
315
|
-
int ec_point_mul_scalar_base(const EC_GROUP *group,
|
315
|
+
int ec_point_mul_scalar_base(const EC_GROUP *group, EC_JACOBIAN *r,
|
316
316
|
const EC_SCALAR *scalar);
|
317
317
|
|
318
318
|
// ec_point_mul_scalar_batch sets |r| to |p0| * |scalar0| + |p1| * |scalar1| +
|
@@ -333,10 +333,10 @@ int ec_point_mul_scalar_base(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
333
333
|
// none. If generalizing to tuned curves, this may be useful. However, we still
|
334
334
|
// must double up to the least efficient input, so precomputed tables can only
|
335
335
|
// save table setup and allow a wider window size.
|
336
|
-
int ec_point_mul_scalar_batch(const EC_GROUP *group,
|
337
|
-
const
|
338
|
-
const
|
339
|
-
const
|
336
|
+
int ec_point_mul_scalar_batch(const EC_GROUP *group, EC_JACOBIAN *r,
|
337
|
+
const EC_JACOBIAN *p0, const EC_SCALAR *scalar0,
|
338
|
+
const EC_JACOBIAN *p1, const EC_SCALAR *scalar1,
|
339
|
+
const EC_JACOBIAN *p2, const EC_SCALAR *scalar2);
|
340
340
|
|
341
341
|
#define EC_MONT_PRECOMP_COMB_SIZE 5
|
342
342
|
|
@@ -355,7 +355,7 @@ typedef union {
|
|
355
355
|
// This function is not implemented for all curves. Add implementations as
|
356
356
|
// needed.
|
357
357
|
int ec_init_precomp(const EC_GROUP *group, EC_PRECOMP *out,
|
358
|
-
const
|
358
|
+
const EC_JACOBIAN *p);
|
359
359
|
|
360
360
|
// ec_point_mul_scalar_precomp sets |r| to |p0| * |scalar0| + |p1| * |scalar1| +
|
361
361
|
// |p2| * |scalar2|. |p1| or |p2| may be NULL to skip the corresponding term.
|
@@ -379,7 +379,7 @@ int ec_init_precomp(const EC_GROUP *group, EC_PRECOMP *out,
|
|
379
379
|
// none. If generalizing to tuned curves, we should add a parameter for the base
|
380
380
|
// point and arrange for the generic implementation to have base point tables
|
381
381
|
// available.
|
382
|
-
int ec_point_mul_scalar_precomp(const EC_GROUP *group,
|
382
|
+
int ec_point_mul_scalar_precomp(const EC_GROUP *group, EC_JACOBIAN *r,
|
383
383
|
const EC_PRECOMP *p0, const EC_SCALAR *scalar0,
|
384
384
|
const EC_PRECOMP *p1, const EC_SCALAR *scalar1,
|
385
385
|
const EC_PRECOMP *p2, const EC_SCALAR *scalar2);
|
@@ -388,9 +388,9 @@ int ec_point_mul_scalar_precomp(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
388
388
|
// generator * |g_scalar| + |p| * |p_scalar|. It assumes that the inputs are
|
389
389
|
// public so there is no concern about leaking their values through timing.
|
390
390
|
OPENSSL_EXPORT int ec_point_mul_scalar_public(const EC_GROUP *group,
|
391
|
-
|
391
|
+
EC_JACOBIAN *r,
|
392
392
|
const EC_SCALAR *g_scalar,
|
393
|
-
const
|
393
|
+
const EC_JACOBIAN *p,
|
394
394
|
const EC_SCALAR *p_scalar);
|
395
395
|
|
396
396
|
// ec_point_mul_scalar_public_batch sets |r| to the sum of generator *
|
@@ -401,15 +401,15 @@ OPENSSL_EXPORT int ec_point_mul_scalar_public(const EC_GROUP *group,
|
|
401
401
|
//
|
402
402
|
// This function is not implemented for all curves. Add implementations as
|
403
403
|
// needed.
|
404
|
-
int ec_point_mul_scalar_public_batch(const EC_GROUP *group,
|
404
|
+
int ec_point_mul_scalar_public_batch(const EC_GROUP *group, EC_JACOBIAN *r,
|
405
405
|
const EC_SCALAR *g_scalar,
|
406
|
-
const
|
406
|
+
const EC_JACOBIAN *points,
|
407
407
|
const EC_SCALAR *scalars, size_t num);
|
408
408
|
|
409
409
|
// ec_point_select, in constant time, sets |out| to |a| if |mask| is all ones
|
410
410
|
// and |b| if |mask| is all zeros.
|
411
|
-
void ec_point_select(const EC_GROUP *group,
|
412
|
-
const
|
411
|
+
void ec_point_select(const EC_GROUP *group, EC_JACOBIAN *out, BN_ULONG mask,
|
412
|
+
const EC_JACOBIAN *a, const EC_JACOBIAN *b);
|
413
413
|
|
414
414
|
// ec_affine_select behaves like |ec_point_select| but acts on affine points.
|
415
415
|
void ec_affine_select(const EC_GROUP *group, EC_AFFINE *out, BN_ULONG mask,
|
@@ -422,14 +422,14 @@ void ec_precomp_select(const EC_GROUP *group, EC_PRECOMP *out, BN_ULONG mask,
|
|
422
422
|
// ec_cmp_x_coordinate compares the x (affine) coordinate of |p|, mod the group
|
423
423
|
// order, with |r|. It returns one if the values match and zero if |p| is the
|
424
424
|
// point at infinity of the values do not match.
|
425
|
-
int ec_cmp_x_coordinate(const EC_GROUP *group, const
|
425
|
+
int ec_cmp_x_coordinate(const EC_GROUP *group, const EC_JACOBIAN *p,
|
426
426
|
const EC_SCALAR *r);
|
427
427
|
|
428
428
|
// ec_get_x_coordinate_as_scalar sets |*out| to |p|'s x-coordinate, modulo
|
429
429
|
// |group->order|. It returns one on success and zero if |p| is the point at
|
430
430
|
// infinity.
|
431
431
|
int ec_get_x_coordinate_as_scalar(const EC_GROUP *group, EC_SCALAR *out,
|
432
|
-
const
|
432
|
+
const EC_JACOBIAN *p);
|
433
433
|
|
434
434
|
// ec_get_x_coordinate_as_bytes writes |p|'s affine x-coordinate to |out|, which
|
435
435
|
// must have at must |max_out| bytes. It sets |*out_len| to the number of bytes
|
@@ -437,7 +437,7 @@ int ec_get_x_coordinate_as_scalar(const EC_GROUP *group, EC_SCALAR *out,
|
|
437
437
|
// field. This function returns one on success and zero on failure.
|
438
438
|
int ec_get_x_coordinate_as_bytes(const EC_GROUP *group, uint8_t *out,
|
439
439
|
size_t *out_len, size_t max_out,
|
440
|
-
const
|
440
|
+
const EC_JACOBIAN *p);
|
441
441
|
|
442
442
|
// ec_point_byte_len returns the number of bytes in the byte representation of
|
443
443
|
// a non-infinity point in |group|, encoded according to |form|, or zero if
|
@@ -461,12 +461,12 @@ int ec_point_from_uncompressed(const EC_GROUP *group, EC_AFFINE *out,
|
|
461
461
|
// ec_set_to_safe_point sets |out| to an arbitrary point on |group|, either the
|
462
462
|
// generator or the point at infinity. This is used to guard against callers of
|
463
463
|
// external APIs not checking the return value.
|
464
|
-
void ec_set_to_safe_point(const EC_GROUP *group,
|
464
|
+
void ec_set_to_safe_point(const EC_GROUP *group, EC_JACOBIAN *out);
|
465
465
|
|
466
466
|
// ec_affine_jacobian_equal returns one if |a| and |b| represent the same point
|
467
467
|
// and zero otherwise. It treats both inputs as secret.
|
468
468
|
int ec_affine_jacobian_equal(const EC_GROUP *group, const EC_AFFINE *a,
|
469
|
-
const
|
469
|
+
const EC_JACOBIAN *b);
|
470
470
|
|
471
471
|
|
472
472
|
// Implementation details.
|
@@ -480,48 +480,48 @@ struct ec_method_st {
|
|
480
480
|
// point_get_affine_coordinates sets |*x| and |*y| to the affine coordinates
|
481
481
|
// of |p|. Either |x| or |y| may be NULL to omit it. It returns one on success
|
482
482
|
// and zero if |p| is the point at infinity.
|
483
|
-
int (*point_get_affine_coordinates)(const EC_GROUP *, const
|
483
|
+
int (*point_get_affine_coordinates)(const EC_GROUP *, const EC_JACOBIAN *p,
|
484
484
|
EC_FELEM *x, EC_FELEM *y);
|
485
485
|
|
486
486
|
// jacobian_to_affine_batch implements |ec_jacobian_to_affine_batch|.
|
487
487
|
int (*jacobian_to_affine_batch)(const EC_GROUP *group, EC_AFFINE *out,
|
488
|
-
const
|
488
|
+
const EC_JACOBIAN *in, size_t num);
|
489
489
|
|
490
490
|
// add sets |r| to |a| + |b|.
|
491
|
-
void (*add)(const EC_GROUP *group,
|
492
|
-
const
|
491
|
+
void (*add)(const EC_GROUP *group, EC_JACOBIAN *r, const EC_JACOBIAN *a,
|
492
|
+
const EC_JACOBIAN *b);
|
493
493
|
// dbl sets |r| to |a| + |a|.
|
494
|
-
void (*dbl)(const EC_GROUP *group,
|
494
|
+
void (*dbl)(const EC_GROUP *group, EC_JACOBIAN *r, const EC_JACOBIAN *a);
|
495
495
|
|
496
496
|
// mul sets |r| to |scalar|*|p|.
|
497
|
-
void (*mul)(const EC_GROUP *group,
|
497
|
+
void (*mul)(const EC_GROUP *group, EC_JACOBIAN *r, const EC_JACOBIAN *p,
|
498
498
|
const EC_SCALAR *scalar);
|
499
499
|
// mul_base sets |r| to |scalar|*generator.
|
500
|
-
void (*mul_base)(const EC_GROUP *group,
|
500
|
+
void (*mul_base)(const EC_GROUP *group, EC_JACOBIAN *r,
|
501
501
|
const EC_SCALAR *scalar);
|
502
502
|
// mul_batch implements |ec_mul_scalar_batch|.
|
503
|
-
void (*mul_batch)(const EC_GROUP *group,
|
504
|
-
const
|
505
|
-
const
|
506
|
-
const
|
503
|
+
void (*mul_batch)(const EC_GROUP *group, EC_JACOBIAN *r,
|
504
|
+
const EC_JACOBIAN *p0, const EC_SCALAR *scalar0,
|
505
|
+
const EC_JACOBIAN *p1, const EC_SCALAR *scalar1,
|
506
|
+
const EC_JACOBIAN *p2, const EC_SCALAR *scalar2);
|
507
507
|
// mul_public sets |r| to |g_scalar|*generator + |p_scalar|*|p|. It assumes
|
508
508
|
// that the inputs are public so there is no concern about leaking their
|
509
509
|
// values through timing.
|
510
510
|
//
|
511
511
|
// This function may be omitted if |mul_public_batch| is provided.
|
512
|
-
void (*mul_public)(const EC_GROUP *group,
|
513
|
-
const EC_SCALAR *g_scalar, const
|
512
|
+
void (*mul_public)(const EC_GROUP *group, EC_JACOBIAN *r,
|
513
|
+
const EC_SCALAR *g_scalar, const EC_JACOBIAN *p,
|
514
514
|
const EC_SCALAR *p_scalar);
|
515
515
|
// mul_public_batch implements |ec_point_mul_scalar_public_batch|.
|
516
|
-
int (*mul_public_batch)(const EC_GROUP *group,
|
517
|
-
const EC_SCALAR *g_scalar, const
|
516
|
+
int (*mul_public_batch)(const EC_GROUP *group, EC_JACOBIAN *r,
|
517
|
+
const EC_SCALAR *g_scalar, const EC_JACOBIAN *points,
|
518
518
|
const EC_SCALAR *scalars, size_t num);
|
519
519
|
|
520
520
|
// init_precomp implements |ec_init_precomp|.
|
521
521
|
int (*init_precomp)(const EC_GROUP *group, EC_PRECOMP *out,
|
522
|
-
const
|
522
|
+
const EC_JACOBIAN *p);
|
523
523
|
// mul_precomp implements |ec_point_mul_scalar_precomp|.
|
524
|
-
void (*mul_precomp)(const EC_GROUP *group,
|
524
|
+
void (*mul_precomp)(const EC_GROUP *group, EC_JACOBIAN *r,
|
525
525
|
const EC_PRECOMP *p0, const EC_SCALAR *scalar0,
|
526
526
|
const EC_PRECOMP *p1, const EC_SCALAR *scalar1,
|
527
527
|
const EC_PRECOMP *p2, const EC_SCALAR *scalar2);
|
@@ -581,7 +581,7 @@ struct ec_method_st {
|
|
581
581
|
// cmp_x_coordinate compares the x (affine) coordinate of |p|, mod the group
|
582
582
|
// order, with |r|. It returns one if the values match and zero if |p| is the
|
583
583
|
// point at infinity of the values do not match.
|
584
|
-
int (*cmp_x_coordinate)(const EC_GROUP *group, const
|
584
|
+
int (*cmp_x_coordinate)(const EC_GROUP *group, const EC_JACOBIAN *p,
|
585
585
|
const EC_SCALAR *r);
|
586
586
|
} /* EC_METHOD */;
|
587
587
|
|
@@ -635,24 +635,24 @@ struct ec_point_st {
|
|
635
635
|
EC_GROUP *group;
|
636
636
|
// raw is the group-specific point data. Functions that take |EC_POINT|
|
637
637
|
// typically check consistency with |EC_GROUP| while functions that take
|
638
|
-
// |
|
638
|
+
// |EC_JACOBIAN| do not. Thus accesses to this field should be externally
|
639
639
|
// checked for consistency.
|
640
|
-
|
640
|
+
EC_JACOBIAN raw;
|
641
641
|
} /* EC_POINT */;
|
642
642
|
|
643
643
|
EC_GROUP *ec_group_new(const EC_METHOD *meth);
|
644
644
|
|
645
|
-
void ec_GFp_mont_mul(const EC_GROUP *group,
|
646
|
-
const
|
647
|
-
void ec_GFp_mont_mul_base(const EC_GROUP *group,
|
645
|
+
void ec_GFp_mont_mul(const EC_GROUP *group, EC_JACOBIAN *r,
|
646
|
+
const EC_JACOBIAN *p, const EC_SCALAR *scalar);
|
647
|
+
void ec_GFp_mont_mul_base(const EC_GROUP *group, EC_JACOBIAN *r,
|
648
648
|
const EC_SCALAR *scalar);
|
649
|
-
void ec_GFp_mont_mul_batch(const EC_GROUP *group,
|
650
|
-
const
|
651
|
-
const
|
652
|
-
const
|
649
|
+
void ec_GFp_mont_mul_batch(const EC_GROUP *group, EC_JACOBIAN *r,
|
650
|
+
const EC_JACOBIAN *p0, const EC_SCALAR *scalar0,
|
651
|
+
const EC_JACOBIAN *p1, const EC_SCALAR *scalar1,
|
652
|
+
const EC_JACOBIAN *p2, const EC_SCALAR *scalar2);
|
653
653
|
int ec_GFp_mont_init_precomp(const EC_GROUP *group, EC_PRECOMP *out,
|
654
|
-
const
|
655
|
-
void ec_GFp_mont_mul_precomp(const EC_GROUP *group,
|
654
|
+
const EC_JACOBIAN *p);
|
655
|
+
void ec_GFp_mont_mul_precomp(const EC_GROUP *group, EC_JACOBIAN *r,
|
656
656
|
const EC_PRECOMP *p0, const EC_SCALAR *scalar0,
|
657
657
|
const EC_PRECOMP *p1, const EC_SCALAR *scalar1,
|
658
658
|
const EC_PRECOMP *p2, const EC_SCALAR *scalar2);
|
@@ -673,9 +673,9 @@ void ec_GFp_mont_felem_exp(const EC_GROUP *group, EC_FELEM *out,
|
|
673
673
|
void ec_compute_wNAF(const EC_GROUP *group, int8_t *out,
|
674
674
|
const EC_SCALAR *scalar, size_t bits, int w);
|
675
675
|
|
676
|
-
int ec_GFp_mont_mul_public_batch(const EC_GROUP *group,
|
676
|
+
int ec_GFp_mont_mul_public_batch(const EC_GROUP *group, EC_JACOBIAN *r,
|
677
677
|
const EC_SCALAR *g_scalar,
|
678
|
-
const
|
678
|
+
const EC_JACOBIAN *points,
|
679
679
|
const EC_SCALAR *scalars, size_t num);
|
680
680
|
|
681
681
|
// method functions in simple.c
|
@@ -685,17 +685,17 @@ int ec_GFp_simple_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a,
|
|
685
685
|
const BIGNUM *b, BN_CTX *);
|
686
686
|
int ec_GFp_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a,
|
687
687
|
BIGNUM *b);
|
688
|
-
void ec_GFp_simple_point_init(
|
689
|
-
void ec_GFp_simple_point_copy(
|
690
|
-
void ec_GFp_simple_point_set_to_infinity(const EC_GROUP *,
|
691
|
-
void ec_GFp_mont_add(const EC_GROUP *,
|
692
|
-
const
|
693
|
-
void ec_GFp_mont_dbl(const EC_GROUP *,
|
694
|
-
void ec_GFp_simple_invert(const EC_GROUP *,
|
695
|
-
int ec_GFp_simple_is_at_infinity(const EC_GROUP *, const
|
696
|
-
int ec_GFp_simple_is_on_curve(const EC_GROUP *, const
|
697
|
-
int ec_GFp_simple_points_equal(const EC_GROUP *, const
|
698
|
-
const
|
688
|
+
void ec_GFp_simple_point_init(EC_JACOBIAN *);
|
689
|
+
void ec_GFp_simple_point_copy(EC_JACOBIAN *, const EC_JACOBIAN *);
|
690
|
+
void ec_GFp_simple_point_set_to_infinity(const EC_GROUP *, EC_JACOBIAN *);
|
691
|
+
void ec_GFp_mont_add(const EC_GROUP *, EC_JACOBIAN *r, const EC_JACOBIAN *a,
|
692
|
+
const EC_JACOBIAN *b);
|
693
|
+
void ec_GFp_mont_dbl(const EC_GROUP *, EC_JACOBIAN *r, const EC_JACOBIAN *a);
|
694
|
+
void ec_GFp_simple_invert(const EC_GROUP *, EC_JACOBIAN *);
|
695
|
+
int ec_GFp_simple_is_at_infinity(const EC_GROUP *, const EC_JACOBIAN *);
|
696
|
+
int ec_GFp_simple_is_on_curve(const EC_GROUP *, const EC_JACOBIAN *);
|
697
|
+
int ec_GFp_simple_points_equal(const EC_GROUP *, const EC_JACOBIAN *a,
|
698
|
+
const EC_JACOBIAN *b);
|
699
699
|
void ec_simple_scalar_inv0_montgomery(const EC_GROUP *group, EC_SCALAR *r,
|
700
700
|
const EC_SCALAR *a);
|
701
701
|
|
@@ -703,7 +703,7 @@ int ec_simple_scalar_to_montgomery_inv_vartime(const EC_GROUP *group,
|
|
703
703
|
EC_SCALAR *r,
|
704
704
|
const EC_SCALAR *a);
|
705
705
|
|
706
|
-
int ec_GFp_simple_cmp_x_coordinate(const EC_GROUP *group, const
|
706
|
+
int ec_GFp_simple_cmp_x_coordinate(const EC_GROUP *group, const EC_JACOBIAN *p,
|
707
707
|
const EC_SCALAR *r);
|
708
708
|
|
709
709
|
void ec_GFp_simple_felem_to_bytes(const EC_GROUP *group, uint8_t *out,
|
@@ -320,8 +320,7 @@ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
|
|
320
320
|
}
|
321
321
|
|
322
322
|
if (!BN_mod_sqrt(y, tmp1, &group->field, ctx)) {
|
323
|
-
|
324
|
-
|
323
|
+
uint32_t err = ERR_peek_last_error();
|
325
324
|
if (ERR_GET_LIB(err) == ERR_LIB_BN &&
|
326
325
|
ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE) {
|
327
326
|
ERR_clear_error();
|
@@ -860,7 +860,7 @@ static crypto_word_t p224_get_bit(const EC_SCALAR *in, size_t i) {
|
|
860
860
|
// Takes the Jacobian coordinates (X, Y, Z) of a point and returns
|
861
861
|
// (X', Y') = (X/Z^2, Y/Z^3)
|
862
862
|
static int ec_GFp_nistp224_point_get_affine_coordinates(
|
863
|
-
const EC_GROUP *group, const
|
863
|
+
const EC_GROUP *group, const EC_JACOBIAN *point, EC_FELEM *x,
|
864
864
|
EC_FELEM *y) {
|
865
865
|
if (ec_GFp_simple_is_at_infinity(group, point)) {
|
866
866
|
OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY);
|
@@ -895,8 +895,8 @@ static int ec_GFp_nistp224_point_get_affine_coordinates(
|
|
895
895
|
return 1;
|
896
896
|
}
|
897
897
|
|
898
|
-
static void ec_GFp_nistp224_add(const EC_GROUP *group,
|
899
|
-
const
|
898
|
+
static void ec_GFp_nistp224_add(const EC_GROUP *group, EC_JACOBIAN *r,
|
899
|
+
const EC_JACOBIAN *a, const EC_JACOBIAN *b) {
|
900
900
|
p224_felem x1, y1, z1, x2, y2, z2;
|
901
901
|
p224_generic_to_felem(x1, &a->X);
|
902
902
|
p224_generic_to_felem(y1, &a->Y);
|
@@ -911,8 +911,8 @@ static void ec_GFp_nistp224_add(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
911
911
|
p224_felem_to_generic(&r->Z, z1);
|
912
912
|
}
|
913
913
|
|
914
|
-
static void ec_GFp_nistp224_dbl(const EC_GROUP *group,
|
915
|
-
const
|
914
|
+
static void ec_GFp_nistp224_dbl(const EC_GROUP *group, EC_JACOBIAN *r,
|
915
|
+
const EC_JACOBIAN *a) {
|
916
916
|
p224_felem x, y, z;
|
917
917
|
p224_generic_to_felem(x, &a->X);
|
918
918
|
p224_generic_to_felem(y, &a->Y);
|
@@ -925,7 +925,7 @@ static void ec_GFp_nistp224_dbl(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
925
925
|
}
|
926
926
|
|
927
927
|
static void ec_GFp_nistp224_make_precomp(p224_felem out[17][3],
|
928
|
-
const
|
928
|
+
const EC_JACOBIAN *p) {
|
929
929
|
OPENSSL_memset(out[0], 0, sizeof(p224_felem) * 3);
|
930
930
|
|
931
931
|
p224_generic_to_felem(out[1][0], &p->X);
|
@@ -943,8 +943,8 @@ static void ec_GFp_nistp224_make_precomp(p224_felem out[17][3],
|
|
943
943
|
}
|
944
944
|
}
|
945
945
|
|
946
|
-
static void ec_GFp_nistp224_point_mul(const EC_GROUP *group,
|
947
|
-
const
|
946
|
+
static void ec_GFp_nistp224_point_mul(const EC_GROUP *group, EC_JACOBIAN *r,
|
947
|
+
const EC_JACOBIAN *p,
|
948
948
|
const EC_SCALAR *scalar) {
|
949
949
|
p224_felem p_pre_comp[17][3];
|
950
950
|
ec_GFp_nistp224_make_precomp(p_pre_comp, p);
|
@@ -992,7 +992,7 @@ static void ec_GFp_nistp224_point_mul(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
992
992
|
}
|
993
993
|
|
994
994
|
static void ec_GFp_nistp224_point_mul_base(const EC_GROUP *group,
|
995
|
-
|
995
|
+
EC_JACOBIAN *r,
|
996
996
|
const EC_SCALAR *scalar) {
|
997
997
|
// Set nq to the point at infinity.
|
998
998
|
p224_felem nq[3], tmp[3];
|
@@ -1039,9 +1039,9 @@ static void ec_GFp_nistp224_point_mul_base(const EC_GROUP *group,
|
|
1039
1039
|
}
|
1040
1040
|
|
1041
1041
|
static void ec_GFp_nistp224_point_mul_public(const EC_GROUP *group,
|
1042
|
-
|
1042
|
+
EC_JACOBIAN *r,
|
1043
1043
|
const EC_SCALAR *g_scalar,
|
1044
|
-
const
|
1044
|
+
const EC_JACOBIAN *p,
|
1045
1045
|
const EC_SCALAR *p_scalar) {
|
1046
1046
|
// TODO(davidben): If P-224 ECDSA verify performance ever matters, using
|
1047
1047
|
// |ec_compute_wNAF| for |p_scalar| would likely be an easy improvement.
|
@@ -187,7 +187,7 @@ static void ecp_nistz256_mod_inverse_sqr_mont(BN_ULONG r[P256_LIMBS],
|
|
187
187
|
|
188
188
|
// r = p * p_scalar
|
189
189
|
static void ecp_nistz256_windowed_mul(const EC_GROUP *group, P256_POINT *r,
|
190
|
-
const
|
190
|
+
const EC_JACOBIAN *p,
|
191
191
|
const EC_SCALAR *p_scalar) {
|
192
192
|
assert(p != NULL);
|
193
193
|
assert(p_scalar != NULL);
|
@@ -299,8 +299,8 @@ static crypto_word_t calc_wvalue(size_t *index, const uint8_t p_str[33]) {
|
|
299
299
|
return booth_recode_w7(wvalue);
|
300
300
|
}
|
301
301
|
|
302
|
-
static void ecp_nistz256_point_mul(const EC_GROUP *group,
|
303
|
-
const
|
302
|
+
static void ecp_nistz256_point_mul(const EC_GROUP *group, EC_JACOBIAN *r,
|
303
|
+
const EC_JACOBIAN *p,
|
304
304
|
const EC_SCALAR *scalar) {
|
305
305
|
alignas(32) P256_POINT out;
|
306
306
|
ecp_nistz256_windowed_mul(group, &out, p, scalar);
|
@@ -311,7 +311,7 @@ static void ecp_nistz256_point_mul(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
311
311
|
OPENSSL_memcpy(r->Z.words, out.Z, P256_LIMBS * sizeof(BN_ULONG));
|
312
312
|
}
|
313
313
|
|
314
|
-
static void ecp_nistz256_point_mul_base(const EC_GROUP *group,
|
314
|
+
static void ecp_nistz256_point_mul_base(const EC_GROUP *group, EC_JACOBIAN *r,
|
315
315
|
const EC_SCALAR *scalar) {
|
316
316
|
uint8_t p_str[33];
|
317
317
|
OPENSSL_memcpy(p_str, scalar->words, 32);
|
@@ -356,9 +356,9 @@ static void ecp_nistz256_point_mul_base(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
356
356
|
}
|
357
357
|
|
358
358
|
static void ecp_nistz256_points_mul_public(const EC_GROUP *group,
|
359
|
-
|
359
|
+
EC_JACOBIAN *r,
|
360
360
|
const EC_SCALAR *g_scalar,
|
361
|
-
const
|
361
|
+
const EC_JACOBIAN *p_,
|
362
362
|
const EC_SCALAR *p_scalar) {
|
363
363
|
assert(p_ != NULL && p_scalar != NULL && g_scalar != NULL);
|
364
364
|
|
@@ -420,7 +420,7 @@ static void ecp_nistz256_points_mul_public(const EC_GROUP *group,
|
|
420
420
|
}
|
421
421
|
|
422
422
|
static int ecp_nistz256_get_affine(const EC_GROUP *group,
|
423
|
-
const
|
423
|
+
const EC_JACOBIAN *point, EC_FELEM *x,
|
424
424
|
EC_FELEM *y) {
|
425
425
|
if (ec_GFp_simple_is_at_infinity(group, point)) {
|
426
426
|
OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY);
|
@@ -444,8 +444,8 @@ static int ecp_nistz256_get_affine(const EC_GROUP *group,
|
|
444
444
|
return 1;
|
445
445
|
}
|
446
446
|
|
447
|
-
static void ecp_nistz256_add(const EC_GROUP *group,
|
448
|
-
const
|
447
|
+
static void ecp_nistz256_add(const EC_GROUP *group, EC_JACOBIAN *r,
|
448
|
+
const EC_JACOBIAN *a_, const EC_JACOBIAN *b_) {
|
449
449
|
P256_POINT a, b;
|
450
450
|
OPENSSL_memcpy(a.X, a_->X.words, P256_LIMBS * sizeof(BN_ULONG));
|
451
451
|
OPENSSL_memcpy(a.Y, a_->Y.words, P256_LIMBS * sizeof(BN_ULONG));
|
@@ -459,8 +459,8 @@ static void ecp_nistz256_add(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
459
459
|
OPENSSL_memcpy(r->Z.words, a.Z, P256_LIMBS * sizeof(BN_ULONG));
|
460
460
|
}
|
461
461
|
|
462
|
-
static void ecp_nistz256_dbl(const EC_GROUP *group,
|
463
|
-
const
|
462
|
+
static void ecp_nistz256_dbl(const EC_GROUP *group, EC_JACOBIAN *r,
|
463
|
+
const EC_JACOBIAN *a_) {
|
464
464
|
P256_POINT a;
|
465
465
|
OPENSSL_memcpy(a.X, a_->X.words, P256_LIMBS * sizeof(BN_ULONG));
|
466
466
|
OPENSSL_memcpy(a.Y, a_->Y.words, P256_LIMBS * sizeof(BN_ULONG));
|
@@ -573,7 +573,7 @@ static int ecp_nistz256_scalar_to_montgomery_inv_vartime(const EC_GROUP *group,
|
|
573
573
|
}
|
574
574
|
|
575
575
|
static int ecp_nistz256_cmp_x_coordinate(const EC_GROUP *group,
|
576
|
-
const
|
576
|
+
const EC_JACOBIAN *p,
|
577
577
|
const EC_SCALAR *r) {
|
578
578
|
if (ec_GFp_simple_is_at_infinity(group, p)) {
|
579
579
|
return 0;
|
@@ -31,8 +31,9 @@
|
|
31
31
|
#include "./internal.h"
|
32
32
|
|
33
33
|
#if defined(BORINGSSL_HAS_UINT128)
|
34
|
-
#define BORINGSSL_NISTP256_64BIT 1
|
35
34
|
#include "../../../third_party/fiat/p256_64.h"
|
35
|
+
#elif defined(OPENSSL_64_BIT)
|
36
|
+
#include "../../../third_party/fiat/p256_64_msvc.h"
|
36
37
|
#else
|
37
38
|
#include "../../../third_party/fiat/p256_32.h"
|
38
39
|
#endif
|
@@ -40,7 +41,7 @@
|
|
40
41
|
|
41
42
|
// utility functions, handwritten
|
42
43
|
|
43
|
-
#if defined(
|
44
|
+
#if defined(OPENSSL_64_BIT)
|
44
45
|
#define FIAT_P256_NLIMBS 4
|
45
46
|
typedef uint64_t fiat_p256_limb_t;
|
46
47
|
typedef uint64_t fiat_p256_felem[FIAT_P256_NLIMBS];
|
@@ -413,7 +414,7 @@ static crypto_word_t fiat_p256_get_bit(const EC_SCALAR *in, int i) {
|
|
413
414
|
// Takes the Jacobian coordinates (X, Y, Z) of a point and returns (X', Y') =
|
414
415
|
// (X/Z^2, Y/Z^3).
|
415
416
|
static int ec_GFp_nistp256_point_get_affine_coordinates(
|
416
|
-
const EC_GROUP *group, const
|
417
|
+
const EC_GROUP *group, const EC_JACOBIAN *point, EC_FELEM *x_out,
|
417
418
|
EC_FELEM *y_out) {
|
418
419
|
if (ec_GFp_simple_is_at_infinity(group, point)) {
|
419
420
|
OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY);
|
@@ -443,8 +444,8 @@ static int ec_GFp_nistp256_point_get_affine_coordinates(
|
|
443
444
|
return 1;
|
444
445
|
}
|
445
446
|
|
446
|
-
static void ec_GFp_nistp256_add(const EC_GROUP *group,
|
447
|
-
const
|
447
|
+
static void ec_GFp_nistp256_add(const EC_GROUP *group, EC_JACOBIAN *r,
|
448
|
+
const EC_JACOBIAN *a, const EC_JACOBIAN *b) {
|
448
449
|
fiat_p256_felem x1, y1, z1, x2, y2, z2;
|
449
450
|
fiat_p256_from_generic(x1, &a->X);
|
450
451
|
fiat_p256_from_generic(y1, &a->Y);
|
@@ -459,8 +460,8 @@ static void ec_GFp_nistp256_add(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
459
460
|
fiat_p256_to_generic(&r->Z, z1);
|
460
461
|
}
|
461
462
|
|
462
|
-
static void ec_GFp_nistp256_dbl(const EC_GROUP *group,
|
463
|
-
const
|
463
|
+
static void ec_GFp_nistp256_dbl(const EC_GROUP *group, EC_JACOBIAN *r,
|
464
|
+
const EC_JACOBIAN *a) {
|
464
465
|
fiat_p256_felem x, y, z;
|
465
466
|
fiat_p256_from_generic(x, &a->X);
|
466
467
|
fiat_p256_from_generic(y, &a->Y);
|
@@ -471,8 +472,8 @@ static void ec_GFp_nistp256_dbl(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
471
472
|
fiat_p256_to_generic(&r->Z, z);
|
472
473
|
}
|
473
474
|
|
474
|
-
static void ec_GFp_nistp256_point_mul(const EC_GROUP *group,
|
475
|
-
const
|
475
|
+
static void ec_GFp_nistp256_point_mul(const EC_GROUP *group, EC_JACOBIAN *r,
|
476
|
+
const EC_JACOBIAN *p,
|
476
477
|
const EC_SCALAR *scalar) {
|
477
478
|
fiat_p256_felem p_pre_comp[17][3];
|
478
479
|
OPENSSL_memset(&p_pre_comp, 0, sizeof(p_pre_comp));
|
@@ -539,7 +540,7 @@ static void ec_GFp_nistp256_point_mul(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
539
540
|
}
|
540
541
|
|
541
542
|
static void ec_GFp_nistp256_point_mul_base(const EC_GROUP *group,
|
542
|
-
|
543
|
+
EC_JACOBIAN *r,
|
543
544
|
const EC_SCALAR *scalar) {
|
544
545
|
// Set nq to the point at infinity.
|
545
546
|
fiat_p256_felem nq[3] = {{0}, {0}, {0}}, tmp[3];
|
@@ -587,9 +588,9 @@ static void ec_GFp_nistp256_point_mul_base(const EC_GROUP *group,
|
|
587
588
|
}
|
588
589
|
|
589
590
|
static void ec_GFp_nistp256_point_mul_public(const EC_GROUP *group,
|
590
|
-
|
591
|
+
EC_JACOBIAN *r,
|
591
592
|
const EC_SCALAR *g_scalar,
|
592
|
-
const
|
593
|
+
const EC_JACOBIAN *p,
|
593
594
|
const EC_SCALAR *p_scalar) {
|
594
595
|
#define P256_WSIZE_PUBLIC 4
|
595
596
|
// Precompute multiples of |p|. p_pre_comp[i] is (2*i+1) * |p|.
|
@@ -679,7 +680,7 @@ static void ec_GFp_nistp256_point_mul_public(const EC_GROUP *group,
|
|
679
680
|
}
|
680
681
|
|
681
682
|
static int ec_GFp_nistp256_cmp_x_coordinate(const EC_GROUP *group,
|
682
|
-
const
|
683
|
+
const EC_JACOBIAN *p,
|
683
684
|
const EC_SCALAR *r) {
|
684
685
|
if (ec_GFp_simple_is_at_infinity(group, p)) {
|
685
686
|
return 0;
|
@@ -748,5 +749,3 @@ DEFINE_METHOD_FUNCTION(EC_METHOD, EC_GFp_nistp256_method) {
|
|
748
749
|
ec_simple_scalar_to_montgomery_inv_vartime;
|
749
750
|
out->cmp_x_coordinate = ec_GFp_nistp256_cmp_x_coordinate;
|
750
751
|
}
|
751
|
-
|
752
|
-
#undef BORINGSSL_NISTP256_64BIT
|
@@ -50,7 +50,7 @@
|
|
50
50
|
// Tables for other points have table[i] = iG for i in 0 .. 16.
|
51
51
|
|
52
52
|
// fiat_p256_g_pre_comp is the table of precomputed base points
|
53
|
-
#if defined(
|
53
|
+
#if defined(OPENSSL_64_BIT)
|
54
54
|
static const fiat_p256_felem fiat_p256_g_pre_comp[2][15][2] = {
|
55
55
|
{{{0x79e730d418a9143c, 0x75ba95fc5fedb601, 0x79fb732b77622510,
|
56
56
|
0x18905f76a53755c6},
|