grpc 1.56.2 → 1.57.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Makefile +29 -22
- data/include/grpc/event_engine/event_engine.h +22 -32
- data/include/grpc/impl/grpc_types.h +3 -0
- data/include/grpc/support/port_platform.h +29 -23
- data/src/core/ext/filters/client_channel/client_channel.cc +44 -8
- data/src/core/ext/filters/client_channel/dynamic_filters.h +3 -3
- data/src/core/ext/filters/client_channel/http_proxy.cc +5 -0
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +21 -52
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +19 -7
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +25 -35
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +78 -132
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +2 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +4 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +3 -1
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client.cc +38 -15
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client.h +3 -5
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client_internal.h +22 -6
- data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric_internal.h +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.cc +97 -71
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.h +2 -16
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +56 -11
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.h +25 -0
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +6 -32
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +4 -6
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +20 -79
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +31 -19
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +7 -41
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +3 -67
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +8 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +31 -74
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +7 -51
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +16 -87
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +16 -50
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_wrr_locality.cc +12 -74
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +1 -4
- data/src/core/ext/filters/client_channel/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +69 -59
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +7 -2
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +25 -13
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +366 -311
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +17 -1
- data/src/core/ext/filters/client_channel/retry_filter.cc +39 -2498
- data/src/core/ext/filters/client_channel/retry_filter.h +91 -1
- data/src/core/ext/filters/client_channel/retry_filter_legacy_call_data.cc +2052 -0
- data/src/core/ext/filters/client_channel/retry_filter_legacy_call_data.h +442 -0
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +38 -58
- data/src/core/ext/filters/client_channel/subchannel.h +3 -3
- data/src/core/ext/filters/client_channel/subchannel_interface_internal.h +3 -0
- data/src/core/ext/filters/rbac/rbac_filter.cc +40 -111
- data/src/core/ext/filters/rbac/rbac_filter.h +12 -30
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +162 -86
- data/src/core/ext/filters/stateful_session/stateful_session_filter.h +0 -6
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +7 -4
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +131 -186
- data/src/core/ext/transport/chttp2/transport/decode_huff.cc +6569 -174
- data/src/core/ext/transport/chttp2/transport/decode_huff.h +2278 -441
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +4 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +9 -8
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +3 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +8 -4
- data/src/core/ext/transport/chttp2/transport/parsing.cc +15 -3
- data/src/core/ext/transport/chttp2/transport/writing.cc +2 -3
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +27 -6
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +143 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +2 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +0 -39
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +13 -8
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +35 -6
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +17 -13
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +85 -20
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +26 -7
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +45 -3
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/metrics_service.upb.c +4 -3
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/metrics_service.upb.h +21 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +30 -6
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +180 -0
- data/src/core/ext/upb-generated/envoy/data/accesslog/v3/accesslog.upb.c +558 -0
- data/src/core/ext/upb-generated/envoy/data/accesslog/v3/accesslog.upb.h +2710 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +30 -11
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +53 -24
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +30 -5
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +110 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +41 -15
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +150 -27
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb.c +47 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb.h +93 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +88 -76
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +11 -12
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +0 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +162 -160
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +129 -118
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +141 -135
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/metrics_service.upbdefs.c +19 -12
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +38 -30
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/data/accesslog/v3/accesslog.upbdefs.c +402 -0
- data/src/core/ext/upbdefs-generated/envoy/data/accesslog/v3/accesslog.upbdefs.h +111 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +80 -74
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +63 -47
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +315 -293
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +29 -29
- data/src/core/ext/xds/xds_bootstrap_grpc.cc +33 -30
- data/src/core/ext/xds/xds_bootstrap_grpc.h +5 -13
- data/src/core/ext/xds/xds_client_grpc.cc +11 -6
- data/src/core/ext/xds/xds_client_grpc.h +16 -2
- data/src/core/ext/xds/xds_client_stats.h +10 -0
- data/src/core/ext/xds/xds_cluster.cc +26 -16
- data/src/core/ext/xds/xds_endpoint.cc +4 -7
- data/src/core/ext/xds/xds_health_status.cc +0 -17
- data/src/core/ext/xds/xds_health_status.h +5 -25
- data/src/core/ext/xds/xds_lb_policy_registry.cc +39 -0
- data/src/core/ext/xds/xds_route_config.cc +4 -0
- data/src/core/ext/xds/xds_transport_grpc.cc +1 -3
- data/src/core/lib/address_utils/parse_address.cc +63 -1
- data/src/core/lib/address_utils/parse_address.h +8 -0
- data/src/core/lib/address_utils/sockaddr_utils.cc +46 -1
- data/src/core/lib/address_utils/sockaddr_utils.h +2 -2
- data/src/core/lib/channel/channel_args.cc +21 -10
- data/src/core/lib/channel/channel_args.h +3 -0
- data/src/core/lib/channel/connected_channel.cc +4 -1
- data/src/core/lib/channel/promise_based_filter.h +1 -0
- data/src/core/lib/debug/trace.cc +1 -4
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +2 -1
- data/src/core/lib/event_engine/cf_engine/cf_engine.h +1 -1
- data/src/core/lib/event_engine/event_engine.cc +0 -12
- data/src/core/lib/event_engine/forkable.cc +47 -42
- data/src/core/lib/event_engine/handle_containers.h +0 -4
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +4 -6
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +4 -6
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +25 -11
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +3 -1
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +2 -1
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +8 -12
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +37 -27
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +2 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +4 -2
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +42 -2
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +6 -0
- data/src/core/lib/event_engine/posix_engine/timer.h +10 -37
- data/src/core/lib/event_engine/tcp_socket_utils.cc +67 -7
- data/src/core/lib/event_engine/tcp_socket_utils.h +3 -0
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +90 -37
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +32 -12
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +12 -21
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +8 -12
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +55 -54
- data/src/core/lib/event_engine/windows/windows_endpoint.h +15 -12
- data/src/core/lib/event_engine/windows/windows_engine.cc +2 -1
- data/src/core/lib/event_engine/windows/windows_engine.h +8 -12
- data/src/core/lib/experiments/config.cc +60 -22
- data/src/core/lib/experiments/config.h +20 -8
- data/src/core/lib/experiments/experiments.cc +278 -0
- data/src/core/lib/experiments/experiments.h +59 -1
- data/src/core/lib/gprpp/dual_ref_counted.h +9 -9
- data/src/core/lib/gprpp/fork.cc +8 -9
- data/src/core/lib/gprpp/fork.h +6 -5
- data/src/core/lib/gprpp/if_list.h +4530 -0
- data/src/core/lib/gprpp/orphanable.h +3 -3
- data/src/core/lib/gprpp/ref_counted.h +6 -6
- data/src/core/lib/gprpp/sorted_pack.h +3 -12
- data/src/core/lib/gprpp/status_helper.h +16 -15
- data/src/core/lib/gprpp/time.h +12 -0
- data/src/core/lib/gprpp/type_list.h +32 -0
- data/src/core/lib/http/httpcli.h +6 -9
- data/src/core/lib/iomgr/error.cc +32 -2
- data/src/core/lib/iomgr/error.h +9 -10
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +5 -7
- data/src/core/lib/iomgr/ev_poll_posix.cc +6 -5
- data/src/core/lib/iomgr/exec_ctx.h +11 -0
- data/src/core/lib/iomgr/pollset.h +4 -5
- data/src/core/lib/iomgr/port.h +10 -0
- data/src/core/lib/iomgr/resolve_address.cc +13 -1
- data/src/core/lib/iomgr/resolve_address.h +17 -3
- data/src/core/lib/iomgr/sockaddr_posix.h +7 -0
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +29 -0
- data/src/core/lib/iomgr/socket_utils_posix.cc +2 -0
- data/src/core/lib/iomgr/socket_utils_posix.h +6 -0
- data/src/core/lib/iomgr/tcp_client_posix.cc +4 -1
- data/src/core/lib/iomgr/tcp_posix.cc +21 -4
- data/src/core/lib/iomgr/tcp_server_posix.cc +3 -2
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +5 -2
- data/src/core/lib/iomgr/tcp_windows.cc +1 -3
- data/src/core/lib/iomgr/vsock.cc +59 -0
- data/src/core/lib/iomgr/vsock.h +38 -0
- data/src/core/lib/iomgr/wakeup_fd_posix.h +3 -6
- data/src/core/lib/load_balancing/delegating_helper.h +115 -0
- data/src/core/lib/load_balancing/lb_policy.h +20 -0
- data/src/core/lib/load_balancing/subchannel_interface.h +6 -0
- data/src/core/lib/promise/party.h +1 -1
- data/src/core/lib/resolver/resolver_factory.h +3 -2
- data/src/core/lib/resolver/server_address.cc +9 -94
- data/src/core/lib/resolver/server_address.h +10 -64
- data/src/core/lib/resource_quota/memory_quota.h +1 -1
- data/src/core/lib/security/credentials/channel_creds_registry.h +51 -27
- data/src/core/lib/security/credentials/channel_creds_registry_init.cc +169 -9
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +1 -1
- data/src/core/lib/security/credentials/composite/composite_credentials.h +3 -1
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +40 -1
- data/src/core/lib/security/credentials/external/external_account_credentials.h +6 -0
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +30 -38
- data/src/core/lib/security/credentials/fake/fake_credentials.h +28 -0
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +1 -1
- data/src/core/lib/security/credentials/tls/tls_credentials.h +3 -1
- data/src/core/lib/service_config/service_config_call_data.h +5 -0
- data/src/core/lib/slice/slice.h +16 -0
- data/src/core/lib/surface/call.cc +31 -29
- data/src/core/lib/surface/server.h +2 -2
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/metadata_batch.cc +7 -7
- data/src/core/lib/transport/metadata_batch.h +86 -48
- data/src/core/lib/transport/parsed_metadata.h +34 -20
- data/src/core/lib/transport/simple_slice_based_metadata.h +9 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +4 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +1 -2
- data/src/core/tsi/ssl_transport_security.cc +28 -7
- data/src/ruby/bin/math_pb.rb +24 -18
- data/src/ruby/ext/grpc/extconf.rb +19 -18
- data/src/ruby/ext/grpc/rb_call.c +62 -39
- data/src/ruby/ext/grpc/rb_call_credentials.c +0 -1
- data/src/ruby/ext/grpc/rb_channel.c +126 -49
- data/src/ruby/ext/grpc/rb_channel.h +1 -0
- data/src/ruby/ext/grpc/rb_channel_args.c +16 -2
- data/src/ruby/ext/grpc/rb_channel_args.h +4 -0
- data/src/ruby/ext/grpc/rb_channel_credentials.c +0 -1
- data/src/ruby/ext/grpc/rb_compression_options.c +0 -1
- data/src/ruby/ext/grpc/rb_event_thread.c +22 -6
- data/src/ruby/ext/grpc/rb_event_thread.h +1 -0
- data/src/ruby/ext/grpc/rb_grpc.c +192 -30
- data/src/ruby/ext/grpc/rb_grpc.h +8 -2
- data/src/ruby/ext/grpc/rb_server.c +62 -45
- data/src/ruby/ext/grpc/rb_server_credentials.c +0 -1
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +0 -1
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +0 -1
- data/src/ruby/lib/grpc/generic/bidi_call.rb +2 -0
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/grpc/health/v1/health_pb.rb +24 -13
- data/src/ruby/pb/src/proto/grpc/testing/empty_pb.rb +24 -3
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +25 -111
- data/src/ruby/pb/src/proto/grpc/testing/test_pb.rb +25 -2
- data/third_party/boringssl-with-bazel/err_data.c +552 -552
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +34 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +4 -1
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +19 -1
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +8 -1
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +28 -185
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +3 -7
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +49 -46
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_64_adx.c +18 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +2809 -7417
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +27 -5
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +20 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +110 -72
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_derive.c +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +15 -14
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +13 -10
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +35 -12
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +3 -7
- data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +7 -6
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +34 -72
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +12 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +5 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +12 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +17 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +51 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +5 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/builtin_curves.h +277 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +180 -404
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +24 -57
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +17 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +33 -71
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +18 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +5 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.c +15 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +9 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +24 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +11 -27
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +9 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/hkdf.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +40 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +21 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +38 -19
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +2 -29
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +55 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +33 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +3 -8
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +198 -79
- data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +5 -4
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -23
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +8 -5
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +7 -6
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/forkunsafe.c +6 -12
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/getentropy.c +48 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{fuchsia.c → ios.c} +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/{refcount_no_threads.c → rand_extra/trusty.c} +15 -19
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +41 -19
- data/third_party/boringssl-with-bazel/src/crypto/{refcount_c11.c → refcount.c} +11 -17
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +147 -72
- data/third_party/boringssl-with-bazel/src/crypto/thread_none.c +0 -8
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +6 -35
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +5 -26
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +14 -18
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +54 -143
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +7 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +8 -12
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +19 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +4 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +4 -119
- data/third_party/boringssl-with-bazel/src/include/openssl/asm_base.h +207 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +2 -116
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +0 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +5 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +0 -21
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +21 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +19 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +11 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +13 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +0 -61
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +127 -81
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +224 -209
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +154 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +1 -29
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +4 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +3 -2
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +9 -65
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +20 -20
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +4 -11
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +24 -18
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +37 -30
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +125 -26
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +2 -3
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_adx.h +691 -0
- data/third_party/upb/upb/collections/map.c +3 -3
- metadata +27 -12
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_attributes.cc +0 -42
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_attributes.h +0 -64
- data/src/core/ext/transport/chttp2/transport/stream_map.cc +0 -177
- data/src/core/ext/transport/chttp2/transport/stream_map.h +0 -68
- data/third_party/boringssl-with-bazel/src/crypto/refcount_win.c +0 -89
|
@@ -15,14 +15,13 @@
|
|
|
15
15
|
#ifndef OPENSSL_HEADER_CURVE25519_INTERNAL_H
|
|
16
16
|
#define OPENSSL_HEADER_CURVE25519_INTERNAL_H
|
|
17
17
|
|
|
18
|
-
#
|
|
19
|
-
extern "C" {
|
|
20
|
-
#endif
|
|
21
|
-
|
|
22
|
-
#include <openssl/base.h>
|
|
18
|
+
#include <openssl/curve25519.h>
|
|
23
19
|
|
|
24
20
|
#include "../internal.h"
|
|
25
21
|
|
|
22
|
+
#if defined(__cplusplus)
|
|
23
|
+
extern "C" {
|
|
24
|
+
#endif
|
|
26
25
|
|
|
27
26
|
#if defined(OPENSSL_ARM) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_APPLE)
|
|
28
27
|
#define BORINGSSL_X25519_NEON
|
|
@@ -32,6 +31,27 @@ void x25519_NEON(uint8_t out[32], const uint8_t scalar[32],
|
|
|
32
31
|
const uint8_t point[32]);
|
|
33
32
|
#endif
|
|
34
33
|
|
|
34
|
+
#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_SMALL) && \
|
|
35
|
+
defined(__GNUC__) && defined(__x86_64__)
|
|
36
|
+
#define BORINGSSL_FE25519_ADX
|
|
37
|
+
|
|
38
|
+
// fiat_curve25519_adx_mul is defined in
|
|
39
|
+
// third_party/fiat/asm/fiat_curve25519_adx_mul.S
|
|
40
|
+
void __attribute__((sysv_abi))
|
|
41
|
+
fiat_curve25519_adx_mul(uint64_t out[4], const uint64_t in1[4],
|
|
42
|
+
const uint64_t in2[4]);
|
|
43
|
+
|
|
44
|
+
// fiat_curve25519_adx_square is defined in
|
|
45
|
+
// third_party/fiat/asm/fiat_curve25519_adx_square.S
|
|
46
|
+
void __attribute__((sysv_abi))
|
|
47
|
+
fiat_curve25519_adx_square(uint64_t out[4], const uint64_t in[4]);
|
|
48
|
+
|
|
49
|
+
// x25519_scalar_mult_adx is defined in third_party/fiat/curve25519_64_adx.h
|
|
50
|
+
void x25519_scalar_mult_adx(uint8_t out[32], const uint8_t scalar[32],
|
|
51
|
+
const uint8_t point[32]);
|
|
52
|
+
void x25519_ge_scalarmult_base_adx(uint8_t h[4][32], const uint8_t a[32]);
|
|
53
|
+
#endif
|
|
54
|
+
|
|
35
55
|
#if defined(OPENSSL_64_BIT)
|
|
36
56
|
// fe means field element. Here the field is \Z/(2^255-19). An element t,
|
|
37
57
|
// entries t[0]...t[4], represents the integer t[0]+2^51 t[1]+2^102 t[2]+2^153
|
|
@@ -135,6 +155,8 @@ struct spake2_ctx_st {
|
|
|
135
155
|
};
|
|
136
156
|
|
|
137
157
|
|
|
158
|
+
extern const uint8_t k25519Precomp[32][8][3][32];
|
|
159
|
+
|
|
138
160
|
#if defined(__cplusplus)
|
|
139
161
|
} // extern C
|
|
140
162
|
#endif
|
|
@@ -17,11 +17,31 @@
|
|
|
17
17
|
|
|
18
18
|
#include <openssl/dsa.h>
|
|
19
19
|
|
|
20
|
+
#include <openssl/thread.h>
|
|
21
|
+
|
|
22
|
+
#include "../internal.h"
|
|
23
|
+
|
|
20
24
|
#if defined(__cplusplus)
|
|
21
25
|
extern "C" {
|
|
22
26
|
#endif
|
|
23
27
|
|
|
24
28
|
|
|
29
|
+
struct dsa_st {
|
|
30
|
+
BIGNUM *p;
|
|
31
|
+
BIGNUM *q;
|
|
32
|
+
BIGNUM *g;
|
|
33
|
+
|
|
34
|
+
BIGNUM *pub_key;
|
|
35
|
+
BIGNUM *priv_key;
|
|
36
|
+
|
|
37
|
+
// Normally used to cache montgomery values
|
|
38
|
+
CRYPTO_MUTEX method_mont_lock;
|
|
39
|
+
BN_MONT_CTX *method_mont_p;
|
|
40
|
+
BN_MONT_CTX *method_mont_q;
|
|
41
|
+
CRYPTO_refcount_t references;
|
|
42
|
+
CRYPTO_EX_DATA ex_data;
|
|
43
|
+
};
|
|
44
|
+
|
|
25
45
|
// dsa_check_key performs cheap self-checks on |dsa|, and ensures it is within
|
|
26
46
|
// DoS bounds. It returns one on success and zero on error.
|
|
27
47
|
int dsa_check_key(const DSA *dsa);
|
|
@@ -72,6 +72,16 @@ static const CBS_ASN1_TAG kParametersTag =
|
|
|
72
72
|
static const CBS_ASN1_TAG kPublicKeyTag =
|
|
73
73
|
CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 1;
|
|
74
74
|
|
|
75
|
+
// TODO(https://crbug.com/boringssl/497): Allow parsers to specify a list of
|
|
76
|
+
// acceptable groups, so parsers don't have to pull in all four.
|
|
77
|
+
typedef const EC_GROUP *(*ec_group_func)(void);
|
|
78
|
+
static const ec_group_func kAllGroups[] = {
|
|
79
|
+
&EC_group_p224,
|
|
80
|
+
&EC_group_p256,
|
|
81
|
+
&EC_group_p384,
|
|
82
|
+
&EC_group_p521,
|
|
83
|
+
};
|
|
84
|
+
|
|
75
85
|
EC_KEY *EC_KEY_parse_private_key(CBS *cbs, const EC_GROUP *group) {
|
|
76
86
|
CBS ec_private_key, private_key;
|
|
77
87
|
uint64_t version;
|
|
@@ -84,7 +94,6 @@ EC_KEY *EC_KEY_parse_private_key(CBS *cbs, const EC_GROUP *group) {
|
|
|
84
94
|
}
|
|
85
95
|
|
|
86
96
|
// Parse the optional parameters field.
|
|
87
|
-
EC_GROUP *inner_group = NULL;
|
|
88
97
|
EC_KEY *ret = NULL;
|
|
89
98
|
BIGNUM *priv_key = NULL;
|
|
90
99
|
if (CBS_peek_asn1_tag(&ec_private_key, kParametersTag)) {
|
|
@@ -97,7 +106,7 @@ EC_KEY *EC_KEY_parse_private_key(CBS *cbs, const EC_GROUP *group) {
|
|
|
97
106
|
OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR);
|
|
98
107
|
goto err;
|
|
99
108
|
}
|
|
100
|
-
inner_group = EC_KEY_parse_parameters(&child);
|
|
109
|
+
const EC_GROUP *inner_group = EC_KEY_parse_parameters(&child);
|
|
101
110
|
if (inner_group == NULL) {
|
|
102
111
|
goto err;
|
|
103
112
|
}
|
|
@@ -179,13 +188,11 @@ EC_KEY *EC_KEY_parse_private_key(CBS *cbs, const EC_GROUP *group) {
|
|
|
179
188
|
}
|
|
180
189
|
|
|
181
190
|
BN_free(priv_key);
|
|
182
|
-
EC_GROUP_free(inner_group);
|
|
183
191
|
return ret;
|
|
184
192
|
|
|
185
193
|
err:
|
|
186
194
|
EC_KEY_free(ret);
|
|
187
195
|
BN_free(priv_key);
|
|
188
|
-
EC_GROUP_free(inner_group);
|
|
189
196
|
return NULL;
|
|
190
197
|
}
|
|
191
198
|
|
|
@@ -244,9 +251,12 @@ int EC_KEY_marshal_private_key(CBB *cbb, const EC_KEY *key,
|
|
|
244
251
|
// kPrimeFieldOID is the encoding of 1.2.840.10045.1.1.
|
|
245
252
|
static const uint8_t kPrimeField[] = {0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01};
|
|
246
253
|
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
|
|
254
|
+
struct explicit_prime_curve {
|
|
255
|
+
CBS prime, a, b, base_x, base_y, order;
|
|
256
|
+
};
|
|
257
|
+
|
|
258
|
+
static int parse_explicit_prime_curve(CBS *in,
|
|
259
|
+
struct explicit_prime_curve *out) {
|
|
250
260
|
// See RFC 3279, section 2.3.5. Note that RFC 3279 calls this structure an
|
|
251
261
|
// ECParameters while RFC 5480 calls it a SpecifiedECDomain.
|
|
252
262
|
CBS params, field_id, field_type, curve, base, cofactor;
|
|
@@ -260,18 +270,18 @@ static int parse_explicit_prime_curve(CBS *in, CBS *out_prime, CBS *out_a,
|
|
|
260
270
|
CBS_len(&field_type) != sizeof(kPrimeField) ||
|
|
261
271
|
OPENSSL_memcmp(CBS_data(&field_type), kPrimeField, sizeof(kPrimeField)) !=
|
|
262
272
|
0 ||
|
|
263
|
-
!CBS_get_asn1(&field_id,
|
|
264
|
-
!CBS_is_unsigned_asn1_integer(
|
|
273
|
+
!CBS_get_asn1(&field_id, &out->prime, CBS_ASN1_INTEGER) ||
|
|
274
|
+
!CBS_is_unsigned_asn1_integer(&out->prime) ||
|
|
265
275
|
CBS_len(&field_id) != 0 ||
|
|
266
276
|
!CBS_get_asn1(¶ms, &curve, CBS_ASN1_SEQUENCE) ||
|
|
267
|
-
!CBS_get_asn1(&curve,
|
|
268
|
-
!CBS_get_asn1(&curve,
|
|
277
|
+
!CBS_get_asn1(&curve, &out->a, CBS_ASN1_OCTETSTRING) ||
|
|
278
|
+
!CBS_get_asn1(&curve, &out->b, CBS_ASN1_OCTETSTRING) ||
|
|
269
279
|
// |curve| has an optional BIT STRING seed which we ignore.
|
|
270
280
|
!CBS_get_optional_asn1(&curve, NULL, NULL, CBS_ASN1_BITSTRING) ||
|
|
271
281
|
CBS_len(&curve) != 0 ||
|
|
272
282
|
!CBS_get_asn1(¶ms, &base, CBS_ASN1_OCTETSTRING) ||
|
|
273
|
-
!CBS_get_asn1(¶ms,
|
|
274
|
-
!CBS_is_unsigned_asn1_integer(
|
|
283
|
+
!CBS_get_asn1(¶ms, &out->order, CBS_ASN1_INTEGER) ||
|
|
284
|
+
!CBS_is_unsigned_asn1_integer(&out->order) ||
|
|
275
285
|
!CBS_get_optional_asn1(¶ms, &cofactor, &has_cofactor,
|
|
276
286
|
CBS_ASN1_INTEGER) ||
|
|
277
287
|
CBS_len(¶ms) != 0) {
|
|
@@ -300,25 +310,33 @@ static int parse_explicit_prime_curve(CBS *in, CBS *out_prime, CBS *out_a,
|
|
|
300
310
|
return 0;
|
|
301
311
|
}
|
|
302
312
|
size_t field_len = CBS_len(&base) / 2;
|
|
303
|
-
CBS_init(
|
|
304
|
-
CBS_init(
|
|
313
|
+
CBS_init(&out->base_x, CBS_data(&base), field_len);
|
|
314
|
+
CBS_init(&out->base_y, CBS_data(&base) + field_len, field_len);
|
|
305
315
|
|
|
306
316
|
return 1;
|
|
307
317
|
}
|
|
308
318
|
|
|
309
|
-
// integers_equal returns one if |
|
|
319
|
+
// integers_equal returns one if |bytes| is a big-endian encoding of |bn|, and
|
|
310
320
|
// zero otherwise.
|
|
311
|
-
static int integers_equal(const CBS *
|
|
312
|
-
//
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
321
|
+
static int integers_equal(const CBS *bytes, const BIGNUM *bn) {
|
|
322
|
+
// Although, in SEC 1, Field-Element-to-Octet-String has a fixed width,
|
|
323
|
+
// OpenSSL mis-encodes the |a| and |b|, so we tolerate any number of leading
|
|
324
|
+
// zeros. (This matters for P-521 whose |b| has a leading 0.)
|
|
325
|
+
CBS copy = *bytes;
|
|
326
|
+
while (CBS_len(©) > 0 && CBS_data(©)[0] == 0) {
|
|
327
|
+
CBS_skip(©, 1);
|
|
316
328
|
}
|
|
317
|
-
|
|
318
|
-
|
|
319
|
-
|
|
329
|
+
|
|
330
|
+
if (CBS_len(©) > EC_MAX_BYTES) {
|
|
331
|
+
return 0;
|
|
320
332
|
}
|
|
321
|
-
|
|
333
|
+
uint8_t buf[EC_MAX_BYTES];
|
|
334
|
+
if (!BN_bn2bin_padded(buf, CBS_len(©), bn)) {
|
|
335
|
+
ERR_clear_error();
|
|
336
|
+
return 0;
|
|
337
|
+
}
|
|
338
|
+
|
|
339
|
+
return CBS_mem_equal(©, buf, CBS_len(©));
|
|
322
340
|
}
|
|
323
341
|
|
|
324
342
|
EC_GROUP *EC_KEY_parse_curve_name(CBS *cbs) {
|
|
@@ -329,13 +347,10 @@ EC_GROUP *EC_KEY_parse_curve_name(CBS *cbs) {
|
|
|
329
347
|
}
|
|
330
348
|
|
|
331
349
|
// Look for a matching curve.
|
|
332
|
-
|
|
333
|
-
|
|
334
|
-
|
|
335
|
-
|
|
336
|
-
OPENSSL_memcmp(CBS_data(&named_curve), curve->oid, curve->oid_len) ==
|
|
337
|
-
0) {
|
|
338
|
-
return EC_GROUP_new_by_curve_name(curve->nid);
|
|
350
|
+
for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kAllGroups); i++) {
|
|
351
|
+
const EC_GROUP *group = kAllGroups[i]();
|
|
352
|
+
if (CBS_mem_equal(&named_curve, group->oid, group->oid_len)) {
|
|
353
|
+
return (EC_GROUP *)group;
|
|
339
354
|
}
|
|
340
355
|
}
|
|
341
356
|
|
|
@@ -344,25 +359,15 @@ EC_GROUP *EC_KEY_parse_curve_name(CBS *cbs) {
|
|
|
344
359
|
}
|
|
345
360
|
|
|
346
361
|
int EC_KEY_marshal_curve_name(CBB *cbb, const EC_GROUP *group) {
|
|
347
|
-
|
|
348
|
-
if (nid == NID_undef) {
|
|
362
|
+
if (group->oid_len == 0) {
|
|
349
363
|
OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP);
|
|
350
364
|
return 0;
|
|
351
365
|
}
|
|
352
366
|
|
|
353
|
-
|
|
354
|
-
|
|
355
|
-
|
|
356
|
-
|
|
357
|
-
CBB child;
|
|
358
|
-
return CBB_add_asn1(cbb, &child, CBS_ASN1_OBJECT) &&
|
|
359
|
-
CBB_add_bytes(&child, curve->oid, curve->oid_len) &&
|
|
360
|
-
CBB_flush(cbb);
|
|
361
|
-
}
|
|
362
|
-
}
|
|
363
|
-
|
|
364
|
-
OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP);
|
|
365
|
-
return 0;
|
|
367
|
+
CBB child;
|
|
368
|
+
return CBB_add_asn1(cbb, &child, CBS_ASN1_OBJECT) &&
|
|
369
|
+
CBB_add_bytes(&child, group->oid, group->oid_len) && //
|
|
370
|
+
CBB_flush(cbb);
|
|
366
371
|
}
|
|
367
372
|
|
|
368
373
|
EC_GROUP *EC_KEY_parse_parameters(CBS *cbs) {
|
|
@@ -374,34 +379,56 @@ EC_GROUP *EC_KEY_parse_parameters(CBS *cbs) {
|
|
|
374
379
|
// of named curves.
|
|
375
380
|
//
|
|
376
381
|
// TODO(davidben): Remove support for this.
|
|
377
|
-
|
|
378
|
-
if (!parse_explicit_prime_curve(cbs, &
|
|
379
|
-
&order)) {
|
|
382
|
+
struct explicit_prime_curve curve;
|
|
383
|
+
if (!parse_explicit_prime_curve(cbs, &curve)) {
|
|
380
384
|
return NULL;
|
|
381
385
|
}
|
|
382
386
|
|
|
383
|
-
|
|
384
|
-
|
|
385
|
-
|
|
386
|
-
|
|
387
|
-
|
|
388
|
-
|
|
389
|
-
|
|
390
|
-
|
|
391
|
-
|
|
392
|
-
|
|
393
|
-
|
|
394
|
-
|
|
395
|
-
|
|
396
|
-
|
|
397
|
-
|
|
398
|
-
|
|
399
|
-
|
|
387
|
+
const EC_GROUP *ret = NULL;
|
|
388
|
+
BIGNUM *p = BN_new(), *a = BN_new(), *b = BN_new(), *x = BN_new(),
|
|
389
|
+
*y = BN_new();
|
|
390
|
+
if (p == NULL || a == NULL || b == NULL || x == NULL || y == NULL) {
|
|
391
|
+
goto err;
|
|
392
|
+
}
|
|
393
|
+
|
|
394
|
+
for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kAllGroups); i++) {
|
|
395
|
+
const EC_GROUP *group = kAllGroups[i]();
|
|
396
|
+
if (!integers_equal(&curve.order, EC_GROUP_get0_order(group))) {
|
|
397
|
+
continue;
|
|
398
|
+
}
|
|
399
|
+
|
|
400
|
+
// The order alone uniquely identifies the group, but we check the other
|
|
401
|
+
// parameters to avoid misinterpreting the group.
|
|
402
|
+
if (!EC_GROUP_get_curve_GFp(group, p, a, b, NULL)) {
|
|
403
|
+
goto err;
|
|
404
|
+
}
|
|
405
|
+
if (!integers_equal(&curve.prime, p) || !integers_equal(&curve.a, a) ||
|
|
406
|
+
!integers_equal(&curve.b, b)) {
|
|
407
|
+
break;
|
|
408
|
+
}
|
|
409
|
+
if (!EC_POINT_get_affine_coordinates_GFp(
|
|
410
|
+
group, EC_GROUP_get0_generator(group), x, y, NULL)) {
|
|
411
|
+
goto err;
|
|
400
412
|
}
|
|
413
|
+
if (!integers_equal(&curve.base_x, x) ||
|
|
414
|
+
!integers_equal(&curve.base_y, y)) {
|
|
415
|
+
break;
|
|
416
|
+
}
|
|
417
|
+
ret = group;
|
|
418
|
+
break;
|
|
401
419
|
}
|
|
402
420
|
|
|
403
|
-
|
|
404
|
-
|
|
421
|
+
if (ret == NULL) {
|
|
422
|
+
OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP);
|
|
423
|
+
}
|
|
424
|
+
|
|
425
|
+
err:
|
|
426
|
+
BN_free(p);
|
|
427
|
+
BN_free(a);
|
|
428
|
+
BN_free(b);
|
|
429
|
+
BN_free(x);
|
|
430
|
+
BN_free(y);
|
|
431
|
+
return (EC_GROUP *)ret;
|
|
405
432
|
}
|
|
406
433
|
|
|
407
434
|
int EC_POINT_point2cbb(CBB *out, const EC_GROUP *group, const EC_POINT *point,
|
|
@@ -458,18 +485,16 @@ EC_KEY *d2i_ECParameters(EC_KEY **out_key, const uint8_t **inp, long len) {
|
|
|
458
485
|
|
|
459
486
|
CBS cbs;
|
|
460
487
|
CBS_init(&cbs, *inp, (size_t)len);
|
|
461
|
-
EC_GROUP *group = EC_KEY_parse_parameters(&cbs);
|
|
488
|
+
const EC_GROUP *group = EC_KEY_parse_parameters(&cbs);
|
|
462
489
|
if (group == NULL) {
|
|
463
490
|
return NULL;
|
|
464
491
|
}
|
|
465
492
|
|
|
466
493
|
EC_KEY *ret = EC_KEY_new();
|
|
467
494
|
if (ret == NULL || !EC_KEY_set_group(ret, group)) {
|
|
468
|
-
EC_GROUP_free(group);
|
|
469
495
|
EC_KEY_free(ret);
|
|
470
496
|
return NULL;
|
|
471
497
|
}
|
|
472
|
-
EC_GROUP_free(group);
|
|
473
498
|
|
|
474
499
|
if (out_key != NULL) {
|
|
475
500
|
EC_KEY_free(*out_key);
|
|
@@ -532,3 +557,16 @@ int i2o_ECPublicKey(const EC_KEY *key, uint8_t **outp) {
|
|
|
532
557
|
// Historically, this function used the wrong return value on error.
|
|
533
558
|
return ret > 0 ? ret : 0;
|
|
534
559
|
}
|
|
560
|
+
|
|
561
|
+
size_t EC_get_builtin_curves(EC_builtin_curve *out_curves,
|
|
562
|
+
size_t max_num_curves) {
|
|
563
|
+
if (max_num_curves > OPENSSL_ARRAY_SIZE(kAllGroups)) {
|
|
564
|
+
max_num_curves = OPENSSL_ARRAY_SIZE(kAllGroups);
|
|
565
|
+
}
|
|
566
|
+
for (size_t i = 0; i < max_num_curves; i++) {
|
|
567
|
+
const EC_GROUP *group = kAllGroups[i]();
|
|
568
|
+
out_curves[i].nid = group->curve_name;
|
|
569
|
+
out_curves[i].comment = group->comment;
|
|
570
|
+
}
|
|
571
|
+
return OPENSSL_ARRAY_SIZE(kAllGroups);
|
|
572
|
+
}
|
|
@@ -55,7 +55,8 @@ EC_KEY *EC_KEY_derive_from_secret(const EC_GROUP *group, const uint8_t *secret,
|
|
|
55
55
|
}
|
|
56
56
|
|
|
57
57
|
uint8_t derived[EC_KEY_DERIVE_EXTRA_BYTES + EC_MAX_BYTES];
|
|
58
|
-
size_t derived_len =
|
|
58
|
+
size_t derived_len =
|
|
59
|
+
BN_num_bytes(EC_GROUP_get0_order(group)) + EC_KEY_DERIVE_EXTRA_BYTES;
|
|
59
60
|
assert(derived_len <= sizeof(derived));
|
|
60
61
|
if (!HKDF(derived, derived_len, EVP_sha256(), secret, secret_len,
|
|
61
62
|
/*salt=*/NULL, /*salt_len=*/0, (const uint8_t *)info,
|
|
@@ -74,10 +75,10 @@ EC_KEY *EC_KEY_derive_from_secret(const EC_GROUP *group, const uint8_t *secret,
|
|
|
74
75
|
// enough. 2^(num_bytes(order)) < 2^8 * order, so:
|
|
75
76
|
//
|
|
76
77
|
// priv < 2^8 * order * 2^128 < order * order < order * R
|
|
77
|
-
!BN_from_montgomery(priv, priv, group->
|
|
78
|
+
!BN_from_montgomery(priv, priv, &group->order, ctx) ||
|
|
78
79
|
// Multiply by R^2 and do another Montgomery reduction to compute
|
|
79
80
|
// priv * R^-1 * R^2 * R^-1 = priv mod order.
|
|
80
|
-
!BN_to_montgomery(priv, priv, group->
|
|
81
|
+
!BN_to_montgomery(priv, priv, &group->order, ctx) ||
|
|
81
82
|
!EC_POINT_mul(group, pub, priv, NULL, NULL, ctx) ||
|
|
82
83
|
!EC_KEY_set_group(key, group) || !EC_KEY_set_public_key(key, pub) ||
|
|
83
84
|
!EC_KEY_set_private_key(key, priv)) {
|
|
@@ -179,12 +179,12 @@ static int hash_to_field2(const EC_GROUP *group, const EVP_MD *md,
|
|
|
179
179
|
size_t msg_len) {
|
|
180
180
|
size_t L;
|
|
181
181
|
uint8_t buf[4 * EC_MAX_BYTES];
|
|
182
|
-
if (!num_bytes_to_derive(&L, &group->field, k) ||
|
|
182
|
+
if (!num_bytes_to_derive(&L, &group->field.N, k) ||
|
|
183
183
|
!expand_message_xmd(md, buf, 2 * L, msg, msg_len, dst, dst_len)) {
|
|
184
184
|
return 0;
|
|
185
185
|
}
|
|
186
186
|
BN_ULONG words[2 * EC_MAX_WORDS];
|
|
187
|
-
size_t num_words = 2 * group->field.width;
|
|
187
|
+
size_t num_words = 2 * group->field.N.width;
|
|
188
188
|
big_endian_to_words(words, num_words, buf, L);
|
|
189
189
|
group->meth->felem_reduce(group, out1, words, num_words);
|
|
190
190
|
big_endian_to_words(words, num_words, buf + L, L);
|
|
@@ -197,15 +197,16 @@ static int hash_to_field2(const EC_GROUP *group, const EVP_MD *md,
|
|
|
197
197
|
static int hash_to_scalar(const EC_GROUP *group, const EVP_MD *md,
|
|
198
198
|
EC_SCALAR *out, const uint8_t *dst, size_t dst_len,
|
|
199
199
|
unsigned k, const uint8_t *msg, size_t msg_len) {
|
|
200
|
+
const BIGNUM *order = EC_GROUP_get0_order(group);
|
|
200
201
|
size_t L;
|
|
201
202
|
uint8_t buf[EC_MAX_BYTES * 2];
|
|
202
|
-
if (!num_bytes_to_derive(&L,
|
|
203
|
+
if (!num_bytes_to_derive(&L, order, k) ||
|
|
203
204
|
!expand_message_xmd(md, buf, L, msg, msg_len, dst, dst_len)) {
|
|
204
205
|
return 0;
|
|
205
206
|
}
|
|
206
207
|
|
|
207
208
|
BN_ULONG words[2 * EC_MAX_WORDS];
|
|
208
|
-
size_t num_words = 2 *
|
|
209
|
+
size_t num_words = 2 * order->width;
|
|
209
210
|
big_endian_to_words(words, num_words, buf, L);
|
|
210
211
|
ec_scalar_reduce(group, out, words, num_words);
|
|
211
212
|
return 1;
|
|
@@ -230,7 +231,7 @@ static BN_ULONG sgn0(const EC_GROUP *group, const EC_FELEM *a) {
|
|
|
230
231
|
}
|
|
231
232
|
|
|
232
233
|
OPENSSL_UNUSED static int is_3mod4(const EC_GROUP *group) {
|
|
233
|
-
return group->field.width > 0 && (group->field.d[0] & 3) == 3;
|
|
234
|
+
return group->field.N.width > 0 && (group->field.N.d[0] & 3) == 3;
|
|
234
235
|
}
|
|
235
236
|
|
|
236
237
|
// sqrt_ratio_3mod4 implements the operation described in appendix F.2.1.2
|
|
@@ -285,12 +286,12 @@ static void map_to_curve_simple_swu(const EC_GROUP *group, const EC_FELEM *Z,
|
|
|
285
286
|
group->meth->felem_sqr;
|
|
286
287
|
|
|
287
288
|
EC_FELEM tv1, tv2, tv3, tv4, tv5, tv6, x, y, y1;
|
|
288
|
-
felem_sqr(group, &tv1, u);
|
|
289
|
-
felem_mul(group, &tv1, Z, &tv1);
|
|
290
|
-
felem_sqr(group, &tv2, &tv1);
|
|
291
|
-
ec_felem_add(group, &tv2, &tv2, &tv1);
|
|
292
|
-
ec_felem_add(group, &tv3, &tv2,
|
|
293
|
-
felem_mul(group, &tv3, &group->b, &tv3);
|
|
289
|
+
felem_sqr(group, &tv1, u); // 1. tv1 = u^2
|
|
290
|
+
felem_mul(group, &tv1, Z, &tv1); // 2. tv1 = Z * tv1
|
|
291
|
+
felem_sqr(group, &tv2, &tv1); // 3. tv2 = tv1^2
|
|
292
|
+
ec_felem_add(group, &tv2, &tv2, &tv1); // 4. tv2 = tv2 + tv1
|
|
293
|
+
ec_felem_add(group, &tv3, &tv2, ec_felem_one(group)); // 5. tv3 = tv2 + 1
|
|
294
|
+
felem_mul(group, &tv3, &group->b, &tv3); // 6. tv3 = B * tv3
|
|
294
295
|
|
|
295
296
|
// 7. tv4 = CMOV(Z, -tv2, tv2 != 0)
|
|
296
297
|
const BN_ULONG tv2_non_zero = ec_felem_non_zero_mask(group, &tv2);
|
|
@@ -353,8 +354,8 @@ static int hash_to_curve(const EC_GROUP *group, const EVP_MD *md,
|
|
|
353
354
|
|
|
354
355
|
// Compute |c1| = (p - 3) / 4.
|
|
355
356
|
BN_ULONG c1[EC_MAX_WORDS];
|
|
356
|
-
size_t num_c1 = group->field.width;
|
|
357
|
-
if (!bn_copy_words(c1, num_c1, &group->field)) {
|
|
357
|
+
size_t num_c1 = group->field.N.width;
|
|
358
|
+
if (!bn_copy_words(c1, num_c1, &group->field.N)) {
|
|
358
359
|
return 0;
|
|
359
360
|
}
|
|
360
361
|
bn_rshift_words(c1, c1, /*shift=*/2, /*num=*/num_c1);
|
|
@@ -370,7 +371,7 @@ static int hash_to_curve(const EC_GROUP *group, const EVP_MD *md,
|
|
|
370
371
|
|
|
371
372
|
static int felem_from_u8(const EC_GROUP *group, EC_FELEM *out, uint8_t a) {
|
|
372
373
|
uint8_t bytes[EC_MAX_BYTES] = {0};
|
|
373
|
-
size_t len = BN_num_bytes(&group->field);
|
|
374
|
+
size_t len = BN_num_bytes(&group->field.N);
|
|
374
375
|
bytes[len - 1] = a;
|
|
375
376
|
return ec_felem_from_bytes(group, out, bytes, len);
|
|
376
377
|
}
|
|
@@ -146,13 +146,13 @@ struct err_error_st {
|
|
|
146
146
|
|
|
147
147
|
// ERR_STATE contains the per-thread, error queue.
|
|
148
148
|
typedef struct err_state_st {
|
|
149
|
-
// errors contains
|
|
150
|
-
// buffer.
|
|
149
|
+
// errors contains up to ERR_NUM_ERRORS - 1 most recent errors, organised as a
|
|
150
|
+
// ring buffer.
|
|
151
151
|
struct err_error_st errors[ERR_NUM_ERRORS];
|
|
152
|
-
// top contains the index
|
|
153
|
-
//
|
|
152
|
+
// top contains the index of the most recent error. If |top| equals |bottom|
|
|
153
|
+
// then the queue is empty.
|
|
154
154
|
unsigned top;
|
|
155
|
-
// bottom contains the index
|
|
155
|
+
// bottom contains the index before the least recent error in the queue.
|
|
156
156
|
unsigned bottom;
|
|
157
157
|
|
|
158
158
|
// to_free, if not NULL, contains a pointer owned by this structure that was
|
|
@@ -192,8 +192,7 @@ static int global_next_library = ERR_NUM_LIBS;
|
|
|
192
192
|
|
|
193
193
|
// global_next_library_mutex protects |global_next_library| from concurrent
|
|
194
194
|
// updates.
|
|
195
|
-
static
|
|
196
|
-
CRYPTO_STATIC_MUTEX_INIT;
|
|
195
|
+
static CRYPTO_MUTEX global_next_library_mutex = CRYPTO_MUTEX_INIT;
|
|
197
196
|
|
|
198
197
|
static void err_state_free(void *statep) {
|
|
199
198
|
ERR_STATE *state = statep;
|
|
@@ -367,9 +366,9 @@ void ERR_remove_thread_state(const CRYPTO_THREADID *tid) {
|
|
|
367
366
|
int ERR_get_next_error_library(void) {
|
|
368
367
|
int ret;
|
|
369
368
|
|
|
370
|
-
|
|
369
|
+
CRYPTO_MUTEX_lock_write(&global_next_library_mutex);
|
|
371
370
|
ret = global_next_library++;
|
|
372
|
-
|
|
371
|
+
CRYPTO_MUTEX_unlock_write(&global_next_library_mutex);
|
|
373
372
|
|
|
374
373
|
return ret;
|
|
375
374
|
}
|
|
@@ -867,6 +866,10 @@ void ERR_restore_state(const ERR_SAVE_STATE *state) {
|
|
|
867
866
|
return;
|
|
868
867
|
}
|
|
869
868
|
|
|
869
|
+
if (state->num_errors >= ERR_NUM_ERRORS) {
|
|
870
|
+
abort();
|
|
871
|
+
}
|
|
872
|
+
|
|
870
873
|
ERR_STATE *const dst = err_get_state();
|
|
871
874
|
if (dst == NULL) {
|
|
872
875
|
return;
|
|
@@ -875,6 +878,6 @@ void ERR_restore_state(const ERR_SAVE_STATE *state) {
|
|
|
875
878
|
for (size_t i = 0; i < state->num_errors; i++) {
|
|
876
879
|
err_copy(&dst->errors[i], &state->errors[i]);
|
|
877
880
|
}
|
|
878
|
-
dst->top = state->num_errors - 1;
|
|
881
|
+
dst->top = (unsigned)(state->num_errors - 1);
|
|
879
882
|
dst->bottom = ERR_NUM_ERRORS - 1;
|
|
880
883
|
}
|
|
@@ -229,6 +229,13 @@ static const EVP_PKEY_ASN1_METHOD *evp_pkey_asn1_find(int nid) {
|
|
|
229
229
|
}
|
|
230
230
|
}
|
|
231
231
|
|
|
232
|
+
static void evp_pkey_set_method(EVP_PKEY *pkey,
|
|
233
|
+
const EVP_PKEY_ASN1_METHOD *method) {
|
|
234
|
+
free_it(pkey);
|
|
235
|
+
pkey->ameth = method;
|
|
236
|
+
pkey->type = pkey->ameth->pkey_id;
|
|
237
|
+
}
|
|
238
|
+
|
|
232
239
|
int EVP_PKEY_type(int nid) {
|
|
233
240
|
const EVP_PKEY_ASN1_METHOD *meth = evp_pkey_asn1_find(nid);
|
|
234
241
|
if (meth == NULL) {
|
|
@@ -246,7 +253,9 @@ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) {
|
|
|
246
253
|
}
|
|
247
254
|
|
|
248
255
|
int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key) {
|
|
249
|
-
|
|
256
|
+
evp_pkey_set_method(pkey, &rsa_asn1_meth);
|
|
257
|
+
pkey->pkey = key;
|
|
258
|
+
return key != NULL;
|
|
250
259
|
}
|
|
251
260
|
|
|
252
261
|
RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey) {
|
|
@@ -274,7 +283,9 @@ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) {
|
|
|
274
283
|
}
|
|
275
284
|
|
|
276
285
|
int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key) {
|
|
277
|
-
|
|
286
|
+
evp_pkey_set_method(pkey, &dsa_asn1_meth);
|
|
287
|
+
pkey->pkey = key;
|
|
288
|
+
return key != NULL;
|
|
278
289
|
}
|
|
279
290
|
|
|
280
291
|
DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey) {
|
|
@@ -302,7 +313,9 @@ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) {
|
|
|
302
313
|
}
|
|
303
314
|
|
|
304
315
|
int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) {
|
|
305
|
-
|
|
316
|
+
evp_pkey_set_method(pkey, &ec_asn1_meth);
|
|
317
|
+
pkey->pkey = key;
|
|
318
|
+
return key != NULL;
|
|
306
319
|
}
|
|
307
320
|
|
|
308
321
|
EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey) {
|
|
@@ -325,21 +338,32 @@ DH *EVP_PKEY_get0_DH(const EVP_PKEY *pkey) { return NULL; }
|
|
|
325
338
|
DH *EVP_PKEY_get1_DH(const EVP_PKEY *pkey) { return NULL; }
|
|
326
339
|
|
|
327
340
|
int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) {
|
|
328
|
-
|
|
329
|
-
|
|
341
|
+
// This function can only be used to assign RSA, DSA, and EC keys. Other key
|
|
342
|
+
// types have internal representations which are not exposed through the
|
|
343
|
+
// public API.
|
|
344
|
+
switch (type) {
|
|
345
|
+
case EVP_PKEY_RSA:
|
|
346
|
+
return EVP_PKEY_assign_RSA(pkey, key);
|
|
347
|
+
case EVP_PKEY_DSA:
|
|
348
|
+
return EVP_PKEY_assign_DSA(pkey, key);
|
|
349
|
+
case EVP_PKEY_EC:
|
|
350
|
+
return EVP_PKEY_assign_EC_KEY(pkey, key);
|
|
330
351
|
}
|
|
331
|
-
|
|
332
|
-
|
|
352
|
+
|
|
353
|
+
OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);
|
|
354
|
+
ERR_add_error_dataf("algorithm %d", type);
|
|
355
|
+
return 0;
|
|
333
356
|
}
|
|
334
357
|
|
|
335
358
|
int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) {
|
|
336
|
-
const EVP_PKEY_ASN1_METHOD *ameth;
|
|
337
|
-
|
|
338
359
|
if (pkey && pkey->pkey) {
|
|
360
|
+
// This isn't strictly necessary, but historically |EVP_PKEY_set_type| would
|
|
361
|
+
// clear |pkey| even if |evp_pkey_asn1_find| failed, so we preserve that
|
|
362
|
+
// behavior.
|
|
339
363
|
free_it(pkey);
|
|
340
364
|
}
|
|
341
365
|
|
|
342
|
-
ameth = evp_pkey_asn1_find(type);
|
|
366
|
+
const EVP_PKEY_ASN1_METHOD *ameth = evp_pkey_asn1_find(type);
|
|
343
367
|
if (ameth == NULL) {
|
|
344
368
|
OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);
|
|
345
369
|
ERR_add_error_dataf("algorithm %d", type);
|
|
@@ -347,8 +371,7 @@ int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) {
|
|
|
347
371
|
}
|
|
348
372
|
|
|
349
373
|
if (pkey) {
|
|
350
|
-
pkey
|
|
351
|
-
pkey->type = pkey->ameth->pkey_id;
|
|
374
|
+
evp_pkey_set_method(pkey, ameth);
|
|
352
375
|
}
|
|
353
376
|
|
|
354
377
|
return 1;
|
|
@@ -75,7 +75,7 @@
|
|
|
75
75
|
typedef struct {
|
|
76
76
|
// message digest
|
|
77
77
|
const EVP_MD *md;
|
|
78
|
-
EC_GROUP *gen_group;
|
|
78
|
+
const EC_GROUP *gen_group;
|
|
79
79
|
} EC_PKEY_CTX;
|
|
80
80
|
|
|
81
81
|
|
|
@@ -111,7 +111,6 @@ static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx) {
|
|
|
111
111
|
return;
|
|
112
112
|
}
|
|
113
113
|
|
|
114
|
-
EC_GROUP_free(dctx->gen_group);
|
|
115
114
|
OPENSSL_free(dctx);
|
|
116
115
|
}
|
|
117
116
|
|
|
@@ -195,11 +194,10 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) {
|
|
|
195
194
|
return 1;
|
|
196
195
|
|
|
197
196
|
case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID: {
|
|
198
|
-
EC_GROUP *group = EC_GROUP_new_by_curve_name(p1);
|
|
197
|
+
const EC_GROUP *group = EC_GROUP_new_by_curve_name(p1);
|
|
199
198
|
if (group == NULL) {
|
|
200
199
|
return 0;
|
|
201
200
|
}
|
|
202
|
-
EC_GROUP_free(dctx->gen_group);
|
|
203
201
|
dctx->gen_group = group;
|
|
204
202
|
return 1;
|
|
205
203
|
}
|