grpc 1.56.2 → 1.57.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Makefile +29 -22
- data/include/grpc/event_engine/event_engine.h +22 -32
- data/include/grpc/impl/grpc_types.h +3 -0
- data/include/grpc/support/port_platform.h +29 -23
- data/src/core/ext/filters/client_channel/client_channel.cc +44 -8
- data/src/core/ext/filters/client_channel/dynamic_filters.h +3 -3
- data/src/core/ext/filters/client_channel/http_proxy.cc +5 -0
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +21 -52
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +19 -7
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +25 -35
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +78 -132
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +2 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +4 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +3 -1
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client.cc +38 -15
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client.h +3 -5
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client_internal.h +22 -6
- data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric_internal.h +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.cc +97 -71
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.h +2 -16
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +56 -11
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.h +25 -0
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +6 -32
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +4 -6
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +20 -79
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +31 -19
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +7 -41
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +3 -67
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +8 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +31 -74
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +7 -51
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +16 -87
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +16 -50
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_wrr_locality.cc +12 -74
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +1 -4
- data/src/core/ext/filters/client_channel/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +69 -59
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +7 -2
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +25 -13
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +366 -311
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +17 -1
- data/src/core/ext/filters/client_channel/retry_filter.cc +39 -2498
- data/src/core/ext/filters/client_channel/retry_filter.h +91 -1
- data/src/core/ext/filters/client_channel/retry_filter_legacy_call_data.cc +2052 -0
- data/src/core/ext/filters/client_channel/retry_filter_legacy_call_data.h +442 -0
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +38 -58
- data/src/core/ext/filters/client_channel/subchannel.h +3 -3
- data/src/core/ext/filters/client_channel/subchannel_interface_internal.h +3 -0
- data/src/core/ext/filters/rbac/rbac_filter.cc +40 -111
- data/src/core/ext/filters/rbac/rbac_filter.h +12 -30
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +162 -86
- data/src/core/ext/filters/stateful_session/stateful_session_filter.h +0 -6
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +7 -4
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +131 -186
- data/src/core/ext/transport/chttp2/transport/decode_huff.cc +6569 -174
- data/src/core/ext/transport/chttp2/transport/decode_huff.h +2278 -441
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +4 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +9 -8
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +3 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +8 -4
- data/src/core/ext/transport/chttp2/transport/parsing.cc +15 -3
- data/src/core/ext/transport/chttp2/transport/writing.cc +2 -3
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +27 -6
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +143 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +2 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +0 -39
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +13 -8
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +35 -6
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +17 -13
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +85 -20
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +26 -7
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +45 -3
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/metrics_service.upb.c +4 -3
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/metrics_service.upb.h +21 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +30 -6
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +180 -0
- data/src/core/ext/upb-generated/envoy/data/accesslog/v3/accesslog.upb.c +558 -0
- data/src/core/ext/upb-generated/envoy/data/accesslog/v3/accesslog.upb.h +2710 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +30 -11
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +53 -24
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +30 -5
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +110 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +41 -15
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +150 -27
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb.c +47 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb.h +93 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +88 -76
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +11 -12
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +0 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +162 -160
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +129 -118
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +141 -135
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/metrics_service.upbdefs.c +19 -12
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +38 -30
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/data/accesslog/v3/accesslog.upbdefs.c +402 -0
- data/src/core/ext/upbdefs-generated/envoy/data/accesslog/v3/accesslog.upbdefs.h +111 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +80 -74
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +63 -47
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +315 -293
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +29 -29
- data/src/core/ext/xds/xds_bootstrap_grpc.cc +33 -30
- data/src/core/ext/xds/xds_bootstrap_grpc.h +5 -13
- data/src/core/ext/xds/xds_client_grpc.cc +11 -6
- data/src/core/ext/xds/xds_client_grpc.h +16 -2
- data/src/core/ext/xds/xds_client_stats.h +10 -0
- data/src/core/ext/xds/xds_cluster.cc +26 -16
- data/src/core/ext/xds/xds_endpoint.cc +4 -7
- data/src/core/ext/xds/xds_health_status.cc +0 -17
- data/src/core/ext/xds/xds_health_status.h +5 -25
- data/src/core/ext/xds/xds_lb_policy_registry.cc +39 -0
- data/src/core/ext/xds/xds_route_config.cc +4 -0
- data/src/core/ext/xds/xds_transport_grpc.cc +1 -3
- data/src/core/lib/address_utils/parse_address.cc +63 -1
- data/src/core/lib/address_utils/parse_address.h +8 -0
- data/src/core/lib/address_utils/sockaddr_utils.cc +46 -1
- data/src/core/lib/address_utils/sockaddr_utils.h +2 -2
- data/src/core/lib/channel/channel_args.cc +21 -10
- data/src/core/lib/channel/channel_args.h +3 -0
- data/src/core/lib/channel/connected_channel.cc +4 -1
- data/src/core/lib/channel/promise_based_filter.h +1 -0
- data/src/core/lib/debug/trace.cc +1 -4
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +2 -1
- data/src/core/lib/event_engine/cf_engine/cf_engine.h +1 -1
- data/src/core/lib/event_engine/event_engine.cc +0 -12
- data/src/core/lib/event_engine/forkable.cc +47 -42
- data/src/core/lib/event_engine/handle_containers.h +0 -4
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +4 -6
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +4 -6
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +25 -11
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +3 -1
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +2 -1
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +8 -12
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +37 -27
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +2 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +4 -2
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +42 -2
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +6 -0
- data/src/core/lib/event_engine/posix_engine/timer.h +10 -37
- data/src/core/lib/event_engine/tcp_socket_utils.cc +67 -7
- data/src/core/lib/event_engine/tcp_socket_utils.h +3 -0
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +90 -37
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +32 -12
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +12 -21
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +8 -12
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +55 -54
- data/src/core/lib/event_engine/windows/windows_endpoint.h +15 -12
- data/src/core/lib/event_engine/windows/windows_engine.cc +2 -1
- data/src/core/lib/event_engine/windows/windows_engine.h +8 -12
- data/src/core/lib/experiments/config.cc +60 -22
- data/src/core/lib/experiments/config.h +20 -8
- data/src/core/lib/experiments/experiments.cc +278 -0
- data/src/core/lib/experiments/experiments.h +59 -1
- data/src/core/lib/gprpp/dual_ref_counted.h +9 -9
- data/src/core/lib/gprpp/fork.cc +8 -9
- data/src/core/lib/gprpp/fork.h +6 -5
- data/src/core/lib/gprpp/if_list.h +4530 -0
- data/src/core/lib/gprpp/orphanable.h +3 -3
- data/src/core/lib/gprpp/ref_counted.h +6 -6
- data/src/core/lib/gprpp/sorted_pack.h +3 -12
- data/src/core/lib/gprpp/status_helper.h +16 -15
- data/src/core/lib/gprpp/time.h +12 -0
- data/src/core/lib/gprpp/type_list.h +32 -0
- data/src/core/lib/http/httpcli.h +6 -9
- data/src/core/lib/iomgr/error.cc +32 -2
- data/src/core/lib/iomgr/error.h +9 -10
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +5 -7
- data/src/core/lib/iomgr/ev_poll_posix.cc +6 -5
- data/src/core/lib/iomgr/exec_ctx.h +11 -0
- data/src/core/lib/iomgr/pollset.h +4 -5
- data/src/core/lib/iomgr/port.h +10 -0
- data/src/core/lib/iomgr/resolve_address.cc +13 -1
- data/src/core/lib/iomgr/resolve_address.h +17 -3
- data/src/core/lib/iomgr/sockaddr_posix.h +7 -0
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +29 -0
- data/src/core/lib/iomgr/socket_utils_posix.cc +2 -0
- data/src/core/lib/iomgr/socket_utils_posix.h +6 -0
- data/src/core/lib/iomgr/tcp_client_posix.cc +4 -1
- data/src/core/lib/iomgr/tcp_posix.cc +21 -4
- data/src/core/lib/iomgr/tcp_server_posix.cc +3 -2
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +5 -2
- data/src/core/lib/iomgr/tcp_windows.cc +1 -3
- data/src/core/lib/iomgr/vsock.cc +59 -0
- data/src/core/lib/iomgr/vsock.h +38 -0
- data/src/core/lib/iomgr/wakeup_fd_posix.h +3 -6
- data/src/core/lib/load_balancing/delegating_helper.h +115 -0
- data/src/core/lib/load_balancing/lb_policy.h +20 -0
- data/src/core/lib/load_balancing/subchannel_interface.h +6 -0
- data/src/core/lib/promise/party.h +1 -1
- data/src/core/lib/resolver/resolver_factory.h +3 -2
- data/src/core/lib/resolver/server_address.cc +9 -94
- data/src/core/lib/resolver/server_address.h +10 -64
- data/src/core/lib/resource_quota/memory_quota.h +1 -1
- data/src/core/lib/security/credentials/channel_creds_registry.h +51 -27
- data/src/core/lib/security/credentials/channel_creds_registry_init.cc +169 -9
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +1 -1
- data/src/core/lib/security/credentials/composite/composite_credentials.h +3 -1
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +40 -1
- data/src/core/lib/security/credentials/external/external_account_credentials.h +6 -0
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +30 -38
- data/src/core/lib/security/credentials/fake/fake_credentials.h +28 -0
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +1 -1
- data/src/core/lib/security/credentials/tls/tls_credentials.h +3 -1
- data/src/core/lib/service_config/service_config_call_data.h +5 -0
- data/src/core/lib/slice/slice.h +16 -0
- data/src/core/lib/surface/call.cc +31 -29
- data/src/core/lib/surface/server.h +2 -2
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/metadata_batch.cc +7 -7
- data/src/core/lib/transport/metadata_batch.h +86 -48
- data/src/core/lib/transport/parsed_metadata.h +34 -20
- data/src/core/lib/transport/simple_slice_based_metadata.h +9 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +4 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +1 -2
- data/src/core/tsi/ssl_transport_security.cc +28 -7
- data/src/ruby/bin/math_pb.rb +24 -18
- data/src/ruby/ext/grpc/extconf.rb +19 -18
- data/src/ruby/ext/grpc/rb_call.c +62 -39
- data/src/ruby/ext/grpc/rb_call_credentials.c +0 -1
- data/src/ruby/ext/grpc/rb_channel.c +126 -49
- data/src/ruby/ext/grpc/rb_channel.h +1 -0
- data/src/ruby/ext/grpc/rb_channel_args.c +16 -2
- data/src/ruby/ext/grpc/rb_channel_args.h +4 -0
- data/src/ruby/ext/grpc/rb_channel_credentials.c +0 -1
- data/src/ruby/ext/grpc/rb_compression_options.c +0 -1
- data/src/ruby/ext/grpc/rb_event_thread.c +22 -6
- data/src/ruby/ext/grpc/rb_event_thread.h +1 -0
- data/src/ruby/ext/grpc/rb_grpc.c +192 -30
- data/src/ruby/ext/grpc/rb_grpc.h +8 -2
- data/src/ruby/ext/grpc/rb_server.c +62 -45
- data/src/ruby/ext/grpc/rb_server_credentials.c +0 -1
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +0 -1
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +0 -1
- data/src/ruby/lib/grpc/generic/bidi_call.rb +2 -0
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/grpc/health/v1/health_pb.rb +24 -13
- data/src/ruby/pb/src/proto/grpc/testing/empty_pb.rb +24 -3
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +25 -111
- data/src/ruby/pb/src/proto/grpc/testing/test_pb.rb +25 -2
- data/third_party/boringssl-with-bazel/err_data.c +552 -552
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +34 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +4 -1
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +19 -1
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +8 -1
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +28 -185
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +3 -7
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +49 -46
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_64_adx.c +18 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +2809 -7417
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +27 -5
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +20 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +110 -72
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_derive.c +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +15 -14
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +13 -10
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +35 -12
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +3 -7
- data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +7 -6
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +34 -72
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +12 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +5 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +12 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +17 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +51 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +5 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/builtin_curves.h +277 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +180 -404
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +24 -57
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +17 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +33 -71
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +18 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +5 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.c +15 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +9 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +24 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +11 -27
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +9 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/hkdf.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +40 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +21 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +38 -19
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +2 -29
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +55 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +33 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +3 -8
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +198 -79
- data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +5 -4
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -23
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +8 -5
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +7 -6
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/forkunsafe.c +6 -12
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/getentropy.c +48 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{fuchsia.c → ios.c} +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/{refcount_no_threads.c → rand_extra/trusty.c} +15 -19
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +41 -19
- data/third_party/boringssl-with-bazel/src/crypto/{refcount_c11.c → refcount.c} +11 -17
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +147 -72
- data/third_party/boringssl-with-bazel/src/crypto/thread_none.c +0 -8
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +6 -35
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +5 -26
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +14 -18
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +54 -143
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +7 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +8 -12
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +19 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +4 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +4 -119
- data/third_party/boringssl-with-bazel/src/include/openssl/asm_base.h +207 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +2 -116
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +0 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +5 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +0 -21
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +21 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +19 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +11 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +13 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +0 -61
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +127 -81
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +224 -209
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +154 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +1 -29
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +4 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +3 -2
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +9 -65
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +20 -20
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +4 -11
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +24 -18
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +37 -30
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +125 -26
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +2 -3
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_adx.h +691 -0
- data/third_party/upb/upb/collections/map.c +3 -3
- metadata +27 -12
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_attributes.cc +0 -42
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_attributes.h +0 -64
- data/src/core/ext/transport/chttp2/transport/stream_map.cc +0 -177
- data/src/core/ext/transport/chttp2/transport/stream_map.h +0 -68
- data/third_party/boringssl-with-bazel/src/crypto/refcount_win.c +0 -89
|
@@ -62,17 +62,13 @@ typedef struct {
|
|
|
62
62
|
|
|
63
63
|
static const uint8_t kDefaultAdditionalData[32] = {0};
|
|
64
64
|
|
|
65
|
-
static int pmbtoken_init_method(PMBTOKEN_METHOD *method,
|
|
65
|
+
static int pmbtoken_init_method(PMBTOKEN_METHOD *method, const EC_GROUP *group,
|
|
66
66
|
const uint8_t *h_bytes, size_t h_len,
|
|
67
67
|
hash_t_func_t hash_t, hash_s_func_t hash_s,
|
|
68
68
|
hash_c_func_t hash_c,
|
|
69
69
|
hash_to_scalar_func_t hash_to_scalar,
|
|
70
70
|
int prefix_point) {
|
|
71
|
-
method->group =
|
|
72
|
-
if (method->group == NULL) {
|
|
73
|
-
return 0;
|
|
74
|
-
}
|
|
75
|
-
|
|
71
|
+
method->group = group;
|
|
76
72
|
method->hash_t = hash_t;
|
|
77
73
|
method->hash_s = hash_s;
|
|
78
74
|
method->hash_c = hash_c;
|
|
@@ -86,7 +82,7 @@ static int pmbtoken_init_method(PMBTOKEN_METHOD *method, int curve_nid,
|
|
|
86
82
|
ec_affine_to_jacobian(method->group, &method->h, &h);
|
|
87
83
|
|
|
88
84
|
if (!ec_init_precomp(method->group, &method->g_precomp,
|
|
89
|
-
&method->group->generator
|
|
85
|
+
&method->group->generator.raw) ||
|
|
90
86
|
!ec_init_precomp(method->group, &method->h_precomp, &method->h)) {
|
|
91
87
|
return 0;
|
|
92
88
|
}
|
|
@@ -160,7 +156,7 @@ static int cbs_get_prefixed_point(CBS *cbs, const EC_GROUP *group,
|
|
|
160
156
|
return 0;
|
|
161
157
|
}
|
|
162
158
|
} else {
|
|
163
|
-
size_t plen =
|
|
159
|
+
size_t plen = ec_point_byte_len(group, POINT_CONVERSION_UNCOMPRESSED);
|
|
164
160
|
if (!CBS_get_bytes(cbs, &child, plen)) {
|
|
165
161
|
return 0;
|
|
166
162
|
}
|
|
@@ -201,7 +197,7 @@ static int pmbtoken_compute_keys(const PMBTOKEN_METHOD *method,
|
|
|
201
197
|
}
|
|
202
198
|
|
|
203
199
|
const EC_SCALAR *scalars[] = {x0, y0, x1, y1, xs, ys};
|
|
204
|
-
size_t scalar_len = BN_num_bytes(
|
|
200
|
+
size_t scalar_len = BN_num_bytes(EC_GROUP_get0_order(group));
|
|
205
201
|
for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(scalars); i++) {
|
|
206
202
|
uint8_t *buf;
|
|
207
203
|
if (!CBB_add_space(out_private, &buf, scalar_len)) {
|
|
@@ -290,7 +286,7 @@ static int pmbtoken_issuer_key_from_bytes(const PMBTOKEN_METHOD *method,
|
|
|
290
286
|
const EC_GROUP *group = method->group;
|
|
291
287
|
CBS cbs, tmp;
|
|
292
288
|
CBS_init(&cbs, in, len);
|
|
293
|
-
size_t scalar_len = BN_num_bytes(
|
|
289
|
+
size_t scalar_len = BN_num_bytes(EC_GROUP_get0_order(group));
|
|
294
290
|
EC_SCALAR *scalars[] = {&key->x0, &key->y0, &key->x1,
|
|
295
291
|
&key->y1, &key->xs, &key->ys};
|
|
296
292
|
for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(scalars); i++) {
|
|
@@ -390,7 +386,7 @@ err:
|
|
|
390
386
|
static int scalar_to_cbb(CBB *out, const EC_GROUP *group,
|
|
391
387
|
const EC_SCALAR *scalar) {
|
|
392
388
|
uint8_t *buf;
|
|
393
|
-
size_t scalar_len = BN_num_bytes(
|
|
389
|
+
size_t scalar_len = BN_num_bytes(EC_GROUP_get0_order(group));
|
|
394
390
|
if (!CBB_add_space(out, &buf, scalar_len)) {
|
|
395
391
|
return 0;
|
|
396
392
|
}
|
|
@@ -399,7 +395,7 @@ static int scalar_to_cbb(CBB *out, const EC_GROUP *group,
|
|
|
399
395
|
}
|
|
400
396
|
|
|
401
397
|
static int scalar_from_cbs(CBS *cbs, const EC_GROUP *group, EC_SCALAR *out) {
|
|
402
|
-
size_t scalar_len = BN_num_bytes(
|
|
398
|
+
size_t scalar_len = BN_num_bytes(EC_GROUP_get0_order(group));
|
|
403
399
|
CBS tmp;
|
|
404
400
|
if (!CBS_get_bytes(cbs, &tmp, scalar_len)) {
|
|
405
401
|
OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE);
|
|
@@ -679,7 +675,7 @@ static int dleq_verify(const PMBTOKEN_METHOD *method, CBS *cbs,
|
|
|
679
675
|
const EC_JACOBIAN *S, const EC_JACOBIAN *W,
|
|
680
676
|
const EC_JACOBIAN *Ws) {
|
|
681
677
|
const EC_GROUP *group = method->group;
|
|
682
|
-
const EC_JACOBIAN *g = &group->generator
|
|
678
|
+
const EC_JACOBIAN *g = &group->generator.raw;
|
|
683
679
|
|
|
684
680
|
// We verify a DLEQ proof for the validity token and a DLEQOR2 proof for the
|
|
685
681
|
// private metadata token. To allow amortizing Jacobian-to-affine conversions,
|
|
@@ -912,7 +908,7 @@ static int pmbtoken_sign(const PMBTOKEN_METHOD *method,
|
|
|
912
908
|
}
|
|
913
909
|
|
|
914
910
|
// Skip over any unused requests.
|
|
915
|
-
size_t point_len =
|
|
911
|
+
size_t point_len = ec_point_byte_len(group, POINT_CONVERSION_UNCOMPRESSED);
|
|
916
912
|
size_t token_len = point_len;
|
|
917
913
|
if (method->prefix_point) {
|
|
918
914
|
token_len += 2;
|
|
@@ -1015,7 +1011,7 @@ static STACK_OF(TRUST_TOKEN) *pmbtoken_unblind(
|
|
|
1015
1011
|
// Serialize the token. Include |key_id| to avoid an extra copy in the layer
|
|
1016
1012
|
// above.
|
|
1017
1013
|
CBB token_cbb;
|
|
1018
|
-
size_t point_len =
|
|
1014
|
+
size_t point_len = ec_point_byte_len(group, POINT_CONVERSION_UNCOMPRESSED);
|
|
1019
1015
|
if (!CBB_init(&token_cbb,
|
|
1020
1016
|
4 + TRUST_TOKEN_NONCE_SIZE + 3 * (2 + point_len)) ||
|
|
1021
1017
|
!CBB_add_u32(&token_cbb, key_id) ||
|
|
@@ -1230,7 +1226,7 @@ static void pmbtoken_exp1_init_method_impl(void) {
|
|
|
1230
1226
|
};
|
|
1231
1227
|
|
|
1232
1228
|
pmbtoken_exp1_ok = pmbtoken_init_method(
|
|
1233
|
-
&pmbtoken_exp1_method,
|
|
1229
|
+
&pmbtoken_exp1_method, EC_group_p384(), kH, sizeof(kH),
|
|
1234
1230
|
pmbtoken_exp1_hash_t, pmbtoken_exp1_hash_s, pmbtoken_exp1_hash_c,
|
|
1235
1231
|
pmbtoken_exp1_hash_to_scalar, 1);
|
|
1236
1232
|
}
|
|
@@ -1403,7 +1399,7 @@ static void pmbtoken_exp2_init_method_impl(void) {
|
|
|
1403
1399
|
};
|
|
1404
1400
|
|
|
1405
1401
|
pmbtoken_exp2_ok = pmbtoken_init_method(
|
|
1406
|
-
&pmbtoken_exp2_method,
|
|
1402
|
+
&pmbtoken_exp2_method, EC_group_p384(), kH, sizeof(kH),
|
|
1407
1403
|
pmbtoken_exp2_hash_t, pmbtoken_exp2_hash_s, pmbtoken_exp2_hash_c,
|
|
1408
1404
|
pmbtoken_exp2_hash_to_scalar, 0);
|
|
1409
1405
|
}
|
|
@@ -1577,7 +1573,7 @@ static void pmbtoken_pst1_init_method_impl(void) {
|
|
|
1577
1573
|
};
|
|
1578
1574
|
|
|
1579
1575
|
pmbtoken_pst1_ok = pmbtoken_init_method(
|
|
1580
|
-
&pmbtoken_pst1_method,
|
|
1576
|
+
&pmbtoken_pst1_method, EC_group_p384(), kH, sizeof(kH),
|
|
1581
1577
|
pmbtoken_pst1_hash_t, pmbtoken_pst1_hash_s, pmbtoken_pst1_hash_c,
|
|
1582
1578
|
pmbtoken_pst1_hash_to_scalar, 0);
|
|
1583
1579
|
}
|
|
@@ -35,7 +35,7 @@ typedef int (*hash_to_scalar_func_t)(const EC_GROUP *group, EC_SCALAR *out,
|
|
|
35
35
|
uint8_t *buf, size_t len);
|
|
36
36
|
|
|
37
37
|
typedef struct {
|
|
38
|
-
const EC_GROUP *
|
|
38
|
+
const EC_GROUP *(*group_func)(void);
|
|
39
39
|
|
|
40
40
|
// hash_to_group implements the HashToGroup operation for VOPRFs. It returns
|
|
41
41
|
// one on success and zero on error.
|
|
@@ -47,20 +47,6 @@ typedef struct {
|
|
|
47
47
|
|
|
48
48
|
static const uint8_t kDefaultAdditionalData[32] = {0};
|
|
49
49
|
|
|
50
|
-
static int voprf_init_method(VOPRF_METHOD *method, int curve_nid,
|
|
51
|
-
hash_to_group_func_t hash_to_group,
|
|
52
|
-
hash_to_scalar_func_t hash_to_scalar) {
|
|
53
|
-
method->group = EC_GROUP_new_by_curve_name(curve_nid);
|
|
54
|
-
if (method->group == NULL) {
|
|
55
|
-
return 0;
|
|
56
|
-
}
|
|
57
|
-
|
|
58
|
-
method->hash_to_group = hash_to_group;
|
|
59
|
-
method->hash_to_scalar = hash_to_scalar;
|
|
60
|
-
|
|
61
|
-
return 1;
|
|
62
|
-
}
|
|
63
|
-
|
|
64
50
|
static int cbb_add_point(CBB *out, const EC_GROUP *group,
|
|
65
51
|
const EC_AFFINE *point) {
|
|
66
52
|
uint8_t *p;
|
|
@@ -83,7 +69,7 @@ static int cbb_serialize_point(CBB *out, const EC_GROUP *group,
|
|
|
83
69
|
|
|
84
70
|
static int cbs_get_point(CBS *cbs, const EC_GROUP *group, EC_AFFINE *out) {
|
|
85
71
|
CBS child;
|
|
86
|
-
size_t plen =
|
|
72
|
+
size_t plen = ec_point_byte_len(group, POINT_CONVERSION_UNCOMPRESSED);
|
|
87
73
|
if (!CBS_get_bytes(cbs, &child, plen) ||
|
|
88
74
|
!ec_point_from_uncompressed(group, out, CBS_data(&child),
|
|
89
75
|
CBS_len(&child))) {
|
|
@@ -95,7 +81,7 @@ static int cbs_get_point(CBS *cbs, const EC_GROUP *group, EC_AFFINE *out) {
|
|
|
95
81
|
static int scalar_to_cbb(CBB *out, const EC_GROUP *group,
|
|
96
82
|
const EC_SCALAR *scalar) {
|
|
97
83
|
uint8_t *buf;
|
|
98
|
-
size_t scalar_len = BN_num_bytes(
|
|
84
|
+
size_t scalar_len = BN_num_bytes(EC_GROUP_get0_order(group));
|
|
99
85
|
if (!CBB_add_space(out, &buf, scalar_len)) {
|
|
100
86
|
return 0;
|
|
101
87
|
}
|
|
@@ -104,7 +90,7 @@ static int scalar_to_cbb(CBB *out, const EC_GROUP *group,
|
|
|
104
90
|
}
|
|
105
91
|
|
|
106
92
|
static int scalar_from_cbs(CBS *cbs, const EC_GROUP *group, EC_SCALAR *out) {
|
|
107
|
-
size_t scalar_len = BN_num_bytes(
|
|
93
|
+
size_t scalar_len = BN_num_bytes(EC_GROUP_get0_order(group));
|
|
108
94
|
CBS tmp;
|
|
109
95
|
if (!CBS_get_bytes(cbs, &tmp, scalar_len)) {
|
|
110
96
|
OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE);
|
|
@@ -117,7 +103,7 @@ static int scalar_from_cbs(CBS *cbs, const EC_GROUP *group, EC_SCALAR *out) {
|
|
|
117
103
|
|
|
118
104
|
static int voprf_calculate_key(const VOPRF_METHOD *method, CBB *out_private,
|
|
119
105
|
CBB *out_public, const EC_SCALAR *priv) {
|
|
120
|
-
const EC_GROUP *group = method->
|
|
106
|
+
const EC_GROUP *group = method->group_func();
|
|
121
107
|
EC_JACOBIAN pub;
|
|
122
108
|
EC_AFFINE pub_affine;
|
|
123
109
|
if (!ec_point_mul_scalar_base(group, &pub, priv) ||
|
|
@@ -139,7 +125,8 @@ static int voprf_calculate_key(const VOPRF_METHOD *method, CBB *out_private,
|
|
|
139
125
|
static int voprf_generate_key(const VOPRF_METHOD *method, CBB *out_private,
|
|
140
126
|
CBB *out_public) {
|
|
141
127
|
EC_SCALAR priv;
|
|
142
|
-
if (!ec_random_nonzero_scalar(method->
|
|
128
|
+
if (!ec_random_nonzero_scalar(method->group_func(), &priv,
|
|
129
|
+
kDefaultAdditionalData)) {
|
|
143
130
|
OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_KEYGEN_FAILURE);
|
|
144
131
|
return 0;
|
|
145
132
|
}
|
|
@@ -162,7 +149,7 @@ static int voprf_derive_key_from_secret(const VOPRF_METHOD *method,
|
|
|
162
149
|
!CBB_add_bytes(&cbb, kKeygenLabel, sizeof(kKeygenLabel)) ||
|
|
163
150
|
!CBB_add_bytes(&cbb, secret, secret_len) ||
|
|
164
151
|
!CBB_finish(&cbb, &buf, &len) ||
|
|
165
|
-
!method->hash_to_scalar(method->
|
|
152
|
+
!method->hash_to_scalar(method->group_func(), &priv, buf, len)) {
|
|
166
153
|
OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_KEYGEN_FAILURE);
|
|
167
154
|
goto err;
|
|
168
155
|
}
|
|
@@ -178,7 +165,7 @@ err:
|
|
|
178
165
|
static int voprf_client_key_from_bytes(const VOPRF_METHOD *method,
|
|
179
166
|
TRUST_TOKEN_CLIENT_KEY *key,
|
|
180
167
|
const uint8_t *in, size_t len) {
|
|
181
|
-
const EC_GROUP *group = method->
|
|
168
|
+
const EC_GROUP *group = method->group_func();
|
|
182
169
|
if (!ec_point_from_uncompressed(group, &key->pubs, in, len)) {
|
|
183
170
|
OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE);
|
|
184
171
|
return 0;
|
|
@@ -190,7 +177,7 @@ static int voprf_client_key_from_bytes(const VOPRF_METHOD *method,
|
|
|
190
177
|
static int voprf_issuer_key_from_bytes(const VOPRF_METHOD *method,
|
|
191
178
|
TRUST_TOKEN_ISSUER_KEY *key,
|
|
192
179
|
const uint8_t *in, size_t len) {
|
|
193
|
-
const EC_GROUP *group = method->
|
|
180
|
+
const EC_GROUP *group = method->group_func();
|
|
194
181
|
if (!ec_scalar_from_bytes(group, &key->xs, in, len)) {
|
|
195
182
|
OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE);
|
|
196
183
|
return 0;
|
|
@@ -213,7 +200,7 @@ static STACK_OF(TRUST_TOKEN_PRETOKEN) *voprf_blind(const VOPRF_METHOD *method,
|
|
|
213
200
|
size_t msg_len) {
|
|
214
201
|
SHA512_CTX hash_ctx;
|
|
215
202
|
|
|
216
|
-
const EC_GROUP *group = method->
|
|
203
|
+
const EC_GROUP *group = method->group_func();
|
|
217
204
|
STACK_OF(TRUST_TOKEN_PRETOKEN) *pretokens =
|
|
218
205
|
sk_TRUST_TOKEN_PRETOKEN_new_null();
|
|
219
206
|
if (pretokens == NULL) {
|
|
@@ -280,6 +267,7 @@ static int hash_to_scalar_dleq(const VOPRF_METHOD *method, EC_SCALAR *out,
|
|
|
280
267
|
const EC_AFFINE *K1) {
|
|
281
268
|
static const uint8_t kDLEQLabel[] = "DLEQ";
|
|
282
269
|
|
|
270
|
+
const EC_GROUP *group = method->group_func();
|
|
283
271
|
int ok = 0;
|
|
284
272
|
CBB cbb;
|
|
285
273
|
CBB_zero(&cbb);
|
|
@@ -287,13 +275,13 @@ static int hash_to_scalar_dleq(const VOPRF_METHOD *method, EC_SCALAR *out,
|
|
|
287
275
|
size_t len;
|
|
288
276
|
if (!CBB_init(&cbb, 0) ||
|
|
289
277
|
!CBB_add_bytes(&cbb, kDLEQLabel, sizeof(kDLEQLabel)) ||
|
|
290
|
-
!cbb_add_point(&cbb,
|
|
291
|
-
!cbb_add_point(&cbb,
|
|
292
|
-
!cbb_add_point(&cbb,
|
|
293
|
-
!cbb_add_point(&cbb,
|
|
294
|
-
!cbb_add_point(&cbb,
|
|
278
|
+
!cbb_add_point(&cbb, group, X) ||
|
|
279
|
+
!cbb_add_point(&cbb, group, T) ||
|
|
280
|
+
!cbb_add_point(&cbb, group, W) ||
|
|
281
|
+
!cbb_add_point(&cbb, group, K0) ||
|
|
282
|
+
!cbb_add_point(&cbb, group, K1) ||
|
|
295
283
|
!CBB_finish(&cbb, &buf, &len) ||
|
|
296
|
-
!method->hash_to_scalar(
|
|
284
|
+
!method->hash_to_scalar(group, out, buf, len)) {
|
|
297
285
|
goto err;
|
|
298
286
|
}
|
|
299
287
|
|
|
@@ -311,18 +299,19 @@ static int hash_to_scalar_challenge(const VOPRF_METHOD *method, EC_SCALAR *out,
|
|
|
311
299
|
const EC_AFFINE *a3) {
|
|
312
300
|
static const uint8_t kChallengeLabel[] = "Challenge";
|
|
313
301
|
|
|
302
|
+
const EC_GROUP *group = method->group_func();
|
|
314
303
|
CBB cbb;
|
|
315
304
|
uint8_t transcript[5 * EC_MAX_COMPRESSED + 2 + sizeof(kChallengeLabel) - 1];
|
|
316
305
|
size_t len;
|
|
317
306
|
if (!CBB_init_fixed(&cbb, transcript, sizeof(transcript)) ||
|
|
318
|
-
!cbb_serialize_point(&cbb,
|
|
319
|
-
!cbb_serialize_point(&cbb,
|
|
320
|
-
!cbb_serialize_point(&cbb,
|
|
321
|
-
!cbb_serialize_point(&cbb,
|
|
322
|
-
!cbb_serialize_point(&cbb,
|
|
307
|
+
!cbb_serialize_point(&cbb, group, Bm) ||
|
|
308
|
+
!cbb_serialize_point(&cbb, group, a0) ||
|
|
309
|
+
!cbb_serialize_point(&cbb, group, a1) ||
|
|
310
|
+
!cbb_serialize_point(&cbb, group, a2) ||
|
|
311
|
+
!cbb_serialize_point(&cbb, group, a3) ||
|
|
323
312
|
!CBB_add_bytes(&cbb, kChallengeLabel, sizeof(kChallengeLabel) - 1) ||
|
|
324
313
|
!CBB_finish(&cbb, NULL, &len) ||
|
|
325
|
-
!method->hash_to_scalar(
|
|
314
|
+
!method->hash_to_scalar(group, out, transcript, len)) {
|
|
326
315
|
return 0;
|
|
327
316
|
}
|
|
328
317
|
|
|
@@ -348,7 +337,7 @@ static int hash_to_scalar_batch(const VOPRF_METHOD *method, EC_SCALAR *out,
|
|
|
348
337
|
!CBB_add_bytes(&cbb, CBB_data(points), CBB_len(points)) ||
|
|
349
338
|
!CBB_add_u16(&cbb, (uint16_t)index) ||
|
|
350
339
|
!CBB_finish(&cbb, &buf, &len) ||
|
|
351
|
-
!method->hash_to_scalar(method->
|
|
340
|
+
!method->hash_to_scalar(method->group_func(), out, buf, len)) {
|
|
352
341
|
goto err;
|
|
353
342
|
}
|
|
354
343
|
|
|
@@ -363,7 +352,7 @@ err:
|
|
|
363
352
|
static int dleq_generate(const VOPRF_METHOD *method, CBB *cbb,
|
|
364
353
|
const TRUST_TOKEN_ISSUER_KEY *priv,
|
|
365
354
|
const EC_JACOBIAN *T, const EC_JACOBIAN *W) {
|
|
366
|
-
const EC_GROUP *group = method->
|
|
355
|
+
const EC_GROUP *group = method->group_func();
|
|
367
356
|
|
|
368
357
|
enum {
|
|
369
358
|
idx_T,
|
|
@@ -429,7 +418,7 @@ static int mul_public_2(const EC_GROUP *group, EC_JACOBIAN *out,
|
|
|
429
418
|
static int dleq_verify(const VOPRF_METHOD *method, CBS *cbs,
|
|
430
419
|
const TRUST_TOKEN_CLIENT_KEY *pub, const EC_JACOBIAN *T,
|
|
431
420
|
const EC_JACOBIAN *W) {
|
|
432
|
-
const EC_GROUP *group = method->
|
|
421
|
+
const EC_GROUP *group = method->group_func();
|
|
433
422
|
|
|
434
423
|
|
|
435
424
|
enum {
|
|
@@ -488,7 +477,7 @@ static int dleq_verify(const VOPRF_METHOD *method, CBS *cbs,
|
|
|
488
477
|
static int voprf_sign_tt(const VOPRF_METHOD *method,
|
|
489
478
|
const TRUST_TOKEN_ISSUER_KEY *key, CBB *cbb, CBS *cbs,
|
|
490
479
|
size_t num_requested, size_t num_to_issue) {
|
|
491
|
-
const EC_GROUP *group = method->
|
|
480
|
+
const EC_GROUP *group = method->group_func();
|
|
492
481
|
if (num_requested < num_to_issue) {
|
|
493
482
|
OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_INTERNAL_ERROR);
|
|
494
483
|
return 0;
|
|
@@ -510,7 +499,7 @@ static int voprf_sign_tt(const VOPRF_METHOD *method,
|
|
|
510
499
|
!Zs ||
|
|
511
500
|
!es ||
|
|
512
501
|
!CBB_init(&batch_cbb, 0) ||
|
|
513
|
-
!cbb_add_point(&batch_cbb,
|
|
502
|
+
!cbb_add_point(&batch_cbb, group, &key->pubs)) {
|
|
514
503
|
goto err;
|
|
515
504
|
}
|
|
516
505
|
|
|
@@ -567,7 +556,7 @@ static int voprf_sign_tt(const VOPRF_METHOD *method,
|
|
|
567
556
|
}
|
|
568
557
|
|
|
569
558
|
// Skip over any unused requests.
|
|
570
|
-
size_t point_len =
|
|
559
|
+
size_t point_len = ec_point_byte_len(group, POINT_CONVERSION_UNCOMPRESSED);
|
|
571
560
|
if (!CBS_skip(cbs, point_len * (num_requested - num_to_issue))) {
|
|
572
561
|
OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE);
|
|
573
562
|
goto err;
|
|
@@ -587,7 +576,7 @@ static STACK_OF(TRUST_TOKEN) *voprf_unblind_tt(
|
|
|
587
576
|
const VOPRF_METHOD *method, const TRUST_TOKEN_CLIENT_KEY *key,
|
|
588
577
|
const STACK_OF(TRUST_TOKEN_PRETOKEN) *pretokens, CBS *cbs, size_t count,
|
|
589
578
|
uint32_t key_id) {
|
|
590
|
-
const EC_GROUP *group = method->
|
|
579
|
+
const EC_GROUP *group = method->group_func();
|
|
591
580
|
if (count > sk_TRUST_TOKEN_PRETOKEN_num(pretokens)) {
|
|
592
581
|
OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE);
|
|
593
582
|
return NULL;
|
|
@@ -611,7 +600,7 @@ static STACK_OF(TRUST_TOKEN) *voprf_unblind_tt(
|
|
|
611
600
|
Zs == NULL ||
|
|
612
601
|
es == NULL ||
|
|
613
602
|
!CBB_init(&batch_cbb, 0) ||
|
|
614
|
-
!cbb_add_point(&batch_cbb,
|
|
603
|
+
!cbb_add_point(&batch_cbb, group, &key->pubs)) {
|
|
615
604
|
goto err;
|
|
616
605
|
}
|
|
617
606
|
|
|
@@ -645,7 +634,7 @@ static STACK_OF(TRUST_TOKEN) *voprf_unblind_tt(
|
|
|
645
634
|
// Serialize the token. Include |key_id| to avoid an extra copy in the layer
|
|
646
635
|
// above.
|
|
647
636
|
CBB token_cbb;
|
|
648
|
-
size_t point_len =
|
|
637
|
+
size_t point_len = ec_point_byte_len(group, POINT_CONVERSION_UNCOMPRESSED);
|
|
649
638
|
if (!CBB_init(&token_cbb, 4 + TRUST_TOKEN_NONCE_SIZE + (2 + point_len)) ||
|
|
650
639
|
!CBB_add_u32(&token_cbb, key_id) ||
|
|
651
640
|
!CBB_add_bytes(&token_cbb, pretoken->salt, TRUST_TOKEN_NONCE_SIZE) ||
|
|
@@ -721,7 +710,7 @@ static void sha384_update_point_with_length(
|
|
|
721
710
|
static int compute_composite_seed(const VOPRF_METHOD *method,
|
|
722
711
|
uint8_t out[SHA384_DIGEST_LENGTH],
|
|
723
712
|
const EC_AFFINE *pub) {
|
|
724
|
-
const EC_GROUP *group = method->
|
|
713
|
+
const EC_GROUP *group = method->group_func();
|
|
725
714
|
static const uint8_t kSeedDST[] = "Seed-OPRFV1-\x01-P384-SHA384";
|
|
726
715
|
|
|
727
716
|
SHA512_CTX hash_ctx;
|
|
@@ -739,7 +728,7 @@ static int compute_composite_element(const VOPRF_METHOD *method,
|
|
|
739
728
|
EC_SCALAR *di, size_t index,
|
|
740
729
|
const EC_AFFINE *C, const EC_AFFINE *D) {
|
|
741
730
|
static const uint8_t kCompositeLabel[] = "Composite";
|
|
742
|
-
const EC_GROUP *group = method->
|
|
731
|
+
const EC_GROUP *group = method->group_func();
|
|
743
732
|
|
|
744
733
|
if (index > UINT16_MAX) {
|
|
745
734
|
return 0;
|
|
@@ -758,7 +747,7 @@ static int compute_composite_element(const VOPRF_METHOD *method,
|
|
|
758
747
|
!CBB_add_bytes(&cbb, kCompositeLabel,
|
|
759
748
|
sizeof(kCompositeLabel) - 1) ||
|
|
760
749
|
!CBB_finish(&cbb, NULL, &len) ||
|
|
761
|
-
!method->hash_to_scalar(
|
|
750
|
+
!method->hash_to_scalar(group, di, transcript, len)) {
|
|
762
751
|
return 0;
|
|
763
752
|
}
|
|
764
753
|
|
|
@@ -769,7 +758,7 @@ static int generate_proof(const VOPRF_METHOD *method, CBB *cbb,
|
|
|
769
758
|
const TRUST_TOKEN_ISSUER_KEY *priv,
|
|
770
759
|
const EC_SCALAR *r, const EC_JACOBIAN *M,
|
|
771
760
|
const EC_JACOBIAN *Z) {
|
|
772
|
-
const EC_GROUP *group = method->
|
|
761
|
+
const EC_GROUP *group = method->group_func();
|
|
773
762
|
|
|
774
763
|
enum {
|
|
775
764
|
idx_M,
|
|
@@ -820,7 +809,7 @@ static int generate_proof(const VOPRF_METHOD *method, CBB *cbb,
|
|
|
820
809
|
static int verify_proof(const VOPRF_METHOD *method, CBS *cbs,
|
|
821
810
|
const TRUST_TOKEN_CLIENT_KEY *pub,
|
|
822
811
|
const EC_JACOBIAN *M, const EC_JACOBIAN *Z) {
|
|
823
|
-
const EC_GROUP *group = method->
|
|
812
|
+
const EC_GROUP *group = method->group_func();
|
|
824
813
|
|
|
825
814
|
enum {
|
|
826
815
|
idx_M,
|
|
@@ -873,7 +862,7 @@ static int voprf_sign_impl(const VOPRF_METHOD *method,
|
|
|
873
862
|
const TRUST_TOKEN_ISSUER_KEY *key, CBB *cbb,
|
|
874
863
|
CBS *cbs, size_t num_requested, size_t num_to_issue,
|
|
875
864
|
const EC_SCALAR *proof_scalar) {
|
|
876
|
-
const EC_GROUP *group = method->
|
|
865
|
+
const EC_GROUP *group = method->group_func();
|
|
877
866
|
if (num_requested < num_to_issue) {
|
|
878
867
|
OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_INTERNAL_ERROR);
|
|
879
868
|
return 0;
|
|
@@ -944,7 +933,7 @@ static int voprf_sign_impl(const VOPRF_METHOD *method,
|
|
|
944
933
|
}
|
|
945
934
|
|
|
946
935
|
// Skip over any unused requests.
|
|
947
|
-
size_t point_len =
|
|
936
|
+
size_t point_len = ec_point_byte_len(group, POINT_CONVERSION_UNCOMPRESSED);
|
|
948
937
|
if (!CBS_skip(cbs, point_len * (num_requested - num_to_issue))) {
|
|
949
938
|
OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE);
|
|
950
939
|
goto err;
|
|
@@ -963,7 +952,7 @@ static int voprf_sign(const VOPRF_METHOD *method,
|
|
|
963
952
|
const TRUST_TOKEN_ISSUER_KEY *key, CBB *cbb, CBS *cbs,
|
|
964
953
|
size_t num_requested, size_t num_to_issue) {
|
|
965
954
|
EC_SCALAR proof_scalar;
|
|
966
|
-
if (!ec_random_nonzero_scalar(method->
|
|
955
|
+
if (!ec_random_nonzero_scalar(method->group_func(), &proof_scalar,
|
|
967
956
|
kDefaultAdditionalData)) {
|
|
968
957
|
return 0;
|
|
969
958
|
}
|
|
@@ -977,8 +966,8 @@ static int voprf_sign_with_proof_scalar_for_testing(
|
|
|
977
966
|
CBS *cbs, size_t num_requested, size_t num_to_issue,
|
|
978
967
|
const uint8_t *proof_scalar_buf, size_t proof_scalar_len) {
|
|
979
968
|
EC_SCALAR proof_scalar;
|
|
980
|
-
if (!ec_scalar_from_bytes(method->
|
|
981
|
-
proof_scalar_len)) {
|
|
969
|
+
if (!ec_scalar_from_bytes(method->group_func(), &proof_scalar,
|
|
970
|
+
proof_scalar_buf, proof_scalar_len)) {
|
|
982
971
|
return 0;
|
|
983
972
|
}
|
|
984
973
|
return voprf_sign_impl(method, key, cbb, cbs, num_requested, num_to_issue,
|
|
@@ -989,7 +978,7 @@ static STACK_OF(TRUST_TOKEN) *voprf_unblind(
|
|
|
989
978
|
const VOPRF_METHOD *method, const TRUST_TOKEN_CLIENT_KEY *key,
|
|
990
979
|
const STACK_OF(TRUST_TOKEN_PRETOKEN) *pretokens, CBS *cbs, size_t count,
|
|
991
980
|
uint32_t key_id) {
|
|
992
|
-
const EC_GROUP *group = method->
|
|
981
|
+
const EC_GROUP *group = method->group_func();
|
|
993
982
|
if (count > sk_TRUST_TOKEN_PRETOKEN_num(pretokens)) {
|
|
994
983
|
OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE);
|
|
995
984
|
return NULL;
|
|
@@ -1044,7 +1033,7 @@ static STACK_OF(TRUST_TOKEN) *voprf_unblind(
|
|
|
1044
1033
|
// Serialize the token. Include |key_id| to avoid an extra copy in the layer
|
|
1045
1034
|
// above.
|
|
1046
1035
|
CBB token_cbb;
|
|
1047
|
-
size_t point_len =
|
|
1036
|
+
size_t point_len = ec_point_byte_len(group, POINT_CONVERSION_UNCOMPRESSED);
|
|
1048
1037
|
if (!CBB_init(&token_cbb, 4 + TRUST_TOKEN_NONCE_SIZE + (2 + point_len)) ||
|
|
1049
1038
|
!CBB_add_u32(&token_cbb, key_id) ||
|
|
1050
1039
|
!CBB_add_bytes(&token_cbb, pretoken->salt, TRUST_TOKEN_NONCE_SIZE) ||
|
|
@@ -1099,7 +1088,7 @@ static int voprf_read(const VOPRF_METHOD *method,
|
|
|
1099
1088
|
uint8_t out_nonce[TRUST_TOKEN_NONCE_SIZE],
|
|
1100
1089
|
const uint8_t *token, size_t token_len,
|
|
1101
1090
|
int include_message, const uint8_t *msg, size_t msg_len) {
|
|
1102
|
-
const EC_GROUP *group = method->
|
|
1091
|
+
const EC_GROUP *group = method->group_func();
|
|
1103
1092
|
CBS cbs, salt;
|
|
1104
1093
|
CBS_init(&cbs, token, token_len);
|
|
1105
1094
|
EC_AFFINE Ws;
|
|
@@ -1154,57 +1143,27 @@ static int voprf_exp2_hash_to_scalar(const EC_GROUP *group, EC_SCALAR *out,
|
|
|
1154
1143
|
group, out, kHashCLabel, sizeof(kHashCLabel), buf, len);
|
|
1155
1144
|
}
|
|
1156
1145
|
|
|
1157
|
-
static
|
|
1158
|
-
|
|
1159
|
-
static CRYPTO_once_t voprf_exp2_method_once = CRYPTO_ONCE_INIT;
|
|
1160
|
-
|
|
1161
|
-
static void voprf_exp2_init_method_impl(void) {
|
|
1162
|
-
voprf_exp2_ok =
|
|
1163
|
-
voprf_init_method(&voprf_exp2_method, NID_secp384r1,
|
|
1164
|
-
voprf_exp2_hash_to_group, voprf_exp2_hash_to_scalar);
|
|
1165
|
-
}
|
|
1166
|
-
|
|
1167
|
-
static int voprf_exp2_init_method(void) {
|
|
1168
|
-
CRYPTO_once(&voprf_exp2_method_once, voprf_exp2_init_method_impl);
|
|
1169
|
-
if (!voprf_exp2_ok) {
|
|
1170
|
-
OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_INTERNAL_ERROR);
|
|
1171
|
-
return 0;
|
|
1172
|
-
}
|
|
1173
|
-
return 1;
|
|
1174
|
-
}
|
|
1146
|
+
static VOPRF_METHOD voprf_exp2_method = {
|
|
1147
|
+
EC_group_p384, voprf_exp2_hash_to_group, voprf_exp2_hash_to_scalar};
|
|
1175
1148
|
|
|
1176
1149
|
int voprf_exp2_generate_key(CBB *out_private, CBB *out_public) {
|
|
1177
|
-
if (!voprf_exp2_init_method()) {
|
|
1178
|
-
return 0;
|
|
1179
|
-
}
|
|
1180
|
-
|
|
1181
1150
|
return voprf_generate_key(&voprf_exp2_method, out_private, out_public);
|
|
1182
1151
|
}
|
|
1183
1152
|
|
|
1184
1153
|
int voprf_exp2_derive_key_from_secret(CBB *out_private, CBB *out_public,
|
|
1185
1154
|
const uint8_t *secret,
|
|
1186
1155
|
size_t secret_len) {
|
|
1187
|
-
if (!voprf_exp2_init_method()) {
|
|
1188
|
-
return 0;
|
|
1189
|
-
}
|
|
1190
|
-
|
|
1191
1156
|
return voprf_derive_key_from_secret(&voprf_exp2_method, out_private,
|
|
1192
1157
|
out_public, secret, secret_len);
|
|
1193
1158
|
}
|
|
1194
1159
|
|
|
1195
1160
|
int voprf_exp2_client_key_from_bytes(TRUST_TOKEN_CLIENT_KEY *key,
|
|
1196
1161
|
const uint8_t *in, size_t len) {
|
|
1197
|
-
if (!voprf_exp2_init_method()) {
|
|
1198
|
-
return 0;
|
|
1199
|
-
}
|
|
1200
1162
|
return voprf_client_key_from_bytes(&voprf_exp2_method, key, in, len);
|
|
1201
1163
|
}
|
|
1202
1164
|
|
|
1203
1165
|
int voprf_exp2_issuer_key_from_bytes(TRUST_TOKEN_ISSUER_KEY *key,
|
|
1204
1166
|
const uint8_t *in, size_t len) {
|
|
1205
|
-
if (!voprf_exp2_init_method()) {
|
|
1206
|
-
return 0;
|
|
1207
|
-
}
|
|
1208
1167
|
return voprf_issuer_key_from_bytes(&voprf_exp2_method, key, in, len);
|
|
1209
1168
|
}
|
|
1210
1169
|
|
|
@@ -1212,9 +1171,6 @@ STACK_OF(TRUST_TOKEN_PRETOKEN) *voprf_exp2_blind(CBB *cbb, size_t count,
|
|
|
1212
1171
|
int include_message,
|
|
1213
1172
|
const uint8_t *msg,
|
|
1214
1173
|
size_t msg_len) {
|
|
1215
|
-
if (!voprf_exp2_init_method()) {
|
|
1216
|
-
return NULL;
|
|
1217
|
-
}
|
|
1218
1174
|
return voprf_blind(&voprf_exp2_method, cbb, count, include_message, msg,
|
|
1219
1175
|
msg_len);
|
|
1220
1176
|
}
|
|
@@ -1222,7 +1178,7 @@ STACK_OF(TRUST_TOKEN_PRETOKEN) *voprf_exp2_blind(CBB *cbb, size_t count,
|
|
|
1222
1178
|
int voprf_exp2_sign(const TRUST_TOKEN_ISSUER_KEY *key, CBB *cbb, CBS *cbs,
|
|
1223
1179
|
size_t num_requested, size_t num_to_issue,
|
|
1224
1180
|
uint8_t private_metadata) {
|
|
1225
|
-
if (
|
|
1181
|
+
if (private_metadata != 0) {
|
|
1226
1182
|
return 0;
|
|
1227
1183
|
}
|
|
1228
1184
|
return voprf_sign_tt(&voprf_exp2_method, key, cbb, cbs, num_requested,
|
|
@@ -1233,9 +1189,6 @@ STACK_OF(TRUST_TOKEN) *voprf_exp2_unblind(
|
|
|
1233
1189
|
const TRUST_TOKEN_CLIENT_KEY *key,
|
|
1234
1190
|
const STACK_OF(TRUST_TOKEN_PRETOKEN) *pretokens, CBS *cbs, size_t count,
|
|
1235
1191
|
uint32_t key_id) {
|
|
1236
|
-
if (!voprf_exp2_init_method()) {
|
|
1237
|
-
return NULL;
|
|
1238
|
-
}
|
|
1239
1192
|
return voprf_unblind_tt(&voprf_exp2_method, key, pretokens, cbs, count,
|
|
1240
1193
|
key_id);
|
|
1241
1194
|
}
|
|
@@ -1245,9 +1198,6 @@ int voprf_exp2_read(const TRUST_TOKEN_ISSUER_KEY *key,
|
|
|
1245
1198
|
uint8_t *out_private_metadata, const uint8_t *token,
|
|
1246
1199
|
size_t token_len, int include_message, const uint8_t *msg,
|
|
1247
1200
|
size_t msg_len) {
|
|
1248
|
-
if (!voprf_exp2_init_method()) {
|
|
1249
|
-
return 0;
|
|
1250
|
-
}
|
|
1251
1201
|
return voprf_read(&voprf_exp2_method, key, out_nonce, token, token_len,
|
|
1252
1202
|
include_message, msg, msg_len);
|
|
1253
1203
|
}
|
|
@@ -1269,57 +1219,27 @@ static int voprf_pst1_hash_to_scalar(const EC_GROUP *group, EC_SCALAR *out,
|
|
|
1269
1219
|
sizeof(kHashCLabel) - 1, buf, len);
|
|
1270
1220
|
}
|
|
1271
1221
|
|
|
1272
|
-
static
|
|
1273
|
-
|
|
1274
|
-
static CRYPTO_once_t voprf_pst1_method_once = CRYPTO_ONCE_INIT;
|
|
1275
|
-
|
|
1276
|
-
static void voprf_pst1_init_method_impl(void) {
|
|
1277
|
-
voprf_pst1_ok =
|
|
1278
|
-
voprf_init_method(&voprf_pst1_method, NID_secp384r1,
|
|
1279
|
-
voprf_pst1_hash_to_group, voprf_pst1_hash_to_scalar);
|
|
1280
|
-
}
|
|
1281
|
-
|
|
1282
|
-
static int voprf_pst1_init_method(void) {
|
|
1283
|
-
CRYPTO_once(&voprf_pst1_method_once, voprf_pst1_init_method_impl);
|
|
1284
|
-
if (!voprf_pst1_ok) {
|
|
1285
|
-
OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_INTERNAL_ERROR);
|
|
1286
|
-
return 0;
|
|
1287
|
-
}
|
|
1288
|
-
return 1;
|
|
1289
|
-
}
|
|
1222
|
+
static VOPRF_METHOD voprf_pst1_method = {
|
|
1223
|
+
EC_group_p384, voprf_pst1_hash_to_group, voprf_pst1_hash_to_scalar};
|
|
1290
1224
|
|
|
1291
1225
|
int voprf_pst1_generate_key(CBB *out_private, CBB *out_public) {
|
|
1292
|
-
if (!voprf_pst1_init_method()) {
|
|
1293
|
-
return 0;
|
|
1294
|
-
}
|
|
1295
|
-
|
|
1296
1226
|
return voprf_generate_key(&voprf_pst1_method, out_private, out_public);
|
|
1297
1227
|
}
|
|
1298
1228
|
|
|
1299
1229
|
int voprf_pst1_derive_key_from_secret(CBB *out_private, CBB *out_public,
|
|
1300
1230
|
const uint8_t *secret,
|
|
1301
1231
|
size_t secret_len) {
|
|
1302
|
-
if (!voprf_pst1_init_method()) {
|
|
1303
|
-
return 0;
|
|
1304
|
-
}
|
|
1305
|
-
|
|
1306
1232
|
return voprf_derive_key_from_secret(&voprf_pst1_method, out_private,
|
|
1307
1233
|
out_public, secret, secret_len);
|
|
1308
1234
|
}
|
|
1309
1235
|
|
|
1310
1236
|
int voprf_pst1_client_key_from_bytes(TRUST_TOKEN_CLIENT_KEY *key,
|
|
1311
1237
|
const uint8_t *in, size_t len) {
|
|
1312
|
-
if (!voprf_pst1_init_method()) {
|
|
1313
|
-
return 0;
|
|
1314
|
-
}
|
|
1315
1238
|
return voprf_client_key_from_bytes(&voprf_pst1_method, key, in, len);
|
|
1316
1239
|
}
|
|
1317
1240
|
|
|
1318
1241
|
int voprf_pst1_issuer_key_from_bytes(TRUST_TOKEN_ISSUER_KEY *key,
|
|
1319
1242
|
const uint8_t *in, size_t len) {
|
|
1320
|
-
if (!voprf_pst1_init_method()) {
|
|
1321
|
-
return 0;
|
|
1322
|
-
}
|
|
1323
1243
|
return voprf_issuer_key_from_bytes(&voprf_pst1_method, key, in, len);
|
|
1324
1244
|
}
|
|
1325
1245
|
|
|
@@ -1327,9 +1247,6 @@ STACK_OF(TRUST_TOKEN_PRETOKEN) *voprf_pst1_blind(CBB *cbb, size_t count,
|
|
|
1327
1247
|
int include_message,
|
|
1328
1248
|
const uint8_t *msg,
|
|
1329
1249
|
size_t msg_len) {
|
|
1330
|
-
if (!voprf_pst1_init_method()) {
|
|
1331
|
-
return NULL;
|
|
1332
|
-
}
|
|
1333
1250
|
return voprf_blind(&voprf_pst1_method, cbb, count, include_message, msg,
|
|
1334
1251
|
msg_len);
|
|
1335
1252
|
}
|
|
@@ -1337,7 +1254,7 @@ STACK_OF(TRUST_TOKEN_PRETOKEN) *voprf_pst1_blind(CBB *cbb, size_t count,
|
|
|
1337
1254
|
int voprf_pst1_sign(const TRUST_TOKEN_ISSUER_KEY *key, CBB *cbb, CBS *cbs,
|
|
1338
1255
|
size_t num_requested, size_t num_to_issue,
|
|
1339
1256
|
uint8_t private_metadata) {
|
|
1340
|
-
if (
|
|
1257
|
+
if (private_metadata != 0) {
|
|
1341
1258
|
return 0;
|
|
1342
1259
|
}
|
|
1343
1260
|
return voprf_sign(&voprf_pst1_method, key, cbb, cbs, num_requested,
|
|
@@ -1349,7 +1266,7 @@ int voprf_pst1_sign_with_proof_scalar_for_testing(
|
|
|
1349
1266
|
const TRUST_TOKEN_ISSUER_KEY *key, CBB *cbb, CBS *cbs, size_t num_requested,
|
|
1350
1267
|
size_t num_to_issue, uint8_t private_metadata,
|
|
1351
1268
|
const uint8_t *proof_scalar_buf, size_t proof_scalar_len) {
|
|
1352
|
-
if (
|
|
1269
|
+
if (private_metadata != 0) {
|
|
1353
1270
|
return 0;
|
|
1354
1271
|
}
|
|
1355
1272
|
return voprf_sign_with_proof_scalar_for_testing(
|
|
@@ -1361,9 +1278,6 @@ STACK_OF(TRUST_TOKEN) *voprf_pst1_unblind(
|
|
|
1361
1278
|
const TRUST_TOKEN_CLIENT_KEY *key,
|
|
1362
1279
|
const STACK_OF(TRUST_TOKEN_PRETOKEN) *pretokens, CBS *cbs, size_t count,
|
|
1363
1280
|
uint32_t key_id) {
|
|
1364
|
-
if (!voprf_pst1_init_method()) {
|
|
1365
|
-
return NULL;
|
|
1366
|
-
}
|
|
1367
1281
|
return voprf_unblind(&voprf_pst1_method, key, pretokens, cbs, count, key_id);
|
|
1368
1282
|
}
|
|
1369
1283
|
|
|
@@ -1372,9 +1286,6 @@ int voprf_pst1_read(const TRUST_TOKEN_ISSUER_KEY *key,
|
|
|
1372
1286
|
uint8_t *out_private_metadata, const uint8_t *token,
|
|
1373
1287
|
size_t token_len, int include_message, const uint8_t *msg,
|
|
1374
1288
|
size_t msg_len) {
|
|
1375
|
-
if (!voprf_pst1_init_method()) {
|
|
1376
|
-
return 0;
|
|
1377
|
-
}
|
|
1378
1289
|
return voprf_read(&voprf_pst1_method, key, out_nonce, token, token_len,
|
|
1379
1290
|
include_message, msg, msg_len);
|
|
1380
1291
|
}
|