grpc 1.61.3 → 1.62.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Makefile +218 -196
- data/include/grpc/event_engine/event_engine.h +5 -43
- data/include/grpc/event_engine/extensible.h +68 -0
- data/include/grpc/impl/slice_type.h +1 -1
- data/include/grpc/support/port_platform.h +12 -20
- data/src/core/{ext/filters/client_channel → client_channel}/backend_metric.cc +1 -1
- data/src/core/{ext/filters/client_channel → client_channel}/backend_metric.h +4 -4
- data/src/core/{ext/filters/client_channel → client_channel}/backup_poller.cc +1 -1
- data/src/core/{ext/filters/client_channel → client_channel}/backup_poller.h +3 -3
- data/src/core/{ext/filters/client_channel → client_channel}/channel_connectivity.cc +11 -11
- data/src/core/{ext/filters/client_channel → client_channel}/client_channel_channelz.cc +1 -1
- data/src/core/{ext/filters/client_channel → client_channel}/client_channel_channelz.h +3 -3
- data/src/core/{ext/filters/client_channel → client_channel}/client_channel_factory.cc +1 -1
- data/src/core/{ext/filters/client_channel → client_channel}/client_channel_factory.h +4 -4
- data/src/core/{ext/filters/client_channel/client_channel.cc → client_channel/client_channel_filter.cc} +247 -231
- data/src/core/{ext/filters/client_channel/client_channel.h → client_channel/client_channel_filter.h} +42 -42
- data/src/core/{ext/filters/client_channel → client_channel}/client_channel_internal.h +6 -6
- data/src/core/{ext/filters/client_channel → client_channel}/client_channel_plugin.cc +5 -5
- data/src/core/{ext/filters/client_channel → client_channel}/client_channel_service_config.cc +2 -2
- data/src/core/{ext/filters/client_channel → client_channel}/client_channel_service_config.h +5 -5
- data/src/core/{ext/filters/client_channel → client_channel}/config_selector.cc +1 -1
- data/src/core/{ext/filters/client_channel → client_channel}/config_selector.h +5 -5
- data/src/core/{ext/filters/client_channel → client_channel}/connector.h +3 -3
- data/src/core/{ext/filters/client_channel → client_channel}/dynamic_filters.cc +1 -1
- data/src/core/{ext/filters/client_channel → client_channel}/dynamic_filters.h +3 -3
- data/src/core/{ext/filters/client_channel → client_channel}/global_subchannel_pool.cc +2 -2
- data/src/core/{ext/filters/client_channel → client_channel}/global_subchannel_pool.h +4 -4
- data/src/core/{ext/filters/client_channel → client_channel}/http_proxy_mapper.cc +1 -1
- data/src/core/{ext/filters/client_channel → client_channel}/http_proxy_mapper.h +3 -3
- data/src/core/{ext/filters/client_channel → client_channel}/local_subchannel_pool.cc +2 -2
- data/src/core/{ext/filters/client_channel → client_channel}/local_subchannel_pool.h +4 -4
- data/src/core/{ext/filters/client_channel → client_channel}/retry_filter.cc +8 -8
- data/src/core/{ext/filters/client_channel → client_channel}/retry_filter.h +8 -8
- data/src/core/{ext/filters/client_channel → client_channel}/retry_filter_legacy_call_data.cc +12 -9
- data/src/core/{ext/filters/client_channel → client_channel}/retry_filter_legacy_call_data.h +11 -10
- data/src/core/{ext/filters/client_channel → client_channel}/retry_service_config.cc +1 -1
- data/src/core/{ext/filters/client_channel → client_channel}/retry_service_config.h +4 -4
- data/src/core/{ext/filters/client_channel → client_channel}/retry_throttle.cc +1 -1
- data/src/core/{ext/filters/client_channel → client_channel}/retry_throttle.h +3 -3
- data/src/core/{ext/filters/client_channel → client_channel}/service_config_channel_arg_filter.cc +4 -4
- data/src/core/{ext/filters/client_channel → client_channel}/subchannel.cc +2 -2
- data/src/core/{ext/filters/client_channel → client_channel}/subchannel.h +6 -6
- data/src/core/{ext/filters/client_channel → client_channel}/subchannel_interface_internal.h +5 -5
- data/src/core/{ext/filters/client_channel → client_channel}/subchannel_pool_interface.cc +1 -1
- data/src/core/{ext/filters/client_channel → client_channel}/subchannel_pool_interface.h +3 -3
- data/src/core/{ext/filters/client_channel → client_channel}/subchannel_stream_client.cc +1 -1
- data/src/core/{ext/filters/client_channel → client_channel}/subchannel_stream_client.h +4 -4
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +1 -1
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +1 -1
- data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.h +1 -1
- data/src/core/ext/filters/http/message_compress/legacy_compression_filter.cc +2 -2
- data/src/core/ext/filters/http/server/http_server_filter.cc +1 -1
- data/src/core/ext/filters/message_size/message_size_filter.cc +3 -3
- data/src/core/ext/filters/message_size/message_size_filter.h +1 -1
- data/src/core/ext/filters/rbac/rbac_filter.cc +1 -1
- data/src/core/ext/filters/rbac/rbac_service_config_parser.h +1 -1
- data/src/core/ext/filters/server_config_selector/server_config_selector.h +2 -2
- data/src/core/ext/filters/server_config_selector/server_config_selector_filter.cc +2 -2
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +2 -2
- data/src/core/ext/filters/stateful_session/stateful_session_filter.h +1 -1
- data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.h +1 -1
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +4 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +5 -5
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +1 -1
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +1 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +5 -0
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +27 -36
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +3 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +3 -1
- data/src/core/ext/transport/inproc/inproc_transport.cc +20 -13
- data/src/core/ext/transport/inproc/inproc_transport.h +8 -0
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb.h +351 -164
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb_minitable.c +89 -50
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb_minitable.h +2 -0
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb.h +47 -3
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.c +15 -7
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb.h +32 -3
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb_minitable.c +8 -5
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb.h +28 -0
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb_minitable.c +6 -4
- data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb.h +0 -1
- data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb_minitable.c +0 -1
- data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb.h +29 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb.h +17 -1
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.c +4 -3
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb.h +166 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb_minitable.c +55 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb_minitable.h +30 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +30 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.c +7 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb.h +99 -19
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb_minitable.c +29 -12
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb_minitable.h +1 -0
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb.h +15 -0
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb_minitable.c +4 -3
- data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb.h +31 -3
- data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb_minitable.c +22 -4
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +91 -3
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.c +11 -8
- data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb.h +30 -0
- data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb.h +1 -0
- data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb_minitable.c +1 -0
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb.h +125 -3
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb_minitable.c +17 -4
- data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb.h +19 -1
- data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb_minitable.c +4 -3
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb.h +1 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb_minitable.c +1 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.h +15 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb_minitable.c +5 -2
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +42 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.c +11 -8
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb.h +23 -8
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb_minitable.c +9 -4
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +58 -16
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.c +14 -11
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb.h +15 -0
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb_minitable.c +7 -2
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb.h +129 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb_minitable.c +27 -6
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb_minitable.h +1 -0
- data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb.h +15 -0
- data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb_minitable.c +5 -2
- data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.c +60 -60
- data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +278 -256
- data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +10 -0
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.c +483 -475
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.c +27 -20
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.c +17 -12
- data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.c +157 -161
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.c +105 -97
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.c +106 -102
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.c +52 -0
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.c +14 -13
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +228 -224
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.c +32 -26
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.c +31 -28
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.c +22 -19
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +818 -813
- data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.c +158 -151
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.c +27 -23
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.c +59 -53
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.c +40 -18
- data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.c +106 -103
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.c +16 -12
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.c +22 -21
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +265 -261
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +127 -125
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +188 -182
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.c +57 -56
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.c +27 -20
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.c +10 -8
- data/src/core/ext/xds/xds_api.cc +63 -150
- data/src/core/ext/xds/xds_api.h +2 -7
- data/src/core/ext/xds/xds_bootstrap.h +3 -4
- data/src/core/ext/xds/xds_bootstrap_grpc.cc +4 -15
- data/src/core/ext/xds/xds_bootstrap_grpc.h +2 -1
- data/src/core/ext/xds/xds_client.cc +111 -59
- data/src/core/ext/xds/xds_client.h +20 -15
- data/src/core/ext/xds/xds_client_grpc.cc +53 -15
- data/src/core/ext/xds/xds_client_grpc.h +4 -1
- data/src/core/ext/xds/xds_client_stats.cc +11 -11
- data/src/core/ext/xds/xds_client_stats.h +8 -13
- data/src/core/ext/xds/xds_cluster.cc +1 -1
- data/src/core/ext/xds/xds_cluster.h +1 -1
- data/src/core/ext/xds/xds_endpoint.h +1 -1
- data/src/core/ext/xds/xds_health_status.h +1 -1
- data/src/core/ext/xds/xds_lb_policy_registry.cc +1 -1
- data/src/core/ext/xds/xds_route_config.cc +1 -1
- data/src/core/ext/xds/xds_server_config_fetcher.cc +2 -2
- data/src/core/ext/xds/xds_transport_grpc.cc +5 -5
- data/src/core/lib/channel/channel_args.h +15 -1
- data/src/core/lib/channel/connected_channel.cc +13 -12
- data/src/core/lib/channel/promise_based_filter.cc +4 -4
- data/src/core/lib/channel/promise_based_filter.h +1 -2
- data/src/core/lib/config/core_configuration.h +3 -3
- data/src/core/lib/event_engine/ares_resolver.cc +106 -59
- data/src/core/lib/event_engine/extensions/can_track_errors.h +40 -0
- data/src/core/lib/event_engine/extensions/supports_fd.h +160 -0
- data/src/core/lib/event_engine/forkable.cc +7 -5
- data/src/core/lib/event_engine/posix.h +11 -122
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.h +1 -5
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +31 -7
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +1 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +3 -4
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +2 -3
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +14 -6
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +10 -0
- data/src/core/lib/event_engine/query_extensions.h +85 -0
- data/src/core/lib/event_engine/shim.cc +3 -17
- data/src/core/lib/event_engine/shim.h +0 -2
- data/src/core/lib/event_engine/thread_pool/thread_count.cc +28 -7
- data/src/core/lib/event_engine/thread_pool/thread_count.h +6 -1
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +109 -5
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +9 -0
- data/src/core/lib/event_engine/utils.cc +2 -1
- data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.cc +1 -0
- data/src/core/lib/experiments/config.cc +10 -2
- data/src/core/lib/experiments/config.h +6 -0
- data/src/core/lib/experiments/experiments.cc +57 -18
- data/src/core/lib/experiments/experiments.h +16 -8
- data/src/core/lib/gpr/posix/sync.cc +2 -2
- data/src/core/lib/gpr/posix/time.cc +0 -5
- data/src/core/lib/gpr/windows/sync.cc +2 -2
- data/src/core/lib/gprpp/debug_location.h +2 -0
- data/src/core/lib/gprpp/down_cast.h +49 -0
- data/src/core/lib/gprpp/linux/env.cc +1 -19
- data/src/core/lib/gprpp/load_file.cc +2 -1
- data/src/core/lib/gprpp/load_file.h +2 -1
- data/src/core/lib/gprpp/posix/thd.cc +27 -2
- data/src/core/lib/gprpp/thd.h +8 -0
- data/src/core/lib/gprpp/time.h +4 -3
- data/src/core/lib/gprpp/windows/thd.cc +10 -1
- data/src/core/lib/iomgr/combiner.cc +1 -1
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +20 -14
- data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +2 -2
- data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +2 -2
- data/src/core/lib/iomgr/tcp_server_posix.cc +65 -50
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +12 -0
- data/src/core/lib/json/json_writer.cc +1 -1
- data/src/core/lib/promise/activity.h +8 -2
- data/src/core/lib/promise/context.h +45 -7
- data/src/core/lib/promise/for_each.h +6 -9
- data/src/core/lib/promise/interceptor_list.h +13 -5
- data/src/core/lib/promise/latch.h +3 -3
- data/src/core/lib/promise/party.cc +12 -0
- data/src/core/lib/promise/party.h +37 -6
- data/src/core/lib/promise/pipe.h +2 -7
- data/src/core/lib/promise/sleep.cc +1 -1
- data/src/core/lib/promise/status_flag.h +32 -2
- data/src/core/lib/resource_quota/memory_quota.cc +4 -4
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +5 -11
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +11 -10
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +9 -7
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +1 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +16 -24
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +1 -1
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/load_system_roots_supported.cc +3 -7
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/ssl_utils.cc +26 -17
- data/src/core/lib/security/transport/legacy_server_auth_filter.cc +2 -2
- data/src/core/lib/security/transport/security_handshaker.cc +0 -8
- data/src/core/lib/security/transport/security_handshaker.h +0 -6
- data/src/core/lib/security/transport/server_auth_filter.cc +2 -2
- data/src/core/lib/slice/slice_buffer.h +3 -1
- data/src/core/lib/surface/call.cc +162 -76
- data/src/core/lib/surface/call_trace.cc +9 -9
- data/src/core/lib/surface/channel.cc +15 -24
- data/src/core/lib/surface/channel.h +4 -20
- data/src/core/lib/surface/channel_init.cc +81 -7
- data/src/core/lib/surface/channel_init.h +104 -6
- data/src/core/lib/surface/init.cc +1 -1
- data/src/core/lib/surface/server.cc +4 -7
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/surface/wait_for_cq_end_op.cc +75 -0
- data/src/core/lib/surface/wait_for_cq_end_op.h +4 -26
- data/src/core/lib/transport/batch_builder.cc +2 -3
- data/src/core/lib/transport/batch_builder.h +1 -1
- data/src/core/lib/transport/call_factory.cc +41 -0
- data/src/core/lib/transport/call_factory.h +56 -0
- data/src/core/lib/transport/call_filters.cc +371 -0
- data/src/core/lib/transport/call_filters.h +1500 -0
- data/src/core/lib/transport/call_size_estimator.cc +41 -0
- data/src/core/lib/transport/call_size_estimator.h +52 -0
- data/src/core/lib/transport/call_spine.cc +107 -0
- data/src/core/lib/transport/call_spine.h +429 -0
- data/src/core/lib/transport/handshaker.cc +0 -8
- data/src/core/lib/transport/handshaker.h +0 -7
- data/src/core/lib/transport/message.cc +45 -0
- data/src/core/lib/transport/message.h +61 -0
- data/src/core/lib/transport/metadata.cc +37 -0
- data/src/core/lib/transport/metadata.h +78 -0
- data/src/core/lib/transport/metadata_batch.cc +4 -2
- data/src/core/lib/transport/metadata_batch.h +2 -2
- data/src/core/lib/transport/transport.cc +0 -105
- data/src/core/lib/transport/transport.h +3 -452
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/address_filtering.cc +1 -1
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/address_filtering.h +4 -4
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/backend_metric_data.h +3 -3
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/child_policy_handler.cc +4 -4
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/child_policy_handler.h +4 -4
- data/src/core/{lib/load_balancing → load_balancing}/delegating_helper.h +5 -5
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/endpoint_list.cc +6 -6
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/endpoint_list.h +6 -6
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/grpclb/client_load_reporting_filter.cc +2 -2
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/grpclb/client_load_reporting_filter.h +3 -3
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/grpclb/grpclb.cc +19 -19
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/grpclb/grpclb.h +3 -3
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/grpclb/grpclb_balancer_addresses.cc +1 -1
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/grpclb/grpclb_balancer_addresses.h +4 -4
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/grpclb/grpclb_client_stats.cc +1 -1
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/grpclb/grpclb_client_stats.h +3 -3
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/grpclb/load_balancer_api.cc +1 -1
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/grpclb/load_balancer_api.h +4 -4
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/health_check_client.cc +6 -6
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/health_check_client.h +4 -4
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/health_check_client_internal.h +7 -7
- data/src/core/{lib/load_balancing → load_balancing}/lb_policy.cc +1 -1
- data/src/core/{lib/load_balancing → load_balancing}/lb_policy.h +6 -6
- data/src/core/{lib/load_balancing → load_balancing}/lb_policy_factory.h +4 -4
- data/src/core/{lib/load_balancing → load_balancing}/lb_policy_registry.cc +2 -2
- data/src/core/{lib/load_balancing → load_balancing}/lb_policy_registry.h +5 -5
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/oob_backend_metric.cc +6 -6
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/oob_backend_metric.h +5 -5
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/oob_backend_metric_internal.h +8 -8
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/outlier_detection/outlier_detection.cc +10 -10
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/outlier_detection/outlier_detection.h +3 -3
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/pick_first/pick_first.cc +6 -6
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/pick_first/pick_first.h +4 -4
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/priority/priority.cc +8 -8
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/ring_hash/ring_hash.cc +8 -8
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/ring_hash/ring_hash.h +4 -4
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/rls/rls.cc +13 -13
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/round_robin/round_robin.cc +7 -7
- data/src/core/{lib/load_balancing → load_balancing}/subchannel_interface.h +3 -3
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/subchannel_list.h +8 -8
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/weighted_round_robin/static_stride_scheduler.cc +1 -1
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/weighted_round_robin/static_stride_scheduler.h +3 -3
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/weighted_round_robin/weighted_round_robin.cc +10 -10
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/weighted_target/weighted_target.cc +7 -7
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/xds/cds.cc +26 -23
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/xds/xds_channel_args.h +4 -4
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/xds/xds_cluster_impl.cc +11 -11
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/xds/xds_cluster_manager.cc +8 -8
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/xds/xds_override_host.cc +10 -10
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/xds/xds_override_host.h +4 -4
- data/src/core/{ext/filters/client_channel/lb_policy → load_balancing}/xds/xds_wrr_locality.cc +6 -6
- data/src/core/{ext/filters/client_channel/resolver → resolver}/binder/binder_resolver.cc +3 -3
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/c_ares/dns_resolver_ares.cc +9 -9
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/c_ares/dns_resolver_ares.h +3 -3
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/c_ares/grpc_ares_ev_driver.h +4 -4
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/c_ares/grpc_ares_ev_driver_posix.cc +2 -2
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/c_ares/grpc_ares_ev_driver_windows.cc +2 -2
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/c_ares/grpc_ares_wrapper.cc +2 -2
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/c_ares/grpc_ares_wrapper.h +4 -4
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/c_ares/grpc_ares_wrapper_posix.cc +1 -1
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/c_ares/grpc_ares_wrapper_windows.cc +2 -2
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/dns_resolver_plugin.cc +7 -5
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/dns_resolver_plugin.h +3 -3
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/event_engine/event_engine_client_channel_resolver.cc +9 -9
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/event_engine/event_engine_client_channel_resolver.h +5 -5
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/event_engine/service_config_helper.cc +1 -1
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/event_engine/service_config_helper.h +3 -3
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/native/dns_resolver.cc +4 -4
- data/src/core/{ext/filters/client_channel/resolver → resolver}/dns/native/dns_resolver.h +3 -3
- data/src/core/{lib/resolver → resolver}/endpoint_addresses.cc +1 -1
- data/src/core/{lib/resolver → resolver}/endpoint_addresses.h +3 -3
- data/src/core/{ext/filters/client_channel/resolver → resolver}/fake/fake_resolver.cc +2 -2
- data/src/core/{ext/filters/client_channel/resolver → resolver}/fake/fake_resolver.h +4 -4
- data/src/core/{ext/filters/client_channel/resolver → resolver}/google_c2p/google_c2p_resolver.cc +3 -3
- data/src/core/{ext/filters/client_channel/resolver → resolver}/polling_resolver.cc +3 -3
- data/src/core/{ext/filters/client_channel/resolver → resolver}/polling_resolver.h +5 -5
- data/src/core/{lib/resolver → resolver}/resolver.cc +1 -1
- data/src/core/{lib/resolver → resolver}/resolver.h +6 -6
- data/src/core/{lib/resolver → resolver}/resolver_factory.h +4 -4
- data/src/core/{lib/resolver → resolver}/resolver_registry.cc +1 -1
- data/src/core/{lib/resolver → resolver}/resolver_registry.h +5 -5
- data/src/core/{lib/resolver → resolver}/server_address.h +4 -4
- data/src/core/{ext/filters/client_channel/resolver → resolver}/sockaddr/sockaddr_resolver.cc +3 -3
- data/src/core/{ext/filters/client_channel/resolver → resolver}/xds/xds_dependency_manager.cc +4 -4
- data/src/core/{ext/filters/client_channel/resolver → resolver}/xds/xds_dependency_manager.h +4 -4
- data/src/core/{ext/filters/client_channel/resolver → resolver}/xds/xds_resolver.cc +11 -11
- data/src/core/{ext/filters/client_channel/resolver → resolver}/xds/xds_resolver_attributes.h +4 -4
- data/src/core/{ext/filters/client_channel/resolver → resolver}/xds/xds_resolver_trace.cc +1 -1
- data/src/core/{ext/filters/client_channel/resolver → resolver}/xds/xds_resolver_trace.h +3 -3
- data/src/core/{lib/service_config → service_config}/service_config.h +4 -4
- data/src/core/{lib/service_config → service_config}/service_config_call_data.h +5 -5
- data/src/core/{lib/service_config → service_config}/service_config_impl.cc +2 -2
- data/src/core/{lib/service_config → service_config}/service_config_impl.h +5 -5
- data/src/core/{lib/service_config → service_config}/service_config_parser.cc +1 -1
- data/src/core/{lib/service_config → service_config}/service_config_parser.h +3 -3
- data/src/core/tsi/fake_transport_security.cc +1 -1
- data/src/ruby/ext/grpc/extconf.rb +0 -1
- data/src/ruby/ext/grpc/rb_channel.c +11 -5
- data/src/ruby/ext/grpc/rb_event_thread.c +9 -3
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/abseil-cpp/absl/algorithm/algorithm.h +8 -103
- data/third_party/abseil-cpp/absl/algorithm/container.h +57 -71
- data/third_party/abseil-cpp/absl/base/attributes.h +51 -12
- data/third_party/abseil-cpp/absl/base/call_once.h +15 -9
- data/third_party/abseil-cpp/absl/base/casts.h +1 -1
- data/third_party/abseil-cpp/absl/base/config.h +91 -24
- data/third_party/abseil-cpp/absl/base/internal/endian.h +13 -12
- data/third_party/abseil-cpp/absl/base/internal/identity.h +4 -2
- data/third_party/abseil-cpp/absl/base/internal/inline_variable.h +19 -18
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +1 -1
- data/third_party/abseil-cpp/absl/base/internal/nullability_impl.h +106 -0
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +9 -11
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +2 -0
- data/third_party/abseil-cpp/absl/base/internal/spinlock.h +17 -4
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +20 -0
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.cc +10 -4
- data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +13 -6
- data/third_party/abseil-cpp/absl/base/log_severity.cc +1 -0
- data/third_party/abseil-cpp/absl/base/log_severity.h +23 -10
- data/third_party/abseil-cpp/absl/base/no_destructor.h +217 -0
- data/third_party/abseil-cpp/absl/base/nullability.h +224 -0
- data/third_party/abseil-cpp/absl/base/optimization.h +1 -0
- data/third_party/abseil-cpp/absl/base/options.h +27 -1
- data/third_party/abseil-cpp/absl/base/prefetch.h +25 -14
- data/third_party/abseil-cpp/absl/base/thread_annotations.h +0 -2
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +3 -3
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +1 -1
- data/third_party/abseil-cpp/absl/container/internal/common_policy_traits.h +4 -2
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +13 -9
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +2 -12
- data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +12 -1
- data/third_party/abseil-cpp/absl/container/internal/layout.h +6 -21
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +11 -2
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +148 -31
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +717 -278
- data/third_party/abseil-cpp/absl/crc/internal/cpu_detect.cc +26 -2
- data/third_party/abseil-cpp/absl/crc/internal/cpu_detect.h +6 -0
- data/third_party/abseil-cpp/absl/crc/internal/crc32_x86_arm_combined_simd.h +34 -5
- data/third_party/abseil-cpp/absl/crc/internal/crc_memcpy.h +6 -3
- data/third_party/abseil-cpp/absl/crc/internal/crc_memcpy_fallback.cc +4 -2
- data/third_party/abseil-cpp/absl/crc/internal/{crc_memcpy_x86_64.cc → crc_memcpy_x86_arm_combined.cc} +65 -47
- data/third_party/abseil-cpp/absl/crc/internal/crc_x86_arm_combined.cc +10 -2
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +4 -2
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +24 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.h +35 -33
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +41 -17
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +108 -44
- data/third_party/abseil-cpp/absl/flags/declare.h +0 -5
- data/third_party/abseil-cpp/absl/flags/flag.h +1 -10
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +0 -5
- data/third_party/abseil-cpp/absl/flags/marshalling.cc +10 -1
- data/third_party/abseil-cpp/absl/flags/reflection.cc +2 -1
- data/third_party/abseil-cpp/absl/functional/function_ref.h +8 -0
- data/third_party/abseil-cpp/absl/functional/internal/any_invocable.h +2 -2
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +49 -2
- data/third_party/abseil-cpp/absl/numeric/bits.h +37 -18
- data/third_party/abseil-cpp/absl/random/distributions.h +1 -1
- data/third_party/abseil-cpp/absl/status/internal/status_internal.cc +248 -0
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +55 -14
- data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +53 -2
- data/third_party/abseil-cpp/absl/status/status.cc +36 -238
- data/third_party/abseil-cpp/absl/status/status.h +95 -53
- data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +1 -3
- data/third_party/abseil-cpp/absl/status/status_payload_printer.h +3 -2
- data/third_party/abseil-cpp/absl/status/statusor.cc +5 -2
- data/third_party/abseil-cpp/absl/status/statusor.h +43 -3
- data/third_party/abseil-cpp/absl/strings/ascii.cc +84 -12
- data/third_party/abseil-cpp/absl/strings/ascii.h +8 -6
- data/third_party/abseil-cpp/absl/strings/charconv.cc +19 -12
- data/third_party/abseil-cpp/absl/strings/charconv.h +6 -3
- data/third_party/abseil-cpp/absl/strings/charset.h +164 -0
- data/third_party/abseil-cpp/absl/strings/cord.cc +266 -69
- data/third_party/abseil-cpp/absl/strings/cord.h +138 -92
- data/third_party/abseil-cpp/absl/strings/cord_analysis.cc +19 -33
- data/third_party/abseil-cpp/absl/strings/cord_analysis.h +4 -3
- data/third_party/abseil-cpp/absl/strings/escaping.cc +5 -4
- data/third_party/abseil-cpp/absl/strings/has_absl_stringify.h +63 -0
- data/third_party/abseil-cpp/absl/strings/has_ostream_operator.h +42 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.cc +0 -6
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +19 -45
- data/third_party/abseil-cpp/absl/strings/internal/cordz_info.cc +23 -28
- data/third_party/abseil-cpp/absl/strings/internal/has_absl_stringify.h +15 -26
- data/third_party/abseil-cpp/absl/strings/internal/memutil.cc +12 -4
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +145 -8
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +72 -24
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +17 -1
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +7 -4
- data/third_party/abseil-cpp/absl/strings/internal/str_format/constexpr_parser.h +8 -3
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +10 -4
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +5 -4
- data/third_party/abseil-cpp/absl/strings/match.cc +3 -0
- data/third_party/abseil-cpp/absl/strings/numbers.cc +396 -153
- data/third_party/abseil-cpp/absl/strings/numbers.h +193 -35
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +151 -21
- data/third_party/abseil-cpp/absl/strings/str_cat.h +127 -25
- data/third_party/abseil-cpp/absl/strings/str_format.h +30 -20
- data/third_party/abseil-cpp/absl/strings/str_join.h +16 -16
- data/third_party/abseil-cpp/absl/strings/str_replace.cc +12 -3
- data/third_party/abseil-cpp/absl/strings/str_replace.h +8 -5
- data/third_party/abseil-cpp/absl/strings/str_split.cc +8 -6
- data/third_party/abseil-cpp/absl/strings/str_split.h +18 -0
- data/third_party/abseil-cpp/absl/strings/string_view.cc +26 -5
- data/third_party/abseil-cpp/absl/strings/string_view.h +91 -26
- data/third_party/abseil-cpp/absl/strings/strip.h +5 -2
- data/third_party/abseil-cpp/absl/strings/substitute.cc +12 -4
- data/third_party/abseil-cpp/absl/strings/substitute.h +103 -91
- data/third_party/abseil-cpp/absl/synchronization/internal/pthread_waiter.h +2 -2
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +2 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/win32_waiter.h +4 -2
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +296 -332
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +89 -34
- data/third_party/abseil-cpp/absl/time/civil_time.h +26 -0
- data/third_party/abseil-cpp/absl/time/clock.h +5 -1
- data/third_party/abseil-cpp/absl/time/duration.cc +3 -3
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +2 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +9 -14
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +0 -8
- data/third_party/abseil-cpp/absl/types/bad_optional_access.cc +18 -0
- data/third_party/abseil-cpp/absl/types/bad_variant_access.cc +18 -0
- data/third_party/abseil-cpp/absl/types/internal/variant.h +3 -3
- data/third_party/abseil-cpp/absl/types/optional.h +3 -2
- data/third_party/abseil-cpp/absl/types/span.h +9 -4
- data/third_party/abseil-cpp/absl/utility/utility.h +11 -93
- data/third_party/boringssl-with-bazel/err_data.c +278 -276
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +9 -9
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +8 -21
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +19 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +11 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +4 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +1 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +4 -13
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +1 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +27 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +1 -11
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +42 -12
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +0 -22
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.c +9 -9
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +34 -1
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +49 -3
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +30 -42
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +87 -96
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +11 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/des/des.c +105 -31
- data/third_party/boringssl-with-bazel/src/crypto/des/internal.h +10 -81
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +2 -15
- data/third_party/boringssl-with-bazel/src/crypto/engine/engine.c +1 -9
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +2 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/add.c +2 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +26 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +26 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +10 -41
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +49 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +26 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +27 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +2 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +1 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +8 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +11 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +11 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aesccm.c +43 -50
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +2 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +16 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +7 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +2 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +51 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +17 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +5 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +6 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +153 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +87 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +39 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +32 -5
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +254 -54
- data/third_party/boringssl-with-bazel/src/crypto/keccak/internal.h +70 -0
- data/third_party/boringssl-with-bazel/src/crypto/{kyber → keccak}/keccak.c +124 -49
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +8 -39
- data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +39 -29
- data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.c +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +17 -33
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +36 -16
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +31 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +9 -13
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/forkunsafe.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_crypt.c +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/spx/address.c +101 -0
- data/third_party/boringssl-with-bazel/src/crypto/spx/address.h +50 -0
- data/third_party/boringssl-with-bazel/src/crypto/spx/fors.c +133 -0
- data/third_party/boringssl-with-bazel/src/crypto/spx/fors.h +54 -0
- data/third_party/boringssl-with-bazel/src/crypto/spx/internal.h +79 -0
- data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.c +150 -0
- data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.h +61 -0
- data/third_party/boringssl-with-bazel/src/crypto/spx/params.h +71 -0
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx.c +139 -0
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.c +53 -0
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.h +44 -0
- data/third_party/boringssl-with-bazel/src/crypto/spx/thash.c +136 -0
- data/third_party/boringssl-with-bazel/src/crypto/spx/thash.h +70 -0
- data/third_party/boringssl-with-bazel/src/crypto/spx/wots.c +135 -0
- data/third_party/boringssl-with-bazel/src/crypto/spx/wots.h +45 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +4 -9
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +10 -22
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +12 -36
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +14 -9
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +23 -33
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +225 -51
- data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +2 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +6 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_akey.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_akeya.c +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_alt.c +5 -6
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_bcons.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_bitst.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_conf.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_cpols.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_crld.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_enum.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_extku.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_genn.c +12 -12
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_ia5.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_info.c +4 -6
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_int.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_lib.c +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_ncons.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_ocsp.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_pcons.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_pmaps.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_prn.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_purp.c +92 -335
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_skey.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/v3_utl.c +20 -18
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +35 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +44 -59
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +107 -255
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +32 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +25 -152
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +330 -944
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +93 -215
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +28 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +35 -129
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +46 -50
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +6 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +0 -21
- data/third_party/boringssl-with-bazel/src/include/openssl/asm_base.h +5 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +3 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +24 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +14 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +22 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +4 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +0 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +33 -11
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +5 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/kyber.h +26 -18
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +13 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +5 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +19 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +45 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +20 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +18 -20
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +76 -60
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +31 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/time.h +3 -22
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +2 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +2806 -941
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +38 -1025
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3_errors.h +124 -0
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +1 -2
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +82 -9
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +42 -4
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +4 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +4 -5
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +9 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +0 -1
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +5 -1
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +5 -1
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_adx.h +4 -2
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +21 -0
- data/third_party/cares/config_linux/ares_config.h +2 -38
- metadata +214 -179
- data/src/core/lib/iomgr/load_file.cc +0 -78
- data/src/core/lib/iomgr/load_file.h +0 -35
- data/third_party/abseil-cpp/absl/base/internal/prefetch.h +0 -137
- data/third_party/abseil-cpp/absl/base/internal/thread_annotations.h +0 -280
- data/third_party/abseil-cpp/absl/flags/flag.cc +0 -38
- data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +0 -116
- data/third_party/abseil-cpp/absl/strings/internal/char_map.h +0 -158
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring.cc +0 -773
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring.h +0 -607
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring_reader.h +0 -118
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +0 -100
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +0 -111
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +0 -197
- /data/third_party/boringssl-with-bazel/src/crypto/{x509v3 → x509}/ext_dat.h +0 -0
|
@@ -63,26 +63,31 @@
|
|
|
63
63
|
|
|
64
64
|
void bn_big_endian_to_words(BN_ULONG *out, size_t out_len, const uint8_t *in,
|
|
65
65
|
size_t in_len) {
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
BN_ULONG word = 0;
|
|
70
|
-
for (size_t j = 0; j < in_len; j++) {
|
|
71
|
-
word = (word << 8) | in[j];
|
|
72
|
-
}
|
|
73
|
-
in_len = 0;
|
|
74
|
-
out[i] = word;
|
|
75
|
-
// Fill the remainder with zeros.
|
|
76
|
-
OPENSSL_memset(out + i + 1, 0, (out_len - i - 1) * sizeof(BN_ULONG));
|
|
77
|
-
break;
|
|
78
|
-
}
|
|
66
|
+
// The caller should have sized |out| to fit |in| without truncating. This
|
|
67
|
+
// condition ensures we do not overflow |out|, so use a runtime check.
|
|
68
|
+
BSSL_CHECK(in_len <= out_len * sizeof(BN_ULONG));
|
|
79
69
|
|
|
70
|
+
// Load whole words.
|
|
71
|
+
while (in_len >= sizeof(BN_ULONG)) {
|
|
80
72
|
in_len -= sizeof(BN_ULONG);
|
|
81
|
-
out[
|
|
73
|
+
out[0] = CRYPTO_load_word_be(in + in_len);
|
|
74
|
+
out++;
|
|
75
|
+
out_len--;
|
|
76
|
+
}
|
|
77
|
+
|
|
78
|
+
// Load the last partial word.
|
|
79
|
+
if (in_len != 0) {
|
|
80
|
+
BN_ULONG word = 0;
|
|
81
|
+
for (size_t i = 0; i < in_len; i++) {
|
|
82
|
+
word = (word << 8) | in[i];
|
|
83
|
+
}
|
|
84
|
+
out[0] = word;
|
|
85
|
+
out++;
|
|
86
|
+
out_len--;
|
|
82
87
|
}
|
|
83
88
|
|
|
84
|
-
//
|
|
85
|
-
|
|
89
|
+
// Fill the remainder with zeros.
|
|
90
|
+
OPENSSL_memset(out, 0, out_len * sizeof(BN_ULONG));
|
|
86
91
|
}
|
|
87
92
|
|
|
88
93
|
BIGNUM *BN_bin2bn(const uint8_t *in, size_t len, BIGNUM *ret) {
|
|
@@ -116,7 +121,7 @@ BIGNUM *BN_bin2bn(const uint8_t *in, size_t len, BIGNUM *ret) {
|
|
|
116
121
|
return ret;
|
|
117
122
|
}
|
|
118
123
|
|
|
119
|
-
BIGNUM *
|
|
124
|
+
BIGNUM *BN_lebin2bn(const uint8_t *in, size_t len, BIGNUM *ret) {
|
|
120
125
|
BIGNUM *bn = NULL;
|
|
121
126
|
if (ret == NULL) {
|
|
122
127
|
bn = BN_new();
|
|
@@ -149,6 +154,10 @@ BIGNUM *BN_le2bn(const uint8_t *in, size_t len, BIGNUM *ret) {
|
|
|
149
154
|
return ret;
|
|
150
155
|
}
|
|
151
156
|
|
|
157
|
+
BIGNUM *BN_le2bn(const uint8_t *in, size_t len, BIGNUM *ret) {
|
|
158
|
+
return BN_lebin2bn(in, len, ret);
|
|
159
|
+
}
|
|
160
|
+
|
|
152
161
|
// fits_in_bytes returns one if the |num_words| words in |words| can be
|
|
153
162
|
// represented in |num_bytes| bytes.
|
|
154
163
|
static int fits_in_bytes(const BN_ULONG *words, size_t num_words,
|
|
@@ -210,7 +210,7 @@ static int BN_STACK_push(BN_STACK *st, size_t idx) {
|
|
|
210
210
|
// This function intentionally does not push to the error queue on error.
|
|
211
211
|
// Error-reporting is deferred to |BN_CTX_get|.
|
|
212
212
|
size_t new_size = st->size != 0 ? st->size * 3 / 2 : BN_CTX_START_FRAMES;
|
|
213
|
-
if (new_size <= st->size || new_size >
|
|
213
|
+
if (new_size <= st->size || new_size > SIZE_MAX / sizeof(size_t)) {
|
|
214
214
|
return 0;
|
|
215
215
|
}
|
|
216
216
|
size_t *new_indexes =
|
|
@@ -724,7 +724,7 @@ void bn_mod_exp_mont_small(BN_ULONG *r, const BN_ULONG *a, size_t num,
|
|
|
724
724
|
const BN_ULONG *p, size_t num_p,
|
|
725
725
|
const BN_MONT_CTX *mont) {
|
|
726
726
|
if (num != (size_t)mont->N.width || num > BN_SMALL_MAX_WORDS ||
|
|
727
|
-
num_p >
|
|
727
|
+
num_p > SIZE_MAX / BN_BITS2) {
|
|
728
728
|
abort();
|
|
729
729
|
}
|
|
730
730
|
assert(BN_is_odd(&mont->N));
|
|
@@ -898,7 +898,9 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
|
|
898
898
|
OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER);
|
|
899
899
|
return 0;
|
|
900
900
|
}
|
|
901
|
-
|
|
901
|
+
// |a| is secret, but it is required to be in range, so these comparisons may
|
|
902
|
+
// be leaked.
|
|
903
|
+
if (a->neg || constant_time_declassify_int(BN_ucmp(a, m) >= 0)) {
|
|
902
904
|
OPENSSL_PUT_ERROR(BN, BN_R_INPUT_NOT_REDUCED);
|
|
903
905
|
return 0;
|
|
904
906
|
}
|
|
@@ -327,7 +327,10 @@ int BN_mod_inverse_blinded(BIGNUM *out, int *out_no_inverse, const BIGNUM *a,
|
|
|
327
327
|
const BN_MONT_CTX *mont, BN_CTX *ctx) {
|
|
328
328
|
*out_no_inverse = 0;
|
|
329
329
|
|
|
330
|
-
|
|
330
|
+
// |a| is secret, but it is required to be in range, so these comparisons may
|
|
331
|
+
// be leaked.
|
|
332
|
+
if (BN_is_negative(a) ||
|
|
333
|
+
constant_time_declassify_int(BN_cmp(a, &mont->N) >= 0)) {
|
|
331
334
|
OPENSSL_PUT_ERROR(BN, BN_R_INPUT_NOT_REDUCED);
|
|
332
335
|
return 0;
|
|
333
336
|
}
|
|
@@ -336,11 +339,29 @@ int BN_mod_inverse_blinded(BIGNUM *out, int *out_no_inverse, const BIGNUM *a,
|
|
|
336
339
|
BIGNUM blinding_factor;
|
|
337
340
|
BN_init(&blinding_factor);
|
|
338
341
|
|
|
339
|
-
|
|
340
|
-
|
|
341
|
-
|
|
342
|
+
// |BN_mod_inverse_odd| is leaky, so generate a secret blinding factor and
|
|
343
|
+
// blind |a|. This works because (ar)^-1 * r = a^-1, supposing r is
|
|
344
|
+
// invertible. If r is not invertible, this function will fail. However, we
|
|
345
|
+
// only use this in RSA, where stumbling on an uninvertible element means
|
|
346
|
+
// stumbling on the key's factorization. That is, if this function fails, the
|
|
347
|
+
// RSA key was not actually a product of two large primes.
|
|
348
|
+
//
|
|
349
|
+
// TODO(crbug.com/boringssl/677): When the PRNG output is marked secret by
|
|
350
|
+
// default, the explicit |bn_secret| call can be removed.
|
|
351
|
+
if (!BN_rand_range_ex(&blinding_factor, 1, &mont->N)) {
|
|
352
|
+
goto err;
|
|
353
|
+
}
|
|
354
|
+
bn_secret(&blinding_factor);
|
|
355
|
+
if (!BN_mod_mul_montgomery(out, &blinding_factor, a, mont, ctx)) {
|
|
356
|
+
goto err;
|
|
357
|
+
}
|
|
358
|
+
|
|
359
|
+
// Once blinded, |out| is no longer secret, so it may be passed to a leaky
|
|
360
|
+
// mod inverse function. Note |blinding_factor| is secret, so |out| will be
|
|
361
|
+
// secret again after multiplying.
|
|
362
|
+
bn_declassify(out);
|
|
363
|
+
if (!BN_mod_inverse_odd(out, out_no_inverse, out, &mont->N, ctx) ||
|
|
342
364
|
!BN_mod_mul_montgomery(out, &blinding_factor, out, mont, ctx)) {
|
|
343
|
-
OPENSSL_PUT_ERROR(BN, ERR_R_BN_LIB);
|
|
344
365
|
goto err;
|
|
345
366
|
}
|
|
346
367
|
|
|
@@ -567,37 +567,6 @@ void bn_sqr_comba4(BN_ULONG r[8], const BN_ULONG a[4]) {
|
|
|
567
567
|
|
|
568
568
|
#if !defined(BN_ADD_ASM)
|
|
569
569
|
|
|
570
|
-
// bn_add_with_carry returns |x + y + carry|, and sets |*out_carry| to the
|
|
571
|
-
// carry bit. |carry| must be zero or one.
|
|
572
|
-
static inline BN_ULONG bn_add_with_carry(BN_ULONG x, BN_ULONG y, BN_ULONG carry,
|
|
573
|
-
BN_ULONG *out_carry) {
|
|
574
|
-
assert(carry == 0 || carry == 1);
|
|
575
|
-
#if defined(BN_ULLONG)
|
|
576
|
-
BN_ULLONG ret = carry;
|
|
577
|
-
ret += (BN_ULLONG)x + y;
|
|
578
|
-
*out_carry = (BN_ULONG)(ret >> BN_BITS2);
|
|
579
|
-
return (BN_ULONG)ret;
|
|
580
|
-
#else
|
|
581
|
-
x += carry;
|
|
582
|
-
carry = x < carry;
|
|
583
|
-
BN_ULONG ret = x + y;
|
|
584
|
-
carry += ret < x;
|
|
585
|
-
*out_carry = carry;
|
|
586
|
-
return ret;
|
|
587
|
-
#endif
|
|
588
|
-
}
|
|
589
|
-
|
|
590
|
-
// bn_sub_with_borrow returns |x - y - borrow|, and sets |*out_borrow| to the
|
|
591
|
-
// borrow bit. |borrow| must be zero or one.
|
|
592
|
-
static inline BN_ULONG bn_sub_with_borrow(BN_ULONG x, BN_ULONG y,
|
|
593
|
-
BN_ULONG borrow,
|
|
594
|
-
BN_ULONG *out_borrow) {
|
|
595
|
-
assert(borrow == 0 || borrow == 1);
|
|
596
|
-
BN_ULONG ret = x - y - borrow;
|
|
597
|
-
*out_borrow = (x < y) | ((x == y) & borrow);
|
|
598
|
-
return ret;
|
|
599
|
-
}
|
|
600
|
-
|
|
601
570
|
BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
|
|
602
571
|
size_t n) {
|
|
603
572
|
if (n == 0) {
|
|
@@ -606,17 +575,17 @@ BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
|
|
|
606
575
|
|
|
607
576
|
BN_ULONG carry = 0;
|
|
608
577
|
while (n & ~3) {
|
|
609
|
-
r[0] =
|
|
610
|
-
r[1] =
|
|
611
|
-
r[2] =
|
|
612
|
-
r[3] =
|
|
578
|
+
r[0] = CRYPTO_addc_w(a[0], b[0], carry, &carry);
|
|
579
|
+
r[1] = CRYPTO_addc_w(a[1], b[1], carry, &carry);
|
|
580
|
+
r[2] = CRYPTO_addc_w(a[2], b[2], carry, &carry);
|
|
581
|
+
r[3] = CRYPTO_addc_w(a[3], b[3], carry, &carry);
|
|
613
582
|
a += 4;
|
|
614
583
|
b += 4;
|
|
615
584
|
r += 4;
|
|
616
585
|
n -= 4;
|
|
617
586
|
}
|
|
618
587
|
while (n) {
|
|
619
|
-
r[0] =
|
|
588
|
+
r[0] = CRYPTO_addc_w(a[0], b[0], carry, &carry);
|
|
620
589
|
a++;
|
|
621
590
|
b++;
|
|
622
591
|
r++;
|
|
@@ -633,17 +602,17 @@ BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
|
|
|
633
602
|
|
|
634
603
|
BN_ULONG borrow = 0;
|
|
635
604
|
while (n & ~3) {
|
|
636
|
-
r[0] =
|
|
637
|
-
r[1] =
|
|
638
|
-
r[2] =
|
|
639
|
-
r[3] =
|
|
605
|
+
r[0] = CRYPTO_subc_w(a[0], b[0], borrow, &borrow);
|
|
606
|
+
r[1] = CRYPTO_subc_w(a[1], b[1], borrow, &borrow);
|
|
607
|
+
r[2] = CRYPTO_subc_w(a[2], b[2], borrow, &borrow);
|
|
608
|
+
r[3] = CRYPTO_subc_w(a[3], b[3], borrow, &borrow);
|
|
640
609
|
a += 4;
|
|
641
610
|
b += 4;
|
|
642
611
|
r += 4;
|
|
643
612
|
n -= 4;
|
|
644
613
|
}
|
|
645
614
|
while (n) {
|
|
646
|
-
r[0] =
|
|
615
|
+
r[0] = CRYPTO_subc_w(a[0], b[0], borrow, &borrow);
|
|
647
616
|
a++;
|
|
648
617
|
b++;
|
|
649
618
|
r++;
|
|
@@ -149,6 +149,7 @@ extern "C" {
|
|
|
149
149
|
#endif
|
|
150
150
|
|
|
151
151
|
#define BN_BITS2 64
|
|
152
|
+
#define BN_BITS2_LG 6
|
|
152
153
|
#define BN_BYTES 8
|
|
153
154
|
#define BN_BITS4 32
|
|
154
155
|
#define BN_MASK2 (0xffffffffffffffffUL)
|
|
@@ -165,6 +166,7 @@ extern "C" {
|
|
|
165
166
|
#define BN_ULLONG uint64_t
|
|
166
167
|
#define BN_CAN_DIVIDE_ULLONG
|
|
167
168
|
#define BN_BITS2 32
|
|
169
|
+
#define BN_BITS2_LG 5
|
|
168
170
|
#define BN_BYTES 4
|
|
169
171
|
#define BN_BITS4 16
|
|
170
172
|
#define BN_MASK2 (0xffffffffUL)
|
|
@@ -269,6 +271,18 @@ int bn_copy_words(BN_ULONG *out, size_t num, const BIGNUM *bn);
|
|
|
269
271
|
// validation.
|
|
270
272
|
void bn_assert_fits_in_bytes(const BIGNUM *bn, size_t num);
|
|
271
273
|
|
|
274
|
+
// bn_secret marks |bn|'s contents, but not its width or sign, as secret. See
|
|
275
|
+
// |CONSTTIME_SECRET| for details.
|
|
276
|
+
OPENSSL_INLINE void bn_secret(BIGNUM *bn) {
|
|
277
|
+
CONSTTIME_SECRET(bn->d, bn->width * sizeof(BN_ULONG));
|
|
278
|
+
}
|
|
279
|
+
|
|
280
|
+
// bn_declassify marks |bn|'s value as public. See |CONSTTIME_DECLASSIFY| for
|
|
281
|
+
// details.
|
|
282
|
+
OPENSSL_INLINE void bn_declassify(BIGNUM *bn) {
|
|
283
|
+
CONSTTIME_DECLASSIFY(bn->d, bn->width * sizeof(BN_ULONG));
|
|
284
|
+
}
|
|
285
|
+
|
|
272
286
|
// bn_mul_add_words multiples |ap| by |w|, adds the result to |rp|, and places
|
|
273
287
|
// the result in |rp|. |ap| and |rp| must both be |num| words long. It returns
|
|
274
288
|
// the carry word of the operation. |ap| and |rp| may be equal but otherwise may
|
|
@@ -386,8 +400,41 @@ int bn_rand_secret_range(BIGNUM *r, int *out_is_uniform, BN_ULONG min_inclusive,
|
|
|
386
400
|
// inputs.
|
|
387
401
|
int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
|
388
402
|
const BN_ULONG *np, const BN_ULONG *n0, size_t num);
|
|
403
|
+
|
|
404
|
+
#if defined(OPENSSL_X86_64)
|
|
405
|
+
OPENSSL_INLINE int bn_mulx_adx_capable(void) {
|
|
406
|
+
// MULX is in BMI2.
|
|
407
|
+
return CRYPTO_is_BMI2_capable() && CRYPTO_is_ADX_capable();
|
|
408
|
+
}
|
|
409
|
+
int bn_mul_mont_nohw(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
|
410
|
+
const BN_ULONG *np, const BN_ULONG *n0, size_t num);
|
|
411
|
+
OPENSSL_INLINE int bn_mul4x_mont_capable(size_t num) {
|
|
412
|
+
return num >= 8 && (num & 3) == 0;
|
|
413
|
+
}
|
|
414
|
+
int bn_mul4x_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
|
415
|
+
const BN_ULONG *np, const BN_ULONG *n0, size_t num);
|
|
416
|
+
OPENSSL_INLINE int bn_mulx4x_mont_capable(size_t num) {
|
|
417
|
+
return bn_mul4x_mont_capable(num) && bn_mulx_adx_capable();
|
|
418
|
+
}
|
|
419
|
+
int bn_mulx4x_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
|
420
|
+
const BN_ULONG *np, const BN_ULONG *n0, size_t num);
|
|
421
|
+
OPENSSL_INLINE int bn_sqr8x_mont_capable(size_t num) {
|
|
422
|
+
return num >= 8 && (num & 7) == 0;
|
|
423
|
+
}
|
|
424
|
+
int bn_sqr8x_mont(BN_ULONG *rp, const BN_ULONG *ap, BN_ULONG mulx_adx_capable,
|
|
425
|
+
const BN_ULONG *np, const BN_ULONG *n0, size_t num);
|
|
426
|
+
#elif defined(OPENSSL_ARM)
|
|
427
|
+
OPENSSL_INLINE int bn_mul8x_mont_neon_capable(size_t num) {
|
|
428
|
+
return (num & 7) == 0 && CRYPTO_is_NEON_capable();
|
|
429
|
+
}
|
|
430
|
+
int bn_mul8x_mont_neon(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
|
431
|
+
const BN_ULONG *np, const BN_ULONG *n0, size_t num);
|
|
432
|
+
int bn_mul_mont_nohw(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
|
433
|
+
const BN_ULONG *np, const BN_ULONG *n0, size_t num);
|
|
389
434
|
#endif
|
|
390
435
|
|
|
436
|
+
#endif // OPENSSL_BN_ASM_MONT
|
|
437
|
+
|
|
391
438
|
#if !defined(OPENSSL_NO_ASM) && defined(OPENSSL_X86_64)
|
|
392
439
|
#define OPENSSL_BN_ASM_MONT5
|
|
393
440
|
|
|
@@ -754,8 +801,8 @@ void bn_mod_inverse0_prime_mont_small(BN_ULONG *r, const BN_ULONG *a,
|
|
|
754
801
|
|
|
755
802
|
// bn_big_endian_to_words interprets |in_len| bytes from |in| as a big-endian,
|
|
756
803
|
// unsigned integer and writes the result to |out_len| words in |out|. |out_len|
|
|
757
|
-
// must be large enough to represent any |in_len|-byte value. That is, |
|
|
758
|
-
// must be at
|
|
804
|
+
// must be large enough to represent any |in_len|-byte value. That is, |in_len|
|
|
805
|
+
// must be at most |BN_BYTES * out_len|.
|
|
759
806
|
void bn_big_endian_to_words(BN_ULONG *out, size_t out_len, const uint8_t *in,
|
|
760
807
|
size_t in_len);
|
|
761
808
|
|
|
@@ -504,3 +504,29 @@ void bn_mod_mul_montgomery_small(BN_ULONG *r, const BN_ULONG *a,
|
|
|
504
504
|
}
|
|
505
505
|
OPENSSL_cleanse(tmp, 2 * num * sizeof(BN_ULONG));
|
|
506
506
|
}
|
|
507
|
+
|
|
508
|
+
#if defined(OPENSSL_BN_ASM_MONT) && defined(OPENSSL_X86_64)
|
|
509
|
+
int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
|
510
|
+
const BN_ULONG *np, const BN_ULONG *n0, size_t num) {
|
|
511
|
+
if (ap == bp && bn_sqr8x_mont_capable(num)) {
|
|
512
|
+
return bn_sqr8x_mont(rp, ap, bn_mulx_adx_capable(), np, n0, num);
|
|
513
|
+
}
|
|
514
|
+
if (bn_mulx4x_mont_capable(num)) {
|
|
515
|
+
return bn_mulx4x_mont(rp, ap, bp, np, n0, num);
|
|
516
|
+
}
|
|
517
|
+
if (bn_mul4x_mont_capable(num)) {
|
|
518
|
+
return bn_mul4x_mont(rp, ap, bp, np, n0, num);
|
|
519
|
+
}
|
|
520
|
+
return bn_mul_mont_nohw(rp, ap, bp, np, n0, num);
|
|
521
|
+
}
|
|
522
|
+
#endif
|
|
523
|
+
|
|
524
|
+
#if defined(OPENSSL_BN_ASM_MONT) && defined(OPENSSL_ARM)
|
|
525
|
+
int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
|
526
|
+
const BN_ULONG *np, const BN_ULONG *n0, size_t num) {
|
|
527
|
+
if (bn_mul8x_mont_neon_capable(num)) {
|
|
528
|
+
return bn_mul8x_mont_neon(rp, ap, bp, np, n0, num);
|
|
529
|
+
}
|
|
530
|
+
return bn_mul_mont_nohw(rp, ap, bp, np, n0, num);
|
|
531
|
+
}
|
|
532
|
+
#endif
|
|
@@ -179,42 +179,43 @@ int bn_mont_ctx_set_RR_consttime(BN_MONT_CTX *mont, BN_CTX *ctx) {
|
|
|
179
179
|
// Montgomery domain, 2R or 2^(lgBigR+1), and then use Montgomery
|
|
180
180
|
// square-and-multiply to exponentiate.
|
|
181
181
|
//
|
|
182
|
-
// The
|
|
183
|
-
//
|
|
184
|
-
//
|
|
185
|
-
// faster.
|
|
182
|
+
// The square steps take 2^n R to (2^n)*(2^n) R = 2^2n R. This is the same as
|
|
183
|
+
// doubling 2^n R, n times (doubling any x, n times, computes 2^n * x). When n
|
|
184
|
+
// is below some threshold, doubling is faster; when above, squaring is
|
|
185
|
+
// faster. From benchmarking various 32-bit and 64-bit architectures, the word
|
|
186
|
+
// count seems to work well as a threshold. (Doubling scales linearly and
|
|
187
|
+
// Montgomery reduction scales quadratically, so the threshold should scale
|
|
188
|
+
// roughly linearly.)
|
|
186
189
|
//
|
|
187
|
-
//
|
|
188
|
-
//
|
|
189
|
-
//
|
|
190
|
-
//
|
|
191
|
-
//
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
//
|
|
201
|
-
//
|
|
202
|
-
// to reduce.
|
|
190
|
+
// The multiply steps take 2^n R to 2*2^n R = 2^(n+1) R. It is faster to
|
|
191
|
+
// double the value instead, so the square-and-multiply exponentiation would
|
|
192
|
+
// become square-and-double. However, when using the word count as the
|
|
193
|
+
// threshold, it turns out that no multiply/double steps will be needed at
|
|
194
|
+
// all, because squaring any x, i times, computes x^(2^i):
|
|
195
|
+
//
|
|
196
|
+
// (2^threshold)^(2^BN_BITS2_LG) R
|
|
197
|
+
// (2^mont->N.width)^BN_BITS2 R
|
|
198
|
+
// = 2^(mont->N.width*BN_BITS2) R
|
|
199
|
+
// = 2^lgBigR R
|
|
200
|
+
// = RR
|
|
201
|
+
int threshold = mont->N.width;
|
|
202
|
+
|
|
203
|
+
// Calculate 2^threshold R = 2^(threshold + lgBigR) by doubling. The
|
|
204
|
+
// first n_bits - 1 doubles can be skipped because we don't need to reduce.
|
|
203
205
|
if (!BN_set_bit(&mont->RR, n_bits - 1) ||
|
|
204
206
|
!bn_mod_lshift_consttime(&mont->RR, &mont->RR,
|
|
205
|
-
|
|
207
|
+
threshold + (lgBigR - (n_bits - 1)),
|
|
206
208
|
&mont->N, ctx)) {
|
|
207
209
|
return 0;
|
|
208
210
|
}
|
|
209
211
|
|
|
210
|
-
|
|
212
|
+
// The above steps are the same regardless of the threshold. The steps below
|
|
213
|
+
// need to be modified if the threshold changes.
|
|
214
|
+
assert(threshold == mont->N.width);
|
|
215
|
+
for (unsigned i = 0; i < BN_BITS2_LG; i++) {
|
|
211
216
|
if (!BN_mod_mul_montgomery(&mont->RR, &mont->RR, &mont->RR, mont, ctx)) {
|
|
212
217
|
return 0;
|
|
213
218
|
}
|
|
214
|
-
if ((lgBigR & (1u << i)) != 0 &&
|
|
215
|
-
!bn_mod_lshift1_consttime(&mont->RR, &mont->RR, &mont->N, ctx)) {
|
|
216
|
-
return 0;
|
|
217
|
-
}
|
|
218
219
|
}
|
|
219
220
|
|
|
220
221
|
return bn_resize_words(&mont->RR, mont->N.width);
|
|
@@ -143,17 +143,13 @@ static BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a,
|
|
|
143
143
|
// in |a| were zeros.
|
|
144
144
|
dl = -dl;
|
|
145
145
|
for (int i = 0; i < dl; i++) {
|
|
146
|
-
r[i] =
|
|
147
|
-
borrow |= r[i] != 0;
|
|
146
|
+
r[i] = CRYPTO_subc_w(0, b[i], borrow, &borrow);
|
|
148
147
|
}
|
|
149
148
|
} else {
|
|
150
149
|
// |b| is shorter than |a|. Complete the subtraction as if the excess words
|
|
151
150
|
// in |b| were zeros.
|
|
152
151
|
for (int i = 0; i < dl; i++) {
|
|
153
|
-
|
|
154
|
-
BN_ULONG tmp = a[i];
|
|
155
|
-
r[i] = a[i] - borrow;
|
|
156
|
-
borrow = tmp < r[i];
|
|
152
|
+
r[i] = CRYPTO_subc_w(a[i], 0, borrow, &borrow);
|
|
157
153
|
}
|
|
158
154
|
}
|
|
159
155
|
|
|
@@ -359,14 +359,7 @@ static int probable_prime_dh(BIGNUM *rnd, int bits, const BIGNUM *add,
|
|
|
359
359
|
static int probable_prime_dh_safe(BIGNUM *rnd, int bits, const BIGNUM *add,
|
|
360
360
|
const BIGNUM *rem, BN_CTX *ctx);
|
|
361
361
|
|
|
362
|
-
BN_GENCB *BN_GENCB_new(void) {
|
|
363
|
-
BN_GENCB *callback = OPENSSL_malloc(sizeof(BN_GENCB));
|
|
364
|
-
if (callback == NULL) {
|
|
365
|
-
return NULL;
|
|
366
|
-
}
|
|
367
|
-
OPENSSL_memset(callback, 0, sizeof(BN_GENCB));
|
|
368
|
-
return callback;
|
|
369
|
-
}
|
|
362
|
+
BN_GENCB *BN_GENCB_new(void) { return OPENSSL_zalloc(sizeof(BN_GENCB)); }
|
|
370
363
|
|
|
371
364
|
void BN_GENCB_free(BN_GENCB *callback) { OPENSSL_free(callback); }
|
|
372
365
|
|
|
@@ -281,8 +281,14 @@ int bn_rand_range_words(BN_ULONG *out, BN_ULONG min_inclusive,
|
|
|
281
281
|
out[words - 1] &= mask;
|
|
282
282
|
|
|
283
283
|
// If out >= max_exclusive or out < min_inclusive, retry. This implements
|
|
284
|
-
// the equivalent of steps 6 and 7 without leaking the value of |out|.
|
|
285
|
-
|
|
284
|
+
// the equivalent of steps 6 and 7 without leaking the value of |out|. The
|
|
285
|
+
// result of this comparison may be treated as public. It only reveals how
|
|
286
|
+
// many attempts were needed before we found a value in range. This is
|
|
287
|
+
// independent of the final secret output, and has a distribution that
|
|
288
|
+
// depends only on |min_inclusive| and |max_exclusive|, both of which are
|
|
289
|
+
// public.
|
|
290
|
+
} while (!constant_time_declassify_int(
|
|
291
|
+
bn_in_range_words(out, min_inclusive, max_exclusive, words)));
|
|
286
292
|
return 1;
|
|
287
293
|
}
|
|
288
294
|
|
|
@@ -113,12 +113,11 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) {
|
|
|
113
113
|
OPENSSL_memcpy(out, in, sizeof(EVP_CIPHER_CTX));
|
|
114
114
|
|
|
115
115
|
if (in->cipher_data && in->cipher->ctx_size) {
|
|
116
|
-
out->cipher_data =
|
|
116
|
+
out->cipher_data = OPENSSL_memdup(in->cipher_data, in->cipher->ctx_size);
|
|
117
117
|
if (!out->cipher_data) {
|
|
118
118
|
out->cipher = NULL;
|
|
119
119
|
return 0;
|
|
120
120
|
}
|
|
121
|
-
OPENSSL_memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
|
|
122
121
|
}
|
|
123
122
|
|
|
124
123
|
if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY) {
|
|
@@ -586,6 +585,16 @@ unsigned EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx) {
|
|
|
586
585
|
}
|
|
587
586
|
|
|
588
587
|
unsigned EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) {
|
|
588
|
+
if (EVP_CIPHER_mode(ctx->cipher) == EVP_CIPH_GCM_MODE) {
|
|
589
|
+
int length;
|
|
590
|
+
int res = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN, 0,
|
|
591
|
+
&length);
|
|
592
|
+
// EVP_CIPHER_CTX_ctrl returning an error should be impossible under this
|
|
593
|
+
// circumstance. If it somehow did, fallback to the static cipher iv_len.
|
|
594
|
+
if (res == 1) {
|
|
595
|
+
return length;
|
|
596
|
+
}
|
|
597
|
+
}
|
|
589
598
|
return ctx->cipher->iv_len;
|
|
590
599
|
}
|
|
591
600
|
|
|
@@ -408,22 +408,6 @@ static void aes_gcm_cleanup(EVP_CIPHER_CTX *c) {
|
|
|
408
408
|
}
|
|
409
409
|
}
|
|
410
410
|
|
|
411
|
-
// increment counter (64-bit int) by 1
|
|
412
|
-
static void ctr64_inc(uint8_t *counter) {
|
|
413
|
-
int n = 8;
|
|
414
|
-
uint8_t c;
|
|
415
|
-
|
|
416
|
-
do {
|
|
417
|
-
--n;
|
|
418
|
-
c = counter[n];
|
|
419
|
-
++c;
|
|
420
|
-
counter[n] = c;
|
|
421
|
-
if (c) {
|
|
422
|
-
return;
|
|
423
|
-
}
|
|
424
|
-
} while (n);
|
|
425
|
-
}
|
|
426
|
-
|
|
427
411
|
static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) {
|
|
428
412
|
EVP_AES_GCM_CTX *gctx = aes_gcm_from_cipher_ctx(c);
|
|
429
413
|
switch (type) {
|
|
@@ -454,6 +438,10 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) {
|
|
|
454
438
|
gctx->ivlen = arg;
|
|
455
439
|
return 1;
|
|
456
440
|
|
|
441
|
+
case EVP_CTRL_GET_IVLEN:
|
|
442
|
+
*(int *)ptr = gctx->ivlen;
|
|
443
|
+
return 1;
|
|
444
|
+
|
|
457
445
|
case EVP_CTRL_AEAD_SET_TAG:
|
|
458
446
|
if (arg <= 0 || arg > 16 || c->encrypt) {
|
|
459
447
|
return 0;
|
|
@@ -481,9 +469,7 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) {
|
|
|
481
469
|
if (arg < 4 || (gctx->ivlen - arg) < 8) {
|
|
482
470
|
return 0;
|
|
483
471
|
}
|
|
484
|
-
|
|
485
|
-
OPENSSL_memcpy(gctx->iv, ptr, arg);
|
|
486
|
-
}
|
|
472
|
+
OPENSSL_memcpy(gctx->iv, ptr, arg);
|
|
487
473
|
if (c->encrypt) {
|
|
488
474
|
// |RAND_bytes| calls within the fipsmodule should be wrapped with state
|
|
489
475
|
// lock functions to avoid updating the service indicator with the DRBG
|
|
@@ -495,7 +481,7 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) {
|
|
|
495
481
|
gctx->iv_gen = 1;
|
|
496
482
|
return 1;
|
|
497
483
|
|
|
498
|
-
case EVP_CTRL_GCM_IV_GEN:
|
|
484
|
+
case EVP_CTRL_GCM_IV_GEN: {
|
|
499
485
|
if (gctx->iv_gen == 0 || gctx->key_set == 0) {
|
|
500
486
|
return 0;
|
|
501
487
|
}
|
|
@@ -504,12 +490,13 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) {
|
|
|
504
490
|
arg = gctx->ivlen;
|
|
505
491
|
}
|
|
506
492
|
OPENSSL_memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
|
|
507
|
-
// Invocation field will be at least 8 bytes in size
|
|
508
|
-
//
|
|
509
|
-
|
|
510
|
-
|
|
493
|
+
// Invocation field will be at least 8 bytes in size, so no need to check
|
|
494
|
+
// wrap around or increment more than last 8 bytes.
|
|
495
|
+
uint8_t *ctr = gctx->iv + gctx->ivlen - 8;
|
|
496
|
+
CRYPTO_store_u64_be(ctr, CRYPTO_load_u64_be(ctr) + 1);
|
|
511
497
|
gctx->iv_set = 1;
|
|
512
498
|
return 1;
|
|
499
|
+
}
|
|
513
500
|
|
|
514
501
|
case EVP_CTRL_GCM_SET_IV_INV:
|
|
515
502
|
if (gctx->iv_gen == 0 || gctx->key_set == 0 || c->encrypt) {
|