grpc 1.69.0 → 1.70.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Makefile +251 -249
- data/include/grpc/support/atm.h +0 -13
- data/src/core/call/request_buffer.cc +224 -0
- data/src/core/call/request_buffer.h +192 -0
- data/src/core/client_channel/client_channel.cc +2 -3
- data/src/core/client_channel/client_channel_args.h +21 -0
- data/src/core/client_channel/client_channel_filter.h +1 -3
- data/src/core/client_channel/retry_interceptor.cc +406 -0
- data/src/core/client_channel/retry_interceptor.h +157 -0
- data/src/core/client_channel/retry_service_config.h +13 -0
- data/src/core/client_channel/retry_throttle.cc +33 -18
- data/src/core/client_channel/retry_throttle.h +3 -3
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +596 -94
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +189 -13
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_security.cc +1 -3
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +40 -1
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb.h +3 -1
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb.h +66 -36
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.c +19 -17
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb.h +116 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.c +31 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.h +2 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +67 -6
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.c +12 -8
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb.h +151 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.c +60 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.h +32 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb.h +228 -21
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.c +65 -17
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.h +6 -0
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb.h +7 -106
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.c +7 -28
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.h +0 -2
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb.h +85 -0
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb_minitable.c +25 -3
- data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb.h +2 -1
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb.h +152 -0
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.c +40 -10
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.h +2 -0
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +135 -4
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.c +41 -9
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.h +2 -0
- data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb.h +0 -2
- data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.c +0 -1
- data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.h +0 -1
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +16 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.c +3 -2
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +60 -0
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb_minitable.c +13 -2
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb.h +0 -1
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb_minitable.c +0 -1
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +102 -24
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.c +28 -19
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb.h +251 -18
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.c +41 -16
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.h +2 -0
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb.h +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.c +11 -10
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.c +418 -413
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.c +161 -153
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +267 -261
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.c +46 -0
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.h +33 -0
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.c +29 -19
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.h +15 -0
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.c +58 -65
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.h +0 -5
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.c +73 -63
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.c +49 -48
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.c +117 -100
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +905 -897
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.c +15 -18
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +460 -457
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.c +16 -19
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +95 -95
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +202 -191
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.c +148 -135
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.c +23 -22
- data/src/core/filter/filter_args.h +112 -0
- data/src/core/handshaker/http_connect/http_connect_handshaker.cc +1 -1
- data/src/core/lib/channel/promise_based_filter.h +5 -79
- data/src/core/lib/debug/trace_flags.cc +2 -0
- data/src/core/lib/debug/trace_flags.h +1 -0
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +14 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +7 -2
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +0 -2
- data/src/core/lib/event_engine/windows/windows_engine.cc +1 -0
- data/src/core/lib/experiments/experiments.cc +90 -39
- data/src/core/lib/experiments/experiments.h +43 -24
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +1 -1
- data/src/core/lib/promise/activity.cc +2 -0
- data/src/core/lib/promise/activity.h +29 -8
- data/src/core/lib/promise/map.h +42 -0
- data/src/core/lib/promise/party.cc +36 -1
- data/src/core/lib/promise/party.h +13 -5
- data/src/core/lib/promise/sleep.h +1 -0
- data/src/core/lib/promise/status_flag.h +10 -0
- data/src/core/lib/resource_quota/arena.h +8 -0
- data/src/core/lib/resource_quota/connection_quota.h +4 -0
- data/src/core/lib/surface/call_utils.h +2 -0
- data/src/core/lib/surface/client_call.cc +43 -35
- data/src/core/lib/surface/client_call.h +5 -0
- data/src/core/lib/surface/event_string.cc +7 -1
- data/src/core/lib/surface/init_internally.h +13 -2
- data/src/core/lib/surface/server_call.cc +100 -85
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/call_filters.cc +10 -4
- data/src/core/lib/transport/call_filters.h +8 -0
- data/src/core/lib/transport/call_spine.cc +36 -71
- data/src/core/lib/transport/call_spine.h +131 -7
- data/src/core/lib/transport/call_state.h +132 -39
- data/src/core/lib/transport/interception_chain.cc +8 -0
- data/src/core/lib/transport/interception_chain.h +9 -0
- data/src/core/load_balancing/endpoint_list.cc +10 -0
- data/src/core/load_balancing/endpoint_list.h +13 -6
- data/src/core/load_balancing/lb_policy.h +0 -8
- data/src/core/load_balancing/pick_first/pick_first.cc +89 -56
- data/src/core/load_balancing/ring_hash/ring_hash.cc +158 -70
- data/src/core/load_balancing/ring_hash/ring_hash.h +4 -11
- data/src/core/load_balancing/round_robin/round_robin.cc +9 -14
- data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +12 -15
- data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +4 -4
- data/src/core/resolver/xds/xds_dependency_manager.cc +139 -135
- data/src/core/resolver/xds/xds_dependency_manager.h +24 -18
- data/src/core/resolver/xds/xds_resolver.cc +28 -47
- data/src/core/server/server.cc +290 -24
- data/src/core/server/server.h +199 -61
- data/src/core/server/xds_server_config_fetcher.cc +78 -142
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +1 -1
- data/src/core/util/backoff.cc +15 -4
- data/src/core/util/http_client/httpcli.cc +66 -18
- data/src/core/util/http_client/httpcli.h +14 -4
- data/src/core/util/matchers.h +5 -10
- data/src/core/util/ref_counted.h +1 -0
- data/src/core/util/ref_counted_ptr.h +1 -1
- data/src/core/util/useful.h +9 -11
- data/src/core/xds/grpc/xds_endpoint_parser.cc +54 -23
- data/src/core/xds/grpc/xds_metadata.h +8 -0
- data/src/core/xds/xds_client/xds_api.cc +0 -223
- data/src/core/xds/xds_client/xds_api.h +1 -133
- data/src/core/xds/xds_client/xds_client.cc +599 -466
- data/src/core/xds/xds_client/xds_client.h +107 -26
- data/src/core/xds/xds_client/xds_resource_type_impl.h +10 -5
- data/src/ruby/ext/grpc/extconf.rb +1 -0
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_bitstr.c → a_bitstr.cc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_d2i_fp.c → a_d2i_fp.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_dup.c → a_dup.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_i2d_fp.c → a_i2d_fp.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_int.c → a_int.cc} +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_mbstr.c → a_mbstr.cc} +9 -7
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_object.c → a_object.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_strnid.c → a_strnid.cc} +7 -4
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_type.c → a_type.cc} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn1_lib.c → asn1_lib.cc} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn_pack.c → asn_pack.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{posix_time.c → posix_time.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_dec.c → tasn_dec.cc} +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_enc.c → tasn_enc.cc} +9 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_fre.c → tasn_fre.cc} +14 -20
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_new.c → tasn_new.cc} +7 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_utl.c → tasn_utl.cc} +13 -10
- data/third_party/boringssl-with-bazel/src/crypto/base64/{base64.c → base64.cc} +9 -12
- data/third_party/boringssl-with-bazel/src/crypto/bcm_support.h +7 -1
- data/third_party/boringssl-with-bazel/src/crypto/bio/{bio.c → bio.cc} +32 -58
- data/third_party/boringssl-with-bazel/src/crypto/bio/{bio_mem.c → bio_mem.cc} +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/{connect.c → connect.cc} +24 -16
- data/third_party/boringssl-with-bazel/src/crypto/bio/{file.c → file.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/{pair.c → pair.cc} +22 -20
- data/third_party/boringssl-with-bazel/src/crypto/bio/{printf.c → printf.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/{socket_helper.c → socket_helper.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/blake2/{blake2.c → blake2.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/{bn_asn1.c → bn_asn1.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/{convert.c → convert.cc} +21 -21
- data/third_party/boringssl-with-bazel/src/crypto/buf/{buf.c → buf.cc} +6 -3
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/{asn1_compat.c → asn1_compat.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/{ber.c → ber.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/{cbb.c → cbb.cc} +33 -49
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/{cbs.c → cbs.cc} +20 -27
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/{unicode.c → unicode.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/chacha/{chacha.c → chacha.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_aesctrhmac.c → e_aesctrhmac.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_aesgcmsiv.c → e_aesgcmsiv.cc} +23 -26
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_chacha20poly1305.c → e_chacha20poly1305.cc} +1 -8
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_des.c → e_des.cc} +61 -49
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_null.c → e_null.cc} +12 -9
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_rc2.c → e_rc2.cc} +23 -19
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_rc4.c → e_rc4.cc} +10 -8
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_tls.c → e_tls.cc} +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/conf/{conf.c → conf.cc} +17 -14
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_apple.c → cpu_aarch64_apple.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_fuchsia.c → cpu_aarch64_fuchsia.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_linux.c → cpu_aarch64_linux.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_openbsd.c → cpu_aarch64_openbsd.cc} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_sysreg.c → cpu_aarch64_sysreg.cc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_win.c → cpu_aarch64_win.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_arm_freebsd.c → cpu_arm_freebsd.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_arm_linux.c → cpu_arm_linux.cc} +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_intel.c → cpu_intel.cc} +47 -32
- data/third_party/boringssl-with-bazel/src/crypto/{crypto.c → crypto.cc} +6 -11
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/{curve25519.c → curve25519.cc} +28 -31
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/{curve25519_64_adx.c → curve25519_64_adx.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/{spake25519.c → spake25519.cc} +20 -16
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/{dh_asn1.c → dh_asn1.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/{digest_extra.c → digest_extra.cc} +113 -31
- data/third_party/boringssl-with-bazel/src/crypto/dsa/{dsa.c → dsa.cc} +153 -154
- data/third_party/boringssl-with-bazel/src/crypto/dsa/{dsa_asn1.c → dsa_asn1.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/{ec_asn1.c → ec_asn1.cc} +35 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/{ec_derive.c → ec_derive.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/{hash_to_curve.c → hash_to_curve.cc} +66 -64
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/{ecdsa_asn1.c → ecdsa_asn1.cc} +15 -25
- data/third_party/boringssl-with-bazel/src/crypto/engine/{engine.c → engine.cc} +12 -8
- data/third_party/boringssl-with-bazel/src/crypto/err/{err.c → err.cc} +24 -27
- data/third_party/boringssl-with-bazel/src/crypto/err/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/evp/{evp.c → evp.cc} +8 -9
- data/third_party/boringssl-with-bazel/src/crypto/evp/{evp_ctx.c → evp_ctx.cc} +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_dh.c → p_dh.cc} +23 -14
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_dh_asn1.c → p_dh_asn1.cc} +38 -21
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_dsa_asn1.c → p_dsa_asn1.cc} +19 -24
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ec.c → p_ec.cc} +20 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ec_asn1.c → p_ec_asn1.cc} +20 -20
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ed25519.c → p_ed25519.cc} +22 -19
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ed25519_asn1.c → p_ed25519_asn1.cc} +14 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_hkdf.c → p_hkdf.cc} +18 -14
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_rsa.c → p_rsa.cc} +38 -37
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_rsa_asn1.c → p_rsa_asn1.cc} +16 -18
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_x25519.c → p_x25519.cc} +22 -19
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_x25519_asn1.c → p_x25519_asn1.cc} +18 -17
- data/third_party/boringssl-with-bazel/src/crypto/evp/{pbkdf.c → pbkdf.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/evp/{print.c → print.cc} +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/{scrypt.c → scrypt.cc} +7 -5
- data/third_party/boringssl-with-bazel/src/crypto/{ex_data.c → ex_data.cc} +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{aes_nohw.c.inc → aes_nohw.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{key_wrap.c.inc → key_wrap.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{bcm.c → bcm.cc} +96 -101
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +165 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{add.c.inc → add.cc.inc} +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/{x86_64-gcc.c.inc → x86_64-gcc.cc.inc} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{bn.c.inc → bn.cc.inc} +12 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{ctx.c.inc → ctx.cc.inc} +5 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{div.c.inc → div.cc.inc} +29 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{div_extra.c.inc → div_extra.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{exponentiation.c.inc → exponentiation.cc.inc} +22 -22
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{gcd.c.inc → gcd.cc.inc} +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{gcd_extra.c.inc → gcd_extra.cc.inc} +33 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{montgomery.c.inc → montgomery.cc.inc} +10 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{mul.c.inc → mul.cc.inc} +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{prime.c.inc → prime.cc.inc} +31 -34
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{shift.c.inc → shift.cc.inc} +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{aead.c.inc → aead.cc.inc} +18 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{cipher.c.inc → cipher.cc.inc} +6 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{e_aes.c.inc → e_aes.cc.inc} +46 -54
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/{cmac.c.inc → cmac.cc.inc} +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +14 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/{dh.c.inc → dh.cc.inc} +15 -19
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/{digest.c.inc → digest.cc.inc} +17 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/{digests.c.inc → digests.cc.inc} +29 -113
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/{digestsign.c.inc → digestsign.cc.inc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/builtin_curves.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec.c.inc → ec.cc.inc} +10 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec_key.c.inc → ec_key.cc.inc} +12 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{felem.c.inc → felem.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{oct.c.inc → oct.cc.inc} +5 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p224-64.c.inc → p224-64.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz-table.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-nistz.c.inc → p256-nistz.cc.inc} +15 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256.c.inc → p256.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{scalar.c.inc → scalar.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{simple_mul.c.inc → simple_mul.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{util.c.inc → util.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{wnaf.c.inc → wnaf.cc.inc} +24 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/{ecdh.c.inc → ecdh.cc.inc} +14 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/{ecdsa.c.inc → ecdsa.cc.inc} +6 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{fips_shared_support.c → fips_shared_support.cc} +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/{hkdf.c.inc → hkdf.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/{hmac.c.inc → hmac.cc.inc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{gcm.c.inc → gcm.cc.inc} +69 -21
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{gcm_nohw.c.inc → gcm_nohw.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +53 -33
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{polyval.c.inc → polyval.cc.inc} +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/{ctrdrbg.c.inc → ctrdrbg.cc.inc} +5 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/{rand.c.inc → rand.cc.inc} +20 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{blinding.c.inc → blinding.cc.inc} +5 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{padding.c.inc → padding.cc.inc} +21 -21
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{rsa.c.inc → rsa.cc.inc} +77 -73
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{rsa_impl.c.inc → rsa_impl.cc.inc} +50 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/{fips.c.inc → fips.cc.inc} +14 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/{self_check.c.inc → self_check.cc.inc} +56 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/{service_indicator.c.inc → service_indicator.cc.inc} +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha1.c.inc → sha1.cc.inc} +26 -33
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha256.c.inc → sha256.cc.inc} +37 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha512.c.inc → sha512.cc.inc} +48 -76
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/hpke/{hpke.c → hpke.cc} +7 -4
- data/third_party/boringssl-with-bazel/src/crypto/hrss/{hrss.c → hrss.cc} +53 -110
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +191 -248
- data/third_party/boringssl-with-bazel/src/crypto/keccak/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/keccak/{keccak.c → keccak.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/kyber/{kyber.c → kyber.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/lhash/{lhash.c → lhash.cc} +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/md4/md4.c.inc → md4/md4.cc} +8 -12
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/md5 → md5}/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/md5/md5.c.inc → md5/md5.cc} +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/{mem.c → mem.cc} +34 -22
- data/third_party/boringssl-with-bazel/src/crypto/mldsa/internal.h +4 -1
- data/third_party/boringssl-with-bazel/src/crypto/mldsa/{mldsa.c → mldsa.cc} +646 -543
- data/third_party/boringssl-with-bazel/src/crypto/mlkem/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/mlkem/mlkem.cc +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/obj/{obj.c → obj.cc} +27 -30
- data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_info.c → pem_info.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_lib.c → pem_lib.cc} +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_oth.c → pem_oth.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/{pkcs7.c → pkcs7.cc} +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/{pkcs7_x509.c → pkcs7_x509.cc} +26 -25
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{p5_pbev2.c → p5_pbev2.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{pkcs8.c → pkcs8.cc} +159 -158
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{pkcs8_x509.c → pkcs8_x509.cc} +90 -97
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305.c → poly1305.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305_arm.c → poly1305_arm.cc} +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305_vec.c → poly1305_vec.cc} +14 -11
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/pool/{pool.c → pool.cc} +12 -11
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{deterministic.c → deterministic.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{fork_detect.c → fork_detect.cc} +11 -12
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{forkunsafe.c → forkunsafe.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{getentropy.c → getentropy.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/getrandom_fillin.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{ios.c → ios.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{passive.c → passive.cc} +22 -18
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{rand_extra.c → rand_extra.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/sysrand_internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{trusty.c → trusty.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{urandom.c → urandom.cc} +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{windows.c → windows.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{refcount.c → refcount.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/{rsa_asn1.c → rsa_asn1.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/{rsa_crypt.c → rsa_crypt.cc} +81 -78
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_extra.cc +17 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha1.cc +52 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha256.cc +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha512.cc +104 -0
- data/third_party/boringssl-with-bazel/src/crypto/siphash/{siphash.c → siphash.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/address.h +123 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/fors.cc +169 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/fors.h +58 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/internal.h +63 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/merkle.cc +161 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/merkle.h +70 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/params.h +83 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/slhdsa.cc +307 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/thash.cc +173 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/thash.h +85 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/wots.cc +171 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/wots.h +50 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/{stack.c → stack.cc} +10 -6
- data/third_party/boringssl-with-bazel/src/crypto/{thread_none.c → thread_none.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{thread_pthread.c → thread_pthread.cc} +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/{thread_win.c → thread_win.cc} +21 -17
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/{pmbtoken.c → pmbtoken.cc} +146 -158
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/{trust_token.c → trust_token.cc} +19 -21
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/{voprf.c → voprf.cc} +165 -169
- data/third_party/boringssl-with-bazel/src/crypto/x509/{a_digest.c → a_digest.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{a_sign.c → a_sign.cc} +37 -34
- data/third_party/boringssl-with-bazel/src/crypto/x509/{a_verify.c → a_verify.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{algorithm.c → algorithm.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{asn1_gen.c → asn1_gen.cc} +5 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/{by_dir.c → by_dir.cc} +7 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/{policy.c → policy.cc} +188 -178
- data/third_party/boringssl-with-bazel/src/crypto/x509/{rsa_pss.c → rsa_pss.cc} +48 -44
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_akey.c → v3_akey.cc} +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_alt.c → v3_alt.cc} +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_bcons.c → v3_bcons.cc} +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_bitst.c → v3_bitst.cc} +6 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_conf.c → v3_conf.cc} +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_cpols.c → v3_cpols.cc} +47 -41
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_crld.c → v3_crld.cc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_enum.c → v3_enum.cc} +5 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_extku.c → v3_extku.cc} +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_genn.c → v3_genn.cc} +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_ia5.c → v3_ia5.cc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_info.c → v3_info.cc} +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_int.c → v3_int.cc} +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_lib.c → v3_lib.cc} +9 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_ncons.c → v3_ncons.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_ocsp.c → v3_ocsp.cc} +4 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_pcons.c → v3_pcons.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_pmaps.c → v3_pmaps.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_prn.c → v3_prn.cc} +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_purp.c → v3_purp.cc} +16 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_skey.c → v3_skey.cc} +6 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_utl.c → v3_utl.cc} +15 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_att.c → x509_att.cc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_lu.c → x509_lu.cc} +6 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_v3.c → x509_v3.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_vfy.c → x509_vfy.cc} +216 -212
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_vpm.c → x509_vpm.cc} +55 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509spki.c → x509spki.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_all.c → x_all.cc} +10 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_crl.c → x_crl.cc} +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_name.c → x_name.cc} +39 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_pubkey.c → x_pubkey.cc} +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_x509.c → x_x509.cc} +48 -44
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_x509a.c → x_x509a.cc} +4 -2
- data/third_party/boringssl-with-bazel/src/gen/crypto/{err_data.c → err_data.cc} +359 -358
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/asm_base.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1_mac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +237 -275
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +12 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/bcm_public.h +82 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/buffer.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +13 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +6 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dtls1.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +17 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/is_boringssl.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +8 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/objects.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslv.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ossl_typ.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs12.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +10 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/safestack.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +2 -40
- data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/slhdsa.h +133 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +6 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/srtp.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +160 -116
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/time.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3_errors.h +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -6
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +667 -322
- data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +116 -119
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +163 -21
- data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +4 -12
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +94 -49
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +296 -198
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +23 -14
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +363 -343
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +48 -58
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +44 -36
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +145 -159
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +65 -58
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +910 -356
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +29 -41
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +13 -11
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +90 -183
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +38 -64
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +103 -44
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +210 -220
- data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +70 -12
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +20 -17
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +146 -169
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +15 -16
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +79 -95
- data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +3 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +91 -16
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +30 -16
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +51 -56
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +22 -25
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +43 -27
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +63 -59
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +204 -121
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +86 -59
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +51 -62
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +37 -25
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +6 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +6 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_adx.h +4 -1
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1 -1
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +3 -0
- metadata +339 -339
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb.h +0 -426
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.c +0 -87
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.h +0 -32
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb.h +0 -408
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.c +0 -124
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.h +0 -38
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.c +0 -108
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.h +0 -33
- data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.c +0 -67
- data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.h +0 -48
- data/src/core/util/atm.cc +0 -34
- data/third_party/boringssl-with-bazel/src/crypto/dilithium/dilithium.c +0 -1539
- data/third_party/boringssl-with-bazel/src/crypto/dilithium/internal.h +0 -58
- data/third_party/boringssl-with-bazel/src/crypto/spx/address.c +0 -101
- data/third_party/boringssl-with-bazel/src/crypto/spx/address.h +0 -50
- data/third_party/boringssl-with-bazel/src/crypto/spx/fors.c +0 -133
- data/third_party/boringssl-with-bazel/src/crypto/spx/fors.h +0 -54
- data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.c +0 -150
- data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.h +0 -61
- data/third_party/boringssl-with-bazel/src/crypto/spx/params.h +0 -71
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx.c +0 -140
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.c +0 -53
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.h +0 -44
- data/third_party/boringssl-with-bazel/src/crypto/spx/thash.c +0 -136
- data/third_party/boringssl-with-bazel/src/crypto/spx/thash.h +0 -70
- data/third_party/boringssl-with-bazel/src/crypto/spx/wots.c +0 -135
- data/third_party/boringssl-with-bazel/src/crypto/spx/wots.h +0 -45
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/dilithium.h +0 -129
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/spx.h +0 -90
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_bool.c → a_bool.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_gentm.c → a_gentm.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_octet.c → a_octet.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_strex.c → a_strex.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_time.c → a_time.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_utctm.c → a_utctm.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn1_par.c → asn1_par.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{f_int.c → f_int.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{f_string.c → f_string.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_typ.c → tasn_typ.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/bio/{errno.c → errno.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/bio/{fd.c → fd.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/bio/{hexdump.c → hexdump.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/bio/{socket.c → socket.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{cipher_extra.c → cipher_extra.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{derive_key.c → derive_key.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{tls_cbc.c → tls_cbc.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/des/{des.c → des.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/dh_extra/{params.c → params.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/{ecdh_extra.c → ecdh_extra.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/evp/{evp_asn1.c → evp_asn1.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/evp/{sign.c → sign.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{aes.c.inc → aes.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{mode_wrappers.c.inc → mode_wrappers.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{bytes.c.inc → bytes.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{cmp.c.inc → cmp.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{generic.c.inc → generic.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{jacobi.c.inc → jacobi.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{montgomery_inv.c.inc → montgomery_inv.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{random.c.inc → random.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{rsaz_exp.c.inc → rsaz_exp.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{sqrt.c.inc → sqrt.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{e_aesccm.c.inc → e_aesccm.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/{check.c.inc → check.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec_montgomery.c.inc → ec_montgomery.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{simple.c.inc → simple.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{cbc.c.inc → cbc.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{cfb.c.inc → cfb.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{ctr.c.inc → ctr.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{ofb.c.inc → ofb.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/{kdf.c.inc → kdf.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/obj/{obj_xref.c → obj_xref.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_all.c → pem_all.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_pk8.c → pem_pk8.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_pkey.c → pem_pkey.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_x509.c → pem_x509.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_xaux.c → pem_xaux.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/rc4/{rc4.c → rc4.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/{rsa_print.c → rsa_print.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/{thread.c → thread.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{by_file.c → by_file.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{i2d_pr.c → i2d_pr.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{name_print.c → name_print.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_crl.c → t_crl.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_req.c → t_req.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_x509.c → t_x509.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_x509a.c → t_x509a.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_akeya.c → v3_akeya.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509.c → x509.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_cmp.c → x509_cmp.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_d2.c → x509_d2.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_def.c → x509_def.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_ext.c → x509_ext.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_obj.c → x509_obj.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_req.c → x509_req.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_set.c → x509_set.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_trs.c → x509_trs.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_txt.c → x509_txt.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509cset.c → x509cset.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509name.c → x509name.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509rset.c → x509rset.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_algor.c → x_algor.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_attrib.c → x_attrib.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_exten.c → x_exten.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_req.c → x_req.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_sig.c → x_sig.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_spki.c → x_spki.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_val.c → x_val.cc} +0 -0
|
@@ -27,7 +27,9 @@
|
|
|
27
27
|
// scrypt blocks, respectively.
|
|
28
28
|
|
|
29
29
|
// A block_t is a Salsa20 block.
|
|
30
|
-
typedef struct {
|
|
30
|
+
typedef struct {
|
|
31
|
+
uint32_t words[16];
|
|
32
|
+
} block_t;
|
|
31
33
|
|
|
32
34
|
static_assert(sizeof(block_t) == 64, "block_t has padding");
|
|
33
35
|
|
|
@@ -138,7 +140,7 @@ static void scryptROMix(block_t *B, uint64_t r, uint64_t N, block_t *T,
|
|
|
138
140
|
|
|
139
141
|
// SCRYPT_MAX_MEM is the default maximum memory that may be allocated by
|
|
140
142
|
// |EVP_PBE_scrypt|.
|
|
141
|
-
#define SCRYPT_MAX_MEM (1024 * 1024 *
|
|
143
|
+
#define SCRYPT_MAX_MEM (1024 * 1024 * 65)
|
|
142
144
|
|
|
143
145
|
int EVP_PBE_scrypt(const char *password, size_t password_len,
|
|
144
146
|
const uint8_t *salt, size_t salt_len, uint64_t N, uint64_t r,
|
|
@@ -162,8 +164,7 @@ int EVP_PBE_scrypt(const char *password, size_t password_len,
|
|
|
162
164
|
}
|
|
163
165
|
|
|
164
166
|
size_t max_scrypt_blocks = max_mem / (2 * r * sizeof(block_t));
|
|
165
|
-
if (max_scrypt_blocks < p + 1 ||
|
|
166
|
-
max_scrypt_blocks - p - 1 < N) {
|
|
167
|
+
if (max_scrypt_blocks < p + 1 || max_scrypt_blocks - p - 1 < N) {
|
|
167
168
|
OPENSSL_PUT_ERROR(EVP, EVP_R_MEMORY_LIMIT_EXCEEDED);
|
|
168
169
|
return 0;
|
|
169
170
|
}
|
|
@@ -175,7 +176,8 @@ int EVP_PBE_scrypt(const char *password, size_t password_len,
|
|
|
175
176
|
size_t B_bytes = B_blocks * sizeof(block_t);
|
|
176
177
|
size_t T_blocks = 2 * r;
|
|
177
178
|
size_t V_blocks = N * 2 * r;
|
|
178
|
-
block_t *B =
|
|
179
|
+
block_t *B = reinterpret_cast<block_t *>(
|
|
180
|
+
OPENSSL_calloc(B_blocks + T_blocks + V_blocks, sizeof(block_t)));
|
|
179
181
|
if (B == NULL) {
|
|
180
182
|
return 0;
|
|
181
183
|
}
|
|
@@ -134,7 +134,8 @@ struct crypto_ex_data_func_st {
|
|
|
134
134
|
|
|
135
135
|
int CRYPTO_get_ex_new_index_ex(CRYPTO_EX_DATA_CLASS *ex_data_class, long argl,
|
|
136
136
|
void *argp, CRYPTO_EX_free *free_func) {
|
|
137
|
-
CRYPTO_EX_DATA_FUNCS *funcs =
|
|
137
|
+
CRYPTO_EX_DATA_FUNCS *funcs = reinterpret_cast<CRYPTO_EX_DATA_FUNCS *>(
|
|
138
|
+
OPENSSL_malloc(sizeof(CRYPTO_EX_DATA_FUNCS)));
|
|
138
139
|
if (funcs == NULL) {
|
|
139
140
|
return -1;
|
|
140
141
|
}
|
|
@@ -202,9 +203,7 @@ void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx) {
|
|
|
202
203
|
return sk_void_value(ad->sk, idx);
|
|
203
204
|
}
|
|
204
205
|
|
|
205
|
-
void CRYPTO_new_ex_data(CRYPTO_EX_DATA *ad) {
|
|
206
|
-
ad->sk = NULL;
|
|
207
|
-
}
|
|
206
|
+
void CRYPTO_new_ex_data(CRYPTO_EX_DATA *ad) { ad->sk = NULL; }
|
|
208
207
|
|
|
209
208
|
void CRYPTO_free_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class, void *obj,
|
|
210
209
|
CRYPTO_EX_DATA *ad) {
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/* Copyright
|
|
1
|
+
/* Copyright 2017 The BoringSSL Authors
|
|
2
2
|
*
|
|
3
3
|
* Permission to use, copy, modify, and/or distribute this software for any
|
|
4
4
|
* purpose with or without fee is hereby granted, provided that the above
|
|
@@ -21,9 +21,7 @@
|
|
|
21
21
|
|
|
22
22
|
#include "../../internal.h"
|
|
23
23
|
|
|
24
|
-
#if defined(__cplusplus)
|
|
25
24
|
extern "C" {
|
|
26
|
-
#endif
|
|
27
25
|
|
|
28
26
|
|
|
29
27
|
#if !defined(OPENSSL_NO_ASM)
|
|
@@ -247,8 +245,6 @@ void aes_nohw_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t len,
|
|
|
247
245
|
const AES_KEY *key, uint8_t *ivec, int enc);
|
|
248
246
|
|
|
249
247
|
|
|
250
|
-
#if defined(__cplusplus)
|
|
251
248
|
} // extern C
|
|
252
|
-
#endif
|
|
253
249
|
|
|
254
250
|
#endif // OPENSSL_HEADER_AES_INTERNAL_H
|
data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{key_wrap.c.inc → key_wrap.cc.inc}
RENAMED
|
@@ -184,7 +184,7 @@ int AES_wrap_key_padded(const AES_KEY *key, uint8_t *out, size_t *out_len,
|
|
|
184
184
|
return 1;
|
|
185
185
|
}
|
|
186
186
|
|
|
187
|
-
uint8_t *padded_in = OPENSSL_malloc(padded_len);
|
|
187
|
+
uint8_t *padded_in = reinterpret_cast<uint8_t *>(OPENSSL_malloc(padded_len));
|
|
188
188
|
if (padded_in == NULL) {
|
|
189
189
|
return 0;
|
|
190
190
|
}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/* Copyright
|
|
1
|
+
/* Copyright 2017 The BoringSSL Authors
|
|
2
2
|
*
|
|
3
3
|
* Permission to use, copy, modify, and/or distribute this software for any
|
|
4
4
|
* purpose with or without fee is hereby granted, provided that the above
|
|
@@ -28,85 +28,84 @@
|
|
|
28
28
|
#include <openssl/hmac.h>
|
|
29
29
|
#include <openssl/sha.h>
|
|
30
30
|
|
|
31
|
-
#include "
|
|
31
|
+
#include "../bcm_support.h"
|
|
32
32
|
#include "../internal.h"
|
|
33
|
+
#include "bcm_interface.h"
|
|
33
34
|
|
|
34
35
|
// TODO(crbug.com/362530616): When delocate is removed, build these files as
|
|
35
36
|
// separate compilation units again.
|
|
36
|
-
#include "aes/aes.
|
|
37
|
-
#include "aes/aes_nohw.
|
|
38
|
-
#include "aes/key_wrap.
|
|
39
|
-
#include "aes/mode_wrappers.
|
|
40
|
-
#include "bn/add.
|
|
41
|
-
#include "bn/asm/x86_64-gcc.
|
|
42
|
-
#include "bn/bn.
|
|
43
|
-
#include "bn/bytes.
|
|
44
|
-
#include "bn/cmp.
|
|
45
|
-
#include "bn/ctx.
|
|
46
|
-
#include "bn/div.
|
|
47
|
-
#include "bn/div_extra.
|
|
48
|
-
#include "bn/exponentiation.
|
|
49
|
-
#include "bn/gcd.
|
|
50
|
-
#include "bn/gcd_extra.
|
|
51
|
-
#include "bn/generic.
|
|
52
|
-
#include "bn/jacobi.
|
|
53
|
-
#include "bn/montgomery.
|
|
54
|
-
#include "bn/montgomery_inv.
|
|
55
|
-
#include "bn/mul.
|
|
56
|
-
#include "bn/prime.
|
|
57
|
-
#include "bn/random.
|
|
58
|
-
#include "bn/rsaz_exp.
|
|
59
|
-
#include "bn/shift.
|
|
60
|
-
#include "bn/sqrt.
|
|
61
|
-
#include "cipher/aead.
|
|
62
|
-
#include "cipher/cipher.
|
|
63
|
-
#include "cipher/e_aes.
|
|
64
|
-
#include "cipher/e_aesccm.
|
|
65
|
-
#include "cmac/cmac.
|
|
66
|
-
#include "dh/check.
|
|
67
|
-
#include "dh/dh.
|
|
68
|
-
#include "digest/digest.
|
|
69
|
-
#include "digest/digests.
|
|
70
|
-
#include "digestsign/digestsign.
|
|
71
|
-
#include "
|
|
72
|
-
#include "
|
|
73
|
-
#include "ec/
|
|
74
|
-
#include "ec/
|
|
75
|
-
#include "ec/
|
|
76
|
-
#include "ec/
|
|
77
|
-
#include "ec/
|
|
78
|
-
#include "ec/
|
|
79
|
-
#include "ec/
|
|
80
|
-
#include "ec/
|
|
81
|
-
#include "ec/
|
|
82
|
-
#include "ec/
|
|
83
|
-
#include "ec/
|
|
84
|
-
#include "
|
|
85
|
-
#include "
|
|
86
|
-
#include "hkdf/hkdf.
|
|
87
|
-
#include "hmac/hmac.
|
|
88
|
-
#include "
|
|
89
|
-
#include "
|
|
90
|
-
#include "modes/
|
|
91
|
-
#include "modes/
|
|
92
|
-
#include "modes/
|
|
93
|
-
#include "modes/
|
|
94
|
-
#include "modes/
|
|
95
|
-
#include "
|
|
96
|
-
#include "
|
|
97
|
-
#include "
|
|
98
|
-
#include "
|
|
99
|
-
#include "rsa/
|
|
100
|
-
#include "rsa/
|
|
101
|
-
#include "
|
|
102
|
-
#include "
|
|
103
|
-
#include "
|
|
104
|
-
#include "
|
|
105
|
-
#include "
|
|
106
|
-
#include "sha/
|
|
107
|
-
#include "
|
|
108
|
-
#include "sha/sha512.c.inc"
|
|
109
|
-
#include "tls/kdf.c.inc"
|
|
37
|
+
#include "aes/aes.cc.inc"
|
|
38
|
+
#include "aes/aes_nohw.cc.inc"
|
|
39
|
+
#include "aes/key_wrap.cc.inc"
|
|
40
|
+
#include "aes/mode_wrappers.cc.inc"
|
|
41
|
+
#include "bn/add.cc.inc"
|
|
42
|
+
#include "bn/asm/x86_64-gcc.cc.inc"
|
|
43
|
+
#include "bn/bn.cc.inc"
|
|
44
|
+
#include "bn/bytes.cc.inc"
|
|
45
|
+
#include "bn/cmp.cc.inc"
|
|
46
|
+
#include "bn/ctx.cc.inc"
|
|
47
|
+
#include "bn/div.cc.inc"
|
|
48
|
+
#include "bn/div_extra.cc.inc"
|
|
49
|
+
#include "bn/exponentiation.cc.inc"
|
|
50
|
+
#include "bn/gcd.cc.inc"
|
|
51
|
+
#include "bn/gcd_extra.cc.inc"
|
|
52
|
+
#include "bn/generic.cc.inc"
|
|
53
|
+
#include "bn/jacobi.cc.inc"
|
|
54
|
+
#include "bn/montgomery.cc.inc"
|
|
55
|
+
#include "bn/montgomery_inv.cc.inc"
|
|
56
|
+
#include "bn/mul.cc.inc"
|
|
57
|
+
#include "bn/prime.cc.inc"
|
|
58
|
+
#include "bn/random.cc.inc"
|
|
59
|
+
#include "bn/rsaz_exp.cc.inc"
|
|
60
|
+
#include "bn/shift.cc.inc"
|
|
61
|
+
#include "bn/sqrt.cc.inc"
|
|
62
|
+
#include "cipher/aead.cc.inc"
|
|
63
|
+
#include "cipher/cipher.cc.inc"
|
|
64
|
+
#include "cipher/e_aes.cc.inc"
|
|
65
|
+
#include "cipher/e_aesccm.cc.inc"
|
|
66
|
+
#include "cmac/cmac.cc.inc"
|
|
67
|
+
#include "dh/check.cc.inc"
|
|
68
|
+
#include "dh/dh.cc.inc"
|
|
69
|
+
#include "digest/digest.cc.inc"
|
|
70
|
+
#include "digest/digests.cc.inc"
|
|
71
|
+
#include "digestsign/digestsign.cc.inc"
|
|
72
|
+
#include "ec/ec.cc.inc"
|
|
73
|
+
#include "ec/ec_key.cc.inc"
|
|
74
|
+
#include "ec/ec_montgomery.cc.inc"
|
|
75
|
+
#include "ec/felem.cc.inc"
|
|
76
|
+
#include "ec/oct.cc.inc"
|
|
77
|
+
#include "ec/p224-64.cc.inc"
|
|
78
|
+
#include "ec/p256-nistz.cc.inc"
|
|
79
|
+
#include "ec/p256.cc.inc"
|
|
80
|
+
#include "ec/scalar.cc.inc"
|
|
81
|
+
#include "ec/simple.cc.inc"
|
|
82
|
+
#include "ec/simple_mul.cc.inc"
|
|
83
|
+
#include "ec/util.cc.inc"
|
|
84
|
+
#include "ec/wnaf.cc.inc"
|
|
85
|
+
#include "ecdh/ecdh.cc.inc"
|
|
86
|
+
#include "ecdsa/ecdsa.cc.inc"
|
|
87
|
+
#include "hkdf/hkdf.cc.inc"
|
|
88
|
+
#include "hmac/hmac.cc.inc"
|
|
89
|
+
#include "modes/cbc.cc.inc"
|
|
90
|
+
#include "modes/cfb.cc.inc"
|
|
91
|
+
#include "modes/ctr.cc.inc"
|
|
92
|
+
#include "modes/gcm.cc.inc"
|
|
93
|
+
#include "modes/gcm_nohw.cc.inc"
|
|
94
|
+
#include "modes/ofb.cc.inc"
|
|
95
|
+
#include "modes/polyval.cc.inc"
|
|
96
|
+
#include "rand/ctrdrbg.cc.inc"
|
|
97
|
+
#include "rand/rand.cc.inc"
|
|
98
|
+
#include "rsa/blinding.cc.inc"
|
|
99
|
+
#include "rsa/padding.cc.inc"
|
|
100
|
+
#include "rsa/rsa.cc.inc"
|
|
101
|
+
#include "rsa/rsa_impl.cc.inc"
|
|
102
|
+
#include "self_check/fips.cc.inc"
|
|
103
|
+
#include "self_check/self_check.cc.inc"
|
|
104
|
+
#include "service_indicator/service_indicator.cc.inc"
|
|
105
|
+
#include "sha/sha1.cc.inc"
|
|
106
|
+
#include "sha/sha256.cc.inc"
|
|
107
|
+
#include "sha/sha512.cc.inc"
|
|
108
|
+
#include "tls/kdf.cc.inc"
|
|
110
109
|
|
|
111
110
|
|
|
112
111
|
#if defined(BORINGSSL_FIPS)
|
|
@@ -129,18 +128,17 @@ extern const uint8_t BORINGSSL_bcm_rodata_end[];
|
|
|
129
128
|
// aborts otherwise.
|
|
130
129
|
static void assert_within(const void *start, const void *symbol,
|
|
131
130
|
const void *end) {
|
|
132
|
-
const uintptr_t start_val = (uintptr_t)
|
|
133
|
-
const uintptr_t symbol_val = (uintptr_t)
|
|
134
|
-
const uintptr_t end_val = (uintptr_t)
|
|
131
|
+
const uintptr_t start_val = (uintptr_t)start;
|
|
132
|
+
const uintptr_t symbol_val = (uintptr_t)symbol;
|
|
133
|
+
const uintptr_t end_val = (uintptr_t)end;
|
|
135
134
|
|
|
136
135
|
if (start_val <= symbol_val && symbol_val < end_val) {
|
|
137
136
|
return;
|
|
138
137
|
}
|
|
139
138
|
|
|
140
|
-
fprintf(
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
start, symbol, end);
|
|
139
|
+
fprintf(CRYPTO_get_stderr(),
|
|
140
|
+
"FIPS module doesn't span expected symbol. Expected %p <= %p < %p\n",
|
|
141
|
+
start, symbol, end);
|
|
144
142
|
BORINGSSL_FIPS_abort();
|
|
145
143
|
}
|
|
146
144
|
|
|
@@ -192,13 +190,13 @@ int BORINGSSL_integrity_test(void) {
|
|
|
192
190
|
const uint8_t *const start = BORINGSSL_bcm_text_start;
|
|
193
191
|
const uint8_t *const end = BORINGSSL_bcm_text_end;
|
|
194
192
|
|
|
195
|
-
assert_within(start, AES_encrypt, end);
|
|
196
|
-
assert_within(start, RSA_sign, end);
|
|
197
|
-
assert_within(start, BCM_rand_bytes, end);
|
|
198
|
-
assert_within(start, EC_GROUP_cmp, end);
|
|
199
|
-
assert_within(start,
|
|
200
|
-
assert_within(start, ecdsa_verify_fixed, end);
|
|
201
|
-
assert_within(start, EVP_AEAD_CTX_seal, end);
|
|
193
|
+
assert_within(start, reinterpret_cast<const void *>(AES_encrypt), end);
|
|
194
|
+
assert_within(start, reinterpret_cast<const void *>(RSA_sign), end);
|
|
195
|
+
assert_within(start, reinterpret_cast<const void *>(BCM_rand_bytes), end);
|
|
196
|
+
assert_within(start, reinterpret_cast<const void *>(EC_GROUP_cmp), end);
|
|
197
|
+
assert_within(start, reinterpret_cast<const void *>(BCM_sha256_update), end);
|
|
198
|
+
assert_within(start, reinterpret_cast<const void *>(ecdsa_verify_fixed), end);
|
|
199
|
+
assert_within(start, reinterpret_cast<const void *>(EVP_AEAD_CTX_seal), end);
|
|
202
200
|
|
|
203
201
|
#if defined(BORINGSSL_SHARED_LIBRARY)
|
|
204
202
|
const uint8_t *const rodata_start = BORINGSSL_bcm_rodata_start;
|
|
@@ -215,8 +213,7 @@ int BORINGSSL_integrity_test(void) {
|
|
|
215
213
|
|
|
216
214
|
uint8_t result[SHA256_DIGEST_LENGTH];
|
|
217
215
|
const EVP_MD *const kHashFunction = EVP_sha256();
|
|
218
|
-
if (!boringssl_self_test_sha256() ||
|
|
219
|
-
!boringssl_self_test_hmac_sha256()) {
|
|
216
|
+
if (!boringssl_self_test_sha256() || !boringssl_self_test_hmac_sha256()) {
|
|
220
217
|
return 0;
|
|
221
218
|
}
|
|
222
219
|
|
|
@@ -226,18 +223,18 @@ int BORINGSSL_integrity_test(void) {
|
|
|
226
223
|
HMAC_CTX_init(&hmac_ctx);
|
|
227
224
|
if (!HMAC_Init_ex(&hmac_ctx, kHMACKey, sizeof(kHMACKey), kHashFunction,
|
|
228
225
|
NULL /* no ENGINE */)) {
|
|
229
|
-
fprintf(
|
|
226
|
+
fprintf(CRYPTO_get_stderr(), "HMAC_Init_ex failed.\n");
|
|
230
227
|
return 0;
|
|
231
228
|
}
|
|
232
229
|
|
|
233
230
|
BORINGSSL_maybe_set_module_text_permissions(PROT_READ | PROT_EXEC);
|
|
234
231
|
#if defined(BORINGSSL_SHARED_LIBRARY)
|
|
235
232
|
uint64_t length = end - start;
|
|
236
|
-
HMAC_Update(&hmac_ctx, (const uint8_t *)
|
|
233
|
+
HMAC_Update(&hmac_ctx, (const uint8_t *)&length, sizeof(length));
|
|
237
234
|
HMAC_Update(&hmac_ctx, start, length);
|
|
238
235
|
|
|
239
236
|
length = rodata_end - rodata_start;
|
|
240
|
-
HMAC_Update(&hmac_ctx, (const uint8_t *)
|
|
237
|
+
HMAC_Update(&hmac_ctx, (const uint8_t *)&length, sizeof(length));
|
|
241
238
|
HMAC_Update(&hmac_ctx, rodata_start, length);
|
|
242
239
|
#else
|
|
243
240
|
HMAC_Update(&hmac_ctx, start, end - start);
|
|
@@ -246,10 +243,10 @@ int BORINGSSL_integrity_test(void) {
|
|
|
246
243
|
|
|
247
244
|
if (!HMAC_Final(&hmac_ctx, result, &result_len) ||
|
|
248
245
|
result_len != sizeof(result)) {
|
|
249
|
-
fprintf(
|
|
246
|
+
fprintf(CRYPTO_get_stderr(), "HMAC failed.\n");
|
|
250
247
|
return 0;
|
|
251
248
|
}
|
|
252
|
-
HMAC_CTX_cleanse(&hmac_ctx);
|
|
249
|
+
HMAC_CTX_cleanse(&hmac_ctx); // FIPS 140-3, AS05.10.
|
|
253
250
|
|
|
254
251
|
const uint8_t *expected = BORINGSSL_bcm_text_hash;
|
|
255
252
|
|
|
@@ -259,13 +256,11 @@ int BORINGSSL_integrity_test(void) {
|
|
|
259
256
|
#endif
|
|
260
257
|
}
|
|
261
258
|
|
|
262
|
-
OPENSSL_cleanse(result, sizeof(result));
|
|
259
|
+
OPENSSL_cleanse(result, sizeof(result)); // FIPS 140-3, AS05.10.
|
|
263
260
|
return 1;
|
|
264
261
|
}
|
|
265
262
|
|
|
266
|
-
const uint8_t*
|
|
267
|
-
return BORINGSSL_bcm_text_hash;
|
|
268
|
-
}
|
|
263
|
+
const uint8_t *FIPS_module_hash(void) { return BORINGSSL_bcm_text_hash; }
|
|
269
264
|
|
|
270
265
|
#endif // OPENSSL_ASAN
|
|
271
266
|
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/* Copyright
|
|
1
|
+
/* Copyright 2024 The BoringSSL Authors
|
|
2
2
|
*
|
|
3
3
|
* Permission to use, copy, modify, and/or distribute this software for any
|
|
4
4
|
* purpose with or without fee is hereby granted, provided that the above
|
|
@@ -15,6 +15,8 @@
|
|
|
15
15
|
#ifndef OPENSSL_HEADER_CRYPTO_BCM_INTERFACE_H
|
|
16
16
|
#define OPENSSL_HEADER_CRYPTO_BCM_INTERFACE_H
|
|
17
17
|
|
|
18
|
+
#include <openssl/bcm_public.h>
|
|
19
|
+
|
|
18
20
|
// This header will eventually become the interface between BCM and the
|
|
19
21
|
// rest of libcrypto. More cleanly separating the two is still a work in
|
|
20
22
|
// progress (see https://crbug.com/boringssl/722) so, at the moment, we
|
|
@@ -32,25 +34,26 @@ extern "C" {
|
|
|
32
34
|
// FIPS service indicator. For the moment, the official service indicator
|
|
33
35
|
// remains the counter, not these values. Once we fully transition to
|
|
34
36
|
// these return values from bcm we will change that.
|
|
35
|
-
enum bcm_infallible_t {
|
|
36
|
-
|
|
37
|
-
|
|
37
|
+
enum class bcm_infallible_t {
|
|
38
|
+
approved,
|
|
39
|
+
not_approved,
|
|
38
40
|
};
|
|
39
41
|
|
|
40
|
-
enum bcm_status_t {
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
// Failure codes, which must all be negative.
|
|
45
|
-
bcm_status_failure,
|
|
42
|
+
enum class bcm_status_t {
|
|
43
|
+
approved,
|
|
44
|
+
not_approved,
|
|
45
|
+
failure,
|
|
46
46
|
};
|
|
47
47
|
typedef enum bcm_status_t bcm_status;
|
|
48
48
|
typedef enum bcm_infallible_t bcm_infallible;
|
|
49
49
|
|
|
50
50
|
OPENSSL_INLINE int bcm_success(bcm_status status) {
|
|
51
|
-
return status ==
|
|
51
|
+
return status == bcm_status::approved || status == bcm_status::not_approved;
|
|
52
52
|
}
|
|
53
53
|
|
|
54
|
+
|
|
55
|
+
// Random number generator.
|
|
56
|
+
|
|
54
57
|
#if defined(BORINGSSL_FIPS)
|
|
55
58
|
|
|
56
59
|
// We overread from /dev/urandom or RDRAND by a factor of 10 and XOR to whiten.
|
|
@@ -64,7 +67,7 @@ OPENSSL_INLINE int bcm_success(bcm_status status) {
|
|
|
64
67
|
// module. The |want_additional_input| parameter is true iff the entropy was
|
|
65
68
|
// obtained from a source other than the system, e.g. directly from the CPU.
|
|
66
69
|
bcm_infallible BCM_rand_load_entropy(const uint8_t *entropy, size_t entropy_len,
|
|
67
|
-
|
|
70
|
+
int want_additional_input);
|
|
68
71
|
|
|
69
72
|
// BCM_rand_bytes is the same as the public |RAND_bytes| function, other
|
|
70
73
|
// than returning a bcm_infallible status indicator.
|
|
@@ -82,6 +85,156 @@ bcm_infallible BCM_rand_bytes_with_additional_data(
|
|
|
82
85
|
uint8_t *out, size_t out_len, const uint8_t user_additional_data[32]);
|
|
83
86
|
|
|
84
87
|
|
|
88
|
+
// SHA-1
|
|
89
|
+
|
|
90
|
+
// BCM_SHA_DIGEST_LENGTH is the length of a SHA-1 digest.
|
|
91
|
+
#define BCM_SHA_DIGEST_LENGTH 20
|
|
92
|
+
|
|
93
|
+
// BCM_sha1_init initialises |sha|.
|
|
94
|
+
bcm_infallible BCM_sha1_init(SHA_CTX *sha);
|
|
95
|
+
|
|
96
|
+
// BCM_SHA1_transform is a low-level function that performs a single, SHA-1
|
|
97
|
+
// block transformation using the state from |sha| and |SHA_CBLOCK| bytes from
|
|
98
|
+
// |block|.
|
|
99
|
+
bcm_infallible BCM_sha1_transform(SHA_CTX *c,
|
|
100
|
+
const uint8_t data[BCM_SHA_CBLOCK]);
|
|
101
|
+
|
|
102
|
+
// BCM_sha1_update adds |len| bytes from |data| to |sha|.
|
|
103
|
+
bcm_infallible BCM_sha1_update(SHA_CTX *c, const void *data, size_t len);
|
|
104
|
+
|
|
105
|
+
// BCM_sha1_final adds the final padding to |sha| and writes the resulting
|
|
106
|
+
// digest to |out|, which must have at least |SHA_DIGEST_LENGTH| bytes of space.
|
|
107
|
+
bcm_infallible BCM_sha1_final(uint8_t out[BCM_SHA_DIGEST_LENGTH], SHA_CTX *c);
|
|
108
|
+
|
|
109
|
+
|
|
110
|
+
// BCM_fips_186_2_prf derives |out_len| bytes from |xkey| using the PRF
|
|
111
|
+
// defined in FIPS 186-2, Appendix 3.1, with change notice 1 applied. The b
|
|
112
|
+
// parameter is 160 and seed, XKEY, is also 160 bits. The optional XSEED user
|
|
113
|
+
// input is all zeros.
|
|
114
|
+
//
|
|
115
|
+
// The PRF generates a sequence of 320-bit numbers. Each number is encoded as a
|
|
116
|
+
// 40-byte string in big-endian and then concatenated to form |out|. If
|
|
117
|
+
// |out_len| is not a multiple of 40, the result is truncated. This matches the
|
|
118
|
+
// construction used in Section 7 of RFC 4186 and Section 7 of RFC 4187.
|
|
119
|
+
//
|
|
120
|
+
// This PRF is based on SHA-1, a weak hash function, and should not be used
|
|
121
|
+
// in new protocols. It is provided for compatibility with some legacy EAP
|
|
122
|
+
// methods.
|
|
123
|
+
bcm_infallible BCM_fips_186_2_prf(uint8_t *out, size_t out_len,
|
|
124
|
+
const uint8_t xkey[BCM_SHA_DIGEST_LENGTH]);
|
|
125
|
+
|
|
126
|
+
|
|
127
|
+
// SHA-224
|
|
128
|
+
|
|
129
|
+
// SHA224_DIGEST_LENGTH is the length of a SHA-224 digest.
|
|
130
|
+
#define BCM_SHA224_DIGEST_LENGTH 28
|
|
131
|
+
|
|
132
|
+
// BCM_sha224_unit initialises |sha|.
|
|
133
|
+
bcm_infallible BCM_sha224_init(SHA256_CTX *sha);
|
|
134
|
+
|
|
135
|
+
// BCM_sha224_update adds |len| bytes from |data| to |sha|.
|
|
136
|
+
bcm_infallible BCM_sha224_update(SHA256_CTX *sha, const void *data, size_t len);
|
|
137
|
+
|
|
138
|
+
// BCM_sha224_final adds the final padding to |sha| and writes the resulting
|
|
139
|
+
// digest to |out|, which must have at least |SHA224_DIGEST_LENGTH| bytes of
|
|
140
|
+
// space. It aborts on programmer error.
|
|
141
|
+
bcm_infallible BCM_sha224_final(uint8_t out[BCM_SHA224_DIGEST_LENGTH],
|
|
142
|
+
SHA256_CTX *sha);
|
|
143
|
+
|
|
144
|
+
|
|
145
|
+
// SHA-256
|
|
146
|
+
|
|
147
|
+
// BCM_SHA256_DIGEST_LENGTH is the length of a SHA-256 digest.
|
|
148
|
+
#define BCM_SHA256_DIGEST_LENGTH 32
|
|
149
|
+
|
|
150
|
+
// BCM_sha256_init initialises |sha|.
|
|
151
|
+
bcm_infallible BCM_sha256_init(SHA256_CTX *sha);
|
|
152
|
+
|
|
153
|
+
// BCM_sha256_update adds |len| bytes from |data| to |sha|.
|
|
154
|
+
bcm_infallible BCM_sha256_update(SHA256_CTX *sha, const void *data, size_t len);
|
|
155
|
+
|
|
156
|
+
// BCM_sha256_final adds the final padding to |sha| and writes the resulting
|
|
157
|
+
// digest to |out|, which must have at least |BCM_SHA256_DIGEST_LENGTH| bytes of
|
|
158
|
+
// space. It aborts on programmer error.
|
|
159
|
+
bcm_infallible BCM_sha256_final(uint8_t out[BCM_SHA256_DIGEST_LENGTH],
|
|
160
|
+
SHA256_CTX *sha);
|
|
161
|
+
|
|
162
|
+
// BCM_sha256_transform is a low-level function that performs a single, SHA-256
|
|
163
|
+
// block transformation using the state from |sha| and |BCM_SHA256_CBLOCK| bytes
|
|
164
|
+
// from |block|.
|
|
165
|
+
bcm_infallible BCM_sha256_transform(SHA256_CTX *sha,
|
|
166
|
+
const uint8_t block[BCM_SHA256_CBLOCK]);
|
|
167
|
+
|
|
168
|
+
// BCM_sha256_transform_blocks is a low-level function that takes |num_blocks| *
|
|
169
|
+
// |BCM_SHA256_CBLOCK| bytes of data and performs SHA-256 transforms on it to
|
|
170
|
+
// update |state|.
|
|
171
|
+
bcm_infallible BCM_sha256_transform_blocks(uint32_t state[8],
|
|
172
|
+
const uint8_t *data,
|
|
173
|
+
size_t num_blocks);
|
|
174
|
+
|
|
175
|
+
|
|
176
|
+
// SHA-384.
|
|
177
|
+
|
|
178
|
+
// BCM_SHA384_DIGEST_LENGTH is the length of a SHA-384 digest.
|
|
179
|
+
#define BCM_SHA384_DIGEST_LENGTH 48
|
|
180
|
+
|
|
181
|
+
// BCM_sha384_init initialises |sha|.
|
|
182
|
+
bcm_infallible BCM_sha384_init(SHA512_CTX *sha);
|
|
183
|
+
|
|
184
|
+
// BCM_sha384_update adds |len| bytes from |data| to |sha|.
|
|
185
|
+
bcm_infallible BCM_sha384_update(SHA512_CTX *sha, const void *data, size_t len);
|
|
186
|
+
|
|
187
|
+
// BCM_sha384_final adds the final padding to |sha| and writes the resulting
|
|
188
|
+
// digest to |out|, which must have at least |BCM_sha384_DIGEST_LENGTH| bytes of
|
|
189
|
+
// space. It may abort on programmer error.
|
|
190
|
+
bcm_infallible BCM_sha384_final(uint8_t out[BCM_SHA384_DIGEST_LENGTH],
|
|
191
|
+
SHA512_CTX *sha);
|
|
192
|
+
|
|
193
|
+
|
|
194
|
+
// SHA-512.
|
|
195
|
+
|
|
196
|
+
// BCM_SHA512_DIGEST_LENGTH is the length of a SHA-512 digest.
|
|
197
|
+
#define BCM_SHA512_DIGEST_LENGTH 64
|
|
198
|
+
|
|
199
|
+
// BCM_sha512_init initialises |sha|.
|
|
200
|
+
bcm_infallible BCM_sha512_init(SHA512_CTX *sha);
|
|
201
|
+
|
|
202
|
+
// BCM_sha512_update adds |len| bytes from |data| to |sha|.
|
|
203
|
+
bcm_infallible BCM_sha512_update(SHA512_CTX *sha, const void *data, size_t len);
|
|
204
|
+
|
|
205
|
+
// BCM_sha512_final adds the final padding to |sha| and writes the resulting
|
|
206
|
+
// digest to |out|, which must have at least |BCM_sha512_DIGEST_LENGTH| bytes of
|
|
207
|
+
// space.
|
|
208
|
+
bcm_infallible BCM_sha512_final(uint8_t out[BCM_SHA512_DIGEST_LENGTH],
|
|
209
|
+
SHA512_CTX *sha);
|
|
210
|
+
|
|
211
|
+
// BCM_sha512_transform is a low-level function that performs a single, SHA-512
|
|
212
|
+
// block transformation using the state from |sha| and |BCM_sha512_CBLOCK| bytes
|
|
213
|
+
// from |block|.
|
|
214
|
+
bcm_infallible BCM_sha512_transform(SHA512_CTX *sha,
|
|
215
|
+
const uint8_t block[BCM_SHA512_CBLOCK]);
|
|
216
|
+
|
|
217
|
+
|
|
218
|
+
// SHA-512-256
|
|
219
|
+
//
|
|
220
|
+
// See https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf section 5.3.6
|
|
221
|
+
|
|
222
|
+
#define BCM_SHA512_256_DIGEST_LENGTH 32
|
|
223
|
+
|
|
224
|
+
// BCM_sha512_256_init initialises |sha|.
|
|
225
|
+
bcm_infallible BCM_sha512_256_init(SHA512_CTX *sha);
|
|
226
|
+
|
|
227
|
+
// BCM_sha512_256_update adds |len| bytes from |data| to |sha|.
|
|
228
|
+
bcm_infallible BCM_sha512_256_update(SHA512_CTX *sha, const void *data,
|
|
229
|
+
size_t len);
|
|
230
|
+
|
|
231
|
+
// BCM_sha512_256_final adds the final padding to |sha| and writes the resulting
|
|
232
|
+
// digest to |out|, which must have at least |BCM_sha512_256_DIGEST_LENGTH|
|
|
233
|
+
// bytes of space. It may abort on programmer error.
|
|
234
|
+
bcm_infallible BCM_sha512_256_final(uint8_t out[BCM_SHA512_256_DIGEST_LENGTH],
|
|
235
|
+
SHA512_CTX *sha);
|
|
236
|
+
|
|
237
|
+
|
|
85
238
|
#if defined(__cplusplus)
|
|
86
239
|
} // extern C
|
|
87
240
|
#endif
|
|
@@ -67,7 +67,7 @@
|
|
|
67
67
|
// want to keep the value of zero;
|
|
68
68
|
#define mul_add(r, a, word, carry) \
|
|
69
69
|
do { \
|
|
70
|
-
|
|
70
|
+
BN_ULONG high, low; \
|
|
71
71
|
__asm__("mulq %3" : "=a"(low), "=d"(high) : "a"(word), "m"(a) : "cc"); \
|
|
72
72
|
__asm__("addq %2,%0; adcq %3,%1" \
|
|
73
73
|
: "+r"(carry), "+d"(high) \
|
|
@@ -82,7 +82,7 @@
|
|
|
82
82
|
|
|
83
83
|
#define mul(r, a, word, carry) \
|
|
84
84
|
do { \
|
|
85
|
-
|
|
85
|
+
BN_ULONG high, low; \
|
|
86
86
|
__asm__("mulq %3" : "=a"(low), "=d"(high) : "a"(word), "g"(a) : "cc"); \
|
|
87
87
|
__asm__("addq %2,%0; adcq %3,%1" \
|
|
88
88
|
: "+r"(carry), "+d"(high) \
|
|
@@ -194,7 +194,7 @@ BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
|
|
194
194
|
return 0;
|
|
195
195
|
}
|
|
196
196
|
|
|
197
|
-
__asm__ volatile
|
|
197
|
+
__asm__ volatile(
|
|
198
198
|
" subq %0,%0 \n" // clear carry
|
|
199
199
|
" jmp 1f \n"
|
|
200
200
|
".p2align 4 \n"
|
|
@@ -222,7 +222,7 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
|
|
222
222
|
return 0;
|
|
223
223
|
}
|
|
224
224
|
|
|
225
|
-
__asm__ volatile
|
|
225
|
+
__asm__ volatile(
|
|
226
226
|
" subq %0,%0 \n" // clear borrow
|
|
227
227
|
" jmp 1f \n"
|
|
228
228
|
".p2align 4 \n"
|