grpc 1.69.0 → 1.70.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (640) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +251 -249
  3. data/include/grpc/support/atm.h +0 -13
  4. data/src/core/call/request_buffer.cc +224 -0
  5. data/src/core/call/request_buffer.h +192 -0
  6. data/src/core/client_channel/client_channel.cc +2 -3
  7. data/src/core/client_channel/client_channel_args.h +21 -0
  8. data/src/core/client_channel/client_channel_filter.h +1 -3
  9. data/src/core/client_channel/retry_interceptor.cc +406 -0
  10. data/src/core/client_channel/retry_interceptor.h +157 -0
  11. data/src/core/client_channel/retry_service_config.h +13 -0
  12. data/src/core/client_channel/retry_throttle.cc +33 -18
  13. data/src/core/client_channel/retry_throttle.h +3 -3
  14. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +596 -94
  15. data/src/core/ext/transport/chttp2/server/chttp2_server.h +189 -13
  16. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +1 -0
  17. data/src/core/ext/transport/chttp2/transport/frame_security.cc +1 -3
  18. data/src/core/ext/transport/chttp2/transport/stream_lists.cc +40 -1
  19. data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb.h +3 -1
  20. data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb.h +66 -36
  21. data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.c +19 -17
  22. data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb.h +116 -0
  23. data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.c +31 -5
  24. data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.h +2 -0
  25. data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +67 -6
  26. data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.c +12 -8
  27. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb.h +151 -0
  28. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.c +60 -0
  29. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.h +32 -0
  30. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb.h +228 -21
  31. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.c +65 -17
  32. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.h +6 -0
  33. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb.h +7 -106
  34. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.c +7 -28
  35. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.h +0 -2
  36. data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb.h +85 -0
  37. data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb_minitable.c +25 -3
  38. data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb.h +2 -1
  39. data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb.h +152 -0
  40. data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.c +40 -10
  41. data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.h +2 -0
  42. data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +135 -4
  43. data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.c +41 -9
  44. data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.h +2 -0
  45. data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb.h +0 -2
  46. data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.c +0 -1
  47. data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.h +0 -1
  48. data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +16 -0
  49. data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.c +3 -2
  50. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +60 -0
  51. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb_minitable.c +13 -2
  52. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb.h +0 -1
  53. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb_minitable.c +0 -1
  54. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +102 -24
  55. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.c +28 -19
  56. data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb.h +251 -18
  57. data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.c +41 -16
  58. data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.h +2 -0
  59. data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb.h +2 -1
  60. data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.c +11 -10
  61. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.c +418 -413
  62. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.c +161 -153
  63. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.h +5 -0
  64. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +267 -261
  65. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.c +46 -0
  66. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.h +33 -0
  67. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.c +29 -19
  68. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.h +15 -0
  69. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.c +58 -65
  70. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.h +0 -5
  71. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.c +73 -63
  72. data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.c +49 -48
  73. data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.c +117 -100
  74. data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
  75. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +905 -897
  76. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +5 -0
  77. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.c +15 -18
  78. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +460 -457
  79. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.c +16 -19
  80. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +95 -95
  81. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +202 -191
  82. data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.c +148 -135
  83. data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.h +5 -0
  84. data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.c +23 -22
  85. data/src/core/filter/filter_args.h +112 -0
  86. data/src/core/handshaker/http_connect/http_connect_handshaker.cc +1 -1
  87. data/src/core/lib/channel/promise_based_filter.h +5 -79
  88. data/src/core/lib/debug/trace_flags.cc +2 -0
  89. data/src/core/lib/debug/trace_flags.h +1 -0
  90. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +14 -0
  91. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +7 -2
  92. data/src/core/lib/event_engine/posix_engine/posix_engine.h +0 -2
  93. data/src/core/lib/event_engine/windows/windows_engine.cc +1 -0
  94. data/src/core/lib/experiments/experiments.cc +90 -39
  95. data/src/core/lib/experiments/experiments.h +43 -24
  96. data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +1 -1
  97. data/src/core/lib/promise/activity.cc +2 -0
  98. data/src/core/lib/promise/activity.h +29 -8
  99. data/src/core/lib/promise/map.h +42 -0
  100. data/src/core/lib/promise/party.cc +36 -1
  101. data/src/core/lib/promise/party.h +13 -5
  102. data/src/core/lib/promise/sleep.h +1 -0
  103. data/src/core/lib/promise/status_flag.h +10 -0
  104. data/src/core/lib/resource_quota/arena.h +8 -0
  105. data/src/core/lib/resource_quota/connection_quota.h +4 -0
  106. data/src/core/lib/surface/call_utils.h +2 -0
  107. data/src/core/lib/surface/client_call.cc +43 -35
  108. data/src/core/lib/surface/client_call.h +5 -0
  109. data/src/core/lib/surface/event_string.cc +7 -1
  110. data/src/core/lib/surface/init_internally.h +13 -2
  111. data/src/core/lib/surface/server_call.cc +100 -85
  112. data/src/core/lib/surface/version.cc +2 -2
  113. data/src/core/lib/transport/call_filters.cc +10 -4
  114. data/src/core/lib/transport/call_filters.h +8 -0
  115. data/src/core/lib/transport/call_spine.cc +36 -71
  116. data/src/core/lib/transport/call_spine.h +131 -7
  117. data/src/core/lib/transport/call_state.h +132 -39
  118. data/src/core/lib/transport/interception_chain.cc +8 -0
  119. data/src/core/lib/transport/interception_chain.h +9 -0
  120. data/src/core/load_balancing/endpoint_list.cc +10 -0
  121. data/src/core/load_balancing/endpoint_list.h +13 -6
  122. data/src/core/load_balancing/lb_policy.h +0 -8
  123. data/src/core/load_balancing/pick_first/pick_first.cc +89 -56
  124. data/src/core/load_balancing/ring_hash/ring_hash.cc +158 -70
  125. data/src/core/load_balancing/ring_hash/ring_hash.h +4 -11
  126. data/src/core/load_balancing/round_robin/round_robin.cc +9 -14
  127. data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +12 -15
  128. data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +4 -4
  129. data/src/core/resolver/xds/xds_dependency_manager.cc +139 -135
  130. data/src/core/resolver/xds/xds_dependency_manager.h +24 -18
  131. data/src/core/resolver/xds/xds_resolver.cc +28 -47
  132. data/src/core/server/server.cc +290 -24
  133. data/src/core/server/server.h +199 -61
  134. data/src/core/server/xds_server_config_fetcher.cc +78 -142
  135. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +1 -1
  136. data/src/core/util/backoff.cc +15 -4
  137. data/src/core/util/http_client/httpcli.cc +66 -18
  138. data/src/core/util/http_client/httpcli.h +14 -4
  139. data/src/core/util/matchers.h +5 -10
  140. data/src/core/util/ref_counted.h +1 -0
  141. data/src/core/util/ref_counted_ptr.h +1 -1
  142. data/src/core/util/useful.h +9 -11
  143. data/src/core/xds/grpc/xds_endpoint_parser.cc +54 -23
  144. data/src/core/xds/grpc/xds_metadata.h +8 -0
  145. data/src/core/xds/xds_client/xds_api.cc +0 -223
  146. data/src/core/xds/xds_client/xds_api.h +1 -133
  147. data/src/core/xds/xds_client/xds_client.cc +599 -466
  148. data/src/core/xds/xds_client/xds_client.h +107 -26
  149. data/src/core/xds/xds_client/xds_resource_type_impl.h +10 -5
  150. data/src/ruby/ext/grpc/extconf.rb +1 -0
  151. data/src/ruby/lib/grpc/version.rb +1 -1
  152. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_bitstr.c → a_bitstr.cc} +3 -2
  153. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_d2i_fp.c → a_d2i_fp.cc} +1 -1
  154. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_dup.c → a_dup.cc} +1 -1
  155. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_i2d_fp.c → a_i2d_fp.cc} +1 -1
  156. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_int.c → a_int.cc} +2 -1
  157. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_mbstr.c → a_mbstr.cc} +9 -7
  158. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_object.c → a_object.cc} +1 -1
  159. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_strnid.c → a_strnid.cc} +7 -4
  160. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_type.c → a_type.cc} +4 -4
  161. data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn1_lib.c → asn1_lib.cc} +4 -4
  162. data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn_pack.c → asn_pack.cc} +2 -2
  163. data/third_party/boringssl-with-bazel/src/crypto/asn1/{posix_time.c → posix_time.cc} +2 -2
  164. data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_dec.c → tasn_dec.cc} +4 -3
  165. data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_enc.c → tasn_enc.cc} +9 -6
  166. data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_fre.c → tasn_fre.cc} +14 -20
  167. data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_new.c → tasn_new.cc} +7 -6
  168. data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_utl.c → tasn_utl.cc} +13 -10
  169. data/third_party/boringssl-with-bazel/src/crypto/base64/{base64.c → base64.cc} +9 -12
  170. data/third_party/boringssl-with-bazel/src/crypto/bcm_support.h +7 -1
  171. data/third_party/boringssl-with-bazel/src/crypto/bio/{bio.c → bio.cc} +32 -58
  172. data/third_party/boringssl-with-bazel/src/crypto/bio/{bio_mem.c → bio_mem.cc} +8 -7
  173. data/third_party/boringssl-with-bazel/src/crypto/bio/{connect.c → connect.cc} +24 -16
  174. data/third_party/boringssl-with-bazel/src/crypto/bio/{file.c → file.cc} +3 -3
  175. data/third_party/boringssl-with-bazel/src/crypto/bio/{pair.c → pair.cc} +22 -20
  176. data/third_party/boringssl-with-bazel/src/crypto/bio/{printf.c → printf.cc} +2 -2
  177. data/third_party/boringssl-with-bazel/src/crypto/bio/{socket_helper.c → socket_helper.cc} +1 -1
  178. data/third_party/boringssl-with-bazel/src/crypto/blake2/{blake2.c → blake2.cc} +2 -2
  179. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/{bn_asn1.c → bn_asn1.cc} +1 -1
  180. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/{convert.c → convert.cc} +21 -21
  181. data/third_party/boringssl-with-bazel/src/crypto/buf/{buf.c → buf.cc} +6 -3
  182. data/third_party/boringssl-with-bazel/src/crypto/bytestring/{asn1_compat.c → asn1_compat.cc} +1 -1
  183. data/third_party/boringssl-with-bazel/src/crypto/bytestring/{ber.c → ber.cc} +1 -1
  184. data/third_party/boringssl-with-bazel/src/crypto/bytestring/{cbb.c → cbb.cc} +33 -49
  185. data/third_party/boringssl-with-bazel/src/crypto/bytestring/{cbs.c → cbs.cc} +20 -27
  186. data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +1 -1
  187. data/third_party/boringssl-with-bazel/src/crypto/bytestring/{unicode.c → unicode.cc} +1 -1
  188. data/third_party/boringssl-with-bazel/src/crypto/chacha/{chacha.c → chacha.cc} +1 -1
  189. data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +1 -1
  190. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_aesctrhmac.c → e_aesctrhmac.cc} +1 -1
  191. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_aesgcmsiv.c → e_aesgcmsiv.cc} +23 -26
  192. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_chacha20poly1305.c → e_chacha20poly1305.cc} +1 -8
  193. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_des.c → e_des.cc} +61 -49
  194. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_null.c → e_null.cc} +12 -9
  195. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_rc2.c → e_rc2.cc} +23 -19
  196. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_rc4.c → e_rc4.cc} +10 -8
  197. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_tls.c → e_tls.cc} +2 -1
  198. data/third_party/boringssl-with-bazel/src/crypto/conf/{conf.c → conf.cc} +17 -14
  199. data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +1 -1
  200. data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_apple.c → cpu_aarch64_apple.cc} +2 -2
  201. data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_fuchsia.c → cpu_aarch64_fuchsia.cc} +2 -2
  202. data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_linux.c → cpu_aarch64_linux.cc} +2 -2
  203. data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_openbsd.c → cpu_aarch64_openbsd.cc} +4 -4
  204. data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_sysreg.c → cpu_aarch64_sysreg.cc} +3 -2
  205. data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_win.c → cpu_aarch64_win.cc} +2 -2
  206. data/third_party/boringssl-with-bazel/src/crypto/{cpu_arm_freebsd.c → cpu_arm_freebsd.cc} +3 -3
  207. data/third_party/boringssl-with-bazel/src/crypto/{cpu_arm_linux.c → cpu_arm_linux.cc} +5 -5
  208. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.h +1 -1
  209. data/third_party/boringssl-with-bazel/src/crypto/{cpu_intel.c → cpu_intel.cc} +47 -32
  210. data/third_party/boringssl-with-bazel/src/crypto/{crypto.c → crypto.cc} +6 -11
  211. data/third_party/boringssl-with-bazel/src/crypto/curve25519/{curve25519.c → curve25519.cc} +28 -31
  212. data/third_party/boringssl-with-bazel/src/crypto/curve25519/{curve25519_64_adx.c → curve25519_64_adx.cc} +1 -1
  213. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +1 -1
  214. data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +1 -1
  215. data/third_party/boringssl-with-bazel/src/crypto/curve25519/{spake25519.c → spake25519.cc} +20 -16
  216. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/{dh_asn1.c → dh_asn1.cc} +2 -2
  217. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/{digest_extra.c → digest_extra.cc} +113 -31
  218. data/third_party/boringssl-with-bazel/src/crypto/dsa/{dsa.c → dsa.cc} +153 -154
  219. data/third_party/boringssl-with-bazel/src/crypto/dsa/{dsa_asn1.c → dsa_asn1.cc} +2 -2
  220. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +1 -3
  221. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/{ec_asn1.c → ec_asn1.cc} +35 -0
  222. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/{ec_derive.c → ec_derive.cc} +1 -1
  223. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/{hash_to_curve.c → hash_to_curve.cc} +66 -64
  224. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +1 -1
  225. data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/{ecdsa_asn1.c → ecdsa_asn1.cc} +15 -25
  226. data/third_party/boringssl-with-bazel/src/crypto/engine/{engine.c → engine.cc} +12 -8
  227. data/third_party/boringssl-with-bazel/src/crypto/err/{err.c → err.cc} +24 -27
  228. data/third_party/boringssl-with-bazel/src/crypto/err/internal.h +1 -1
  229. data/third_party/boringssl-with-bazel/src/crypto/evp/{evp.c → evp.cc} +8 -9
  230. data/third_party/boringssl-with-bazel/src/crypto/evp/{evp_ctx.c → evp_ctx.cc} +7 -8
  231. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_dh.c → p_dh.cc} +23 -14
  232. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_dh_asn1.c → p_dh_asn1.cc} +38 -21
  233. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_dsa_asn1.c → p_dsa_asn1.cc} +19 -24
  234. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ec.c → p_ec.cc} +20 -23
  235. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ec_asn1.c → p_ec_asn1.cc} +20 -20
  236. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ed25519.c → p_ed25519.cc} +22 -19
  237. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ed25519_asn1.c → p_ed25519_asn1.cc} +14 -13
  238. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_hkdf.c → p_hkdf.cc} +18 -14
  239. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_rsa.c → p_rsa.cc} +38 -37
  240. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_rsa_asn1.c → p_rsa_asn1.cc} +16 -18
  241. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_x25519.c → p_x25519.cc} +22 -19
  242. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_x25519_asn1.c → p_x25519_asn1.cc} +18 -17
  243. data/third_party/boringssl-with-bazel/src/crypto/evp/{pbkdf.c → pbkdf.cc} +2 -2
  244. data/third_party/boringssl-with-bazel/src/crypto/evp/{print.c → print.cc} +4 -5
  245. data/third_party/boringssl-with-bazel/src/crypto/evp/{scrypt.c → scrypt.cc} +7 -5
  246. data/third_party/boringssl-with-bazel/src/crypto/{ex_data.c → ex_data.cc} +3 -4
  247. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{aes_nohw.c.inc → aes_nohw.cc.inc} +1 -1
  248. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +1 -5
  249. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{key_wrap.c.inc → key_wrap.cc.inc} +1 -1
  250. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{bcm.c → bcm.cc} +96 -101
  251. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +165 -12
  252. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{add.c.inc → add.cc.inc} +1 -0
  253. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/{x86_64-gcc.c.inc → x86_64-gcc.cc.inc} +4 -4
  254. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{bn.c.inc → bn.cc.inc} +12 -24
  255. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{ctx.c.inc → ctx.cc.inc} +5 -7
  256. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{div.c.inc → div.cc.inc} +29 -38
  257. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{div_extra.c.inc → div_extra.cc.inc} +1 -1
  258. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{exponentiation.c.inc → exponentiation.cc.inc} +22 -22
  259. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{gcd.c.inc → gcd.cc.inc} +3 -6
  260. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{gcd_extra.c.inc → gcd_extra.cc.inc} +33 -25
  261. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{montgomery.c.inc → montgomery.cc.inc} +10 -17
  262. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{mul.c.inc → mul.cc.inc} +11 -15
  263. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{prime.c.inc → prime.cc.inc} +31 -34
  264. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{shift.c.inc → shift.cc.inc} +3 -4
  265. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{aead.c.inc → aead.cc.inc} +18 -10
  266. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{cipher.c.inc → cipher.cc.inc} +6 -9
  267. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{e_aes.c.inc → e_aes.cc.inc} +46 -54
  268. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/{cmac.c.inc → cmac.cc.inc} +6 -6
  269. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +14 -10
  270. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/{dh.c.inc → dh.cc.inc} +15 -19
  271. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +1 -3
  272. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/{digest.c.inc → digest.cc.inc} +17 -13
  273. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/{digests.c.inc → digests.cc.inc} +29 -113
  274. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/{digestsign.c.inc → digestsign.cc.inc} +3 -3
  275. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/builtin_curves.h +1 -1
  276. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec.c.inc → ec.cc.inc} +10 -15
  277. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec_key.c.inc → ec_key.cc.inc} +12 -14
  278. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{felem.c.inc → felem.cc.inc} +1 -1
  279. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{oct.c.inc → oct.cc.inc} +5 -6
  280. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p224-64.c.inc → p224-64.cc.inc} +1 -1
  281. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz-table.h +1 -1
  282. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-nistz.c.inc → p256-nistz.cc.inc} +15 -13
  283. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256.c.inc → p256.cc.inc} +1 -1
  284. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +1 -1
  285. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{scalar.c.inc → scalar.cc.inc} +1 -1
  286. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{simple_mul.c.inc → simple_mul.cc.inc} +1 -1
  287. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{util.c.inc → util.cc.inc} +1 -1
  288. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{wnaf.c.inc → wnaf.cc.inc} +24 -15
  289. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/{ecdh.c.inc → ecdh.cc.inc} +14 -5
  290. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/{ecdsa.c.inc → ecdsa.cc.inc} +6 -7
  291. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +1 -1
  292. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{fips_shared_support.c → fips_shared_support.cc} +2 -3
  293. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/{hkdf.c.inc → hkdf.cc.inc} +1 -1
  294. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/{hmac.c.inc → hmac.cc.inc} +3 -2
  295. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{gcm.c.inc → gcm.cc.inc} +69 -21
  296. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{gcm_nohw.c.inc → gcm_nohw.cc.inc} +1 -1
  297. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +53 -33
  298. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{polyval.c.inc → polyval.cc.inc} +2 -3
  299. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/{ctrdrbg.c.inc → ctrdrbg.cc.inc} +5 -4
  300. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +1 -1
  301. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/{rand.c.inc → rand.cc.inc} +20 -18
  302. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{blinding.c.inc → blinding.cc.inc} +5 -4
  303. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{padding.c.inc → padding.cc.inc} +21 -21
  304. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{rsa.c.inc → rsa.cc.inc} +77 -73
  305. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{rsa_impl.c.inc → rsa_impl.cc.inc} +50 -53
  306. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/{fips.c.inc → fips.cc.inc} +14 -6
  307. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/{self_check.c.inc → self_check.cc.inc} +56 -52
  308. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/{service_indicator.c.inc → service_indicator.cc.inc} +10 -11
  309. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +2 -4
  310. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha1.c.inc → sha1.cc.inc} +26 -33
  311. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha256.c.inc → sha256.cc.inc} +37 -55
  312. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha512.c.inc → sha512.cc.inc} +48 -76
  313. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +1 -1
  314. data/third_party/boringssl-with-bazel/src/crypto/hpke/{hpke.c → hpke.cc} +7 -4
  315. data/third_party/boringssl-with-bazel/src/crypto/hrss/{hrss.c → hrss.cc} +53 -110
  316. data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +1 -1
  317. data/third_party/boringssl-with-bazel/src/crypto/internal.h +191 -248
  318. data/third_party/boringssl-with-bazel/src/crypto/keccak/internal.h +1 -1
  319. data/third_party/boringssl-with-bazel/src/crypto/keccak/{keccak.c → keccak.cc} +1 -1
  320. data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +1 -1
  321. data/third_party/boringssl-with-bazel/src/crypto/kyber/{kyber.c → kyber.cc} +1 -1
  322. data/third_party/boringssl-with-bazel/src/crypto/lhash/{lhash.c → lhash.cc} +8 -7
  323. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/md4/md4.c.inc → md4/md4.cc} +8 -12
  324. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/md5 → md5}/internal.h +1 -1
  325. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/md5/md5.c.inc → md5/md5.cc} +4 -3
  326. data/third_party/boringssl-with-bazel/src/crypto/{mem.c → mem.cc} +34 -22
  327. data/third_party/boringssl-with-bazel/src/crypto/mldsa/internal.h +4 -1
  328. data/third_party/boringssl-with-bazel/src/crypto/mldsa/{mldsa.c → mldsa.cc} +646 -543
  329. data/third_party/boringssl-with-bazel/src/crypto/mlkem/internal.h +1 -1
  330. data/third_party/boringssl-with-bazel/src/crypto/mlkem/mlkem.cc +8 -8
  331. data/third_party/boringssl-with-bazel/src/crypto/obj/{obj.c → obj.cc} +27 -30
  332. data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_info.c → pem_info.cc} +2 -2
  333. data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_lib.c → pem_lib.cc} +3 -4
  334. data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_oth.c → pem_oth.cc} +1 -1
  335. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +1 -1
  336. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/{pkcs7.c → pkcs7.cc} +5 -5
  337. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/{pkcs7_x509.c → pkcs7_x509.cc} +26 -25
  338. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +2 -2
  339. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{p5_pbev2.c → p5_pbev2.cc} +2 -2
  340. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{pkcs8.c → pkcs8.cc} +159 -158
  341. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{pkcs8_x509.c → pkcs8_x509.cc} +90 -97
  342. data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +1 -1
  343. data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305.c → poly1305.cc} +3 -3
  344. data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305_arm.c → poly1305_arm.cc} +4 -2
  345. data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305_vec.c → poly1305_vec.cc} +14 -11
  346. data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -1
  347. data/third_party/boringssl-with-bazel/src/crypto/pool/{pool.c → pool.cc} +12 -11
  348. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{deterministic.c → deterministic.cc} +2 -2
  349. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{fork_detect.c → fork_detect.cc} +11 -12
  350. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{forkunsafe.c → forkunsafe.cc} +2 -2
  351. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{getentropy.c → getentropy.cc} +1 -1
  352. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/getrandom_fillin.h +1 -1
  353. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{ios.c → ios.cc} +1 -1
  354. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{passive.c → passive.cc} +22 -18
  355. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{rand_extra.c → rand_extra.cc} +1 -1
  356. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/sysrand_internal.h +1 -1
  357. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{trusty.c → trusty.cc} +1 -1
  358. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{urandom.c → urandom.cc} +7 -7
  359. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{windows.c → windows.cc} +1 -1
  360. data/third_party/boringssl-with-bazel/src/crypto/{refcount.c → refcount.cc} +1 -1
  361. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/{rsa_asn1.c → rsa_asn1.cc} +2 -2
  362. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/{rsa_crypt.c → rsa_crypt.cc} +81 -78
  363. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_extra.cc +17 -0
  364. data/third_party/boringssl-with-bazel/src/crypto/sha/sha1.cc +52 -0
  365. data/third_party/boringssl-with-bazel/src/crypto/sha/sha256.cc +87 -0
  366. data/third_party/boringssl-with-bazel/src/crypto/sha/sha512.cc +104 -0
  367. data/third_party/boringssl-with-bazel/src/crypto/siphash/{siphash.c → siphash.cc} +1 -1
  368. data/third_party/boringssl-with-bazel/src/crypto/slhdsa/address.h +123 -0
  369. data/third_party/boringssl-with-bazel/src/crypto/slhdsa/fors.cc +169 -0
  370. data/third_party/boringssl-with-bazel/src/crypto/slhdsa/fors.h +58 -0
  371. data/third_party/boringssl-with-bazel/src/crypto/slhdsa/internal.h +63 -0
  372. data/third_party/boringssl-with-bazel/src/crypto/slhdsa/merkle.cc +161 -0
  373. data/third_party/boringssl-with-bazel/src/crypto/slhdsa/merkle.h +70 -0
  374. data/third_party/boringssl-with-bazel/src/crypto/slhdsa/params.h +83 -0
  375. data/third_party/boringssl-with-bazel/src/crypto/slhdsa/slhdsa.cc +307 -0
  376. data/third_party/boringssl-with-bazel/src/crypto/slhdsa/thash.cc +173 -0
  377. data/third_party/boringssl-with-bazel/src/crypto/slhdsa/thash.h +85 -0
  378. data/third_party/boringssl-with-bazel/src/crypto/slhdsa/wots.cc +171 -0
  379. data/third_party/boringssl-with-bazel/src/crypto/slhdsa/wots.h +50 -0
  380. data/third_party/boringssl-with-bazel/src/crypto/stack/{stack.c → stack.cc} +10 -6
  381. data/third_party/boringssl-with-bazel/src/crypto/{thread_none.c → thread_none.cc} +1 -1
  382. data/third_party/boringssl-with-bazel/src/crypto/{thread_pthread.c → thread_pthread.cc} +9 -8
  383. data/third_party/boringssl-with-bazel/src/crypto/{thread_win.c → thread_win.cc} +21 -17
  384. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +1 -1
  385. data/third_party/boringssl-with-bazel/src/crypto/trust_token/{pmbtoken.c → pmbtoken.cc} +146 -158
  386. data/third_party/boringssl-with-bazel/src/crypto/trust_token/{trust_token.c → trust_token.cc} +19 -21
  387. data/third_party/boringssl-with-bazel/src/crypto/trust_token/{voprf.c → voprf.cc} +165 -169
  388. data/third_party/boringssl-with-bazel/src/crypto/x509/{a_digest.c → a_digest.cc} +1 -1
  389. data/third_party/boringssl-with-bazel/src/crypto/x509/{a_sign.c → a_sign.cc} +37 -34
  390. data/third_party/boringssl-with-bazel/src/crypto/x509/{a_verify.c → a_verify.cc} +1 -1
  391. data/third_party/boringssl-with-bazel/src/crypto/x509/{algorithm.c → algorithm.cc} +1 -1
  392. data/third_party/boringssl-with-bazel/src/crypto/x509/{asn1_gen.c → asn1_gen.cc} +5 -6
  393. data/third_party/boringssl-with-bazel/src/crypto/x509/{by_dir.c → by_dir.cc} +7 -6
  394. data/third_party/boringssl-with-bazel/src/crypto/x509/{policy.c → policy.cc} +188 -178
  395. data/third_party/boringssl-with-bazel/src/crypto/x509/{rsa_pss.c → rsa_pss.cc} +48 -44
  396. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_akey.c → v3_akey.cc} +4 -2
  397. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_alt.c → v3_alt.cc} +5 -5
  398. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_bcons.c → v3_bcons.cc} +3 -1
  399. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_bitst.c → v3_bitst.cc} +6 -3
  400. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_conf.c → v3_conf.cc} +5 -5
  401. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_cpols.c → v3_cpols.cc} +47 -41
  402. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_crld.c → v3_crld.cc} +3 -2
  403. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_enum.c → v3_enum.cc} +5 -2
  404. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_extku.c → v3_extku.cc} +3 -1
  405. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_genn.c → v3_genn.cc} +7 -7
  406. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_ia5.c → v3_ia5.cc} +3 -2
  407. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_info.c → v3_info.cc} +4 -2
  408. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_int.c → v3_int.cc} +3 -1
  409. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_lib.c → v3_lib.cc} +9 -6
  410. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_ncons.c → v3_ncons.cc} +3 -3
  411. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_ocsp.c → v3_ocsp.cc} +4 -1
  412. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_pcons.c → v3_pcons.cc} +3 -3
  413. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_pmaps.c → v3_pmaps.cc} +3 -3
  414. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_prn.c → v3_prn.cc} +2 -1
  415. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_purp.c → v3_purp.cc} +16 -8
  416. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_skey.c → v3_skey.cc} +6 -3
  417. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_utl.c → v3_utl.cc} +15 -10
  418. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_att.c → x509_att.cc} +3 -2
  419. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_lu.c → x509_lu.cc} +6 -5
  420. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_v3.c → x509_v3.cc} +2 -2
  421. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_vfy.c → x509_vfy.cc} +216 -212
  422. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_vpm.c → x509_vpm.cc} +55 -13
  423. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509spki.c → x509spki.cc} +3 -3
  424. data/third_party/boringssl-with-bazel/src/crypto/x509/{x_all.c → x_all.cc} +10 -6
  425. data/third_party/boringssl-with-bazel/src/crypto/x509/{x_crl.c → x_crl.cc} +6 -6
  426. data/third_party/boringssl-with-bazel/src/crypto/x509/{x_name.c → x_name.cc} +39 -32
  427. data/third_party/boringssl-with-bazel/src/crypto/x509/{x_pubkey.c → x_pubkey.cc} +4 -2
  428. data/third_party/boringssl-with-bazel/src/crypto/x509/{x_x509.c → x_x509.cc} +48 -44
  429. data/third_party/boringssl-with-bazel/src/crypto/x509/{x_x509a.c → x_x509a.cc} +4 -2
  430. data/third_party/boringssl-with-bazel/src/gen/crypto/{err_data.c → err_data.cc} +359 -358
  431. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +1 -1
  432. data/third_party/boringssl-with-bazel/src/include/openssl/asm_base.h +1 -1
  433. data/third_party/boringssl-with-bazel/src/include/openssl/asn1_mac.h +1 -1
  434. data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +237 -275
  435. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +12 -5
  436. data/third_party/boringssl-with-bazel/src/include/openssl/bcm_public.h +82 -0
  437. data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +1 -1
  438. data/third_party/boringssl-with-bazel/src/include/openssl/buffer.h +1 -1
  439. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +1 -1
  440. data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +1 -1
  441. data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +1 -1
  442. data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +1 -1
  443. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +13 -2
  444. data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +1 -1
  445. data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +1 -1
  446. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +4 -0
  447. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +6 -1
  448. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
  449. data/third_party/boringssl-with-bazel/src/include/openssl/dtls1.h +1 -1
  450. data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +1 -1
  451. data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +17 -1
  452. data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +1 -1
  453. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +1 -1
  454. data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +1 -1
  455. data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +1 -1
  456. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +1 -1
  457. data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +1 -1
  458. data/third_party/boringssl-with-bazel/src/include/openssl/is_boringssl.h +1 -1
  459. data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +1 -1
  460. data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +8 -8
  461. data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +1 -1
  462. data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +1 -1
  463. data/third_party/boringssl-with-bazel/src/include/openssl/objects.h +1 -1
  464. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -1
  465. data/third_party/boringssl-with-bazel/src/include/openssl/opensslv.h +1 -1
  466. data/third_party/boringssl-with-bazel/src/include/openssl/ossl_typ.h +1 -1
  467. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs12.h +1 -1
  468. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +1 -1
  469. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +2 -2
  470. data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +1 -1
  471. data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +1 -1
  472. data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +1 -1
  473. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +1 -1
  474. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +10 -5
  475. data/third_party/boringssl-with-bazel/src/include/openssl/safestack.h +1 -1
  476. data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +2 -40
  477. data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +1 -1
  478. data/third_party/boringssl-with-bazel/src/include/openssl/slhdsa.h +133 -0
  479. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +6 -1
  480. data/third_party/boringssl-with-bazel/src/include/openssl/srtp.h +1 -1
  481. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +160 -116
  482. data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -0
  483. data/third_party/boringssl-with-bazel/src/include/openssl/target.h +1 -1
  484. data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +2 -2
  485. data/third_party/boringssl-with-bazel/src/include/openssl/time.h +1 -1
  486. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +1 -1
  487. data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +1 -1
  488. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +1 -1
  489. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3_errors.h +2 -2
  490. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -6
  491. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +667 -322
  492. data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +116 -119
  493. data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +163 -21
  494. data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +4 -12
  495. data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +94 -49
  496. data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +296 -198
  497. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +23 -14
  498. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +363 -343
  499. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +48 -58
  500. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +44 -36
  501. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +145 -159
  502. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +65 -58
  503. data/third_party/boringssl-with-bazel/src/ssl/internal.h +910 -356
  504. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +29 -41
  505. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +13 -11
  506. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +2 -2
  507. data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +90 -183
  508. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +38 -64
  509. data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -1
  510. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +103 -44
  511. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +210 -220
  512. data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +70 -12
  513. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +20 -17
  514. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +146 -169
  515. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +15 -16
  516. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +79 -95
  517. data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +3 -9
  518. data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +91 -16
  519. data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +30 -16
  520. data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +51 -56
  521. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +22 -25
  522. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +43 -27
  523. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +63 -59
  524. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +204 -121
  525. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +86 -59
  526. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +51 -62
  527. data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +37 -25
  528. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +6 -0
  529. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +6 -0
  530. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_adx.h +4 -1
  531. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1 -1
  532. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +3 -0
  533. metadata +339 -339
  534. data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb.h +0 -426
  535. data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.c +0 -87
  536. data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.h +0 -32
  537. data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb.h +0 -408
  538. data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.c +0 -124
  539. data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.h +0 -38
  540. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.c +0 -108
  541. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.h +0 -33
  542. data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.c +0 -67
  543. data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.h +0 -48
  544. data/src/core/util/atm.cc +0 -34
  545. data/third_party/boringssl-with-bazel/src/crypto/dilithium/dilithium.c +0 -1539
  546. data/third_party/boringssl-with-bazel/src/crypto/dilithium/internal.h +0 -58
  547. data/third_party/boringssl-with-bazel/src/crypto/spx/address.c +0 -101
  548. data/third_party/boringssl-with-bazel/src/crypto/spx/address.h +0 -50
  549. data/third_party/boringssl-with-bazel/src/crypto/spx/fors.c +0 -133
  550. data/third_party/boringssl-with-bazel/src/crypto/spx/fors.h +0 -54
  551. data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.c +0 -150
  552. data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.h +0 -61
  553. data/third_party/boringssl-with-bazel/src/crypto/spx/params.h +0 -71
  554. data/third_party/boringssl-with-bazel/src/crypto/spx/spx.c +0 -140
  555. data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.c +0 -53
  556. data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.h +0 -44
  557. data/third_party/boringssl-with-bazel/src/crypto/spx/thash.c +0 -136
  558. data/third_party/boringssl-with-bazel/src/crypto/spx/thash.h +0 -70
  559. data/third_party/boringssl-with-bazel/src/crypto/spx/wots.c +0 -135
  560. data/third_party/boringssl-with-bazel/src/crypto/spx/wots.h +0 -45
  561. data/third_party/boringssl-with-bazel/src/include/openssl/experimental/dilithium.h +0 -129
  562. data/third_party/boringssl-with-bazel/src/include/openssl/experimental/spx.h +0 -90
  563. /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_bool.c → a_bool.cc} +0 -0
  564. /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_gentm.c → a_gentm.cc} +0 -0
  565. /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_octet.c → a_octet.cc} +0 -0
  566. /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_strex.c → a_strex.cc} +0 -0
  567. /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_time.c → a_time.cc} +0 -0
  568. /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_utctm.c → a_utctm.cc} +0 -0
  569. /data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn1_par.c → asn1_par.cc} +0 -0
  570. /data/third_party/boringssl-with-bazel/src/crypto/asn1/{f_int.c → f_int.cc} +0 -0
  571. /data/third_party/boringssl-with-bazel/src/crypto/asn1/{f_string.c → f_string.cc} +0 -0
  572. /data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_typ.c → tasn_typ.cc} +0 -0
  573. /data/third_party/boringssl-with-bazel/src/crypto/bio/{errno.c → errno.cc} +0 -0
  574. /data/third_party/boringssl-with-bazel/src/crypto/bio/{fd.c → fd.cc} +0 -0
  575. /data/third_party/boringssl-with-bazel/src/crypto/bio/{hexdump.c → hexdump.cc} +0 -0
  576. /data/third_party/boringssl-with-bazel/src/crypto/bio/{socket.c → socket.cc} +0 -0
  577. /data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{cipher_extra.c → cipher_extra.cc} +0 -0
  578. /data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{derive_key.c → derive_key.cc} +0 -0
  579. /data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{tls_cbc.c → tls_cbc.cc} +0 -0
  580. /data/third_party/boringssl-with-bazel/src/crypto/des/{des.c → des.cc} +0 -0
  581. /data/third_party/boringssl-with-bazel/src/crypto/dh_extra/{params.c → params.cc} +0 -0
  582. /data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/{ecdh_extra.c → ecdh_extra.cc} +0 -0
  583. /data/third_party/boringssl-with-bazel/src/crypto/evp/{evp_asn1.c → evp_asn1.cc} +0 -0
  584. /data/third_party/boringssl-with-bazel/src/crypto/evp/{sign.c → sign.cc} +0 -0
  585. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{aes.c.inc → aes.cc.inc} +0 -0
  586. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{mode_wrappers.c.inc → mode_wrappers.cc.inc} +0 -0
  587. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{bytes.c.inc → bytes.cc.inc} +0 -0
  588. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{cmp.c.inc → cmp.cc.inc} +0 -0
  589. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{generic.c.inc → generic.cc.inc} +0 -0
  590. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{jacobi.c.inc → jacobi.cc.inc} +0 -0
  591. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{montgomery_inv.c.inc → montgomery_inv.cc.inc} +0 -0
  592. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{random.c.inc → random.cc.inc} +0 -0
  593. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{rsaz_exp.c.inc → rsaz_exp.cc.inc} +0 -0
  594. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{sqrt.c.inc → sqrt.cc.inc} +0 -0
  595. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{e_aesccm.c.inc → e_aesccm.cc.inc} +0 -0
  596. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/{check.c.inc → check.cc.inc} +0 -0
  597. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec_montgomery.c.inc → ec_montgomery.cc.inc} +0 -0
  598. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{simple.c.inc → simple.cc.inc} +0 -0
  599. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{cbc.c.inc → cbc.cc.inc} +0 -0
  600. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{cfb.c.inc → cfb.cc.inc} +0 -0
  601. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{ctr.c.inc → ctr.cc.inc} +0 -0
  602. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{ofb.c.inc → ofb.cc.inc} +0 -0
  603. /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/{kdf.c.inc → kdf.cc.inc} +0 -0
  604. /data/third_party/boringssl-with-bazel/src/crypto/obj/{obj_xref.c → obj_xref.cc} +0 -0
  605. /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_all.c → pem_all.cc} +0 -0
  606. /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_pk8.c → pem_pk8.cc} +0 -0
  607. /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_pkey.c → pem_pkey.cc} +0 -0
  608. /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_x509.c → pem_x509.cc} +0 -0
  609. /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_xaux.c → pem_xaux.cc} +0 -0
  610. /data/third_party/boringssl-with-bazel/src/crypto/rc4/{rc4.c → rc4.cc} +0 -0
  611. /data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/{rsa_print.c → rsa_print.cc} +0 -0
  612. /data/third_party/boringssl-with-bazel/src/crypto/{thread.c → thread.cc} +0 -0
  613. /data/third_party/boringssl-with-bazel/src/crypto/x509/{by_file.c → by_file.cc} +0 -0
  614. /data/third_party/boringssl-with-bazel/src/crypto/x509/{i2d_pr.c → i2d_pr.cc} +0 -0
  615. /data/third_party/boringssl-with-bazel/src/crypto/x509/{name_print.c → name_print.cc} +0 -0
  616. /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_crl.c → t_crl.cc} +0 -0
  617. /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_req.c → t_req.cc} +0 -0
  618. /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_x509.c → t_x509.cc} +0 -0
  619. /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_x509a.c → t_x509a.cc} +0 -0
  620. /data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_akeya.c → v3_akeya.cc} +0 -0
  621. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509.c → x509.cc} +0 -0
  622. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_cmp.c → x509_cmp.cc} +0 -0
  623. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_d2.c → x509_d2.cc} +0 -0
  624. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_def.c → x509_def.cc} +0 -0
  625. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_ext.c → x509_ext.cc} +0 -0
  626. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_obj.c → x509_obj.cc} +0 -0
  627. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_req.c → x509_req.cc} +0 -0
  628. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_set.c → x509_set.cc} +0 -0
  629. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_trs.c → x509_trs.cc} +0 -0
  630. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_txt.c → x509_txt.cc} +0 -0
  631. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509cset.c → x509cset.cc} +0 -0
  632. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509name.c → x509name.cc} +0 -0
  633. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509rset.c → x509rset.cc} +0 -0
  634. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_algor.c → x_algor.cc} +0 -0
  635. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_attrib.c → x_attrib.cc} +0 -0
  636. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_exten.c → x_exten.cc} +0 -0
  637. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_req.c → x_req.cc} +0 -0
  638. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_sig.c → x_sig.cc} +0 -0
  639. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_spki.c → x_spki.cc} +0 -0
  640. /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_val.c → x_val.cc} +0 -0
data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{pkcs8_x509.c → pkcs8_x509.cc} RENAMED
@@ -1,5 +1,5 @@
1
- /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
2
- * project 1999.
1
+ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
2
+ * 1999.
3
3
  */
4
4
  /* ====================================================================
5
5
  * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
@@ -57,14 +57,14 @@
57
57
 
58
58
  #include <limits.h>
59
59
 
60
- #include <openssl/asn1t.h>
61
60
  #include <openssl/asn1.h>
61
+ #include <openssl/asn1t.h>
62
62
  #include <openssl/bio.h>
63
63
  #include <openssl/buf.h>
64
64
  #include <openssl/bytestring.h>
65
+ #include <openssl/digest.h>
65
66
  #include <openssl/err.h>
66
67
  #include <openssl/evp.h>
67
- #include <openssl/digest.h>
68
68
  #include <openssl/hmac.h>
69
69
  #include <openssl/mem.h>
70
70
  #include <openssl/rand.h>
@@ -126,13 +126,12 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey) {
126
126
  CBB cbb;
127
127
  uint8_t *der = NULL;
128
128
  size_t der_len;
129
- if (!CBB_init(&cbb, 0) ||
130
- !EVP_marshal_private_key(&cbb, pkey) ||
131
- !CBB_finish(&cbb, &der, &der_len) ||
132
- der_len > LONG_MAX) {
129
+ if (!CBB_init(&cbb, 0) || !EVP_marshal_private_key(&cbb, pkey) ||
130
+ !CBB_finish(&cbb, &der, &der_len) || der_len > LONG_MAX) {
133
131
  CBB_cleanup(&cbb);
134
132
  OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ENCODE_ERROR);
135
- goto err;
133
+ OPENSSL_free(der);
134
+ return NULL;
136
135
  }
137
136
 
138
137
  const uint8_t *p = der;
@@ -203,6 +202,7 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass,
203
202
 
204
203
  X509_SIG *ret = NULL;
205
204
  uint8_t *der = NULL;
205
+ const uint8_t *ptr;
206
206
  size_t der_len;
207
207
  CBB cbb;
208
208
  if (!CBB_init(&cbb, 128) ||
@@ -215,7 +215,7 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass,
215
215
  }
216
216
 
217
217
  // Convert back to legacy ASN.1 objects.
218
- const uint8_t *ptr = der;
218
+ ptr = der;
219
219
  ret = d2i_X509_SIG(NULL, &ptr, der_len);
220
220
  if (ret == NULL || ptr != der + der_len) {
221
221
  OPENSSL_PUT_ERROR(PKCS8, ERR_R_INTERNAL_ERROR);
@@ -255,8 +255,7 @@ static int PKCS12_handle_sequence(
255
255
  }
256
256
 
257
257
  CBS child;
258
- if (!CBS_get_asn1(&in, &child, CBS_ASN1_SEQUENCE) ||
259
- CBS_len(&in) != 0) {
258
+ if (!CBS_get_asn1(&in, &child, CBS_ASN1_SEQUENCE) || CBS_len(&in) != 0) {
260
259
  OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
261
260
  goto err;
262
261
  }
@@ -318,8 +317,7 @@ static int parse_bag_attributes(CBS *attrs, uint8_t **out_friendly_name,
318
317
  CBS attr, oid, values;
319
318
  if (!CBS_get_asn1(attrs, &attr, CBS_ASN1_SEQUENCE) ||
320
319
  !CBS_get_asn1(&attr, &oid, CBS_ASN1_OBJECT) ||
321
- !CBS_get_asn1(&attr, &values, CBS_ASN1_SET) ||
322
- CBS_len(&attr) != 0) {
320
+ !CBS_get_asn1(&attr, &values, CBS_ASN1_SET) || CBS_len(&attr) != 0) {
323
321
  OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
324
322
  goto err;
325
323
  }
@@ -328,8 +326,7 @@ static int parse_bag_attributes(CBS *attrs, uint8_t **out_friendly_name,
328
326
  CBS value;
329
327
  if (*out_friendly_name != NULL ||
330
328
  !CBS_get_asn1(&values, &value, CBS_ASN1_BMPSTRING) ||
331
- CBS_len(&values) != 0 ||
332
- CBS_len(&value) == 0) {
329
+ CBS_len(&values) != 0 || CBS_len(&value) == 0) {
333
330
  OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
334
331
  goto err;
335
332
  }
@@ -340,8 +337,7 @@ static int parse_bag_attributes(CBS *attrs, uint8_t **out_friendly_name,
340
337
  }
341
338
  while (CBS_len(&value) != 0) {
342
339
  uint32_t c;
343
- if (!CBS_get_ucs2_be(&value, &c) ||
344
- !CBB_add_utf8(&cbb, c)) {
340
+ if (!CBS_get_ucs2_be(&value, &c) || !CBB_add_utf8(&cbb, c)) {
345
341
  OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_INVALID_CHARACTERS);
346
342
  CBB_cleanup(&cbb);
347
343
  goto err;
@@ -454,8 +450,7 @@ static int PKCS12_handle_safe_bag(CBS *safe_bag, struct pkcs12_context *ctx) {
454
450
  int ok = friendly_name_len == 0 ||
455
451
  X509_alias_set1(x509, friendly_name, friendly_name_len);
456
452
  OPENSSL_free(friendly_name);
457
- if (!ok ||
458
- 0 == sk_X509_push(ctx->out_certs, x509)) {
453
+ if (!ok || 0 == sk_X509_push(ctx->out_certs, x509)) {
459
454
  X509_free(x509);
460
455
  return 0;
461
456
  }
@@ -485,7 +480,7 @@ static int PKCS12_handle_content_info(CBS *content_info,
485
480
 
486
481
  if (!CBS_get_asn1(content_info, &content_type, CBS_ASN1_OBJECT) ||
487
482
  !CBS_get_asn1(content_info, &wrapped_contents,
488
- CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) ||
483
+ CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) ||
489
484
  CBS_len(content_info) != 0) {
490
485
  OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
491
486
  goto err;
@@ -511,9 +506,9 @@ static int PKCS12_handle_content_info(CBS *content_info,
511
506
  // AlgorithmIdentifier, see
512
507
  // https://tools.ietf.org/html/rfc5280#section-4.1.1.2
513
508
  !CBS_get_asn1(&eci, &ai, CBS_ASN1_SEQUENCE) ||
514
- !CBS_get_asn1_implicit_string(
515
- &eci, &encrypted_contents, &storage,
516
- CBS_ASN1_CONTEXT_SPECIFIC | 0, CBS_ASN1_OCTETSTRING)) {
509
+ !CBS_get_asn1_implicit_string(&eci, &encrypted_contents, &storage,
510
+ CBS_ASN1_CONTEXT_SPECIFIC | 0,
511
+ CBS_ASN1_OCTETSTRING)) {
517
512
  OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
518
513
  goto err;
519
514
  }
@@ -605,8 +600,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs,
605
600
 
606
601
  // See ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf, section
607
602
  // four.
608
- if (!CBS_get_asn1(&in, &pfx, CBS_ASN1_SEQUENCE) ||
609
- CBS_len(&in) != 0 ||
603
+ if (!CBS_get_asn1(&in, &pfx, CBS_ASN1_SEQUENCE) || CBS_len(&in) != 0 ||
610
604
  !CBS_get_asn1_uint64(&pfx, &version)) {
611
605
  OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
612
606
  goto err;
@@ -636,7 +630,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs,
636
630
  // https://tools.ietf.org/html/rfc2315#section-7.
637
631
  if (!CBS_get_asn1(&authsafe, &content_type, CBS_ASN1_OBJECT) ||
638
632
  !CBS_get_asn1(&authsafe, &wrapped_authsafes,
639
- CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) {
633
+ CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) {
640
634
  OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
641
635
  goto err;
642
636
  }
@@ -742,12 +736,13 @@ struct pkcs12_st {
742
736
 
743
737
  PKCS12 *d2i_PKCS12(PKCS12 **out_p12, const uint8_t **ber_bytes,
744
738
  size_t ber_len) {
745
- PKCS12 *p12 = OPENSSL_malloc(sizeof(PKCS12));
739
+ PKCS12 *p12 = reinterpret_cast<PKCS12 *>(OPENSSL_malloc(sizeof(PKCS12)));
746
740
  if (!p12) {
747
741
  return NULL;
748
742
  }
749
743
 
750
- p12->ber_bytes = OPENSSL_memdup(*ber_bytes, ber_len);
744
+ p12->ber_bytes =
745
+ reinterpret_cast<uint8_t *>(OPENSSL_memdup(*ber_bytes, ber_len));
751
746
  if (!p12->ber_bytes) {
752
747
  OPENSSL_free(p12);
753
748
  return NULL;
@@ -764,7 +759,7 @@ PKCS12 *d2i_PKCS12(PKCS12 **out_p12, const uint8_t **ber_bytes,
764
759
  return p12;
765
760
  }
766
761
 
767
- PKCS12* d2i_PKCS12_bio(BIO *bio, PKCS12 **out_p12) {
762
+ PKCS12 *d2i_PKCS12_bio(BIO *bio, PKCS12 **out_p12) {
768
763
  size_t used = 0;
769
764
  BUF_MEM *buf;
770
765
  const uint8_t *dummy;
@@ -801,13 +796,12 @@ PKCS12* d2i_PKCS12_bio(BIO *bio, PKCS12 **out_p12) {
801
796
  continue;
802
797
  }
803
798
 
804
- if (buf->length > kMaxSize ||
805
- BUF_MEM_grow(buf, buf->length * 2) == 0) {
799
+ if (buf->length > kMaxSize || BUF_MEM_grow(buf, buf->length * 2) == 0) {
806
800
  goto out;
807
801
  }
808
802
  }
809
803
 
810
- dummy = (uint8_t*) buf->data;
804
+ dummy = (uint8_t *)buf->data;
811
805
  ret = d2i_PKCS12(out_p12, &dummy, used);
812
806
 
813
807
  out:
@@ -815,7 +809,7 @@ out:
815
809
  return ret;
816
810
  }
817
811
 
818
- PKCS12* d2i_PKCS12_fp(FILE *fp, PKCS12 **out_p12) {
812
+ PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **out_p12) {
819
813
  BIO *bio;
820
814
  PKCS12 *ret;
821
815
 
@@ -840,7 +834,8 @@ int i2d_PKCS12(const PKCS12 *p12, uint8_t **out) {
840
834
  }
841
835
 
842
836
  if (*out == NULL) {
843
- *out = OPENSSL_memdup(p12->ber_bytes, p12->ber_len);
837
+ *out = reinterpret_cast<uint8_t *>(
838
+ OPENSSL_memdup(p12->ber_bytes, p12->ber_len));
844
839
  if (*out == NULL) {
845
840
  return -1;
846
841
  }
@@ -968,8 +963,7 @@ static int add_bag_attributes(CBB *bag, const char *name, size_t name_len,
968
963
  CBS_init(&name_cbs, (const uint8_t *)name, name_len);
969
964
  while (CBS_len(&name_cbs) != 0) {
970
965
  uint32_t c;
971
- if (!CBS_get_utf8(&name_cbs, &c) ||
972
- !CBB_add_ucs2_be(&value, c)) {
966
+ if (!CBS_get_utf8(&name_cbs, &c) || !CBB_add_ucs2_be(&value, c)) {
973
967
  OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_INVALID_CHARACTERS);
974
968
  return 0;
975
969
  }
@@ -986,14 +980,13 @@ static int add_bag_attributes(CBB *bag, const char *name, size_t name_len,
986
980
  return 0;
987
981
  }
988
982
  }
989
- return CBB_flush_asn1_set_of(&attrs) &&
990
- CBB_flush(bag);
983
+ return CBB_flush_asn1_set_of(&attrs) && CBB_flush(bag);
991
984
  }
992
985
 
993
986
  static int add_cert_bag(CBB *cbb, X509 *cert, const char *name,
994
987
  const uint8_t *key_id, size_t key_id_len) {
995
988
  CBB bag, bag_oid, bag_contents, cert_bag, cert_type, wrapped_cert, cert_value;
996
- if (// See https://tools.ietf.org/html/rfc7292#section-4.2.
989
+ if ( // See https://tools.ietf.org/html/rfc7292#section-4.2.
997
990
  !CBB_add_asn1(cbb, &bag, CBS_ASN1_SEQUENCE) ||
998
991
  !CBB_add_asn1(&bag, &bag_oid, CBS_ASN1_OBJECT) ||
999
992
  !CBB_add_bytes(&bag_oid, kCertBag, sizeof(kCertBag)) ||
@@ -1024,8 +1017,7 @@ static int add_cert_bag(CBB *cbb, X509 *cert, const char *name,
1024
1017
  name = cert_name;
1025
1018
  }
1026
1019
 
1027
- if (len < 0 ||
1028
- !CBB_add_space(&cert_value, &buf, (size_t)len) ||
1020
+ if (len < 0 || !CBB_add_space(&cert_value, &buf, (size_t)len) ||
1029
1021
  i2d_X509(cert, &buf) < 0 ||
1030
1022
  !add_bag_attributes(&bag, name, name_len, key_id, key_id_len) ||
1031
1023
  !CBB_flush(cbb)) {
@@ -1067,7 +1059,7 @@ static int add_encrypted_data(CBB *out, int pbe_nid, const char *password,
1067
1059
  EVP_CIPHER_CTX_init(&ctx);
1068
1060
  CBB content_info, type, wrapper, encrypted_data, encrypted_content_info,
1069
1061
  inner_type, encrypted_content;
1070
- if (// Add the ContentInfo wrapping.
1062
+ if ( // Add the ContentInfo wrapping.
1071
1063
  !CBB_add_asn1(out, &content_info, CBS_ASN1_SEQUENCE) ||
1072
1064
  !CBB_add_asn1(&content_info, &type, CBS_ASN1_OBJECT) ||
1073
1065
  !CBB_add_bytes(&type, kPKCS7EncryptedData, sizeof(kPKCS7EncryptedData)) ||
@@ -1092,20 +1084,21 @@ static int add_encrypted_data(CBB *out, int pbe_nid, const char *password,
1092
1084
  goto err;
1093
1085
  }
1094
1086
 
1095
- size_t max_out = in_len + EVP_CIPHER_CTX_block_size(&ctx);
1096
- if (max_out < in_len) {
1097
- OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_TOO_LONG);
1098
- goto err;
1099
- }
1087
+ {
1088
+ size_t max_out = in_len + EVP_CIPHER_CTX_block_size(&ctx);
1089
+ if (max_out < in_len) {
1090
+ OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_TOO_LONG);
1091
+ goto err;
1092
+ }
1100
1093
 
1101
- uint8_t *ptr;
1102
- int n1, n2;
1103
- if (!CBB_reserve(&encrypted_content, &ptr, max_out) ||
1104
- !EVP_CipherUpdate(&ctx, ptr, &n1, in, in_len) ||
1105
- !EVP_CipherFinal_ex(&ctx, ptr + n1, &n2) ||
1106
- !CBB_did_write(&encrypted_content, n1 + n2) ||
1107
- !CBB_flush(out)) {
1108
- goto err;
1094
+ uint8_t *ptr;
1095
+ int n1, n2;
1096
+ if (!CBB_reserve(&encrypted_content, &ptr, max_out) ||
1097
+ !EVP_CipherUpdate(&ctx, ptr, &n1, in, in_len) ||
1098
+ !EVP_CipherFinal_ex(&ctx, ptr + n1, &n2) ||
1099
+ !CBB_did_write(&encrypted_content, n1 + n2) || !CBB_flush(out)) {
1100
+ goto err;
1101
+ }
1109
1102
  }
1110
1103
 
1111
1104
  ret = 1;
@@ -1117,7 +1110,7 @@ err:
1117
1110
 
1118
1111
  PKCS12 *PKCS12_create(const char *password, const char *name,
1119
1112
  const EVP_PKEY *pkey, X509 *cert,
1120
- const STACK_OF(X509)* chain, int key_nid, int cert_nid,
1113
+ const STACK_OF(X509) *chain, int key_nid, int cert_nid,
1121
1114
  int iterations, int mac_iterations, int key_type) {
1122
1115
  if (key_nid == 0) {
1123
1116
  key_nid = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
@@ -1131,8 +1124,8 @@ PKCS12 *PKCS12_create(const char *password, const char *name,
1131
1124
  if (mac_iterations == 0) {
1132
1125
  mac_iterations = 1;
1133
1126
  }
1134
- if (// In OpenSSL, this specifies a non-standard Microsoft key usage extension
1135
- // which we do not currently support.
1127
+ if ( // In OpenSSL, this specifies a non-standard Microsoft key usage
1128
+ // extension which we do not currently support.
1136
1129
  key_type != 0 ||
1137
1130
  // In OpenSSL, -1 here means to omit the MAC, which we do not
1138
1131
  // currently support. Omitting it is also invalid for a password-based
@@ -1196,8 +1189,7 @@ PKCS12 *PKCS12_create(const char *password, const char *name,
1196
1189
  CBB cbb, pfx, auth_safe, auth_safe_oid, auth_safe_wrapper, auth_safe_data,
1197
1190
  content_infos;
1198
1191
  uint8_t mac_key[EVP_MAX_MD_SIZE];
1199
- if (!CBB_init(&cbb, 0) ||
1200
- !CBB_add_asn1(&cbb, &pfx, CBS_ASN1_SEQUENCE) ||
1192
+ if (!CBB_init(&cbb, 0) || !CBB_add_asn1(&cbb, &pfx, CBS_ASN1_SEQUENCE) ||
1201
1193
  !CBB_add_asn1_uint64(&pfx, 3) ||
1202
1194
  // auth_safe is a data ContentInfo.
1203
1195
  !CBB_add_asn1(&pfx, &auth_safe, CBS_ASN1_SEQUENCE) ||
@@ -1256,7 +1248,7 @@ PKCS12 *PKCS12_create(const char *password, const char *name,
1256
1248
  if (pkey != NULL) {
1257
1249
  CBB content_info, oid, wrapper, data, safe_contents, bag, bag_oid,
1258
1250
  bag_contents;
1259
- if (// Add another data ContentInfo.
1251
+ if ( // Add another data ContentInfo.
1260
1252
  !CBB_add_asn1(&content_infos, &content_info, CBS_ASN1_SEQUENCE) ||
1261
1253
  !CBB_add_asn1(&content_info, &oid, CBS_ASN1_OBJECT) ||
1262
1254
  !CBB_add_bytes(&oid, kPKCS7Data, sizeof(kPKCS7Data)) ||
@@ -1298,43 +1290,44 @@ PKCS12 *PKCS12_create(const char *password, const char *name,
1298
1290
  }
1299
1291
  }
1300
1292
 
1301
- // Compute the MAC. Match OpenSSL in using SHA-1 as the hash function. The MAC
1302
- // covers |auth_safe_data|.
1303
- const EVP_MD *mac_md = EVP_sha1();
1304
- uint8_t mac_salt[PKCS5_SALT_LEN];
1305
- uint8_t mac[EVP_MAX_MD_SIZE];
1306
- unsigned mac_len;
1307
- if (!CBB_flush(&auth_safe_data) ||
1308
- !RAND_bytes(mac_salt, sizeof(mac_salt)) ||
1309
- !pkcs12_key_gen(password, password_len, mac_salt, sizeof(mac_salt),
1310
- PKCS12_MAC_ID, mac_iterations, EVP_MD_size(mac_md),
1311
- mac_key, mac_md) ||
1312
- !HMAC(mac_md, mac_key, EVP_MD_size(mac_md), CBB_data(&auth_safe_data),
1313
- CBB_len(&auth_safe_data), mac, &mac_len)) {
1314
- goto err;
1315
- }
1293
+ {
1294
+ // Compute the MAC. Match OpenSSL in using SHA-1 as the hash function. The
1295
+ // MAC covers |auth_safe_data|.
1296
+ const EVP_MD *mac_md = EVP_sha1();
1297
+ uint8_t mac_salt[PKCS5_SALT_LEN];
1298
+ uint8_t mac[EVP_MAX_MD_SIZE];
1299
+ unsigned mac_len;
1300
+ if (!CBB_flush(&auth_safe_data) ||
1301
+ !RAND_bytes(mac_salt, sizeof(mac_salt)) ||
1302
+ !pkcs12_key_gen(password, password_len, mac_salt, sizeof(mac_salt),
1303
+ PKCS12_MAC_ID, mac_iterations, EVP_MD_size(mac_md),
1304
+ mac_key, mac_md) ||
1305
+ !HMAC(mac_md, mac_key, EVP_MD_size(mac_md), CBB_data(&auth_safe_data),
1306
+ CBB_len(&auth_safe_data), mac, &mac_len)) {
1307
+ goto err;
1308
+ }
1316
1309
 
1317
- CBB mac_data, digest_info, mac_cbb, mac_salt_cbb;
1318
- if (!CBB_add_asn1(&pfx, &mac_data, CBS_ASN1_SEQUENCE) ||
1319
- !CBB_add_asn1(&mac_data, &digest_info, CBS_ASN1_SEQUENCE) ||
1320
- !EVP_marshal_digest_algorithm(&digest_info, mac_md) ||
1321
- !CBB_add_asn1(&digest_info, &mac_cbb, CBS_ASN1_OCTETSTRING) ||
1322
- !CBB_add_bytes(&mac_cbb, mac, mac_len) ||
1323
- !CBB_add_asn1(&mac_data, &mac_salt_cbb, CBS_ASN1_OCTETSTRING) ||
1324
- !CBB_add_bytes(&mac_salt_cbb, mac_salt, sizeof(mac_salt)) ||
1325
- // The iteration count has a DEFAULT of 1, but RFC 7292 says "The default
1326
- // is for historical reasons and its use is deprecated." Thus we
1327
- // explicitly encode the iteration count, though it is not valid DER.
1328
- !CBB_add_asn1_uint64(&mac_data, mac_iterations)) {
1329
- goto err;
1330
- }
1310
+ CBB mac_data, digest_info, mac_cbb, mac_salt_cbb;
1311
+ if (!CBB_add_asn1(&pfx, &mac_data, CBS_ASN1_SEQUENCE) ||
1312
+ !CBB_add_asn1(&mac_data, &digest_info, CBS_ASN1_SEQUENCE) ||
1313
+ !EVP_marshal_digest_algorithm(&digest_info, mac_md) ||
1314
+ !CBB_add_asn1(&digest_info, &mac_cbb, CBS_ASN1_OCTETSTRING) ||
1315
+ !CBB_add_bytes(&mac_cbb, mac, mac_len) ||
1316
+ !CBB_add_asn1(&mac_data, &mac_salt_cbb, CBS_ASN1_OCTETSTRING) ||
1317
+ !CBB_add_bytes(&mac_salt_cbb, mac_salt, sizeof(mac_salt)) ||
1318
+ // The iteration count has a DEFAULT of 1, but RFC 7292 says "The
1319
+ // default is for historical reasons and its use is deprecated." Thus we
1320
+ // explicitly encode the iteration count, though it is not valid DER.
1321
+ !CBB_add_asn1_uint64(&mac_data, mac_iterations)) {
1322
+ goto err;
1323
+ }
1331
1324
 
1332
- ret = OPENSSL_malloc(sizeof(PKCS12));
1333
- if (ret == NULL ||
1334
- !CBB_finish(&cbb, &ret->ber_bytes, &ret->ber_len)) {
1335
- OPENSSL_free(ret);
1336
- ret = NULL;
1337
- goto err;
1325
+ ret = reinterpret_cast<PKCS12 *>(OPENSSL_malloc(sizeof(PKCS12)));
1326
+ if (ret == NULL || !CBB_finish(&cbb, &ret->ber_bytes, &ret->ber_len)) {
1327
+ OPENSSL_free(ret);
1328
+ ret = NULL;
1329
+ goto err;
1330
+ }
1338
1331
  }
1339
1332
 
1340
1333
  err:
data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h CHANGED
@@ -1,4 +1,4 @@
1
- /* Copyright (c) 2016, Google Inc.
1
+ /* Copyright 2016 The BoringSSL Authors
2
2
  *
3
3
  * Permission to use, copy, modify, and/or distribute this software for any
4
4
  * purpose with or without fee is hereby granted, provided that the above
data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305.c → poly1305.cc} RENAMED
@@ -1,4 +1,4 @@
1
- /* Copyright (c) 2014, Google Inc.
1
+ /* Copyright 2014 The BoringSSL Authors
2
2
  *
3
3
  * Permission to use, copy, modify, and/or distribute this software for any
4
4
  * purpose with or without fee is hereby granted, provided that the above
@@ -21,8 +21,8 @@
21
21
  #include <assert.h>
22
22
  #include <string.h>
23
23
 
24
- #include "internal.h"
25
24
  #include "../internal.h"
25
+ #include "internal.h"
26
26
 
27
27
 
28
28
  #if !defined(BORINGSSL_HAS_UINT128) || !defined(OPENSSL_X86_64)
@@ -44,7 +44,7 @@ static_assert(
44
44
 
45
45
  static inline struct poly1305_state_st *poly1305_aligned_state(
46
46
  poly1305_state *state) {
47
- return align_pointer(state, 64);
47
+ return reinterpret_cast<poly1305_state_st *>(align_pointer(state, 64));
48
48
  }
49
49
 
50
50
  // poly1305_blocks updates |state| given some amount of input data. This
data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305_arm.c → poly1305_arm.cc} RENAMED
@@ -1,4 +1,4 @@
1
- /* Copyright (c) 2014, Google Inc.
1
+ /* Copyright 2014 The BoringSSL Authors
2
2
  *
3
3
  * Permission to use, copy, modify, and/or distribute this software for any
4
4
  * purpose with or without fee is hereby granted, provided that the above
@@ -33,11 +33,13 @@ typedef struct {
33
33
  #define addmulmod openssl_poly1305_neon2_addmulmod
34
34
  #define blocks openssl_poly1305_neon2_blocks
35
35
 
36
+ extern "C" {
36
37
  extern void addmulmod(fe1305x2 *r, const fe1305x2 *x, const fe1305x2 *y,
37
38
  const fe1305x2 *c);
38
39
 
39
40
  extern int blocks(fe1305x2 *h, const fe1305x2 *precomp, const uint8_t *in,
40
41
  size_t inlen);
42
+ }
41
43
 
42
44
  static void freeze(fe1305x2 *r) {
43
45
  int i;
@@ -175,7 +177,7 @@ static void fe1305x2_frombytearray(fe1305x2 *r, const uint8_t *x, size_t xlen) {
175
177
  }
176
178
  }
177
179
 
178
- static const alignas(16) fe1305x2 zero;
180
+ static const fe1305x2 zero alignas(16) = {0};
179
181
 
180
182
  struct poly1305_state_st {
181
183
  uint8_t data[sizeof(fe1305x2[5]) + 128];
data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305_vec.c → poly1305_vec.cc} RENAMED
@@ -1,4 +1,4 @@
1
- /* Copyright (c) 2014, Google Inc.
1
+ /* Copyright 2014 The BoringSSL Authors
2
2
  *
3
3
  * Permission to use, copy, modify, and/or distribute this software for any
4
4
  * purpose with or without fee is hereby granted, provided that the above
@@ -31,11 +31,11 @@
31
31
 
32
32
  typedef __m128i xmmi;
33
33
 
34
- static const alignas(16) uint32_t poly1305_x64_sse2_message_mask[4] = {
34
+ alignas(16) static const uint32_t poly1305_x64_sse2_message_mask[4] = {
35
35
  (1 << 26) - 1, 0, (1 << 26) - 1, 0};
36
- static const alignas(16) uint32_t poly1305_x64_sse2_5[4] = {5, 0, 5, 0};
37
- static const alignas(16) uint32_t poly1305_x64_sse2_1shl128[4] = {
38
- (1 << 24), 0, (1 << 24), 0};
36
+ alignas(16) static const uint32_t poly1305_x64_sse2_5[4] = {5, 0, 5, 0};
37
+ alignas(16) static const uint32_t poly1305_x64_sse2_1shl128[4] = {(1 << 24), 0,
38
+ (1 << 24), 0};
39
39
 
40
40
  static inline uint128_t add128(uint128_t a, uint128_t b) { return a + b; }
41
41
 
@@ -136,7 +136,8 @@ void CRYPTO_poly1305_init(poly1305_state *state, const uint8_t key[32]) {
136
136
 
137
137
  static void poly1305_first_block(poly1305_state_internal *st,
138
138
  const uint8_t *m) {
139
- const xmmi MMASK = _mm_load_si128((const xmmi *)poly1305_x64_sse2_message_mask);
139
+ const xmmi MMASK =
140
+ _mm_load_si128((const xmmi *)poly1305_x64_sse2_message_mask);
140
141
  const xmmi FIVE = _mm_load_si128((const xmmi *)poly1305_x64_sse2_5);
141
142
  const xmmi HIBIT = _mm_load_si128((const xmmi *)poly1305_x64_sse2_1shl128);
142
143
  xmmi T5, T6;
@@ -181,7 +182,7 @@ static void poly1305_first_block(poly1305_state_internal *st,
181
182
  r20 = r20 & 0xfffffffffff;
182
183
  r21 += c;
183
184
 
184
- p->R20.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)(r20)&0x3ffffff),
185
+ p->R20.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)(r20) & 0x3ffffff),
185
186
  _MM_SHUFFLE(1, 0, 1, 0));
186
187
  p->R21.v = _mm_shuffle_epi32(
187
188
  _mm_cvtsi32_si128((uint32_t)((r20 >> 26) | (r21 << 18)) & 0x3ffffff),
@@ -229,7 +230,8 @@ static void poly1305_first_block(poly1305_state_internal *st,
229
230
 
230
231
  static void poly1305_blocks(poly1305_state_internal *st, const uint8_t *m,
231
232
  size_t bytes) {
232
- const xmmi MMASK = _mm_load_si128((const xmmi *)poly1305_x64_sse2_message_mask);
233
+ const xmmi MMASK =
234
+ _mm_load_si128((const xmmi *)poly1305_x64_sse2_message_mask);
233
235
  const xmmi FIVE = _mm_load_si128((const xmmi *)poly1305_x64_sse2_5);
234
236
  const xmmi HIBIT = _mm_load_si128((const xmmi *)poly1305_x64_sse2_1shl128);
235
237
 
@@ -419,7 +421,8 @@ static void poly1305_blocks(poly1305_state_internal *st, const uint8_t *m,
419
421
 
420
422
  static size_t poly1305_combine(poly1305_state_internal *st, const uint8_t *m,
421
423
  size_t bytes) {
422
- const xmmi MMASK = _mm_load_si128((const xmmi *)poly1305_x64_sse2_message_mask);
424
+ const xmmi MMASK =
425
+ _mm_load_si128((const xmmi *)poly1305_x64_sse2_message_mask);
423
426
  const xmmi HIBIT = _mm_load_si128((const xmmi *)poly1305_x64_sse2_1shl128);
424
427
  const xmmi FIVE = _mm_load_si128((const xmmi *)poly1305_x64_sse2_5);
425
428
 
@@ -547,7 +550,7 @@ static size_t poly1305_combine(poly1305_state_internal *st, const uint8_t *m,
547
550
  r1 = ((uint64_t)p->R21.d[3] << 32) | (uint64_t)p->R21.d[1];
548
551
  r2 = ((uint64_t)p->R22.d[3] << 32) | (uint64_t)p->R22.d[1];
549
552
 
550
- p->R20.d[2] = (uint32_t)(r0)&0x3ffffff;
553
+ p->R20.d[2] = (uint32_t)(r0) & 0x3ffffff;
551
554
  p->R21.d[2] = (uint32_t)((r0 >> 26) | (r1 << 18)) & 0x3ffffff;
552
555
  p->R22.d[2] = (uint32_t)((r1 >> 8)) & 0x3ffffff;
553
556
  p->R23.d[2] = (uint32_t)((r1 >> 34) | (r2 << 10)) & 0x3ffffff;
@@ -838,7 +841,7 @@ poly1305_donna_finish:
838
841
  c = (h1 >> 44);
839
842
  h1 &= 0xfffffffffff;
840
843
  t1 = (t1 >> 24);
841
- h2 += (t1)+c;
844
+ h2 += (t1) + c;
842
845
 
843
846
  CRYPTO_store_u64_le(mac + 0, ((h0) | (h1 << 44)));
844
847
  CRYPTO_store_u64_le(mac + 8, ((h1 >> 20) | (h2 << 24)));
data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h CHANGED
@@ -1,4 +1,4 @@
1
- /* Copyright (c) 2016, Google Inc.
1
+ /* Copyright 2016 The BoringSSL Authors
2
2
  *
3
3
  * Permission to use, copy, modify, and/or distribute this software for any
4
4
  * purpose with or without fee is hereby granted, provided that the above
data/third_party/boringssl-with-bazel/src/crypto/pool/{pool.c → pool.cc} RENAMED
@@ -1,4 +1,4 @@
1
- /* Copyright (c) 2016, Google Inc.
1
+ /* Copyright 2016 The BoringSSL Authors
2
2
  *
3
3
  * Permission to use, copy, modify, and/or distribute this software for any
4
4
  * purpose with or without fee is hereby granted, provided that the above
@@ -41,8 +41,9 @@ static int CRYPTO_BUFFER_cmp(const CRYPTO_BUFFER *a, const CRYPTO_BUFFER *b) {
41
41
  return OPENSSL_memcmp(a->data, b->data, a->len);
42
42
  }
43
43
 
44
- CRYPTO_BUFFER_POOL* CRYPTO_BUFFER_POOL_new(void) {
45
- CRYPTO_BUFFER_POOL *pool = OPENSSL_zalloc(sizeof(CRYPTO_BUFFER_POOL));
44
+ CRYPTO_BUFFER_POOL *CRYPTO_BUFFER_POOL_new(void) {
45
+ CRYPTO_BUFFER_POOL *pool = reinterpret_cast<CRYPTO_BUFFER_POOL *>(
46
+ OPENSSL_zalloc(sizeof(CRYPTO_BUFFER_POOL)));
46
47
  if (pool == NULL) {
47
48
  return NULL;
48
49
  }
@@ -87,7 +88,7 @@ static CRYPTO_BUFFER *crypto_buffer_new(const uint8_t *data, size_t len,
87
88
  CRYPTO_BUFFER_POOL *pool) {
88
89
  if (pool != NULL) {
89
90
  CRYPTO_BUFFER tmp;
90
- tmp.data = (uint8_t *) data;
91
+ tmp.data = (uint8_t *)data;
91
92
  tmp.len = len;
92
93
  tmp.pool = pool;
93
94
 
@@ -108,7 +109,8 @@ static CRYPTO_BUFFER *crypto_buffer_new(const uint8_t *data, size_t len,
108
109
  }
109
110
  }
110
111
 
111
- CRYPTO_BUFFER *const buf = OPENSSL_zalloc(sizeof(CRYPTO_BUFFER));
112
+ CRYPTO_BUFFER *const buf =
113
+ reinterpret_cast<CRYPTO_BUFFER *>(OPENSSL_zalloc(sizeof(CRYPTO_BUFFER)));
112
114
  if (buf == NULL) {
113
115
  return NULL;
114
116
  }
@@ -117,7 +119,7 @@ static CRYPTO_BUFFER *crypto_buffer_new(const uint8_t *data, size_t len,
117
119
  buf->data = (uint8_t *)data;
118
120
  buf->data_is_static = 1;
119
121
  } else {
120
- buf->data = OPENSSL_memdup(data, len);
122
+ buf->data = reinterpret_cast<uint8_t *>(OPENSSL_memdup(data, len));
121
123
  if (len != 0 && buf->data == NULL) {
122
124
  OPENSSL_free(buf);
123
125
  return NULL;
@@ -168,12 +170,13 @@ CRYPTO_BUFFER *CRYPTO_BUFFER_new(const uint8_t *data, size_t len,
168
170
  }
169
171
 
170
172
  CRYPTO_BUFFER *CRYPTO_BUFFER_alloc(uint8_t **out_data, size_t len) {
171
- CRYPTO_BUFFER *const buf = OPENSSL_zalloc(sizeof(CRYPTO_BUFFER));
173
+ CRYPTO_BUFFER *const buf =
174
+ reinterpret_cast<CRYPTO_BUFFER *>(OPENSSL_zalloc(sizeof(CRYPTO_BUFFER)));
172
175
  if (buf == NULL) {
173
176
  return NULL;
174
177
  }
175
178
 
176
- buf->data = OPENSSL_malloc(len);
179
+ buf->data = reinterpret_cast<uint8_t *>(OPENSSL_malloc(len));
177
180
  if (len != 0 && buf->data == NULL) {
178
181
  OPENSSL_free(buf);
179
182
  return NULL;
@@ -252,9 +255,7 @@ const uint8_t *CRYPTO_BUFFER_data(const CRYPTO_BUFFER *buf) {
252
255
  return buf->data;
253
256
  }
254
257
 
255
- size_t CRYPTO_BUFFER_len(const CRYPTO_BUFFER *buf) {
256
- return buf->len;
257
- }
258
+ size_t CRYPTO_BUFFER_len(const CRYPTO_BUFFER *buf) { return buf->len; }
258
259
 
259
260
  void CRYPTO_BUFFER_init_CBS(const CRYPTO_BUFFER *buf, CBS *out) {
260
261
  CBS_init(out, buf->data, buf->len);
data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{deterministic.c → deterministic.cc} RENAMED
@@ -1,4 +1,4 @@
1
- /* Copyright (c) 2016, Google Inc.
1
+ /* Copyright 2016 The BoringSSL Authors
2
2
  *
3
3
  * Permission to use, copy, modify, and/or distribute this software for any
4
4
  * purpose with or without fee is hereby granted, provided that the above
@@ -39,7 +39,7 @@ void RAND_reset_for_fuzzing(void) { g_num_calls = 0; }
39
39
  void CRYPTO_init_sysrand(void) {}
40
40
 
41
41
  void CRYPTO_sysrand(uint8_t *out, size_t requested) {
42
- static const uint8_t kZeroKey[32];
42
+ static const uint8_t kZeroKey[32] = {0};
43
43
 
44
44
  CRYPTO_MUTEX_lock_write(&g_num_calls_lock);
45
45
  uint64_t num_calls = g_num_calls++;