grpc 1.69.0 → 1.70.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Makefile +251 -249
- data/include/grpc/support/atm.h +0 -13
- data/src/core/call/request_buffer.cc +224 -0
- data/src/core/call/request_buffer.h +192 -0
- data/src/core/client_channel/client_channel.cc +2 -3
- data/src/core/client_channel/client_channel_args.h +21 -0
- data/src/core/client_channel/client_channel_filter.h +1 -3
- data/src/core/client_channel/retry_interceptor.cc +406 -0
- data/src/core/client_channel/retry_interceptor.h +157 -0
- data/src/core/client_channel/retry_service_config.h +13 -0
- data/src/core/client_channel/retry_throttle.cc +33 -18
- data/src/core/client_channel/retry_throttle.h +3 -3
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +596 -94
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +189 -13
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_security.cc +1 -3
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +40 -1
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb.h +3 -1
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb.h +66 -36
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.c +19 -17
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb.h +116 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.c +31 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.h +2 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +67 -6
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.c +12 -8
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb.h +151 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.c +60 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.h +32 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb.h +228 -21
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.c +65 -17
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.h +6 -0
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb.h +7 -106
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.c +7 -28
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.h +0 -2
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb.h +85 -0
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb_minitable.c +25 -3
- data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb.h +2 -1
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb.h +152 -0
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.c +40 -10
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.h +2 -0
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +135 -4
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.c +41 -9
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.h +2 -0
- data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb.h +0 -2
- data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.c +0 -1
- data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.h +0 -1
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +16 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.c +3 -2
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +60 -0
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb_minitable.c +13 -2
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb.h +0 -1
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb_minitable.c +0 -1
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +102 -24
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.c +28 -19
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb.h +251 -18
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.c +41 -16
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.h +2 -0
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb.h +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.c +11 -10
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.c +418 -413
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.c +161 -153
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +267 -261
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.c +46 -0
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.h +33 -0
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.c +29 -19
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.h +15 -0
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.c +58 -65
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.h +0 -5
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.c +73 -63
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.c +49 -48
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.c +117 -100
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +905 -897
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.c +15 -18
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +460 -457
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.c +16 -19
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +95 -95
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +202 -191
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.c +148 -135
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.c +23 -22
- data/src/core/filter/filter_args.h +112 -0
- data/src/core/handshaker/http_connect/http_connect_handshaker.cc +1 -1
- data/src/core/lib/channel/promise_based_filter.h +5 -79
- data/src/core/lib/debug/trace_flags.cc +2 -0
- data/src/core/lib/debug/trace_flags.h +1 -0
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +14 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +7 -2
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +0 -2
- data/src/core/lib/event_engine/windows/windows_engine.cc +1 -0
- data/src/core/lib/experiments/experiments.cc +90 -39
- data/src/core/lib/experiments/experiments.h +43 -24
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +1 -1
- data/src/core/lib/promise/activity.cc +2 -0
- data/src/core/lib/promise/activity.h +29 -8
- data/src/core/lib/promise/map.h +42 -0
- data/src/core/lib/promise/party.cc +36 -1
- data/src/core/lib/promise/party.h +13 -5
- data/src/core/lib/promise/sleep.h +1 -0
- data/src/core/lib/promise/status_flag.h +10 -0
- data/src/core/lib/resource_quota/arena.h +8 -0
- data/src/core/lib/resource_quota/connection_quota.h +4 -0
- data/src/core/lib/surface/call_utils.h +2 -0
- data/src/core/lib/surface/client_call.cc +43 -35
- data/src/core/lib/surface/client_call.h +5 -0
- data/src/core/lib/surface/event_string.cc +7 -1
- data/src/core/lib/surface/init_internally.h +13 -2
- data/src/core/lib/surface/server_call.cc +100 -85
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/call_filters.cc +10 -4
- data/src/core/lib/transport/call_filters.h +8 -0
- data/src/core/lib/transport/call_spine.cc +36 -71
- data/src/core/lib/transport/call_spine.h +131 -7
- data/src/core/lib/transport/call_state.h +132 -39
- data/src/core/lib/transport/interception_chain.cc +8 -0
- data/src/core/lib/transport/interception_chain.h +9 -0
- data/src/core/load_balancing/endpoint_list.cc +10 -0
- data/src/core/load_balancing/endpoint_list.h +13 -6
- data/src/core/load_balancing/lb_policy.h +0 -8
- data/src/core/load_balancing/pick_first/pick_first.cc +89 -56
- data/src/core/load_balancing/ring_hash/ring_hash.cc +158 -70
- data/src/core/load_balancing/ring_hash/ring_hash.h +4 -11
- data/src/core/load_balancing/round_robin/round_robin.cc +9 -14
- data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +12 -15
- data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +4 -4
- data/src/core/resolver/xds/xds_dependency_manager.cc +139 -135
- data/src/core/resolver/xds/xds_dependency_manager.h +24 -18
- data/src/core/resolver/xds/xds_resolver.cc +28 -47
- data/src/core/server/server.cc +290 -24
- data/src/core/server/server.h +199 -61
- data/src/core/server/xds_server_config_fetcher.cc +78 -142
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +1 -1
- data/src/core/util/backoff.cc +15 -4
- data/src/core/util/http_client/httpcli.cc +66 -18
- data/src/core/util/http_client/httpcli.h +14 -4
- data/src/core/util/matchers.h +5 -10
- data/src/core/util/ref_counted.h +1 -0
- data/src/core/util/ref_counted_ptr.h +1 -1
- data/src/core/util/useful.h +9 -11
- data/src/core/xds/grpc/xds_endpoint_parser.cc +54 -23
- data/src/core/xds/grpc/xds_metadata.h +8 -0
- data/src/core/xds/xds_client/xds_api.cc +0 -223
- data/src/core/xds/xds_client/xds_api.h +1 -133
- data/src/core/xds/xds_client/xds_client.cc +599 -466
- data/src/core/xds/xds_client/xds_client.h +107 -26
- data/src/core/xds/xds_client/xds_resource_type_impl.h +10 -5
- data/src/ruby/ext/grpc/extconf.rb +1 -0
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_bitstr.c → a_bitstr.cc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_d2i_fp.c → a_d2i_fp.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_dup.c → a_dup.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_i2d_fp.c → a_i2d_fp.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_int.c → a_int.cc} +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_mbstr.c → a_mbstr.cc} +9 -7
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_object.c → a_object.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_strnid.c → a_strnid.cc} +7 -4
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_type.c → a_type.cc} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn1_lib.c → asn1_lib.cc} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn_pack.c → asn_pack.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{posix_time.c → posix_time.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_dec.c → tasn_dec.cc} +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_enc.c → tasn_enc.cc} +9 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_fre.c → tasn_fre.cc} +14 -20
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_new.c → tasn_new.cc} +7 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_utl.c → tasn_utl.cc} +13 -10
- data/third_party/boringssl-with-bazel/src/crypto/base64/{base64.c → base64.cc} +9 -12
- data/third_party/boringssl-with-bazel/src/crypto/bcm_support.h +7 -1
- data/third_party/boringssl-with-bazel/src/crypto/bio/{bio.c → bio.cc} +32 -58
- data/third_party/boringssl-with-bazel/src/crypto/bio/{bio_mem.c → bio_mem.cc} +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/{connect.c → connect.cc} +24 -16
- data/third_party/boringssl-with-bazel/src/crypto/bio/{file.c → file.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/{pair.c → pair.cc} +22 -20
- data/third_party/boringssl-with-bazel/src/crypto/bio/{printf.c → printf.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/{socket_helper.c → socket_helper.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/blake2/{blake2.c → blake2.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/{bn_asn1.c → bn_asn1.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/{convert.c → convert.cc} +21 -21
- data/third_party/boringssl-with-bazel/src/crypto/buf/{buf.c → buf.cc} +6 -3
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/{asn1_compat.c → asn1_compat.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/{ber.c → ber.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/{cbb.c → cbb.cc} +33 -49
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/{cbs.c → cbs.cc} +20 -27
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/{unicode.c → unicode.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/chacha/{chacha.c → chacha.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_aesctrhmac.c → e_aesctrhmac.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_aesgcmsiv.c → e_aesgcmsiv.cc} +23 -26
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_chacha20poly1305.c → e_chacha20poly1305.cc} +1 -8
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_des.c → e_des.cc} +61 -49
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_null.c → e_null.cc} +12 -9
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_rc2.c → e_rc2.cc} +23 -19
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_rc4.c → e_rc4.cc} +10 -8
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_tls.c → e_tls.cc} +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/conf/{conf.c → conf.cc} +17 -14
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_apple.c → cpu_aarch64_apple.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_fuchsia.c → cpu_aarch64_fuchsia.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_linux.c → cpu_aarch64_linux.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_openbsd.c → cpu_aarch64_openbsd.cc} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_sysreg.c → cpu_aarch64_sysreg.cc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_win.c → cpu_aarch64_win.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_arm_freebsd.c → cpu_arm_freebsd.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_arm_linux.c → cpu_arm_linux.cc} +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_intel.c → cpu_intel.cc} +47 -32
- data/third_party/boringssl-with-bazel/src/crypto/{crypto.c → crypto.cc} +6 -11
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/{curve25519.c → curve25519.cc} +28 -31
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/{curve25519_64_adx.c → curve25519_64_adx.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/{spake25519.c → spake25519.cc} +20 -16
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/{dh_asn1.c → dh_asn1.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/{digest_extra.c → digest_extra.cc} +113 -31
- data/third_party/boringssl-with-bazel/src/crypto/dsa/{dsa.c → dsa.cc} +153 -154
- data/third_party/boringssl-with-bazel/src/crypto/dsa/{dsa_asn1.c → dsa_asn1.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/{ec_asn1.c → ec_asn1.cc} +35 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/{ec_derive.c → ec_derive.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/{hash_to_curve.c → hash_to_curve.cc} +66 -64
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/{ecdsa_asn1.c → ecdsa_asn1.cc} +15 -25
- data/third_party/boringssl-with-bazel/src/crypto/engine/{engine.c → engine.cc} +12 -8
- data/third_party/boringssl-with-bazel/src/crypto/err/{err.c → err.cc} +24 -27
- data/third_party/boringssl-with-bazel/src/crypto/err/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/evp/{evp.c → evp.cc} +8 -9
- data/third_party/boringssl-with-bazel/src/crypto/evp/{evp_ctx.c → evp_ctx.cc} +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_dh.c → p_dh.cc} +23 -14
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_dh_asn1.c → p_dh_asn1.cc} +38 -21
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_dsa_asn1.c → p_dsa_asn1.cc} +19 -24
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ec.c → p_ec.cc} +20 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ec_asn1.c → p_ec_asn1.cc} +20 -20
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ed25519.c → p_ed25519.cc} +22 -19
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ed25519_asn1.c → p_ed25519_asn1.cc} +14 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_hkdf.c → p_hkdf.cc} +18 -14
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_rsa.c → p_rsa.cc} +38 -37
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_rsa_asn1.c → p_rsa_asn1.cc} +16 -18
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_x25519.c → p_x25519.cc} +22 -19
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_x25519_asn1.c → p_x25519_asn1.cc} +18 -17
- data/third_party/boringssl-with-bazel/src/crypto/evp/{pbkdf.c → pbkdf.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/evp/{print.c → print.cc} +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/{scrypt.c → scrypt.cc} +7 -5
- data/third_party/boringssl-with-bazel/src/crypto/{ex_data.c → ex_data.cc} +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{aes_nohw.c.inc → aes_nohw.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{key_wrap.c.inc → key_wrap.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{bcm.c → bcm.cc} +96 -101
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +165 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{add.c.inc → add.cc.inc} +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/{x86_64-gcc.c.inc → x86_64-gcc.cc.inc} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{bn.c.inc → bn.cc.inc} +12 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{ctx.c.inc → ctx.cc.inc} +5 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{div.c.inc → div.cc.inc} +29 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{div_extra.c.inc → div_extra.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{exponentiation.c.inc → exponentiation.cc.inc} +22 -22
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{gcd.c.inc → gcd.cc.inc} +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{gcd_extra.c.inc → gcd_extra.cc.inc} +33 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{montgomery.c.inc → montgomery.cc.inc} +10 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{mul.c.inc → mul.cc.inc} +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{prime.c.inc → prime.cc.inc} +31 -34
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{shift.c.inc → shift.cc.inc} +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{aead.c.inc → aead.cc.inc} +18 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{cipher.c.inc → cipher.cc.inc} +6 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{e_aes.c.inc → e_aes.cc.inc} +46 -54
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/{cmac.c.inc → cmac.cc.inc} +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +14 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/{dh.c.inc → dh.cc.inc} +15 -19
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/{digest.c.inc → digest.cc.inc} +17 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/{digests.c.inc → digests.cc.inc} +29 -113
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/{digestsign.c.inc → digestsign.cc.inc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/builtin_curves.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec.c.inc → ec.cc.inc} +10 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec_key.c.inc → ec_key.cc.inc} +12 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{felem.c.inc → felem.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{oct.c.inc → oct.cc.inc} +5 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p224-64.c.inc → p224-64.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz-table.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-nistz.c.inc → p256-nistz.cc.inc} +15 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256.c.inc → p256.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{scalar.c.inc → scalar.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{simple_mul.c.inc → simple_mul.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{util.c.inc → util.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{wnaf.c.inc → wnaf.cc.inc} +24 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/{ecdh.c.inc → ecdh.cc.inc} +14 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/{ecdsa.c.inc → ecdsa.cc.inc} +6 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{fips_shared_support.c → fips_shared_support.cc} +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/{hkdf.c.inc → hkdf.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/{hmac.c.inc → hmac.cc.inc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{gcm.c.inc → gcm.cc.inc} +69 -21
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{gcm_nohw.c.inc → gcm_nohw.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +53 -33
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{polyval.c.inc → polyval.cc.inc} +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/{ctrdrbg.c.inc → ctrdrbg.cc.inc} +5 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/{rand.c.inc → rand.cc.inc} +20 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{blinding.c.inc → blinding.cc.inc} +5 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{padding.c.inc → padding.cc.inc} +21 -21
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{rsa.c.inc → rsa.cc.inc} +77 -73
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{rsa_impl.c.inc → rsa_impl.cc.inc} +50 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/{fips.c.inc → fips.cc.inc} +14 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/{self_check.c.inc → self_check.cc.inc} +56 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/{service_indicator.c.inc → service_indicator.cc.inc} +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha1.c.inc → sha1.cc.inc} +26 -33
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha256.c.inc → sha256.cc.inc} +37 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha512.c.inc → sha512.cc.inc} +48 -76
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/hpke/{hpke.c → hpke.cc} +7 -4
- data/third_party/boringssl-with-bazel/src/crypto/hrss/{hrss.c → hrss.cc} +53 -110
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +191 -248
- data/third_party/boringssl-with-bazel/src/crypto/keccak/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/keccak/{keccak.c → keccak.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/kyber/{kyber.c → kyber.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/lhash/{lhash.c → lhash.cc} +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/md4/md4.c.inc → md4/md4.cc} +8 -12
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/md5 → md5}/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/md5/md5.c.inc → md5/md5.cc} +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/{mem.c → mem.cc} +34 -22
- data/third_party/boringssl-with-bazel/src/crypto/mldsa/internal.h +4 -1
- data/third_party/boringssl-with-bazel/src/crypto/mldsa/{mldsa.c → mldsa.cc} +646 -543
- data/third_party/boringssl-with-bazel/src/crypto/mlkem/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/mlkem/mlkem.cc +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/obj/{obj.c → obj.cc} +27 -30
- data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_info.c → pem_info.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_lib.c → pem_lib.cc} +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_oth.c → pem_oth.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/{pkcs7.c → pkcs7.cc} +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/{pkcs7_x509.c → pkcs7_x509.cc} +26 -25
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{p5_pbev2.c → p5_pbev2.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{pkcs8.c → pkcs8.cc} +159 -158
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{pkcs8_x509.c → pkcs8_x509.cc} +90 -97
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305.c → poly1305.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305_arm.c → poly1305_arm.cc} +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305_vec.c → poly1305_vec.cc} +14 -11
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/pool/{pool.c → pool.cc} +12 -11
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{deterministic.c → deterministic.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{fork_detect.c → fork_detect.cc} +11 -12
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{forkunsafe.c → forkunsafe.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{getentropy.c → getentropy.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/getrandom_fillin.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{ios.c → ios.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{passive.c → passive.cc} +22 -18
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{rand_extra.c → rand_extra.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/sysrand_internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{trusty.c → trusty.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{urandom.c → urandom.cc} +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{windows.c → windows.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{refcount.c → refcount.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/{rsa_asn1.c → rsa_asn1.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/{rsa_crypt.c → rsa_crypt.cc} +81 -78
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_extra.cc +17 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha1.cc +52 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha256.cc +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha512.cc +104 -0
- data/third_party/boringssl-with-bazel/src/crypto/siphash/{siphash.c → siphash.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/address.h +123 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/fors.cc +169 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/fors.h +58 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/internal.h +63 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/merkle.cc +161 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/merkle.h +70 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/params.h +83 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/slhdsa.cc +307 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/thash.cc +173 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/thash.h +85 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/wots.cc +171 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/wots.h +50 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/{stack.c → stack.cc} +10 -6
- data/third_party/boringssl-with-bazel/src/crypto/{thread_none.c → thread_none.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{thread_pthread.c → thread_pthread.cc} +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/{thread_win.c → thread_win.cc} +21 -17
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/{pmbtoken.c → pmbtoken.cc} +146 -158
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/{trust_token.c → trust_token.cc} +19 -21
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/{voprf.c → voprf.cc} +165 -169
- data/third_party/boringssl-with-bazel/src/crypto/x509/{a_digest.c → a_digest.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{a_sign.c → a_sign.cc} +37 -34
- data/third_party/boringssl-with-bazel/src/crypto/x509/{a_verify.c → a_verify.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{algorithm.c → algorithm.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{asn1_gen.c → asn1_gen.cc} +5 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/{by_dir.c → by_dir.cc} +7 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/{policy.c → policy.cc} +188 -178
- data/third_party/boringssl-with-bazel/src/crypto/x509/{rsa_pss.c → rsa_pss.cc} +48 -44
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_akey.c → v3_akey.cc} +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_alt.c → v3_alt.cc} +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_bcons.c → v3_bcons.cc} +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_bitst.c → v3_bitst.cc} +6 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_conf.c → v3_conf.cc} +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_cpols.c → v3_cpols.cc} +47 -41
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_crld.c → v3_crld.cc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_enum.c → v3_enum.cc} +5 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_extku.c → v3_extku.cc} +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_genn.c → v3_genn.cc} +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_ia5.c → v3_ia5.cc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_info.c → v3_info.cc} +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_int.c → v3_int.cc} +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_lib.c → v3_lib.cc} +9 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_ncons.c → v3_ncons.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_ocsp.c → v3_ocsp.cc} +4 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_pcons.c → v3_pcons.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_pmaps.c → v3_pmaps.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_prn.c → v3_prn.cc} +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_purp.c → v3_purp.cc} +16 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_skey.c → v3_skey.cc} +6 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_utl.c → v3_utl.cc} +15 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_att.c → x509_att.cc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_lu.c → x509_lu.cc} +6 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_v3.c → x509_v3.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_vfy.c → x509_vfy.cc} +216 -212
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_vpm.c → x509_vpm.cc} +55 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509spki.c → x509spki.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_all.c → x_all.cc} +10 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_crl.c → x_crl.cc} +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_name.c → x_name.cc} +39 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_pubkey.c → x_pubkey.cc} +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_x509.c → x_x509.cc} +48 -44
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_x509a.c → x_x509a.cc} +4 -2
- data/third_party/boringssl-with-bazel/src/gen/crypto/{err_data.c → err_data.cc} +359 -358
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/asm_base.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1_mac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +237 -275
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +12 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/bcm_public.h +82 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/buffer.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +13 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +6 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dtls1.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +17 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/is_boringssl.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +8 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/objects.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslv.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ossl_typ.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs12.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +10 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/safestack.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +2 -40
- data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/slhdsa.h +133 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +6 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/srtp.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +160 -116
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/time.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3_errors.h +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -6
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +667 -322
- data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +116 -119
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +163 -21
- data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +4 -12
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +94 -49
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +296 -198
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +23 -14
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +363 -343
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +48 -58
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +44 -36
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +145 -159
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +65 -58
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +910 -356
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +29 -41
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +13 -11
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +90 -183
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +38 -64
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +103 -44
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +210 -220
- data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +70 -12
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +20 -17
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +146 -169
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +15 -16
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +79 -95
- data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +3 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +91 -16
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +30 -16
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +51 -56
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +22 -25
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +43 -27
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +63 -59
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +204 -121
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +86 -59
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +51 -62
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +37 -25
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +6 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +6 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_adx.h +4 -1
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1 -1
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +3 -0
- metadata +339 -339
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb.h +0 -426
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.c +0 -87
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.h +0 -32
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb.h +0 -408
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.c +0 -124
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.h +0 -38
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.c +0 -108
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.h +0 -33
- data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.c +0 -67
- data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.h +0 -48
- data/src/core/util/atm.cc +0 -34
- data/third_party/boringssl-with-bazel/src/crypto/dilithium/dilithium.c +0 -1539
- data/third_party/boringssl-with-bazel/src/crypto/dilithium/internal.h +0 -58
- data/third_party/boringssl-with-bazel/src/crypto/spx/address.c +0 -101
- data/third_party/boringssl-with-bazel/src/crypto/spx/address.h +0 -50
- data/third_party/boringssl-with-bazel/src/crypto/spx/fors.c +0 -133
- data/third_party/boringssl-with-bazel/src/crypto/spx/fors.h +0 -54
- data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.c +0 -150
- data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.h +0 -61
- data/third_party/boringssl-with-bazel/src/crypto/spx/params.h +0 -71
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx.c +0 -140
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.c +0 -53
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.h +0 -44
- data/third_party/boringssl-with-bazel/src/crypto/spx/thash.c +0 -136
- data/third_party/boringssl-with-bazel/src/crypto/spx/thash.h +0 -70
- data/third_party/boringssl-with-bazel/src/crypto/spx/wots.c +0 -135
- data/third_party/boringssl-with-bazel/src/crypto/spx/wots.h +0 -45
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/dilithium.h +0 -129
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/spx.h +0 -90
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_bool.c → a_bool.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_gentm.c → a_gentm.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_octet.c → a_octet.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_strex.c → a_strex.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_time.c → a_time.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_utctm.c → a_utctm.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn1_par.c → asn1_par.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{f_int.c → f_int.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{f_string.c → f_string.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_typ.c → tasn_typ.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/bio/{errno.c → errno.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/bio/{fd.c → fd.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/bio/{hexdump.c → hexdump.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/bio/{socket.c → socket.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{cipher_extra.c → cipher_extra.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{derive_key.c → derive_key.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{tls_cbc.c → tls_cbc.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/des/{des.c → des.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/dh_extra/{params.c → params.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/{ecdh_extra.c → ecdh_extra.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/evp/{evp_asn1.c → evp_asn1.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/evp/{sign.c → sign.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{aes.c.inc → aes.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{mode_wrappers.c.inc → mode_wrappers.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{bytes.c.inc → bytes.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{cmp.c.inc → cmp.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{generic.c.inc → generic.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{jacobi.c.inc → jacobi.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{montgomery_inv.c.inc → montgomery_inv.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{random.c.inc → random.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{rsaz_exp.c.inc → rsaz_exp.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{sqrt.c.inc → sqrt.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{e_aesccm.c.inc → e_aesccm.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/{check.c.inc → check.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec_montgomery.c.inc → ec_montgomery.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{simple.c.inc → simple.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{cbc.c.inc → cbc.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{cfb.c.inc → cfb.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{ctr.c.inc → ctr.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{ofb.c.inc → ofb.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/{kdf.c.inc → kdf.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/obj/{obj_xref.c → obj_xref.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_all.c → pem_all.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_pk8.c → pem_pk8.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_pkey.c → pem_pkey.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_x509.c → pem_x509.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_xaux.c → pem_xaux.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/rc4/{rc4.c → rc4.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/{rsa_print.c → rsa_print.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/{thread.c → thread.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{by_file.c → by_file.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{i2d_pr.c → i2d_pr.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{name_print.c → name_print.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_crl.c → t_crl.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_req.c → t_req.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_x509.c → t_x509.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_x509a.c → t_x509a.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_akeya.c → v3_akeya.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509.c → x509.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_cmp.c → x509_cmp.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_d2.c → x509_d2.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_def.c → x509_def.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_ext.c → x509_ext.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_obj.c → x509_obj.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_req.c → x509_req.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_set.c → x509_set.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_trs.c → x509_trs.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_txt.c → x509_txt.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509cset.c → x509cset.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509name.c → x509name.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509rset.c → x509rset.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_algor.c → x_algor.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_attrib.c → x_attrib.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_exten.c → x_exten.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_req.c → x_req.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_sig.c → x_sig.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_spki.c → x_spki.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_val.c → x_val.cc} +0 -0
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
|
2
|
-
*
|
|
1
|
+
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
|
|
2
|
+
* 1999.
|
|
3
3
|
*/
|
|
4
4
|
/* ====================================================================
|
|
5
5
|
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
|
@@ -57,14 +57,14 @@
|
|
|
57
57
|
|
|
58
58
|
#include <limits.h>
|
|
59
59
|
|
|
60
|
-
#include <openssl/asn1t.h>
|
|
61
60
|
#include <openssl/asn1.h>
|
|
61
|
+
#include <openssl/asn1t.h>
|
|
62
62
|
#include <openssl/bio.h>
|
|
63
63
|
#include <openssl/buf.h>
|
|
64
64
|
#include <openssl/bytestring.h>
|
|
65
|
+
#include <openssl/digest.h>
|
|
65
66
|
#include <openssl/err.h>
|
|
66
67
|
#include <openssl/evp.h>
|
|
67
|
-
#include <openssl/digest.h>
|
|
68
68
|
#include <openssl/hmac.h>
|
|
69
69
|
#include <openssl/mem.h>
|
|
70
70
|
#include <openssl/rand.h>
|
|
@@ -126,13 +126,12 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey) {
|
|
|
126
126
|
CBB cbb;
|
|
127
127
|
uint8_t *der = NULL;
|
|
128
128
|
size_t der_len;
|
|
129
|
-
if (!CBB_init(&cbb, 0) ||
|
|
130
|
-
!
|
|
131
|
-
!CBB_finish(&cbb, &der, &der_len) ||
|
|
132
|
-
der_len > LONG_MAX) {
|
|
129
|
+
if (!CBB_init(&cbb, 0) || !EVP_marshal_private_key(&cbb, pkey) ||
|
|
130
|
+
!CBB_finish(&cbb, &der, &der_len) || der_len > LONG_MAX) {
|
|
133
131
|
CBB_cleanup(&cbb);
|
|
134
132
|
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ENCODE_ERROR);
|
|
135
|
-
|
|
133
|
+
OPENSSL_free(der);
|
|
134
|
+
return NULL;
|
|
136
135
|
}
|
|
137
136
|
|
|
138
137
|
const uint8_t *p = der;
|
|
@@ -203,6 +202,7 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass,
|
|
|
203
202
|
|
|
204
203
|
X509_SIG *ret = NULL;
|
|
205
204
|
uint8_t *der = NULL;
|
|
205
|
+
const uint8_t *ptr;
|
|
206
206
|
size_t der_len;
|
|
207
207
|
CBB cbb;
|
|
208
208
|
if (!CBB_init(&cbb, 128) ||
|
|
@@ -215,7 +215,7 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass,
|
|
|
215
215
|
}
|
|
216
216
|
|
|
217
217
|
// Convert back to legacy ASN.1 objects.
|
|
218
|
-
|
|
218
|
+
ptr = der;
|
|
219
219
|
ret = d2i_X509_SIG(NULL, &ptr, der_len);
|
|
220
220
|
if (ret == NULL || ptr != der + der_len) {
|
|
221
221
|
OPENSSL_PUT_ERROR(PKCS8, ERR_R_INTERNAL_ERROR);
|
|
@@ -255,8 +255,7 @@ static int PKCS12_handle_sequence(
|
|
|
255
255
|
}
|
|
256
256
|
|
|
257
257
|
CBS child;
|
|
258
|
-
if (!CBS_get_asn1(&in, &child, CBS_ASN1_SEQUENCE) ||
|
|
259
|
-
CBS_len(&in) != 0) {
|
|
258
|
+
if (!CBS_get_asn1(&in, &child, CBS_ASN1_SEQUENCE) || CBS_len(&in) != 0) {
|
|
260
259
|
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
|
|
261
260
|
goto err;
|
|
262
261
|
}
|
|
@@ -318,8 +317,7 @@ static int parse_bag_attributes(CBS *attrs, uint8_t **out_friendly_name,
|
|
|
318
317
|
CBS attr, oid, values;
|
|
319
318
|
if (!CBS_get_asn1(attrs, &attr, CBS_ASN1_SEQUENCE) ||
|
|
320
319
|
!CBS_get_asn1(&attr, &oid, CBS_ASN1_OBJECT) ||
|
|
321
|
-
!CBS_get_asn1(&attr, &values, CBS_ASN1_SET) ||
|
|
322
|
-
CBS_len(&attr) != 0) {
|
|
320
|
+
!CBS_get_asn1(&attr, &values, CBS_ASN1_SET) || CBS_len(&attr) != 0) {
|
|
323
321
|
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
|
|
324
322
|
goto err;
|
|
325
323
|
}
|
|
@@ -328,8 +326,7 @@ static int parse_bag_attributes(CBS *attrs, uint8_t **out_friendly_name,
|
|
|
328
326
|
CBS value;
|
|
329
327
|
if (*out_friendly_name != NULL ||
|
|
330
328
|
!CBS_get_asn1(&values, &value, CBS_ASN1_BMPSTRING) ||
|
|
331
|
-
CBS_len(&values) != 0 ||
|
|
332
|
-
CBS_len(&value) == 0) {
|
|
329
|
+
CBS_len(&values) != 0 || CBS_len(&value) == 0) {
|
|
333
330
|
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
|
|
334
331
|
goto err;
|
|
335
332
|
}
|
|
@@ -340,8 +337,7 @@ static int parse_bag_attributes(CBS *attrs, uint8_t **out_friendly_name,
|
|
|
340
337
|
}
|
|
341
338
|
while (CBS_len(&value) != 0) {
|
|
342
339
|
uint32_t c;
|
|
343
|
-
if (!CBS_get_ucs2_be(&value, &c) ||
|
|
344
|
-
!CBB_add_utf8(&cbb, c)) {
|
|
340
|
+
if (!CBS_get_ucs2_be(&value, &c) || !CBB_add_utf8(&cbb, c)) {
|
|
345
341
|
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_INVALID_CHARACTERS);
|
|
346
342
|
CBB_cleanup(&cbb);
|
|
347
343
|
goto err;
|
|
@@ -454,8 +450,7 @@ static int PKCS12_handle_safe_bag(CBS *safe_bag, struct pkcs12_context *ctx) {
|
|
|
454
450
|
int ok = friendly_name_len == 0 ||
|
|
455
451
|
X509_alias_set1(x509, friendly_name, friendly_name_len);
|
|
456
452
|
OPENSSL_free(friendly_name);
|
|
457
|
-
if (!ok ||
|
|
458
|
-
0 == sk_X509_push(ctx->out_certs, x509)) {
|
|
453
|
+
if (!ok || 0 == sk_X509_push(ctx->out_certs, x509)) {
|
|
459
454
|
X509_free(x509);
|
|
460
455
|
return 0;
|
|
461
456
|
}
|
|
@@ -485,7 +480,7 @@ static int PKCS12_handle_content_info(CBS *content_info,
|
|
|
485
480
|
|
|
486
481
|
if (!CBS_get_asn1(content_info, &content_type, CBS_ASN1_OBJECT) ||
|
|
487
482
|
!CBS_get_asn1(content_info, &wrapped_contents,
|
|
488
|
-
|
|
483
|
+
CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) ||
|
|
489
484
|
CBS_len(content_info) != 0) {
|
|
490
485
|
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
|
|
491
486
|
goto err;
|
|
@@ -511,9 +506,9 @@ static int PKCS12_handle_content_info(CBS *content_info,
|
|
|
511
506
|
// AlgorithmIdentifier, see
|
|
512
507
|
// https://tools.ietf.org/html/rfc5280#section-4.1.1.2
|
|
513
508
|
!CBS_get_asn1(&eci, &ai, CBS_ASN1_SEQUENCE) ||
|
|
514
|
-
!CBS_get_asn1_implicit_string(
|
|
515
|
-
|
|
516
|
-
|
|
509
|
+
!CBS_get_asn1_implicit_string(&eci, &encrypted_contents, &storage,
|
|
510
|
+
CBS_ASN1_CONTEXT_SPECIFIC | 0,
|
|
511
|
+
CBS_ASN1_OCTETSTRING)) {
|
|
517
512
|
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
|
|
518
513
|
goto err;
|
|
519
514
|
}
|
|
@@ -605,8 +600,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs,
|
|
|
605
600
|
|
|
606
601
|
// See ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf, section
|
|
607
602
|
// four.
|
|
608
|
-
if (!CBS_get_asn1(&in, &pfx, CBS_ASN1_SEQUENCE) ||
|
|
609
|
-
CBS_len(&in) != 0 ||
|
|
603
|
+
if (!CBS_get_asn1(&in, &pfx, CBS_ASN1_SEQUENCE) || CBS_len(&in) != 0 ||
|
|
610
604
|
!CBS_get_asn1_uint64(&pfx, &version)) {
|
|
611
605
|
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
|
|
612
606
|
goto err;
|
|
@@ -636,7 +630,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs,
|
|
|
636
630
|
// https://tools.ietf.org/html/rfc2315#section-7.
|
|
637
631
|
if (!CBS_get_asn1(&authsafe, &content_type, CBS_ASN1_OBJECT) ||
|
|
638
632
|
!CBS_get_asn1(&authsafe, &wrapped_authsafes,
|
|
639
|
-
|
|
633
|
+
CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) {
|
|
640
634
|
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
|
|
641
635
|
goto err;
|
|
642
636
|
}
|
|
@@ -742,12 +736,13 @@ struct pkcs12_st {
|
|
|
742
736
|
|
|
743
737
|
PKCS12 *d2i_PKCS12(PKCS12 **out_p12, const uint8_t **ber_bytes,
|
|
744
738
|
size_t ber_len) {
|
|
745
|
-
PKCS12 *p12 = OPENSSL_malloc(sizeof(PKCS12));
|
|
739
|
+
PKCS12 *p12 = reinterpret_cast<PKCS12 *>(OPENSSL_malloc(sizeof(PKCS12)));
|
|
746
740
|
if (!p12) {
|
|
747
741
|
return NULL;
|
|
748
742
|
}
|
|
749
743
|
|
|
750
|
-
p12->ber_bytes =
|
|
744
|
+
p12->ber_bytes =
|
|
745
|
+
reinterpret_cast<uint8_t *>(OPENSSL_memdup(*ber_bytes, ber_len));
|
|
751
746
|
if (!p12->ber_bytes) {
|
|
752
747
|
OPENSSL_free(p12);
|
|
753
748
|
return NULL;
|
|
@@ -764,7 +759,7 @@ PKCS12 *d2i_PKCS12(PKCS12 **out_p12, const uint8_t **ber_bytes,
|
|
|
764
759
|
return p12;
|
|
765
760
|
}
|
|
766
761
|
|
|
767
|
-
PKCS12*
|
|
762
|
+
PKCS12 *d2i_PKCS12_bio(BIO *bio, PKCS12 **out_p12) {
|
|
768
763
|
size_t used = 0;
|
|
769
764
|
BUF_MEM *buf;
|
|
770
765
|
const uint8_t *dummy;
|
|
@@ -801,13 +796,12 @@ PKCS12* d2i_PKCS12_bio(BIO *bio, PKCS12 **out_p12) {
|
|
|
801
796
|
continue;
|
|
802
797
|
}
|
|
803
798
|
|
|
804
|
-
if (buf->length > kMaxSize ||
|
|
805
|
-
BUF_MEM_grow(buf, buf->length * 2) == 0) {
|
|
799
|
+
if (buf->length > kMaxSize || BUF_MEM_grow(buf, buf->length * 2) == 0) {
|
|
806
800
|
goto out;
|
|
807
801
|
}
|
|
808
802
|
}
|
|
809
803
|
|
|
810
|
-
dummy = (uint8_t*)
|
|
804
|
+
dummy = (uint8_t *)buf->data;
|
|
811
805
|
ret = d2i_PKCS12(out_p12, &dummy, used);
|
|
812
806
|
|
|
813
807
|
out:
|
|
@@ -815,7 +809,7 @@ out:
|
|
|
815
809
|
return ret;
|
|
816
810
|
}
|
|
817
811
|
|
|
818
|
-
PKCS12*
|
|
812
|
+
PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **out_p12) {
|
|
819
813
|
BIO *bio;
|
|
820
814
|
PKCS12 *ret;
|
|
821
815
|
|
|
@@ -840,7 +834,8 @@ int i2d_PKCS12(const PKCS12 *p12, uint8_t **out) {
|
|
|
840
834
|
}
|
|
841
835
|
|
|
842
836
|
if (*out == NULL) {
|
|
843
|
-
*out =
|
|
837
|
+
*out = reinterpret_cast<uint8_t *>(
|
|
838
|
+
OPENSSL_memdup(p12->ber_bytes, p12->ber_len));
|
|
844
839
|
if (*out == NULL) {
|
|
845
840
|
return -1;
|
|
846
841
|
}
|
|
@@ -968,8 +963,7 @@ static int add_bag_attributes(CBB *bag, const char *name, size_t name_len,
|
|
|
968
963
|
CBS_init(&name_cbs, (const uint8_t *)name, name_len);
|
|
969
964
|
while (CBS_len(&name_cbs) != 0) {
|
|
970
965
|
uint32_t c;
|
|
971
|
-
if (!CBS_get_utf8(&name_cbs, &c) ||
|
|
972
|
-
!CBB_add_ucs2_be(&value, c)) {
|
|
966
|
+
if (!CBS_get_utf8(&name_cbs, &c) || !CBB_add_ucs2_be(&value, c)) {
|
|
973
967
|
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_INVALID_CHARACTERS);
|
|
974
968
|
return 0;
|
|
975
969
|
}
|
|
@@ -986,14 +980,13 @@ static int add_bag_attributes(CBB *bag, const char *name, size_t name_len,
|
|
|
986
980
|
return 0;
|
|
987
981
|
}
|
|
988
982
|
}
|
|
989
|
-
return CBB_flush_asn1_set_of(&attrs) &&
|
|
990
|
-
CBB_flush(bag);
|
|
983
|
+
return CBB_flush_asn1_set_of(&attrs) && CBB_flush(bag);
|
|
991
984
|
}
|
|
992
985
|
|
|
993
986
|
static int add_cert_bag(CBB *cbb, X509 *cert, const char *name,
|
|
994
987
|
const uint8_t *key_id, size_t key_id_len) {
|
|
995
988
|
CBB bag, bag_oid, bag_contents, cert_bag, cert_type, wrapped_cert, cert_value;
|
|
996
|
-
if (// See https://tools.ietf.org/html/rfc7292#section-4.2.
|
|
989
|
+
if ( // See https://tools.ietf.org/html/rfc7292#section-4.2.
|
|
997
990
|
!CBB_add_asn1(cbb, &bag, CBS_ASN1_SEQUENCE) ||
|
|
998
991
|
!CBB_add_asn1(&bag, &bag_oid, CBS_ASN1_OBJECT) ||
|
|
999
992
|
!CBB_add_bytes(&bag_oid, kCertBag, sizeof(kCertBag)) ||
|
|
@@ -1024,8 +1017,7 @@ static int add_cert_bag(CBB *cbb, X509 *cert, const char *name,
|
|
|
1024
1017
|
name = cert_name;
|
|
1025
1018
|
}
|
|
1026
1019
|
|
|
1027
|
-
if (len < 0 ||
|
|
1028
|
-
!CBB_add_space(&cert_value, &buf, (size_t)len) ||
|
|
1020
|
+
if (len < 0 || !CBB_add_space(&cert_value, &buf, (size_t)len) ||
|
|
1029
1021
|
i2d_X509(cert, &buf) < 0 ||
|
|
1030
1022
|
!add_bag_attributes(&bag, name, name_len, key_id, key_id_len) ||
|
|
1031
1023
|
!CBB_flush(cbb)) {
|
|
@@ -1067,7 +1059,7 @@ static int add_encrypted_data(CBB *out, int pbe_nid, const char *password,
|
|
|
1067
1059
|
EVP_CIPHER_CTX_init(&ctx);
|
|
1068
1060
|
CBB content_info, type, wrapper, encrypted_data, encrypted_content_info,
|
|
1069
1061
|
inner_type, encrypted_content;
|
|
1070
|
-
if (// Add the ContentInfo wrapping.
|
|
1062
|
+
if ( // Add the ContentInfo wrapping.
|
|
1071
1063
|
!CBB_add_asn1(out, &content_info, CBS_ASN1_SEQUENCE) ||
|
|
1072
1064
|
!CBB_add_asn1(&content_info, &type, CBS_ASN1_OBJECT) ||
|
|
1073
1065
|
!CBB_add_bytes(&type, kPKCS7EncryptedData, sizeof(kPKCS7EncryptedData)) ||
|
|
@@ -1092,20 +1084,21 @@ static int add_encrypted_data(CBB *out, int pbe_nid, const char *password,
|
|
|
1092
1084
|
goto err;
|
|
1093
1085
|
}
|
|
1094
1086
|
|
|
1095
|
-
|
|
1096
|
-
|
|
1097
|
-
|
|
1098
|
-
|
|
1099
|
-
|
|
1087
|
+
{
|
|
1088
|
+
size_t max_out = in_len + EVP_CIPHER_CTX_block_size(&ctx);
|
|
1089
|
+
if (max_out < in_len) {
|
|
1090
|
+
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_TOO_LONG);
|
|
1091
|
+
goto err;
|
|
1092
|
+
}
|
|
1100
1093
|
|
|
1101
|
-
|
|
1102
|
-
|
|
1103
|
-
|
|
1104
|
-
|
|
1105
|
-
|
|
1106
|
-
|
|
1107
|
-
|
|
1108
|
-
|
|
1094
|
+
uint8_t *ptr;
|
|
1095
|
+
int n1, n2;
|
|
1096
|
+
if (!CBB_reserve(&encrypted_content, &ptr, max_out) ||
|
|
1097
|
+
!EVP_CipherUpdate(&ctx, ptr, &n1, in, in_len) ||
|
|
1098
|
+
!EVP_CipherFinal_ex(&ctx, ptr + n1, &n2) ||
|
|
1099
|
+
!CBB_did_write(&encrypted_content, n1 + n2) || !CBB_flush(out)) {
|
|
1100
|
+
goto err;
|
|
1101
|
+
}
|
|
1109
1102
|
}
|
|
1110
1103
|
|
|
1111
1104
|
ret = 1;
|
|
@@ -1117,7 +1110,7 @@ err:
|
|
|
1117
1110
|
|
|
1118
1111
|
PKCS12 *PKCS12_create(const char *password, const char *name,
|
|
1119
1112
|
const EVP_PKEY *pkey, X509 *cert,
|
|
1120
|
-
const STACK_OF(X509)*
|
|
1113
|
+
const STACK_OF(X509) *chain, int key_nid, int cert_nid,
|
|
1121
1114
|
int iterations, int mac_iterations, int key_type) {
|
|
1122
1115
|
if (key_nid == 0) {
|
|
1123
1116
|
key_nid = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
|
|
@@ -1131,8 +1124,8 @@ PKCS12 *PKCS12_create(const char *password, const char *name,
|
|
|
1131
1124
|
if (mac_iterations == 0) {
|
|
1132
1125
|
mac_iterations = 1;
|
|
1133
1126
|
}
|
|
1134
|
-
if (// In OpenSSL, this specifies a non-standard Microsoft key usage
|
|
1135
|
-
|
|
1127
|
+
if ( // In OpenSSL, this specifies a non-standard Microsoft key usage
|
|
1128
|
+
// extension which we do not currently support.
|
|
1136
1129
|
key_type != 0 ||
|
|
1137
1130
|
// In OpenSSL, -1 here means to omit the MAC, which we do not
|
|
1138
1131
|
// currently support. Omitting it is also invalid for a password-based
|
|
@@ -1196,8 +1189,7 @@ PKCS12 *PKCS12_create(const char *password, const char *name,
|
|
|
1196
1189
|
CBB cbb, pfx, auth_safe, auth_safe_oid, auth_safe_wrapper, auth_safe_data,
|
|
1197
1190
|
content_infos;
|
|
1198
1191
|
uint8_t mac_key[EVP_MAX_MD_SIZE];
|
|
1199
|
-
if (!CBB_init(&cbb, 0) ||
|
|
1200
|
-
!CBB_add_asn1(&cbb, &pfx, CBS_ASN1_SEQUENCE) ||
|
|
1192
|
+
if (!CBB_init(&cbb, 0) || !CBB_add_asn1(&cbb, &pfx, CBS_ASN1_SEQUENCE) ||
|
|
1201
1193
|
!CBB_add_asn1_uint64(&pfx, 3) ||
|
|
1202
1194
|
// auth_safe is a data ContentInfo.
|
|
1203
1195
|
!CBB_add_asn1(&pfx, &auth_safe, CBS_ASN1_SEQUENCE) ||
|
|
@@ -1256,7 +1248,7 @@ PKCS12 *PKCS12_create(const char *password, const char *name,
|
|
|
1256
1248
|
if (pkey != NULL) {
|
|
1257
1249
|
CBB content_info, oid, wrapper, data, safe_contents, bag, bag_oid,
|
|
1258
1250
|
bag_contents;
|
|
1259
|
-
if (// Add another data ContentInfo.
|
|
1251
|
+
if ( // Add another data ContentInfo.
|
|
1260
1252
|
!CBB_add_asn1(&content_infos, &content_info, CBS_ASN1_SEQUENCE) ||
|
|
1261
1253
|
!CBB_add_asn1(&content_info, &oid, CBS_ASN1_OBJECT) ||
|
|
1262
1254
|
!CBB_add_bytes(&oid, kPKCS7Data, sizeof(kPKCS7Data)) ||
|
|
@@ -1298,43 +1290,44 @@ PKCS12 *PKCS12_create(const char *password, const char *name,
|
|
|
1298
1290
|
}
|
|
1299
1291
|
}
|
|
1300
1292
|
|
|
1301
|
-
|
|
1302
|
-
|
|
1303
|
-
|
|
1304
|
-
|
|
1305
|
-
|
|
1306
|
-
|
|
1307
|
-
|
|
1308
|
-
|
|
1309
|
-
|
|
1310
|
-
|
|
1311
|
-
|
|
1312
|
-
|
|
1313
|
-
|
|
1314
|
-
|
|
1315
|
-
|
|
1293
|
+
{
|
|
1294
|
+
// Compute the MAC. Match OpenSSL in using SHA-1 as the hash function. The
|
|
1295
|
+
// MAC covers |auth_safe_data|.
|
|
1296
|
+
const EVP_MD *mac_md = EVP_sha1();
|
|
1297
|
+
uint8_t mac_salt[PKCS5_SALT_LEN];
|
|
1298
|
+
uint8_t mac[EVP_MAX_MD_SIZE];
|
|
1299
|
+
unsigned mac_len;
|
|
1300
|
+
if (!CBB_flush(&auth_safe_data) ||
|
|
1301
|
+
!RAND_bytes(mac_salt, sizeof(mac_salt)) ||
|
|
1302
|
+
!pkcs12_key_gen(password, password_len, mac_salt, sizeof(mac_salt),
|
|
1303
|
+
PKCS12_MAC_ID, mac_iterations, EVP_MD_size(mac_md),
|
|
1304
|
+
mac_key, mac_md) ||
|
|
1305
|
+
!HMAC(mac_md, mac_key, EVP_MD_size(mac_md), CBB_data(&auth_safe_data),
|
|
1306
|
+
CBB_len(&auth_safe_data), mac, &mac_len)) {
|
|
1307
|
+
goto err;
|
|
1308
|
+
}
|
|
1316
1309
|
|
|
1317
|
-
|
|
1318
|
-
|
|
1319
|
-
|
|
1320
|
-
|
|
1321
|
-
|
|
1322
|
-
|
|
1323
|
-
|
|
1324
|
-
|
|
1325
|
-
|
|
1326
|
-
|
|
1327
|
-
|
|
1328
|
-
|
|
1329
|
-
|
|
1330
|
-
|
|
1310
|
+
CBB mac_data, digest_info, mac_cbb, mac_salt_cbb;
|
|
1311
|
+
if (!CBB_add_asn1(&pfx, &mac_data, CBS_ASN1_SEQUENCE) ||
|
|
1312
|
+
!CBB_add_asn1(&mac_data, &digest_info, CBS_ASN1_SEQUENCE) ||
|
|
1313
|
+
!EVP_marshal_digest_algorithm(&digest_info, mac_md) ||
|
|
1314
|
+
!CBB_add_asn1(&digest_info, &mac_cbb, CBS_ASN1_OCTETSTRING) ||
|
|
1315
|
+
!CBB_add_bytes(&mac_cbb, mac, mac_len) ||
|
|
1316
|
+
!CBB_add_asn1(&mac_data, &mac_salt_cbb, CBS_ASN1_OCTETSTRING) ||
|
|
1317
|
+
!CBB_add_bytes(&mac_salt_cbb, mac_salt, sizeof(mac_salt)) ||
|
|
1318
|
+
// The iteration count has a DEFAULT of 1, but RFC 7292 says "The
|
|
1319
|
+
// default is for historical reasons and its use is deprecated." Thus we
|
|
1320
|
+
// explicitly encode the iteration count, though it is not valid DER.
|
|
1321
|
+
!CBB_add_asn1_uint64(&mac_data, mac_iterations)) {
|
|
1322
|
+
goto err;
|
|
1323
|
+
}
|
|
1331
1324
|
|
|
1332
|
-
|
|
1333
|
-
|
|
1334
|
-
|
|
1335
|
-
|
|
1336
|
-
|
|
1337
|
-
|
|
1325
|
+
ret = reinterpret_cast<PKCS12 *>(OPENSSL_malloc(sizeof(PKCS12)));
|
|
1326
|
+
if (ret == NULL || !CBB_finish(&cbb, &ret->ber_bytes, &ret->ber_len)) {
|
|
1327
|
+
OPENSSL_free(ret);
|
|
1328
|
+
ret = NULL;
|
|
1329
|
+
goto err;
|
|
1330
|
+
}
|
|
1338
1331
|
}
|
|
1339
1332
|
|
|
1340
1333
|
err:
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/* Copyright
|
|
1
|
+
/* Copyright 2014 The BoringSSL Authors
|
|
2
2
|
*
|
|
3
3
|
* Permission to use, copy, modify, and/or distribute this software for any
|
|
4
4
|
* purpose with or without fee is hereby granted, provided that the above
|
|
@@ -21,8 +21,8 @@
|
|
|
21
21
|
#include <assert.h>
|
|
22
22
|
#include <string.h>
|
|
23
23
|
|
|
24
|
-
#include "internal.h"
|
|
25
24
|
#include "../internal.h"
|
|
25
|
+
#include "internal.h"
|
|
26
26
|
|
|
27
27
|
|
|
28
28
|
#if !defined(BORINGSSL_HAS_UINT128) || !defined(OPENSSL_X86_64)
|
|
@@ -44,7 +44,7 @@ static_assert(
|
|
|
44
44
|
|
|
45
45
|
static inline struct poly1305_state_st *poly1305_aligned_state(
|
|
46
46
|
poly1305_state *state) {
|
|
47
|
-
return align_pointer(state, 64);
|
|
47
|
+
return reinterpret_cast<poly1305_state_st *>(align_pointer(state, 64));
|
|
48
48
|
}
|
|
49
49
|
|
|
50
50
|
// poly1305_blocks updates |state| given some amount of input data. This
|
data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305_arm.c → poly1305_arm.cc}
RENAMED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/* Copyright
|
|
1
|
+
/* Copyright 2014 The BoringSSL Authors
|
|
2
2
|
*
|
|
3
3
|
* Permission to use, copy, modify, and/or distribute this software for any
|
|
4
4
|
* purpose with or without fee is hereby granted, provided that the above
|
|
@@ -33,11 +33,13 @@ typedef struct {
|
|
|
33
33
|
#define addmulmod openssl_poly1305_neon2_addmulmod
|
|
34
34
|
#define blocks openssl_poly1305_neon2_blocks
|
|
35
35
|
|
|
36
|
+
extern "C" {
|
|
36
37
|
extern void addmulmod(fe1305x2 *r, const fe1305x2 *x, const fe1305x2 *y,
|
|
37
38
|
const fe1305x2 *c);
|
|
38
39
|
|
|
39
40
|
extern int blocks(fe1305x2 *h, const fe1305x2 *precomp, const uint8_t *in,
|
|
40
41
|
size_t inlen);
|
|
42
|
+
}
|
|
41
43
|
|
|
42
44
|
static void freeze(fe1305x2 *r) {
|
|
43
45
|
int i;
|
|
@@ -175,7 +177,7 @@ static void fe1305x2_frombytearray(fe1305x2 *r, const uint8_t *x, size_t xlen) {
|
|
|
175
177
|
}
|
|
176
178
|
}
|
|
177
179
|
|
|
178
|
-
static const alignas(16)
|
|
180
|
+
static const fe1305x2 zero alignas(16) = {0};
|
|
179
181
|
|
|
180
182
|
struct poly1305_state_st {
|
|
181
183
|
uint8_t data[sizeof(fe1305x2[5]) + 128];
|
data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305_vec.c → poly1305_vec.cc}
RENAMED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/* Copyright
|
|
1
|
+
/* Copyright 2014 The BoringSSL Authors
|
|
2
2
|
*
|
|
3
3
|
* Permission to use, copy, modify, and/or distribute this software for any
|
|
4
4
|
* purpose with or without fee is hereby granted, provided that the above
|
|
@@ -31,11 +31,11 @@
|
|
|
31
31
|
|
|
32
32
|
typedef __m128i xmmi;
|
|
33
33
|
|
|
34
|
-
|
|
34
|
+
alignas(16) static const uint32_t poly1305_x64_sse2_message_mask[4] = {
|
|
35
35
|
(1 << 26) - 1, 0, (1 << 26) - 1, 0};
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
36
|
+
alignas(16) static const uint32_t poly1305_x64_sse2_5[4] = {5, 0, 5, 0};
|
|
37
|
+
alignas(16) static const uint32_t poly1305_x64_sse2_1shl128[4] = {(1 << 24), 0,
|
|
38
|
+
(1 << 24), 0};
|
|
39
39
|
|
|
40
40
|
static inline uint128_t add128(uint128_t a, uint128_t b) { return a + b; }
|
|
41
41
|
|
|
@@ -136,7 +136,8 @@ void CRYPTO_poly1305_init(poly1305_state *state, const uint8_t key[32]) {
|
|
|
136
136
|
|
|
137
137
|
static void poly1305_first_block(poly1305_state_internal *st,
|
|
138
138
|
const uint8_t *m) {
|
|
139
|
-
const xmmi MMASK =
|
|
139
|
+
const xmmi MMASK =
|
|
140
|
+
_mm_load_si128((const xmmi *)poly1305_x64_sse2_message_mask);
|
|
140
141
|
const xmmi FIVE = _mm_load_si128((const xmmi *)poly1305_x64_sse2_5);
|
|
141
142
|
const xmmi HIBIT = _mm_load_si128((const xmmi *)poly1305_x64_sse2_1shl128);
|
|
142
143
|
xmmi T5, T6;
|
|
@@ -181,7 +182,7 @@ static void poly1305_first_block(poly1305_state_internal *st,
|
|
|
181
182
|
r20 = r20 & 0xfffffffffff;
|
|
182
183
|
r21 += c;
|
|
183
184
|
|
|
184
|
-
p->R20.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)(r20)&0x3ffffff),
|
|
185
|
+
p->R20.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)(r20) & 0x3ffffff),
|
|
185
186
|
_MM_SHUFFLE(1, 0, 1, 0));
|
|
186
187
|
p->R21.v = _mm_shuffle_epi32(
|
|
187
188
|
_mm_cvtsi32_si128((uint32_t)((r20 >> 26) | (r21 << 18)) & 0x3ffffff),
|
|
@@ -229,7 +230,8 @@ static void poly1305_first_block(poly1305_state_internal *st,
|
|
|
229
230
|
|
|
230
231
|
static void poly1305_blocks(poly1305_state_internal *st, const uint8_t *m,
|
|
231
232
|
size_t bytes) {
|
|
232
|
-
const xmmi MMASK =
|
|
233
|
+
const xmmi MMASK =
|
|
234
|
+
_mm_load_si128((const xmmi *)poly1305_x64_sse2_message_mask);
|
|
233
235
|
const xmmi FIVE = _mm_load_si128((const xmmi *)poly1305_x64_sse2_5);
|
|
234
236
|
const xmmi HIBIT = _mm_load_si128((const xmmi *)poly1305_x64_sse2_1shl128);
|
|
235
237
|
|
|
@@ -419,7 +421,8 @@ static void poly1305_blocks(poly1305_state_internal *st, const uint8_t *m,
|
|
|
419
421
|
|
|
420
422
|
static size_t poly1305_combine(poly1305_state_internal *st, const uint8_t *m,
|
|
421
423
|
size_t bytes) {
|
|
422
|
-
const xmmi MMASK =
|
|
424
|
+
const xmmi MMASK =
|
|
425
|
+
_mm_load_si128((const xmmi *)poly1305_x64_sse2_message_mask);
|
|
423
426
|
const xmmi HIBIT = _mm_load_si128((const xmmi *)poly1305_x64_sse2_1shl128);
|
|
424
427
|
const xmmi FIVE = _mm_load_si128((const xmmi *)poly1305_x64_sse2_5);
|
|
425
428
|
|
|
@@ -547,7 +550,7 @@ static size_t poly1305_combine(poly1305_state_internal *st, const uint8_t *m,
|
|
|
547
550
|
r1 = ((uint64_t)p->R21.d[3] << 32) | (uint64_t)p->R21.d[1];
|
|
548
551
|
r2 = ((uint64_t)p->R22.d[3] << 32) | (uint64_t)p->R22.d[1];
|
|
549
552
|
|
|
550
|
-
p->R20.d[2] = (uint32_t)(r0)&0x3ffffff;
|
|
553
|
+
p->R20.d[2] = (uint32_t)(r0) & 0x3ffffff;
|
|
551
554
|
p->R21.d[2] = (uint32_t)((r0 >> 26) | (r1 << 18)) & 0x3ffffff;
|
|
552
555
|
p->R22.d[2] = (uint32_t)((r1 >> 8)) & 0x3ffffff;
|
|
553
556
|
p->R23.d[2] = (uint32_t)((r1 >> 34) | (r2 << 10)) & 0x3ffffff;
|
|
@@ -838,7 +841,7 @@ poly1305_donna_finish:
|
|
|
838
841
|
c = (h1 >> 44);
|
|
839
842
|
h1 &= 0xfffffffffff;
|
|
840
843
|
t1 = (t1 >> 24);
|
|
841
|
-
h2 += (t1)+c;
|
|
844
|
+
h2 += (t1) + c;
|
|
842
845
|
|
|
843
846
|
CRYPTO_store_u64_le(mac + 0, ((h0) | (h1 << 44)));
|
|
844
847
|
CRYPTO_store_u64_le(mac + 8, ((h1 >> 20) | (h2 << 24)));
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/* Copyright
|
|
1
|
+
/* Copyright 2016 The BoringSSL Authors
|
|
2
2
|
*
|
|
3
3
|
* Permission to use, copy, modify, and/or distribute this software for any
|
|
4
4
|
* purpose with or without fee is hereby granted, provided that the above
|
|
@@ -41,8 +41,9 @@ static int CRYPTO_BUFFER_cmp(const CRYPTO_BUFFER *a, const CRYPTO_BUFFER *b) {
|
|
|
41
41
|
return OPENSSL_memcmp(a->data, b->data, a->len);
|
|
42
42
|
}
|
|
43
43
|
|
|
44
|
-
CRYPTO_BUFFER_POOL*
|
|
45
|
-
CRYPTO_BUFFER_POOL *pool =
|
|
44
|
+
CRYPTO_BUFFER_POOL *CRYPTO_BUFFER_POOL_new(void) {
|
|
45
|
+
CRYPTO_BUFFER_POOL *pool = reinterpret_cast<CRYPTO_BUFFER_POOL *>(
|
|
46
|
+
OPENSSL_zalloc(sizeof(CRYPTO_BUFFER_POOL)));
|
|
46
47
|
if (pool == NULL) {
|
|
47
48
|
return NULL;
|
|
48
49
|
}
|
|
@@ -87,7 +88,7 @@ static CRYPTO_BUFFER *crypto_buffer_new(const uint8_t *data, size_t len,
|
|
|
87
88
|
CRYPTO_BUFFER_POOL *pool) {
|
|
88
89
|
if (pool != NULL) {
|
|
89
90
|
CRYPTO_BUFFER tmp;
|
|
90
|
-
tmp.data = (uint8_t *)
|
|
91
|
+
tmp.data = (uint8_t *)data;
|
|
91
92
|
tmp.len = len;
|
|
92
93
|
tmp.pool = pool;
|
|
93
94
|
|
|
@@ -108,7 +109,8 @@ static CRYPTO_BUFFER *crypto_buffer_new(const uint8_t *data, size_t len,
|
|
|
108
109
|
}
|
|
109
110
|
}
|
|
110
111
|
|
|
111
|
-
CRYPTO_BUFFER *const buf =
|
|
112
|
+
CRYPTO_BUFFER *const buf =
|
|
113
|
+
reinterpret_cast<CRYPTO_BUFFER *>(OPENSSL_zalloc(sizeof(CRYPTO_BUFFER)));
|
|
112
114
|
if (buf == NULL) {
|
|
113
115
|
return NULL;
|
|
114
116
|
}
|
|
@@ -117,7 +119,7 @@ static CRYPTO_BUFFER *crypto_buffer_new(const uint8_t *data, size_t len,
|
|
|
117
119
|
buf->data = (uint8_t *)data;
|
|
118
120
|
buf->data_is_static = 1;
|
|
119
121
|
} else {
|
|
120
|
-
buf->data = OPENSSL_memdup(data, len);
|
|
122
|
+
buf->data = reinterpret_cast<uint8_t *>(OPENSSL_memdup(data, len));
|
|
121
123
|
if (len != 0 && buf->data == NULL) {
|
|
122
124
|
OPENSSL_free(buf);
|
|
123
125
|
return NULL;
|
|
@@ -168,12 +170,13 @@ CRYPTO_BUFFER *CRYPTO_BUFFER_new(const uint8_t *data, size_t len,
|
|
|
168
170
|
}
|
|
169
171
|
|
|
170
172
|
CRYPTO_BUFFER *CRYPTO_BUFFER_alloc(uint8_t **out_data, size_t len) {
|
|
171
|
-
CRYPTO_BUFFER *const buf =
|
|
173
|
+
CRYPTO_BUFFER *const buf =
|
|
174
|
+
reinterpret_cast<CRYPTO_BUFFER *>(OPENSSL_zalloc(sizeof(CRYPTO_BUFFER)));
|
|
172
175
|
if (buf == NULL) {
|
|
173
176
|
return NULL;
|
|
174
177
|
}
|
|
175
178
|
|
|
176
|
-
buf->data = OPENSSL_malloc(len);
|
|
179
|
+
buf->data = reinterpret_cast<uint8_t *>(OPENSSL_malloc(len));
|
|
177
180
|
if (len != 0 && buf->data == NULL) {
|
|
178
181
|
OPENSSL_free(buf);
|
|
179
182
|
return NULL;
|
|
@@ -252,9 +255,7 @@ const uint8_t *CRYPTO_BUFFER_data(const CRYPTO_BUFFER *buf) {
|
|
|
252
255
|
return buf->data;
|
|
253
256
|
}
|
|
254
257
|
|
|
255
|
-
size_t CRYPTO_BUFFER_len(const CRYPTO_BUFFER *buf) {
|
|
256
|
-
return buf->len;
|
|
257
|
-
}
|
|
258
|
+
size_t CRYPTO_BUFFER_len(const CRYPTO_BUFFER *buf) { return buf->len; }
|
|
258
259
|
|
|
259
260
|
void CRYPTO_BUFFER_init_CBS(const CRYPTO_BUFFER *buf, CBS *out) {
|
|
260
261
|
CBS_init(out, buf->data, buf->len);
|
data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{deterministic.c → deterministic.cc}
RENAMED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/* Copyright
|
|
1
|
+
/* Copyright 2016 The BoringSSL Authors
|
|
2
2
|
*
|
|
3
3
|
* Permission to use, copy, modify, and/or distribute this software for any
|
|
4
4
|
* purpose with or without fee is hereby granted, provided that the above
|
|
@@ -39,7 +39,7 @@ void RAND_reset_for_fuzzing(void) { g_num_calls = 0; }
|
|
|
39
39
|
void CRYPTO_init_sysrand(void) {}
|
|
40
40
|
|
|
41
41
|
void CRYPTO_sysrand(uint8_t *out, size_t requested) {
|
|
42
|
-
static const uint8_t kZeroKey[32];
|
|
42
|
+
static const uint8_t kZeroKey[32] = {0};
|
|
43
43
|
|
|
44
44
|
CRYPTO_MUTEX_lock_write(&g_num_calls_lock);
|
|
45
45
|
uint64_t num_calls = g_num_calls++;
|