grpc 1.70.1 → 1.71.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Makefile +43 -79
- data/include/grpc/event_engine/endpoint_config.h +5 -5
- data/include/grpc/event_engine/event_engine.h +44 -5
- data/include/grpc/status.h +1 -1
- data/include/grpc/support/json.h +16 -16
- data/src/core/call/request_buffer.cc +22 -22
- data/src/core/call/request_buffer.h +4 -4
- data/src/core/channelz/channelz.cc +2 -2
- data/src/core/channelz/channelz.h +3 -22
- data/src/core/channelz/channelz_registry.cc +0 -7
- data/src/core/client_channel/client_channel.cc +16 -26
- data/src/core/client_channel/client_channel.h +2 -2
- data/src/core/client_channel/client_channel_filter.cc +54 -131
- data/src/core/client_channel/client_channel_filter.h +10 -6
- data/src/core/client_channel/client_channel_plugin.cc +2 -1
- data/src/core/client_channel/client_channel_service_config.cc +1 -1
- data/src/core/client_channel/client_channel_service_config.h +5 -5
- data/src/core/client_channel/direct_channel.cc +1 -1
- data/src/core/client_channel/direct_channel.h +1 -1
- data/src/core/client_channel/lb_metadata.cc +7 -8
- data/src/core/client_channel/lb_metadata.h +3 -3
- data/src/core/client_channel/load_balanced_call_destination.cc +4 -4
- data/src/core/client_channel/retry_filter.cc +1 -1
- data/src/core/client_channel/retry_filter.h +1 -1
- data/src/core/client_channel/retry_filter_legacy_call_data.cc +10 -12
- data/src/core/client_channel/retry_filter_legacy_call_data.h +7 -7
- data/src/core/client_channel/retry_interceptor.cc +16 -14
- data/src/core/client_channel/retry_interceptor.h +2 -2
- data/src/core/client_channel/retry_service_config.cc +1 -1
- data/src/core/client_channel/retry_service_config.h +3 -3
- data/src/core/client_channel/subchannel.cc +43 -76
- data/src/core/client_channel/subchannel.h +4 -4
- data/src/core/client_channel/subchannel_stream_client.cc +0 -1
- data/src/core/client_channel/subchannel_stream_client.h +3 -3
- data/src/core/config/config_vars.cc +1 -0
- data/src/core/config/config_vars.h +1 -0
- data/src/core/config/load_config.cc +3 -2
- data/src/core/config/load_config.h +1 -1
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +4 -11
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.h +7 -7
- data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.cc +1 -1
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +8 -15
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +6 -6
- data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.cc +1 -1
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.cc +0 -7
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.h +6 -6
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.cc +1 -1
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.h +1 -1
- data/src/core/ext/filters/http/client/http_client_filter.cc +1 -6
- data/src/core/ext/filters/http/client/http_client_filter.h +4 -4
- data/src/core/ext/filters/http/client_authority_filter.cc +6 -11
- data/src/core/ext/filters/http/client_authority_filter.h +6 -6
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +18 -22
- data/src/core/ext/filters/http/message_compress/compression_filter.h +18 -13
- data/src/core/ext/filters/http/server/http_server_filter.cc +3 -8
- data/src/core/ext/filters/http/server/http_server_filter.h +4 -4
- data/src/core/ext/filters/message_size/message_size_filter.cc +13 -25
- data/src/core/ext/filters/message_size/message_size_filter.h +20 -21
- data/src/core/ext/filters/rbac/rbac_filter.cc +0 -7
- data/src/core/ext/filters/rbac/rbac_filter.h +6 -6
- data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +3 -3
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +1 -6
- data/src/core/ext/filters/stateful_session/stateful_session_filter.h +4 -4
- data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.cc +1 -1
- data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.h +2 -2
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +1 -2
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +4 -3
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +30 -20
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +5 -5
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +1 -1
- data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.h +4 -4
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +84 -59
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +7 -7
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +1 -1
- data/src/core/ext/transport/chttp2/transport/flow_control.h +3 -3
- data/src/core/ext/transport/chttp2/transport/frame.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/frame.h +5 -5
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +8 -8
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +5 -5
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +2 -2
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +32 -31
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +6 -7
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +3 -3
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +2 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +19 -8
- data/src/core/ext/transport/chttp2/transport/parsing.cc +14 -14
- data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.cc +1 -1
- data/src/core/ext/transport/chttp2/transport/ping_callbacks.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/ping_callbacks.h +2 -2
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +2 -2
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +1 -39
- data/src/core/ext/transport/chttp2/transport/varint.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/writing.cc +16 -22
- data/src/core/ext/transport/inproc/inproc_transport.cc +1 -3
- data/src/core/ext/transport/inproc/legacy_inproc_transport.cc +15 -10
- data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb.h +16 -0
- data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb_minitable.c +3 -2
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +30 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.c +5 -3
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +118 -0
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.c +31 -6
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.h +2 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.h +37 -7
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb_minitable.c +7 -5
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb.h +142 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb_minitable.c +55 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb_minitable.h +32 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb.h +33 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb_minitable.c +7 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.c +6 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +50 -47
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +210 -199
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.c +33 -33
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.c +19 -17
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.c +41 -0
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.h +33 -0
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.c +26 -19
- data/src/core/filter/blackboard.cc +2 -2
- data/src/core/filter/filter_args.h +2 -2
- data/src/core/handshaker/handshaker.cc +0 -3
- data/src/core/handshaker/http_connect/http_connect_handshaker.cc +3 -5
- data/src/core/handshaker/http_connect/http_proxy_mapper.cc +31 -32
- data/src/core/handshaker/http_connect/http_proxy_mapper.h +4 -4
- data/src/core/handshaker/http_connect/xds_http_proxy_mapper.cc +5 -5
- data/src/core/handshaker/http_connect/xds_http_proxy_mapper.h +5 -5
- data/src/core/handshaker/proxy_mapper.h +4 -4
- data/src/core/handshaker/proxy_mapper_registry.cc +5 -6
- data/src/core/handshaker/proxy_mapper_registry.h +4 -4
- data/src/core/handshaker/security/secure_endpoint.cc +2 -2
- data/src/core/handshaker/security/security_handshaker.cc +3 -5
- data/src/core/handshaker/tcp_connect/tcp_connect_handshaker.cc +6 -4
- data/src/core/lib/channel/channel_args.cc +13 -13
- data/src/core/lib/channel/channel_args.h +8 -8
- data/src/core/lib/channel/connected_channel.cc +1 -1
- data/src/core/lib/channel/promise_based_filter.cc +9 -9
- data/src/core/lib/channel/promise_based_filter.h +79 -80
- data/src/core/lib/compression/compression.cc +3 -2
- data/src/core/lib/compression/compression_internal.cc +9 -9
- data/src/core/lib/compression/compression_internal.h +3 -3
- data/src/core/lib/debug/trace_flags.cc +3 -2
- data/src/core/lib/debug/trace_flags.h +1 -1
- data/src/core/lib/event_engine/ares_resolver.cc +9 -11
- data/src/core/lib/event_engine/ares_resolver.h +6 -10
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +2 -4
- data/src/core/lib/event_engine/cf_engine/cf_engine.h +2 -4
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +6 -7
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.h +2 -4
- data/src/core/lib/event_engine/cf_engine/cftype_unique_ref.h +2 -4
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.cc +3 -7
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.h +2 -4
- data/src/core/lib/event_engine/channel_args_endpoint_config.cc +5 -7
- data/src/core/lib/event_engine/channel_args_endpoint_config.h +6 -7
- data/src/core/lib/event_engine/common_closures.h +2 -4
- data/src/core/lib/event_engine/default_event_engine.cc +62 -33
- data/src/core/lib/event_engine/default_event_engine.h +24 -33
- data/src/core/lib/event_engine/default_event_engine_factory.cc +6 -12
- data/src/core/lib/event_engine/default_event_engine_factory.h +2 -4
- data/src/core/lib/event_engine/event_engine.cc +2 -4
- data/src/core/lib/event_engine/extensions/can_track_errors.h +2 -4
- data/src/core/lib/event_engine/extensions/chaotic_good_extension.h +2 -4
- data/src/core/lib/event_engine/extensions/supports_fd.h +2 -4
- data/src/core/lib/event_engine/extensions/tcp_trace.h +2 -4
- data/src/core/lib/event_engine/forkable.cc +2 -4
- data/src/core/lib/event_engine/forkable.h +2 -4
- data/src/core/lib/event_engine/grpc_polled_fd.h +2 -4
- data/src/core/lib/event_engine/handle_containers.h +2 -4
- data/src/core/lib/event_engine/memory_allocator_factory.h +2 -4
- data/src/core/lib/event_engine/poller.h +2 -4
- data/src/core/lib/event_engine/posix.h +2 -4
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +4 -50
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +2 -4
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +4 -51
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +2 -4
- data/src/core/lib/event_engine/posix_engine/event_poller.h +2 -4
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.h +2 -4
- data/src/core/lib/event_engine/posix_engine/grpc_polled_fd_posix.h +2 -4
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +2 -4
- data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/lockfree_event.h +2 -4
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.h +2 -4
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +6 -10
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +2 -4
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +2 -4
- data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +2 -4
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +3 -5
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +2 -4
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.h +2 -4
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +5 -6
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +2 -4
- data/src/core/lib/event_engine/posix_engine/timer.cc +4 -6
- data/src/core/lib/event_engine/posix_engine/timer.h +4 -6
- data/src/core/lib/event_engine/posix_engine/timer_heap.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/timer_heap.h +2 -4
- data/src/core/lib/event_engine/posix_engine/timer_manager.cc +5 -7
- data/src/core/lib/event_engine/posix_engine/timer_manager.h +4 -6
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +4 -8
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +24 -25
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +2 -4
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.h +2 -4
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +2 -4
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +2 -4
- data/src/core/lib/event_engine/query_extensions.h +2 -4
- data/src/core/lib/event_engine/ref_counted_dns_resolver_interface.h +2 -4
- data/src/core/lib/event_engine/resolved_address.cc +2 -4
- data/src/core/lib/event_engine/resolved_address_internal.h +2 -4
- data/src/core/lib/event_engine/shim.cc +2 -4
- data/src/core/lib/event_engine/shim.h +2 -4
- data/src/core/lib/event_engine/slice.cc +2 -4
- data/src/core/lib/event_engine/slice_buffer.cc +2 -4
- data/src/core/lib/event_engine/tcp_socket_utils.cc +6 -8
- data/src/core/lib/event_engine/tcp_socket_utils.h +5 -7
- data/src/core/lib/event_engine/thread_local.cc +2 -4
- data/src/core/lib/event_engine/thread_local.h +2 -4
- data/src/core/lib/event_engine/thread_pool/thread_count.cc +2 -4
- data/src/core/lib/event_engine/thread_pool/thread_count.h +4 -18
- data/src/core/lib/event_engine/thread_pool/thread_pool.h +2 -4
- data/src/core/lib/event_engine/thread_pool/thread_pool_factory.cc +2 -4
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +3 -5
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +2 -4
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +2 -4
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +2 -4
- data/src/core/lib/event_engine/time_util.cc +2 -4
- data/src/core/lib/event_engine/time_util.h +2 -4
- data/src/core/lib/event_engine/utils.cc +2 -4
- data/src/core/lib/event_engine/utils.h +2 -4
- data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.cc +2 -4
- data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.h +2 -4
- data/src/core/lib/event_engine/windows/iocp.cc +2 -4
- data/src/core/lib/event_engine/windows/iocp.h +2 -4
- data/src/core/lib/event_engine/windows/native_windows_dns_resolver.cc +2 -4
- data/src/core/lib/event_engine/windows/native_windows_dns_resolver.h +2 -4
- data/src/core/lib/event_engine/windows/win_socket.cc +2 -4
- data/src/core/lib/event_engine/windows/win_socket.h +2 -4
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +2 -4
- data/src/core/lib/event_engine/windows/windows_endpoint.h +4 -6
- data/src/core/lib/event_engine/windows/windows_engine.cc +2 -4
- data/src/core/lib/event_engine/windows/windows_engine.h +2 -4
- data/src/core/lib/event_engine/windows/windows_listener.cc +2 -4
- data/src/core/lib/event_engine/windows/windows_listener.h +2 -4
- data/src/core/lib/event_engine/work_queue/basic_work_queue.cc +2 -4
- data/src/core/lib/event_engine/work_queue/basic_work_queue.h +2 -4
- data/src/core/lib/event_engine/work_queue/work_queue.h +2 -4
- data/src/core/lib/experiments/experiments.cc +102 -213
- data/src/core/lib/experiments/experiments.h +53 -89
- data/src/core/lib/iomgr/buffer_list.h +22 -21
- data/src/core/lib/iomgr/cfstream_handle.cc +0 -2
- data/src/core/lib/iomgr/closure.h +1 -4
- data/src/core/lib/iomgr/combiner.cc +0 -1
- data/src/core/lib/iomgr/error.cc +2 -2
- data/src/core/lib/iomgr/event_engine_shims/closure.cc +0 -1
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +0 -2
- data/src/core/lib/iomgr/event_engine_shims/tcp_client.cc +0 -1
- data/src/core/lib/iomgr/exec_ctx.cc +1 -7
- data/src/core/lib/iomgr/exec_ctx.h +1 -132
- data/src/core/lib/iomgr/executor.cc +0 -11
- data/src/core/lib/iomgr/resolve_address_posix.cc +0 -2
- data/src/core/lib/iomgr/resolve_address_windows.cc +0 -2
- data/src/core/lib/iomgr/socket_utils_posix.cc +3 -2
- data/src/core/lib/iomgr/tcp_posix.cc +3 -2
- data/src/core/lib/iomgr/tcp_server_posix.cc +1 -3
- data/src/core/lib/iomgr/tcp_server_windows.cc +0 -1
- data/src/core/lib/iomgr/timer_manager.cc +1 -9
- data/src/core/lib/promise/activity.h +4 -4
- data/src/core/lib/promise/detail/join_state.h +16 -68
- data/src/core/lib/promise/detail/promise_factory.h +85 -25
- data/src/core/lib/promise/detail/promise_like.h +16 -19
- data/src/core/lib/promise/detail/seq_state.h +102 -315
- data/src/core/lib/promise/for_each.h +14 -5
- data/src/core/lib/promise/if.h +48 -20
- data/src/core/lib/promise/interceptor_list.h +9 -9
- data/src/core/lib/promise/latch.h +14 -6
- data/src/core/lib/promise/loop.h +58 -18
- data/src/core/lib/promise/map.h +103 -49
- data/src/core/lib/promise/party.cc +48 -14
- data/src/core/lib/promise/party.h +216 -27
- data/src/core/lib/promise/pipe.h +12 -12
- data/src/core/lib/promise/poll.h +8 -5
- data/src/core/lib/promise/prioritized_race.h +16 -22
- data/src/core/lib/promise/promise.h +2 -3
- data/src/core/lib/promise/race.h +4 -12
- data/src/core/lib/promise/seq.h +41 -6
- data/src/core/lib/promise/sleep.cc +3 -3
- data/src/core/lib/promise/sleep.h +14 -1
- data/src/core/lib/promise/status_flag.h +9 -3
- data/src/core/lib/promise/try_join.h +119 -5
- data/src/core/lib/promise/try_seq.h +39 -12
- data/src/core/lib/resource_quota/arena.h +79 -0
- data/src/core/lib/resource_quota/memory_quota.cc +53 -49
- data/src/core/lib/resource_quota/memory_quota.h +4 -4
- data/src/core/lib/security/authorization/evaluate_args.cc +3 -3
- data/src/core/lib/security/authorization/evaluate_args.h +3 -3
- data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +0 -7
- data/src/core/lib/security/authorization/grpc_server_authz_filter.h +6 -6
- data/src/core/lib/security/authorization/matchers.h +3 -3
- data/src/core/lib/security/authorization/rbac_policy.cc +1 -1
- data/src/core/lib/security/authorization/rbac_policy.h +3 -3
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +1 -2
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +1 -3
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +0 -1
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +1 -1
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +2 -2
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +1 -1
- data/src/core/lib/security/credentials/iam/iam_credentials.h +2 -2
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +1 -2
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +2 -2
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +0 -1
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +4 -4
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +3 -3
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +0 -1
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +2 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +12 -13
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +14 -14
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +23 -15
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +3 -3
- data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.cc +0 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.h +1 -2
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +2 -2
- data/src/core/lib/security/credentials/token_fetcher/token_fetcher_credentials.cc +4 -5
- data/src/core/lib/security/credentials/token_fetcher/token_fetcher_credentials.h +4 -4
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +2 -1
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +3 -3
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +9 -9
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +13 -13
- data/src/core/lib/security/transport/auth_filters.h +95 -7
- data/src/core/lib/security/transport/client_auth_filter.cc +96 -6
- data/src/core/lib/security/transport/server_auth_filter.cc +0 -8
- data/src/core/lib/slice/slice_buffer.cc +2 -2
- data/src/core/lib/slice/slice_buffer.h +2 -2
- data/src/core/lib/surface/call.cc +0 -4
- data/src/core/lib/surface/call.h +4 -3
- data/src/core/lib/surface/call_utils.cc +2 -2
- data/src/core/lib/surface/call_utils.h +8 -4
- data/src/core/lib/surface/channel.cc +6 -14
- data/src/core/lib/surface/channel.h +3 -3
- data/src/core/lib/surface/channel_init.cc +1 -1
- data/src/core/lib/surface/client_call.cc +13 -6
- data/src/core/lib/surface/client_call.h +2 -2
- data/src/core/lib/surface/completion_queue.cc +10 -49
- data/src/core/lib/surface/filter_stack_call.cc +2 -4
- data/src/core/lib/surface/filter_stack_call.h +1 -1
- data/src/core/lib/surface/init.cc +17 -12
- data/src/core/lib/surface/legacy_channel.cc +10 -8
- data/src/core/lib/surface/legacy_channel.h +2 -2
- data/src/core/lib/surface/server_call.cc +23 -6
- data/src/core/lib/surface/server_call.h +2 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/call_filters.h +100 -59
- data/src/core/lib/transport/call_spine.cc +32 -34
- data/src/core/lib/transport/call_spine.h +66 -23
- data/src/core/lib/transport/call_state.h +8 -8
- data/src/core/lib/transport/connectivity_state.cc +8 -9
- data/src/core/lib/transport/connectivity_state.h +2 -4
- data/src/core/lib/transport/http2_errors.h +5 -3
- data/src/core/lib/transport/interception_chain.h +27 -7
- data/src/core/lib/transport/metadata.h +88 -0
- data/src/core/lib/transport/metadata_batch.cc +2 -2
- data/src/core/lib/transport/metadata_batch.h +79 -18
- data/src/core/lib/transport/timeout_encoding.cc +15 -15
- data/src/core/lib/transport/timeout_encoding.h +3 -2
- data/src/core/lib/transport/transport.cc +0 -1
- data/src/core/lib/transport/transport.h +12 -7
- data/src/core/load_balancing/backend_metric_parser.cc +21 -28
- data/src/core/load_balancing/endpoint_list.cc +1 -1
- data/src/core/load_balancing/endpoint_list.h +7 -7
- data/src/core/load_balancing/grpclb/client_load_reporting_filter.cc +1 -6
- data/src/core/load_balancing/grpclb/client_load_reporting_filter.h +4 -4
- data/src/core/load_balancing/grpclb/grpclb.cc +21 -38
- data/src/core/load_balancing/health_check_client.cc +16 -48
- data/src/core/load_balancing/health_check_client_internal.h +7 -7
- data/src/core/load_balancing/lb_policy.cc +4 -6
- data/src/core/load_balancing/lb_policy.h +4 -4
- data/src/core/load_balancing/lb_policy_registry.cc +10 -8
- data/src/core/load_balancing/outlier_detection/outlier_detection.cc +57 -68
- data/src/core/load_balancing/outlier_detection/outlier_detection.h +4 -3
- data/src/core/load_balancing/pick_first/pick_first.cc +21 -21
- data/src/core/load_balancing/priority/priority.cc +8 -13
- data/src/core/load_balancing/ring_hash/ring_hash.cc +54 -90
- data/src/core/load_balancing/rls/rls.cc +105 -194
- data/src/core/load_balancing/rls/rls.h +97 -1
- data/src/core/load_balancing/round_robin/round_robin.cc +5 -5
- data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.cc +4 -4
- data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.h +2 -2
- data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +8 -14
- data/src/core/load_balancing/weighted_target/weighted_target.cc +7 -15
- data/src/core/load_balancing/xds/cds.cc +11 -15
- data/src/core/load_balancing/xds/xds_cluster_impl.cc +15 -18
- data/src/core/load_balancing/xds/xds_cluster_manager.cc +10 -18
- data/src/core/load_balancing/xds/xds_override_host.cc +45 -92
- data/src/core/load_balancing/xds/xds_wrr_locality.cc +10 -12
- data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +7 -7
- data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +10 -15
- data/src/core/resolver/dns/native/dns_resolver.cc +1 -1
- data/src/core/resolver/fake/fake_resolver.cc +10 -11
- data/src/core/resolver/fake/fake_resolver.h +2 -2
- data/src/core/resolver/google_c2p/google_c2p_resolver.cc +9 -12
- data/src/core/resolver/polling_resolver.cc +2 -5
- data/src/core/resolver/polling_resolver.h +3 -3
- data/src/core/resolver/resolver_registry.cc +4 -3
- data/src/core/resolver/xds/xds_config.cc +6 -6
- data/src/core/resolver/xds/xds_config.h +2 -2
- data/src/core/resolver/xds/xds_dependency_manager.cc +80 -77
- data/src/core/resolver/xds/xds_dependency_manager.h +4 -0
- data/src/core/resolver/xds/xds_resolver.cc +53 -75
- data/src/core/server/server.cc +71 -79
- data/src/core/server/server.h +16 -5
- data/src/core/server/server_call_tracer_filter.cc +3 -7
- data/src/core/server/server_config_selector_filter.cc +8 -15
- data/src/core/server/xds_server_config_fetcher.cc +16 -18
- data/src/core/service_config/service_config_channel_arg_filter.cc +7 -19
- data/src/core/service_config/service_config_impl.cc +3 -3
- data/src/core/telemetry/call_tracer.cc +8 -8
- data/src/core/telemetry/call_tracer.h +6 -5
- data/src/core/telemetry/metrics.cc +3 -3
- data/src/core/telemetry/metrics.h +2 -8
- data/src/core/telemetry/tcp_tracer.h +32 -32
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +2 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +14 -14
- data/src/core/tsi/fake_transport_security.cc +5 -0
- data/src/core/util/dump_args.h +1 -9
- data/src/core/util/env.h +3 -4
- data/src/core/util/examine_stack.cc +2 -2
- data/src/core/util/examine_stack.h +3 -4
- data/src/core/util/gpr_time.cc +0 -2
- data/src/core/util/http_client/httpcli.cc +4 -5
- data/src/core/util/http_client/httpcli.h +4 -4
- data/src/core/util/http_client/httpcli_security_connector.cc +2 -2
- data/src/core/util/json/json_channel_args.h +2 -1
- data/src/core/util/json/json_object_loader.cc +4 -4
- data/src/core/util/json/json_object_loader.h +12 -12
- data/src/core/util/json/json_reader.cc +4 -4
- data/src/core/util/json/json_writer.cc +3 -3
- data/src/core/util/latent_see.cc +3 -3
- data/src/core/util/latent_see.h +2 -2
- data/src/core/util/linux/env.cc +3 -4
- data/src/core/util/lru_cache.h +4 -4
- data/src/core/util/match.h +7 -7
- data/src/core/util/matchers.cc +1 -2
- data/src/core/util/matchers.h +2 -2
- data/src/core/util/posix/env.cc +2 -2
- data/src/core/util/posix/sync.cc +0 -1
- data/src/core/util/posix/time.cc +0 -1
- data/src/core/util/ring_buffer.h +4 -5
- data/src/core/util/status_helper.cc +16 -20
- data/src/core/util/status_helper.h +5 -5
- data/src/core/util/sync_abseil.cc +0 -1
- data/src/core/util/table.h +6 -21
- data/src/core/util/time.cc +1 -1
- data/src/core/util/time.h +3 -3
- data/src/core/util/time_precise.cc +0 -1
- data/src/core/util/type_list.h +56 -0
- data/src/core/util/uri.cc +6 -4
- data/src/core/util/uri.h +7 -0
- data/src/core/util/useful.h +4 -4
- data/src/core/util/validation_errors.cc +5 -5
- data/src/core/util/wait_for_single_owner.h +62 -0
- data/src/core/util/windows/env.cc +3 -3
- data/src/core/util/windows/sync.cc +0 -1
- data/src/core/util/windows/time.cc +0 -1
- data/src/core/util/work_serializer.cc +27 -267
- data/src/core/util/work_serializer.h +3 -27
- data/src/core/xds/grpc/certificate_provider_store.cc +12 -17
- data/src/core/xds/grpc/file_watcher_certificate_provider_factory.cc +2 -2
- data/src/core/xds/grpc/xds_audit_logger_registry.cc +1 -1
- data/src/core/xds/grpc/xds_bootstrap_grpc.cc +11 -14
- data/src/core/xds/grpc/xds_bootstrap_grpc.h +2 -2
- data/src/core/xds/grpc/xds_certificate_provider.cc +15 -15
- data/src/core/xds/grpc/xds_client_grpc.cc +7 -8
- data/src/core/xds/grpc/xds_cluster.h +4 -4
- data/src/core/xds/grpc/xds_cluster_parser.cc +26 -26
- data/src/core/xds/grpc/xds_cluster_specifier_plugin.cc +4 -4
- data/src/core/xds/grpc/xds_common_types.cc +2 -2
- data/src/core/xds/grpc/xds_common_types.h +4 -4
- data/src/core/xds/grpc/xds_common_types_parser.cc +29 -31
- data/src/core/xds/grpc/xds_common_types_parser.h +8 -7
- data/src/core/xds/grpc/xds_endpoint.cc +3 -4
- data/src/core/xds/grpc/xds_endpoint_parser.cc +14 -14
- data/src/core/xds/grpc/xds_health_status.cc +4 -4
- data/src/core/xds/grpc/xds_health_status.h +4 -3
- data/src/core/xds/grpc/xds_http_fault_filter.cc +18 -20
- data/src/core/xds/grpc/xds_http_fault_filter.h +4 -3
- data/src/core/xds/grpc/xds_http_filter.h +3 -3
- data/src/core/xds/grpc/xds_http_filter_registry.cc +7 -7
- data/src/core/xds/grpc/xds_http_filter_registry.h +3 -3
- data/src/core/xds/grpc/xds_http_gcp_authn_filter.cc +7 -7
- data/src/core/xds/grpc/xds_http_gcp_authn_filter.h +4 -3
- data/src/core/xds/grpc/xds_http_rbac_filter.cc +30 -23
- data/src/core/xds/grpc/xds_http_rbac_filter.h +4 -3
- data/src/core/xds/grpc/xds_http_stateful_session_filter.cc +10 -10
- data/src/core/xds/grpc/xds_http_stateful_session_filter.h +4 -3
- data/src/core/xds/grpc/xds_lb_policy_registry.cc +4 -4
- data/src/core/xds/grpc/xds_listener.cc +4 -6
- data/src/core/xds/grpc/xds_listener.h +10 -10
- data/src/core/xds/grpc/xds_listener_parser.cc +58 -51
- data/src/core/xds/grpc/xds_listener_parser.h +2 -1
- data/src/core/xds/grpc/xds_metadata.cc +5 -5
- data/src/core/xds/grpc/xds_metadata_parser.cc +65 -52
- data/src/core/xds/grpc/xds_route_config.cc +9 -15
- data/src/core/xds/grpc/xds_route_config.h +9 -9
- data/src/core/xds/grpc/xds_route_config_parser.cc +114 -116
- data/src/core/xds/grpc/xds_route_config_parser.h +4 -4
- data/src/core/xds/grpc/xds_routing.cc +6 -6
- data/src/core/xds/grpc/xds_routing.h +5 -5
- data/src/core/xds/grpc/xds_server_grpc.cc +22 -1
- data/src/core/xds/grpc/xds_server_grpc.h +5 -2
- data/src/core/xds/grpc/xds_server_grpc_interface.h +33 -0
- data/src/core/xds/grpc/xds_transport_grpc.cc +5 -6
- data/src/core/xds/xds_client/lrs_client.cc +71 -83
- data/src/core/xds/xds_client/lrs_client.h +8 -8
- data/src/core/xds/xds_client/xds_api.cc +5 -5
- data/src/core/xds/xds_client/xds_bootstrap.cc +11 -1
- data/src/core/xds/xds_client/xds_bootstrap.h +7 -0
- data/src/core/xds/xds_client/xds_client.cc +552 -359
- data/src/core/xds/xds_client/xds_client.h +39 -14
- data/src/core/xds/xds_client/xds_resource_type.h +2 -3
- data/src/core/xds/xds_client/xds_resource_type_impl.h +3 -3
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.cc +17 -59
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.cc +41 -76
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.cc +17 -91
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +13 -57
- data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/bcm_support.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.cc +16 -57
- data/third_party/boringssl-with-bazel/src/crypto/bio/errno.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.cc +14 -56
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.cc +14 -56
- data/third_party/boringssl-with-bazel/src/crypto/bio/hexdump.cc +18 -58
- data/third_party/boringssl-with-bazel/src/crypto/bio/internal.h +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.cc +15 -51
- data/third_party/boringssl-with-bazel/src/crypto/bio/printf.cc +17 -60
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{bn_extra → bn}/bn_asn1.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{bn_extra → bn}/convert.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/buf/buf.cc +14 -57
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.cc +23 -15
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +18 -18
- data/third_party/boringssl-with-bazel/src/crypto/cipher/derive_key.cc +110 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/e_aesctrhmac.cc +18 -23
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/e_aesgcmsiv.cc +20 -13
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/e_chacha20poly1305.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/e_des.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_null.cc +51 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/e_rc2.cc +27 -69
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_rc4.cc +54 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/e_tls.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cipher/get_cipher.cc +85 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/internal.h +29 -69
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/tls_cbc.cc +13 -51
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.cc +14 -58
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_fuchsia.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_linux.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_sysreg.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_win.cc +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.cc +13 -67
- data/third_party/boringssl-with-bazel/src/crypto/crypto.cc +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_64_adx.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.cc +15 -13
- data/third_party/boringssl-with-bazel/src/crypto/des/des.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/des/internal.h +27 -69
- data/third_party/boringssl-with-bazel/src/crypto/dh/dh_asn1.cc +124 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh_extra → dh}/params.cc +13 -51
- data/third_party/boringssl-with-bazel/src/crypto/{digest_extra → digest}/digest_extra.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.cc +13 -58
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.cc +13 -53
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{ec_extra → ec}/ec_asn1.cc +24 -61
- data/third_party/boringssl-with-bazel/src/crypto/{ec_extra → ec}/ec_derive.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{ec_extra → ec}/hash_to_curve.cc +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/{ec_extra → ec}/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/ecdh/ecdh.cc +73 -0
- data/third_party/boringssl-with-bazel/src/crypto/{ecdsa_extra → ecdsa}/ecdsa_asn1.cc +17 -61
- data/third_party/boringssl-with-bazel/src/crypto/engine/engine.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/err/err.cc +17 -107
- data/third_party/boringssl-with-bazel/src/crypto/err/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.cc +29 -79
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.cc +122 -198
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh.cc +15 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh_asn1.cc +13 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.cc +56 -110
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.cc +20 -66
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.cc +19 -57
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.cc +29 -77
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.cc +13 -51
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.cc +13 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.cc +13 -107
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.cc.inc +112 -48
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{modes → aes}/cbc.cc.inc +13 -47
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{modes → aes}/cfb.cc.inc +13 -47
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/ctr.cc.inc +100 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{modes → aes}/gcm.cc.inc +127 -314
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{modes → aes}/gcm_nohw.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +419 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.cc.inc +13 -47
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.cc.inc +13 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/ofb.cc.inc +53 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{modes → aes}/polyval.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.cc +28 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +501 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/add.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/x86_64-gcc.cc.inc +15 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.cc.inc +16 -57
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.cc.inc +16 -109
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.cc.inc +13 -107
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +25 -134
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.cc.inc +13 -51
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.cc.inc +14 -109
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.cc.inc +13 -107
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.cc.inc +13 -107
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.cc.inc +18 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +20 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.cc.inc +13 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.cc.inc +14 -56
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.cc.inc +69 -283
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aesccm.cc.inc +21 -58
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +14 -65
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/cmac.cc.inc +13 -47
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/internal.h +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +13 -47
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/digestsign.cc.inc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/builtin_curves.h +91 -91
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.cc.inc +14 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.cc.inc +14 -72
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.cc.inc +14 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +19 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.cc.inc +14 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz-table.h +15 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.cc.inc +22 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.h +22 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.cc.inc +21 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.cc.inc +14 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.cc.inc +14 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.cc.inc +14 -65
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.cc.inc +13 -51
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/hkdf.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/{keccak → fipsmodule/keccak}/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{keccak/keccak.cc → fipsmodule/keccak/keccak.cc.inc} +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mldsa/mldsa.cc.inc +1993 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mlkem/mlkem.cc.inc +1165 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.cc.inc +18 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +18 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.cc.inc +15 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.cc.inc +14 -109
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +13 -56
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.cc.inc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.cc.inc +18 -77
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.cc.inc +38 -90
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +34 -34
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +44 -56
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/{slhdsa → fipsmodule/slhdsa}/address.h +28 -32
- data/third_party/boringssl-with-bazel/src/crypto/{slhdsa/fors.cc → fipsmodule/slhdsa/fors.cc.inc} +44 -44
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fors.h +58 -0
- data/third_party/boringssl-with-bazel/src/crypto/{slhdsa/merkle.cc → fipsmodule/slhdsa/merkle.cc.inc} +46 -46
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/merkle.h +70 -0
- data/third_party/boringssl-with-bazel/src/crypto/{slhdsa → fipsmodule/slhdsa}/params.h +20 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc +329 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/thash.cc.inc +173 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/thash.h +85 -0
- data/third_party/boringssl-with-bazel/src/crypto/{slhdsa/wots.cc → fipsmodule/slhdsa/wots.cc.inc} +46 -46
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/wots.h +50 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.cc.inc +13 -51
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.cc +21 -13
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +62 -205
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.cc +52 -28
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +31 -75
- data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/md4/md4.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/md5/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/md5/md5.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/mem.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/mldsa/mldsa.cc +47 -1747
- data/third_party/boringssl-with-bazel/src/crypto/mlkem/mlkem.cc +97 -1042
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +14 -56
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_xref.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/pem/internal.h +44 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.cc +13 -107
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.cc +18 -58
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.cc +56 -103
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.cc +15 -13
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra → rand}/deterministic.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra → rand}/fork_detect.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/rand/forkunsafe.cc +44 -0
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra → rand}/getentropy.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra → rand}/getrandom_fillin.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/rand/ios.cc +42 -0
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra → rand}/passive.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra/rand_extra.cc → rand/rand.cc} +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/rand/sysrand_internal.h +37 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/trusty.cc +46 -0
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra → rand}/urandom.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra → rand}/windows.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/rc4/rc4.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/refcount.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/rsa/internal.h +36 -0
- data/third_party/boringssl-with-bazel/src/crypto/{rsa_extra → rsa}/rsa_asn1.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/{rsa_extra → rsa}/rsa_crypt.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_extra.cc +19 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_print.cc +27 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha1.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha256.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha512.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/slhdsa.cc +62 -256
- data/third_party/boringssl-with-bazel/src/crypto/spake2plus/internal.h +204 -0
- data/third_party/boringssl-with-bazel/src/crypto/spake2plus/spake2plus.cc +501 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/thread.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/thread_none.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.cc +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.cc +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.cc +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.cc +14 -56
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.cc +25 -71
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/ext_dat.h +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +13 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/policy.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akey.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akeya.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_alt.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bcons.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bitst.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_conf.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_cpols.cc +13 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_crld.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_enum.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_extku.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_genn.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ia5.cc +13 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.cc +17 -66
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_int.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_lib.cc +14 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ncons.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ocsp.cc +13 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pcons.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pmaps.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_prn.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_purp.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_skey.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_utl.cc +17 -70
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.cc +14 -60
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.cc +13 -58
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.cc +13 -55
- data/third_party/boringssl-with-bazel/src/gen/crypto/err_data.cc +465 -451
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +13 -47
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +13 -51
- data/third_party/boringssl-with-bazel/src/include/openssl/asm_base.h +14 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +23 -62
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1_mac.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +14 -56
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +15 -53
- data/third_party/boringssl-with-bazel/src/include/openssl/base64.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/bcm_public.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/blowfish.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +14 -121
- data/third_party/boringssl-with-bazel/src/include/openssl/buf.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/buffer.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +31 -16
- data/third_party/boringssl-with-bazel/src/include/openssl/cast.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +31 -59
- data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +13 -58
- data/third_party/boringssl-with-bazel/src/include/openssl/dtls1.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +14 -66
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +14 -71
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdh.h +14 -65
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +13 -51
- data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +13 -107
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/evp_errors.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +13 -107
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/is_boringssl.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/md4.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/md5.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +13 -19
- data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +13 -37
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +27 -69
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/objects.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslv.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/ossl_typ.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +22 -60
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs12.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/rc4.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/ripemd.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +13 -58
- data/third_party/boringssl-with-bazel/src/include/openssl/safestack.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/slhdsa.h +54 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +19 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/srtp.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +198 -174
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +14 -114
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +23 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/time.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +27 -156
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +15 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +14 -61
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3_errors.h +13 -53
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +13 -8
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +15 -114
- data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +13 -55
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +13 -110
- data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +17 -115
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +13 -55
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +16 -115
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +32 -34
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +314 -132
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +19 -16
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +23 -123
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +55 -174
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +26 -157
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +104 -240
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +22 -120
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +16 -148
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +16 -110
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +16 -16
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +14 -81
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +15 -20
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +14 -113
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +19 -145
- data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +164 -37
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +13 -109
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +15 -17
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +51 -184
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +23 -67
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +25 -144
- data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +14 -82
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +20 -143
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +15 -15
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +15 -139
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +28 -156
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +16 -16
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +91 -43
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +68 -80
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +154 -52
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +13 -55
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +15 -109
- metadata +75 -66
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.cc +0 -127
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.cc +0 -152
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.cc +0 -93
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.cc +0 -96
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.cc +0 -165
- data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.cc +0 -124
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.cc.inc +0 -196
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +0 -448
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.cc.inc +0 -87
- data/third_party/boringssl-with-bazel/src/crypto/mldsa/internal.h +0 -76
- data/third_party/boringssl-with-bazel/src/crypto/mlkem/internal.h +0 -90
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/forkunsafe.cc +0 -44
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/ios.cc +0 -42
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/sysrand_internal.h +0 -37
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/trusty.cc +0 -46
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/internal.h +0 -79
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_extra.cc +0 -17
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_print.cc +0 -22
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/fors.h +0 -58
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/internal.h +0 -63
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/merkle.h +0 -70
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/thash.cc +0 -173
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/thash.h +0 -85
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/wots.h +0 -50
|
@@ -1,16 +1,16 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
1
|
+
// Copyright 2024 The BoringSSL Authors
|
|
2
|
+
//
|
|
3
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
// you may not use this file except in compliance with the License.
|
|
5
|
+
// You may obtain a copy of the License at
|
|
6
|
+
//
|
|
7
|
+
// https://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
//
|
|
9
|
+
// Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
// See the License for the specific language governing permissions and
|
|
13
|
+
// limitations under the License.
|
|
14
14
|
|
|
15
15
|
#ifndef OPENSSL_HEADER_CRYPTO_BCM_INTERFACE_H
|
|
16
16
|
#define OPENSSL_HEADER_CRYPTO_BCM_INTERFACE_H
|
|
@@ -47,10 +47,14 @@ enum class bcm_status_t {
|
|
|
47
47
|
typedef enum bcm_status_t bcm_status;
|
|
48
48
|
typedef enum bcm_infallible_t bcm_infallible;
|
|
49
49
|
|
|
50
|
-
|
|
50
|
+
inline int bcm_success(bcm_status status) {
|
|
51
51
|
return status == bcm_status::approved || status == bcm_status::not_approved;
|
|
52
52
|
}
|
|
53
53
|
|
|
54
|
+
inline bcm_status_t bcm_as_approved_status(int result) {
|
|
55
|
+
return result ? bcm_status::approved : bcm_status::failure;
|
|
56
|
+
}
|
|
57
|
+
|
|
54
58
|
|
|
55
59
|
// Random number generator.
|
|
56
60
|
|
|
@@ -235,6 +239,489 @@ bcm_infallible BCM_sha512_256_final(uint8_t out[BCM_SHA512_256_DIGEST_LENGTH],
|
|
|
235
239
|
SHA512_CTX *sha);
|
|
236
240
|
|
|
237
241
|
|
|
242
|
+
// ML-DSA
|
|
243
|
+
//
|
|
244
|
+
// Where not commented, these functions have the same signature as the
|
|
245
|
+
// corresponding public function.
|
|
246
|
+
|
|
247
|
+
// BCM_MLDSA_SIGNATURE_RANDOMIZER_BYTES is the number of bytes of uniformly
|
|
248
|
+
// random entropy necessary to generate a signature in randomized mode.
|
|
249
|
+
#define BCM_MLDSA_SIGNATURE_RANDOMIZER_BYTES 32
|
|
250
|
+
|
|
251
|
+
// BCM_MLDSA_SEED_BYTES is the number of bytes in an ML-DSA seed value.
|
|
252
|
+
#define BCM_MLDSA_SEED_BYTES 32
|
|
253
|
+
|
|
254
|
+
// BCM_MLDSA65_PRIVATE_KEY_BYTES is the number of bytes in an encoded ML-DSA-65
|
|
255
|
+
// private key.
|
|
256
|
+
#define BCM_MLDSA65_PRIVATE_KEY_BYTES 4032
|
|
257
|
+
|
|
258
|
+
// BCM_MLDSA65_PUBLIC_KEY_BYTES is the number of bytes in an encoded ML-DSA-65
|
|
259
|
+
// public key.
|
|
260
|
+
#define BCM_MLDSA65_PUBLIC_KEY_BYTES 1952
|
|
261
|
+
|
|
262
|
+
// BCM_MLDSA65_SIGNATURE_BYTES is the number of bytes in an encoded ML-DSA-65
|
|
263
|
+
// signature.
|
|
264
|
+
#define BCM_MLDSA65_SIGNATURE_BYTES 3309
|
|
265
|
+
|
|
266
|
+
struct BCM_mldsa65_private_key {
|
|
267
|
+
union {
|
|
268
|
+
uint8_t bytes[32 + 32 + 64 + 256 * 4 * (5 + 6 + 6)];
|
|
269
|
+
uint32_t alignment;
|
|
270
|
+
} opaque;
|
|
271
|
+
};
|
|
272
|
+
|
|
273
|
+
struct BCM_mldsa65_public_key {
|
|
274
|
+
union {
|
|
275
|
+
uint8_t bytes[32 + 64 + 256 * 4 * 6];
|
|
276
|
+
uint32_t alignment;
|
|
277
|
+
} opaque;
|
|
278
|
+
};
|
|
279
|
+
|
|
280
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa65_generate_key(
|
|
281
|
+
uint8_t out_encoded_public_key[BCM_MLDSA65_PUBLIC_KEY_BYTES],
|
|
282
|
+
uint8_t out_seed[BCM_MLDSA_SEED_BYTES],
|
|
283
|
+
struct BCM_mldsa65_private_key *out_private_key);
|
|
284
|
+
|
|
285
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa65_private_key_from_seed(
|
|
286
|
+
struct BCM_mldsa65_private_key *out_private_key,
|
|
287
|
+
const uint8_t seed[BCM_MLDSA_SEED_BYTES]);
|
|
288
|
+
|
|
289
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa65_public_from_private(
|
|
290
|
+
struct BCM_mldsa65_public_key *out_public_key,
|
|
291
|
+
const struct BCM_mldsa65_private_key *private_key);
|
|
292
|
+
|
|
293
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa65_sign(
|
|
294
|
+
uint8_t out_encoded_signature[BCM_MLDSA65_SIGNATURE_BYTES],
|
|
295
|
+
const struct BCM_mldsa65_private_key *private_key, const uint8_t *msg,
|
|
296
|
+
size_t msg_len, const uint8_t *context, size_t context_len);
|
|
297
|
+
|
|
298
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa65_verify(
|
|
299
|
+
const struct BCM_mldsa65_public_key *public_key,
|
|
300
|
+
const uint8_t signature[BCM_MLDSA65_SIGNATURE_BYTES], const uint8_t *msg,
|
|
301
|
+
size_t msg_len, const uint8_t *context, size_t context_len);
|
|
302
|
+
|
|
303
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa65_marshal_public_key(
|
|
304
|
+
CBB *out, const struct BCM_mldsa65_public_key *public_key);
|
|
305
|
+
|
|
306
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa65_parse_public_key(
|
|
307
|
+
struct BCM_mldsa65_public_key *public_key, CBS *in);
|
|
308
|
+
|
|
309
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa65_parse_private_key(
|
|
310
|
+
struct BCM_mldsa65_private_key *private_key, CBS *in);
|
|
311
|
+
|
|
312
|
+
// BCM_mldsa65_generate_key_external_entropy generates a public/private key pair
|
|
313
|
+
// using the given seed, writes the encoded public key to
|
|
314
|
+
// |out_encoded_public_key| and sets |out_private_key| to the private key.
|
|
315
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa65_generate_key_external_entropy(
|
|
316
|
+
uint8_t out_encoded_public_key[BCM_MLDSA65_PUBLIC_KEY_BYTES],
|
|
317
|
+
struct BCM_mldsa65_private_key *out_private_key,
|
|
318
|
+
const uint8_t entropy[BCM_MLDSA_SEED_BYTES]);
|
|
319
|
+
|
|
320
|
+
// BCM_mldsa5_sign_internal signs |msg| using |private_key| and writes the
|
|
321
|
+
// signature to |out_encoded_signature|. The |context_prefix| and |context| are
|
|
322
|
+
// prefixed to the message, in that order, before signing. The |randomizer|
|
|
323
|
+
// value can be set to zero bytes in order to make a deterministic signature, or
|
|
324
|
+
// else filled with entropy for the usual |MLDSA_sign| behavior.
|
|
325
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa65_sign_internal(
|
|
326
|
+
uint8_t out_encoded_signature[BCM_MLDSA65_SIGNATURE_BYTES],
|
|
327
|
+
const struct BCM_mldsa65_private_key *private_key, const uint8_t *msg,
|
|
328
|
+
size_t msg_len, const uint8_t *context_prefix, size_t context_prefix_len,
|
|
329
|
+
const uint8_t *context, size_t context_len,
|
|
330
|
+
const uint8_t randomizer[BCM_MLDSA_SIGNATURE_RANDOMIZER_BYTES]);
|
|
331
|
+
|
|
332
|
+
// BCM_mldsa5_verify_internal verifies that |encoded_signature| is a valid
|
|
333
|
+
// signature of |msg| by |public_key|. The |context_prefix| and |context| are
|
|
334
|
+
// prefixed to the message before verification, in that order.
|
|
335
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa65_verify_internal(
|
|
336
|
+
const struct BCM_mldsa65_public_key *public_key,
|
|
337
|
+
const uint8_t encoded_signature[BCM_MLDSA65_SIGNATURE_BYTES],
|
|
338
|
+
const uint8_t *msg, size_t msg_len, const uint8_t *context_prefix,
|
|
339
|
+
size_t context_prefix_len, const uint8_t *context, size_t context_len);
|
|
340
|
+
|
|
341
|
+
// BCM_mldsa65_marshal_private_key serializes |private_key| to |out| in the
|
|
342
|
+
// NIST format for ML-DSA-65 private keys.
|
|
343
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa65_marshal_private_key(
|
|
344
|
+
CBB *out, const struct BCM_mldsa65_private_key *private_key);
|
|
345
|
+
|
|
346
|
+
|
|
347
|
+
// BCM_MLDSA87_PRIVATE_KEY_BYTES is the number of bytes in an encoded ML-DSA-87
|
|
348
|
+
// private key.
|
|
349
|
+
#define BCM_MLDSA87_PRIVATE_KEY_BYTES 4896
|
|
350
|
+
|
|
351
|
+
// BCM_MLDSA87_PUBLIC_KEY_BYTES is the number of bytes in an encoded ML-DSA-87
|
|
352
|
+
// public key.
|
|
353
|
+
#define BCM_MLDSA87_PUBLIC_KEY_BYTES 2592
|
|
354
|
+
|
|
355
|
+
// BCM_MLDSA87_SIGNATURE_BYTES is the number of bytes in an encoded ML-DSA-87
|
|
356
|
+
// signature.
|
|
357
|
+
#define BCM_MLDSA87_SIGNATURE_BYTES 4627
|
|
358
|
+
|
|
359
|
+
struct BCM_mldsa87_private_key {
|
|
360
|
+
union {
|
|
361
|
+
uint8_t bytes[32 + 32 + 64 + 256 * 4 * (7 + 8 + 8)];
|
|
362
|
+
uint32_t alignment;
|
|
363
|
+
} opaque;
|
|
364
|
+
};
|
|
365
|
+
|
|
366
|
+
struct BCM_mldsa87_public_key {
|
|
367
|
+
union {
|
|
368
|
+
uint8_t bytes[32 + 64 + 256 * 4 * 8];
|
|
369
|
+
uint32_t alignment;
|
|
370
|
+
} opaque;
|
|
371
|
+
};
|
|
372
|
+
|
|
373
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa87_generate_key(
|
|
374
|
+
uint8_t out_encoded_public_key[BCM_MLDSA87_PUBLIC_KEY_BYTES],
|
|
375
|
+
uint8_t out_seed[BCM_MLDSA_SEED_BYTES],
|
|
376
|
+
struct BCM_mldsa87_private_key *out_private_key);
|
|
377
|
+
|
|
378
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa87_private_key_from_seed(
|
|
379
|
+
struct BCM_mldsa87_private_key *out_private_key,
|
|
380
|
+
const uint8_t seed[BCM_MLDSA_SEED_BYTES]);
|
|
381
|
+
|
|
382
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa87_public_from_private(
|
|
383
|
+
struct BCM_mldsa87_public_key *out_public_key,
|
|
384
|
+
const struct BCM_mldsa87_private_key *private_key);
|
|
385
|
+
|
|
386
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa87_sign(
|
|
387
|
+
uint8_t out_encoded_signature[BCM_MLDSA87_SIGNATURE_BYTES],
|
|
388
|
+
const struct BCM_mldsa87_private_key *private_key, const uint8_t *msg,
|
|
389
|
+
size_t msg_len, const uint8_t *context, size_t context_len);
|
|
390
|
+
|
|
391
|
+
OPENSSL_EXPORT bcm_status
|
|
392
|
+
BCM_mldsa87_verify(const struct BCM_mldsa87_public_key *public_key,
|
|
393
|
+
const uint8_t *signature, const uint8_t *msg, size_t msg_len,
|
|
394
|
+
const uint8_t *context, size_t context_len);
|
|
395
|
+
|
|
396
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa87_marshal_public_key(
|
|
397
|
+
CBB *out, const struct BCM_mldsa87_public_key *public_key);
|
|
398
|
+
|
|
399
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa87_parse_public_key(
|
|
400
|
+
struct BCM_mldsa87_public_key *public_key, CBS *in);
|
|
401
|
+
|
|
402
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa87_parse_private_key(
|
|
403
|
+
struct BCM_mldsa87_private_key *private_key, CBS *in);
|
|
404
|
+
|
|
405
|
+
// BCM_mldsa87_generate_key_external_entropy generates a public/private key pair
|
|
406
|
+
// using the given seed, writes the encoded public key to
|
|
407
|
+
// |out_encoded_public_key| and sets |out_private_key| to the private key.
|
|
408
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa87_generate_key_external_entropy(
|
|
409
|
+
uint8_t out_encoded_public_key[BCM_MLDSA87_PUBLIC_KEY_BYTES],
|
|
410
|
+
struct BCM_mldsa87_private_key *out_private_key,
|
|
411
|
+
const uint8_t entropy[BCM_MLDSA_SEED_BYTES]);
|
|
412
|
+
|
|
413
|
+
// BCM_mldsa87_sign_internal signs |msg| using |private_key| and writes the
|
|
414
|
+
// signature to |out_encoded_signature|. The |context_prefix| and |context| are
|
|
415
|
+
// prefixed to the message, in that order, before signing. The |randomizer|
|
|
416
|
+
// value can be set to zero bytes in order to make a deterministic signature, or
|
|
417
|
+
// else filled with entropy for the usual |MLDSA_sign| behavior.
|
|
418
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa87_sign_internal(
|
|
419
|
+
uint8_t out_encoded_signature[BCM_MLDSA87_SIGNATURE_BYTES],
|
|
420
|
+
const struct BCM_mldsa87_private_key *private_key, const uint8_t *msg,
|
|
421
|
+
size_t msg_len, const uint8_t *context_prefix, size_t context_prefix_len,
|
|
422
|
+
const uint8_t *context, size_t context_len,
|
|
423
|
+
const uint8_t randomizer[BCM_MLDSA_SIGNATURE_RANDOMIZER_BYTES]);
|
|
424
|
+
|
|
425
|
+
// BCM_mldsa87_verify_internal verifies that |encoded_signature| is a valid
|
|
426
|
+
// signature of |msg| by |public_key|. The |context_prefix| and |context| are
|
|
427
|
+
// prefixed to the message before verification, in that order.
|
|
428
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa87_verify_internal(
|
|
429
|
+
const struct BCM_mldsa87_public_key *public_key,
|
|
430
|
+
const uint8_t encoded_signature[BCM_MLDSA87_SIGNATURE_BYTES],
|
|
431
|
+
const uint8_t *msg, size_t msg_len, const uint8_t *context_prefix,
|
|
432
|
+
size_t context_prefix_len, const uint8_t *context, size_t context_len);
|
|
433
|
+
|
|
434
|
+
// BCM_mldsa87_marshal_private_key serializes |private_key| to |out| in the
|
|
435
|
+
// NIST format for ML-DSA-87 private keys.
|
|
436
|
+
OPENSSL_EXPORT bcm_status BCM_mldsa87_marshal_private_key(
|
|
437
|
+
CBB *out, const struct BCM_mldsa87_private_key *private_key);
|
|
438
|
+
|
|
439
|
+
|
|
440
|
+
// ML-KEM
|
|
441
|
+
//
|
|
442
|
+
// Where not commented, these functions have the same signature as the
|
|
443
|
+
// corresponding public function.
|
|
444
|
+
|
|
445
|
+
// BCM_MLKEM_ENCAP_ENTROPY is the number of bytes of uniformly random entropy
|
|
446
|
+
// necessary to encapsulate a secret. The entropy will be leaked to the
|
|
447
|
+
// decapsulating party.
|
|
448
|
+
#define BCM_MLKEM_ENCAP_ENTROPY 32
|
|
449
|
+
|
|
450
|
+
// BCM_MLKEM768_PUBLIC_KEY_BYTES is the number of bytes in an encoded ML-KEM-768
|
|
451
|
+
// public key.
|
|
452
|
+
#define BCM_MLKEM768_PUBLIC_KEY_BYTES 1184
|
|
453
|
+
|
|
454
|
+
// BCM_MLKEM1024_PUBLIC_KEY_BYTES is the number of bytes in an encoded
|
|
455
|
+
// ML-KEM-1024 public key.
|
|
456
|
+
#define BCM_MLKEM1024_PUBLIC_KEY_BYTES 1568
|
|
457
|
+
|
|
458
|
+
// BCM_MLKEM768_CIPHERTEXT_BYTES is number of bytes in the ML-KEM-768
|
|
459
|
+
// ciphertext.
|
|
460
|
+
#define BCM_MLKEM768_CIPHERTEXT_BYTES 1088
|
|
461
|
+
|
|
462
|
+
// BCM_MLKEM1024_CIPHERTEXT_BYTES is number of bytes in the ML-KEM-1024
|
|
463
|
+
// ciphertext.
|
|
464
|
+
#define BCM_MLKEM1024_CIPHERTEXT_BYTES 1568
|
|
465
|
+
|
|
466
|
+
// BCM_MLKEM768_PRIVATE_KEY_BYTES is the length of the data produced by
|
|
467
|
+
// |BCM_mlkem768_marshal_private_key|.
|
|
468
|
+
#define BCM_MLKEM768_PRIVATE_KEY_BYTES 2400
|
|
469
|
+
|
|
470
|
+
// BCM_MLKEM1024_PRIVATE_KEY_BYTES is the length of the data produced by
|
|
471
|
+
// |BCM_mlkem1024_marshal_private_key|.
|
|
472
|
+
#define BCM_MLKEM1024_PRIVATE_KEY_BYTES 3168
|
|
473
|
+
|
|
474
|
+
// BCM_MLKEM_SEED_BYTES is the number of bytes in an ML-KEM seed.
|
|
475
|
+
#define BCM_MLKEM_SEED_BYTES 64
|
|
476
|
+
|
|
477
|
+
// BCM_mlkem_SHARED_SECRET_BYTES is the number of bytes in an ML-KEM shared
|
|
478
|
+
// secret.
|
|
479
|
+
#define BCM_MLKEM_SHARED_SECRET_BYTES 32
|
|
480
|
+
|
|
481
|
+
struct BCM_mlkem768_public_key {
|
|
482
|
+
union {
|
|
483
|
+
uint8_t bytes[512 * (3 + 9) + 32 + 32];
|
|
484
|
+
uint16_t alignment;
|
|
485
|
+
} opaque;
|
|
486
|
+
};
|
|
487
|
+
|
|
488
|
+
struct BCM_mlkem768_private_key {
|
|
489
|
+
union {
|
|
490
|
+
uint8_t bytes[512 * (3 + 3 + 9) + 32 + 32 + 32];
|
|
491
|
+
uint16_t alignment;
|
|
492
|
+
} opaque;
|
|
493
|
+
};
|
|
494
|
+
|
|
495
|
+
OPENSSL_EXPORT bcm_infallible BCM_mlkem768_generate_key(
|
|
496
|
+
uint8_t out_encoded_public_key[BCM_MLKEM768_PUBLIC_KEY_BYTES],
|
|
497
|
+
uint8_t optional_out_seed[BCM_MLKEM_SEED_BYTES],
|
|
498
|
+
struct BCM_mlkem768_private_key *out_private_key);
|
|
499
|
+
|
|
500
|
+
OPENSSL_EXPORT bcm_status BCM_mlkem768_private_key_from_seed(
|
|
501
|
+
struct BCM_mlkem768_private_key *out_private_key, const uint8_t *seed,
|
|
502
|
+
size_t seed_len);
|
|
503
|
+
|
|
504
|
+
OPENSSL_EXPORT bcm_infallible BCM_mlkem768_public_from_private(
|
|
505
|
+
struct BCM_mlkem768_public_key *out_public_key,
|
|
506
|
+
const struct BCM_mlkem768_private_key *private_key);
|
|
507
|
+
|
|
508
|
+
OPENSSL_EXPORT bcm_infallible
|
|
509
|
+
BCM_mlkem768_encap(uint8_t out_ciphertext[BCM_MLKEM768_CIPHERTEXT_BYTES],
|
|
510
|
+
uint8_t out_shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES],
|
|
511
|
+
const struct BCM_mlkem768_public_key *public_key);
|
|
512
|
+
|
|
513
|
+
OPENSSL_EXPORT bcm_status
|
|
514
|
+
BCM_mlkem768_decap(uint8_t out_shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES],
|
|
515
|
+
const uint8_t *ciphertext, size_t ciphertext_len,
|
|
516
|
+
const struct BCM_mlkem768_private_key *private_key);
|
|
517
|
+
|
|
518
|
+
OPENSSL_EXPORT bcm_status BCM_mlkem768_marshal_public_key(
|
|
519
|
+
CBB *out, const struct BCM_mlkem768_public_key *public_key);
|
|
520
|
+
|
|
521
|
+
OPENSSL_EXPORT bcm_status BCM_mlkem768_parse_public_key(
|
|
522
|
+
struct BCM_mlkem768_public_key *out_public_key, CBS *in);
|
|
523
|
+
|
|
524
|
+
// BCM_mlkem768_parse_private_key parses a private key, in NIST's format for
|
|
525
|
+
// private keys, from |in| and writes the result to |out_private_key|. It
|
|
526
|
+
// returns one on success or zero on parse error or if there are trailing bytes
|
|
527
|
+
// in |in|. This format is verbose and should be avoided. Private keys should be
|
|
528
|
+
// stored as seeds and parsed using |BCM_mlkem768_private_key_from_seed|.
|
|
529
|
+
OPENSSL_EXPORT bcm_status BCM_mlkem768_parse_private_key(
|
|
530
|
+
struct BCM_mlkem768_private_key *out_private_key, CBS *in);
|
|
531
|
+
|
|
532
|
+
// BCM_mlkem768_generate_key_external_seed is a deterministic function to create
|
|
533
|
+
// a pair of ML-KEM-768 keys, using the supplied seed. The seed needs to be
|
|
534
|
+
// uniformly random. This function should only be used for tests; regular
|
|
535
|
+
// callers should use the non-deterministic |BCM_mlkem768_generate_key|
|
|
536
|
+
// directly.
|
|
537
|
+
OPENSSL_EXPORT bcm_infallible BCM_mlkem768_generate_key_external_seed(
|
|
538
|
+
uint8_t out_encoded_public_key[BCM_MLKEM768_PUBLIC_KEY_BYTES],
|
|
539
|
+
struct BCM_mlkem768_private_key *out_private_key,
|
|
540
|
+
const uint8_t seed[BCM_MLKEM_SEED_BYTES]);
|
|
541
|
+
|
|
542
|
+
// BCM_mlkem768_encap_external_entropy behaves like |MLKEM768_encap|, but uses
|
|
543
|
+
// |MLKEM_ENCAP_ENTROPY| bytes of |entropy| for randomization. The decapsulating
|
|
544
|
+
// side will be able to recover |entropy| in full. This function should only be
|
|
545
|
+
// used for tests, regular callers should use the non-deterministic
|
|
546
|
+
// |BCM_mlkem768_encap| directly.
|
|
547
|
+
OPENSSL_EXPORT bcm_infallible BCM_mlkem768_encap_external_entropy(
|
|
548
|
+
uint8_t out_ciphertext[BCM_MLKEM768_CIPHERTEXT_BYTES],
|
|
549
|
+
uint8_t out_shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES],
|
|
550
|
+
const struct BCM_mlkem768_public_key *public_key,
|
|
551
|
+
const uint8_t entropy[BCM_MLKEM_ENCAP_ENTROPY]);
|
|
552
|
+
|
|
553
|
+
// BCM_mlkem768_marshal_private_key serializes |private_key| to |out| in the
|
|
554
|
+
// NIST format for ML-KEM-768 private keys. (Note that one can also save just
|
|
555
|
+
// the seed value produced by |BCM_mlkem768_generate_key|, which is
|
|
556
|
+
// significantly smaller.)
|
|
557
|
+
OPENSSL_EXPORT bcm_status BCM_mlkem768_marshal_private_key(
|
|
558
|
+
CBB *out, const struct BCM_mlkem768_private_key *private_key);
|
|
559
|
+
|
|
560
|
+
struct BCM_mlkem1024_public_key {
|
|
561
|
+
union {
|
|
562
|
+
uint8_t bytes[512 * (4 + 16) + 32 + 32];
|
|
563
|
+
uint16_t alignment;
|
|
564
|
+
} opaque;
|
|
565
|
+
};
|
|
566
|
+
|
|
567
|
+
struct BCM_mlkem1024_private_key {
|
|
568
|
+
union {
|
|
569
|
+
uint8_t bytes[512 * (4 + 4 + 16) + 32 + 32 + 32];
|
|
570
|
+
uint16_t alignment;
|
|
571
|
+
} opaque;
|
|
572
|
+
};
|
|
573
|
+
|
|
574
|
+
OPENSSL_EXPORT bcm_infallible BCM_mlkem1024_generate_key(
|
|
575
|
+
uint8_t out_encoded_public_key[BCM_MLKEM1024_PUBLIC_KEY_BYTES],
|
|
576
|
+
uint8_t optional_out_seed[BCM_MLKEM_SEED_BYTES],
|
|
577
|
+
struct BCM_mlkem1024_private_key *out_private_key);
|
|
578
|
+
|
|
579
|
+
OPENSSL_EXPORT bcm_status BCM_mlkem1024_private_key_from_seed(
|
|
580
|
+
struct BCM_mlkem1024_private_key *out_private_key, const uint8_t *seed,
|
|
581
|
+
size_t seed_len);
|
|
582
|
+
|
|
583
|
+
OPENSSL_EXPORT bcm_infallible BCM_mlkem1024_public_from_private(
|
|
584
|
+
struct BCM_mlkem1024_public_key *out_public_key,
|
|
585
|
+
const struct BCM_mlkem1024_private_key *private_key);
|
|
586
|
+
|
|
587
|
+
OPENSSL_EXPORT bcm_infallible
|
|
588
|
+
BCM_mlkem1024_encap(uint8_t out_ciphertext[BCM_MLKEM1024_CIPHERTEXT_BYTES],
|
|
589
|
+
uint8_t out_shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES],
|
|
590
|
+
const struct BCM_mlkem1024_public_key *public_key);
|
|
591
|
+
|
|
592
|
+
OPENSSL_EXPORT bcm_status
|
|
593
|
+
BCM_mlkem1024_decap(uint8_t out_shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES],
|
|
594
|
+
const uint8_t *ciphertext, size_t ciphertext_len,
|
|
595
|
+
const struct BCM_mlkem1024_private_key *private_key);
|
|
596
|
+
|
|
597
|
+
OPENSSL_EXPORT bcm_status BCM_mlkem1024_marshal_public_key(
|
|
598
|
+
CBB *out, const struct BCM_mlkem1024_public_key *public_key);
|
|
599
|
+
|
|
600
|
+
OPENSSL_EXPORT bcm_status BCM_mlkem1024_parse_public_key(
|
|
601
|
+
struct BCM_mlkem1024_public_key *out_public_key, CBS *in);
|
|
602
|
+
|
|
603
|
+
// BCM_mlkem1024_parse_private_key parses a private key, in NIST's format for
|
|
604
|
+
// private keys, from |in| and writes the result to |out_private_key|. It
|
|
605
|
+
// returns one on success or zero on parse error or if there are trailing bytes
|
|
606
|
+
// in |in|. This format is verbose and should be avoided. Private keys should be
|
|
607
|
+
// stored as seeds and parsed using |BCM_mlkem1024_private_key_from_seed|.
|
|
608
|
+
OPENSSL_EXPORT bcm_status BCM_mlkem1024_parse_private_key(
|
|
609
|
+
struct BCM_mlkem1024_private_key *out_private_key, CBS *in);
|
|
610
|
+
|
|
611
|
+
// BCM_mlkem1024_generate_key_external_seed is a deterministic function to
|
|
612
|
+
// create a pair of ML-KEM-1024 keys, using the supplied seed. The seed needs to
|
|
613
|
+
// be uniformly random. This function should only be used for tests, regular
|
|
614
|
+
// callers should use the non-deterministic |BCM_mlkem1024_generate_key|
|
|
615
|
+
// directly.
|
|
616
|
+
OPENSSL_EXPORT bcm_infallible BCM_mlkem1024_generate_key_external_seed(
|
|
617
|
+
uint8_t out_encoded_public_key[BCM_MLKEM1024_PUBLIC_KEY_BYTES],
|
|
618
|
+
struct BCM_mlkem1024_private_key *out_private_key,
|
|
619
|
+
const uint8_t seed[BCM_MLKEM_SEED_BYTES]);
|
|
620
|
+
|
|
621
|
+
// BCM_mlkem1024_encap_external_entropy behaves like |MLKEM1024_encap|, but uses
|
|
622
|
+
// |MLKEM_ENCAP_ENTROPY| bytes of |entropy| for randomization. The
|
|
623
|
+
// decapsulating side will be able to recover |entropy| in full. This function
|
|
624
|
+
// should only be used for tests, regular callers should use the
|
|
625
|
+
// non-deterministic |BCM_mlkem1024_encap| directly.
|
|
626
|
+
OPENSSL_EXPORT bcm_infallible BCM_mlkem1024_encap_external_entropy(
|
|
627
|
+
uint8_t out_ciphertext[BCM_MLKEM1024_CIPHERTEXT_BYTES],
|
|
628
|
+
uint8_t out_shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES],
|
|
629
|
+
const struct BCM_mlkem1024_public_key *public_key,
|
|
630
|
+
const uint8_t entropy[BCM_MLKEM_ENCAP_ENTROPY]);
|
|
631
|
+
|
|
632
|
+
// BCM_mlkem1024_marshal_private_key serializes |private_key| to |out| in the
|
|
633
|
+
// NIST format for ML-KEM-1024 private keys. (Note that one can also save just
|
|
634
|
+
// the seed value produced by |BCM_mlkem1024_generate_key|, which is
|
|
635
|
+
// significantly smaller.)
|
|
636
|
+
OPENSSL_EXPORT bcm_status BCM_mlkem1024_marshal_private_key(
|
|
637
|
+
CBB *out, const struct BCM_mlkem1024_private_key *private_key);
|
|
638
|
+
|
|
639
|
+
|
|
640
|
+
// SLH-DSA
|
|
641
|
+
|
|
642
|
+
// Output length of the hash function.
|
|
643
|
+
#define BCM_SLHDSA_SHA2_128S_N 16
|
|
644
|
+
|
|
645
|
+
// The number of bytes at the beginning of M', the augmented message, before the
|
|
646
|
+
// context.
|
|
647
|
+
#define BCM_SLHDSA_M_PRIME_HEADER_LEN 2
|
|
648
|
+
|
|
649
|
+
// SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES is the number of bytes in an
|
|
650
|
+
// SLH-DSA-SHA2-128s public key.
|
|
651
|
+
#define BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES 32
|
|
652
|
+
|
|
653
|
+
// BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES is the number of bytes in an
|
|
654
|
+
// SLH-DSA-SHA2-128s private key.
|
|
655
|
+
#define BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES 64
|
|
656
|
+
|
|
657
|
+
// BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES is the number of bytes in an
|
|
658
|
+
// SLH-DSA-SHA2-128s signature.
|
|
659
|
+
#define BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES 7856
|
|
660
|
+
|
|
661
|
+
// SLHDSA_SHA2_128S_generate_key_from_seed generates an SLH-DSA-SHA2-128s key
|
|
662
|
+
// pair from a 48-byte seed and writes the result to |out_public_key| and
|
|
663
|
+
// |out_secret_key|.
|
|
664
|
+
OPENSSL_EXPORT bcm_infallible BCM_slhdsa_sha2_128s_generate_key_from_seed(
|
|
665
|
+
uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
|
|
666
|
+
uint8_t out_secret_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
|
|
667
|
+
const uint8_t seed[3 * BCM_SLHDSA_SHA2_128S_N]);
|
|
668
|
+
|
|
669
|
+
// BCM_slhdsa_sha2_128s_sign_internal acts like |SLHDSA_SHA2_128S_sign| but
|
|
670
|
+
// accepts an explicit entropy input, which can be PK.seed (bytes 32..48 of
|
|
671
|
+
// the private key) to generate deterministic signatures. It also takes the
|
|
672
|
+
// input message in three parts so that the "internal" version of the signing
|
|
673
|
+
// function, from section 9.2, can be implemented. The |header| argument may be
|
|
674
|
+
// NULL to omit it.
|
|
675
|
+
OPENSSL_EXPORT bcm_infallible BCM_slhdsa_sha2_128s_sign_internal(
|
|
676
|
+
uint8_t out_signature[BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES],
|
|
677
|
+
const uint8_t secret_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
|
|
678
|
+
const uint8_t header[BCM_SLHDSA_M_PRIME_HEADER_LEN], const uint8_t *context,
|
|
679
|
+
size_t context_len, const uint8_t *msg, size_t msg_len,
|
|
680
|
+
const uint8_t entropy[BCM_SLHDSA_SHA2_128S_N]);
|
|
681
|
+
|
|
682
|
+
// BCM_slhdsa_sha2_128s_verify_internal acts like |SLHDSA_SHA2_128S_verify| but
|
|
683
|
+
// takes the input message in three parts so that the "internal" version of the
|
|
684
|
+
// verification function, from section 9.3, can be implemented. The |header|
|
|
685
|
+
// argument may be NULL to omit it.
|
|
686
|
+
OPENSSL_EXPORT bcm_status BCM_slhdsa_sha2_128s_verify_internal(
|
|
687
|
+
const uint8_t *signature, size_t signature_len,
|
|
688
|
+
const uint8_t public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
|
|
689
|
+
const uint8_t header[BCM_SLHDSA_M_PRIME_HEADER_LEN], const uint8_t *context,
|
|
690
|
+
size_t context_len, const uint8_t *msg, size_t msg_len);
|
|
691
|
+
|
|
692
|
+
OPENSSL_EXPORT bcm_infallible BCM_slhdsa_sha2_128s_generate_key(
|
|
693
|
+
uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
|
|
694
|
+
uint8_t out_private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES]);
|
|
695
|
+
|
|
696
|
+
OPENSSL_EXPORT bcm_infallible BCM_slhdsa_sha2_128s_public_from_private(
|
|
697
|
+
uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
|
|
698
|
+
const uint8_t private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES]);
|
|
699
|
+
|
|
700
|
+
OPENSSL_EXPORT bcm_status BCM_slhdsa_sha2_128s_sign(
|
|
701
|
+
uint8_t out_signature[BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES],
|
|
702
|
+
const uint8_t private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
|
|
703
|
+
const uint8_t *msg, size_t msg_len, const uint8_t *context,
|
|
704
|
+
size_t context_len);
|
|
705
|
+
|
|
706
|
+
OPENSSL_EXPORT bcm_status BCM_slhdsa_sha2_128s_verify(
|
|
707
|
+
const uint8_t *signature, size_t signature_len,
|
|
708
|
+
const uint8_t public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
|
|
709
|
+
const uint8_t *msg, size_t msg_len, const uint8_t *context,
|
|
710
|
+
size_t context_len);
|
|
711
|
+
|
|
712
|
+
OPENSSL_EXPORT bcm_status BCM_slhdsa_sha2_128s_prehash_sign(
|
|
713
|
+
uint8_t out_signature[BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES],
|
|
714
|
+
const uint8_t private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
|
|
715
|
+
const uint8_t *hashed_msg, size_t hashed_msg_len, int hash_nid,
|
|
716
|
+
const uint8_t *context, size_t context_len);
|
|
717
|
+
|
|
718
|
+
OPENSSL_EXPORT bcm_status BCM_slhdsa_sha2_128s_prehash_verify(
|
|
719
|
+
const uint8_t *signature, size_t signature_len,
|
|
720
|
+
const uint8_t public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
|
|
721
|
+
const uint8_t *hashed_msg, size_t hashed_msg_len, int hash_nid,
|
|
722
|
+
const uint8_t *context, size_t context_len);
|
|
723
|
+
|
|
724
|
+
|
|
238
725
|
#if defined(__cplusplus)
|
|
239
726
|
} // extern C
|
|
240
727
|
#endif
|
|
@@ -1,58 +1,16 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
*
|
|
15
|
-
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
16
|
-
* the code are not to be removed.
|
|
17
|
-
* If this package is used in a product, Eric Young should be given attribution
|
|
18
|
-
* as the author of the parts of the library used.
|
|
19
|
-
* This can be in the form of a textual message at program startup or
|
|
20
|
-
* in documentation (online or textual) provided with the package.
|
|
21
|
-
*
|
|
22
|
-
* Redistribution and use in source and binary forms, with or without
|
|
23
|
-
* modification, are permitted provided that the following conditions
|
|
24
|
-
* are met:
|
|
25
|
-
* 1. Redistributions of source code must retain the copyright
|
|
26
|
-
* notice, this list of conditions and the following disclaimer.
|
|
27
|
-
* 2. Redistributions in binary form must reproduce the above copyright
|
|
28
|
-
* notice, this list of conditions and the following disclaimer in the
|
|
29
|
-
* documentation and/or other materials provided with the distribution.
|
|
30
|
-
* 3. All advertising materials mentioning features or use of this software
|
|
31
|
-
* must display the following acknowledgement:
|
|
32
|
-
* "This product includes cryptographic software written by
|
|
33
|
-
* Eric Young (eay@cryptsoft.com)"
|
|
34
|
-
* The word 'cryptographic' can be left out if the rouines from the library
|
|
35
|
-
* being used are not cryptographic related :-).
|
|
36
|
-
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
37
|
-
* the apps directory (application code) you must include an acknowledgement:
|
|
38
|
-
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
39
|
-
*
|
|
40
|
-
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
41
|
-
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
42
|
-
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
43
|
-
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
44
|
-
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
45
|
-
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
46
|
-
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
47
|
-
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
48
|
-
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
49
|
-
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
50
|
-
* SUCH DAMAGE.
|
|
51
|
-
*
|
|
52
|
-
* The licence and distribution terms for any publically available version or
|
|
53
|
-
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
54
|
-
* copied and put under another distribution licence
|
|
55
|
-
* [including the GNU Public Licence.] */
|
|
1
|
+
// Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
|
2
|
+
//
|
|
3
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
// you may not use this file except in compliance with the License.
|
|
5
|
+
// You may obtain a copy of the License at
|
|
6
|
+
//
|
|
7
|
+
// https://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
//
|
|
9
|
+
// Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
// See the License for the specific language governing permissions and
|
|
13
|
+
// limitations under the License.
|
|
56
14
|
|
|
57
15
|
#include <openssl/bn.h>
|
|
58
16
|
|
|
@@ -1,11 +1,24 @@
|
|
|
1
|
+
// Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
|
|
2
|
+
//
|
|
3
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
// you may not use this file except in compliance with the License.
|
|
5
|
+
// You may obtain a copy of the License at
|
|
6
|
+
//
|
|
7
|
+
// https://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
//
|
|
9
|
+
// Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
// See the License for the specific language governing permissions and
|
|
13
|
+
// limitations under the License.
|
|
14
|
+
|
|
1
15
|
/* x86_64 BIGNUM accelerator version 0.1, December 2002.
|
|
2
16
|
*
|
|
3
17
|
* Implemented by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
|
|
4
18
|
* project.
|
|
5
19
|
*
|
|
6
20
|
* Rights for redistribution and usage in source and binary forms are
|
|
7
|
-
* granted according to the
|
|
8
|
-
* disclaimed.
|
|
21
|
+
* granted according to the License. Warranty of any kind is disclaimed.
|
|
9
22
|
*
|
|
10
23
|
* Q. Version 0.1? It doesn't sound like Andy, he used to assign real
|
|
11
24
|
* versions, like 1.0...
|