grpc 1.70.1 → 1.71.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Makefile +43 -79
- data/include/grpc/event_engine/endpoint_config.h +5 -5
- data/include/grpc/event_engine/event_engine.h +44 -5
- data/include/grpc/status.h +1 -1
- data/include/grpc/support/json.h +16 -16
- data/src/core/call/request_buffer.cc +22 -22
- data/src/core/call/request_buffer.h +4 -4
- data/src/core/channelz/channelz.cc +2 -2
- data/src/core/channelz/channelz.h +3 -22
- data/src/core/channelz/channelz_registry.cc +0 -7
- data/src/core/client_channel/client_channel.cc +16 -26
- data/src/core/client_channel/client_channel.h +2 -2
- data/src/core/client_channel/client_channel_filter.cc +54 -131
- data/src/core/client_channel/client_channel_filter.h +10 -6
- data/src/core/client_channel/client_channel_plugin.cc +2 -1
- data/src/core/client_channel/client_channel_service_config.cc +1 -1
- data/src/core/client_channel/client_channel_service_config.h +5 -5
- data/src/core/client_channel/direct_channel.cc +1 -1
- data/src/core/client_channel/direct_channel.h +1 -1
- data/src/core/client_channel/lb_metadata.cc +7 -8
- data/src/core/client_channel/lb_metadata.h +3 -3
- data/src/core/client_channel/load_balanced_call_destination.cc +4 -4
- data/src/core/client_channel/retry_filter.cc +1 -1
- data/src/core/client_channel/retry_filter.h +1 -1
- data/src/core/client_channel/retry_filter_legacy_call_data.cc +10 -12
- data/src/core/client_channel/retry_filter_legacy_call_data.h +7 -7
- data/src/core/client_channel/retry_interceptor.cc +16 -14
- data/src/core/client_channel/retry_interceptor.h +2 -2
- data/src/core/client_channel/retry_service_config.cc +1 -1
- data/src/core/client_channel/retry_service_config.h +3 -3
- data/src/core/client_channel/subchannel.cc +43 -76
- data/src/core/client_channel/subchannel.h +4 -4
- data/src/core/client_channel/subchannel_stream_client.cc +0 -1
- data/src/core/client_channel/subchannel_stream_client.h +3 -3
- data/src/core/config/config_vars.cc +1 -0
- data/src/core/config/config_vars.h +1 -0
- data/src/core/config/load_config.cc +3 -2
- data/src/core/config/load_config.h +1 -1
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +4 -11
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.h +7 -7
- data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.cc +1 -1
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +8 -15
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +6 -6
- data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.cc +1 -1
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.cc +0 -7
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.h +6 -6
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.cc +1 -1
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.h +1 -1
- data/src/core/ext/filters/http/client/http_client_filter.cc +1 -6
- data/src/core/ext/filters/http/client/http_client_filter.h +4 -4
- data/src/core/ext/filters/http/client_authority_filter.cc +6 -11
- data/src/core/ext/filters/http/client_authority_filter.h +6 -6
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +18 -22
- data/src/core/ext/filters/http/message_compress/compression_filter.h +18 -13
- data/src/core/ext/filters/http/server/http_server_filter.cc +3 -8
- data/src/core/ext/filters/http/server/http_server_filter.h +4 -4
- data/src/core/ext/filters/message_size/message_size_filter.cc +13 -25
- data/src/core/ext/filters/message_size/message_size_filter.h +20 -21
- data/src/core/ext/filters/rbac/rbac_filter.cc +0 -7
- data/src/core/ext/filters/rbac/rbac_filter.h +6 -6
- data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +3 -3
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +1 -6
- data/src/core/ext/filters/stateful_session/stateful_session_filter.h +4 -4
- data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.cc +1 -1
- data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.h +2 -2
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +1 -2
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +4 -3
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +30 -20
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +5 -5
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +1 -1
- data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.h +4 -4
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +84 -59
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +7 -7
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +1 -1
- data/src/core/ext/transport/chttp2/transport/flow_control.h +3 -3
- data/src/core/ext/transport/chttp2/transport/frame.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/frame.h +5 -5
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +8 -8
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +5 -5
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +2 -2
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +32 -31
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +6 -7
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +3 -3
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +2 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +19 -8
- data/src/core/ext/transport/chttp2/transport/parsing.cc +14 -14
- data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.cc +1 -1
- data/src/core/ext/transport/chttp2/transport/ping_callbacks.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/ping_callbacks.h +2 -2
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +2 -2
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +1 -39
- data/src/core/ext/transport/chttp2/transport/varint.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/writing.cc +16 -22
- data/src/core/ext/transport/inproc/inproc_transport.cc +1 -3
- data/src/core/ext/transport/inproc/legacy_inproc_transport.cc +15 -10
- data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb.h +16 -0
- data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb_minitable.c +3 -2
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +30 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.c +5 -3
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +118 -0
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.c +31 -6
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.h +2 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.h +37 -7
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb_minitable.c +7 -5
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb.h +142 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb_minitable.c +55 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb_minitable.h +32 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb.h +33 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb_minitable.c +7 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.c +6 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +50 -47
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +210 -199
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.c +33 -33
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.c +19 -17
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.c +41 -0
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.h +33 -0
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.c +26 -19
- data/src/core/filter/blackboard.cc +2 -2
- data/src/core/filter/filter_args.h +2 -2
- data/src/core/handshaker/handshaker.cc +0 -3
- data/src/core/handshaker/http_connect/http_connect_handshaker.cc +3 -5
- data/src/core/handshaker/http_connect/http_proxy_mapper.cc +31 -32
- data/src/core/handshaker/http_connect/http_proxy_mapper.h +4 -4
- data/src/core/handshaker/http_connect/xds_http_proxy_mapper.cc +5 -5
- data/src/core/handshaker/http_connect/xds_http_proxy_mapper.h +5 -5
- data/src/core/handshaker/proxy_mapper.h +4 -4
- data/src/core/handshaker/proxy_mapper_registry.cc +5 -6
- data/src/core/handshaker/proxy_mapper_registry.h +4 -4
- data/src/core/handshaker/security/secure_endpoint.cc +2 -2
- data/src/core/handshaker/security/security_handshaker.cc +3 -5
- data/src/core/handshaker/tcp_connect/tcp_connect_handshaker.cc +6 -4
- data/src/core/lib/channel/channel_args.cc +13 -13
- data/src/core/lib/channel/channel_args.h +8 -8
- data/src/core/lib/channel/connected_channel.cc +1 -1
- data/src/core/lib/channel/promise_based_filter.cc +9 -9
- data/src/core/lib/channel/promise_based_filter.h +79 -80
- data/src/core/lib/compression/compression.cc +3 -2
- data/src/core/lib/compression/compression_internal.cc +9 -9
- data/src/core/lib/compression/compression_internal.h +3 -3
- data/src/core/lib/debug/trace_flags.cc +3 -2
- data/src/core/lib/debug/trace_flags.h +1 -1
- data/src/core/lib/event_engine/ares_resolver.cc +9 -11
- data/src/core/lib/event_engine/ares_resolver.h +6 -10
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +2 -4
- data/src/core/lib/event_engine/cf_engine/cf_engine.h +2 -4
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +6 -7
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.h +2 -4
- data/src/core/lib/event_engine/cf_engine/cftype_unique_ref.h +2 -4
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.cc +3 -7
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.h +2 -4
- data/src/core/lib/event_engine/channel_args_endpoint_config.cc +5 -7
- data/src/core/lib/event_engine/channel_args_endpoint_config.h +6 -7
- data/src/core/lib/event_engine/common_closures.h +2 -4
- data/src/core/lib/event_engine/default_event_engine.cc +62 -33
- data/src/core/lib/event_engine/default_event_engine.h +24 -33
- data/src/core/lib/event_engine/default_event_engine_factory.cc +6 -12
- data/src/core/lib/event_engine/default_event_engine_factory.h +2 -4
- data/src/core/lib/event_engine/event_engine.cc +2 -4
- data/src/core/lib/event_engine/extensions/can_track_errors.h +2 -4
- data/src/core/lib/event_engine/extensions/chaotic_good_extension.h +2 -4
- data/src/core/lib/event_engine/extensions/supports_fd.h +2 -4
- data/src/core/lib/event_engine/extensions/tcp_trace.h +2 -4
- data/src/core/lib/event_engine/forkable.cc +2 -4
- data/src/core/lib/event_engine/forkable.h +2 -4
- data/src/core/lib/event_engine/grpc_polled_fd.h +2 -4
- data/src/core/lib/event_engine/handle_containers.h +2 -4
- data/src/core/lib/event_engine/memory_allocator_factory.h +2 -4
- data/src/core/lib/event_engine/poller.h +2 -4
- data/src/core/lib/event_engine/posix.h +2 -4
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +4 -50
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +2 -4
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +4 -51
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +2 -4
- data/src/core/lib/event_engine/posix_engine/event_poller.h +2 -4
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.h +2 -4
- data/src/core/lib/event_engine/posix_engine/grpc_polled_fd_posix.h +2 -4
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +2 -4
- data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/lockfree_event.h +2 -4
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.h +2 -4
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +6 -10
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +2 -4
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +2 -4
- data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +2 -4
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +3 -5
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +2 -4
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.h +2 -4
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +5 -6
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +2 -4
- data/src/core/lib/event_engine/posix_engine/timer.cc +4 -6
- data/src/core/lib/event_engine/posix_engine/timer.h +4 -6
- data/src/core/lib/event_engine/posix_engine/timer_heap.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/timer_heap.h +2 -4
- data/src/core/lib/event_engine/posix_engine/timer_manager.cc +5 -7
- data/src/core/lib/event_engine/posix_engine/timer_manager.h +4 -6
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +4 -8
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +24 -25
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +2 -4
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.h +2 -4
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +2 -4
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +2 -4
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +2 -4
- data/src/core/lib/event_engine/query_extensions.h +2 -4
- data/src/core/lib/event_engine/ref_counted_dns_resolver_interface.h +2 -4
- data/src/core/lib/event_engine/resolved_address.cc +2 -4
- data/src/core/lib/event_engine/resolved_address_internal.h +2 -4
- data/src/core/lib/event_engine/shim.cc +2 -4
- data/src/core/lib/event_engine/shim.h +2 -4
- data/src/core/lib/event_engine/slice.cc +2 -4
- data/src/core/lib/event_engine/slice_buffer.cc +2 -4
- data/src/core/lib/event_engine/tcp_socket_utils.cc +6 -8
- data/src/core/lib/event_engine/tcp_socket_utils.h +5 -7
- data/src/core/lib/event_engine/thread_local.cc +2 -4
- data/src/core/lib/event_engine/thread_local.h +2 -4
- data/src/core/lib/event_engine/thread_pool/thread_count.cc +2 -4
- data/src/core/lib/event_engine/thread_pool/thread_count.h +4 -18
- data/src/core/lib/event_engine/thread_pool/thread_pool.h +2 -4
- data/src/core/lib/event_engine/thread_pool/thread_pool_factory.cc +2 -4
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +3 -5
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +2 -4
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +2 -4
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +2 -4
- data/src/core/lib/event_engine/time_util.cc +2 -4
- data/src/core/lib/event_engine/time_util.h +2 -4
- data/src/core/lib/event_engine/utils.cc +2 -4
- data/src/core/lib/event_engine/utils.h +2 -4
- data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.cc +2 -4
- data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.h +2 -4
- data/src/core/lib/event_engine/windows/iocp.cc +2 -4
- data/src/core/lib/event_engine/windows/iocp.h +2 -4
- data/src/core/lib/event_engine/windows/native_windows_dns_resolver.cc +2 -4
- data/src/core/lib/event_engine/windows/native_windows_dns_resolver.h +2 -4
- data/src/core/lib/event_engine/windows/win_socket.cc +2 -4
- data/src/core/lib/event_engine/windows/win_socket.h +2 -4
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +2 -4
- data/src/core/lib/event_engine/windows/windows_endpoint.h +4 -6
- data/src/core/lib/event_engine/windows/windows_engine.cc +2 -4
- data/src/core/lib/event_engine/windows/windows_engine.h +2 -4
- data/src/core/lib/event_engine/windows/windows_listener.cc +2 -4
- data/src/core/lib/event_engine/windows/windows_listener.h +2 -4
- data/src/core/lib/event_engine/work_queue/basic_work_queue.cc +2 -4
- data/src/core/lib/event_engine/work_queue/basic_work_queue.h +2 -4
- data/src/core/lib/event_engine/work_queue/work_queue.h +2 -4
- data/src/core/lib/experiments/experiments.cc +102 -213
- data/src/core/lib/experiments/experiments.h +53 -89
- data/src/core/lib/iomgr/buffer_list.h +22 -21
- data/src/core/lib/iomgr/cfstream_handle.cc +0 -2
- data/src/core/lib/iomgr/closure.h +1 -4
- data/src/core/lib/iomgr/combiner.cc +0 -1
- data/src/core/lib/iomgr/error.cc +2 -2
- data/src/core/lib/iomgr/event_engine_shims/closure.cc +0 -1
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +0 -2
- data/src/core/lib/iomgr/event_engine_shims/tcp_client.cc +0 -1
- data/src/core/lib/iomgr/exec_ctx.cc +1 -7
- data/src/core/lib/iomgr/exec_ctx.h +1 -132
- data/src/core/lib/iomgr/executor.cc +0 -11
- data/src/core/lib/iomgr/resolve_address_posix.cc +0 -2
- data/src/core/lib/iomgr/resolve_address_windows.cc +0 -2
- data/src/core/lib/iomgr/socket_utils_posix.cc +3 -2
- data/src/core/lib/iomgr/tcp_posix.cc +3 -2
- data/src/core/lib/iomgr/tcp_server_posix.cc +1 -3
- data/src/core/lib/iomgr/tcp_server_windows.cc +0 -1
- data/src/core/lib/iomgr/timer_manager.cc +1 -9
- data/src/core/lib/promise/activity.h +4 -4
- data/src/core/lib/promise/detail/join_state.h +16 -68
- data/src/core/lib/promise/detail/promise_factory.h +85 -25
- data/src/core/lib/promise/detail/promise_like.h +16 -19
- data/src/core/lib/promise/detail/seq_state.h +102 -315
- data/src/core/lib/promise/for_each.h +14 -5
- data/src/core/lib/promise/if.h +48 -20
- data/src/core/lib/promise/interceptor_list.h +9 -9
- data/src/core/lib/promise/latch.h +14 -6
- data/src/core/lib/promise/loop.h +58 -18
- data/src/core/lib/promise/map.h +103 -49
- data/src/core/lib/promise/party.cc +48 -14
- data/src/core/lib/promise/party.h +216 -27
- data/src/core/lib/promise/pipe.h +12 -12
- data/src/core/lib/promise/poll.h +8 -5
- data/src/core/lib/promise/prioritized_race.h +16 -22
- data/src/core/lib/promise/promise.h +2 -3
- data/src/core/lib/promise/race.h +4 -12
- data/src/core/lib/promise/seq.h +41 -6
- data/src/core/lib/promise/sleep.cc +3 -3
- data/src/core/lib/promise/sleep.h +14 -1
- data/src/core/lib/promise/status_flag.h +9 -3
- data/src/core/lib/promise/try_join.h +119 -5
- data/src/core/lib/promise/try_seq.h +39 -12
- data/src/core/lib/resource_quota/arena.h +79 -0
- data/src/core/lib/resource_quota/memory_quota.cc +53 -49
- data/src/core/lib/resource_quota/memory_quota.h +4 -4
- data/src/core/lib/security/authorization/evaluate_args.cc +3 -3
- data/src/core/lib/security/authorization/evaluate_args.h +3 -3
- data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +0 -7
- data/src/core/lib/security/authorization/grpc_server_authz_filter.h +6 -6
- data/src/core/lib/security/authorization/matchers.h +3 -3
- data/src/core/lib/security/authorization/rbac_policy.cc +1 -1
- data/src/core/lib/security/authorization/rbac_policy.h +3 -3
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +1 -2
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +1 -3
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +0 -1
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +1 -1
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +2 -2
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +1 -1
- data/src/core/lib/security/credentials/iam/iam_credentials.h +2 -2
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +1 -2
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +2 -2
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +0 -1
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +4 -4
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +3 -3
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +0 -1
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +2 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +12 -13
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +14 -14
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +23 -15
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +3 -3
- data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.cc +0 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.h +1 -2
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +2 -2
- data/src/core/lib/security/credentials/token_fetcher/token_fetcher_credentials.cc +4 -5
- data/src/core/lib/security/credentials/token_fetcher/token_fetcher_credentials.h +4 -4
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +2 -1
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +3 -3
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +9 -9
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +13 -13
- data/src/core/lib/security/transport/auth_filters.h +95 -7
- data/src/core/lib/security/transport/client_auth_filter.cc +96 -6
- data/src/core/lib/security/transport/server_auth_filter.cc +0 -8
- data/src/core/lib/slice/slice_buffer.cc +2 -2
- data/src/core/lib/slice/slice_buffer.h +2 -2
- data/src/core/lib/surface/call.cc +0 -4
- data/src/core/lib/surface/call.h +4 -3
- data/src/core/lib/surface/call_utils.cc +2 -2
- data/src/core/lib/surface/call_utils.h +8 -4
- data/src/core/lib/surface/channel.cc +6 -14
- data/src/core/lib/surface/channel.h +3 -3
- data/src/core/lib/surface/channel_init.cc +1 -1
- data/src/core/lib/surface/client_call.cc +13 -6
- data/src/core/lib/surface/client_call.h +2 -2
- data/src/core/lib/surface/completion_queue.cc +10 -49
- data/src/core/lib/surface/filter_stack_call.cc +2 -4
- data/src/core/lib/surface/filter_stack_call.h +1 -1
- data/src/core/lib/surface/init.cc +17 -12
- data/src/core/lib/surface/legacy_channel.cc +10 -8
- data/src/core/lib/surface/legacy_channel.h +2 -2
- data/src/core/lib/surface/server_call.cc +23 -6
- data/src/core/lib/surface/server_call.h +2 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/call_filters.h +100 -59
- data/src/core/lib/transport/call_spine.cc +32 -34
- data/src/core/lib/transport/call_spine.h +66 -23
- data/src/core/lib/transport/call_state.h +8 -8
- data/src/core/lib/transport/connectivity_state.cc +8 -9
- data/src/core/lib/transport/connectivity_state.h +2 -4
- data/src/core/lib/transport/http2_errors.h +5 -3
- data/src/core/lib/transport/interception_chain.h +27 -7
- data/src/core/lib/transport/metadata.h +88 -0
- data/src/core/lib/transport/metadata_batch.cc +2 -2
- data/src/core/lib/transport/metadata_batch.h +79 -18
- data/src/core/lib/transport/timeout_encoding.cc +15 -15
- data/src/core/lib/transport/timeout_encoding.h +3 -2
- data/src/core/lib/transport/transport.cc +0 -1
- data/src/core/lib/transport/transport.h +12 -7
- data/src/core/load_balancing/backend_metric_parser.cc +21 -28
- data/src/core/load_balancing/endpoint_list.cc +1 -1
- data/src/core/load_balancing/endpoint_list.h +7 -7
- data/src/core/load_balancing/grpclb/client_load_reporting_filter.cc +1 -6
- data/src/core/load_balancing/grpclb/client_load_reporting_filter.h +4 -4
- data/src/core/load_balancing/grpclb/grpclb.cc +21 -38
- data/src/core/load_balancing/health_check_client.cc +16 -48
- data/src/core/load_balancing/health_check_client_internal.h +7 -7
- data/src/core/load_balancing/lb_policy.cc +4 -6
- data/src/core/load_balancing/lb_policy.h +4 -4
- data/src/core/load_balancing/lb_policy_registry.cc +10 -8
- data/src/core/load_balancing/outlier_detection/outlier_detection.cc +57 -68
- data/src/core/load_balancing/outlier_detection/outlier_detection.h +4 -3
- data/src/core/load_balancing/pick_first/pick_first.cc +21 -21
- data/src/core/load_balancing/priority/priority.cc +8 -13
- data/src/core/load_balancing/ring_hash/ring_hash.cc +54 -90
- data/src/core/load_balancing/rls/rls.cc +105 -194
- data/src/core/load_balancing/rls/rls.h +97 -1
- data/src/core/load_balancing/round_robin/round_robin.cc +5 -5
- data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.cc +4 -4
- data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.h +2 -2
- data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +8 -14
- data/src/core/load_balancing/weighted_target/weighted_target.cc +7 -15
- data/src/core/load_balancing/xds/cds.cc +11 -15
- data/src/core/load_balancing/xds/xds_cluster_impl.cc +15 -18
- data/src/core/load_balancing/xds/xds_cluster_manager.cc +10 -18
- data/src/core/load_balancing/xds/xds_override_host.cc +45 -92
- data/src/core/load_balancing/xds/xds_wrr_locality.cc +10 -12
- data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +7 -7
- data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +10 -15
- data/src/core/resolver/dns/native/dns_resolver.cc +1 -1
- data/src/core/resolver/fake/fake_resolver.cc +10 -11
- data/src/core/resolver/fake/fake_resolver.h +2 -2
- data/src/core/resolver/google_c2p/google_c2p_resolver.cc +9 -12
- data/src/core/resolver/polling_resolver.cc +2 -5
- data/src/core/resolver/polling_resolver.h +3 -3
- data/src/core/resolver/resolver_registry.cc +4 -3
- data/src/core/resolver/xds/xds_config.cc +6 -6
- data/src/core/resolver/xds/xds_config.h +2 -2
- data/src/core/resolver/xds/xds_dependency_manager.cc +80 -77
- data/src/core/resolver/xds/xds_dependency_manager.h +4 -0
- data/src/core/resolver/xds/xds_resolver.cc +53 -75
- data/src/core/server/server.cc +71 -79
- data/src/core/server/server.h +16 -5
- data/src/core/server/server_call_tracer_filter.cc +3 -7
- data/src/core/server/server_config_selector_filter.cc +8 -15
- data/src/core/server/xds_server_config_fetcher.cc +16 -18
- data/src/core/service_config/service_config_channel_arg_filter.cc +7 -19
- data/src/core/service_config/service_config_impl.cc +3 -3
- data/src/core/telemetry/call_tracer.cc +8 -8
- data/src/core/telemetry/call_tracer.h +6 -5
- data/src/core/telemetry/metrics.cc +3 -3
- data/src/core/telemetry/metrics.h +2 -8
- data/src/core/telemetry/tcp_tracer.h +32 -32
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +2 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +14 -14
- data/src/core/tsi/fake_transport_security.cc +5 -0
- data/src/core/util/dump_args.h +1 -9
- data/src/core/util/env.h +3 -4
- data/src/core/util/examine_stack.cc +2 -2
- data/src/core/util/examine_stack.h +3 -4
- data/src/core/util/gpr_time.cc +0 -2
- data/src/core/util/http_client/httpcli.cc +4 -5
- data/src/core/util/http_client/httpcli.h +4 -4
- data/src/core/util/http_client/httpcli_security_connector.cc +2 -2
- data/src/core/util/json/json_channel_args.h +2 -1
- data/src/core/util/json/json_object_loader.cc +4 -4
- data/src/core/util/json/json_object_loader.h +12 -12
- data/src/core/util/json/json_reader.cc +4 -4
- data/src/core/util/json/json_writer.cc +3 -3
- data/src/core/util/latent_see.cc +3 -3
- data/src/core/util/latent_see.h +2 -2
- data/src/core/util/linux/env.cc +3 -4
- data/src/core/util/lru_cache.h +4 -4
- data/src/core/util/match.h +7 -7
- data/src/core/util/matchers.cc +1 -2
- data/src/core/util/matchers.h +2 -2
- data/src/core/util/posix/env.cc +2 -2
- data/src/core/util/posix/sync.cc +0 -1
- data/src/core/util/posix/time.cc +0 -1
- data/src/core/util/ring_buffer.h +4 -5
- data/src/core/util/status_helper.cc +16 -20
- data/src/core/util/status_helper.h +5 -5
- data/src/core/util/sync_abseil.cc +0 -1
- data/src/core/util/table.h +6 -21
- data/src/core/util/time.cc +1 -1
- data/src/core/util/time.h +3 -3
- data/src/core/util/time_precise.cc +0 -1
- data/src/core/util/type_list.h +56 -0
- data/src/core/util/uri.cc +6 -4
- data/src/core/util/uri.h +7 -0
- data/src/core/util/useful.h +4 -4
- data/src/core/util/validation_errors.cc +5 -5
- data/src/core/util/wait_for_single_owner.h +62 -0
- data/src/core/util/windows/env.cc +3 -3
- data/src/core/util/windows/sync.cc +0 -1
- data/src/core/util/windows/time.cc +0 -1
- data/src/core/util/work_serializer.cc +27 -267
- data/src/core/util/work_serializer.h +3 -27
- data/src/core/xds/grpc/certificate_provider_store.cc +12 -17
- data/src/core/xds/grpc/file_watcher_certificate_provider_factory.cc +2 -2
- data/src/core/xds/grpc/xds_audit_logger_registry.cc +1 -1
- data/src/core/xds/grpc/xds_bootstrap_grpc.cc +11 -14
- data/src/core/xds/grpc/xds_bootstrap_grpc.h +2 -2
- data/src/core/xds/grpc/xds_certificate_provider.cc +15 -15
- data/src/core/xds/grpc/xds_client_grpc.cc +7 -8
- data/src/core/xds/grpc/xds_cluster.h +4 -4
- data/src/core/xds/grpc/xds_cluster_parser.cc +26 -26
- data/src/core/xds/grpc/xds_cluster_specifier_plugin.cc +4 -4
- data/src/core/xds/grpc/xds_common_types.cc +2 -2
- data/src/core/xds/grpc/xds_common_types.h +4 -4
- data/src/core/xds/grpc/xds_common_types_parser.cc +29 -31
- data/src/core/xds/grpc/xds_common_types_parser.h +8 -7
- data/src/core/xds/grpc/xds_endpoint.cc +3 -4
- data/src/core/xds/grpc/xds_endpoint_parser.cc +14 -14
- data/src/core/xds/grpc/xds_health_status.cc +4 -4
- data/src/core/xds/grpc/xds_health_status.h +4 -3
- data/src/core/xds/grpc/xds_http_fault_filter.cc +18 -20
- data/src/core/xds/grpc/xds_http_fault_filter.h +4 -3
- data/src/core/xds/grpc/xds_http_filter.h +3 -3
- data/src/core/xds/grpc/xds_http_filter_registry.cc +7 -7
- data/src/core/xds/grpc/xds_http_filter_registry.h +3 -3
- data/src/core/xds/grpc/xds_http_gcp_authn_filter.cc +7 -7
- data/src/core/xds/grpc/xds_http_gcp_authn_filter.h +4 -3
- data/src/core/xds/grpc/xds_http_rbac_filter.cc +30 -23
- data/src/core/xds/grpc/xds_http_rbac_filter.h +4 -3
- data/src/core/xds/grpc/xds_http_stateful_session_filter.cc +10 -10
- data/src/core/xds/grpc/xds_http_stateful_session_filter.h +4 -3
- data/src/core/xds/grpc/xds_lb_policy_registry.cc +4 -4
- data/src/core/xds/grpc/xds_listener.cc +4 -6
- data/src/core/xds/grpc/xds_listener.h +10 -10
- data/src/core/xds/grpc/xds_listener_parser.cc +58 -51
- data/src/core/xds/grpc/xds_listener_parser.h +2 -1
- data/src/core/xds/grpc/xds_metadata.cc +5 -5
- data/src/core/xds/grpc/xds_metadata_parser.cc +65 -52
- data/src/core/xds/grpc/xds_route_config.cc +9 -15
- data/src/core/xds/grpc/xds_route_config.h +9 -9
- data/src/core/xds/grpc/xds_route_config_parser.cc +114 -116
- data/src/core/xds/grpc/xds_route_config_parser.h +4 -4
- data/src/core/xds/grpc/xds_routing.cc +6 -6
- data/src/core/xds/grpc/xds_routing.h +5 -5
- data/src/core/xds/grpc/xds_server_grpc.cc +22 -1
- data/src/core/xds/grpc/xds_server_grpc.h +5 -2
- data/src/core/xds/grpc/xds_server_grpc_interface.h +33 -0
- data/src/core/xds/grpc/xds_transport_grpc.cc +5 -6
- data/src/core/xds/xds_client/lrs_client.cc +71 -83
- data/src/core/xds/xds_client/lrs_client.h +8 -8
- data/src/core/xds/xds_client/xds_api.cc +5 -5
- data/src/core/xds/xds_client/xds_bootstrap.cc +11 -1
- data/src/core/xds/xds_client/xds_bootstrap.h +7 -0
- data/src/core/xds/xds_client/xds_client.cc +552 -359
- data/src/core/xds/xds_client/xds_client.h +39 -14
- data/src/core/xds/xds_client/xds_resource_type.h +2 -3
- data/src/core/xds/xds_client/xds_resource_type_impl.h +3 -3
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.cc +17 -59
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.cc +41 -76
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.cc +17 -91
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +13 -57
- data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/bcm_support.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.cc +16 -57
- data/third_party/boringssl-with-bazel/src/crypto/bio/errno.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.cc +14 -56
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.cc +14 -56
- data/third_party/boringssl-with-bazel/src/crypto/bio/hexdump.cc +18 -58
- data/third_party/boringssl-with-bazel/src/crypto/bio/internal.h +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.cc +15 -51
- data/third_party/boringssl-with-bazel/src/crypto/bio/printf.cc +17 -60
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{bn_extra → bn}/bn_asn1.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{bn_extra → bn}/convert.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/buf/buf.cc +14 -57
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.cc +23 -15
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +18 -18
- data/third_party/boringssl-with-bazel/src/crypto/cipher/derive_key.cc +110 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/e_aesctrhmac.cc +18 -23
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/e_aesgcmsiv.cc +20 -13
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/e_chacha20poly1305.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/e_des.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_null.cc +51 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/e_rc2.cc +27 -69
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_rc4.cc +54 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/e_tls.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cipher/get_cipher.cc +85 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/internal.h +29 -69
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/tls_cbc.cc +13 -51
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.cc +14 -58
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_fuchsia.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_linux.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_sysreg.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_win.cc +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.cc +13 -67
- data/third_party/boringssl-with-bazel/src/crypto/crypto.cc +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_64_adx.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.cc +15 -13
- data/third_party/boringssl-with-bazel/src/crypto/des/des.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/des/internal.h +27 -69
- data/third_party/boringssl-with-bazel/src/crypto/dh/dh_asn1.cc +124 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh_extra → dh}/params.cc +13 -51
- data/third_party/boringssl-with-bazel/src/crypto/{digest_extra → digest}/digest_extra.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.cc +13 -58
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.cc +13 -53
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{ec_extra → ec}/ec_asn1.cc +24 -61
- data/third_party/boringssl-with-bazel/src/crypto/{ec_extra → ec}/ec_derive.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{ec_extra → ec}/hash_to_curve.cc +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/{ec_extra → ec}/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/ecdh/ecdh.cc +73 -0
- data/third_party/boringssl-with-bazel/src/crypto/{ecdsa_extra → ecdsa}/ecdsa_asn1.cc +17 -61
- data/third_party/boringssl-with-bazel/src/crypto/engine/engine.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/err/err.cc +17 -107
- data/third_party/boringssl-with-bazel/src/crypto/err/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.cc +29 -79
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.cc +122 -198
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh.cc +15 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh_asn1.cc +13 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.cc +56 -110
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.cc +20 -66
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.cc +19 -57
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.cc +29 -77
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.cc +13 -51
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.cc +13 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.cc +13 -107
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.cc.inc +112 -48
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{modes → aes}/cbc.cc.inc +13 -47
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{modes → aes}/cfb.cc.inc +13 -47
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/ctr.cc.inc +100 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{modes → aes}/gcm.cc.inc +127 -314
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{modes → aes}/gcm_nohw.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +419 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.cc.inc +13 -47
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.cc.inc +13 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/ofb.cc.inc +53 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{modes → aes}/polyval.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.cc +28 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +501 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/add.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/x86_64-gcc.cc.inc +15 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.cc.inc +16 -57
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.cc.inc +16 -109
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.cc.inc +13 -107
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +25 -134
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.cc.inc +13 -51
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.cc.inc +14 -109
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.cc.inc +13 -107
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.cc.inc +13 -107
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.cc.inc +18 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +20 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.cc.inc +13 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.cc.inc +14 -56
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.cc.inc +69 -283
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aesccm.cc.inc +21 -58
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +14 -65
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/cmac.cc.inc +13 -47
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/internal.h +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +13 -47
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/digestsign.cc.inc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/builtin_curves.h +91 -91
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.cc.inc +14 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.cc.inc +14 -72
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.cc.inc +14 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +19 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.cc.inc +14 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz-table.h +15 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.cc.inc +22 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.h +22 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.cc.inc +21 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.cc.inc +14 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.cc.inc +14 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.cc.inc +14 -65
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.cc.inc +13 -51
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/hkdf.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/{keccak → fipsmodule/keccak}/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{keccak/keccak.cc → fipsmodule/keccak/keccak.cc.inc} +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mldsa/mldsa.cc.inc +1993 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mlkem/mlkem.cc.inc +1165 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.cc.inc +18 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +18 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.cc.inc +15 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.cc.inc +14 -109
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +13 -56
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.cc.inc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.cc.inc +18 -77
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.cc.inc +38 -90
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +34 -34
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.cc.inc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +44 -56
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.cc.inc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/{slhdsa → fipsmodule/slhdsa}/address.h +28 -32
- data/third_party/boringssl-with-bazel/src/crypto/{slhdsa/fors.cc → fipsmodule/slhdsa/fors.cc.inc} +44 -44
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fors.h +58 -0
- data/third_party/boringssl-with-bazel/src/crypto/{slhdsa/merkle.cc → fipsmodule/slhdsa/merkle.cc.inc} +46 -46
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/merkle.h +70 -0
- data/third_party/boringssl-with-bazel/src/crypto/{slhdsa → fipsmodule/slhdsa}/params.h +20 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc +329 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/thash.cc.inc +173 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/thash.h +85 -0
- data/third_party/boringssl-with-bazel/src/crypto/{slhdsa/wots.cc → fipsmodule/slhdsa/wots.cc.inc} +46 -46
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/wots.h +50 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.cc.inc +13 -51
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.cc +21 -13
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +62 -205
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.cc +52 -28
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +31 -75
- data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/md4/md4.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/md5/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/md5/md5.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/mem.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/mldsa/mldsa.cc +47 -1747
- data/third_party/boringssl-with-bazel/src/crypto/mlkem/mlkem.cc +97 -1042
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +14 -56
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_xref.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/pem/internal.h +44 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.cc +13 -107
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.cc +18 -58
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.cc +56 -103
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.cc +15 -13
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra → rand}/deterministic.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra → rand}/fork_detect.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/rand/forkunsafe.cc +44 -0
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra → rand}/getentropy.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra → rand}/getrandom_fillin.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/rand/ios.cc +42 -0
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra → rand}/passive.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra/rand_extra.cc → rand/rand.cc} +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/rand/sysrand_internal.h +37 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/trusty.cc +46 -0
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra → rand}/urandom.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/{rand_extra → rand}/windows.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/rc4/rc4.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/refcount.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/rsa/internal.h +36 -0
- data/third_party/boringssl-with-bazel/src/crypto/{rsa_extra → rsa}/rsa_asn1.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/{rsa_extra → rsa}/rsa_crypt.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_extra.cc +19 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_print.cc +27 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha1.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha256.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha512.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/slhdsa.cc +62 -256
- data/third_party/boringssl-with-bazel/src/crypto/spake2plus/internal.h +204 -0
- data/third_party/boringssl-with-bazel/src/crypto/spake2plus/spake2plus.cc +501 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/thread.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/thread_none.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.cc +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.cc +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.cc +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.cc +14 -56
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.cc +25 -71
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/ext_dat.h +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +13 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/policy.cc +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akey.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akeya.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_alt.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bcons.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bitst.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_conf.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_cpols.cc +13 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_crld.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_enum.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_extku.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_genn.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ia5.cc +13 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.cc +17 -66
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_int.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_lib.cc +14 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ncons.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ocsp.cc +13 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pcons.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pmaps.cc +13 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_prn.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_purp.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_skey.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_utl.cc +17 -70
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.cc +14 -60
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.cc +13 -58
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.cc +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.cc +13 -55
- data/third_party/boringssl-with-bazel/src/gen/crypto/err_data.cc +465 -451
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +13 -47
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +13 -51
- data/third_party/boringssl-with-bazel/src/include/openssl/asm_base.h +14 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +23 -62
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1_mac.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +14 -56
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +15 -53
- data/third_party/boringssl-with-bazel/src/include/openssl/base64.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/bcm_public.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/blowfish.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +14 -121
- data/third_party/boringssl-with-bazel/src/include/openssl/buf.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/buffer.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +31 -16
- data/third_party/boringssl-with-bazel/src/include/openssl/cast.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +31 -59
- data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +13 -58
- data/third_party/boringssl-with-bazel/src/include/openssl/dtls1.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +14 -66
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +14 -71
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdh.h +14 -65
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +13 -51
- data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +13 -107
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/evp_errors.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +13 -107
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/is_boringssl.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/md4.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/md5.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +13 -19
- data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +13 -37
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +27 -69
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/objects.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslv.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/ossl_typ.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +22 -60
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs12.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/rc4.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/ripemd.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +13 -58
- data/third_party/boringssl-with-bazel/src/include/openssl/safestack.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/slhdsa.h +54 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +19 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/srtp.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +198 -174
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +14 -114
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +23 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/time.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +27 -156
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +15 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +14 -61
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3_errors.h +13 -53
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +13 -8
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +15 -114
- data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +13 -55
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +13 -110
- data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +17 -115
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +13 -55
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +16 -115
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +32 -34
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +314 -132
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +19 -16
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +23 -123
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +55 -174
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +26 -157
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +104 -240
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +22 -120
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +16 -148
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +16 -110
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +16 -16
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +14 -81
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +15 -20
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +14 -113
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +19 -145
- data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +164 -37
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +13 -109
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +15 -17
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +51 -184
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +23 -67
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +25 -144
- data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +14 -82
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +20 -143
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +15 -15
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +15 -139
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +28 -156
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +16 -16
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +91 -43
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +68 -80
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +154 -52
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +13 -55
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +15 -109
- metadata +75 -66
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.cc +0 -127
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.cc +0 -152
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.cc +0 -93
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.cc +0 -96
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.cc +0 -165
- data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.cc +0 -124
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.cc.inc +0 -196
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +0 -448
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.cc.inc +0 -87
- data/third_party/boringssl-with-bazel/src/crypto/mldsa/internal.h +0 -76
- data/third_party/boringssl-with-bazel/src/crypto/mlkem/internal.h +0 -90
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/forkunsafe.cc +0 -44
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/ios.cc +0 -42
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/sysrand_internal.h +0 -37
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/trusty.cc +0 -46
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/internal.h +0 -79
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_extra.cc +0 -17
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_print.cc +0 -22
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/fors.h +0 -58
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/internal.h +0 -63
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/merkle.h +0 -70
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/thash.cc +0 -173
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/thash.h +0 -85
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/wots.h +0 -50
|
@@ -1,22 +1,22 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
1
|
+
// Copyright 2024 The BoringSSL Authors
|
|
2
|
+
//
|
|
3
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
// you may not use this file except in compliance with the License.
|
|
5
|
+
// You may obtain a copy of the License at
|
|
6
|
+
//
|
|
7
|
+
// https://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
//
|
|
9
|
+
// Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
// See the License for the specific language governing permissions and
|
|
13
|
+
// limitations under the License.
|
|
14
14
|
|
|
15
15
|
#include <openssl/base.h>
|
|
16
16
|
|
|
17
17
|
#include <string.h>
|
|
18
18
|
|
|
19
|
-
#include "
|
|
19
|
+
#include "../../internal.h"
|
|
20
20
|
#include "./address.h"
|
|
21
21
|
#include "./merkle.h"
|
|
22
22
|
#include "./params.h"
|
|
@@ -25,11 +25,11 @@
|
|
|
25
25
|
|
|
26
26
|
|
|
27
27
|
// Implements Algorithm 9: xmss_node function (page 23)
|
|
28
|
-
void slhdsa_treehash(uint8_t out_pk[
|
|
29
|
-
const uint8_t sk_seed[
|
|
28
|
+
void slhdsa_treehash(uint8_t out_pk[BCM_SLHDSA_SHA2_128S_N],
|
|
29
|
+
const uint8_t sk_seed[BCM_SLHDSA_SHA2_128S_N],
|
|
30
30
|
uint32_t i /*target node index*/,
|
|
31
31
|
uint32_t z /*target node height*/,
|
|
32
|
-
const uint8_t pk_seed[
|
|
32
|
+
const uint8_t pk_seed[BCM_SLHDSA_SHA2_128S_N],
|
|
33
33
|
uint8_t addr[32]) {
|
|
34
34
|
BSSL_CHECK(z <= SLHDSA_SHA2_128S_TREE_HEIGHT);
|
|
35
35
|
BSSL_CHECK(i < (uint32_t)(1 << (SLHDSA_SHA2_128S_TREE_HEIGHT - z)));
|
|
@@ -40,9 +40,9 @@ void slhdsa_treehash(uint8_t out_pk[SLHDSA_SHA2_128S_N],
|
|
|
40
40
|
slhdsa_wots_pk_gen(out_pk, sk_seed, pk_seed, addr);
|
|
41
41
|
} else {
|
|
42
42
|
// Stores left node and right node.
|
|
43
|
-
uint8_t nodes[2 *
|
|
43
|
+
uint8_t nodes[2 * BCM_SLHDSA_SHA2_128S_N];
|
|
44
44
|
slhdsa_treehash(nodes, sk_seed, 2 * i, z - 1, pk_seed, addr);
|
|
45
|
-
slhdsa_treehash(nodes +
|
|
45
|
+
slhdsa_treehash(nodes + BCM_SLHDSA_SHA2_128S_N, sk_seed, 2 * i + 1, z - 1,
|
|
46
46
|
pk_seed, addr);
|
|
47
47
|
slhdsa_set_type(addr, SLHDSA_SHA2_128S_ADDR_TYPE_HASHTREE);
|
|
48
48
|
slhdsa_set_tree_height(addr, z);
|
|
@@ -53,14 +53,14 @@ void slhdsa_treehash(uint8_t out_pk[SLHDSA_SHA2_128S_N],
|
|
|
53
53
|
|
|
54
54
|
// Implements Algorithm 10: xmss_sign function (page 24)
|
|
55
55
|
void slhdsa_xmss_sign(uint8_t sig[SLHDSA_SHA2_128S_XMSS_BYTES],
|
|
56
|
-
const uint8_t msg[
|
|
57
|
-
const uint8_t sk_seed[
|
|
58
|
-
const uint8_t pk_seed[
|
|
56
|
+
const uint8_t msg[BCM_SLHDSA_SHA2_128S_N], unsigned int idx,
|
|
57
|
+
const uint8_t sk_seed[BCM_SLHDSA_SHA2_128S_N],
|
|
58
|
+
const uint8_t pk_seed[BCM_SLHDSA_SHA2_128S_N],
|
|
59
59
|
uint8_t addr[32]) {
|
|
60
60
|
// Build authentication path
|
|
61
61
|
for (size_t j = 0; j < SLHDSA_SHA2_128S_TREE_HEIGHT; ++j) {
|
|
62
62
|
unsigned int k = (idx >> j) ^ 1;
|
|
63
|
-
slhdsa_treehash(sig + SLHDSA_SHA2_128S_WOTS_BYTES + j *
|
|
63
|
+
slhdsa_treehash(sig + SLHDSA_SHA2_128S_WOTS_BYTES + j * BCM_SLHDSA_SHA2_128S_N,
|
|
64
64
|
sk_seed, k, j, pk_seed, addr);
|
|
65
65
|
}
|
|
66
66
|
|
|
@@ -72,52 +72,52 @@ void slhdsa_xmss_sign(uint8_t sig[SLHDSA_SHA2_128S_XMSS_BYTES],
|
|
|
72
72
|
|
|
73
73
|
// Implements Algorithm 11: xmss_pkFromSig function (page 25)
|
|
74
74
|
void slhdsa_xmss_pk_from_sig(
|
|
75
|
-
uint8_t root[
|
|
75
|
+
uint8_t root[BCM_SLHDSA_SHA2_128S_N],
|
|
76
76
|
const uint8_t xmss_sig[SLHDSA_SHA2_128S_XMSS_BYTES], unsigned int idx,
|
|
77
|
-
const uint8_t msg[
|
|
78
|
-
const uint8_t pk_seed[
|
|
77
|
+
const uint8_t msg[BCM_SLHDSA_SHA2_128S_N],
|
|
78
|
+
const uint8_t pk_seed[BCM_SLHDSA_SHA2_128S_N], uint8_t addr[32]) {
|
|
79
79
|
// Stores node[0] and node[1] from Algorithm 11
|
|
80
80
|
slhdsa_set_type(addr, SLHDSA_SHA2_128S_ADDR_TYPE_WOTS);
|
|
81
81
|
slhdsa_set_keypair_addr(addr, idx);
|
|
82
|
-
uint8_t node[2 *
|
|
82
|
+
uint8_t node[2 * BCM_SLHDSA_SHA2_128S_N];
|
|
83
83
|
slhdsa_wots_pk_from_sig(node, xmss_sig, msg, pk_seed, addr);
|
|
84
84
|
|
|
85
85
|
slhdsa_set_type(addr, SLHDSA_SHA2_128S_ADDR_TYPE_HASHTREE);
|
|
86
86
|
slhdsa_set_tree_index(addr, idx);
|
|
87
87
|
|
|
88
|
-
uint8_t tmp[2 *
|
|
88
|
+
uint8_t tmp[2 * BCM_SLHDSA_SHA2_128S_N];
|
|
89
89
|
const uint8_t *const auth = xmss_sig + SLHDSA_SHA2_128S_WOTS_BYTES;
|
|
90
90
|
for (size_t k = 0; k < SLHDSA_SHA2_128S_TREE_HEIGHT; ++k) {
|
|
91
91
|
slhdsa_set_tree_height(addr, k + 1);
|
|
92
92
|
if (((idx >> k) & 1) == 0) {
|
|
93
93
|
slhdsa_set_tree_index(addr, slhdsa_get_tree_index(addr) >> 1);
|
|
94
|
-
OPENSSL_memcpy(tmp, node,
|
|
95
|
-
OPENSSL_memcpy(tmp +
|
|
96
|
-
|
|
97
|
-
slhdsa_thash_h(node +
|
|
94
|
+
OPENSSL_memcpy(tmp, node, BCM_SLHDSA_SHA2_128S_N);
|
|
95
|
+
OPENSSL_memcpy(tmp + BCM_SLHDSA_SHA2_128S_N, auth + k * BCM_SLHDSA_SHA2_128S_N,
|
|
96
|
+
BCM_SLHDSA_SHA2_128S_N);
|
|
97
|
+
slhdsa_thash_h(node + BCM_SLHDSA_SHA2_128S_N, tmp, pk_seed, addr);
|
|
98
98
|
} else {
|
|
99
99
|
slhdsa_set_tree_index(addr, (slhdsa_get_tree_index(addr) - 1) >> 1);
|
|
100
|
-
OPENSSL_memcpy(tmp, auth + k *
|
|
101
|
-
OPENSSL_memcpy(tmp +
|
|
102
|
-
slhdsa_thash_h(node +
|
|
100
|
+
OPENSSL_memcpy(tmp, auth + k * BCM_SLHDSA_SHA2_128S_N, BCM_SLHDSA_SHA2_128S_N);
|
|
101
|
+
OPENSSL_memcpy(tmp + BCM_SLHDSA_SHA2_128S_N, node, BCM_SLHDSA_SHA2_128S_N);
|
|
102
|
+
slhdsa_thash_h(node + BCM_SLHDSA_SHA2_128S_N, tmp, pk_seed, addr);
|
|
103
103
|
}
|
|
104
|
-
OPENSSL_memcpy(node, node +
|
|
104
|
+
OPENSSL_memcpy(node, node + BCM_SLHDSA_SHA2_128S_N, BCM_SLHDSA_SHA2_128S_N);
|
|
105
105
|
}
|
|
106
|
-
OPENSSL_memcpy(root, node,
|
|
106
|
+
OPENSSL_memcpy(root, node, BCM_SLHDSA_SHA2_128S_N);
|
|
107
107
|
}
|
|
108
108
|
|
|
109
109
|
// Implements Algorithm 12: ht_sign function (page 27)
|
|
110
110
|
void slhdsa_ht_sign(
|
|
111
111
|
uint8_t sig[SLHDSA_SHA2_128S_XMSS_BYTES * SLHDSA_SHA2_128S_D],
|
|
112
|
-
const uint8_t message[
|
|
113
|
-
uint32_t idx_leaf, const uint8_t sk_seed[
|
|
114
|
-
const uint8_t pk_seed[
|
|
112
|
+
const uint8_t message[BCM_SLHDSA_SHA2_128S_N], uint64_t idx_tree,
|
|
113
|
+
uint32_t idx_leaf, const uint8_t sk_seed[BCM_SLHDSA_SHA2_128S_N],
|
|
114
|
+
const uint8_t pk_seed[BCM_SLHDSA_SHA2_128S_N]) {
|
|
115
115
|
uint8_t addr[32] = {0};
|
|
116
116
|
slhdsa_set_tree_addr(addr, idx_tree);
|
|
117
117
|
|
|
118
118
|
// Layer 0
|
|
119
119
|
slhdsa_xmss_sign(sig, message, idx_leaf, sk_seed, pk_seed, addr);
|
|
120
|
-
uint8_t root[
|
|
120
|
+
uint8_t root[BCM_SLHDSA_SHA2_128S_N];
|
|
121
121
|
slhdsa_xmss_pk_from_sig(root, sig, idx_leaf, message, pk_seed, addr);
|
|
122
122
|
sig += SLHDSA_SHA2_128S_XMSS_BYTES;
|
|
123
123
|
|
|
@@ -139,13 +139,13 @@ void slhdsa_ht_sign(
|
|
|
139
139
|
// Implements Algorithm 13: ht_verify function (page 28)
|
|
140
140
|
int slhdsa_ht_verify(
|
|
141
141
|
const uint8_t sig[SLHDSA_SHA2_128S_D * SLHDSA_SHA2_128S_XMSS_BYTES],
|
|
142
|
-
const uint8_t message[
|
|
143
|
-
uint32_t idx_leaf, const uint8_t pk_root[
|
|
144
|
-
const uint8_t pk_seed[
|
|
142
|
+
const uint8_t message[BCM_SLHDSA_SHA2_128S_N], uint64_t idx_tree,
|
|
143
|
+
uint32_t idx_leaf, const uint8_t pk_root[BCM_SLHDSA_SHA2_128S_N],
|
|
144
|
+
const uint8_t pk_seed[BCM_SLHDSA_SHA2_128S_N]) {
|
|
145
145
|
uint8_t addr[32] = {0};
|
|
146
146
|
slhdsa_set_tree_addr(addr, idx_tree);
|
|
147
147
|
|
|
148
|
-
uint8_t node[
|
|
148
|
+
uint8_t node[BCM_SLHDSA_SHA2_128S_N];
|
|
149
149
|
slhdsa_xmss_pk_from_sig(node, sig, idx_leaf, message, pk_seed, addr);
|
|
150
150
|
|
|
151
151
|
for (size_t j = 1; j < SLHDSA_SHA2_128S_D; ++j) {
|
|
@@ -157,5 +157,5 @@ int slhdsa_ht_verify(
|
|
|
157
157
|
slhdsa_xmss_pk_from_sig(node, sig + j * SLHDSA_SHA2_128S_XMSS_BYTES,
|
|
158
158
|
idx_leaf, node, pk_seed, addr);
|
|
159
159
|
}
|
|
160
|
-
return memcmp(node, pk_root,
|
|
160
|
+
return memcmp(node, pk_root, BCM_SLHDSA_SHA2_128S_N) == 0;
|
|
161
161
|
}
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
// Copyright 2024 The BoringSSL Authors
|
|
2
|
+
//
|
|
3
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
// you may not use this file except in compliance with the License.
|
|
5
|
+
// You may obtain a copy of the License at
|
|
6
|
+
//
|
|
7
|
+
// https://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
//
|
|
9
|
+
// Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
// See the License for the specific language governing permissions and
|
|
13
|
+
// limitations under the License.
|
|
14
|
+
|
|
15
|
+
#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_SLHDSA_MERKLE_H
|
|
16
|
+
#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_SLHDSA_MERKLE_H
|
|
17
|
+
|
|
18
|
+
#include <openssl/base.h>
|
|
19
|
+
|
|
20
|
+
#include <sys/types.h>
|
|
21
|
+
|
|
22
|
+
#include "./params.h"
|
|
23
|
+
|
|
24
|
+
#if defined(__cplusplus)
|
|
25
|
+
extern "C" {
|
|
26
|
+
#endif
|
|
27
|
+
|
|
28
|
+
|
|
29
|
+
// Implements Algorithm 9: xmss_node function (page 23)
|
|
30
|
+
void slhdsa_treehash(uint8_t out_pk[BCM_SLHDSA_SHA2_128S_N],
|
|
31
|
+
const uint8_t sk_seed[BCM_SLHDSA_SHA2_128S_N],
|
|
32
|
+
uint32_t i /*target node index*/,
|
|
33
|
+
uint32_t z /*target node height*/,
|
|
34
|
+
const uint8_t pk_seed[BCM_SLHDSA_SHA2_128S_N],
|
|
35
|
+
uint8_t addr[32]);
|
|
36
|
+
|
|
37
|
+
// Implements Algorithm 10: xmss_sign function (page 24)
|
|
38
|
+
void slhdsa_xmss_sign(uint8_t sig[SLHDSA_SHA2_128S_XMSS_BYTES],
|
|
39
|
+
const uint8_t msg[BCM_SLHDSA_SHA2_128S_N], unsigned int idx,
|
|
40
|
+
const uint8_t sk_seed[BCM_SLHDSA_SHA2_128S_N],
|
|
41
|
+
const uint8_t pk_seed[BCM_SLHDSA_SHA2_128S_N],
|
|
42
|
+
uint8_t addr[32]);
|
|
43
|
+
|
|
44
|
+
// Implements Algorithm 11: xmss_pkFromSig function (page 25)
|
|
45
|
+
void slhdsa_xmss_pk_from_sig(
|
|
46
|
+
uint8_t root[BCM_SLHDSA_SHA2_128S_N],
|
|
47
|
+
const uint8_t xmss_sig[SLHDSA_SHA2_128S_XMSS_BYTES], unsigned int idx,
|
|
48
|
+
const uint8_t msg[BCM_SLHDSA_SHA2_128S_N],
|
|
49
|
+
const uint8_t pk_seed[BCM_SLHDSA_SHA2_128S_N], uint8_t addr[32]);
|
|
50
|
+
|
|
51
|
+
// Implements Algorithm 12: ht_sign function (page 27)
|
|
52
|
+
void slhdsa_ht_sign(
|
|
53
|
+
uint8_t sig[SLHDSA_SHA2_128S_D * SLHDSA_SHA2_128S_XMSS_BYTES],
|
|
54
|
+
const uint8_t message[BCM_SLHDSA_SHA2_128S_N], uint64_t idx_tree,
|
|
55
|
+
uint32_t idx_leaf, const uint8_t sk_seed[BCM_SLHDSA_SHA2_128S_N],
|
|
56
|
+
const uint8_t pk_seed[BCM_SLHDSA_SHA2_128S_N]);
|
|
57
|
+
|
|
58
|
+
// Implements Algorithm 13: ht_verify function (page 28)
|
|
59
|
+
int slhdsa_ht_verify(
|
|
60
|
+
const uint8_t sig[SLHDSA_SHA2_128S_D * SLHDSA_SHA2_128S_XMSS_BYTES],
|
|
61
|
+
const uint8_t message[BCM_SLHDSA_SHA2_128S_N], uint64_t idx_tree,
|
|
62
|
+
uint32_t idx_leaf, const uint8_t pk_root[BCM_SLHDSA_SHA2_128S_N],
|
|
63
|
+
const uint8_t pk_seed[BCM_SLHDSA_SHA2_128S_N]);
|
|
64
|
+
|
|
65
|
+
|
|
66
|
+
#if defined(__cplusplus)
|
|
67
|
+
} // extern C
|
|
68
|
+
#endif
|
|
69
|
+
|
|
70
|
+
#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_SLHDSA_MERKLE_H
|
|
@@ -1,29 +1,27 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
1
|
+
// Copyright 2024 The BoringSSL Authors
|
|
2
|
+
//
|
|
3
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
// you may not use this file except in compliance with the License.
|
|
5
|
+
// You may obtain a copy of the License at
|
|
6
|
+
//
|
|
7
|
+
// https://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
//
|
|
9
|
+
// Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
// See the License for the specific language governing permissions and
|
|
13
|
+
// limitations under the License.
|
|
14
14
|
|
|
15
|
-
#ifndef
|
|
16
|
-
#define
|
|
15
|
+
#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_SLHDSA_PARAMS_H
|
|
16
|
+
#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_SLHDSA_PARAMS_H
|
|
17
17
|
|
|
18
18
|
#include <openssl/base.h>
|
|
19
|
+
#include "../bcm_interface.h"
|
|
19
20
|
|
|
20
21
|
#if defined(__cplusplus)
|
|
21
22
|
extern "C" {
|
|
22
23
|
#endif
|
|
23
24
|
|
|
24
|
-
|
|
25
|
-
// Output length of the hash function.
|
|
26
|
-
#define SLHDSA_SHA2_128S_N 16
|
|
27
25
|
// Total height of the tree structure.
|
|
28
26
|
#define SLHDSA_SHA2_128S_FULL_HEIGHT 63
|
|
29
27
|
// Number of subtree layers.
|
|
@@ -37,10 +35,7 @@ extern "C" {
|
|
|
37
35
|
// Size of a FORS signature
|
|
38
36
|
#define SLHDSA_SHA2_128S_FORS_BYTES \
|
|
39
37
|
((SLHDSA_SHA2_128S_FORS_HEIGHT + 1) * SLHDSA_SHA2_128S_FORS_TREES * \
|
|
40
|
-
|
|
41
|
-
// The number of bytes at the beginning of M', the augmented message, before the
|
|
42
|
-
// context.
|
|
43
|
-
#define SLHDSA_M_PRIME_HEADER_LEN 2
|
|
38
|
+
BCM_SLHDSA_SHA2_128S_N)
|
|
44
39
|
|
|
45
40
|
// Winternitz parameter and derived values
|
|
46
41
|
#define SLHDSA_SHA2_128S_WOTS_W 16
|
|
@@ -49,12 +44,12 @@ extern "C" {
|
|
|
49
44
|
#define SLHDSA_SHA2_128S_WOTS_LEN2 3
|
|
50
45
|
#define SLHDSA_SHA2_128S_WOTS_LEN 35
|
|
51
46
|
#define SLHDSA_SHA2_128S_WOTS_BYTES \
|
|
52
|
-
(
|
|
47
|
+
(BCM_SLHDSA_SHA2_128S_N * SLHDSA_SHA2_128S_WOTS_LEN)
|
|
53
48
|
|
|
54
49
|
// XMSS sizes
|
|
55
50
|
#define SLHDSA_SHA2_128S_XMSS_BYTES \
|
|
56
51
|
(SLHDSA_SHA2_128S_WOTS_BYTES + \
|
|
57
|
-
(
|
|
52
|
+
(BCM_SLHDSA_SHA2_128S_N * SLHDSA_SHA2_128S_TREE_HEIGHT))
|
|
58
53
|
|
|
59
54
|
// Size of the message digest (NOTE: This is only correct for the SHA-256 params
|
|
60
55
|
// here)
|
|
@@ -80,4 +75,4 @@ extern "C" {
|
|
|
80
75
|
} // extern C
|
|
81
76
|
#endif
|
|
82
77
|
|
|
83
|
-
#endif //
|
|
78
|
+
#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_SLHDSA_PARAMS_H
|
|
@@ -0,0 +1,329 @@
|
|
|
1
|
+
// Copyright 2014 The BoringSSL Authors
|
|
2
|
+
//
|
|
3
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
// you may not use this file except in compliance with the License.
|
|
5
|
+
// You may obtain a copy of the License at
|
|
6
|
+
//
|
|
7
|
+
// https://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
//
|
|
9
|
+
// Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
// See the License for the specific language governing permissions and
|
|
13
|
+
// limitations under the License.
|
|
14
|
+
|
|
15
|
+
#include <openssl/base.h>
|
|
16
|
+
|
|
17
|
+
#include <string.h>
|
|
18
|
+
|
|
19
|
+
#include <openssl/bytestring.h>
|
|
20
|
+
#include <openssl/obj.h>
|
|
21
|
+
#include <openssl/rand.h>
|
|
22
|
+
|
|
23
|
+
#include "../../internal.h"
|
|
24
|
+
#include "../bcm_interface.h"
|
|
25
|
+
#include "address.h"
|
|
26
|
+
#include "fors.h"
|
|
27
|
+
#include "merkle.h"
|
|
28
|
+
#include "params.h"
|
|
29
|
+
#include "thash.h"
|
|
30
|
+
|
|
31
|
+
|
|
32
|
+
// The OBJECT IDENTIFIER header is also included in these values, per the spec.
|
|
33
|
+
static const uint8_t kSHA256OID[] = {0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
|
|
34
|
+
0x65, 0x03, 0x04, 0x02, 0x01};
|
|
35
|
+
static const uint8_t kSHA384OID[] = {0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
|
|
36
|
+
0x65, 0x03, 0x04, 0x02, 0x02};
|
|
37
|
+
#define MAX_OID_LENGTH 11
|
|
38
|
+
#define MAX_CONTEXT_LENGTH 255
|
|
39
|
+
|
|
40
|
+
bcm_infallible BCM_slhdsa_sha2_128s_generate_key_from_seed(
|
|
41
|
+
uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
|
|
42
|
+
uint8_t out_secret_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
|
|
43
|
+
const uint8_t seed[3 * BCM_SLHDSA_SHA2_128S_N]) {
|
|
44
|
+
// Initialize SK.seed || SK.prf || PK.seed from seed.
|
|
45
|
+
OPENSSL_memcpy(out_secret_key, seed, 3 * BCM_SLHDSA_SHA2_128S_N);
|
|
46
|
+
|
|
47
|
+
// Initialize PK.seed from seed.
|
|
48
|
+
OPENSSL_memcpy(out_public_key, seed + 2 * BCM_SLHDSA_SHA2_128S_N,
|
|
49
|
+
BCM_SLHDSA_SHA2_128S_N);
|
|
50
|
+
|
|
51
|
+
uint8_t addr[32] = {0};
|
|
52
|
+
slhdsa_set_layer_addr(addr, SLHDSA_SHA2_128S_D - 1);
|
|
53
|
+
|
|
54
|
+
// Set PK.root
|
|
55
|
+
slhdsa_treehash(out_public_key + BCM_SLHDSA_SHA2_128S_N, out_secret_key, 0,
|
|
56
|
+
SLHDSA_SHA2_128S_TREE_HEIGHT, out_public_key, addr);
|
|
57
|
+
OPENSSL_memcpy(out_secret_key + 3 * BCM_SLHDSA_SHA2_128S_N,
|
|
58
|
+
out_public_key + BCM_SLHDSA_SHA2_128S_N,
|
|
59
|
+
BCM_SLHDSA_SHA2_128S_N);
|
|
60
|
+
return bcm_infallible::approved;
|
|
61
|
+
}
|
|
62
|
+
|
|
63
|
+
bcm_infallible BCM_slhdsa_sha2_128s_generate_key(
|
|
64
|
+
uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
|
|
65
|
+
uint8_t out_private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES]) {
|
|
66
|
+
uint8_t seed[3 * BCM_SLHDSA_SHA2_128S_N];
|
|
67
|
+
RAND_bytes(seed, 3 * BCM_SLHDSA_SHA2_128S_N);
|
|
68
|
+
BCM_slhdsa_sha2_128s_generate_key_from_seed(out_public_key, out_private_key,
|
|
69
|
+
seed);
|
|
70
|
+
return bcm_infallible::approved;
|
|
71
|
+
}
|
|
72
|
+
|
|
73
|
+
bcm_infallible BCM_slhdsa_sha2_128s_public_from_private(
|
|
74
|
+
uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
|
|
75
|
+
const uint8_t private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES]) {
|
|
76
|
+
OPENSSL_memcpy(out_public_key, private_key + 2 * BCM_SLHDSA_SHA2_128S_N,
|
|
77
|
+
BCM_SLHDSA_SHA2_128S_N * 2);
|
|
78
|
+
return bcm_infallible::approved;
|
|
79
|
+
}
|
|
80
|
+
|
|
81
|
+
// Note that this overreads by a byte. This is fine in the context that it's
|
|
82
|
+
// used.
|
|
83
|
+
static uint64_t load_tree_index(const uint8_t in[8]) {
|
|
84
|
+
static_assert(SLHDSA_SHA2_128S_TREE_BYTES == 7,
|
|
85
|
+
"This code needs to be updated");
|
|
86
|
+
uint64_t index = CRYPTO_load_u64_be(in);
|
|
87
|
+
index >>= 8;
|
|
88
|
+
index &= (~(uint64_t)0) >> (64 - SLHDSA_SHA2_128S_TREE_BITS);
|
|
89
|
+
return index;
|
|
90
|
+
}
|
|
91
|
+
|
|
92
|
+
// Implements Algorithm 22: slh_sign function (Section 10.2.1, page 39)
|
|
93
|
+
bcm_infallible BCM_slhdsa_sha2_128s_sign_internal(
|
|
94
|
+
uint8_t out_signature[BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES],
|
|
95
|
+
const uint8_t secret_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
|
|
96
|
+
const uint8_t header[BCM_SLHDSA_M_PRIME_HEADER_LEN], const uint8_t *context,
|
|
97
|
+
size_t context_len, const uint8_t *msg, size_t msg_len,
|
|
98
|
+
const uint8_t entropy[BCM_SLHDSA_SHA2_128S_N]) {
|
|
99
|
+
const uint8_t *sk_seed = secret_key;
|
|
100
|
+
const uint8_t *sk_prf = secret_key + BCM_SLHDSA_SHA2_128S_N;
|
|
101
|
+
const uint8_t *pk_seed = secret_key + 2 * BCM_SLHDSA_SHA2_128S_N;
|
|
102
|
+
const uint8_t *pk_root = secret_key + 3 * BCM_SLHDSA_SHA2_128S_N;
|
|
103
|
+
|
|
104
|
+
// Derive randomizer R and copy it to signature
|
|
105
|
+
uint8_t R[BCM_SLHDSA_SHA2_128S_N];
|
|
106
|
+
slhdsa_thash_prfmsg(R, sk_prf, entropy, header, context, context_len, msg,
|
|
107
|
+
msg_len);
|
|
108
|
+
OPENSSL_memcpy(out_signature, R, BCM_SLHDSA_SHA2_128S_N);
|
|
109
|
+
|
|
110
|
+
// Compute message digest
|
|
111
|
+
uint8_t digest[SLHDSA_SHA2_128S_DIGEST_SIZE];
|
|
112
|
+
slhdsa_thash_hmsg(digest, R, pk_seed, pk_root, header, context, context_len,
|
|
113
|
+
msg, msg_len);
|
|
114
|
+
|
|
115
|
+
uint8_t fors_digest[SLHDSA_SHA2_128S_FORS_MSG_BYTES];
|
|
116
|
+
OPENSSL_memcpy(fors_digest, digest, SLHDSA_SHA2_128S_FORS_MSG_BYTES);
|
|
117
|
+
|
|
118
|
+
const uint64_t idx_tree =
|
|
119
|
+
load_tree_index(digest + SLHDSA_SHA2_128S_FORS_MSG_BYTES);
|
|
120
|
+
uint32_t idx_leaf = CRYPTO_load_u16_be(
|
|
121
|
+
digest + SLHDSA_SHA2_128S_FORS_MSG_BYTES + SLHDSA_SHA2_128S_TREE_BYTES);
|
|
122
|
+
idx_leaf &= (~(uint32_t)0) >> (32 - SLHDSA_SHA2_128S_LEAF_BITS);
|
|
123
|
+
|
|
124
|
+
uint8_t addr[32] = {0};
|
|
125
|
+
slhdsa_set_tree_addr(addr, idx_tree);
|
|
126
|
+
slhdsa_set_type(addr, SLHDSA_SHA2_128S_ADDR_TYPE_FORSTREE);
|
|
127
|
+
slhdsa_set_keypair_addr(addr, idx_leaf);
|
|
128
|
+
|
|
129
|
+
slhdsa_fors_sign(out_signature + BCM_SLHDSA_SHA2_128S_N, fors_digest, sk_seed,
|
|
130
|
+
pk_seed, addr);
|
|
131
|
+
|
|
132
|
+
uint8_t pk_fors[BCM_SLHDSA_SHA2_128S_N];
|
|
133
|
+
slhdsa_fors_pk_from_sig(pk_fors, out_signature + BCM_SLHDSA_SHA2_128S_N,
|
|
134
|
+
fors_digest, pk_seed, addr);
|
|
135
|
+
|
|
136
|
+
slhdsa_ht_sign(
|
|
137
|
+
out_signature + BCM_SLHDSA_SHA2_128S_N + SLHDSA_SHA2_128S_FORS_BYTES,
|
|
138
|
+
pk_fors, idx_tree, idx_leaf, sk_seed, pk_seed);
|
|
139
|
+
return bcm_infallible::approved;
|
|
140
|
+
}
|
|
141
|
+
|
|
142
|
+
bcm_status BCM_slhdsa_sha2_128s_sign(
|
|
143
|
+
uint8_t out_signature[BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES],
|
|
144
|
+
const uint8_t private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
|
|
145
|
+
const uint8_t *msg, size_t msg_len, const uint8_t *context,
|
|
146
|
+
size_t context_len) {
|
|
147
|
+
if (context_len > MAX_CONTEXT_LENGTH) {
|
|
148
|
+
return bcm_status::failure;
|
|
149
|
+
}
|
|
150
|
+
|
|
151
|
+
// Construct header for M' as specified in Algorithm 22
|
|
152
|
+
uint8_t M_prime_header[2];
|
|
153
|
+
M_prime_header[0] = 0; // domain separator for pure signing
|
|
154
|
+
M_prime_header[1] = (uint8_t)context_len;
|
|
155
|
+
|
|
156
|
+
uint8_t entropy[BCM_SLHDSA_SHA2_128S_N];
|
|
157
|
+
RAND_bytes(entropy, sizeof(entropy));
|
|
158
|
+
BCM_slhdsa_sha2_128s_sign_internal(out_signature, private_key, M_prime_header,
|
|
159
|
+
context, context_len, msg, msg_len,
|
|
160
|
+
entropy);
|
|
161
|
+
return bcm_status::approved;
|
|
162
|
+
}
|
|
163
|
+
|
|
164
|
+
static int slhdsa_get_context_and_oid(uint8_t *out_context_and_oid,
|
|
165
|
+
size_t *out_context_and_oid_len,
|
|
166
|
+
size_t max_out_context_and_oid,
|
|
167
|
+
const uint8_t *context,
|
|
168
|
+
size_t context_len, int hash_nid,
|
|
169
|
+
size_t hashed_msg_len) {
|
|
170
|
+
const uint8_t *oid;
|
|
171
|
+
size_t oid_len;
|
|
172
|
+
size_t expected_hash_len;
|
|
173
|
+
switch (hash_nid) {
|
|
174
|
+
case NID_sha256:
|
|
175
|
+
oid = kSHA256OID;
|
|
176
|
+
oid_len = sizeof(kSHA256OID);
|
|
177
|
+
static_assert(sizeof(kSHA256OID) <= MAX_OID_LENGTH, "");
|
|
178
|
+
expected_hash_len = 32;
|
|
179
|
+
break;
|
|
180
|
+
|
|
181
|
+
// The SLH-DSA spec only lists SHA-256 and SHA-512. This function also
|
|
182
|
+
// supports SHA-384, which is non-standard.
|
|
183
|
+
case NID_sha384:
|
|
184
|
+
oid = kSHA384OID;
|
|
185
|
+
oid_len = sizeof(kSHA384OID);
|
|
186
|
+
static_assert(sizeof(kSHA384OID) <= MAX_OID_LENGTH, "");
|
|
187
|
+
expected_hash_len = 48;
|
|
188
|
+
break;
|
|
189
|
+
|
|
190
|
+
// If adding a hash function with a larger `oid_len`, update the size of
|
|
191
|
+
// `context_and_oid` in the callers.
|
|
192
|
+
default:
|
|
193
|
+
return 0;
|
|
194
|
+
}
|
|
195
|
+
|
|
196
|
+
if (hashed_msg_len != expected_hash_len) {
|
|
197
|
+
return 0;
|
|
198
|
+
}
|
|
199
|
+
|
|
200
|
+
*out_context_and_oid_len = context_len + oid_len;
|
|
201
|
+
if (*out_context_and_oid_len > max_out_context_and_oid) {
|
|
202
|
+
return 0;
|
|
203
|
+
}
|
|
204
|
+
|
|
205
|
+
OPENSSL_memcpy(out_context_and_oid, context, context_len);
|
|
206
|
+
OPENSSL_memcpy(out_context_and_oid + context_len, oid, oid_len);
|
|
207
|
+
|
|
208
|
+
return 1;
|
|
209
|
+
}
|
|
210
|
+
|
|
211
|
+
|
|
212
|
+
bcm_status BCM_slhdsa_sha2_128s_prehash_sign(
|
|
213
|
+
uint8_t out_signature[BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES],
|
|
214
|
+
const uint8_t private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
|
|
215
|
+
const uint8_t *hashed_msg, size_t hashed_msg_len, int hash_nid,
|
|
216
|
+
const uint8_t *context, size_t context_len) {
|
|
217
|
+
if (context_len > MAX_CONTEXT_LENGTH) {
|
|
218
|
+
return bcm_status::failure;
|
|
219
|
+
}
|
|
220
|
+
|
|
221
|
+
uint8_t M_prime_header[2];
|
|
222
|
+
M_prime_header[0] = 1; // domain separator for prehashed signing
|
|
223
|
+
M_prime_header[1] = (uint8_t)context_len;
|
|
224
|
+
|
|
225
|
+
uint8_t context_and_oid[MAX_CONTEXT_LENGTH + MAX_OID_LENGTH];
|
|
226
|
+
size_t context_and_oid_len;
|
|
227
|
+
if (!slhdsa_get_context_and_oid(context_and_oid, &context_and_oid_len,
|
|
228
|
+
sizeof(context_and_oid), context, context_len,
|
|
229
|
+
hash_nid, hashed_msg_len)) {
|
|
230
|
+
return bcm_status::failure;
|
|
231
|
+
}
|
|
232
|
+
|
|
233
|
+
uint8_t entropy[BCM_SLHDSA_SHA2_128S_N];
|
|
234
|
+
RAND_bytes(entropy, sizeof(entropy));
|
|
235
|
+
BCM_slhdsa_sha2_128s_sign_internal(out_signature, private_key, M_prime_header,
|
|
236
|
+
context_and_oid, context_and_oid_len,
|
|
237
|
+
hashed_msg, hashed_msg_len, entropy);
|
|
238
|
+
return bcm_status::approved;
|
|
239
|
+
}
|
|
240
|
+
|
|
241
|
+
// Implements Algorithm 24: slh_verify function (Section 10.3, page 41)
|
|
242
|
+
bcm_status BCM_slhdsa_sha2_128s_verify(
|
|
243
|
+
const uint8_t *signature, size_t signature_len,
|
|
244
|
+
const uint8_t public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
|
|
245
|
+
const uint8_t *msg, size_t msg_len, const uint8_t *context,
|
|
246
|
+
size_t context_len) {
|
|
247
|
+
if (context_len > MAX_CONTEXT_LENGTH) {
|
|
248
|
+
return bcm_status::failure;
|
|
249
|
+
}
|
|
250
|
+
|
|
251
|
+
// Construct header for M' as specified in Algorithm 24
|
|
252
|
+
uint8_t M_prime_header[2];
|
|
253
|
+
M_prime_header[0] = 0; // domain separator for pure verification
|
|
254
|
+
M_prime_header[1] = (uint8_t)context_len;
|
|
255
|
+
|
|
256
|
+
return BCM_slhdsa_sha2_128s_verify_internal(
|
|
257
|
+
signature, signature_len, public_key, M_prime_header, context,
|
|
258
|
+
context_len, msg, msg_len);
|
|
259
|
+
}
|
|
260
|
+
|
|
261
|
+
bcm_status BCM_slhdsa_sha2_128s_prehash_verify(
|
|
262
|
+
const uint8_t *signature, size_t signature_len,
|
|
263
|
+
const uint8_t public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
|
|
264
|
+
const uint8_t *hashed_msg, size_t hashed_msg_len, int hash_nid,
|
|
265
|
+
const uint8_t *context, size_t context_len) {
|
|
266
|
+
if (context_len > MAX_CONTEXT_LENGTH) {
|
|
267
|
+
return bcm_status::failure;
|
|
268
|
+
}
|
|
269
|
+
|
|
270
|
+
uint8_t M_prime_header[2];
|
|
271
|
+
M_prime_header[0] = 1; // domain separator for prehashed verification
|
|
272
|
+
M_prime_header[1] = (uint8_t)context_len;
|
|
273
|
+
|
|
274
|
+
uint8_t context_and_oid[MAX_CONTEXT_LENGTH + MAX_OID_LENGTH];
|
|
275
|
+
size_t context_and_oid_len;
|
|
276
|
+
if (!slhdsa_get_context_and_oid(context_and_oid, &context_and_oid_len,
|
|
277
|
+
sizeof(context_and_oid), context, context_len,
|
|
278
|
+
hash_nid, hashed_msg_len)) {
|
|
279
|
+
return bcm_status::failure;
|
|
280
|
+
}
|
|
281
|
+
|
|
282
|
+
return BCM_slhdsa_sha2_128s_verify_internal(
|
|
283
|
+
signature, signature_len, public_key, M_prime_header, context_and_oid,
|
|
284
|
+
context_and_oid_len, hashed_msg, hashed_msg_len);
|
|
285
|
+
}
|
|
286
|
+
|
|
287
|
+
bcm_status BCM_slhdsa_sha2_128s_verify_internal(
|
|
288
|
+
const uint8_t *signature, size_t signature_len,
|
|
289
|
+
const uint8_t public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
|
|
290
|
+
const uint8_t header[BCM_SLHDSA_M_PRIME_HEADER_LEN], const uint8_t *context,
|
|
291
|
+
size_t context_len, const uint8_t *msg, size_t msg_len) {
|
|
292
|
+
if (signature_len != BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES) {
|
|
293
|
+
return bcm_status::failure;
|
|
294
|
+
}
|
|
295
|
+
const uint8_t *pk_seed = public_key;
|
|
296
|
+
const uint8_t *pk_root = public_key + BCM_SLHDSA_SHA2_128S_N;
|
|
297
|
+
|
|
298
|
+
const uint8_t *r = signature;
|
|
299
|
+
const uint8_t *sig_fors = signature + BCM_SLHDSA_SHA2_128S_N;
|
|
300
|
+
const uint8_t *sig_ht = sig_fors + SLHDSA_SHA2_128S_FORS_BYTES;
|
|
301
|
+
|
|
302
|
+
uint8_t digest[SLHDSA_SHA2_128S_DIGEST_SIZE];
|
|
303
|
+
slhdsa_thash_hmsg(digest, r, pk_seed, pk_root, header, context, context_len,
|
|
304
|
+
msg, msg_len);
|
|
305
|
+
|
|
306
|
+
uint8_t fors_digest[SLHDSA_SHA2_128S_FORS_MSG_BYTES];
|
|
307
|
+
OPENSSL_memcpy(fors_digest, digest, SLHDSA_SHA2_128S_FORS_MSG_BYTES);
|
|
308
|
+
|
|
309
|
+
const uint64_t idx_tree =
|
|
310
|
+
load_tree_index(digest + SLHDSA_SHA2_128S_FORS_MSG_BYTES);
|
|
311
|
+
uint32_t idx_leaf = CRYPTO_load_u16_be(
|
|
312
|
+
digest + SLHDSA_SHA2_128S_FORS_MSG_BYTES + SLHDSA_SHA2_128S_TREE_BYTES);
|
|
313
|
+
idx_leaf &= (~(uint32_t)0) >> (32 - SLHDSA_SHA2_128S_LEAF_BITS);
|
|
314
|
+
|
|
315
|
+
uint8_t addr[32] = {0};
|
|
316
|
+
slhdsa_set_tree_addr(addr, idx_tree);
|
|
317
|
+
slhdsa_set_type(addr, SLHDSA_SHA2_128S_ADDR_TYPE_FORSTREE);
|
|
318
|
+
slhdsa_set_keypair_addr(addr, idx_leaf);
|
|
319
|
+
|
|
320
|
+
uint8_t pk_fors[BCM_SLHDSA_SHA2_128S_N];
|
|
321
|
+
slhdsa_fors_pk_from_sig(pk_fors, sig_fors, fors_digest, pk_seed, addr);
|
|
322
|
+
|
|
323
|
+
if (!slhdsa_ht_verify(sig_ht, pk_fors, idx_tree, idx_leaf, pk_root,
|
|
324
|
+
pk_seed)) {
|
|
325
|
+
return bcm_status::failure;
|
|
326
|
+
}
|
|
327
|
+
|
|
328
|
+
return bcm_status::approved;
|
|
329
|
+
}
|