grpc 1.72.0 → 1.73.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Makefile +23 -6
- data/include/grpc/event_engine/event_engine.h +125 -8
- data/include/grpc/event_engine/internal/write_event.h +34 -0
- data/include/grpc/impl/channel_arg_names.h +17 -9
- data/include/grpc/impl/compression_types.h +3 -2
- data/include/grpc/impl/slice_type.h +1 -1
- data/include/grpc/support/json.h +3 -21
- data/include/grpc/support/port_platform.h +8 -5
- data/src/core/call/call_filters.h +28 -19
- data/src/core/call/call_spine.h +2 -0
- data/src/core/call/metadata.h +17 -0
- data/src/core/channelz/channel_trace.cc +50 -42
- data/src/core/channelz/channel_trace.h +35 -4
- data/src/core/channelz/channelz.cc +338 -125
- data/src/core/channelz/channelz.h +276 -34
- data/src/core/channelz/channelz_registry.cc +322 -117
- data/src/core/channelz/channelz_registry.h +179 -21
- data/src/core/channelz/ztrace_collector.h +315 -0
- data/src/core/client_channel/client_channel.cc +30 -29
- data/src/core/client_channel/client_channel_filter.cc +21 -20
- data/src/core/client_channel/client_channel_filter.h +0 -2
- data/src/core/client_channel/connector.h +0 -3
- data/src/core/client_channel/global_subchannel_pool.cc +68 -7
- data/src/core/client_channel/global_subchannel_pool.h +37 -4
- data/src/core/client_channel/subchannel.cc +7 -9
- data/src/core/client_channel/subchannel.h +2 -8
- data/src/core/client_channel/subchannel_pool_interface.cc +5 -6
- data/src/core/client_channel/subchannel_pool_interface.h +11 -1
- data/src/core/config/config_vars.cc +11 -1
- data/src/core/config/config_vars.h +8 -0
- data/src/core/config/core_configuration.cc +50 -11
- data/src/core/config/core_configuration.h +89 -7
- data/src/core/credentials/call/external/aws_request_signer.cc +3 -2
- data/src/core/credentials/call/external/url_external_account_credentials.cc +2 -2
- data/src/core/credentials/call/gcp_service_account_identity/gcp_service_account_identity_credentials.cc +1 -1
- data/src/core/credentials/call/jwt/jwt_verifier.cc +4 -4
- data/src/core/credentials/call/oauth2/oauth2_credentials.cc +4 -2
- data/src/core/credentials/transport/alts/alts_security_connector.cc +9 -8
- data/src/core/credentials/transport/google_default/google_default_credentials.cc +3 -3
- data/src/core/credentials/transport/ssl/ssl_credentials.cc +2 -2
- data/src/core/credentials/transport/ssl/ssl_security_connector.cc +41 -11
- data/src/core/credentials/transport/ssl/ssl_security_connector.h +2 -1
- data/src/core/credentials/transport/tls/ssl_utils.cc +18 -0
- data/src/core/credentials/transport/tls/ssl_utils.h +5 -0
- data/src/core/credentials/transport/tls/tls_security_connector.cc +2 -1
- data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.cc +6 -3
- data/src/core/ext/filters/http/message_compress/compression_filter.h +34 -4
- data/src/core/ext/filters/http/server/http_server_filter.cc +1 -1
- data/src/core/ext/filters/http/server/http_server_filter.h +14 -3
- data/src/core/ext/transport/chttp2/chttp2_plugin.cc +40 -0
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +11 -112
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +3 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +33 -962
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +5 -1
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +129 -47
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +0 -3
- data/src/core/ext/transport/chttp2/transport/flow_control.h +18 -0
- data/src/core/ext/transport/chttp2/transport/frame.cc +213 -105
- data/src/core/ext/transport/chttp2/transport/frame.h +78 -6
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +10 -0
- data/src/core/ext/transport/chttp2/transport/frame_data.h +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +15 -3
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +5 -3
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +11 -4
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +3 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +19 -1
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +4 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +7 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +2 -0
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +26 -0
- data/src/core/ext/transport/chttp2/transport/http2_status.h +358 -1
- data/src/core/ext/transport/chttp2/transport/http2_ztrace_collector.h +252 -0
- data/src/core/ext/transport/chttp2/transport/internal.h +29 -5
- data/src/core/ext/transport/chttp2/transport/internal_channel_arg_names.h +24 -0
- data/src/core/ext/transport/chttp2/transport/parsing.cc +36 -21
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +10 -9
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +6 -0
- data/src/core/ext/transport/chttp2/transport/writing.cc +60 -49
- data/src/core/ext/transport/inproc/inproc_transport.cc +7 -2
- data/src/core/ext/transport/inproc/legacy_inproc_transport.cc +6 -2
- data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb.h +12 -22
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb.h +12 -22
- data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb.h +28 -22
- data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb.h +24 -67
- data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb.h +29 -31
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb_minitable.c +2 -2
- data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb.h +0 -23
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb.h +20 -0
- data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb.h +8 -22
- data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb.h +0 -23
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +64 -66
- data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb.h +4 -95
- data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +28 -0
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb.h +8 -36
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb.h +4 -0
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb.h +8 -44
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb.h +12 -40
- data/src/core/ext/upb-gen/google/api/http.upb.h +4 -0
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb.h +193 -20
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.c +59 -21
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.h +4 -0
- data/src/core/ext/upb-gen/google/protobuf/struct.upb.h +4 -22
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb.h +0 -18
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb.h +113 -53
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb_minitable.c +20 -14
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb.h +154 -0
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.c +40 -2
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.h +4 -0
- data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb.h +8 -0
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb.h +0 -18
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb.h +0 -36
- data/src/core/ext/upb-gen/validate/validate.upb.h +12 -0
- data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb.h +4 -0
- data/src/core/ext/upb-gen/xds/core/v3/context_params.upb.h +0 -18
- data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb.h +8 -0
- data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb.h +0 -54
- data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb.h +20 -22
- data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb.h +4 -0
- data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb.h +4 -0
- data/src/core/ext/upb-gen/xds/type/v3/cel.upb.h +4 -0
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.c +123 -62
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.c +200 -101
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.c +152 -77
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.c +524 -255
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.c +44 -23
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.c +66 -34
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.c +54 -28
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.c +46 -25
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.c +47 -25
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.c +256 -126
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.c +50 -28
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.c +55 -28
- data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.c +34 -18
- data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.c +414 -206
- data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +831 -413
- data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +143 -73
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.c +1132 -557
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.c +63 -34
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.c +255 -127
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.c +363 -178
- data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.c +227 -114
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.c +57 -31
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.c +596 -295
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.c +271 -137
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.c +56 -30
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.c +45 -25
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.c +59 -31
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.c +438 -217
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.c +441 -221
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.c +55 -30
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.c +57 -31
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +619 -303
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.c +70 -36
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.c +62 -33
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.c +47 -25
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.c +97 -49
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.c +97 -51
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.c +51 -27
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.c +147 -76
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +230 -116
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.c +277 -138
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.c +48 -26
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.c +388 -197
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.c +304 -153
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.c +173 -90
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.c +90 -47
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.c +98 -51
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.c +196 -99
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.c +237 -118
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.c +418 -210
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.c +194 -99
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +2003 -973
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.c +101 -53
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.c +352 -176
- data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.c +79 -42
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.c +67 -37
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.c +63 -34
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.c +88 -47
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.c +80 -43
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.c +53 -29
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.c +86 -46
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.c +55 -32
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.c +91 -49
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.c +105 -55
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.c +775 -379
- data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +52 -28
- data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +134 -68
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +189 -96
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.c +116 -61
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.c +112 -58
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.c +160 -82
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.c +75 -39
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +1161 -570
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.c +52 -28
- data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.c +55 -29
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +48 -26
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +390 -194
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +126 -65
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +498 -246
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.c +74 -38
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.c +221 -110
- data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.c +68 -36
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.c +378 -187
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.c +100 -52
- data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.c +257 -129
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.c +44 -24
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.c +68 -35
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.c +38 -20
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.c +59 -32
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.c +65 -34
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.c +72 -38
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.c +57 -31
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.c +52 -29
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.c +51 -28
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.c +89 -47
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.c +37 -20
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.c +89 -47
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.c +67 -35
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.c +112 -58
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.c +110 -56
- data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.c +123 -62
- data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.c +59 -31
- data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.c +30 -16
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.c +143 -72
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.c +61 -32
- data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.c +51 -27
- data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.c +85 -45
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.c +35 -19
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.c +44 -23
- data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.c +61 -33
- data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.c +35 -19
- data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.c +272 -133
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.c +315 -154
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.c +64 -33
- data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.c +35 -19
- data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.c +26 -15
- data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.c +1106 -508
- data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.h +10 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.c +28 -16
- data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.c +23 -13
- data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.c +69 -35
- data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.c +29 -16
- data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.c +51 -26
- data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.c +32 -17
- data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.c +161 -79
- data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.c +84 -42
- data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.c +48 -26
- data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.c +26 -14
- data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.c +50 -26
- data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.c +36 -19
- data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.c +538 -261
- data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.c +86 -43
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.c +49 -26
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.c +27 -15
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.c +87 -44
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.c +37 -20
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.c +30 -17
- data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.c +41 -23
- data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.c +62 -33
- data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.c +36 -19
- data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.c +36 -20
- data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.c +42 -23
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.c +76 -39
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.c +45 -24
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.c +41 -23
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.c +53 -29
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.c +29 -16
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.c +58 -32
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.c +207 -103
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.c +95 -49
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.c +38 -20
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.c +60 -31
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.c +67 -36
- data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.c +31 -17
- data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.c +31 -17
- data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.h +5 -1
- data/src/core/handshaker/http_connect/http_proxy_mapper.cc +7 -22
- data/src/core/handshaker/security/legacy_secure_endpoint.cc +596 -0
- data/src/core/handshaker/security/secure_endpoint.cc +769 -312
- data/src/core/handshaker/security/secure_endpoint.h +17 -0
- data/src/core/handshaker/security/security_handshaker.cc +3 -3
- data/src/core/lib/address_utils/sockaddr_utils.cc +5 -5
- data/src/core/lib/channel/channel_args.h +4 -0
- data/src/core/lib/channel/channel_stack.cc +29 -0
- data/src/core/lib/channel/channel_stack.h +9 -0
- data/src/core/lib/channel/promise_based_filter.h +707 -299
- data/src/core/lib/debug/trace_flags.cc +2 -2
- data/src/core/lib/debug/trace_flags.h +1 -1
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +6 -2
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +4 -4
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.h +14 -6
- data/src/core/lib/event_engine/default_event_engine_factory.cc +1 -1
- data/src/core/lib/event_engine/extensions/blocking_dns.h +46 -0
- data/src/core/lib/event_engine/extensions/channelz.h +62 -0
- data/src/core/lib/event_engine/extensions/tcp_trace.h +2 -2
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.cc +4 -7
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.h +3 -0
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +6 -7
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +28 -22
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +22 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +15 -15
- data/src/core/lib/event_engine/query_extensions.h +10 -21
- data/src/core/lib/event_engine/tcp_socket_utils.cc +10 -9
- data/src/core/lib/event_engine/utils.cc +34 -0
- data/src/core/lib/event_engine/utils.h +3 -0
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +2 -2
- data/src/core/lib/event_engine/windows/windows_endpoint.h +9 -2
- data/src/core/lib/experiments/experiments.cc +198 -51
- data/src/core/lib/experiments/experiments.h +78 -35
- data/src/core/lib/iomgr/combiner.cc +3 -2
- data/src/core/lib/iomgr/ev_poll_posix.cc +4 -0
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +11 -8
- data/src/core/lib/iomgr/fork_posix.cc +0 -7
- data/src/core/lib/iomgr/iomgr.cc +0 -3
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +3 -0
- data/src/core/lib/iomgr/resolve_address_posix.cc +37 -47
- data/src/core/lib/iomgr/resolve_address_posix.h +15 -0
- data/src/core/lib/iomgr/resolve_address_windows.cc +22 -45
- data/src/core/lib/iomgr/resolve_address_windows.h +15 -2
- data/src/core/lib/iomgr/tcp_client_posix.cc +14 -6
- data/src/core/lib/iomgr/tcp_posix.cc +14 -12
- data/src/core/lib/iomgr/tcp_server_windows.cc +14 -2
- data/src/core/lib/promise/detail/promise_like.h +24 -0
- data/src/core/lib/promise/detail/seq_state.h +741 -0
- data/src/core/lib/promise/map.h +22 -5
- data/src/core/lib/promise/promise.h +2 -0
- data/src/core/lib/promise/seq.h +2 -0
- data/src/core/lib/promise/sleep.cc +6 -3
- data/src/core/lib/promise/try_seq.h +2 -0
- data/src/core/lib/resource_quota/memory_quota.cc +9 -0
- data/src/core/lib/resource_quota/memory_quota.h +1 -3
- data/src/core/lib/slice/slice_buffer.h +6 -0
- data/src/core/lib/surface/call.cc +4 -0
- data/src/core/lib/surface/channel_create.cc +61 -1
- data/src/core/lib/surface/init.cc +2 -2
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/status_conversion.cc +7 -34
- data/src/core/lib/transport/transport.cc +2 -2
- data/src/core/lib/transport/transport.h +3 -0
- data/src/core/load_balancing/backend_metric_parser.cc +12 -18
- data/src/core/load_balancing/grpclb/grpclb.cc +2 -2
- data/src/core/load_balancing/health_check_client.cc +2 -4
- data/src/core/load_balancing/oob_backend_metric.cc +2 -4
- data/src/core/load_balancing/outlier_detection/outlier_detection.cc +4 -3
- data/src/core/load_balancing/pick_first/pick_first.cc +3 -3
- data/src/core/load_balancing/rls/rls.cc +6 -5
- data/src/core/load_balancing/round_robin/round_robin.cc +2 -3
- data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +4 -4
- data/src/core/load_balancing/weighted_target/weighted_target.cc +3 -9
- data/src/core/load_balancing/xds/xds_override_host.cc +55 -34
- data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -0
- data/src/core/resolver/sockaddr/sockaddr_resolver.cc +2 -1
- data/src/core/resolver/xds/xds_resolver.cc +2 -1
- data/src/core/server/add_port.cc +87 -0
- data/src/core/server/server.cc +48 -53
- data/src/core/server/server.h +3 -5
- data/src/core/telemetry/call_tracer.cc +2 -2
- data/src/core/telemetry/call_tracer.h +1 -1
- data/src/core/{ext/transport/chttp2/transport → telemetry}/context_list_entry.h +3 -3
- data/src/core/telemetry/default_tcp_tracer.cc +26 -0
- data/src/core/telemetry/default_tcp_tracer.h +44 -0
- data/src/core/telemetry/stats.h +0 -5
- data/src/core/telemetry/stats_data.cc +376 -334
- data/src/core/telemetry/stats_data.h +260 -166
- data/src/core/telemetry/tcp_tracer.cc +38 -0
- data/src/core/telemetry/tcp_tracer.h +14 -16
- data/src/core/transport/auth_context.cc +0 -1
- data/src/core/transport/auth_context.h +0 -1
- data/src/core/transport/endpoint_transport.h +90 -0
- data/src/core/transport/endpoint_transport_client_channel_factory.cc +61 -0
- data/src/core/transport/endpoint_transport_client_channel_factory.h +57 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +33 -1
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +3 -1
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +76 -22
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +8 -2
- data/src/core/tsi/ssl_transport_security.cc +189 -71
- data/src/core/tsi/ssl_transport_security.h +6 -1
- data/src/core/tsi/transport_security.h +3 -0
- data/src/core/tsi/transport_security_grpc.h +7 -3
- data/src/core/tsi/transport_security_interface.h +30 -25
- data/src/core/util/backoff.cc +7 -14
- data/src/core/util/backoff.h +0 -1
- data/src/core/util/dual_ref_counted.h +48 -0
- data/src/core/util/function_signature.h +66 -0
- data/src/core/util/gcp_metadata_query.cc +3 -2
- data/src/core/util/http_client/httpcli_security_connector.cc +2 -1
- data/src/core/util/json/json_object_loader.h +3 -3
- data/src/core/util/latent_see.cc +28 -2
- data/src/core/util/latent_see.h +11 -23
- data/src/core/util/linux/env.cc +3 -1
- data/src/core/util/ref_counted_ptr.h +26 -0
- data/src/core/util/shared_bit_gen.cc +21 -0
- data/src/core/util/shared_bit_gen.h +44 -0
- data/src/core/util/single_set_ptr.h +35 -4
- data/src/core/util/uri.cc +75 -17
- data/src/core/util/uri.h +13 -8
- data/src/core/xds/grpc/xds_common_types_parser.cc +1 -9
- data/src/core/xds/grpc/xds_http_filter_registry.cc +1 -3
- data/src/core/xds/grpc/xds_http_rbac_filter.cc +10 -17
- data/src/core/xds/grpc/xds_metadata_parser.cc +40 -64
- data/src/core/xds/grpc/xds_metadata_parser.h +0 -2
- data/src/core/xds/grpc/xds_route_config_parser.cc +55 -77
- data/src/core/xds/xds_client/xds_client.cc +1 -1
- data/src/ruby/ext/grpc/extconf.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/spec/generic/client_stub_spec.rb +2 -6
- data/src/ruby/spec/generic/rpc_server_spec.rb +1 -1
- data/third_party/abseil-cpp/absl/algorithm/algorithm.h +2 -2
- data/third_party/abseil-cpp/absl/algorithm/container.h +79 -48
- data/third_party/abseil-cpp/absl/base/attributes.h +66 -16
- data/third_party/abseil-cpp/absl/base/call_once.h +8 -5
- data/third_party/abseil-cpp/absl/base/config.h +4 -4
- data/third_party/abseil-cpp/absl/base/internal/nullability_impl.h +17 -56
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +1 -1
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +14 -0
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +5 -1
- data/third_party/abseil-cpp/absl/base/internal/tracing.cc +39 -0
- data/third_party/abseil-cpp/absl/base/internal/tracing.h +81 -0
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +0 -10
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +12 -0
- data/third_party/abseil-cpp/absl/base/macros.h +35 -4
- data/third_party/abseil-cpp/absl/base/nullability.h +72 -16
- data/third_party/abseil-cpp/absl/base/optimization.h +8 -12
- data/third_party/abseil-cpp/absl/base/options.h +5 -2
- data/third_party/abseil-cpp/absl/base/policy_checks.h +2 -0
- data/third_party/abseil-cpp/absl/container/btree_map.h +889 -0
- data/third_party/abseil-cpp/absl/container/btree_set.h +824 -0
- data/third_party/abseil-cpp/absl/container/fixed_array.h +2 -1
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +17 -3
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +17 -3
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +2 -1
- data/third_party/abseil-cpp/absl/container/internal/btree.h +3046 -0
- data/third_party/abseil-cpp/absl/container/internal/btree_container.h +763 -0
- data/third_party/abseil-cpp/absl/container/internal/common_policy_traits.h +9 -0
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +1 -0
- data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +4 -2
- data/third_party/abseil-cpp/absl/container/internal/layout.h +1 -1
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +142 -114
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +397 -231
- data/third_party/abseil-cpp/absl/crc/internal/cpu_detect.cc +56 -0
- data/third_party/abseil-cpp/absl/crc/internal/non_temporal_memcpy.h +21 -7
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +4 -2
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +1 -1
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +17 -1
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +7 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_riscv-inl.inc +9 -6
- data/third_party/abseil-cpp/absl/debugging/leak_check.cc +73 -0
- data/third_party/abseil-cpp/absl/debugging/leak_check.h +150 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +3 -2
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +48 -9
- data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +1 -0
- data/third_party/abseil-cpp/absl/flags/commandlineflag.h +7 -0
- data/third_party/abseil-cpp/absl/flags/flag.h +14 -12
- data/third_party/abseil-cpp/absl/flags/internal/flag.cc +12 -4
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +16 -5
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +4 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +3 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +13 -12
- data/third_party/abseil-cpp/absl/flags/usage_config.cc +9 -4
- data/third_party/abseil-cpp/absl/hash/hash.h +26 -2
- data/third_party/abseil-cpp/absl/hash/internal/hash.cc +17 -17
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +196 -91
- data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.cc +2 -4
- data/third_party/abseil-cpp/absl/log/absl_vlog_is_on.h +2 -0
- data/third_party/abseil-cpp/absl/log/internal/check_op.cc +27 -22
- data/third_party/abseil-cpp/absl/log/internal/check_op.h +102 -80
- data/third_party/abseil-cpp/absl/log/internal/log_message.cc +90 -38
- data/third_party/abseil-cpp/absl/log/internal/log_message.h +80 -48
- data/third_party/abseil-cpp/absl/log/internal/proto.cc +0 -3
- data/third_party/abseil-cpp/absl/log/internal/proto.h +25 -15
- data/third_party/abseil-cpp/absl/log/internal/structured_proto.cc +115 -0
- data/third_party/abseil-cpp/absl/log/internal/structured_proto.h +107 -0
- data/third_party/abseil-cpp/absl/log/internal/vlog_config.cc +8 -1
- data/third_party/abseil-cpp/absl/log/log_sink_registry.h +5 -2
- data/third_party/abseil-cpp/absl/log/vlog_is_on.h +2 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +16 -6
- data/third_party/abseil-cpp/absl/numeric/int128.h +15 -3
- data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +6 -4
- data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +6 -3
- data/third_party/abseil-cpp/absl/random/bernoulli_distribution.h +3 -1
- data/third_party/abseil-cpp/absl/random/beta_distribution.h +3 -1
- data/third_party/abseil-cpp/absl/random/bit_gen_ref.h +2 -1
- data/third_party/abseil-cpp/absl/random/discrete_distribution.cc +10 -0
- data/third_party/abseil-cpp/absl/random/discrete_distribution.h +4 -2
- data/third_party/abseil-cpp/absl/random/exponential_distribution.h +1 -0
- data/third_party/abseil-cpp/absl/random/gaussian_distribution.h +2 -1
- data/third_party/abseil-cpp/absl/random/internal/distribution_caller.h +3 -1
- data/third_party/abseil-cpp/absl/random/internal/iostream_state_saver.h +5 -2
- data/third_party/abseil-cpp/absl/random/internal/platform.h +12 -12
- data/third_party/abseil-cpp/absl/random/internal/randen_detect.cc +56 -5
- data/third_party/abseil-cpp/absl/random/internal/randen_engine.h +2 -1
- data/third_party/abseil-cpp/absl/random/internal/uniform_helper.h +2 -2
- data/third_party/abseil-cpp/absl/random/internal/wide_multiply.h +0 -1
- data/third_party/abseil-cpp/absl/random/log_uniform_int_distribution.h +1 -4
- data/third_party/abseil-cpp/absl/random/poisson_distribution.h +4 -3
- data/third_party/abseil-cpp/absl/random/seed_gen_exception.cc +2 -3
- data/third_party/abseil-cpp/absl/random/seed_sequences.h +1 -2
- data/third_party/abseil-cpp/absl/random/uniform_int_distribution.h +2 -1
- data/third_party/abseil-cpp/absl/random/uniform_real_distribution.h +2 -0
- data/third_party/abseil-cpp/absl/random/zipf_distribution.h +5 -4
- data/third_party/abseil-cpp/absl/status/internal/status_internal.cc +8 -4
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +1 -1
- data/third_party/abseil-cpp/absl/status/status.h +1 -1
- data/third_party/abseil-cpp/absl/strings/ascii.cc +41 -26
- data/third_party/abseil-cpp/absl/strings/ascii.h +48 -8
- data/third_party/abseil-cpp/absl/strings/charconv.cc +4 -7
- data/third_party/abseil-cpp/absl/strings/charset.h +3 -4
- data/third_party/abseil-cpp/absl/strings/cord.h +5 -19
- data/third_party/abseil-cpp/absl/strings/escaping.cc +56 -48
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +48 -15
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +3 -2
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +35 -0
- data/third_party/abseil-cpp/absl/strings/match.h +21 -11
- data/third_party/abseil-cpp/absl/strings/numbers.cc +2 -1
- data/third_party/abseil-cpp/absl/strings/str_cat.h +11 -0
- data/third_party/abseil-cpp/absl/strings/str_split.h +18 -1
- data/third_party/abseil-cpp/absl/strings/string_view.h +20 -19
- data/third_party/abseil-cpp/absl/strings/strip.h +11 -8
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.cc +16 -10
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.h +6 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +5 -1
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +38 -12
- data/third_party/abseil-cpp/absl/synchronization/notification.cc +10 -2
- data/third_party/abseil-cpp/absl/synchronization/notification.h +11 -1
- data/third_party/abseil-cpp/absl/time/duration.cc +6 -51
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +3 -3
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +2 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +2 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +3 -3
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +2 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +3 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +6 -4
- data/third_party/abseil-cpp/absl/time/time.h +84 -23
- data/third_party/abseil-cpp/absl/types/internal/span.h +3 -2
- data/third_party/abseil-cpp/absl/types/optional.h +4 -2
- data/third_party/abseil-cpp/absl/types/span.h +85 -43
- data/third_party/boringssl-with-bazel/src/crypto/aes/aes.cc +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.cc +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.cc +15 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +19 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.cc +79 -48
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.cc +11 -19
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.cc +3 -7
- data/third_party/boringssl-with-bazel/src/crypto/bcm_support.h +0 -35
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/internal.h +3 -5
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.cc +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/bn/convert.cc +31 -47
- data/third_party/boringssl-with-bazel/src/crypto/bn/div.cc +100 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn/exponentiation.cc +166 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn/sqrt.cc +93 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.cc +14 -8
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/cipher/derive_key.cc +13 -15
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aeseax.cc +289 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aesgcmsiv.cc +179 -102
- data/third_party/boringssl-with-bazel/src/crypto/cipher/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/cms/cms.cc +172 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.cc +28 -5
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.h +11 -9
- data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.cc +0 -6
- data/third_party/boringssl-with-bazel/src/crypto/crypto.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/des/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/dh/dh_asn1.cc +13 -14
- data/third_party/boringssl-with-bazel/src/crypto/dh/params.cc +27 -61
- data/third_party/boringssl-with-bazel/src/crypto/digest/digest_extra.cc +16 -8
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.cc +112 -122
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.cc +23 -35
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec/ec_asn1.cc +47 -63
- data/third_party/boringssl-with-bazel/src/crypto/ec/hash_to_curve.cc +60 -68
- data/third_party/boringssl-with-bazel/src/crypto/ec/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa/ecdsa_asn1.cc +11 -17
- data/third_party/boringssl-with-bazel/src/crypto/err/err.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.cc +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.cc +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.cc +23 -42
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.cc.inc +29 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/gcm.cc.inc +10 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +16 -45
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.cc.inc +5 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.cc.inc +15 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.cc +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +101 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.cc.inc +96 -187
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.cc.inc +24 -512
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.cc.inc +58 -80
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.cc.inc +29 -45
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +27 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.cc.inc +7 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.cc.inc +27 -48
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.cc.inc +34 -34
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.cc.inc +102 -154
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.cc.inc +3 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.cc.inc +1 -78
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.cc.inc +10 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +15 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.cc.inc +40 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.cc.inc +57 -76
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.cc.inc +4 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.cc.inc +37 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.cc.inc +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.cc.inc +28 -39
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.cc.inc +6 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/keccak/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mldsa/fips_known_values.inc +1345 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mldsa/mldsa.cc.inc +335 -28
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mlkem/fips_known_values.inc +411 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mlkem/mlkem.cc.inc +265 -33
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.cc.inc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.cc.inc +19 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.cc.inc +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.cc.inc +121 -138
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.cc.inc +96 -83
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +8 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fips_known_values.inc +674 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc +235 -60
- data/third_party/boringssl-with-bazel/src/crypto/fuzzer_mode.cc +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +39 -30
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/md5/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/mem.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.cc +2 -8
- data/third_party/boringssl-with-bazel/src/crypto/pem/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.cc +8 -13
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +22 -8
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.cc +19 -17
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.cc +134 -136
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +14 -8
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.cc +25 -21
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.cc +36 -52
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.cc +97 -79
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/rand/deterministic.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/fork_detect.cc +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/rand/getentropy.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/{sysrand_internal.h → internal.h} +22 -4
- data/third_party/boringssl-with-bazel/src/crypto/rand/ios.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/trusty.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/urandom.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/windows.cc +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/rsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_crypt.cc +14 -22
- data/third_party/boringssl-with-bazel/src/crypto/spake2plus/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.cc +3 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.cc +8 -12
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +15 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_conf.cc +16 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.cc +18 -21
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.cc +10 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.cc +9 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.cc +10 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.cc +64 -85
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.cc +16 -32
- data/third_party/boringssl-with-bazel/src/gen/crypto/err_data.cc +576 -567
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +16 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +6 -54
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +8 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/base64.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bcm_public.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/blowfish.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/buf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +7 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cast.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cms.h +146 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +23 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +19 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdh.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +2 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +4 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/md4.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/md5.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +10 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +19 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/rc4.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ripemd.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/slhdsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +291 -40
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +0 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +9 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +7 -4
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +2 -0
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +32 -26
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +49 -49
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +253 -50
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +12 -12
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +7 -5
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +2 -1
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +24 -32
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +93 -4
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +6 -12
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +18 -4
- data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +83 -7
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +173 -19
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +5 -18
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +28 -15
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +31 -7
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +13 -1
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +7 -11
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +13 -11
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +2 -5
- data/third_party/upb/upb/hash/common.c +310 -189
- data/third_party/upb/upb/hash/common.h +44 -43
- data/third_party/upb/upb/hash/int_table.h +29 -5
- data/third_party/upb/upb/hash/str_table.h +6 -0
- data/third_party/upb/upb/mem/arena.c +180 -57
- data/third_party/upb/upb/mem/arena.h +10 -0
- data/third_party/upb/upb/mem/internal/arena.h +62 -24
- data/third_party/upb/upb/message/accessors.c +1 -5
- data/third_party/upb/upb/message/array.c +7 -6
- data/third_party/upb/upb/message/array.h +4 -4
- data/third_party/upb/upb/message/internal/accessors.h +3 -3
- data/third_party/upb/upb/message/internal/extension.c +0 -12
- data/third_party/upb/upb/message/internal/extension.h +0 -4
- data/third_party/upb/upb/message/internal/iterator.h +3 -3
- data/third_party/upb/upb/message/internal/map.h +75 -20
- data/third_party/upb/upb/message/internal/map_sorter.h +10 -2
- data/third_party/upb/upb/message/internal/message.h +53 -5
- data/third_party/upb/upb/message/map.c +68 -20
- data/third_party/upb/upb/message/map.h +8 -1
- data/third_party/upb/upb/message/map_gencode_util.h +3 -45
- data/third_party/upb/upb/message/map_sorter.c +32 -8
- data/third_party/upb/upb/message/merge.h +3 -3
- data/third_party/upb/upb/message/message.c +120 -14
- data/third_party/upb/upb/message/message.h +17 -8
- data/third_party/upb/upb/mini_descriptor/build_enum.c +15 -5
- data/third_party/upb/upb/mini_descriptor/decode.c +18 -2
- data/third_party/upb/upb/mini_descriptor/link.c +4 -0
- data/third_party/upb/upb/mini_table/extension.h +8 -1
- data/third_party/upb/upb/mini_table/extension_registry.c +1 -1
- data/third_party/upb/upb/mini_table/internal/enum.h +1 -1
- data/third_party/upb/upb/mini_table/internal/extension.h +24 -1
- data/third_party/upb/upb/mini_table/internal/field.h +4 -4
- data/third_party/upb/upb/mini_table/internal/message.h +1 -1
- data/third_party/upb/upb/port/def.inc +32 -16
- data/third_party/upb/upb/port/undef.inc +1 -0
- data/third_party/upb/upb/reflection/def_pool.h +2 -2
- data/third_party/upb/upb/reflection/descriptor_bootstrap.h +3 -3
- data/third_party/upb/upb/reflection/enum_def.c +4 -4
- data/third_party/upb/upb/reflection/enum_reserved_range.c +1 -1
- data/third_party/upb/upb/reflection/enum_value_def.c +9 -8
- data/third_party/upb/upb/reflection/extension_range.c +1 -2
- data/third_party/upb/upb/reflection/field_def.c +3 -5
- data/third_party/upb/upb/reflection/field_def.h +1 -1
- data/third_party/upb/upb/reflection/file_def.c +4 -5
- data/third_party/upb/upb/reflection/internal/def_builder.h +35 -10
- data/third_party/upb/upb/reflection/internal/enum_value_def.h +1 -1
- data/third_party/upb/upb/reflection/internal/upb_edition_defaults.h +1 -1
- data/third_party/upb/upb/reflection/message_def.c +4 -7
- data/third_party/upb/upb/reflection/message_reserved_range.c +1 -1
- data/third_party/upb/upb/reflection/method_def.c +1 -1
- data/third_party/upb/upb/reflection/oneof_def.c +3 -3
- data/third_party/upb/upb/reflection/service_def.c +2 -5
- data/third_party/upb/upb/text/encode.c +16 -0
- data/third_party/upb/upb/text/internal/encode.h +2 -1
- data/third_party/upb/upb/wire/decode.c +104 -72
- data/third_party/upb/upb/wire/encode.c +37 -13
- data/third_party/upb/upb/wire/internal/decode_fast.c +2 -2
- data/third_party/upb/upb/wire/internal/decode_fast.h +4 -0
- metadata +43 -7
- data/src/core/lib/iomgr/executor.cc +0 -441
- data/src/core/lib/iomgr/executor.h +0 -119
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/polyval.cc.inc +0 -89
|
@@ -28,6 +28,7 @@
|
|
|
28
28
|
#define EVP_AEAD_AES_GCM_SIV_NONCE_LEN 12
|
|
29
29
|
#define EVP_AEAD_AES_GCM_SIV_TAG_LEN 16
|
|
30
30
|
|
|
31
|
+
namespace {
|
|
31
32
|
// TODO(davidben): AES-GCM-SIV assembly is not correct for Windows. It must save
|
|
32
33
|
// and restore xmm6 through xmm15.
|
|
33
34
|
#if defined(OPENSSL_X86_64) && !defined(OPENSSL_NO_ASM) && \
|
|
@@ -36,12 +37,10 @@
|
|
|
36
37
|
|
|
37
38
|
// Optimised AES-GCM-SIV
|
|
38
39
|
|
|
39
|
-
namespace {
|
|
40
40
|
struct aead_aes_gcm_siv_asm_ctx {
|
|
41
41
|
alignas(16) uint8_t key[16 * 15];
|
|
42
42
|
int is_128_bit;
|
|
43
43
|
};
|
|
44
|
-
} // namespace
|
|
45
44
|
|
|
46
45
|
// The assembly code assumes 8-byte alignment of the EVP_AEAD_CTX's state, and
|
|
47
46
|
// aligns to 16 bytes itself.
|
|
@@ -51,15 +50,6 @@ static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) + 8 >=
|
|
|
51
50
|
static_assert(alignof(union evp_aead_ctx_st_state) >= 8,
|
|
52
51
|
"AEAD state has insufficient alignment");
|
|
53
52
|
|
|
54
|
-
// asm_ctx_from_ctx returns a 16-byte aligned context pointer from |ctx|.
|
|
55
|
-
static struct aead_aes_gcm_siv_asm_ctx *asm_ctx_from_ctx(
|
|
56
|
-
const EVP_AEAD_CTX *ctx) {
|
|
57
|
-
// ctx->state must already be 8-byte aligned. Thus, at most, we may need to
|
|
58
|
-
// add eight to align it to 16 bytes.
|
|
59
|
-
const uintptr_t offset = ((uintptr_t)&ctx->state) & 8;
|
|
60
|
-
return (struct aead_aes_gcm_siv_asm_ctx *)(&ctx->state.opaque[offset]);
|
|
61
|
-
}
|
|
62
|
-
|
|
63
53
|
extern "C" {
|
|
64
54
|
// aes128gcmsiv_aes_ks writes an AES-128 key schedule for |key| to
|
|
65
55
|
// |out_expanded_key|.
|
|
@@ -70,45 +60,7 @@ extern void aes128gcmsiv_aes_ks(const uint8_t key[16],
|
|
|
70
60
|
// |out_expanded_key|.
|
|
71
61
|
extern void aes256gcmsiv_aes_ks(const uint8_t key[32],
|
|
72
62
|
uint8_t out_expanded_key[16 * 15]);
|
|
73
|
-
}
|
|
74
|
-
|
|
75
|
-
static int aead_aes_gcm_siv_asm_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
|
|
76
|
-
size_t key_len, size_t tag_len) {
|
|
77
|
-
const size_t key_bits = key_len * 8;
|
|
78
|
-
|
|
79
|
-
if (key_bits != 128 && key_bits != 256) {
|
|
80
|
-
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH);
|
|
81
|
-
return 0; // EVP_AEAD_CTX_init should catch this.
|
|
82
|
-
}
|
|
83
|
-
|
|
84
|
-
if (tag_len == EVP_AEAD_DEFAULT_TAG_LENGTH) {
|
|
85
|
-
tag_len = EVP_AEAD_AES_GCM_SIV_TAG_LEN;
|
|
86
|
-
}
|
|
87
|
-
|
|
88
|
-
if (tag_len != EVP_AEAD_AES_GCM_SIV_TAG_LEN) {
|
|
89
|
-
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TAG_TOO_LARGE);
|
|
90
|
-
return 0;
|
|
91
|
-
}
|
|
92
|
-
|
|
93
|
-
struct aead_aes_gcm_siv_asm_ctx *gcm_siv_ctx = asm_ctx_from_ctx(ctx);
|
|
94
|
-
assert((((uintptr_t)gcm_siv_ctx) & 15) == 0);
|
|
95
63
|
|
|
96
|
-
if (key_bits == 128) {
|
|
97
|
-
aes128gcmsiv_aes_ks(key, &gcm_siv_ctx->key[0]);
|
|
98
|
-
gcm_siv_ctx->is_128_bit = 1;
|
|
99
|
-
} else {
|
|
100
|
-
aes256gcmsiv_aes_ks(key, &gcm_siv_ctx->key[0]);
|
|
101
|
-
gcm_siv_ctx->is_128_bit = 0;
|
|
102
|
-
}
|
|
103
|
-
|
|
104
|
-
ctx->tag_len = tag_len;
|
|
105
|
-
|
|
106
|
-
return 1;
|
|
107
|
-
}
|
|
108
|
-
|
|
109
|
-
static void aead_aes_gcm_siv_asm_cleanup(EVP_AEAD_CTX *ctx) {}
|
|
110
|
-
|
|
111
|
-
extern "C" {
|
|
112
64
|
// aesgcmsiv_polyval_horner updates the POLYVAL value in |in_out_poly| to
|
|
113
65
|
// include a number (|in_blocks|) of 16-byte blocks of data from |in|, given
|
|
114
66
|
// the POLYVAL key in |key|.
|
|
@@ -225,12 +177,55 @@ extern void aes256gcmsiv_enc_msg_x8(const uint8_t *in, uint8_t *out,
|
|
|
225
177
|
size_t in_len);
|
|
226
178
|
}
|
|
227
179
|
|
|
180
|
+
// asm_ctx_from_ctx returns a 16-byte aligned context pointer from |ctx|.
|
|
181
|
+
struct aead_aes_gcm_siv_asm_ctx *asm_ctx_from_ctx(const EVP_AEAD_CTX *ctx) {
|
|
182
|
+
// ctx->state must already be 8-byte aligned. Thus, at most, we may need to
|
|
183
|
+
// add eight to align it to 16 bytes.
|
|
184
|
+
const uintptr_t offset = ((uintptr_t)&ctx->state) & 8;
|
|
185
|
+
return (struct aead_aes_gcm_siv_asm_ctx *)(&ctx->state.opaque[offset]);
|
|
186
|
+
}
|
|
187
|
+
|
|
188
|
+
int aead_aes_gcm_siv_asm_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
|
|
189
|
+
size_t key_len, size_t tag_len) {
|
|
190
|
+
const size_t key_bits = key_len * 8;
|
|
191
|
+
|
|
192
|
+
if (key_bits != 128 && key_bits != 256) {
|
|
193
|
+
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH);
|
|
194
|
+
return 0; // EVP_AEAD_CTX_init should catch this.
|
|
195
|
+
}
|
|
196
|
+
|
|
197
|
+
if (tag_len == EVP_AEAD_DEFAULT_TAG_LENGTH) {
|
|
198
|
+
tag_len = EVP_AEAD_AES_GCM_SIV_TAG_LEN;
|
|
199
|
+
}
|
|
200
|
+
|
|
201
|
+
if (tag_len != EVP_AEAD_AES_GCM_SIV_TAG_LEN) {
|
|
202
|
+
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TAG_TOO_LARGE);
|
|
203
|
+
return 0;
|
|
204
|
+
}
|
|
205
|
+
|
|
206
|
+
struct aead_aes_gcm_siv_asm_ctx *gcm_siv_ctx = asm_ctx_from_ctx(ctx);
|
|
207
|
+
assert((((uintptr_t)gcm_siv_ctx) & 15) == 0);
|
|
208
|
+
|
|
209
|
+
if (key_bits == 128) {
|
|
210
|
+
aes128gcmsiv_aes_ks(key, &gcm_siv_ctx->key[0]);
|
|
211
|
+
gcm_siv_ctx->is_128_bit = 1;
|
|
212
|
+
} else {
|
|
213
|
+
aes256gcmsiv_aes_ks(key, &gcm_siv_ctx->key[0]);
|
|
214
|
+
gcm_siv_ctx->is_128_bit = 0;
|
|
215
|
+
}
|
|
216
|
+
|
|
217
|
+
ctx->tag_len = tag_len;
|
|
218
|
+
|
|
219
|
+
return 1;
|
|
220
|
+
}
|
|
221
|
+
|
|
222
|
+
void aead_aes_gcm_siv_asm_cleanup(EVP_AEAD_CTX *ctx) {}
|
|
223
|
+
|
|
228
224
|
// gcm_siv_asm_polyval evaluates POLYVAL at |auth_key| on the given plaintext
|
|
229
225
|
// and AD. The result is written to |out_tag|.
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
const uint8_t nonce[12]) {
|
|
226
|
+
void gcm_siv_asm_polyval(uint8_t out_tag[16], const uint8_t *in, size_t in_len,
|
|
227
|
+
const uint8_t *ad, size_t ad_len,
|
|
228
|
+
const uint8_t auth_key[16], const uint8_t nonce[12]) {
|
|
234
229
|
OPENSSL_memset(out_tag, 0, 16);
|
|
235
230
|
const size_t ad_blocks = ad_len / 16;
|
|
236
231
|
const size_t in_blocks = in_len / 16;
|
|
@@ -283,7 +278,7 @@ static void gcm_siv_asm_polyval(uint8_t out_tag[16], const uint8_t *in,
|
|
|
283
278
|
// (same thing in CTR mode) of the final block of a plaintext/ciphertext. It
|
|
284
279
|
// writes |in_len| & 15 bytes to |out| + |in_len|, based on an initial counter
|
|
285
280
|
// derived from |tag|.
|
|
286
|
-
|
|
281
|
+
void aead_aes_gcm_siv_asm_crypt_last_block(
|
|
287
282
|
int is_128_bit, uint8_t *out, const uint8_t *in, size_t in_len,
|
|
288
283
|
const uint8_t tag[16],
|
|
289
284
|
const struct aead_aes_gcm_siv_asm_ctx *enc_key_expanded) {
|
|
@@ -309,10 +304,11 @@ static void aead_aes_gcm_siv_asm_crypt_last_block(
|
|
|
309
304
|
|
|
310
305
|
// aead_aes_gcm_siv_kdf calculates the record encryption and authentication
|
|
311
306
|
// keys given the |nonce|.
|
|
312
|
-
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
307
|
+
void aead_aes_gcm_siv_kdf(int is_128_bit,
|
|
308
|
+
const struct aead_aes_gcm_siv_asm_ctx *gcm_siv_ctx,
|
|
309
|
+
uint64_t out_record_auth_key[2],
|
|
310
|
+
uint64_t out_record_enc_key[4],
|
|
311
|
+
const uint8_t nonce[12]) {
|
|
316
312
|
alignas(16) uint8_t padded_nonce[16];
|
|
317
313
|
OPENSSL_memcpy(padded_nonce, nonce, 12);
|
|
318
314
|
|
|
@@ -333,7 +329,7 @@ static void aead_aes_gcm_siv_kdf(
|
|
|
333
329
|
out_record_auth_key[1] = key_material[2];
|
|
334
330
|
}
|
|
335
331
|
|
|
336
|
-
|
|
332
|
+
int aead_aes_gcm_siv_asm_seal_scatter(
|
|
337
333
|
const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t *out_tag,
|
|
338
334
|
size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce,
|
|
339
335
|
size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in,
|
|
@@ -399,10 +395,11 @@ static int aead_aes_gcm_siv_asm_seal_scatter(
|
|
|
399
395
|
return 1;
|
|
400
396
|
}
|
|
401
397
|
|
|
402
|
-
|
|
403
|
-
|
|
404
|
-
|
|
405
|
-
|
|
398
|
+
int aead_aes_gcm_siv_asm_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|
399
|
+
const uint8_t *nonce, size_t nonce_len,
|
|
400
|
+
const uint8_t *in, size_t in_len,
|
|
401
|
+
const uint8_t *in_tag, size_t in_tag_len,
|
|
402
|
+
const uint8_t *ad, size_t ad_len) {
|
|
406
403
|
const uint64_t ad_len_64 = ad_len;
|
|
407
404
|
if (ad_len_64 >= (UINT64_C(1) << 61)) {
|
|
408
405
|
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE);
|
|
@@ -499,7 +496,7 @@ static int aead_aes_gcm_siv_asm_open_gather(
|
|
|
499
496
|
return 1;
|
|
500
497
|
}
|
|
501
498
|
|
|
502
|
-
|
|
499
|
+
const EVP_AEAD aead_aes_128_gcm_siv_asm = {
|
|
503
500
|
16, // key length
|
|
504
501
|
EVP_AEAD_AES_GCM_SIV_NONCE_LEN, // nonce length
|
|
505
502
|
EVP_AEAD_AES_GCM_SIV_TAG_LEN, // overhead
|
|
@@ -516,7 +513,7 @@ static const EVP_AEAD aead_aes_128_gcm_siv_asm = {
|
|
|
516
513
|
NULL /* tag_len */,
|
|
517
514
|
};
|
|
518
515
|
|
|
519
|
-
|
|
516
|
+
const EVP_AEAD aead_aes_256_gcm_siv_asm = {
|
|
520
517
|
32, // key length
|
|
521
518
|
EVP_AEAD_AES_GCM_SIV_NONCE_LEN, // nonce length
|
|
522
519
|
EVP_AEAD_AES_GCM_SIV_TAG_LEN, // overhead
|
|
@@ -535,7 +532,7 @@ static const EVP_AEAD aead_aes_256_gcm_siv_asm = {
|
|
|
535
532
|
|
|
536
533
|
#endif // X86_64 && !NO_ASM && !WINDOWS
|
|
537
534
|
|
|
538
|
-
|
|
535
|
+
|
|
539
536
|
struct aead_aes_gcm_siv_ctx {
|
|
540
537
|
union {
|
|
541
538
|
double align;
|
|
@@ -544,7 +541,6 @@ struct aead_aes_gcm_siv_ctx {
|
|
|
544
541
|
block128_f kgk_block;
|
|
545
542
|
unsigned is_256 : 1;
|
|
546
543
|
};
|
|
547
|
-
} // namespace
|
|
548
544
|
|
|
549
545
|
static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
|
|
550
546
|
sizeof(struct aead_aes_gcm_siv_ctx),
|
|
@@ -553,8 +549,8 @@ static_assert(alignof(union evp_aead_ctx_st_state) >=
|
|
|
553
549
|
alignof(struct aead_aes_gcm_siv_ctx),
|
|
554
550
|
"AEAD state has insufficient alignment");
|
|
555
551
|
|
|
556
|
-
|
|
557
|
-
|
|
552
|
+
int aead_aes_gcm_siv_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len,
|
|
553
|
+
size_t tag_len) {
|
|
558
554
|
const size_t key_bits = key_len * 8;
|
|
559
555
|
|
|
560
556
|
if (key_bits != 128 && key_bits != 256) {
|
|
@@ -582,7 +578,7 @@ static int aead_aes_gcm_siv_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
|
|
|
582
578
|
return 1;
|
|
583
579
|
}
|
|
584
580
|
|
|
585
|
-
|
|
581
|
+
void aead_aes_gcm_siv_cleanup(EVP_AEAD_CTX *ctx) {}
|
|
586
582
|
|
|
587
583
|
// gcm_siv_crypt encrypts (or decrypts—it's the same thing) |in_len| bytes from
|
|
588
584
|
// |in| to |out|, using the block function |enc_block| with |key| in counter
|
|
@@ -591,9 +587,9 @@ static void aead_aes_gcm_siv_cleanup(EVP_AEAD_CTX *ctx) {}
|
|
|
591
587
|
// first four bytes are used and the GCM-SIV tweak to the final byte is
|
|
592
588
|
// applied. The |in| and |out| pointers may be equal but otherwise must not
|
|
593
589
|
// alias.
|
|
594
|
-
|
|
595
|
-
|
|
596
|
-
|
|
590
|
+
void gcm_siv_crypt(uint8_t *out, const uint8_t *in, size_t in_len,
|
|
591
|
+
const uint8_t initial_counter[AES_BLOCK_SIZE],
|
|
592
|
+
block128_f enc_block, const AES_KEY *key) {
|
|
597
593
|
uint8_t counter[16];
|
|
598
594
|
|
|
599
595
|
OPENSSL_memcpy(counter, initial_counter, AES_BLOCK_SIZE);
|
|
@@ -617,45 +613,125 @@ static void gcm_siv_crypt(uint8_t *out, const uint8_t *in, size_t in_len,
|
|
|
617
613
|
}
|
|
618
614
|
}
|
|
619
615
|
|
|
616
|
+
|
|
617
|
+
// POLYVAL.
|
|
618
|
+
//
|
|
619
|
+
// POLYVAL is a polynomial authenticator that operates over a field very
|
|
620
|
+
// similar to the one that GHASH uses. See
|
|
621
|
+
// https://www.rfc-editor.org/rfc/rfc8452.html#section-3.
|
|
622
|
+
|
|
623
|
+
// POLYVAL(H, X_1, ..., X_n) =
|
|
624
|
+
// ByteReverse(GHASH(mulX_GHASH(ByteReverse(H)), ByteReverse(X_1), ...,
|
|
625
|
+
// ByteReverse(X_n))).
|
|
626
|
+
//
|
|
627
|
+
// See https://www.rfc-editor.org/rfc/rfc8452.html#appendix-A.
|
|
628
|
+
|
|
629
|
+
struct polyval_ctx {
|
|
630
|
+
uint8_t S[16];
|
|
631
|
+
u128 Htable[16];
|
|
632
|
+
gmult_func gmult;
|
|
633
|
+
ghash_func ghash;
|
|
634
|
+
};
|
|
635
|
+
|
|
636
|
+
// byte_reverse reverses the order of the bytes in |b->c|.
|
|
637
|
+
void byte_reverse(uint8_t b[16]) {
|
|
638
|
+
uint64_t hi = CRYPTO_load_u64_le(b);
|
|
639
|
+
uint64_t lo = CRYPTO_load_u64_le(b + 8);
|
|
640
|
+
CRYPTO_store_u64_le(b, CRYPTO_bswap8(lo));
|
|
641
|
+
CRYPTO_store_u64_le(b + 8, CRYPTO_bswap8(hi));
|
|
642
|
+
}
|
|
643
|
+
|
|
644
|
+
// reverse_and_mulX_ghash interprets |b| as a reversed element of the GHASH
|
|
645
|
+
// field, multiplies that by 'x' and serialises the result back into |b|, but
|
|
646
|
+
// with GHASH's backwards bit ordering.
|
|
647
|
+
void reverse_and_mulX_ghash(uint8_t b[16]) {
|
|
648
|
+
uint64_t hi = CRYPTO_load_u64_le(b);
|
|
649
|
+
uint64_t lo = CRYPTO_load_u64_le(b + 8);
|
|
650
|
+
const crypto_word_t carry = constant_time_eq_w(hi & 1, 1);
|
|
651
|
+
hi >>= 1;
|
|
652
|
+
hi |= lo << 63;
|
|
653
|
+
lo >>= 1;
|
|
654
|
+
lo ^= ((uint64_t)constant_time_select_w(carry, 0xe1, 0)) << 56;
|
|
655
|
+
|
|
656
|
+
CRYPTO_store_u64_le(b, CRYPTO_bswap8(lo));
|
|
657
|
+
CRYPTO_store_u64_le(b + 8, CRYPTO_bswap8(hi));
|
|
658
|
+
}
|
|
659
|
+
|
|
660
|
+
void crypto_polyval_init(struct polyval_ctx *ctx, const uint8_t key[16]) {
|
|
661
|
+
alignas(8) uint8_t H[16];
|
|
662
|
+
OPENSSL_memcpy(H, key, 16);
|
|
663
|
+
reverse_and_mulX_ghash(H);
|
|
664
|
+
|
|
665
|
+
CRYPTO_ghash_init(&ctx->gmult, &ctx->ghash, ctx->Htable, H);
|
|
666
|
+
OPENSSL_memset(&ctx->S, 0, sizeof(ctx->S));
|
|
667
|
+
}
|
|
668
|
+
|
|
669
|
+
void crypto_polyval_update_blocks(struct polyval_ctx *ctx, const uint8_t *in,
|
|
670
|
+
size_t in_len) {
|
|
671
|
+
assert((in_len & 15) == 0);
|
|
672
|
+
alignas(8) uint8_t buf[32 * 16];
|
|
673
|
+
|
|
674
|
+
while (in_len > 0) {
|
|
675
|
+
size_t todo = in_len;
|
|
676
|
+
if (todo > sizeof(buf)) {
|
|
677
|
+
todo = sizeof(buf);
|
|
678
|
+
}
|
|
679
|
+
OPENSSL_memcpy(buf, in, todo);
|
|
680
|
+
in += todo;
|
|
681
|
+
in_len -= todo;
|
|
682
|
+
|
|
683
|
+
size_t blocks = todo / 16;
|
|
684
|
+
for (size_t i = 0; i < blocks; i++) {
|
|
685
|
+
byte_reverse(buf + 16 * i);
|
|
686
|
+
}
|
|
687
|
+
|
|
688
|
+
ctx->ghash(ctx->S, ctx->Htable, buf, todo);
|
|
689
|
+
}
|
|
690
|
+
}
|
|
691
|
+
|
|
692
|
+
void crypto_polyval_finish(const struct polyval_ctx *ctx, uint8_t out[16]) {
|
|
693
|
+
OPENSSL_memcpy(out, &ctx->S, 16);
|
|
694
|
+
byte_reverse(out);
|
|
695
|
+
}
|
|
696
|
+
|
|
620
697
|
// gcm_siv_polyval evaluates POLYVAL at |auth_key| on the given plaintext and
|
|
621
698
|
// AD. The result is written to |out_tag|.
|
|
622
|
-
|
|
623
|
-
|
|
624
|
-
|
|
625
|
-
|
|
699
|
+
void gcm_siv_polyval(uint8_t out_tag[16], const uint8_t *in, size_t in_len,
|
|
700
|
+
const uint8_t *ad, size_t ad_len,
|
|
701
|
+
const uint8_t auth_key[16],
|
|
702
|
+
const uint8_t nonce[EVP_AEAD_AES_GCM_SIV_NONCE_LEN]) {
|
|
626
703
|
struct polyval_ctx polyval_ctx;
|
|
627
|
-
|
|
704
|
+
crypto_polyval_init(&polyval_ctx, auth_key);
|
|
628
705
|
|
|
629
|
-
|
|
706
|
+
crypto_polyval_update_blocks(&polyval_ctx, ad, ad_len & ~15);
|
|
630
707
|
|
|
631
708
|
uint8_t scratch[16];
|
|
632
709
|
if (ad_len & 15) {
|
|
633
710
|
OPENSSL_memset(scratch, 0, sizeof(scratch));
|
|
634
711
|
OPENSSL_memcpy(scratch, &ad[ad_len & ~15], ad_len & 15);
|
|
635
|
-
|
|
712
|
+
crypto_polyval_update_blocks(&polyval_ctx, scratch, sizeof(scratch));
|
|
636
713
|
}
|
|
637
714
|
|
|
638
|
-
|
|
715
|
+
crypto_polyval_update_blocks(&polyval_ctx, in, in_len & ~15);
|
|
639
716
|
if (in_len & 15) {
|
|
640
717
|
OPENSSL_memset(scratch, 0, sizeof(scratch));
|
|
641
718
|
OPENSSL_memcpy(scratch, &in[in_len & ~15], in_len & 15);
|
|
642
|
-
|
|
719
|
+
crypto_polyval_update_blocks(&polyval_ctx, scratch, sizeof(scratch));
|
|
643
720
|
}
|
|
644
721
|
|
|
645
722
|
uint8_t length_block[16];
|
|
646
723
|
CRYPTO_store_u64_le(length_block, ((uint64_t)ad_len) * 8);
|
|
647
724
|
CRYPTO_store_u64_le(length_block + 8, ((uint64_t)in_len) * 8);
|
|
648
|
-
|
|
725
|
+
crypto_polyval_update_blocks(&polyval_ctx, length_block,
|
|
649
726
|
sizeof(length_block));
|
|
650
727
|
|
|
651
|
-
|
|
728
|
+
crypto_polyval_finish(&polyval_ctx, out_tag);
|
|
652
729
|
for (size_t i = 0; i < EVP_AEAD_AES_GCM_SIV_NONCE_LEN; i++) {
|
|
653
730
|
out_tag[i] ^= nonce[i];
|
|
654
731
|
}
|
|
655
732
|
out_tag[15] &= 0x7f;
|
|
656
733
|
}
|
|
657
734
|
|
|
658
|
-
namespace {
|
|
659
735
|
// gcm_siv_record_keys contains the keys used for a specific GCM-SIV record.
|
|
660
736
|
struct gcm_siv_record_keys {
|
|
661
737
|
uint8_t auth_key[16];
|
|
@@ -665,13 +741,12 @@ struct gcm_siv_record_keys {
|
|
|
665
741
|
} enc_key;
|
|
666
742
|
block128_f enc_block;
|
|
667
743
|
};
|
|
668
|
-
} // namespace
|
|
669
744
|
|
|
670
745
|
// gcm_siv_keys calculates the keys for a specific GCM-SIV record with the
|
|
671
746
|
// given nonce and writes them to |*out_keys|.
|
|
672
|
-
|
|
673
|
-
|
|
674
|
-
|
|
747
|
+
void gcm_siv_keys(const struct aead_aes_gcm_siv_ctx *gcm_siv_ctx,
|
|
748
|
+
struct gcm_siv_record_keys *out_keys,
|
|
749
|
+
const uint8_t nonce[EVP_AEAD_AES_GCM_SIV_NONCE_LEN]) {
|
|
675
750
|
const AES_KEY *const key = &gcm_siv_ctx->ks.ks;
|
|
676
751
|
uint8_t key_material[(128 /* POLYVAL key */ + 256 /* max AES key */) / 8];
|
|
677
752
|
const size_t blocks_needed = gcm_siv_ctx->is_256 ? 6 : 4;
|
|
@@ -701,11 +776,13 @@ static void gcm_siv_keys(const struct aead_aes_gcm_siv_ctx *gcm_siv_ctx,
|
|
|
701
776
|
key_material + 16, gcm_siv_ctx->is_256 ? 32 : 16);
|
|
702
777
|
}
|
|
703
778
|
|
|
704
|
-
|
|
705
|
-
|
|
706
|
-
|
|
707
|
-
|
|
708
|
-
|
|
779
|
+
int aead_aes_gcm_siv_seal_scatter(const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|
780
|
+
uint8_t *out_tag, size_t *out_tag_len,
|
|
781
|
+
size_t max_out_tag_len, const uint8_t *nonce,
|
|
782
|
+
size_t nonce_len, const uint8_t *in,
|
|
783
|
+
size_t in_len, const uint8_t *extra_in,
|
|
784
|
+
size_t extra_in_len, const uint8_t *ad,
|
|
785
|
+
size_t ad_len) {
|
|
709
786
|
const struct aead_aes_gcm_siv_ctx *gcm_siv_ctx =
|
|
710
787
|
(struct aead_aes_gcm_siv_ctx *)&ctx->state;
|
|
711
788
|
const uint64_t in_len_64 = in_len;
|
|
@@ -742,12 +819,11 @@ static int aead_aes_gcm_siv_seal_scatter(
|
|
|
742
819
|
return 1;
|
|
743
820
|
}
|
|
744
821
|
|
|
745
|
-
|
|
746
|
-
|
|
747
|
-
|
|
748
|
-
|
|
749
|
-
|
|
750
|
-
size_t ad_len) {
|
|
822
|
+
int aead_aes_gcm_siv_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|
823
|
+
const uint8_t *nonce, size_t nonce_len,
|
|
824
|
+
const uint8_t *in, size_t in_len,
|
|
825
|
+
const uint8_t *in_tag, size_t in_tag_len,
|
|
826
|
+
const uint8_t *ad, size_t ad_len) {
|
|
751
827
|
const uint64_t ad_len_64 = ad_len;
|
|
752
828
|
if (ad_len_64 >= (UINT64_C(1) << 61)) {
|
|
753
829
|
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE);
|
|
@@ -786,7 +862,7 @@ static int aead_aes_gcm_siv_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|
|
786
862
|
return 1;
|
|
787
863
|
}
|
|
788
864
|
|
|
789
|
-
|
|
865
|
+
const EVP_AEAD aead_aes_128_gcm_siv = {
|
|
790
866
|
16, // key length
|
|
791
867
|
EVP_AEAD_AES_GCM_SIV_NONCE_LEN, // nonce length
|
|
792
868
|
EVP_AEAD_AES_GCM_SIV_TAG_LEN, // overhead
|
|
@@ -803,7 +879,7 @@ static const EVP_AEAD aead_aes_128_gcm_siv = {
|
|
|
803
879
|
NULL /* tag_len */,
|
|
804
880
|
};
|
|
805
881
|
|
|
806
|
-
|
|
882
|
+
const EVP_AEAD aead_aes_256_gcm_siv = {
|
|
807
883
|
32, // key length
|
|
808
884
|
EVP_AEAD_AES_GCM_SIV_NONCE_LEN, // nonce length
|
|
809
885
|
EVP_AEAD_AES_GCM_SIV_TAG_LEN, // overhead
|
|
@@ -819,6 +895,7 @@ static const EVP_AEAD aead_aes_256_gcm_siv = {
|
|
|
819
895
|
NULL /* get_iv */,
|
|
820
896
|
NULL /* tag_len */,
|
|
821
897
|
};
|
|
898
|
+
} // namespace
|
|
822
899
|
|
|
823
900
|
#if defined(AES_GCM_SIV_ASM)
|
|
824
901
|
|
|
@@ -12,8 +12,8 @@
|
|
|
12
12
|
// See the License for the specific language governing permissions and
|
|
13
13
|
// limitations under the License.
|
|
14
14
|
|
|
15
|
-
#ifndef
|
|
16
|
-
#define
|
|
15
|
+
#ifndef OPENSSL_HEADER_CRYPTO_CIPHER_INTERNAL_H
|
|
16
|
+
#define OPENSSL_HEADER_CRYPTO_CIPHER_INTERNAL_H
|
|
17
17
|
|
|
18
18
|
#include <assert.h>
|
|
19
19
|
#include <stdlib.h>
|
|
@@ -237,4 +237,4 @@ inline void chacha20_poly1305_seal(uint8_t *out_ciphertext,
|
|
|
237
237
|
} // extern C
|
|
238
238
|
#endif
|
|
239
239
|
|
|
240
|
-
#endif //
|
|
240
|
+
#endif // OPENSSL_HEADER_CRYPTO_CIPHER_INTERNAL_H
|
|
@@ -0,0 +1,172 @@
|
|
|
1
|
+
// Copyright 2025 The BoringSSL Authors
|
|
2
|
+
//
|
|
3
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
// you may not use this file except in compliance with the License.
|
|
5
|
+
// You may obtain a copy of the License at
|
|
6
|
+
//
|
|
7
|
+
// https://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
//
|
|
9
|
+
// Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
// See the License for the specific language governing permissions and
|
|
13
|
+
// limitations under the License.
|
|
14
|
+
|
|
15
|
+
#include <openssl/cms.h>
|
|
16
|
+
|
|
17
|
+
#include <openssl/bio.h>
|
|
18
|
+
#include <openssl/err.h>
|
|
19
|
+
#include <openssl/evp.h>
|
|
20
|
+
#include <openssl/mem.h>
|
|
21
|
+
#include <openssl/x509.h>
|
|
22
|
+
|
|
23
|
+
#include "../pkcs7/internal.h"
|
|
24
|
+
|
|
25
|
+
|
|
26
|
+
// TODO(davidben): Should we move the core PKCS#7 / CMS implementation into
|
|
27
|
+
// crypto/cms instead of crypto/pkcs7? CMS is getting new features while PKCS#7
|
|
28
|
+
// is not.
|
|
29
|
+
OPENSSL_DECLARE_ERROR_REASON(CMS, CERTIFICATE_HAS_NO_KEYID)
|
|
30
|
+
|
|
31
|
+
struct CMS_SignerInfo_st {
|
|
32
|
+
X509 *signcert = nullptr;
|
|
33
|
+
EVP_PKEY *pkey = nullptr;
|
|
34
|
+
const EVP_MD *md = nullptr;
|
|
35
|
+
bool use_key_id = false;
|
|
36
|
+
};
|
|
37
|
+
|
|
38
|
+
struct CMS_ContentInfo_st {
|
|
39
|
+
bool has_signer_info = false;
|
|
40
|
+
CMS_SignerInfo signer_info;
|
|
41
|
+
uint8_t *der = nullptr;
|
|
42
|
+
size_t der_len = 0;
|
|
43
|
+
};
|
|
44
|
+
|
|
45
|
+
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
|
|
46
|
+
BIO *data, uint32_t flags) {
|
|
47
|
+
// We only support external signatures and do not support embedding
|
|
48
|
+
// certificates in SignedData.
|
|
49
|
+
if ((flags & CMS_DETACHED) == 0 || sk_X509_num(certs) != 0) {
|
|
50
|
+
OPENSSL_PUT_ERROR(CMS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
|
51
|
+
return nullptr;
|
|
52
|
+
}
|
|
53
|
+
|
|
54
|
+
bssl::UniquePtr<CMS_ContentInfo> cms(
|
|
55
|
+
static_cast<CMS_ContentInfo *>(OPENSSL_zalloc(sizeof(CMS_ContentInfo))));
|
|
56
|
+
if (cms == nullptr) {
|
|
57
|
+
return nullptr;
|
|
58
|
+
}
|
|
59
|
+
|
|
60
|
+
if (pkey != nullptr &&
|
|
61
|
+
!CMS_add1_signer(cms.get(), signcert, pkey, /*md=*/nullptr, flags)) {
|
|
62
|
+
return nullptr;
|
|
63
|
+
}
|
|
64
|
+
|
|
65
|
+
// We don't actually use streaming mode, but Linux passes |CMS_STREAM| to
|
|
66
|
+
// |CMS_sign| and OpenSSL interprets it as an alias for |CMS_PARTIAL| in this
|
|
67
|
+
// context.
|
|
68
|
+
if ((flags & (CMS_PARTIAL | CMS_STREAM)) == 0 &&
|
|
69
|
+
!CMS_final(cms.get(), data, NULL, flags)) {
|
|
70
|
+
return nullptr;
|
|
71
|
+
}
|
|
72
|
+
|
|
73
|
+
return cms.release();
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
void CMS_ContentInfo_free(CMS_ContentInfo *cms) {
|
|
77
|
+
if (cms == nullptr) {
|
|
78
|
+
return;
|
|
79
|
+
}
|
|
80
|
+
X509_free(cms->signer_info.signcert);
|
|
81
|
+
EVP_PKEY_free(cms->signer_info.pkey);
|
|
82
|
+
OPENSSL_free(cms->der);
|
|
83
|
+
OPENSSL_free(cms);
|
|
84
|
+
}
|
|
85
|
+
|
|
86
|
+
CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, X509 *signcert,
|
|
87
|
+
EVP_PKEY *pkey, const EVP_MD *md,
|
|
88
|
+
uint32_t flags) {
|
|
89
|
+
if ( // Already finalized.
|
|
90
|
+
cms->der_len != 0 ||
|
|
91
|
+
// We only support one signer.
|
|
92
|
+
cms->has_signer_info ||
|
|
93
|
+
// We do not support configuring a signer in multiple steps. (In OpenSSL,
|
|
94
|
+
// this is used to configure attributes.
|
|
95
|
+
(flags & CMS_PARTIAL) != 0 ||
|
|
96
|
+
// We do not support embedding certificates in SignedData.
|
|
97
|
+
(flags & CMS_NOCERTS) == 0 ||
|
|
98
|
+
// We do not support attributes in SignedData.
|
|
99
|
+
(flags & CMS_NOATTR) == 0) {
|
|
100
|
+
OPENSSL_PUT_ERROR(CMS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
|
101
|
+
return nullptr;
|
|
102
|
+
}
|
|
103
|
+
|
|
104
|
+
if (signcert == nullptr || pkey == nullptr) {
|
|
105
|
+
OPENSSL_PUT_ERROR(CMS, ERR_R_PASSED_NULL_PARAMETER);
|
|
106
|
+
return nullptr;
|
|
107
|
+
}
|
|
108
|
+
|
|
109
|
+
if (!X509_check_private_key(signcert, pkey)) {
|
|
110
|
+
OPENSSL_PUT_ERROR(CMS, CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
|
|
111
|
+
return nullptr;
|
|
112
|
+
}
|
|
113
|
+
|
|
114
|
+
// Default to SHA-256.
|
|
115
|
+
if (md == nullptr) {
|
|
116
|
+
md = EVP_sha256();
|
|
117
|
+
}
|
|
118
|
+
|
|
119
|
+
// Save information for later.
|
|
120
|
+
cms->has_signer_info = true;
|
|
121
|
+
cms->signer_info.signcert = bssl::UpRef(signcert).release();
|
|
122
|
+
cms->signer_info.pkey = bssl::UpRef(pkey).release();
|
|
123
|
+
cms->signer_info.md = md;
|
|
124
|
+
cms->signer_info.use_key_id = (flags & CMS_USE_KEYID) != 0;
|
|
125
|
+
return &cms->signer_info;
|
|
126
|
+
}
|
|
127
|
+
|
|
128
|
+
int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, uint32_t flags) {
|
|
129
|
+
if ( // Already finalized.
|
|
130
|
+
cms->der_len != 0 ||
|
|
131
|
+
// Require a SignerInfo. We do not support signature-less SignedDatas.
|
|
132
|
+
!cms->has_signer_info ||
|
|
133
|
+
// We only support the straightforward passthrough mode, without S/MIME
|
|
134
|
+
// translations.
|
|
135
|
+
(flags & CMS_BINARY) == 0 ||
|
|
136
|
+
// We do not support |dcont|. It is unclear what it does.
|
|
137
|
+
dcont != nullptr) {
|
|
138
|
+
OPENSSL_PUT_ERROR(CMS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
|
139
|
+
return 0;
|
|
140
|
+
}
|
|
141
|
+
|
|
142
|
+
bssl::ScopedCBB cbb;
|
|
143
|
+
if (!CBB_init(cbb.get(), 2048) ||
|
|
144
|
+
!pkcs7_add_external_signature(cbb.get(), cms->signer_info.signcert,
|
|
145
|
+
cms->signer_info.pkey, cms->signer_info.md,
|
|
146
|
+
data, cms->signer_info.use_key_id) ||
|
|
147
|
+
!CBB_finish(cbb.get(), &cms->der, &cms->der_len)) {
|
|
148
|
+
return 0;
|
|
149
|
+
}
|
|
150
|
+
|
|
151
|
+
return 1;
|
|
152
|
+
}
|
|
153
|
+
|
|
154
|
+
int i2d_CMS_bio(BIO *out, CMS_ContentInfo *cms) {
|
|
155
|
+
if (cms->der_len == 0) {
|
|
156
|
+
// Not yet finalized.
|
|
157
|
+
OPENSSL_PUT_ERROR(CMS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
|
158
|
+
return 0;
|
|
159
|
+
}
|
|
160
|
+
|
|
161
|
+
return BIO_write_all(out, cms->der, cms->der_len);
|
|
162
|
+
}
|
|
163
|
+
|
|
164
|
+
int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags) {
|
|
165
|
+
// We do not support streaming mode.
|
|
166
|
+
if ((flags & CMS_STREAM) != 0 || in != nullptr) {
|
|
167
|
+
OPENSSL_PUT_ERROR(CMS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
|
168
|
+
return 0;
|
|
169
|
+
}
|
|
170
|
+
|
|
171
|
+
return i2d_CMS_bio(out, cms);
|
|
172
|
+
}
|