grpc 1.9.1 → 1.10.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +2654 -953
- data/etc/roots.pem +282 -683
- data/include/grpc/compression.h +9 -26
- data/include/grpc/grpc.h +10 -24
- data/include/grpc/grpc_security.h +7 -1
- data/include/grpc/impl/codegen/compression_types.h +5 -62
- data/include/grpc/impl/codegen/grpc_types.h +10 -6
- data/include/grpc/module.modulemap +1 -10
- data/include/grpc/support/alloc.h +3 -2
- data/include/grpc/support/log.h +1 -2
- data/{src/core/lib/gpr/thd_internal.h → include/grpc/support/thd_id.h} +23 -9
- data/src/boringssl/err_data.c +550 -496
- data/src/core/ext/census/grpc_context.cc +2 -1
- data/src/core/ext/filters/client_channel/backup_poller.cc +5 -4
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +7 -7
- data/src/core/ext/filters/client_channel/client_channel.cc +162 -172
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +4 -2
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +10 -10
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +18 -14
- data/src/core/ext/filters/client_channel/http_proxy.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy.cc +21 -105
- data/src/core/ext/filters/client_channel/lb_policy.h +166 -170
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +41 -36
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +1452 -1459
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +3 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +7 -8
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +27 -27
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +279 -304
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +358 -330
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc +30 -41
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +7 -14
- data/src/core/ext/filters/client_channel/lb_policy_factory.cc +8 -21
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +23 -27
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +58 -33
- data/src/core/ext/filters/client_channel/lb_policy_registry.h +25 -12
- data/src/core/ext/filters/client_channel/parse_address.cc +10 -8
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver.cc +6 -52
- data/src/core/ext/filters/client_channel/resolver.h +98 -55
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +266 -237
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +31 -27
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +244 -207
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +161 -148
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +47 -31
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +126 -126
- data/src/core/ext/filters/client_channel/resolver_factory.h +33 -32
- data/src/core/ext/filters/client_channel/resolver_registry.cc +110 -90
- data/src/core/ext/filters/client_channel/resolver_registry.h +49 -36
- data/src/core/ext/filters/client_channel/retry_throttle.cc +29 -22
- data/src/core/ext/filters/client_channel/subchannel.cc +173 -173
- data/src/core/ext/filters/client_channel/subchannel.h +38 -45
- data/src/core/ext/filters/client_channel/subchannel_index.cc +44 -40
- data/src/core/ext/filters/client_channel/uri_parser.cc +3 -3
- data/src/core/ext/filters/deadline/deadline_filter.cc +27 -18
- data/src/core/ext/filters/http/client/http_client_filter.cc +26 -23
- data/src/core/ext/filters/http/http_filters_plugin.cc +3 -2
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +78 -110
- data/src/core/ext/filters/http/server/http_server_filter.cc +29 -26
- data/src/core/ext/filters/load_reporting/server_load_reporting_filter.cc +9 -11
- data/src/core/ext/filters/load_reporting/server_load_reporting_plugin.cc +2 -1
- data/src/core/ext/filters/max_age/max_age_filter.cc +14 -14
- data/src/core/ext/filters/message_size/message_size_filter.cc +20 -18
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +4 -4
- data/src/core/ext/filters/workarounds/workaround_utils.cc +4 -4
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +2 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +10 -10
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +4 -4
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +11 -12
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +16 -13
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +36 -9
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +3 -0
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +17 -14
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +139 -145
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +16 -14
- data/src/core/ext/transport/chttp2/transport/flow_control.h +8 -7
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +35 -33
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +27 -25
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +12 -12
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +16 -15
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +19 -19
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +11 -11
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +23 -22
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +35 -35
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +10 -7
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +1 -1
- data/src/core/ext/transport/chttp2/transport/parsing.cc +35 -39
- data/src/core/ext/transport/chttp2/transport/stream_map.cc +8 -7
- data/src/core/ext/transport/chttp2/transport/varint.cc +5 -5
- data/src/core/ext/transport/chttp2/transport/writing.cc +18 -18
- data/src/core/ext/transport/inproc/inproc_transport.cc +43 -23
- data/src/core/lib/{gpr → avl}/avl.cc +61 -57
- data/{include/grpc/support → src/core/lib/avl}/avl.h +25 -35
- data/src/core/lib/backoff/backoff.cc +6 -5
- data/src/core/lib/channel/channel_args.cc +23 -109
- data/src/core/lib/channel/channel_args.h +5 -31
- data/src/core/lib/channel/channel_stack.cc +11 -8
- data/src/core/lib/channel/channel_stack_builder.cc +10 -7
- data/src/core/lib/channel/connected_channel.cc +18 -17
- data/src/core/lib/channel/handshaker.cc +8 -8
- data/src/core/lib/channel/handshaker_registry.cc +3 -2
- data/src/core/lib/compression/algorithm_metadata.h +13 -6
- data/src/core/lib/compression/compression.cc +72 -183
- data/src/core/lib/compression/compression_internal.cc +274 -0
- data/src/core/lib/compression/compression_internal.h +86 -0
- data/src/core/lib/compression/message_compress.cc +15 -15
- data/src/core/lib/compression/message_compress.h +4 -3
- data/src/core/lib/compression/stream_compression_gzip.cc +8 -8
- data/src/core/lib/compression/stream_compression_identity.cc +1 -1
- data/src/core/lib/debug/stats.cc +10 -8
- data/src/core/lib/debug/stats_data.cc +2 -1
- data/src/core/lib/debug/trace.cc +3 -3
- data/src/core/lib/gpr/alloc.cc +7 -11
- data/src/core/lib/gpr/arena.cc +34 -12
- data/src/core/lib/gpr/atm.cc +2 -1
- data/src/core/lib/gpr/cpu_linux.cc +3 -3
- data/src/core/lib/gpr/cpu_posix.cc +2 -1
- data/src/core/lib/gpr/env.h +1 -1
- data/src/core/lib/gpr/env_linux.cc +1 -1
- data/src/core/lib/gpr/env_windows.cc +4 -4
- data/src/core/lib/gpr/fork.cc +16 -2
- data/src/core/lib/gpr/host_port.cc +5 -4
- data/{include/grpc/support → src/core/lib/gpr}/host_port.h +5 -13
- data/src/core/lib/gpr/log.cc +5 -4
- data/src/core/lib/gpr/log_linux.cc +1 -1
- data/src/core/lib/gpr/mpscq.cc +1 -0
- data/src/core/lib/gpr/murmur_hash.cc +4 -4
- data/src/core/lib/gpr/string.cc +19 -16
- data/src/core/lib/gpr/string_posix.cc +3 -3
- data/src/core/lib/gpr/sync_posix.cc +5 -9
- data/src/core/lib/gpr/thd.cc +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/thd.h +20 -28
- data/src/core/lib/gpr/thd_posix.cc +6 -4
- data/src/core/lib/gpr/thd_windows.cc +3 -1
- data/src/core/lib/gpr/time.cc +6 -4
- data/src/core/lib/gpr/time_posix.cc +2 -2
- data/{include/grpc/support → src/core/lib/gpr}/tls.h +6 -6
- data/{include/grpc/support → src/core/lib/gpr}/tls_gcc.h +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/tls_msvc.h +3 -3
- data/src/core/lib/gpr/tls_pthread.cc +1 -1
- data/{include/grpc/support → src/core/lib/gpr}/tls_pthread.h +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/useful.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/abstract.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/atomic.h +5 -5
- data/src/core/lib/{gpr++ → gprpp}/atomic_with_atm.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/atomic_with_std.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/debug_location.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/inlined_vector.h +44 -22
- data/src/core/lib/{gpr++ → gprpp}/manual_constructor.h +2 -2
- data/src/core/lib/{gpr++ → gprpp}/memory.h +14 -5
- data/src/core/lib/{gpr++ → gprpp}/orphanable.h +39 -14
- data/src/core/lib/{gpr++ → gprpp}/ref_counted.h +42 -10
- data/src/core/lib/{gpr++ → gprpp}/ref_counted_ptr.h +18 -8
- data/src/core/lib/http/format_request.cc +3 -3
- data/src/core/lib/http/httpcli.cc +6 -7
- data/src/core/lib/http/httpcli_security_connector.cc +10 -10
- data/src/core/lib/http/parser.cc +16 -12
- data/src/core/lib/iomgr/call_combiner.cc +12 -13
- data/src/core/lib/iomgr/closure.h +4 -6
- data/src/core/lib/iomgr/combiner.cc +10 -21
- data/src/core/lib/iomgr/error.cc +50 -55
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +41 -52
- data/src/core/lib/iomgr/ev_epollex_linux.cc +80 -28
- data/src/core/lib/iomgr/ev_epollsig_linux.cc +23 -30
- data/src/core/lib/iomgr/ev_poll_posix.cc +52 -46
- data/src/core/lib/iomgr/ev_posix.cc +47 -6
- data/src/core/lib/iomgr/exec_ctx.cc +10 -10
- data/src/core/lib/iomgr/exec_ctx.h +1 -1
- data/src/core/lib/iomgr/executor.cc +16 -13
- data/src/core/lib/iomgr/fork_posix.cc +1 -3
- data/src/core/lib/iomgr/gethostname_host_name_max.cc +1 -1
- data/src/core/lib/iomgr/iocp_windows.cc +1 -2
- data/src/core/lib/iomgr/iomgr.cc +2 -2
- data/src/core/lib/iomgr/iomgr_uv.cc +2 -0
- data/src/core/lib/iomgr/iomgr_uv.h +1 -1
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +5 -4
- data/src/core/lib/iomgr/load_file.cc +3 -3
- data/src/core/lib/iomgr/pollset_windows.cc +1 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +10 -9
- data/src/core/lib/iomgr/resolve_address_uv.cc +2 -2
- data/src/core/lib/iomgr/resolve_address_windows.cc +3 -2
- data/src/core/lib/iomgr/resource_quota.cc +36 -34
- data/src/core/lib/iomgr/sockaddr_utils.cc +39 -23
- data/src/core/lib/iomgr/socket_factory_posix.cc +5 -5
- data/src/core/lib/iomgr/socket_mutator.cc +7 -7
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +7 -4
- data/src/core/lib/iomgr/socket_utils_linux.cc +3 -2
- data/src/core/lib/iomgr/tcp_client_posix.cc +7 -6
- data/src/core/lib/iomgr/tcp_client_windows.cc +0 -1
- data/src/core/lib/iomgr/tcp_posix.cc +47 -55
- data/src/core/lib/iomgr/tcp_server_posix.cc +12 -10
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +7 -5
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +4 -3
- data/src/core/lib/iomgr/tcp_windows.cc +1 -1
- data/src/core/lib/iomgr/timer_generic.cc +16 -14
- data/src/core/lib/iomgr/timer_heap.cc +8 -7
- data/src/core/lib/iomgr/timer_manager.cc +4 -3
- data/src/core/lib/iomgr/udp_server.cc +24 -16
- data/src/core/lib/iomgr/unix_sockets_posix.cc +15 -10
- data/src/core/lib/iomgr/wakeup_fd_cv.cc +6 -5
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +1 -2
- data/src/core/lib/json/json.cc +1 -1
- data/src/core/lib/json/json_reader.cc +8 -6
- data/src/core/lib/json/json_string.cc +19 -18
- data/src/core/lib/json/json_writer.cc +10 -8
- data/src/core/lib/profiling/basic_timers.cc +1 -1
- data/src/core/lib/profiling/timers.h +3 -20
- data/src/core/lib/security/context/security_context.cc +16 -14
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +17 -14
- data/src/core/lib/security/credentials/credentials.cc +9 -8
- data/src/core/lib/security/credentials/credentials.h +1 -1
- data/src/core/lib/security/credentials/credentials_metadata.cc +2 -2
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +12 -13
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +7 -4
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +5 -3
- data/src/core/lib/security/credentials/jwt/json_token.cc +4 -3
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +7 -7
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +21 -18
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +23 -18
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +11 -7
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +22 -21
- data/src/core/lib/security/{transport → security_connector}/security_connector.cc +46 -43
- data/src/core/lib/security/{transport → security_connector}/security_connector.h +3 -3
- data/src/core/lib/security/transport/client_auth_filter.cc +32 -34
- data/src/core/lib/security/transport/lb_targets_info.cc +7 -5
- data/src/core/lib/security/transport/secure_endpoint.cc +21 -21
- data/src/core/lib/security/transport/security_handshaker.cc +19 -18
- data/src/core/lib/security/transport/security_handshaker.h +1 -1
- data/src/core/lib/security/transport/server_auth_filter.cc +21 -21
- data/src/core/lib/slice/b64.cc +19 -16
- data/src/core/lib/slice/percent_encoding.cc +5 -5
- data/src/core/lib/slice/slice.cc +35 -33
- data/src/core/lib/slice/slice_buffer.cc +16 -14
- data/src/core/lib/slice/slice_hash_table.cc +3 -2
- data/src/core/lib/slice/slice_intern.cc +21 -25
- data/src/core/lib/slice/slice_string_helpers.cc +45 -9
- data/src/core/lib/slice/slice_string_helpers.h +6 -0
- data/src/core/lib/surface/byte_buffer.cc +2 -2
- data/src/core/lib/surface/byte_buffer_reader.cc +6 -3
- data/src/core/lib/surface/call.cc +171 -260
- data/src/core/lib/surface/call_test_only.h +1 -13
- data/src/core/lib/surface/channel.cc +20 -43
- data/src/core/lib/surface/channel_init.cc +7 -7
- data/src/core/lib/surface/channel_ping.cc +2 -2
- data/src/core/lib/surface/completion_queue.cc +69 -75
- data/src/core/lib/surface/init.cc +4 -5
- data/src/core/lib/surface/init_secure.cc +1 -1
- data/src/core/lib/surface/lame_client.cc +1 -1
- data/src/core/lib/surface/server.cc +64 -59
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/bdp_estimator.cc +6 -5
- data/src/core/lib/transport/byte_stream.cc +23 -14
- data/src/core/lib/transport/byte_stream.h +1 -1
- data/src/core/lib/transport/connectivity_state.cc +9 -13
- data/src/core/lib/transport/error_utils.cc +10 -7
- data/src/core/lib/transport/metadata.cc +27 -26
- data/src/core/lib/transport/metadata.h +1 -1
- data/src/core/lib/transport/pid_controller.cc +2 -1
- data/src/core/lib/transport/service_config.cc +5 -5
- data/src/core/lib/transport/static_metadata.cc +225 -222
- data/src/core/lib/transport/static_metadata.h +77 -76
- data/src/core/lib/transport/timeout_encoding.cc +3 -2
- data/src/core/lib/transport/transport.cc +6 -5
- data/src/core/lib/transport/transport_op_string.cc +0 -1
- data/src/core/plugin_registry/grpc_plugin_registry.cc +4 -4
- data/src/core/tsi/alts_transport_security.cc +61 -0
- data/src/core/tsi/{gts_transport_security.h → alts_transport_security.h} +16 -8
- data/src/core/tsi/fake_transport_security.cc +59 -43
- data/src/core/tsi/ssl_transport_security.cc +122 -107
- data/src/core/tsi/transport_security.cc +3 -3
- data/src/core/tsi/transport_security_adapter.cc +16 -10
- data/src/ruby/bin/apis/pubsub_demo.rb +1 -1
- data/src/ruby/ext/grpc/rb_channel.c +3 -4
- data/src/ruby/ext/grpc/rb_compression_options.c +13 -3
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +4 -76
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +8 -120
- data/src/ruby/ext/grpc/rb_server.c +52 -28
- data/src/ruby/lib/grpc/generic/rpc_server.rb +7 -4
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/test/client.rb +1 -1
- data/src/ruby/pb/test/server.rb +1 -1
- data/src/ruby/spec/client_server_spec.rb +4 -2
- data/src/ruby/spec/generic/active_call_spec.rb +2 -1
- data/src/ruby/spec/generic/client_stub_spec.rb +32 -8
- data/src/ruby/spec/server_spec.rb +26 -7
- data/third_party/boringssl/crypto/asn1/a_bitstr.c +7 -2
- data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +15 -0
- data/third_party/boringssl/crypto/asn1/a_gentm.c +1 -1
- data/third_party/boringssl/crypto/asn1/a_print.c +0 -28
- data/third_party/boringssl/crypto/asn1/a_strnid.c +3 -0
- data/third_party/boringssl/crypto/asn1/a_time.c +17 -9
- data/third_party/boringssl/crypto/asn1/a_utctm.c +1 -1
- data/third_party/boringssl/crypto/asn1/asn1_lib.c +5 -49
- data/third_party/boringssl/crypto/asn1/asn1_locl.h +1 -1
- data/third_party/boringssl/crypto/asn1/tasn_dec.c +9 -9
- data/third_party/boringssl/crypto/asn1/tasn_enc.c +0 -6
- data/third_party/boringssl/crypto/asn1/time_support.c +5 -5
- data/third_party/boringssl/crypto/base64/base64.c +65 -43
- data/third_party/boringssl/crypto/bio/bio.c +134 -110
- data/third_party/boringssl/crypto/bio/bio_mem.c +9 -9
- data/third_party/boringssl/crypto/bio/connect.c +17 -17
- data/third_party/boringssl/crypto/bio/fd.c +2 -1
- data/third_party/boringssl/crypto/bio/file.c +14 -14
- data/third_party/boringssl/crypto/bio/hexdump.c +15 -16
- data/third_party/boringssl/crypto/bio/internal.h +14 -14
- data/third_party/boringssl/crypto/bio/pair.c +45 -45
- data/third_party/boringssl/crypto/bio/printf.c +6 -10
- data/third_party/boringssl/crypto/{bn → bn_extra}/bn_asn1.c +9 -9
- data/third_party/boringssl/crypto/{bn → bn_extra}/convert.c +18 -223
- data/third_party/boringssl/crypto/buf/buf.c +20 -44
- data/third_party/boringssl/crypto/bytestring/ber.c +35 -35
- data/third_party/boringssl/crypto/bytestring/cbb.c +24 -24
- data/third_party/boringssl/crypto/bytestring/cbs.c +33 -37
- data/third_party/boringssl/crypto/bytestring/internal.h +38 -38
- data/third_party/boringssl/crypto/chacha/chacha.c +7 -7
- data/third_party/boringssl/crypto/{asn1/t_bitst.c → cipher_extra/cipher_extra.c} +49 -38
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/derive_key.c +0 -2
- data/third_party/boringssl/crypto/cipher_extra/e_aesctrhmac.c +281 -0
- data/third_party/boringssl/crypto/cipher_extra/e_aesgcmsiv.c +867 -0
- data/third_party/boringssl/crypto/cipher_extra/e_chacha20poly1305.c +326 -0
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_null.c +0 -1
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_rc2.c +22 -10
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_rc4.c +0 -0
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_ssl3.c +120 -64
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_tls.c +220 -141
- data/third_party/boringssl/crypto/{asn1/x_bignum.c → cipher_extra/internal.h} +61 -86
- data/third_party/boringssl/crypto/cipher_extra/tls_cbc.c +482 -0
- data/third_party/boringssl/crypto/cmac/cmac.c +20 -20
- data/third_party/boringssl/crypto/conf/conf.c +32 -20
- data/third_party/boringssl/crypto/conf/internal.h +3 -3
- data/third_party/boringssl/crypto/cpu-aarch64-linux.c +5 -5
- data/third_party/boringssl/crypto/cpu-arm-linux.c +44 -41
- data/third_party/boringssl/crypto/cpu-intel.c +68 -43
- data/third_party/boringssl/crypto/cpu-ppc64le.c +5 -7
- data/third_party/boringssl/crypto/crypto.c +54 -32
- data/third_party/boringssl/crypto/curve25519/curve25519.c +269 -269
- data/third_party/boringssl/crypto/curve25519/internal.h +28 -8
- data/third_party/boringssl/crypto/curve25519/spake25519.c +180 -106
- data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +9 -9
- data/third_party/boringssl/crypto/dh/check.c +33 -34
- data/third_party/boringssl/crypto/dh/dh.c +72 -36
- data/third_party/boringssl/crypto/dh/dh_asn1.c +1 -1
- data/third_party/boringssl/crypto/dh/params.c +1 -161
- data/third_party/boringssl/crypto/digest_extra/digest_extra.c +240 -0
- data/third_party/boringssl/crypto/dsa/dsa.c +127 -87
- data/third_party/boringssl/crypto/dsa/dsa_asn1.c +1 -1
- data/third_party/boringssl/crypto/{ec → ec_extra}/ec_asn1.c +83 -70
- data/third_party/boringssl/crypto/ecdh/ecdh.c +1 -1
- data/third_party/boringssl/crypto/{ecdsa → ecdsa_extra}/ecdsa_asn1.c +86 -31
- data/third_party/boringssl/crypto/engine/engine.c +6 -6
- data/third_party/boringssl/crypto/err/err.c +197 -106
- data/third_party/boringssl/crypto/err/internal.h +58 -0
- data/third_party/boringssl/crypto/evp/digestsign.c +86 -14
- data/third_party/boringssl/crypto/evp/evp.c +6 -11
- data/third_party/boringssl/crypto/evp/evp_asn1.c +17 -17
- data/third_party/boringssl/crypto/evp/evp_ctx.c +15 -11
- data/third_party/boringssl/crypto/evp/internal.h +66 -51
- data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +11 -11
- data/third_party/boringssl/crypto/evp/p_ec.c +10 -8
- data/third_party/boringssl/crypto/evp/p_ec_asn1.c +11 -12
- data/third_party/boringssl/crypto/evp/p_ed25519.c +71 -0
- data/third_party/boringssl/crypto/evp/p_ed25519_asn1.c +190 -0
- data/third_party/boringssl/crypto/evp/p_rsa.c +50 -95
- data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +28 -18
- data/third_party/boringssl/crypto/evp/pbkdf.c +49 -56
- data/third_party/boringssl/crypto/evp/print.c +5 -36
- data/third_party/boringssl/crypto/evp/scrypt.c +209 -0
- data/third_party/boringssl/crypto/ex_data.c +15 -45
- data/third_party/boringssl/crypto/fipsmodule/aes/internal.h +100 -0
- data/third_party/boringssl/crypto/fipsmodule/bcm.c +679 -0
- data/third_party/boringssl/crypto/{bn → fipsmodule/bn}/internal.h +40 -27
- data/third_party/boringssl/crypto/{bn → fipsmodule/bn}/rsaz_exp.h +0 -0
- data/third_party/boringssl/crypto/{cipher → fipsmodule/cipher}/internal.h +34 -67
- data/third_party/boringssl/crypto/fipsmodule/delocate.h +88 -0
- data/third_party/boringssl/crypto/{des → fipsmodule/des}/internal.h +18 -4
- data/third_party/boringssl/crypto/{digest → fipsmodule/digest}/internal.h +18 -18
- data/third_party/boringssl/crypto/{digest → fipsmodule/digest}/md32_common.h +58 -64
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/internal.h +58 -52
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/p256-x86_64-table.h +11 -11
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/p256-x86_64.h +32 -32
- data/third_party/boringssl/crypto/{rand/internal.h → fipsmodule/is_fips.c} +10 -15
- data/third_party/boringssl/crypto/{modes → fipsmodule/modes}/internal.h +112 -119
- data/third_party/boringssl/crypto/fipsmodule/rand/internal.h +92 -0
- data/third_party/boringssl/crypto/{rsa → fipsmodule/rsa}/internal.h +36 -49
- data/third_party/boringssl/crypto/hkdf/hkdf.c +6 -6
- data/third_party/boringssl/crypto/internal.h +301 -233
- data/third_party/boringssl/crypto/lhash/lhash.c +26 -45
- data/third_party/boringssl/crypto/mem.c +76 -33
- data/third_party/boringssl/crypto/obj/obj.c +44 -28
- data/third_party/boringssl/crypto/obj/obj_dat.h +102 -34
- data/third_party/boringssl/crypto/obj/obj_xref.c +6 -6
- data/third_party/boringssl/crypto/pem/pem_info.c +3 -5
- data/third_party/boringssl/crypto/pem/pem_lib.c +1 -6
- data/third_party/boringssl/crypto/pem/pem_pk8.c +1 -0
- data/third_party/boringssl/crypto/pem/pem_pkey.c +1 -1
- data/third_party/boringssl/crypto/pem/pem_xaux.c +0 -2
- data/third_party/boringssl/crypto/pkcs7/internal.h +49 -0
- data/third_party/boringssl/crypto/pkcs7/pkcs7.c +166 -0
- data/third_party/boringssl/crypto/{x509/pkcs7.c → pkcs7/pkcs7_x509.c} +27 -147
- data/third_party/boringssl/crypto/pkcs8/internal.h +34 -16
- data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +120 -39
- data/third_party/boringssl/crypto/pkcs8/pkcs8.c +144 -857
- data/third_party/boringssl/crypto/pkcs8/pkcs8_x509.c +789 -0
- data/third_party/boringssl/crypto/poly1305/internal.h +4 -3
- data/third_party/boringssl/crypto/poly1305/poly1305.c +14 -14
- data/third_party/boringssl/crypto/poly1305/poly1305_arm.c +11 -11
- data/third_party/boringssl/crypto/poly1305/poly1305_vec.c +41 -41
- data/third_party/boringssl/crypto/pool/internal.h +2 -2
- data/third_party/boringssl/crypto/pool/pool.c +15 -15
- data/third_party/boringssl/crypto/{rand → rand_extra}/deterministic.c +7 -7
- data/third_party/boringssl/crypto/rand_extra/forkunsafe.c +46 -0
- data/third_party/boringssl/crypto/{rand → rand_extra}/fuchsia.c +7 -7
- data/third_party/boringssl/crypto/rand_extra/rand_extra.c +70 -0
- data/third_party/boringssl/crypto/{rand → rand_extra}/windows.c +5 -5
- data/third_party/boringssl/crypto/refcount_c11.c +2 -2
- data/third_party/boringssl/crypto/refcount_lock.c +1 -1
- data/third_party/boringssl/crypto/{rsa → rsa_extra}/rsa_asn1.c +12 -120
- data/third_party/boringssl/crypto/stack/stack.c +13 -13
- data/third_party/boringssl/crypto/thread_none.c +1 -1
- data/third_party/boringssl/crypto/thread_pthread.c +1 -1
- data/third_party/boringssl/crypto/thread_win.c +40 -40
- data/third_party/boringssl/crypto/x509/a_sign.c +5 -12
- data/third_party/boringssl/crypto/x509/a_verify.c +6 -18
- data/third_party/boringssl/crypto/x509/algorithm.c +22 -6
- data/third_party/boringssl/crypto/x509/asn1_gen.c +30 -7
- data/third_party/boringssl/crypto/x509/by_dir.c +2 -2
- data/third_party/boringssl/crypto/x509/by_file.c +2 -2
- data/third_party/boringssl/crypto/x509/rsa_pss.c +5 -5
- data/third_party/boringssl/crypto/x509/t_x509.c +2 -1
- data/third_party/boringssl/crypto/x509/x509_def.c +5 -0
- data/third_party/boringssl/crypto/x509/x509_lu.c +35 -4
- data/third_party/boringssl/crypto/x509/x509_set.c +10 -0
- data/third_party/boringssl/crypto/x509/x509_vfy.c +20 -17
- data/third_party/boringssl/crypto/x509/x_name.c +13 -16
- data/third_party/boringssl/crypto/x509/x_x509.c +3 -3
- data/third_party/boringssl/crypto/x509/x_x509a.c +0 -7
- data/third_party/boringssl/crypto/x509v3/ext_dat.h +8 -0
- data/third_party/boringssl/crypto/x509v3/pcy_int.h +2 -2
- data/third_party/boringssl/crypto/x509v3/pcy_lib.c +0 -9
- data/third_party/boringssl/crypto/x509v3/pcy_node.c +1 -1
- data/third_party/boringssl/crypto/x509v3/pcy_tree.c +25 -15
- data/third_party/boringssl/crypto/x509v3/v3_alt.c +21 -11
- data/third_party/boringssl/crypto/x509v3/v3_cpols.c +9 -3
- data/third_party/boringssl/crypto/x509v3/v3_info.c +22 -14
- data/third_party/boringssl/crypto/x509v3/v3_ncons.c +27 -11
- data/third_party/boringssl/crypto/x509v3/v3_pci.c +0 -33
- data/third_party/boringssl/crypto/x509v3/v3_utl.c +4 -4
- data/third_party/boringssl/include/openssl/aead.h +280 -191
- data/third_party/boringssl/include/openssl/aes.h +50 -50
- data/third_party/boringssl/include/openssl/arm_arch.h +12 -12
- data/third_party/boringssl/include/openssl/asn1.h +14 -77
- data/third_party/boringssl/include/openssl/asn1t.h +11 -15
- data/third_party/boringssl/include/openssl/base.h +78 -51
- data/third_party/boringssl/include/openssl/base64.h +68 -68
- data/third_party/boringssl/include/openssl/bio.h +472 -406
- data/third_party/boringssl/include/openssl/blowfish.h +1 -1
- data/third_party/boringssl/include/openssl/bn.h +454 -435
- data/third_party/boringssl/include/openssl/buf.h +27 -27
- data/third_party/boringssl/include/openssl/bytestring.h +282 -267
- data/third_party/boringssl/include/openssl/cast.h +2 -2
- data/third_party/boringssl/include/openssl/chacha.h +5 -5
- data/third_party/boringssl/include/openssl/cipher.h +209 -200
- data/third_party/boringssl/include/openssl/cmac.h +27 -27
- data/third_party/boringssl/include/openssl/conf.h +49 -46
- data/third_party/boringssl/include/openssl/cpu.h +60 -45
- data/third_party/boringssl/include/openssl/crypto.h +59 -35
- data/third_party/boringssl/include/openssl/curve25519.h +97 -92
- data/third_party/boringssl/include/openssl/des.h +25 -25
- data/third_party/boringssl/include/openssl/dh.h +98 -97
- data/third_party/boringssl/include/openssl/digest.h +143 -114
- data/third_party/boringssl/include/openssl/dsa.h +217 -202
- data/third_party/boringssl/include/openssl/ec.h +132 -131
- data/third_party/boringssl/include/openssl/ec_key.h +132 -128
- data/third_party/boringssl/include/openssl/ecdh.h +9 -9
- data/third_party/boringssl/include/openssl/ecdsa.h +66 -66
- data/third_party/boringssl/include/openssl/engine.h +38 -38
- data/third_party/boringssl/include/openssl/err.h +189 -219
- data/third_party/boringssl/include/openssl/evp.h +473 -397
- data/third_party/boringssl/include/openssl/ex_data.h +46 -56
- data/third_party/boringssl/include/openssl/hkdf.h +17 -17
- data/third_party/boringssl/include/openssl/hmac.h +55 -43
- data/third_party/boringssl/include/openssl/is_boringssl.h +16 -0
- data/third_party/boringssl/include/openssl/lhash.h +67 -67
- data/third_party/boringssl/include/openssl/lhash_macros.h +4 -4
- data/third_party/boringssl/include/openssl/md4.h +14 -14
- data/third_party/boringssl/include/openssl/md5.h +14 -14
- data/third_party/boringssl/include/openssl/mem.h +39 -33
- data/third_party/boringssl/include/openssl/nid.h +43 -0
- data/third_party/boringssl/include/openssl/obj.h +93 -87
- data/third_party/boringssl/include/openssl/opensslconf.h +8 -1
- data/third_party/boringssl/include/openssl/pem.h +2 -122
- data/third_party/boringssl/include/openssl/pkcs7.h +68 -2
- data/third_party/boringssl/include/openssl/pkcs8.h +81 -66
- data/third_party/boringssl/include/openssl/poly1305.h +11 -11
- data/third_party/boringssl/include/openssl/pool.h +29 -25
- data/third_party/boringssl/include/openssl/rand.h +48 -45
- data/third_party/boringssl/include/openssl/rc4.h +9 -9
- data/third_party/boringssl/include/openssl/ripemd.h +13 -13
- data/third_party/boringssl/include/openssl/rsa.h +371 -340
- data/third_party/boringssl/include/openssl/sha.h +71 -71
- data/third_party/boringssl/include/openssl/span.h +191 -0
- data/third_party/boringssl/include/openssl/ssl.h +2639 -2519
- data/third_party/boringssl/include/openssl/ssl3.h +39 -122
- data/third_party/boringssl/include/openssl/stack.h +355 -164
- data/third_party/boringssl/include/openssl/thread.h +43 -43
- data/third_party/boringssl/include/openssl/tls1.h +60 -63
- data/third_party/boringssl/include/openssl/type_check.h +10 -14
- data/third_party/boringssl/include/openssl/x509.h +41 -116
- data/third_party/boringssl/include/openssl/x509_vfy.h +17 -25
- data/third_party/boringssl/include/openssl/x509v3.h +27 -21
- data/third_party/boringssl/ssl/{bio_ssl.c → bio_ssl.cc} +9 -5
- data/third_party/boringssl/ssl/{custom_extensions.c → custom_extensions.cc} +19 -12
- data/third_party/boringssl/ssl/{d1_both.c → d1_both.cc} +224 -193
- data/third_party/boringssl/ssl/{d1_lib.c → d1_lib.cc} +86 -79
- data/third_party/boringssl/ssl/{d1_pkt.c → d1_pkt.cc} +55 -87
- data/third_party/boringssl/ssl/{d1_srtp.c → d1_srtp.cc} +12 -16
- data/third_party/boringssl/ssl/{dtls_method.c → dtls_method.cc} +33 -50
- data/third_party/boringssl/ssl/{dtls_record.c → dtls_record.cc} +76 -64
- data/third_party/boringssl/ssl/handshake.cc +547 -0
- data/third_party/boringssl/ssl/handshake_client.cc +1828 -0
- data/third_party/boringssl/ssl/handshake_server.cc +1672 -0
- data/third_party/boringssl/ssl/internal.h +2027 -1280
- data/third_party/boringssl/ssl/s3_both.cc +603 -0
- data/third_party/boringssl/ssl/{s3_lib.c → s3_lib.cc} +22 -10
- data/third_party/boringssl/ssl/{s3_pkt.c → s3_pkt.cc} +171 -75
- data/third_party/boringssl/ssl/ssl_aead_ctx.cc +415 -0
- data/third_party/boringssl/ssl/{ssl_asn1.c → ssl_asn1.cc} +257 -261
- data/third_party/boringssl/ssl/{ssl_buffer.c → ssl_buffer.cc} +81 -97
- data/third_party/boringssl/ssl/{ssl_cert.c → ssl_cert.cc} +304 -414
- data/third_party/boringssl/ssl/{ssl_cipher.c → ssl_cipher.cc} +427 -505
- data/third_party/boringssl/ssl/{ssl_file.c → ssl_file.cc} +24 -16
- data/third_party/boringssl/ssl/ssl_key_share.cc +245 -0
- data/third_party/boringssl/ssl/{ssl_lib.c → ssl_lib.cc} +665 -828
- data/third_party/boringssl/ssl/ssl_privkey.cc +518 -0
- data/third_party/boringssl/ssl/{ssl_session.c → ssl_session.cc} +596 -471
- data/third_party/boringssl/ssl/{ssl_stat.c → ssl_stat.cc} +5 -224
- data/third_party/boringssl/ssl/{ssl_transcript.c → ssl_transcript.cc} +117 -140
- data/third_party/boringssl/ssl/ssl_versions.cc +439 -0
- data/third_party/boringssl/ssl/{ssl_x509.c → ssl_x509.cc} +751 -267
- data/third_party/boringssl/ssl/{t1_enc.c → t1_enc.cc} +120 -161
- data/third_party/boringssl/ssl/{t1_lib.c → t1_lib.cc} +859 -966
- data/third_party/boringssl/ssl/{tls13_both.c → tls13_both.cc} +202 -284
- data/third_party/boringssl/ssl/tls13_client.cc +842 -0
- data/third_party/boringssl/ssl/{tls13_enc.c → tls13_enc.cc} +108 -90
- data/third_party/boringssl/ssl/tls13_server.cc +967 -0
- data/third_party/boringssl/ssl/{tls_method.c → tls_method.cc} +94 -73
- data/third_party/boringssl/ssl/tls_record.cc +675 -0
- metadata +117 -168
- data/include/grpc/support/cmdline.h +0 -88
- data/include/grpc/support/subprocess.h +0 -44
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +0 -29
- data/src/core/ext/filters/client_channel/resolver_factory.cc +0 -40
- data/src/core/lib/gpr/cmdline.cc +0 -330
- data/src/core/lib/gpr/subprocess_posix.cc +0 -99
- data/src/core/lib/gpr/subprocess_windows.cc +0 -126
- data/src/core/lib/surface/alarm.cc +0 -137
- data/src/core/lib/surface/alarm_internal.h +0 -40
- data/src/core/tsi/gts_transport_security.cc +0 -40
- data/third_party/boringssl/crypto/aes/aes.c +0 -1142
- data/third_party/boringssl/crypto/aes/internal.h +0 -87
- data/third_party/boringssl/crypto/aes/key_wrap.c +0 -138
- data/third_party/boringssl/crypto/aes/mode_wrappers.c +0 -112
- data/third_party/boringssl/crypto/asn1/x_long.c +0 -200
- data/third_party/boringssl/crypto/bn/add.c +0 -377
- data/third_party/boringssl/crypto/bn/asm/x86_64-gcc.c +0 -532
- data/third_party/boringssl/crypto/bn/bn.c +0 -365
- data/third_party/boringssl/crypto/bn/cmp.c +0 -239
- data/third_party/boringssl/crypto/bn/ctx.c +0 -313
- data/third_party/boringssl/crypto/bn/div.c +0 -728
- data/third_party/boringssl/crypto/bn/exponentiation.c +0 -1240
- data/third_party/boringssl/crypto/bn/gcd.c +0 -635
- data/third_party/boringssl/crypto/bn/generic.c +0 -707
- data/third_party/boringssl/crypto/bn/kronecker.c +0 -176
- data/third_party/boringssl/crypto/bn/montgomery.c +0 -409
- data/third_party/boringssl/crypto/bn/montgomery_inv.c +0 -207
- data/third_party/boringssl/crypto/bn/mul.c +0 -871
- data/third_party/boringssl/crypto/bn/prime.c +0 -861
- data/third_party/boringssl/crypto/bn/random.c +0 -343
- data/third_party/boringssl/crypto/bn/rsaz_exp.c +0 -254
- data/third_party/boringssl/crypto/bn/shift.c +0 -307
- data/third_party/boringssl/crypto/bn/sqrt.c +0 -506
- data/third_party/boringssl/crypto/cipher/aead.c +0 -156
- data/third_party/boringssl/crypto/cipher/cipher.c +0 -657
- data/third_party/boringssl/crypto/cipher/e_aes.c +0 -1771
- data/third_party/boringssl/crypto/cipher/e_chacha20poly1305.c +0 -276
- data/third_party/boringssl/crypto/cipher/e_des.c +0 -205
- data/third_party/boringssl/crypto/cipher/tls_cbc.c +0 -482
- data/third_party/boringssl/crypto/des/des.c +0 -771
- data/third_party/boringssl/crypto/digest/digest.c +0 -251
- data/third_party/boringssl/crypto/digest/digests.c +0 -358
- data/third_party/boringssl/crypto/ec/ec.c +0 -847
- data/third_party/boringssl/crypto/ec/ec_key.c +0 -479
- data/third_party/boringssl/crypto/ec/ec_montgomery.c +0 -303
- data/third_party/boringssl/crypto/ec/oct.c +0 -416
- data/third_party/boringssl/crypto/ec/p224-64.c +0 -1143
- data/third_party/boringssl/crypto/ec/p256-64.c +0 -1701
- data/third_party/boringssl/crypto/ec/p256-x86_64.c +0 -561
- data/third_party/boringssl/crypto/ec/simple.c +0 -1118
- data/third_party/boringssl/crypto/ec/util-64.c +0 -109
- data/third_party/boringssl/crypto/ec/wnaf.c +0 -458
- data/third_party/boringssl/crypto/ecdsa/ecdsa.c +0 -479
- data/third_party/boringssl/crypto/hmac/hmac.c +0 -215
- data/third_party/boringssl/crypto/md4/md4.c +0 -236
- data/third_party/boringssl/crypto/md5/md5.c +0 -285
- data/third_party/boringssl/crypto/modes/cbc.c +0 -212
- data/third_party/boringssl/crypto/modes/cfb.c +0 -230
- data/third_party/boringssl/crypto/modes/ctr.c +0 -219
- data/third_party/boringssl/crypto/modes/gcm.c +0 -1071
- data/third_party/boringssl/crypto/modes/ofb.c +0 -95
- data/third_party/boringssl/crypto/modes/polyval.c +0 -94
- data/third_party/boringssl/crypto/pkcs8/p8_pkey.c +0 -85
- data/third_party/boringssl/crypto/rand/rand.c +0 -244
- data/third_party/boringssl/crypto/rand/urandom.c +0 -335
- data/third_party/boringssl/crypto/rsa/blinding.c +0 -265
- data/third_party/boringssl/crypto/rsa/padding.c +0 -708
- data/third_party/boringssl/crypto/rsa/rsa.c +0 -830
- data/third_party/boringssl/crypto/rsa/rsa_impl.c +0 -1100
- data/third_party/boringssl/crypto/sha/sha1-altivec.c +0 -346
- data/third_party/boringssl/crypto/sha/sha1.c +0 -355
- data/third_party/boringssl/crypto/sha/sha256.c +0 -329
- data/third_party/boringssl/crypto/sha/sha512.c +0 -609
- data/third_party/boringssl/crypto/x509/x509type.c +0 -126
- data/third_party/boringssl/include/openssl/stack_macros.h +0 -3987
- data/third_party/boringssl/ssl/handshake_client.c +0 -1883
- data/third_party/boringssl/ssl/handshake_server.c +0 -1950
- data/third_party/boringssl/ssl/s3_both.c +0 -895
- data/third_party/boringssl/ssl/ssl_aead_ctx.c +0 -335
- data/third_party/boringssl/ssl/ssl_ecdh.c +0 -465
- data/third_party/boringssl/ssl/ssl_privkey.c +0 -683
- data/third_party/boringssl/ssl/ssl_privkey_cc.cc +0 -76
- data/third_party/boringssl/ssl/tls13_client.c +0 -712
- data/third_party/boringssl/ssl/tls13_server.c +0 -680
- data/third_party/boringssl/ssl/tls_record.c +0 -556
@@ -0,0 +1,415 @@
|
|
1
|
+
/* Copyright (c) 2015, Google Inc.
|
2
|
+
*
|
3
|
+
* Permission to use, copy, modify, and/or distribute this software for any
|
4
|
+
* purpose with or without fee is hereby granted, provided that the above
|
5
|
+
* copyright notice and this permission notice appear in all copies.
|
6
|
+
*
|
7
|
+
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
8
|
+
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
9
|
+
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
|
10
|
+
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
11
|
+
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
|
12
|
+
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
13
|
+
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
|
14
|
+
|
15
|
+
#include <openssl/ssl.h>
|
16
|
+
|
17
|
+
#include <assert.h>
|
18
|
+
#include <string.h>
|
19
|
+
|
20
|
+
#include <openssl/aead.h>
|
21
|
+
#include <openssl/err.h>
|
22
|
+
#include <openssl/rand.h>
|
23
|
+
|
24
|
+
#include "../crypto/internal.h"
|
25
|
+
#include "internal.h"
|
26
|
+
|
27
|
+
|
28
|
+
#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
|
29
|
+
#define FUZZER_MODE true
|
30
|
+
#else
|
31
|
+
#define FUZZER_MODE false
|
32
|
+
#endif
|
33
|
+
|
34
|
+
namespace bssl {
|
35
|
+
|
36
|
+
SSLAEADContext::SSLAEADContext(uint16_t version_arg, bool is_dtls_arg,
|
37
|
+
const SSL_CIPHER *cipher_arg)
|
38
|
+
: cipher_(cipher_arg),
|
39
|
+
version_(version_arg),
|
40
|
+
is_dtls_(is_dtls_arg),
|
41
|
+
variable_nonce_included_in_record_(false),
|
42
|
+
random_variable_nonce_(false),
|
43
|
+
omit_length_in_ad_(false),
|
44
|
+
omit_version_in_ad_(false),
|
45
|
+
omit_ad_(false),
|
46
|
+
xor_fixed_nonce_(false) {
|
47
|
+
OPENSSL_memset(fixed_nonce_, 0, sizeof(fixed_nonce_));
|
48
|
+
}
|
49
|
+
|
50
|
+
SSLAEADContext::~SSLAEADContext() {}
|
51
|
+
|
52
|
+
UniquePtr<SSLAEADContext> SSLAEADContext::CreateNullCipher(bool is_dtls) {
|
53
|
+
return MakeUnique<SSLAEADContext>(0 /* version */, is_dtls,
|
54
|
+
nullptr /* cipher */);
|
55
|
+
}
|
56
|
+
|
57
|
+
UniquePtr<SSLAEADContext> SSLAEADContext::Create(
|
58
|
+
enum evp_aead_direction_t direction, uint16_t version, int is_dtls,
|
59
|
+
const SSL_CIPHER *cipher, Span<const uint8_t> enc_key,
|
60
|
+
Span<const uint8_t> mac_key, Span<const uint8_t> fixed_iv) {
|
61
|
+
const EVP_AEAD *aead;
|
62
|
+
uint16_t protocol_version;
|
63
|
+
size_t expected_mac_key_len, expected_fixed_iv_len;
|
64
|
+
if (!ssl_protocol_version_from_wire(&protocol_version, version) ||
|
65
|
+
!ssl_cipher_get_evp_aead(&aead, &expected_mac_key_len,
|
66
|
+
&expected_fixed_iv_len, cipher, protocol_version,
|
67
|
+
is_dtls) ||
|
68
|
+
// Ensure the caller returned correct key sizes.
|
69
|
+
expected_fixed_iv_len != fixed_iv.size() ||
|
70
|
+
expected_mac_key_len != mac_key.size()) {
|
71
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
72
|
+
return nullptr;
|
73
|
+
}
|
74
|
+
|
75
|
+
uint8_t merged_key[EVP_AEAD_MAX_KEY_LENGTH];
|
76
|
+
if (!mac_key.empty()) {
|
77
|
+
// This is a "stateful" AEAD (for compatibility with pre-AEAD cipher
|
78
|
+
// suites).
|
79
|
+
if (mac_key.size() + enc_key.size() + fixed_iv.size() >
|
80
|
+
sizeof(merged_key)) {
|
81
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
82
|
+
return nullptr;
|
83
|
+
}
|
84
|
+
OPENSSL_memcpy(merged_key, mac_key.data(), mac_key.size());
|
85
|
+
OPENSSL_memcpy(merged_key + mac_key.size(), enc_key.data(), enc_key.size());
|
86
|
+
OPENSSL_memcpy(merged_key + mac_key.size() + enc_key.size(),
|
87
|
+
fixed_iv.data(), fixed_iv.size());
|
88
|
+
enc_key = MakeConstSpan(merged_key,
|
89
|
+
enc_key.size() + mac_key.size() + fixed_iv.size());
|
90
|
+
}
|
91
|
+
|
92
|
+
UniquePtr<SSLAEADContext> aead_ctx =
|
93
|
+
MakeUnique<SSLAEADContext>(version, is_dtls, cipher);
|
94
|
+
if (!aead_ctx) {
|
95
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
96
|
+
return nullptr;
|
97
|
+
}
|
98
|
+
|
99
|
+
assert(aead_ctx->ProtocolVersion() == protocol_version);
|
100
|
+
|
101
|
+
if (!EVP_AEAD_CTX_init_with_direction(
|
102
|
+
aead_ctx->ctx_.get(), aead, enc_key.data(), enc_key.size(),
|
103
|
+
EVP_AEAD_DEFAULT_TAG_LENGTH, direction)) {
|
104
|
+
return nullptr;
|
105
|
+
}
|
106
|
+
|
107
|
+
assert(EVP_AEAD_nonce_length(aead) <= EVP_AEAD_MAX_NONCE_LENGTH);
|
108
|
+
static_assert(EVP_AEAD_MAX_NONCE_LENGTH < 256,
|
109
|
+
"variable_nonce_len doesn't fit in uint8_t");
|
110
|
+
aead_ctx->variable_nonce_len_ = (uint8_t)EVP_AEAD_nonce_length(aead);
|
111
|
+
if (mac_key.empty()) {
|
112
|
+
assert(fixed_iv.size() <= sizeof(aead_ctx->fixed_nonce_));
|
113
|
+
OPENSSL_memcpy(aead_ctx->fixed_nonce_, fixed_iv.data(), fixed_iv.size());
|
114
|
+
aead_ctx->fixed_nonce_len_ = fixed_iv.size();
|
115
|
+
|
116
|
+
if (cipher->algorithm_enc & SSL_CHACHA20POLY1305) {
|
117
|
+
// The fixed nonce into the actual nonce (the sequence number).
|
118
|
+
aead_ctx->xor_fixed_nonce_ = true;
|
119
|
+
aead_ctx->variable_nonce_len_ = 8;
|
120
|
+
} else {
|
121
|
+
// The fixed IV is prepended to the nonce.
|
122
|
+
assert(fixed_iv.size() <= aead_ctx->variable_nonce_len_);
|
123
|
+
aead_ctx->variable_nonce_len_ -= fixed_iv.size();
|
124
|
+
}
|
125
|
+
|
126
|
+
// AES-GCM uses an explicit nonce.
|
127
|
+
if (cipher->algorithm_enc & (SSL_AES128GCM | SSL_AES256GCM)) {
|
128
|
+
aead_ctx->variable_nonce_included_in_record_ = true;
|
129
|
+
}
|
130
|
+
|
131
|
+
// The TLS 1.3 construction XORs the fixed nonce into the sequence number
|
132
|
+
// and omits the additional data.
|
133
|
+
if (protocol_version >= TLS1_3_VERSION) {
|
134
|
+
aead_ctx->xor_fixed_nonce_ = true;
|
135
|
+
aead_ctx->variable_nonce_len_ = 8;
|
136
|
+
aead_ctx->variable_nonce_included_in_record_ = false;
|
137
|
+
aead_ctx->omit_ad_ = true;
|
138
|
+
assert(fixed_iv.size() >= aead_ctx->variable_nonce_len_);
|
139
|
+
}
|
140
|
+
} else {
|
141
|
+
assert(protocol_version < TLS1_3_VERSION);
|
142
|
+
aead_ctx->variable_nonce_included_in_record_ = true;
|
143
|
+
aead_ctx->random_variable_nonce_ = true;
|
144
|
+
aead_ctx->omit_length_in_ad_ = true;
|
145
|
+
aead_ctx->omit_version_in_ad_ = (protocol_version == SSL3_VERSION);
|
146
|
+
}
|
147
|
+
|
148
|
+
return aead_ctx;
|
149
|
+
}
|
150
|
+
|
151
|
+
void SSLAEADContext::SetVersionIfNullCipher(uint16_t version) {
|
152
|
+
if (is_null_cipher()) {
|
153
|
+
version_ = version;
|
154
|
+
}
|
155
|
+
}
|
156
|
+
|
157
|
+
uint16_t SSLAEADContext::ProtocolVersion() const {
|
158
|
+
uint16_t protocol_version;
|
159
|
+
if(!ssl_protocol_version_from_wire(&protocol_version, version_)) {
|
160
|
+
assert(false);
|
161
|
+
return 0;
|
162
|
+
}
|
163
|
+
return protocol_version;
|
164
|
+
}
|
165
|
+
|
166
|
+
uint16_t SSLAEADContext::RecordVersion() const {
|
167
|
+
if (version_ == 0) {
|
168
|
+
assert(is_null_cipher());
|
169
|
+
return is_dtls_ ? DTLS1_VERSION : TLS1_VERSION;
|
170
|
+
}
|
171
|
+
|
172
|
+
if (ProtocolVersion() <= TLS1_2_VERSION) {
|
173
|
+
return version_;
|
174
|
+
}
|
175
|
+
|
176
|
+
if (ssl_is_resumption_record_version_experiment(version_)) {
|
177
|
+
return TLS1_2_VERSION;
|
178
|
+
}
|
179
|
+
return TLS1_VERSION;
|
180
|
+
}
|
181
|
+
|
182
|
+
size_t SSLAEADContext::ExplicitNonceLen() const {
|
183
|
+
if (!FUZZER_MODE && variable_nonce_included_in_record_) {
|
184
|
+
return variable_nonce_len_;
|
185
|
+
}
|
186
|
+
return 0;
|
187
|
+
}
|
188
|
+
|
189
|
+
bool SSLAEADContext::SuffixLen(size_t *out_suffix_len, const size_t in_len,
|
190
|
+
const size_t extra_in_len) const {
|
191
|
+
if (is_null_cipher() || FUZZER_MODE) {
|
192
|
+
*out_suffix_len = extra_in_len;
|
193
|
+
return true;
|
194
|
+
}
|
195
|
+
return !!EVP_AEAD_CTX_tag_len(ctx_.get(), out_suffix_len, in_len,
|
196
|
+
extra_in_len);
|
197
|
+
}
|
198
|
+
|
199
|
+
size_t SSLAEADContext::MaxOverhead() const {
|
200
|
+
return ExplicitNonceLen() +
|
201
|
+
(is_null_cipher() || FUZZER_MODE
|
202
|
+
? 0
|
203
|
+
: EVP_AEAD_max_overhead(EVP_AEAD_CTX_aead(ctx_.get())));
|
204
|
+
}
|
205
|
+
|
206
|
+
size_t SSLAEADContext::GetAdditionalData(uint8_t out[13], uint8_t type,
|
207
|
+
uint16_t record_version,
|
208
|
+
const uint8_t seqnum[8],
|
209
|
+
size_t plaintext_len) {
|
210
|
+
if (omit_ad_) {
|
211
|
+
return 0;
|
212
|
+
}
|
213
|
+
|
214
|
+
OPENSSL_memcpy(out, seqnum, 8);
|
215
|
+
size_t len = 8;
|
216
|
+
out[len++] = type;
|
217
|
+
if (!omit_version_in_ad_) {
|
218
|
+
out[len++] = static_cast<uint8_t>((record_version >> 8));
|
219
|
+
out[len++] = static_cast<uint8_t>(record_version);
|
220
|
+
}
|
221
|
+
if (!omit_length_in_ad_) {
|
222
|
+
out[len++] = static_cast<uint8_t>((plaintext_len >> 8));
|
223
|
+
out[len++] = static_cast<uint8_t>(plaintext_len);
|
224
|
+
}
|
225
|
+
return len;
|
226
|
+
}
|
227
|
+
|
228
|
+
bool SSLAEADContext::Open(Span<uint8_t> *out, uint8_t type,
|
229
|
+
uint16_t record_version, const uint8_t seqnum[8],
|
230
|
+
Span<uint8_t> in) {
|
231
|
+
if (is_null_cipher() || FUZZER_MODE) {
|
232
|
+
// Handle the initial NULL cipher.
|
233
|
+
*out = in;
|
234
|
+
return true;
|
235
|
+
}
|
236
|
+
|
237
|
+
// TLS 1.2 AEADs include the length in the AD and are assumed to have fixed
|
238
|
+
// overhead. Otherwise the parameter is unused.
|
239
|
+
size_t plaintext_len = 0;
|
240
|
+
if (!omit_length_in_ad_) {
|
241
|
+
size_t overhead = MaxOverhead();
|
242
|
+
if (in.size() < overhead) {
|
243
|
+
// Publicly invalid.
|
244
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_PACKET_LENGTH);
|
245
|
+
return false;
|
246
|
+
}
|
247
|
+
plaintext_len = in.size() - overhead;
|
248
|
+
}
|
249
|
+
uint8_t ad[13];
|
250
|
+
size_t ad_len =
|
251
|
+
GetAdditionalData(ad, type, record_version, seqnum, plaintext_len);
|
252
|
+
|
253
|
+
// Assemble the nonce.
|
254
|
+
uint8_t nonce[EVP_AEAD_MAX_NONCE_LENGTH];
|
255
|
+
size_t nonce_len = 0;
|
256
|
+
|
257
|
+
// Prepend the fixed nonce, or left-pad with zeros if XORing.
|
258
|
+
if (xor_fixed_nonce_) {
|
259
|
+
nonce_len = fixed_nonce_len_ - variable_nonce_len_;
|
260
|
+
OPENSSL_memset(nonce, 0, nonce_len);
|
261
|
+
} else {
|
262
|
+
OPENSSL_memcpy(nonce, fixed_nonce_, fixed_nonce_len_);
|
263
|
+
nonce_len += fixed_nonce_len_;
|
264
|
+
}
|
265
|
+
|
266
|
+
// Add the variable nonce.
|
267
|
+
if (variable_nonce_included_in_record_) {
|
268
|
+
if (in.size() < variable_nonce_len_) {
|
269
|
+
// Publicly invalid.
|
270
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_PACKET_LENGTH);
|
271
|
+
return false;
|
272
|
+
}
|
273
|
+
OPENSSL_memcpy(nonce + nonce_len, in.data(), variable_nonce_len_);
|
274
|
+
in = in.subspan(variable_nonce_len_);
|
275
|
+
} else {
|
276
|
+
assert(variable_nonce_len_ == 8);
|
277
|
+
OPENSSL_memcpy(nonce + nonce_len, seqnum, variable_nonce_len_);
|
278
|
+
}
|
279
|
+
nonce_len += variable_nonce_len_;
|
280
|
+
|
281
|
+
// XOR the fixed nonce, if necessary.
|
282
|
+
if (xor_fixed_nonce_) {
|
283
|
+
assert(nonce_len == fixed_nonce_len_);
|
284
|
+
for (size_t i = 0; i < fixed_nonce_len_; i++) {
|
285
|
+
nonce[i] ^= fixed_nonce_[i];
|
286
|
+
}
|
287
|
+
}
|
288
|
+
|
289
|
+
// Decrypt in-place.
|
290
|
+
size_t len;
|
291
|
+
if (!EVP_AEAD_CTX_open(ctx_.get(), in.data(), &len, in.size(), nonce,
|
292
|
+
nonce_len, in.data(), in.size(), ad, ad_len)) {
|
293
|
+
return false;
|
294
|
+
}
|
295
|
+
*out = in.subspan(0, len);
|
296
|
+
return true;
|
297
|
+
}
|
298
|
+
|
299
|
+
bool SSLAEADContext::SealScatter(uint8_t *out_prefix, uint8_t *out,
|
300
|
+
uint8_t *out_suffix, uint8_t type,
|
301
|
+
uint16_t record_version,
|
302
|
+
const uint8_t seqnum[8], const uint8_t *in,
|
303
|
+
size_t in_len, const uint8_t *extra_in,
|
304
|
+
size_t extra_in_len) {
|
305
|
+
const size_t prefix_len = ExplicitNonceLen();
|
306
|
+
size_t suffix_len;
|
307
|
+
if (!SuffixLen(&suffix_len, in_len, extra_in_len)) {
|
308
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_RECORD_TOO_LARGE);
|
309
|
+
return false;
|
310
|
+
}
|
311
|
+
if ((in != out && buffers_alias(in, in_len, out, in_len)) ||
|
312
|
+
buffers_alias(in, in_len, out_prefix, prefix_len) ||
|
313
|
+
buffers_alias(in, in_len, out_suffix, suffix_len)) {
|
314
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_OUTPUT_ALIASES_INPUT);
|
315
|
+
return false;
|
316
|
+
}
|
317
|
+
|
318
|
+
if (is_null_cipher() || FUZZER_MODE) {
|
319
|
+
// Handle the initial NULL cipher.
|
320
|
+
OPENSSL_memmove(out, in, in_len);
|
321
|
+
OPENSSL_memmove(out_suffix, extra_in, extra_in_len);
|
322
|
+
return true;
|
323
|
+
}
|
324
|
+
|
325
|
+
uint8_t ad[13];
|
326
|
+
size_t ad_len = GetAdditionalData(ad, type, record_version, seqnum, in_len);
|
327
|
+
|
328
|
+
// Assemble the nonce.
|
329
|
+
uint8_t nonce[EVP_AEAD_MAX_NONCE_LENGTH];
|
330
|
+
size_t nonce_len = 0;
|
331
|
+
|
332
|
+
// Prepend the fixed nonce, or left-pad with zeros if XORing.
|
333
|
+
if (xor_fixed_nonce_) {
|
334
|
+
nonce_len = fixed_nonce_len_ - variable_nonce_len_;
|
335
|
+
OPENSSL_memset(nonce, 0, nonce_len);
|
336
|
+
} else {
|
337
|
+
OPENSSL_memcpy(nonce, fixed_nonce_, fixed_nonce_len_);
|
338
|
+
nonce_len += fixed_nonce_len_;
|
339
|
+
}
|
340
|
+
|
341
|
+
// Select the variable nonce.
|
342
|
+
if (random_variable_nonce_) {
|
343
|
+
assert(variable_nonce_included_in_record_);
|
344
|
+
if (!RAND_bytes(nonce + nonce_len, variable_nonce_len_)) {
|
345
|
+
return false;
|
346
|
+
}
|
347
|
+
} else {
|
348
|
+
// When sending we use the sequence number as the variable part of the
|
349
|
+
// nonce.
|
350
|
+
assert(variable_nonce_len_ == 8);
|
351
|
+
OPENSSL_memcpy(nonce + nonce_len, seqnum, variable_nonce_len_);
|
352
|
+
}
|
353
|
+
nonce_len += variable_nonce_len_;
|
354
|
+
|
355
|
+
// Emit the variable nonce if included in the record.
|
356
|
+
if (variable_nonce_included_in_record_) {
|
357
|
+
assert(!xor_fixed_nonce_);
|
358
|
+
if (buffers_alias(in, in_len, out_prefix, variable_nonce_len_)) {
|
359
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_OUTPUT_ALIASES_INPUT);
|
360
|
+
return false;
|
361
|
+
}
|
362
|
+
OPENSSL_memcpy(out_prefix, nonce + fixed_nonce_len_,
|
363
|
+
variable_nonce_len_);
|
364
|
+
}
|
365
|
+
|
366
|
+
// XOR the fixed nonce, if necessary.
|
367
|
+
if (xor_fixed_nonce_) {
|
368
|
+
assert(nonce_len == fixed_nonce_len_);
|
369
|
+
for (size_t i = 0; i < fixed_nonce_len_; i++) {
|
370
|
+
nonce[i] ^= fixed_nonce_[i];
|
371
|
+
}
|
372
|
+
}
|
373
|
+
|
374
|
+
size_t written_suffix_len;
|
375
|
+
bool result = !!EVP_AEAD_CTX_seal_scatter(
|
376
|
+
ctx_.get(), out, out_suffix, &written_suffix_len, suffix_len, nonce,
|
377
|
+
nonce_len, in, in_len, extra_in, extra_in_len, ad, ad_len);
|
378
|
+
assert(!result || written_suffix_len == suffix_len);
|
379
|
+
return result;
|
380
|
+
}
|
381
|
+
|
382
|
+
bool SSLAEADContext::Seal(uint8_t *out, size_t *out_len, size_t max_out_len,
|
383
|
+
uint8_t type, uint16_t record_version,
|
384
|
+
const uint8_t seqnum[8], const uint8_t *in,
|
385
|
+
size_t in_len) {
|
386
|
+
const size_t prefix_len = ExplicitNonceLen();
|
387
|
+
size_t suffix_len;
|
388
|
+
if (!SuffixLen(&suffix_len, in_len, 0)) {
|
389
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_RECORD_TOO_LARGE);
|
390
|
+
return false;
|
391
|
+
}
|
392
|
+
if (in_len + prefix_len < in_len ||
|
393
|
+
in_len + prefix_len + suffix_len < in_len + prefix_len) {
|
394
|
+
OPENSSL_PUT_ERROR(CIPHER, SSL_R_RECORD_TOO_LARGE);
|
395
|
+
return false;
|
396
|
+
}
|
397
|
+
if (in_len + prefix_len + suffix_len > max_out_len) {
|
398
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL);
|
399
|
+
return false;
|
400
|
+
}
|
401
|
+
|
402
|
+
if (!SealScatter(out, out + prefix_len, out + prefix_len + in_len, type,
|
403
|
+
record_version, seqnum, in, in_len, 0, 0)) {
|
404
|
+
return false;
|
405
|
+
}
|
406
|
+
*out_len = prefix_len + in_len + suffix_len;
|
407
|
+
return true;
|
408
|
+
}
|
409
|
+
|
410
|
+
bool SSLAEADContext::GetIV(const uint8_t **out_iv, size_t *out_iv_len) const {
|
411
|
+
return !is_null_cipher() &&
|
412
|
+
EVP_AEAD_CTX_get_iv(ctx_.get(), out_iv, out_iv_len);
|
413
|
+
}
|
414
|
+
|
415
|
+
} // namespace bssl
|
@@ -80,11 +80,20 @@
|
|
80
80
|
* OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
|
81
81
|
* OTHERWISE. */
|
82
82
|
|
83
|
+
// Per C99, various stdint.h macros are unavailable in C++ unless some macros
|
84
|
+
// are defined. C++11 overruled this decision, but older Android NDKs still
|
85
|
+
// require it.
|
86
|
+
#if !defined(__STDC_LIMIT_MACROS)
|
87
|
+
#define __STDC_LIMIT_MACROS
|
88
|
+
#endif
|
89
|
+
|
83
90
|
#include <openssl/ssl.h>
|
84
91
|
|
85
92
|
#include <limits.h>
|
86
93
|
#include <string.h>
|
87
94
|
|
95
|
+
#include <utility>
|
96
|
+
|
88
97
|
#include <openssl/buf.h>
|
89
98
|
#include <openssl/bytestring.h>
|
90
99
|
#include <openssl/err.h>
|
@@ -95,53 +104,51 @@
|
|
95
104
|
#include "internal.h"
|
96
105
|
|
97
106
|
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
-
* ticketFlags [20] INTEGER OPTIONAL,
|
144
|
-
*/
|
107
|
+
namespace bssl {
|
108
|
+
|
109
|
+
// An SSL_SESSION is serialized as the following ASN.1 structure:
|
110
|
+
//
|
111
|
+
// SSLSession ::= SEQUENCE {
|
112
|
+
// version INTEGER (1), -- session structure version
|
113
|
+
// sslVersion INTEGER, -- protocol version number
|
114
|
+
// cipher OCTET STRING, -- two bytes long
|
115
|
+
// sessionID OCTET STRING,
|
116
|
+
// masterKey OCTET STRING,
|
117
|
+
// time [1] INTEGER, -- seconds since UNIX epoch
|
118
|
+
// timeout [2] INTEGER, -- in seconds
|
119
|
+
// peer [3] Certificate OPTIONAL,
|
120
|
+
// sessionIDContext [4] OCTET STRING OPTIONAL,
|
121
|
+
// verifyResult [5] INTEGER OPTIONAL, -- one of X509_V_* codes
|
122
|
+
// pskIdentity [8] OCTET STRING OPTIONAL,
|
123
|
+
// ticketLifetimeHint [9] INTEGER OPTIONAL, -- client-only
|
124
|
+
// ticket [10] OCTET STRING OPTIONAL, -- client-only
|
125
|
+
// peerSHA256 [13] OCTET STRING OPTIONAL,
|
126
|
+
// originalHandshakeHash [14] OCTET STRING OPTIONAL,
|
127
|
+
// signedCertTimestampList [15] OCTET STRING OPTIONAL,
|
128
|
+
// -- contents of SCT extension
|
129
|
+
// ocspResponse [16] OCTET STRING OPTIONAL,
|
130
|
+
// -- stapled OCSP response from the server
|
131
|
+
// extendedMasterSecret [17] BOOLEAN OPTIONAL,
|
132
|
+
// groupID [18] INTEGER OPTIONAL,
|
133
|
+
// certChain [19] SEQUENCE OF Certificate OPTIONAL,
|
134
|
+
// ticketAgeAdd [21] OCTET STRING OPTIONAL,
|
135
|
+
// isServer [22] BOOLEAN DEFAULT TRUE,
|
136
|
+
// peerSignatureAlgorithm [23] INTEGER OPTIONAL,
|
137
|
+
// ticketMaxEarlyData [24] INTEGER OPTIONAL,
|
138
|
+
// authTimeout [25] INTEGER OPTIONAL, -- defaults to timeout
|
139
|
+
// earlyALPN [26] OCTET STRING OPTIONAL,
|
140
|
+
// }
|
141
|
+
//
|
142
|
+
// Note: historically this serialization has included other optional
|
143
|
+
// fields. Their presence is currently treated as a parse error, except for
|
144
|
+
// hostName, which is ignored.
|
145
|
+
//
|
146
|
+
// keyArg [0] IMPLICIT OCTET STRING OPTIONAL,
|
147
|
+
// hostName [6] OCTET STRING OPTIONAL,
|
148
|
+
// pskIdentityHint [7] OCTET STRING OPTIONAL,
|
149
|
+
// compressionMethod [11] OCTET STRING OPTIONAL,
|
150
|
+
// srpUsername [12] OCTET STRING OPTIONAL,
|
151
|
+
// ticketFlags [20] INTEGER OPTIONAL,
|
145
152
|
|
146
153
|
static const unsigned kVersion = 1;
|
147
154
|
|
@@ -192,87 +199,58 @@ static const int kEarlyALPNTag =
|
|
192
199
|
|
193
200
|
static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, uint8_t **out_data,
|
194
201
|
size_t *out_len, int for_ticket) {
|
195
|
-
CBB cbb, session, child, child2;
|
196
|
-
|
197
202
|
if (in == NULL || in->cipher == NULL) {
|
198
203
|
return 0;
|
199
204
|
}
|
200
205
|
|
201
|
-
|
202
|
-
|
203
|
-
|
206
|
+
ScopedCBB cbb;
|
207
|
+
CBB session, child, child2;
|
208
|
+
if (!CBB_init(cbb.get(), 0) ||
|
209
|
+
!CBB_add_asn1(cbb.get(), &session, CBS_ASN1_SEQUENCE) ||
|
204
210
|
!CBB_add_asn1_uint64(&session, kVersion) ||
|
205
211
|
!CBB_add_asn1_uint64(&session, in->ssl_version) ||
|
206
212
|
!CBB_add_asn1(&session, &child, CBS_ASN1_OCTETSTRING) ||
|
207
213
|
!CBB_add_u16(&child, (uint16_t)(in->cipher->id & 0xffff)) ||
|
208
214
|
!CBB_add_asn1(&session, &child, CBS_ASN1_OCTETSTRING) ||
|
209
|
-
|
215
|
+
// The session ID is irrelevant for a session ticket.
|
210
216
|
!CBB_add_bytes(&child, in->session_id,
|
211
217
|
for_ticket ? 0 : in->session_id_length) ||
|
212
218
|
!CBB_add_asn1(&session, &child, CBS_ASN1_OCTETSTRING) ||
|
213
|
-
!CBB_add_bytes(&child, in->master_key, in->master_key_length)
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
if (in->time < 0) {
|
219
|
-
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
220
|
-
goto err;
|
221
|
-
}
|
222
|
-
|
223
|
-
if (!CBB_add_asn1(&session, &child, kTimeTag) ||
|
224
|
-
!CBB_add_asn1_uint64(&child, in->time)) {
|
225
|
-
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
226
|
-
goto err;
|
227
|
-
}
|
228
|
-
|
229
|
-
if (in->timeout < 0) {
|
230
|
-
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
231
|
-
goto err;
|
232
|
-
}
|
233
|
-
|
234
|
-
if (!CBB_add_asn1(&session, &child, kTimeoutTag) ||
|
219
|
+
!CBB_add_bytes(&child, in->master_key, in->master_key_length) ||
|
220
|
+
!CBB_add_asn1(&session, &child, kTimeTag) ||
|
221
|
+
!CBB_add_asn1_uint64(&child, in->time) ||
|
222
|
+
!CBB_add_asn1(&session, &child, kTimeoutTag) ||
|
235
223
|
!CBB_add_asn1_uint64(&child, in->timeout)) {
|
236
224
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
237
|
-
|
225
|
+
return 0;
|
238
226
|
}
|
239
227
|
|
240
|
-
|
241
|
-
|
228
|
+
// The peer certificate is only serialized if the SHA-256 isn't
|
229
|
+
// serialized instead.
|
242
230
|
if (sk_CRYPTO_BUFFER_num(in->certs) > 0 && !in->peer_sha256_valid) {
|
243
231
|
const CRYPTO_BUFFER *buffer = sk_CRYPTO_BUFFER_value(in->certs, 0);
|
244
232
|
if (!CBB_add_asn1(&session, &child, kPeerTag) ||
|
245
233
|
!CBB_add_bytes(&child, CRYPTO_BUFFER_data(buffer),
|
246
234
|
CRYPTO_BUFFER_len(buffer))) {
|
247
235
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
248
|
-
|
236
|
+
return 0;
|
249
237
|
}
|
250
238
|
}
|
251
239
|
|
252
|
-
|
253
|
-
|
240
|
+
// Although it is OPTIONAL and usually empty, OpenSSL has
|
241
|
+
// historically always encoded the sid_ctx.
|
254
242
|
if (!CBB_add_asn1(&session, &child, kSessionIDContextTag) ||
|
255
243
|
!CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) ||
|
256
244
|
!CBB_add_bytes(&child2, in->sid_ctx, in->sid_ctx_length)) {
|
257
245
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
258
|
-
|
246
|
+
return 0;
|
259
247
|
}
|
260
248
|
|
261
249
|
if (in->verify_result != X509_V_OK) {
|
262
250
|
if (!CBB_add_asn1(&session, &child, kVerifyResultTag) ||
|
263
251
|
!CBB_add_asn1_uint64(&child, in->verify_result)) {
|
264
252
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
265
|
-
|
266
|
-
}
|
267
|
-
}
|
268
|
-
|
269
|
-
if (in->tlsext_hostname) {
|
270
|
-
if (!CBB_add_asn1(&session, &child, kHostNameTag) ||
|
271
|
-
!CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) ||
|
272
|
-
!CBB_add_bytes(&child2, (const uint8_t *)in->tlsext_hostname,
|
273
|
-
strlen(in->tlsext_hostname))) {
|
274
|
-
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
275
|
-
goto err;
|
253
|
+
return 0;
|
276
254
|
}
|
277
255
|
}
|
278
256
|
|
@@ -282,7 +260,7 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, uint8_t **out_data,
|
|
282
260
|
!CBB_add_bytes(&child2, (const uint8_t *)in->psk_identity,
|
283
261
|
strlen(in->psk_identity))) {
|
284
262
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
285
|
-
|
263
|
+
return 0;
|
286
264
|
}
|
287
265
|
}
|
288
266
|
|
@@ -290,7 +268,7 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, uint8_t **out_data,
|
|
290
268
|
if (!CBB_add_asn1(&session, &child, kTicketLifetimeHintTag) ||
|
291
269
|
!CBB_add_asn1_uint64(&child, in->tlsext_tick_lifetime_hint)) {
|
292
270
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
293
|
-
|
271
|
+
return 0;
|
294
272
|
}
|
295
273
|
}
|
296
274
|
|
@@ -299,7 +277,7 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, uint8_t **out_data,
|
|
299
277
|
!CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) ||
|
300
278
|
!CBB_add_bytes(&child2, in->tlsext_tick, in->tlsext_ticklen)) {
|
301
279
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
302
|
-
|
280
|
+
return 0;
|
303
281
|
}
|
304
282
|
}
|
305
283
|
|
@@ -308,7 +286,7 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, uint8_t **out_data,
|
|
308
286
|
!CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) ||
|
309
287
|
!CBB_add_bytes(&child2, in->peer_sha256, sizeof(in->peer_sha256))) {
|
310
288
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
311
|
-
|
289
|
+
return 0;
|
312
290
|
}
|
313
291
|
}
|
314
292
|
|
@@ -318,26 +296,28 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, uint8_t **out_data,
|
|
318
296
|
!CBB_add_bytes(&child2, in->original_handshake_hash,
|
319
297
|
in->original_handshake_hash_len)) {
|
320
298
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
321
|
-
|
299
|
+
return 0;
|
322
300
|
}
|
323
301
|
}
|
324
302
|
|
325
|
-
if (in->
|
303
|
+
if (in->signed_cert_timestamp_list != nullptr) {
|
326
304
|
if (!CBB_add_asn1(&session, &child, kSignedCertTimestampListTag) ||
|
327
305
|
!CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) ||
|
328
|
-
!CBB_add_bytes(&child2,
|
329
|
-
in->
|
306
|
+
!CBB_add_bytes(&child2,
|
307
|
+
CRYPTO_BUFFER_data(in->signed_cert_timestamp_list),
|
308
|
+
CRYPTO_BUFFER_len(in->signed_cert_timestamp_list))) {
|
330
309
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
331
|
-
|
310
|
+
return 0;
|
332
311
|
}
|
333
312
|
}
|
334
313
|
|
335
|
-
if (in->
|
314
|
+
if (in->ocsp_response != nullptr) {
|
336
315
|
if (!CBB_add_asn1(&session, &child, kOCSPResponseTag) ||
|
337
316
|
!CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) ||
|
338
|
-
!CBB_add_bytes(&child2, in->ocsp_response,
|
317
|
+
!CBB_add_bytes(&child2, CRYPTO_BUFFER_data(in->ocsp_response),
|
318
|
+
CRYPTO_BUFFER_len(in->ocsp_response))) {
|
339
319
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
340
|
-
|
320
|
+
return 0;
|
341
321
|
}
|
342
322
|
}
|
343
323
|
|
@@ -346,7 +326,7 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, uint8_t **out_data,
|
|
346
326
|
!CBB_add_asn1(&child, &child2, CBS_ASN1_BOOLEAN) ||
|
347
327
|
!CBB_add_u8(&child2, 0xff)) {
|
348
328
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
349
|
-
|
329
|
+
return 0;
|
350
330
|
}
|
351
331
|
}
|
352
332
|
|
@@ -354,24 +334,24 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, uint8_t **out_data,
|
|
354
334
|
(!CBB_add_asn1(&session, &child, kGroupIDTag) ||
|
355
335
|
!CBB_add_asn1_uint64(&child, in->group_id))) {
|
356
336
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
357
|
-
|
337
|
+
return 0;
|
358
338
|
}
|
359
339
|
|
360
|
-
|
361
|
-
|
340
|
+
// The certificate chain is only serialized if the leaf's SHA-256 isn't
|
341
|
+
// serialized instead.
|
362
342
|
if (in->certs != NULL &&
|
363
343
|
!in->peer_sha256_valid &&
|
364
344
|
sk_CRYPTO_BUFFER_num(in->certs) >= 2) {
|
365
345
|
if (!CBB_add_asn1(&session, &child, kCertChainTag)) {
|
366
346
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
367
|
-
|
347
|
+
return 0;
|
368
348
|
}
|
369
349
|
for (size_t i = 1; i < sk_CRYPTO_BUFFER_num(in->certs); i++) {
|
370
350
|
const CRYPTO_BUFFER *buffer = sk_CRYPTO_BUFFER_value(in->certs, i);
|
371
351
|
if (!CBB_add_bytes(&child, CRYPTO_BUFFER_data(buffer),
|
372
352
|
CRYPTO_BUFFER_len(buffer))) {
|
373
353
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
374
|
-
|
354
|
+
return 0;
|
375
355
|
}
|
376
356
|
}
|
377
357
|
}
|
@@ -381,7 +361,7 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, uint8_t **out_data,
|
|
381
361
|
!CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) ||
|
382
362
|
!CBB_add_u32(&child2, in->ticket_age_add)) {
|
383
363
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
384
|
-
|
364
|
+
return 0;
|
385
365
|
}
|
386
366
|
}
|
387
367
|
|
@@ -390,7 +370,7 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, uint8_t **out_data,
|
|
390
370
|
!CBB_add_asn1(&child, &child2, CBS_ASN1_BOOLEAN) ||
|
391
371
|
!CBB_add_u8(&child2, 0x00)) {
|
392
372
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
393
|
-
|
373
|
+
return 0;
|
394
374
|
}
|
395
375
|
}
|
396
376
|
|
@@ -398,21 +378,21 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, uint8_t **out_data,
|
|
398
378
|
(!CBB_add_asn1(&session, &child, kPeerSignatureAlgorithmTag) ||
|
399
379
|
!CBB_add_asn1_uint64(&child, in->peer_signature_algorithm))) {
|
400
380
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
401
|
-
|
381
|
+
return 0;
|
402
382
|
}
|
403
383
|
|
404
384
|
if (in->ticket_max_early_data != 0 &&
|
405
385
|
(!CBB_add_asn1(&session, &child, kTicketMaxEarlyDataTag) ||
|
406
386
|
!CBB_add_asn1_uint64(&child, in->ticket_max_early_data))) {
|
407
387
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
408
|
-
|
388
|
+
return 0;
|
409
389
|
}
|
410
390
|
|
411
391
|
if (in->timeout != in->auth_timeout &&
|
412
392
|
(!CBB_add_asn1(&session, &child, kAuthTimeoutTag) ||
|
413
393
|
!CBB_add_asn1_uint64(&child, in->auth_timeout))) {
|
414
394
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
415
|
-
|
395
|
+
return 0;
|
416
396
|
}
|
417
397
|
|
418
398
|
if (in->early_alpn) {
|
@@ -421,76 +401,23 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, uint8_t **out_data,
|
|
421
401
|
!CBB_add_bytes(&child2, (const uint8_t *)in->early_alpn,
|
422
402
|
in->early_alpn_len)) {
|
423
403
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
424
|
-
|
404
|
+
return 0;
|
425
405
|
}
|
426
406
|
}
|
427
407
|
|
428
|
-
if (!CBB_finish(
|
408
|
+
if (!CBB_finish(cbb.get(), out_data, out_len)) {
|
429
409
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
430
|
-
|
410
|
+
return 0;
|
431
411
|
}
|
432
412
|
return 1;
|
433
|
-
|
434
|
-
err:
|
435
|
-
CBB_cleanup(&cbb);
|
436
|
-
return 0;
|
437
|
-
}
|
438
|
-
|
439
|
-
int SSL_SESSION_to_bytes(const SSL_SESSION *in, uint8_t **out_data,
|
440
|
-
size_t *out_len) {
|
441
|
-
if (in->not_resumable) {
|
442
|
-
/* If the caller has an unresumable session, e.g. if |SSL_get_session| were
|
443
|
-
* called on a TLS 1.3 or False Started connection, serialize with a
|
444
|
-
* placeholder value so it is not accidentally deserialized into a resumable
|
445
|
-
* one. */
|
446
|
-
static const char kNotResumableSession[] = "NOT RESUMABLE";
|
447
|
-
|
448
|
-
*out_len = strlen(kNotResumableSession);
|
449
|
-
*out_data = BUF_memdup(kNotResumableSession, *out_len);
|
450
|
-
if (*out_data == NULL) {
|
451
|
-
return 0;
|
452
|
-
}
|
453
|
-
|
454
|
-
return 1;
|
455
|
-
}
|
456
|
-
|
457
|
-
return SSL_SESSION_to_bytes_full(in, out_data, out_len, 0);
|
458
|
-
}
|
459
|
-
|
460
|
-
int SSL_SESSION_to_bytes_for_ticket(const SSL_SESSION *in, uint8_t **out_data,
|
461
|
-
size_t *out_len) {
|
462
|
-
return SSL_SESSION_to_bytes_full(in, out_data, out_len, 1);
|
463
413
|
}
|
464
414
|
|
465
|
-
|
466
|
-
|
467
|
-
|
468
|
-
|
469
|
-
|
470
|
-
|
471
|
-
}
|
472
|
-
|
473
|
-
if (len > INT_MAX) {
|
474
|
-
OPENSSL_free(out);
|
475
|
-
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
|
476
|
-
return -1;
|
477
|
-
}
|
478
|
-
|
479
|
-
if (pp) {
|
480
|
-
OPENSSL_memcpy(*pp, out, len);
|
481
|
-
*pp += len;
|
482
|
-
}
|
483
|
-
OPENSSL_free(out);
|
484
|
-
|
485
|
-
return len;
|
486
|
-
}
|
487
|
-
|
488
|
-
/* SSL_SESSION_parse_string gets an optional ASN.1 OCTET STRING
|
489
|
-
* explicitly tagged with |tag| from |cbs| and saves it in |*out|. On
|
490
|
-
* entry, if |*out| is not NULL, it frees the existing contents. If
|
491
|
-
* the element was not found, it sets |*out| to NULL. It returns one
|
492
|
-
* on success, whether or not the element was found, and zero on
|
493
|
-
* decode error. */
|
415
|
+
// SSL_SESSION_parse_string gets an optional ASN.1 OCTET STRING
|
416
|
+
// explicitly tagged with |tag| from |cbs| and saves it in |*out|. On
|
417
|
+
// entry, if |*out| is not NULL, it frees the existing contents. If
|
418
|
+
// the element was not found, it sets |*out| to NULL. It returns one
|
419
|
+
// on success, whether or not the element was found, and zero on
|
420
|
+
// decode error.
|
494
421
|
static int SSL_SESSION_parse_string(CBS *cbs, char **out, unsigned tag) {
|
495
422
|
CBS value;
|
496
423
|
int present;
|
@@ -514,12 +441,12 @@ static int SSL_SESSION_parse_string(CBS *cbs, char **out, unsigned tag) {
|
|
514
441
|
return 1;
|
515
442
|
}
|
516
443
|
|
517
|
-
|
518
|
-
|
519
|
-
|
520
|
-
|
521
|
-
|
522
|
-
|
444
|
+
// SSL_SESSION_parse_string gets an optional ASN.1 OCTET STRING
|
445
|
+
// explicitly tagged with |tag| from |cbs| and stows it in |*out_ptr|
|
446
|
+
// and |*out_len|. If |*out_ptr| is not NULL, it frees the existing
|
447
|
+
// contents. On entry, if the element was not found, it sets
|
448
|
+
// |*out_ptr| to NULL. It returns one on success, whether or not the
|
449
|
+
// element was found, and zero on decode error.
|
523
450
|
static int SSL_SESSION_parse_octet_string(CBS *cbs, uint8_t **out_ptr,
|
524
451
|
size_t *out_len, unsigned tag) {
|
525
452
|
CBS value;
|
@@ -534,8 +461,31 @@ static int SSL_SESSION_parse_octet_string(CBS *cbs, uint8_t **out_ptr,
|
|
534
461
|
return 1;
|
535
462
|
}
|
536
463
|
|
537
|
-
|
538
|
-
|
464
|
+
static int SSL_SESSION_parse_crypto_buffer(CBS *cbs, CRYPTO_BUFFER **out,
|
465
|
+
unsigned tag,
|
466
|
+
CRYPTO_BUFFER_POOL *pool) {
|
467
|
+
if (!CBS_peek_asn1_tag(cbs, tag)) {
|
468
|
+
return 1;
|
469
|
+
}
|
470
|
+
|
471
|
+
CBS child, value;
|
472
|
+
if (!CBS_get_asn1(cbs, &child, tag) ||
|
473
|
+
!CBS_get_asn1(&child, &value, CBS_ASN1_OCTETSTRING) ||
|
474
|
+
CBS_len(&child) != 0) {
|
475
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
476
|
+
return 0;
|
477
|
+
}
|
478
|
+
CRYPTO_BUFFER_free(*out);
|
479
|
+
*out = CRYPTO_BUFFER_new_from_CBS(&value, pool);
|
480
|
+
if (*out == nullptr) {
|
481
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
482
|
+
return 0;
|
483
|
+
}
|
484
|
+
return 1;
|
485
|
+
}
|
486
|
+
|
487
|
+
// SSL_SESSION_parse_bounded_octet_string parses an optional ASN.1 OCTET STRING
|
488
|
+
// explicitly tagged with |tag| of size at most |max_out|.
|
539
489
|
static int SSL_SESSION_parse_bounded_octet_string(
|
540
490
|
CBS *cbs, uint8_t *out, uint8_t *out_len, uint8_t max_out, unsigned tag) {
|
541
491
|
CBS value;
|
@@ -588,21 +538,29 @@ static int SSL_SESSION_parse_u16(CBS *cbs, uint16_t *out, unsigned tag,
|
|
588
538
|
return 1;
|
589
539
|
}
|
590
540
|
|
591
|
-
SSL_SESSION
|
592
|
-
|
593
|
-
|
594
|
-
|
595
|
-
|
541
|
+
UniquePtr<SSL_SESSION> SSL_SESSION_parse(CBS *cbs,
|
542
|
+
const SSL_X509_METHOD *x509_method,
|
543
|
+
CRYPTO_BUFFER_POOL *pool) {
|
544
|
+
UniquePtr<SSL_SESSION> ret = ssl_session_new(x509_method);
|
545
|
+
if (!ret) {
|
546
|
+
return nullptr;
|
596
547
|
}
|
597
548
|
|
598
549
|
CBS session;
|
599
550
|
uint64_t version, ssl_version;
|
551
|
+
uint16_t unused;
|
600
552
|
if (!CBS_get_asn1(cbs, &session, CBS_ASN1_SEQUENCE) ||
|
601
553
|
!CBS_get_asn1_uint64(&session, &version) ||
|
602
554
|
version != kVersion ||
|
603
|
-
!CBS_get_asn1_uint64(&session, &ssl_version)
|
555
|
+
!CBS_get_asn1_uint64(&session, &ssl_version) ||
|
556
|
+
// Require sessions have versions valid in either TLS or DTLS. The session
|
557
|
+
// will not be used by the handshake if not applicable, but, for
|
558
|
+
// simplicity, never parse a session that does not pass
|
559
|
+
// |ssl_protocol_version_from_wire|.
|
560
|
+
ssl_version > UINT16_MAX ||
|
561
|
+
!ssl_protocol_version_from_wire(&unused, ssl_version)) {
|
604
562
|
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
605
|
-
|
563
|
+
return nullptr;
|
606
564
|
}
|
607
565
|
ret->ssl_version = ssl_version;
|
608
566
|
|
@@ -612,12 +570,12 @@ SSL_SESSION *SSL_SESSION_parse(CBS *cbs, const SSL_X509_METHOD *x509_method,
|
|
612
570
|
!CBS_get_u16(&cipher, &cipher_value) ||
|
613
571
|
CBS_len(&cipher) != 0) {
|
614
572
|
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
615
|
-
|
573
|
+
return nullptr;
|
616
574
|
}
|
617
575
|
ret->cipher = SSL_get_cipher_by_value(cipher_value);
|
618
576
|
if (ret->cipher == NULL) {
|
619
577
|
OPENSSL_PUT_ERROR(SSL, SSL_R_UNSUPPORTED_CIPHER);
|
620
|
-
|
578
|
+
return nullptr;
|
621
579
|
}
|
622
580
|
|
623
581
|
CBS session_id, master_key;
|
@@ -626,7 +584,7 @@ SSL_SESSION *SSL_SESSION_parse(CBS *cbs, const SSL_X509_METHOD *x509_method,
|
|
626
584
|
!CBS_get_asn1(&session, &master_key, CBS_ASN1_OCTETSTRING) ||
|
627
585
|
CBS_len(&master_key) > SSL_MAX_MASTER_KEY_LENGTH) {
|
628
586
|
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
629
|
-
|
587
|
+
return nullptr;
|
630
588
|
}
|
631
589
|
OPENSSL_memcpy(ret->session_id, CBS_data(&session_id), CBS_len(&session_id));
|
632
590
|
ret->session_id_length = CBS_len(&session_id);
|
@@ -634,43 +592,50 @@ SSL_SESSION *SSL_SESSION_parse(CBS *cbs, const SSL_X509_METHOD *x509_method,
|
|
634
592
|
ret->master_key_length = CBS_len(&master_key);
|
635
593
|
|
636
594
|
CBS child;
|
637
|
-
uint64_t
|
595
|
+
uint64_t timeout;
|
638
596
|
if (!CBS_get_asn1(&session, &child, kTimeTag) ||
|
639
|
-
!CBS_get_asn1_uint64(&child, &time) ||
|
640
|
-
time > LONG_MAX ||
|
597
|
+
!CBS_get_asn1_uint64(&child, &ret->time) ||
|
641
598
|
!CBS_get_asn1(&session, &child, kTimeoutTag) ||
|
642
599
|
!CBS_get_asn1_uint64(&child, &timeout) ||
|
643
|
-
timeout >
|
600
|
+
timeout > UINT32_MAX) {
|
644
601
|
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
645
|
-
|
602
|
+
return nullptr;
|
646
603
|
}
|
647
604
|
|
648
|
-
ret->
|
649
|
-
ret->timeout = (long)timeout;
|
605
|
+
ret->timeout = (uint32_t)timeout;
|
650
606
|
|
651
607
|
CBS peer;
|
652
608
|
int has_peer;
|
653
609
|
if (!CBS_get_optional_asn1(&session, &peer, &has_peer, kPeerTag) ||
|
654
610
|
(has_peer && CBS_len(&peer) == 0)) {
|
655
611
|
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
656
|
-
|
612
|
+
return nullptr;
|
657
613
|
}
|
658
|
-
|
614
|
+
// |peer| is processed with the certificate chain.
|
659
615
|
|
660
616
|
if (!SSL_SESSION_parse_bounded_octet_string(
|
661
617
|
&session, ret->sid_ctx, &ret->sid_ctx_length, sizeof(ret->sid_ctx),
|
662
618
|
kSessionIDContextTag) ||
|
663
619
|
!SSL_SESSION_parse_long(&session, &ret->verify_result, kVerifyResultTag,
|
664
|
-
X509_V_OK)
|
665
|
-
|
666
|
-
|
667
|
-
|
620
|
+
X509_V_OK)) {
|
621
|
+
return nullptr;
|
622
|
+
}
|
623
|
+
|
624
|
+
// Skip the historical hostName field.
|
625
|
+
CBS unused_hostname;
|
626
|
+
if (!CBS_get_optional_asn1(&session, &unused_hostname, nullptr,
|
627
|
+
kHostNameTag)) {
|
628
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
629
|
+
return nullptr;
|
630
|
+
}
|
631
|
+
|
632
|
+
if (!SSL_SESSION_parse_string(&session, &ret->psk_identity,
|
668
633
|
kPSKIdentityTag) ||
|
669
634
|
!SSL_SESSION_parse_u32(&session, &ret->tlsext_tick_lifetime_hint,
|
670
635
|
kTicketLifetimeHintTag, 0) ||
|
671
636
|
!SSL_SESSION_parse_octet_string(&session, &ret->tlsext_tick,
|
672
637
|
&ret->tlsext_ticklen, kTicketTag)) {
|
673
|
-
|
638
|
+
return nullptr;
|
674
639
|
}
|
675
640
|
|
676
641
|
if (CBS_peek_asn1_tag(&session, kPeerSHA256Tag)) {
|
@@ -680,7 +645,7 @@ SSL_SESSION *SSL_SESSION_parse(CBS *cbs, const SSL_X509_METHOD *x509_method,
|
|
680
645
|
CBS_len(&peer_sha256) != sizeof(ret->peer_sha256) ||
|
681
646
|
CBS_len(&child) != 0) {
|
682
647
|
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
683
|
-
|
648
|
+
return nullptr;
|
684
649
|
}
|
685
650
|
OPENSSL_memcpy(ret->peer_sha256, CBS_data(&peer_sha256),
|
686
651
|
sizeof(ret->peer_sha256));
|
@@ -693,14 +658,12 @@ SSL_SESSION *SSL_SESSION_parse(CBS *cbs, const SSL_X509_METHOD *x509_method,
|
|
693
658
|
&session, ret->original_handshake_hash,
|
694
659
|
&ret->original_handshake_hash_len,
|
695
660
|
sizeof(ret->original_handshake_hash), kOriginalHandshakeHashTag) ||
|
696
|
-
!
|
697
|
-
|
698
|
-
|
699
|
-
|
700
|
-
|
701
|
-
|
702
|
-
kOCSPResponseTag)) {
|
703
|
-
goto err;
|
661
|
+
!SSL_SESSION_parse_crypto_buffer(&session,
|
662
|
+
&ret->signed_cert_timestamp_list,
|
663
|
+
kSignedCertTimestampListTag, pool) ||
|
664
|
+
!SSL_SESSION_parse_crypto_buffer(&session, &ret->ocsp_response,
|
665
|
+
kOCSPResponseTag, pool)) {
|
666
|
+
return nullptr;
|
704
667
|
}
|
705
668
|
|
706
669
|
int extended_master_secret;
|
@@ -708,27 +671,14 @@ SSL_SESSION *SSL_SESSION_parse(CBS *cbs, const SSL_X509_METHOD *x509_method,
|
|
708
671
|
kExtendedMasterSecretTag,
|
709
672
|
0 /* default to false */)) {
|
710
673
|
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
711
|
-
|
674
|
+
return nullptr;
|
712
675
|
}
|
713
676
|
ret->extended_master_secret = !!extended_master_secret;
|
714
677
|
|
715
|
-
|
716
|
-
if (!SSL_SESSION_parse_u32(&session, &value, kGroupIDTag, 0)) {
|
717
|
-
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
718
|
-
goto err;
|
719
|
-
}
|
720
|
-
|
721
|
-
/* Historically, the group_id field was used for key-exchange-specific
|
722
|
-
* information. Discard all but the group ID. */
|
723
|
-
if (ret->cipher->algorithm_mkey & (SSL_kRSA | SSL_kDHE)) {
|
724
|
-
value = 0;
|
725
|
-
}
|
726
|
-
|
727
|
-
if (value > 0xffff) {
|
678
|
+
if (!SSL_SESSION_parse_u16(&session, &ret->group_id, kGroupIDTag, 0)) {
|
728
679
|
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
729
|
-
|
680
|
+
return nullptr;
|
730
681
|
}
|
731
|
-
ret->group_id = (uint16_t)value;
|
732
682
|
|
733
683
|
CBS cert_chain;
|
734
684
|
CBS_init(&cert_chain, NULL, 0);
|
@@ -737,27 +687,25 @@ SSL_SESSION *SSL_SESSION_parse(CBS *cbs, const SSL_X509_METHOD *x509_method,
|
|
737
687
|
kCertChainTag) ||
|
738
688
|
(has_cert_chain && CBS_len(&cert_chain) == 0)) {
|
739
689
|
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
740
|
-
|
690
|
+
return nullptr;
|
741
691
|
}
|
742
692
|
if (has_cert_chain && !has_peer) {
|
743
693
|
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
744
|
-
|
694
|
+
return nullptr;
|
745
695
|
}
|
746
696
|
if (has_peer || has_cert_chain) {
|
747
697
|
ret->certs = sk_CRYPTO_BUFFER_new_null();
|
748
698
|
if (ret->certs == NULL) {
|
749
699
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
750
|
-
|
700
|
+
return nullptr;
|
751
701
|
}
|
752
702
|
|
753
703
|
if (has_peer) {
|
754
|
-
|
755
|
-
|
756
|
-
|
757
|
-
!sk_CRYPTO_BUFFER_push(ret->certs, buffer)) {
|
758
|
-
CRYPTO_BUFFER_free(buffer);
|
704
|
+
UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new_from_CBS(&peer, pool));
|
705
|
+
if (!buffer ||
|
706
|
+
!PushToStack(ret->certs, std::move(buffer))) {
|
759
707
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
760
|
-
|
708
|
+
return nullptr;
|
761
709
|
}
|
762
710
|
}
|
763
711
|
|
@@ -766,23 +714,22 @@ SSL_SESSION *SSL_SESSION_parse(CBS *cbs, const SSL_X509_METHOD *x509_method,
|
|
766
714
|
if (!CBS_get_any_asn1_element(&cert_chain, &cert, NULL, NULL) ||
|
767
715
|
CBS_len(&cert) == 0) {
|
768
716
|
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
769
|
-
|
717
|
+
return nullptr;
|
770
718
|
}
|
771
719
|
|
772
|
-
/* TODO(agl): this should use the |SSL_CTX|'s pool. */
|
773
720
|
CRYPTO_BUFFER *buffer = CRYPTO_BUFFER_new_from_CBS(&cert, pool);
|
774
721
|
if (buffer == NULL ||
|
775
722
|
!sk_CRYPTO_BUFFER_push(ret->certs, buffer)) {
|
776
723
|
CRYPTO_BUFFER_free(buffer);
|
777
724
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
778
|
-
|
725
|
+
return nullptr;
|
779
726
|
}
|
780
727
|
}
|
781
728
|
}
|
782
729
|
|
783
|
-
if (!x509_method->session_cache_objects(ret)) {
|
730
|
+
if (!x509_method->session_cache_objects(ret.get())) {
|
784
731
|
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
785
|
-
|
732
|
+
return nullptr;
|
786
733
|
}
|
787
734
|
|
788
735
|
CBS age_add;
|
@@ -792,7 +739,7 @@ SSL_SESSION *SSL_SESSION_parse(CBS *cbs, const SSL_X509_METHOD *x509_method,
|
|
792
739
|
(age_add_present &&
|
793
740
|
!CBS_get_u32(&age_add, &ret->ticket_age_add)) ||
|
794
741
|
CBS_len(&age_add) != 0) {
|
795
|
-
|
742
|
+
return nullptr;
|
796
743
|
}
|
797
744
|
ret->ticket_age_add_valid = age_add_present;
|
798
745
|
|
@@ -800,7 +747,7 @@ SSL_SESSION *SSL_SESSION_parse(CBS *cbs, const SSL_X509_METHOD *x509_method,
|
|
800
747
|
if (!CBS_get_optional_asn1_bool(&session, &is_server, kIsServerTag,
|
801
748
|
1 /* default to true */)) {
|
802
749
|
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
803
|
-
|
750
|
+
return nullptr;
|
804
751
|
}
|
805
752
|
/* TODO: in time we can include |is_server| for servers too, then we can
|
806
753
|
enforce that client and server sessions are never mixed up. */
|
@@ -811,34 +758,83 @@ SSL_SESSION *SSL_SESSION_parse(CBS *cbs, const SSL_X509_METHOD *x509_method,
|
|
811
758
|
kPeerSignatureAlgorithmTag, 0) ||
|
812
759
|
!SSL_SESSION_parse_u32(&session, &ret->ticket_max_early_data,
|
813
760
|
kTicketMaxEarlyDataTag, 0) ||
|
814
|
-
!
|
815
|
-
|
761
|
+
!SSL_SESSION_parse_u32(&session, &ret->auth_timeout, kAuthTimeoutTag,
|
762
|
+
ret->timeout) ||
|
816
763
|
!SSL_SESSION_parse_octet_string(&session, &ret->early_alpn,
|
817
764
|
&ret->early_alpn_len, kEarlyALPNTag) ||
|
818
765
|
CBS_len(&session) != 0) {
|
819
766
|
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
820
|
-
|
767
|
+
return nullptr;
|
821
768
|
}
|
822
769
|
|
823
770
|
return ret;
|
771
|
+
}
|
772
|
+
|
773
|
+
} // namespace bssl
|
774
|
+
|
775
|
+
using namespace bssl;
|
776
|
+
|
777
|
+
int SSL_SESSION_to_bytes(const SSL_SESSION *in, uint8_t **out_data,
|
778
|
+
size_t *out_len) {
|
779
|
+
if (in->not_resumable) {
|
780
|
+
// If the caller has an unresumable session, e.g. if |SSL_get_session| were
|
781
|
+
// called on a TLS 1.3 or False Started connection, serialize with a
|
782
|
+
// placeholder value so it is not accidentally deserialized into a resumable
|
783
|
+
// one.
|
784
|
+
static const char kNotResumableSession[] = "NOT RESUMABLE";
|
785
|
+
|
786
|
+
*out_len = strlen(kNotResumableSession);
|
787
|
+
*out_data = (uint8_t *)BUF_memdup(kNotResumableSession, *out_len);
|
788
|
+
if (*out_data == NULL) {
|
789
|
+
return 0;
|
790
|
+
}
|
791
|
+
|
792
|
+
return 1;
|
793
|
+
}
|
794
|
+
|
795
|
+
return SSL_SESSION_to_bytes_full(in, out_data, out_len, 0);
|
796
|
+
}
|
797
|
+
|
798
|
+
int SSL_SESSION_to_bytes_for_ticket(const SSL_SESSION *in, uint8_t **out_data,
|
799
|
+
size_t *out_len) {
|
800
|
+
return SSL_SESSION_to_bytes_full(in, out_data, out_len, 1);
|
801
|
+
}
|
802
|
+
|
803
|
+
int i2d_SSL_SESSION(SSL_SESSION *in, uint8_t **pp) {
|
804
|
+
uint8_t *out;
|
805
|
+
size_t len;
|
806
|
+
|
807
|
+
if (!SSL_SESSION_to_bytes(in, &out, &len)) {
|
808
|
+
return -1;
|
809
|
+
}
|
810
|
+
|
811
|
+
if (len > INT_MAX) {
|
812
|
+
OPENSSL_free(out);
|
813
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
|
814
|
+
return -1;
|
815
|
+
}
|
816
|
+
|
817
|
+
if (pp) {
|
818
|
+
OPENSSL_memcpy(*pp, out, len);
|
819
|
+
*pp += len;
|
820
|
+
}
|
821
|
+
OPENSSL_free(out);
|
824
822
|
|
825
|
-
|
826
|
-
SSL_SESSION_free(ret);
|
827
|
-
return NULL;
|
823
|
+
return len;
|
828
824
|
}
|
829
825
|
|
830
826
|
SSL_SESSION *SSL_SESSION_from_bytes(const uint8_t *in, size_t in_len,
|
831
827
|
const SSL_CTX *ctx) {
|
832
828
|
CBS cbs;
|
833
829
|
CBS_init(&cbs, in, in_len);
|
834
|
-
SSL_SESSION
|
835
|
-
|
830
|
+
UniquePtr<SSL_SESSION> ret =
|
831
|
+
SSL_SESSION_parse(&cbs, ctx->x509_method, ctx->pool);
|
832
|
+
if (!ret) {
|
836
833
|
return NULL;
|
837
834
|
}
|
838
835
|
if (CBS_len(&cbs) != 0) {
|
839
836
|
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
|
840
|
-
SSL_SESSION_free(ret);
|
841
837
|
return NULL;
|
842
838
|
}
|
843
|
-
return ret;
|
839
|
+
return ret.release();
|
844
840
|
}
|