grpc 1.9.1 → 1.10.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +2654 -953
- data/etc/roots.pem +282 -683
- data/include/grpc/compression.h +9 -26
- data/include/grpc/grpc.h +10 -24
- data/include/grpc/grpc_security.h +7 -1
- data/include/grpc/impl/codegen/compression_types.h +5 -62
- data/include/grpc/impl/codegen/grpc_types.h +10 -6
- data/include/grpc/module.modulemap +1 -10
- data/include/grpc/support/alloc.h +3 -2
- data/include/grpc/support/log.h +1 -2
- data/{src/core/lib/gpr/thd_internal.h → include/grpc/support/thd_id.h} +23 -9
- data/src/boringssl/err_data.c +550 -496
- data/src/core/ext/census/grpc_context.cc +2 -1
- data/src/core/ext/filters/client_channel/backup_poller.cc +5 -4
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +7 -7
- data/src/core/ext/filters/client_channel/client_channel.cc +162 -172
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +4 -2
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +10 -10
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +18 -14
- data/src/core/ext/filters/client_channel/http_proxy.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy.cc +21 -105
- data/src/core/ext/filters/client_channel/lb_policy.h +166 -170
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +41 -36
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +1452 -1459
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +3 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +7 -8
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +27 -27
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +279 -304
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +358 -330
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc +30 -41
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +7 -14
- data/src/core/ext/filters/client_channel/lb_policy_factory.cc +8 -21
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +23 -27
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +58 -33
- data/src/core/ext/filters/client_channel/lb_policy_registry.h +25 -12
- data/src/core/ext/filters/client_channel/parse_address.cc +10 -8
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver.cc +6 -52
- data/src/core/ext/filters/client_channel/resolver.h +98 -55
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +266 -237
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +31 -27
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +244 -207
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +161 -148
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +47 -31
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +126 -126
- data/src/core/ext/filters/client_channel/resolver_factory.h +33 -32
- data/src/core/ext/filters/client_channel/resolver_registry.cc +110 -90
- data/src/core/ext/filters/client_channel/resolver_registry.h +49 -36
- data/src/core/ext/filters/client_channel/retry_throttle.cc +29 -22
- data/src/core/ext/filters/client_channel/subchannel.cc +173 -173
- data/src/core/ext/filters/client_channel/subchannel.h +38 -45
- data/src/core/ext/filters/client_channel/subchannel_index.cc +44 -40
- data/src/core/ext/filters/client_channel/uri_parser.cc +3 -3
- data/src/core/ext/filters/deadline/deadline_filter.cc +27 -18
- data/src/core/ext/filters/http/client/http_client_filter.cc +26 -23
- data/src/core/ext/filters/http/http_filters_plugin.cc +3 -2
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +78 -110
- data/src/core/ext/filters/http/server/http_server_filter.cc +29 -26
- data/src/core/ext/filters/load_reporting/server_load_reporting_filter.cc +9 -11
- data/src/core/ext/filters/load_reporting/server_load_reporting_plugin.cc +2 -1
- data/src/core/ext/filters/max_age/max_age_filter.cc +14 -14
- data/src/core/ext/filters/message_size/message_size_filter.cc +20 -18
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +4 -4
- data/src/core/ext/filters/workarounds/workaround_utils.cc +4 -4
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +2 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +10 -10
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +4 -4
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +11 -12
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +16 -13
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +36 -9
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +3 -0
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +17 -14
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +139 -145
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +16 -14
- data/src/core/ext/transport/chttp2/transport/flow_control.h +8 -7
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +35 -33
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +27 -25
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +12 -12
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +16 -15
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +19 -19
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +11 -11
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +23 -22
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +35 -35
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +10 -7
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +1 -1
- data/src/core/ext/transport/chttp2/transport/parsing.cc +35 -39
- data/src/core/ext/transport/chttp2/transport/stream_map.cc +8 -7
- data/src/core/ext/transport/chttp2/transport/varint.cc +5 -5
- data/src/core/ext/transport/chttp2/transport/writing.cc +18 -18
- data/src/core/ext/transport/inproc/inproc_transport.cc +43 -23
- data/src/core/lib/{gpr → avl}/avl.cc +61 -57
- data/{include/grpc/support → src/core/lib/avl}/avl.h +25 -35
- data/src/core/lib/backoff/backoff.cc +6 -5
- data/src/core/lib/channel/channel_args.cc +23 -109
- data/src/core/lib/channel/channel_args.h +5 -31
- data/src/core/lib/channel/channel_stack.cc +11 -8
- data/src/core/lib/channel/channel_stack_builder.cc +10 -7
- data/src/core/lib/channel/connected_channel.cc +18 -17
- data/src/core/lib/channel/handshaker.cc +8 -8
- data/src/core/lib/channel/handshaker_registry.cc +3 -2
- data/src/core/lib/compression/algorithm_metadata.h +13 -6
- data/src/core/lib/compression/compression.cc +72 -183
- data/src/core/lib/compression/compression_internal.cc +274 -0
- data/src/core/lib/compression/compression_internal.h +86 -0
- data/src/core/lib/compression/message_compress.cc +15 -15
- data/src/core/lib/compression/message_compress.h +4 -3
- data/src/core/lib/compression/stream_compression_gzip.cc +8 -8
- data/src/core/lib/compression/stream_compression_identity.cc +1 -1
- data/src/core/lib/debug/stats.cc +10 -8
- data/src/core/lib/debug/stats_data.cc +2 -1
- data/src/core/lib/debug/trace.cc +3 -3
- data/src/core/lib/gpr/alloc.cc +7 -11
- data/src/core/lib/gpr/arena.cc +34 -12
- data/src/core/lib/gpr/atm.cc +2 -1
- data/src/core/lib/gpr/cpu_linux.cc +3 -3
- data/src/core/lib/gpr/cpu_posix.cc +2 -1
- data/src/core/lib/gpr/env.h +1 -1
- data/src/core/lib/gpr/env_linux.cc +1 -1
- data/src/core/lib/gpr/env_windows.cc +4 -4
- data/src/core/lib/gpr/fork.cc +16 -2
- data/src/core/lib/gpr/host_port.cc +5 -4
- data/{include/grpc/support → src/core/lib/gpr}/host_port.h +5 -13
- data/src/core/lib/gpr/log.cc +5 -4
- data/src/core/lib/gpr/log_linux.cc +1 -1
- data/src/core/lib/gpr/mpscq.cc +1 -0
- data/src/core/lib/gpr/murmur_hash.cc +4 -4
- data/src/core/lib/gpr/string.cc +19 -16
- data/src/core/lib/gpr/string_posix.cc +3 -3
- data/src/core/lib/gpr/sync_posix.cc +5 -9
- data/src/core/lib/gpr/thd.cc +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/thd.h +20 -28
- data/src/core/lib/gpr/thd_posix.cc +6 -4
- data/src/core/lib/gpr/thd_windows.cc +3 -1
- data/src/core/lib/gpr/time.cc +6 -4
- data/src/core/lib/gpr/time_posix.cc +2 -2
- data/{include/grpc/support → src/core/lib/gpr}/tls.h +6 -6
- data/{include/grpc/support → src/core/lib/gpr}/tls_gcc.h +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/tls_msvc.h +3 -3
- data/src/core/lib/gpr/tls_pthread.cc +1 -1
- data/{include/grpc/support → src/core/lib/gpr}/tls_pthread.h +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/useful.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/abstract.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/atomic.h +5 -5
- data/src/core/lib/{gpr++ → gprpp}/atomic_with_atm.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/atomic_with_std.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/debug_location.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/inlined_vector.h +44 -22
- data/src/core/lib/{gpr++ → gprpp}/manual_constructor.h +2 -2
- data/src/core/lib/{gpr++ → gprpp}/memory.h +14 -5
- data/src/core/lib/{gpr++ → gprpp}/orphanable.h +39 -14
- data/src/core/lib/{gpr++ → gprpp}/ref_counted.h +42 -10
- data/src/core/lib/{gpr++ → gprpp}/ref_counted_ptr.h +18 -8
- data/src/core/lib/http/format_request.cc +3 -3
- data/src/core/lib/http/httpcli.cc +6 -7
- data/src/core/lib/http/httpcli_security_connector.cc +10 -10
- data/src/core/lib/http/parser.cc +16 -12
- data/src/core/lib/iomgr/call_combiner.cc +12 -13
- data/src/core/lib/iomgr/closure.h +4 -6
- data/src/core/lib/iomgr/combiner.cc +10 -21
- data/src/core/lib/iomgr/error.cc +50 -55
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +41 -52
- data/src/core/lib/iomgr/ev_epollex_linux.cc +80 -28
- data/src/core/lib/iomgr/ev_epollsig_linux.cc +23 -30
- data/src/core/lib/iomgr/ev_poll_posix.cc +52 -46
- data/src/core/lib/iomgr/ev_posix.cc +47 -6
- data/src/core/lib/iomgr/exec_ctx.cc +10 -10
- data/src/core/lib/iomgr/exec_ctx.h +1 -1
- data/src/core/lib/iomgr/executor.cc +16 -13
- data/src/core/lib/iomgr/fork_posix.cc +1 -3
- data/src/core/lib/iomgr/gethostname_host_name_max.cc +1 -1
- data/src/core/lib/iomgr/iocp_windows.cc +1 -2
- data/src/core/lib/iomgr/iomgr.cc +2 -2
- data/src/core/lib/iomgr/iomgr_uv.cc +2 -0
- data/src/core/lib/iomgr/iomgr_uv.h +1 -1
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +5 -4
- data/src/core/lib/iomgr/load_file.cc +3 -3
- data/src/core/lib/iomgr/pollset_windows.cc +1 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +10 -9
- data/src/core/lib/iomgr/resolve_address_uv.cc +2 -2
- data/src/core/lib/iomgr/resolve_address_windows.cc +3 -2
- data/src/core/lib/iomgr/resource_quota.cc +36 -34
- data/src/core/lib/iomgr/sockaddr_utils.cc +39 -23
- data/src/core/lib/iomgr/socket_factory_posix.cc +5 -5
- data/src/core/lib/iomgr/socket_mutator.cc +7 -7
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +7 -4
- data/src/core/lib/iomgr/socket_utils_linux.cc +3 -2
- data/src/core/lib/iomgr/tcp_client_posix.cc +7 -6
- data/src/core/lib/iomgr/tcp_client_windows.cc +0 -1
- data/src/core/lib/iomgr/tcp_posix.cc +47 -55
- data/src/core/lib/iomgr/tcp_server_posix.cc +12 -10
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +7 -5
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +4 -3
- data/src/core/lib/iomgr/tcp_windows.cc +1 -1
- data/src/core/lib/iomgr/timer_generic.cc +16 -14
- data/src/core/lib/iomgr/timer_heap.cc +8 -7
- data/src/core/lib/iomgr/timer_manager.cc +4 -3
- data/src/core/lib/iomgr/udp_server.cc +24 -16
- data/src/core/lib/iomgr/unix_sockets_posix.cc +15 -10
- data/src/core/lib/iomgr/wakeup_fd_cv.cc +6 -5
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +1 -2
- data/src/core/lib/json/json.cc +1 -1
- data/src/core/lib/json/json_reader.cc +8 -6
- data/src/core/lib/json/json_string.cc +19 -18
- data/src/core/lib/json/json_writer.cc +10 -8
- data/src/core/lib/profiling/basic_timers.cc +1 -1
- data/src/core/lib/profiling/timers.h +3 -20
- data/src/core/lib/security/context/security_context.cc +16 -14
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +17 -14
- data/src/core/lib/security/credentials/credentials.cc +9 -8
- data/src/core/lib/security/credentials/credentials.h +1 -1
- data/src/core/lib/security/credentials/credentials_metadata.cc +2 -2
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +12 -13
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +7 -4
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +5 -3
- data/src/core/lib/security/credentials/jwt/json_token.cc +4 -3
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +7 -7
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +21 -18
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +23 -18
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +11 -7
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +22 -21
- data/src/core/lib/security/{transport → security_connector}/security_connector.cc +46 -43
- data/src/core/lib/security/{transport → security_connector}/security_connector.h +3 -3
- data/src/core/lib/security/transport/client_auth_filter.cc +32 -34
- data/src/core/lib/security/transport/lb_targets_info.cc +7 -5
- data/src/core/lib/security/transport/secure_endpoint.cc +21 -21
- data/src/core/lib/security/transport/security_handshaker.cc +19 -18
- data/src/core/lib/security/transport/security_handshaker.h +1 -1
- data/src/core/lib/security/transport/server_auth_filter.cc +21 -21
- data/src/core/lib/slice/b64.cc +19 -16
- data/src/core/lib/slice/percent_encoding.cc +5 -5
- data/src/core/lib/slice/slice.cc +35 -33
- data/src/core/lib/slice/slice_buffer.cc +16 -14
- data/src/core/lib/slice/slice_hash_table.cc +3 -2
- data/src/core/lib/slice/slice_intern.cc +21 -25
- data/src/core/lib/slice/slice_string_helpers.cc +45 -9
- data/src/core/lib/slice/slice_string_helpers.h +6 -0
- data/src/core/lib/surface/byte_buffer.cc +2 -2
- data/src/core/lib/surface/byte_buffer_reader.cc +6 -3
- data/src/core/lib/surface/call.cc +171 -260
- data/src/core/lib/surface/call_test_only.h +1 -13
- data/src/core/lib/surface/channel.cc +20 -43
- data/src/core/lib/surface/channel_init.cc +7 -7
- data/src/core/lib/surface/channel_ping.cc +2 -2
- data/src/core/lib/surface/completion_queue.cc +69 -75
- data/src/core/lib/surface/init.cc +4 -5
- data/src/core/lib/surface/init_secure.cc +1 -1
- data/src/core/lib/surface/lame_client.cc +1 -1
- data/src/core/lib/surface/server.cc +64 -59
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/bdp_estimator.cc +6 -5
- data/src/core/lib/transport/byte_stream.cc +23 -14
- data/src/core/lib/transport/byte_stream.h +1 -1
- data/src/core/lib/transport/connectivity_state.cc +9 -13
- data/src/core/lib/transport/error_utils.cc +10 -7
- data/src/core/lib/transport/metadata.cc +27 -26
- data/src/core/lib/transport/metadata.h +1 -1
- data/src/core/lib/transport/pid_controller.cc +2 -1
- data/src/core/lib/transport/service_config.cc +5 -5
- data/src/core/lib/transport/static_metadata.cc +225 -222
- data/src/core/lib/transport/static_metadata.h +77 -76
- data/src/core/lib/transport/timeout_encoding.cc +3 -2
- data/src/core/lib/transport/transport.cc +6 -5
- data/src/core/lib/transport/transport_op_string.cc +0 -1
- data/src/core/plugin_registry/grpc_plugin_registry.cc +4 -4
- data/src/core/tsi/alts_transport_security.cc +61 -0
- data/src/core/tsi/{gts_transport_security.h → alts_transport_security.h} +16 -8
- data/src/core/tsi/fake_transport_security.cc +59 -43
- data/src/core/tsi/ssl_transport_security.cc +122 -107
- data/src/core/tsi/transport_security.cc +3 -3
- data/src/core/tsi/transport_security_adapter.cc +16 -10
- data/src/ruby/bin/apis/pubsub_demo.rb +1 -1
- data/src/ruby/ext/grpc/rb_channel.c +3 -4
- data/src/ruby/ext/grpc/rb_compression_options.c +13 -3
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +4 -76
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +8 -120
- data/src/ruby/ext/grpc/rb_server.c +52 -28
- data/src/ruby/lib/grpc/generic/rpc_server.rb +7 -4
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/test/client.rb +1 -1
- data/src/ruby/pb/test/server.rb +1 -1
- data/src/ruby/spec/client_server_spec.rb +4 -2
- data/src/ruby/spec/generic/active_call_spec.rb +2 -1
- data/src/ruby/spec/generic/client_stub_spec.rb +32 -8
- data/src/ruby/spec/server_spec.rb +26 -7
- data/third_party/boringssl/crypto/asn1/a_bitstr.c +7 -2
- data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +15 -0
- data/third_party/boringssl/crypto/asn1/a_gentm.c +1 -1
- data/third_party/boringssl/crypto/asn1/a_print.c +0 -28
- data/third_party/boringssl/crypto/asn1/a_strnid.c +3 -0
- data/third_party/boringssl/crypto/asn1/a_time.c +17 -9
- data/third_party/boringssl/crypto/asn1/a_utctm.c +1 -1
- data/third_party/boringssl/crypto/asn1/asn1_lib.c +5 -49
- data/third_party/boringssl/crypto/asn1/asn1_locl.h +1 -1
- data/third_party/boringssl/crypto/asn1/tasn_dec.c +9 -9
- data/third_party/boringssl/crypto/asn1/tasn_enc.c +0 -6
- data/third_party/boringssl/crypto/asn1/time_support.c +5 -5
- data/third_party/boringssl/crypto/base64/base64.c +65 -43
- data/third_party/boringssl/crypto/bio/bio.c +134 -110
- data/third_party/boringssl/crypto/bio/bio_mem.c +9 -9
- data/third_party/boringssl/crypto/bio/connect.c +17 -17
- data/third_party/boringssl/crypto/bio/fd.c +2 -1
- data/third_party/boringssl/crypto/bio/file.c +14 -14
- data/third_party/boringssl/crypto/bio/hexdump.c +15 -16
- data/third_party/boringssl/crypto/bio/internal.h +14 -14
- data/third_party/boringssl/crypto/bio/pair.c +45 -45
- data/third_party/boringssl/crypto/bio/printf.c +6 -10
- data/third_party/boringssl/crypto/{bn → bn_extra}/bn_asn1.c +9 -9
- data/third_party/boringssl/crypto/{bn → bn_extra}/convert.c +18 -223
- data/third_party/boringssl/crypto/buf/buf.c +20 -44
- data/third_party/boringssl/crypto/bytestring/ber.c +35 -35
- data/third_party/boringssl/crypto/bytestring/cbb.c +24 -24
- data/third_party/boringssl/crypto/bytestring/cbs.c +33 -37
- data/third_party/boringssl/crypto/bytestring/internal.h +38 -38
- data/third_party/boringssl/crypto/chacha/chacha.c +7 -7
- data/third_party/boringssl/crypto/{asn1/t_bitst.c → cipher_extra/cipher_extra.c} +49 -38
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/derive_key.c +0 -2
- data/third_party/boringssl/crypto/cipher_extra/e_aesctrhmac.c +281 -0
- data/third_party/boringssl/crypto/cipher_extra/e_aesgcmsiv.c +867 -0
- data/third_party/boringssl/crypto/cipher_extra/e_chacha20poly1305.c +326 -0
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_null.c +0 -1
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_rc2.c +22 -10
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_rc4.c +0 -0
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_ssl3.c +120 -64
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_tls.c +220 -141
- data/third_party/boringssl/crypto/{asn1/x_bignum.c → cipher_extra/internal.h} +61 -86
- data/third_party/boringssl/crypto/cipher_extra/tls_cbc.c +482 -0
- data/third_party/boringssl/crypto/cmac/cmac.c +20 -20
- data/third_party/boringssl/crypto/conf/conf.c +32 -20
- data/third_party/boringssl/crypto/conf/internal.h +3 -3
- data/third_party/boringssl/crypto/cpu-aarch64-linux.c +5 -5
- data/third_party/boringssl/crypto/cpu-arm-linux.c +44 -41
- data/third_party/boringssl/crypto/cpu-intel.c +68 -43
- data/third_party/boringssl/crypto/cpu-ppc64le.c +5 -7
- data/third_party/boringssl/crypto/crypto.c +54 -32
- data/third_party/boringssl/crypto/curve25519/curve25519.c +269 -269
- data/third_party/boringssl/crypto/curve25519/internal.h +28 -8
- data/third_party/boringssl/crypto/curve25519/spake25519.c +180 -106
- data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +9 -9
- data/third_party/boringssl/crypto/dh/check.c +33 -34
- data/third_party/boringssl/crypto/dh/dh.c +72 -36
- data/third_party/boringssl/crypto/dh/dh_asn1.c +1 -1
- data/third_party/boringssl/crypto/dh/params.c +1 -161
- data/third_party/boringssl/crypto/digest_extra/digest_extra.c +240 -0
- data/third_party/boringssl/crypto/dsa/dsa.c +127 -87
- data/third_party/boringssl/crypto/dsa/dsa_asn1.c +1 -1
- data/third_party/boringssl/crypto/{ec → ec_extra}/ec_asn1.c +83 -70
- data/third_party/boringssl/crypto/ecdh/ecdh.c +1 -1
- data/third_party/boringssl/crypto/{ecdsa → ecdsa_extra}/ecdsa_asn1.c +86 -31
- data/third_party/boringssl/crypto/engine/engine.c +6 -6
- data/third_party/boringssl/crypto/err/err.c +197 -106
- data/third_party/boringssl/crypto/err/internal.h +58 -0
- data/third_party/boringssl/crypto/evp/digestsign.c +86 -14
- data/third_party/boringssl/crypto/evp/evp.c +6 -11
- data/third_party/boringssl/crypto/evp/evp_asn1.c +17 -17
- data/third_party/boringssl/crypto/evp/evp_ctx.c +15 -11
- data/third_party/boringssl/crypto/evp/internal.h +66 -51
- data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +11 -11
- data/third_party/boringssl/crypto/evp/p_ec.c +10 -8
- data/third_party/boringssl/crypto/evp/p_ec_asn1.c +11 -12
- data/third_party/boringssl/crypto/evp/p_ed25519.c +71 -0
- data/third_party/boringssl/crypto/evp/p_ed25519_asn1.c +190 -0
- data/third_party/boringssl/crypto/evp/p_rsa.c +50 -95
- data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +28 -18
- data/third_party/boringssl/crypto/evp/pbkdf.c +49 -56
- data/third_party/boringssl/crypto/evp/print.c +5 -36
- data/third_party/boringssl/crypto/evp/scrypt.c +209 -0
- data/third_party/boringssl/crypto/ex_data.c +15 -45
- data/third_party/boringssl/crypto/fipsmodule/aes/internal.h +100 -0
- data/third_party/boringssl/crypto/fipsmodule/bcm.c +679 -0
- data/third_party/boringssl/crypto/{bn → fipsmodule/bn}/internal.h +40 -27
- data/third_party/boringssl/crypto/{bn → fipsmodule/bn}/rsaz_exp.h +0 -0
- data/third_party/boringssl/crypto/{cipher → fipsmodule/cipher}/internal.h +34 -67
- data/third_party/boringssl/crypto/fipsmodule/delocate.h +88 -0
- data/third_party/boringssl/crypto/{des → fipsmodule/des}/internal.h +18 -4
- data/third_party/boringssl/crypto/{digest → fipsmodule/digest}/internal.h +18 -18
- data/third_party/boringssl/crypto/{digest → fipsmodule/digest}/md32_common.h +58 -64
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/internal.h +58 -52
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/p256-x86_64-table.h +11 -11
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/p256-x86_64.h +32 -32
- data/third_party/boringssl/crypto/{rand/internal.h → fipsmodule/is_fips.c} +10 -15
- data/third_party/boringssl/crypto/{modes → fipsmodule/modes}/internal.h +112 -119
- data/third_party/boringssl/crypto/fipsmodule/rand/internal.h +92 -0
- data/third_party/boringssl/crypto/{rsa → fipsmodule/rsa}/internal.h +36 -49
- data/third_party/boringssl/crypto/hkdf/hkdf.c +6 -6
- data/third_party/boringssl/crypto/internal.h +301 -233
- data/third_party/boringssl/crypto/lhash/lhash.c +26 -45
- data/third_party/boringssl/crypto/mem.c +76 -33
- data/third_party/boringssl/crypto/obj/obj.c +44 -28
- data/third_party/boringssl/crypto/obj/obj_dat.h +102 -34
- data/third_party/boringssl/crypto/obj/obj_xref.c +6 -6
- data/third_party/boringssl/crypto/pem/pem_info.c +3 -5
- data/third_party/boringssl/crypto/pem/pem_lib.c +1 -6
- data/third_party/boringssl/crypto/pem/pem_pk8.c +1 -0
- data/third_party/boringssl/crypto/pem/pem_pkey.c +1 -1
- data/third_party/boringssl/crypto/pem/pem_xaux.c +0 -2
- data/third_party/boringssl/crypto/pkcs7/internal.h +49 -0
- data/third_party/boringssl/crypto/pkcs7/pkcs7.c +166 -0
- data/third_party/boringssl/crypto/{x509/pkcs7.c → pkcs7/pkcs7_x509.c} +27 -147
- data/third_party/boringssl/crypto/pkcs8/internal.h +34 -16
- data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +120 -39
- data/third_party/boringssl/crypto/pkcs8/pkcs8.c +144 -857
- data/third_party/boringssl/crypto/pkcs8/pkcs8_x509.c +789 -0
- data/third_party/boringssl/crypto/poly1305/internal.h +4 -3
- data/third_party/boringssl/crypto/poly1305/poly1305.c +14 -14
- data/third_party/boringssl/crypto/poly1305/poly1305_arm.c +11 -11
- data/third_party/boringssl/crypto/poly1305/poly1305_vec.c +41 -41
- data/third_party/boringssl/crypto/pool/internal.h +2 -2
- data/third_party/boringssl/crypto/pool/pool.c +15 -15
- data/third_party/boringssl/crypto/{rand → rand_extra}/deterministic.c +7 -7
- data/third_party/boringssl/crypto/rand_extra/forkunsafe.c +46 -0
- data/third_party/boringssl/crypto/{rand → rand_extra}/fuchsia.c +7 -7
- data/third_party/boringssl/crypto/rand_extra/rand_extra.c +70 -0
- data/third_party/boringssl/crypto/{rand → rand_extra}/windows.c +5 -5
- data/third_party/boringssl/crypto/refcount_c11.c +2 -2
- data/third_party/boringssl/crypto/refcount_lock.c +1 -1
- data/third_party/boringssl/crypto/{rsa → rsa_extra}/rsa_asn1.c +12 -120
- data/third_party/boringssl/crypto/stack/stack.c +13 -13
- data/third_party/boringssl/crypto/thread_none.c +1 -1
- data/third_party/boringssl/crypto/thread_pthread.c +1 -1
- data/third_party/boringssl/crypto/thread_win.c +40 -40
- data/third_party/boringssl/crypto/x509/a_sign.c +5 -12
- data/third_party/boringssl/crypto/x509/a_verify.c +6 -18
- data/third_party/boringssl/crypto/x509/algorithm.c +22 -6
- data/third_party/boringssl/crypto/x509/asn1_gen.c +30 -7
- data/third_party/boringssl/crypto/x509/by_dir.c +2 -2
- data/third_party/boringssl/crypto/x509/by_file.c +2 -2
- data/third_party/boringssl/crypto/x509/rsa_pss.c +5 -5
- data/third_party/boringssl/crypto/x509/t_x509.c +2 -1
- data/third_party/boringssl/crypto/x509/x509_def.c +5 -0
- data/third_party/boringssl/crypto/x509/x509_lu.c +35 -4
- data/third_party/boringssl/crypto/x509/x509_set.c +10 -0
- data/third_party/boringssl/crypto/x509/x509_vfy.c +20 -17
- data/third_party/boringssl/crypto/x509/x_name.c +13 -16
- data/third_party/boringssl/crypto/x509/x_x509.c +3 -3
- data/third_party/boringssl/crypto/x509/x_x509a.c +0 -7
- data/third_party/boringssl/crypto/x509v3/ext_dat.h +8 -0
- data/third_party/boringssl/crypto/x509v3/pcy_int.h +2 -2
- data/third_party/boringssl/crypto/x509v3/pcy_lib.c +0 -9
- data/third_party/boringssl/crypto/x509v3/pcy_node.c +1 -1
- data/third_party/boringssl/crypto/x509v3/pcy_tree.c +25 -15
- data/third_party/boringssl/crypto/x509v3/v3_alt.c +21 -11
- data/third_party/boringssl/crypto/x509v3/v3_cpols.c +9 -3
- data/third_party/boringssl/crypto/x509v3/v3_info.c +22 -14
- data/third_party/boringssl/crypto/x509v3/v3_ncons.c +27 -11
- data/third_party/boringssl/crypto/x509v3/v3_pci.c +0 -33
- data/third_party/boringssl/crypto/x509v3/v3_utl.c +4 -4
- data/third_party/boringssl/include/openssl/aead.h +280 -191
- data/third_party/boringssl/include/openssl/aes.h +50 -50
- data/third_party/boringssl/include/openssl/arm_arch.h +12 -12
- data/third_party/boringssl/include/openssl/asn1.h +14 -77
- data/third_party/boringssl/include/openssl/asn1t.h +11 -15
- data/third_party/boringssl/include/openssl/base.h +78 -51
- data/third_party/boringssl/include/openssl/base64.h +68 -68
- data/third_party/boringssl/include/openssl/bio.h +472 -406
- data/third_party/boringssl/include/openssl/blowfish.h +1 -1
- data/third_party/boringssl/include/openssl/bn.h +454 -435
- data/third_party/boringssl/include/openssl/buf.h +27 -27
- data/third_party/boringssl/include/openssl/bytestring.h +282 -267
- data/third_party/boringssl/include/openssl/cast.h +2 -2
- data/third_party/boringssl/include/openssl/chacha.h +5 -5
- data/third_party/boringssl/include/openssl/cipher.h +209 -200
- data/third_party/boringssl/include/openssl/cmac.h +27 -27
- data/third_party/boringssl/include/openssl/conf.h +49 -46
- data/third_party/boringssl/include/openssl/cpu.h +60 -45
- data/third_party/boringssl/include/openssl/crypto.h +59 -35
- data/third_party/boringssl/include/openssl/curve25519.h +97 -92
- data/third_party/boringssl/include/openssl/des.h +25 -25
- data/third_party/boringssl/include/openssl/dh.h +98 -97
- data/third_party/boringssl/include/openssl/digest.h +143 -114
- data/third_party/boringssl/include/openssl/dsa.h +217 -202
- data/third_party/boringssl/include/openssl/ec.h +132 -131
- data/third_party/boringssl/include/openssl/ec_key.h +132 -128
- data/third_party/boringssl/include/openssl/ecdh.h +9 -9
- data/third_party/boringssl/include/openssl/ecdsa.h +66 -66
- data/third_party/boringssl/include/openssl/engine.h +38 -38
- data/third_party/boringssl/include/openssl/err.h +189 -219
- data/third_party/boringssl/include/openssl/evp.h +473 -397
- data/third_party/boringssl/include/openssl/ex_data.h +46 -56
- data/third_party/boringssl/include/openssl/hkdf.h +17 -17
- data/third_party/boringssl/include/openssl/hmac.h +55 -43
- data/third_party/boringssl/include/openssl/is_boringssl.h +16 -0
- data/third_party/boringssl/include/openssl/lhash.h +67 -67
- data/third_party/boringssl/include/openssl/lhash_macros.h +4 -4
- data/third_party/boringssl/include/openssl/md4.h +14 -14
- data/third_party/boringssl/include/openssl/md5.h +14 -14
- data/third_party/boringssl/include/openssl/mem.h +39 -33
- data/third_party/boringssl/include/openssl/nid.h +43 -0
- data/third_party/boringssl/include/openssl/obj.h +93 -87
- data/third_party/boringssl/include/openssl/opensslconf.h +8 -1
- data/third_party/boringssl/include/openssl/pem.h +2 -122
- data/third_party/boringssl/include/openssl/pkcs7.h +68 -2
- data/third_party/boringssl/include/openssl/pkcs8.h +81 -66
- data/third_party/boringssl/include/openssl/poly1305.h +11 -11
- data/third_party/boringssl/include/openssl/pool.h +29 -25
- data/third_party/boringssl/include/openssl/rand.h +48 -45
- data/third_party/boringssl/include/openssl/rc4.h +9 -9
- data/third_party/boringssl/include/openssl/ripemd.h +13 -13
- data/third_party/boringssl/include/openssl/rsa.h +371 -340
- data/third_party/boringssl/include/openssl/sha.h +71 -71
- data/third_party/boringssl/include/openssl/span.h +191 -0
- data/third_party/boringssl/include/openssl/ssl.h +2639 -2519
- data/third_party/boringssl/include/openssl/ssl3.h +39 -122
- data/third_party/boringssl/include/openssl/stack.h +355 -164
- data/third_party/boringssl/include/openssl/thread.h +43 -43
- data/third_party/boringssl/include/openssl/tls1.h +60 -63
- data/third_party/boringssl/include/openssl/type_check.h +10 -14
- data/third_party/boringssl/include/openssl/x509.h +41 -116
- data/third_party/boringssl/include/openssl/x509_vfy.h +17 -25
- data/third_party/boringssl/include/openssl/x509v3.h +27 -21
- data/third_party/boringssl/ssl/{bio_ssl.c → bio_ssl.cc} +9 -5
- data/third_party/boringssl/ssl/{custom_extensions.c → custom_extensions.cc} +19 -12
- data/third_party/boringssl/ssl/{d1_both.c → d1_both.cc} +224 -193
- data/third_party/boringssl/ssl/{d1_lib.c → d1_lib.cc} +86 -79
- data/third_party/boringssl/ssl/{d1_pkt.c → d1_pkt.cc} +55 -87
- data/third_party/boringssl/ssl/{d1_srtp.c → d1_srtp.cc} +12 -16
- data/third_party/boringssl/ssl/{dtls_method.c → dtls_method.cc} +33 -50
- data/third_party/boringssl/ssl/{dtls_record.c → dtls_record.cc} +76 -64
- data/third_party/boringssl/ssl/handshake.cc +547 -0
- data/third_party/boringssl/ssl/handshake_client.cc +1828 -0
- data/third_party/boringssl/ssl/handshake_server.cc +1672 -0
- data/third_party/boringssl/ssl/internal.h +2027 -1280
- data/third_party/boringssl/ssl/s3_both.cc +603 -0
- data/third_party/boringssl/ssl/{s3_lib.c → s3_lib.cc} +22 -10
- data/third_party/boringssl/ssl/{s3_pkt.c → s3_pkt.cc} +171 -75
- data/third_party/boringssl/ssl/ssl_aead_ctx.cc +415 -0
- data/third_party/boringssl/ssl/{ssl_asn1.c → ssl_asn1.cc} +257 -261
- data/third_party/boringssl/ssl/{ssl_buffer.c → ssl_buffer.cc} +81 -97
- data/third_party/boringssl/ssl/{ssl_cert.c → ssl_cert.cc} +304 -414
- data/third_party/boringssl/ssl/{ssl_cipher.c → ssl_cipher.cc} +427 -505
- data/third_party/boringssl/ssl/{ssl_file.c → ssl_file.cc} +24 -16
- data/third_party/boringssl/ssl/ssl_key_share.cc +245 -0
- data/third_party/boringssl/ssl/{ssl_lib.c → ssl_lib.cc} +665 -828
- data/third_party/boringssl/ssl/ssl_privkey.cc +518 -0
- data/third_party/boringssl/ssl/{ssl_session.c → ssl_session.cc} +596 -471
- data/third_party/boringssl/ssl/{ssl_stat.c → ssl_stat.cc} +5 -224
- data/third_party/boringssl/ssl/{ssl_transcript.c → ssl_transcript.cc} +117 -140
- data/third_party/boringssl/ssl/ssl_versions.cc +439 -0
- data/third_party/boringssl/ssl/{ssl_x509.c → ssl_x509.cc} +751 -267
- data/third_party/boringssl/ssl/{t1_enc.c → t1_enc.cc} +120 -161
- data/third_party/boringssl/ssl/{t1_lib.c → t1_lib.cc} +859 -966
- data/third_party/boringssl/ssl/{tls13_both.c → tls13_both.cc} +202 -284
- data/third_party/boringssl/ssl/tls13_client.cc +842 -0
- data/third_party/boringssl/ssl/{tls13_enc.c → tls13_enc.cc} +108 -90
- data/third_party/boringssl/ssl/tls13_server.cc +967 -0
- data/third_party/boringssl/ssl/{tls_method.c → tls_method.cc} +94 -73
- data/third_party/boringssl/ssl/tls_record.cc +675 -0
- metadata +117 -168
- data/include/grpc/support/cmdline.h +0 -88
- data/include/grpc/support/subprocess.h +0 -44
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +0 -29
- data/src/core/ext/filters/client_channel/resolver_factory.cc +0 -40
- data/src/core/lib/gpr/cmdline.cc +0 -330
- data/src/core/lib/gpr/subprocess_posix.cc +0 -99
- data/src/core/lib/gpr/subprocess_windows.cc +0 -126
- data/src/core/lib/surface/alarm.cc +0 -137
- data/src/core/lib/surface/alarm_internal.h +0 -40
- data/src/core/tsi/gts_transport_security.cc +0 -40
- data/third_party/boringssl/crypto/aes/aes.c +0 -1142
- data/third_party/boringssl/crypto/aes/internal.h +0 -87
- data/third_party/boringssl/crypto/aes/key_wrap.c +0 -138
- data/third_party/boringssl/crypto/aes/mode_wrappers.c +0 -112
- data/third_party/boringssl/crypto/asn1/x_long.c +0 -200
- data/third_party/boringssl/crypto/bn/add.c +0 -377
- data/third_party/boringssl/crypto/bn/asm/x86_64-gcc.c +0 -532
- data/third_party/boringssl/crypto/bn/bn.c +0 -365
- data/third_party/boringssl/crypto/bn/cmp.c +0 -239
- data/third_party/boringssl/crypto/bn/ctx.c +0 -313
- data/third_party/boringssl/crypto/bn/div.c +0 -728
- data/third_party/boringssl/crypto/bn/exponentiation.c +0 -1240
- data/third_party/boringssl/crypto/bn/gcd.c +0 -635
- data/third_party/boringssl/crypto/bn/generic.c +0 -707
- data/third_party/boringssl/crypto/bn/kronecker.c +0 -176
- data/third_party/boringssl/crypto/bn/montgomery.c +0 -409
- data/third_party/boringssl/crypto/bn/montgomery_inv.c +0 -207
- data/third_party/boringssl/crypto/bn/mul.c +0 -871
- data/third_party/boringssl/crypto/bn/prime.c +0 -861
- data/third_party/boringssl/crypto/bn/random.c +0 -343
- data/third_party/boringssl/crypto/bn/rsaz_exp.c +0 -254
- data/third_party/boringssl/crypto/bn/shift.c +0 -307
- data/third_party/boringssl/crypto/bn/sqrt.c +0 -506
- data/third_party/boringssl/crypto/cipher/aead.c +0 -156
- data/third_party/boringssl/crypto/cipher/cipher.c +0 -657
- data/third_party/boringssl/crypto/cipher/e_aes.c +0 -1771
- data/third_party/boringssl/crypto/cipher/e_chacha20poly1305.c +0 -276
- data/third_party/boringssl/crypto/cipher/e_des.c +0 -205
- data/third_party/boringssl/crypto/cipher/tls_cbc.c +0 -482
- data/third_party/boringssl/crypto/des/des.c +0 -771
- data/third_party/boringssl/crypto/digest/digest.c +0 -251
- data/third_party/boringssl/crypto/digest/digests.c +0 -358
- data/third_party/boringssl/crypto/ec/ec.c +0 -847
- data/third_party/boringssl/crypto/ec/ec_key.c +0 -479
- data/third_party/boringssl/crypto/ec/ec_montgomery.c +0 -303
- data/third_party/boringssl/crypto/ec/oct.c +0 -416
- data/third_party/boringssl/crypto/ec/p224-64.c +0 -1143
- data/third_party/boringssl/crypto/ec/p256-64.c +0 -1701
- data/third_party/boringssl/crypto/ec/p256-x86_64.c +0 -561
- data/third_party/boringssl/crypto/ec/simple.c +0 -1118
- data/third_party/boringssl/crypto/ec/util-64.c +0 -109
- data/third_party/boringssl/crypto/ec/wnaf.c +0 -458
- data/third_party/boringssl/crypto/ecdsa/ecdsa.c +0 -479
- data/third_party/boringssl/crypto/hmac/hmac.c +0 -215
- data/third_party/boringssl/crypto/md4/md4.c +0 -236
- data/third_party/boringssl/crypto/md5/md5.c +0 -285
- data/third_party/boringssl/crypto/modes/cbc.c +0 -212
- data/third_party/boringssl/crypto/modes/cfb.c +0 -230
- data/third_party/boringssl/crypto/modes/ctr.c +0 -219
- data/third_party/boringssl/crypto/modes/gcm.c +0 -1071
- data/third_party/boringssl/crypto/modes/ofb.c +0 -95
- data/third_party/boringssl/crypto/modes/polyval.c +0 -94
- data/third_party/boringssl/crypto/pkcs8/p8_pkey.c +0 -85
- data/third_party/boringssl/crypto/rand/rand.c +0 -244
- data/third_party/boringssl/crypto/rand/urandom.c +0 -335
- data/third_party/boringssl/crypto/rsa/blinding.c +0 -265
- data/third_party/boringssl/crypto/rsa/padding.c +0 -708
- data/third_party/boringssl/crypto/rsa/rsa.c +0 -830
- data/third_party/boringssl/crypto/rsa/rsa_impl.c +0 -1100
- data/third_party/boringssl/crypto/sha/sha1-altivec.c +0 -346
- data/third_party/boringssl/crypto/sha/sha1.c +0 -355
- data/third_party/boringssl/crypto/sha/sha256.c +0 -329
- data/third_party/boringssl/crypto/sha/sha512.c +0 -609
- data/third_party/boringssl/crypto/x509/x509type.c +0 -126
- data/third_party/boringssl/include/openssl/stack_macros.h +0 -3987
- data/third_party/boringssl/ssl/handshake_client.c +0 -1883
- data/third_party/boringssl/ssl/handshake_server.c +0 -1950
- data/third_party/boringssl/ssl/s3_both.c +0 -895
- data/third_party/boringssl/ssl/ssl_aead_ctx.c +0 -335
- data/third_party/boringssl/ssl/ssl_ecdh.c +0 -465
- data/third_party/boringssl/ssl/ssl_privkey.c +0 -683
- data/third_party/boringssl/ssl/ssl_privkey_cc.cc +0 -76
- data/third_party/boringssl/ssl/tls13_client.c +0 -712
- data/third_party/boringssl/ssl/tls13_server.c +0 -680
- data/third_party/boringssl/ssl/tls_record.c +0 -556
@@ -59,19 +59,19 @@
|
|
59
59
|
|
60
60
|
#include <openssl/base.h>
|
61
61
|
|
62
|
+
#include <openssl/bn.h>
|
63
|
+
|
62
64
|
|
63
65
|
#if defined(__cplusplus)
|
64
66
|
extern "C" {
|
65
67
|
#endif
|
66
68
|
|
67
69
|
|
68
|
-
|
70
|
+
// Default implementations of RSA operations.
|
69
71
|
|
70
|
-
|
72
|
+
const RSA_METHOD *RSA_default_method(void);
|
71
73
|
|
72
74
|
size_t rsa_default_size(const RSA *rsa);
|
73
|
-
int rsa_default_encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
|
74
|
-
const uint8_t *in, size_t in_len, int padding);
|
75
75
|
int rsa_default_sign_raw(RSA *rsa, size_t *out_len, uint8_t *out,
|
76
76
|
size_t max_out, const uint8_t *in, size_t in_len,
|
77
77
|
int padding);
|
@@ -79,12 +79,6 @@ int rsa_default_decrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
|
|
79
79
|
const uint8_t *in, size_t in_len, int padding);
|
80
80
|
int rsa_default_private_transform(RSA *rsa, uint8_t *out, const uint8_t *in,
|
81
81
|
size_t len);
|
82
|
-
int rsa_default_multi_prime_keygen(RSA *rsa, int bits, int num_primes,
|
83
|
-
BIGNUM *e_value, BN_GENCB *cb);
|
84
|
-
int rsa_default_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb);
|
85
|
-
|
86
|
-
|
87
|
-
#define RSA_PKCS1_PADDING_SIZE 11
|
88
82
|
|
89
83
|
|
90
84
|
BN_BLINDING *BN_BLINDING_new(void);
|
@@ -95,54 +89,47 @@ int BN_BLINDING_invert(BIGNUM *n, const BN_BLINDING *b, BN_MONT_CTX *mont_ctx,
|
|
95
89
|
BN_CTX *ctx);
|
96
90
|
|
97
91
|
|
98
|
-
int RSA_padding_add_PKCS1_type_1(uint8_t *to,
|
99
|
-
const uint8_t *from,
|
100
|
-
int RSA_padding_check_PKCS1_type_1(uint8_t *
|
101
|
-
const uint8_t *from,
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
const
|
112
|
-
const
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
* |private_transform| in |rsa_meth_st|. */
|
92
|
+
int RSA_padding_add_PKCS1_type_1(uint8_t *to, size_t to_len,
|
93
|
+
const uint8_t *from, size_t from_len);
|
94
|
+
int RSA_padding_check_PKCS1_type_1(uint8_t *out, size_t *out_len,
|
95
|
+
size_t max_out, const uint8_t *from,
|
96
|
+
size_t from_len);
|
97
|
+
int RSA_padding_add_PKCS1_type_2(uint8_t *to, size_t to_len,
|
98
|
+
const uint8_t *from, size_t from_len);
|
99
|
+
int RSA_padding_check_PKCS1_type_2(uint8_t *out, size_t *out_len,
|
100
|
+
size_t max_out, const uint8_t *from,
|
101
|
+
size_t from_len);
|
102
|
+
int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *out, size_t *out_len,
|
103
|
+
size_t max_out, const uint8_t *from,
|
104
|
+
size_t from_len, const uint8_t *param,
|
105
|
+
size_t param_len, const EVP_MD *md,
|
106
|
+
const EVP_MD *mgf1md);
|
107
|
+
int RSA_padding_add_none(uint8_t *to, size_t to_len, const uint8_t *from,
|
108
|
+
size_t from_len);
|
109
|
+
|
110
|
+
// RSA_private_transform calls either the method-specific |private_transform|
|
111
|
+
// function (if given) or the generic one. See the comment for
|
112
|
+
// |private_transform| in |rsa_meth_st|.
|
120
113
|
int RSA_private_transform(RSA *rsa, uint8_t *out, const uint8_t *in,
|
121
114
|
size_t len);
|
122
115
|
|
123
116
|
|
124
|
-
|
125
|
-
* in a multi-prime RSA key. */
|
126
|
-
typedef struct RSA_additional_prime_st {
|
127
|
-
BIGNUM *prime;
|
128
|
-
/* exp is d^{prime-1} mod prime */
|
129
|
-
BIGNUM *exp;
|
130
|
-
/* coeff is such that r×coeff ≡ 1 mod prime. */
|
131
|
-
BIGNUM *coeff;
|
117
|
+
// The following utility functions are exported for test purposes.
|
132
118
|
|
133
|
-
|
119
|
+
extern const BN_ULONG kBoringSSLRSASqrtTwo[];
|
120
|
+
extern const size_t kBoringSSLRSASqrtTwoLen;
|
134
121
|
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
BN_MONT_CTX *mont;
|
139
|
-
} RSA_additional_prime;
|
122
|
+
// rsa_less_than_words returns one if |a| < |b| and zero otherwise, where |a|
|
123
|
+
// and |b| both are |len| words long. It runs in constant time.
|
124
|
+
int rsa_less_than_words(const BN_ULONG *a, const BN_ULONG *b, size_t len);
|
140
125
|
|
141
|
-
|
126
|
+
// rsa_greater_than_pow2 returns one if |b| is greater than 2^|n| and zero
|
127
|
+
// otherwise.
|
128
|
+
int rsa_greater_than_pow2(const BIGNUM *b, int n);
|
142
129
|
|
143
130
|
|
144
131
|
#if defined(__cplusplus)
|
145
|
-
}
|
132
|
+
} // extern C
|
146
133
|
#endif
|
147
134
|
|
148
|
-
#endif
|
135
|
+
#endif // OPENSSL_HEADER_RSA_INTERNAL_H
|
@@ -26,7 +26,7 @@
|
|
26
26
|
int HKDF(uint8_t *out_key, size_t out_len, const EVP_MD *digest,
|
27
27
|
const uint8_t *secret, size_t secret_len, const uint8_t *salt,
|
28
28
|
size_t salt_len, const uint8_t *info, size_t info_len) {
|
29
|
-
|
29
|
+
// https://tools.ietf.org/html/rfc5869#section-2
|
30
30
|
uint8_t prk[EVP_MAX_MD_SIZE];
|
31
31
|
size_t prk_len;
|
32
32
|
|
@@ -42,10 +42,10 @@ int HKDF(uint8_t *out_key, size_t out_len, const EVP_MD *digest,
|
|
42
42
|
int HKDF_extract(uint8_t *out_key, size_t *out_len, const EVP_MD *digest,
|
43
43
|
const uint8_t *secret, size_t secret_len, const uint8_t *salt,
|
44
44
|
size_t salt_len) {
|
45
|
-
|
45
|
+
// https://tools.ietf.org/html/rfc5869#section-2.2
|
46
46
|
|
47
|
-
|
48
|
-
|
47
|
+
// If salt is not given, HashLength zeros are used. However, HMAC does that
|
48
|
+
// internally already so we can ignore it.
|
49
49
|
unsigned len;
|
50
50
|
if (HMAC(digest, salt, salt_len, secret, secret_len, out_key, &len) == NULL) {
|
51
51
|
OPENSSL_PUT_ERROR(HKDF, ERR_R_HMAC_LIB);
|
@@ -59,7 +59,7 @@ int HKDF_extract(uint8_t *out_key, size_t *out_len, const EVP_MD *digest,
|
|
59
59
|
int HKDF_expand(uint8_t *out_key, size_t out_len, const EVP_MD *digest,
|
60
60
|
const uint8_t *prk, size_t prk_len, const uint8_t *info,
|
61
61
|
size_t info_len) {
|
62
|
-
|
62
|
+
// https://tools.ietf.org/html/rfc5869#section-2.3
|
63
63
|
const size_t digest_len = EVP_MD_size(digest);
|
64
64
|
uint8_t previous[EVP_MAX_MD_SIZE];
|
65
65
|
size_t n, done = 0;
|
@@ -67,7 +67,7 @@ int HKDF_expand(uint8_t *out_key, size_t out_len, const EVP_MD *digest,
|
|
67
67
|
int ret = 0;
|
68
68
|
HMAC_CTX hmac;
|
69
69
|
|
70
|
-
|
70
|
+
// Expand key material to desired length.
|
71
71
|
n = (out_len + digest_len - 1) / digest_len;
|
72
72
|
if (out_len + digest_len < out_len || n > 255) {
|
73
73
|
OPENSSL_PUT_ERROR(HKDF, HKDF_R_OUTPUT_TOO_LARGE);
|
@@ -110,18 +110,20 @@
|
|
110
110
|
#define OPENSSL_HEADER_CRYPTO_INTERNAL_H
|
111
111
|
|
112
112
|
#include <openssl/ex_data.h>
|
113
|
+
#include <openssl/stack.h>
|
113
114
|
#include <openssl/thread.h>
|
114
115
|
|
116
|
+
#include <assert.h>
|
115
117
|
#include <string.h>
|
116
118
|
|
119
|
+
#if !defined(__cplusplus)
|
117
120
|
#if defined(_MSC_VER)
|
118
|
-
#if !defined(__cplusplus) || _MSC_VER < 1900
|
119
121
|
#define alignas(x) __declspec(align(x))
|
120
122
|
#define alignof __alignof
|
121
|
-
#endif
|
122
123
|
#else
|
123
124
|
#include <stdalign.h>
|
124
125
|
#endif
|
126
|
+
#endif
|
125
127
|
|
126
128
|
#if !defined(OPENSSL_NO_THREADS) && \
|
127
129
|
(!defined(OPENSSL_WINDOWS) || defined(__MINGW32__))
|
@@ -144,7 +146,7 @@ extern "C" {
|
|
144
146
|
|
145
147
|
#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || defined(OPENSSL_ARM) || \
|
146
148
|
defined(OPENSSL_AARCH64) || defined(OPENSSL_PPC64LE)
|
147
|
-
|
149
|
+
// OPENSSL_cpuid_setup initializes the platform-specific feature cache.
|
148
150
|
void OPENSSL_cpuid_setup(void);
|
149
151
|
#endif
|
150
152
|
|
@@ -156,160 +158,190 @@ typedef __uint128_t uint128_t;
|
|
156
158
|
|
157
159
|
#define OPENSSL_ARRAY_SIZE(array) (sizeof(array) / sizeof((array)[0]))
|
158
160
|
|
159
|
-
|
161
|
+
// buffers_alias returns one if |a| and |b| alias and zero otherwise.
|
160
162
|
static inline int buffers_alias(const uint8_t *a, size_t a_len,
|
161
163
|
const uint8_t *b, size_t b_len) {
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
164
|
+
// Cast |a| and |b| to integers. In C, pointer comparisons between unrelated
|
165
|
+
// objects are undefined whereas pointer to integer conversions are merely
|
166
|
+
// implementation-defined. We assume the implementation defined it in a sane
|
167
|
+
// way.
|
166
168
|
uintptr_t a_u = (uintptr_t)a;
|
167
169
|
uintptr_t b_u = (uintptr_t)b;
|
168
170
|
return a_u + a_len > b_u && b_u + b_len > a_u;
|
169
171
|
}
|
170
172
|
|
171
173
|
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
-
|
177
|
-
|
178
|
-
|
179
|
-
|
180
|
-
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
|
174
|
+
// Constant-time utility functions.
|
175
|
+
//
|
176
|
+
// The following methods return a bitmask of all ones (0xff...f) for true and 0
|
177
|
+
// for false. This is useful for choosing a value based on the result of a
|
178
|
+
// conditional in constant time. For example,
|
179
|
+
//
|
180
|
+
// if (a < b) {
|
181
|
+
// c = a;
|
182
|
+
// } else {
|
183
|
+
// c = b;
|
184
|
+
// }
|
185
|
+
//
|
186
|
+
// can be written as
|
187
|
+
//
|
188
|
+
// crypto_word_t lt = constant_time_lt_w(a, b);
|
189
|
+
// c = constant_time_select_w(lt, a, b);
|
190
|
+
|
191
|
+
// crypto_word_t is the type that most constant-time functions use. Ideally we
|
192
|
+
// would like it to be |size_t|, but NaCl builds in 64-bit mode with 32-bit
|
193
|
+
// pointers, which means that |size_t| can be 32 bits when |BN_ULONG| is 64
|
194
|
+
// bits. Since we want to be able to do constant-time operations on a
|
195
|
+
// |BN_ULONG|, |crypto_word_t| is defined as an unsigned value with the native
|
196
|
+
// word length.
|
197
|
+
#if defined(OPENSSL_64_BIT)
|
198
|
+
typedef uint64_t crypto_word_t;
|
199
|
+
#elif defined(OPENSSL_32_BIT)
|
200
|
+
typedef uint32_t crypto_word_t;
|
201
|
+
#else
|
202
|
+
#error "Must define either OPENSSL_32_BIT or OPENSSL_64_BIT"
|
203
|
+
#endif
|
204
|
+
|
205
|
+
#define CONSTTIME_TRUE_W ~((crypto_word_t)0)
|
206
|
+
#define CONSTTIME_FALSE_W ((crypto_word_t)0)
|
207
|
+
#define CONSTTIME_TRUE_8 ((uint8_t)0xff)
|
188
208
|
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
209
|
+
#define CONSTTIME_TRUE_W ~((crypto_word_t)0)
|
210
|
+
#define CONSTTIME_FALSE_W ((crypto_word_t)0)
|
211
|
+
#define CONSTTIME_TRUE_8 ((uint8_t)0xff)
|
212
|
+
#define CONSTTIME_FALSE_8 ((uint8_t)0)
|
213
|
+
|
214
|
+
// constant_time_msb_w returns the given value with the MSB copied to all the
|
215
|
+
// other bits.
|
216
|
+
static inline crypto_word_t constant_time_msb_w(crypto_word_t a) {
|
217
|
+
return 0u - (a >> (sizeof(a) * 8 - 1));
|
193
218
|
}
|
194
219
|
|
195
|
-
|
196
|
-
static inline
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
|
201
|
-
|
202
|
-
|
203
|
-
|
204
|
-
|
205
|
-
|
206
|
-
|
207
|
-
|
208
|
-
|
209
|
-
|
210
|
-
|
211
|
-
|
212
|
-
|
213
|
-
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
return
|
220
|
+
// constant_time_lt_w returns 0xff..f if a < b and 0 otherwise.
|
221
|
+
static inline crypto_word_t constant_time_lt_w(crypto_word_t a,
|
222
|
+
crypto_word_t b) {
|
223
|
+
// Consider the two cases of the problem:
|
224
|
+
// msb(a) == msb(b): a < b iff the MSB of a - b is set.
|
225
|
+
// msb(a) != msb(b): a < b iff the MSB of b is set.
|
226
|
+
//
|
227
|
+
// If msb(a) == msb(b) then the following evaluates as:
|
228
|
+
// msb(a^((a^b)|((a-b)^a))) ==
|
229
|
+
// msb(a^((a-b) ^ a)) == (because msb(a^b) == 0)
|
230
|
+
// msb(a^a^(a-b)) == (rearranging)
|
231
|
+
// msb(a-b) (because ∀x. x^x == 0)
|
232
|
+
//
|
233
|
+
// Else, if msb(a) != msb(b) then the following evaluates as:
|
234
|
+
// msb(a^((a^b)|((a-b)^a))) ==
|
235
|
+
// msb(a^(𝟙 | ((a-b)^a))) == (because msb(a^b) == 1 and 𝟙
|
236
|
+
// represents a value s.t. msb(𝟙) = 1)
|
237
|
+
// msb(a^𝟙) == (because ORing with 1 results in 1)
|
238
|
+
// msb(b)
|
239
|
+
//
|
240
|
+
//
|
241
|
+
// Here is an SMT-LIB verification of this formula:
|
242
|
+
//
|
243
|
+
// (define-fun lt ((a (_ BitVec 32)) (b (_ BitVec 32))) (_ BitVec 32)
|
244
|
+
// (bvxor a (bvor (bvxor a b) (bvxor (bvsub a b) a)))
|
245
|
+
// )
|
246
|
+
//
|
247
|
+
// (declare-fun a () (_ BitVec 32))
|
248
|
+
// (declare-fun b () (_ BitVec 32))
|
249
|
+
//
|
250
|
+
// (assert (not (= (= #x00000001 (bvlshr (lt a b) #x0000001f)) (bvult a b))))
|
251
|
+
// (check-sat)
|
252
|
+
// (get-model)
|
253
|
+
return constant_time_msb_w(a^((a^b)|((a-b)^a)));
|
229
254
|
}
|
230
255
|
|
231
|
-
|
232
|
-
|
233
|
-
|
256
|
+
// constant_time_lt_8 acts like |constant_time_lt_w| but returns an 8-bit
|
257
|
+
// mask.
|
258
|
+
static inline uint8_t constant_time_lt_8(crypto_word_t a, crypto_word_t b) {
|
259
|
+
return (uint8_t)(constant_time_lt_w(a, b));
|
234
260
|
}
|
235
261
|
|
236
|
-
|
237
|
-
static inline
|
238
|
-
|
262
|
+
// constant_time_ge_w returns 0xff..f if a >= b and 0 otherwise.
|
263
|
+
static inline crypto_word_t constant_time_ge_w(crypto_word_t a,
|
264
|
+
crypto_word_t b) {
|
265
|
+
return ~constant_time_lt_w(a, b);
|
239
266
|
}
|
240
267
|
|
241
|
-
|
242
|
-
|
243
|
-
|
268
|
+
// constant_time_ge_8 acts like |constant_time_ge_w| but returns an 8-bit
|
269
|
+
// mask.
|
270
|
+
static inline uint8_t constant_time_ge_8(crypto_word_t a, crypto_word_t b) {
|
271
|
+
return (uint8_t)(constant_time_ge_w(a, b));
|
244
272
|
}
|
245
273
|
|
246
|
-
|
247
|
-
static inline
|
248
|
-
|
249
|
-
|
250
|
-
|
251
|
-
|
252
|
-
|
253
|
-
|
254
|
-
|
255
|
-
|
256
|
-
|
257
|
-
|
258
|
-
|
259
|
-
|
260
|
-
return constant_time_msb(~a & (a - 1));
|
274
|
+
// constant_time_is_zero returns 0xff..f if a == 0 and 0 otherwise.
|
275
|
+
static inline crypto_word_t constant_time_is_zero_w(crypto_word_t a) {
|
276
|
+
// Here is an SMT-LIB verification of this formula:
|
277
|
+
//
|
278
|
+
// (define-fun is_zero ((a (_ BitVec 32))) (_ BitVec 32)
|
279
|
+
// (bvand (bvnot a) (bvsub a #x00000001))
|
280
|
+
// )
|
281
|
+
//
|
282
|
+
// (declare-fun a () (_ BitVec 32))
|
283
|
+
//
|
284
|
+
// (assert (not (= (= #x00000001 (bvlshr (is_zero a) #x0000001f)) (= a #x00000000))))
|
285
|
+
// (check-sat)
|
286
|
+
// (get-model)
|
287
|
+
return constant_time_msb_w(~a & (a - 1));
|
261
288
|
}
|
262
289
|
|
263
|
-
|
264
|
-
|
265
|
-
static inline uint8_t constant_time_is_zero_8(
|
266
|
-
return (uint8_t)(
|
290
|
+
// constant_time_is_zero_8 acts like |constant_time_is_zero_w| but returns an
|
291
|
+
// 8-bit mask.
|
292
|
+
static inline uint8_t constant_time_is_zero_8(crypto_word_t a) {
|
293
|
+
return (uint8_t)(constant_time_is_zero_w(a));
|
267
294
|
}
|
268
295
|
|
269
|
-
|
270
|
-
static inline
|
271
|
-
|
296
|
+
// constant_time_eq_w returns 0xff..f if a == b and 0 otherwise.
|
297
|
+
static inline crypto_word_t constant_time_eq_w(crypto_word_t a,
|
298
|
+
crypto_word_t b) {
|
299
|
+
return constant_time_is_zero_w(a ^ b);
|
272
300
|
}
|
273
301
|
|
274
|
-
|
275
|
-
|
276
|
-
|
302
|
+
// constant_time_eq_8 acts like |constant_time_eq_w| but returns an 8-bit
|
303
|
+
// mask.
|
304
|
+
static inline uint8_t constant_time_eq_8(crypto_word_t a, crypto_word_t b) {
|
305
|
+
return (uint8_t)(constant_time_eq_w(a, b));
|
277
306
|
}
|
278
307
|
|
279
|
-
|
280
|
-
|
281
|
-
|
308
|
+
// constant_time_eq_int acts like |constant_time_eq_w| but works on int
|
309
|
+
// values.
|
310
|
+
static inline crypto_word_t constant_time_eq_int(int a, int b) {
|
311
|
+
return constant_time_eq_w((crypto_word_t)(a), (crypto_word_t)(b));
|
282
312
|
}
|
283
313
|
|
284
|
-
|
285
|
-
|
314
|
+
// constant_time_eq_int_8 acts like |constant_time_eq_int| but returns an 8-bit
|
315
|
+
// mask.
|
286
316
|
static inline uint8_t constant_time_eq_int_8(int a, int b) {
|
287
|
-
return constant_time_eq_8((
|
317
|
+
return constant_time_eq_8((crypto_word_t)(a), (crypto_word_t)(b));
|
288
318
|
}
|
289
319
|
|
290
|
-
|
291
|
-
|
292
|
-
|
293
|
-
static inline
|
294
|
-
|
320
|
+
// constant_time_select_w returns (mask & a) | (~mask & b). When |mask| is all
|
321
|
+
// 1s or all 0s (as returned by the methods above), the select methods return
|
322
|
+
// either |a| (if |mask| is nonzero) or |b| (if |mask| is zero).
|
323
|
+
static inline crypto_word_t constant_time_select_w(crypto_word_t mask,
|
324
|
+
crypto_word_t a,
|
325
|
+
crypto_word_t b) {
|
295
326
|
return (mask & a) | (~mask & b);
|
296
327
|
}
|
297
328
|
|
298
|
-
|
299
|
-
|
329
|
+
// constant_time_select_8 acts like |constant_time_select| but operates on
|
330
|
+
// 8-bit values.
|
300
331
|
static inline uint8_t constant_time_select_8(uint8_t mask, uint8_t a,
|
301
332
|
uint8_t b) {
|
302
|
-
return (uint8_t)(
|
333
|
+
return (uint8_t)(constant_time_select_w(mask, a, b));
|
303
334
|
}
|
304
335
|
|
305
|
-
|
306
|
-
|
307
|
-
static inline int constant_time_select_int(
|
308
|
-
return (int)(
|
336
|
+
// constant_time_select_int acts like |constant_time_select| but operates on
|
337
|
+
// ints.
|
338
|
+
static inline int constant_time_select_int(crypto_word_t mask, int a, int b) {
|
339
|
+
return (int)(constant_time_select_w(mask, (crypto_word_t)(a),
|
340
|
+
(crypto_word_t)(b)));
|
309
341
|
}
|
310
342
|
|
311
343
|
|
312
|
-
|
344
|
+
// Thread-safe initialisation.
|
313
345
|
|
314
346
|
#if defined(OPENSSL_NO_THREADS)
|
315
347
|
typedef uint32_t CRYPTO_once_t;
|
@@ -324,52 +356,52 @@ typedef pthread_once_t CRYPTO_once_t;
|
|
324
356
|
#error "Unknown threading library"
|
325
357
|
#endif
|
326
358
|
|
327
|
-
|
328
|
-
|
329
|
-
|
330
|
-
|
331
|
-
|
332
|
-
|
333
|
-
|
359
|
+
// CRYPTO_once calls |init| exactly once per process. This is thread-safe: if
|
360
|
+
// concurrent threads call |CRYPTO_once| with the same |CRYPTO_once_t| argument
|
361
|
+
// then they will block until |init| completes, but |init| will have only been
|
362
|
+
// called once.
|
363
|
+
//
|
364
|
+
// The |once| argument must be a |CRYPTO_once_t| that has been initialised with
|
365
|
+
// the value |CRYPTO_ONCE_INIT|.
|
334
366
|
OPENSSL_EXPORT void CRYPTO_once(CRYPTO_once_t *once, void (*init)(void));
|
335
367
|
|
336
368
|
|
337
|
-
|
369
|
+
// Reference counting.
|
338
370
|
|
339
|
-
|
371
|
+
// CRYPTO_REFCOUNT_MAX is the value at which the reference count saturates.
|
340
372
|
#define CRYPTO_REFCOUNT_MAX 0xffffffff
|
341
373
|
|
342
|
-
|
343
|
-
|
344
|
-
|
345
|
-
|
374
|
+
// CRYPTO_refcount_inc atomically increments the value at |*count| unless the
|
375
|
+
// value would overflow. It's safe for multiple threads to concurrently call
|
376
|
+
// this or |CRYPTO_refcount_dec_and_test_zero| on the same
|
377
|
+
// |CRYPTO_refcount_t|.
|
346
378
|
OPENSSL_EXPORT void CRYPTO_refcount_inc(CRYPTO_refcount_t *count);
|
347
379
|
|
348
|
-
|
349
|
-
|
350
|
-
|
351
|
-
|
352
|
-
|
353
|
-
|
354
|
-
|
355
|
-
|
380
|
+
// CRYPTO_refcount_dec_and_test_zero tests the value at |*count|:
|
381
|
+
// if it's zero, it crashes the address space.
|
382
|
+
// if it's the maximum value, it returns zero.
|
383
|
+
// otherwise, it atomically decrements it and returns one iff the resulting
|
384
|
+
// value is zero.
|
385
|
+
//
|
386
|
+
// It's safe for multiple threads to concurrently call this or
|
387
|
+
// |CRYPTO_refcount_inc| on the same |CRYPTO_refcount_t|.
|
356
388
|
OPENSSL_EXPORT int CRYPTO_refcount_dec_and_test_zero(CRYPTO_refcount_t *count);
|
357
389
|
|
358
390
|
|
359
|
-
|
360
|
-
|
361
|
-
|
362
|
-
|
363
|
-
|
364
|
-
|
365
|
-
|
366
|
-
|
367
|
-
|
368
|
-
|
391
|
+
// Locks.
|
392
|
+
//
|
393
|
+
// Two types of locks are defined: |CRYPTO_MUTEX|, which can be used in
|
394
|
+
// structures as normal, and |struct CRYPTO_STATIC_MUTEX|, which can be used as
|
395
|
+
// a global lock. A global lock must be initialised to the value
|
396
|
+
// |CRYPTO_STATIC_MUTEX_INIT|.
|
397
|
+
//
|
398
|
+
// |CRYPTO_MUTEX| can appear in public structures and so is defined in
|
399
|
+
// thread.h as a structure large enough to fit the real type. The global lock is
|
400
|
+
// a different type so it may be initialized with platform initializer macros.
|
369
401
|
|
370
402
|
#if defined(OPENSSL_NO_THREADS)
|
371
403
|
struct CRYPTO_STATIC_MUTEX {
|
372
|
-
char padding;
|
404
|
+
char padding; // Empty structs have different sizes in C and C++.
|
373
405
|
};
|
374
406
|
#define CRYPTO_STATIC_MUTEX_INIT { 0 }
|
375
407
|
#elif defined(OPENSSL_WINDOWS_THREADS)
|
@@ -386,101 +418,138 @@ struct CRYPTO_STATIC_MUTEX {
|
|
386
418
|
#error "Unknown threading library"
|
387
419
|
#endif
|
388
420
|
|
389
|
-
|
390
|
-
|
421
|
+
// CRYPTO_MUTEX_init initialises |lock|. If |lock| is a static variable, use a
|
422
|
+
// |CRYPTO_STATIC_MUTEX|.
|
391
423
|
OPENSSL_EXPORT void CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock);
|
392
424
|
|
393
|
-
|
394
|
-
|
425
|
+
// CRYPTO_MUTEX_lock_read locks |lock| such that other threads may also have a
|
426
|
+
// read lock, but none may have a write lock.
|
395
427
|
OPENSSL_EXPORT void CRYPTO_MUTEX_lock_read(CRYPTO_MUTEX *lock);
|
396
428
|
|
397
|
-
|
398
|
-
|
429
|
+
// CRYPTO_MUTEX_lock_write locks |lock| such that no other thread has any type
|
430
|
+
// of lock on it.
|
399
431
|
OPENSSL_EXPORT void CRYPTO_MUTEX_lock_write(CRYPTO_MUTEX *lock);
|
400
432
|
|
401
|
-
|
433
|
+
// CRYPTO_MUTEX_unlock_read unlocks |lock| for reading.
|
402
434
|
OPENSSL_EXPORT void CRYPTO_MUTEX_unlock_read(CRYPTO_MUTEX *lock);
|
403
435
|
|
404
|
-
|
436
|
+
// CRYPTO_MUTEX_unlock_write unlocks |lock| for writing.
|
405
437
|
OPENSSL_EXPORT void CRYPTO_MUTEX_unlock_write(CRYPTO_MUTEX *lock);
|
406
438
|
|
407
|
-
|
439
|
+
// CRYPTO_MUTEX_cleanup releases all resources held by |lock|.
|
408
440
|
OPENSSL_EXPORT void CRYPTO_MUTEX_cleanup(CRYPTO_MUTEX *lock);
|
409
441
|
|
410
|
-
|
411
|
-
|
412
|
-
|
413
|
-
|
442
|
+
// CRYPTO_STATIC_MUTEX_lock_read locks |lock| such that other threads may also
|
443
|
+
// have a read lock, but none may have a write lock. The |lock| variable does
|
444
|
+
// not need to be initialised by any function, but must have been statically
|
445
|
+
// initialised with |CRYPTO_STATIC_MUTEX_INIT|.
|
414
446
|
OPENSSL_EXPORT void CRYPTO_STATIC_MUTEX_lock_read(
|
415
447
|
struct CRYPTO_STATIC_MUTEX *lock);
|
416
448
|
|
417
|
-
|
418
|
-
|
419
|
-
|
420
|
-
|
449
|
+
// CRYPTO_STATIC_MUTEX_lock_write locks |lock| such that no other thread has
|
450
|
+
// any type of lock on it. The |lock| variable does not need to be initialised
|
451
|
+
// by any function, but must have been statically initialised with
|
452
|
+
// |CRYPTO_STATIC_MUTEX_INIT|.
|
421
453
|
OPENSSL_EXPORT void CRYPTO_STATIC_MUTEX_lock_write(
|
422
454
|
struct CRYPTO_STATIC_MUTEX *lock);
|
423
455
|
|
424
|
-
|
456
|
+
// CRYPTO_STATIC_MUTEX_unlock_read unlocks |lock| for reading.
|
425
457
|
OPENSSL_EXPORT void CRYPTO_STATIC_MUTEX_unlock_read(
|
426
458
|
struct CRYPTO_STATIC_MUTEX *lock);
|
427
459
|
|
428
|
-
|
460
|
+
// CRYPTO_STATIC_MUTEX_unlock_write unlocks |lock| for writing.
|
429
461
|
OPENSSL_EXPORT void CRYPTO_STATIC_MUTEX_unlock_write(
|
430
462
|
struct CRYPTO_STATIC_MUTEX *lock);
|
431
463
|
|
464
|
+
#if defined(__cplusplus)
|
465
|
+
extern "C++" {
|
466
|
+
|
467
|
+
namespace bssl {
|
468
|
+
|
469
|
+
namespace internal {
|
432
470
|
|
433
|
-
|
471
|
+
// MutexLockBase is a RAII helper for CRYPTO_MUTEX locking.
|
472
|
+
template <void (*LockFunc)(CRYPTO_MUTEX *), void (*ReleaseFunc)(CRYPTO_MUTEX *)>
|
473
|
+
class MutexLockBase {
|
474
|
+
public:
|
475
|
+
explicit MutexLockBase(CRYPTO_MUTEX *mu) : mu_(mu) {
|
476
|
+
assert(mu_ != nullptr);
|
477
|
+
LockFunc(mu_);
|
478
|
+
}
|
479
|
+
~MutexLockBase() { ReleaseFunc(mu_); }
|
480
|
+
MutexLockBase(const MutexLockBase<LockFunc, ReleaseFunc> &) = delete;
|
481
|
+
MutexLockBase &operator=(const MutexLockBase<LockFunc, ReleaseFunc> &) =
|
482
|
+
delete;
|
483
|
+
|
484
|
+
private:
|
485
|
+
CRYPTO_MUTEX *const mu_;
|
486
|
+
};
|
487
|
+
|
488
|
+
} // namespace internal
|
489
|
+
|
490
|
+
using MutexWriteLock =
|
491
|
+
internal::MutexLockBase<CRYPTO_MUTEX_lock_write, CRYPTO_MUTEX_unlock_write>;
|
492
|
+
using MutexReadLock =
|
493
|
+
internal::MutexLockBase<CRYPTO_MUTEX_lock_read, CRYPTO_MUTEX_unlock_read>;
|
494
|
+
|
495
|
+
} // namespace bssl
|
496
|
+
|
497
|
+
} // extern "C++"
|
498
|
+
#endif // defined(__cplusplus)
|
499
|
+
|
500
|
+
|
501
|
+
// Thread local storage.
|
434
502
|
|
435
|
-
|
436
|
-
|
503
|
+
// thread_local_data_t enumerates the types of thread-local data that can be
|
504
|
+
// stored.
|
437
505
|
typedef enum {
|
438
506
|
OPENSSL_THREAD_LOCAL_ERR = 0,
|
439
507
|
OPENSSL_THREAD_LOCAL_RAND,
|
440
|
-
OPENSSL_THREAD_LOCAL_URANDOM_BUF,
|
441
508
|
OPENSSL_THREAD_LOCAL_TEST,
|
442
509
|
NUM_OPENSSL_THREAD_LOCALS,
|
443
510
|
} thread_local_data_t;
|
444
511
|
|
445
|
-
|
446
|
-
|
512
|
+
// thread_local_destructor_t is the type of a destructor function that will be
|
513
|
+
// called when a thread exits and its thread-local storage needs to be freed.
|
447
514
|
typedef void (*thread_local_destructor_t)(void *);
|
448
515
|
|
449
|
-
|
450
|
-
|
516
|
+
// CRYPTO_get_thread_local gets the pointer value that is stored for the
|
517
|
+
// current thread for the given index, or NULL if none has been set.
|
451
518
|
OPENSSL_EXPORT void *CRYPTO_get_thread_local(thread_local_data_t value);
|
452
519
|
|
453
|
-
|
454
|
-
|
455
|
-
|
456
|
-
|
457
|
-
|
458
|
-
|
459
|
-
|
460
|
-
|
461
|
-
|
462
|
-
|
463
|
-
|
464
|
-
|
465
|
-
|
466
|
-
|
520
|
+
// CRYPTO_set_thread_local sets a pointer value for the current thread at the
|
521
|
+
// given index. This function should only be called once per thread for a given
|
522
|
+
// |index|: rather than update the pointer value itself, update the data that
|
523
|
+
// is pointed to.
|
524
|
+
//
|
525
|
+
// The destructor function will be called when a thread exits to free this
|
526
|
+
// thread-local data. All calls to |CRYPTO_set_thread_local| with the same
|
527
|
+
// |index| should have the same |destructor| argument. The destructor may be
|
528
|
+
// called with a NULL argument if a thread that never set a thread-local
|
529
|
+
// pointer for |index|, exits. The destructor may be called concurrently with
|
530
|
+
// different arguments.
|
531
|
+
//
|
532
|
+
// This function returns one on success or zero on error. If it returns zero
|
533
|
+
// then |destructor| has been called with |value| already.
|
467
534
|
OPENSSL_EXPORT int CRYPTO_set_thread_local(
|
468
535
|
thread_local_data_t index, void *value,
|
469
536
|
thread_local_destructor_t destructor);
|
470
537
|
|
471
538
|
|
472
|
-
|
539
|
+
// ex_data
|
473
540
|
|
474
541
|
typedef struct crypto_ex_data_func_st CRYPTO_EX_DATA_FUNCS;
|
475
542
|
|
476
|
-
|
477
|
-
|
478
|
-
|
543
|
+
DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
|
544
|
+
|
545
|
+
// CRYPTO_EX_DATA_CLASS tracks the ex_indices registered for a type which
|
546
|
+
// supports ex_data. It should defined as a static global within the module
|
547
|
+
// which defines that type.
|
479
548
|
typedef struct {
|
480
549
|
struct CRYPTO_STATIC_MUTEX lock;
|
481
550
|
STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth;
|
482
|
-
|
483
|
-
|
551
|
+
// num_reserved is one if the ex_data index zero is reserved for legacy
|
552
|
+
// |TYPE_get_app_data| functions.
|
484
553
|
uint8_t num_reserved;
|
485
554
|
} CRYPTO_EX_DATA_CLASS;
|
486
555
|
|
@@ -488,54 +557,47 @@ typedef struct {
|
|
488
557
|
#define CRYPTO_EX_DATA_CLASS_INIT_WITH_APP_DATA \
|
489
558
|
{CRYPTO_STATIC_MUTEX_INIT, NULL, 1}
|
490
559
|
|
491
|
-
|
492
|
-
|
493
|
-
|
494
|
-
|
560
|
+
// CRYPTO_get_ex_new_index allocates a new index for |ex_data_class| and writes
|
561
|
+
// it to |*out_index|. Each class of object should provide a wrapper function
|
562
|
+
// that uses the correct |CRYPTO_EX_DATA_CLASS|. It returns one on success and
|
563
|
+
// zero otherwise.
|
495
564
|
OPENSSL_EXPORT int CRYPTO_get_ex_new_index(CRYPTO_EX_DATA_CLASS *ex_data_class,
|
496
565
|
int *out_index, long argl,
|
497
|
-
void *argp,
|
566
|
+
void *argp,
|
498
567
|
CRYPTO_EX_free *free_func);
|
499
568
|
|
500
|
-
|
501
|
-
|
569
|
+
// CRYPTO_set_ex_data sets an extra data pointer on a given object. Each class
|
570
|
+
// of object should provide a wrapper function.
|
502
571
|
OPENSSL_EXPORT int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int index, void *val);
|
503
572
|
|
504
|
-
|
505
|
-
|
506
|
-
|
573
|
+
// CRYPTO_get_ex_data returns an extra data pointer for a given object, or NULL
|
574
|
+
// if no such index exists. Each class of object should provide a wrapper
|
575
|
+
// function.
|
507
576
|
OPENSSL_EXPORT void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int index);
|
508
577
|
|
509
|
-
|
578
|
+
// CRYPTO_new_ex_data initialises a newly allocated |CRYPTO_EX_DATA|.
|
510
579
|
OPENSSL_EXPORT void CRYPTO_new_ex_data(CRYPTO_EX_DATA *ad);
|
511
580
|
|
512
|
-
|
513
|
-
|
514
|
-
* class. It returns one on success and zero otherwise. */
|
515
|
-
OPENSSL_EXPORT int CRYPTO_dup_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class,
|
516
|
-
CRYPTO_EX_DATA *to,
|
517
|
-
const CRYPTO_EX_DATA *from);
|
518
|
-
|
519
|
-
/* CRYPTO_free_ex_data frees |ad|, which is embedded inside |obj|, which is an
|
520
|
-
* object of the given class. */
|
581
|
+
// CRYPTO_free_ex_data frees |ad|, which is embedded inside |obj|, which is an
|
582
|
+
// object of the given class.
|
521
583
|
OPENSSL_EXPORT void CRYPTO_free_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class,
|
522
584
|
void *obj, CRYPTO_EX_DATA *ad);
|
523
585
|
|
524
586
|
|
525
|
-
|
526
|
-
|
527
|
-
|
528
|
-
|
529
|
-
|
530
|
-
|
531
|
-
|
532
|
-
|
533
|
-
|
534
|
-
|
535
|
-
|
536
|
-
|
537
|
-
|
538
|
-
|
587
|
+
// Language bug workarounds.
|
588
|
+
//
|
589
|
+
// Most C standard library functions are undefined if passed NULL, even when the
|
590
|
+
// corresponding length is zero. This gives them (and, in turn, all functions
|
591
|
+
// which call them) surprising behavior on empty arrays. Some compilers will
|
592
|
+
// miscompile code due to this rule. See also
|
593
|
+
// https://www.imperialviolet.org/2016/06/26/nonnull.html
|
594
|
+
//
|
595
|
+
// These wrapper functions behave the same as the corresponding C standard
|
596
|
+
// functions, but behave as expected when passed NULL if the length is zero.
|
597
|
+
//
|
598
|
+
// Note |OPENSSL_memcmp| is a different function from |CRYPTO_memcmp|.
|
599
|
+
|
600
|
+
// C++ defines |memchr| as a const-correct overload.
|
539
601
|
#if defined(__cplusplus)
|
540
602
|
extern "C++" {
|
541
603
|
|
@@ -555,8 +617,8 @@ static inline void *OPENSSL_memchr(void *s, int c, size_t n) {
|
|
555
617
|
return memchr(s, c, n);
|
556
618
|
}
|
557
619
|
|
558
|
-
}
|
559
|
-
#else
|
620
|
+
} // extern "C++"
|
621
|
+
#else // __cplusplus
|
560
622
|
|
561
623
|
static inline void *OPENSSL_memchr(const void *s, int c, size_t n) {
|
562
624
|
if (n == 0) {
|
@@ -566,7 +628,7 @@ static inline void *OPENSSL_memchr(const void *s, int c, size_t n) {
|
|
566
628
|
return memchr(s, c, n);
|
567
629
|
}
|
568
630
|
|
569
|
-
#endif
|
631
|
+
#endif // __cplusplus
|
570
632
|
|
571
633
|
static inline int OPENSSL_memcmp(const void *s1, const void *s2, size_t n) {
|
572
634
|
if (n == 0) {
|
@@ -600,9 +662,15 @@ static inline void *OPENSSL_memset(void *dst, int c, size_t n) {
|
|
600
662
|
return memset(dst, c, n);
|
601
663
|
}
|
602
664
|
|
665
|
+
#if defined(BORINGSSL_FIPS)
|
666
|
+
// BORINGSSL_FIPS_abort is called when a FIPS power-on or continuous test
|
667
|
+
// fails. It prevents any further cryptographic operations by the current
|
668
|
+
// process.
|
669
|
+
void BORINGSSL_FIPS_abort(void) __attribute__((noreturn));
|
670
|
+
#endif
|
603
671
|
|
604
672
|
#if defined(__cplusplus)
|
605
|
-
}
|
673
|
+
} // extern C
|
606
674
|
#endif
|
607
675
|
|
608
|
-
#endif
|
676
|
+
#endif // OPENSSL_HEADER_CRYPTO_INTERNAL_H
|