grpc 1.9.1 → 1.10.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +2654 -953
- data/etc/roots.pem +282 -683
- data/include/grpc/compression.h +9 -26
- data/include/grpc/grpc.h +10 -24
- data/include/grpc/grpc_security.h +7 -1
- data/include/grpc/impl/codegen/compression_types.h +5 -62
- data/include/grpc/impl/codegen/grpc_types.h +10 -6
- data/include/grpc/module.modulemap +1 -10
- data/include/grpc/support/alloc.h +3 -2
- data/include/grpc/support/log.h +1 -2
- data/{src/core/lib/gpr/thd_internal.h → include/grpc/support/thd_id.h} +23 -9
- data/src/boringssl/err_data.c +550 -496
- data/src/core/ext/census/grpc_context.cc +2 -1
- data/src/core/ext/filters/client_channel/backup_poller.cc +5 -4
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +7 -7
- data/src/core/ext/filters/client_channel/client_channel.cc +162 -172
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +4 -2
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +10 -10
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +18 -14
- data/src/core/ext/filters/client_channel/http_proxy.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy.cc +21 -105
- data/src/core/ext/filters/client_channel/lb_policy.h +166 -170
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +41 -36
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +1452 -1459
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +3 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +7 -8
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +27 -27
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +279 -304
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +358 -330
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc +30 -41
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +7 -14
- data/src/core/ext/filters/client_channel/lb_policy_factory.cc +8 -21
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +23 -27
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +58 -33
- data/src/core/ext/filters/client_channel/lb_policy_registry.h +25 -12
- data/src/core/ext/filters/client_channel/parse_address.cc +10 -8
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver.cc +6 -52
- data/src/core/ext/filters/client_channel/resolver.h +98 -55
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +266 -237
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +31 -27
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +244 -207
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +161 -148
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +47 -31
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +126 -126
- data/src/core/ext/filters/client_channel/resolver_factory.h +33 -32
- data/src/core/ext/filters/client_channel/resolver_registry.cc +110 -90
- data/src/core/ext/filters/client_channel/resolver_registry.h +49 -36
- data/src/core/ext/filters/client_channel/retry_throttle.cc +29 -22
- data/src/core/ext/filters/client_channel/subchannel.cc +173 -173
- data/src/core/ext/filters/client_channel/subchannel.h +38 -45
- data/src/core/ext/filters/client_channel/subchannel_index.cc +44 -40
- data/src/core/ext/filters/client_channel/uri_parser.cc +3 -3
- data/src/core/ext/filters/deadline/deadline_filter.cc +27 -18
- data/src/core/ext/filters/http/client/http_client_filter.cc +26 -23
- data/src/core/ext/filters/http/http_filters_plugin.cc +3 -2
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +78 -110
- data/src/core/ext/filters/http/server/http_server_filter.cc +29 -26
- data/src/core/ext/filters/load_reporting/server_load_reporting_filter.cc +9 -11
- data/src/core/ext/filters/load_reporting/server_load_reporting_plugin.cc +2 -1
- data/src/core/ext/filters/max_age/max_age_filter.cc +14 -14
- data/src/core/ext/filters/message_size/message_size_filter.cc +20 -18
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +4 -4
- data/src/core/ext/filters/workarounds/workaround_utils.cc +4 -4
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +2 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +10 -10
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +4 -4
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +11 -12
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +16 -13
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +36 -9
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +3 -0
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +17 -14
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +139 -145
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +16 -14
- data/src/core/ext/transport/chttp2/transport/flow_control.h +8 -7
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +35 -33
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +27 -25
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +12 -12
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +16 -15
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +19 -19
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +11 -11
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +23 -22
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +35 -35
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +10 -7
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +1 -1
- data/src/core/ext/transport/chttp2/transport/parsing.cc +35 -39
- data/src/core/ext/transport/chttp2/transport/stream_map.cc +8 -7
- data/src/core/ext/transport/chttp2/transport/varint.cc +5 -5
- data/src/core/ext/transport/chttp2/transport/writing.cc +18 -18
- data/src/core/ext/transport/inproc/inproc_transport.cc +43 -23
- data/src/core/lib/{gpr → avl}/avl.cc +61 -57
- data/{include/grpc/support → src/core/lib/avl}/avl.h +25 -35
- data/src/core/lib/backoff/backoff.cc +6 -5
- data/src/core/lib/channel/channel_args.cc +23 -109
- data/src/core/lib/channel/channel_args.h +5 -31
- data/src/core/lib/channel/channel_stack.cc +11 -8
- data/src/core/lib/channel/channel_stack_builder.cc +10 -7
- data/src/core/lib/channel/connected_channel.cc +18 -17
- data/src/core/lib/channel/handshaker.cc +8 -8
- data/src/core/lib/channel/handshaker_registry.cc +3 -2
- data/src/core/lib/compression/algorithm_metadata.h +13 -6
- data/src/core/lib/compression/compression.cc +72 -183
- data/src/core/lib/compression/compression_internal.cc +274 -0
- data/src/core/lib/compression/compression_internal.h +86 -0
- data/src/core/lib/compression/message_compress.cc +15 -15
- data/src/core/lib/compression/message_compress.h +4 -3
- data/src/core/lib/compression/stream_compression_gzip.cc +8 -8
- data/src/core/lib/compression/stream_compression_identity.cc +1 -1
- data/src/core/lib/debug/stats.cc +10 -8
- data/src/core/lib/debug/stats_data.cc +2 -1
- data/src/core/lib/debug/trace.cc +3 -3
- data/src/core/lib/gpr/alloc.cc +7 -11
- data/src/core/lib/gpr/arena.cc +34 -12
- data/src/core/lib/gpr/atm.cc +2 -1
- data/src/core/lib/gpr/cpu_linux.cc +3 -3
- data/src/core/lib/gpr/cpu_posix.cc +2 -1
- data/src/core/lib/gpr/env.h +1 -1
- data/src/core/lib/gpr/env_linux.cc +1 -1
- data/src/core/lib/gpr/env_windows.cc +4 -4
- data/src/core/lib/gpr/fork.cc +16 -2
- data/src/core/lib/gpr/host_port.cc +5 -4
- data/{include/grpc/support → src/core/lib/gpr}/host_port.h +5 -13
- data/src/core/lib/gpr/log.cc +5 -4
- data/src/core/lib/gpr/log_linux.cc +1 -1
- data/src/core/lib/gpr/mpscq.cc +1 -0
- data/src/core/lib/gpr/murmur_hash.cc +4 -4
- data/src/core/lib/gpr/string.cc +19 -16
- data/src/core/lib/gpr/string_posix.cc +3 -3
- data/src/core/lib/gpr/sync_posix.cc +5 -9
- data/src/core/lib/gpr/thd.cc +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/thd.h +20 -28
- data/src/core/lib/gpr/thd_posix.cc +6 -4
- data/src/core/lib/gpr/thd_windows.cc +3 -1
- data/src/core/lib/gpr/time.cc +6 -4
- data/src/core/lib/gpr/time_posix.cc +2 -2
- data/{include/grpc/support → src/core/lib/gpr}/tls.h +6 -6
- data/{include/grpc/support → src/core/lib/gpr}/tls_gcc.h +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/tls_msvc.h +3 -3
- data/src/core/lib/gpr/tls_pthread.cc +1 -1
- data/{include/grpc/support → src/core/lib/gpr}/tls_pthread.h +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/useful.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/abstract.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/atomic.h +5 -5
- data/src/core/lib/{gpr++ → gprpp}/atomic_with_atm.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/atomic_with_std.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/debug_location.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/inlined_vector.h +44 -22
- data/src/core/lib/{gpr++ → gprpp}/manual_constructor.h +2 -2
- data/src/core/lib/{gpr++ → gprpp}/memory.h +14 -5
- data/src/core/lib/{gpr++ → gprpp}/orphanable.h +39 -14
- data/src/core/lib/{gpr++ → gprpp}/ref_counted.h +42 -10
- data/src/core/lib/{gpr++ → gprpp}/ref_counted_ptr.h +18 -8
- data/src/core/lib/http/format_request.cc +3 -3
- data/src/core/lib/http/httpcli.cc +6 -7
- data/src/core/lib/http/httpcli_security_connector.cc +10 -10
- data/src/core/lib/http/parser.cc +16 -12
- data/src/core/lib/iomgr/call_combiner.cc +12 -13
- data/src/core/lib/iomgr/closure.h +4 -6
- data/src/core/lib/iomgr/combiner.cc +10 -21
- data/src/core/lib/iomgr/error.cc +50 -55
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +41 -52
- data/src/core/lib/iomgr/ev_epollex_linux.cc +80 -28
- data/src/core/lib/iomgr/ev_epollsig_linux.cc +23 -30
- data/src/core/lib/iomgr/ev_poll_posix.cc +52 -46
- data/src/core/lib/iomgr/ev_posix.cc +47 -6
- data/src/core/lib/iomgr/exec_ctx.cc +10 -10
- data/src/core/lib/iomgr/exec_ctx.h +1 -1
- data/src/core/lib/iomgr/executor.cc +16 -13
- data/src/core/lib/iomgr/fork_posix.cc +1 -3
- data/src/core/lib/iomgr/gethostname_host_name_max.cc +1 -1
- data/src/core/lib/iomgr/iocp_windows.cc +1 -2
- data/src/core/lib/iomgr/iomgr.cc +2 -2
- data/src/core/lib/iomgr/iomgr_uv.cc +2 -0
- data/src/core/lib/iomgr/iomgr_uv.h +1 -1
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +5 -4
- data/src/core/lib/iomgr/load_file.cc +3 -3
- data/src/core/lib/iomgr/pollset_windows.cc +1 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +10 -9
- data/src/core/lib/iomgr/resolve_address_uv.cc +2 -2
- data/src/core/lib/iomgr/resolve_address_windows.cc +3 -2
- data/src/core/lib/iomgr/resource_quota.cc +36 -34
- data/src/core/lib/iomgr/sockaddr_utils.cc +39 -23
- data/src/core/lib/iomgr/socket_factory_posix.cc +5 -5
- data/src/core/lib/iomgr/socket_mutator.cc +7 -7
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +7 -4
- data/src/core/lib/iomgr/socket_utils_linux.cc +3 -2
- data/src/core/lib/iomgr/tcp_client_posix.cc +7 -6
- data/src/core/lib/iomgr/tcp_client_windows.cc +0 -1
- data/src/core/lib/iomgr/tcp_posix.cc +47 -55
- data/src/core/lib/iomgr/tcp_server_posix.cc +12 -10
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +7 -5
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +4 -3
- data/src/core/lib/iomgr/tcp_windows.cc +1 -1
- data/src/core/lib/iomgr/timer_generic.cc +16 -14
- data/src/core/lib/iomgr/timer_heap.cc +8 -7
- data/src/core/lib/iomgr/timer_manager.cc +4 -3
- data/src/core/lib/iomgr/udp_server.cc +24 -16
- data/src/core/lib/iomgr/unix_sockets_posix.cc +15 -10
- data/src/core/lib/iomgr/wakeup_fd_cv.cc +6 -5
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +1 -2
- data/src/core/lib/json/json.cc +1 -1
- data/src/core/lib/json/json_reader.cc +8 -6
- data/src/core/lib/json/json_string.cc +19 -18
- data/src/core/lib/json/json_writer.cc +10 -8
- data/src/core/lib/profiling/basic_timers.cc +1 -1
- data/src/core/lib/profiling/timers.h +3 -20
- data/src/core/lib/security/context/security_context.cc +16 -14
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +17 -14
- data/src/core/lib/security/credentials/credentials.cc +9 -8
- data/src/core/lib/security/credentials/credentials.h +1 -1
- data/src/core/lib/security/credentials/credentials_metadata.cc +2 -2
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +12 -13
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +7 -4
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +5 -3
- data/src/core/lib/security/credentials/jwt/json_token.cc +4 -3
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +7 -7
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +21 -18
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +23 -18
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +11 -7
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +22 -21
- data/src/core/lib/security/{transport → security_connector}/security_connector.cc +46 -43
- data/src/core/lib/security/{transport → security_connector}/security_connector.h +3 -3
- data/src/core/lib/security/transport/client_auth_filter.cc +32 -34
- data/src/core/lib/security/transport/lb_targets_info.cc +7 -5
- data/src/core/lib/security/transport/secure_endpoint.cc +21 -21
- data/src/core/lib/security/transport/security_handshaker.cc +19 -18
- data/src/core/lib/security/transport/security_handshaker.h +1 -1
- data/src/core/lib/security/transport/server_auth_filter.cc +21 -21
- data/src/core/lib/slice/b64.cc +19 -16
- data/src/core/lib/slice/percent_encoding.cc +5 -5
- data/src/core/lib/slice/slice.cc +35 -33
- data/src/core/lib/slice/slice_buffer.cc +16 -14
- data/src/core/lib/slice/slice_hash_table.cc +3 -2
- data/src/core/lib/slice/slice_intern.cc +21 -25
- data/src/core/lib/slice/slice_string_helpers.cc +45 -9
- data/src/core/lib/slice/slice_string_helpers.h +6 -0
- data/src/core/lib/surface/byte_buffer.cc +2 -2
- data/src/core/lib/surface/byte_buffer_reader.cc +6 -3
- data/src/core/lib/surface/call.cc +171 -260
- data/src/core/lib/surface/call_test_only.h +1 -13
- data/src/core/lib/surface/channel.cc +20 -43
- data/src/core/lib/surface/channel_init.cc +7 -7
- data/src/core/lib/surface/channel_ping.cc +2 -2
- data/src/core/lib/surface/completion_queue.cc +69 -75
- data/src/core/lib/surface/init.cc +4 -5
- data/src/core/lib/surface/init_secure.cc +1 -1
- data/src/core/lib/surface/lame_client.cc +1 -1
- data/src/core/lib/surface/server.cc +64 -59
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/bdp_estimator.cc +6 -5
- data/src/core/lib/transport/byte_stream.cc +23 -14
- data/src/core/lib/transport/byte_stream.h +1 -1
- data/src/core/lib/transport/connectivity_state.cc +9 -13
- data/src/core/lib/transport/error_utils.cc +10 -7
- data/src/core/lib/transport/metadata.cc +27 -26
- data/src/core/lib/transport/metadata.h +1 -1
- data/src/core/lib/transport/pid_controller.cc +2 -1
- data/src/core/lib/transport/service_config.cc +5 -5
- data/src/core/lib/transport/static_metadata.cc +225 -222
- data/src/core/lib/transport/static_metadata.h +77 -76
- data/src/core/lib/transport/timeout_encoding.cc +3 -2
- data/src/core/lib/transport/transport.cc +6 -5
- data/src/core/lib/transport/transport_op_string.cc +0 -1
- data/src/core/plugin_registry/grpc_plugin_registry.cc +4 -4
- data/src/core/tsi/alts_transport_security.cc +61 -0
- data/src/core/tsi/{gts_transport_security.h → alts_transport_security.h} +16 -8
- data/src/core/tsi/fake_transport_security.cc +59 -43
- data/src/core/tsi/ssl_transport_security.cc +122 -107
- data/src/core/tsi/transport_security.cc +3 -3
- data/src/core/tsi/transport_security_adapter.cc +16 -10
- data/src/ruby/bin/apis/pubsub_demo.rb +1 -1
- data/src/ruby/ext/grpc/rb_channel.c +3 -4
- data/src/ruby/ext/grpc/rb_compression_options.c +13 -3
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +4 -76
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +8 -120
- data/src/ruby/ext/grpc/rb_server.c +52 -28
- data/src/ruby/lib/grpc/generic/rpc_server.rb +7 -4
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/test/client.rb +1 -1
- data/src/ruby/pb/test/server.rb +1 -1
- data/src/ruby/spec/client_server_spec.rb +4 -2
- data/src/ruby/spec/generic/active_call_spec.rb +2 -1
- data/src/ruby/spec/generic/client_stub_spec.rb +32 -8
- data/src/ruby/spec/server_spec.rb +26 -7
- data/third_party/boringssl/crypto/asn1/a_bitstr.c +7 -2
- data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +15 -0
- data/third_party/boringssl/crypto/asn1/a_gentm.c +1 -1
- data/third_party/boringssl/crypto/asn1/a_print.c +0 -28
- data/third_party/boringssl/crypto/asn1/a_strnid.c +3 -0
- data/third_party/boringssl/crypto/asn1/a_time.c +17 -9
- data/third_party/boringssl/crypto/asn1/a_utctm.c +1 -1
- data/third_party/boringssl/crypto/asn1/asn1_lib.c +5 -49
- data/third_party/boringssl/crypto/asn1/asn1_locl.h +1 -1
- data/third_party/boringssl/crypto/asn1/tasn_dec.c +9 -9
- data/third_party/boringssl/crypto/asn1/tasn_enc.c +0 -6
- data/third_party/boringssl/crypto/asn1/time_support.c +5 -5
- data/third_party/boringssl/crypto/base64/base64.c +65 -43
- data/third_party/boringssl/crypto/bio/bio.c +134 -110
- data/third_party/boringssl/crypto/bio/bio_mem.c +9 -9
- data/third_party/boringssl/crypto/bio/connect.c +17 -17
- data/third_party/boringssl/crypto/bio/fd.c +2 -1
- data/third_party/boringssl/crypto/bio/file.c +14 -14
- data/third_party/boringssl/crypto/bio/hexdump.c +15 -16
- data/third_party/boringssl/crypto/bio/internal.h +14 -14
- data/third_party/boringssl/crypto/bio/pair.c +45 -45
- data/third_party/boringssl/crypto/bio/printf.c +6 -10
- data/third_party/boringssl/crypto/{bn → bn_extra}/bn_asn1.c +9 -9
- data/third_party/boringssl/crypto/{bn → bn_extra}/convert.c +18 -223
- data/third_party/boringssl/crypto/buf/buf.c +20 -44
- data/third_party/boringssl/crypto/bytestring/ber.c +35 -35
- data/third_party/boringssl/crypto/bytestring/cbb.c +24 -24
- data/third_party/boringssl/crypto/bytestring/cbs.c +33 -37
- data/third_party/boringssl/crypto/bytestring/internal.h +38 -38
- data/third_party/boringssl/crypto/chacha/chacha.c +7 -7
- data/third_party/boringssl/crypto/{asn1/t_bitst.c → cipher_extra/cipher_extra.c} +49 -38
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/derive_key.c +0 -2
- data/third_party/boringssl/crypto/cipher_extra/e_aesctrhmac.c +281 -0
- data/third_party/boringssl/crypto/cipher_extra/e_aesgcmsiv.c +867 -0
- data/third_party/boringssl/crypto/cipher_extra/e_chacha20poly1305.c +326 -0
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_null.c +0 -1
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_rc2.c +22 -10
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_rc4.c +0 -0
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_ssl3.c +120 -64
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_tls.c +220 -141
- data/third_party/boringssl/crypto/{asn1/x_bignum.c → cipher_extra/internal.h} +61 -86
- data/third_party/boringssl/crypto/cipher_extra/tls_cbc.c +482 -0
- data/third_party/boringssl/crypto/cmac/cmac.c +20 -20
- data/third_party/boringssl/crypto/conf/conf.c +32 -20
- data/third_party/boringssl/crypto/conf/internal.h +3 -3
- data/third_party/boringssl/crypto/cpu-aarch64-linux.c +5 -5
- data/third_party/boringssl/crypto/cpu-arm-linux.c +44 -41
- data/third_party/boringssl/crypto/cpu-intel.c +68 -43
- data/third_party/boringssl/crypto/cpu-ppc64le.c +5 -7
- data/third_party/boringssl/crypto/crypto.c +54 -32
- data/third_party/boringssl/crypto/curve25519/curve25519.c +269 -269
- data/third_party/boringssl/crypto/curve25519/internal.h +28 -8
- data/third_party/boringssl/crypto/curve25519/spake25519.c +180 -106
- data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +9 -9
- data/third_party/boringssl/crypto/dh/check.c +33 -34
- data/third_party/boringssl/crypto/dh/dh.c +72 -36
- data/third_party/boringssl/crypto/dh/dh_asn1.c +1 -1
- data/third_party/boringssl/crypto/dh/params.c +1 -161
- data/third_party/boringssl/crypto/digest_extra/digest_extra.c +240 -0
- data/third_party/boringssl/crypto/dsa/dsa.c +127 -87
- data/third_party/boringssl/crypto/dsa/dsa_asn1.c +1 -1
- data/third_party/boringssl/crypto/{ec → ec_extra}/ec_asn1.c +83 -70
- data/third_party/boringssl/crypto/ecdh/ecdh.c +1 -1
- data/third_party/boringssl/crypto/{ecdsa → ecdsa_extra}/ecdsa_asn1.c +86 -31
- data/third_party/boringssl/crypto/engine/engine.c +6 -6
- data/third_party/boringssl/crypto/err/err.c +197 -106
- data/third_party/boringssl/crypto/err/internal.h +58 -0
- data/third_party/boringssl/crypto/evp/digestsign.c +86 -14
- data/third_party/boringssl/crypto/evp/evp.c +6 -11
- data/third_party/boringssl/crypto/evp/evp_asn1.c +17 -17
- data/third_party/boringssl/crypto/evp/evp_ctx.c +15 -11
- data/third_party/boringssl/crypto/evp/internal.h +66 -51
- data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +11 -11
- data/third_party/boringssl/crypto/evp/p_ec.c +10 -8
- data/third_party/boringssl/crypto/evp/p_ec_asn1.c +11 -12
- data/third_party/boringssl/crypto/evp/p_ed25519.c +71 -0
- data/third_party/boringssl/crypto/evp/p_ed25519_asn1.c +190 -0
- data/third_party/boringssl/crypto/evp/p_rsa.c +50 -95
- data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +28 -18
- data/third_party/boringssl/crypto/evp/pbkdf.c +49 -56
- data/third_party/boringssl/crypto/evp/print.c +5 -36
- data/third_party/boringssl/crypto/evp/scrypt.c +209 -0
- data/third_party/boringssl/crypto/ex_data.c +15 -45
- data/third_party/boringssl/crypto/fipsmodule/aes/internal.h +100 -0
- data/third_party/boringssl/crypto/fipsmodule/bcm.c +679 -0
- data/third_party/boringssl/crypto/{bn → fipsmodule/bn}/internal.h +40 -27
- data/third_party/boringssl/crypto/{bn → fipsmodule/bn}/rsaz_exp.h +0 -0
- data/third_party/boringssl/crypto/{cipher → fipsmodule/cipher}/internal.h +34 -67
- data/third_party/boringssl/crypto/fipsmodule/delocate.h +88 -0
- data/third_party/boringssl/crypto/{des → fipsmodule/des}/internal.h +18 -4
- data/third_party/boringssl/crypto/{digest → fipsmodule/digest}/internal.h +18 -18
- data/third_party/boringssl/crypto/{digest → fipsmodule/digest}/md32_common.h +58 -64
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/internal.h +58 -52
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/p256-x86_64-table.h +11 -11
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/p256-x86_64.h +32 -32
- data/third_party/boringssl/crypto/{rand/internal.h → fipsmodule/is_fips.c} +10 -15
- data/third_party/boringssl/crypto/{modes → fipsmodule/modes}/internal.h +112 -119
- data/third_party/boringssl/crypto/fipsmodule/rand/internal.h +92 -0
- data/third_party/boringssl/crypto/{rsa → fipsmodule/rsa}/internal.h +36 -49
- data/third_party/boringssl/crypto/hkdf/hkdf.c +6 -6
- data/third_party/boringssl/crypto/internal.h +301 -233
- data/third_party/boringssl/crypto/lhash/lhash.c +26 -45
- data/third_party/boringssl/crypto/mem.c +76 -33
- data/third_party/boringssl/crypto/obj/obj.c +44 -28
- data/third_party/boringssl/crypto/obj/obj_dat.h +102 -34
- data/third_party/boringssl/crypto/obj/obj_xref.c +6 -6
- data/third_party/boringssl/crypto/pem/pem_info.c +3 -5
- data/third_party/boringssl/crypto/pem/pem_lib.c +1 -6
- data/third_party/boringssl/crypto/pem/pem_pk8.c +1 -0
- data/third_party/boringssl/crypto/pem/pem_pkey.c +1 -1
- data/third_party/boringssl/crypto/pem/pem_xaux.c +0 -2
- data/third_party/boringssl/crypto/pkcs7/internal.h +49 -0
- data/third_party/boringssl/crypto/pkcs7/pkcs7.c +166 -0
- data/third_party/boringssl/crypto/{x509/pkcs7.c → pkcs7/pkcs7_x509.c} +27 -147
- data/third_party/boringssl/crypto/pkcs8/internal.h +34 -16
- data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +120 -39
- data/third_party/boringssl/crypto/pkcs8/pkcs8.c +144 -857
- data/third_party/boringssl/crypto/pkcs8/pkcs8_x509.c +789 -0
- data/third_party/boringssl/crypto/poly1305/internal.h +4 -3
- data/third_party/boringssl/crypto/poly1305/poly1305.c +14 -14
- data/third_party/boringssl/crypto/poly1305/poly1305_arm.c +11 -11
- data/third_party/boringssl/crypto/poly1305/poly1305_vec.c +41 -41
- data/third_party/boringssl/crypto/pool/internal.h +2 -2
- data/third_party/boringssl/crypto/pool/pool.c +15 -15
- data/third_party/boringssl/crypto/{rand → rand_extra}/deterministic.c +7 -7
- data/third_party/boringssl/crypto/rand_extra/forkunsafe.c +46 -0
- data/third_party/boringssl/crypto/{rand → rand_extra}/fuchsia.c +7 -7
- data/third_party/boringssl/crypto/rand_extra/rand_extra.c +70 -0
- data/third_party/boringssl/crypto/{rand → rand_extra}/windows.c +5 -5
- data/third_party/boringssl/crypto/refcount_c11.c +2 -2
- data/third_party/boringssl/crypto/refcount_lock.c +1 -1
- data/third_party/boringssl/crypto/{rsa → rsa_extra}/rsa_asn1.c +12 -120
- data/third_party/boringssl/crypto/stack/stack.c +13 -13
- data/third_party/boringssl/crypto/thread_none.c +1 -1
- data/third_party/boringssl/crypto/thread_pthread.c +1 -1
- data/third_party/boringssl/crypto/thread_win.c +40 -40
- data/third_party/boringssl/crypto/x509/a_sign.c +5 -12
- data/third_party/boringssl/crypto/x509/a_verify.c +6 -18
- data/third_party/boringssl/crypto/x509/algorithm.c +22 -6
- data/third_party/boringssl/crypto/x509/asn1_gen.c +30 -7
- data/third_party/boringssl/crypto/x509/by_dir.c +2 -2
- data/third_party/boringssl/crypto/x509/by_file.c +2 -2
- data/third_party/boringssl/crypto/x509/rsa_pss.c +5 -5
- data/third_party/boringssl/crypto/x509/t_x509.c +2 -1
- data/third_party/boringssl/crypto/x509/x509_def.c +5 -0
- data/third_party/boringssl/crypto/x509/x509_lu.c +35 -4
- data/third_party/boringssl/crypto/x509/x509_set.c +10 -0
- data/third_party/boringssl/crypto/x509/x509_vfy.c +20 -17
- data/third_party/boringssl/crypto/x509/x_name.c +13 -16
- data/third_party/boringssl/crypto/x509/x_x509.c +3 -3
- data/third_party/boringssl/crypto/x509/x_x509a.c +0 -7
- data/third_party/boringssl/crypto/x509v3/ext_dat.h +8 -0
- data/third_party/boringssl/crypto/x509v3/pcy_int.h +2 -2
- data/third_party/boringssl/crypto/x509v3/pcy_lib.c +0 -9
- data/third_party/boringssl/crypto/x509v3/pcy_node.c +1 -1
- data/third_party/boringssl/crypto/x509v3/pcy_tree.c +25 -15
- data/third_party/boringssl/crypto/x509v3/v3_alt.c +21 -11
- data/third_party/boringssl/crypto/x509v3/v3_cpols.c +9 -3
- data/third_party/boringssl/crypto/x509v3/v3_info.c +22 -14
- data/third_party/boringssl/crypto/x509v3/v3_ncons.c +27 -11
- data/third_party/boringssl/crypto/x509v3/v3_pci.c +0 -33
- data/third_party/boringssl/crypto/x509v3/v3_utl.c +4 -4
- data/third_party/boringssl/include/openssl/aead.h +280 -191
- data/third_party/boringssl/include/openssl/aes.h +50 -50
- data/third_party/boringssl/include/openssl/arm_arch.h +12 -12
- data/third_party/boringssl/include/openssl/asn1.h +14 -77
- data/third_party/boringssl/include/openssl/asn1t.h +11 -15
- data/third_party/boringssl/include/openssl/base.h +78 -51
- data/third_party/boringssl/include/openssl/base64.h +68 -68
- data/third_party/boringssl/include/openssl/bio.h +472 -406
- data/third_party/boringssl/include/openssl/blowfish.h +1 -1
- data/third_party/boringssl/include/openssl/bn.h +454 -435
- data/third_party/boringssl/include/openssl/buf.h +27 -27
- data/third_party/boringssl/include/openssl/bytestring.h +282 -267
- data/third_party/boringssl/include/openssl/cast.h +2 -2
- data/third_party/boringssl/include/openssl/chacha.h +5 -5
- data/third_party/boringssl/include/openssl/cipher.h +209 -200
- data/third_party/boringssl/include/openssl/cmac.h +27 -27
- data/third_party/boringssl/include/openssl/conf.h +49 -46
- data/third_party/boringssl/include/openssl/cpu.h +60 -45
- data/third_party/boringssl/include/openssl/crypto.h +59 -35
- data/third_party/boringssl/include/openssl/curve25519.h +97 -92
- data/third_party/boringssl/include/openssl/des.h +25 -25
- data/third_party/boringssl/include/openssl/dh.h +98 -97
- data/third_party/boringssl/include/openssl/digest.h +143 -114
- data/third_party/boringssl/include/openssl/dsa.h +217 -202
- data/third_party/boringssl/include/openssl/ec.h +132 -131
- data/third_party/boringssl/include/openssl/ec_key.h +132 -128
- data/third_party/boringssl/include/openssl/ecdh.h +9 -9
- data/third_party/boringssl/include/openssl/ecdsa.h +66 -66
- data/third_party/boringssl/include/openssl/engine.h +38 -38
- data/third_party/boringssl/include/openssl/err.h +189 -219
- data/third_party/boringssl/include/openssl/evp.h +473 -397
- data/third_party/boringssl/include/openssl/ex_data.h +46 -56
- data/third_party/boringssl/include/openssl/hkdf.h +17 -17
- data/third_party/boringssl/include/openssl/hmac.h +55 -43
- data/third_party/boringssl/include/openssl/is_boringssl.h +16 -0
- data/third_party/boringssl/include/openssl/lhash.h +67 -67
- data/third_party/boringssl/include/openssl/lhash_macros.h +4 -4
- data/third_party/boringssl/include/openssl/md4.h +14 -14
- data/third_party/boringssl/include/openssl/md5.h +14 -14
- data/third_party/boringssl/include/openssl/mem.h +39 -33
- data/third_party/boringssl/include/openssl/nid.h +43 -0
- data/third_party/boringssl/include/openssl/obj.h +93 -87
- data/third_party/boringssl/include/openssl/opensslconf.h +8 -1
- data/third_party/boringssl/include/openssl/pem.h +2 -122
- data/third_party/boringssl/include/openssl/pkcs7.h +68 -2
- data/third_party/boringssl/include/openssl/pkcs8.h +81 -66
- data/third_party/boringssl/include/openssl/poly1305.h +11 -11
- data/third_party/boringssl/include/openssl/pool.h +29 -25
- data/third_party/boringssl/include/openssl/rand.h +48 -45
- data/third_party/boringssl/include/openssl/rc4.h +9 -9
- data/third_party/boringssl/include/openssl/ripemd.h +13 -13
- data/third_party/boringssl/include/openssl/rsa.h +371 -340
- data/third_party/boringssl/include/openssl/sha.h +71 -71
- data/third_party/boringssl/include/openssl/span.h +191 -0
- data/third_party/boringssl/include/openssl/ssl.h +2639 -2519
- data/third_party/boringssl/include/openssl/ssl3.h +39 -122
- data/third_party/boringssl/include/openssl/stack.h +355 -164
- data/third_party/boringssl/include/openssl/thread.h +43 -43
- data/third_party/boringssl/include/openssl/tls1.h +60 -63
- data/third_party/boringssl/include/openssl/type_check.h +10 -14
- data/third_party/boringssl/include/openssl/x509.h +41 -116
- data/third_party/boringssl/include/openssl/x509_vfy.h +17 -25
- data/third_party/boringssl/include/openssl/x509v3.h +27 -21
- data/third_party/boringssl/ssl/{bio_ssl.c → bio_ssl.cc} +9 -5
- data/third_party/boringssl/ssl/{custom_extensions.c → custom_extensions.cc} +19 -12
- data/third_party/boringssl/ssl/{d1_both.c → d1_both.cc} +224 -193
- data/third_party/boringssl/ssl/{d1_lib.c → d1_lib.cc} +86 -79
- data/third_party/boringssl/ssl/{d1_pkt.c → d1_pkt.cc} +55 -87
- data/third_party/boringssl/ssl/{d1_srtp.c → d1_srtp.cc} +12 -16
- data/third_party/boringssl/ssl/{dtls_method.c → dtls_method.cc} +33 -50
- data/third_party/boringssl/ssl/{dtls_record.c → dtls_record.cc} +76 -64
- data/third_party/boringssl/ssl/handshake.cc +547 -0
- data/third_party/boringssl/ssl/handshake_client.cc +1828 -0
- data/third_party/boringssl/ssl/handshake_server.cc +1672 -0
- data/third_party/boringssl/ssl/internal.h +2027 -1280
- data/third_party/boringssl/ssl/s3_both.cc +603 -0
- data/third_party/boringssl/ssl/{s3_lib.c → s3_lib.cc} +22 -10
- data/third_party/boringssl/ssl/{s3_pkt.c → s3_pkt.cc} +171 -75
- data/third_party/boringssl/ssl/ssl_aead_ctx.cc +415 -0
- data/third_party/boringssl/ssl/{ssl_asn1.c → ssl_asn1.cc} +257 -261
- data/third_party/boringssl/ssl/{ssl_buffer.c → ssl_buffer.cc} +81 -97
- data/third_party/boringssl/ssl/{ssl_cert.c → ssl_cert.cc} +304 -414
- data/third_party/boringssl/ssl/{ssl_cipher.c → ssl_cipher.cc} +427 -505
- data/third_party/boringssl/ssl/{ssl_file.c → ssl_file.cc} +24 -16
- data/third_party/boringssl/ssl/ssl_key_share.cc +245 -0
- data/third_party/boringssl/ssl/{ssl_lib.c → ssl_lib.cc} +665 -828
- data/third_party/boringssl/ssl/ssl_privkey.cc +518 -0
- data/third_party/boringssl/ssl/{ssl_session.c → ssl_session.cc} +596 -471
- data/third_party/boringssl/ssl/{ssl_stat.c → ssl_stat.cc} +5 -224
- data/third_party/boringssl/ssl/{ssl_transcript.c → ssl_transcript.cc} +117 -140
- data/third_party/boringssl/ssl/ssl_versions.cc +439 -0
- data/third_party/boringssl/ssl/{ssl_x509.c → ssl_x509.cc} +751 -267
- data/third_party/boringssl/ssl/{t1_enc.c → t1_enc.cc} +120 -161
- data/third_party/boringssl/ssl/{t1_lib.c → t1_lib.cc} +859 -966
- data/third_party/boringssl/ssl/{tls13_both.c → tls13_both.cc} +202 -284
- data/third_party/boringssl/ssl/tls13_client.cc +842 -0
- data/third_party/boringssl/ssl/{tls13_enc.c → tls13_enc.cc} +108 -90
- data/third_party/boringssl/ssl/tls13_server.cc +967 -0
- data/third_party/boringssl/ssl/{tls_method.c → tls_method.cc} +94 -73
- data/third_party/boringssl/ssl/tls_record.cc +675 -0
- metadata +117 -168
- data/include/grpc/support/cmdline.h +0 -88
- data/include/grpc/support/subprocess.h +0 -44
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +0 -29
- data/src/core/ext/filters/client_channel/resolver_factory.cc +0 -40
- data/src/core/lib/gpr/cmdline.cc +0 -330
- data/src/core/lib/gpr/subprocess_posix.cc +0 -99
- data/src/core/lib/gpr/subprocess_windows.cc +0 -126
- data/src/core/lib/surface/alarm.cc +0 -137
- data/src/core/lib/surface/alarm_internal.h +0 -40
- data/src/core/tsi/gts_transport_security.cc +0 -40
- data/third_party/boringssl/crypto/aes/aes.c +0 -1142
- data/third_party/boringssl/crypto/aes/internal.h +0 -87
- data/third_party/boringssl/crypto/aes/key_wrap.c +0 -138
- data/third_party/boringssl/crypto/aes/mode_wrappers.c +0 -112
- data/third_party/boringssl/crypto/asn1/x_long.c +0 -200
- data/third_party/boringssl/crypto/bn/add.c +0 -377
- data/third_party/boringssl/crypto/bn/asm/x86_64-gcc.c +0 -532
- data/third_party/boringssl/crypto/bn/bn.c +0 -365
- data/third_party/boringssl/crypto/bn/cmp.c +0 -239
- data/third_party/boringssl/crypto/bn/ctx.c +0 -313
- data/third_party/boringssl/crypto/bn/div.c +0 -728
- data/third_party/boringssl/crypto/bn/exponentiation.c +0 -1240
- data/third_party/boringssl/crypto/bn/gcd.c +0 -635
- data/third_party/boringssl/crypto/bn/generic.c +0 -707
- data/third_party/boringssl/crypto/bn/kronecker.c +0 -176
- data/third_party/boringssl/crypto/bn/montgomery.c +0 -409
- data/third_party/boringssl/crypto/bn/montgomery_inv.c +0 -207
- data/third_party/boringssl/crypto/bn/mul.c +0 -871
- data/third_party/boringssl/crypto/bn/prime.c +0 -861
- data/third_party/boringssl/crypto/bn/random.c +0 -343
- data/third_party/boringssl/crypto/bn/rsaz_exp.c +0 -254
- data/third_party/boringssl/crypto/bn/shift.c +0 -307
- data/third_party/boringssl/crypto/bn/sqrt.c +0 -506
- data/third_party/boringssl/crypto/cipher/aead.c +0 -156
- data/third_party/boringssl/crypto/cipher/cipher.c +0 -657
- data/third_party/boringssl/crypto/cipher/e_aes.c +0 -1771
- data/third_party/boringssl/crypto/cipher/e_chacha20poly1305.c +0 -276
- data/third_party/boringssl/crypto/cipher/e_des.c +0 -205
- data/third_party/boringssl/crypto/cipher/tls_cbc.c +0 -482
- data/third_party/boringssl/crypto/des/des.c +0 -771
- data/third_party/boringssl/crypto/digest/digest.c +0 -251
- data/third_party/boringssl/crypto/digest/digests.c +0 -358
- data/third_party/boringssl/crypto/ec/ec.c +0 -847
- data/third_party/boringssl/crypto/ec/ec_key.c +0 -479
- data/third_party/boringssl/crypto/ec/ec_montgomery.c +0 -303
- data/third_party/boringssl/crypto/ec/oct.c +0 -416
- data/third_party/boringssl/crypto/ec/p224-64.c +0 -1143
- data/third_party/boringssl/crypto/ec/p256-64.c +0 -1701
- data/third_party/boringssl/crypto/ec/p256-x86_64.c +0 -561
- data/third_party/boringssl/crypto/ec/simple.c +0 -1118
- data/third_party/boringssl/crypto/ec/util-64.c +0 -109
- data/third_party/boringssl/crypto/ec/wnaf.c +0 -458
- data/third_party/boringssl/crypto/ecdsa/ecdsa.c +0 -479
- data/third_party/boringssl/crypto/hmac/hmac.c +0 -215
- data/third_party/boringssl/crypto/md4/md4.c +0 -236
- data/third_party/boringssl/crypto/md5/md5.c +0 -285
- data/third_party/boringssl/crypto/modes/cbc.c +0 -212
- data/third_party/boringssl/crypto/modes/cfb.c +0 -230
- data/third_party/boringssl/crypto/modes/ctr.c +0 -219
- data/third_party/boringssl/crypto/modes/gcm.c +0 -1071
- data/third_party/boringssl/crypto/modes/ofb.c +0 -95
- data/third_party/boringssl/crypto/modes/polyval.c +0 -94
- data/third_party/boringssl/crypto/pkcs8/p8_pkey.c +0 -85
- data/third_party/boringssl/crypto/rand/rand.c +0 -244
- data/third_party/boringssl/crypto/rand/urandom.c +0 -335
- data/third_party/boringssl/crypto/rsa/blinding.c +0 -265
- data/third_party/boringssl/crypto/rsa/padding.c +0 -708
- data/third_party/boringssl/crypto/rsa/rsa.c +0 -830
- data/third_party/boringssl/crypto/rsa/rsa_impl.c +0 -1100
- data/third_party/boringssl/crypto/sha/sha1-altivec.c +0 -346
- data/third_party/boringssl/crypto/sha/sha1.c +0 -355
- data/third_party/boringssl/crypto/sha/sha256.c +0 -329
- data/third_party/boringssl/crypto/sha/sha512.c +0 -609
- data/third_party/boringssl/crypto/x509/x509type.c +0 -126
- data/third_party/boringssl/include/openssl/stack_macros.h +0 -3987
- data/third_party/boringssl/ssl/handshake_client.c +0 -1883
- data/third_party/boringssl/ssl/handshake_server.c +0 -1950
- data/third_party/boringssl/ssl/s3_both.c +0 -895
- data/third_party/boringssl/ssl/ssl_aead_ctx.c +0 -335
- data/third_party/boringssl/ssl/ssl_ecdh.c +0 -465
- data/third_party/boringssl/ssl/ssl_privkey.c +0 -683
- data/third_party/boringssl/ssl/ssl_privkey_cc.cc +0 -76
- data/third_party/boringssl/ssl/tls13_client.c +0 -712
- data/third_party/boringssl/ssl/tls13_server.c +0 -680
- data/third_party/boringssl/ssl/tls_record.c +0 -556
@@ -22,155 +22,160 @@ extern "C" {
|
|
22
22
|
#endif
|
23
23
|
|
24
24
|
|
25
|
-
|
26
|
-
|
27
|
-
|
25
|
+
// Curve25519.
|
26
|
+
//
|
27
|
+
// Curve25519 is an elliptic curve. See https://tools.ietf.org/html/rfc7748.
|
28
28
|
|
29
29
|
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
30
|
+
// X25519.
|
31
|
+
//
|
32
|
+
// X25519 is the Diffie-Hellman primitive built from curve25519. It is
|
33
|
+
// sometimes referred to as “curve25519”, but “X25519” is a more precise name.
|
34
|
+
// See http://cr.yp.to/ecdh.html and https://tools.ietf.org/html/rfc7748.
|
35
35
|
|
36
36
|
#define X25519_PRIVATE_KEY_LEN 32
|
37
37
|
#define X25519_PUBLIC_VALUE_LEN 32
|
38
38
|
#define X25519_SHARED_KEY_LEN 32
|
39
39
|
|
40
|
-
|
41
|
-
|
40
|
+
// X25519_keypair sets |out_public_value| and |out_private_key| to a freshly
|
41
|
+
// generated, public–private key pair.
|
42
42
|
OPENSSL_EXPORT void X25519_keypair(uint8_t out_public_value[32],
|
43
43
|
uint8_t out_private_key[32]);
|
44
44
|
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
45
|
+
// X25519 writes a shared key to |out_shared_key| that is calculated from the
|
46
|
+
// given private key and the peer's public value. It returns one on success and
|
47
|
+
// zero on error.
|
48
|
+
//
|
49
|
+
// Don't use the shared key directly, rather use a KDF and also include the two
|
50
|
+
// public values as inputs.
|
51
51
|
OPENSSL_EXPORT int X25519(uint8_t out_shared_key[32],
|
52
52
|
const uint8_t private_key[32],
|
53
|
-
const uint8_t
|
53
|
+
const uint8_t peer_public_value[32]);
|
54
54
|
|
55
|
-
|
56
|
-
|
55
|
+
// X25519_public_from_private calculates a Diffie-Hellman public value from the
|
56
|
+
// given private key and writes it to |out_public_value|.
|
57
57
|
OPENSSL_EXPORT void X25519_public_from_private(uint8_t out_public_value[32],
|
58
58
|
const uint8_t private_key[32]);
|
59
59
|
|
60
60
|
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
61
|
+
// Ed25519.
|
62
|
+
//
|
63
|
+
// Ed25519 is a signature scheme using a twisted-Edwards curve that is
|
64
|
+
// birationally equivalent to curve25519.
|
65
|
+
//
|
66
|
+
// Note that, unlike RFC 8032's formulation, our private key representation
|
67
|
+
// includes a public key suffix to make multiple key signing operations with the
|
68
|
+
// same key more efficient. The RFC 8032 key private key is referred to in this
|
69
|
+
// implementation as the "seed" and is the first 32 bytes of our private key.
|
65
70
|
|
66
71
|
#define ED25519_PRIVATE_KEY_LEN 64
|
67
72
|
#define ED25519_PUBLIC_KEY_LEN 32
|
68
73
|
#define ED25519_SIGNATURE_LEN 64
|
69
74
|
|
70
|
-
|
71
|
-
|
75
|
+
// ED25519_keypair sets |out_public_key| and |out_private_key| to a freshly
|
76
|
+
// generated, public–private key pair.
|
72
77
|
OPENSSL_EXPORT void ED25519_keypair(uint8_t out_public_key[32],
|
73
78
|
uint8_t out_private_key[64]);
|
74
79
|
|
75
|
-
|
76
|
-
|
77
|
-
|
80
|
+
// ED25519_sign sets |out_sig| to be a signature of |message_len| bytes from
|
81
|
+
// |message| using |private_key|. It returns one on success or zero on
|
82
|
+
// error.
|
78
83
|
OPENSSL_EXPORT int ED25519_sign(uint8_t out_sig[64], const uint8_t *message,
|
79
84
|
size_t message_len,
|
80
85
|
const uint8_t private_key[64]);
|
81
86
|
|
82
|
-
|
83
|
-
|
84
|
-
|
87
|
+
// ED25519_verify returns one iff |signature| is a valid signature, by
|
88
|
+
// |public_key| of |message_len| bytes from |message|. It returns zero
|
89
|
+
// otherwise.
|
85
90
|
OPENSSL_EXPORT int ED25519_verify(const uint8_t *message, size_t message_len,
|
86
91
|
const uint8_t signature[64],
|
87
92
|
const uint8_t public_key[32]);
|
88
93
|
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
+
// ED25519_keypair_from_seed calculates a public and private key from an
|
95
|
+
// Ed25519 “seed”. Seed values are not exposed by this API (although they
|
96
|
+
// happen to be the first 32 bytes of a private key) so this function is for
|
97
|
+
// interoperating with systems that may store just a seed instead of a full
|
98
|
+
// private key.
|
94
99
|
OPENSSL_EXPORT void ED25519_keypair_from_seed(uint8_t out_public_key[32],
|
95
100
|
uint8_t out_private_key[64],
|
96
101
|
const uint8_t seed[32]);
|
97
102
|
|
98
103
|
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
104
|
+
// SPAKE2.
|
105
|
+
//
|
106
|
+
// SPAKE2 is a password-authenticated key-exchange. It allows two parties,
|
107
|
+
// who share a low-entropy secret (i.e. password), to agree on a shared key.
|
108
|
+
// An attacker can only make one guess of the password per execution of the
|
109
|
+
// protocol.
|
110
|
+
//
|
111
|
+
// See https://tools.ietf.org/html/draft-irtf-cfrg-spake2-02.
|
107
112
|
|
108
|
-
|
109
|
-
|
110
|
-
|
113
|
+
// spake2_role_t enumerates the different “roles” in SPAKE2. The protocol
|
114
|
+
// requires that the symmetry of the two parties be broken so one participant
|
115
|
+
// must be “Alice” and the other be “Bob”.
|
111
116
|
enum spake2_role_t {
|
112
117
|
spake2_role_alice,
|
113
118
|
spake2_role_bob,
|
114
119
|
};
|
115
120
|
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
121
|
+
// SPAKE2_CTX_new creates a new |SPAKE2_CTX| (which can only be used for a
|
122
|
+
// single execution of the protocol). SPAKE2 requires the symmetry of the two
|
123
|
+
// parties to be broken which is indicated via |my_role| – each party must pass
|
124
|
+
// a different value for this argument.
|
125
|
+
//
|
126
|
+
// The |my_name| and |their_name| arguments allow optional, opaque names to be
|
127
|
+
// bound into the protocol. For example MAC addresses, hostnames, usernames
|
128
|
+
// etc. These values are not exposed and can avoid context-confusion attacks
|
129
|
+
// when a password is shared between several devices.
|
125
130
|
OPENSSL_EXPORT SPAKE2_CTX *SPAKE2_CTX_new(
|
126
131
|
enum spake2_role_t my_role,
|
127
132
|
const uint8_t *my_name, size_t my_name_len,
|
128
133
|
const uint8_t *their_name, size_t their_name_len);
|
129
134
|
|
130
|
-
|
135
|
+
// SPAKE2_CTX_free frees |ctx| and all the resources that it has allocated.
|
131
136
|
OPENSSL_EXPORT void SPAKE2_CTX_free(SPAKE2_CTX *ctx);
|
132
137
|
|
133
|
-
|
138
|
+
// SPAKE2_MAX_MSG_SIZE is the maximum size of a SPAKE2 message.
|
134
139
|
#define SPAKE2_MAX_MSG_SIZE 32
|
135
140
|
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
-
|
144
|
-
|
141
|
+
// SPAKE2_generate_msg generates a SPAKE2 message given |password|, writes
|
142
|
+
// it to |out| and sets |*out_len| to the number of bytes written.
|
143
|
+
//
|
144
|
+
// At most |max_out_len| bytes are written to |out| and, in order to ensure
|
145
|
+
// success, |max_out_len| should be at least |SPAKE2_MAX_MSG_SIZE| bytes.
|
146
|
+
//
|
147
|
+
// This function can only be called once for a given |SPAKE2_CTX|.
|
148
|
+
//
|
149
|
+
// It returns one on success and zero on error.
|
145
150
|
OPENSSL_EXPORT int SPAKE2_generate_msg(SPAKE2_CTX *ctx, uint8_t *out,
|
146
151
|
size_t *out_len, size_t max_out_len,
|
147
152
|
const uint8_t *password,
|
148
153
|
size_t password_len);
|
149
154
|
|
150
|
-
|
151
|
-
|
155
|
+
// SPAKE2_MAX_KEY_SIZE is the maximum amount of key material that SPAKE2 will
|
156
|
+
// produce.
|
152
157
|
#define SPAKE2_MAX_KEY_SIZE 64
|
153
158
|
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
|
170
|
-
|
171
|
-
|
172
|
-
|
173
|
-
|
159
|
+
// SPAKE2_process_msg completes the SPAKE2 exchange given the peer's message in
|
160
|
+
// |their_msg|, writes at most |max_out_key_len| bytes to |out_key| and sets
|
161
|
+
// |*out_key_len| to the number of bytes written.
|
162
|
+
//
|
163
|
+
// The resulting keying material is suitable for:
|
164
|
+
// a) Using directly in a key-confirmation step: i.e. each side could
|
165
|
+
// transmit a hash of their role, a channel-binding value and the key
|
166
|
+
// material to prove to the other side that they know the shared key.
|
167
|
+
// b) Using as input keying material to HKDF to generate a variety of subkeys
|
168
|
+
// for encryption etc.
|
169
|
+
//
|
170
|
+
// If |max_out_key_key| is smaller than the amount of key material generated
|
171
|
+
// then the key is silently truncated. If you want to ensure that no truncation
|
172
|
+
// occurs then |max_out_key| should be at least |SPAKE2_MAX_KEY_SIZE|.
|
173
|
+
//
|
174
|
+
// You must call |SPAKE2_generate_msg| on a given |SPAKE2_CTX| before calling
|
175
|
+
// this function. On successful return, |ctx| is complete and calling
|
176
|
+
// |SPAKE2_CTX_free| is the only acceptable operation on it.
|
177
|
+
//
|
178
|
+
// Returns one on success or zero on error.
|
174
179
|
OPENSSL_EXPORT int SPAKE2_process_msg(SPAKE2_CTX *ctx, uint8_t *out_key,
|
175
180
|
size_t *out_key_len,
|
176
181
|
size_t max_out_key_len,
|
@@ -179,7 +184,7 @@ OPENSSL_EXPORT int SPAKE2_process_msg(SPAKE2_CTX *ctx, uint8_t *out_key,
|
|
179
184
|
|
180
185
|
|
181
186
|
#if defined(__cplusplus)
|
182
|
-
}
|
187
|
+
} // extern C
|
183
188
|
|
184
189
|
extern "C++" {
|
185
190
|
|
@@ -189,8 +194,8 @@ BORINGSSL_MAKE_DELETER(SPAKE2_CTX, SPAKE2_CTX_free)
|
|
189
194
|
|
190
195
|
} // namespace bssl
|
191
196
|
|
192
|
-
}
|
197
|
+
} // extern C++
|
193
198
|
|
194
199
|
#endif
|
195
200
|
|
196
|
-
#endif
|
201
|
+
#endif // OPENSSL_HEADER_CURVE25519_H
|
@@ -64,7 +64,7 @@ extern "C" {
|
|
64
64
|
#endif
|
65
65
|
|
66
66
|
|
67
|
-
|
67
|
+
// DES.
|
68
68
|
|
69
69
|
|
70
70
|
typedef struct DES_cblock_st {
|
@@ -85,30 +85,30 @@ typedef struct DES_ks {
|
|
85
85
|
#define DES_CBC_MODE 0
|
86
86
|
#define DES_PCBC_MODE 1
|
87
87
|
|
88
|
-
|
88
|
+
// DES_set_key performs a key schedule and initialises |schedule| with |key|.
|
89
89
|
OPENSSL_EXPORT void DES_set_key(const DES_cblock *key,
|
90
90
|
DES_key_schedule *schedule);
|
91
91
|
|
92
|
-
|
93
|
-
|
92
|
+
// DES_set_odd_parity sets the parity bits (the least-significant bits in each
|
93
|
+
// byte) of |key| given the other bits in each byte.
|
94
94
|
OPENSSL_EXPORT void DES_set_odd_parity(DES_cblock *key);
|
95
95
|
|
96
|
-
|
97
|
-
|
98
|
-
|
96
|
+
// DES_ecb_encrypt encrypts (or decrypts, if |is_encrypt| is |DES_DECRYPT|) a
|
97
|
+
// single DES block (8 bytes) from in to out, using the key configured in
|
98
|
+
// |schedule|.
|
99
99
|
OPENSSL_EXPORT void DES_ecb_encrypt(const DES_cblock *in, DES_cblock *out,
|
100
100
|
const DES_key_schedule *schedule,
|
101
101
|
int is_encrypt);
|
102
102
|
|
103
|
-
|
104
|
-
|
103
|
+
// DES_ncbc_encrypt encrypts (or decrypts, if |enc| is |DES_DECRYPT|) |len|
|
104
|
+
// bytes from |in| to |out| with DES in CBC mode.
|
105
105
|
OPENSSL_EXPORT void DES_ncbc_encrypt(const uint8_t *in, uint8_t *out,
|
106
106
|
size_t len,
|
107
107
|
const DES_key_schedule *schedule,
|
108
108
|
DES_cblock *ivec, int enc);
|
109
109
|
|
110
|
-
|
111
|
-
|
110
|
+
// DES_ecb3_encrypt encrypts (or decrypts, if |enc| is |DES_DECRYPT|) a single
|
111
|
+
// block (8 bytes) of data from |input| to |output| using 3DES.
|
112
112
|
OPENSSL_EXPORT void DES_ecb3_encrypt(const DES_cblock *input,
|
113
113
|
DES_cblock *output,
|
114
114
|
const DES_key_schedule *ks1,
|
@@ -116,9 +116,9 @@ OPENSSL_EXPORT void DES_ecb3_encrypt(const DES_cblock *input,
|
|
116
116
|
const DES_key_schedule *ks3,
|
117
117
|
int enc);
|
118
118
|
|
119
|
-
|
120
|
-
|
121
|
-
|
119
|
+
// DES_ede3_cbc_encrypt encrypts (or decrypts, if |enc| is |DES_DECRYPT|) |len|
|
120
|
+
// bytes from |in| to |out| with 3DES in CBC mode. 3DES uses three keys, thus
|
121
|
+
// the function takes three different |DES_key_schedule|s.
|
122
122
|
OPENSSL_EXPORT void DES_ede3_cbc_encrypt(const uint8_t *in, uint8_t *out,
|
123
123
|
size_t len,
|
124
124
|
const DES_key_schedule *ks1,
|
@@ -126,10 +126,10 @@ OPENSSL_EXPORT void DES_ede3_cbc_encrypt(const uint8_t *in, uint8_t *out,
|
|
126
126
|
const DES_key_schedule *ks3,
|
127
127
|
DES_cblock *ivec, int enc);
|
128
128
|
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
129
|
+
// DES_ede2_cbc_encrypt encrypts (or decrypts, if |enc| is |DES_DECRYPT|) |len|
|
130
|
+
// bytes from |in| to |out| with 3DES in CBC mode. With this keying option, the
|
131
|
+
// first and third 3DES keys are identical. Thus, this function takes only two
|
132
|
+
// different |DES_key_schedule|s.
|
133
133
|
OPENSSL_EXPORT void DES_ede2_cbc_encrypt(const uint8_t *in, uint8_t *out,
|
134
134
|
size_t len,
|
135
135
|
const DES_key_schedule *ks1,
|
@@ -137,9 +137,9 @@ OPENSSL_EXPORT void DES_ede2_cbc_encrypt(const uint8_t *in, uint8_t *out,
|
|
137
137
|
DES_cblock *ivec, int enc);
|
138
138
|
|
139
139
|
|
140
|
-
|
140
|
+
// Deprecated functions.
|
141
141
|
|
142
|
-
|
142
|
+
// DES_set_key_unchecked calls |DES_set_key|.
|
143
143
|
OPENSSL_EXPORT void DES_set_key_unchecked(const DES_cblock *key,
|
144
144
|
DES_key_schedule *schedule);
|
145
145
|
|
@@ -157,9 +157,9 @@ OPENSSL_EXPORT void DES_ede3_cfb_encrypt(const uint8_t *in, uint8_t *out,
|
|
157
157
|
DES_cblock *ivec, int enc);
|
158
158
|
|
159
159
|
|
160
|
-
|
161
|
-
|
162
|
-
|
160
|
+
// Private functions.
|
161
|
+
//
|
162
|
+
// These functions are only exported for use in |decrepit|.
|
163
163
|
|
164
164
|
OPENSSL_EXPORT void DES_decrypt3(uint32_t *data, const DES_key_schedule *ks1,
|
165
165
|
const DES_key_schedule *ks2,
|
@@ -171,7 +171,7 @@ OPENSSL_EXPORT void DES_encrypt3(uint32_t *data, const DES_key_schedule *ks1,
|
|
171
171
|
|
172
172
|
|
173
173
|
#if defined(__cplusplus)
|
174
|
-
}
|
174
|
+
} // extern C
|
175
175
|
#endif
|
176
176
|
|
177
|
-
#endif
|
177
|
+
#endif // OPENSSL_HEADER_DES_H
|
@@ -59,7 +59,6 @@
|
|
59
59
|
|
60
60
|
#include <openssl/base.h>
|
61
61
|
|
62
|
-
#include <openssl/engine.h>
|
63
62
|
#include <openssl/ex_data.h>
|
64
63
|
#include <openssl/thread.h>
|
65
64
|
|
@@ -68,92 +67,94 @@ extern "C" {
|
|
68
67
|
#endif
|
69
68
|
|
70
69
|
|
71
|
-
|
72
|
-
|
70
|
+
// DH contains functions for performing Diffie-Hellman key agreement in
|
71
|
+
// multiplicative groups.
|
73
72
|
|
74
73
|
|
75
|
-
|
74
|
+
// Allocation and destruction.
|
76
75
|
|
77
|
-
|
76
|
+
// DH_new returns a new, empty DH object or NULL on error.
|
78
77
|
OPENSSL_EXPORT DH *DH_new(void);
|
79
78
|
|
80
|
-
|
81
|
-
|
79
|
+
// DH_free decrements the reference count of |dh| and frees it if the reference
|
80
|
+
// count drops to zero.
|
82
81
|
OPENSSL_EXPORT void DH_free(DH *dh);
|
83
82
|
|
84
|
-
|
83
|
+
// DH_up_ref increments the reference count of |dh| and returns one.
|
85
84
|
OPENSSL_EXPORT int DH_up_ref(DH *dh);
|
86
85
|
|
87
86
|
|
88
|
-
|
87
|
+
// Properties.
|
89
88
|
|
90
|
-
|
91
|
-
|
92
|
-
|
89
|
+
// DH_get0_key sets |*out_pub_key| and |*out_priv_key|, if non-NULL, to |dh|'s
|
90
|
+
// public and private key, respectively. If |dh| is a public key, the private
|
91
|
+
// key will be set to NULL.
|
93
92
|
OPENSSL_EXPORT void DH_get0_key(const DH *dh, const BIGNUM **out_pub_key,
|
94
93
|
const BIGNUM **out_priv_key);
|
95
94
|
|
96
|
-
|
97
|
-
|
95
|
+
// DH_set0_key sets |dh|'s public and private key to the specified values. If
|
96
|
+
// NULL, the field is left unchanged. On success, it takes ownership of each
|
97
|
+
// argument and returns one. Otherwise, it returns zero.
|
98
|
+
OPENSSL_EXPORT int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
|
99
|
+
|
100
|
+
// DH_get0_pqg sets |*out_p|, |*out_q|, and |*out_g|, if non-NULL, to |dh|'s p,
|
101
|
+
// q, and g parameters, respectively.
|
98
102
|
OPENSSL_EXPORT void DH_get0_pqg(const DH *dh, const BIGNUM **out_p,
|
99
103
|
const BIGNUM **out_q, const BIGNUM **out_g);
|
100
104
|
|
105
|
+
// DH_set0_pqg sets |dh|'s p, q, and g parameters to the specified values. If
|
106
|
+
// NULL, the field is left unchanged. On success, it takes ownership of each
|
107
|
+
// argument and returns one. Otherwise, it returns zero. |q| may be NULL, but
|
108
|
+
// |p| and |g| must either be specified or already configured on |dh|.
|
109
|
+
OPENSSL_EXPORT int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
|
101
110
|
|
102
|
-
/* Standard parameters.
|
103
|
-
*
|
104
|
-
* These functions return new DH objects with standard parameters. They return
|
105
|
-
* NULL on allocation failure. The |engine| parameter is ignored. */
|
106
|
-
|
107
|
-
/* These parameters are taken from RFC 5114. */
|
108
111
|
|
109
|
-
|
110
|
-
OPENSSL_EXPORT DH *DH_get_2048_224(const ENGINE *engine);
|
111
|
-
OPENSSL_EXPORT DH *DH_get_2048_256(const ENGINE *engine);
|
112
|
+
// Standard parameters.
|
112
113
|
|
113
|
-
|
114
|
-
|
115
|
-
|
114
|
+
// BN_get_rfc3526_prime_1536 sets |*ret| to the 1536-bit MODP group from RFC
|
115
|
+
// 3526 and returns |ret|. If |ret| is NULL then a fresh |BIGNUM| is allocated
|
116
|
+
// and returned. It returns NULL on allocation failure.
|
116
117
|
OPENSSL_EXPORT BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *ret);
|
117
118
|
|
118
119
|
|
119
|
-
|
120
|
+
// Parameter generation.
|
120
121
|
|
121
122
|
#define DH_GENERATOR_2 2
|
122
123
|
#define DH_GENERATOR_5 5
|
123
124
|
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
125
|
+
// DH_generate_parameters_ex generates a suitable Diffie-Hellman group with a
|
126
|
+
// prime that is |prime_bits| long and stores it in |dh|. The generator of the
|
127
|
+
// group will be |generator|, which should be |DH_GENERATOR_2| unless there's a
|
128
|
+
// good reason to use a different value. The |cb| argument contains a callback
|
129
|
+
// function that will be called during the generation. See the documentation in
|
130
|
+
// |bn.h| about this. In addition to the callback invocations from |BN|, |cb|
|
131
|
+
// will also be called with |event| equal to three when the generation is
|
132
|
+
// complete.
|
132
133
|
OPENSSL_EXPORT int DH_generate_parameters_ex(DH *dh, int prime_bits,
|
133
134
|
int generator, BN_GENCB *cb);
|
134
135
|
|
135
136
|
|
136
|
-
|
137
|
+
// Diffie-Hellman operations.
|
137
138
|
|
138
|
-
|
139
|
-
|
139
|
+
// DH_generate_key generates a new, random, private key and stores it in
|
140
|
+
// |dh|. It returns one on success and zero on error.
|
140
141
|
OPENSSL_EXPORT int DH_generate_key(DH *dh);
|
141
142
|
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
143
|
+
// DH_compute_key calculates the shared key between |dh| and |peers_key| and
|
144
|
+
// writes it as a big-endian integer into |out|, which must have |DH_size|
|
145
|
+
// bytes of space. It returns the number of bytes written, or a negative number
|
146
|
+
// on error.
|
146
147
|
OPENSSL_EXPORT int DH_compute_key(uint8_t *out, const BIGNUM *peers_key,
|
147
148
|
DH *dh);
|
148
149
|
|
149
150
|
|
150
|
-
|
151
|
+
// Utility functions.
|
151
152
|
|
152
|
-
|
153
|
+
// DH_size returns the number of bytes in the DH group's prime.
|
153
154
|
OPENSSL_EXPORT int DH_size(const DH *dh);
|
154
155
|
|
155
|
-
|
156
|
-
|
156
|
+
// DH_num_bits returns the minimum number of bits needed to represent the
|
157
|
+
// absolute value of the DH group's prime.
|
157
158
|
OPENSSL_EXPORT unsigned DH_num_bits(const DH *dh);
|
158
159
|
|
159
160
|
#define DH_CHECK_P_NOT_PRIME 0x01
|
@@ -164,102 +165,102 @@ OPENSSL_EXPORT unsigned DH_num_bits(const DH *dh);
|
|
164
165
|
#define DH_CHECK_INVALID_Q_VALUE 0x20
|
165
166
|
#define DH_CHECK_INVALID_J_VALUE 0x40
|
166
167
|
|
167
|
-
|
168
|
+
// These are compatibility defines.
|
168
169
|
#define DH_NOT_SUITABLE_GENERATOR DH_CHECK_NOT_SUITABLE_GENERATOR
|
169
170
|
#define DH_UNABLE_TO_CHECK_GENERATOR DH_CHECK_UNABLE_TO_CHECK_GENERATOR
|
170
171
|
|
171
|
-
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
|
172
|
+
// DH_check checks the suitability of |dh| as a Diffie-Hellman group. and sets
|
173
|
+
// |DH_CHECK_*| flags in |*out_flags| if it finds any errors. It returns one if
|
174
|
+
// |*out_flags| was successfully set and zero on error.
|
175
|
+
//
|
176
|
+
// Note: these checks may be quite computationally expensive.
|
176
177
|
OPENSSL_EXPORT int DH_check(const DH *dh, int *out_flags);
|
177
178
|
|
178
179
|
#define DH_CHECK_PUBKEY_TOO_SMALL 0x1
|
179
180
|
#define DH_CHECK_PUBKEY_TOO_LARGE 0x2
|
180
181
|
#define DH_CHECK_PUBKEY_INVALID 0x4
|
181
182
|
|
182
|
-
|
183
|
-
|
184
|
-
|
185
|
-
|
183
|
+
// DH_check_pub_key checks the suitability of |pub_key| as a public key for the
|
184
|
+
// DH group in |dh| and sets |DH_CHECK_PUBKEY_*| flags in |*out_flags| if it
|
185
|
+
// finds any errors. It returns one if |*out_flags| was successfully set and
|
186
|
+
// zero on error.
|
186
187
|
OPENSSL_EXPORT int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key,
|
187
188
|
int *out_flags);
|
188
189
|
|
189
|
-
|
190
|
-
|
190
|
+
// DHparams_dup allocates a fresh |DH| and copies the parameters from |dh| into
|
191
|
+
// it. It returns the new |DH| or NULL on error.
|
191
192
|
OPENSSL_EXPORT DH *DHparams_dup(const DH *dh);
|
192
193
|
|
193
194
|
|
194
|
-
|
195
|
+
// ASN.1 functions.
|
195
196
|
|
196
|
-
|
197
|
-
|
198
|
-
|
197
|
+
// DH_parse_parameters decodes a DER-encoded DHParameter structure (PKCS #3)
|
198
|
+
// from |cbs| and advances |cbs|. It returns a newly-allocated |DH| or NULL on
|
199
|
+
// error.
|
199
200
|
OPENSSL_EXPORT DH *DH_parse_parameters(CBS *cbs);
|
200
201
|
|
201
|
-
|
202
|
-
|
203
|
-
|
202
|
+
// DH_marshal_parameters marshals |dh| as a DER-encoded DHParameter structure
|
203
|
+
// (PKCS #3) and appends the result to |cbb|. It returns one on success and zero
|
204
|
+
// on error.
|
204
205
|
OPENSSL_EXPORT int DH_marshal_parameters(CBB *cbb, const DH *dh);
|
205
206
|
|
206
207
|
|
207
|
-
|
208
|
-
|
209
|
-
|
208
|
+
// ex_data functions.
|
209
|
+
//
|
210
|
+
// See |ex_data.h| for details.
|
210
211
|
|
211
212
|
OPENSSL_EXPORT int DH_get_ex_new_index(long argl, void *argp,
|
212
213
|
CRYPTO_EX_unused *unused,
|
213
|
-
CRYPTO_EX_dup *
|
214
|
+
CRYPTO_EX_dup *dup_unused,
|
214
215
|
CRYPTO_EX_free *free_func);
|
215
216
|
OPENSSL_EXPORT int DH_set_ex_data(DH *d, int idx, void *arg);
|
216
217
|
OPENSSL_EXPORT void *DH_get_ex_data(DH *d, int idx);
|
217
218
|
|
218
219
|
|
219
|
-
|
220
|
+
// Deprecated functions.
|
220
221
|
|
221
|
-
|
222
|
-
|
223
|
-
|
222
|
+
// DH_generate_parameters behaves like |DH_generate_parameters_ex|, which is
|
223
|
+
// what you should use instead. It returns NULL on error, or a newly-allocated
|
224
|
+
// |DH| on success. This function is provided for compatibility only.
|
224
225
|
OPENSSL_EXPORT DH *DH_generate_parameters(int prime_len, int generator,
|
225
226
|
void (*callback)(int, int, void *),
|
226
227
|
void *cb_arg);
|
227
228
|
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
|
236
|
-
|
237
|
-
|
229
|
+
// d2i_DHparams parses an ASN.1, DER encoded Diffie-Hellman parameters structure
|
230
|
+
// from |len| bytes at |*inp|. If |ret| is not NULL then, on exit, a pointer to
|
231
|
+
// the result is in |*ret|. Note that, even if |*ret| is already non-NULL on
|
232
|
+
// entry, it will not be written to. Rather, a fresh |DH| is allocated and the
|
233
|
+
// previous one is freed.
|
234
|
+
//
|
235
|
+
// On successful exit, |*inp| is advanced past the DER structure. It
|
236
|
+
// returns the result or NULL on error.
|
237
|
+
//
|
238
|
+
// Use |DH_parse_parameters| instead.
|
238
239
|
OPENSSL_EXPORT DH *d2i_DHparams(DH **ret, const unsigned char **inp, long len);
|
239
240
|
|
240
|
-
|
241
|
-
|
242
|
-
|
243
|
-
|
244
|
-
|
245
|
-
|
241
|
+
// i2d_DHparams marshals |in| to an ASN.1, DER structure. If |outp| is not NULL
|
242
|
+
// then the result is written to |*outp| and |*outp| is advanced just past the
|
243
|
+
// output. It returns the number of bytes in the result, whether written or
|
244
|
+
// not, or a negative value on error.
|
245
|
+
//
|
246
|
+
// Use |DH_marshal_parameters| instead.
|
246
247
|
OPENSSL_EXPORT int i2d_DHparams(const DH *in, unsigned char **outp);
|
247
248
|
|
248
249
|
|
249
250
|
struct dh_st {
|
250
251
|
BIGNUM *p;
|
251
252
|
BIGNUM *g;
|
252
|
-
BIGNUM *pub_key;
|
253
|
-
BIGNUM *priv_key;
|
253
|
+
BIGNUM *pub_key; // g^x mod p
|
254
|
+
BIGNUM *priv_key; // x
|
254
255
|
|
255
|
-
|
256
|
-
|
256
|
+
// priv_length contains the length, in bits, of the private value. If zero,
|
257
|
+
// the private value will be the same length as |p|.
|
257
258
|
unsigned priv_length;
|
258
259
|
|
259
260
|
CRYPTO_MUTEX method_mont_p_lock;
|
260
261
|
BN_MONT_CTX *method_mont_p;
|
261
262
|
|
262
|
-
|
263
|
+
// Place holders if we want to do X9.42 DH
|
263
264
|
BIGNUM *q;
|
264
265
|
BIGNUM *j;
|
265
266
|
unsigned char *seed;
|
@@ -273,7 +274,7 @@ struct dh_st {
|
|
273
274
|
|
274
275
|
|
275
276
|
#if defined(__cplusplus)
|
276
|
-
}
|
277
|
+
} // extern C
|
277
278
|
|
278
279
|
extern "C++" {
|
279
280
|
|
@@ -283,7 +284,7 @@ BORINGSSL_MAKE_DELETER(DH, DH_free)
|
|
283
284
|
|
284
285
|
} // namespace bssl
|
285
286
|
|
286
|
-
}
|
287
|
+
} // extern C++
|
287
288
|
|
288
289
|
#endif
|
289
290
|
|
@@ -294,4 +295,4 @@ BORINGSSL_MAKE_DELETER(DH, DH_free)
|
|
294
295
|
#define DH_R_DECODE_ERROR 104
|
295
296
|
#define DH_R_ENCODE_ERROR 105
|
296
297
|
|
297
|
-
#endif
|
298
|
+
#endif // OPENSSL_HEADER_DH_H
|