grpc 1.9.1 → 1.10.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +2654 -953
- data/etc/roots.pem +282 -683
- data/include/grpc/compression.h +9 -26
- data/include/grpc/grpc.h +10 -24
- data/include/grpc/grpc_security.h +7 -1
- data/include/grpc/impl/codegen/compression_types.h +5 -62
- data/include/grpc/impl/codegen/grpc_types.h +10 -6
- data/include/grpc/module.modulemap +1 -10
- data/include/grpc/support/alloc.h +3 -2
- data/include/grpc/support/log.h +1 -2
- data/{src/core/lib/gpr/thd_internal.h → include/grpc/support/thd_id.h} +23 -9
- data/src/boringssl/err_data.c +550 -496
- data/src/core/ext/census/grpc_context.cc +2 -1
- data/src/core/ext/filters/client_channel/backup_poller.cc +5 -4
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +7 -7
- data/src/core/ext/filters/client_channel/client_channel.cc +162 -172
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +4 -2
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +10 -10
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +18 -14
- data/src/core/ext/filters/client_channel/http_proxy.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy.cc +21 -105
- data/src/core/ext/filters/client_channel/lb_policy.h +166 -170
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +41 -36
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +1452 -1459
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +3 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +7 -8
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +27 -27
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +279 -304
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +358 -330
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc +30 -41
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +7 -14
- data/src/core/ext/filters/client_channel/lb_policy_factory.cc +8 -21
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +23 -27
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +58 -33
- data/src/core/ext/filters/client_channel/lb_policy_registry.h +25 -12
- data/src/core/ext/filters/client_channel/parse_address.cc +10 -8
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver.cc +6 -52
- data/src/core/ext/filters/client_channel/resolver.h +98 -55
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +266 -237
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +31 -27
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +244 -207
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +161 -148
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +47 -31
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +126 -126
- data/src/core/ext/filters/client_channel/resolver_factory.h +33 -32
- data/src/core/ext/filters/client_channel/resolver_registry.cc +110 -90
- data/src/core/ext/filters/client_channel/resolver_registry.h +49 -36
- data/src/core/ext/filters/client_channel/retry_throttle.cc +29 -22
- data/src/core/ext/filters/client_channel/subchannel.cc +173 -173
- data/src/core/ext/filters/client_channel/subchannel.h +38 -45
- data/src/core/ext/filters/client_channel/subchannel_index.cc +44 -40
- data/src/core/ext/filters/client_channel/uri_parser.cc +3 -3
- data/src/core/ext/filters/deadline/deadline_filter.cc +27 -18
- data/src/core/ext/filters/http/client/http_client_filter.cc +26 -23
- data/src/core/ext/filters/http/http_filters_plugin.cc +3 -2
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +78 -110
- data/src/core/ext/filters/http/server/http_server_filter.cc +29 -26
- data/src/core/ext/filters/load_reporting/server_load_reporting_filter.cc +9 -11
- data/src/core/ext/filters/load_reporting/server_load_reporting_plugin.cc +2 -1
- data/src/core/ext/filters/max_age/max_age_filter.cc +14 -14
- data/src/core/ext/filters/message_size/message_size_filter.cc +20 -18
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +4 -4
- data/src/core/ext/filters/workarounds/workaround_utils.cc +4 -4
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +2 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +10 -10
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +4 -4
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +11 -12
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +16 -13
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +36 -9
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +3 -0
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +17 -14
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +139 -145
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +16 -14
- data/src/core/ext/transport/chttp2/transport/flow_control.h +8 -7
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +35 -33
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +27 -25
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +12 -12
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +16 -15
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +19 -19
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +11 -11
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +23 -22
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +35 -35
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +10 -7
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +1 -1
- data/src/core/ext/transport/chttp2/transport/parsing.cc +35 -39
- data/src/core/ext/transport/chttp2/transport/stream_map.cc +8 -7
- data/src/core/ext/transport/chttp2/transport/varint.cc +5 -5
- data/src/core/ext/transport/chttp2/transport/writing.cc +18 -18
- data/src/core/ext/transport/inproc/inproc_transport.cc +43 -23
- data/src/core/lib/{gpr → avl}/avl.cc +61 -57
- data/{include/grpc/support → src/core/lib/avl}/avl.h +25 -35
- data/src/core/lib/backoff/backoff.cc +6 -5
- data/src/core/lib/channel/channel_args.cc +23 -109
- data/src/core/lib/channel/channel_args.h +5 -31
- data/src/core/lib/channel/channel_stack.cc +11 -8
- data/src/core/lib/channel/channel_stack_builder.cc +10 -7
- data/src/core/lib/channel/connected_channel.cc +18 -17
- data/src/core/lib/channel/handshaker.cc +8 -8
- data/src/core/lib/channel/handshaker_registry.cc +3 -2
- data/src/core/lib/compression/algorithm_metadata.h +13 -6
- data/src/core/lib/compression/compression.cc +72 -183
- data/src/core/lib/compression/compression_internal.cc +274 -0
- data/src/core/lib/compression/compression_internal.h +86 -0
- data/src/core/lib/compression/message_compress.cc +15 -15
- data/src/core/lib/compression/message_compress.h +4 -3
- data/src/core/lib/compression/stream_compression_gzip.cc +8 -8
- data/src/core/lib/compression/stream_compression_identity.cc +1 -1
- data/src/core/lib/debug/stats.cc +10 -8
- data/src/core/lib/debug/stats_data.cc +2 -1
- data/src/core/lib/debug/trace.cc +3 -3
- data/src/core/lib/gpr/alloc.cc +7 -11
- data/src/core/lib/gpr/arena.cc +34 -12
- data/src/core/lib/gpr/atm.cc +2 -1
- data/src/core/lib/gpr/cpu_linux.cc +3 -3
- data/src/core/lib/gpr/cpu_posix.cc +2 -1
- data/src/core/lib/gpr/env.h +1 -1
- data/src/core/lib/gpr/env_linux.cc +1 -1
- data/src/core/lib/gpr/env_windows.cc +4 -4
- data/src/core/lib/gpr/fork.cc +16 -2
- data/src/core/lib/gpr/host_port.cc +5 -4
- data/{include/grpc/support → src/core/lib/gpr}/host_port.h +5 -13
- data/src/core/lib/gpr/log.cc +5 -4
- data/src/core/lib/gpr/log_linux.cc +1 -1
- data/src/core/lib/gpr/mpscq.cc +1 -0
- data/src/core/lib/gpr/murmur_hash.cc +4 -4
- data/src/core/lib/gpr/string.cc +19 -16
- data/src/core/lib/gpr/string_posix.cc +3 -3
- data/src/core/lib/gpr/sync_posix.cc +5 -9
- data/src/core/lib/gpr/thd.cc +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/thd.h +20 -28
- data/src/core/lib/gpr/thd_posix.cc +6 -4
- data/src/core/lib/gpr/thd_windows.cc +3 -1
- data/src/core/lib/gpr/time.cc +6 -4
- data/src/core/lib/gpr/time_posix.cc +2 -2
- data/{include/grpc/support → src/core/lib/gpr}/tls.h +6 -6
- data/{include/grpc/support → src/core/lib/gpr}/tls_gcc.h +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/tls_msvc.h +3 -3
- data/src/core/lib/gpr/tls_pthread.cc +1 -1
- data/{include/grpc/support → src/core/lib/gpr}/tls_pthread.h +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/useful.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/abstract.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/atomic.h +5 -5
- data/src/core/lib/{gpr++ → gprpp}/atomic_with_atm.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/atomic_with_std.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/debug_location.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/inlined_vector.h +44 -22
- data/src/core/lib/{gpr++ → gprpp}/manual_constructor.h +2 -2
- data/src/core/lib/{gpr++ → gprpp}/memory.h +14 -5
- data/src/core/lib/{gpr++ → gprpp}/orphanable.h +39 -14
- data/src/core/lib/{gpr++ → gprpp}/ref_counted.h +42 -10
- data/src/core/lib/{gpr++ → gprpp}/ref_counted_ptr.h +18 -8
- data/src/core/lib/http/format_request.cc +3 -3
- data/src/core/lib/http/httpcli.cc +6 -7
- data/src/core/lib/http/httpcli_security_connector.cc +10 -10
- data/src/core/lib/http/parser.cc +16 -12
- data/src/core/lib/iomgr/call_combiner.cc +12 -13
- data/src/core/lib/iomgr/closure.h +4 -6
- data/src/core/lib/iomgr/combiner.cc +10 -21
- data/src/core/lib/iomgr/error.cc +50 -55
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +41 -52
- data/src/core/lib/iomgr/ev_epollex_linux.cc +80 -28
- data/src/core/lib/iomgr/ev_epollsig_linux.cc +23 -30
- data/src/core/lib/iomgr/ev_poll_posix.cc +52 -46
- data/src/core/lib/iomgr/ev_posix.cc +47 -6
- data/src/core/lib/iomgr/exec_ctx.cc +10 -10
- data/src/core/lib/iomgr/exec_ctx.h +1 -1
- data/src/core/lib/iomgr/executor.cc +16 -13
- data/src/core/lib/iomgr/fork_posix.cc +1 -3
- data/src/core/lib/iomgr/gethostname_host_name_max.cc +1 -1
- data/src/core/lib/iomgr/iocp_windows.cc +1 -2
- data/src/core/lib/iomgr/iomgr.cc +2 -2
- data/src/core/lib/iomgr/iomgr_uv.cc +2 -0
- data/src/core/lib/iomgr/iomgr_uv.h +1 -1
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +5 -4
- data/src/core/lib/iomgr/load_file.cc +3 -3
- data/src/core/lib/iomgr/pollset_windows.cc +1 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +10 -9
- data/src/core/lib/iomgr/resolve_address_uv.cc +2 -2
- data/src/core/lib/iomgr/resolve_address_windows.cc +3 -2
- data/src/core/lib/iomgr/resource_quota.cc +36 -34
- data/src/core/lib/iomgr/sockaddr_utils.cc +39 -23
- data/src/core/lib/iomgr/socket_factory_posix.cc +5 -5
- data/src/core/lib/iomgr/socket_mutator.cc +7 -7
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +7 -4
- data/src/core/lib/iomgr/socket_utils_linux.cc +3 -2
- data/src/core/lib/iomgr/tcp_client_posix.cc +7 -6
- data/src/core/lib/iomgr/tcp_client_windows.cc +0 -1
- data/src/core/lib/iomgr/tcp_posix.cc +47 -55
- data/src/core/lib/iomgr/tcp_server_posix.cc +12 -10
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +7 -5
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +4 -3
- data/src/core/lib/iomgr/tcp_windows.cc +1 -1
- data/src/core/lib/iomgr/timer_generic.cc +16 -14
- data/src/core/lib/iomgr/timer_heap.cc +8 -7
- data/src/core/lib/iomgr/timer_manager.cc +4 -3
- data/src/core/lib/iomgr/udp_server.cc +24 -16
- data/src/core/lib/iomgr/unix_sockets_posix.cc +15 -10
- data/src/core/lib/iomgr/wakeup_fd_cv.cc +6 -5
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +1 -2
- data/src/core/lib/json/json.cc +1 -1
- data/src/core/lib/json/json_reader.cc +8 -6
- data/src/core/lib/json/json_string.cc +19 -18
- data/src/core/lib/json/json_writer.cc +10 -8
- data/src/core/lib/profiling/basic_timers.cc +1 -1
- data/src/core/lib/profiling/timers.h +3 -20
- data/src/core/lib/security/context/security_context.cc +16 -14
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +17 -14
- data/src/core/lib/security/credentials/credentials.cc +9 -8
- data/src/core/lib/security/credentials/credentials.h +1 -1
- data/src/core/lib/security/credentials/credentials_metadata.cc +2 -2
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +12 -13
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +7 -4
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +5 -3
- data/src/core/lib/security/credentials/jwt/json_token.cc +4 -3
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +7 -7
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +21 -18
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +23 -18
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +11 -7
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +22 -21
- data/src/core/lib/security/{transport → security_connector}/security_connector.cc +46 -43
- data/src/core/lib/security/{transport → security_connector}/security_connector.h +3 -3
- data/src/core/lib/security/transport/client_auth_filter.cc +32 -34
- data/src/core/lib/security/transport/lb_targets_info.cc +7 -5
- data/src/core/lib/security/transport/secure_endpoint.cc +21 -21
- data/src/core/lib/security/transport/security_handshaker.cc +19 -18
- data/src/core/lib/security/transport/security_handshaker.h +1 -1
- data/src/core/lib/security/transport/server_auth_filter.cc +21 -21
- data/src/core/lib/slice/b64.cc +19 -16
- data/src/core/lib/slice/percent_encoding.cc +5 -5
- data/src/core/lib/slice/slice.cc +35 -33
- data/src/core/lib/slice/slice_buffer.cc +16 -14
- data/src/core/lib/slice/slice_hash_table.cc +3 -2
- data/src/core/lib/slice/slice_intern.cc +21 -25
- data/src/core/lib/slice/slice_string_helpers.cc +45 -9
- data/src/core/lib/slice/slice_string_helpers.h +6 -0
- data/src/core/lib/surface/byte_buffer.cc +2 -2
- data/src/core/lib/surface/byte_buffer_reader.cc +6 -3
- data/src/core/lib/surface/call.cc +171 -260
- data/src/core/lib/surface/call_test_only.h +1 -13
- data/src/core/lib/surface/channel.cc +20 -43
- data/src/core/lib/surface/channel_init.cc +7 -7
- data/src/core/lib/surface/channel_ping.cc +2 -2
- data/src/core/lib/surface/completion_queue.cc +69 -75
- data/src/core/lib/surface/init.cc +4 -5
- data/src/core/lib/surface/init_secure.cc +1 -1
- data/src/core/lib/surface/lame_client.cc +1 -1
- data/src/core/lib/surface/server.cc +64 -59
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/bdp_estimator.cc +6 -5
- data/src/core/lib/transport/byte_stream.cc +23 -14
- data/src/core/lib/transport/byte_stream.h +1 -1
- data/src/core/lib/transport/connectivity_state.cc +9 -13
- data/src/core/lib/transport/error_utils.cc +10 -7
- data/src/core/lib/transport/metadata.cc +27 -26
- data/src/core/lib/transport/metadata.h +1 -1
- data/src/core/lib/transport/pid_controller.cc +2 -1
- data/src/core/lib/transport/service_config.cc +5 -5
- data/src/core/lib/transport/static_metadata.cc +225 -222
- data/src/core/lib/transport/static_metadata.h +77 -76
- data/src/core/lib/transport/timeout_encoding.cc +3 -2
- data/src/core/lib/transport/transport.cc +6 -5
- data/src/core/lib/transport/transport_op_string.cc +0 -1
- data/src/core/plugin_registry/grpc_plugin_registry.cc +4 -4
- data/src/core/tsi/alts_transport_security.cc +61 -0
- data/src/core/tsi/{gts_transport_security.h → alts_transport_security.h} +16 -8
- data/src/core/tsi/fake_transport_security.cc +59 -43
- data/src/core/tsi/ssl_transport_security.cc +122 -107
- data/src/core/tsi/transport_security.cc +3 -3
- data/src/core/tsi/transport_security_adapter.cc +16 -10
- data/src/ruby/bin/apis/pubsub_demo.rb +1 -1
- data/src/ruby/ext/grpc/rb_channel.c +3 -4
- data/src/ruby/ext/grpc/rb_compression_options.c +13 -3
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +4 -76
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +8 -120
- data/src/ruby/ext/grpc/rb_server.c +52 -28
- data/src/ruby/lib/grpc/generic/rpc_server.rb +7 -4
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/test/client.rb +1 -1
- data/src/ruby/pb/test/server.rb +1 -1
- data/src/ruby/spec/client_server_spec.rb +4 -2
- data/src/ruby/spec/generic/active_call_spec.rb +2 -1
- data/src/ruby/spec/generic/client_stub_spec.rb +32 -8
- data/src/ruby/spec/server_spec.rb +26 -7
- data/third_party/boringssl/crypto/asn1/a_bitstr.c +7 -2
- data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +15 -0
- data/third_party/boringssl/crypto/asn1/a_gentm.c +1 -1
- data/third_party/boringssl/crypto/asn1/a_print.c +0 -28
- data/third_party/boringssl/crypto/asn1/a_strnid.c +3 -0
- data/third_party/boringssl/crypto/asn1/a_time.c +17 -9
- data/third_party/boringssl/crypto/asn1/a_utctm.c +1 -1
- data/third_party/boringssl/crypto/asn1/asn1_lib.c +5 -49
- data/third_party/boringssl/crypto/asn1/asn1_locl.h +1 -1
- data/third_party/boringssl/crypto/asn1/tasn_dec.c +9 -9
- data/third_party/boringssl/crypto/asn1/tasn_enc.c +0 -6
- data/third_party/boringssl/crypto/asn1/time_support.c +5 -5
- data/third_party/boringssl/crypto/base64/base64.c +65 -43
- data/third_party/boringssl/crypto/bio/bio.c +134 -110
- data/third_party/boringssl/crypto/bio/bio_mem.c +9 -9
- data/third_party/boringssl/crypto/bio/connect.c +17 -17
- data/third_party/boringssl/crypto/bio/fd.c +2 -1
- data/third_party/boringssl/crypto/bio/file.c +14 -14
- data/third_party/boringssl/crypto/bio/hexdump.c +15 -16
- data/third_party/boringssl/crypto/bio/internal.h +14 -14
- data/third_party/boringssl/crypto/bio/pair.c +45 -45
- data/third_party/boringssl/crypto/bio/printf.c +6 -10
- data/third_party/boringssl/crypto/{bn → bn_extra}/bn_asn1.c +9 -9
- data/third_party/boringssl/crypto/{bn → bn_extra}/convert.c +18 -223
- data/third_party/boringssl/crypto/buf/buf.c +20 -44
- data/third_party/boringssl/crypto/bytestring/ber.c +35 -35
- data/third_party/boringssl/crypto/bytestring/cbb.c +24 -24
- data/third_party/boringssl/crypto/bytestring/cbs.c +33 -37
- data/third_party/boringssl/crypto/bytestring/internal.h +38 -38
- data/third_party/boringssl/crypto/chacha/chacha.c +7 -7
- data/third_party/boringssl/crypto/{asn1/t_bitst.c → cipher_extra/cipher_extra.c} +49 -38
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/derive_key.c +0 -2
- data/third_party/boringssl/crypto/cipher_extra/e_aesctrhmac.c +281 -0
- data/third_party/boringssl/crypto/cipher_extra/e_aesgcmsiv.c +867 -0
- data/third_party/boringssl/crypto/cipher_extra/e_chacha20poly1305.c +326 -0
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_null.c +0 -1
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_rc2.c +22 -10
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_rc4.c +0 -0
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_ssl3.c +120 -64
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_tls.c +220 -141
- data/third_party/boringssl/crypto/{asn1/x_bignum.c → cipher_extra/internal.h} +61 -86
- data/third_party/boringssl/crypto/cipher_extra/tls_cbc.c +482 -0
- data/third_party/boringssl/crypto/cmac/cmac.c +20 -20
- data/third_party/boringssl/crypto/conf/conf.c +32 -20
- data/third_party/boringssl/crypto/conf/internal.h +3 -3
- data/third_party/boringssl/crypto/cpu-aarch64-linux.c +5 -5
- data/third_party/boringssl/crypto/cpu-arm-linux.c +44 -41
- data/third_party/boringssl/crypto/cpu-intel.c +68 -43
- data/third_party/boringssl/crypto/cpu-ppc64le.c +5 -7
- data/third_party/boringssl/crypto/crypto.c +54 -32
- data/third_party/boringssl/crypto/curve25519/curve25519.c +269 -269
- data/third_party/boringssl/crypto/curve25519/internal.h +28 -8
- data/third_party/boringssl/crypto/curve25519/spake25519.c +180 -106
- data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +9 -9
- data/third_party/boringssl/crypto/dh/check.c +33 -34
- data/third_party/boringssl/crypto/dh/dh.c +72 -36
- data/third_party/boringssl/crypto/dh/dh_asn1.c +1 -1
- data/third_party/boringssl/crypto/dh/params.c +1 -161
- data/third_party/boringssl/crypto/digest_extra/digest_extra.c +240 -0
- data/third_party/boringssl/crypto/dsa/dsa.c +127 -87
- data/third_party/boringssl/crypto/dsa/dsa_asn1.c +1 -1
- data/third_party/boringssl/crypto/{ec → ec_extra}/ec_asn1.c +83 -70
- data/third_party/boringssl/crypto/ecdh/ecdh.c +1 -1
- data/third_party/boringssl/crypto/{ecdsa → ecdsa_extra}/ecdsa_asn1.c +86 -31
- data/third_party/boringssl/crypto/engine/engine.c +6 -6
- data/third_party/boringssl/crypto/err/err.c +197 -106
- data/third_party/boringssl/crypto/err/internal.h +58 -0
- data/third_party/boringssl/crypto/evp/digestsign.c +86 -14
- data/third_party/boringssl/crypto/evp/evp.c +6 -11
- data/third_party/boringssl/crypto/evp/evp_asn1.c +17 -17
- data/third_party/boringssl/crypto/evp/evp_ctx.c +15 -11
- data/third_party/boringssl/crypto/evp/internal.h +66 -51
- data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +11 -11
- data/third_party/boringssl/crypto/evp/p_ec.c +10 -8
- data/third_party/boringssl/crypto/evp/p_ec_asn1.c +11 -12
- data/third_party/boringssl/crypto/evp/p_ed25519.c +71 -0
- data/third_party/boringssl/crypto/evp/p_ed25519_asn1.c +190 -0
- data/third_party/boringssl/crypto/evp/p_rsa.c +50 -95
- data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +28 -18
- data/third_party/boringssl/crypto/evp/pbkdf.c +49 -56
- data/third_party/boringssl/crypto/evp/print.c +5 -36
- data/third_party/boringssl/crypto/evp/scrypt.c +209 -0
- data/third_party/boringssl/crypto/ex_data.c +15 -45
- data/third_party/boringssl/crypto/fipsmodule/aes/internal.h +100 -0
- data/third_party/boringssl/crypto/fipsmodule/bcm.c +679 -0
- data/third_party/boringssl/crypto/{bn → fipsmodule/bn}/internal.h +40 -27
- data/third_party/boringssl/crypto/{bn → fipsmodule/bn}/rsaz_exp.h +0 -0
- data/third_party/boringssl/crypto/{cipher → fipsmodule/cipher}/internal.h +34 -67
- data/third_party/boringssl/crypto/fipsmodule/delocate.h +88 -0
- data/third_party/boringssl/crypto/{des → fipsmodule/des}/internal.h +18 -4
- data/third_party/boringssl/crypto/{digest → fipsmodule/digest}/internal.h +18 -18
- data/third_party/boringssl/crypto/{digest → fipsmodule/digest}/md32_common.h +58 -64
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/internal.h +58 -52
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/p256-x86_64-table.h +11 -11
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/p256-x86_64.h +32 -32
- data/third_party/boringssl/crypto/{rand/internal.h → fipsmodule/is_fips.c} +10 -15
- data/third_party/boringssl/crypto/{modes → fipsmodule/modes}/internal.h +112 -119
- data/third_party/boringssl/crypto/fipsmodule/rand/internal.h +92 -0
- data/third_party/boringssl/crypto/{rsa → fipsmodule/rsa}/internal.h +36 -49
- data/third_party/boringssl/crypto/hkdf/hkdf.c +6 -6
- data/third_party/boringssl/crypto/internal.h +301 -233
- data/third_party/boringssl/crypto/lhash/lhash.c +26 -45
- data/third_party/boringssl/crypto/mem.c +76 -33
- data/third_party/boringssl/crypto/obj/obj.c +44 -28
- data/third_party/boringssl/crypto/obj/obj_dat.h +102 -34
- data/third_party/boringssl/crypto/obj/obj_xref.c +6 -6
- data/third_party/boringssl/crypto/pem/pem_info.c +3 -5
- data/third_party/boringssl/crypto/pem/pem_lib.c +1 -6
- data/third_party/boringssl/crypto/pem/pem_pk8.c +1 -0
- data/third_party/boringssl/crypto/pem/pem_pkey.c +1 -1
- data/third_party/boringssl/crypto/pem/pem_xaux.c +0 -2
- data/third_party/boringssl/crypto/pkcs7/internal.h +49 -0
- data/third_party/boringssl/crypto/pkcs7/pkcs7.c +166 -0
- data/third_party/boringssl/crypto/{x509/pkcs7.c → pkcs7/pkcs7_x509.c} +27 -147
- data/third_party/boringssl/crypto/pkcs8/internal.h +34 -16
- data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +120 -39
- data/third_party/boringssl/crypto/pkcs8/pkcs8.c +144 -857
- data/third_party/boringssl/crypto/pkcs8/pkcs8_x509.c +789 -0
- data/third_party/boringssl/crypto/poly1305/internal.h +4 -3
- data/third_party/boringssl/crypto/poly1305/poly1305.c +14 -14
- data/third_party/boringssl/crypto/poly1305/poly1305_arm.c +11 -11
- data/third_party/boringssl/crypto/poly1305/poly1305_vec.c +41 -41
- data/third_party/boringssl/crypto/pool/internal.h +2 -2
- data/third_party/boringssl/crypto/pool/pool.c +15 -15
- data/third_party/boringssl/crypto/{rand → rand_extra}/deterministic.c +7 -7
- data/third_party/boringssl/crypto/rand_extra/forkunsafe.c +46 -0
- data/third_party/boringssl/crypto/{rand → rand_extra}/fuchsia.c +7 -7
- data/third_party/boringssl/crypto/rand_extra/rand_extra.c +70 -0
- data/third_party/boringssl/crypto/{rand → rand_extra}/windows.c +5 -5
- data/third_party/boringssl/crypto/refcount_c11.c +2 -2
- data/third_party/boringssl/crypto/refcount_lock.c +1 -1
- data/third_party/boringssl/crypto/{rsa → rsa_extra}/rsa_asn1.c +12 -120
- data/third_party/boringssl/crypto/stack/stack.c +13 -13
- data/third_party/boringssl/crypto/thread_none.c +1 -1
- data/third_party/boringssl/crypto/thread_pthread.c +1 -1
- data/third_party/boringssl/crypto/thread_win.c +40 -40
- data/third_party/boringssl/crypto/x509/a_sign.c +5 -12
- data/third_party/boringssl/crypto/x509/a_verify.c +6 -18
- data/third_party/boringssl/crypto/x509/algorithm.c +22 -6
- data/third_party/boringssl/crypto/x509/asn1_gen.c +30 -7
- data/third_party/boringssl/crypto/x509/by_dir.c +2 -2
- data/third_party/boringssl/crypto/x509/by_file.c +2 -2
- data/third_party/boringssl/crypto/x509/rsa_pss.c +5 -5
- data/third_party/boringssl/crypto/x509/t_x509.c +2 -1
- data/third_party/boringssl/crypto/x509/x509_def.c +5 -0
- data/third_party/boringssl/crypto/x509/x509_lu.c +35 -4
- data/third_party/boringssl/crypto/x509/x509_set.c +10 -0
- data/third_party/boringssl/crypto/x509/x509_vfy.c +20 -17
- data/third_party/boringssl/crypto/x509/x_name.c +13 -16
- data/third_party/boringssl/crypto/x509/x_x509.c +3 -3
- data/third_party/boringssl/crypto/x509/x_x509a.c +0 -7
- data/third_party/boringssl/crypto/x509v3/ext_dat.h +8 -0
- data/third_party/boringssl/crypto/x509v3/pcy_int.h +2 -2
- data/third_party/boringssl/crypto/x509v3/pcy_lib.c +0 -9
- data/third_party/boringssl/crypto/x509v3/pcy_node.c +1 -1
- data/third_party/boringssl/crypto/x509v3/pcy_tree.c +25 -15
- data/third_party/boringssl/crypto/x509v3/v3_alt.c +21 -11
- data/third_party/boringssl/crypto/x509v3/v3_cpols.c +9 -3
- data/third_party/boringssl/crypto/x509v3/v3_info.c +22 -14
- data/third_party/boringssl/crypto/x509v3/v3_ncons.c +27 -11
- data/third_party/boringssl/crypto/x509v3/v3_pci.c +0 -33
- data/third_party/boringssl/crypto/x509v3/v3_utl.c +4 -4
- data/third_party/boringssl/include/openssl/aead.h +280 -191
- data/third_party/boringssl/include/openssl/aes.h +50 -50
- data/third_party/boringssl/include/openssl/arm_arch.h +12 -12
- data/third_party/boringssl/include/openssl/asn1.h +14 -77
- data/third_party/boringssl/include/openssl/asn1t.h +11 -15
- data/third_party/boringssl/include/openssl/base.h +78 -51
- data/third_party/boringssl/include/openssl/base64.h +68 -68
- data/third_party/boringssl/include/openssl/bio.h +472 -406
- data/third_party/boringssl/include/openssl/blowfish.h +1 -1
- data/third_party/boringssl/include/openssl/bn.h +454 -435
- data/third_party/boringssl/include/openssl/buf.h +27 -27
- data/third_party/boringssl/include/openssl/bytestring.h +282 -267
- data/third_party/boringssl/include/openssl/cast.h +2 -2
- data/third_party/boringssl/include/openssl/chacha.h +5 -5
- data/third_party/boringssl/include/openssl/cipher.h +209 -200
- data/third_party/boringssl/include/openssl/cmac.h +27 -27
- data/third_party/boringssl/include/openssl/conf.h +49 -46
- data/third_party/boringssl/include/openssl/cpu.h +60 -45
- data/third_party/boringssl/include/openssl/crypto.h +59 -35
- data/third_party/boringssl/include/openssl/curve25519.h +97 -92
- data/third_party/boringssl/include/openssl/des.h +25 -25
- data/third_party/boringssl/include/openssl/dh.h +98 -97
- data/third_party/boringssl/include/openssl/digest.h +143 -114
- data/third_party/boringssl/include/openssl/dsa.h +217 -202
- data/third_party/boringssl/include/openssl/ec.h +132 -131
- data/third_party/boringssl/include/openssl/ec_key.h +132 -128
- data/third_party/boringssl/include/openssl/ecdh.h +9 -9
- data/third_party/boringssl/include/openssl/ecdsa.h +66 -66
- data/third_party/boringssl/include/openssl/engine.h +38 -38
- data/third_party/boringssl/include/openssl/err.h +189 -219
- data/third_party/boringssl/include/openssl/evp.h +473 -397
- data/third_party/boringssl/include/openssl/ex_data.h +46 -56
- data/third_party/boringssl/include/openssl/hkdf.h +17 -17
- data/third_party/boringssl/include/openssl/hmac.h +55 -43
- data/third_party/boringssl/include/openssl/is_boringssl.h +16 -0
- data/third_party/boringssl/include/openssl/lhash.h +67 -67
- data/third_party/boringssl/include/openssl/lhash_macros.h +4 -4
- data/third_party/boringssl/include/openssl/md4.h +14 -14
- data/third_party/boringssl/include/openssl/md5.h +14 -14
- data/third_party/boringssl/include/openssl/mem.h +39 -33
- data/third_party/boringssl/include/openssl/nid.h +43 -0
- data/third_party/boringssl/include/openssl/obj.h +93 -87
- data/third_party/boringssl/include/openssl/opensslconf.h +8 -1
- data/third_party/boringssl/include/openssl/pem.h +2 -122
- data/third_party/boringssl/include/openssl/pkcs7.h +68 -2
- data/third_party/boringssl/include/openssl/pkcs8.h +81 -66
- data/third_party/boringssl/include/openssl/poly1305.h +11 -11
- data/third_party/boringssl/include/openssl/pool.h +29 -25
- data/third_party/boringssl/include/openssl/rand.h +48 -45
- data/third_party/boringssl/include/openssl/rc4.h +9 -9
- data/third_party/boringssl/include/openssl/ripemd.h +13 -13
- data/third_party/boringssl/include/openssl/rsa.h +371 -340
- data/third_party/boringssl/include/openssl/sha.h +71 -71
- data/third_party/boringssl/include/openssl/span.h +191 -0
- data/third_party/boringssl/include/openssl/ssl.h +2639 -2519
- data/third_party/boringssl/include/openssl/ssl3.h +39 -122
- data/third_party/boringssl/include/openssl/stack.h +355 -164
- data/third_party/boringssl/include/openssl/thread.h +43 -43
- data/third_party/boringssl/include/openssl/tls1.h +60 -63
- data/third_party/boringssl/include/openssl/type_check.h +10 -14
- data/third_party/boringssl/include/openssl/x509.h +41 -116
- data/third_party/boringssl/include/openssl/x509_vfy.h +17 -25
- data/third_party/boringssl/include/openssl/x509v3.h +27 -21
- data/third_party/boringssl/ssl/{bio_ssl.c → bio_ssl.cc} +9 -5
- data/third_party/boringssl/ssl/{custom_extensions.c → custom_extensions.cc} +19 -12
- data/third_party/boringssl/ssl/{d1_both.c → d1_both.cc} +224 -193
- data/third_party/boringssl/ssl/{d1_lib.c → d1_lib.cc} +86 -79
- data/third_party/boringssl/ssl/{d1_pkt.c → d1_pkt.cc} +55 -87
- data/third_party/boringssl/ssl/{d1_srtp.c → d1_srtp.cc} +12 -16
- data/third_party/boringssl/ssl/{dtls_method.c → dtls_method.cc} +33 -50
- data/third_party/boringssl/ssl/{dtls_record.c → dtls_record.cc} +76 -64
- data/third_party/boringssl/ssl/handshake.cc +547 -0
- data/third_party/boringssl/ssl/handshake_client.cc +1828 -0
- data/third_party/boringssl/ssl/handshake_server.cc +1672 -0
- data/third_party/boringssl/ssl/internal.h +2027 -1280
- data/third_party/boringssl/ssl/s3_both.cc +603 -0
- data/third_party/boringssl/ssl/{s3_lib.c → s3_lib.cc} +22 -10
- data/third_party/boringssl/ssl/{s3_pkt.c → s3_pkt.cc} +171 -75
- data/third_party/boringssl/ssl/ssl_aead_ctx.cc +415 -0
- data/third_party/boringssl/ssl/{ssl_asn1.c → ssl_asn1.cc} +257 -261
- data/third_party/boringssl/ssl/{ssl_buffer.c → ssl_buffer.cc} +81 -97
- data/third_party/boringssl/ssl/{ssl_cert.c → ssl_cert.cc} +304 -414
- data/third_party/boringssl/ssl/{ssl_cipher.c → ssl_cipher.cc} +427 -505
- data/third_party/boringssl/ssl/{ssl_file.c → ssl_file.cc} +24 -16
- data/third_party/boringssl/ssl/ssl_key_share.cc +245 -0
- data/third_party/boringssl/ssl/{ssl_lib.c → ssl_lib.cc} +665 -828
- data/third_party/boringssl/ssl/ssl_privkey.cc +518 -0
- data/third_party/boringssl/ssl/{ssl_session.c → ssl_session.cc} +596 -471
- data/third_party/boringssl/ssl/{ssl_stat.c → ssl_stat.cc} +5 -224
- data/third_party/boringssl/ssl/{ssl_transcript.c → ssl_transcript.cc} +117 -140
- data/third_party/boringssl/ssl/ssl_versions.cc +439 -0
- data/third_party/boringssl/ssl/{ssl_x509.c → ssl_x509.cc} +751 -267
- data/third_party/boringssl/ssl/{t1_enc.c → t1_enc.cc} +120 -161
- data/third_party/boringssl/ssl/{t1_lib.c → t1_lib.cc} +859 -966
- data/third_party/boringssl/ssl/{tls13_both.c → tls13_both.cc} +202 -284
- data/third_party/boringssl/ssl/tls13_client.cc +842 -0
- data/third_party/boringssl/ssl/{tls13_enc.c → tls13_enc.cc} +108 -90
- data/third_party/boringssl/ssl/tls13_server.cc +967 -0
- data/third_party/boringssl/ssl/{tls_method.c → tls_method.cc} +94 -73
- data/third_party/boringssl/ssl/tls_record.cc +675 -0
- metadata +117 -168
- data/include/grpc/support/cmdline.h +0 -88
- data/include/grpc/support/subprocess.h +0 -44
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +0 -29
- data/src/core/ext/filters/client_channel/resolver_factory.cc +0 -40
- data/src/core/lib/gpr/cmdline.cc +0 -330
- data/src/core/lib/gpr/subprocess_posix.cc +0 -99
- data/src/core/lib/gpr/subprocess_windows.cc +0 -126
- data/src/core/lib/surface/alarm.cc +0 -137
- data/src/core/lib/surface/alarm_internal.h +0 -40
- data/src/core/tsi/gts_transport_security.cc +0 -40
- data/third_party/boringssl/crypto/aes/aes.c +0 -1142
- data/third_party/boringssl/crypto/aes/internal.h +0 -87
- data/third_party/boringssl/crypto/aes/key_wrap.c +0 -138
- data/third_party/boringssl/crypto/aes/mode_wrappers.c +0 -112
- data/third_party/boringssl/crypto/asn1/x_long.c +0 -200
- data/third_party/boringssl/crypto/bn/add.c +0 -377
- data/third_party/boringssl/crypto/bn/asm/x86_64-gcc.c +0 -532
- data/third_party/boringssl/crypto/bn/bn.c +0 -365
- data/third_party/boringssl/crypto/bn/cmp.c +0 -239
- data/third_party/boringssl/crypto/bn/ctx.c +0 -313
- data/third_party/boringssl/crypto/bn/div.c +0 -728
- data/third_party/boringssl/crypto/bn/exponentiation.c +0 -1240
- data/third_party/boringssl/crypto/bn/gcd.c +0 -635
- data/third_party/boringssl/crypto/bn/generic.c +0 -707
- data/third_party/boringssl/crypto/bn/kronecker.c +0 -176
- data/third_party/boringssl/crypto/bn/montgomery.c +0 -409
- data/third_party/boringssl/crypto/bn/montgomery_inv.c +0 -207
- data/third_party/boringssl/crypto/bn/mul.c +0 -871
- data/third_party/boringssl/crypto/bn/prime.c +0 -861
- data/third_party/boringssl/crypto/bn/random.c +0 -343
- data/third_party/boringssl/crypto/bn/rsaz_exp.c +0 -254
- data/third_party/boringssl/crypto/bn/shift.c +0 -307
- data/third_party/boringssl/crypto/bn/sqrt.c +0 -506
- data/third_party/boringssl/crypto/cipher/aead.c +0 -156
- data/third_party/boringssl/crypto/cipher/cipher.c +0 -657
- data/third_party/boringssl/crypto/cipher/e_aes.c +0 -1771
- data/third_party/boringssl/crypto/cipher/e_chacha20poly1305.c +0 -276
- data/third_party/boringssl/crypto/cipher/e_des.c +0 -205
- data/third_party/boringssl/crypto/cipher/tls_cbc.c +0 -482
- data/third_party/boringssl/crypto/des/des.c +0 -771
- data/third_party/boringssl/crypto/digest/digest.c +0 -251
- data/third_party/boringssl/crypto/digest/digests.c +0 -358
- data/third_party/boringssl/crypto/ec/ec.c +0 -847
- data/third_party/boringssl/crypto/ec/ec_key.c +0 -479
- data/third_party/boringssl/crypto/ec/ec_montgomery.c +0 -303
- data/third_party/boringssl/crypto/ec/oct.c +0 -416
- data/third_party/boringssl/crypto/ec/p224-64.c +0 -1143
- data/third_party/boringssl/crypto/ec/p256-64.c +0 -1701
- data/third_party/boringssl/crypto/ec/p256-x86_64.c +0 -561
- data/third_party/boringssl/crypto/ec/simple.c +0 -1118
- data/third_party/boringssl/crypto/ec/util-64.c +0 -109
- data/third_party/boringssl/crypto/ec/wnaf.c +0 -458
- data/third_party/boringssl/crypto/ecdsa/ecdsa.c +0 -479
- data/third_party/boringssl/crypto/hmac/hmac.c +0 -215
- data/third_party/boringssl/crypto/md4/md4.c +0 -236
- data/third_party/boringssl/crypto/md5/md5.c +0 -285
- data/third_party/boringssl/crypto/modes/cbc.c +0 -212
- data/third_party/boringssl/crypto/modes/cfb.c +0 -230
- data/third_party/boringssl/crypto/modes/ctr.c +0 -219
- data/third_party/boringssl/crypto/modes/gcm.c +0 -1071
- data/third_party/boringssl/crypto/modes/ofb.c +0 -95
- data/third_party/boringssl/crypto/modes/polyval.c +0 -94
- data/third_party/boringssl/crypto/pkcs8/p8_pkey.c +0 -85
- data/third_party/boringssl/crypto/rand/rand.c +0 -244
- data/third_party/boringssl/crypto/rand/urandom.c +0 -335
- data/third_party/boringssl/crypto/rsa/blinding.c +0 -265
- data/third_party/boringssl/crypto/rsa/padding.c +0 -708
- data/third_party/boringssl/crypto/rsa/rsa.c +0 -830
- data/third_party/boringssl/crypto/rsa/rsa_impl.c +0 -1100
- data/third_party/boringssl/crypto/sha/sha1-altivec.c +0 -346
- data/third_party/boringssl/crypto/sha/sha1.c +0 -355
- data/third_party/boringssl/crypto/sha/sha256.c +0 -329
- data/third_party/boringssl/crypto/sha/sha512.c +0 -609
- data/third_party/boringssl/crypto/x509/x509type.c +0 -126
- data/third_party/boringssl/include/openssl/stack_macros.h +0 -3987
- data/third_party/boringssl/ssl/handshake_client.c +0 -1883
- data/third_party/boringssl/ssl/handshake_server.c +0 -1950
- data/third_party/boringssl/ssl/s3_both.c +0 -895
- data/third_party/boringssl/ssl/ssl_aead_ctx.c +0 -335
- data/third_party/boringssl/ssl/ssl_ecdh.c +0 -465
- data/third_party/boringssl/ssl/ssl_privkey.c +0 -683
- data/third_party/boringssl/ssl/ssl_privkey_cc.cc +0 -76
- data/third_party/boringssl/ssl/tls13_client.c +0 -712
- data/third_party/boringssl/ssl/tls13_server.c +0 -680
- data/third_party/boringssl/ssl/tls_record.c +0 -556
@@ -64,17 +64,17 @@ extern "C" {
|
|
64
64
|
#endif
|
65
65
|
|
66
66
|
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
67
|
+
// Digest functions.
|
68
|
+
//
|
69
|
+
// An EVP_MD abstracts the details of a specific hash function allowing code to
|
70
|
+
// deal with the concept of a "hash function" without needing to know exactly
|
71
|
+
// which hash function it is.
|
72
72
|
|
73
73
|
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
74
|
+
// Hash algorithms.
|
75
|
+
//
|
76
|
+
// The following functions return |EVP_MD| objects that implement the named hash
|
77
|
+
// function.
|
78
78
|
|
79
79
|
OPENSSL_EXPORT const EVP_MD *EVP_md4(void);
|
80
80
|
OPENSSL_EXPORT const EVP_MD *EVP_md5(void);
|
@@ -84,192 +84,219 @@ OPENSSL_EXPORT const EVP_MD *EVP_sha256(void);
|
|
84
84
|
OPENSSL_EXPORT const EVP_MD *EVP_sha384(void);
|
85
85
|
OPENSSL_EXPORT const EVP_MD *EVP_sha512(void);
|
86
86
|
|
87
|
-
|
88
|
-
|
87
|
+
// EVP_md5_sha1 is a TLS-specific |EVP_MD| which computes the concatenation of
|
88
|
+
// MD5 and SHA-1, as used in TLS 1.1 and below.
|
89
89
|
OPENSSL_EXPORT const EVP_MD *EVP_md5_sha1(void);
|
90
90
|
|
91
|
-
|
92
|
-
|
91
|
+
// EVP_get_digestbynid returns an |EVP_MD| for the given NID, or NULL if no
|
92
|
+
// such digest is known.
|
93
93
|
OPENSSL_EXPORT const EVP_MD *EVP_get_digestbynid(int nid);
|
94
94
|
|
95
|
-
|
96
|
-
|
95
|
+
// EVP_get_digestbyobj returns an |EVP_MD| for the given |ASN1_OBJECT|, or NULL
|
96
|
+
// if no such digest is known.
|
97
97
|
OPENSSL_EXPORT const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *obj);
|
98
98
|
|
99
99
|
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
100
|
+
// Digest contexts.
|
101
|
+
//
|
102
|
+
// An EVP_MD_CTX represents the state of a specific digest operation in
|
103
|
+
// progress.
|
104
104
|
|
105
|
-
|
106
|
-
|
105
|
+
// EVP_MD_CTX_init initialises an, already allocated, |EVP_MD_CTX|. This is the
|
106
|
+
// same as setting the structure to zero.
|
107
107
|
OPENSSL_EXPORT void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
|
108
108
|
|
109
|
-
|
110
|
-
|
111
|
-
|
109
|
+
// EVP_MD_CTX_new allocates and initialises a fresh |EVP_MD_CTX| and returns
|
110
|
+
// it, or NULL on allocation failure. The caller must use |EVP_MD_CTX_free| to
|
111
|
+
// release the resulting object.
|
112
|
+
OPENSSL_EXPORT EVP_MD_CTX *EVP_MD_CTX_new(void);
|
112
113
|
|
113
|
-
|
114
|
-
|
114
|
+
// EVP_MD_CTX_cleanup frees any resources owned by |ctx| and resets it to a
|
115
|
+
// freshly initialised state. It does not free |ctx| itself. It returns one.
|
115
116
|
OPENSSL_EXPORT int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
|
116
117
|
|
117
|
-
|
118
|
-
OPENSSL_EXPORT void
|
118
|
+
// EVP_MD_CTX_free calls |EVP_MD_CTX_cleanup| and then frees |ctx| itself.
|
119
|
+
OPENSSL_EXPORT void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
|
119
120
|
|
120
|
-
|
121
|
-
|
121
|
+
// EVP_MD_CTX_copy_ex sets |out|, which must already be initialised, to be a
|
122
|
+
// copy of |in|. It returns one on success and zero on error.
|
122
123
|
OPENSSL_EXPORT int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
|
123
124
|
|
125
|
+
// EVP_MD_CTX_reset calls |EVP_MD_CTX_cleanup| followed by |EVP_MD_CTX_init|.
|
126
|
+
OPENSSL_EXPORT void EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
|
127
|
+
|
124
128
|
|
125
|
-
|
129
|
+
// Digest operations.
|
126
130
|
|
127
|
-
|
128
|
-
|
129
|
-
|
131
|
+
// EVP_DigestInit_ex configures |ctx|, which must already have been
|
132
|
+
// initialised, for a fresh hashing operation using |type|. It returns one on
|
133
|
+
// success and zero otherwise.
|
130
134
|
OPENSSL_EXPORT int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type,
|
131
135
|
ENGINE *engine);
|
132
136
|
|
133
|
-
|
134
|
-
|
137
|
+
// EVP_DigestInit acts like |EVP_DigestInit_ex| except that |ctx| is
|
138
|
+
// initialised before use.
|
135
139
|
OPENSSL_EXPORT int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
|
136
140
|
|
137
|
-
|
138
|
-
|
141
|
+
// EVP_DigestUpdate hashes |len| bytes from |data| into the hashing operation
|
142
|
+
// in |ctx|. It returns one.
|
139
143
|
OPENSSL_EXPORT int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data,
|
140
144
|
size_t len);
|
141
145
|
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
#define EVP_MAX_MD_SIZE 64
|
146
|
-
|
147
|
-
|
148
|
-
|
149
|
-
#define EVP_MAX_MD_BLOCK_SIZE 128
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
146
|
+
// EVP_MAX_MD_SIZE is the largest digest size supported, in bytes.
|
147
|
+
// Functions that output a digest generally require the buffer have
|
148
|
+
// at least this much space.
|
149
|
+
#define EVP_MAX_MD_SIZE 64 // SHA-512 is the longest so far.
|
150
|
+
|
151
|
+
// EVP_MAX_MD_BLOCK_SIZE is the largest digest block size supported, in
|
152
|
+
// bytes.
|
153
|
+
#define EVP_MAX_MD_BLOCK_SIZE 128 // SHA-512 is the longest so far.
|
154
|
+
|
155
|
+
// EVP_DigestFinal_ex finishes the digest in |ctx| and writes the output to
|
156
|
+
// |md_out|. |EVP_MD_CTX_size| bytes are written, which is at most
|
157
|
+
// |EVP_MAX_MD_SIZE|. If |out_size| is not NULL then |*out_size| is set to the
|
158
|
+
// number of bytes written. It returns one. After this call, the hash cannot be
|
159
|
+
// updated or finished again until |EVP_DigestInit_ex| is called to start
|
160
|
+
// another hashing operation.
|
157
161
|
OPENSSL_EXPORT int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, uint8_t *md_out,
|
158
162
|
unsigned int *out_size);
|
159
163
|
|
160
|
-
|
161
|
-
|
164
|
+
// EVP_DigestFinal acts like |EVP_DigestFinal_ex| except that
|
165
|
+
// |EVP_MD_CTX_cleanup| is called on |ctx| before returning.
|
162
166
|
OPENSSL_EXPORT int EVP_DigestFinal(EVP_MD_CTX *ctx, uint8_t *md_out,
|
163
167
|
unsigned int *out_size);
|
164
168
|
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
|
169
|
+
// EVP_Digest performs a complete hashing operation in one call. It hashes |len|
|
170
|
+
// bytes from |data| and writes the digest to |md_out|. |EVP_MD_CTX_size| bytes
|
171
|
+
// are written, which is at most |EVP_MAX_MD_SIZE|. If |out_size| is not NULL
|
172
|
+
// then |*out_size| is set to the number of bytes written. It returns one on
|
173
|
+
// success and zero otherwise.
|
170
174
|
OPENSSL_EXPORT int EVP_Digest(const void *data, size_t len, uint8_t *md_out,
|
171
175
|
unsigned int *md_out_size, const EVP_MD *type,
|
172
176
|
ENGINE *impl);
|
173
177
|
|
174
178
|
|
175
|
-
|
176
|
-
|
177
|
-
|
178
|
-
|
179
|
+
// Digest function accessors.
|
180
|
+
//
|
181
|
+
// These functions allow code to learn details about an abstract hash
|
182
|
+
// function.
|
179
183
|
|
180
|
-
|
184
|
+
// EVP_MD_type returns a NID identifying |md|. (For example, |NID_sha256|.)
|
181
185
|
OPENSSL_EXPORT int EVP_MD_type(const EVP_MD *md);
|
182
186
|
|
183
|
-
|
184
|
-
|
187
|
+
// EVP_MD_flags returns the flags for |md|, which is a set of |EVP_MD_FLAG_*|
|
188
|
+
// values, ORed together.
|
185
189
|
OPENSSL_EXPORT uint32_t EVP_MD_flags(const EVP_MD *md);
|
186
190
|
|
187
|
-
|
191
|
+
// EVP_MD_size returns the digest size of |md|, in bytes.
|
188
192
|
OPENSSL_EXPORT size_t EVP_MD_size(const EVP_MD *md);
|
189
193
|
|
190
|
-
|
194
|
+
// EVP_MD_block_size returns the native block-size of |md|, in bytes.
|
191
195
|
OPENSSL_EXPORT size_t EVP_MD_block_size(const EVP_MD *md);
|
192
196
|
|
193
|
-
|
194
|
-
|
195
|
-
|
197
|
+
// EVP_MD_FLAG_PKEY_DIGEST indicates the the digest function is used with a
|
198
|
+
// specific public key in order to verify signatures. (For example,
|
199
|
+
// EVP_dss1.)
|
196
200
|
#define EVP_MD_FLAG_PKEY_DIGEST 1
|
197
201
|
|
198
|
-
|
199
|
-
|
200
|
-
|
202
|
+
// EVP_MD_FLAG_DIGALGID_ABSENT indicates that the parameter type in an X.509
|
203
|
+
// DigestAlgorithmIdentifier representing this digest function should be
|
204
|
+
// undefined rather than NULL.
|
201
205
|
#define EVP_MD_FLAG_DIGALGID_ABSENT 2
|
202
206
|
|
203
207
|
|
204
|
-
|
208
|
+
// Digest operation accessors.
|
205
209
|
|
206
|
-
|
207
|
-
|
208
|
-
OPENSSL_EXPORT
|
210
|
+
// EVP_MD_CTX_md returns the underlying digest function, or NULL if one has not
|
211
|
+
// been set.
|
212
|
+
OPENSSL_EXPORT const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
|
209
213
|
|
210
|
-
|
211
|
-
|
212
|
-
OPENSSL_EXPORT
|
214
|
+
// EVP_MD_CTX_size returns the digest size of |ctx|, in bytes. It
|
215
|
+
// will crash if a digest hasn't been set on |ctx|.
|
216
|
+
OPENSSL_EXPORT size_t EVP_MD_CTX_size(const EVP_MD_CTX *ctx);
|
213
217
|
|
214
|
-
|
215
|
-
|
216
|
-
OPENSSL_EXPORT
|
218
|
+
// EVP_MD_CTX_block_size returns the block size of the digest function used by
|
219
|
+
// |ctx|, in bytes. It will crash if a digest hasn't been set on |ctx|.
|
220
|
+
OPENSSL_EXPORT size_t EVP_MD_CTX_block_size(const EVP_MD_CTX *ctx);
|
217
221
|
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
OPENSSL_EXPORT const EVP_MD *EVP_dss1(void);
|
222
|
+
// EVP_MD_CTX_type returns a NID describing the digest function used by |ctx|.
|
223
|
+
// (For example, |NID_sha256|.) It will crash if a digest hasn't been set on
|
224
|
+
// |ctx|.
|
225
|
+
OPENSSL_EXPORT int EVP_MD_CTX_type(const EVP_MD_CTX *ctx);
|
223
226
|
|
224
227
|
|
225
|
-
|
228
|
+
// ASN.1 functions.
|
229
|
+
//
|
230
|
+
// These functions allow code to parse and serialize AlgorithmIdentifiers for
|
231
|
+
// hash functions.
|
226
232
|
|
227
|
-
|
228
|
-
|
229
|
-
|
233
|
+
// EVP_parse_digest_algorithm parses an AlgorithmIdentifier structure containing
|
234
|
+
// a hash function OID (for example, 2.16.840.1.101.3.4.2.1 is SHA-256) and
|
235
|
+
// advances |cbs|. The parameters field may either be omitted or a NULL. It
|
236
|
+
// returns the digest function or NULL on error.
|
237
|
+
OPENSSL_EXPORT const EVP_MD *EVP_parse_digest_algorithm(CBS *cbs);
|
230
238
|
|
231
|
-
|
232
|
-
|
233
|
-
|
239
|
+
// EVP_marshal_digest_algorithm marshals |md| as an AlgorithmIdentifier
|
240
|
+
// structure and appends the result to |cbb|. It returns one on success and zero
|
241
|
+
// on error.
|
242
|
+
OPENSSL_EXPORT int EVP_marshal_digest_algorithm(CBB *cbb, const EVP_MD *md);
|
234
243
|
|
235
|
-
/* EVP_MD_CTX_block_size returns the block size of the digest function used by
|
236
|
-
* |ctx|, in bytes. It will crash if a digest hasn't been set on |ctx|. */
|
237
|
-
OPENSSL_EXPORT size_t EVP_MD_CTX_block_size(const EVP_MD_CTX *ctx);
|
238
244
|
|
239
|
-
|
240
|
-
|
241
|
-
|
242
|
-
|
245
|
+
// Deprecated functions.
|
246
|
+
|
247
|
+
// EVP_MD_CTX_copy sets |out|, which must /not/ be initialised, to be a copy of
|
248
|
+
// |in|. It returns one on success and zero on error.
|
249
|
+
OPENSSL_EXPORT int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in);
|
250
|
+
|
251
|
+
// EVP_add_digest does nothing and returns one. It exists only for
|
252
|
+
// compatibility with OpenSSL.
|
253
|
+
OPENSSL_EXPORT int EVP_add_digest(const EVP_MD *digest);
|
254
|
+
|
255
|
+
// EVP_get_digestbyname returns an |EVP_MD| given a human readable name in
|
256
|
+
// |name|, or NULL if the name is unknown.
|
257
|
+
OPENSSL_EXPORT const EVP_MD *EVP_get_digestbyname(const char *);
|
258
|
+
|
259
|
+
// EVP_dss1 returns the value of EVP_sha1(). This was provided by OpenSSL to
|
260
|
+
// specifiy the original DSA signatures, which were fixed to use SHA-1. Note,
|
261
|
+
// however, that attempting to sign or verify DSA signatures with the EVP
|
262
|
+
// interface will always fail.
|
263
|
+
OPENSSL_EXPORT const EVP_MD *EVP_dss1(void);
|
264
|
+
|
265
|
+
// EVP_MD_CTX_create calls |EVP_MD_CTX_new|.
|
266
|
+
OPENSSL_EXPORT EVP_MD_CTX *EVP_MD_CTX_create(void);
|
267
|
+
|
268
|
+
// EVP_MD_CTX_destroy calls |EVP_MD_CTX_free|.
|
269
|
+
OPENSSL_EXPORT void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
|
243
270
|
|
244
271
|
|
245
272
|
struct evp_md_pctx_ops;
|
246
273
|
|
247
274
|
struct env_md_ctx_st {
|
248
|
-
|
275
|
+
// digest is the underlying digest function, or NULL if not set.
|
249
276
|
const EVP_MD *digest;
|
250
|
-
|
251
|
-
|
277
|
+
// md_data points to a block of memory that contains the hash-specific
|
278
|
+
// context.
|
252
279
|
void *md_data;
|
253
280
|
|
254
|
-
|
255
|
-
|
281
|
+
// pctx is an opaque (at this layer) pointer to additional context that
|
282
|
+
// EVP_PKEY functions may store in this object.
|
256
283
|
EVP_PKEY_CTX *pctx;
|
257
284
|
|
258
|
-
|
259
|
-
|
285
|
+
// pctx_ops, if not NULL, points to a vtable that contains functions to
|
286
|
+
// manipulate |pctx|.
|
260
287
|
const struct evp_md_pctx_ops *pctx_ops;
|
261
288
|
} /* EVP_MD_CTX */;
|
262
289
|
|
263
290
|
|
264
291
|
#if defined(__cplusplus)
|
265
|
-
}
|
292
|
+
} // extern C
|
266
293
|
|
267
294
|
#if !defined(BORINGSSL_NO_CXX)
|
268
295
|
extern "C++" {
|
269
296
|
|
270
297
|
namespace bssl {
|
271
298
|
|
272
|
-
BORINGSSL_MAKE_DELETER(EVP_MD_CTX,
|
299
|
+
BORINGSSL_MAKE_DELETER(EVP_MD_CTX, EVP_MD_CTX_free)
|
273
300
|
|
274
301
|
using ScopedEVP_MD_CTX =
|
275
302
|
internal::StackAllocated<EVP_MD_CTX, int, EVP_MD_CTX_init,
|
@@ -283,5 +310,7 @@ using ScopedEVP_MD_CTX =
|
|
283
310
|
#endif
|
284
311
|
|
285
312
|
#define DIGEST_R_INPUT_NOT_INITIALIZED 100
|
313
|
+
#define DIGEST_R_DECODE_ERROR 101
|
314
|
+
#define DIGEST_R_UNKNOWN_HASH 102
|
286
315
|
|
287
|
-
#endif
|
316
|
+
#endif // OPENSSL_HEADER_DIGEST_H
|
@@ -71,315 +71,330 @@ extern "C" {
|
|
71
71
|
#endif
|
72
72
|
|
73
73
|
|
74
|
-
|
75
|
-
|
74
|
+
// DSA contains functions for signing and verifying with the Digital Signature
|
75
|
+
// Algorithm.
|
76
76
|
|
77
77
|
|
78
|
-
|
78
|
+
// Allocation and destruction.
|
79
79
|
|
80
|
-
|
80
|
+
// DSA_new returns a new, empty DSA object or NULL on error.
|
81
81
|
OPENSSL_EXPORT DSA *DSA_new(void);
|
82
82
|
|
83
|
-
|
84
|
-
|
83
|
+
// DSA_free decrements the reference count of |dsa| and frees it if the
|
84
|
+
// reference count drops to zero.
|
85
85
|
OPENSSL_EXPORT void DSA_free(DSA *dsa);
|
86
86
|
|
87
|
-
|
87
|
+
// DSA_up_ref increments the reference count of |dsa| and returns one.
|
88
88
|
OPENSSL_EXPORT int DSA_up_ref(DSA *dsa);
|
89
89
|
|
90
90
|
|
91
|
-
|
91
|
+
// Properties.
|
92
92
|
|
93
|
-
|
94
|
-
|
95
|
-
|
93
|
+
// DSA_get0_key sets |*out_pub_key| and |*out_priv_key|, if non-NULL, to |dsa|'s
|
94
|
+
// public and private key, respectively. If |dsa| is a public key, the private
|
95
|
+
// key will be set to NULL.
|
96
96
|
OPENSSL_EXPORT void DSA_get0_key(const DSA *dsa, const BIGNUM **out_pub_key,
|
97
97
|
const BIGNUM **out_priv_key);
|
98
98
|
|
99
|
-
|
100
|
-
|
99
|
+
// DSA_get0_pqg sets |*out_p|, |*out_q|, and |*out_g|, if non-NULL, to |dsa|'s
|
100
|
+
// p, q, and g parameters, respectively.
|
101
101
|
OPENSSL_EXPORT void DSA_get0_pqg(const DSA *dsa, const BIGNUM **out_p,
|
102
102
|
const BIGNUM **out_q, const BIGNUM **out_g);
|
103
103
|
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
*
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
104
|
+
// DSA_set0_key sets |dsa|'s public and private key to |pub_key| and |priv_key|,
|
105
|
+
// respectively, if non-NULL. On success, it takes ownership of each argument
|
106
|
+
// and returns one. Otherwise, it returns zero.
|
107
|
+
//
|
108
|
+
// |priv_key| may be NULL, but |pub_key| must either be non-NULL or already
|
109
|
+
// configured on |dsa|.
|
110
|
+
OPENSSL_EXPORT int DSA_set0_key(DSA *dsa, BIGNUM *pub_key, BIGNUM *priv_key);
|
111
|
+
|
112
|
+
// DSA_set0_pqg sets |dsa|'s parameters to |p|, |q|, and |g|, if non-NULL, and
|
113
|
+
// takes ownership of them. On success, it takes ownership of each argument and
|
114
|
+
// returns one. Otherwise, it returns zero.
|
115
|
+
//
|
116
|
+
// Each argument must either be non-NULL or already configured on |dsa|.
|
117
|
+
OPENSSL_EXPORT int DSA_set0_pqg(DSA *dsa, BIGNUM *p, BIGNUM *q, BIGNUM *g);
|
118
|
+
|
119
|
+
|
120
|
+
// Parameter generation.
|
121
|
+
|
122
|
+
// DSA_generate_parameters_ex generates a set of DSA parameters by following
|
123
|
+
// the procedure given in FIPS 186-4, appendix A.
|
124
|
+
// (http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf)
|
125
|
+
//
|
126
|
+
// The larger prime will have a length of |bits| (e.g. 2048). The |seed| value
|
127
|
+
// allows others to generate and verify the same parameters and should be
|
128
|
+
// random input which is kept for reference. If |out_counter| or |out_h| are
|
129
|
+
// not NULL then the counter and h value used in the generation are written to
|
130
|
+
// them.
|
131
|
+
//
|
132
|
+
// The |cb| argument is passed to |BN_generate_prime_ex| and is thus called
|
133
|
+
// during the generation process in order to indicate progress. See the
|
134
|
+
// comments for that function for details. In addition to the calls made by
|
135
|
+
// |BN_generate_prime_ex|, |DSA_generate_parameters_ex| will call it with
|
136
|
+
// |event| equal to 2 and 3 at different stages of the process.
|
137
|
+
//
|
138
|
+
// It returns one on success and zero otherwise.
|
124
139
|
OPENSSL_EXPORT int DSA_generate_parameters_ex(DSA *dsa, unsigned bits,
|
125
140
|
const uint8_t *seed,
|
126
141
|
size_t seed_len, int *out_counter,
|
127
142
|
unsigned long *out_h,
|
128
143
|
BN_GENCB *cb);
|
129
144
|
|
130
|
-
|
131
|
-
|
145
|
+
// DSAparams_dup returns a freshly allocated |DSA| that contains a copy of the
|
146
|
+
// parameters from |dsa|. It returns NULL on error.
|
132
147
|
OPENSSL_EXPORT DSA *DSAparams_dup(const DSA *dsa);
|
133
148
|
|
134
149
|
|
135
|
-
|
150
|
+
// Key generation.
|
136
151
|
|
137
|
-
|
138
|
-
|
139
|
-
|
152
|
+
// DSA_generate_key generates a public/private key pair in |dsa|, which must
|
153
|
+
// already have parameters setup. It returns one on success and zero on
|
154
|
+
// error.
|
140
155
|
OPENSSL_EXPORT int DSA_generate_key(DSA *dsa);
|
141
156
|
|
142
157
|
|
143
|
-
|
158
|
+
// Signatures.
|
144
159
|
|
145
|
-
|
160
|
+
// DSA_SIG_st (aka |DSA_SIG|) contains a DSA signature as a pair of integers.
|
146
161
|
struct DSA_SIG_st {
|
147
162
|
BIGNUM *r, *s;
|
148
163
|
};
|
149
164
|
|
150
|
-
|
151
|
-
|
165
|
+
// DSA_SIG_new returns a freshly allocated, DIG_SIG structure or NULL on error.
|
166
|
+
// Both |r| and |s| in the signature will be NULL.
|
152
167
|
OPENSSL_EXPORT DSA_SIG *DSA_SIG_new(void);
|
153
168
|
|
154
|
-
|
169
|
+
// DSA_SIG_free frees the contents of |sig| and then frees |sig| itself.
|
155
170
|
OPENSSL_EXPORT void DSA_SIG_free(DSA_SIG *sig);
|
156
171
|
|
157
|
-
|
158
|
-
|
172
|
+
// DSA_do_sign returns a signature of the hash in |digest| by the key in |dsa|
|
173
|
+
// and returns an allocated, DSA_SIG structure, or NULL on error.
|
159
174
|
OPENSSL_EXPORT DSA_SIG *DSA_do_sign(const uint8_t *digest, size_t digest_len,
|
160
175
|
DSA *dsa);
|
161
176
|
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
|
170
|
-
|
171
|
-
|
177
|
+
// DSA_do_verify verifies that |sig| is a valid signature, by the public key in
|
178
|
+
// |dsa|, of the hash in |digest|. It returns one if so, zero if invalid and -1
|
179
|
+
// on error.
|
180
|
+
//
|
181
|
+
// WARNING: do not use. This function returns -1 for error, 0 for invalid and 1
|
182
|
+
// for valid. However, this is dangerously different to the usual OpenSSL
|
183
|
+
// convention and could be a disaster if a user did |if (DSA_do_verify(...))|.
|
184
|
+
// Because of this, |DSA_check_signature| is a safer version of this.
|
185
|
+
//
|
186
|
+
// TODO(fork): deprecate.
|
172
187
|
OPENSSL_EXPORT int DSA_do_verify(const uint8_t *digest, size_t digest_len,
|
173
188
|
DSA_SIG *sig, const DSA *dsa);
|
174
189
|
|
175
|
-
|
176
|
-
|
177
|
-
|
178
|
-
|
179
|
-
|
180
|
-
|
190
|
+
// DSA_do_check_signature sets |*out_valid| to zero. Then it verifies that |sig|
|
191
|
+
// is a valid signature, by the public key in |dsa| of the hash in |digest|
|
192
|
+
// and, if so, it sets |*out_valid| to one.
|
193
|
+
//
|
194
|
+
// It returns one if it was able to verify the signature as valid or invalid,
|
195
|
+
// and zero on error.
|
181
196
|
OPENSSL_EXPORT int DSA_do_check_signature(int *out_valid, const uint8_t *digest,
|
182
197
|
size_t digest_len, DSA_SIG *sig,
|
183
198
|
const DSA *dsa);
|
184
199
|
|
185
200
|
|
186
|
-
|
187
|
-
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
201
|
+
// ASN.1 signatures.
|
202
|
+
//
|
203
|
+
// These functions also perform DSA signature operations, but deal with ASN.1
|
204
|
+
// encoded signatures as opposed to raw |BIGNUM|s. If you don't know what
|
205
|
+
// encoding a DSA signature is in, it's probably ASN.1.
|
206
|
+
|
207
|
+
// DSA_sign signs |digest| with the key in |dsa| and writes the resulting
|
208
|
+
// signature, in ASN.1 form, to |out_sig| and the length of the signature to
|
209
|
+
// |*out_siglen|. There must be, at least, |DSA_size(dsa)| bytes of space in
|
210
|
+
// |out_sig|. It returns one on success and zero otherwise.
|
211
|
+
//
|
212
|
+
// (The |type| argument is ignored.)
|
198
213
|
OPENSSL_EXPORT int DSA_sign(int type, const uint8_t *digest, size_t digest_len,
|
199
214
|
uint8_t *out_sig, unsigned int *out_siglen,
|
200
215
|
DSA *dsa);
|
201
216
|
|
202
|
-
|
203
|
-
|
204
|
-
|
205
|
-
|
206
|
-
|
207
|
-
|
208
|
-
|
209
|
-
|
210
|
-
|
211
|
-
|
212
|
-
|
213
|
-
|
217
|
+
// DSA_verify verifies that |sig| is a valid, ASN.1 signature, by the public
|
218
|
+
// key in |dsa|, of the hash in |digest|. It returns one if so, zero if invalid
|
219
|
+
// and -1 on error.
|
220
|
+
//
|
221
|
+
// (The |type| argument is ignored.)
|
222
|
+
//
|
223
|
+
// WARNING: do not use. This function returns -1 for error, 0 for invalid and 1
|
224
|
+
// for valid. However, this is dangerously different to the usual OpenSSL
|
225
|
+
// convention and could be a disaster if a user did |if (DSA_do_verify(...))|.
|
226
|
+
// Because of this, |DSA_check_signature| is a safer version of this.
|
227
|
+
//
|
228
|
+
// TODO(fork): deprecate.
|
214
229
|
OPENSSL_EXPORT int DSA_verify(int type, const uint8_t *digest,
|
215
230
|
size_t digest_len, const uint8_t *sig,
|
216
231
|
size_t sig_len, const DSA *dsa);
|
217
232
|
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
|
223
|
-
|
233
|
+
// DSA_check_signature sets |*out_valid| to zero. Then it verifies that |sig|
|
234
|
+
// is a valid, ASN.1 signature, by the public key in |dsa|, of the hash in
|
235
|
+
// |digest|. If so, it sets |*out_valid| to one.
|
236
|
+
//
|
237
|
+
// It returns one if it was able to verify the signature as valid or invalid,
|
238
|
+
// and zero on error.
|
224
239
|
OPENSSL_EXPORT int DSA_check_signature(int *out_valid, const uint8_t *digest,
|
225
240
|
size_t digest_len, const uint8_t *sig,
|
226
241
|
size_t sig_len, const DSA *dsa);
|
227
242
|
|
228
|
-
|
229
|
-
|
243
|
+
// DSA_size returns the size, in bytes, of an ASN.1 encoded, DSA signature
|
244
|
+
// generated by |dsa|. Parameters must already have been setup in |dsa|.
|
230
245
|
OPENSSL_EXPORT int DSA_size(const DSA *dsa);
|
231
246
|
|
232
247
|
|
233
|
-
|
248
|
+
// ASN.1 encoding.
|
234
249
|
|
235
|
-
|
236
|
-
|
250
|
+
// DSA_SIG_parse parses a DER-encoded DSA-Sig-Value structure from |cbs| and
|
251
|
+
// advances |cbs|. It returns a newly-allocated |DSA_SIG| or NULL on error.
|
237
252
|
OPENSSL_EXPORT DSA_SIG *DSA_SIG_parse(CBS *cbs);
|
238
253
|
|
239
|
-
|
240
|
-
|
254
|
+
// DSA_SIG_marshal marshals |sig| as a DER-encoded DSA-Sig-Value and appends the
|
255
|
+
// result to |cbb|. It returns one on success and zero on error.
|
241
256
|
OPENSSL_EXPORT int DSA_SIG_marshal(CBB *cbb, const DSA_SIG *sig);
|
242
257
|
|
243
|
-
|
244
|
-
|
258
|
+
// DSA_parse_public_key parses a DER-encoded DSA public key from |cbs| and
|
259
|
+
// advances |cbs|. It returns a newly-allocated |DSA| or NULL on error.
|
245
260
|
OPENSSL_EXPORT DSA *DSA_parse_public_key(CBS *cbs);
|
246
261
|
|
247
|
-
|
248
|
-
|
249
|
-
|
262
|
+
// DSA_marshal_public_key marshals |dsa| as a DER-encoded DSA public key and
|
263
|
+
// appends the result to |cbb|. It returns one on success and zero on
|
264
|
+
// failure.
|
250
265
|
OPENSSL_EXPORT int DSA_marshal_public_key(CBB *cbb, const DSA *dsa);
|
251
266
|
|
252
|
-
|
253
|
-
|
267
|
+
// DSA_parse_private_key parses a DER-encoded DSA private key from |cbs| and
|
268
|
+
// advances |cbs|. It returns a newly-allocated |DSA| or NULL on error.
|
254
269
|
OPENSSL_EXPORT DSA *DSA_parse_private_key(CBS *cbs);
|
255
270
|
|
256
|
-
|
257
|
-
|
258
|
-
|
271
|
+
// DSA_marshal_private_key marshals |dsa| as a DER-encoded DSA private key and
|
272
|
+
// appends the result to |cbb|. It returns one on success and zero on
|
273
|
+
// failure.
|
259
274
|
OPENSSL_EXPORT int DSA_marshal_private_key(CBB *cbb, const DSA *dsa);
|
260
275
|
|
261
|
-
|
262
|
-
|
263
|
-
|
276
|
+
// DSA_parse_parameters parses a DER-encoded Dss-Parms structure (RFC 3279)
|
277
|
+
// from |cbs| and advances |cbs|. It returns a newly-allocated |DSA| or NULL on
|
278
|
+
// error.
|
264
279
|
OPENSSL_EXPORT DSA *DSA_parse_parameters(CBS *cbs);
|
265
280
|
|
266
|
-
|
267
|
-
|
268
|
-
|
281
|
+
// DSA_marshal_parameters marshals |dsa| as a DER-encoded Dss-Parms structure
|
282
|
+
// (RFC 3447) and appends the result to |cbb|. It returns one on success and
|
283
|
+
// zero on failure.
|
269
284
|
OPENSSL_EXPORT int DSA_marshal_parameters(CBB *cbb, const DSA *dsa);
|
270
285
|
|
271
286
|
|
272
|
-
|
287
|
+
// Precomputation.
|
273
288
|
|
274
|
-
|
275
|
-
|
276
|
-
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
289
|
+
// DSA_sign_setup precomputes the message independent part of the DSA signature
|
290
|
+
// and writes them to |*out_kinv| and |*out_r|. Returns one on success, zero on
|
291
|
+
// error.
|
292
|
+
//
|
293
|
+
// TODO(fork): decide what to do with this. Since making DSA* opaque there's no
|
294
|
+
// way for the user to install them. Also, it forces the DSA* not to be const
|
295
|
+
// when passing to the signing function.
|
281
296
|
OPENSSL_EXPORT int DSA_sign_setup(const DSA *dsa, BN_CTX *ctx,
|
282
297
|
BIGNUM **out_kinv, BIGNUM **out_r);
|
283
298
|
|
284
299
|
|
285
|
-
|
300
|
+
// Conversion.
|
286
301
|
|
287
|
-
|
288
|
-
|
289
|
-
|
302
|
+
// DSA_dup_DH returns a |DH| constructed from the parameters of |dsa|. This is
|
303
|
+
// sometimes needed when Diffie-Hellman parameters are stored in the form of
|
304
|
+
// DSA parameters. It returns an allocated |DH| on success or NULL on error.
|
290
305
|
OPENSSL_EXPORT DH *DSA_dup_DH(const DSA *dsa);
|
291
306
|
|
292
307
|
|
293
|
-
|
294
|
-
|
295
|
-
|
308
|
+
// ex_data functions.
|
309
|
+
//
|
310
|
+
// See |ex_data.h| for details.
|
296
311
|
|
297
312
|
OPENSSL_EXPORT int DSA_get_ex_new_index(long argl, void *argp,
|
298
313
|
CRYPTO_EX_unused *unused,
|
299
|
-
CRYPTO_EX_dup *
|
314
|
+
CRYPTO_EX_dup *dup_unused,
|
300
315
|
CRYPTO_EX_free *free_func);
|
301
|
-
OPENSSL_EXPORT int DSA_set_ex_data(DSA *
|
302
|
-
OPENSSL_EXPORT void *DSA_get_ex_data(const DSA *
|
316
|
+
OPENSSL_EXPORT int DSA_set_ex_data(DSA *dsa, int idx, void *arg);
|
317
|
+
OPENSSL_EXPORT void *DSA_get_ex_data(const DSA *dsa, int idx);
|
303
318
|
|
304
319
|
|
305
|
-
|
320
|
+
// Deprecated functions.
|
306
321
|
|
307
|
-
|
308
|
-
|
309
|
-
|
310
|
-
|
311
|
-
|
312
|
-
|
313
|
-
|
314
|
-
|
322
|
+
// d2i_DSA_SIG parses an ASN.1, DER-encoded, DSA signature from |len| bytes at
|
323
|
+
// |*inp|. If |out_sig| is not NULL then, on exit, a pointer to the result is
|
324
|
+
// in |*out_sig|. Note that, even if |*out_sig| is already non-NULL on entry, it
|
325
|
+
// will not be written to. Rather, a fresh |DSA_SIG| is allocated and the
|
326
|
+
// previous one is freed. On successful exit, |*inp| is advanced past the DER
|
327
|
+
// structure. It returns the result or NULL on error.
|
328
|
+
//
|
329
|
+
// Use |DSA_SIG_parse| instead.
|
315
330
|
OPENSSL_EXPORT DSA_SIG *d2i_DSA_SIG(DSA_SIG **out_sig, const uint8_t **inp,
|
316
331
|
long len);
|
317
332
|
|
318
|
-
|
319
|
-
|
320
|
-
|
321
|
-
|
322
|
-
|
323
|
-
|
333
|
+
// i2d_DSA_SIG marshals |in| to an ASN.1, DER structure. If |outp| is not NULL
|
334
|
+
// then the result is written to |*outp| and |*outp| is advanced just past the
|
335
|
+
// output. It returns the number of bytes in the result, whether written or not,
|
336
|
+
// or a negative value on error.
|
337
|
+
//
|
338
|
+
// Use |DSA_SIG_marshal| instead.
|
324
339
|
OPENSSL_EXPORT int i2d_DSA_SIG(const DSA_SIG *in, uint8_t **outp);
|
325
340
|
|
326
|
-
|
327
|
-
|
328
|
-
|
329
|
-
|
330
|
-
|
331
|
-
|
332
|
-
|
333
|
-
|
341
|
+
// d2i_DSAPublicKey parses an ASN.1, DER-encoded, DSA public key from |len|
|
342
|
+
// bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result
|
343
|
+
// is in |*out|. Note that, even if |*ou| is already non-NULL on entry, it will
|
344
|
+
// not be written to. Rather, a fresh |DSA| is allocated and the previous one is
|
345
|
+
// freed. On successful exit, |*inp| is advanced past the DER structure. It
|
346
|
+
// returns the result or NULL on error.
|
347
|
+
//
|
348
|
+
// Use |DSA_parse_public_key| instead.
|
334
349
|
OPENSSL_EXPORT DSA *d2i_DSAPublicKey(DSA **out, const uint8_t **inp, long len);
|
335
350
|
|
336
|
-
|
337
|
-
|
338
|
-
|
339
|
-
|
340
|
-
|
341
|
-
|
351
|
+
// i2d_DSAPublicKey marshals a public key from |in| to an ASN.1, DER structure.
|
352
|
+
// If |outp| is not NULL then the result is written to |*outp| and |*outp| is
|
353
|
+
// advanced just past the output. It returns the number of bytes in the result,
|
354
|
+
// whether written or not, or a negative value on error.
|
355
|
+
//
|
356
|
+
// Use |DSA_marshal_public_key| instead.
|
342
357
|
OPENSSL_EXPORT int i2d_DSAPublicKey(const DSA *in, uint8_t **outp);
|
343
358
|
|
344
|
-
|
345
|
-
|
346
|
-
|
347
|
-
|
348
|
-
|
349
|
-
|
350
|
-
|
351
|
-
|
359
|
+
// d2i_DSAPrivateKey parses an ASN.1, DER-encoded, DSA private key from |len|
|
360
|
+
// bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result
|
361
|
+
// is in |*out|. Note that, even if |*out| is already non-NULL on entry, it will
|
362
|
+
// not be written to. Rather, a fresh |DSA| is allocated and the previous one is
|
363
|
+
// freed. On successful exit, |*inp| is advanced past the DER structure. It
|
364
|
+
// returns the result or NULL on error.
|
365
|
+
//
|
366
|
+
// Use |DSA_parse_private_key| instead.
|
352
367
|
OPENSSL_EXPORT DSA *d2i_DSAPrivateKey(DSA **out, const uint8_t **inp, long len);
|
353
368
|
|
354
|
-
|
355
|
-
|
356
|
-
|
357
|
-
|
358
|
-
|
359
|
-
|
369
|
+
// i2d_DSAPrivateKey marshals a private key from |in| to an ASN.1, DER
|
370
|
+
// structure. If |outp| is not NULL then the result is written to |*outp| and
|
371
|
+
// |*outp| is advanced just past the output. It returns the number of bytes in
|
372
|
+
// the result, whether written or not, or a negative value on error.
|
373
|
+
//
|
374
|
+
// Use |DSA_marshal_private_key| instead.
|
360
375
|
OPENSSL_EXPORT int i2d_DSAPrivateKey(const DSA *in, uint8_t **outp);
|
361
376
|
|
362
|
-
|
363
|
-
|
364
|
-
|
365
|
-
|
366
|
-
|
367
|
-
|
368
|
-
|
369
|
-
|
377
|
+
// d2i_DSAparams parses ASN.1, DER-encoded, DSA parameters from |len| bytes at
|
378
|
+
// |*inp|. If |out| is not NULL then, on exit, a pointer to the result is in
|
379
|
+
// |*out|. Note that, even if |*out| is already non-NULL on entry, it will not
|
380
|
+
// be written to. Rather, a fresh |DSA| is allocated and the previous one is
|
381
|
+
// freed. On successful exit, |*inp| is advanced past the DER structure. It
|
382
|
+
// returns the result or NULL on error.
|
383
|
+
//
|
384
|
+
// Use |DSA_parse_parameters| instead.
|
370
385
|
OPENSSL_EXPORT DSA *d2i_DSAparams(DSA **out, const uint8_t **inp, long len);
|
371
386
|
|
372
|
-
|
373
|
-
|
374
|
-
|
375
|
-
|
376
|
-
|
377
|
-
|
387
|
+
// i2d_DSAparams marshals DSA parameters from |in| to an ASN.1, DER structure.
|
388
|
+
// If |outp| is not NULL then the result is written to |*outp| and |*outp| is
|
389
|
+
// advanced just past the output. It returns the number of bytes in the result,
|
390
|
+
// whether written or not, or a negative value on error.
|
391
|
+
//
|
392
|
+
// Use |DSA_marshal_parameters| instead.
|
378
393
|
OPENSSL_EXPORT int i2d_DSAparams(const DSA *in, uint8_t **outp);
|
379
394
|
|
380
|
-
|
381
|
-
|
382
|
-
|
395
|
+
// DSA_generate_parameters is a deprecated version of
|
396
|
+
// |DSA_generate_parameters_ex| that creates and returns a |DSA*|. Don't use
|
397
|
+
// it.
|
383
398
|
OPENSSL_EXPORT DSA *DSA_generate_parameters(int bits, unsigned char *seed,
|
384
399
|
int seed_len, int *counter_ret,
|
385
400
|
unsigned long *h_ret,
|
@@ -390,17 +405,17 @@ OPENSSL_EXPORT DSA *DSA_generate_parameters(int bits, unsigned char *seed,
|
|
390
405
|
struct dsa_st {
|
391
406
|
long version;
|
392
407
|
BIGNUM *p;
|
393
|
-
BIGNUM *q;
|
408
|
+
BIGNUM *q; // == 20
|
394
409
|
BIGNUM *g;
|
395
410
|
|
396
|
-
BIGNUM *pub_key;
|
397
|
-
BIGNUM *priv_key;
|
411
|
+
BIGNUM *pub_key; // y public key
|
412
|
+
BIGNUM *priv_key; // x private key
|
398
413
|
|
399
|
-
BIGNUM *kinv;
|
400
|
-
BIGNUM *r;
|
414
|
+
BIGNUM *kinv; // Signing pre-calc
|
415
|
+
BIGNUM *r; // Signing pre-calc
|
401
416
|
|
402
417
|
int flags;
|
403
|
-
|
418
|
+
// Normally used to cache montgomery values
|
404
419
|
CRYPTO_MUTEX method_mont_lock;
|
405
420
|
BN_MONT_CTX *method_mont_p;
|
406
421
|
BN_MONT_CTX *method_mont_q;
|
@@ -410,7 +425,7 @@ struct dsa_st {
|
|
410
425
|
|
411
426
|
|
412
427
|
#if defined(__cplusplus)
|
413
|
-
}
|
428
|
+
} // extern C
|
414
429
|
|
415
430
|
extern "C++" {
|
416
431
|
|
@@ -421,7 +436,7 @@ BORINGSSL_MAKE_DELETER(DSA_SIG, DSA_SIG_free)
|
|
421
436
|
|
422
437
|
} // namespace bssl
|
423
438
|
|
424
|
-
}
|
439
|
+
} // extern C++
|
425
440
|
|
426
441
|
#endif
|
427
442
|
|
@@ -433,4 +448,4 @@ BORINGSSL_MAKE_DELETER(DSA_SIG, DSA_SIG_free)
|
|
433
448
|
#define DSA_R_DECODE_ERROR 105
|
434
449
|
#define DSA_R_ENCODE_ERROR 106
|
435
450
|
|
436
|
-
#endif
|
451
|
+
#endif // OPENSSL_HEADER_DSA_H
|